Merge branch 'master' into next

# Conflicts:
#	api/parts/mgmt/apps.js
#	api/utils/render.js
#	frontend/express/app.js
#	plugins/reports/frontend/public/javascripts/countly.models.js

Author: ar2rsawseen

LICENSE

@@ -1,7 +1,7 @@
-Countly Mobile & Web Analytics Community Edition License
+Countly Product Analytics - Community Edition License
 --------------------------------------------------
 
-Copyright (C) 2011-2017 Countly, www.count.ly
+Copyright (C) 2011-2018 Countly, https://count.ly
 
 Countly is provided under AGPL v3 with modified Section 7. In accordance 
 with Section 7 of the AGPL, the Works included in this package or repository 
@@ -18,4 +18,4 @@ Countly name and logo from Countly software.
 
 For more information, see Licensing FAQ: 
 
-http://resources.count.ly/docs/licencing-faq
+https://resources.count.ly/docs/licencing-faq

api/parts/mgmt/apps.js

@@ -10,7 +10,6 @@ var appsApi = {},
     moment = require('moment-timezone'),
     crypto = require('crypto'),
     plugins = require('../../../plugins/pluginManager.js'),
-    fs = require('fs'),
     jimp = require('jimp'),
     countlyFs = require('./../../utils/countlyFs.js');
 
@@ -565,8 +564,8 @@ appsApi.deleteApp = function(params) {
                 return false;
             }
 
-            var iconPath = __dirname + '/public/appimages/' + appId + '.png';
-            fs.unlink(iconPath, function() {});
+            var iconPath = __dirname + '/../../../frontend/express/public/appimages/' + appId + '.png';
+            countlyFs.deleteFile("appimages", iconPath, {id: appId + ".png"}, function() {});
 
             common.db.collection('members').update({}, {
                 $pull: {

api/utils/render.js

@@ -11,6 +11,8 @@ var alternateChrome = true;
 var chromePath = "";
 var countlyFs = require('./countlyFs');
 var log = require('./log.js')('core:render');
+var countlyConfig = require('./../config', 'dont-enclose');
+
 
 /**
  * Function to render views as images
@@ -47,24 +49,26 @@ exports.renderView = function(options, cb) {
                 chromePath = yield fetchChromeExecutablePath();
             }
 
-            var browser = "";
+            var settings = {
+                headless: true,
+                args: ['--no-sandbox', '--disable-setuid-sandbox'],
+                ignoreHTTPSErrors: true
+            };
+
             if (chromePath) {
-                browser = yield puppeteer.launch({
-                    headless: true,
-                    args: ['--no-sandbox', '--disable-setuid-sandbox'],
-                    executablePath: chromePath
-                });
-            }
-            else {
-                browser = yield puppeteer.launch({
-                    headless: true,
-                    args: ['--no-sandbox', '--disable-setuid-sandbox']
-                });
+                settings.executablePath = chromePath;
             }
 
+            var browser = yield puppeteer.launch(settings);
+
             var page = yield browser.newPage();
 
-            var host = options.host;
+            var host = "http://127.0.0.1" + countlyConfig.path;
+
+            if (options.host) {
+                host = options.host + countlyConfig.path;
+            }
+
             var token = options.token;
             var view = options.view;
             var id = options.id;

bin/installer.sh

@@ -27,7 +27,7 @@ else
     else
         echo "Downloading from CDN..."
         PACKAGE_NAME=$(awk -F/ '{print $9}' <<< $LATEST)
-        CDN_HOST=http://om65qc2mm.bkt.clouddn.com/
+        CDN_HOST=http://countly-1252600587.cos.ap-guangzhou.myqcloud.com/
         if [[ "$LATEST" == *zip ]]
         then
             wget -nv $CDN_HOST$PACKAGE_NAME -O ./countly.zip ;

bin/scripts/mongodb.install.sh

@@ -45,7 +45,7 @@ if [ -f /etc/lsb-release ]; then
     fi
     apt-get update
     #install mongodb
-    apt-get -y install mongodb-org || (echo "Failed to install mongodb." ; exit)
+    DEBIAN_FRONTEND="noninteractive" apt-get -y install mongodb-org || (echo "Failed to install mongodb." ; exit)
 
     #disable transparent-hugepages (requires reboot)
     cp -f $DIR/disable-transparent-hugepages /etc/init.d/disable-transparent-hugepages

frontend/express/app.js

@@ -32,7 +32,6 @@ var versionInfo = require('./version.info'),
     plugins = require('../../plugins/pluginManager.js'),
     countlyConfig = require('./config', 'dont-enclose'),
     log = require('../../api/utils/log.js')('core:app'),
-    ip = require('../../api/parts/mgmt/ip.js'),
     url = require('url'),
     authorize = require('../../api/utils/authorizer.js'), //for token validations
     render = require('../../api/utils/render.js'),
@@ -365,6 +364,11 @@ app.use('/fonts/', function(req, res, next) {
     next();
 });
 
+app.use('*.svg', function(req, res, next) {
+    res.setHeader('Content-Type', 'image/svg+xml; charset=UTF-8');
+    next();
+});
+
 /**
 * Add headers to request
 * @param {object} req - request object
@@ -443,7 +447,6 @@ app.get(countlyConfig.path + '/appimages/*', function(req, res) {
                             'Connection': 'keep-alive',
                             'Date': new Date().toUTCString(),
                             'Last-Modified': stats.mtime.toUTCString(),
-                            'Server': 'nginx/1.10.3 (Ubuntu)',
                             'Content-Type': 'image/png',
                             'Content-Length': stats.size
                         });
@@ -536,8 +539,9 @@ app.use(function(req, res, next) {
     plugins.loadConfigs(countlyDb, function() {
         app.dashboard_headers = plugins.getConfig("security").dashboard_additional_headers;
         add_headers(req, res);
-        bruteforce.fails = plugins.getConfig("security").login_tries || 3;
-        bruteforce.wait = plugins.getConfig("security").login_wait || 5 * 60;
+        const {login_tries, login_wait} = plugins.getConfig("security");
+        bruteforce.fails = Number.isInteger(login_tries) ? login_tries : 3;
+        bruteforce.wait = login_wait || 5 * 60;
 
         curTheme = plugins.getConfig("frontend", req.session && req.session.settings).theme;
         app.loadThemeFiles(req.cookies.theme || plugins.getConfig("frontend", req.session && req.session.settings).theme, function(themeFiles) {
@@ -637,8 +641,8 @@ var checkRequestForSession = function(req, res, next) {
     if (parseInt(plugins.getConfig("frontend", req.session && req.session.settings).session_timeout)) {
         if (req.session.uid) {
             if (Date.now() > req.session.expires) {
-                //logout user
-                res.redirect(countlyConfig.path + '/logout?message=logout.inactivity');
+                clearSession(req, res, next);
+                res.redirect(countlyConfig.path + '/login?message=logout.inactivity');
             }
             else {
                 //extend session
@@ -695,8 +699,13 @@ app.get(countlyConfig.path + '/session', function(req, res, next) {
 app.get(countlyConfig.path + '/dashboard', checkRequestForSession);
 app.post('*', checkRequestForSession);
 
-
-app.get(countlyConfig.path + '/logout', function(req, res, next) {
+/**
+* clear session info for request
+* @param {object} req - request object
+* @param {object} res - response object
+* @param {function} next - callback for next middleware
+**/
+function clearSession(req, res, next) {
     if (req.session) {
         if (req.session.uid && req.session.email) {
             plugins.callMethod("userLogout", {req: req, res: res, next: next, data: {uid: req.session.uid, email: req.session.email, query: req.query}});
@@ -712,9 +721,12 @@ app.get(countlyConfig.path + '/logout', function(req, res, next) {
         req.session.settings = null;
         res.clearCookie('uid');
         res.clearCookie('gadm');
-        req.session.destroy(function() {
-        });
+        req.session.destroy(function() {});
     }
+}
+
+app.post(countlyConfig.path + '/logout', function(req, res, next) {
+    clearSession(req, res, next);
     if (req.query.message) {
         res.redirect(countlyConfig.path + '/login?message=' + req.query.message);
     }
@@ -1538,10 +1550,15 @@ app.post(countlyConfig.path + '/user/settings', function(req, res, next) {
         }
         var change = JSON.parse(JSON.stringify(updatedUser));
         countlyDb.collection('members').findOne({"_id": countlyDb.ObjectID(req.session.uid)}, function(err, member) {
-            countlyDb.collection('members').findOne({username: req.body.username}, async function(err2, user) {
+            if (err || !member) {
+                return res.send(false);
+            }
+            countlyDb.collection('members').findOne({username: req.body.username}, function(err2, user) {
+                if (err) {
+                    return res.send(false);
+                }
                 member.change = change;
-
-                if ((user && user._id.toString() !== req.session.uid) || err2) {
+                if ((user && user._id + "" !== req.session.uid + "") || err2) {
                     res.send("username-exists");
                 }
                 else {
@@ -1799,35 +1816,26 @@ app.get(countlyConfig.path + '/render', function(req, res) {
     options.savePath = path.resolve(__dirname, "./public/images/screenshots/" + imageName);
     options.source = "core";
 
-    ip.getHost(function(err, host) {
-        if (err) {
-            console.log(err);
-            return res.send(false);
-        }
-
-        options.host = host;
+    authorize.save({
+        db: countlyDb,
+        multi: false,
+        owner: req.session.uid,
+        purpose: "LoginAuthToken",
+        callback: function(err2, token) {
+            if (err2) {
+                console.log(err2);
+                return res.send(false);
+            }
 
-        authorize.save({
-            db: countlyDb,
-            multi: false,
-            owner: req.session.uid,
-            purpose: "LoginAuthToken",
-            callback: function(err2, token) {
-                if (err2) {
-                    console.log(err2);
+            options.token = token;
+            render.renderView(options, function(err3) {
+                if (err3) {
                     return res.send(false);
                 }
 
-                options.token = token;
-                render.renderView(options, function(err3) {
-                    if (err3) {
-                        return res.send(false);
-                    }
-
-                    return res.send(true);
-                });
-            }
-        });
+                return res.send(true);
+            });
+        }
     });
 });
 

frontend/express/public/javascripts/countly/countly.common.js

@@ -3690,11 +3690,23 @@
         * @returns {string} return format "HH:MM:SS"
         */
         countlyCommon.formatSecond = function(second) {
-            var s = parseInt(second);
-            var m = moment();
-            m.set({hour: 0, minute: 0, second: 0, millisecond: 0});
-            m.add(s, 's');
-            return m.format("HH:mm:ss");
+            var timeLeft = parseInt(second);
+            var dict = [
+                {k: 'day', v: 86400},
+                {k: 'hour', v: 3600},
+                {k: 'minute', v: 60},
+                {k: 'second', v: 1}
+            ];
+            var result = {day: 0, hour: 0, minute: 0, second: 0};
+            for (var i = 0; i < dict.length; i++) {
+                result[dict[i].k] = Math.floor(timeLeft / dict[i].v);
+                timeLeft = timeLeft % dict[i].v;
+            }
+            var dayTrans = result.day > 1 ? jQuery.i18n.map["common.day.abrv"] : jQuery.i18n.map["common.day.abrv2"];
+            return (result.day > 0 ? result.day + " " + dayTrans + ',' : '') +
+                (result.hour >= 10 ? result.hour + ':' : ('0' + result.hour) + ":") +
+                (result.minute >= 10 ? result.minute + ':' : ('0' + result.minute) + ':') +
+                (result.second >= 10 ? result.second : ('0' + result.second));
         };
 
         /**

frontend/express/public/javascripts/countly/countly.event.js

@@ -1,4 +1,4 @@
-/*global countlyCommon, countlyGlobal, _, jQuery*/
+/*global countlyCommon, _, jQuery*/
 (function(countlyEvent, $, undefined) {
 
     //Private Properties
@@ -44,13 +44,12 @@
                     type: "GET",
                     url: countlyCommon.API_PARTS.data.r,
                     data: {
-                        "api_key": countlyGlobal.member.api_key,
                         "app_id": countlyCommon.ACTIVE_APP_ID,
                         "method": "get_events",
                         "period": _period,
                         "preventRequestAbort": true
                     },
-                    dataType: "jsonp",
+                    dataType: "json",
                     success: function(json) {
                         _activeEvents = json;
                         if (!_activeEvent && countlyEvent.getEvents()[0]) {
@@ -65,15 +64,14 @@
                             type: "GET",
                             url: countlyCommon.API_PARTS.data.r,
                             data: {
-                                "api_key": countlyGlobal.member.api_key,
                                 "app_id": countlyCommon.ACTIVE_APP_ID,
                                 "method": "events",
                                 "event": _activeEvent,
                                 "segmentation": currentActiveSegmentation,
                                 "period": _period,
                                 "preventRequestAbort": true
                             },
-                            dataType: "jsonp",
+                            dataType: "json",
                             success: function(json) {
                                 if (currentActiveEvent === _activeEvent && currentActiveSegmentation === _activeSegmentation) {
                                     _activeLoadedEvent = _activeEvent;
@@ -120,7 +118,6 @@
             url: countlyCommon.API_PARTS.data.r,
             data: {
                 "app_id": countlyCommon.ACTIVE_APP_ID,
-                "api_key": countlyGlobal.member.api_key,
                 "method": "events",
                 "events": JSON.stringify(my_events),
                 "period": countlyCommon.getPeriod(),
@@ -235,11 +232,10 @@
                     type: "GET",
                     url: countlyCommon.API_PARTS.data.r,
                     data: {
-                        "api_key": countlyGlobal.member.api_key,
                         "app_id": countlyCommon.ACTIVE_APP_ID,
                         "method": "get_events"
                     },
-                    dataType: "jsonp",
+                    dataType: "json",
                     success: function(json) {
                         _activeEvents = json;
                         if (!_activeEvent && countlyEvent.getEvents()[0]) {
@@ -254,14 +250,13 @@
                             type: "GET",
                             url: countlyCommon.API_PARTS.data.r,
                             data: {
-                                "api_key": countlyGlobal.member.api_key,
                                 "app_id": countlyCommon.ACTIVE_APP_ID,
                                 "method": "events",
                                 "action": "refresh",
                                 "event": _activeEvent,
                                 "segmentation": currentActiveSegmentation
                             },
-                            dataType: "jsonp",
+                            dataType: "json",
                             success: function(json) {
                                 if (currentActiveEvent === _activeEvent && currentActiveSegmentation === _activeSegmentation) {
                                     _activeLoadedEvent = _activeEvent;
@@ -302,11 +297,10 @@
                 type: "GET",
                 url: countlyCommon.API_PARTS.data.r,
                 data: {
-                    "api_key": countlyGlobal.member.api_key,
                     "app_id": countlyCommon.ACTIVE_APP_ID,
                     "method": "get_events"
                 },
-                dataType: "jsonp",
+                dataType: "json",
                 success: function(json) {
                     _activeEvents = json;
                     if (!_activeEvent && countlyEvent.getEvents()[0]) {
@@ -852,12 +846,11 @@
             type: "GET",
             url: countlyCommon.API_PARTS.data.r,
             data: {
-                "api_key": countlyGlobal.member.api_key,
                 "app_id": countlyCommon.ACTIVE_APP_ID,
                 "method": "events",
                 "events": JSON.stringify(eventKeysArr)
             },
-            dataType: "jsonp",
+            dataType: "json",
             success: function(json) {
                 callback(extractDataForGraphAndChart(json));
             }