valentin
/
accessGate
mirror of https://github.com/itsmrval/accessGate
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

link between servers & groups, clean, bug fix

pull/1/head
Valentin PUCCETTI 2023-09-11 16:28:18 +02:00
parent a034396dbe
commit 221a4b24a0
19 changed files with 298 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
index.js
View File

@ -1,19 +1,19 @@
const { default: axios } = require("axios");
const express = require("express");
const app = express();
const session = require('express-session');
const databaseService = require('./services/database.service');
const bodyParser = require('body-parser');
const express = require("express");
const databaseService = require('./services/database.service');
require('dotenv').config()
userService = require("./services/users.service");
const groupService = require("./services/group.service");
const User = require('./model/user.model')
const Key = require('./model/key.model')
const {makeAdmin} = require("./services/users.service");
const Member = require("./model/member.model");
const Group = require("./model/group.model");
const app = express();
databaseService.sync().then(() => {
console.log("Database ready");
@ -76,10 +76,6 @@ app.get("/login", (req, res) => {
res.render('login')
});
try {
userService.makeAdmin(43043885)
} catch (e) {
}
app.use('/admin/', require('./routes/admin.route'));
app.use('/auth/', require('./routes/auth.route'));

20
model/access.model.js Normal file
View File

@ -0,0 +1,20 @@
const { Model, DataTypes} = require('sequelize');
const sequelize = require('../services/database.service');
class Access extends Model {}
Access.init({
serverHostname: {
type: DataTypes.STRING,
required: true,
},
groupName: {
type: DataTypes.INTEGER,
required: true,
}
}, {
sequelize,
modelName: 'access'
})
module.exports = Access;

2
model/server.model.js
View File

@ -7,6 +7,8 @@ Server.init({
hostname: {
type: DataTypes.STRING,
required: true,
unique: true,
primaryKey: true,
},
ip: {
type: DataTypes.STRING,

1
model/user.model.js
View File

@ -7,6 +7,7 @@ User.init({
id: {
type: DataTypes.INTEGER,
primaryKey: true,
unique: true,
required: true,
},
admin: {

2
routes/admin.route.js
View File

@ -1,5 +1,6 @@
const express = require('express');
const User = require("../model/user.model")
var router = express.Router();
router.use('*', (req, res, next) => {
@ -20,5 +21,6 @@ router.use('/users/', require('../routes/admin/users.route'));
router.use('/members/', require('../routes/admin/members.route'));
router.use('/groups/', require('../routes/admin/groups.route'));
router.use('/servers/', require('../routes/admin/servers.route'));
router.use('/accesses', require('../routes/admin/accesses.route'))
module.exports = router;

30
routes/admin/accesses.route.js Normal file
View File

@ -0,0 +1,30 @@
const express = require('express');
groupService = require("../../services/groups.service");
memberService = require("../../services/members.service");
accessesService = require("../../services/accesses.service");
var router = express.Router();
router.get('/:name/add/:server', (req, res) => {
try {
accessesService.addAccess(req.params.server, req.params.name).then((result) => {
res.redirect('/admin/groups/' + req.params.name)
});
} catch(e) {
console.log(e)
}
})
router.get('/:name/delete/:server', (req, res) => {
try {
accessesService.delAccess(req.params.server, req.params.name).then((result) => {
res.redirect('/admin/groups/' + req.params.name)
});
} catch(e) {
console.log(e)
}
})
module.exports = router;

20
routes/admin/groups.route.js
View File

@ -1,10 +1,13 @@
const express = require('express');
const User = require("../../model/user.model");
const Group = require("../../model/group.model");
groupService = require("../../services/group.service");
memberService = require("../../services/members.service");
var router = express.Router();
const Server = require("../../model/server.model");
groupService = require("../../services/groups.service");
memberService = require("../../services/members.service");
var router = express.Router();
router.get("/", (req, res) => {
try {
@ -52,7 +55,16 @@ router.get("/:name", async (req, res) => {
delete users[user]
}
}
res.render('admin/group_edit', { "group": group, "inGroup": result, "outGroup": users })
groupService.groupServerList(req.params.name).then((result2) => {
Server.findAll().then((servers) => {
for (server in servers) {
if (JSON.stringify(result2).includes(servers[server].dataValues.hostname)) {
delete servers[server]
}
}
res.render('admin/group_edit', { "group": group, "inGroup": result, "outGroup": users, "inServer": result2, "outServer": servers});
});
})
});
})
});

7
routes/admin/members.route.js
View File

@ -1,9 +1,8 @@
const express = require('express');
const User = require("../../model/user.model");
const Group = require("../../model/group.model");
groupService = require("../../services/group.service");
const Member = require("../../model/member.model");
groupService = require("../../services/groups.service");
memberService = require("../../services/members.service");
var router = express.Router();
router.get('/:name/add/:user', (req, res) => {

5
routes/admin/servers.route.js
View File

@ -1,9 +1,10 @@
const express = require('express');
const User = require("../../model/user.model");
const Group = require("../../model/group.model");
const Server = require("../../model/server.model");
memberService = require("../../services/members.service");
serverService = require("../../services/server.service");
var router = express.Router();

7
routes/admin/users.route.js
View File

@ -1,11 +1,12 @@
const express = require('express');
const User = require("../../model/user.model");
const Group = require("../../model/group.model");
const Key = require("../../model/key.model");
const keyService = require("../../services/keys.service");
groupService = require("../../services/group.service");
keyService = require("../../services/keys.service");
groupService = require("../../services/groups.service");
memberService = require("../../services/members.service");
userService = require("../../services/users.service");
var router = express.Router();

1
routes/keys.route.js
View File

@ -1,4 +1,5 @@
const express = require('express');
const keyService = require("../services/keys.service");
const Key = require("../model/key.model");

52
services/accesses.service.js Normal file
View File

@ -0,0 +1,52 @@
const Group = require("../model/group.model");
const Access = require("../model/access.model");
const Server = require("../model/server.model");
async function addAccess(serverHostname, groupName) {
Group.findOne({ where: { name: groupName} }).then((result) => {
if (result) {
Server.findOne({ where: { hostname: serverHostname } }).then((server) => {
if (server) {
Access.findOne({ where: { groupName: result.name, serverHostname: server.hostname } }).then((access) => {
if (!access) {
Access.create({
serverHostname: server.hostname,
groupName: result.name
}).then((access) => {
console.log('access added to database' + '(' + access.serverHostname + ',' + access.groupName + ')')
});
}
})
}
})
}
})
}
async function delAccess(serverHostname, groupName) {
Group.findOne({ where: { name: groupName} }).then((result) => {
if (result) {
Server.findOne({ where: { hostname: serverHostname } }).then((server) => {
if (user) {
Access.findOne({ where: { groupName: result.name, serverHostname: server.hostname } }).then((access) => {
if (access) {
access.destroy()
.then(() => {
console.log('access deleted from database' + '(' + access.serverHostname + ',' + access.groupName + ')')
});
}
})
}
})
}
})
}
module.exports = {
addAccess,
delAccess
};

46
services/group.service.js → services/groups.service.js
View File

@ -1,14 +1,18 @@
const Group = require('../model/group.model')
const Member = require('../model/member.model')
const regexp = /^\S*$/;
const User = require('../model/user.model')
const Server = require('../model/server.model')
const Access = require('../model/access.model')
const regexp_space = /^\S*$/;
async function addGroup(name) {
Group.findOne({where: { name: name}}).then((result) => {
if (result) {
return false;
} else {
if (name && regexp.test(name)) {
if (name && regexp_space.test(name)) {
Group.create({
name: name.toLowerCase(),
}).then((result) => {
@ -26,7 +30,7 @@ async function addGroup(name) {
async function delGroup(name) {
Group.findOne({where: { name: name}}).then((result) => {
if (result && regexp.test(name)) {
if (result && regexp_space.test(name)) {
result.destroy()
.then(() => {
console.log('group ' + result.name + ' added to database')
@ -37,6 +41,13 @@ async function delGroup(name) {
})
}
});
Access.findAll({where: { groupName: name}}).then((accesses) => {
for (x in accesses) {
accesses[x].destroy().then(() => {
console.log('access ' + accesses[x].userId + ' deleted from database')
})
}
});
});
} else {
return false;
@ -51,6 +62,8 @@ async function getGroupsWithMembers() {
return count
}
async function groupUserList(groupName) {
User.hasMany(Member);
Member.belongsTo(User);
@ -69,10 +82,35 @@ async function groupUserList(groupName) {
return result
};
async function groupServerList(groupName) {
Server.hasMany(Access);
Access.belongsTo(Server);
const servers = await Server.findAll({ include: Access });
var result = []
for (x in servers) {
try {
for (y in servers[x].dataValues.accesses) {
if (servers[x].dataValues.accesses[y].dataValues.groupName === groupName) {
result[x] = (servers[x].dataValues)
}
}
} catch (error) {
}}
return result
};
groupServerList('group1').then(
(result) => {
console.log(result)
}
)
module.exports = {
addGroup,
delGroup,
groupUserList,
getGroupsWithMembers
getGroupsWithMembers,
groupServerList
};

6
services/keys.service.js
View File

@ -1,13 +1,13 @@
const Key = require('../model/key.model')
const regexp = /^\S*$/;
const regexp_space = /^\S*$/;
async function addKey(content, name, idOwner) {
Key.findOne({where: { idOwner: idOwner, name: name}}).then((result) => {
if (result) {
return false;
} else {
if (content && name && idOwner && regexp.test(name, idOwner, content)) {
if (content && name && idOwner && regexp_space.test(name, idOwner, content)) {
Key.create({
idOwner: idOwner,
content: content,
@ -25,7 +25,7 @@ async function addKey(content, name, idOwner) {
async function delKey(name, idOwner) {
Key.findOne({where: { name: name, idOwner: idOwner}}).then((result) => {
if (result && regexp.test(name, idOwner)) {
if (result && regexp_space.test(name, idOwner)) {
result.destroy()
.then(() => {
console.log('key for ' + result.idOwner + ' deleted from database')

2
services/members.service.js
View File

@ -2,8 +2,6 @@ const Member = require('../model/member.model')
const Group = require("../model/group.model");
const User = require("../model/user.model");
const regexp = /^\S*$/;
async function addMember(userId, groupName) {
Group.findOne({ where: { name: groupName} }).then((result) => {
if (result) {

13
services/server.service.js
View File

@ -1,10 +1,8 @@
const Group = require('../model/group.model')
const Member = require('../model/member.model')
const User = require('../model/user.model')
const Server = require('../model/server.model')
const Access = require("../model/access.model");
const regexp_space = /^\S*$/;
const regexp_ip = /^((25[05]|2[04][09]|[01]?[09][09]?).(25[05]|2[04][09]|[01]?[09][09]?).(25[05]|2[04][09]|[01]?[09][09]?).(25[05]|2[04][09]|[01]?[09][09]?))|((([09A-Fa-f]{1,4}:){7}[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){6}:[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){5}:([09A-Fa-f]{1,4}:)?[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){4}:([09A-Fa-f]{1,4}:){0,2}[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){3}:([09A-Fa-f]{1,4}:){0,3}[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){2}:([09A-Fa-f]{1,4}:){0,4}[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){6}((b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b).){3}(b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b))|(([09A-Fa-f]{1,4}:){0,5}:((b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b).){3}(b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b))|(::([09A-Fa-f]{1,4}:){0,5}((b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b).){3}(b((25[05])|(1d{2})|(2[04]d)|(d{1,2}))b))|([09A-Fa-f]{1,4}::([09A-Fa-f]{1,4}:){0,5}[09A-Fa-f]{1,4})|(::([09A-Fa-f]{1,4}:){0,6}[09A-Fa-f]{1,4})|(([09A-Fa-f]{1,4}:){1,7}:))$/
const regexp_ip = /((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))/
async function addServer(hostname, ip, username) {
Server.findOne({where: { hostname: hostname}}).then((result) => {
@ -33,6 +31,13 @@ async function delServer(hostname) {
result.destroy()
.then(() => {
console.log('server ' + result.hostname + ' deleted from database')
Access.findAll({where: { serverHostname: hostname}}).then((accesses) => {
for (x in accesses) {
accesses[x].destroy().then(() => {
console.log('access ' + accesses[x].userId + ' deleted from database')
})
}
});
});
} else {
return false;

5
services/users.service.js
View File

@ -1,7 +1,6 @@
const User = require('../model/user.model')
const Key = require("../model/key.model");
const regexp = /^\S*$/;
const regexp_space = /^\S*$/;
async function userList(code) {
@ -22,7 +21,7 @@ function makeAdmin(userId) {
async function delUser(id) {
User.findOne({where: { id: id}}).then((result) => {
if (result && regexp.test(id)) {
if (result && regexp_space.test(id)) {
result.destroy()
.then(() => {
console.log('user ' + id + ' deleted from database')

108
views/admin/group_edit.ejs
View File

@ -3,9 +3,8 @@
<h3 class="text-dark mb-4"><a style="text-decoration: none" href="/admin/groups">Groups</a> / <%= group.name %></h3>
<div class="card shadow mb-5">
<div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Group editing</p>
<p class="text-primary m-0 fw-bold">User access</p>
</div>
<form method="POST" action="/keys/add/">
<div class="card-body">
<div class="row">
<div class="col-md-6">
@ -15,14 +14,10 @@
<option value="all" selected="">all</option>
</select>&nbsp;</label></div>
</div>
<div class="col-md-6">
<div class="text-md-end dataTables_filter" id="dataTable_filter"><label class="form-label">
<input type="search" class="form-control form-control-sm" id="tableInput" onkeyup="tableSearch()" aria-controls="dataTable" placeholder="Search"></label>
</div>
</div>
</div>
<div class="table-responsive table mt-2" id="dataTable" role="grid" aria-describedby="dataTable_info">
<table class="table my-0" id="tableEnabled">
<div class="table-responsive table mt-2" id="dataTable1" role="grid" aria-describedby="dataTable_info">
<table class="table my-0" id="tableEnabled1">
<thead>
<tr>
<th>Username</th>
@ -46,21 +41,14 @@
</div>
</div>
<div class="col-md-6">
<div class="row">
<div class="col-md-6 text-nowrap">
<div id="dataTable_length" class="dataTables_length" aria-controls="dataTable"><label class="form-label">Show&nbsp;<select class="d-inline-block form-select form-select-sm">
<option value="all" selected="">all</option>
</select>&nbsp;</label></div>
</div>
<div class="col-md-6">
<div class="col-md-6" >
<div class="row" >
<div class="text-md-end dataTables_filter" id="dataTable_filter"><label class="form-label">
<input type="search" class="form-control form-control-sm" id="tableInput" onkeyup="tableSearch()" aria-controls="dataTable" placeholder="Search"></label>
<input type="search" class="form-control form-control-sm" id="tableInput1" onkeyup="tableSearch(1)" aria-controls="dataTable" placeholder="Search"></label>
</div>
</div>
</div>
<div class="table-responsive table mt-2" id="dataTable" role="grid" aria-describedby="dataTable_info">
<table class="table my-0" id="tableEnabled">
<div class="table-responsive table mt-2" role="grid" >
<table class="table my-0">
<thead>
<tr>
<th>username</th>
@ -86,7 +74,83 @@
</div>
</div>
</div>
</form>
</div>
<div class="card shadow mb-5">
<div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Server linked</p>
</div>
<div class="card-body">
<div class="row">
<div class="col-md-6">
<div class="row">
<div class="col-md-6 text-nowrap">
<div id="dataTable_length" class="dataTables_length" aria-controls="dataTable"><label class="form-label">Show&nbsp;<select class="d-inline-block form-select form-select-sm">
<option value="all" selected="">all</option>
</select>&nbsp;</label></div>
</div>
</div>
<div class="table-responsive table mt-2" id="dataTable" role="grid" aria-describedby="dataTable_info">
<table class="table my-0" id="tableEnabled2">
<thead>
<tr>
<th>hostname</th>
<th>ip</th>
<th>user</th>
<th></th>
</tr>
</thead>
<tbody>
<% outServer.forEach(function (access) { %>
<tr>
<td><%= access.hostname %></td>
<td><%= access.ip %></td>
<td><%= access.user %></td>
<td style="text-align: right;"><a class="btn btn-sm btn-success" href="/admin/accesses/<%= group.name %>/add/<%= access.hostname %>"><i class="fas fa-plus text-white"></i></a></td>
</tr>
<% }) %>
</tbody>
<tfoot>
<tr></tr>
</tfoot>
</table>
</div>
</div>
<div class="col-md-6">
<div class="row">
<div class="text-md-end dataTables_filter" id="dataTable_filter"><label class="form-label">
<input type="search" class="form-control form-control-sm" id="tableInput2" onkeyup="tableSearch(2)" aria-controls="dataTable" placeholder="Search"></label>
</div>
<div class="table-responsive table mt-2" id="dataTable2" role="grid" aria-describedby="dataTable_info">
<table class="table my-0" id="tableEnabled">
<thead>
<tr>
<th>hostname</th>
<th>ip</th>
<th>user</th>
<th></th>
</tr>
</thead>
<tbody>
<% inServer.forEach(function (access) { %>
<tr>
<td><%= access.hostname %></td>
<td><%= access.ip %></td>
<td><%= access.user %></td>
<td style="text-align: right;"><a class="btn btn-sm btn-danger" href="/admin/accesses/<%= group.name %>/delete/<%= access.hostname %>"><i class="far fa-trash-alt"></i></a></td>
</tr>
<% }) %>
</tbody>
<tfoot>
<tr></tr>
</tfoot>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
</div>

7
views/footer.ejs
View File

@ -9,11 +9,11 @@
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js"></script>
<script src="/static/assets/js/script.min.js"></script>
<script>
function tableSearch() {
function tableSearch(int) {
var input, filter, table, tr, td, i, txtValue;
input = document.getElementById("tableInput");
input = document.getElementById("tableInput" + int);
filter = input.value.toUpperCase();
table = document.getElementById("tableEnabled");
table = document.getElementById("tableEnabled" + int);
tr = table.getElementsByTagName("tr");
for (i = 0; i < tr.length; i++) {
td = tr[i].getElementsByTagName("td")[0];
@ -27,6 +27,7 @@
}
}
}
</script>
</body>
</html>