feat: migrate meteor settings file to new places

meteor/server/__tests__/cronjobs.test.ts

@@ -73,7 +73,7 @@ import {
 	setupDefaultStudioEnvironment,
 } from '../../__mocks__/helpers/database'
 import { DBSegment } from '@sofie-automation/corelib/dist/dataModel/Segment'
-import { Settings } from '../Settings'
+import { DEFAULT_MAXIMUM_DATA_AGE } from '@sofie-automation/shared-lib/dist/core/constants'
 import { SofieIngestCacheType } from '@sofie-automation/corelib/dist/dataModel/SofieIngestDataCache'
 import { ObjectOverrideSetOp, ObjectWithOverrides } from '@sofie-automation/corelib/dist/settings/objectWithOverrides'
 import { PartInstance } from '@sofie-automation/corelib/dist/dataModel/PartInstance'
@@ -442,7 +442,7 @@ describe('cronjobs', () => {
 				clientAddress: '',
 				context: '',
 				method: '',
-				timestamp: lib.getCurrentTime() - Settings.maximumDataAge - 1000,
+				timestamp: lib.getCurrentTime() - DEFAULT_MAXIMUM_DATA_AGE - 1000,
 			})
 
 			await runCronjobs()
@@ -477,7 +477,7 @@ describe('cronjobs', () => {
 				type: SnapshotType.DEBUG,
 				version: '',
 				// Very old:
-				created: lib.getCurrentTime() - Settings.maximumDataAge - 1000,
+				created: lib.getCurrentTime() - DEFAULT_MAXIMUM_DATA_AGE - 1000,
 			})
 
 			await runCronjobs()

meteor/server/api/cleanup.ts

@@ -9,7 +9,9 @@ import {
 	getOrphanedPackageInfos,
 	removePackageInfos,
 } from './studio/lib'
-import { Settings } from '../Settings'
+import { getCoreSystemAsync } from '../coreSystem/collection'
+import { applyAndValidateOverrides } from '@sofie-automation/corelib/dist/settings/objectWithOverrides'
+import { DEFAULT_MAXIMUM_DATA_AGE } from '@sofie-automation/shared-lib/dist/core/constants'
 import { CollectionName } from '@sofie-automation/corelib/dist/dataModel/Collections'
 import {
 	BlueprintId,
@@ -81,6 +83,18 @@ export async function cleanupOldDataInner(actuallyCleanup = false): Promise<Coll
 		if (notAllowedReason) return `Could not run the cleanup function due to: ${notAllowedReason}`
 	}
 
+	const coreSystem = await getCoreSystemAsync()
+	const systemSettings = coreSystem && applyAndValidateOverrides(coreSystem.settingsWithOverrides).obj
+	// Guard against a misconfigured value (<= 0, NaN, Infinity) which would otherwise cause overly-aggressive
+	// purging of recent data. Fall back to the default in that case.
+	const configuredMaximumDataAge = systemSettings?.maximumDataAge
+	const maximumDataAge =
+		typeof configuredMaximumDataAge === 'number' &&
+		Number.isFinite(configuredMaximumDataAge) &&
+		configuredMaximumDataAge > 0
+			? configuredMaximumDataAge
+			: DEFAULT_MAXIMUM_DATA_AGE
+
 	const result: CollectionCleanupResult = {}
 	const addToResult = (collectionName: CollectionName, docsToRemove: number) => {
 		if (!result[collectionName]) {
@@ -275,7 +289,7 @@ export async function cleanupOldDataInner(actuallyCleanup = false): Promise<Coll
 					{
 						// Remove any from long running rundowns where they have long since expired:
 						reset: true,
-						'timings.plannedStoppedPlayback': { $lt: getCurrentTime() - Settings.maximumDataAge },
+						'timings.plannedStoppedPlayback': { $lt: getCurrentTime() - maximumDataAge },
 						'part._id': { $nin: partIds },
 					},
 				],
@@ -295,16 +309,13 @@ export async function cleanupOldDataInner(actuallyCleanup = false): Promise<Coll
 	// Evaluations
 	{
 		await removeByQuery(Evaluations, {
-			timestamp: { $lt: getCurrentTime() - Settings.maximumDataAge },
+			timestamp: { $lt: getCurrentTime() - maximumDataAge },
 		})
 	}
 	// ExternalMessageQueue
 	{
 		await removeByQuery(ExternalMessageQueue, {
-			$or: [
-				{ created: { $lt: getCurrentTime() - Settings.maximumDataAge } },
-				{ expires: { $lt: getCurrentTime() } },
-			],
+			$or: [{ created: { $lt: getCurrentTime() - maximumDataAge } }, { expires: { $lt: getCurrentTime() } }],
 		})
 	}
 	// PackageInfos
@@ -328,14 +339,14 @@ export async function cleanupOldDataInner(actuallyCleanup = false): Promise<Coll
 	// Snapshots
 	{
 		await removeByQuery(Snapshots, {
-			created: { $lt: getCurrentTime() - Settings.maximumDataAge },
+			created: { $lt: getCurrentTime() - maximumDataAge },
 		})
 	}
 
 	// UserActionsLog
 	{
 		await removeByQuery(UserActionsLog, {
-			timestamp: { $lt: getCurrentTime() - Settings.maximumDataAge },
+			timestamp: { $lt: getCurrentTime() - maximumDataAge },
 		})
 	}
 	// Workers

meteor/server/api/rest/koa.ts

@@ -13,6 +13,8 @@ import { logger } from '../../logging'
 import { PackageInfo } from '../../coreSystem'
 import { profiler } from '../profiler'
 import fs from 'fs/promises'
+import type { IExtendedSettings } from '@sofie-automation/meteor-lib/dist/Settings'
+import { ENABLE_HEADER_AUTH } from '../../security/auth'
 
 declare module 'http' {
 	interface IncomingMessage {
@@ -123,7 +125,10 @@ function getExtendedMeteorRuntimeConfig() {
 	return `window.__meteor_runtime_config__ = (${JSON.stringify({
 		// @ts-expect-error missing types for internal meteor detail
 		...__meteor_runtime_config__,
-		sofieVersionExtended: versionExtended,
+		...({
+			sofieVersionExtended: versionExtended,
+			enableHeaderAuth: ENABLE_HEADER_AUTH,
+		} satisfies IExtendedSettings),
 	})})`
 }
 

meteor/server/api/rest/v1/typeConversion.ts

@@ -427,6 +427,15 @@ export function studioSettingsFrom(apiStudioSettings: APIStudioSettings): Comple
 		shelfAdlibButtonSize: apiStudioSettings.shelfAdlibButtonSize ?? ShelfButtonSize.LARGE,
 		mockPieceContentStatus: apiStudioSettings.mockPieceContentStatus,
 		rundownGlobalPiecesPrepareTime: apiStudioSettings.rundownGlobalPiecesPrepareTime,
+		autoRewindLeavingSegment: apiStudioSettings.autoRewindLeavingSegment,
+		disableBlurBorder: apiStudioSettings.disableBlurBorder,
+		allowGrabbingTimeline: apiStudioSettings.allowGrabbingTimeline,
+		useCountdownToFreezeFrame: apiStudioSettings.useCountdownToFreezeFrame,
+		// defaultShelfDisplayOptions is intentionally not exposed through the REST API
+		defaultShelfDisplayOptions: undefined,
+		defaultDisplayDuration: apiStudioSettings.defaultDisplayDuration,
+		defaultTimeScale: apiStudioSettings.defaultTimeScale,
+		followOnAirSegmentsHistory: apiStudioSettings.followOnAirSegmentsHistory,
 	}
 }
 
@@ -456,6 +465,13 @@ export function APIStudioSettingsFrom(settings: IStudioSettings): Complete<APISt
 		shelfAdlibButtonSize: settings.shelfAdlibButtonSize,
 		mockPieceContentStatus: settings.mockPieceContentStatus,
 		rundownGlobalPiecesPrepareTime: settings.rundownGlobalPiecesPrepareTime,
+		autoRewindLeavingSegment: settings.autoRewindLeavingSegment,
+		disableBlurBorder: settings.disableBlurBorder,
+		allowGrabbingTimeline: settings.allowGrabbingTimeline,
+		useCountdownToFreezeFrame: settings.useCountdownToFreezeFrame,
+		defaultDisplayDuration: settings.defaultDisplayDuration,
+		defaultTimeScale: settings.defaultTimeScale,
+		followOnAirSegmentsHistory: settings.followOnAirSegmentsHistory,
 	}
 }
 

meteor/server/api/studio/api.ts

@@ -25,7 +25,12 @@ import { MethodContextAPI, MethodContext } from '../methodContext'
 import { wrapDefaultObject } from '@sofie-automation/corelib/dist/settings/objectWithOverrides'
 import { PeripheralDeviceId, StudioId } from '@sofie-automation/corelib/dist/dataModel/Ids'
 import { logger } from '../../logging'
-import { DEFAULT_MINIMUM_TAKE_SPAN } from '@sofie-automation/shared-lib/dist/core/constants'
+import {
+	DEFAULT_MINIMUM_TAKE_SPAN,
+	DEFAULT_DISPLAY_DURATION,
+	DEFAULT_SHELF_DISPLAY_OPTIONS,
+	DEFAULT_TIME_SCALE,
+} from '@sofie-automation/shared-lib/dist/core/constants'
 import { UserPermissions } from '@sofie-automation/meteor-lib/dist/userPermissions'
 import { assertConnectionHasOneOfPermissions } from '../../security/auth'
 import { ShelfButtonSize } from '@sofie-automation/shared-lib/dist/core/model/StudioSettings'
@@ -66,6 +71,14 @@ export async function insertStudioInner(newId?: StudioId): Promise<StudioId> {
 				enableBuckets: true,
 				enableEvaluationForm: true,
 				shelfAdlibButtonSize: ShelfButtonSize.LARGE,
+				autoRewindLeavingSegment: true,
+				disableBlurBorder: false,
+				allowGrabbingTimeline: true,
+				useCountdownToFreezeFrame: true,
+				defaultShelfDisplayOptions: DEFAULT_SHELF_DISPLAY_OPTIONS,
+				defaultDisplayDuration: DEFAULT_DISPLAY_DURATION,
+				defaultTimeScale: DEFAULT_TIME_SCALE,
+				followOnAirSegmentsHistory: 0,
 			}),
 			_rundownVersionHash: '',
 			routeSetsWithOverrides: wrapDefaultObject({}),

meteor/server/coreSystem/index.ts

@@ -2,6 +2,11 @@ import { SYSTEM_ID, GENESIS_SYSTEM_VERSION } from '@sofie-automation/meteor-lib/
 import { parseVersion } from '../systemStatus/semverUtils'
 import { getCurrentTime } from '../lib/lib'
 import { stringifyError } from '@sofie-automation/shared-lib/dist/lib/stringifyError'
+import {
+	DEFAULT_MAXIMUM_DATA_AGE,
+	DEFAULT_CONFIRM_KEY_CODE,
+	DEFAULT_POISON_KEY,
+} from '@sofie-automation/shared-lib/dist/core/constants'
 import { Meteor } from 'meteor/meteor'
 import { prepareMigration, runMigration } from '../migration/databaseMigration'
 import { CURRENT_SYSTEM_VERSION } from '../migration/currentSystemVersion'
@@ -79,6 +84,9 @@ async function initializeCoreSystem() {
 					heading: '',
 					message: '',
 				},
+				maximumDataAge: DEFAULT_MAXIMUM_DATA_AGE,
+				confirmKeyCode: DEFAULT_CONFIRM_KEY_CODE,
+				poisonKey: DEFAULT_POISON_KEY,
 			}),
 			lastBlueprintConfig: undefined,
 		})

meteor/server/lib/rest/v1/studios.ts

@@ -228,4 +228,11 @@ export interface APIStudioSettings {
 	shelfAdlibButtonSize?: Exclude<ShelfButtonSize, ShelfButtonSize.INHERIT>
 	mockPieceContentStatus?: boolean
 	rundownGlobalPiecesPrepareTime?: number
+	autoRewindLeavingSegment?: boolean
+	disableBlurBorder?: boolean
+	allowGrabbingTimeline?: boolean
+	useCountdownToFreezeFrame?: boolean
+	defaultDisplayDuration?: number
+	defaultTimeScale?: number
+	followOnAirSegmentsHistory?: number
 }

meteor/server/migration/1_40_0.ts

@@ -1,5 +1,5 @@
+import { Meteor } from 'meteor/meteor'
 import { addMigrationSteps } from './databaseMigration'
-import { Settings } from '../Settings'
 import { Studios } from '../collections'
 
 // Release 40 (Skipped)
@@ -36,7 +36,7 @@ interface ISettingsOld {
 		maxAllowedDiff: number
 	}
 }
-const OldSettings = Settings as Partial<ISettingsOld>
+const OldSettings = (Meteor.settings.public ?? {}) as Partial<ISettingsOld>
 const oldFrameRate = OldSettings.frameRate ?? 25
 
 export const addSteps = addMigrationSteps('1.40.0', [

meteor/server/migration/upgrades/system.ts

@@ -14,6 +14,11 @@ import { CoreSystemId } from '@sofie-automation/corelib/dist/dataModel/Ids'
 import { DEFAULT_CORE_TRIGGERS } from './defaultSystemActionTriggers'
 import { protectString } from '@sofie-automation/corelib/dist/protectedString'
 import { ICoreSystemSettings } from '@sofie-automation/shared-lib/dist/core/model/CoreSystemSettings'
+import {
+	DEFAULT_MAXIMUM_DATA_AGE,
+	DEFAULT_CONFIRM_KEY_CODE,
+	DEFAULT_POISON_KEY,
+} from '@sofie-automation/shared-lib/dist/core/constants'
 
 export async function runUpgradeForCoreSystem(coreSystemId: CoreSystemId): Promise<void> {
 	logger.info(`Running upgrade for CoreSystem`)
@@ -102,6 +107,9 @@ function generateDefaultSystemConfig(): BlueprintResultApplySystemConfig {
 				heading: '',
 				message: '',
 			},
+			maximumDataAge: DEFAULT_MAXIMUM_DATA_AGE,
+			confirmKeyCode: DEFAULT_CONFIRM_KEY_CODE,
+			poisonKey: DEFAULT_POISON_KEY,
 		},
 		triggeredActions: Object.values<IBlueprintTriggeredActions>(DEFAULT_CORE_TRIGGERS),
 	}

meteor/server/security/auth.ts

@@ -3,7 +3,6 @@ import {
 	USER_PERMISSIONS_HEADER,
 	UserPermissions,
 } from '@sofie-automation/meteor-lib/dist/userPermissions'
-import { Settings } from '../Settings'
 import { Meteor } from 'meteor/meteor'
 import Koa from 'koa'
 import { triggerWriteAccess } from './securityVerify'
@@ -12,8 +11,15 @@ import { CollectionName } from '@sofie-automation/corelib/dist/dataModel/Collect
 
 export type RequestCredentials = Meteor.Connection | Koa.ParameterizedContext
 
+/**
+ * Whether http-header based security measures are enabled.
+ * Configured via the `SOFIE_ENABLE_HEADER_AUTH` environment variable (`1` or `true` to enable).
+ */
+export const ENABLE_HEADER_AUTH =
+	process.env.SOFIE_ENABLE_HEADER_AUTH === '1' || process.env.SOFIE_ENABLE_HEADER_AUTH?.toLowerCase() === 'true'
+
 export function parseConnectionPermissions(conn: RequestCredentials): UserPermissions {
-	if (!Settings.enableHeaderAuth) {
+	if (!ENABLE_HEADER_AUTH) {
 		// If auth is disabled, return all permissions
 		return {
 			studio: true,
@@ -49,7 +55,7 @@ export function assertConnectionHasOneOfPermissions(
 	if (!conn) throw new Meteor.Error(403, 'Can only be invoked by clients')
 
 	// Skip if auth is disabled
-	if (!Settings.enableHeaderAuth) return
+	if (!ENABLE_HEADER_AUTH) return
 
 	const permissions = parseConnectionPermissions(conn)
 	for (const permission of allowedPermissions) {
@@ -70,7 +76,7 @@ export function checkHasOneOfPermissions(
 	triggerWriteAccess()
 
 	// Skip if auth is disabled
-	if (!Settings.enableHeaderAuth) return true
+	if (!ENABLE_HEADER_AUTH) return true
 
 	if (!permissions) throw new Meteor.Error(403, 'Permissions is null')