Dinawo/CDN-APP-INSIDER
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update routes and file paths, fix authentication and security issues
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
.dinawo
2024-04-13 22:17:54 +02:00
parent 8f3e604774
commit 4e2e085a63
38 changed files with 1918 additions and 1408 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
routes/Dpanel/API/DeleteFile.js Normal file
View File

@@ -0,0 +1,89 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, (req, res) => {
const userId = req.userData.name;
const { filename } = req.body;
if (!userId || !filename) {
return res.status(400).json({ message: 'Identifiant d\'utilisateur ou nom de fichier manquant pour la suppression du fichier.' });
}
const userFolderPath = path.join('cdn-files', userId);
function findAndDeleteFile(folderPath) {
const filesInFolder = fs.readdirSync(folderPath);
for (const file of filesInFolder) {
const filePath = path.join(folderPath, file);
if (!filePath.startsWith(userFolderPath)) {
console.error('Unauthorized directory access attempt');
return false;
}
if (fs.statSync(filePath).isDirectory()) {
findAndDeleteFile(filePath);
} else if (file === filename) {
try {
fs.unlinkSync(filePath);
console.log('File deleted:', filePath);
return true;
} catch (error) {
console.error('Error deleting file:', error);
return false;
}
}
}
return false;
}
const fileDeleted = findAndDeleteFile(userFolderPath);
if (fileDeleted) {
res.status(200).json({ status: 'success', message: 'Le fichier a été supprimé avec succès.' });
} else {
res.status(404).json({ status: 'error', message: 'Le fichier que vous essayez de supprimer n\'existe pas.' });
}
});
const ncpAsync = (source, destination) => {
const userFolderPath = path.join('cdn-files', userId);
if (!source.startsWith(userFolderPath) || !destination.startsWith(userFolderPath)) {
throw new Error('Unauthorized directory access attempt');
}
return new Promise((resolve, reject) => {
ncp(source, destination, (err) => {
if (err) {
reject(err);
} else {
resolve();
}
});
});
};
module.exports = router;

45
routes/Dpanel/API/DeleteFileFolder.js Normal file
View File

@@ -0,0 +1,45 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/:folderName', authMiddleware, (req, res) => {
const userId = req.userData.name;
const { filename } = req.body;
const userFolderPath = path.join('cdn-files', userId || '');
const filePath = path.join(userFolderPath, req.params.folderName, filename || '');
if (!fs.existsSync(filePath)) {
return res.status(404).json({ error: 'Le fichier spécifié n\'existe pas.' });
}
fs.unlink(filePath, (err) => {
if (err) {
console.error(err);
return res.status(500).json({ error: 'Erreur lors de la suppression du fichier.' });
}
res.json({ deleted: true, success: 'Fichier supprimé avec succès.' });
});
});
module.exports = router;

48
routes/Dpanel/API/DeleteFolfder.js Normal file
View File

@@ -0,0 +1,48 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.delete('/:folderName', authMiddleware, (req, res) => {
const userId = req.userData.name;
const folderName = req.params.folderName;
const userFolderPath = path.join('cdn-files', userId);
const folderPath = path.join(userFolderPath, folderName);
if (!fs.existsSync(folderPath)) {
return res.status(404).json({ error: 'Le dossier spécifié n\'existe pas.' });
}
if (!folderPath.startsWith(userFolderPath)) {
return res.status(403).json({ error: 'Vous n\'avez pas la permission de supprimer ce dossier.' });
}
fs.rmdir(folderPath, { recursive: true }, (err) => {
if (err) {
console.error(err);
return res.status(500).json({ error: 'Erreur lors de la suppression du dossier.' });
}
res.json({ deleted: true, success: 'Dossier supprimé avec succès.' });
});
});
module.exports = router;

119
routes/Dpanel/API/MoveFile.js Normal file
View File

@@ -0,0 +1,119 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, async (req, res) => {
const fileName = req.body.fileName;
const folderName = req.body.folderName;
const data = await fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf-8')
const users = JSON.parse(data);
const user = users.find(user => user.id === req.user.id);
if (!user) {
console.error('User not found in user.json');
return res.status(500).send('Erreur lors du déplacement du fichier.');
}
const userId = user.name;
if (!fileName || !userId) {
console.error('fileName or userId is undefined');
return res.status(500).send('Erreur lors du déplacement du fichier.');
}
const sourcePath = path.join('cdn-files', userId, fileName);
let destinationDir;
if (folderName && folderName.trim() !== '') {
destinationDir = path.join('cdn-files', userId, folderName);
} else {
destinationDir = path.join('cdn-files', userId);
}
const destinationPath = path.join(destinationDir, fileName);
try {
const normalizedSourcePath = path.normalize(sourcePath);
console.log('Full Source Path:', normalizedSourcePath);
if (fs.existsSync(normalizedSourcePath)) {
await fs.promises.access(destinationDir);
await ncpAsync(normalizedSourcePath, destinationPath);
await fs.promises.unlink(normalizedSourcePath);
} else {
console.log('File does not exist');
}
res.redirect('/dpanel/dashboard');
} catch (err) {
console.error(err);
return res.status(500).send('Erreur lors du déplacement du fichier.');
}
});
router.post('/:folderName', authMiddleware, async (req, res) => {
const fileName = req.body.fileName;
const newFolderName = req.body.folderName;
const oldFolderName = req.params.folderName;
const userId = req.user && req.user._json ? req.userData.name : undefined;
if (!fileName || !userId || !oldFolderName || !newFolderName) {
console.error('fileName, userId, oldFolderName, or newFolderName is undefined');
return res.status(500).send('Erreur lors du déplacement du fichier.');
}
const userDir = path.join(process.cwd(), 'cdn-files', userId);
const sourcePath = path.join(userDir, oldFolderName, fileName);
const destinationDir = path.join(userDir, newFolderName);
const destinationPath = path.join(destinationDir, fileName);
if (!sourcePath.startsWith(userDir) || !destinationPath.startsWith(userDir)) {
ErrorLogger.error('Unauthorized directory access attempt');
return res.status(403).send('Unauthorized directory access attempt');
}
try {
const normalizedSourcePath = path.normalize(sourcePath);
console.log('Full Source Path:', normalizedSourcePath);
if (fs.existsSync(normalizedSourcePath)) {
await fs.promises.access(destinationDir, fs.constants.W_OK);
await fs.promises.rename(normalizedSourcePath, destinationPath);
} else {
console.log('File does not exist');
}
res.redirect('/dpanel/dashboard');
} catch (err) {
console.error(err);
return res.status(500).send('Erreur lors du déplacement du fichier.');
}
});
module.exports = router;

66
routes/Dpanel/API/NewFolder.js Normal file
View File

@@ -0,0 +1,66 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, (req, res) => {
try {
logger.info('Received POST request to create a new folder.');
const userId = req.userData.name;
let { folderName } = req.body;
logger.info('Received folderName:', folderName);
if (!folderName || typeof folderName !== 'string') {
ErrorLogger.error('Invalid folderName:', folderName);
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
}
folderName = path.basename(folderName.trim());
if (!folderName) {
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
}
const folderPath = path.join('cdn-files', userId, folderName);
if (fs.existsSync(folderPath)) {
logger.info('Folder already exists:', folderPath);
return res.status(400).json({ message: 'Le dossier existe déjà.' });
}
fs.mkdir(folderPath, (err) => {
if (err) {
ErrorLogger.error(err);
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: err });
}
logger.info('Folder created successfully:', folderPath);
res.status(200).json({ message: 'Dossier créé avec succès.' });
});
} catch (error) {
ErrorLogger.error('Error creating folder:', error);
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: error });
}
});
module.exports = router;

106
routes/Dpanel/API/RenameFile.js Normal file
View File

@@ -0,0 +1,106 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, async (req, res) => {
const userId = req.userData.name;
const { currentName, newName } = req.body;
if (!currentName || !newName) {
return res.status(400).send('Both currentName and newName must be provided.');
}
const currentPath = path.join('cdn-files', userId || '', currentName);
const newPath = path.join('cdn-files', userId, newName);
try {
await fs.promises.rename(currentPath, newPath);
const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf-8')
let fileInfo = JSON.parse(data);
let found = false;
for (let i = 0; i < fileInfo.length; i++) {
if (fileInfo[i].fileName === currentName) {
fileInfo[i].fileName = newName;
found = true;
break;
}
}
if (found) {
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
}
res.status(200).send('L\'opération a été effectuée avec succès.');
} catch (err) {
console.error(err);
return res.status(500).send('Erreur lors du changement de nom du fichier.');
}
});
router.post('/:filePath*', authMiddleware, async (req, res) => {
const userId = req.userData.name;
const { currentName, newName } = req.body;
const filePath = path.join(req.params.filePath, req.params[0] || '');
if (!currentName || !newName) {
return res.status(400).send('Both currentName and newName must be provided.');
}
const userDir = path.join('cdn-files', userId);
const currentPath = path.join(userDir, filePath, currentName);
const newPath = path.join(userDir, filePath, newName);
if (!currentPath.startsWith(userDir) || !newPath.startsWith(userDir)) {
ErrorLogger.error('Unauthorized directory access attempt');
return res.status(403).send('Unauthorized directory access attempt');
}
try {
await fs.promises.rename(currentPath, newPath);
const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf8');
let fileInfo = JSON.parse(data);
let found = false;
for (let i = 0; i < fileInfo.length; i++) {
if (fileInfo[i].fileName === currentName) {
fileInfo[i].fileName = newName;
found = true;
break;
}
}
if (found) {
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
}
res.status(200).send('L\'opération a été effectuée avec succès.');
} catch (err) {
console.error(err);
return res.status(500).send('Erreur lors du changement de nom du fichier.');
}
});
module.exports = router;

62
routes/Dpanel/API/Update-Setup-Admin.js Normal file
View File

@@ -0,0 +1,62 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const osUtils = require('os-utils');
const Convert = require('ansi-to-html');
const convert = new Convert()
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, async (req, res) => {
try {
let setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'));
if (!req.body.ldap || !req.body.ldap.enabled) {
delete setup.ldap;
} else {
setup.ldap = req.body.ldap;
}
if (!req.body.discord || !req.body.discord.enabled) {
delete setup.discord;
} else {
setup.discord = req.body.discord;
}
setup.domain = req.body.domain;
setup.uptime = req.body.uptime;
fs.writeFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'), JSON.stringify(setup, null, 2);
res.redirect('/dpanel/dashboard/admin');
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

52
routes/Dpanel/API/Upload-Role-Admin.js Normal file
View File

@@ -0,0 +1,52 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const osUtils = require('os-utils');
const Convert = require('ansi-to-html');
const convert = new Convert()
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.post('/', authMiddleware, async (req, res) => {
try {
const { id, role } = req.body;
const user = User.find(user => user.id === id);
if (user) {
user.role = role;
}
fs.writeFileSync(path.join(__dirname, '../../../data/user.json'), JSON.stringify(User, null, 2));
res.redirect('/dpanel/dashboard/admin');
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

95
routes/Dpanel/API/Upload.js Normal file
View File

@@ -0,0 +1,95 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', (req, res) => {
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
});
router.use(fileUpload({
limits: { fileSize: 15 * 1024 * 1024 * 1024 },
}));
router.post('/', authMiddleware, async (req, res) => {
try {
if (!req.files || Object.keys(req.files).length === 0) {
return res.status(400).send('5410 - Erreur de téléchargement, veuillez retenter ultérieurement.');
}
const file = req.files.file;
const userId = req.userData.name;
const Id = req.userData.id;
const uploadDir = path.join('cdn-files', userId);
const originalFileName = file.name;
const domain = config.domain || 'mydomain.com';
let expiryDate = req.body.expiryDate;
let password = req.body.password;
if (!fs.existsSync(uploadDir)) {
fs.mkdirSync(uploadDir, { recursive: true });
}
file.mv(path.join(uploadDir, originalFileName), async (err) => {
if (err) {
console.error(err);
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
}
const fileExtension = path.extname(originalFileName).toLowerCase();
const bcrypt = require('bcrypt');
const saltRounds = 10;
let hashedPassword = '';
if (password) {
hashedPassword = bcrypt.hashSync(password, saltRounds);
}
const fileInfo = {
fileName: originalFileName,
expiryDate: expiryDate || '',
password: hashedPassword,
Id: Id,
path: path.join(uploadDir, originalFileName)
};
if (expiryDate || password) {
let data = [];
if (fs.existsSync(path.join(__dirname, '../../../data', 'file_info.json'))) {
const existingData = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf8');
data = JSON.parse(existingData);
if (!Array.isArray(data)) {
data = [];
}
}
data.push(fileInfo);
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(data, null, 2));
}
res.redirect('/dpanel/dashboard');
});
} catch (error) {
console.error(error);
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
}
});
module.exports = router;

61
routes/Dpanel/Admin/Privacy-Security.js Normal file
View File

@@ -0,0 +1,61 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const osUtils = require('os-utils');
const Convert = require('ansi-to-html');
const convert = new Convert()
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', authMiddleware, async (req, res) => {
try {
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
const users = JSON.parse(data);
const user = users.find(user => user.name === req.user.name);
if (!user || user.role !== 'admin') {
console.log('Access denied');
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
}
const files = await fs.promises.readdir('./report');
const reports = files.filter(file => file.endsWith('.json')).map(file => {
return fs.promises.readFile(path.join('./report', file), 'utf8')
.then(content => {
return { name: file, content: content };
})
.catch(err => {
console.error(err);
});
});
Promise.all([Promise.all(reports)]).then(([completedReports]) => {
res.render('paramAdminPrivacy&Security', { users: User, reports: completedReports });
});
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

44
routes/Dpanel/Admin/SettingSetup.js Normal file
View File

@@ -0,0 +1,44 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', authMiddleware, async (req, res) => {
try {
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
const users = JSON.parse(data);
const user = users.find(user => user.name === req.user.name);
if (!user || user.role !== 'admin') {
console.log('Access denied');
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
}
res.render('paramAdminSettingSetup', { users: User, setup: setup });
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

74
routes/Dpanel/Admin/Stats-Logs.js Normal file
View File

@@ -0,0 +1,74 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const osUtils = require('os-utils');
const Convert = require('ansi-to-html');
const convert = new Convert()
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', authMiddleware, async (req, res) => {
try {
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
const users = JSON.parse(data);
const user = users.find(user => user.name === req.user.name);
if (!user || user.role !== 'admin') {
console.log('Access denied');
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
}
const uptime = os.uptime();
const memoryUsage = process.memoryUsage().heapUsed / 1024 / 1024;
osUtils.cpuUsage(function(cpuUsage) {
fs.readdir('./logs', (err, files) => {
if (err) {
console.error(err);
res.status(500).send('Error reading logs');
return;
}
const logs = files.map(file => {
return fs.promises.readFile(path.join('./logs', file), 'utf8')
.then(content => {
content = convert.toHtml(content);
return { name: file, content: content };
})
.catch(err => {
console.error(err);
});
});
Promise.all(logs).then(completed => {
res.render('paramAdminStats&Logs', { users: User, setup: setup, uptime, memoryUsage, cpuUsage, logs: completed });
});
});
});
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

55
routes/Dpanel/Admin/User.js Normal file
View File

@@ -0,0 +1,55 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', authMiddleware, async (req, res) => {
try {
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
const users = JSON.parse(data);
const user = users.find(user => user.name === req.user.name);
if (!user || user.role !== 'admin') {
console.log('Access denied');
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
}
let currentPage = Number(req.query.page) || 1;
let limit = Number(req.query.limit) || 10;
let totalUsers = users.length;
let pages = Math.ceil(totalUsers / limit);
let start = (currentPage - 1) * limit;
let end = start + limit;
let usersForPage = users.slice(start, end);
res.render('paramAdminUser', { users: usersForPage, setup: setup, pages: pages, currentPage: currentPage, limit: limit });
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

46
routes/Dpanel/Admin/index.js Normal file
View File

@@ -0,0 +1,46 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
const User = require('../../../data/user.json');
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
router.get('/', authMiddleware, async (req, res) => {
try {
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
const users = JSON.parse(data);
const user = users.find(user => user.name === req.user.name);
if (!user || user.role !== 'admin') {
console.log('Access denied');
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
}
res.render('paramAdmin', { users: User, setup: setup });
} catch (err) {
console.error(err);
res.status(500).send('Server Error');
}
});
module.exports = router;

93
routes/Dpanel/Dashboard/index.js Normal file
View File

@@ -0,0 +1,93 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
let configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
let config = JSON.parse(configFile)[0];
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', authMiddleware, async (req, res) => {
const folderName = req.params.folderName || '';
if (!req.userData || !req.userData.name) {
return res.render('error-recovery-file', { error: 'User data is undefined or incomplete' });
}
const userId = req.userData.id;
const userName = req.userData.name;
const downloadDir = path.join('cdn-files', userName);
const domain = config.domain || 'swiftlogic-labs.com';
if (!config.domain) {
console.error('Domain is not defined in setup.json');
config.domain = 'swiftlogic-labs.com';
}
if (!fs.existsSync(downloadDir)) {
fs.mkdirSync(downloadDir, { recursive: true });
}
try {
fs.accessSync(downloadDir, fs.constants.R_OK | fs.constants.W_OK);
} catch (err) {
console.error('No access!', err);
return res.render('error-recovery-file', { error: 'No access to directory' });
}
let fileInfoNames = [];
try {
const fileInfo = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'))
if (!Array.isArray(fileInfo)) {
console.error('fileInfo is not an array. Check the contents of file_info.json');
} else {
fileInfoNames = fileInfo.map(file => file.fileName);
}
} catch (err) {
console.error('Error reading file_info.json:', err);
}
try {
const files = await fs.promises.readdir(downloadDir);
const folders = files.filter(file => fs.statSync(path.join(downloadDir, file)).isDirectory());
const fileDetails = files.map(file => {
const filePath = path.join(downloadDir, file);
const stats = fs.statSync(filePath);
const fileExtension = path.extname(file).toLowerCase();
const encodedFileName = encodeURIComponent(file);
const fileLink = `https://${domain}/attachments/${userId}/${encodedFileName}`;
const fileType = stats.isDirectory() ? 'folder' : 'file';
return {
name: file,
size: stats.size,
url: fileLink,
extension: fileExtension,
type: fileType
};
});
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
res.render('dashboard', { files: fileDetails, folders, extensions: availableExtensions, allFolders: folders, folderName: folderName, fileInfoNames: fileInfoNames });
} catch (err) {
console.error('Error reading directory:', err);
return res.render('error-recovery-file', { error: err.message });
}
});
module.exports = router;

127
routes/Dpanel/Folder/index.js Normal file
View File

@@ -0,0 +1,127 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp').ncp;
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile)[0];
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/:folderName', authMiddleware, async (req, res) => {
const userId = req.userData.name;
const folderName = req.params.folderName || '';
const folderPath = path.join('cdn-files', userId, folderName);
const userFolderPath = path.join('cdn-files', userId);
const domain = config.domain || 'swiftlogic-labs.com';
const currentFolderName = folderName || '';
const data = await fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf-8')
let users;
try {
users = JSON.parse(data);
} catch (error) {
console.error('Error parsing user.json:', error);
users = [];
}
if (!Array.isArray(users)) {
console.error('Error: users is not an array. Check the contents of setup.json');
users = [];
}
const user = users.find(user => user.name === userId);
if (!user) {
console.error(`User with ID ${userId} not found in user.json`);
return res.status(500).send(`User with ID ${userId} not found in user.json`);
}
const userRealId = user.id;
const fileInfoData = await fs.readFileSync(path.join(__dirname, '../../../data', 'file_info.json'), 'utf-8')
let fileInfo;
try {
fileInfo = JSON.parse(fileInfoData);
} catch (error) {
console.error('Error parsing file_info.json:', error);
fileInfo = [];
}
if (!Array.isArray(fileInfo)) {
console.error('Error: fileInfo is not an array. Check the contents of file_info.json');
fileInfo = [];
}
const fileInfoNames = fileInfo.map(file => file.fileName);
fs.readdir(folderPath, { withFileTypes: true }, (err, entries) => {
if (err) {
console.error('Error reading directory:', err);
return res.render('error-recovery-file');
}
const folders = entries
.filter(entry => entry.isDirectory())
.map(entry => entry.name);
fs.readdir(userFolderPath, { withFileTypes: true }, (err, allEntries) => {
if (err) {
console.error('Error reading user directory:', err);
return res.render('error-recovery-file');
}
const allFolders = allEntries
.filter(entry => entry.isDirectory())
.map(entry => entry.name);
const fileDetailsPromises = entries.map(entry => {
const filePath = path.join(folderPath, entry.name);
return new Promise((resolve, reject) => {
fs.stat(filePath, (err, stats) => {
if (err) {
console.error('Error getting file stats:', err);
return reject(err);
}
const encodedFileName = encodeURIComponent(entry.name);
const fileLink = `https://${domain}/attachments/${userRealId}/${encodedFileName}`;
const fileType = entry.isDirectory() ? 'folder' : 'file';
resolve({
name: entry.name,
size: stats.size,
url: fileLink,
extension: path.extname(entry.name).toLowerCase(),
type: fileType
});
});
});
});
Promise.all(fileDetailsPromises)
.then(fileDetails => {
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
res.render('folder', { files: fileDetails, folders, allFolders, extensions: availableExtensions, currentFolder: currentFolderName, folderName: folderName, fileInfoNames });
})
.catch(error => {
console.error('Error processing file details:', error);
res.status(500).send('Erreur lors du traitement des détails des fichiers.');
});
});
});
});
module.exports = router;

27
routes/Dpanel/Upload.js Normal file
View File

@@ -0,0 +1,27 @@
const express = require('express');
const fs = require('fs');
const path = require('path');
const router = express.Router();
const fileUpload = require('express-fileupload');
const authMiddleware = require('../../Middlewares/authMiddleware');
const { loggers } = require('winston');
const ncp = require('ncp');
const util = require('util');
const ncpAsync = util.promisify(ncp.ncp);
const configFile = fs.readFileSync(path.join(__dirname, '../../data', 'setup.json'), 'utf-8')
const config = JSON.parse(configFile);
const bodyParser = require('body-parser');
const crypto = require('crypto');
const os = require('os');
const { getUserData, getSetupData } = require('../../Middlewares/watcherMiddleware');
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../config/logs');
let setupData = getSetupData();
let userData = getUserData();
router.use(bodyParser.json());
router.get('/', authMiddleware, (req, res) => {
res.render('upload');
});
module.exports = router;