valentin
/
accessGate
mirror of https://github.com/itsmrval/accessGate
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update server username for admin & user interface

pull/1/head
Valentin 2023-09-16 16:43:16 +02:00
parent a276e0f8ae
commit a7f1e63920
7 changed files with 129 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
routes/admin/accesses.route.js
View File

@ -5,6 +5,7 @@ accessesService = require("../../services/accesses.service");
var router = express.Router();
router.get('/:name/add/:server', (req, res) => {
try {
accessesService.addAccess(req.params.server, req.params.name).then((result) => {

4
routes/admin/servers.route.js
View File

@ -9,6 +9,8 @@ memberService = require("../../services/members.service");
serverService = require("../../services/server.service");
var router = express.Router();
const regexp_ip = /((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))/
const regex_space = /^\S*$/;
router.get("/", (req, res) => {
try {
@ -51,7 +53,7 @@ router.get("/", (req, res) => {
router.post("/add", (req, res) => {
try {
if (req.body.server_hostname && req.body.server_ip && req.body.server_multi && req.body.server_username) {
if (req.body.server_hostname && req.body.server_ip && req.body.server_multi && req.body.server_username && regexp_ip.test(req.body.server_ip) && regexp_space.test(req.body.server_hostname, req.body.server_username)) {
if (req.body.server_multi === 'true') {
req.body.server_username = "accessGateMultiuser"
}

45
routes/admin/users.route.js
View File

@ -10,6 +10,8 @@ userService = require("../../services/users.service");
var router = express.Router();
const regexp_space = /^\S*$/;
router.get("/",async (req, res) => {
try {
@ -138,4 +140,47 @@ router.post("/:id/addKey", (req, res) => {
})
router.post("/:id/update", (req, res) => {
try {
if (req.body.user_serveruser && regexp_space.test(req.body.user_serveruser)) {
User.findOne({ where: { id: req.params.id } }).then((user) => {
if (req.body.user_admin) {
user.admin = true
} else {
user.admin = false
}
user.serverUsername = req.body.user_serveruser
user.save()
res.redirect(url.format({
pathname:"/admin/users/"+req.params.id,
query: {
"alert": "✅ User " + user.login + " updated.",
"type": "success"
}
}));
})
} else {
res.redirect(url.format({
pathname:"/admin/users/"+req.params.id,
query: {
"alert": "⚠️ Missing or invalid arguments.",
"type": "warning"
}
}));
}
} catch(e) {
console.log(e)
res.redirect(url.format({
pathname:'/admin/users',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"type": "danger"
}
}));
}
})
module.exports = router;

45
routes/keys.route.js
View File

@ -1,11 +1,15 @@
const express = require('express');
const keyService = require("../services/keys.service");
const userService = require("../services/users.service");
const Key = require("../model/key.model");
const url = require("url");
var router = express.Router();
const regexp_space = /^\S*$/;
router.get('*', (req, res, next) => {
if (req.session.loggedin === true) {
next()
@ -16,7 +20,7 @@ router.get('*', (req, res, next) => {
router.post("/add", (req, res) => {
try {
if (req.body.key_content && req.body.key_name) {
if (req.body.key_content && req.body.key_name && regexp_space.test(req.body.key_content, req.body.key_name)) {
keyService.addKey(req.body.key_content, req.body.key_name, req.session.user.id).then((result) => {
res.redirect(url.format({
pathname:'/keys',
@ -40,7 +44,7 @@ router.post("/add", (req, res) => {
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"alert": "⚠️ An error occurred, ask your admin to check logs.",
"type": "danger"
}
}));
@ -48,8 +52,42 @@ router.post("/add", (req, res) => {
})
router.post("/username", (req, res) => {
try {
if (req.body.key_username && regexp_space.test(req.body.key_username)) {
userService.updateServerUser(req.session.user.login, req.query.key_username).then((result) => {
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "✅ Username updated.",
"type": "success"
}
}));
})
} else {
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ Missing or invalid arguments.",
"type": "warning"
}
}));
}
} catch(e) {
console.log(e)
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ An error occurred, ask your admin to check logs.",
"type": "danger"
}
}));
}
})
router.get("/delete/:key", (req, res) => {
try {
if (req.params.key && regexp_space.test(req.params.key)) {
keyService.delKey(req.params.key, req.session.user.id).then((result) => {
res.redirect(url.format({
pathname:'/keys',
@ -59,12 +97,13 @@ router.get("/delete/:key", (req, res) => {
}
}));
})
}
} catch(e) {
console.log(e)
res.redirect(url.format({
pathname:'/keys',
query: {
"alert": "⚠️ An error occured, ask your admin to check logs.",
"alert": "⚠️ An error occurred, ask your admin to check logs.",
"type": "danger"
}
}));

12
services/users.service.js
View File

@ -14,6 +14,17 @@ function makeAdmin(login) {
});
}
async function updateServerUser(login, serverUsername) {
User.findOne({ where: { login: login } }).then((result) => {
if (result) {
result.serverUsername = serverUsername;
result.save().then(() => {
console.log('user ' + result.login + ' updated')
});
}
})
}
async function delUser(id) {
User.findOne({where: { id: id}}).then((result) => {
@ -31,6 +42,7 @@ async function delUser(id) {
module.exports = {
makeAdmin,
updateServerUser,
delUser,
};

12
views/admin/user_edit.ejs
View File

@ -26,7 +26,7 @@
<% keys.forEach(function (key) { %>
<tr>
<td><%= key.name %></td>
<td><%= key.content %></td>
<td><textarea class="form-control" disabled><%= key.content %></textarea></td>
<td style="text-align: right;"><a class="btn btn-sm btn-danger" href="/admin/users/<%= user.id %>/deleteKey/<%= key.name %>"><i class="far fa-trash-alt"></i></button></td>
</tr>
<% }) %>
@ -46,23 +46,23 @@
</div>
</div>
</div>
<div class="card shadow col-md-6">
<div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Other</p>
</div>
<div class="card-body">
<div class="row">
<form method="POST" action="/admin/users/<%= user.id %>/updateRole/">
<form method="POST" action="/admin/users/<%= user.id %>/update/">
<div class="mb-3"><label class="form-label"><strong>Server user</strong></label><input class="form-control" type="text" value="<%= user.serverUsername %>" name="user_serveruser"></div>
<div class="mb-3">
<input type="checkbox" id="admin" name="admin" <% if (user.admin) {%> checked <% }%> />
<input type="checkbox" name="user_admin" <% if (user.admin) {%> checked <% }%> />
<label for="scales">Admin permissions</label>
</div>
<div class="mb-3"></div>
<div class="mb-3"><button class="btn btn-primary btn-sm" type="submit">Save</button></div>
</form>
</div>
</div>
</div>

17
views/keys.ejs
View File

@ -26,9 +26,7 @@
<% keys.forEach(function (key) { %>
<tr>
<td><%= key.name %></td>
<td><textarea class="form-control" disabled><%= key.content %></textarea></td>
<td style="text-align: right;"><a class="btn btn-sm btn-danger" href="/keys/delete/<%= key.name %>"><i class="far fa-trash-alt"></i></button></td>
</tr>
<% }) %>
@ -47,6 +45,21 @@
</div>
</div>
</div>
<div class="card shadow col-md-6">
<div class="card-header py-3">
<p class="text-primary m-0 fw-bold">Other</p>
</div>
<div class="card-body">
<div class="row">
<form method="POST" action="/keys/username">
<div class="mb-3"><label class="form-label"><strong>Server user</strong></label><input class="form-control" type="text" value="<%= session_user.serverUsername %>" name="key_username"></div>
<div class="mb-3"></div>
<div class="mb-3"><button class="btn btn-primary btn-sm" type="submit">Save</button></div>
</form>
</div>
</div>
</div>
</div>
</div>
<%- include('footer'); %>