update server username for admin & user interface

2023-09-16 16:43:16 +02:00 · 2023-09-16 16:43:16 +02:00 · a7f1e63920
parent a276e0f8ae
commit a7f1e63920
7 changed files with 129 additions and 17 deletions
--- a/routes/admin/accesses.route.js
+++ b/routes/admin/accesses.route.js
@ -5,6 +5,7 @@ accessesService = require("../../services/accesses.service");
 var router = express.Router();
 router.get('/:name/add/:server', (req, res) => {
    try {
        accessesService.addAccess(req.params.server, req.params.name).then((result) => {
--- a/routes/admin/servers.route.js
+++ b/routes/admin/servers.route.js
@ -9,6 +9,8 @@ memberService = require("../../services/members.service");
 serverService = require("../../services/server.service");
 var router = express.Router();
 const regexp_ip = /((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))/
 const regex_space = /^\S*$/;
 router.get("/", (req, res) => {
    try {
@ -51,7 +53,7 @@ router.get("/", (req, res) => {
 router.post("/add", (req, res) => {
    try {
-        if (req.body.server_hostname && req.body.server_ip && req.body.server_multi && req.body.server_username) {
+        if (req.body.server_hostname && req.body.server_ip && req.body.server_multi && req.body.server_username && regexp_ip.test(req.body.server_ip) && regexp_space.test(req.body.server_hostname, req.body.server_username)) {
            if (req.body.server_multi === 'true') {
                req.body.server_username = "accessGateMultiuser"
            }
--- a/routes/admin/users.route.js
+++ b/routes/admin/users.route.js
@ -10,6 +10,8 @@ userService = require("../../services/users.service");
 var router = express.Router();
 const regexp_space = /^\S*$/;
 router.get("/",async (req, res) => {
    try {
@ -138,4 +140,47 @@ router.post("/:id/addKey", (req, res) => {
 })
 router.post("/:id/update", (req, res) => {
    try {
        if (req.body.user_serveruser && regexp_space.test(req.body.user_serveruser)) {
            User.findOne({ where: { id: req.params.id } }).then((user) => {
                if (req.body.user_admin) {
                    user.admin = true
                } else {
                    user.admin = false
                }
                user.serverUsername = req.body.user_serveruser
                user.save()
                res.redirect(url.format({
                    pathname:"/admin/users/"+req.params.id,
                    query: {
                        "alert": "✅ User " + user.login + " updated.",
                        "type": "success"
                    }
                }));
            })
        } else {
            res.redirect(url.format({
                pathname:"/admin/users/"+req.params.id,
                query: {
                    "alert": "⚠️ Missing or invalid arguments.",
                    "type": "warning"
                }
            }));
        }
    } catch(e) {
        console.log(e)
        res.redirect(url.format({
            pathname:'/admin/users',
            query: {
                "alert": "⚠️ An error occured, ask your admin to check logs.",
                "type": "danger"
            }
        }));
    }
 })
 module.exports = router;
--- a/routes/keys.route.js
+++ b/routes/keys.route.js
@ -1,11 +1,15 @@
 const express = require('express');
 const keyService = require("../services/keys.service");
 const userService = require("../services/users.service");
 const Key = require("../model/key.model");
 const url = require("url");
 var router = express.Router();
 const regexp_space = /^\S*$/;
 router.get('*', (req, res, next) => {
    if (req.session.loggedin === true) {
        next()
@ -16,7 +20,7 @@ router.get('*', (req, res, next) => {
 router.post("/add", (req, res) => {
    try {
-        if (req.body.key_content && req.body.key_name) {
+        if (req.body.key_content && req.body.key_name && regexp_space.test(req.body.key_content, req.body.key_name)) {
            keyService.addKey(req.body.key_content, req.body.key_name, req.session.user.id).then((result) => {
                res.redirect(url.format({
                    pathname:'/keys',
@ -40,7 +44,7 @@ router.post("/add", (req, res) => {
        res.redirect(url.format({
            pathname:'/keys',
            query: {
-                "alert": "⚠️ An error occured, ask your admin to check logs.",
+                "alert": "⚠️ An error occurred, ask your admin to check logs.",
                "type": "danger"
            }
        }));
@ -48,8 +52,42 @@ router.post("/add", (req, res) => {
 })
 router.post("/username", (req, res) => {
    try {
        if (req.body.key_username && regexp_space.test(req.body.key_username)) {
            userService.updateServerUser(req.session.user.login, req.query.key_username).then((result) => {
                res.redirect(url.format({
                    pathname:'/keys',
                    query: {
                        "alert": "✅ Username updated.",
                        "type": "success"
                    }
                }));
            })
        } else {
            res.redirect(url.format({
                pathname:'/keys',
                query: {
                    "alert": "⚠️ Missing or invalid arguments.",
                    "type": "warning"
                }
            }));
        }
    } catch(e) {
        console.log(e)
        res.redirect(url.format({
            pathname:'/keys',
            query: {
                "alert": "⚠️ An error occurred, ask your admin to check logs.",
                "type": "danger"
            }
        }));
    }
 })
 router.get("/delete/:key", (req, res) => {
    try {
        if (req.params.key && regexp_space.test(req.params.key)) {
            keyService.delKey(req.params.key, req.session.user.id).then((result) => {
                res.redirect(url.format({
                    pathname:'/keys',
@ -59,12 +97,13 @@ router.get("/delete/:key", (req, res) => {
                    }
                }));
            })
        }
    } catch(e) {
        console.log(e)
        res.redirect(url.format({
            pathname:'/keys',
            query: {
-                "alert": "⚠️ An error occured, ask your admin to check logs.",
+                "alert": "⚠️ An error occurred, ask your admin to check logs.",
                "type": "danger"
            }
        }));
--- a/services/users.service.js
+++ b/services/users.service.js
@ -14,6 +14,17 @@ function makeAdmin(login) {
    });
 }
 async function updateServerUser(login, serverUsername) {
    User.findOne({ where: { login: login } }).then((result) => {
        if (result) {
            result.serverUsername = serverUsername;
            result.save().then(() => {
                console.log('user ' + result.login + ' updated')
            });
        }
    })
 }
 async function delUser(id) {
    User.findOne({where: { id: id}}).then((result) => {
@ -31,6 +42,7 @@ async function delUser(id) {
 module.exports = {
    makeAdmin,
    updateServerUser,
    delUser,
 };
--- a/views/admin/user_edit.ejs
+++ b/views/admin/user_edit.ejs
@ -26,7 +26,7 @@
                            <% keys.forEach(function (key) { %>
                                <tr>
                                    <td><%= key.name %></td>
-                                    <td><%= key.content %></td>
+                                    <td><textarea class="form-control" disabled><%= key.content %></textarea></td>
                                    <td style="text-align: right;"><a class="btn btn-sm btn-danger" href="/admin/users/<%= user.id %>/deleteKey/<%= key.name %>"><i class="far fa-trash-alt"></i></button></td>
                                </tr>
                            <% }) %>
@ -46,23 +46,23 @@
            </div>
        </div>
    </div>
    <div class="card shadow col-md-6">
        <div class="card-header py-3">
            <p class="text-primary m-0 fw-bold">Other</p>
        </div>
        <div class="card-body">
            <div class="row">
-                <form method="POST" action="/admin/users/<%= user.id %>/updateRole/">
+                <form method="POST" action="/admin/users/<%= user.id %>/update/">
                    <div class="mb-3"><label class="form-label"><strong>Server user</strong></label><input class="form-control" type="text" value="<%= user.serverUsername %>" name="user_serveruser"></div>
                    <div class="mb-3">
-                        <input type="checkbox" id="admin" name="admin" <% if (user.admin) {%> checked <% }%> />
+                        <input type="checkbox" name="user_admin" <% if (user.admin) {%> checked <% }%> />
                        <label for="scales">Admin permissions</label>
                    </div>
                    <div class="mb-3"></div>
                    <div class="mb-3"><button class="btn btn-primary btn-sm" type="submit">Save</button></div>
                </form>
            </div>
        </div>
    </div>
--- a/views/keys.ejs
+++ b/views/keys.ejs
@ -26,9 +26,7 @@
                                        <% keys.forEach(function (key) { %>
                                            <tr>
                                                <td><%= key.name %></td>
                                                <td><textarea class="form-control" disabled><%= key.content %></textarea></td>
                                                <td style="text-align: right;"><a class="btn btn-sm btn-danger" href="/keys/delete/<%= key.name %>"><i class="far fa-trash-alt"></i></button></td>
                                            </tr>
                                        <% }) %>
@ -47,6 +45,21 @@
                        </div>
                    </div>
                </div>
                <div class="card shadow col-md-6">
                    <div class="card-header py-3">
                        <p class="text-primary m-0 fw-bold">Other</p>
                    </div>
                    <div class="card-body">
                        <div class="row">
                            <form method="POST" action="/keys/username">
                                <div class="mb-3"><label class="form-label"><strong>Server user</strong></label><input class="form-control" type="text" value="<%= session_user.serverUsername %>" name="key_username"></div>
                                <div class="mb-3"></div>
                                <div class="mb-3"><button class="btn btn-primary btn-sm" type="submit">Save</button></div>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
        </div>
            <%- include('footer'); %>