From a2b54b3fecf3706993db3e758bd11676c785f200 Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 18 Jan 2024 16:36:12 +0000 Subject: [PATCH 01/29] Some stuff regarding tables --- core/user.service.js | 4 +++ .../src/app/admin/users/users.component.html | 36 ++++++++++++------- routes/users.js | 3 +- 3 files changed, 30 insertions(+), 13 deletions(-) diff --git a/core/user.service.js b/core/user.service.js index 726eebce5..ccb2e08c5 100644 --- a/core/user.service.js +++ b/core/user.service.js @@ -191,6 +191,10 @@ async function create_user(user, action_owner = 'auto') { } } + if(!user.registration) { + user.registration = new Date().getTime() + } + user.loginShell = '/bin/bash'; // create from script as ui add a register action in history diff --git a/manager2/src/app/admin/users/users.component.html b/manager2/src/app/admin/users/users.component.html index 7828d211b..c615dd9c9 100644 --- a/manager2/src/app/admin/users/users.component.html +++ b/manager2/src/app/admin/users/users.component.html @@ -6,16 +6,19 @@

Pending email approval [{{pending_email_users.length}}]

- + - UIDUid numberEmailExpiration + UID + Email + Duration + Registration {{user.uid}} - {{user.uidnumber}} {{user.email}} - {{date_convert(user.expiration)}} + {{user.duration}} + {{date_convert(user.registration)}} @@ -32,16 +35,19 @@

Pending admin approval [{{pending_approval_users.length}}]

- + - UIDUid numberEmailExpiration + UID + Email + Duration + Registration {{user.uid}} - {{user.uidnumber}} {{user.email}} - {{date_convert(user.expiration)}} + {{user.duration}} + {{date_convert(user.registration)}} @@ -58,7 +64,7 @@

Active [{{active_users.length}}]

- Active [{{active_users.length}}]
- UIDUid numberEmailExpiration + UID + Uid number + Email + Expiration @@ -99,7 +108,7 @@

Expired [{{expired_users.length}}]

- Expired [{{expired_users.length}}]
- UIDUid numberEmailExpiration + UID + Uid number + Email + Expiration diff --git a/routes/users.js b/routes/users.js index 96556b9b1..e152c0776 100644 --- a/routes/users.js +++ b/routes/users.js @@ -884,7 +884,8 @@ router.post('/user/:id', async function(req, res) { is_fake: req.body.is_fake, duration: req.body.duration, history: [{action: 'register', date: new Date().getTime()}], - extra_info: req.body.extra_info || [] + extra_info: req.body.extra_info || [], + registration: new Date().getTime() }; // check if register user is done by admin or by anonymouse user From 835a8b620e10bd20a93010cfb0d3569269d308d0 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 19 Jan 2024 16:40:27 +0100 Subject: [PATCH 02/29] More admin ui --- CHANGELOG.md | 6 +++ .../admin/databases/databases.component.html | 8 +++- .../app/admin/groups/groups.component.html | 11 +++-- .../src/app/admin/logs/logs.component.html | 9 +++- .../admin/projects/projects.component.html | 47 ++++++++++--------- .../src/app/admin/stats/stats.component.ts | 5 +- .../admin/websites/websites.component.html | 13 +++-- 7 files changed, 61 insertions(+), 38 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8e73e539b..662bd8e71 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## 1.4.29 + +* Various security PR merged +* Add ordering to most admin tables +* Add user registration date to the 'Pending admin approval' and 'Pending email approval' table, and remove user ID + ## 1.4.28 * Fix security check for user identity when making API calls diff --git a/manager2/src/app/admin/databases/databases.component.html b/manager2/src/app/admin/databases/databases.component.html index afd20f8cd..bdab8f0ae 100644 --- a/manager2/src/app/admin/databases/databases.component.html +++ b/manager2/src/app/admin/databases/databases.component.html @@ -11,6 +11,7 @@

Databases

[rowsPerPageOptions]="[10,25,50]" [globalFilterFields]="['name', 'type', 'host', 'owner']" [filterDelay]="0" + sortMode="multiple" >
@@ -21,7 +22,12 @@

Databases

 - NameOwnerTypeHost + + Name + Owner + Type + Host + diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index 389ff5173..6e40281a0 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -106,8 +106,9 @@

Groups

[rows]="10" [showCurrentPageReport]="true" [rowsPerPageOptions]="[10,25,50]" - [globalFilterFields]="['name', 'gid', 'owner']" + [globalFilterFields]="['name', 'gid', 'owner', 'tags']" [filterDelay]="0" + sortMode="multiple" >
@@ -119,15 +120,17 @@

Groups

- Group - gid - owner + Group + Gid + Owner + Tags {{group.name}} {{group.gid}} {{group.owner}} + {{group.tags.join(", ")}} diff --git a/manager2/src/app/admin/logs/logs.component.html b/manager2/src/app/admin/logs/logs.component.html index f98c44849..d2ba16255 100644 --- a/manager2/src/app/admin/logs/logs.component.html +++ b/manager2/src/app/admin/logs/logs.component.html @@ -13,6 +13,7 @@

Event logs

[rowsPerPageOptions]="[10,25,50]" [globalFilterFields]="['owner', 'action', 'logs']" [filterDelay]="0" + sortMode="multiple" >
@@ -23,7 +24,13 @@

Event logs

 - IDOwnerDateActionLogs + + ID + Owner + Date + Action + Logs + diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index 843160bf5..934955f0f 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -104,13 +104,13 @@

Pending projects

{{pending_err_msg}}
{{pending_msg}}
- + - Request - Project - User - Size (GB) + Request + Project + User + Size (GB) Cpu (Hour) Org Action @@ -153,8 +153,9 @@

All projects

[showCurrentPageReport]="true" [rowsPerPageOptions]="[10,25,50]" - [globalFilterFields]="['id','owner']" + [globalFilterFields]="['id','owner', 'group']" [filterDelay]="0" + sortMode="multiple" >
@@ -167,14 +168,14 @@

All projects

- Project - Owner - Group - Path - Size (GB) - Cpu (Hour) - Creation - Expiration + Project + Owner + Group + Path + Size (GB) + Cpu (Hour) + Creation + Expiration @@ -218,6 +219,7 @@

Expired [{{expired_projects.length}}]

[rowsPerPageOptions]="[10,25,50]" [globalFilterFields]="['id','owner']" [filterDelay]="0" + sortMode="multiple" >
@@ -230,14 +232,14 @@

Expired [{{expired_projects.length}}]

- Project - Owner - Group - Path - Size (GB) - Cpu (Hour) - Creation - Expiration + Project + Owner + Group + Path + Size (GB) + Cpu (Hour) + Creation + Expiration Nb Notification @@ -270,4 +272,3 @@

Expired [{{expired_projects.length}}]

- diff --git a/manager2/src/app/admin/stats/stats.component.ts b/manager2/src/app/admin/stats/stats.component.ts index 94805ef0f..fe3b0d56a 100644 --- a/manager2/src/app/admin/stats/stats.component.ts +++ b/manager2/src/app/admin/stats/stats.component.ts @@ -46,7 +46,7 @@ export class AdminStatComponent implements OnInit { } } if(!statuses[u.status]) {statuses[u.status] = 0} - statuses[u.status]++ + statuses[u.status]++ }) let status_list = []; Object.keys(statuses).forEach(s => { @@ -58,10 +58,11 @@ export class AdminStatComponent implements OnInit { Object.keys(mail_domain).forEach(domain => { domain_list.push({'title': domain, 'value': mail_domain[domain]}) }) + domain_list.sort((a, b) => (b.value - a.value)) this.domains = domain_list; this.extras = extras; }, err => console.log('failed to get users') ) } -} \ No newline at end of file +} diff --git a/manager2/src/app/admin/websites/websites.component.html b/manager2/src/app/admin/websites/websites.component.html index 35abec134..7d6542174 100644 --- a/manager2/src/app/admin/websites/websites.component.html +++ b/manager2/src/app/admin/websites/websites.component.html @@ -10,8 +10,9 @@

Web sites

[rows]="10" [showCurrentPageReport]="true" [rowsPerPageOptions]="[10,25,50]" - [globalFilterFields]="['name', 'description', 'owner']" + [globalFilterFields]="['name', 'description', 'owner', 'url']" [filterDelay]="0" + sortMode="multiple" >
@@ -23,11 +24,10 @@

Web sites

- Name - Owner - URL - Description - + Name + Owner + URL + Description @@ -36,7 +36,6 @@

Web sites

{{web.owner}} {{web.url}} {{web.description}} - From 1ce252830c837ceca8b1a7c3c71063ba4eb5234f Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 19 Jan 2024 17:07:13 +0100 Subject: [PATCH 03/29] Test missing group --- manager2/src/app/user/user.component.html | 2 +- manager2/src/app/user/user.component.ts | 6 +++--- routes/groups.js | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 109d4a4e6..5f644d2d0 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -125,7 +125,7 @@

Information

diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index ac0a7e202..b2dc95a28 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -12,7 +12,7 @@ import { ActivatedRoute, Router } from '@angular/router'; import { WindowWrapper } from '../windowWrapper.module'; import { FlashMessagesService } from '../utils/flash/flash.component'; -import { +import { solveRegistrationChallenge } from '@webauthn/client'; @@ -341,7 +341,7 @@ export class UserComponent implements OnInit { break; } } - if(!found) { this.groups.push({name: this.user.group})} + if(!found) { this.groups.push({name: this.user.group, new: true})} } _loadProjects(projects) { @@ -704,7 +704,7 @@ export class UserComponent implements OnInit { register_u2f() { - this.userService.u2fGet(this.user.uid).subscribe( + this.userService.u2fGet(this.user.uid).subscribe( resp => { let challenge = resp; let ctx =this; diff --git a/routes/groups.js b/routes/groups.js index 1eece466a..e004d2933 100644 --- a/routes/groups.js +++ b/routes/groups.js @@ -184,7 +184,7 @@ router.post('/group/:id', async function(req, res){ } let owner = req.body.owner; let user = await dbsrv.mongo_users().findOne({uid: owner}); - if(!user) { + if(owner && !user) { res.status(404).send({message: 'Owner user does not exist'}); res.end(); return; From eb918b055182eddc7e368b62f68c6b6a35705147 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 19 Jan 2024 16:22:59 +0000 Subject: [PATCH 04/29] typo --- manager2/src/app/admin/groups/groups.component.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index 6e40281a0..1605c29bd 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -121,9 +121,9 @@

Groups

Group - Gid - Owner - Tags + Gid > + Owner > + Tags > From a0fd024cb29316ea7e2ea346a6add3384f662d19 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 19 Jan 2024 17:44:36 +0100 Subject: [PATCH 05/29] Fix tag issue? --- routes/tags.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routes/tags.js b/routes/tags.js index 12a4de7a4..4edcaf7e6 100644 --- a/routes/tags.js +++ b/routes/tags.js @@ -60,7 +60,7 @@ router.post('/tags/:kind/:id', async function(req, res) { } tags.forEach(tag => { - dbsrv.mongo_tags().updateOne({'name': tag}, {'name': tag}, {upsert: true}); + dbsrv.mongo_tags().updateOne({'name': tag}, {'$set': {'name': tag}}, {upsert: true}); }); if(req.params.kind == 'group') { From 9385f2dbeb0e23ea08fbece6fa6540d67b209d37 Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 25 Jan 2024 12:12:42 +0100 Subject: [PATCH 06/29] Testing pending project update --- core/project.service.js | 9 +++ .../admin/projects/projects.component.html | 5 +- .../app/admin/projects/projects.component.ts | 38 ++++++++- .../app/admin/projects/projects.service.ts | 17 ++++ routes/projects.js | 77 +++++++++++++++++++ 5 files changed, 144 insertions(+), 2 deletions(-) diff --git a/core/project.service.js b/core/project.service.js index 586a6cbaa..2f1300ff6 100644 --- a/core/project.service.js +++ b/core/project.service.js @@ -72,6 +72,15 @@ async function remove_project(id, action_owner = 'auto') { } +async function edit_project(project, uuid, action_owner = 'auto') { + logger.info('Editing Project ' + id); + project.expiration_notif = 0; + await dbsrv.mongo_projects().updateOne({'uuid': uuid}, {'$set': project}); + let fid = new Date().getTime(); + project.id = id; + await dbsrv.mongo_events().insertOne({'owner': action_owner, 'date': new Date().getTime(), 'action': 'update project ' + project.id , 'logs': []}); +} + async function update_project(id, project, action_owner = 'auto') { logger.info('Update Project ' + id); project.expiration_notif = 0; diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index 843160bf5..390c8ba42 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -81,6 +81,10 @@

Project creation

+
+ + +
@@ -270,4 +274,3 @@

Expired [{{expired_projects.length}}]

- diff --git a/manager2/src/app/admin/projects/projects.component.ts b/manager2/src/app/admin/projects/projects.component.ts index 9ea7c3611..9fe9e329b 100644 --- a/manager2/src/app/admin/projects/projects.component.ts +++ b/manager2/src/app/admin/projects/projects.component.ts @@ -197,6 +197,42 @@ export class ProjectsComponent implements OnInit { ); } + edit_project() { + + if (!this.new_project.id || (this.config.project.enable_group && !this.new_project.group) || !this.new_project.owner) { + this.add_project_error_msg = "Project Id, group, and owner are required fields " + this.new_project.id + this.new_project.group + this.new_project.owner; + return; + } + + this.reset_msgs() + + this.projectsService.edit( + this.new_project.uuid, + { + 'id': this.new_project.id, + 'size': this.new_project.size, + 'cpu': this.new_project.cpu, + 'expire': new Date(this.new_project.expire).getTime(), + 'owner': this.new_project.owner, + 'group': this.config.project.enable_group ? this.new_project.group : '', + 'description' : this.new_project.description, + 'access' : this.new_project.access, + 'path': this.new_project.path, + 'orga':this.new_project.orga + } + ).subscribe( + resp => { + this.prj_msg = resp['message']; + if(this.config.project.enable_group && project.group !== this.oldGroup) { + this.update_users_group(this.users, project.group); + } + this.show_project_users(project.id); + }, + err => this.prj_err_msg = err.error.message + ) + } + + project_list(refresh_requests = false) { this.projects = []; this.expired_projects = []; @@ -245,7 +281,7 @@ export class ProjectsComponent implements OnInit { this.pending_number = 0; } let data = resp; - if (data.length > 0) { + if (data.length > 0) { this.requests_visible = true; for (let i = 0; i < data.length; i++) { data[i].created_at = parseInt(data[i]['_id'].substring(0, 8), 16) * 1000 diff --git a/manager2/src/app/admin/projects/projects.service.ts b/manager2/src/app/admin/projects/projects.service.ts index 8c8b4d2fe..8835fd865 100644 --- a/manager2/src/app/admin/projects/projects.service.ts +++ b/manager2/src/app/admin/projects/projects.service.ts @@ -70,6 +70,23 @@ export class ProjectsService { ); } + edit(project: any): Observable { + //let user = this.authService.profile; + let params = new HttpParams(); + + let httpOptions = { + //headers: new HttpHeaders({ + // 'x-api-key': user.apikey + //}), + params: params + }; + return this.http.put( + environment.apiUrl + '/project', + project, + httpOptions + ); + } + get(projectId: string): Observable { //let user = this.authService.profile; diff --git a/routes/projects.js b/routes/projects.js index c31b6f800..9850ed291 100644 --- a/routes/projects.js +++ b/routes/projects.js @@ -172,6 +172,83 @@ router.post('/project', async function(req, res){ return; }); +router.post('/put', async function(req, res){ + if(! req.locals.logInfo.is_logged) { + res.status(401).send({message: 'Not authorized'}); + return; + } + if(! sansrv.sanitizeAll([req.body.id])) { + res.status(403).send({message: 'Invalid parameters'}); + return; + } + let user = null; + let isadmin = false; + try { + user = await dbsrv.mongo_users().findOne({_id: req.locals.logInfo.id}); + isadmin = await rolsrv.is_admin(user); + } catch(e) { + logger.error(e); + res.status(404).send({message: 'User session not found'}); + res.end(); + return; + } + if(!user){ + res.status(404).send({message: 'User not found'}); + return; + } + if(!isadmin){ + res.status(401).send({message: 'Not authorized'}); + return; + } + let owner = await dbsrv.mongo_users().findOne({'uid': req.body.owner}); + if(!owner){ + res.status(404).send({message: 'Owner not found'}); + return; + } + let project = await dbsrv.mongo_projects().findOne({'uuid': req.body.uuid}); + + if (!project){ + res.status(403).send({message: 'Project does not exist'}); + return; + } + + let related_project = await dbsrv.mongo_projects().findOne({'id': req.body.id}); + + if(project && !(project.uuid == related_project.uuid)){ + res.status(403).send({message: 'A project with that name already exists'}); + return; + } + + try { + await prjsrv.edit_project({ + 'id': req.body.id, + 'owner': req.body.owner, + 'group': req.body.group, + 'size': req.body.size, + 'cpu': req.body.cpu, + 'expire': req.body.expire, + 'description': req.body.description, + 'path': req.body.path, + 'orga': req.body.orga, + 'access': req.body.access + }, req.body.uuid, user.uid); + } catch(e) { + logger.error(e); + if (e.code && e.message) { + res.status(e.code).send({message: e.message}); + res.end(); + return; + } else { + res.status(500).send({message: 'Server Error, contact admin'}); + res.end(); + return; + } + } + + res.send({message: 'Project created'}); + return; +}); + router.delete('/project/:id', async function(req, res){ if(! req.locals.logInfo.is_logged) { res.status(401).send({message: 'Not authorized'}); From 56edad2faacb3fca2cd7a91297f0e91bd9e5fd9a Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 25 Jan 2024 13:48:54 +0000 Subject: [PATCH 07/29] typos --- app.js | 1 + core/project.service.js | 6 +++--- .../app/admin/projects/projects.component.html | 2 +- .../app/admin/projects/projects.component.ts | 18 +++++++----------- routes/projects.js | 17 ++++++++++++----- 5 files changed, 24 insertions(+), 20 deletions(-) diff --git a/app.js b/app.js index ed77d63c7..fd56aa056 100644 --- a/app.js +++ b/app.js @@ -349,6 +349,7 @@ app.get('/project/:id', projects); app.post('/project', projects); app.post('/project/:id', projects); app.post('/project/:id/request', projects); +app.put('/project', projects); app.delete('/project/:id', projects); app.put('/project/:id/request', projects); app.get('/project/:id/extend', projects); diff --git a/core/project.service.js b/core/project.service.js index 2f1300ff6..7c0309604 100644 --- a/core/project.service.js +++ b/core/project.service.js @@ -17,6 +17,7 @@ exports.remove_project = remove_project; exports.update_project = update_project; exports.create_project_request = create_project_request; exports.remove_project_request = remove_project_request; +exports.edit_project = edit_project; async function create_project(new_project, uuid, action_owner = 'auto') { logger.info('Create Project ' + new_project.id + ' uuid ' + uuid); @@ -73,11 +74,10 @@ async function remove_project(id, action_owner = 'auto') { } async function edit_project(project, uuid, action_owner = 'auto') { - logger.info('Editing Project ' + id); + logger.info('Editing Project ' + project.id); project.expiration_notif = 0; - await dbsrv.mongo_projects().updateOne({'uuid': uuid}, {'$set': project}); + await dbsrv.mongo_pending_projects().updateOne({'uuid': uuid}, {'$set': project}); let fid = new Date().getTime(); - project.id = id; await dbsrv.mongo_events().insertOne({'owner': action_owner, 'date': new Date().getTime(), 'action': 'update project ' + project.id , 'logs': []}); } diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index fd56abb24..56a3be520 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -83,7 +83,7 @@

Project creation

- +
diff --git a/manager2/src/app/admin/projects/projects.component.ts b/manager2/src/app/admin/projects/projects.component.ts index 9fe9e329b..963931a54 100644 --- a/manager2/src/app/admin/projects/projects.component.ts +++ b/manager2/src/app/admin/projects/projects.component.ts @@ -206,29 +206,25 @@ export class ProjectsComponent implements OnInit { this.reset_msgs() - this.projectsService.edit( - this.new_project.uuid, + this.projectService.edit( { 'id': this.new_project.id, + 'uuid': this.new_project.uuid, 'size': this.new_project.size, 'cpu': this.new_project.cpu, 'expire': new Date(this.new_project.expire).getTime(), 'owner': this.new_project.owner, 'group': this.config.project.enable_group ? this.new_project.group : '', - 'description' : this.new_project.description, - 'access' : this.new_project.access, + 'description': this.new_project.description, + 'access': this.new_project.access, 'path': this.new_project.path, - 'orga':this.new_project.orga + 'orga': this.new_project.orga } ).subscribe( resp => { - this.prj_msg = resp['message']; - if(this.config.project.enable_group && project.group !== this.oldGroup) { - this.update_users_group(this.users, project.group); - } - this.show_project_users(project.id); + this.add_project_msg = resp['message']; }, - err => this.prj_err_msg = err.error.message + err => this.add_project_error_msg = err.error.message ) } diff --git a/routes/projects.js b/routes/projects.js index 9850ed291..7938c0810 100644 --- a/routes/projects.js +++ b/routes/projects.js @@ -172,13 +172,15 @@ router.post('/project', async function(req, res){ return; }); -router.post('/put', async function(req, res){ +router.put('/project', async function(req, res){ if(! req.locals.logInfo.is_logged) { res.status(401).send({message: 'Not authorized'}); + res.end(); return; } if(! sansrv.sanitizeAll([req.body.id])) { res.status(403).send({message: 'Invalid parameters'}); + res.end(); return; } let user = null; @@ -194,28 +196,34 @@ router.post('/put', async function(req, res){ } if(!user){ res.status(404).send({message: 'User not found'}); + res.end(); return; } if(!isadmin){ res.status(401).send({message: 'Not authorized'}); + res.end(); return; } let owner = await dbsrv.mongo_users().findOne({'uid': req.body.owner}); if(!owner){ res.status(404).send({message: 'Owner not found'}); + res.end(); return; } - let project = await dbsrv.mongo_projects().findOne({'uuid': req.body.uuid}); + + let project = await dbsrv.mongo_pending_projects().findOne({'uuid': req.body.uuid}); if (!project){ res.status(403).send({message: 'Project does not exist'}); + res.end(); return; } let related_project = await dbsrv.mongo_projects().findOne({'id': req.body.id}); - if(project && !(project.uuid == related_project.uuid)){ + if(related_project && !(project.uuid == related_project.uuid)){ res.status(403).send({message: 'A project with that name already exists'}); + res.end(); return; } @@ -245,7 +253,7 @@ router.post('/put', async function(req, res){ } } - res.send({message: 'Project created'}); + res.send({message: 'Project updated'}); return; }); @@ -464,7 +472,6 @@ router.post('/ask/project', async function(req, res){ }); router.get('/pending/project', async function (req, res) { - if (!req.locals.logInfo.is_logged) { res.status(401).send('Not authorized'); return; From 08ee5c7273d2d919bc0a50e840fab4814d50f9e8 Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 25 Jan 2024 15:18:53 +0100 Subject: [PATCH 08/29] Add description to groups --- core/group.service.js | 4 ++-- .../src/app/admin/groups/groups.component.html | 14 ++++++++++++-- manager2/src/app/admin/groups/groups.component.ts | 3 ++- routes/groups.js | 14 ++++++++++---- 4 files changed, 26 insertions(+), 9 deletions(-) diff --git a/core/group.service.js b/core/group.service.js index 96d7c7cea..7aa13cb3f 100644 --- a/core/group.service.js +++ b/core/group.service.js @@ -69,10 +69,10 @@ function get_group_home(user) { } -async function create_group(group_name, owner_name, action_owner = 'auto', add_owner=true) { +async function create_group(group_name, owner_name, description, action_owner = 'auto', add_owner=true) { let mingid = await idsrv.getGroupAvailableId(); let fid = new Date().getTime(); - let group = {name: group_name, gid: mingid, owner: owner_name}; + let group = {name: group_name, gid: mingid, owner: owner_name, description: description}; try { await dbsrv.mongo_groups().insertOne(group); await goldap.add_group(group, fid); diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index 1605c29bd..93beb7c34 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -13,6 +13,9 @@

Group creation

+
+ +
@@ -47,6 +50,10 @@

Users in group {{selectedGroup.name}}

+ +
+ +
@@ -106,7 +113,7 @@

Groups

[rows]="10" [showCurrentPageReport]="true" [rowsPerPageOptions]="[10,25,50]" - [globalFilterFields]="['name', 'gid', 'owner', 'tags']" + [globalFilterFields]="['name', 'gid', 'owner', 'tags', 'description']" [filterDelay]="0" sortMode="multiple" > @@ -123,13 +130,16 @@

Groups

Group Gid > Owner > + Description > Tags > - + + {{group.name}} {{group.gid}} {{group.owner}} + {{group.description}} {{group.tags.join(", ")}} diff --git a/manager2/src/app/admin/groups/groups.component.ts b/manager2/src/app/admin/groups/groups.component.ts index c4a6f92dc..67b930bbe 100644 --- a/manager2/src/app/admin/groups/groups.component.ts +++ b/manager2/src/app/admin/groups/groups.component.ts @@ -33,7 +33,8 @@ export class GroupsComponent implements OnInit { this.selectedGroup = null; this.new_group = { name: '', - owner: '' + owner: '', + description: '', } this.projects = []; this.groups = []; diff --git a/routes/groups.js b/routes/groups.js index e004d2933..6685ec1ba 100644 --- a/routes/groups.js +++ b/routes/groups.js @@ -131,11 +131,14 @@ router.put('/group/:id', async function(req, res){ } let owner = req.body.owner; let user = await dbsrv.mongo_users().findOne({uid: owner}); - if(!user) { - res.status(404).send({message: 'User does not exist'}); + if(owner && !user) { + res.status(404).send({message: 'Owner user does not exist'}); res.end(); return; } + + let description = req.body.description + let group = await dbsrv.mongo_groups().findOne({name: req.params.id}); if(! group) { res.status(404).send({message: 'Group does not exist'}); @@ -147,7 +150,7 @@ router.put('/group/:id', async function(req, res){ 'action': 'group owner modification ' + group.name + ' to ' +owner, 'logs': []}); - let data = await dbsrv.mongo_groups().updateOne({name: group.name}, {'$set':{'owner': owner}}); + let data = await dbsrv.mongo_groups().updateOne({name: group.name}, {'$set':{'owner': owner, 'description': description}}); res.send(data); res.end(); }); @@ -189,6 +192,9 @@ router.post('/group/:id', async function(req, res){ res.end(); return; } + + let description = req.body.description + let group = await dbsrv.mongo_groups().findOne({name: req.params.id }); if(group) { res.status(403).send({message: 'Group already exists'}); @@ -202,7 +208,7 @@ router.post('/group/:id', async function(req, res){ } try { - group = await grpsrv.create_group(req.params.id , owner, session_user.uid); + group = await grpsrv.create_group(req.params.id , owner, description, session_user.uid); } catch(error){ logger.error('Add Group Failed for: ' + req.params.id, error); res.status(500).send({message: 'Add Group Failed'}); From 3e82105cd9b81091fc325b88ba62ea722c082cef Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 25 Jan 2024 16:14:58 +0000 Subject: [PATCH 09/29] fix table error --- manager2/src/app/admin/groups/groups.component.html | 10 +++++----- manager2/src/app/admin/groups/groups.service.ts | 1 + routes/groups.js | 5 +++-- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index 93beb7c34..f98b0d6d1 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -128,10 +128,10 @@

Groups

Group - Gid > - Owner > - Description > - Tags > + Gid + Owner + Description + Tags @@ -140,7 +140,7 @@

Groups

{{group.gid}} {{group.owner}} {{group.description}} - {{group.tags.join(", ")}} + {{group.tags ? group.tags.join(", ") : ""}} diff --git a/manager2/src/app/admin/groups/groups.service.ts b/manager2/src/app/admin/groups/groups.service.ts index b8c05690a..4fa11eef6 100644 --- a/manager2/src/app/admin/groups/groups.service.ts +++ b/manager2/src/app/admin/groups/groups.service.ts @@ -20,6 +20,7 @@ export class GroupsService { // 'x-api-key': user.apikey //}), }; + return this.http.get( environment.apiUrl + '/group', httpOptions diff --git a/routes/groups.js b/routes/groups.js index 6685ec1ba..34ada4760 100644 --- a/routes/groups.js +++ b/routes/groups.js @@ -145,9 +145,9 @@ router.put('/group/:id', async function(req, res){ return; } await dbsrv.mongo_events().insertOne({ - 'owner': user.uid, + 'owner': session_user.uid, 'date': new Date().getTime(), - 'action': 'group owner modification ' + group.name + ' to ' +owner, + 'action': 'group modification ' + group.name, 'logs': []}); let data = await dbsrv.mongo_groups().updateOne({name: group.name}, {'$set':{'owner': owner, 'description': description}}); @@ -246,6 +246,7 @@ router.get('/group', async function(req, res){ return; } let groups = await dbsrv.mongo_groups().find().toArray(); + res.send(groups); return; }); From ce3c1a1a1949bd7f5d6317eab9751b45c21d07fe Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 26 Jan 2024 15:54:21 +0100 Subject: [PATCH 10/29] Test add group button --- .../src/app/admin/users/users.component.html | 2 +- manager2/src/app/user/user.component.html | 42 ++++++++++++++++++- manager2/src/app/user/user.component.ts | 36 +++++++++++++++- 3 files changed, 77 insertions(+), 3 deletions(-) diff --git a/manager2/src/app/admin/users/users.component.html b/manager2/src/app/admin/users/users.component.html index c615dd9c9..f5c343c2f 100644 --- a/manager2/src/app/admin/users/users.component.html +++ b/manager2/src/app/admin/users/users.component.html @@ -69,7 +69,7 @@

Active [{{active_users.length}}]

[rows]="10" [showCurrentPageReport]="true" [rowsPerPageOptions]="[10,25,50]" - [globalFilterFields]="['name', 'uid', 'email', 'uidnumber']" + [globalFilterFields]="['name', 'uid', 'email', 'uidnumber', 'why', 'firstname', 'lastname']" [filterDelay]="0" > diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 5f644d2d0..9c8e0dcfc 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -128,6 +128,13 @@

Information

+
+
+ +
+
@@ -581,6 +588,39 @@

Send message to user

- + + + diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index b2dc95a28..a40b9ba10 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -231,10 +231,19 @@ export class UserComponent implements OnInit { this.password1 = '' this.password2 = '' + this.selectedGroupExist = true + this.new_group = { + name: '', + owner: '', + description: '', + } + this.notify_subject = '' this.notify_message = '' this.notify_err = '' this.key_err = '' + this.grp_success_msg = '' + this.grp_err_msg = '' this.otp = null } @@ -341,7 +350,10 @@ export class UserComponent implements OnInit { break; } } - if(!found) { this.groups.push({name: this.user.group, new: true})} + if(!found) { + this.groups.push({name: this.user.group, new: true}); + this.selectedGroupExist = false + } } _loadProjects(projects) { @@ -785,6 +797,28 @@ export class UserComponent implements OnInit { ) } + addGroup(){ + if (this.new_group.name === '') { + return; + } + this.grp_err_msg = ''; + this.grp_success_msg = ''; + this.groupsService.add(this.new_group).subscribe( + resp => { + this.grp_success_msg = 'Group was created'; + this.user.group = this.new_group.name + this.groupService.list().subscribe( + resp => this._loadGroups(resp), + err => console.log('failed to get groups') + ) + }, + err => { + this.grp_success_msg = ''; + this.grp_err_msg = err.error.message; + } + ) + } + ngOnDestroy() { if(this.sub) { this.sub.unsubscribe(); From 4326d02a759c4e51fe394fdddf089c4506dca3c6 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 26 Jan 2024 14:55:19 +0000 Subject: [PATCH 11/29] new buttons? --- manager2/src/app/admin/users/users.component.html | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/manager2/src/app/admin/users/users.component.html b/manager2/src/app/admin/users/users.component.html index c615dd9c9..43b009ef3 100644 --- a/manager2/src/app/admin/users/users.component.html +++ b/manager2/src/app/admin/users/users.component.html @@ -15,7 +15,7 @@

Pending email approval [{{pending_email_users.length}}]

- {{user.uid}} + {{user.uid}} {{user.email}} {{user.duration}} {{date_convert(user.registration)}} @@ -44,7 +44,7 @@

Pending admin approval [{{pending_approval_users.length}}]

 - {{user.uid}} + {{user.uid}} {{user.email}} {{user.duration}} {{date_convert(user.registration)}} @@ -88,7 +88,7 @@

Active [{{active_users.length}}]

 - {{user.uid}} + {{user.uid}} {{user.uidnumber}} {{user.email}} {{date_convert(user.expiration)}} @@ -132,7 +132,7 @@

Expired [{{expired_users.length}}]

 - {{user.uid}} + {{user.uid}} {{user.uidnumber}} {{user.email}} {{date_convert(user.expiration)}} From 58d11d8045004298c89405fa0403c3187ac7bff7 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 26 Jan 2024 16:55:44 +0000 Subject: [PATCH 12/29] fix some typos --- manager2/src/app/user/user.component.html | 42 +++++++++++------------ manager2/src/app/user/user.component.ts | 14 ++++++-- 2 files changed, 31 insertions(+), 25 deletions(-) diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 9c8e0dcfc..6886635eb 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -124,18 +124,25 @@

Information

+
+ + +
+
+
-
+
+
@@ -595,30 +602,21 @@

Send message to user

diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index 0e63d35fb..2c7459d84 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -586,8 +586,8 @@ export class UserComponent implements OnInit { ) } - expire() { - this.userService.expire(this.user.uid).subscribe( + expire(sendmail=true) { + this.userService.expire(this.user.uid, sendmail).subscribe( resp => { this.msg = resp['message']; this.user.status = this.STATUS_EXPIRED; @@ -827,6 +827,15 @@ export class UserComponent implements OnInit { ) } + unlock() { + this.userService.unlock(this.user.uid).subscribe( + resp => { + this.msg = resp['message']; + }, + err => console.log('failed to unlock user') + ) + } + ngOnDestroy() { if(this.sub) { this.sub.unsubscribe(); diff --git a/manager2/src/app/user/user.service.ts b/manager2/src/app/user/user.service.ts index 4913bea96..bf2855bbe 100644 --- a/manager2/src/app/user/user.service.ts +++ b/manager2/src/app/user/user.service.ts @@ -76,7 +76,7 @@ export class UserService { return this.http.post( environment.apiUrl + '/otp/register/' + userId, {}, - httpOptions) + httpOptions) } delete(userId: string, message: string, sendmail: boolean) { @@ -132,8 +132,9 @@ export class UserService { httpOptions) } - expire(userId) { + expire(userId, sendmail=false) { let httpOptions = { + params: {sendmail: sendmail} //headers: new HttpHeaders({ // 'x-api-key': localStorage.getItem('my-api-key') //}), @@ -339,4 +340,15 @@ export class UserService { httpOptions ) } + + unlock(userId) { + let httpOptions = { + //headers: new HttpHeaders({ + // 'x-api-key': localStorage.getItem('my-api-key') + //}), + }; + return this.http.get( + environment.apiUrl + '/user/' + userId + '/unlock', + httpOptions) + } } diff --git a/routes/users.js b/routes/users.js index e152c0776..efc780620 100644 --- a/routes/users.js +++ b/routes/users.js @@ -36,6 +36,7 @@ let duration_list = CONFIG.duration; const grpsrv = require('../core/group.service.js'); const usrsrv = require('../core/user.service.js'); const rolsrv = require('../core/role.service.js'); +const idsrv = require('../core/id.service.js'); router.get('/user/:id/apikey', async function(req, res){ if(! req.locals.logInfo.is_logged) { @@ -709,6 +710,8 @@ router.get('/user/:id', async function(req, res) { user.quota.push(k); } + user.is_locked = await idsrv.user_locked(user.uid); + if(session_user._id.toString() == user._id.toString() || isadmin){ res.json(user); } @@ -941,6 +944,8 @@ router.get('/user/:id/expire', async function(req, res){ return; } + let sendmail = req.query.regkey === "false" ? false : true; + let session_user = null; let isadmin = false; try { @@ -994,7 +999,7 @@ router.get('/user/:id/expire', async function(req, res){ // Now remove from mailing list try { // eslint-disable-next-line no-unused-vars - await notif.remove(user.email); + await notif.remove(user.email, sendmail=sendmail); await plgsrv.run_plugins('deactivate', user.uid, user, session_user.uid); res.send({message: 'Operation in progress', fid: fid, error: []}); res.end(); @@ -1895,4 +1900,56 @@ router.get('/lists', async function(req, res){ res.end(); }); + +router.get('/user/:id/unlock', async function(req, res){ + if(! req.locals.logInfo.is_logged) { + res.status(401).send({message: 'Not authorized'}); + return; + } + if(! sansrv.sanitizeAll([req.params.id])) { + res.status(403).send({message: 'Invalid parameters'}); + return; + } + + let session_user = null; + let isadmin = false; + try { + session_user = await dbsrv.mongo_users().findOne({_id: req.locals.logInfo.id}); + isadmin = await rolsrv.is_admin(session_user); + } catch(e) { + logger.error(e); + res.status(404).send({message: 'User session not found'}); + res.end(); + return; + } + + if (!session_user){ + res.status(404).send({message: 'User not found'}); + return; + } + let user = await dbsrv.mongo_users().findOne({uid: req.params.id}); + if (!user){ + res.status(404).send({message: 'User not found'}); + return; + } + + session_user.is_admin = isadmin; + + if(session_user.is_admin){ + let fid = new Date().getTime(); + try { + await idsrv.user_unlock(user.uid) + } catch(err) { + res.send({message: 'Error during operation'}); + return; + } + return; + } + else { + res.status(401).send({message: 'Not authorized'}); + return; + } +}); + + module.exports = router; From 2388bf786a3333ce08c10d661c865b6554d245be Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 08:47:55 +0000 Subject: [PATCH 14/29] Commit --- .../my-expire-confirm/my-expire-confirm.component.html | 4 +--- .../app/my-expire-confirm/my-expire-confirm.component.ts | 2 +- manager2/src/app/user/user.component.ts | 6 ++++-- manager2/src/app/user/user.service.ts | 9 ++++++--- 4 files changed, 12 insertions(+), 9 deletions(-) diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html index 1d6dd37be..dcc2e145c 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html @@ -1,14 +1,12 @@
- +
-
-
diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts index 920ace4c1..7665e2246 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts @@ -7,7 +7,7 @@ import { Component, Input, OnInit } from '@angular/core'; }) export class MyExpireConfirmComponent implements OnInit { - isDeleting: boolean + isExpiring: boolean sendmail: boolean @Input() diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index 2c7459d84..e379e06d4 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -814,9 +814,11 @@ export class UserComponent implements OnInit { this.groupService.add(this.new_group).subscribe( resp => { this.grp_success_msg = 'Group was created'; - this.user.group = this.new_group.name this.groupService.list().subscribe( - resp => this._loadGroups(resp), + resp => { + this._loadGroups(resp); + this.user.group = this.new_group.name; + }, err => console.log('failed to get groups') ) }, diff --git a/manager2/src/app/user/user.service.ts b/manager2/src/app/user/user.service.ts index bf2855bbe..d3d9ea03b 100644 --- a/manager2/src/app/user/user.service.ts +++ b/manager2/src/app/user/user.service.ts @@ -1,5 +1,5 @@ import { Injectable } from '@angular/core'; -import { HttpClient, HttpHeaders } from '@angular/common/http'; +import { HttpClient, HttpHeaders, HttpParams } from '@angular/common/http'; import { environment } from '../../environments/environment'; import { AuthService } from '../auth/auth.service'; import { Observable } from 'rxjs'; @@ -132,9 +132,12 @@ export class UserService { httpOptions) } - expire(userId, sendmail=false) { + expire(userId, sendmail=true) { + let params = new HttpParams() + params.append("sendmail", sendmail.toString()) + let httpOptions = { - params: {sendmail: sendmail} + params: params //headers: new HttpHeaders({ // 'x-api-key': localStorage.getItem('my-api-key') //}), From 215f343552cd25221c4b875811f7647459d741a2 Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 15:01:34 +0000 Subject: [PATCH 15/29] more stuff --- .../my-expire-confirm.component.html | 20 ++++++++----------- .../my-expire-confirm.component.spec.ts | 2 +- .../my-expire-confirm.component.ts | 7 +++++++ manager2/src/app/user/user.component.html | 18 +++++++++-------- manager2/src/app/user/user.component.ts | 13 +++++++----- manager2/src/app/user/user.service.ts | 8 ++++++-- routes/conf.js | 7 ++++--- routes/users.js | 8 +++++++- 8 files changed, 51 insertions(+), 32 deletions(-) diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html index dcc2e145c..adc74327e 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html @@ -1,15 +1,11 @@ -
-
- + +
+
+ +
-
-
- - -
-
- - -
+
+ +
diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.spec.ts b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.spec.ts index fb0b57c5c..4f6ae56a1 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.spec.ts +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.spec.ts @@ -1,6 +1,6 @@ import { async, ComponentFixture, TestBed } from '@angular/core/testing'; -import { MyDeleteConfirmComponent } from './my-delete-confirm.component'; +import { MyExpireConfirmComponent } from './my-expire-confirm.component'; describe('MyExpireConfirmComponent', () => { let component: MyExpireConfirmComponent; diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts index 7665e2246..61454079f 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts @@ -13,10 +13,17 @@ export class MyExpireConfirmComponent implements OnInit { @Input() onConfirm: any + @Input() + mailer: string + + @Input() + data: any + constructor() { } ngOnInit() { this.sendmail = true; + console.log(this.mailer) } startExpire(){ diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index f9cacd53b..ac51fe185 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -1,6 +1,6 @@
-
+

{{user.uid}}

@@ -8,16 +8,18 @@

{{user.uid}}

Expires: {{date_convert(user.expiration)}}
Support available at {{config.support}}
-
+
-
-
- + -
-
- +
+ +
+
+
+
+
diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index e379e06d4..704e9fe59 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -314,6 +314,7 @@ export class UserComponent implements OnInit { this.delete_secondary_group = this.delete_secondary_group.bind(this); this.db_delete = this.db_delete.bind(this); this.delete = this.delete.bind(this); + this.expire = this.expire.bind(this); this.subscribe = this.subscribe.bind(this); this.unsubscribe = this.unsubscribe.bind(this); this.initUser = this.initUser.bind(this); @@ -323,11 +324,10 @@ export class UserComponent implements OnInit { resp => { this.config = resp; this.initUser(); + console.log(resp) }, err => console.log('failed to get config') ) - - } _compareName(a,b) { @@ -586,7 +586,7 @@ export class UserComponent implements OnInit { ) } - expire(sendmail=true) { + expire(sendmail: boolean) { this.userService.expire(this.user.uid, sendmail).subscribe( resp => { this.msg = resp['message']; @@ -597,6 +597,7 @@ export class UserComponent implements OnInit { } extend() { + this.userService.extend(this.user.uid, this.user.regkey).subscribe( resp => { this.msg = resp['message']; @@ -811,13 +812,14 @@ export class UserComponent implements OnInit { } this.grp_err_msg = ''; this.grp_success_msg = ''; + this.groupService.add(this.new_group).subscribe( resp => { this.grp_success_msg = 'Group was created'; this.groupService.list().subscribe( resp => { - this._loadGroups(resp); this.user.group = this.new_group.name; + this._loadGroups(resp); }, err => console.log('failed to get groups') ) @@ -832,7 +834,8 @@ export class UserComponent implements OnInit { unlock() { this.userService.unlock(this.user.uid).subscribe( resp => { - this.msg = resp['message']; + this.user.is_locked = false; + this._flashMessagesService.show('User unlocked', { cssClass: 'alert-success', timeout: 5000 }); }, err => console.log('failed to unlock user') ) diff --git a/manager2/src/app/user/user.service.ts b/manager2/src/app/user/user.service.ts index d3d9ea03b..4fd1e4e99 100644 --- a/manager2/src/app/user/user.service.ts +++ b/manager2/src/app/user/user.service.ts @@ -132,9 +132,12 @@ export class UserService { httpOptions) } - expire(userId, sendmail=true) { + expire(userId: string, sendmail: boolean) { + let params = new HttpParams() - params.append("sendmail", sendmail.toString()) + if (!sendmail) { + params = params.append("sendmail", "false") + } let httpOptions = { params: params @@ -142,6 +145,7 @@ export class UserService { // 'x-api-key': localStorage.getItem('my-api-key') //}), }; + return this.http.get( environment.apiUrl + '/user/' + userId + '/expire', httpOptions) diff --git a/routes/conf.js b/routes/conf.js index 206ecd615..7dd704989 100644 --- a/routes/conf.js +++ b/routes/conf.js @@ -2,8 +2,8 @@ const express = require('express'); var router = express.Router(); -// const winston = require('winston'); -// const logger = winston.loggers.get('gomngr'); +const winston = require('winston'); +const logger = winston.loggers.get('gomngr'); const dbsrv = require('../core/db.service.js'); @@ -26,7 +26,8 @@ router.get('/conf', async function(req, res){ 'duration': Object.keys(my_conf.duration), 'project': my_conf.project, 'registration': my_conf.registration || [], - 'reservation': my_conf.reservation + 'reservation': my_conf.reservation, + 'mailer': my_conf.general.mailer }; // should be check on each call diff --git a/routes/users.js b/routes/users.js index efc780620..50bb36c8f 100644 --- a/routes/users.js +++ b/routes/users.js @@ -944,7 +944,7 @@ router.get('/user/:id/expire', async function(req, res){ return; } - let sendmail = req.query.regkey === "false" ? false : true; + let sendmail = req.query.sendmail === "false" ? false : true; let session_user = null; let isadmin = false; @@ -960,11 +960,13 @@ router.get('/user/:id/expire', async function(req, res){ if (!session_user){ res.status(404).send({message: 'User not found'}); + res.end(); return; } let user = await dbsrv.mongo_users().findOne({uid: req.params.id}); if (!user){ res.status(404).send({message: 'User not found'}); + res.end(); return; } @@ -1941,12 +1943,16 @@ router.get('/user/:id/unlock', async function(req, res){ await idsrv.user_unlock(user.uid) } catch(err) { res.send({message: 'Error during operation'}); + res.end(); return; } + res.send({message: 'User was unlocked'}); + res.end(); return; } else { res.status(401).send({message: 'Not authorized'}); + res.end(); return; } }); From 930469c4286eb888cce5faa5002dca4ab3146f15 Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 16:05:32 +0100 Subject: [PATCH 16/29] Remove logs --- .../src/app/my-expire-confirm/my-expire-confirm.component.ts | 3 --- manager2/src/app/user/user.component.ts | 1 - routes/conf.js | 4 ++-- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts index 61454079f..bd3826cf1 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts @@ -16,9 +16,6 @@ export class MyExpireConfirmComponent implements OnInit { @Input() mailer: string - @Input() - data: any - constructor() { } ngOnInit() { diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index 704e9fe59..4d3229cc2 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -324,7 +324,6 @@ export class UserComponent implements OnInit { resp => { this.config = resp; this.initUser(); - console.log(resp) }, err => console.log('failed to get config') ) diff --git a/routes/conf.js b/routes/conf.js index 7dd704989..e52089e2c 100644 --- a/routes/conf.js +++ b/routes/conf.js @@ -2,8 +2,8 @@ const express = require('express'); var router = express.Router(); -const winston = require('winston'); -const logger = winston.loggers.get('gomngr'); +//const winston = require('winston'); +//const logger = winston.loggers.get('gomngr'); const dbsrv = require('../core/db.service.js'); From df3bc03a2d076055ff3baf3959b742811f020055 Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 16:21:42 +0100 Subject: [PATCH 17/29] Update buttons --- .../admin/databases/databases.component.html | 4 +- .../app/admin/groups/groups.component.html | 6 +- .../admin/messages/messages.component.html | 10 ++-- .../app/admin/project/project.component.html | 8 +-- .../admin/projects/projects.component.html | 8 +-- .../src/app/admin/stats/stats.component.html | 6 +- .../admin/websites/websites.component.html | 2 +- manager2/src/app/app.component.html | 4 +- .../src/app/auth/login/login.component.html | 12 ++-- .../app/auth/register/register.component.html | 4 +- .../my-delete-confirm.component.html | 6 +- .../my-expire-confirm.component.html | 6 +- manager2/src/app/plugin/plugin.component.ts | 6 +- .../src/app/project/project.component.html | 16 +++--- manager2/src/app/tps/tps.component.html | 8 +-- .../app/user/projects/projects.component.html | 2 +- manager2/src/app/user/user.component.html | 56 +++++++++---------- manager2/src/app/utils/tag/tag.component.html | 4 +- 18 files changed, 84 insertions(+), 84 deletions(-) diff --git a/manager2/src/app/admin/databases/databases.component.html b/manager2/src/app/admin/databases/databases.component.html index bdab8f0ae..242420651 100644 --- a/manager2/src/app/admin/databases/databases.component.html +++ b/manager2/src/app/admin/databases/databases.component.html @@ -77,7 +77,7 @@

Declare existing database (no creation)

- +
@@ -109,7 +109,7 @@

Change database owner

- +
diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index f98b0d6d1..b8c43c448 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -17,7 +17,7 @@

Group creation

- +
@@ -54,7 +54,7 @@

Users in group {{selectedGroup.name}}

- +
@@ -96,7 +96,7 @@
Group members
- +
diff --git a/manager2/src/app/admin/messages/messages.component.html b/manager2/src/app/admin/messages/messages.component.html index ab3002a55..3fcfb2d8a 100644 --- a/manager2/src/app/admin/messages/messages.component.html +++ b/manager2/src/app/admin/messages/messages.component.html @@ -15,7 +15,7 @@

Send message to all users


-
@@ -56,11 +56,11 @@

Send message to all users

- - +
{{msg}}
{{error_msg}}
@@ -77,7 +77,7 @@

Send message to all users

- +
@@ -110,7 +110,7 @@

Send message to all users

- +
diff --git a/manager2/src/app/admin/project/project.component.html b/manager2/src/app/admin/project/project.component.html index e15f55a44..1e7cdfa73 100644 --- a/manager2/src/app/admin/project/project.component.html +++ b/manager2/src/app/admin/project/project.component.html @@ -5,7 +5,7 @@

Project {{project.id}}

- +
@@ -75,7 +75,7 @@

Project {{project.id}}

- +
@@ -96,7 +96,7 @@

Project {{project.id}}

- +
@@ -107,7 +107,7 @@

Project {{project.id}}

- +
diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index 56a3be520..d7fca206e 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -79,7 +79,7 @@

Project creation

- +
@@ -130,9 +130,9 @@

Pending projects

{{pending.orga}}
- - - + + +
diff --git a/manager2/src/app/admin/stats/stats.component.html b/manager2/src/app/admin/stats/stats.component.html index 91b18ad16..74883db27 100644 --- a/manager2/src/app/admin/stats/stats.component.html +++ b/manager2/src/app/admin/stats/stats.component.html @@ -1,7 +1,7 @@
Status
- @@ -11,7 +11,7 @@
Email domain
- @@ -23,7 +23,7 @@
{{extra.key}}
- diff --git a/manager2/src/app/admin/websites/websites.component.html b/manager2/src/app/admin/websites/websites.component.html index 7d6542174..dae393064 100644 --- a/manager2/src/app/admin/websites/websites.component.html +++ b/manager2/src/app/admin/websites/websites.component.html @@ -66,7 +66,7 @@

Change web site owner

- +
diff --git a/manager2/src/app/app.component.html b/manager2/src/app/app.component.html index d08aed8d1..b3619a1ef 100644 --- a/manager2/src/app/app.component.html +++ b/manager2/src/app/app.component.html @@ -13,8 +13,8 @@ Do you wish to logout?
- - + +
diff --git a/manager2/src/app/auth/login/login.component.html b/manager2/src/app/auth/login/login.component.html index 2b743a901..111a69ec1 100644 --- a/manager2/src/app/auth/login/login.component.html +++ b/manager2/src/app/auth/login/login.component.html @@ -15,12 +15,12 @@

Sign in to access your account

-
{{msg}}
- Lost your password? + Lost your password?
@@ -42,7 +42,7 @@
- +
@@ -51,7 +51,7 @@
- +
@@ -59,7 +59,7 @@
- + @@ -72,7 +72,7 @@

or

diff --git a/manager2/src/app/auth/register/register.component.html b/manager2/src/app/auth/register/register.component.html index 54448f1b6..846bbe7df 100644 --- a/manager2/src/app/auth/register/register.component.html +++ b/manager2/src/app/auth/register/register.component.html @@ -97,10 +97,10 @@
- +
- +
{{msg}}
diff --git a/manager2/src/app/my-delete-confirm/my-delete-confirm.component.html b/manager2/src/app/my-delete-confirm/my-delete-confirm.component.html index 1a6f23ebc..e3814fa8f 100644 --- a/manager2/src/app/my-delete-confirm/my-delete-confirm.component.html +++ b/manager2/src/app/my-delete-confirm/my-delete-confirm.component.html @@ -1,6 +1,6 @@
- +
@@ -14,8 +14,8 @@
- - + +
diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html index adc74327e..92b77dade 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.html @@ -1,11 +1,11 @@ - +
- - + +
diff --git a/manager2/src/app/plugin/plugin.component.ts b/manager2/src/app/plugin/plugin.component.ts index f5b75ca67..533f9014c 100644 --- a/manager2/src/app/plugin/plugin.component.ts +++ b/manager2/src/app/plugin/plugin.component.ts @@ -8,7 +8,7 @@ import { BasePluginComponent } from './base-plugin/base-plugin.component'; template: `
-
+
@@ -34,7 +34,7 @@ export class GomailPluginComponent extends BasePluginComponent implements OnInit
Using this button, you can set your home and groups in data-access for easy access
-

+

{{data.api_status}}
{{data.user_status}}
{{data.my}}
@@ -72,7 +72,7 @@ export class GalaxyPluginComponent extends BasePluginComponent implements OnInit
Loading...
{{data.api_status}}
-
+
{{data.my}}
Current project(s) :

diff --git a/manager2/src/app/project/project.component.html b/manager2/src/app/project/project.component.html index b4b6bd317..b890bb2d4 100644 --- a/manager2/src/app/project/project.component.html +++ b/manager2/src/app/project/project.component.html @@ -46,8 +46,8 @@

Request a new project creation

- - + +
@@ -55,7 +55,7 @@

Request a new project creation

- +
@@ -113,8 +113,8 @@

Projects

@@ -145,7 +145,7 @@

Management console

- +
@@ -155,7 +155,7 @@

Management console

- +
@@ -228,7 +228,7 @@

Project overview

- +
{{date_convert(project.created_at)}} {{date_convert(project.expire)}} - - + +
Expiration  {{selectedProject.expire | date}}   {{selectedProject.expire | date}}  
Financing  diff --git a/manager2/src/app/tps/tps.component.html b/manager2/src/app/tps/tps.component.html index 3f80d5768..67524bec5 100644 --- a/manager2/src/app/tps/tps.component.html +++ b/manager2/src/app/tps/tps.component.html @@ -92,9 +92,9 @@

Reservation
- - - + + + @@ -150,7 +150,7 @@

New reservation

- +
{{msg}}
{{errmsg}}
diff --git a/manager2/src/app/user/projects/projects.component.html b/manager2/src/app/user/projects/projects.component.html index 4b7fa25fa..4e980df07 100644 --- a/manager2/src/app/user/projects/projects.component.html +++ b/manager2/src/app/user/projects/projects.component.html @@ -38,7 +38,7 @@
- +
diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index ac51fe185..244f6fd66 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -9,12 +9,12 @@

{{user.uid}}

Support available at {{config.support}}
- - - + + +
- +
@@ -43,19 +43,19 @@

{{user.uid}}

  • - +
  • - +
  • - +
  • - +
  • - +
@@ -141,7 +141,7 @@

Information

-
@@ -239,7 +239,7 @@

Information

- + @@ -249,7 +249,7 @@

Information

- + @@ -276,7 +276,7 @@

Note

- +
@@ -289,11 +289,11 @@

Authentication

Using Webauthn key - + {{u2f}}
- + {{secret}}
@@ -305,7 +305,7 @@

API Key

{{user.apikey}} - +
@@ -340,7 +340,7 @@

Update password

- + @@ -370,7 +370,7 @@

Secondary groups

- +
@@ -428,7 +428,7 @@

Databases

- +
@@ -466,7 +466,7 @@

Add public SSH key

- +
@@ -485,12 +485,12 @@

SSH keys

{{new_key_message}}
- +

Download

- - - + + + @@ -527,7 +527,7 @@

Web sites

- +
@@ -591,7 +591,7 @@

Send message to user

- +
@@ -621,8 +621,8 @@

Group creation

- - + +
diff --git a/manager2/src/app/utils/tag/tag.component.html b/manager2/src/app/utils/tag/tag.component.html index bc73aedab..1c9918b09 100644 --- a/manager2/src/app/utils/tag/tag.component.html +++ b/manager2/src/app/utils/tag/tag.component.html @@ -8,7 +8,7 @@
- +
@@ -16,6 +16,6 @@
- +
\ No newline at end of file From d2b3144bca6764b09a632fff46d7f162c5ad17ee Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 16:37:14 +0100 Subject: [PATCH 18/29] More button stuff --- manager2/src/app/admin/databases/databases.component.html | 4 ++-- manager2/src/app/admin/groups/groups.component.html | 4 ++-- manager2/src/app/admin/project/project.component.html | 2 +- manager2/src/app/admin/projects/projects.component.html | 8 ++++---- manager2/src/app/admin/websites/websites.component.html | 6 +++--- manager2/src/app/project/project.component.html | 2 +- manager2/src/app/user/projects/projects.component.html | 2 +- manager2/src/app/user/user.component.html | 2 +- 8 files changed, 15 insertions(+), 15 deletions(-) diff --git a/manager2/src/app/admin/databases/databases.component.html b/manager2/src/app/admin/databases/databases.component.html index 242420651..99af27c83 100644 --- a/manager2/src/app/admin/databases/databases.component.html +++ b/manager2/src/app/admin/databases/databases.component.html @@ -31,8 +31,8 @@

Databases

 - {{database.name}} - {{database.owner}} + {{database.name}} + {{database.owner}} {{database.type}} {{database.host}} diff --git a/manager2/src/app/admin/groups/groups.component.html b/manager2/src/app/admin/groups/groups.component.html index b8c43c448..0cede24f8 100644 --- a/manager2/src/app/admin/groups/groups.component.html +++ b/manager2/src/app/admin/groups/groups.component.html @@ -88,7 +88,7 @@
Group members
 - {{user.uid}} + {{user.uid}} {{user.email}} x x @@ -136,7 +136,7 @@

Groups

 - {{group.name}} + {{group.name}} {{group.gid}} {{group.owner}} {{group.description}} diff --git a/manager2/src/app/admin/project/project.component.html b/manager2/src/app/admin/project/project.component.html index 1e7cdfa73..a39b2cfcf 100644 --- a/manager2/src/app/admin/project/project.component.html +++ b/manager2/src/app/admin/project/project.component.html @@ -123,7 +123,7 @@

Project {{project.id}}

 - {{user_l.uid}} + {{user_l.uid}} {{user_l.email}} x x diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index d7fca206e..b230b7f2c 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -184,8 +184,8 @@

All projects

 - {{project.id}} - {{project.owner}} + {{project.id}} + {{project.owner}} {{project.group}} {{project.path}} {{project.current_size}}/{{project.size}} @@ -249,8 +249,8 @@

Expired [{{expired_projects.length}}]

 - {{project.id}} - {{project.owner}} + {{project.id}} + {{project.owner}} {{project.group}} {{project.path}} {{project.current_size}}/{{project.size}} diff --git a/manager2/src/app/admin/websites/websites.component.html b/manager2/src/app/admin/websites/websites.component.html index dae393064..7280e5af4 100644 --- a/manager2/src/app/admin/websites/websites.component.html +++ b/manager2/src/app/admin/websites/websites.component.html @@ -1,4 +1,4 @@ -
{{msg}}
+
{{msg}}

Web sites

@@ -32,8 +32,8 @@

Web sites

- {{web.name}} - {{web.owner}} + {{web.name}} + {{web.owner}} {{web.url}} {{web.description}} diff --git a/manager2/src/app/project/project.component.html b/manager2/src/app/project/project.component.html index b890bb2d4..a4fab2b32 100644 --- a/manager2/src/app/project/project.component.html +++ b/manager2/src/app/project/project.component.html @@ -92,7 +92,7 @@

Projects

 - {{project.id}} + {{project.id}} {{project.owner}} {{project.group}} {{project.path}} diff --git a/manager2/src/app/user/projects/projects.component.html b/manager2/src/app/user/projects/projects.component.html index 4e980df07..2f83508f6 100644 --- a/manager2/src/app/user/projects/projects.component.html +++ b/manager2/src/app/user/projects/projects.component.html @@ -52,7 +52,7 @@ - {{project.id}} + {{project.id}} x x diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 244f6fd66..4d9093c3a 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -288,7 +288,7 @@

Authentication

- Using Webauthn key + Using Webauthn key {{u2f}}
From 435434ba86e2d87d5a406da8a5654a508cd2ac18 Mon Sep 17 00:00:00 2001 From: mboudet Date: Wed, 31 Jan 2024 17:42:10 +0100 Subject: [PATCH 19/29] Remove log --- .../src/app/my-expire-confirm/my-expire-confirm.component.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts index bd3826cf1..3a802b947 100644 --- a/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts +++ b/manager2/src/app/my-expire-confirm/my-expire-confirm.component.ts @@ -20,7 +20,6 @@ export class MyExpireConfirmComponent implements OnInit { ngOnInit() { this.sendmail = true; - console.log(this.mailer) } startExpire(){ From 49de64f61134c85bc4568d849ff51afd7fde7078 Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 1 Feb 2024 15:10:10 +0100 Subject: [PATCH 20/29] otp disable --- app.js | 1 + manager2/src/app/user/user.component.html | 3 ++- manager2/src/app/user/user.component.ts | 11 ++++++++ manager2/src/app/user/user.service.ts | 12 +++++++++ routes/auth.js | 31 ++++++++++++++++++++--- 5 files changed, 53 insertions(+), 5 deletions(-) diff --git a/app.js b/app.js index 1833f721f..eabee4092 100644 --- a/app.js +++ b/app.js @@ -378,6 +378,7 @@ app.post('/u2f/register/:id', auth); app.get('/u2f/auth/:id', auth); app.post('/u2f/auth/:id', auth); app.post('/otp/register/:id', auth); +app.delete('/otp/register/:id', auth); app.post('/otp/check/:id', auth); app.get('/mail/auth/:id', auth); app.post('/mail/auth/:id', auth); diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 4d9093c3a..4624e0b7c 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -293,7 +293,8 @@

Authentication

{{u2f}}
- + + {{secret}}
diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index 4d3229cc2..6ca192e7c 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -751,6 +751,17 @@ export class UserComponent implements OnInit { ) } + remove_otp() { + this.userService.otpRemove(this.user.uid).subscribe( + resp => { + this.msg = resp['message']; + }, + err => { + this.err_msg = err.error.message + } + ) + } + add_to_project() { this.add_to_project_msg = ''; this.add_to_project_error_msg = ''; diff --git a/manager2/src/app/user/user.service.ts b/manager2/src/app/user/user.service.ts index 4fd1e4e99..402896e5d 100644 --- a/manager2/src/app/user/user.service.ts +++ b/manager2/src/app/user/user.service.ts @@ -79,6 +79,18 @@ export class UserService { httpOptions) } + otpRemove(userId: string) { + let httpOptions = { + //headers: new HttpHeaders({ + // 'x-api-key': localStorage.getItem('my-api-key') + //}), + }; + return this.http.delete( + environment.apiUrl + '/otp/register/' + userId, + {}, + httpOptions) + } + delete(userId: string, message: string, sendmail: boolean) { // console.log(userId, message); let httpOptions = { diff --git a/routes/auth.js b/routes/auth.js index c909b8415..04183493a 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -231,7 +231,7 @@ router.post('/u2f/register/:id', async function(req, res) { if (user.u2f && user.u2f.challenge === challenge) { await dbsrv.mongo_users().updateOne({uid: req.params.id},{'$set': {'u2f.key': key, 'u2f.challenge': null}}); - return res.send({key: key}); + return res.send({key: key}); } } catch(err) { logger.error('u2f registration error'); @@ -259,7 +259,30 @@ router.post('/otp/register/:id', async function(req, res) { } res.send({secret,imageUrl}); }); - + +}); + +router.delete('/otp/register/:id', async function(req, res) { + let user = await dbsrv.mongo_users().findOne({uid: req.params.id}); + + let adminuser = null; + let isadmin = false; + try { + adminuser = await dbsrv.mongo_users().findOne({_id: req.locals.logInfo.id}); + isadmin = await rolsrv.is_admin(adminuser); + } catch(e) { + logger.error(e); + res.status(404).send({message: 'User session not found'}); + res.end(); + return; + } + + if(!user || !req.locals.logInfo.id || (req.locals.logInfo.id.toString() != user._id.toString() && !isadmin)){ + return res.status(401).send({message: 'You need to login first'}); + } + + await dbsrv.mongo_users().updateOne({uid: req.params.id},{'$set': {'otp': null}}); + res.send({message: 'OTP removed'}); }); router.post('/otp/check/:id', async function(req, res) { @@ -296,7 +319,7 @@ router.delete('/u2f/register/:id', async function(req, res) { return res.status(401).send({message: 'You need to login first'}); } await dbsrv.mongo_users().updateOne({uid: req.params.id},{'$set': {'u2f.key': null, 'u2f.challenge': null}}); - return res.sendStatus(200); + return res.sendStatus(200); }); router.get('/auth', async function(req, res) { @@ -390,7 +413,7 @@ router.post('/auth/:id', async function(req, res) { res.end(); return; } - + let is_locked = await idsrv.user_locked(user.uid); if (is_locked) { let remains = await idsrv.user_lock_remaining_time(user.uid); From 401c7358fa7fd308c0842d23e409f6caeeb604b8 Mon Sep 17 00:00:00 2001 From: mboudet Date: Thu, 1 Feb 2024 16:47:10 +0000 Subject: [PATCH 21/29] Fix layout and typos --- manager2/src/app/auth/login/login.component.html | 10 +++++----- .../src/app/auth/register/register.component.html | 4 ++-- manager2/src/app/user/user.component.html | 10 +++++++--- manager2/src/app/user/user.component.ts | 11 ++++++++--- manager2/src/app/user/user.service.ts | 1 - routes/auth.js | 2 +- 6 files changed, 23 insertions(+), 15 deletions(-) diff --git a/manager2/src/app/auth/login/login.component.html b/manager2/src/app/auth/login/login.component.html index 111a69ec1..c2a2189c3 100644 --- a/manager2/src/app/auth/login/login.component.html +++ b/manager2/src/app/auth/login/login.component.html @@ -15,12 +15,12 @@

Sign in to access your account

-
{{msg}}
- Lost your password? + Lost your password?
@@ -42,7 +42,7 @@
- +
@@ -59,7 +59,7 @@ - + @@ -72,7 +72,7 @@

or

diff --git a/manager2/src/app/auth/register/register.component.html b/manager2/src/app/auth/register/register.component.html index 846bbe7df..1a3dad9c0 100644 --- a/manager2/src/app/auth/register/register.component.html +++ b/manager2/src/app/auth/register/register.component.html @@ -97,10 +97,10 @@
- +
- +
{{msg}}
diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 4624e0b7c..0cf6b4798 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -138,6 +138,8 @@

Information

+
{{grp_success_msg}}
+
{{grp_err_msg}}
@@ -293,9 +295,11 @@

Authentication

{{u2f}}
- - + + {{secret}} + +
@@ -622,7 +626,7 @@

Group creation

- +
diff --git a/manager2/src/app/user/user.component.ts b/manager2/src/app/user/user.component.ts index 6ca192e7c..1899db36d 100644 --- a/manager2/src/app/user/user.component.ts +++ b/manager2/src/app/user/user.component.ts @@ -161,6 +161,8 @@ export class UserComponent implements OnInit { // Error messages msg: string err_msg: string + otp_msg: string + otp_err_msg: string add_to_project_msg: string add_to_project_error_msg: string @@ -252,6 +254,8 @@ export class UserComponent implements OnInit { this.grp_err_msg = '' this.otp = null + this.otp_msg = "" + this.otp_err_msg = "" } date_convert = function timeConverter(tsp){ @@ -746,7 +750,7 @@ export class UserComponent implements OnInit { this.otp = resp['imageUrl']; }, err => { - console.error(err) + this.otp_err_msg = err.error.message } ) } @@ -754,10 +758,11 @@ export class UserComponent implements OnInit { remove_otp() { this.userService.otpRemove(this.user.uid).subscribe( resp => { - this.msg = resp['message']; + this.otp_msg = resp['message']; + this.user.otp = {}; }, err => { - this.err_msg = err.error.message + this.otp_err_msg = err.error.message } ) } diff --git a/manager2/src/app/user/user.service.ts b/manager2/src/app/user/user.service.ts index 402896e5d..0993567b5 100644 --- a/manager2/src/app/user/user.service.ts +++ b/manager2/src/app/user/user.service.ts @@ -87,7 +87,6 @@ export class UserService { }; return this.http.delete( environment.apiUrl + '/otp/register/' + userId, - {}, httpOptions) } diff --git a/routes/auth.js b/routes/auth.js index 04183493a..4357e6e83 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -281,7 +281,7 @@ router.delete('/otp/register/:id', async function(req, res) { return res.status(401).send({message: 'You need to login first'}); } - await dbsrv.mongo_users().updateOne({uid: req.params.id},{'$set': {'otp': null}}); + await dbsrv.mongo_users().updateOne({uid: req.params.id},{'$set': {'otp.secret': null}}); res.send({message: 'OTP removed'}); }); From 07169e79e48cfa0e16207677481aec8207c82d9b Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 2 Feb 2024 14:40:15 +0100 Subject: [PATCH 22/29] Changelog --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 662bd8e71..34d82d60e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,15 @@ * Various security PR merged * Add ordering to most admin tables * Add user registration date to the 'Pending admin approval' and 'Pending email approval' table, and remove user ID +* Updated buttons to make them more visible +* Allow group creation on the user page +* Set group owner as 'optional' +* Allow otp removal for users and admins +* Allow user expiration without sending a mail for gomail +* Allow admin 'unlock' of a locked (3 time wrong login) account +* Fix tag creation crash +* Allow a pending project edition without validating it. +* Add optional description to group ## 1.4.28 From bcfb4db9dbfb74b804f6a31f84d75cd8d05dffb5 Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 2 Feb 2024 14:54:26 +0100 Subject: [PATCH 23/29] 1.4.29 --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2f7eda95a..3e2285655 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "go-mngr", - "version": "1.4.27", + "version": "1.4.29", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "go-mngr", - "version": "1.4.27", + "version": "1.4.29", "dependencies": { "@angular/cdk": "^10.2.6", "@webauthn/server": "^0.1.3", diff --git a/package.json b/package.json index 75dbdc249..bea56c6a6 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "go-mngr", - "version": "1.4.27", + "version": "1.4.29", "private": true, "scripts": { "start": "node ./bin/www" From 5a95af423c2a514b17cd34534e6c277ddb7088bc Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 2 Feb 2024 15:28:24 +0100 Subject: [PATCH 24/29] Lint --- routes/groups.js | 4 ++-- routes/projects.js | 6 +++--- routes/users.js | 7 +++---- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/routes/groups.js b/routes/groups.js index 34ada4760..f9ad5b573 100644 --- a/routes/groups.js +++ b/routes/groups.js @@ -137,7 +137,7 @@ router.put('/group/:id', async function(req, res){ return; } - let description = req.body.description + let description = req.body.description; let group = await dbsrv.mongo_groups().findOne({name: req.params.id}); if(! group) { @@ -193,7 +193,7 @@ router.post('/group/:id', async function(req, res){ return; } - let description = req.body.description + let description = req.body.description; let group = await dbsrv.mongo_groups().findOne({name: req.params.id }); if(group) { diff --git a/routes/projects.js b/routes/projects.js index 7938c0810..5c27428f8 100644 --- a/routes/projects.js +++ b/routes/projects.js @@ -214,9 +214,9 @@ router.put('/project', async function(req, res){ let project = await dbsrv.mongo_pending_projects().findOne({'uuid': req.body.uuid}); if (!project){ - res.status(403).send({message: 'Project does not exist'}); - res.end(); - return; + res.status(403).send({message: 'Project does not exist'}); + res.end(); + return; } let related_project = await dbsrv.mongo_projects().findOne({'id': req.body.id}); diff --git a/routes/users.js b/routes/users.js index 50bb36c8f..13bc3f98b 100644 --- a/routes/users.js +++ b/routes/users.js @@ -944,7 +944,7 @@ router.get('/user/:id/expire', async function(req, res){ return; } - let sendmail = req.query.sendmail === "false" ? false : true; + let sendmail = req.query.sendmail === 'false' ? false : true; let session_user = null; let isadmin = false; @@ -1001,7 +1001,7 @@ router.get('/user/:id/expire', async function(req, res){ // Now remove from mailing list try { // eslint-disable-next-line no-unused-vars - await notif.remove(user.email, sendmail=sendmail); + await notif.remove(user.email, sendmail); await plgsrv.run_plugins('deactivate', user.uid, user, session_user.uid); res.send({message: 'Operation in progress', fid: fid, error: []}); res.end(); @@ -1938,9 +1938,8 @@ router.get('/user/:id/unlock', async function(req, res){ session_user.is_admin = isadmin; if(session_user.is_admin){ - let fid = new Date().getTime(); try { - await idsrv.user_unlock(user.uid) + await idsrv.user_unlock(user.uid); } catch(err) { res.send({message: 'Error during operation'}); res.end(); From 4b69cb8d1d9f153b003ec7a43c7b429b97e813cc Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 2 Feb 2024 15:39:03 +0100 Subject: [PATCH 25/29] More lint --- core/notif_gomail.js | 4 ++-- core/notif_listmonk.js | 1 + core/notif_nodemailer.js | 1 + core/project.service.js | 1 - core/user.service.js | 2 +- 5 files changed, 5 insertions(+), 4 deletions(-) diff --git a/core/notif_gomail.js b/core/notif_gomail.js index d81210d6e..50bb62682 100644 --- a/core/notif_gomail.js +++ b/core/notif_gomail.js @@ -157,10 +157,10 @@ module.exports = { 'email': [email], 'message': CONFIG.gomail.optout_message, 'message_html': CONFIG.gomail.optout_message_html, - } + }; if (!sendmail){ - data['skip'] = true + data['skip'] = true; } try { diff --git a/core/notif_listmonk.js b/core/notif_listmonk.js index f7ed5df3c..c4cb61cf1 100644 --- a/core/notif_listmonk.js +++ b/core/notif_listmonk.js @@ -350,6 +350,7 @@ module.exports = { return; }, + // eslint-disable-next-line @typescript-eslint/no-unused-vars remove: async function(email, sendmail=true) { if(email===undefined ||email===null || email=='' || ! mail_set) { return; diff --git a/core/notif_nodemailer.js b/core/notif_nodemailer.js index dfc2d822a..1506db923 100644 --- a/core/notif_nodemailer.js +++ b/core/notif_nodemailer.js @@ -101,6 +101,7 @@ module.exports = { }, // todo: should be factorized with add, as there is only small difference + // eslint-disable-next-line @typescript-eslint/no-unused-vars remove: async function(email, sendmail=true) { if (CONFIG.nodemailer.list) { if(email===undefined ||email===null || email=='' || ! mail_set) { diff --git a/core/project.service.js b/core/project.service.js index 7c0309604..f75e259ee 100644 --- a/core/project.service.js +++ b/core/project.service.js @@ -77,7 +77,6 @@ async function edit_project(project, uuid, action_owner = 'auto') { logger.info('Editing Project ' + project.id); project.expiration_notif = 0; await dbsrv.mongo_pending_projects().updateOne({'uuid': uuid}, {'$set': project}); - let fid = new Date().getTime(); await dbsrv.mongo_events().insertOne({'owner': action_owner, 'date': new Date().getTime(), 'action': 'update project ' + project.id , 'logs': []}); } diff --git a/core/user.service.js b/core/user.service.js index ccb2e08c5..d4a7a4914 100644 --- a/core/user.service.js +++ b/core/user.service.js @@ -192,7 +192,7 @@ async function create_user(user, action_owner = 'auto') { } if(!user.registration) { - user.registration = new Date().getTime() + user.registration = new Date().getTime(); } user.loginShell = '/bin/bash'; From fd829886eb88b641a0395950c681634a825a5bfc Mon Sep 17 00:00:00 2001 From: mboudet Date: Fri, 2 Feb 2024 15:41:45 +0100 Subject: [PATCH 26/29] again --- core/notif_listmonk.js | 2 +- core/notif_nodemailer.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/notif_listmonk.js b/core/notif_listmonk.js index c4cb61cf1..d60d6677d 100644 --- a/core/notif_listmonk.js +++ b/core/notif_listmonk.js @@ -350,7 +350,7 @@ module.exports = { return; }, - // eslint-disable-next-line @typescript-eslint/no-unused-vars + // eslint-disable-next-line no-unused-vars remove: async function(email, sendmail=true) { if(email===undefined ||email===null || email=='' || ! mail_set) { return; diff --git a/core/notif_nodemailer.js b/core/notif_nodemailer.js index 1506db923..0afbf4e5b 100644 --- a/core/notif_nodemailer.js +++ b/core/notif_nodemailer.js @@ -101,7 +101,7 @@ module.exports = { }, // todo: should be factorized with add, as there is only small difference - // eslint-disable-next-line @typescript-eslint/no-unused-vars + // eslint-disable-next-line no-unused-vars remove: async function(email, sendmail=true) { if (CONFIG.nodemailer.list) { if(email===undefined ||email===null || email=='' || ! mail_set) { From e16c78d1abd93abc40aac85ddab78218e1607998 Mon Sep 17 00:00:00 2001 From: mboudet Date: Mon, 5 Feb 2024 17:48:06 +0100 Subject: [PATCH 27/29] Allow group creation from project tab --- .../admin/projects/projects.component.html | 29 +++++++++++++- .../app/admin/projects/projects.component.ts | 40 +++++++++++++++++++ manager2/src/app/user/user.component.html | 2 - 3 files changed, 68 insertions(+), 3 deletions(-) diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index b230b7f2c..e6bcbaef3 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -25,7 +25,7 @@

Project creation

-
+
@@ -276,3 +279,27 @@

Expired [{{expired_projects.length}}]

+ + + diff --git a/manager2/src/app/admin/projects/projects.component.ts b/manager2/src/app/admin/projects/projects.component.ts index 963931a54..02383a5bd 100644 --- a/manager2/src/app/admin/projects/projects.component.ts +++ b/manager2/src/app/admin/projects/projects.component.ts @@ -36,6 +36,7 @@ export class ProjectsComponent implements OnInit { groups: any[] all_users: any[] new_project: any + new_group: any day_time: number @@ -90,6 +91,11 @@ export class ProjectsComponent implements OnInit { description: '', access: 'Group', path: '' + }; + this.new_group = { + name: '', + owner: '', + description: '', } this.project_list(true); @@ -151,6 +157,9 @@ export class ProjectsComponent implements OnInit { if (!this.new_project.cpu || this.new_project.cpu == 0) { this.new_project.cpu = this.default_cpu; } + + this.new_group.owner = this.new_project.owner + this.new_group.name = "prj_" + tmpprojectid } @@ -331,4 +340,35 @@ export class ProjectsComponent implements OnInit { this.pending_msg = ""; this.pending_err_msg = ""; } + + addGroup(){ + if (this.new_group.name === '') { + return; + } + this.add_project_error_msg = ''; + this.add_project_msg = ''; + + this.groupService.add(this.new_group).subscribe( + resp => { + this.add_project_msg = 'Group was created'; + this.groupService.list().subscribe( + resp => { + this.new_project.group = this.new_group.name + this.groupService.list().subscribe( + resp => { + this.groups = resp; + }, + err => console.log('failed to get groups') + ); + }, + err => console.log('failed to get groups') + ) + }, + err => { + this.add_project_msg = ''; + this.add_project_error_msg = err.error.message; + } + ) + } + } diff --git a/manager2/src/app/user/user.component.html b/manager2/src/app/user/user.component.html index 0cf6b4798..74a7f2448 100644 --- a/manager2/src/app/user/user.component.html +++ b/manager2/src/app/user/user.component.html @@ -616,8 +616,6 @@

Send message to user

Group creation

-
{{grp_success_msg}}
-
{{grp_err_msg}}
From 06469d035af4ef52181559aca6fab2426788c28d Mon Sep 17 00:00:00 2001 From: mboudet Date: Tue, 6 Feb 2024 10:41:25 +0000 Subject: [PATCH 28/29] layout --- .../admin/projects/projects.component.html | 32 ++++++++++++------- .../app/admin/projects/projects.component.ts | 1 + 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/manager2/src/app/admin/projects/projects.component.html b/manager2/src/app/admin/projects/projects.component.html index e6bcbaef3..88afe0dcd 100644 --- a/manager2/src/app/admin/projects/projects.component.html +++ b/manager2/src/app/admin/projects/projects.component.html @@ -25,7 +25,7 @@

Project creation

-
+
+
+ +
@@ -81,12 +84,12 @@

Project creation

- - + +
- - + +
@@ -133,9 +136,8 @@

Pending projects

{{pending.orga}}
- - - + +
@@ -288,11 +290,17 @@

Expired [{{expired_projects.length}}]

Group creation

-
-
+ +
+
- +
+
+ +
+
+
diff --git a/manager2/src/app/admin/projects/projects.component.ts b/manager2/src/app/admin/projects/projects.component.ts index 02383a5bd..8f4504255 100644 --- a/manager2/src/app/admin/projects/projects.component.ts +++ b/manager2/src/app/admin/projects/projects.component.ts @@ -105,6 +105,7 @@ export class ProjectsComponent implements OnInit { this.groups = resp; if (this.groups.length > 0) { this.new_project.group = this.groups[0].name; + this.new_group.name = this.groups[0].name; } }, err => console.log('failed to get groups') From 8ae6d92141b1decbf55e60c5507029526891b322 Mon Sep 17 00:00:00 2001 From: mboudet Date: Tue, 6 Feb 2024 10:58:27 +0000 Subject: [PATCH 29/29] Fix active user issue for projects --- core/user.service.js | 5 +++++ routes/projects.js | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/core/user.service.js b/core/user.service.js index d4a7a4914..054189188 100644 --- a/core/user.service.js +++ b/core/user.service.js @@ -41,6 +41,7 @@ exports.remove_user_from_project = remove_user_from_project; exports.activate_user = activate_user; exports.new_password = new_password; exports.new_random = new_random; +exports.is_active = is_active; function new_random(len=16) { return crypto.randomBytes(32).toString('hex').slice(0,len); @@ -59,6 +60,10 @@ function new_password(len=16) { }); } +function is_active(user){ + return user.status === STATUS_ACTIVE; +} + // module functions function get_user_home(user) { if (!user.uid || user.uid.length <= 1) { diff --git a/routes/projects.js b/routes/projects.js index 5c27428f8..0cc21d9b2 100644 --- a/routes/projects.js +++ b/routes/projects.js @@ -136,6 +136,12 @@ router.post('/project', async function(req, res){ res.status(404).send({message: 'Owner not found'}); return; } + + if (!usrsrv.is_active(owner)) { + res.status(403).send({message: 'Owner account is not active'}); + return; + } + let project = await dbsrv.mongo_projects().findOne({'id': req.body.id}); if(project){ res.status(403).send({message: 'Not authorized or project already exists'});