zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.9.55 (#32)

Browse Source 
* v0.9.55

- CGI Support (eg PHP, Perl, etc)
- Slight PC Admin updates
- Numerous bug fixes
- Security updates

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
zefie
2025-01-03 12:49:50 -05:00
committed by GitHub
parent 9314705def
commit 907cec23c2
28 changed files with 1637 additions and 576 deletions
Download Patch File Download Diff File Expand all files Collapse all files

179
zefie_wtvp_minisrv/includes/classes/WTVAdmin.js
View File

@@ -6,9 +6,18 @@ class WTVAdmin {
wtvr = null;
wtvshared = null;
wtvclient = null;
pcservices = false;
WTVClientSessionData = require("./WTVClientSessionData.js");
service_name = "wtv-admin";
SUCCESS = 0
FAIL = 1
INVALID_OP = 2
REASON_NOSELF = 3
REASON_EXISTS = 4
REASON_NONEXIST = 5
constructor(minisrv_config, wtvclient, service_name) {
this.minisrv_config = minisrv_config;
var { WTVShared } = require("./WTVShared.js");
@@ -16,10 +25,69 @@ class WTVAdmin {
this.wtvclient = wtvclient;
this.wtvshared = new WTVShared(minisrv_config);
this.wtvr = new WTVRegister(minisrv_config);
this.clientAddress = wtvclient.getClientAddress();
if (this.wtvclient.remoteAddress) {
// is a socket
this.clientAddress = this.wtvclient.remoteAddress;
this.pcservices = true;
} else {
// is wtvclient class
this.clientAddress = this.wtvclient.getClientAddress();
}
this.service_name = service_name;
}
banSSID(ssid, admin_ssid = null) {
if (ssid == admin_ssid) {
return this.REASON_NOSELF;
} else {
var fake_config = this.wtvshared.getUserConfig();
if (!fake_config.config) fake_config.config = {};
if (!fake_config.config.ssid_block_list) fake_config.config.ssid_block_list = [];
var entry_exists = false;
var self = this;
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
if (fake_config.config.ssid_block_list[k] == ssid) {
return self.REASON_EXISTS;
}
});
if (!entry_exists) {
fake_config.config.ssid_block_list.push(ssid);
this.wtvshared.writeToUserConfig(fake_config);
return this.SUCCESS;
}
}
}
unbanSSID(ssid) {
var config_changed = false;
var fake_config = wtvshared.getUserConfig();
if (!fake_config.config) fake_config.config = {};
if (!fake_config.config.ssid_block_list) fake_config.config.ssid_block_list = [];
if (typeof request_headers.query.ssid === 'string') {
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
if (fake_config.config.ssid_block_list[k].toLowerCase() == request_headers.query.ssid.toLowerCase()) {
fake_config.config.ssid_block_list.splice(k, 1);
config_changed = true
}
});
} else {
Object.keys(fake_config.config.ssid_block_list).forEach(function (k) {
Object.keys(request_headers.query.ssid).forEach(function (j) {
if (fake_config.config.ssid_block_list[k].toLowerCase() == request_headers.query.ssid[j].toLowerCase()) {
fake_config.config.ssid_block_list.splice(k, 1);
config_changed = true
}
});
});
}
if (config_changed) {
wtvshared.writeToUserConfig(fake_config);
minisrv_config = reloadConfig();
return this.SUCCESS
} else {
return this.REASON_NONEXIST;
}
}
ip2long(ip) {
var components;
@@ -53,47 +121,87 @@ class WTVAdmin {
rejectConnection(reason_is_ssid) {
var rejectReason;
if (reason_is_ssid) {
rejectReason = this.wtvclient.ssid + " is not in the whitelist.";
console.log(" * Request from SSID", this.wtvshared.filterSSID(this.wtvclient.ssid), "(" + this.clientAddress + ") for wtv-admin, but that SSID is not in the admin whitelist.");
if (this.pcservices) {
rejectReason = this.clientAddress + " is not in the whitelist for PC Services Admin.";
console.log(" * Request from IP (" + this.clientAddress + ") for PC Services Admin, but that IP is not authorized.");
} else {
rejectReason = this.clientAddress + " is not in the whitelist for SSID " + this.wtvclient.ssid + ".";
console.log(" * Request from SSID", this.wtvshared.filterSSID(this.wtvclient.ssid), "(" + this.clientAddress + ") for wtv-admin, but that IP is not authorized for that SSID.");
if (reason_is_ssid) {
rejectReason = this.wtvclient.ssid + " is not in the whitelist.";
console.log(" * Request from SSID", this.wtvshared.filterSSID(this.wtvclient.ssid), "(" + this.clientAddress + ") for wtv-admin, but that SSID is not in the admin whitelist.");
} else {
rejectReason = this.clientAddress + " is not in the whitelist for SSID " + this.wtvclient.ssid + ".";
console.log(" * Request from SSID", this.wtvshared.filterSSID(this.wtvclient.ssid), "(" + this.clientAddress + ") for wtv-admin, but that IP is not authorized for that SSID.");
}
}
return rejectReason;
}
checkPassword(password) {
if (this.minisrv_config.services[this.service_name].password) {
return (password == this.minisrv_config.services[this.service_name].password);
if (this.pcservices) {
if (this.minisrv_config.config.pc_admin.password) {
return (password == this.minisrv_config.config.pc_admin.password);
} else {
// no password set
return true;
}
} else {
// no password set
return true;
if (this.minisrv_config.services[this.service_name].password) {
return (password == this.minisrv_config.services[this.service_name].password);
} else {
// no password set
return true;
}
}
}
}
listRegisteredSSIDs() {
var search_dir = this.wtvshared.getAbsolutePath(this.minisrv_config.config.SessionStore + this.path.sep + "accounts");
var self = this;
var out = [];
this.fs.readdirSync(search_dir).forEach(file => {
if (self.fs.lstatSync(search_dir + self.path.sep + file).isDirectory()) {
var user = self.getAccountInfoBySSID(file);
out.push([file, user]);
}
});
return out;
}
isAuthorized(justchecking = false) {
var allowed_ssid = false;
var allowed_ip = false;
if (this.minisrv_config.services[this.service_name].authorized_ssids) {
var self = this;
Object.keys(self.minisrv_config.services[this.service_name].authorized_ssids).forEach(function (k) {
if (typeof self.minisrv_config.services[self.service_name].authorized_ssids[k] == "string") {
var ssid = self.minisrv_config.services[self.service_name].authorized_ssids[k]
if (ssid == self.wtvclient.ssid) allowed_ssid = true;
allowed_ip = true; // no ip block defined
} else {
var ssid = k;
if (ssid == self.wtvclient.ssid) {
allowed_ssid = true;
Object.keys(self.minisrv_config.services[self.service_name].authorized_ssids[k]).forEach(function (j) {
if (self.isInSubnet(self.clientAddress, self.minisrv_config.services[self.service_name].authorized_ssids[k][j])) {
allowed_ip = true;
}
});
var use_ssid = (this.wtvclient.ssid && !this.pcservices) ? true : false
if (use_ssid) {
if (this.minisrv_config.services[this.service_name].authorized_ssids) {
var self = this;
Object.keys(self.minisrv_config.services[this.service_name].authorized_ssids).forEach(function (k) {
if (typeof self.minisrv_config.services[self.service_name].authorized_ssids[k] == "string") {
var ssid = self.minisrv_config.services[self.service_name].authorized_ssids[k]
if (ssid == self.wtvclient.ssid) allowed_ssid = true;
allowed_ip = true; // no ip block defined
} else {
var ssid = k;
if (ssid == self.wtvclient.ssid) {
allowed_ssid = true;
Object.keys(self.minisrv_config.services[self.service_name].authorized_ssids[k]).forEach(function (j) {
if (self.isInSubnet(self.clientAddress, self.minisrv_config.services[self.service_name].authorized_ssids[k][j])) {
allowed_ip = true;
}
});
}
}
});
}
} else {
if (this.pcservices) {
if (this.minisrv_config.config.pc_admin.ip_whitelist) {
var self = this;
Object.keys(this.minisrv_config.config.pc_admin.ip_whitelist).forEach(function (k) {
allowed_ip = self.isInSubnet(self.clientAddress, self.minisrv_config.config.pc_admin.ip_whitelist[k]);
});
}
});
}
allowed_ssid = true;
}
if (justchecking) {
return (allowed_ssid && allowed_ip) ? true : false;
@@ -103,7 +211,7 @@ class WTVAdmin {
}
getAccountInfo(username, directory = null) {
var search_dir = this.minisrv_config.config.SessionStore + this.path.sep + "accounts";
var search_dir = this.wtvshared.getAbsolutePath(this.minisrv_config.config.SessionStore + this.path.sep + "accounts");
var account_data = null;
var self = this;
if (directory) search_dir = directory;
@@ -118,7 +226,7 @@ class WTVAdmin {
var temp_session_data = JSON.parse(temp_session_data_file);
if (temp_session_data.subscriber_username.toLowerCase() == username.toLowerCase()) {
account_data = [temp_session_data, (search_dir + self.path.sep + file).replace(this.minisrv_config.config.SessionStore + this.path.sep + "accounts", "").split(this.path.sep)[1]];
account_data = [temp_session_data, (search_dir + self.path.sep + file).replace(this.wtvshared.getAbsolutePath(this.minisrv_config.config.SessionStore + this.path.sep + "accounts"), "").split(this.path.sep)[1]];
}
} catch (e) {
console.error(" # Error parsing Session Data JSON", search_dir + self.path.sep + file, e);
@@ -145,7 +253,16 @@ class WTVAdmin {
if (userSession.isRegistered(false)) {
account_info.ssid = ssid;
account_info.account_users = userSession.listPrimaryAccountUsers();
account_info.username = account_info.account_users['subscriber'].subscriber_username;
if (account_info.account_users) {
if (account_info.account_users['subscriber']) {
account_info.username = account_info.account_users['subscriber'].subscriber_username;
} else {
account_info.username = account_info.account_users[0];
}
} else {
account_info.username = account_info.account_users[0];
}
account_info.user_id = 0;
return account_info;
}