Skip to content

Commit 1c57ccd

Browse files
author
Jamie Curnow
committed
Certificates ui section and permissions
1 parent 66e25e3 commit 1c57ccd

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

65 files changed

+1697
-109
lines changed

docker-compose.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
# WARNING: This is a DEVELOPMENT docker-compose file, it should not be used for production.
12
version: "2"
23
services:
34
app:
@@ -12,6 +13,7 @@ services:
1213
volumes:
1314
- ./data/letsencrypt:/etc/letsencrypt
1415
- .:/app
16+
- ./rootfs/etc/nginx:/etc/nginx
1517
working_dir: /app
1618
depends_on:
1719
- db

rootfs/etc/nginx/mime.types

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,96 @@
1+
types {
2+
text/html html htm shtml;
3+
text/css css;
4+
text/xml xml;
5+
image/gif gif;
6+
image/jpeg jpeg jpg;
7+
application/javascript js;
8+
application/atom+xml atom;
9+
application/rss+xml rss;
10+
11+
text/mathml mml;
12+
text/plain txt;
13+
text/vnd.sun.j2me.app-descriptor jad;
14+
text/vnd.wap.wml wml;
15+
text/x-component htc;
16+
17+
image/png png;
18+
image/svg+xml svg svgz;
19+
image/tiff tif tiff;
20+
image/vnd.wap.wbmp wbmp;
21+
image/webp webp;
22+
image/x-icon ico;
23+
image/x-jng jng;
24+
image/x-ms-bmp bmp;
25+
26+
font/woff woff;
27+
font/woff2 woff2;
28+
29+
application/java-archive jar war ear;
30+
application/json json;
31+
application/mac-binhex40 hqx;
32+
application/msword doc;
33+
application/pdf pdf;
34+
application/postscript ps eps ai;
35+
application/rtf rtf;
36+
application/vnd.apple.mpegurl m3u8;
37+
application/vnd.google-earth.kml+xml kml;
38+
application/vnd.google-earth.kmz kmz;
39+
application/vnd.ms-excel xls;
40+
application/vnd.ms-fontobject eot;
41+
application/vnd.ms-powerpoint ppt;
42+
application/vnd.oasis.opendocument.graphics odg;
43+
application/vnd.oasis.opendocument.presentation odp;
44+
application/vnd.oasis.opendocument.spreadsheet ods;
45+
application/vnd.oasis.opendocument.text odt;
46+
application/vnd.openxmlformats-officedocument.presentationml.presentation
47+
pptx;
48+
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
49+
xlsx;
50+
application/vnd.openxmlformats-officedocument.wordprocessingml.document
51+
docx;
52+
application/vnd.wap.wmlc wmlc;
53+
application/x-7z-compressed 7z;
54+
application/x-cocoa cco;
55+
application/x-java-archive-diff jardiff;
56+
application/x-java-jnlp-file jnlp;
57+
application/x-makeself run;
58+
application/x-perl pl pm;
59+
application/x-pilot prc pdb;
60+
application/x-rar-compressed rar;
61+
application/x-redhat-package-manager rpm;
62+
application/x-sea sea;
63+
application/x-shockwave-flash swf;
64+
application/x-stuffit sit;
65+
application/x-tcl tcl tk;
66+
application/x-x509-ca-cert der pem crt;
67+
application/x-xpinstall xpi;
68+
application/xhtml+xml xhtml;
69+
application/xspf+xml xspf;
70+
application/zip zip;
71+
72+
application/octet-stream bin exe dll;
73+
application/octet-stream deb;
74+
application/octet-stream dmg;
75+
application/octet-stream iso img;
76+
application/octet-stream msi msp msm;
77+
78+
audio/midi mid midi kar;
79+
audio/mpeg mp3;
80+
audio/ogg ogg;
81+
audio/x-m4a m4a;
82+
audio/x-realaudio ra;
83+
84+
video/3gpp 3gpp 3gp;
85+
video/mp2t ts;
86+
video/mp4 mp4;
87+
video/mpeg mpeg mpg;
88+
video/quicktime mov;
89+
video/webm webm;
90+
video/x-flv flv;
91+
video/x-m4v m4v;
92+
video/x-mng mng;
93+
video/x-ms-asf asx asf;
94+
video/x-ms-wmv wmv;
95+
video/x-msvideo avi;
96+
}

rootfs/etc/services.d/nginx/run

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,12 @@
11
#!/usr/bin/with-contenv bash
22

3-
mkdir -p /tmp/nginx \
3+
mkdir -p /tmp/nginx/body \
4+
/var/log/nginx \
45
/data/{nginx,logs,access} \
56
/data/nginx/{proxy_host,redirection_host,stream,dead_host} \
67
/var/lib/nginx/cache/{public,private}
78

9+
touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log
810
chown root /tmp/nginx
9-
exec nginx
1011

12+
exec nginx

src/backend/index.js

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ function appStart () {
99
const setup = require('./setup');
1010
const app = require('./app');
1111
const apiValidator = require('./lib/validator/api');
12+
const internalSsl = require('./internal/ssl');
1213

1314
return migrate.latest()
1415
.then(() => {
@@ -18,6 +19,9 @@ function appStart () {
1819
return apiValidator.loadSchemas;
1920
})
2021
.then(() => {
22+
23+
internalSsl.initTimer();
24+
2125
const server = app.listen(81, () => {
2226
logger.info('PID ' + process.pid + ' listening on port 81 ...');
2327

src/backend/internal/certificate.js

Lines changed: 183 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,183 @@
1+
'use strict';
2+
3+
const _ = require('lodash');
4+
const error = require('../lib/error');
5+
const certificateModel = require('../models/certificate');
6+
7+
function omissions () {
8+
return ['is_deleted'];
9+
}
10+
11+
const internalCertificate = {
12+
13+
/**
14+
* @param {Access} access
15+
* @param {Object} data
16+
* @returns {Promise}
17+
*/
18+
create: (access, data) => {
19+
return access.can('certificates:create', data)
20+
.then(access_data => {
21+
// TODO
22+
return {};
23+
});
24+
},
25+
26+
/**
27+
* @param {Access} access
28+
* @param {Object} data
29+
* @param {Integer} data.id
30+
* @param {String} [data.email]
31+
* @param {String} [data.name]
32+
* @return {Promise}
33+
*/
34+
update: (access, data) => {
35+
return access.can('certificates:update', data.id)
36+
.then(access_data => {
37+
// TODO
38+
return {};
39+
});
40+
},
41+
42+
/**
43+
* @param {Access} access
44+
* @param {Object} data
45+
* @param {Integer} data.id
46+
* @param {Array} [data.expand]
47+
* @param {Array} [data.omit]
48+
* @return {Promise}
49+
*/
50+
get: (access, data) => {
51+
if (typeof data === 'undefined') {
52+
data = {};
53+
}
54+
55+
if (typeof data.id === 'undefined' || !data.id) {
56+
data.id = access.token.get('attrs').id;
57+
}
58+
59+
return access.can('certificates:get', data.id)
60+
.then(access_data => {
61+
let query = certificateModel
62+
.query()
63+
.where('is_deleted', 0)
64+
.andWhere('id', data.id)
65+
.allowEager('[owner]')
66+
.first();
67+
68+
if (access_data.permission_visibility !== 'all') {
69+
query.andWhere('owner_user_id', access.token.get('attrs').id);
70+
}
71+
72+
// Custom omissions
73+
if (typeof data.omit !== 'undefined' && data.omit !== null) {
74+
query.omit(data.omit);
75+
}
76+
77+
if (typeof data.expand !== 'undefined' && data.expand !== null) {
78+
query.eager('[' + data.expand.join(', ') + ']');
79+
}
80+
81+
return query;
82+
})
83+
.then(row => {
84+
if (row) {
85+
return _.omit(row, omissions());
86+
} else {
87+
throw new error.ItemNotFoundError(data.id);
88+
}
89+
});
90+
},
91+
92+
/**
93+
* @param {Access} access
94+
* @param {Object} data
95+
* @param {Integer} data.id
96+
* @param {String} [data.reason]
97+
* @returns {Promise}
98+
*/
99+
delete: (access, data) => {
100+
return access.can('certificates:delete', data.id)
101+
.then(() => {
102+
return internalCertificate.get(access, {id: data.id});
103+
})
104+
.then(row => {
105+
if (!row) {
106+
throw new error.ItemNotFoundError(data.id);
107+
}
108+
109+
return certificateModel
110+
.query()
111+
.where('id', row.id)
112+
.patch({
113+
is_deleted: 1
114+
});
115+
})
116+
.then(() => {
117+
return true;
118+
});
119+
},
120+
121+
/**
122+
* All Lists
123+
*
124+
* @param {Access} access
125+
* @param {Array} [expand]
126+
* @param {String} [search_query]
127+
* @returns {Promise}
128+
*/
129+
getAll: (access, expand, search_query) => {
130+
return access.can('certificates:list')
131+
.then(access_data => {
132+
let query = certificateModel
133+
.query()
134+
.where('is_deleted', 0)
135+
.groupBy('id')
136+
.omit(['is_deleted'])
137+
.allowEager('[owner]')
138+
.orderBy('name', 'ASC');
139+
140+
if (access_data.permission_visibility !== 'all') {
141+
query.andWhere('owner_user_id', access.token.get('attrs').id);
142+
}
143+
144+
// Query is used for searching
145+
if (typeof search_query === 'string') {
146+
query.where(function () {
147+
this.where('name', 'like', '%' + search_query + '%');
148+
});
149+
}
150+
151+
if (typeof expand !== 'undefined' && expand !== null) {
152+
query.eager('[' + expand.join(', ') + ']');
153+
}
154+
155+
return query;
156+
});
157+
},
158+
159+
/**
160+
* Report use
161+
*
162+
* @param {Integer} user_id
163+
* @param {String} visibility
164+
* @returns {Promise}
165+
*/
166+
getCount: (user_id, visibility) => {
167+
let query = certificateModel
168+
.query()
169+
.count('id as count')
170+
.where('is_deleted', 0);
171+
172+
if (visibility !== 'all') {
173+
query.andWhere('owner_user_id', user_id);
174+
}
175+
176+
return query.first()
177+
.then(row => {
178+
return parseInt(row.count, 10);
179+
});
180+
}
181+
};
182+
183+
module.exports = internalCertificate;

src/backend/internal/dead-host.js

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ const _ = require('lodash');
44
const error = require('../lib/error');
55
const deadHostModel = require('../models/dead_host');
66
const internalHost = require('./host');
7+
const internalNginx = require('./nginx');
78
const internalAuditLog = require('./audit-log');
89

910
function omissions () {
@@ -49,6 +50,13 @@ const internalDeadHost = {
4950
.omit(omissions())
5051
.insertAndFetch(data);
5152
})
53+
.then(row => {
54+
// Configure nginx
55+
return internalNginx.configure(deadHostModel, 'dead_host', row)
56+
.then(() => {
57+
return internalDeadHost.get(access, {id: row.id, expand: ['owner']});
58+
});
59+
})
5260
.then(row => {
5361
// Add to audit log
5462
return internalAuditLog.add(access, {
@@ -58,7 +66,7 @@ const internalDeadHost = {
5866
meta: data
5967
})
6068
.then(() => {
61-
return _.omit(row, omissions());
69+
return row;
6270
});
6371
});
6472
},
@@ -192,6 +200,13 @@ const internalDeadHost = {
192200
.patch({
193201
is_deleted: 1
194202
})
203+
.then(() => {
204+
// Delete Nginx Config
205+
return internalNginx.deleteConfig('dead_host', row)
206+
.then(() => {
207+
return internalNginx.reload();
208+
});
209+
})
195210
.then(() => {
196211
// Add to audit log
197212
row.meta = internalHost.cleanMeta(row.meta);

0 commit comments

Comments
 (0)