feat(xen-api): 0.16.0

XenServer 7.3 has changed the error format.

.editorconfig

@@ -11,7 +11,7 @@ root = true
 charset = utf-8
 end_of_line = lf
 insert_final_newline = true
-trim_trailing_whitespaces = true
+trim_trailing_whitespace = true
 
 # CoffeeScript
 #
@@ -28,12 +28,12 @@ indent_style = space
 # Package.json
 #
 # This indentation style is the one used by npm.
-[/package.json]
+[package.json]
 indent_size = 2
 indent_style = space
 
-# Jade
-[*.jade]
+# Pug (Jade)
+[*.{jade,pug}]
 indent_size = 2
 indent_style = space
 
@@ -41,7 +41,7 @@ indent_style = space
 #
 # Two spaces seems to be the standard most common style, at least in
 # Node.js (http://nodeguide.com/style.html#tabs-vs-spaces).
-[*.js]
+[*.{js,jsx,ts,tsx}]
 indent_size = 2
 indent_style = space
 

.eslintrc.js

@@ -0,0 +1,15 @@
+module.exports = {
+  'extends': [
+    'standard',
+  ],
+  'parser': 'babel-eslint',
+  'rules': {
+    'comma-dangle': ['error', 'always-multiline'],
+    'no-var': 'error',
+    'node/no-extraneous-import': 'error',
+    'node/no-extraneous-require': 'error',
+    'node/no-missing-import': 'error',
+    'node/no-missing-require': 'error',
+    'prefer-const': 'error',
+  },
+}

.gitignore

@@ -0,0 +1,14 @@
+/coverage/
+/node_modules/
+/lerna-debug.log
+/lerna-debug.log.*
+
+/packages/*/dist/
+/packages/*/node_modules/
+
+npm-debug.log
+npm-debug.log.*
+pnpm-debug.log
+pnpm-debug.log.*
+yarn-error.log
+yarn-error.log.*

.travis.yml

@@ -0,0 +1,16 @@
+language: node_js
+node_js:
+  - stable
+  - 8
+  - 6
+
+# Use containers.
+# http://docs.travis-ci.com/user/workers/container-based-infrastructure/
+sudo: false
+
+before_install:
+  - curl -o- -L https://yarnpkg.com/install.sh | bash
+  - export PATH="$HOME/.yarn/bin:$PATH"
+
+cache:
+  yarn: true

README.md

@@ -0,0 +1,5 @@
+Almost all dev for Xen Orchestra is happening in this repository.
+
+Because transition is still underway, [xo-web](https://github.com/vatesfr/xo-web) and [xo-server](https://github.com/vatesfr/xo-server) are still developped in their own repositories.
+
+For now, all issues are still to be reported in [xo-web's tracker](https://github.com/vatesfr/xo-web/issues).

package.json

@@ -0,0 +1,52 @@
+{
+  "devDependencies": {
+    "babel-eslint": "^8.0.1",
+    "eslint": "^4.12.0",
+    "eslint-config-standard": "^10.2.1",
+    "eslint-plugin-import": "^2.8.0",
+    "eslint-plugin-node": "^5.2.1",
+    "eslint-plugin-promise": "^3.6.0",
+    "eslint-plugin-standard": "^3.0.1",
+    "exec-promise": "^0.7.0",
+    "husky": "^0.14.3",
+    "jest": "^21.2.1",
+    "lint-staged": "^5.0.0",
+    "lodash": "^4.17.4",
+    "promise-toolbox": "^0.9.5",
+    "sorted-object": "^2.0.1"
+  },
+  "engines": {
+    "yarn": "^1.2.1"
+  },
+  "jest": {
+    "collectCoverage": true,
+    "testEnvironment": "node",
+    "testPathIgnorePatterns": [
+      "/dist/",
+      "/xo-vmdk-to-vhd/"
+    ],
+    "testRegex": "\\.spec\\.js$"
+  },
+  "lint-staged": {
+    "*.js": [
+      "lint-staged-stash",
+      "eslint --fix",
+      "jest --findRelatedTests",
+      "lint-staged-unstash"
+    ]
+  },
+  "private": true,
+  "scripts": {
+    "dev-test": "jest --bail --watch",
+    "lint-staged-stash": "touch .lint-staged && git stash save --include-untracked --keep-index && true",
+    "lint-staged-unstash": "git stash pop && rm -f .lint-staged && true",
+    "posttest": "scripts/run-script test",
+    "precommit": "lint-staged",
+    "prepare": "scripts/run-script prepare",
+    "pretest": "eslint --ignore-path .gitignore .",
+    "test": "jest"
+  },
+  "workspaces": [
+    "packages/*"
+  ]
+}

packages/vhd-cli/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/vhd-cli/README.md

@@ -0,0 +1,51 @@
+# vhd-cli [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> ${pkg.description}
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/vhd-cli):
+
+```
+> npm install --global vhd-cli
+```
+
+## Usage
+
+```
+> vhd-cli <VHD file>
+```
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+ISC © [Vates SAS](https://vates.fr)

packages/vhd-cli/package.json

@@ -0,0 +1,67 @@
+{
+  "name": "vhd-cli",
+  "version": "0.0.0",
+  "license": "ISC",
+  "description": "",
+  "keywords": [],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/vhd-cli",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@isonoe.net"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {
+    "vhd-cli": "dist/index.js"
+  },
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "@nraynaud/struct-fu": "^1.0.1",
+    "@nraynaud/xo-fs": "^0.0.5",
+    "babel-runtime": "^6.22.0",
+    "exec-promise": "^0.7.0"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash",
+      "transform-runtime"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/vhd-cli/src/index.js

@@ -0,0 +1,19 @@
+#!/usr/bin/env node
+
+import execPromise from 'exec-promise'
+import { RemoteHandlerLocal } from '@nraynaud/xo-fs'
+import { resolve } from 'path'
+
+import Vhd from './vhd'
+
+execPromise(async args => {
+  const vhd = new Vhd(
+    new RemoteHandlerLocal({ url: 'file:///' }),
+    resolve(args[0])
+  )
+
+  await vhd.readHeaderAndFooter()
+
+  console.log(vhd._header)
+  console.log(vhd._footer)
+})

packages/vhd-cli/src/vhd.js

@@ -0,0 +1,441 @@
+import assert from 'assert'
+import fu from '@nraynaud/struct-fu'
+import { dirname } from 'path'
+
+// ===================================================================
+//
+// Spec:
+// https://www.microsoft.com/en-us/download/details.aspx?id=23850
+//
+// C implementation:
+// https://github.com/rubiojr/vhd-util-convert
+//
+// ===================================================================
+
+/* eslint-disable no-unused-vars */
+
+const HARD_DISK_TYPE_DIFFERENCING = 4
+const HARD_DISK_TYPE_DYNAMIC = 3
+const HARD_DISK_TYPE_FIXED = 2
+const PLATFORM_CODE_NONE = 0
+export const SECTOR_SIZE = 512
+
+/* eslint-enable no-unused vars */
+
+// ===================================================================
+
+const fuFooter = fu.struct([
+  fu.char('cookie', 8), // 0
+  fu.uint32('features'), // 8
+  fu.uint32('fileFormatVersion'), // 12
+  fu.struct('dataOffset', [
+    fu.uint32('high'), // 16
+    fu.uint32('low'), // 20
+  ]),
+  fu.uint32('timestamp'), // 24
+  fu.char('creatorApplication', 4), // 28
+  fu.uint32('creatorVersion'), // 32
+  fu.uint32('creatorHostOs'), // 36
+  fu.struct('originalSize', [ // At the creation, current size of the hard disk.
+    fu.uint32('high'), // 40
+    fu.uint32('low'), // 44
+  ]),
+  fu.struct('currentSize', [ // Current size of the virtual disk. At the creation: currentSize = originalSize.
+    fu.uint32('high'), // 48
+    fu.uint32('low'), // 52
+  ]),
+  fu.struct('diskGeometry', [
+    fu.uint16('cylinders'), // 56
+    fu.uint8('heads'), // 58
+    fu.uint8('sectorsPerTrackCylinder'), // 59
+  ]),
+  fu.uint32('diskType'), // 60 Disk type, must be equal to HARD_DISK_TYPE_DYNAMIC/HARD_DISK_TYPE_DIFFERENCING.
+  fu.uint32('checksum'), // 64
+  fu.uint8('uuid', 16), // 68
+  fu.char('saved'), // 84
+  fu.char('hidden'), // 85
+  fu.byte('reserved', 426), // 86
+])
+const FOOTER_SIZE = fuFooter.size
+
+const fuHeader = fu.struct([
+  fu.char('cookie', 8),
+  fu.struct('dataOffset', [
+    fu.uint32('high'),
+    fu.uint32('low'),
+  ]),
+  fu.struct('tableOffset', [ // Absolute byte offset of the Block Allocation Table.
+    fu.uint32('high'),
+    fu.uint32('low'),
+  ]),
+  fu.uint32('headerVersion'),
+  fu.uint32('maxTableEntries'), // Max entries in the Block Allocation Table.
+  fu.uint32('blockSize'), // Block size (without bitmap) in bytes.
+  fu.uint32('checksum'),
+  fu.uint8('parentUuid', 16),
+  fu.uint32('parentTimestamp'),
+  fu.byte('reserved1', 4),
+  fu.char16be('parentUnicodeName', 512),
+  fu.struct('parentLocatorEntry', [
+    fu.uint32('platformCode'),
+    fu.uint32('platformDataSpace'),
+    fu.uint32('platformDataLength'),
+    fu.uint32('reserved'),
+    fu.struct('platformDataOffset', [ // Absolute byte offset of the locator data.
+      fu.uint32('high'),
+      fu.uint32('low'),
+    ]),
+  ], 8),
+  fu.byte('reserved2', 256),
+])
+const HEADER_SIZE = fuHeader.size
+
+// ===================================================================
+// Helpers
+// ===================================================================
+
+const SIZE_OF_32_BITS = Math.pow(2, 32)
+const uint32ToUint64 = fu => fu.high * SIZE_OF_32_BITS + fu.low
+
+// Returns a 32 bits integer corresponding to a Vhd version.
+const getVhdVersion = (major, minor) => (major << 16) | (minor & 0x0000FFFF)
+
+// bytes[] bit manipulation
+const testBit = (map, bit) => map[bit >> 3] & 1 << (bit & 7)
+const setBit = (map, bit) => {
+  map[bit >> 3] |= 1 << (bit & 7)
+}
+const unsetBit = (map, bit) => {
+  map[bit >> 3] &= ~(1 << (bit & 7))
+}
+
+const addOffsets = (...offsets) => offsets.reduce(
+  (a, b) => b == null
+    ? a
+    : typeof b === 'object'
+      ? { bytes: a.bytes + b.bytes, bits: a.bits + b.bits }
+      : { bytes: a.bytes + b, bits: a.bits },
+  { bytes: 0, bits: 0 }
+)
+
+const pack = (field, value, buf, offset) => {
+  field.pack(
+    value,
+    buf,
+    addOffsets(field.offset, offset)
+  )
+}
+
+const unpack = (field, buf, offset) =>
+  field.unpack(
+    buf,
+    addOffsets(field.offset, offset)
+  )
+
+// ===================================================================
+
+const streamToNewBuffer = stream => new Promise((resolve, reject) => {
+  const chunks = []
+  let length = 0
+
+  const onData = chunk => {
+    chunks.push(chunk)
+    length += chunk.length
+  }
+  stream.on('data', onData)
+
+  const clean = () => {
+    stream.removeListener('data', onData)
+    stream.removeListener('end', onEnd)
+    stream.removeListener('error', onError)
+  }
+  const onEnd = () => {
+    resolve(Buffer.concat(chunks, length))
+    clean()
+  }
+  stream.on('end', onEnd)
+  const onError = error => {
+    reject(error)
+    clean()
+  }
+  stream.on('error', onError)
+})
+
+const streamToExistingBuffer = (
+  stream,
+  buffer,
+  offset = 0,
+  end = buffer.length
+) => new Promise((resolve, reject) => {
+  assert(offset >= 0)
+  assert(end > offset)
+  assert(end <= buffer.length)
+
+  let i = offset
+
+  const onData = chunk => {
+    const prev = i
+    i += chunk.length
+
+    if (i > end) {
+      return onError(new Error('too much data'))
+    }
+
+    chunk.copy(buffer, prev)
+  }
+  stream.on('data', onData)
+
+  const clean = () => {
+    stream.removeListener('data', onData)
+    stream.removeListener('end', onEnd)
+    stream.removeListener('error', onError)
+  }
+  const onEnd = () => {
+    resolve(i - offset)
+    clean()
+  }
+  stream.on('end', onEnd)
+  const onError = error => {
+    reject(error)
+    clean()
+  }
+  stream.on('error', onError)
+})
+
+// ===================================================================
+
+// Returns the checksum of a raw struct.
+const computeChecksum = (struct, buf, offset = 0) => {
+  let sum = 0
+
+  // Do not use the stored checksum to compute the new checksum.
+  const checksumField = struct.fields.checksum
+  const checksumOffset = offset + checksumField.offset
+  for (let i = offset, n = checksumOffset; i < n; ++i) {
+    sum += buf[i]
+  }
+  for (let i = checksumOffset + checksumField.size, n = offset + struct.size; i < n; ++i) {
+    sum += buf[i]
+  }
+
+  return ~sum >>> 0
+}
+
+const verifyChecksum = (struct, buf, offset) =>
+  unpack(struct.fields.checksum, buf, offset) === computeChecksum(struct, buf, offset)
+
+const getParentLocatorSize = parentLocatorEntry => {
+  const { platformDataSpace } = parentLocatorEntry
+
+  if (platformDataSpace < SECTOR_SIZE) {
+    return platformDataSpace * SECTOR_SIZE
+  }
+
+  return (platformDataSpace % SECTOR_SIZE === 0)
+    ? platformDataSpace
+    : 0
+}
+
+// ===================================================================
+
+// Euclidean division, returns the quotient and the remainder of a / b.
+const div = (a, b) => [ Math.floor(a / b), a % b ]
+
+export default class Vhd {
+  constructor (handler, path) {
+    this._handler = handler
+    this._path = path
+
+    this._blockAllocationTable = null
+    this._blockBitmapSize = null
+    this._footer = null
+    this._header = null
+    this._parent = null
+    this._sectorsPerBlock = null
+  }
+
+  // Read `length` bytes starting from `begin`.
+  //
+  // - if `buffer`: it is filled starting from `offset`, and the
+  //   number of written bytes is returned;
+  // - otherwise: a new buffer is allocated and returned.
+  _read (begin, length, buf, offset) {
+    assert(begin >= 0)
+    assert(length > 0)
+
+    return this._handler.createReadStream(this._path, {
+      end: begin + length - 1,
+      start: begin,
+    }).then(buf
+      ? stream => streamToExistingBuffer(stream, buf, offset, (offset || 0) + length)
+      : streamToNewBuffer
+    )
+  }
+
+  // - if `buffer`: it is filled with 0 starting from `offset`, and
+  //   the number of written bytes is returned;
+  // - otherwise: a new buffer is allocated and returned.
+  _zeroes (length, buf, offset = 0) {
+    if (buf) {
+      assert(offset >= 0)
+      assert(length > 0)
+
+      const end = offset + length
+      assert(end <= buf.length)
+
+      buf.fill(0, offset, end)
+      return Promise.resolve(length)
+    }
+
+    return Promise.resolve(Buffer.alloc(length))
+  }
+
+  // Return the position of a block in the VHD or undefined if not found.
+  _getBlockAddress (block) {
+    assert(block >= 0)
+    assert(block < this._header.maxTableEntries)
+
+    const blockAddr = this._blockAllocationTable[block]
+    if (blockAddr !== 0xFFFFFFFF) {
+      return blockAddr * SECTOR_SIZE
+    }
+  }
+
+  // -----------------------------------------------------------------
+
+  async readHeaderAndFooter () {
+    const buf = await this._read(0, FOOTER_SIZE + HEADER_SIZE)
+
+    if (!verifyChecksum(fuFooter, buf)) {
+      throw new Error('footer checksum does not match')
+    }
+
+    if (!verifyChecksum(fuHeader, buf, FOOTER_SIZE)) {
+      throw new Error('header checksum does not match')
+    }
+
+    return this._initMetadata(
+      unpack(fuHeader, buf, FOOTER_SIZE),
+      unpack(fuFooter, buf)
+    )
+  }
+
+  async _initMetadata (header, footer) {
+    const sectorsPerBlock = header.blockSize / SECTOR_SIZE
+    assert(sectorsPerBlock % 1 === 0)
+
+    // 1 bit per sector, rounded up to full sectors
+    this._blockBitmapSize = Math.ceil(sectorsPerBlock / 8 / SECTOR_SIZE) * SECTOR_SIZE
+    assert(this._blockBitmapSize === SECTOR_SIZE)
+
+    this._footer = footer
+    this._header = header
+    this.size = uint32ToUint64(this._footer.currentSize)
+
+    if (footer.diskType === HARD_DISK_TYPE_DIFFERENCING) {
+      const parent = new Vhd(
+        this._handler,
+        `${dirname(this._path)}/${header.parentUnicodeName}`
+      )
+      await parent.readHeaderAndFooter()
+      await parent.readBlockAllocationTable()
+
+      this._parent = parent
+    }
+  }
+
+  // -----------------------------------------------------------------
+
+  async readBlockAllocationTable () {
+    const { maxTableEntries, tableOffset } = this._header
+    const fuTable = fu.uint32(maxTableEntries)
+
+    this._blockAllocationTable = unpack(
+      fuTable,
+      await this._read(uint32ToUint64(tableOffset), fuTable.size)
+    )
+  }
+
+  // -----------------------------------------------------------------
+
+  // read a single sector in a block
+  async _readBlockSector (block, sector, begin, length, buf, offset) {
+    assert(begin >= 0)
+    assert(length > 0)
+    assert(begin + length <= SECTOR_SIZE)
+
+    const blockAddr = this._getBlockAddress(block)
+    const blockBitmapSize = this._blockBitmapSize
+    const parent = this._parent
+
+    if (blockAddr && (
+      !parent ||
+      testBit(await this._read(blockAddr, blockBitmapSize), sector)
+    )) {
+      return this._read(
+        blockAddr + blockBitmapSize + sector * SECTOR_SIZE + begin,
+        length,
+        buf,
+        offset
+      )
+    }
+
+    return parent
+      ? parent._readBlockSector(block, sector, begin, length, buf, offset)
+      : this._zeroes(length, buf, offset)
+  }
+
+  _readBlock (block, begin, length, buf, offset) {
+    assert(begin >= 0)
+    assert(length > 0)
+
+    const { blockSize } = this._header
+    assert(begin + length <= blockSize)
+
+    const blockAddr = this._getBlockAddress(block)
+    const parent = this._parent
+
+    if (!blockAddr) {
+      return parent
+        ? parent._readBlock(block, begin, length, buf, offset)
+        : this._zeroes(length, buf, offset)
+    }
+
+    if (!parent) {
+      return this._read(blockAddr + this._blockBitmapSize + begin, length, buf, offset)
+    }
+
+    // FIXME: we should read as many sectors in a single pass as
+    // possible for maximum perf.
+    const [ sector, beginInSector ] = div(begin, SECTOR_SIZE)
+    return this._readBlockSector(
+      block,
+      sector,
+      beginInSector,
+      Math.min(length, SECTOR_SIZE - beginInSector),
+      buf,
+      offset
+    )
+  }
+
+  read (buf, begin, length = buf.length, offset) {
+    assert(Buffer.isBuffer(buf))
+    assert(begin >= 0)
+
+    const { size } = this
+    if (begin >= size) {
+      return Promise.resolve(0)
+    }
+
+    const { blockSize } = this._header
+    const [ block, beginInBlock ] = div(begin, blockSize)
+
+    return this._readBlock(
+      block,
+      beginInBlock,
+      Math.min(length, blockSize - beginInBlock, size - begin),
+      buf,
+      offset
+    )
+  }
+}

packages/xen-api/.gitignore

@@ -0,0 +1 @@
+/plot.dat

packages/xen-api/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xen-api/.travis.yml

@@ -1,11 +1,8 @@
 language: node_js
 node_js:
-  - '4'
-  - 'iojs-v3'
-  - 'iojs-v2'
-  - 'iojs-v1'
-  - '0.12'
-  - '0.10'
+  - stable
+  - 6
+  - 4
 
 # Use containers.
 # http://docs.travis-ci.com/user/workers/container-based-infrastructure/

packages/xen-api/README.md

@@ -0,0 +1,128 @@
+# xen-api [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> Connector to the Xen API
+
+Tested with:
+
+- XenServer 7.1
+- XenServer 7
+- XenServer 6.5
+- XenServer 6.2
+- XenServer 5.6
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xen-api):
+
+```
+> npm install --save xen-api
+```
+
+## Usage
+
+### Library
+
+```javascript
+const { createClient } = require('xen-api')
+
+const xapi = createClient({
+  url: 'https://xen1.company.net',
+  allowUnauthorized: false,
+  auth: {
+    user: 'root',
+    password: 'important secret password'
+  },
+  readOnly: false
+})
+```
+
+Options:
+
+- `url`: address of a host in the pool we are trying to connect to
+- `allowUnauthorized`: whether to accept self-signed certificates
+- `auth`: credentials used to sign in (can also be specified in the URL)
+- `readOnly = false`: if true, no methods with side-effects can be called
+
+```js
+// Force connection.
+xapi.connect().catch(error => {
+  console.error(error)
+})
+
+// Watch objects.
+xapi.objects.on('add', objects => {
+  console.log('new objects:', objects)
+})
+```
+
+> Note: all objects are frozen and cannot be altered!
+
+Custom fields on objects (hidden − ie. non enumerable):
+- `$type`: the type of the object (`VM`, `task`, …);
+- `$ref`: the (opaque) reference of the object;
+- `$id`: the identifier of this object (its UUID if any, otherwise its reference);
+- `$pool`: the pool object this object belongs to.
+
+Furthermore, any field containing a reference (or references if an
+array) can be resolved by prepending the field name with a `$`:
+
+```javascript
+console.log(xapi.pool.$master.$resident_VMs[0].name_label)
+// vm1
+```
+
+### CLI
+
+A CLI is provided to help exploration and discovery of the XAPI.
+
+```
+> xen-api https://xen1.company.net root
+Password: ******
+root@xen1.company.net> xapi.status
+'connected'
+root@xen1.company.net> xapi.pool.master
+'OpaqueRef:ec7c5147-8aee-990f-c70b-0de916a8e993'
+root@xen1.company.net> xapi.pool.$master.name_label
+'xen1'
+```
+
+To ease searches, `find()` and `findAll()` functions are available:
+
+```
+root@xen1.company.net> findAll({ $type: 'vm' }).length
+183
+```
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/xen-api/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+ISC © [Julien Fontanet](https://github.com/julien-f)

packages/xen-api/examples/export-vdi

@@ -0,0 +1,50 @@
+#!/usr/bin/env node
+
+process.env.DEBUG = '*'
+
+const defer = require('golike-defer').default
+const pump = require('pump')
+const { fromCallback } = require('promise-toolbox')
+
+const { createClient } = require('../')
+
+const { createOutputStream, resolveRef } = require('./utils')
+
+defer(async ($defer, args) => {
+  let raw = false
+  if (args[0] === '--raw') {
+    raw = true
+    args.shift()
+  }
+
+  if (args.length < 2) {
+    return console.log('Usage: export-vdi [--raw] <XS URL> <VDI identifier> [<VHD file>]')
+  }
+
+  const xapi = createClient({
+    allowUnauthorized: true,
+    url: args[0],
+    watchEvents: false
+  })
+
+  await xapi.connect()
+  $defer(() => xapi.disconnect())
+
+  // https://xapi-project.github.io/xen-api/snapshots.html#downloading-a-disk-or-snapshot
+  const exportStream = await xapi.getResource('/export_raw_vdi/', {
+    query: {
+      format: raw ? 'raw' : 'vhd',
+      vdi: await resolveRef(xapi, 'VDI', args[1])
+    }
+  })
+
+  console.warn('Export task:', exportStream.headers['task-id'])
+
+  await fromCallback(cb => pump(
+    exportStream,
+    createOutputStream(args[2]),
+    cb
+  ))
+})(process.argv.slice(2)).catch(
+  console.error.bind(console, 'error')
+)

packages/xen-api/examples/export-vm

@@ -0,0 +1,44 @@
+#!/usr/bin/env node
+
+process.env.DEBUG = '*'
+
+const defer = require('golike-defer').default
+const pump = require('pump')
+const { fromCallback } = require('promise-toolbox')
+
+const { createClient } = require('../')
+
+const { createOutputStream, resolveRef } = require('./utils')
+
+defer(async ($defer, args) => {
+  if (args.length < 2) {
+    return console.log('Usage: export-vm <XS URL> <VM identifier> [<XVA file>]')
+  }
+
+  const xapi = createClient({
+    allowUnauthorized: true,
+    url: args[0],
+    watchEvents: false
+  })
+
+  await xapi.connect()
+  $defer(() => xapi.disconnect())
+
+  // https://xapi-project.github.io/xen-api/importexport.html
+  const exportStream = await xapi.getResource('/export/', {
+    query: {
+      ref: await resolveRef(xapi, 'VM', args[1]),
+      use_compression: 'true'
+    }
+  })
+
+  console.warn('Export task:', exportStream.headers['task-id'])
+
+  await fromCallback(cb => pump(
+    exportStream,
+    createOutputStream(args[2]),
+    cb
+  ))
+})(process.argv.slice(2)).catch(
+  console.error.bind(console, 'error')
+)

packages/xen-api/examples/import-vdi

@@ -0,0 +1,40 @@
+#!/usr/bin/env node
+
+process.env.DEBUG = '*'
+
+const defer = require('golike-defer').default
+
+const { createClient } = require('../')
+
+const { createInputStream, resolveRef } = require('./utils')
+
+defer(async ($defer, args) => {
+  let raw = false
+  if (args[0] === '--raw') {
+    raw = true
+    args.shift()
+  }
+
+  if (args.length < 2) {
+    return console.log('Usage: import-vdi [--raw] <XS URL> <VDI identifier> [<VHD file>]')
+  }
+
+  const xapi = createClient({
+    allowUnauthorized: true,
+    url: args[0],
+    watchEvents: false
+  })
+
+  await xapi.connect()
+  $defer(() => xapi.disconnect())
+
+  // https://xapi-project.github.io/xen-api/snapshots.html#uploading-a-disk-or-snapshot
+  await xapi.putResource(createInputStream(args[2]), '/import_raw_vdi/', {
+    query: {
+      format: raw ? 'raw' : 'vhd',
+      vdi: await resolveRef(xapi, 'VDI', args[1])
+    }
+  })
+})(process.argv.slice(2)).catch(
+  console.error.bind(console, 'error')
+)

packages/xen-api/examples/import-vm

@@ -0,0 +1,31 @@
+#!/usr/bin/env node
+
+process.env.DEBUG = '*'
+
+const defer = require('golike-defer').default
+
+const { createClient } = require('../')
+
+const { createInputStream, resolveRef } = require('./utils')
+
+defer(async ($defer, args) => {
+  if (args.length < 1) {
+    return console.log('Usage: import-vm <XS URL> [<XVA file>] [<SR identifier>]')
+  }
+
+  const xapi = createClient({
+    allowUnauthorized: true,
+    url: args[0],
+    watchEvents: false
+  })
+
+  await xapi.connect()
+  $defer(() => xapi.disconnect())
+
+  // https://xapi-project.github.io/xen-api/importexport.html
+  await xapi.putResource(createInputStream(args[1]), '/import/', {
+    query: args[2] && { sr_id: await resolveRef(xapi, 'SR', args[2]) }
+  })
+})(process.argv.slice(2)).catch(
+  console.error.bind(console, 'error')
+)

packages/xen-api/examples/log-events

@@ -0,0 +1,57 @@
+#!/usr/bin/env node
+
+require('source-map-support').install()
+
+const { forEach, size } = require('lodash')
+
+const { createClient } = require('../')
+
+// ===================================================================
+
+if (process.argv.length < 3) {
+  return console.log('Usage: log-events <XS URL>')
+}
+
+// ===================================================================
+// Creation
+
+const xapi = createClient({
+  allowUnauthorized: true,
+  url: process.argv[2]
+})
+
+// ===================================================================
+// Method call
+
+xapi.connect().then(() => {
+  xapi.call('VM.get_all_records')
+  .then(function (vms) {
+    console.log('%s VMs fetched', size(vms))
+  })
+  .catch(function (error) {
+    console.error(error)
+  })
+})
+
+// ===================================================================
+// Objects
+
+const objects = xapi.objects
+
+objects.on('add', objects => {
+  forEach(objects, object => {
+    console.log('+ %s: %s', object.$type, object.$id)
+  })
+})
+
+objects.on('update', objects => {
+  forEach(objects, object => {
+    console.log('± %s: %s', object.$type, object.$id)
+  })
+})
+
+objects.on('remove', objects => {
+  forEach(objects, (value, id) => {
+    console.log('- %s', id)
+  })
+})

packages/xen-api/examples/package.json

@@ -0,0 +1,6 @@
+{
+  "dependencies": {
+    "golike-defer": "^0.1.0",
+    "pump": "^1.0.2"
+  }
+}

packages/xen-api/examples/utils.js

@@ -0,0 +1,41 @@
+const { createReadStream, createWriteStream, statSync } = require('fs')
+const { PassThrough } = require('stream')
+
+const { isOpaqueRef } = require('../') // eslint-disable-line node/no-missing-require
+
+exports.createInputStream = path => {
+  if (path === undefined || path === '-') {
+    return process.stdin
+  }
+
+  const { size } = statSync(path)
+
+  const stream = createReadStream(path)
+  stream.length = size
+  return stream
+}
+
+exports.createOutputStream = path => {
+  if (path !== undefined && path !== '-') {
+    return createWriteStream(path)
+  }
+
+  // introduce a through stream because stdout is not a normal stream!
+  const stream = new PassThrough()
+  stream.pipe(process.stdout)
+  return stream
+}
+
+exports.resolveRef = (xapi, type, refOrUuidOrNameLabel) =>
+  isOpaqueRef(refOrUuidOrNameLabel)
+    ? refOrUuidOrNameLabel
+    : xapi.call(`${type}.get_by_uuid`, refOrUuidOrNameLabel).catch(
+      () => xapi.call(`${type}.get_by_name_label`, refOrUuidOrNameLabel).then(
+        refs => {
+          if (refs.length === 1) {
+            return refs[0]
+          }
+          throw new Error(`no single match for ${type} with name label ${refOrUuidOrNameLabel}`)
+        }
+      )
+    )

packages/xen-api/memory-test.gnu

@@ -0,0 +1,4 @@
+set yrange [ 0 : ]
+set grid
+
+plot for [i=2:4] "plot.dat" using 1:i with lines

packages/xen-api/package.json

@@ -0,0 +1,89 @@
+{
+  "name": "xen-api",
+  "version": "0.16.0",
+  "license": "ISC",
+  "description": "Connector to the Xen API",
+  "keywords": [
+    "xen",
+    "api",
+    "xen-api",
+    "xenapi",
+    "xapi"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xen-api",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {
+    "xen-api": "dist/cli.js"
+  },
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-polyfill": "^6.23.0",
+    "blocked": "^1.2.1",
+    "debug": "^3.1.0",
+    "event-to-promise": "^0.8.0",
+    "exec-promise": "^0.7.0",
+    "http-request-plus": "^0.5.0",
+    "iterable-backoff": "^0.0.0",
+    "json-rpc-protocol": "^0.11.2",
+    "kindof": "^2.0.0",
+    "lodash": "^4.17.4",
+    "make-error": "^1.3.0",
+    "minimist": "^1.2.0",
+    "ms": "^2.1.1",
+    "promise-toolbox": "^0.9.5",
+    "pw": "0.0.4",
+    "xmlrpc": "^1.3.2",
+    "xo-collection": "^0.4.1"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-decorators-legacy": "^1.3.4",
+    "babel-plugin-transform-function-bind": "^6.22.0",
+    "babel-preset-env": "^1.6.0",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.5",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "plot": "gnuplot -p memory-test.gnu",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash",
+      "transform-decorators-legacy",
+      "transform-function-bind"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xen-api/src/cli.js

@@ -0,0 +1,106 @@
+#!/usr/bin/env node
+
+import 'babel-polyfill'
+
+import blocked from 'blocked'
+import createDebug from 'debug'
+import eventToPromise from 'event-to-promise'
+import execPromise from 'exec-promise'
+import minimist from 'minimist'
+import pw from 'pw'
+import { asCallback, fromCallback } from 'promise-toolbox'
+import { filter, find, isArray } from 'lodash'
+import { start as createRepl } from 'repl'
+
+import { createClient } from './'
+
+// ===================================================================
+
+function askPassword (prompt = 'Password: ') {
+  if (prompt) {
+    process.stdout.write(prompt)
+  }
+
+  return new Promise(resolve => {
+    pw(resolve)
+  })
+}
+
+// ===================================================================
+
+const usage = 'Usage: xen-api <url> [<user> [<password>]]'
+
+const main = async args => {
+  const opts = minimist(args, {
+    boolean: ['allow-unauthorized', 'help', 'read-only', 'verbose'],
+
+    alias: {
+      'allow-unauthorized': 'au',
+      debounce: 'd',
+      help: 'h',
+      'read-only': 'ro',
+      verbose: 'v',
+    },
+  })
+
+  if (opts.help) {
+    return usage
+  }
+
+  if (opts.verbose) {
+    // Does not work perfectly.
+    //
+    // https://github.com/visionmedia/debug/pull/156
+    createDebug.enable('xen-api,xen-api:*')
+  }
+
+  let auth
+  if (opts._.length > 1) {
+    const [ , user, password = await askPassword() ] = opts._
+    auth = { user, password }
+  }
+
+  {
+    const debug = createDebug('xen-api:perf')
+    blocked(ms => {
+      debug('blocked for %sms', ms | 0)
+    })
+  }
+
+  const xapi = createClient({
+    url: opts._[0],
+    allowUnauthorized: opts.au,
+    auth,
+    debounce: opts.debounce != null ? +opts.debounce : null,
+    readOnly: opts.ro,
+  })
+  await xapi.connect()
+
+  const repl = createRepl({
+    prompt: `${xapi._humanId}> `,
+  })
+  repl.context.xapi = xapi
+
+  repl.context.find = predicate => find(xapi.objects.all, predicate)
+  repl.context.findAll = predicate => filter(xapi.objects.all, predicate)
+
+  // Make the REPL waits for promise completion.
+  repl.eval = (evaluate => (cmd, context, filename, cb) => {
+    fromCallback(cb => {
+      evaluate.call(repl, cmd, context, filename, cb)
+    }).then(value =>
+      isArray(value) ? Promise.all(value) : value
+    )::asCallback(cb)
+  })(repl.eval)
+
+  await eventToPromise(repl, 'exit')
+
+  try {
+    await xapi.disconnect()
+  } catch (error) {}
+}
+export default main
+
+if (!module.parent) {
+  execPromise(main)
+}

packages/xen-api/src/index.js

@@ -0,0 +1,999 @@
+import Collection from 'xo-collection'
+import createDebug from 'debug'
+import kindOf from 'kindof'
+import ms from 'ms'
+import httpRequest from 'http-request-plus'
+import { BaseError } from 'make-error'
+import { EventEmitter } from 'events'
+import { fibonacci } from 'iterable-backoff'
+import {
+  filter,
+  forEach,
+  isArray,
+  isInteger,
+  isObject,
+  map,
+  mapValues,
+  noop,
+  omit,
+  reduce,
+  startsWith,
+} from 'lodash'
+import {
+  Cancel,
+  cancelable,
+  catchPlus as pCatch,
+  defer,
+  delay as pDelay,
+  fromEvents,
+  lastly,
+} from 'promise-toolbox'
+
+import autoTransport from './transports/auto'
+
+const debug = createDebug('xen-api')
+
+// ===================================================================
+
+// http://www.gnu.org/software/libc/manual/html_node/Error-Codes.html
+const NETWORK_ERRORS = {
+  // Connection has been closed outside of our control.
+  ECONNRESET: true,
+
+  // Connection has been aborted locally.
+  ECONNABORTED: true,
+
+  // Host is up but refuses connection (typically: no such service).
+  ECONNREFUSED: true,
+
+  // TODO: ??
+  EINVAL: true,
+
+  // Host is not reachable (does not respond).
+  EHOSTUNREACH: true,
+
+  // Connection configured timed out has been reach.
+  ETIMEDOUT: true,
+}
+
+const isNetworkError = ({code}) => NETWORK_ERRORS[code]
+
+// -------------------------------------------------------------------
+
+const XAPI_NETWORK_ERRORS = {
+  HOST_STILL_BOOTING: true,
+  HOST_HAS_NO_MANAGEMENT_IP: true,
+}
+
+const isXapiNetworkError = ({code}) => XAPI_NETWORK_ERRORS[code]
+
+// -------------------------------------------------------------------
+
+const areEventsLost = ({code}) => code === 'EVENTS_LOST'
+
+const isHostSlave = ({code}) => code === 'HOST_IS_SLAVE'
+
+const isMethodUnknown = ({code}) => code === 'MESSAGE_METHOD_UNKNOWN'
+
+const isSessionInvalid = ({code}) => code === 'SESSION_INVALID'
+
+// -------------------------------------------------------------------
+
+class XapiError extends BaseError {
+  constructor (code, params) {
+    super(`${code}(${params.join(', ')})`)
+
+    this.code = code
+    this.params = params
+
+    // slots than can be assigned later
+    this.method = undefined
+    this.url = undefined
+  }
+}
+
+export const wrapError = error => {
+  let code, params
+  if (isArray(error)) { // < XenServer 7.3
+    [ code, ...params ] = error
+  } else {
+    code = error.message
+    params = error.data
+  }
+  return new XapiError(code, params)
+}
+
+// ===================================================================
+
+const URL_RE = /^(?:(https?:)\/*)?(?:([^:]+):([^@]+)@)?([^/]+?)(?::([0-9]+))?\/?$/
+const parseUrl = url => {
+  const matches = URL_RE.exec(url)
+  if (!matches) {
+    throw new Error('invalid URL: ' + url)
+  }
+
+  const [ , protocol = 'https:', username, password, hostname, port ] = matches
+  return { protocol, username, password, hostname, port }
+}
+
+// -------------------------------------------------------------------
+
+const {
+  create: createObject,
+  defineProperties,
+  defineProperty,
+  freeze: freezeObject,
+} = Object
+
+// -------------------------------------------------------------------
+
+const OPAQUE_REF_PREFIX = 'OpaqueRef:'
+export const isOpaqueRef = value =>
+  typeof value === 'string' &&
+  startsWith(value, OPAQUE_REF_PREFIX)
+
+// -------------------------------------------------------------------
+
+const RE_READ_ONLY_METHOD = /^[^.]+\.get_/
+const isReadOnlyCall = (method, args) => (
+  args.length === 1 &&
+  isOpaqueRef(args[0]) &&
+  RE_READ_ONLY_METHOD.test(method)
+)
+
+// Prepare values before passing them to the XenAPI:
+//
+// - cast integers to strings
+const prepareParam = param => {
+  if (isInteger(param === 'number')) {
+    return String(param)
+  }
+
+  if (typeof param !== 'object' || param === null) {
+    return param
+  }
+
+  return (isArray(param) ? map : mapValues)(param, prepareParam)
+}
+
+// -------------------------------------------------------------------
+
+const getKey = o => o.$id
+
+// -------------------------------------------------------------------
+
+const EMPTY_ARRAY = freezeObject([])
+
+// -------------------------------------------------------------------
+
+const getTaskResult = (task, onSuccess, onFailure) => {
+  const { status } = task
+  if (status === 'cancelled') {
+    return [ onFailure(new Cancel('task canceled')) ]
+  }
+  if (status === 'failure') {
+    return [ onFailure(wrapError(task.error_info)) ]
+  }
+  if (status === 'success') {
+    // the result might be:
+    // - empty string
+    // - an opaque reference
+    // - an XML-RPC value
+    return [ onSuccess(task.result) ]
+  }
+}
+
+// -------------------------------------------------------------------
+
+const CONNECTED = 'connected'
+const CONNECTING = 'connecting'
+const DISCONNECTED = 'disconnected'
+
+// -------------------------------------------------------------------
+
+export class Xapi extends EventEmitter {
+  constructor (opts) {
+    super()
+
+    this._allowUnauthorized = opts.allowUnauthorized
+    this._auth = opts.auth
+    this._pool = null
+    this._readOnly = Boolean(opts.readOnly)
+    this._sessionId = null
+    const url = this._url = parseUrl(opts.url)
+
+    if (this._auth === undefined) {
+      const user = url.username
+      if (user !== undefined) {
+        this._auth = {
+          user,
+          password: url.password,
+        }
+        delete url.username
+        delete url.password
+      }
+    }
+
+    if (opts.watchEvents !== false) {
+      this._debounce = opts.debounce == null
+        ? 200
+        : opts.debounce
+
+      this._eventWatchers = createObject(null)
+
+      this._fromToken = ''
+
+      // Memoize this function _addObject().
+      this._getPool = () => this._pool
+
+      const objects = this._objects = new Collection()
+      objects.getKey = getKey
+
+      this._objectsByRefs = createObject(null)
+      this._objectsByRefs['OpaqueRef:NULL'] = null
+
+      this._taskWatchers = Object.create(null)
+
+      this.on('connected', this._watchEvents)
+      this.on('disconnected', () => {
+        this._fromToken = ''
+        objects.clear()
+      })
+    }
+  }
+
+  get _url () {
+    return this.__url
+  }
+
+  set _url (url) {
+    this.__url = url
+    this._call = autoTransport({
+      allowUnauthorized: this._allowUnauthorized,
+      url,
+    })
+  }
+
+  get readOnly () {
+    return this._readOnly
+  }
+
+  set readOnly (ro) {
+    this._readOnly = Boolean(ro)
+  }
+
+  get sessionId () {
+    const id = this._sessionId
+
+    if (!id || id === CONNECTING) {
+      throw new Error('sessionId is only available when connected')
+    }
+
+    return id
+  }
+
+  get status () {
+    const id = this._sessionId
+
+    return id
+      ? (
+        id === CONNECTING
+          ? CONNECTING
+          : CONNECTED
+      )
+      : DISCONNECTED
+  }
+
+  get _humanId () {
+    return `${this._auth.user}@${this._url.hostname}`
+  }
+
+  // ensure we have received all events up to this call
+  //
+  // optionally returns the up to date object for the given ref
+  barrier (ref) {
+    const eventWatchers = this._eventWatchers
+    if (eventWatchers === undefined) {
+      return Promise.reject(new Error('Xapi#barrier() requires events watching'))
+    }
+
+    const key = `xo:barrier:${Math.random().toString(36).slice(2)}`
+    const poolRef = this._pool.$ref
+
+    const { promise, resolve } = defer()
+    eventWatchers[key] = resolve
+
+    return this._sessionCall(
+      'pool.add_to_other_config',
+      [ poolRef, key, '' ]
+    ).then(() => promise.then(() => {
+      this._sessionCall('pool.remove_from_other_config', [ poolRef, key ]).catch(noop)
+
+      if (ref === undefined) {
+        return
+      }
+
+      // support legacy params (type, ref)
+      if (arguments.length === 2) {
+        ref = arguments[1]
+      }
+
+      return this.getObjectByRef(ref)
+    }))
+  }
+
+  connect () {
+    const {status} = this
+
+    if (status === CONNECTED) {
+      return Promise.reject(new Error('already connected'))
+    }
+
+    if (status === CONNECTING) {
+      return Promise.reject(new Error('already connecting'))
+    }
+
+    const auth = this._auth
+    if (auth === undefined) {
+      return Promise.reject(new Error('missing credentials'))
+    }
+
+    this._sessionId = CONNECTING
+
+    return this._transportCall('session.login_with_password', [
+      auth.user,
+      auth.password,
+    ]).then(
+      sessionId => {
+        this._sessionId = sessionId
+
+        debug('%s: connected', this._humanId)
+
+        this.emit(CONNECTED)
+      },
+      error => {
+        this._sessionId = null
+
+        throw error
+      }
+    )
+  }
+
+  disconnect () {
+    return Promise.resolve().then(() => {
+      const { status } = this
+
+      if (status === DISCONNECTED) {
+        return Promise.reject(new Error('already disconnected'))
+      }
+
+      this._transportCall('session.logout', [ this._sessionId ]).catch(noop)
+
+      this._sessionId = null
+
+      debug('%s: disconnected', this._humanId)
+
+      this.emit(DISCONNECTED)
+    })
+  }
+
+  // High level calls.
+  call (method, ...args) {
+    return this._readOnly && !isReadOnlyCall(method, args)
+      ? Promise.reject(new Error(`cannot call ${method}() in read only mode`))
+      : this._sessionCall(method, prepareParam(args))
+  }
+
+  @cancelable
+  callAsync ($cancelToken, method, ...args) {
+    return this._readOnly && !isReadOnlyCall(method, args)
+      ? Promise.reject(new Error(`cannot call ${method}() in read only mode`))
+      : this._sessionCall(`Async.${method}`, ...args).then(taskRef => {
+        $cancelToken.promise.then(() => {
+          this._sessionCall('task.cancel', taskRef).catch(noop)
+        })
+
+        return this.watchTask(taskRef)::lastly(() => {
+          this._sessionCall('task.destroy', taskRef).catch(noop)
+        })
+      })
+  }
+
+  // create a task and automatically destroy it when settled
+  createTask (nameLabel, nameDescription = '') {
+    if (this._readOnly) {
+      return Promise.reject(new Error('cannot create task in read only mode'))
+    }
+
+    const promise = this._sessionCall('task.create', [
+      nameLabel,
+      nameDescription,
+    ])
+
+    promise.then(taskRef => {
+      const destroy = () =>
+        this._sessionCall('task.destroy', taskRef).catch(noop)
+      this.watchTask(taskRef).then(destroy, destroy)
+    })
+
+    return promise
+  }
+
+  // Nice getter which returns the object for a given $id (internal to
+  // this lib), UUID (unique identifier that some objects have) or
+  // opaque reference (internal to XAPI).
+  getObject (idOrUuidOrRef, defaultValue) {
+    const object = typeof idOrUuidOrRef === 'string'
+      ? (
+        // if there is an UUID, it is also the $id.
+        this._objects.all[idOrUuidOrRef] ||
+        this._objectsByRefs[idOrUuidOrRef]
+      )
+      : this._objects.all[idOrUuidOrRef.$id]
+
+    if (object) return object
+
+    if (arguments.length > 1) return defaultValue
+
+    throw new Error('there is not object can be matched to ' + idOrUuidOrRef)
+  }
+
+  // Returns the object for a given opaque reference (internal to
+  // XAPI).
+  getObjectByRef (ref, defaultValue) {
+    const object = this._objectsByRefs[ref]
+
+    if (object) return object
+
+    if (arguments.length > 1) return defaultValue
+
+    throw new Error('there is no object with the ref ' + ref)
+  }
+
+  // Returns the object for a given UUID (unique identifier that some
+  // objects have).
+  getObjectByUuid (uuid, defaultValue) {
+    // Objects ids are already UUIDs if they have one.
+    const object = this._objects.all[uuid]
+
+    if (object) return object
+
+    if (arguments.length > 1) return defaultValue
+
+    throw new Error('there is no object with the UUID ' + uuid)
+  }
+
+  getRecord (type, ref) {
+    return this._sessionCall(`${type}.get_record`, ref)
+  }
+
+  @cancelable
+  getResource ($cancelToken, pathname, {
+    host,
+    query,
+    task,
+  }) {
+    return this._autoTask(
+      task,
+      `Xapi#getResource ${pathname}`
+    ).then(taskRef => {
+      query = { ...query, session_id: this.sessionId }
+      let taskResult
+      if (taskRef !== undefined) {
+        query.task_id = taskRef
+        taskResult = this.watchTask(taskRef)
+
+        if (typeof $cancelToken.addHandler === 'function') {
+          $cancelToken.addHandler(() => taskResult)
+        }
+      }
+
+      let promise = httpRequest(
+        $cancelToken,
+        this._url,
+        host && {
+          hostname: this.getObject(host).address,
+        },
+        {
+          pathname,
+          query,
+          rejectUnauthorized: !this._allowUnauthorized,
+        }
+      )
+
+      if (taskResult !== undefined) {
+        promise = promise.then(response => {
+          response.task = taskResult
+          return response
+        })
+      }
+
+      return promise
+    })
+  }
+
+  @cancelable
+  putResource ($cancelToken, body, pathname, {
+    host,
+    query,
+    task,
+  } = {}) {
+    if (this._readOnly) {
+      return Promise.reject(new Error(new Error('cannot put resource in read only mode')))
+    }
+
+    return this._autoTask(
+      task,
+      `Xapi#putResource ${pathname}`
+    ).then(taskRef => {
+      query = { ...query, session_id: this.sessionId }
+
+      let taskResult
+      if (taskRef !== undefined) {
+        query.task_id = taskRef
+        taskResult = this.watchTask(taskRef)
+
+        if (typeof $cancelToken.addHandler === 'function') {
+          $cancelToken.addHandler(() => taskResult)
+        }
+      }
+
+      const headers = {}
+
+      // Xen API does not support chunk encoding.
+      const isStream = typeof body.pipe === 'function'
+      const { length } = body
+      if (isStream && length === undefined) {
+        // add a fake huge content length (1 PiB)
+        headers['content-length'] = '1125899906842624'
+      }
+
+      const doRequest = override => httpRequest.put(
+        $cancelToken,
+        this._url,
+        host && {
+          hostname: this.getObject(host).address,
+        },
+        {
+          body,
+          headers,
+          pathname,
+          query,
+          rejectUnauthorized: !this._allowUnauthorized,
+        },
+        override
+      )
+
+      const promise = isStream
+
+        // dummy request to probe for a redirection before consuming body
+        ? doRequest({
+          body: '',
+
+          // omit task_id because this request will fail on purpose
+          query: 'task_id' in query
+            ? omit(query, 'task_id')
+            : query,
+
+          maxRedirects: 0,
+        }).then(
+          response => {
+            response.req.abort()
+            return doRequest()
+          },
+          error => {
+            let response
+            if (error != null && (response = error.response) != null) {
+              response.req.abort()
+
+              const { headers: { location }, statusCode } = response
+              if (statusCode === 302 && location !== undefined) {
+                return doRequest(location)
+              }
+            }
+
+            throw error
+          }
+        )
+
+        // http-request-plus correctly handle redirects if body is not a stream
+        : doRequest()
+
+      return promise.then(response => {
+        const { req } = response
+
+        if (taskResult !== undefined) {
+          taskResult = taskResult.catch(error => {
+            error.url = response.url
+            throw error
+          })
+        }
+
+        if (req.finished) {
+          req.abort()
+          return taskResult
+        }
+
+        return fromEvents(req, ['close', 'finish']).then(() => {
+          req.abort()
+          return taskResult
+        })
+      })
+    })
+  }
+
+  watchTask (ref) {
+    const watchers = this._taskWatchers
+    if (watchers === undefined) {
+      throw new Error('Xapi#watchTask() requires events watching')
+    }
+
+    // allow task object to be passed
+    if (ref.$ref !== undefined) ref = ref.$ref
+
+    let watcher = watchers[ref]
+    if (watcher === undefined) {
+      // sync check if the task is already settled
+      const task = this.objects.all[ref]
+      if (task !== undefined) {
+        const result = getTaskResult(task, Promise.resolve, Promise.reject)
+        if (result) {
+          return result[0]
+        }
+      }
+
+      watcher = watchers[ref] = defer()
+    }
+    return watcher.promise
+  }
+
+  get pool () {
+    return this._pool
+  }
+
+  get objects () {
+    return this._objects
+  }
+
+  // return a promise which resolves to a task ref or undefined
+  _autoTask (task = this._taskWatchers !== undefined, name) {
+    if (task === false) {
+      return Promise.resolve()
+    }
+
+    if (task === true) {
+      return this.createTask(name)
+    }
+
+    // either a reference or a promise to a reference
+    return Promise.resolve(task)
+  }
+
+  // Medium level call: handle session errors.
+  _sessionCall (method, args) {
+    try {
+      if (startsWith(method, 'session.')) {
+        throw new Error('session.*() methods are disabled from this interface')
+      }
+
+      return this._transportCall(method, [this.sessionId].concat(args))
+        ::pCatch(isSessionInvalid, () => {
+          // XAPI is sometimes reinitialized and sessions are lost.
+          // Try to login again.
+          debug('%s: the session has been reinitialized', this._humanId)
+
+          this._sessionId = null
+          return this.connect().then(() => this._sessionCall(method, args))
+        })
+    } catch (error) {
+      return Promise.reject(error)
+    }
+  }
+
+  _addObject (type, ref, object) {
+    const {_objectsByRefs: objectsByRefs} = this
+
+    const reservedKeys = {
+      id: true,
+      pool: true,
+      ref: true,
+      type: true,
+    }
+    const getKey = (key, obj) => reservedKeys[key] && obj === object
+      ? `$$${key}`
+      : `$${key}`
+
+    // Creates resolved properties.
+    forEach(object, function resolveObject (value, key, object) {
+      if (isArray(value)) {
+        if (!value.length) {
+          // If the array is empty, it isn't possible to be sure that
+          // it is not supposed to contain links, therefore, in
+          // benefice of the doubt, a resolved property is defined.
+          defineProperty(object, getKey(key, object), {
+            value: EMPTY_ARRAY,
+          })
+
+          // Minor memory optimization, use the same empty array for
+          // everyone.
+          object[key] = EMPTY_ARRAY
+        } else if (isOpaqueRef(value[0])) {
+          // This is an array of refs.
+          defineProperty(object, getKey(key, object), {
+            get: () => freezeObject(map(value, (ref) => objectsByRefs[ref])),
+          })
+
+          freezeObject(value)
+        }
+      } else if (isObject(value)) {
+        forEach(value, resolveObject)
+
+        freezeObject(value)
+      } else if (isOpaqueRef(value)) {
+        defineProperty(object, getKey(key, object), {
+          get: () => objectsByRefs[value],
+        })
+      }
+    })
+
+    // All custom properties are read-only and non enumerable.
+    defineProperties(object, {
+      $id: { value: object.uuid || ref },
+      $pool: { get: this._getPool },
+      $ref: { value: ref },
+      $type: { value: type },
+    })
+
+    // Finally freezes the object.
+    freezeObject(object)
+
+    const objects = this._objects
+
+    // An object's UUID can change during its life.
+    const prev = objectsByRefs[ref]
+    let prevUuid
+    if (prev && (prevUuid = prev.uuid) && prevUuid !== object.uuid) {
+      objects.remove(prevUuid)
+    }
+
+    this._objects.set(object)
+    objectsByRefs[ref] = object
+
+    if (type === 'pool') {
+      this._pool = object
+    } else if (type === 'task') {
+      const taskWatchers = this._taskWatchers
+      const taskWatcher = taskWatchers[ref]
+      if (
+        taskWatcher !== undefined &&
+        getTaskResult(object, taskWatcher.resolve, taskWatcher.reject)
+      ) {
+        delete taskWatchers[ref]
+      }
+    }
+
+    return object
+  }
+
+  _removeObject (ref) {
+    const byRefs = this._objectsByRefs
+    const object = byRefs[ref]
+    if (object !== undefined) {
+      this._objects.unset(object.$id)
+      delete byRefs[ref]
+    }
+
+    const taskWatchers = this._taskWatchers
+    const taskWatcher = taskWatchers[ref]
+    if (taskWatcher !== undefined) {
+      taskWatcher.reject(new Error('task has been detroyed before completion'))
+      delete taskWatchers[ref]
+    }
+  }
+
+  _processEvents (events) {
+    const eventWatchers = this._eventWatchers
+
+    forEach(events, event => {
+      let object
+      const { ref } = event
+      if (event.operation === 'del') {
+        this._removeObject(ref)
+      } else {
+        const type = event.class
+        object = this._addObject(type, ref, event.snapshot)
+
+        if (eventWatchers !== undefined && type === 'pool') {
+          forEach(object.other_config, (_, key) => {
+            const eventWatcher = eventWatchers[key]
+            if (eventWatcher !== undefined) {
+              delete eventWatchers[key]
+              eventWatcher(object)
+            }
+          })
+        }
+      }
+    })
+  }
+
+  _watchEvents () {
+    const loop = () => this.status === CONNECTED && this._sessionCall('event.from', [
+      ['*'],
+      this._fromToken,
+      60 + 0.1, // Force float.
+    ]).then(onSuccess, onFailure)
+
+    const onSuccess = ({token, events}) => {
+      this._fromToken = token
+      this._processEvents(events)
+
+      const debounce = this._debounce
+      return debounce != null
+        ? pDelay(debounce).then(loop)
+        : loop()
+    }
+    const onFailure = error => {
+      if (areEventsLost(error)) {
+        this._fromToken = ''
+        this._objects.clear()
+
+        return loop()
+      }
+
+      throw error
+    }
+
+    return loop()::pCatch(
+      isMethodUnknown,
+
+      // If the server failed, it is probably due to an excessively
+      // large response.
+      // Falling back to legacy events watch should be enough.
+      error => error && error.res && error.res.statusCode === 500,
+
+      () => this._watchEventsLegacy()
+    )
+  }
+
+  // This method watches events using the legacy `event.next` XAPI
+  // methods.
+  //
+  // It also has to manually get all objects first.
+  _watchEventsLegacy () {
+    const getAllObjects = () => {
+      return this._sessionCall('system.listMethods', []).then(methods => {
+        // Uses introspection to determine the methods to use to get
+        // all objects.
+        const getAllRecordsMethods = filter(
+          methods,
+          ::/\.get_all_records$/.test
+        )
+
+        return Promise.all(map(
+          getAllRecordsMethods,
+          method => this._sessionCall(method, []).then(
+            objects => {
+              const type = method.slice(0, method.indexOf('.')).toLowerCase()
+              forEach(objects, (object, ref) => {
+                this._addObject(type, ref, object)
+              })
+            },
+            error => {
+              if (error.code !== 'MESSAGE_REMOVED') {
+                throw error
+              }
+            }
+          )
+        ))
+      })
+    }
+
+    const watchEvents = () => this._sessionCall('event.register', [ ['*'] ]).then(loop)
+
+    const loop = () => this.status === CONNECTED && this._sessionCall('event.next', []).then(onSuccess, onFailure)
+
+    const onSuccess = events => {
+      this._processEvents(events)
+
+      const debounce = this._debounce
+      return debounce == null
+        ? loop()
+        : pDelay(debounce).then(loop)
+    }
+
+    const onFailure = error => {
+      if (areEventsLost(error)) {
+        return this._sessionCall('event.unregister', [ ['*'] ]).then(watchEvents)
+      }
+
+      throw error
+    }
+
+    return getAllObjects().then(watchEvents)
+  }
+}
+
+Xapi.prototype._transportCall = reduce([
+  function (method, args) {
+    return this._call(method, args).catch(error => {
+      if (!(error instanceof Error)) {
+        error = wrapError(error)
+      }
+
+      error.method = method
+      throw error
+    })
+  },
+  call => function () {
+    let iterator // lazily created
+    const loop = () => call.apply(this, arguments)
+      ::pCatch(isNetworkError, isXapiNetworkError, error => {
+        if (iterator === undefined) {
+          iterator = fibonacci().clamp(undefined, 60).take(10).toMs()
+        }
+
+        const cursor = iterator.next()
+        if (!cursor.done) {
+          // TODO: ability to cancel the connection
+          // TODO: ability to force immediate reconnection
+
+          const delay = cursor.value
+          debug('%s: network error %s, next try in %s ms', this._humanId, error.code, delay)
+          return pDelay(delay).then(loop)
+        }
+
+        debug('%s: network error %s, aborting', this._humanId, error.code)
+
+        // mark as disconnected
+        this.disconnect()::pCatch(noop)
+
+        throw error
+      })
+    return loop()
+  },
+  call => function loop () {
+    return call.apply(this, arguments)
+      ::pCatch(isHostSlave, ({params: [master]}) => {
+        debug('%s: host is slave, attempting to connect at %s', this._humanId, master)
+
+        const newUrl = {
+          ...this._url,
+          hostname: master,
+        }
+        this.emit('redirect', newUrl)
+        this._url = newUrl
+
+        return loop.apply(this, arguments)
+      })
+  },
+  call => function (method) {
+    const startTime = Date.now()
+    return call.apply(this, arguments).then(
+      result => {
+        debug(
+          '%s: %s(...) [%s] ==> %s',
+          this._humanId,
+          method,
+          ms(Date.now() - startTime),
+          kindOf(result)
+        )
+        return result
+      },
+      error => {
+        debug(
+          '%s: %s(...) [%s] =!> %s',
+          this._humanId,
+          method,
+          ms(Date.now() - startTime),
+          error
+        )
+        throw error
+      }
+    )
+  },
+], (call, decorator) => decorator(call))
+
+// ===================================================================
+
+// The default value is a factory function.
+export const createClient = opts => new Xapi(opts)

packages/xen-api/src/inject-events.js

@@ -0,0 +1,29 @@
+#!/usr/bin/env node
+
+import { delay as pDelay } from 'promise-toolbox'
+
+import { createClient } from './'
+
+const xapi = (() => {
+  const [ , , url, user, password ] = process.argv
+
+  return createClient({
+    auth: { user, password },
+    url,
+    watchEvents: false,
+  })
+})()
+
+xapi.connect()
+
+  // Get the pool record's ref.
+  .then(() => xapi.call('pool.get_all'))
+
+  // Injects lots of events.
+  .then(([ poolRef ]) => {
+    const loop = () => xapi.call('event.inject', 'pool', poolRef)
+      ::pDelay(10) // A small delay is required to avoid overloading the Xen API.
+      .then(loop)
+
+    return loop()
+  })

packages/xen-api/src/memory-test.js

@@ -0,0 +1,22 @@
+#!/usr/bin/env node
+
+import { createClient } from './'
+
+let i = 0
+setInterval(() => {
+  const usage = process.memoryUsage()
+  console.log(
+    '%s %s %s %s',
+    i++,
+    Math.round(usage.rss / 1e6),
+    Math.round(usage.heapTotal / 1e6),
+    Math.round(usage.heapUsed / 1e6)
+  )
+}, 1e2)
+
+const [ , , url, user, password ] = process.argv
+createClient({
+  auth: { user, password },
+  readOnly: true,
+  url,
+}).connect()

packages/xen-api/src/transports/_utils.js

@@ -0,0 +1,3 @@
+import makeError from 'make-error'
+
+export const UnsupportedTransport = makeError('UnsupportedTransport')

packages/xen-api/src/transports/auto.js

@@ -0,0 +1,36 @@
+import jsonRpc from './json-rpc'
+import xmlRpc from './xml-rpc'
+import xmlRpcJson from './xml-rpc-json'
+import { UnsupportedTransport } from './_utils'
+
+const factories = [ jsonRpc, xmlRpcJson, xmlRpc ]
+const { length } = factories
+
+export default opts => {
+  let i = 0
+
+  let call
+  function create () {
+    const current = factories[i++](opts)
+    if (i < length) {
+      const currentI = i
+      call = (method, args) => current(method, args).catch(
+        error => {
+          if (error instanceof UnsupportedTransport) {
+            if (currentI === i) { // not changed yet
+              create()
+            }
+            return call(method, args)
+          }
+
+          throw error
+        }
+      )
+    } else {
+      call = current
+    }
+  }
+  create()
+
+  return (method, args) => call(method, args)
+}

packages/xen-api/src/transports/json-rpc.js

@@ -0,0 +1,38 @@
+import httpRequestPlus from 'http-request-plus'
+import { format, parse } from 'json-rpc-protocol'
+
+import { UnsupportedTransport } from './_utils'
+
+export default ({ allowUnauthorized, url }) => {
+  return (method, args) => httpRequestPlus.post(url, {
+    rejectUnauthorized: !allowUnauthorized,
+    body: format.request(0, method, args),
+    headers: {
+      'Accept': 'application/json',
+      'Content-Type': 'application/json',
+    },
+    path: '/jsonrpc',
+  }).readAll('utf8').then(
+    text => {
+      let response
+      try {
+        response = parse(text)
+      } catch (error) {
+        throw new UnsupportedTransport()
+      }
+
+      if (response.type === 'response') {
+        return response.result
+      }
+
+      throw response.error
+    },
+    error => {
+      if (error.response !== undefined) { // HTTP error
+        throw new UnsupportedTransport()
+      }
+
+      throw error
+    }
+  )
+}

packages/xen-api/src/transports/xml-rpc-json.js

@@ -0,0 +1,97 @@
+import { createClient, createSecureClient } from 'xmlrpc'
+import { promisify } from 'promise-toolbox'
+
+import { UnsupportedTransport } from './_utils'
+
+const logError = error => {
+  if (error.res) {
+    console.error(
+      'XML-RPC Error: %s (response status %s)',
+      error.message,
+      error.res.statusCode
+    )
+    console.error('%s', error.body)
+  }
+
+  throw error
+}
+
+const SPECIAL_CHARS = {
+  '\r': '\\r',
+  '\t': '\\t',
+}
+const SPECIAL_CHARS_RE = new RegExp(
+  Object.keys(SPECIAL_CHARS).join('|'),
+  'g'
+)
+
+const parseResult = result => {
+  const status = result.Status
+
+  // Return the plain result if it does not have a valid XAPI
+  // format.
+  if (status === undefined) {
+    return result
+  }
+
+  if (status !== 'Success') {
+    throw result.ErrorDescription
+  }
+
+  const value = result.Value
+
+  // XAPI returns an empty string (invalid JSON) for an empty
+  // result.
+  if (value === '') {
+    return ''
+  }
+
+  try {
+    return JSON.parse(value)
+  } catch (error) {
+    // XAPI JSON sometimes contains invalid characters.
+    if (!(error instanceof SyntaxError)) {
+      throw error
+    }
+  }
+
+  let replaced = false
+  const fixedValue = value.replace(SPECIAL_CHARS_RE, match => {
+    replaced = true
+    return SPECIAL_CHARS[match]
+  })
+
+  if (replaced) {
+    try {
+      return JSON.parse(fixedValue)
+    } catch (error) {
+      if (!(error instanceof SyntaxError)) {
+        throw error
+      }
+    }
+  }
+
+  throw new UnsupportedTransport()
+}
+
+export default ({
+  allowUnauthorized,
+  url: { hostname, path, port, protocol },
+}) => {
+  const client = (
+    protocol === 'https:'
+      ? createSecureClient
+      : createClient
+  )({
+    host: hostname,
+    path: '/json',
+    port,
+    rejectUnauthorized: !allowUnauthorized,
+  })
+  const call = promisify(client.methodCall, client)
+
+  return (method, args) => call(method, args).then(
+    parseResult,
+    logError
+  )
+}

packages/xen-api/src/transports/xml-rpc.js

@@ -0,0 +1,52 @@
+import { createClient, createSecureClient } from 'xmlrpc'
+import { promisify } from 'promise-toolbox'
+
+const logError = error => {
+  if (error.res) {
+    console.error(
+      'XML-RPC Error: %s (response status %s)',
+      error.message,
+      error.res.statusCode
+    )
+    console.error('%s', error.body)
+  }
+
+  throw error
+}
+
+const parseResult = result => {
+  const status = result.Status
+
+  // Return the plain result if it does not have a valid XAPI
+  // format.
+  if (status === undefined) {
+    return result
+  }
+
+  if (status !== 'Success') {
+    throw result.ErrorDescription
+  }
+
+  return result.Value
+}
+
+export default ({
+  allowUnauthorized,
+  url: { hostname, path, port, protocol },
+}) => {
+  const client = (
+    protocol === 'https:'
+      ? createSecureClient
+      : createClient
+  )({
+    host: hostname,
+    port,
+    rejectUnauthorized: !allowUnauthorized,
+  })
+  const call = promisify(client.methodCall, client)
+
+  return (method, args) => call(method, args).then(
+    parseResult,
+    logError
+  )
+}

packages/xo-acl-resolver/.babelrc

@@ -0,0 +1,13 @@
+{
+ "comments": false,
+ "compact": true,
+ "presets": [
+   [
+     "env", {
+       "targets": {
+         "node": 4
+       }
+     }
+   ]
+ ]
+}

packages/xo-acl-resolver/.npmignore

@@ -0,0 +1,10 @@
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map

packages/xo-acl-resolver/README.md

@@ -0,0 +1,74 @@
+# xo-acl-resolver [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> [Xen-Orchestra](http://xen-orchestra.com/) internal: do ACLs resolution.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-acl-resolver):
+
+```
+> npm install --save xo-acl-resolver
+```
+
+## Usage
+
+```js
+import check from 'xo-acl-resolver'
+
+// This object contains a list of permissions returned from
+// xo-server's acl.getCurrentPermissions.
+const permissions = { /* ... */ }
+
+// This function should returns synchronously an object from an id.
+const getObject = id => { /* ... */ }
+
+// For a single object:
+if (check(permissions, getObject, objectId, permission)) {
+  console.log(`${permission} set for object ${objectId}`)
+}
+
+// For multiple objects/permissions:
+if (check(permissions, getObject, [
+  [ object1Id, permission1 ],
+  [ object12d, permission2 ],
+])) {
+  console.log('all permissions checked')
+}
+```
+
+## Development
+
+### Installing dependencies
+
+```
+> npm install
+```
+
+### Compilation
+
+The sources files are watched and automatically recompiled on changes.
+
+```
+> npm run dev
+```
+
+### Tests
+
+```
+> npm run test-dev
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+ISC © [Vates SAS](https://vates.fr)

packages/xo-acl-resolver/package.json

@@ -0,0 +1,35 @@
+{
+  "name": "xo-acl-resolver",
+  "version": "0.2.3",
+  "license": "ISC",
+  "description": "Xen-Orchestra internal: do ACLs resolution",
+  "keywords": [],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-acl-resolver",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=0.12"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-preset-env": "^1.6.1"
+  },
+  "scripts": {
+    "build": "babel --source-maps --out-dir=dist/ src/",
+    "dev": "babel --watch --source-maps --out-dir=dist/ src/",
+    "prepublishOnly": "yarn run build"
+  }
+}

packages/xo-acl-resolver/src/index.js

@@ -0,0 +1,131 @@
+// These global variables are not a problem because the algorithm is
+// synchronous.
+let permissionsByObject
+let getObject
+
+// -------------------------------------------------------------------
+
+const authorized = () => true // eslint-disable-line no-unused-vars
+const forbiddden = () => false // eslint-disable-line no-unused-vars
+
+const and = (...checkers) => (object, permission) => { // eslint-disable-line no-unused-vars
+  for (const checker of checkers) {
+    if (!checker(object, permission)) {
+      return false
+    }
+  }
+  return true
+}
+
+const or = (...checkers) => (object, permission) => { // eslint-disable-line no-unused-vars
+  for (const checker of checkers) {
+    if (checker(object, permission)) {
+      return true
+    }
+  }
+  return false
+}
+
+// -------------------------------------------------------------------
+
+const checkMember = (memberName) => (object, permission) => {
+  const member = object[memberName]
+  return member !== object.id && checkAuthorization(member, permission)
+}
+
+const checkSelf = ({ id }, permission) => {
+  const permissionsForObject = permissionsByObject[id]
+
+  return (
+    permissionsForObject &&
+    permissionsForObject[permission]
+  )
+}
+
+// ===================================================================
+
+const checkAuthorizationByTypes = {
+  host: or(checkSelf, checkMember('$pool')),
+
+  message: checkMember('$object'),
+
+  network: or(checkSelf, checkMember('$pool')),
+
+  SR: or(checkSelf, checkMember('$pool')),
+
+  task: checkMember('$host'),
+
+  VBD: checkMember('VDI'),
+
+  // Access to a VDI is granted if the user has access to the
+  // containing SR or to a linked VM.
+  VDI (vdi, permission) {
+    // Check authorization for the containing SR.
+    if (checkAuthorization(vdi.$SR, permission)) {
+      return true
+    }
+
+    // Check authorization for each of the connected VMs.
+    for (const vbdId of vdi.$VBDs) {
+      if (checkAuthorization(getObject(vbdId).VM, permission)) {
+        return true
+      }
+    }
+
+    return false
+  },
+
+  'VDI-snapshot': checkMember('$snapshot_of'),
+
+  VIF: or(checkMember('$network'), checkMember('$VM')),
+
+  VM: or(checkSelf, checkMember('$container')),
+
+  'VM-controller': checkMember('$container'),
+
+  'VM-snapshot': checkMember('$snapshot_of'),
+
+  'VM-template': or(checkSelf, checkMember('$pool')),
+}
+
+// Hoisting is important for this function.
+function checkAuthorization (objectId, permission) {
+  const object = getObject(objectId)
+  if (!object) {
+    return false
+  }
+
+  const checker = checkAuthorizationByTypes[object.type] || checkSelf
+
+  return checker(object, permission)
+}
+
+// -------------------------------------------------------------------
+
+export default (
+  permissionsByObject_,
+  getObject_,
+  permissions,
+  permission
+) => {
+  // Assign global variables.
+  permissionsByObject = permissionsByObject_
+  getObject = getObject_
+
+  try {
+    if (permission) {
+      return checkAuthorization(permissions, permission)
+    } else {
+      for (const [objectId, permission] of permissions) {
+        if (!checkAuthorization(objectId, permission)) {
+          return false
+        }
+      }
+    }
+
+    return true
+  } finally {
+    // Free the global variables.
+    permissionsByObject = getObject = null
+  }
+}

packages/xo-cli/.babelrc.js

@@ -0,0 +1,22 @@
+const { NODE_ENV = 'development' } = process.env
+
+module.exports = {
+  comments: false,
+  compact: true,
+  ignore: NODE_ENV === 'test' ? undefined : ['*.spec.js'],
+  // plugins: ['lodash']
+  presets: [
+    [
+      'env',
+      {
+        debug: true,
+        loose: true,
+        targets: {
+          node: process.env.NODE_ENV === 'production' ? '6' : 'current'
+        },
+        useBuiltIns: 'usage'
+      }
+    ],
+    'flow'
+  ]
+}

packages/xo-cli/.flowconfig

@@ -0,0 +1,12 @@
+[ignore]
+
+[include]
+
+[libs]
+
+[lints]
+
+[options]
+experimental.const_params=true
+module.use_strict=true
+unsafe.enable_getters_and_setters=true

packages/xo-cli/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-cli/.travis.yml

@@ -0,0 +1,8 @@
+language: node_js
+node_js:
+  - stable
+  - 6
+
+# Use containers.
+# http://docs.travis-ci.com/user/workers/container-based-infrastructure/
+sudo: false

packages/xo-cli/README.md

@@ -0,0 +1,156 @@
+# XO-CLI
+[![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](http://travis-ci.org/vatesfr/xen-orchestra)
+[![Dependency Status](https://david-dm.org/vatesfr/xo-cli/status.svg?theme=shields.io)](https://david-dm.org/vatesfr/xo-cli)
+[![devDependency Status](https://david-dm.org/vatesfr/xo-cli/dev-status.svg?theme=shields.io)](https://david-dm.org/vatesfr/xo-cli#info=devDependencies)
+
+> Basic CLI for Xen-Orchestra
+
+## Install
+
+#### [npm](https://npmjs.org/package/xo-cli)
+
+```
+npm install -g xo-cli
+```
+
+## Usage
+
+```
+> xo-cli --help
+Usage:
+
+  xo-cli --register [--expiresIn duration] <XO-Server URL> <username> [<password>]
+    Registers the XO instance to use.
+
+    --expiresIn duration
+      Can be used to change the validity duration of the
+      authorization token (default: one month).
+
+  xo-cli --unregister
+    Remove stored credentials.
+
+  xo-cli --list-commands [--json] [<pattern>]...
+    Returns the list of available commands on the current XO instance.
+
+    The patterns can be used to filter on command names.
+
+  xo-cli --list-objects [--<property>]… [<property>=<value>]...
+    Returns a list of XO objects.
+
+    --<property>
+      Restricts displayed properties to those listed.
+
+    <property>=<value>
+      Restricted displayed objects to those matching the patterns.
+
+  xo-cli <command> [<name>=<value>]...
+    Executes a command on the current XO instance.
+```
+
+#### Register your XO instance
+
+```
+> xo-cli --register http://xo.my-company.net admin@admin.net admin
+Successfully logged with admin@admin.net
+```
+
+Note: only a token will be saved in the configuration file.
+
+#### List available objects
+
+Prints all objects:
+
+```
+> xo-cli --list-objects
+```
+
+It is possible to filter on object properties, for instance to prints
+all VM templates:
+
+```
+> xo-cli --list-objects type=VM-template
+```
+
+#### List available commands
+
+```
+> xo-cli --list-commands
+```
+
+Commands can be filtered using patterns:
+
+```
+> xo-cli --list-commands '{user,group}.*'
+```
+
+#### Execute a command
+
+The same syntax is used for all commands: `xo-cli <command> <param
+name>=<value>...`
+
+E.g., adding a new server:
+
+```
+> xo-cli server.add host=my.server.net username=root password=secret-password
+42
+```
+
+The return value is the identifier of this new server in XO.
+
+Parameters (except `true` and `false` which are correctly parsed as
+booleans) are assumed to be strings, for other types, you may use JSON
+encoding by prefixing with `json:`:
+
+```
+> xo-cli foo.bar baz='json:[1, 2, 3]'
+```
+
+##### VM export
+
+```
+> xo-cli vm.export vm=a01667e0-8e29-49fc-a550-17be4226783c @=vm.xva
+```
+
+##### VM import
+
+ ```
+> xo-cli vm.import host=60a6939e-8b0a-4352-9954-5bde44bcdf7d @=vm.xva
+```
+
+## Development
+
+```
+# Install dependencies
+> yarn
+
+# Run the tests
+> yarn test
+
+# Continuously compile
+> yarn dev
+
+# Continuously run the tests
+> yarn dev-test
+
+# Build for production (automatically called by npm install)
+> yarn build
+
+# Commit changes
+> yarn cz
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+XO-CLI is released under the [AGPL
+v3](http://www.gnu.org/licenses/agpl-3.0-standalone.html).

packages/xo-cli/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "xo-cli",
+  "version": "0.10.1",
+  "license": "AGPL-3.0",
+  "description": "Basic CLI for Xen-Orchestra",
+  "keywords": [
+    "xo",
+    "xen-orchestra",
+    "xen",
+    "orchestra"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-cli",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": "Julien Fontanet <julien.fontanet@vates.fr>",
+  "preferGlobal": true,
+  "main": "dist/",
+  "bin": {
+    "xo-cli": "dist/index.js"
+  },
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=6"
+  },
+  "dependencies": {
+    "babel-polyfill": "^7.0.0-beta.3",
+    "bluebird": "^3.5.1",
+    "chalk": "^2.2.0",
+    "event-to-promise": "^0.8.0",
+    "exec-promise": "^0.7.0",
+    "fs-promise": "^2.0.3",
+    "got": "^8.0.1",
+    "human-format": "^0.9.0",
+    "l33teral": "^3.0.3",
+    "lodash": "^4.17.4",
+    "micromatch": "^3.1.3",
+    "mkdirp": "^0.5.1",
+    "nice-pipe": "0.0.0",
+    "pretty-ms": "^3.0.1",
+    "progress-stream": "^2.0.0",
+    "pw": "^0.0.4",
+    "strip-indent": "^2.0.0",
+    "xdg-basedir": "^3.0.0",
+    "xo-lib": "^0.9.0"
+  },
+  "devDependencies": {
+    "babel-cli": "^7.0.0-beta.3",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-preset-env": "^7.0.0-beta.3",
+    "babel-preset-flow": "^7.0.0-beta.3",
+    "cross-env": "^5.1.0",
+    "flow-bin": "^0.60.1",
+    "rimraf": "^2.6.2"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build",
+    "pretest": "flow status"
+  }
+}

packages/xo-cli/src/config.js

@@ -0,0 +1,54 @@
+'use strict'
+
+// ===================================================================
+
+const promisify = require('bluebird').promisify
+
+const readFile = promisify(require('fs').readFile)
+const writeFile = promisify(require('fs').writeFile)
+
+const assign = require('lodash/assign')
+const l33t = require('l33teral')
+const mkdirp = promisify(require('mkdirp'))
+const xdgBasedir = require('xdg-basedir')
+
+// ===================================================================
+
+const configPath = xdgBasedir.config + '/xo-cli'
+const configFile = configPath + '/config.json'
+
+// ===================================================================
+
+const load = exports.load = function () {
+  return readFile(configFile).then(JSON.parse).catch(function () {
+    return {}
+  })
+}
+
+exports.get = function (path) {
+  return load().then(function (config) {
+    return l33t(config).tap(path)
+  })
+}
+
+const save = exports.save = function (config) {
+  return mkdirp(configPath).then(function () {
+    return writeFile(configFile, JSON.stringify(config))
+  })
+}
+
+exports.set = function (data) {
+  return load().then(function (config) {
+    return save(assign(config, data))
+  })
+}
+
+exports.unset = function (paths) {
+  return load().then(function (config) {
+    const l33tConfig = l33t(config)
+    ;[].concat(paths).forEach(function (path) {
+      l33tConfig.purge(path, true)
+    })
+    return save(config)
+  })
+}

packages/xo-cli/src/index.js

@@ -0,0 +1,410 @@
+#!/usr/bin/env node
+
+'use strict'
+
+const Bluebird = require('bluebird')
+Bluebird.longStackTraces()
+
+const createReadStream = require('fs').createReadStream
+const createWriteStream = require('fs').createWriteStream
+const resolveUrl = require('url').resolve
+const stat = require('fs-promise').stat
+
+const chalk = require('chalk')
+const eventToPromise = require('event-to-promise')
+const forEach = require('lodash/forEach')
+const getKeys = require('lodash/keys')
+const got = require('got')
+const humanFormat = require('human-format')
+const identity = require('lodash/identity')
+const isArray = require('lodash/isArray')
+const isObject = require('lodash/isObject')
+const micromatch = require('micromatch')
+const nicePipe = require('nice-pipe')
+const pairs = require('lodash/toPairs')
+const pick = require('lodash/pick')
+const startsWith = require('lodash/startsWith')
+const prettyMs = require('pretty-ms')
+const progressStream = require('progress-stream')
+const pw = require('pw')
+
+// FIXME: re-enable the rule when https://github.com/mysticatea/eslint-plugin-node/issues/100 is fixed
+// eslint-disable-next-line node/no-missing-require
+const Xo = require('xo-lib').default
+
+// -------------------------------------------------------------------
+
+const config = require('./config')
+
+// ===================================================================
+
+async function connect () {
+  const { server, token } = await config.load()
+  if (server === undefined) {
+    throw new Error('no server to connect to!')
+  }
+
+  if (token === undefined) {
+    throw new Error('no token available')
+  }
+
+  const xo = new Xo({ url: server })
+  await xo.open()
+  await xo.signIn({ token })
+  return xo
+}
+
+const FLAG_RE = /^--([^=]+)(?:=([^]*))?$/
+function extractFlags (args) {
+  const flags = {}
+
+  let i = 0
+  const n = args.length
+  let matches
+  while (i < n && (matches = args[i].match(FLAG_RE))) {
+    const value = matches[2]
+
+    flags[matches[1]] = value === undefined ? true : value
+    ++i
+  }
+  args.splice(0, i)
+
+  return flags
+}
+
+const PARAM_RE = /^([^=]+)=([^]*)$/
+function parseParameters (args) {
+  const params = {}
+  forEach(args, function (arg) {
+    let matches
+    if (!(matches = arg.match(PARAM_RE))) {
+      throw new Error('invalid arg: ' + arg)
+    }
+    const name = matches[1]
+    let value = matches[2]
+
+    if (startsWith(value, 'json:')) {
+      value = JSON.parse(value.slice(5))
+    }
+
+    if (name === '@') {
+      params['@'] = value
+      return
+    }
+
+    if (value === 'true') {
+      value = true
+    } else if (value === 'false') {
+      value = false
+    }
+
+    params[name] = value
+  })
+
+  return params
+}
+
+const humanFormatOpts = {
+  unit: 'B',
+  scale: 'binary',
+}
+
+function printProgress (progress) {
+  if (progress.length) {
+    console.warn('%s% of %s @ %s/s - ETA %s',
+      Math.round(progress.percentage),
+      humanFormat(progress.length, humanFormatOpts),
+      humanFormat(progress.speed, humanFormatOpts),
+      prettyMs(progress.eta * 1e3)
+    )
+  } else {
+    console.warn('%s @ %s/s',
+      humanFormat(progress.transferred, humanFormatOpts),
+      humanFormat(progress.speed, humanFormatOpts)
+    )
+  }
+}
+
+function wrap (val) {
+  return function wrappedValue () {
+    return val
+  }
+}
+
+// ===================================================================
+
+const help = wrap((function (pkg) {
+  return require('strip-indent')(`
+    Usage:
+
+      $name --register [--expiresIn duration] <XO-Server URL> <username> [<password>]
+        Registers the XO instance to use.
+
+        --expiresIn duration
+          Can be used to change the validity duration of the
+          authorization token (default: one month).
+
+      $name --unregister
+        Remove stored credentials.
+
+      $name --list-commands [--json] [<pattern>]...
+        Returns the list of available commands on the current XO instance.
+
+        The patterns can be used to filter on command names.
+
+      $name --list-objects [--<property>]… [<property>=<value>]...
+        Returns a list of XO objects.
+
+        --<property>
+          Restricts displayed properties to those listed.
+
+        <property>=<value>
+          Restricted displayed objects to those matching the patterns.
+
+      $name <command> [<name>=<value>]...
+        Executes a command on the current XO instance.
+
+    $name v$version
+  `).replace(/<([^>]+)>|\$(\w+)/g, function (_, arg, key) {
+    if (arg) {
+      return '<' + chalk.yellow(arg) + '>'
+    }
+
+    if (key === 'name') {
+      return chalk.bold(pkg[key])
+    }
+
+    return pkg[key]
+  })
+})(require('../package')))
+
+// -------------------------------------------------------------------
+
+function main (args) {
+  if (!args || !args.length || args[0] === '-h') {
+    return help()
+  }
+
+  const fnName = args[0].replace(/^--|-\w/g, function (match) {
+    if (match === '--') {
+      return ''
+    }
+
+    return match[1].toUpperCase()
+  })
+  if (fnName in exports) {
+    return exports[fnName](args.slice(1))
+  }
+
+  return exports.call(args)
+}
+exports = module.exports = main
+
+// -------------------------------------------------------------------
+
+exports.help = help
+
+async function register (args) {
+  let expiresIn
+  if (args[0] === '--expiresIn') {
+    expiresIn = args[1]
+    args = args.slice(2)
+  }
+
+  const [
+    url,
+    email,
+    password = await new Promise(function (resolve) {
+      process.stdout.write('Password: ')
+      pw(resolve)
+    }),
+  ] = args
+
+  const xo = new Xo({ url })
+  await xo.open()
+  await xo.signIn({ email, password })
+  console.log('Successfully logged with', xo.user.email)
+
+  await config.set({
+    server: url,
+    token: await xo.call('token.create', { expiresIn }),
+  })
+}
+exports.register = register
+
+function unregister () {
+  return config.unset([
+    'server',
+    'token',
+  ])
+}
+exports.unregister = unregister
+
+async function listCommands (args) {
+  const xo = await connect()
+  let methods = await xo.call('system.getMethodsInfo')
+
+  let json = false
+  const patterns = []
+  forEach(args, function (arg) {
+    if (arg === '--json') {
+      json = true
+    } else {
+      patterns.push(arg)
+    }
+  })
+
+  if (patterns.length) {
+    methods = pick(methods, micromatch(Object.keys(methods), patterns))
+  }
+
+  if (json) {
+    return methods
+  }
+
+  methods = pairs(methods)
+  methods.sort(function (a, b) {
+    a = a[0]
+    b = b[0]
+    if (a < b) {
+      return -1
+    }
+    return +(a > b)
+  })
+
+  const str = []
+  forEach(methods, function (method) {
+    const name = method[0]
+    const info = method[1]
+    str.push(chalk.bold.blue(name))
+    forEach(info.params || [], function (info, name) {
+      str.push(' ')
+      if (info.optional) {
+        str.push('[')
+      }
+
+      const type = info.type
+      str.push(
+        name,
+        '=<',
+        type == null
+          ? 'unknown type'
+          : isArray(type)
+            ? type.join('|')
+            : type,
+        '>'
+      )
+
+      if (info.optional) {
+        str.push(']')
+      }
+    })
+    str.push('\n')
+    if (info.description) {
+      str.push('  ', info.description, '\n')
+    }
+  })
+  return str.join('')
+}
+exports.listCommands = listCommands
+
+async function listObjects (args) {
+  const properties = getKeys(extractFlags(args))
+  const filterProperties = properties.length
+    ? function (object) {
+      return pick(object, properties)
+    }
+    : identity
+
+  const filter = args.length ? parseParameters(args) : undefined
+
+  const xo = await connect()
+  const objects = await xo.call('xo.getAllObjects', { filter })
+
+  const stdout = process.stdout
+  stdout.write('[\n')
+  const keys = Object.keys(objects)
+  for (let i = 0, n = keys.length; i < n;) {
+    stdout.write(JSON.stringify(filterProperties(objects[keys[i]]), null, 2))
+    stdout.write(++i < n ? ',\n' : '\n')
+  }
+  stdout.write(']\n')
+}
+exports.listObjects = listObjects
+
+async function call (args) {
+  if (!args.length) {
+    throw new Error('missing command name')
+  }
+
+  const method = args.shift()
+  const params = parseParameters(args)
+
+  const file = params['@']
+  delete params['@']
+
+  const xo = await connect()
+
+  // FIXME: do not use private properties.
+  const baseUrl = xo._url.replace(/^ws/, 'http')
+
+  const result = await xo.call(method, params)
+  let keys, key, url
+  if (
+    isObject(result) &&
+    (keys = getKeys(result)).length === 1
+  ) {
+    key = keys[0]
+
+    if (key === '$getFrom') {
+      url = resolveUrl(baseUrl, result[key])
+      const output = createWriteStream(file)
+
+      const progress = progressStream({ time: 1e3 }, printProgress)
+
+      return eventToPromise(nicePipe([
+        got.stream(url).on('response', function (response) {
+          const length = response.headers['content-length']
+          if (length !== undefined) {
+            progress.length(length)
+          }
+        }),
+        progress,
+        output,
+      ]), 'finish')
+    }
+
+    if (key === '$sendTo') {
+      url = resolveUrl(baseUrl, result[key])
+
+      const stats = await stat(file)
+      const length = stats.size
+
+      const input = nicePipe([
+        createReadStream(file),
+        progressStream({
+          length: length,
+          time: 1e3,
+        }, printProgress),
+      ])
+
+      const response = await got.post(url, {
+        body: input,
+        headers: {
+          'content-length': length,
+        },
+        method: 'POST',
+      })
+      return response.body
+    }
+  }
+
+  return result
+}
+exports.call = call
+
+// ===================================================================
+
+if (!module.parent) {
+  require('exec-promise')(exports)
+}

packages/xo-collection/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-collection/LICENSE

@@ -0,0 +1,662 @@
+GNU AFFERO GENERAL PUBLIC LICENSE
+                       Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+  A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate.  Many developers of free software are heartened and
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+  The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+  An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals.  This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU Affero General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Remote Network Interaction; Use with the GNU General Public License.
+
+  Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software.  This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time.  Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published
+    by the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source.  For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code.  There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<http://www.gnu.org/licenses/>.
+

packages/xo-collection/README.md

@@ -0,0 +1,265 @@
+# xo-collection [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> Generic in-memory collection with events
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-collection):
+
+```
+> npm install --save xo-collection
+```
+
+## Usage
+
+```javascript
+var Collection = require('xo-collection')
+```
+
+### Creation
+
+```javascript
+// Creates a new collection.
+var col = new Collection()
+```
+
+### Manipulation
+
+**Inserting a new item**
+
+```javascript
+col.add('foo', true)
+```
+
+- **Throws** `DuplicateItem` if the item is already in the collection.
+
+**Updating an existing item**
+
+```javascript
+col.update('foo', false)
+```
+
+- **Throws** `NoSuchItem` if the item is not in the collection.
+
+**Inserting or updating an item**
+
+```javascript
+col.set('bar', true)
+```
+
+**Notifying an external update**
+
+> If an item is an object, it can be updated directly without using
+> the `set`/`update` methods.
+>
+> To make sure the collection stays in sync and the correct events are
+> sent, the `touch` method can be used to notify the change.
+
+```javascript
+var baz = {}
+
+col.add('baz', baz)
+
+baz.prop = true
+col.touch('baz')
+```
+
+> Because this is a much used pattern, `touch` returns the item to
+> allow its direct modification.
+
+```javascript
+col.touch('baz').prop = false
+```
+
+- **Throws** `NoSuchItem` if the item is not in the collection.
+- **Throws** `IllegalTouch` if the item is not an object.
+
+**Removing an existing item**
+
+```javascript
+col.remove('bar')
+```
+
+- **Throws** `NoSuchItem` if the item is not in the collection.
+
+**Removing an item without error**
+
+This is the symmetric method of `set()`: it removes the item if it
+exists otherwise does nothing.
+
+```javascript
+col.unset('bar')
+```
+
+**Removing all items**
+
+```javascript
+col.clear()
+```
+
+### Query
+
+**Checking the existence of an item**
+
+```javascript
+var hasBar = col.has('bar')
+```
+
+**Getting an existing item**
+
+```javascript
+var foo = col.get('foo')
+
+// The second parameter can be used to specify a fallback in case the
+// item does not exist.
+var bar = col.get('bar', 6.28)
+```
+
+- **Throws** `NoSuchItem` if the item is not in the collection and no
+  fallback has been passed.
+
+**Getting a read-only view of the collection**
+
+> This property is useful for example to iterate over the collection
+> or to make advanced queries with the help of utility libraries such
+> as lodash.
+
+```javascript
+var _ = require('lodash')
+
+// Prints all the items.
+_.forEach(col.all, function (value, key) {
+  console.log('- %s: %j', key, value)
+})
+
+// Finds all the items which are objects and have a property
+// `active` which equals `true`.
+var results = _.where(col.all, { active: true })
+```
+
+**Getting the number of items**
+
+```javascript
+var size = col.size
+```
+
+### Events
+
+> The events are emitted asynchronously (at the next turn/tick of the
+> event loop) and are deduplicated which means, for instance, that an
+> addition followed by an update will result only in a single
+> addition.
+
+**New items**
+
+```javascript
+col.on('add', (added) => {
+  forEach(added, (value, key) => {
+    console.log('+ %s: %j', key, value)
+  })
+})
+```
+
+**Updated items**
+
+```javascript
+col.on('update', (updated) => {
+  forEach(updated, (value, key) => {
+    console.log('± %s: %j', key, value)
+  })
+})
+```
+
+**Removed items**
+
+```javascript
+col.on('remove', (removed) => {
+  // For consistency, `removed` is also a map but contrary to `added`
+  // and `updated`, the values associated to the keys are not
+  // significant since the items have already be removed.
+
+  forEach(removed, (value, key) => {
+    console.log('- %s', key)
+  })
+})
+```
+
+**End of update**
+
+> Emitted when all the update process is finished and all the update
+> events has been emitted.
+
+```javascript
+col.on('finish', () => {
+  console.log('the collection has been updated')
+})
+```
+
+### Iteration
+
+```javascript
+for (const [key, value] of col) {
+  console.log('- %s: %j', key, value)
+}
+
+for (const key of col.keys()) {
+  console.log('- %s', key)
+}
+
+for (const value of col.values()) {
+  console.log('- %j', value)
+}
+```
+
+### Views
+
+```javascript
+const View = require('xo-collection/view')
+```
+
+> A view is a read-only collection which contains only the items of a
+> parent collection which satisfy a predicate.
+>
+> It is updated at most once per turn of the event loop and therefore
+> can be briefly invalid.
+
+```javascript
+const myView = new View(parentCollection, function predicate (value, key) {
+  // This function should return a boolean indicating whether the
+  // current item should be in this view.
+})
+```
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+ISC © [Vates SAS](http://vates.fr)

packages/xo-collection/index.js

@@ -0,0 +1 @@
+module.exports = require('./dist/index') // eslint-disable-line node/no-missing-require

packages/xo-collection/package.json

@@ -0,0 +1,68 @@
+{
+  "name": "xo-collection",
+  "version": "0.4.1",
+  "license": "ISC",
+  "description": "Generic in-memory collection with events",
+  "keywords": [],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-collection",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Fabrice Marsaud",
+    "email": "fabrice.marsaud@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/collection",
+  "bin": {},
+  "files": [
+    "dist/",
+    "*.js"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.18.0",
+    "kindof": "^2.0.0",
+    "lodash": "^4.17.2",
+    "make-error": "^1.0.2"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "event-to-promise": "^0.8.0",
+    "lint-staged": "^6.0.0",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "yarn run prebuild",
+    "prepublishOnly": "yarn run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash",
+      "transform-runtime"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-collection/src/clear-object.js

@@ -0,0 +1,5 @@
+export default function clearObject (object) {
+  for (const key in object) {
+    delete object[key]
+  }
+}

packages/xo-collection/src/collection.js

@@ -0,0 +1,363 @@
+import kindOf from 'kindof'
+import {BaseError} from 'make-error'
+import {EventEmitter} from 'events'
+import {forEach} from 'lodash'
+
+import isEmpty from './is-empty'
+import isObject from './is-object'
+
+// ===================================================================
+
+const {
+  create: createObject,
+  prototype: { hasOwnProperty },
+} = Object
+
+export const ACTION_ADD = 'add'
+export const ACTION_UPDATE = 'update'
+export const ACTION_REMOVE = 'remove'
+
+// ===================================================================
+
+export class BufferAlreadyFlushed extends BaseError {
+  constructor () {
+    super('buffer flush already requested')
+  }
+}
+
+export class DuplicateIndex extends BaseError {
+  constructor (name) {
+    super('there is already an index with the name ' + name)
+  }
+}
+
+export class DuplicateItem extends BaseError {
+  constructor (key) {
+    super('there is already a item with the key ' + key)
+  }
+}
+
+export class IllegalTouch extends BaseError {
+  constructor (value) {
+    super('only an object value can be touched (found a ' + kindOf(value) + ')')
+  }
+}
+
+export class InvalidKey extends BaseError {
+  constructor (key) {
+    super('invalid key of type ' + kindOf(key))
+  }
+}
+
+export class NoSuchIndex extends BaseError {
+  constructor (name) {
+    super('there is no index with the name ' + name)
+  }
+}
+
+export class NoSuchItem extends BaseError {
+  constructor (key) {
+    super('there is no item with the key ' + key)
+  }
+}
+
+// -------------------------------------------------------------------
+
+export default class Collection extends EventEmitter {
+  constructor () {
+    super()
+
+    this._buffer = createObject(null)
+    this._buffering = 0
+    this._indexes = createObject(null)
+    this._indexedItems = createObject(null)
+    this._items = {} // createObject(null)
+    this._size = 0
+  }
+
+  // Overridable method used to compute the key of an item when
+  // unspecified.
+  //
+  // Default implementation returns the `id` property.
+  getKey (value) {
+    return value && value.id
+  }
+
+  // -----------------------------------------------------------------
+  // Properties
+  // -----------------------------------------------------------------
+
+  get all () {
+    return this._items
+  }
+
+  get indexes () {
+    return this._indexedItems
+  }
+
+  get size () {
+    return this._size
+  }
+
+  // -----------------------------------------------------------------
+  // Manipulation
+  // -----------------------------------------------------------------
+
+  add (keyOrObjectWithId, valueIfKey = undefined) {
+    const [key, value] = this._resolveItem(keyOrObjectWithId, valueIfKey)
+    this._assertHasNot(key)
+
+    this._items[key] = value
+    this._size++
+    this._touch(ACTION_ADD, key)
+  }
+
+  clear () {
+    forEach(this._items, (_, key) => this._remove(key))
+  }
+
+  remove (keyOrObjectWithId) {
+    const [key] = this._resolveItem(keyOrObjectWithId)
+    this._assertHas(key)
+
+    this._remove(key)
+  }
+
+  set (keyOrObjectWithId, valueIfKey = undefined) {
+    const [key, value] = this._resolveItem(keyOrObjectWithId, valueIfKey)
+
+    const action = this.has(key) ? ACTION_UPDATE : ACTION_ADD
+    this._items[key] = value
+    if (action === ACTION_ADD) {
+      this._size++
+    }
+    this._touch(action, key)
+  }
+
+  touch (keyOrObjectWithId) {
+    const [key] = this._resolveItem(keyOrObjectWithId)
+    this._assertHas(key)
+    const value = this.get(key)
+    if (!isObject(value)) {
+      throw new IllegalTouch(value)
+    }
+
+    this._touch(ACTION_UPDATE, key)
+
+    return this.get(key)
+  }
+
+  unset (keyOrObjectWithId) {
+    const [key] = this._resolveItem(keyOrObjectWithId)
+
+    if (this.has(key)) {
+      this._remove(key)
+    }
+  }
+
+  update (keyOrObjectWithId, valueIfKey = undefined) {
+    const [key, value] = this._resolveItem(keyOrObjectWithId, valueIfKey)
+    this._assertHas(key)
+
+    this._items[key] = value
+    this._touch(ACTION_UPDATE, key)
+  }
+
+  // -----------------------------------------------------------------
+  // Query
+  // -----------------------------------------------------------------
+
+  get (key, defaultValue) {
+    if (this.has(key)) {
+      return this._items[key]
+    }
+
+    if (arguments.length > 1) {
+      return defaultValue
+    }
+
+    // Throws a NoSuchItem.
+    this._assertHas(key)
+  }
+
+  has (key) {
+    return hasOwnProperty.call(this._items, key)
+  }
+
+  // -----------------------------------------------------------------
+  // Indexes
+  // -----------------------------------------------------------------
+
+  createIndex (name, index) {
+    const {_indexes: indexes} = this
+    if (hasOwnProperty.call(indexes, name)) {
+      throw new DuplicateIndex(name)
+    }
+
+    indexes[name] = index
+    this._indexedItems[name] = index.items
+
+    index._attachCollection(this)
+  }
+
+  deleteIndex (name) {
+    const {_indexes: indexes} = this
+    if (!hasOwnProperty.call(indexes, name)) {
+      throw new NoSuchIndex(name)
+    }
+
+    const index = indexes[name]
+    delete indexes[name]
+    delete this._indexedItems[name]
+
+    index._detachCollection(this)
+  }
+
+  // -----------------------------------------------------------------
+  // Iteration
+  // -----------------------------------------------------------------
+
+  * [Symbol.iterator] () {
+    const {_items: items} = this
+
+    for (const key in items) {
+      yield [key, items[key]]
+    }
+  }
+
+  * keys () {
+    const {_items: items} = this
+
+    for (const key in items) {
+      yield key
+    }
+  }
+
+  * values () {
+    const {_items: items} = this
+
+    for (const key in items) {
+      yield items[key]
+    }
+  }
+
+  // -----------------------------------------------------------------
+  // Events buffering
+  // -----------------------------------------------------------------
+
+  bufferEvents () {
+    ++this._buffering
+
+    let called = false
+    return () => {
+      if (called) {
+        throw new BufferAlreadyFlushed()
+      }
+      called = true
+
+      if (--this._buffering) {
+        return
+      }
+
+      const {_buffer: buffer} = this
+
+      // Due to deduplication there could be nothing in the buffer.
+      if (isEmpty(buffer)) {
+        return
+      }
+
+      const data = {
+        add: createObject(null),
+        remove: createObject(null),
+        update: createObject(null),
+      }
+
+      for (const key in this._buffer) {
+        data[buffer[key]][key] = this._items[key]
+      }
+
+      forEach(data, (items, action) => {
+        if (!isEmpty(items)) {
+          this.emit(action, items)
+        }
+      })
+
+      // Indicates the end of the update.
+      //
+      // This name has been chosen because it is used in Node writable
+      // streams when the data has been successfully committed.
+      this.emit('finish')
+
+      this._buffer = createObject(null)
+    }
+  }
+
+  // =================================================================
+
+  _assertHas (key) {
+    if (!this.has(key)) {
+      throw new NoSuchItem(key)
+    }
+  }
+
+  _assertHasNot (key) {
+    if (this.has(key)) {
+      throw new DuplicateItem(key)
+    }
+  }
+
+  _assertValidKey (key) {
+    if (!this._isValidKey(key)) {
+      throw new InvalidKey(key)
+    }
+  }
+
+  _isValidKey (key) {
+    return typeof key === 'number' || typeof key === 'string'
+  }
+
+  _remove (key) {
+    delete this._items[key]
+    this._size--
+    this._touch(ACTION_REMOVE, key)
+  }
+
+  _resolveItem (keyOrObjectWithId, valueIfKey = undefined) {
+    if (valueIfKey !== undefined) {
+      this._assertValidKey(keyOrObjectWithId)
+
+      return [keyOrObjectWithId, valueIfKey]
+    }
+
+    if (this._isValidKey(keyOrObjectWithId)) {
+      return [keyOrObjectWithId]
+    }
+
+    const key = this.getKey(keyOrObjectWithId)
+    this._assertValidKey(key)
+
+    return [key, keyOrObjectWithId]
+  }
+
+  _touch (action, key) {
+    if (this._buffering === 0) {
+      const flush = this.bufferEvents()
+
+      process.nextTick(flush)
+    }
+
+    if (action === ACTION_ADD) {
+      this._buffer[key] = this._buffer[key] ? ACTION_UPDATE : ACTION_ADD
+    } else if (action === ACTION_REMOVE) {
+      if (this._buffer[key] === ACTION_ADD) {
+        delete this._buffer[key]
+      } else {
+        this._buffer[key] = ACTION_REMOVE
+      }
+    } else { // update
+      if (!this._buffer[key]) {
+        this._buffer[key] = ACTION_UPDATE
+      }
+    }
+  }
+}

packages/xo-collection/src/collection.spec.js

@@ -0,0 +1,340 @@
+/* eslint-env jest */
+
+import eventToPromise from 'event-to-promise'
+import { forEach } from 'lodash'
+
+import Collection, {DuplicateItem, NoSuchItem} from './collection'
+
+// ===================================================================
+
+function waitTicks (n = 2) {
+  const {nextTick} = process
+
+  return new Promise(function (resolve) {
+    (function waitNextTick () {
+      // The first tick is handled by Promise#then()
+      if (--n) {
+        nextTick(waitNextTick)
+      } else {
+        resolve()
+      }
+    })()
+  })
+}
+
+describe('Collection', function () {
+  let col
+  beforeEach(function () {
+    col = new Collection()
+    col.add('bar', 0)
+
+    return waitTicks()
+  })
+
+  it('is iterable', function () {
+    const iterator = col[Symbol.iterator]()
+
+    expect(iterator.next()).toEqual({done: false, value: ['bar', 0]})
+    expect(iterator.next()).toEqual({done: true, value: undefined})
+  })
+
+  describe('#keys()', function () {
+    it('returns an iterator over the keys', function () {
+      const iterator = col.keys()
+
+      expect(iterator.next()).toEqual({done: false, value: 'bar'})
+      expect(iterator.next()).toEqual({done: true, value: undefined})
+    })
+  })
+
+  describe('#values()', function () {
+    it('returns an iterator over the values', function () {
+      const iterator = col.values()
+
+      expect(iterator.next()).toEqual({done: false, value: 0})
+      expect(iterator.next()).toEqual({done: true, value: undefined})
+    })
+  })
+
+  describe('#add()', function () {
+    it('adds item to the collection', function () {
+      const spy = jest.fn()
+      col.on('add', spy)
+
+      col.add('foo', true)
+
+      expect(col.get('foo')).toBe(true)
+
+      // No sync events.
+      expect(spy).not.toHaveBeenCalled()
+
+      // Async event.
+      return eventToPromise(col, 'add').then(function (added) {
+        expect(Object.keys(added)).toEqual([ 'foo' ])
+        expect(added.foo).toBe(true)
+      })
+    })
+
+    it('throws an exception if the item already exists', function () {
+      expect(() => col.add('bar', true)).toThrowError(DuplicateItem)
+    })
+
+    it('accepts an object with an id property', function () {
+      const foo = { id: 'foo' }
+
+      col.add(foo)
+
+      expect(col.get(foo.id)).toBe(foo)
+    })
+  })
+
+  describe('#update()', function () {
+    it('updates an item of the collection', function () {
+      const spy = jest.fn()
+      col.on('update', spy)
+
+      col.update('bar', 1)
+      expect(col.get('bar')).toBe(1) // Will be forgotten by de-duplication
+      col.update('bar', 2)
+      expect(col.get('bar')).toBe(2)
+
+      // No sync events.
+      expect(spy).not.toHaveBeenCalled()
+
+      // Async event.
+      return eventToPromise(col, 'update').then(function (updated) {
+        expect(Object.keys(updated)).toEqual(['bar'])
+        expect(updated.bar).toBe(2)
+      })
+    })
+
+    it('throws an exception if the item does not exist', function () {
+      expect(() => col.update('baz', true)).toThrowError(NoSuchItem)
+    })
+
+    it('accepts an object with an id property', function () {
+      const bar = { id: 'bar' }
+
+      col.update(bar)
+
+      expect(col.get(bar.id)).toBe(bar)
+    })
+  })
+
+  describe('#remove()', function () {
+    it('removes an item of the collection', function () {
+      const spy = jest.fn()
+      col.on('remove', spy)
+
+      col.update('bar', 1)
+      expect(col.get('bar')).toBe(1) // Will be forgotten by de-duplication
+      col.remove('bar')
+
+      // No sync events.
+      expect(spy).not.toHaveBeenCalled()
+
+      // Async event.
+      return eventToPromise(col, 'remove').then(function (removed) {
+        expect(Object.keys(removed)).toEqual(['bar'])
+        expect(removed.bar).toBeUndefined()
+      })
+    })
+
+    it('throws an exception if the item does not exist', function () {
+      expect(() => col.remove('baz', true)).toThrowError(NoSuchItem)
+    })
+
+    it('accepts an object with an id property', function () {
+      const bar = { id: 'bar' }
+
+      col.remove(bar)
+
+      expect(col.has(bar.id)).toBe(false)
+    })
+  })
+
+  describe('#set()', function () {
+    it('adds item if collection has not key', function () {
+      const spy = jest.fn()
+      col.on('add', spy)
+
+      col.set('foo', true)
+
+      expect(col.get('foo')).toBe(true)
+
+      // No sync events.
+      expect(spy).not.toHaveBeenCalled()
+
+      // Async events.
+      return eventToPromise(col, 'add').then(function (added) {
+        expect(Object.keys(added)).toEqual(['foo'])
+        expect(added.foo).toBe(true)
+      })
+    })
+
+    it('updates item if collection has key', function () {
+      const spy = jest.fn()
+      col.on('udpate', spy)
+
+      col.set('bar', 1)
+
+      expect(col.get('bar')).toBe(1)
+
+      // No sync events.
+      expect(spy).not.toHaveBeenCalled()
+
+      // Async events.
+      return eventToPromise(col, 'update').then(function (updated) {
+        expect(Object.keys(updated)).toEqual(['bar'])
+        expect(updated.bar).toBe(1)
+      })
+    })
+
+    it('accepts an object with an id property', function () {
+      const foo = { id: 'foo' }
+
+      col.set(foo)
+
+      expect(col.get(foo.id)).toBe(foo)
+    })
+  })
+
+  describe('#unset()', function () {
+    it('removes an existing item', function () {
+      col.unset('bar')
+
+      expect(col.has('bar')).toBe(false)
+
+      return eventToPromise(col, 'remove').then(function (removed) {
+        expect(Object.keys(removed)).toEqual(['bar'])
+        expect(removed.bar).toBeUndefined()
+      })
+    })
+
+    it('does not throw if the item does not exists', function () {
+      col.unset('foo')
+    })
+
+    it('accepts an object with an id property', function () {
+      col.unset({id: 'bar'})
+
+      expect(col.has('bar')).toBe(false)
+
+      return eventToPromise(col, 'remove').then(function (removed) {
+        expect(Object.keys(removed)).toEqual(['bar'])
+        expect(removed.bar).toBeUndefined()
+      })
+    })
+  })
+
+  describe('touch()', function () {
+    it('can be used to signal an indirect update', function () {
+      const foo = { id: 'foo' }
+      col.add(foo)
+
+      return waitTicks().then(() => {
+        col.touch(foo)
+
+        return eventToPromise(col, 'update', (items) => {
+          expect(Object.keys(items)).toEqual(['foo'])
+          expect(items.foo).toBe(foo)
+        })
+      })
+    })
+  })
+
+  describe('clear()', function () {
+    it('removes all items from the collection', function () {
+      col.clear()
+
+      expect(col.size).toBe(0)
+
+      return eventToPromise(col, 'remove').then((items) => {
+        expect(Object.keys(items)).toEqual(['bar'])
+        expect(items.bar).toBeUndefined()
+      })
+    })
+  })
+
+  describe('deduplicates events', function () {
+    forEach({
+      'add & update → add': [
+        [
+          ['add', 'foo', 0],
+          ['update', 'foo', 1],
+        ],
+        {
+          add: {
+            foo: 1,
+          },
+        },
+      ],
+
+      'add & remove → ∅': [
+        [
+          ['add', 'foo', 0],
+          ['remove', 'foo'],
+        ],
+        {},
+      ],
+
+      'update & update → update': [
+        [
+          ['update', 'bar', 1],
+          ['update', 'bar', 2],
+        ],
+        {
+          update: {
+            bar: 2,
+          },
+        },
+      ],
+
+      'update & remove → remove': [
+        [
+          ['update', 'bar', 1],
+          ['remove', 'bar'],
+        ],
+        {
+          remove: {
+            bar: undefined,
+          },
+        },
+      ],
+
+      'remove & add → update': [
+        [
+          ['remove', 'bar'],
+          ['add', 'bar', 0],
+        ],
+        {
+          update: {
+            bar: 0,
+          },
+        },
+      ],
+    }, ([operations, results], label) => {
+      it(label, function () {
+        forEach(operations, ([method, ...args]) => {
+          col[method](...args)
+        })
+
+        const spies = Object.create(null)
+        forEach(['add', 'update', 'remove'], event => {
+          col.on(event, (spies[event] = jest.fn()))
+        })
+
+        return waitTicks().then(() => {
+          forEach(spies, (spy, event) => {
+            const items = results[event]
+            if (items) {
+              expect(spy.mock.calls).toEqual([ [ items ] ])
+            } else {
+              expect(spy).not.toHaveBeenCalled()
+            }
+          })
+        })
+      })
+    })
+  })
+})

packages/xo-collection/src/index.js

@@ -0,0 +1,149 @@
+import { bind, iteratee } from 'lodash'
+
+import clearObject from './clear-object'
+import isEmpty from './is-empty'
+import NotImplemented from './not-implemented'
+import {
+  ACTION_ADD,
+  ACTION_UPDATE,
+  ACTION_REMOVE,
+} from './collection'
+
+// ===================================================================
+
+export default class Index {
+  constructor (computeHash) {
+    if (computeHash) {
+      this.computeHash = iteratee(computeHash)
+    }
+
+    this._itemsByHash = Object.create(null)
+    this._keysToHash = Object.create(null)
+
+    // Bound versions of listeners.
+    this._onAdd = bind(this._onAdd, this)
+    this._onUpdate = bind(this._onUpdate, this)
+    this._onRemove = bind(this._onRemove, this)
+  }
+
+  // This method is used to compute the hash under which an item must
+  // be saved.
+  computeHash (value, key) {
+    throw new NotImplemented('this method must be overridden')
+  }
+
+  // Remove empty items lists.
+  sweep () {
+    const {_itemsByHash: itemsByHash} = this
+    for (const hash in itemsByHash) {
+      if (isEmpty(itemsByHash[hash])) {
+        delete itemsByHash[hash]
+      }
+    }
+  }
+
+  // -----------------------------------------------------------------
+
+  get items () {
+    return this._itemsByHash
+  }
+
+  // -----------------------------------------------------------------
+
+  _attachCollection (collection) {
+    // Add existing entries.
+    //
+    // FIXME: I think there may be a race condition if the `add` event
+    // has not been emitted yet.
+    this._onAdd(collection.all)
+
+    collection.on(ACTION_ADD, this._onAdd)
+    collection.on(ACTION_UPDATE, this._onUpdate)
+    collection.on(ACTION_REMOVE, this._onRemove)
+  }
+
+  _detachCollection (collection) {
+    collection.removeListener(ACTION_ADD, this._onAdd)
+    collection.removeListener(ACTION_UPDATE, this._onUpdate)
+    collection.removeListener(ACTION_REMOVE, this._onRemove)
+
+    clearObject(this._itemsByHash)
+    clearObject(this._keysToHash)
+  }
+
+  // -----------------------------------------------------------------
+
+  _onAdd (items) {
+    const {
+      computeHash,
+      _itemsByHash: itemsByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const value = items[key]
+
+      const hash = computeHash(value, key)
+
+      if (hash != null) {
+        (
+          itemsByHash[hash] ||
+
+          // FIXME: We do not use objects without prototype for now
+          // because it breaks Angular in xo-web, change it back when
+          // this is fixed.
+          (itemsByHash[hash] = {})
+        )[key] = value
+
+        keysToHash[key] = hash
+      }
+    }
+  }
+
+  _onUpdate (items) {
+    const {
+      computeHash,
+      _itemsByHash: itemsByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const value = items[key]
+
+      const prev = keysToHash[key]
+      const hash = computeHash(value, key)
+
+      // Removes item from the previous hash's list if any.
+      if (prev != null) delete itemsByHash[prev][key]
+
+      // Inserts item into the new hash's list if any.
+      if (hash != null) {
+        (
+          itemsByHash[hash] ||
+
+          // FIXME: idem: change back to Object.create(null)
+          (itemsByHash[hash] = {})
+        )[key] = value
+
+        keysToHash[key] = hash
+      } else {
+        delete keysToHash[key]
+      }
+    }
+  }
+
+  _onRemove (items) {
+    const {
+      _itemsByHash: itemsByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const prev = keysToHash[key]
+      if (prev != null) {
+        delete itemsByHash[prev][key]
+        delete keysToHash[key]
+      }
+    }
+  }
+}

packages/xo-collection/src/index.spec.js

@@ -0,0 +1,180 @@
+/* eslint-env jest */
+
+import eventToPromise from 'event-to-promise'
+import { forEach } from 'lodash'
+
+import Collection from './collection'
+import Index from './index'
+
+// ===================================================================
+
+const waitTicks = (n = 2) => {
+  const {nextTick} = process
+
+  return new Promise(resolve => {
+    (function waitNextTick () {
+      // The first tick is handled by Promise#then()
+      if (--n) {
+        nextTick(waitNextTick)
+      } else {
+        resolve()
+      }
+    })()
+  })
+}
+
+// ===================================================================
+
+describe('Index', function () {
+  let col, byGroup
+  const item1 = {
+    id: '2ccb8a72-dc65-48e4-88fe-45ef541f2cba',
+    group: 'foo',
+  }
+  const item2 = {
+    id: '7d21dc51-4da8-4538-a2e9-dd6f4784eb76',
+    group: 'bar',
+  }
+  const item3 = {
+    id: '668c1274-4442-44a6-b99a-512188e0bb09',
+    group: 'foo',
+  }
+  const item4 = {
+    id: 'd90b7335-e540-4a44-ad22-c4baae9cd0a9',
+  }
+
+  beforeEach(function () {
+    col = new Collection()
+    forEach([item1, item2, item3, item4], item => {
+      col.add(item)
+    })
+
+    byGroup = new Index('group')
+
+    col.createIndex('byGroup', byGroup)
+
+    return waitTicks()
+  })
+
+  it('works with existing items', function () {
+    expect(col.indexes).toEqual({
+      byGroup: {
+        foo: {
+          [item1.id]: item1,
+          [item3.id]: item3,
+        },
+        bar: {
+          [item2.id]: item2,
+        },
+      },
+    })
+  })
+
+  it('works with added items', function () {
+    const item5 = {
+      id: '823b56c4-4b96-4f3a-9533-5d08177167ac',
+      group: 'baz',
+    }
+
+    col.add(item5)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byGroup: {
+          foo: {
+            [item1.id]: item1,
+            [item3.id]: item3,
+          },
+          bar: {
+            [item2.id]: item2,
+          },
+          baz: {
+            [item5.id]: item5,
+          },
+        },
+      })
+    })
+  })
+
+  it('works with updated items', function () {
+    const item1bis = {
+      id: item1.id,
+      group: 'bar',
+    }
+
+    col.update(item1bis)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byGroup: {
+          foo: {
+            [item3.id]: item3,
+          },
+          bar: {
+            [item1.id]: item1bis,
+            [item2.id]: item2,
+          },
+        },
+      })
+    })
+  })
+
+  it('works with removed items', function () {
+    col.remove(item2)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byGroup: {
+          foo: {
+            [item1.id]: item1,
+            [item3.id]: item3,
+          },
+          bar: {},
+        },
+      })
+    })
+  })
+
+  it('correctly updates the value even the same object has the same hash', function () {
+    const item1bis = {
+      id: item1.id,
+      group: item1.group,
+      newProp: true,
+    }
+
+    col.update(item1bis)
+
+    return eventToPromise(col, 'finish').then(() => {
+      expect(col.indexes).toEqual({
+        byGroup: {
+          foo: {
+            [item1.id]: item1bis,
+            [item3.id]: item3,
+          },
+          bar: {
+            [item2.id]: item2,
+          },
+        },
+      })
+    })
+  })
+
+  describe('#sweep()', function () {
+    it('removes empty items lists', function () {
+      col.remove(item2)
+
+      return waitTicks().then(() => {
+        byGroup.sweep()
+
+        expect(col.indexes).toEqual({
+          byGroup: {
+            foo: {
+              [item1.id]: item1,
+              [item3.id]: item3,
+            },
+          },
+        })
+      })
+    })
+  })
+})

packages/xo-collection/src/is-empty.js

@@ -0,0 +1,7 @@
+export default function isEmpty (object) {
+  /* eslint no-unused-vars: 0 */
+  for (const key in object) {
+    return false
+  }
+  return true
+}

packages/xo-collection/src/is-object.js

@@ -0,0 +1,3 @@
+export default function isObject (value) {
+  return (value !== null) && (typeof value === 'object')
+}

packages/xo-collection/src/not-implemented.js

@@ -0,0 +1,7 @@
+import {BaseError} from 'make-error'
+
+export default class NotImplemented extends BaseError {
+  constructor (message) {
+    super(message || 'this method is not implemented')
+  }
+}

packages/xo-collection/src/unique-index.js

@@ -0,0 +1,124 @@
+import { bind, iteratee } from 'lodash'
+
+import clearObject from './clear-object'
+import NotImplemented from './not-implemented'
+import {
+  ACTION_ADD,
+  ACTION_UPDATE,
+  ACTION_REMOVE,
+} from './collection'
+
+// ===================================================================
+
+export default class UniqueIndex {
+  constructor (computeHash) {
+    if (computeHash) {
+      this.computeHash = iteratee(computeHash)
+    }
+
+    this._itemByHash = Object.create(null)
+    this._keysToHash = Object.create(null)
+
+    // Bound versions of listeners.
+    this._onAdd = bind(this._onAdd, this)
+    this._onUpdate = bind(this._onUpdate, this)
+    this._onRemove = bind(this._onRemove, this)
+  }
+
+  // This method is used to compute the hash under which an item must
+  // be saved.
+  computeHash (value, key) {
+    throw new NotImplemented('this method must be overridden')
+  }
+
+  // -----------------------------------------------------------------
+
+  get items () {
+    return this._itemByHash
+  }
+
+  // -----------------------------------------------------------------
+
+  _attachCollection (collection) {
+    // Add existing entries.
+    //
+    // FIXME: I think there may be a race condition if the `add` event
+    // has not been emitted yet.
+    this._onAdd(collection.all)
+
+    collection.on(ACTION_ADD, this._onAdd)
+    collection.on(ACTION_UPDATE, this._onUpdate)
+    collection.on(ACTION_REMOVE, this._onRemove)
+  }
+
+  _detachCollection (collection) {
+    collection.removeListener(ACTION_ADD, this._onAdd)
+    collection.removeListener(ACTION_UPDATE, this._onUpdate)
+    collection.removeListener(ACTION_REMOVE, this._onRemove)
+
+    clearObject(this._itemByHash)
+    clearObject(this._keysToHash)
+  }
+
+  // -----------------------------------------------------------------
+
+  _onAdd (items) {
+    const {
+      computeHash,
+      _itemByHash: itemByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const value = items[key]
+
+      const hash = computeHash(value, key)
+
+      if (hash != null) {
+        itemByHash[hash] = value
+        keysToHash[key] = hash
+      }
+    }
+  }
+
+  _onUpdate (items) {
+    const {
+      computeHash,
+      _itemByHash: itemByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const value = items[key]
+
+      const prev = keysToHash[key]
+      const hash = computeHash(value, key)
+
+      // Removes item from the previous hash's list if any.
+      if (prev != null) delete itemByHash[prev]
+
+      // Inserts item into the new hash's list if any.
+      if (hash != null) {
+        itemByHash[hash] = value
+        keysToHash[key] = hash
+      } else {
+        delete keysToHash[key]
+      }
+    }
+  }
+
+  _onRemove (items) {
+    const {
+      _itemByHash: itemByHash,
+      _keysToHash: keysToHash,
+    } = this
+
+    for (const key in items) {
+      const prev = keysToHash[key]
+      if (prev != null) {
+        delete itemByHash[prev]
+        delete keysToHash[key]
+      }
+    }
+  }
+}

packages/xo-collection/src/unique-index.spec.js

@@ -0,0 +1,131 @@
+/* eslint-env jest */
+
+import eventToPromise from 'event-to-promise'
+import { forEach } from 'lodash'
+
+import Collection from './collection'
+import Index from './unique-index'
+
+// ===================================================================
+
+const waitTicks = (n = 2) => {
+  const {nextTick} = process
+
+  return new Promise(resolve => {
+    (function waitNextTick () {
+      // The first tick is handled by Promise#then()
+      if (--n) {
+        nextTick(waitNextTick)
+      } else {
+        resolve()
+      }
+    })()
+  })
+}
+
+// ===================================================================
+
+describe('UniqueIndex', function () {
+  let col, byKey
+  const item1 = {
+    id: '2ccb8a72-dc65-48e4-88fe-45ef541f2cba',
+    key: '036dee1b-9a3b-4fb5-be8a-4f535b355581',
+  }
+  const item2 = {
+    id: '7d21dc51-4da8-4538-a2e9-dd6f4784eb76',
+    key: '103cd893-d2cc-4d37-96fd-c259ad04c0d4',
+  }
+  const item3 = {
+    id: '668c1274-4442-44a6-b99a-512188e0bb09',
+  }
+
+  beforeEach(function () {
+    col = new Collection()
+    forEach([item1, item2, item3], item => {
+      col.add(item)
+    })
+
+    byKey = new Index('key')
+
+    col.createIndex('byKey', byKey)
+
+    return waitTicks()
+  })
+
+  it('works with existing items', function () {
+    expect(col.indexes).toEqual({
+      byKey: {
+        [item1.key]: item1,
+        [item2.key]: item2,
+      },
+    })
+  })
+
+  it('works with added items', function () {
+    const item4 = {
+      id: '823b56c4-4b96-4f3a-9533-5d08177167ac',
+      key: '1437af14-429a-40db-8a51-8a2f5ed03201',
+    }
+
+    col.add(item4)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byKey: {
+          [item1.key]: item1,
+          [item2.key]: item2,
+          [item4.key]: item4,
+        },
+      })
+    })
+  })
+
+  it('works with updated items', function () {
+    const item1bis = {
+      id: item1.id,
+      key: 'e03d4a3a-0331-4aca-97a2-016bbd43a29b',
+    }
+
+    col.update(item1bis)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byKey: {
+          [item1bis.key]: item1bis,
+          [item2.key]: item2,
+        },
+      })
+    })
+  })
+
+  it('works with removed items', function () {
+    col.remove(item2)
+
+    return waitTicks().then(() => {
+      expect(col.indexes).toEqual({
+        byKey: {
+          [item1.key]: item1,
+        },
+      })
+    })
+  })
+
+  it('correctly updates the value even the same object has the same hash', function () {
+    const item1bis = {
+      id: item1.id,
+      key: item1.key,
+      newProp: true,
+    }
+
+    col.update(item1bis)
+
+    return eventToPromise(col, 'finish').then(() => {
+      expect(col.indexes).toEqual({
+        byKey: {
+          [item1.key]: item1bis,
+          [item2.key]: item2,
+        },
+      })
+    })
+  })
+})

packages/xo-collection/src/view.example.js

@@ -0,0 +1,56 @@
+import { forEach } from 'lodash'
+
+import Collection from './collection'
+import View from './view'
+
+// ===================================================================
+
+// Create the collection.
+const users = new Collection()
+users.getKey = (user) => user.name
+
+// Inserts some data.
+users.add({
+  name: 'bob',
+})
+users.add({
+  name: 'clara',
+  active: true,
+})
+users.add({
+  name: 'ophelia',
+})
+users.add({
+  name: 'Steve',
+  active: true,
+})
+
+// -------------------------------------------------------------------
+
+// Create the view.
+const activeUsers = new View(users, 'active')
+
+// Register some event listeners to see the changes.
+activeUsers.on('add', users => {
+  forEach(users, (_, id) => {
+    console.log('+ active user:', id)
+  })
+})
+activeUsers.on('remove', users => {
+  forEach(users, (_, id) => {
+    console.log('- active user:', id)
+  })
+})
+
+// Make some changes in the future.
+setTimeout(function () {
+  console.log('-----')
+
+  users.set({
+    name: 'ophelia',
+    active: true,
+  })
+  users.set({
+    name: 'Steve',
+  })
+}, 10)

packages/xo-collection/src/view.js

@@ -0,0 +1,88 @@
+import { bind, forEach, iteratee as createCallback } from 'lodash'
+
+import Collection, {
+  ACTION_ADD,
+  ACTION_UPDATE,
+  ACTION_REMOVE,
+} from './collection'
+
+// ===================================================================
+
+export default class View extends Collection {
+  constructor (collection, predicate) {
+    super()
+
+    this._collection = collection
+    this._predicate = createCallback(predicate)
+
+    // Handles initial items.
+    this._onAdd(this._collection.all)
+
+    // Bound versions of listeners.
+    this._onAdd = bind(this._onAdd, this)
+    this._onUpdate = bind(this._onUpdate, this)
+    this._onRemove = bind(this._onRemove, this)
+
+    // Register listeners.
+    this._collection.on(ACTION_ADD, this._onAdd)
+    this._collection.on(ACTION_UPDATE, this._onUpdate)
+    this._collection.on(ACTION_REMOVE, this._onRemove)
+  }
+
+  // This method is necessary to free the memory of the view if its
+  // life span is shorter than the collection.
+  destroy () {
+    this._collection.removeListener(ACTION_ADD, this._onAdd)
+    this._collection.removeListener(ACTION_UPDATE, this._onUpdate)
+    this._collection.removeListener(ACTION_REMOVE, this._onRemove)
+  }
+
+  add () {
+    throw new Error('a view is read only')
+  }
+
+  clear () {
+    throw new Error('a view is read only')
+  }
+
+  set () {
+    throw new Error('a view is read only')
+  }
+
+  update () {
+    throw new Error('a view is read only')
+  }
+
+  _onAdd (items) {
+    const {_predicate: predicate} = this
+
+    forEach(items, (value, key) => {
+      if (predicate(value, key, this)) {
+        // super.add() cannot be used because the item may already be
+        // in the view if it was already present at the creation of
+        // the view and its event not already emitted.
+        super.set(key, value)
+      }
+    })
+  }
+
+  _onUpdate (items) {
+    const {_predicate: predicate} = this
+
+    forEach(items, (value, key) => {
+      if (predicate(value, key, this)) {
+        super.set(key, value)
+      } else if (super.has(key)) {
+        super.remove(key)
+      }
+    })
+  }
+
+  _onRemove (items) {
+    forEach(items, (value, key) => {
+      if (super.has(key)) {
+        super.remove(key)
+      }
+    })
+  }
+}

packages/xo-collection/unique-index.js

@@ -0,0 +1 @@
+module.exports = require('./dist/unique-index') // eslint-disable-line node/no-missing-require

packages/xo-collection/view.js

@@ -0,0 +1 @@
+module.exports = require('./dist/view') // eslint-disable-line node/no-missing-require

packages/xo-common/.npmignore

@@ -0,0 +1,10 @@
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map

packages/xo-common/README.md

@@ -0,0 +1,49 @@
+# xo-common [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> Code shared between [XO](https://xen-orchestra.com) server and clients
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-common):
+
+```
+> npm install --save xo-common
+```
+
+## Usage
+
+**TODO**
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+AGPL3 © [Vates SAS](https://vates.fr)

packages/xo-common/api-errors.js

@@ -0,0 +1 @@
+module.exports = require('./dist/api-errors') // eslint-disable-line node/no-missing-require

packages/xo-common/package.json

@@ -0,0 +1,65 @@
+{
+  "name": "xo-common",
+  "version": "0.1.1",
+  "license": "AGPL-3.0",
+  "description": "Code shared between [XO](https://xen-orchestra.com) server and clients",
+  "keywords": [],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-common",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@isonoe.net"
+  },
+  "preferGlobal": false,
+  "bin": {},
+  "files": [
+    "dist/",
+    "*.js"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.18.0",
+    "lodash": "^4.16.6",
+    "make-error": "^1.2.1"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "clean": "rimraf dist/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "yarn run clean",
+    "predev": "yarn run clean",
+    "prepublishOnly": "yarn run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "browsers": "> 1%",
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-common/src/api-errors.js

@@ -0,0 +1,166 @@
+import { BaseError } from 'make-error'
+import { isArray, iteratee } from 'lodash'
+
+class XoError extends BaseError {
+  constructor ({ code, message, data }) {
+    super(message)
+    this.code = code
+    this.data = data
+  }
+
+  toJsonRpcError () {
+    return {
+      message: this.message,
+      code: this.code,
+      data: this.data,
+    }
+  }
+}
+
+const create = (code, getProps) => {
+  const factory = (...args) => new XoError({ ...getProps(...args), code })
+  factory.is = (error, predicate) =>
+    error.code === code && iteratee(predicate)(error)
+
+  return factory
+}
+
+// =============================================================================
+
+export const notImplemented = create(0, () => ({
+  message: 'not implemented',
+}))
+
+export const noSuchObject = create(1, (id, type) => ({
+  data: { id, type },
+  message: 'no such object',
+}))
+
+export const unauthorized = create(2, () => ({
+  message: 'not authenticated or not enough permissions',
+}))
+
+export const invalidCredentials = create(3, () => ({
+  message: 'invalid credentials',
+}))
+
+// Deprecated alreadyAuthenticated (4)
+
+export const forbiddenOperation = create(5, (operation, reason) => ({
+  data: { operation, reason },
+  message: `forbidden operation: ${operation}`,
+}))
+
+// Deprecated GenericError (6)
+
+export const noHostsAvailable = create(7, () => ({
+  message: 'no hosts available',
+}))
+
+export const authenticationFailed = create(8, () => ({
+  message: 'authentication failed',
+}))
+
+export const serverUnreachable = create(9, objectId => ({
+  data: {
+    objectId,
+  },
+  message: 'server unreachable',
+}))
+
+export const invalidParameters = create(10, (message, errors) => {
+  if (isArray(message)) {
+    errors = message
+    message = undefined
+  }
+
+  return {
+    data: { errors },
+    message: message || 'invalid parameters',
+  }
+})
+
+export const vmMissingPvDrivers = create(11, ({ vm }) => ({
+  data: {
+    objectId: vm,
+  },
+  message: 'missing PV drivers',
+}))
+
+export const vmIsTemplate = create(12, ({ vm }) => ({
+  data: {
+    objectId: vm,
+  },
+  message: 'VM is a template',
+}))
+
+// TODO: We should probably create a more generic error which gathers all incorrect state errors.
+// e.g.:
+// incorrectState {
+//   data: {
+//     objectId: 'af43e227-3deb-4822-a79b-968825de72eb',
+//     property: 'power_state',
+//     actual: 'Running',
+//     expected: 'Halted'
+//   },
+//   message: 'incorrect state'
+// }
+export const vmBadPowerState = create(13, ({ vm, expected, actual }) => ({
+  data: {
+    objectId: vm,
+    expected,
+    actual,
+  },
+  message: `VM state is ${actual} but should be ${expected}`,
+}))
+
+export const vmLacksFeature = create(14, ({ vm, feature }) => ({
+  data: {
+    objectId: vm,
+    feature,
+  },
+  message: `VM lacks feature ${feature || ''}`,
+}))
+
+export const notSupportedDuringUpgrade = create(15, () => ({
+  message: 'not supported during upgrade',
+}))
+
+export const objectAlreadyExists = create(16, ({ objectId, objectType }) => ({
+  data: {
+    objectId,
+    objectType,
+  },
+  message: `${objectType || 'object'} already exists`,
+}))
+
+export const vdiInUse = create(17, ({ vdi, operation }) => ({
+  data: {
+    objectId: vdi,
+    operation,
+  },
+  message: 'VDI in use',
+}))
+
+export const hostOffline = create(18, ({ host }) => ({
+  data: {
+    objectId: host,
+  },
+  message: 'host offline',
+}))
+
+export const operationBlocked = create(19, ({ objectId, code }) => ({
+  data: {
+    objectId,
+    code,
+  },
+  message: 'operation blocked',
+}))
+
+export const patchPrecheckFailed = create(20, ({ errorType, patch }) => ({
+  data: {
+    objectId: patch,
+    errorType,
+  },
+  message: `patch precheck failed: ${errorType}`,
+}))

packages/xo-lib/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-lib/README.md

@@ -0,0 +1,168 @@
+# xo-lib [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> Library to connect to XO-Server.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-lib):
+
+```
+npm install --save xo-lib
+```
+
+Then require the package:
+
+```javascript
+import Xo from 'xo-lib'
+```
+
+## Usage
+
+> If the URL is not provided and the current environment is a web
+> browser, the location of the current page will be used.
+
+```javascript
+// Connect to XO.
+const xo = new Xo({ url: 'https://xo.company.tld' })
+
+// Let's start by opening the connection.
+await xo.open()
+
+// Must sign in before being able to call any methods (all calls will
+// be buffered until signed in).
+await xo.signIn({
+  email: 'admin@admin.net',
+  password: 'admin'
+})
+
+console('signed as', xo.user)
+```
+
+The credentials can also be passed directly to the constructor:
+
+```javascript
+const xo = Xo({
+  url: 'https://xo.company.tld',
+  credentials: {
+    email: 'admin@admin.net',
+    password: 'admin',
+  }
+})
+
+xo.open()
+
+xo.on('authenticated', () => {
+  console.log(xo.user)
+})
+```
+
+> If the URL is not provided and the current environment is a web
+> browser, the location of the current page will be used.
+
+### Connection
+
+```javascript
+await xo.open()
+
+console.log('connected')
+```
+
+### Disconnection
+
+```javascript
+xo.close()
+
+console.log('disconnected')
+```
+
+### Method call
+
+```javascript
+const token = await xo.call('token.create')
+
+console.log('Token created', token)
+```
+
+### Status
+
+The connection status is available through the status property which
+is *open*, *connecting* or *closed*.
+
+```javascript
+console.log('%s to xo-server', xo.status)
+```
+
+### Current user
+
+Information about the user account used to sign in is available
+through the `user` property.
+
+```javascript
+console.log('Current user is', xo.user)
+```
+
+> This property is null when the status is not connected.
+
+### Events
+
+```javascript
+xo.on('open', () => {
+  console.log('connected')
+})
+```
+
+```javascript
+xo.on('closed', () => {
+  console.log('disconnected')
+})
+```
+
+```javascript
+xo.on('notification', function (notif) {
+  console.log('notification:', notif.method, notif.params)
+})
+```
+
+```javascript
+xo.on('authenticated', () => {
+  console.log('authenticated as', xo.user)
+})
+
+xo.on('authenticationFailure', () => {
+  console.log('failed to authenticate')
+})
+```
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+ISC © [Vates SAS](http://vates.fr)

packages/xo-lib/example.js

@@ -0,0 +1,45 @@
+'use strict'
+
+process.on('unhandledRejection', function (error) {
+  console.log(error)
+})
+
+const Xo = require('./').default // eslint-disable-line node/no-missing-require
+
+const xo = new Xo({
+  url: 'localhost:9000',
+})
+
+xo.open().then(function () {
+  return xo.call('acl.get', {}).then(function (result) {
+    console.log('success:', result)
+  }).catch(function (error) {
+    console.log('failure:', error)
+  })
+}).then(function () {
+  return xo.signIn({
+    email: 'admin@admin.net',
+    password: 'admin',
+  }).then(function () {
+    console.log('connected as ', xo.user)
+  }).catch(function (error) {
+    console.log('failure:', error)
+  })
+}).then(function () {
+  return xo.signIn({
+    email: 'tom',
+    password: 'tom',
+  }).then(function () {
+    console.log('connected as', xo.user)
+
+    return xo.call('acl.get', {}).then(function (result) {
+      console.log('success:', result)
+    }).catch(function (error) {
+      console.log('failure:', error)
+    })
+  }).catch(function (error) {
+    console.log('failure', error)
+  })
+}).then(function () {
+  return xo.close()
+})

packages/xo-lib/package.json

@@ -0,0 +1,73 @@
+{
+  "name": "xo-lib",
+  "version": "0.9.0",
+  "license": "ISC",
+  "description": "Library to connect to XO-Server",
+  "keywords": [
+    "xen",
+    "orchestra",
+    "xen-orchestra"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-lib",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "jsonrpc-websocket-client": "^0.2.0",
+    "lodash": "^4.17.2",
+    "make-error": "^1.0.4"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build"
+  },
+  "babel": {
+    "env": {
+      "test": {
+        "ignore": null
+      }
+    },
+    "ignore": "*.spec.js",
+    "plugins": [
+      "lodash"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "browsers": "> 2%",
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-lib/src/index.js

@@ -0,0 +1,83 @@
+import JsonRpcWebSocketClient, {
+  OPEN,
+  CLOSED,
+} from 'jsonrpc-websocket-client'
+import { BaseError } from 'make-error'
+import { startsWith } from 'lodash'
+
+// ===================================================================
+
+const noop = () => {}
+
+// ===================================================================
+
+export class XoError extends BaseError {}
+
+// -------------------------------------------------------------------
+
+export default class Xo extends JsonRpcWebSocketClient {
+  constructor (opts) {
+    const url = opts != null ? opts.url : '.'
+    super(`${url === '/' ? '' : url}/api/`)
+
+    this._credentials = (opts != null ? opts.credentials : null)
+    this._user = null
+
+    this.on(OPEN, () => {
+      if (this._credentials) {
+        this._signIn(this._credentials).catch(noop)
+      }
+    })
+    this.on(CLOSED, () => {
+      this._user = null
+    })
+  }
+
+  get user () {
+    return this._user
+  }
+
+  call (method, args, i) {
+    if (startsWith(method, 'session.')) {
+      return Promise.reject(
+        new XoError('session.*() methods are disabled from this interface')
+      )
+    }
+
+    const promise = super.call(method, args)
+    promise.retry = (predicate) => promise.catch((error) => {
+      i = (i || 0) + 1
+      if (predicate(error, i)) {
+        return this.call(method, args, i)
+      }
+    })
+
+    return promise
+  }
+
+  refreshUser () {
+    return super.call('session.getUser').then(user => {
+      return (this._user = user)
+    })
+  }
+
+  signIn (credentials) {
+    // Register this credentials for future use.
+    this._credentials = credentials
+
+    return this._signIn(credentials)
+  }
+
+  _signIn (credentials) {
+    return super.call('session.signIn', credentials).then(
+      user => {
+        this._user = user
+        this.emit('authenticated')
+      },
+      error => {
+        this.emit('authenticationFailure', error)
+        throw error
+      }
+    )
+  }
+}

packages/xo-remote-parser/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-remote-parser/README.md

@@ -0,0 +1,49 @@
+# ${pkg.name} [![Build Status](https://travis-ci.org/${pkg.shortGitHubPath}.png?branch=master)](https://travis-ci.org/${pkg.shortGitHubPath})
+
+> ${pkg.description}
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/${pkg.name}):
+
+```
+> npm install --save ${pkg.name}
+```
+
+## Usage
+
+**TODO**
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](${pkg.bugs})
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+${pkg.license} © [${pkg.author.name}](${pkg.author.url})

packages/xo-remote-parser/package.json

@@ -0,0 +1,62 @@
+{
+  "name": "xo-remote-parser",
+  "version": "0.3.0",
+  "license": "AGPL-3.0",
+  "description": "",
+  "keywords": [],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-remote-parser",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Fabrice Marsaud",
+    "email": "fabrice.marsaud@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "lodash": "^4.13.1"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "deep-freeze": "^0.0.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "yarn run prebuild",
+    "prepublishOnly": "yarn run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "browsers": "> 5%",
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-remote-parser/src/index.js

@@ -0,0 +1,57 @@
+import filter from 'lodash/filter'
+import map from 'lodash/map'
+import trim from 'lodash/trim'
+import trimStart from 'lodash/trimStart'
+
+const sanitizePath = (...paths) => filter(map(paths, s => s && filter(map(s.split('/'), trim)).join('/'))).join('/')
+
+export const parse = string => {
+  const object = { }
+
+  const [type, rest] = string.split('://')
+  if (type === 'file') {
+    object.type = 'file'
+    object.path = `/${trimStart(rest, '/')}` // the leading slash has been forgotten on client side first implementation
+  } else if (type === 'nfs') {
+    object.type = 'nfs'
+    const [host, path] = rest.split(':')
+    object.host = host
+    object.path = `/${trimStart(path, '/')}` // takes care of a missing leading slash coming from previous version format
+  } else if (type === 'smb') {
+    object.type = 'smb'
+    const lastAtSign = rest.lastIndexOf('@')
+    const smb = rest.slice(lastAtSign + 1)
+    const auth = rest.slice(0, lastAtSign)
+    const firstColon = auth.indexOf(':')
+    const username = auth.slice(0, firstColon)
+    const password = auth.slice(firstColon + 1)
+    const [domain, sh] = smb.split('\\\\')
+    const [host, path] = sh.split('\0')
+    object.host = host
+    object.path = path
+    object.domain = domain
+    object.username = username
+    object.password = password
+  }
+  return object
+}
+
+export const format = ({type, host, path, username, password, domain}) => {
+  type === 'local' && (type = 'file')
+  let string = `${type}://`
+  if (type === 'nfs') {
+    string += `${host}:`
+  }
+  if (type === 'smb') {
+    string += `${username}:${password}@${domain}\\\\${host}`
+  }
+  path = sanitizePath(path)
+  if (type === 'smb') {
+    path = path.split('/')
+    path = '\0' + path.join('\\') // FIXME saving with the windows fashion \ was a bad idea :,(
+  } else {
+    path = `/${path}`
+  }
+  string += path
+  return string
+}

packages/xo-remote-parser/src/index.spec.js

@@ -0,0 +1,89 @@
+/* eslint-env jest */
+
+import deepFreeze from 'deep-freeze'
+
+import { parse, format } from './'
+
+// ===================================================================
+
+// Data used for both parse and format (i.e. correctly formatted).
+const data = deepFreeze({
+  file: {
+    string: 'file:///var/lib/xoa/backup',
+    object: {
+      type: 'file',
+      path: '/var/lib/xoa/backup',
+    },
+  },
+  SMB: {
+    string: 'smb://Administrator:pas:sw@ord@toto\\\\192.168.100.225\\smb\0',
+    object: {
+      type: 'smb',
+      host: '192.168.100.225\\smb',
+      path: '',
+      domain: 'toto',
+      username: 'Administrator',
+      password: 'pas:sw@ord',
+    },
+  },
+  NFS: {
+    string: 'nfs://192.168.100.225:/media/nfs',
+    object: {
+      type: 'nfs',
+      host: '192.168.100.225',
+      path: '/media/nfs',
+    },
+  },
+})
+
+const parseData = deepFreeze({
+  ...data,
+
+  'file with missing leading slash (#7)': {
+    string: 'file://var/lib/xoa/backup',
+    object: {
+      type: 'file',
+      path: '/var/lib/xoa/backup',
+    },
+  },
+  'nfs with missing leading slash': {
+    string: 'nfs://192.168.100.225:media/nfs',
+    object: {
+      type: 'nfs',
+      host: '192.168.100.225',
+      path: '/media/nfs',
+    },
+  },
+})
+
+const formatData = deepFreeze({
+  ...data,
+
+  'file with local type': {
+    string: 'file:///var/lib/xoa/backup',
+    object: {
+      type: 'local',
+      path: '/var/lib/xoa/backup',
+    },
+  },
+})
+
+// -------------------------------------------------------------------
+
+describe('format', () => {
+  for (const name in formatData) {
+    const datum = formatData[name]
+    it(name, () => {
+      expect(format(datum.object)).toBe(datum.string)
+    })
+  }
+})
+
+describe('parse', () => {
+  for (const name in parseData) {
+    const datum = parseData[name]
+    it(name, () => {
+      expect(parse(datum.string)).toEqual(datum.object)
+    })
+  }
+})

packages/xo-server-auth-github/.npmignore

@@ -0,0 +1,10 @@
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map

packages/xo-server-auth-github/README.md

@@ -0,0 +1,64 @@
+# xo-server-auth-github [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> GitHub authentication plugin for XO-Server
+
+This plugin allows GitHub users to authenticate to Xen-Orchestra.
+
+The first time a user signs in, XO will create a new XO user with the
+same identifier.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-server-auth-github):
+
+```
+> npm install --global xo-server-auth-github
+```
+
+## Usage
+
+> This plugin is based on [passport-github](https://github.com/jaredhanson/passport-github),
+> see [its documentation](https://github.com/jaredhanson/passport-github#configure-strategy)
+> for more information about the configuration.
+
+Like all other xo-server plugins, it can be configured directly via
+the web interface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
+
+![Registering XO instance in GitHub](github.png)
+
+## Development
+
+### Installing dependencies
+
+```
+> npm install
+```
+
+### Compilation
+
+The sources files are watched and automatically recompiled on changes.
+
+```
+> npm run dev
+```
+
+### Tests
+
+```
+> npm run test-dev
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+AGPL3 © [Vates SAS](http://vates.fr)

packages/xo-server-auth-github/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "xo-server-auth-github",
+  "version": "0.2.1",
+  "license": "AGPL-3.0",
+  "description": "GitHub authentication plugin for XO-Server",
+  "keywords": [
+    "xo-server",
+    "xo-server",
+    "authentication",
+    "github"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-server-auth-github",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@isonoe.net"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.11.6",
+    "passport-github": "^1.1.0"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-transform-runtime": "^6.15.0",
+    "babel-preset-env": "^1.6.1"
+  },
+  "scripts": {
+    "build": "NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "NODE_DEV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prepublishOnly": "yarn run build"
+  },
+  "babel": {
+    "plugins": [
+      "transform-runtime"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ]
+    ]
+  }
+}

packages/xo-server-auth-github/src/index.js

@@ -0,0 +1,44 @@
+import {Strategy} from 'passport-github'
+
+// ===================================================================
+
+export const configurationSchema = {
+  type: 'object',
+  properties: {
+    clientID: {
+      type: 'string',
+    },
+    clientSecret: {
+      type: 'string',
+    },
+  },
+  required: ['clientID', 'clientSecret'],
+}
+
+// ===================================================================
+
+class AuthGitHubXoPlugin {
+  constructor (xo) {
+    this._xo = xo
+  }
+
+  configure (conf) {
+    this._conf = conf
+  }
+
+  load () {
+    const {_xo: xo} = this
+
+    xo.registerPassportStrategy(new Strategy(this._conf, async (accessToken, refreshToken, profile, done) => {
+      try {
+        done(null, await xo.registerUser('github', profile.username))
+      } catch (error) {
+        done(error.message)
+      }
+    }))
+  }
+}
+
+// ===================================================================
+
+export default ({xo}) => new AuthGitHubXoPlugin(xo)

packages/xo-server-auth-google/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-server-auth-google/.travis.yml

@@ -0,0 +1,9 @@
+language: node_js
+node_js:
+  - stable
+  - 6
+  - 4
+
+# Use containers.
+# http://docs.travis-ci.com/user/workers/container-based-infrastructure/
+sudo: false

packages/xo-server-auth-google/README.md

@@ -0,0 +1,77 @@
+# xo-server-auth-google [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> Google authentication plugin for XO-Server
+
+This plugin allows Google users to authenticate to Xen-Orchestra.
+
+The first time a user signs in, XO will create a new XO user with the
+same identifier.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-server-auth-google):
+
+```
+> npm install --global xo-server-auth-google
+```
+
+## Usage
+
+> This plugin is based on [passport-google](https://google.com/jaredhanson/passport-google),
+> see [its documentation](https://google.com/jaredhanson/passport-google#configure-strategy)
+> for more information about the configuration.
+
+### Creating the Google project
+
+[Create a new project](https://console.developers.google.com/project):
+
+![](create-project.png)
+![](create-project-2.png)
+
+Enable the Google+ API:
+
+![](enable-google+-api.png)
+
+Add OAuth 2.0 credentials:
+
+![](add-oauth2-credentials.png)
+![](add-oauth2-credentials-2.png)
+
+### Add the plugin to XO-Server config
+
+Like all other xo-server plugins, it can be configured directly via
+the web iterface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xen-orchestra/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+AGPL3 © [Vates SAS](http://vates.fr)

packages/xo-server-auth-google/package.json

@@ -0,0 +1,77 @@
+{
+  "name": "xo-server-auth-google",
+  "version": "0.2.0",
+  "license": "AGPL-3.0",
+  "description": "Google authentication plugin for XO-Server",
+  "keywords": [
+    "authentication",
+    "google",
+    "orchestra",
+    "plugin",
+    "xen",
+    "xen-orchestra",
+    "xo-server"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-server-auth-google",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@isonoe.net"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {},
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.23.0",
+    "passport-google-oauth20": "^1.0.0"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.3.3",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.1.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build"
+  },
+  "babel": {
+    "env": {
+      "test": {
+        "ignore": null
+      }
+    },
+    "ignore": "*.spec.js",
+    "plugins": [
+      "transform-runtime",
+      "lodash"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-server-auth-google/src/index.js

@@ -0,0 +1,61 @@
+import { Strategy } from 'passport-google-oauth20'
+
+// ===================================================================
+
+export const configurationSchema = {
+  type: 'object',
+  properties: {
+    callbackURL: {
+      type: 'string',
+      description: 'Must be exactly the same as specified on the Google developer console.',
+    },
+    clientID: {
+      type: 'string',
+    },
+    clientSecret: {
+      type: 'string',
+    },
+    scope: {
+      default: 'https://www.googleapis.com/auth/plus.login',
+      description: 'Note that changing this value will break existing users.',
+      enum: [ 'https://www.googleapis.com/auth/plus.login', 'email' ],
+      enumNames: [ 'Google+ name', 'Simple email address' ],
+    },
+  },
+  required: ['callbackURL', 'clientID', 'clientSecret'],
+}
+
+// ===================================================================
+
+class AuthGoogleXoPlugin {
+  constructor ({ xo }) {
+    this._conf = null
+    this._xo = xo
+  }
+
+  configure (conf) {
+    this._conf = conf
+  }
+
+  load () {
+    const conf = this._conf
+    const xo = this._xo
+
+    xo.registerPassportStrategy(new Strategy(conf, async (accessToken, refreshToken, profile, done) => {
+      try {
+        done(null, await xo.registerUser(
+          'google',
+          conf.scope === 'email'
+            ? profile.emails[0].value
+            : profile.displayName
+        ))
+      } catch (error) {
+        done(error.message)
+      }
+    }))
+  }
+}
+
+// ===================================================================
+
+export default opts => new AuthGoogleXoPlugin(opts)

packages/xo-server-auth-ldap/.gitignore

@@ -0,0 +1 @@
+/ldap.cache.conf

packages/xo-server-auth-ldap/.npmignore

@@ -0,0 +1,24 @@
+/benchmark/
+/benchmarks/
+*.bench.js
+*.bench.js.map
+
+/examples/
+example.js
+example.js.map
+*.example.js
+*.example.js.map
+
+/fixture/
+/fixtures/
+*.fixture.js
+*.fixture.js.map
+*.fixtures.js
+*.fixtures.js.map
+
+/test/
+/tests/
+*.spec.js
+*.spec.js.map
+
+__snapshots__/

packages/xo-server-auth-ldap/README.md

@@ -0,0 +1,82 @@
+# xo-server-auth-ldap [![Build Status](https://travis-ci.org/vatesfr/xen-orchestra.png?branch=master)](https://travis-ci.org/vatesfr/xen-orchestra)
+
+> LDAP authentication plugin for XO-Server
+
+This plugin allows LDAP users to authenticate to Xen-Orchestra.
+
+The first time a user signs in, XO will create a new XO user with the
+same identifier.
+
+## Install
+
+Installation of the [npm package](https://npmjs.org/package/xo-server-auth-ldap):
+
+```
+> npm install --global xo-server-auth-ldap
+```
+
+## Usage
+
+Like all other xo-server plugins, it can be configured directly via
+the web interface, see [the plugin documentation](https://xen-orchestra.com/docs/plugins.html).
+
+If you have issues, you can use the provided CLI to gather more
+information:
+
+```
+> xo-server-auth-ldap
+? uri ldap://ldap.company.net
+? fill optional certificateAuthorities? No
+? fill optional checkCertificate? No
+? fill optional bind? No
+? base ou=people,dc=company,dc=net
+? fill optional filter? No
+configuration saved in ./ldap.cache.conf
+? Username john.smith
+? Password *****
+searching for entries...
+0 entries found
+could not authenticate john.smith
+```
+
+## Algorithm
+
+1. If `bind` is defined, attempt to bind using this user.
+2. Searches for the user in the directory starting from the `base`
+   with the defined `filter`.
+3. If found, a bind is attempted using the distinguished name of this
+   user and the provided password.
+
+## Development
+
+```
+# Install dependencies
+> npm install
+
+# Run the tests
+> npm test
+
+# Continuously compile
+> npm run dev
+
+# Continuously run the tests
+> npm run dev-test
+
+# Build for production (automatically called by npm install)
+> npm run build
+```
+
+## Contributions
+
+Contributions are *very* welcomed, either on the documentation or on
+the code.
+
+You may:
+
+- report any [issue](https://github.com/vatesfr/xo-web/issues)
+  you've encountered;
+- fork and create a pull request.
+
+## License
+
+AGPL3 © [Vates SAS](http://vates.fr)

packages/xo-server-auth-ldap/package.json

@@ -0,0 +1,77 @@
+{
+  "name": "xo-server-auth-ldap",
+  "version": "0.6.4",
+  "license": "AGPL-3.0",
+  "description": "LDAP authentication plugin for XO-Server",
+  "keywords": [
+    "ldap",
+    "orchestra",
+    "plugin",
+    "xen",
+    "xen-orchestra",
+    "xo-server"
+  ],
+  "homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/packages/xo-server-auth-ldap",
+  "bugs": "https://github.com/vatesfr/xo-web/issues",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/vatesfr/xen-orchestra.git"
+  },
+  "author": {
+    "name": "Julien Fontanet",
+    "email": "julien.fontanet@vates.fr"
+  },
+  "preferGlobal": false,
+  "main": "dist/",
+  "bin": {
+    "xo-server-auth-ldap": "dist/test-cli.js"
+  },
+  "files": [
+    "dist/"
+  ],
+  "engines": {
+    "node": ">=4"
+  },
+  "dependencies": {
+    "babel-runtime": "^6.22.0",
+    "event-to-promise": "^0.8.0",
+    "exec-promise": "^0.7.0",
+    "inquirer": "^4.0.1",
+    "ldapjs": "^1.0.1",
+    "lodash": "^4.17.4",
+    "promise-toolbox": "^0.9.5"
+  },
+  "devDependencies": {
+    "babel-cli": "^6.24.1",
+    "babel-plugin-lodash": "^3.3.2",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.5.2",
+    "babel-preset-stage-3": "^6.24.1",
+    "cross-env": "^5.0.1",
+    "rimraf": "^2.6.1"
+  },
+  "scripts": {
+    "build": "cross-env NODE_ENV=production babel --source-maps --out-dir=dist/ src/",
+    "dev": "cross-env NODE_ENV=development babel --watch --source-maps --out-dir=dist/ src/",
+    "prebuild": "rimraf dist/",
+    "predev": "npm run prebuild",
+    "prepublishOnly": "npm run build"
+  },
+  "babel": {
+    "plugins": [
+      "lodash",
+      "transform-runtime"
+    ],
+    "presets": [
+      [
+        "env",
+        {
+          "targets": {
+            "node": 4
+          }
+        }
+      ],
+      "stage-3"
+    ]
+  }
+}

packages/xo-server-auth-ldap/src/index.js

@@ -0,0 +1,249 @@
+/* eslint no-throw-literal: 0 */
+
+import eventToPromise from 'event-to-promise'
+import { bind, noop } from 'lodash'
+import { createClient } from 'ldapjs'
+import { escape } from 'ldapjs/lib/filters/escape'
+import { promisify } from 'promise-toolbox'
+import { readFile } from 'fs'
+
+// ===================================================================
+
+const VAR_RE = /\{\{([^}]+)\}\}/g
+const evalFilter = (filter, vars) => filter.replace(VAR_RE, (_, name) => {
+  const value = vars[name]
+
+  if (value === undefined) {
+    throw new Error('invalid variable: ' + name)
+  }
+
+  return escape(value)
+})
+
+export const configurationSchema = {
+  type: 'object',
+  properties: {
+    uri: {
+      description: 'URI of the LDAP server.',
+      type: 'string',
+    },
+    certificateAuthorities: {
+      description: `
+Paths to CA certificates to use when connecting to SSL-secured LDAP servers.
+
+If not specified, it will use a default set of well-known CAs.
+`.trim(),
+      type: 'array',
+      items: {
+        type: 'string',
+      },
+    },
+    checkCertificate: {
+      description: 'Enforce the validity of the server\'s certificates. You can disable it when connecting to servers that use a self-signed certificate.',
+      type: 'boolean',
+      default: true,
+    },
+    bind: {
+      description: 'Credentials to use before looking for the user record.',
+      type: 'object',
+      properties: {
+        dn: {
+          description: `
+Full distinguished name of the user permitted to search the LDAP directory for the user to authenticate.
+
+Example: uid=xoa-auth,ou=people,dc=company,dc=net
+
+For Microsoft Active Directory, it can also be \`<user>@<domain>\`.
+`.trim(),
+          type: 'string',
+        },
+        password: {
+          description: 'Password of the user permitted of search the LDAP directory.',
+          type: 'string',
+        },
+      },
+      required: ['dn', 'password'],
+    },
+    base: {
+      description: 'The base is the part of the description tree where the users are looked for.',
+      type: 'string',
+    },
+    filter: {
+      description: `
+Filter used to find the user.
+
+For Microsoft Active Directory, you can try one of the following filters:
+
+- \`(cn={{name}})\`
+- \`(sAMAccountName={{name}})\`
+- \`(sAMAccountName={{name}}@<domain>)\` (replace \`<domain>\` by your own domain)
+- \`(userPrincipalName={{name}})\`
+
+For LDAP if you want to filter for a special group you can try
+something like:
+
+- \`(&(uid={{name}})(memberOf=<group DN>))\`
+`.trim(),
+      type: 'string',
+      default: '(uid={{name}})',
+    },
+  },
+  required: ['uri', 'base'],
+}
+
+export const testSchema = {
+  type: 'object',
+  properties: {
+    username: {
+      description: 'LDAP username',
+      type: 'string',
+    },
+    password: {
+      description: 'LDAP password',
+      type: 'string',
+    },
+  },
+  required: ['username', 'password'],
+}
+
+// ===================================================================
+
+class AuthLdap {
+  constructor (xo) {
+    this._xo = xo
+
+    this._authenticate = bind(this._authenticate, this)
+  }
+
+  async configure (conf) {
+    const clientOpts = this._clientOpts = {
+      url: conf.uri,
+      maxConnections: 5,
+      tlsOptions: {},
+    }
+
+    {
+      const {
+        bind,
+        checkCertificate = true,
+        certificateAuthorities,
+      } = conf
+
+      if (bind) {
+        clientOpts.bindDN = bind.dn
+        clientOpts.bindCredentials = bind.password
+      }
+
+      const {tlsOptions} = clientOpts
+
+      tlsOptions.rejectUnauthorized = checkCertificate
+      if (certificateAuthorities) {
+        tlsOptions.ca = await Promise.all(
+          certificateAuthorities.map(path => readFile(path))
+        )
+      }
+    }
+
+    const {
+      bind: credentials,
+      base: searchBase,
+      filter: searchFilter = '(uid={{name}})',
+    } = conf
+
+    this._credentials = credentials
+    this._searchBase = searchBase
+    this._searchFilter = searchFilter
+  }
+
+  load () {
+    this._xo.registerAuthenticationProvider(this._authenticate)
+  }
+
+  unload () {
+    this._xo.unregisterAuthenticationProvider(this._authenticate)
+  }
+
+  test ({ username, password }) {
+    return this._authenticate({
+      username,
+      password,
+    }).then(result => {
+      if (result === null) {
+        throw new Error('could not authenticate user')
+      }
+    })
+  }
+
+  async _authenticate ({ username, password }, logger = noop) {
+    if (username === undefined || password === undefined) {
+      logger('require `username` and `password` to authenticate!')
+
+      return null
+    }
+
+    const client = createClient(this._clientOpts)
+
+    try {
+      // Promisify some methods.
+      const bind = promisify(client.bind, client)
+      const search = promisify(client.search, client)
+
+      await eventToPromise(client, 'connect')
+
+      // Bind if necessary.
+      {
+        const {_credentials: credentials} = this
+        if (credentials) {
+          logger(`attempting to bind with as ${credentials.dn}...`)
+          await bind(credentials.dn, credentials.password)
+          logger(`successfully bound as ${credentials.dn}`)
+        }
+      }
+
+      // Search for the user.
+      const entries = []
+      {
+        logger('searching for entries...')
+        const response = await search(this._searchBase, {
+          scope: 'sub',
+          filter: evalFilter(this._searchFilter, {
+            name: username,
+          }),
+        })
+
+        response.on('searchEntry', entry => {
+          logger('.')
+          entries.push(entry.json)
+        })
+
+        const {status} = await eventToPromise(response, 'end')
+        if (status) {
+          throw new Error('unexpected search response status: ' + status)
+        }
+
+        logger(`${entries.length} entries found`)
+      }
+
+      // Try to find an entry which can be bind with the given password.
+      for (const entry of entries) {
+        try {
+          logger(`attempting to bind as ${entry.objectName}`)
+          await bind(entry.objectName, password)
+          logger(`successfully bound as ${entry.objectName} => ${username} authenticated`)
+          return { username }
+        } catch (error) {
+          logger(`failed to bind as ${entry.objectName}: ${error.message}`)
+        }
+      }
+
+      logger(`could not authenticate ${username}`)
+      return null
+    } finally {
+      client.unbind()
+    }
+  }
+}
+
+// ===================================================================
+
+export default ({xo}) => new AuthLdap(xo)