Update routes and file paths, fix authentication and security issues
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
61
routes/Dpanel/Admin/Privacy-Security.js
Normal file
61
routes/Dpanel/Admin/Privacy-Security.js
Normal file
@@ -0,0 +1,61 @@
|
||||
const express = require('express');
|
||||
const fs = require('fs');
|
||||
const path = require('path');
|
||||
const router = express.Router();
|
||||
const fileUpload = require('express-fileupload');
|
||||
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||
const { loggers } = require('winston');
|
||||
const ncp = require('ncp');
|
||||
const util = require('util');
|
||||
const ncpAsync = util.promisify(ncp.ncp);
|
||||
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||
const config = JSON.parse(configFile);
|
||||
const bodyParser = require('body-parser');
|
||||
const crypto = require('crypto');
|
||||
const os = require('os');
|
||||
const osUtils = require('os-utils');
|
||||
const Convert = require('ansi-to-html');
|
||||
const convert = new Convert()
|
||||
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||
|
||||
let setupData = getSetupData();
|
||||
let userData = getUserData();
|
||||
router.use(bodyParser.json());
|
||||
|
||||
const User = require('../../../data/user.json');
|
||||
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||
|
||||
router.get('/', authMiddleware, async (req, res) => {
|
||||
try {
|
||||
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||
const users = JSON.parse(data);
|
||||
|
||||
const user = users.find(user => user.name === req.user.name);
|
||||
|
||||
if (!user || user.role !== 'admin') {
|
||||
console.log('Access denied');
|
||||
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||
}
|
||||
|
||||
const files = await fs.promises.readdir('./report');
|
||||
const reports = files.filter(file => file.endsWith('.json')).map(file => {
|
||||
return fs.promises.readFile(path.join('./report', file), 'utf8')
|
||||
.then(content => {
|
||||
return { name: file, content: content };
|
||||
})
|
||||
.catch(err => {
|
||||
console.error(err);
|
||||
});
|
||||
});
|
||||
|
||||
Promise.all([Promise.all(reports)]).then(([completedReports]) => {
|
||||
res.render('paramAdminPrivacy&Security', { users: User, reports: completedReports });
|
||||
});
|
||||
} catch (err) {
|
||||
console.error(err);
|
||||
res.status(500).send('Server Error');
|
||||
}
|
||||
});
|
||||
|
||||
module.exports = router;
|
||||
Reference in New Issue
Block a user