zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial work on wtv-admin features

Browse Source
This commit is contained in:
zefie
2022-10-07 19:31:05 -04:00
parent dae6637e8e
commit 86d8a09688
15 changed files with 891 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
zefie_wtvp_minisrv/ServiceVault/wtv-admin/admin.js Normal file
View File

@@ -0,0 +1,94 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
headers = "200 OK\r\nContent-Type: text/html";
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-tricks:/images/Favorites_bg.jpg">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<font size="-1">
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<tr>
<td width=170><a href="wtv-tricks:/tricks">Standard Tricks</a>
<td width=10>
<td><a href="wtv-admin:/findaccount">Account Lookup</a>
<tr>
<td colspan=3 height=6>
<tr>
<td><a href="wtv-admin:/ban">Ban an SSID</a>
<td width = 10>
<td><a href="wtv-admin:/deleteaccount">Delete an Account</a>
<tr>
<td colspan=3 height=6>
<tr>
<td><a href="wtv-admin:/unban">Unban an SSID</a>
<td width = 10>
<td><a href="wtv-admin:/deleteuser">Delete User from Account</a>
<tr>
<td colspan=3 height=6>
<tr>
<td><strike><a href="wtv-admin:/whitelist">Whitelist an SSID</a></strike>
<td width = 10>
<td><strike><a href="wtv-admin:/removeuserpasswd">Remove Pass from User </a></strike>
<tr>
<td colspan=3 height=6>
<tr>
<td><strike><a href="wtv-admin:/addadmin">Grant Admin to SSID</a></strike>
<td width = 10>
<td><strike><a href="wtv-admin:/deladmin">Revoke Admin from SSID</a></strike>
<tr>
<td colspan=3 height=6>
<tr>
<td><!-- TODO -->
<td width = 10>
<td><!-- TODO -->
<tr>
<td colspan=3 height=6>
<tr>
<td><!-- TODO -->
<td width = 10>
<td><!-- TODO -->
<tr>
<td colspan=3 height=6>
<tr>
<td><!-- TODO -->
<td width = 10>
<td>
<!-- TODO -->
<td width = 10>
</table>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}

94
zefie_wtvp_minisrv/ServiceVault/wtv-admin/ban.js Normal file
View File

@@ -0,0 +1,94 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
if (request_headers.query.ssid) {
var ssid = request_headers.query.ssid.toLowerCase();
if (ssid == socket.ssid) {
var nobanself = true;
} else {
var fake_config = wtvshared.getUserConfig();
if (!fake_config.config) fake_config.config = {};
if (!fake_config.config.ssid_block_list) fake_config.config.ssid_block_list = [];
var entry_exists = false;
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
if (fake_config.config.ssid_block_list[k] == ssid) {
entry_exists = true;
}
});
if (!entry_exists) {
fake_config.config.ssid_block_list.push(ssid);
wtvshared.writeToUserConfig(fake_config);
reloadConfig();
}
}
}
headers = `200 OK
Content-Type: text/html
wtv-expire-all: wtv-admin:/ban`;
if (ssid) {
headers += "\nwtv-noback-all: wtv-admin:/ban";
}
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-admin:/images/nuke.gif">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<h3>Ban an SSID</h3>
<form action="wtv-admin:/ban" method="POST">
<input type="text" name="ssid" value="${(ssid) ? ssid : ""}">
<input type="submit" value="Ban SSID">
</form><br><br>`
if (request_headers.query.ssid) {
if (nobanself) {
data += "<strong>Cannot ban yourself.</strong>"
} else {
if (entry_exists) {
data += "<strong>SSID " + request_headers.query.ssid + " is already in the ban list.</strong><br><br>";
} else {
data += "<strong>SSID " + request_headers.query.ssid + " added to the ban list.</strong><br><br>";
}
}
}
data += `
<br>
<br>
<tr>
</table>
<p align="right">
<a href="client:goback">Go Back</a>
</p>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}

112
zefie_wtvp_minisrv/ServiceVault/wtv-admin/deleteaccount.js Normal file
View File

@@ -0,0 +1,112 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
if (request_headers.query.ssid) {
var ssid_match = false;
var ssid = request_headers.query.ssid.toLowerCase();
var user_info = wtva.getAccountInfoBySSID(ssid);
if (request_headers.query.confirm_delete) {
user_info = null;
if (ssid == socket.ssid) {
ssid_match = true;
} else {
// delete
var userAccount = wtva.getAccountBySSID(ssid);
userAccount.unregisterBox();
}
}
}
headers = `200 OK
Content-Type: text/html
wtv-expire-all: wtv-admin:/deleteaccount
wtv-noback-all: wtv-admin:/deleteaccount`;
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-admin:/images/nuke.gif">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<h3>Delete an Account</h3>
<form action="wtv-admin:/deleteaccount" method="POST">
<input type="text" name="ssid" value="${(ssid) ? ssid : ""}"> &nbsp; <input type="submit" value="Look Up SSID">
</form><br><br>`
if (ssid) {
if (user_info) {
data += `
<strong>User Information:</strong>
<table border=1 cellpadding=3 width=400>
<tr><td>Username:</td><td>${user_info.username} (User ID: ${user_info.user_id})</td></tr>
<tr><td>SSID:</td><td>${user_info.ssid}</td></tr>`;
if (user_info.account_users) {
data += `<tr><td>Primary User:</td><td>${user_info.account_users['subscriber'].subscriber_username}</td></tr>`;
if (Object.keys(user_info.account_users).length > 1) {
data += `<tr><td>Additional Users:</td><td>`;
Object.keys(user_info.account_users).forEach(function (k) {
if (k == "subscriber") return;
data += user_info.account_users[k].subscriber_username + "<br>";
})
data += `</td></tr>`
}
}
data += `
<tr>
<td border=0 colspan=2 align=right>
<form action="wtv-admin:/deleteaccount" method="POST">
<input type="hidden" name="ssid" value="${user_info.ssid}">
<input type="hidden" name="confirm_delete" value="true">
<input type="submit" value="Confirm Delete">
</form>
</td>
</tr>
`
data += `</table>`;
} else if (request_headers.query.confirm_delete && ssid_match) {
data += `<strong>Cannot delete yourself in this manner.<br>Try ${minisrv_config.config.service_name} Tricks Unregister.</strong><br><br>`;
} else if (request_headers.query.confirm_delete) {
data += "<strong>Account for SSID \"" + ssid + "\" has been deleted.</strong><br><br>";
} else {
data += "<strong>Could not find an account for SSID \"" + ssid + "\"</strong><br><br>";
}
}
data += `
<br>
<br>
<tr>
</table>
<p align="right">
<a href="client:goback">Go Back</a>
</p>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}

118
zefie_wtvp_minisrv/ServiceVault/wtv-admin/deleteuser.js Normal file
View File

@@ -0,0 +1,118 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
if (request_headers.query.username) {
var show_cannot_modify_self = false;
var show_cannot_remove_primary = false;
var show_box_was_unregistered = false;
var user_info = wtva.getAccountInfo(request_headers.query.username.toLowerCase()); // username search
if (user_info) {
if (user_info.ssid == socket.ssid) {
show_cannot_modify_self = true;
}
if (request_headers.query.confirm_delete) {
if (!show_cannot_modify_self) {
// delete
var userAccount = wtva.getAccountBySSID(user_info.ssid);
userAccount.switchUserID(0, false, false);
var userCount = Object.keys(user_info.account_users).length;
if (user_info.user_id === 0) {
show_cannot_remove_primary = true;
} else {
var result = userAccount.removeUser(user_info.user_id);
}
}
}
}
}
headers = `200 OK
Content-Type: text/html
wtv-expire-all: wtv-admin:/deleteuser
wtv-noback-all: wtv-admin:/deleteuser`;
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-admin:/images/nuke.gif">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<h3>Delete a user from an account</h3>
<form action="wtv-admin:/deleteuser" method="POST">
<input type="text" name="username" value="${(request_headers.query.username) ? request_headers.query.username : ""}"> &nbsp; <input type="submit" value="Look Up User">
</form><br><br>`
if (request_headers.query.username) {
if (user_info && !request_headers.query.confirm_delete) {
data += `
<strong>User Information:</strong>
<table border=1 cellpadding=3 width=400>
<tr><td>Username:</td><td>${user_info.username} (User ID: ${user_info.user_id})</td></tr>
<tr><td>SSID:</td><td>${user_info.ssid}</td></tr>`;
if (user_info.account_users) {
data += `<tr><td>Primary User:</td><td>${user_info.account_users['subscriber'].subscriber_username}</td></tr>`;
}
data += `
<tr>
<td border=0 colspan=2 align=right>
<form action="wtv-admin:/deleteuser" method="POST">
<input type="hidden" name="username" value="${user_info.username}">
<input type="hidden" name="confirm_delete" value="true">
<input type="submit" value="Confirm Delete">
</form>
</td>
</tr>
`
data += `</table>`;
} else if (request_headers.query.confirm_delete && show_cannot_modify_self) {
data += `<strong>Cannot modify your account in this manner.<br>Try <a href="wtv-setup:/remove-users">wtv-setup</a>.</strong><br><br>`;
} else if (request_headers.query.confirm_delete && show_cannot_remove_primary) {
data += `<strong>Cannot delete a primary user in this manner.<br>Try <a href="wtv-admin:/deleteaccount?ssid=${user_info.ssid}">deleting the account</a>.<br><br>`;
} else if (request_headers.query.confirm_delete && show_box_was_unregistered) {
data += `<strong>Account for "${user_info.username}" was deleted, and SSID ${user_info.ssid} unregistered, as it was the only user.<br><br>`;
} else if (request_headers.query.confirm_delete) {
if (result) data += `<strong>User "${user_info.username}" has been deleted from account belonging to SSID ${user_info.ssid}.</strong><br><br>`;
else data += `<strong>Could not delete "${user_info.username}" from SSID ${user_info.ssid}.</strong><br><br>`;
} else {
data += "<strong>Could not find an account for user \"" + request_headers.query.username + "\"</strong><br><br>";
}
}
data += `
<br>
<br>
<tr>
</table>
<p align="right">
<a href="client:goback">Go Back</a>
</p>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}

97
zefie_wtvp_minisrv/ServiceVault/wtv-admin/findaccount.js Normal file
View File

@@ -0,0 +1,97 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
if (request_headers.query.username) {
var user_info = wtva.getAccountInfo(request_headers.query.username.toLowerCase()); // username search
if (!user_info) user_info = wtva.getAccountInfoBySSID(request_headers.query.username.toLowerCase()); // ssid search
}
headers = `200 OK
Content-Type: text/html
wtv-expire-all: wtv-admin:/findaccount
wtv-noback-all: wtv-admin:/findaccount`;
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-tricks:/images/Favorites_bg.jpg">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<h3>Account Lookup</h3>
<form action="wtv-admin:/findaccount" method="POST">
<input type="text" name="username" value="${(request_headers.query.username) ? request_headers.query.username : ""}"> &nbsp; <input type="submit" value="Look Up User / SSID">
</form><br><br>`
if (request_headers.query.username) {
if (user_info) {
data += `
<strong>User Information:</strong>
<table border=1 cellpadding=3>
<tr><td>Username:</td><td>${user_info.username} (User ID: ${user_info.user_id})</td></tr>
<tr><td>SSID:</td><td>${user_info.ssid}</td></tr>`;
if (user_info.account_users) {
data += `<tr><td>Primary User:</td><td>${user_info.account_users['subscriber'].subscriber_username}</td></tr>`;
if (Object.keys(user_info.account_users).length > 1) {
data += `<tr><td>Additional Users:</td><td>`;
Object.keys(user_info.account_users).forEach(function (k) {
if (k == "subscriber") return;
data += user_info.account_users[k].subscriber_username + "<br>";
})
data += `</td></tr>`
}
}
data += `
<tr>
<td border=0 colspan=2>
<a href="wtv-admin:/ban?ssid=${user_info.ssid}">Ban SSID</a>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<a href="wtv-admin:/unban?unban_ssid=${user_info.ssid}">Unban SSID</a>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<a href="wtv-admin:/deleteaccount?ssid=${user_info.ssid}">Delete Account</span>
</td>
</tr>
`
data += `</table>`;
} else {
data += "<strong>Could not find user \"" + request_headers.query.username + "\"</strong><br><br>";
}
}
data += `
<br>
<br>
<tr>
</table>
<p align="right">
<a href="client:goback">Go Back</a>
</p>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}

BIN
zefie_wtvp_minisrv/ServiceVault/wtv-admin/images/nuke.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
zefie_wtvp_minisrv/ServiceVault/wtv-admin/images/nuke_inverted.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

104
zefie_wtvp_minisrv/ServiceVault/wtv-admin/unban.js Normal file
View File

@@ -0,0 +1,104 @@
var minisrv_service_file = true;
var WTVAdmin = require("./WTVAdmin.js");
var wtva = new WTVAdmin(minisrv_config, ssid_sessions[socket.ssid], service_name);
var auth = wtva.isAuthorized();
var ssids_removed = [];
if (auth === true) {
var password = null;
if (request_headers.Authorization) {
var authheader = request_headers.Authorization.split(' ');
if (authheader[0] == "Basic") {
password = Buffer.from(authheader[1], 'base64').toString();
if (password) password = password.split(':')[1];
}
}
if (wtva.checkPassword(password)) {
if (request_headers.query.unban_ssid) {
var config_changed = false;
var fake_config = wtvshared.getUserConfig();
if (!fake_config.config) fake_config.config = {};
if (!fake_config.config.ssid_block_list) fake_config.config.ssid_block_list = [];
if (typeof request_headers.query.unban_ssid === 'string') {
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
if (fake_config.config.ssid_block_list[k] == request_headers.query.unban_ssid) {
fake_config.config.ssid_block_list.splice(k, 1);
ssids_removed.push(request_headers.query.unban_ssid)
config_changed = true;
}
});
} else {
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
Object.keys(request_headers.query.unban_ssid).forEach(function (j) {
if (fake_config.config.ssid_block_list[k] == request_headers.query.unban_ssid[j]) {
fake_config.config.ssid_block_list.splice(k,1);
ssids_removed.push(request_headers.query.unban_ssid[j])
config_changed = true;
}
});
});
}
if (config_changed) {
wtvshared.writeToUserConfig(fake_config);
minisrv_config = reloadConfig();
}
}
headers = `200 OK
Content-Type: text/html
wtv-expire-all: wtv-admin:/unban`;
if (request_headers.query.unban_ssid) {
headers += "\nwtv-noback-all: wtv-admin:/unban";
}
data = `<html>
<body>
<display nosave nosend>
<title>${minisrv_config.config.service_name} Admin Tricks</title>
<sidebar width=20%>
<img src="wtv-admin:/images/nuke_inverted.gif">
</sidebar>
<body bgcolor="#0a0a0a" text="#CC1111" link="#ff55ff" vlink="#ff55ff" vspace=0>
<br>
<br>
<h1>${minisrv_config.config.service_name} Admin Tricks</h1>
<br>
<table>
<tr>
<td colspan=3 height=6>
<h3>Unban an SSID</h3>`;
if (minisrv_config.config.ssid_block_list.length > 0) {
data += '<form action="wtv-admin:/unban" method="POST">';
data += '<select name="unban_ssid" multiple size="8">';
Object.keys(minisrv_config.config.ssid_block_list).forEach(function (k) {
var ssid = minisrv_config.config.ssid_block_list[k];
data += "<option value=\"" + ssid + "\">" + ssid + "</option>\n";
});
data += '</select><br><input type="submit" value="Unban SSID(s)"></form>';
} else {
data += "No SSIDs are in the ban list.<br><br>";
}
if (ssids_removed.length > 0) {
if (config_changed) {
data += "<strong>SSID(s) " + ssids_removed + " removed from the ban list.</strong><br><br>";
}
}
data += `
<br>
<br>
<tr>
</table>
<p align="right">
<a href="client:goback">Go Back</a>
</p>
</body>
</html>
`;
} else {
var errpage = wtvshared.doErrorPage(401, "Please enter the administration password, you can leave the username blank.");
headers = errpage[0];
data = errpage[1];
}
} else {
var errpage = wtvshared.doErrorPage(403, auth);
headers = errpage[0];
data = errpage[1];
}