From a8f301f6491b6fc6976d10689002828ad4db8a43 Mon Sep 17 00:00:00 2001 From: unfr Date: Wed, 13 Aug 2025 10:02:02 +0200 Subject: [PATCH] Diverses correction --- update.sh | 223 +++++++++++++++++++++++++++++++++++------------------- 1 file changed, 147 insertions(+), 76 deletions(-) diff --git a/update.sh b/update.sh index 0d38408..76b702e 100644 --- a/update.sh +++ b/update.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash set -Eeuo pipefail +trap 'echo "❌ ERREUR ligne $LINENO: $BASH_COMMAND" >&2' ERR # ────────── Helpers & couleurs ────────── if [ -t 1 ]; then @@ -15,6 +16,40 @@ die() { err "$*"; exit 1; } install_bin(){ install -m 755 "$1" "$2"; } +# --- lire une clé JS (ligne "clé: valeur") sans exécuter --- +parse_js_raw() { + local key="$1" + sed -n -E "s/^[[:space:]]*['\"]?${key}['\"]?[[:space:]]*:[[:space:]]*(.*)$/\1/p" "$CFG_JS" \ + | head -n1 | sed -E "s/[[:space:]]*(,)?[[:space:]]*$//" +} + +# --- normaliser une valeur JS simple: enlève guillemets, garde nombres, laisse path.join tel quel --- +normalize_js_value() { + local raw="$1" + [[ "$raw" =~ ^\"(.*)\"$ ]] && { echo "${BASH_REMATCH[1]}"; return; } + [[ "$raw" =~ ^\'(.*)\'$ ]] && { echo "${BASH_REMATCH[1]}"; return; } + echo "$raw" +} + +# placeholders à refuser (vides, “Voir…”, “CHANGEME…”, etc.) +is_placeholder() { + local v="$1" + [[ -z "$v" ]] && return 0 + [[ "$v" =~ ^(Voir|voir|Nom|change|CHANGE|changeme|CHANGEME|todo|TODO|example|your|/path/to|A[[:space:]]*NOUS|A[[:space:]]*RETROUVER) ]] && return 0 + return 1 +} + +# entier (>=0) +is_int() { [[ "$1" =~ ^[0-9]+$ ]]; } + +# booléen JS (true/false), avec ou sans guillemets +is_bool_literal() { + local v="$(echo "$1" | tr '[:upper:]' '[:lower:]')" + [[ "$v" == "true" || "$v" == "false" ]] +} + + + # ────────── Paths ────────── BIN_DIR="$HOME/bin" AUTOPOST_DIR="$HOME/autopost" @@ -70,7 +105,7 @@ if [ -f "$BASHRC_FILE" ] && grep -q "$DEBUT_MARKER" "$BASHRC_FILE"; then fi COMP_FILE="$BASH_COMPLETION_DIR/postauto" -read -r -d '' COMPLETION_CODE <<'EOF' +COMPLETION_CODE=$(cat <<'EOF' # completion postauto _autopost_completion() { local cur prev opts @@ -87,6 +122,7 @@ _autopost_completion() { } complete -F _autopost_completion postauto EOF +) if [ ! -s "$COMP_FILE" ] || ! cmp -s <(printf "%s" "$COMPLETION_CODE") "$COMP_FILE"; then printf "%s" "$COMPLETION_CODE" > "$COMP_FILE" @@ -134,14 +170,14 @@ if ! ensure_cmd BDInfoDataSubstractor; then fi # ────────── VALIDATION conf.sh (sans exécuter) ────────── -placeholder_re='^(|A[[:space:]]*NOUS|A[[:space:]]*RETROUVER|CHANGE|CHANGEME|TODO|example|your|/path/to|Nom)$' - +# --- conf.sh : validation déclarative --- check_conf() { - local file="$1" + local file="$CONF_SH" [[ -f "$file" ]] || { err "Manquant: $file"; errors=$((errors+1)); return; } - log "Validation de $file…" - # parse simple: NAME=VALUE (ignore commentaires) + log "Validation déclarative de $file…" + + # Parse simple NAME=VALUE (ignore commentaires / 'export') declare -A V=() while IFS= read -r line; do [[ "$line" =~ ^[[:space:]]*# ]] && continue @@ -151,118 +187,153 @@ check_conf() { name="${BASH_REMATCH[1]}" val="${BASH_REMATCH[2]}" val="${val%%#*}"; val="${val%%;*}" - val="$(echo -n "$val" | sed -E "s/^[[:space:]]*//; s/[[:space:]]*$//")" - val="$(echo -n "$val" | sed -E "s/^['\"]//; s/['\"]$//")" + val="$(echo -n "$val" | sed -E "s/^[[:space:]]*['\"]?//; s/['\"]?[[:space:]]*$//")" V["$name"]="$val" fi done < "$file" - # requis absolus - req=(URL_API APIKEY DOSSIER_GLOBAL DOSSIER_NFO DOSSIER_LOGS DOSSIER_NZB_ATTENTE DOSSIER_NZB_FINAL MOVE_CMD MYSQL_TABLE dbtype) - for k in "${req[@]}"; do + # Requis généraux (non-placeholder) + for k in URL_API APIKEY DOSSIER_GLOBAL DOSSIER_NFO DOSSIER_LOGS DOSSIER_NZB_ATTENTE DOSSIER_NZB_FINAL MOVE_CMD MYSQL_TABLE dbtype; do v="${V[$k]:-}" - if [[ "$v" =~ $placeholder_re ]]; then - err "conf.sh: '$k' non renseigné (valeur='$v')"; errors=$((errors+1)) - fi - done - - # MOVE_CMD autorisé - case "${V[MOVE_CMD]:-}" in - "cp -rl"|"cp -rs"|"ln -s"|"mv"|"cp") : ;; - *) err "conf.sh: MOVE_CMD invalide ('${V[MOVE_CMD]:-}'). Choix: cp -rl | cp -rs | ln -s | mv | cp"; errors=$((errors+1));; - esac - - # répertoires existants (on ne les crée pas ici, on alerte) - dirs=(DOSSIER_GLOBAL DOSSIER_NFO DOSSIER_LOGS DOSSIER_NZB_ATTENTE DOSSIER_NZB_FINAL) - for k in "${dirs[@]}"; do - p="${V[$k]:-}" - if [[ -z "$p" || ! -d "$p" ]]; then - err "conf.sh: dossier '$k' introuvable: $p"; errors=$((errors+1)) - fi - done - - # bloc provider Usenet requis - for k in NG_HOST NG_PORT NG_USER NG_PASS NG_NBR_CONN; do - v="${V[$k]:-}" - if [[ "$v" =~ $placeholder_re ]]; then + if is_placeholder "$v"; then err "conf.sh: '$k' non renseigné"; errors=$((errors+1)) fi done - # types numériques - [[ "${V[NG_PORT]:-}" =~ ^[0-9]+$ ]] || { err "conf.sh: NG_PORT doit être numérique"; errors=$((errors+1)); } - [[ "${V[NG_NBR_CONN]:-}" =~ ^[0-9]+$ ]] || { err "conf.sh: NG_NBR_CONN doit être numérique"; errors=$((errors+1)); } - # DB: règles conditionnelles + # MOVE_CMD valeurs autorisées + case "${V[MOVE_CMD]:-}" in + "cp -rl"|"cp -rs"|"ln -s"|"mv"|"cp") : ;; + *) + err "conf.sh: MOVE_CMD invalide ('${V[MOVE_CMD]:-}'), attendus: cp -rl|cp -rs|ln -s|mv|cp" + errors=$((errors+1)) + ;; + esac + + # Fournisseur Usenet : non-vides + numériques où nécessaire + for k in NG_HOST NG_USER NG_PASS; do + if is_placeholder "${V[$k]:-}"; then + err "conf.sh: '$k' non renseigné"; errors=$((errors+1)) + fi + done + if ! [[ "${V[NG_PORT]:-}" =~ ^[0-9]+$ ]]; then + err "conf.sh: NG_PORT doit être numérique"; errors=$((errors+1)) + fi + if ! [[ "${V[NG_NBR_CONN]:-}" =~ ^[0-9]+$ ]]; then + err "conf.sh: NG_NBR_CONN doit être numérique"; errors=$((errors+1)) + fi + + # DB : règles conditionnelles (déclarations seulement) case "${V[dbtype]:-}" in sqlite) - # DB_FILE requis, MySQL* facultatifs - if [[ -z "${V[DB_FILE]:-}" || "${V[DB_FILE]}" =~ $placeholder_re ]]; then + if is_placeholder "${V[DB_FILE]:-}"; then err "conf.sh: DB_FILE requis en mode sqlite"; errors=$((errors+1)) - else - dbdir="$(dirname -- "${V[DB_FILE]}")" - [[ -d "$dbdir" ]] || { err "conf.sh: dossier DB_FILE inexistant: $dbdir"; errors=$((errors+1)); } fi ;; mysql) - # champs MySQL requis, DB_FILE facultatif - for k in MYSQL_HOST MYSQL_PORT MYSQL_USER MYSQL_PASS MYSQL_DB; do - v="${V[$k]:-}" - if [[ "$v" =~ $placeholder_re ]]; then + for k in MYSQL_HOST MYSQL_USER MYSQL_PASS MYSQL_DB; do + if is_placeholder "${V[$k]:-}"; then err "conf.sh: '$k' requis en mode mysql"; errors=$((errors+1)) fi done - [[ "${V[MYSQL_PORT]:-}" =~ ^[0-9]+$ ]] || { err "conf.sh: MYSQL_PORT doit être numérique"; errors=$((errors+1)); } + if ! [[ "${V[MYSQL_PORT]:-}" =~ ^[0-9]+$ ]]; then + err "conf.sh: MYSQL_PORT doit être numérique"; errors=$((errors+1)) + fi ;; *) - err "conf.sh: dbtype doit être 'sqlite' ou 'mysql' (actuel='${V[dbtype]:-}')"; errors=$((errors+1)) + err "conf.sh: dbtype doit être 'sqlite' ou 'mysql' (actuel='${V[dbtype]:-}')" + errors=$((errors+1)) ;; esac } + check_conf "$CONF_SH" # ────────── VALIDATION config.js (avec Node) ────────── -# remplace validate_config_js par : +# --- config.js : validation déclarative (sans exécuter du JS) --- validate_config_js() { [[ -f "$CFG_JS" ]] || { err "Manquant: $CFG_JS"; errors=$((errors+1)); return; } - # récupère des paires clé: valeur basiques (sans exécuter) - parse() { grep -E "^\s*$1\s*:" "$CFG_JS" | head -n1 | sed -E "s/.*:\s*//; s/[,'\"]//g; s,//.*,,"; } + log "Validation déclarative de $CFG_JS…" - dbtype="$(parse dbtype)" - port="$(parse port)" - name="$(parse name)" - sessionSecret="$(parse sessionSecret)" - DB_TABLE="$(parse DB_TABLE)" - finishdirectory="$(parse finishdirectory)" - logdirectory="$(parse logdirectory)" - infodirectory="$(parse infodirectory)" + # valeurs principales + local dbtype port name secret table + dbtype="$(normalize_js_value "$(parse_js_raw dbtype)")" + port="$(normalize_js_value "$(parse_js_raw port)")" + name="$(normalize_js_value "$(parse_js_raw name)")" + secret="$(normalize_js_value "$(parse_js_raw sessionSecret)")" + table="$(normalize_js_value "$(parse_js_raw DB_TABLE)")" # checks minimaux - [[ "$port" =~ ^[0-9]+$ ]] && [ "$port" -ge 1 ] && [ "$port" -le 65535 ] || { err "config.js: port invalide"; errors=$((errors+1)); } - [ -n "$name" ] || { err "config.js: name vide"; errors=$((errors+1)); } - [[ "$sessionSecret" =~ ^(Voir|change|CHANGE|todo|TODO|example|your|/path/to|)$ ]] && { err "config.js: sessionSecret non renseigné"; errors=$((errors+1)); } - [ -n "$DB_TABLE" ] || { err "config.js: DB_TABLE vide"; errors=$((errors+1)); } + if ! is_int "$port" || (( port < 1 || port > 65535 )); then + err "config.js: 'port' invalide ($port)"; errors=$((errors+1)) + fi + if is_placeholder "$name"; then err "config.js: 'name' non renseigné"; errors=$((errors+1)); fi + if is_placeholder "$secret"; then err "config.js: 'sessionSecret' non renseigné"; errors=$((errors+1)); fi + if is_placeholder "$table"; then err "config.js: 'DB_TABLE' non renseigné"; errors=$((errors+1)); fi - for d in "$finishdirectory" "$logdirectory" "$infodirectory"; do - [ -d "$d" ] || { err "config.js: dossier manquant: $d"; errors=$((errors+1)); } + # dossiers : déclaration non vide (pas de test FS) + for key in finishdirectory logdirectory infodirectory; do + val="$(normalize_js_value "$(parse_js_raw "$key")")" + if is_placeholder "$val"; then + err "config.js: '$key' non renseigné"; errors=$((errors+1)) + fi done + # trustProxy / cookieSecure / sessionStorePath + local tp cs ssp + tp="$(normalize_js_value "$(parse_js_raw trustProxy)")" + cs="$(normalize_js_value "$(parse_js_raw cookieSecure)")" + ssp="$(normalize_js_value "$(parse_js_raw sessionStorePath)")" + + if is_placeholder "$tp"; then + err "config.js: 'trustProxy' non renseigné"; errors=$((errors+1)) + else + if is_int "$tp"; then + if (( tp < 0 )); then + err "config.js: 'trustProxy' doit être >= 0 (valeur=$tp)"; errors=$((errors+1)) + fi + else + # chaîne non vide acceptée (ex: "loopback,uniquelocal") + : + fi + fi + + if ! is_bool_literal "$cs"; then + err "config.js: 'cookieSecure' doit être true ou false (valeur='$cs')"; errors=$((errors+1)) + fi + + if is_placeholder "$ssp"; then + err "config.js: 'sessionStorePath' non renseigné"; errors=$((errors+1)) + fi + + # règles DB (déclarations uniquement) case "$dbtype" in sqlite) - dbFile="$(parse dbFile)" - [ -n "$dbFile" ] && [ -d "$(dirname "$dbFile")" ] || { err "config.js: dbFile requis (sqlite)"; errors=$((errors+1)); } + val="$(normalize_js_value "$(parse_js_raw dbFile)")" + if is_placeholder "$val"; then + err "config.js: 'dbFile' requis (sqlite)"; errors=$((errors+1)) + fi ;; mysql) - DB_HOST="$(parse DB_HOST)"; DB_PORT="$(parse DB_PORT)"; DB_USER="$(parse DB_USER)"; DB_PASSWORD="$(parse DB_PASSWORD)"; DB_DATABASE="$(parse DB_DATABASE)" - [ -n "$DB_HOST" ] || { err "config.js: DB_HOST requis (mysql)"; errors=$((errors+1)); } - [[ "$DB_PORT" =~ ^[0-9]+$ ]] || { err "config.js: DB_PORT entier requis (mysql)"; errors=$((errors+1)); } - [ -n "$DB_USER" ] || { err "config.js: DB_USER requis (mysql)"; errors=$((errors+1)); } - [ -n "$DB_PASSWORD" ] || { err "config.js: DB_PASSWORD requis (mysql)"; errors=$((errors+1)); } - [ -n "$DB_DATABASE" ] || { err "config.js: DB_DATABASE requis (mysql)"; errors=$((errors+1)); } + local H P U PW DB + H="$(normalize_js_value "$(parse_js_raw DB_HOST)")" + P="$(normalize_js_value "$(parse_js_raw DB_PORT)")" + U="$(normalize_js_value "$(parse_js_raw DB_USER)")" + PW="$(normalize_js_value "$(parse_js_raw DB_PASSWORD)")" + DB="$(normalize_js_value "$(parse_js_raw DB_DATABASE)")" + if is_placeholder "$H"; then err "config.js: 'DB_HOST' requis (mysql)"; errors=$((errors+1)); fi + if ! is_int "$P"; then err "config.js: 'DB_PORT' entier requis (mysql)"; errors=$((errors+1)); fi + if is_placeholder "$U"; then err "config.js: 'DB_USER' requis (mysql)"; errors=$((errors+1)); fi + if is_placeholder "$PW"; then err "config.js: 'DB_PASSWORD' requis (mysql)"; errors=$((errors+1)); fi + if is_placeholder "$DB"; then err "config.js: 'DB_DATABASE' requis (mysql)"; errors=$((errors+1)); fi + ;; + *) + err "config.js: 'dbtype' doit être 'sqlite' ou 'mysql' (actuel='$dbtype')" + errors=$((errors+1)) ;; - *) err "config.js: dbtype doit être sqlite ou mysql"; errors=$((errors+1));; esac } + validate_config_js # ────────── Résumé & exit codes ──────────