Update routes and file paths, fix authentication and security issues
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -8,7 +8,7 @@ const setupFilePath = path.join(__dirname, '../data', 'setup.json');
|
|||||||
|
|
||||||
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
|
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
|
||||||
|
|
||||||
passport.use('ActiveDirectory', new ActiveDirectoryStrategy({
|
passport.use(new ActiveDirectoryStrategy({
|
||||||
integrated: false,
|
integrated: false,
|
||||||
ldap: {
|
ldap: {
|
||||||
url: setupData[0].ldap.url,
|
url: setupData[0].ldap.url,
|
||||||
|
|||||||
928
package-lock.json
generated
928
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@@ -1,5 +1,5 @@
|
|||||||
{
|
{
|
||||||
"name": "@cdn/app-insider-swiftlogic-labs-dinawo",
|
"name": "@cdn-app/insider-swiftlogic-labs-dinawo",
|
||||||
"version": "1.0.0-beta.10",
|
"version": "1.0.0-beta.10",
|
||||||
"description": "",
|
"description": "",
|
||||||
"main": "server.js",
|
"main": "server.js",
|
||||||
|
|||||||
@@ -104,7 +104,7 @@
|
|||||||
}).then(async (result) => {
|
}).then(async (result) => {
|
||||||
if (result.isConfirmed) {
|
if (result.isConfirmed) {
|
||||||
try {
|
try {
|
||||||
const response = await fetch(`/dpanel/dashboard/deletefolder/${folderName}`, {
|
const response = await fetch(`/api/dpanel/dashboard/deletefolder/${folderName}`, {
|
||||||
method: 'DELETE',
|
method: 'DELETE',
|
||||||
});
|
});
|
||||||
|
|
||||||
@@ -160,7 +160,7 @@
|
|||||||
}).then(result => {
|
}).then(result => {
|
||||||
if (result.isConfirmed) {
|
if (result.isConfirmed) {
|
||||||
const folderName = result.value.trim();
|
const folderName = result.value.trim();
|
||||||
fetch('/dpanel/dashboard/newfolder', {
|
fetch('/api/dpanel/dashboard/newfolder', {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
@@ -342,7 +342,7 @@
|
|||||||
}).then(async (result) => {
|
}).then(async (result) => {
|
||||||
if (result.isConfirmed) {
|
if (result.isConfirmed) {
|
||||||
try {
|
try {
|
||||||
const response = await fetch('/dpanel/dashboard/delete', {
|
const response = await fetch('/api/dpanel/dashboard/delete', {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
@@ -405,7 +405,7 @@
|
|||||||
if (result.isConfirmed) {
|
if (result.isConfirmed) {
|
||||||
const newName = result.value;
|
const newName = result.value;
|
||||||
|
|
||||||
fetch(`/dpanel/dashboard/rename/${folderName}`, {
|
fetch(`/api/dpanel/dashboard/rename/${folderName}`, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
|
|||||||
@@ -115,7 +115,7 @@ async function confirmDeleteFile(folderName, filename) {
|
|||||||
|
|
||||||
if (confirmationResult.isConfirmed) {
|
if (confirmationResult.isConfirmed) {
|
||||||
try {
|
try {
|
||||||
const response = await fetch(`/dpanel/dashboard/deletefile/${folderName}`, {
|
const response = await fetch(`/api/dpanel/dashboard/deletefile/${folderName}`, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
@@ -186,7 +186,7 @@ function getCurrentFolderName() {
|
|||||||
function renameFolder(currentName, newName) {
|
function renameFolder(currentName, newName) {
|
||||||
try {
|
try {
|
||||||
const currentFolderName = getCurrentFolderName();
|
const currentFolderName = getCurrentFolderName();
|
||||||
const renameURL = `/dpanel/dashboard/renamefile/${currentFolderName}`;
|
const renameURL = `/api/dpanel/dashboard/renamefile/${currentFolderName}`;
|
||||||
|
|
||||||
fetch(renameURL, {
|
fetch(renameURL, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
@@ -251,7 +251,7 @@ function renameFile(folderName, currentName) {
|
|||||||
if (result.isConfirmed) {
|
if (result.isConfirmed) {
|
||||||
const newName = result.value;
|
const newName = result.value;
|
||||||
|
|
||||||
fetch(`/dpanel/dashboard/rename/${folderName}`, {
|
fetch(`/api/dpanel/dashboard/rename/${folderName}`, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers: {
|
||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
|
|||||||
32
routes/Auth/ActiveDirectory.js
Normal file
32
routes/Auth/ActiveDirectory.js
Normal file
@@ -0,0 +1,32 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
const passport = require('passport');
|
||||||
|
require('../../models/Passport-ActiveDirectory');
|
||||||
|
const { checkUserExistsAD } = require('../../Middlewares/UserIDMiddlewareAD');
|
||||||
|
|
||||||
|
router.post('/', (req, res, next) => {
|
||||||
|
passport.authenticate('ActiveDirectory', (err, user) => {
|
||||||
|
if (err) {
|
||||||
|
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: err.message, setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
|
||||||
|
}
|
||||||
|
if (!user) {
|
||||||
|
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: 'L\'utilisateur n\'est pas autorisé.', setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
|
||||||
|
}
|
||||||
|
req.user = {
|
||||||
|
...user._json,
|
||||||
|
name: user._json.sAMAccountName,
|
||||||
|
id: user._json.sAMAccountName,
|
||||||
|
};
|
||||||
|
req.logIn(req.user, function(err) {
|
||||||
|
if (err) {
|
||||||
|
return next(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
req.session.user = req.user;
|
||||||
|
|
||||||
|
return next();
|
||||||
|
});
|
||||||
|
})(req, res, next);
|
||||||
|
}, checkUserExistsAD);
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
67
routes/Auth/Discord.js
Normal file
67
routes/Auth/Discord.js
Normal file
@@ -0,0 +1,67 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
const passport = require('passport');
|
||||||
|
const { checkUserExistsDiscord } = require('../../Middlewares/UserIDMiddlewareDiscord');
|
||||||
|
const { getUserData, getSetupData } = require('../../Middlewares/watcherMiddleware');
|
||||||
|
|
||||||
|
let userData = getUserData();
|
||||||
|
let setupData;
|
||||||
|
|
||||||
|
getSetupData().then(data => {
|
||||||
|
setupData = data;
|
||||||
|
|
||||||
|
if (setupData[0].discord !== undefined) {
|
||||||
|
const DiscordStrategy = require('../../models/Passport-Discord');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
let user = userData;
|
||||||
|
if (user.identifyURL) {
|
||||||
|
router.get("/auth/discord", (req, res) => {
|
||||||
|
res.redirect(user.identifyURL);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
router.use(passport.initialize());
|
||||||
|
router.use(passport.session());
|
||||||
|
|
||||||
|
passport.deserializeUser((user, done) => {
|
||||||
|
done(null, user);
|
||||||
|
});
|
||||||
|
|
||||||
|
router.get("/", (req, res) => {
|
||||||
|
res.redirect(setupData.discord.identifyURL);
|
||||||
|
});
|
||||||
|
|
||||||
|
router.get('/callback', (req, res, next) => {
|
||||||
|
passport.authenticate('discord', (err, user, info) => {
|
||||||
|
if (err) {
|
||||||
|
return next(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
return res.redirect('/auth/login');
|
||||||
|
}
|
||||||
|
|
||||||
|
req.logIn(user, (loginErr) => {
|
||||||
|
if (loginErr) {
|
||||||
|
return next(loginErr);
|
||||||
|
}
|
||||||
|
|
||||||
|
checkUserExistsDiscord(req, res, () => {
|
||||||
|
if (req.userExists) {
|
||||||
|
return res.redirect('/dpanel/dashboard');
|
||||||
|
} else {
|
||||||
|
createUser(req.user, (createErr) => {
|
||||||
|
if (createErr) {
|
||||||
|
return next(createErr);
|
||||||
|
}
|
||||||
|
return res.redirect('/dpanel/dashboard');
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
})(req, res, next);
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
14
routes/Auth/Login.js
Normal file
14
routes/Auth/Login.js
Normal file
@@ -0,0 +1,14 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
|
||||||
|
router.get('/', function(req, res) {
|
||||||
|
const setupFilePath = path.join('data', 'setup.json');
|
||||||
|
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
|
||||||
|
const showActiveDirectoryForm = setupData[0].ldap && setupData[0].ldap.enabled === 'on';
|
||||||
|
|
||||||
|
res.render('AuthLogin', { setupData, isAuthenticated: false, errorMessage: '', showActiveDirectoryForm, currentUrl: req.originalUrl });
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
17
routes/Auth/Logout.js
Normal file
17
routes/Auth/Logout.js
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
req.logout(function(err) {
|
||||||
|
if (err) {
|
||||||
|
return next(err);
|
||||||
|
}
|
||||||
|
res.redirect('/auth/login');
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
var opts = { failWithError: true }
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
89
routes/Dpanel/API/DeleteFile.js
Normal file
89
routes/Dpanel/API/DeleteFile.js
Normal file
@@ -0,0 +1,89 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const { filename } = req.body;
|
||||||
|
|
||||||
|
if (!userId || !filename) {
|
||||||
|
return res.status(400).json({ message: 'Identifiant d\'utilisateur ou nom de fichier manquant pour la suppression du fichier.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
const userFolderPath = path.join('cdn-files', userId);
|
||||||
|
|
||||||
|
function findAndDeleteFile(folderPath) {
|
||||||
|
const filesInFolder = fs.readdirSync(folderPath);
|
||||||
|
|
||||||
|
for (const file of filesInFolder) {
|
||||||
|
const filePath = path.join(folderPath, file);
|
||||||
|
|
||||||
|
if (!filePath.startsWith(userFolderPath)) {
|
||||||
|
console.error('Unauthorized directory access attempt');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (fs.statSync(filePath).isDirectory()) {
|
||||||
|
findAndDeleteFile(filePath);
|
||||||
|
} else if (file === filename) {
|
||||||
|
try {
|
||||||
|
fs.unlinkSync(filePath);
|
||||||
|
console.log('File deleted:', filePath);
|
||||||
|
return true;
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error deleting file:', error);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
const fileDeleted = findAndDeleteFile(userFolderPath);
|
||||||
|
|
||||||
|
if (fileDeleted) {
|
||||||
|
res.status(200).json({ status: 'success', message: 'Le fichier a été supprimé avec succès.' });
|
||||||
|
} else {
|
||||||
|
res.status(404).json({ status: 'error', message: 'Le fichier que vous essayez de supprimer n\'existe pas.' });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
const ncpAsync = (source, destination) => {
|
||||||
|
const userFolderPath = path.join('cdn-files', userId);
|
||||||
|
if (!source.startsWith(userFolderPath) || !destination.startsWith(userFolderPath)) {
|
||||||
|
throw new Error('Unauthorized directory access attempt');
|
||||||
|
}
|
||||||
|
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
ncp(source, destination, (err) => {
|
||||||
|
if (err) {
|
||||||
|
reject(err);
|
||||||
|
} else {
|
||||||
|
resolve();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
45
routes/Dpanel/API/DeleteFileFolder.js
Normal file
45
routes/Dpanel/API/DeleteFileFolder.js
Normal file
@@ -0,0 +1,45 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/:folderName', authMiddleware, (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const { filename } = req.body;
|
||||||
|
|
||||||
|
const userFolderPath = path.join('cdn-files', userId || '');
|
||||||
|
const filePath = path.join(userFolderPath, req.params.folderName, filename || '');
|
||||||
|
|
||||||
|
if (!fs.existsSync(filePath)) {
|
||||||
|
return res.status(404).json({ error: 'Le fichier spécifié n\'existe pas.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
fs.unlink(filePath, (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).json({ error: 'Erreur lors de la suppression du fichier.' });
|
||||||
|
}
|
||||||
|
res.json({ deleted: true, success: 'Fichier supprimé avec succès.' });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
48
routes/Dpanel/API/DeleteFolfder.js
Normal file
48
routes/Dpanel/API/DeleteFolfder.js
Normal file
@@ -0,0 +1,48 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.delete('/:folderName', authMiddleware, (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const folderName = req.params.folderName;
|
||||||
|
const userFolderPath = path.join('cdn-files', userId);
|
||||||
|
const folderPath = path.join(userFolderPath, folderName);
|
||||||
|
|
||||||
|
if (!fs.existsSync(folderPath)) {
|
||||||
|
return res.status(404).json({ error: 'Le dossier spécifié n\'existe pas.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!folderPath.startsWith(userFolderPath)) {
|
||||||
|
return res.status(403).json({ error: 'Vous n\'avez pas la permission de supprimer ce dossier.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
fs.rmdir(folderPath, { recursive: true }, (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).json({ error: 'Erreur lors de la suppression du dossier.' });
|
||||||
|
}
|
||||||
|
res.json({ deleted: true, success: 'Dossier supprimé avec succès.' });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
119
routes/Dpanel/API/MoveFile.js
Normal file
119
routes/Dpanel/API/MoveFile.js
Normal file
@@ -0,0 +1,119 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, async (req, res) => {
|
||||||
|
const fileName = req.body.fileName;
|
||||||
|
const folderName = req.body.folderName;
|
||||||
|
|
||||||
|
const data = await fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf-8')
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
const user = users.find(user => user.id === req.user.id);
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
console.error('User not found in user.json');
|
||||||
|
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const userId = user.name;
|
||||||
|
|
||||||
|
if (!fileName || !userId) {
|
||||||
|
console.error('fileName or userId is undefined');
|
||||||
|
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const sourcePath = path.join('cdn-files', userId, fileName);
|
||||||
|
|
||||||
|
let destinationDir;
|
||||||
|
if (folderName && folderName.trim() !== '') {
|
||||||
|
destinationDir = path.join('cdn-files', userId, folderName);
|
||||||
|
} else {
|
||||||
|
destinationDir = path.join('cdn-files', userId);
|
||||||
|
}
|
||||||
|
|
||||||
|
const destinationPath = path.join(destinationDir, fileName);
|
||||||
|
|
||||||
|
try {
|
||||||
|
const normalizedSourcePath = path.normalize(sourcePath);
|
||||||
|
console.log('Full Source Path:', normalizedSourcePath);
|
||||||
|
|
||||||
|
if (fs.existsSync(normalizedSourcePath)) {
|
||||||
|
await fs.promises.access(destinationDir);
|
||||||
|
|
||||||
|
await ncpAsync(normalizedSourcePath, destinationPath);
|
||||||
|
|
||||||
|
await fs.promises.unlink(normalizedSourcePath);
|
||||||
|
} else {
|
||||||
|
console.log('File does not exist');
|
||||||
|
}
|
||||||
|
|
||||||
|
res.redirect('/dpanel/dashboard');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/:folderName', authMiddleware, async (req, res) => {
|
||||||
|
const fileName = req.body.fileName;
|
||||||
|
const newFolderName = req.body.folderName;
|
||||||
|
const oldFolderName = req.params.folderName;
|
||||||
|
const userId = req.user && req.user._json ? req.userData.name : undefined;
|
||||||
|
|
||||||
|
if (!fileName || !userId || !oldFolderName || !newFolderName) {
|
||||||
|
console.error('fileName, userId, oldFolderName, or newFolderName is undefined');
|
||||||
|
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const userDir = path.join(process.cwd(), 'cdn-files', userId);
|
||||||
|
const sourcePath = path.join(userDir, oldFolderName, fileName);
|
||||||
|
const destinationDir = path.join(userDir, newFolderName);
|
||||||
|
const destinationPath = path.join(destinationDir, fileName);
|
||||||
|
|
||||||
|
if (!sourcePath.startsWith(userDir) || !destinationPath.startsWith(userDir)) {
|
||||||
|
ErrorLogger.error('Unauthorized directory access attempt');
|
||||||
|
return res.status(403).send('Unauthorized directory access attempt');
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
const normalizedSourcePath = path.normalize(sourcePath);
|
||||||
|
console.log('Full Source Path:', normalizedSourcePath);
|
||||||
|
|
||||||
|
if (fs.existsSync(normalizedSourcePath)) {
|
||||||
|
await fs.promises.access(destinationDir, fs.constants.W_OK);
|
||||||
|
|
||||||
|
await fs.promises.rename(normalizedSourcePath, destinationPath);
|
||||||
|
} else {
|
||||||
|
console.log('File does not exist');
|
||||||
|
}
|
||||||
|
|
||||||
|
res.redirect('/dpanel/dashboard');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
66
routes/Dpanel/API/NewFolder.js
Normal file
66
routes/Dpanel/API/NewFolder.js
Normal file
@@ -0,0 +1,66 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, (req, res) => {
|
||||||
|
try {
|
||||||
|
logger.info('Received POST request to create a new folder.');
|
||||||
|
|
||||||
|
const userId = req.userData.name;
|
||||||
|
let { folderName } = req.body;
|
||||||
|
|
||||||
|
logger.info('Received folderName:', folderName);
|
||||||
|
|
||||||
|
if (!folderName || typeof folderName !== 'string') {
|
||||||
|
ErrorLogger.error('Invalid folderName:', folderName);
|
||||||
|
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
folderName = path.basename(folderName.trim());
|
||||||
|
|
||||||
|
if (!folderName) {
|
||||||
|
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
const folderPath = path.join('cdn-files', userId, folderName);
|
||||||
|
|
||||||
|
if (fs.existsSync(folderPath)) {
|
||||||
|
logger.info('Folder already exists:', folderPath);
|
||||||
|
return res.status(400).json({ message: 'Le dossier existe déjà.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
fs.mkdir(folderPath, (err) => {
|
||||||
|
if (err) {
|
||||||
|
ErrorLogger.error(err);
|
||||||
|
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: err });
|
||||||
|
}
|
||||||
|
logger.info('Folder created successfully:', folderPath);
|
||||||
|
res.status(200).json({ message: 'Dossier créé avec succès.' });
|
||||||
|
});
|
||||||
|
} catch (error) {
|
||||||
|
ErrorLogger.error('Error creating folder:', error);
|
||||||
|
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: error });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
106
routes/Dpanel/API/RenameFile.js
Normal file
106
routes/Dpanel/API/RenameFile.js
Normal file
@@ -0,0 +1,106 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, async (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const { currentName, newName } = req.body;
|
||||||
|
|
||||||
|
if (!currentName || !newName) {
|
||||||
|
return res.status(400).send('Both currentName and newName must be provided.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const currentPath = path.join('cdn-files', userId || '', currentName);
|
||||||
|
const newPath = path.join('cdn-files', userId, newName);
|
||||||
|
|
||||||
|
try {
|
||||||
|
await fs.promises.rename(currentPath, newPath);
|
||||||
|
|
||||||
|
const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf-8')
|
||||||
|
let fileInfo = JSON.parse(data);
|
||||||
|
|
||||||
|
let found = false;
|
||||||
|
for (let i = 0; i < fileInfo.length; i++) {
|
||||||
|
if (fileInfo[i].fileName === currentName) {
|
||||||
|
fileInfo[i].fileName = newName;
|
||||||
|
found = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (found) {
|
||||||
|
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
|
||||||
|
}
|
||||||
|
|
||||||
|
res.status(200).send('L\'opération a été effectuée avec succès.');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).send('Erreur lors du changement de nom du fichier.');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/:filePath*', authMiddleware, async (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const { currentName, newName } = req.body;
|
||||||
|
const filePath = path.join(req.params.filePath, req.params[0] || '');
|
||||||
|
|
||||||
|
if (!currentName || !newName) {
|
||||||
|
return res.status(400).send('Both currentName and newName must be provided.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const userDir = path.join('cdn-files', userId);
|
||||||
|
const currentPath = path.join(userDir, filePath, currentName);
|
||||||
|
const newPath = path.join(userDir, filePath, newName);
|
||||||
|
|
||||||
|
if (!currentPath.startsWith(userDir) || !newPath.startsWith(userDir)) {
|
||||||
|
ErrorLogger.error('Unauthorized directory access attempt');
|
||||||
|
return res.status(403).send('Unauthorized directory access attempt');
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
await fs.promises.rename(currentPath, newPath);
|
||||||
|
|
||||||
|
const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf8');
|
||||||
|
let fileInfo = JSON.parse(data);
|
||||||
|
|
||||||
|
let found = false;
|
||||||
|
for (let i = 0; i < fileInfo.length; i++) {
|
||||||
|
if (fileInfo[i].fileName === currentName) {
|
||||||
|
fileInfo[i].fileName = newName;
|
||||||
|
found = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (found) {
|
||||||
|
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
|
||||||
|
}
|
||||||
|
|
||||||
|
res.status(200).send('L\'opération a été effectuée avec succès.');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).send('Erreur lors du changement de nom du fichier.');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
62
routes/Dpanel/API/Update-Setup-Admin.js
Normal file
62
routes/Dpanel/API/Update-Setup-Admin.js
Normal file
@@ -0,0 +1,62 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const osUtils = require('os-utils');
|
||||||
|
const Convert = require('ansi-to-html');
|
||||||
|
const convert = new Convert()
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
let setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
if (!req.body.ldap || !req.body.ldap.enabled) {
|
||||||
|
delete setup.ldap;
|
||||||
|
} else {
|
||||||
|
setup.ldap = req.body.ldap;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!req.body.discord || !req.body.discord.enabled) {
|
||||||
|
delete setup.discord;
|
||||||
|
} else {
|
||||||
|
setup.discord = req.body.discord;
|
||||||
|
}
|
||||||
|
|
||||||
|
setup.domain = req.body.domain;
|
||||||
|
setup.uptime = req.body.uptime;
|
||||||
|
|
||||||
|
fs.writeFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'), JSON.stringify(setup, null, 2);
|
||||||
|
|
||||||
|
res.redirect('/dpanel/dashboard/admin');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
52
routes/Dpanel/API/Upload-Role-Admin.js
Normal file
52
routes/Dpanel/API/Upload-Role-Admin.js
Normal file
@@ -0,0 +1,52 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const osUtils = require('os-utils');
|
||||||
|
const Convert = require('ansi-to-html');
|
||||||
|
const convert = new Convert()
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const { id, role } = req.body;
|
||||||
|
|
||||||
|
const user = User.find(user => user.id === id);
|
||||||
|
|
||||||
|
if (user) {
|
||||||
|
user.role = role;
|
||||||
|
}
|
||||||
|
|
||||||
|
fs.writeFileSync(path.join(__dirname, '../../../data/user.json'), JSON.stringify(User, null, 2));
|
||||||
|
|
||||||
|
res.redirect('/dpanel/dashboard/admin');
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
95
routes/Dpanel/API/Upload.js
Normal file
95
routes/Dpanel/API/Upload.js
Normal file
@@ -0,0 +1,95 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', (req, res) => {
|
||||||
|
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||||
|
});
|
||||||
|
|
||||||
|
router.use(fileUpload({
|
||||||
|
limits: { fileSize: 15 * 1024 * 1024 * 1024 },
|
||||||
|
}));
|
||||||
|
|
||||||
|
router.post('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
if (!req.files || Object.keys(req.files).length === 0) {
|
||||||
|
return res.status(400).send('5410 - Erreur de téléchargement, veuillez retenter ultérieurement.');
|
||||||
|
}
|
||||||
|
|
||||||
|
const file = req.files.file;
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const Id = req.userData.id;
|
||||||
|
const uploadDir = path.join('cdn-files', userId);
|
||||||
|
const originalFileName = file.name;
|
||||||
|
const domain = config.domain || 'mydomain.com';
|
||||||
|
let expiryDate = req.body.expiryDate;
|
||||||
|
let password = req.body.password;
|
||||||
|
|
||||||
|
if (!fs.existsSync(uploadDir)) {
|
||||||
|
fs.mkdirSync(uploadDir, { recursive: true });
|
||||||
|
}
|
||||||
|
|
||||||
|
file.mv(path.join(uploadDir, originalFileName), async (err) => {
|
||||||
|
if (err) {
|
||||||
|
console.error(err);
|
||||||
|
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
|
||||||
|
}
|
||||||
|
|
||||||
|
const fileExtension = path.extname(originalFileName).toLowerCase();
|
||||||
|
|
||||||
|
const bcrypt = require('bcrypt');
|
||||||
|
const saltRounds = 10;
|
||||||
|
|
||||||
|
let hashedPassword = '';
|
||||||
|
if (password) {
|
||||||
|
hashedPassword = bcrypt.hashSync(password, saltRounds);
|
||||||
|
}
|
||||||
|
|
||||||
|
const fileInfo = {
|
||||||
|
fileName: originalFileName,
|
||||||
|
expiryDate: expiryDate || '',
|
||||||
|
password: hashedPassword,
|
||||||
|
Id: Id,
|
||||||
|
path: path.join(uploadDir, originalFileName)
|
||||||
|
};
|
||||||
|
|
||||||
|
if (expiryDate || password) {
|
||||||
|
let data = [];
|
||||||
|
if (fs.existsSync(path.join(__dirname, '../../../data', 'file_info.json'))) {
|
||||||
|
const existingData = await fs.promises.readFile(path.join(__dirname, '../../../data', 'file_info.json'), 'utf8');
|
||||||
|
data = JSON.parse(existingData);
|
||||||
|
if (!Array.isArray(data)) {
|
||||||
|
data = [];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
data.push(fileInfo);
|
||||||
|
await fs.promises.writeFile(path.join(__dirname, '../../../data', 'file_info.json'), JSON.stringify(data, null, 2));
|
||||||
|
}
|
||||||
|
|
||||||
|
res.redirect('/dpanel/dashboard');
|
||||||
|
});
|
||||||
|
} catch (error) {
|
||||||
|
console.error(error);
|
||||||
|
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
61
routes/Dpanel/Admin/Privacy-Security.js
Normal file
61
routes/Dpanel/Admin/Privacy-Security.js
Normal file
@@ -0,0 +1,61 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const osUtils = require('os-utils');
|
||||||
|
const Convert = require('ansi-to-html');
|
||||||
|
const convert = new Convert()
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === req.user.name);
|
||||||
|
|
||||||
|
if (!user || user.role !== 'admin') {
|
||||||
|
console.log('Access denied');
|
||||||
|
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||||
|
}
|
||||||
|
|
||||||
|
const files = await fs.promises.readdir('./report');
|
||||||
|
const reports = files.filter(file => file.endsWith('.json')).map(file => {
|
||||||
|
return fs.promises.readFile(path.join('./report', file), 'utf8')
|
||||||
|
.then(content => {
|
||||||
|
return { name: file, content: content };
|
||||||
|
})
|
||||||
|
.catch(err => {
|
||||||
|
console.error(err);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
Promise.all([Promise.all(reports)]).then(([completedReports]) => {
|
||||||
|
res.render('paramAdminPrivacy&Security', { users: User, reports: completedReports });
|
||||||
|
});
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
44
routes/Dpanel/Admin/SettingSetup.js
Normal file
44
routes/Dpanel/Admin/SettingSetup.js
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === req.user.name);
|
||||||
|
|
||||||
|
if (!user || user.role !== 'admin') {
|
||||||
|
console.log('Access denied');
|
||||||
|
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||||
|
}
|
||||||
|
|
||||||
|
res.render('paramAdminSettingSetup', { users: User, setup: setup });
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
module.exports = router;
|
||||||
74
routes/Dpanel/Admin/Stats-Logs.js
Normal file
74
routes/Dpanel/Admin/Stats-Logs.js
Normal file
@@ -0,0 +1,74 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const osUtils = require('os-utils');
|
||||||
|
const Convert = require('ansi-to-html');
|
||||||
|
const convert = new Convert()
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === req.user.name);
|
||||||
|
|
||||||
|
if (!user || user.role !== 'admin') {
|
||||||
|
console.log('Access denied');
|
||||||
|
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||||
|
}
|
||||||
|
|
||||||
|
const uptime = os.uptime();
|
||||||
|
const memoryUsage = process.memoryUsage().heapUsed / 1024 / 1024;
|
||||||
|
|
||||||
|
osUtils.cpuUsage(function(cpuUsage) {
|
||||||
|
fs.readdir('./logs', (err, files) => {
|
||||||
|
if (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Error reading logs');
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
const logs = files.map(file => {
|
||||||
|
return fs.promises.readFile(path.join('./logs', file), 'utf8')
|
||||||
|
.then(content => {
|
||||||
|
content = convert.toHtml(content);
|
||||||
|
return { name: file, content: content };
|
||||||
|
})
|
||||||
|
.catch(err => {
|
||||||
|
console.error(err);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
Promise.all(logs).then(completed => {
|
||||||
|
res.render('paramAdminStats&Logs', { users: User, setup: setup, uptime, memoryUsage, cpuUsage, logs: completed });
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
55
routes/Dpanel/Admin/User.js
Normal file
55
routes/Dpanel/Admin/User.js
Normal file
@@ -0,0 +1,55 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === req.user.name);
|
||||||
|
|
||||||
|
if (!user || user.role !== 'admin') {
|
||||||
|
console.log('Access denied');
|
||||||
|
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||||
|
}
|
||||||
|
|
||||||
|
let currentPage = Number(req.query.page) || 1;
|
||||||
|
let limit = Number(req.query.limit) || 10;
|
||||||
|
|
||||||
|
let totalUsers = users.length;
|
||||||
|
let pages = Math.ceil(totalUsers / limit);
|
||||||
|
|
||||||
|
let start = (currentPage - 1) * limit;
|
||||||
|
let end = start + limit;
|
||||||
|
let usersForPage = users.slice(start, end);
|
||||||
|
|
||||||
|
res.render('paramAdminUser', { users: usersForPage, setup: setup, pages: pages, currentPage: currentPage, limit: limit });
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
46
routes/Dpanel/Admin/index.js
Normal file
46
routes/Dpanel/Admin/index.js
Normal file
@@ -0,0 +1,46 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
const User = require('../../../data/user.json');
|
||||||
|
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'));
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
try {
|
||||||
|
const data = fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf8');
|
||||||
|
const users = JSON.parse(data);
|
||||||
|
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === req.user.name);
|
||||||
|
|
||||||
|
if (!user || user.role !== 'admin') {
|
||||||
|
console.log('Access denied');
|
||||||
|
return res.status(403).json({ message: "You do not have the necessary rights to access this resource." });
|
||||||
|
}
|
||||||
|
|
||||||
|
res.render('paramAdmin', { users: User, setup: setup });
|
||||||
|
} catch (err) {
|
||||||
|
console.error(err);
|
||||||
|
res.status(500).send('Server Error');
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
93
routes/Dpanel/Dashboard/index.js
Normal file
93
routes/Dpanel/Dashboard/index.js
Normal file
@@ -0,0 +1,93 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
let configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
let config = JSON.parse(configFile)[0];
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, async (req, res) => {
|
||||||
|
const folderName = req.params.folderName || '';
|
||||||
|
|
||||||
|
if (!req.userData || !req.userData.name) {
|
||||||
|
return res.render('error-recovery-file', { error: 'User data is undefined or incomplete' });
|
||||||
|
}
|
||||||
|
|
||||||
|
const userId = req.userData.id;
|
||||||
|
const userName = req.userData.name;
|
||||||
|
const downloadDir = path.join('cdn-files', userName);
|
||||||
|
const domain = config.domain || 'swiftlogic-labs.com';
|
||||||
|
|
||||||
|
if (!config.domain) {
|
||||||
|
console.error('Domain is not defined in setup.json');
|
||||||
|
config.domain = 'swiftlogic-labs.com';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!fs.existsSync(downloadDir)) {
|
||||||
|
fs.mkdirSync(downloadDir, { recursive: true });
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
fs.accessSync(downloadDir, fs.constants.R_OK | fs.constants.W_OK);
|
||||||
|
} catch (err) {
|
||||||
|
console.error('No access!', err);
|
||||||
|
return res.render('error-recovery-file', { error: 'No access to directory' });
|
||||||
|
}
|
||||||
|
|
||||||
|
let fileInfoNames = [];
|
||||||
|
try {
|
||||||
|
const fileInfo = JSON.parse(fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8'))
|
||||||
|
|
||||||
|
if (!Array.isArray(fileInfo)) {
|
||||||
|
console.error('fileInfo is not an array. Check the contents of file_info.json');
|
||||||
|
} else {
|
||||||
|
fileInfoNames = fileInfo.map(file => file.fileName);
|
||||||
|
}
|
||||||
|
} catch (err) {
|
||||||
|
console.error('Error reading file_info.json:', err);
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
const files = await fs.promises.readdir(downloadDir);
|
||||||
|
|
||||||
|
const folders = files.filter(file => fs.statSync(path.join(downloadDir, file)).isDirectory());
|
||||||
|
|
||||||
|
const fileDetails = files.map(file => {
|
||||||
|
const filePath = path.join(downloadDir, file);
|
||||||
|
const stats = fs.statSync(filePath);
|
||||||
|
const fileExtension = path.extname(file).toLowerCase();
|
||||||
|
const encodedFileName = encodeURIComponent(file);
|
||||||
|
const fileLink = `https://${domain}/attachments/${userId}/${encodedFileName}`;
|
||||||
|
|
||||||
|
const fileType = stats.isDirectory() ? 'folder' : 'file';
|
||||||
|
|
||||||
|
return {
|
||||||
|
name: file,
|
||||||
|
size: stats.size,
|
||||||
|
url: fileLink,
|
||||||
|
extension: fileExtension,
|
||||||
|
type: fileType
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
|
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
|
||||||
|
|
||||||
|
res.render('dashboard', { files: fileDetails, folders, extensions: availableExtensions, allFolders: folders, folderName: folderName, fileInfoNames: fileInfoNames });
|
||||||
|
} catch (err) {
|
||||||
|
console.error('Error reading directory:', err);
|
||||||
|
return res.render('error-recovery-file', { error: err.message });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
127
routes/Dpanel/Folder/index.js
Normal file
127
routes/Dpanel/Folder/index.js
Normal file
@@ -0,0 +1,127 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp').ncp;
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile)[0];
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/:folderName', authMiddleware, async (req, res) => {
|
||||||
|
const userId = req.userData.name;
|
||||||
|
const folderName = req.params.folderName || '';
|
||||||
|
const folderPath = path.join('cdn-files', userId, folderName);
|
||||||
|
const userFolderPath = path.join('cdn-files', userId);
|
||||||
|
const domain = config.domain || 'swiftlogic-labs.com';
|
||||||
|
const currentFolderName = folderName || '';
|
||||||
|
|
||||||
|
const data = await fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf-8')
|
||||||
|
let users;
|
||||||
|
try {
|
||||||
|
users = JSON.parse(data);
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error parsing user.json:', error);
|
||||||
|
users = [];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Array.isArray(users)) {
|
||||||
|
console.error('Error: users is not an array. Check the contents of setup.json');
|
||||||
|
users = [];
|
||||||
|
}
|
||||||
|
|
||||||
|
const user = users.find(user => user.name === userId);
|
||||||
|
|
||||||
|
if (!user) {
|
||||||
|
console.error(`User with ID ${userId} not found in user.json`);
|
||||||
|
return res.status(500).send(`User with ID ${userId} not found in user.json`);
|
||||||
|
}
|
||||||
|
|
||||||
|
const userRealId = user.id;
|
||||||
|
|
||||||
|
const fileInfoData = await fs.readFileSync(path.join(__dirname, '../../../data', 'file_info.json'), 'utf-8')
|
||||||
|
let fileInfo;
|
||||||
|
try {
|
||||||
|
fileInfo = JSON.parse(fileInfoData);
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error parsing file_info.json:', error);
|
||||||
|
fileInfo = [];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Array.isArray(fileInfo)) {
|
||||||
|
console.error('Error: fileInfo is not an array. Check the contents of file_info.json');
|
||||||
|
fileInfo = [];
|
||||||
|
}
|
||||||
|
|
||||||
|
const fileInfoNames = fileInfo.map(file => file.fileName);
|
||||||
|
|
||||||
|
fs.readdir(folderPath, { withFileTypes: true }, (err, entries) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Error reading directory:', err);
|
||||||
|
return res.render('error-recovery-file');
|
||||||
|
}
|
||||||
|
|
||||||
|
const folders = entries
|
||||||
|
.filter(entry => entry.isDirectory())
|
||||||
|
.map(entry => entry.name);
|
||||||
|
|
||||||
|
fs.readdir(userFolderPath, { withFileTypes: true }, (err, allEntries) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Error reading user directory:', err);
|
||||||
|
return res.render('error-recovery-file');
|
||||||
|
}
|
||||||
|
|
||||||
|
const allFolders = allEntries
|
||||||
|
.filter(entry => entry.isDirectory())
|
||||||
|
.map(entry => entry.name);
|
||||||
|
|
||||||
|
const fileDetailsPromises = entries.map(entry => {
|
||||||
|
const filePath = path.join(folderPath, entry.name);
|
||||||
|
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
|
fs.stat(filePath, (err, stats) => {
|
||||||
|
if (err) {
|
||||||
|
console.error('Error getting file stats:', err);
|
||||||
|
return reject(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
const encodedFileName = encodeURIComponent(entry.name);
|
||||||
|
const fileLink = `https://${domain}/attachments/${userRealId}/${encodedFileName}`;
|
||||||
|
|
||||||
|
const fileType = entry.isDirectory() ? 'folder' : 'file';
|
||||||
|
|
||||||
|
resolve({
|
||||||
|
name: entry.name,
|
||||||
|
size: stats.size,
|
||||||
|
url: fileLink,
|
||||||
|
extension: path.extname(entry.name).toLowerCase(),
|
||||||
|
type: fileType
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
Promise.all(fileDetailsPromises)
|
||||||
|
.then(fileDetails => {
|
||||||
|
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
|
||||||
|
|
||||||
|
res.render('folder', { files: fileDetails, folders, allFolders, extensions: availableExtensions, currentFolder: currentFolderName, folderName: folderName, fileInfoNames });
|
||||||
|
})
|
||||||
|
.catch(error => {
|
||||||
|
console.error('Error processing file details:', error);
|
||||||
|
res.status(500).send('Erreur lors du traitement des détails des fichiers.');
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
27
routes/Dpanel/Upload.js
Normal file
27
routes/Dpanel/Upload.js
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const fs = require('fs');
|
||||||
|
const path = require('path');
|
||||||
|
const router = express.Router();
|
||||||
|
const fileUpload = require('express-fileupload');
|
||||||
|
const authMiddleware = require('../../Middlewares/authMiddleware');
|
||||||
|
const { loggers } = require('winston');
|
||||||
|
const ncp = require('ncp');
|
||||||
|
const util = require('util');
|
||||||
|
const ncpAsync = util.promisify(ncp.ncp);
|
||||||
|
const configFile = fs.readFileSync(path.join(__dirname, '../../data', 'setup.json'), 'utf-8')
|
||||||
|
const config = JSON.parse(configFile);
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const crypto = require('crypto');
|
||||||
|
const os = require('os');
|
||||||
|
const { getUserData, getSetupData } = require('../../Middlewares/watcherMiddleware');
|
||||||
|
const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../config/logs');
|
||||||
|
|
||||||
|
let setupData = getSetupData();
|
||||||
|
let userData = getUserData();
|
||||||
|
router.use(bodyParser.json());
|
||||||
|
|
||||||
|
router.get('/', authMiddleware, (req, res) => {
|
||||||
|
res.render('upload');
|
||||||
|
});
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
@@ -4,12 +4,13 @@ const path = require('path');
|
|||||||
const fs = require('fs').promises;
|
const fs = require('fs').promises;
|
||||||
const mime = require('mime-types');
|
const mime = require('mime-types');
|
||||||
const { logger, ErrorLogger } = require('../config/logs');
|
const { logger, ErrorLogger } = require('../config/logs');
|
||||||
const crypto = require('crypto');
|
const bcrypt = require('bcrypt');
|
||||||
|
const saltRounds = 10;
|
||||||
|
|
||||||
const baseDir = 'cdn-files';
|
const baseDir = 'cdn-files';
|
||||||
|
|
||||||
async function getSamAccountNameFromUserId(userId) {
|
async function getSamAccountNameFromUserId(userId) {
|
||||||
const data = await fs.readFile(path.join(__dirname, '../user.json'), 'utf8');
|
const data = await fs.readFile(path.join(__dirname, '../data', 'user.json'), 'utf8');
|
||||||
const users = JSON.parse(data);
|
const users = JSON.parse(data);
|
||||||
const user = users.find(user => user.id === userId);
|
const user = users.find(user => user.id === userId);
|
||||||
if (user) {
|
if (user) {
|
||||||
@@ -48,7 +49,6 @@ router.get('/:userId', (req, res) => {
|
|||||||
res.render('unauthorized');
|
res.render('unauthorized');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
router.get('/:userId/:filename', async (req, res) => {
|
router.get('/:userId/:filename', async (req, res) => {
|
||||||
const { userId, filename } = req.params;
|
const { userId, filename } = req.params;
|
||||||
|
|
||||||
@@ -59,8 +59,18 @@ router.get('/:userId/:filename', async (req, res) => {
|
|||||||
return res.render('file-not-found');
|
return res.render('file-not-found');
|
||||||
}
|
}
|
||||||
|
|
||||||
const data = await fs.readFile('file_info.json', 'utf8');
|
const data = await fs.readFile(path.join(__dirname, '../data', 'file_info.json'), 'utf8');
|
||||||
const fileInfoArray = JSON.parse(data);
|
let fileInfoArray;
|
||||||
|
try {
|
||||||
|
fileInfoArray = JSON.parse(data);
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error parsing file_info.json:', error);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Array.isArray(fileInfoArray)) {
|
||||||
|
console.error('fileInfoArray is not an array');
|
||||||
|
fileInfoArray = [];
|
||||||
|
}
|
||||||
|
|
||||||
const fileInfo = fileInfoArray.find(info => info.fileName === filename && info.Id === userId);
|
const fileInfo = fileInfoArray.find(info => info.fileName === filename && info.Id === userId);
|
||||||
|
|
||||||
@@ -113,8 +123,18 @@ router.post('/:userId/:filename', async (req, res) => {
|
|||||||
const enteredPassword = req.body.password;
|
const enteredPassword = req.body.password;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const data = await fs.readFile('file_info.json', 'utf8');
|
const data = await fs.readFile(path.join(__dirname, '../data', 'file_info.json'), 'utf8');
|
||||||
const fileInfoArray = JSON.parse(data);
|
let fileInfoArray;
|
||||||
|
try {
|
||||||
|
fileInfoArray = JSON.parse(data);
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error parsing file_info.json:', error);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Array.isArray(fileInfoArray)) {
|
||||||
|
console.error('fileInfoArray is not an array');
|
||||||
|
fileInfoArray = [];
|
||||||
|
}
|
||||||
|
|
||||||
const fileInfo = fileInfoArray.find(info => info.fileName === filename && info.Id === userId);
|
const fileInfo = fileInfoArray.find(info => info.fileName === filename && info.Id === userId);
|
||||||
|
|
||||||
@@ -122,13 +142,7 @@ router.post('/:userId/:filename', async (req, res) => {
|
|||||||
return res.json({ success: false, message: 'File not found' });
|
return res.json({ success: false, message: 'File not found' });
|
||||||
}
|
}
|
||||||
|
|
||||||
const algorithm = 'aes-256-cbc';
|
if (bcrypt.compareSync(enteredPassword, fileInfo.password)) {
|
||||||
const key = crypto.scryptSync(enteredPassword, 'salt', 32);
|
|
||||||
const iv = Buffer.alloc(16, 0);
|
|
||||||
const cipher = crypto.createCipheriv(algorithm, key, iv);
|
|
||||||
const encryptedPassword = cipher.update('', 'utf8', 'hex') + cipher.final('hex');
|
|
||||||
|
|
||||||
if (fileInfo.password === encryptedPassword) {
|
|
||||||
req.session.passwordVerified = true;
|
req.session.passwordVerified = true;
|
||||||
const filePath = await findFileInUserDir(userId, filename);
|
const filePath = await findFileInUserDir(userId, filename);
|
||||||
const fileContent = await fs.readFile(filePath);
|
const fileContent = await fs.readFile(filePath);
|
||||||
@@ -153,8 +167,18 @@ router.post('/:userId/:filename', async (req, res) => {
|
|||||||
});
|
});
|
||||||
|
|
||||||
async function deleteExpiredFiles() {
|
async function deleteExpiredFiles() {
|
||||||
let data = await fs.readFile('file_info.json', 'utf8');
|
let data = await fs.readFile(path.join(__dirname, '../data', 'file_info.json'), 'utf8');
|
||||||
let fileInfoArray = JSON.parse(data);
|
let fileInfoArray;
|
||||||
|
try {
|
||||||
|
fileInfoArray = JSON.parse(data);
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Error parsing file_info.json:', error);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!Array.isArray(fileInfoArray)) {
|
||||||
|
console.error('fileInfoArray is not an array');
|
||||||
|
fileInfoArray = [];
|
||||||
|
}
|
||||||
|
|
||||||
const now = new Date();
|
const now = new Date();
|
||||||
let newFileInfoArray = [];
|
let newFileInfoArray = [];
|
||||||
@@ -183,7 +207,7 @@ async function deleteExpiredFiles() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
await fs.writeFile('file_info.json', JSON.stringify(newFileInfoArray, null, 2), 'utf8');
|
await fs.writeFile(path.join(__dirname, '../data', 'file_info.json'), JSON.stringify(newFileInfoArray, null, 2), 'utf8');
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
ErrorLogger.error('Error writing to file_info.json:', err);
|
ErrorLogger.error('Error writing to file_info.json:', err);
|
||||||
}
|
}
|
||||||
|
|||||||
128
routes/auth.js
128
routes/auth.js
@@ -1,128 +0,0 @@
|
|||||||
const express = require('express');
|
|
||||||
const router = express.Router();
|
|
||||||
const passport = require('passport');
|
|
||||||
const fs = require('fs');
|
|
||||||
const { checkUserExistsAD } = require('../Middlewares/UserIDMiddlewareAD');
|
|
||||||
const { checkUserExistsDiscord } = require('../Middlewares/UserIDMiddlewareDiscord');
|
|
||||||
const path = require('path');
|
|
||||||
const { getUserData, getSetupData } = require('../Middlewares/watcherMiddleware');
|
|
||||||
|
|
||||||
let userData = getUserData();
|
|
||||||
let setupData;
|
|
||||||
let adStrategy;
|
|
||||||
|
|
||||||
getSetupData().then(data => {
|
|
||||||
setupData = data;
|
|
||||||
|
|
||||||
if (setupData[0].ldap !== undefined) {
|
|
||||||
adStrategy = require('../models/Passport-ActiveDirectory');
|
|
||||||
adStrategy.name = 'active-directory';
|
|
||||||
passport.use(adStrategy);
|
|
||||||
} else {
|
|
||||||
console.log('LDAP data is not defined in setup data');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (setupData[0].discord !== undefined) {
|
|
||||||
const DiscordStrategy = require('../models/Passport-Discord');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
let user = userData;
|
|
||||||
if (user.identifyURL) {
|
|
||||||
app.get("/auth/discord", (req, res) => {
|
|
||||||
res.redirect(user.identifyURL);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
router.use(passport.initialize());
|
|
||||||
router.use(passport.session());
|
|
||||||
|
|
||||||
router.get('/login', function(req, res) {
|
|
||||||
const setupFilePath = path.join('data', 'setup.json');
|
|
||||||
const setupData = JSON.parse(fs.readFileSync(setupFilePath, 'utf-8'));
|
|
||||||
const showActiveDirectoryForm = setupData.ldap && setupData.ldap.enabled === 'on';
|
|
||||||
res.render('AuthLogin', { setupData, isAuthenticated: false, errorMessage: '', showActiveDirectoryForm, currentUrl: req.originalUrl });
|
|
||||||
});
|
|
||||||
|
|
||||||
|
|
||||||
passport.deserializeUser((user, done) => {
|
|
||||||
done(null, user);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/logout', (req, res) => {
|
|
||||||
req.logout(function(err) {
|
|
||||||
if (err) {
|
|
||||||
return next(err);
|
|
||||||
}
|
|
||||||
res.redirect('/auth/login');
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
var opts = { failWithError: true }
|
|
||||||
|
|
||||||
router.post('/activedirectory', (req, res, next) => {
|
|
||||||
passport.authenticate('ActiveDirectory', (err, user) => {
|
|
||||||
if (err) {
|
|
||||||
console.log('Authentication error:', err); // Debug log
|
|
||||||
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: err.message, setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
|
|
||||||
}
|
|
||||||
if (!user) {
|
|
||||||
console.log('User not authorized'); // Debug log
|
|
||||||
return res.render('AuthLogin', { isAuthenticated: false, errorMessage: 'L\'utilisateur n\'est pas autorisé.', setupData: {}, showActiveDirectoryForm: true, currentUrl: req.originalUrl });
|
|
||||||
}
|
|
||||||
req.user = {
|
|
||||||
...user._json,
|
|
||||||
name: user._json.sAMAccountName,
|
|
||||||
id: user._json.sAMAccountName,
|
|
||||||
};
|
|
||||||
console.log('User object:', req.user); // Debug log
|
|
||||||
req.logIn(req.user, function(err) {
|
|
||||||
if (err) {
|
|
||||||
console.log('Login error:', err); // Debug log
|
|
||||||
return next(err);
|
|
||||||
}
|
|
||||||
console.log('User logged in successfully'); // Debug log
|
|
||||||
|
|
||||||
req.session.user = req.user;
|
|
||||||
|
|
||||||
return next();
|
|
||||||
});
|
|
||||||
})(req, res, next);
|
|
||||||
}, checkUserExistsAD);
|
|
||||||
|
|
||||||
router.get("/discord", (req, res) => {
|
|
||||||
res.redirect(setupData.discord.identifyURL);
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/discord/callback', (req, res, next) => {
|
|
||||||
passport.authenticate('discord', (err, user, info) => {
|
|
||||||
if (err) {
|
|
||||||
return next(err);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!user) {
|
|
||||||
return res.redirect('/auth/login');
|
|
||||||
}
|
|
||||||
|
|
||||||
req.logIn(user, (loginErr) => {
|
|
||||||
if (loginErr) {
|
|
||||||
return next(loginErr);
|
|
||||||
}
|
|
||||||
|
|
||||||
checkUserExistsDiscord(req, res, () => {
|
|
||||||
if (req.userExists) {
|
|
||||||
return res.redirect('/dpanel/dashboard');
|
|
||||||
} else {
|
|
||||||
createUser(req.user, (createErr) => {
|
|
||||||
if (createErr) {
|
|
||||||
return next(createErr);
|
|
||||||
}
|
|
||||||
return res.redirect('/dpanel/dashboard');
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
})(req, res, next);
|
|
||||||
});
|
|
||||||
|
|
||||||
module.exports = router;
|
|
||||||
724
routes/dpanel.js
724
routes/dpanel.js
@@ -1,724 +0,0 @@
|
|||||||
const express = require('express');
|
|
||||||
const fs = require('fs');
|
|
||||||
const path = require('path');
|
|
||||||
const router = express.Router();
|
|
||||||
const fileUpload = require('express-fileupload');
|
|
||||||
const authMiddleware = require('../Middlewares/authMiddleware');
|
|
||||||
const { loggers } = require('winston');
|
|
||||||
const ncp = require('ncp').ncp;
|
|
||||||
const configFile = fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8')
|
|
||||||
const config = JSON.parse(configFile);
|
|
||||||
const bodyParser = require('body-parser');
|
|
||||||
const crypto = require('crypto');
|
|
||||||
const os = require('os');
|
|
||||||
const { getUserData, getSetupData } = require('../Middlewares/watcherMiddleware');
|
|
||||||
|
|
||||||
let setupData = getSetupData();
|
|
||||||
let userData = getUserData();
|
|
||||||
router.use(bodyParser.json());
|
|
||||||
|
|
||||||
router.get('/dashboard', authMiddleware, async (req, res) => {
|
|
||||||
const folderName = req.params.folderName || '';
|
|
||||||
|
|
||||||
if (!req.userData || !req.userData.name) {
|
|
||||||
return res.render('error-recovery-file', { error: 'User data is undefined or incomplete' });
|
|
||||||
}
|
|
||||||
|
|
||||||
const userId = req.userData.id;
|
|
||||||
const userName = req.userData.name;
|
|
||||||
const downloadDir = path.join('cdn-files', userName);
|
|
||||||
const domain = config.domain || 'mydomain.com';
|
|
||||||
|
|
||||||
if (!fs.existsSync(downloadDir)) {
|
|
||||||
fs.mkdirSync(downloadDir, { recursive: true });
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
fs.accessSync(downloadDir, fs.constants.R_OK | fs.constants.W_OK);
|
|
||||||
} catch (err) {
|
|
||||||
console.error('No access!', err);
|
|
||||||
return res.render('error-recovery-file', { error: 'No access to directory' });
|
|
||||||
}
|
|
||||||
|
|
||||||
let fileInfoNames = [];
|
|
||||||
try {
|
|
||||||
const fileInfo = JSON.parse(fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'))
|
|
||||||
fileInfoNames = fileInfo.map(file => file.fileName);
|
|
||||||
|
|
||||||
fileInfo.map(/* ... */);
|
|
||||||
} catch (err) {
|
|
||||||
console.error('Error reading file_info.json:', err);
|
|
||||||
}
|
|
||||||
|
|
||||||
try {
|
|
||||||
const files = await fs.promises.readdir(downloadDir);
|
|
||||||
|
|
||||||
const folders = files.filter(file => fs.statSync(path.join(downloadDir, file)).isDirectory());
|
|
||||||
|
|
||||||
const fileDetails = files.map(file => {
|
|
||||||
const filePath = path.join(downloadDir, file);
|
|
||||||
const stats = fs.statSync(filePath);
|
|
||||||
const fileExtension = path.extname(file).toLowerCase();
|
|
||||||
const encodedFileName = encodeURIComponent(file);
|
|
||||||
const fileLink = `https://${domain}/attachments/${userId}/${encodedFileName}`;
|
|
||||||
|
|
||||||
const fileType = stats.isDirectory() ? 'folder' : 'file';
|
|
||||||
|
|
||||||
return {
|
|
||||||
name: file,
|
|
||||||
size: stats.size,
|
|
||||||
url: fileLink,
|
|
||||||
extension: fileExtension,
|
|
||||||
type: fileType
|
|
||||||
};
|
|
||||||
});
|
|
||||||
|
|
||||||
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
|
|
||||||
|
|
||||||
res.render('dashboard', { files: fileDetails, folders, extensions: availableExtensions, allFolders: folders, folderName: folderName, fileInfoNames: fileInfoNames });
|
|
||||||
} catch (err) {
|
|
||||||
console.error('Error reading directory:', err);
|
|
||||||
return res.render('error-recovery-file', { error: err.message });
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/dashboard/folder/:folderName', authMiddleware, async (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const folderName = req.params.folderName || '';
|
|
||||||
const folderPath = path.join('cdn-files', userId, folderName);
|
|
||||||
const userFolderPath = path.join('cdn-files', userId);
|
|
||||||
const domain = config.domain || 'mydomain.com';
|
|
||||||
const currentFolderName = folderName || '';
|
|
||||||
|
|
||||||
const data = await fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8')
|
|
||||||
let users;
|
|
||||||
try {
|
|
||||||
users = JSON.parse(data);
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error parsing setup.json:', error);
|
|
||||||
users = [];
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!Array.isArray(users)) {
|
|
||||||
console.error('Error: users is not an array. Check the contents of setup.json');
|
|
||||||
users = [];
|
|
||||||
}
|
|
||||||
|
|
||||||
const user = users.find(user => user.name === userId);
|
|
||||||
|
|
||||||
if (!user) {
|
|
||||||
return res.status(500).send('User not found in user.json');
|
|
||||||
}
|
|
||||||
|
|
||||||
const userRealId = user.id;
|
|
||||||
|
|
||||||
const fileInfoData = await fs.readFileSync(path.join(__dirname, '../data', 'file_info.json'), 'utf-8')
|
|
||||||
let fileInfo;
|
|
||||||
try {
|
|
||||||
fileInfo = JSON.parse(fileInfoData);
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error parsing file_info.json:', error);
|
|
||||||
fileInfo = [];
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check if fileInfo is an array
|
|
||||||
if (!Array.isArray(fileInfo)) {
|
|
||||||
console.error('Error: fileInfo is not an array. Check the contents of file_info.json');
|
|
||||||
fileInfo = []; // Default to an empty array to prevent further errors
|
|
||||||
}
|
|
||||||
|
|
||||||
const fileInfoNames = fileInfo.map(file => file.fileName);
|
|
||||||
|
|
||||||
fs.readdir(folderPath, { withFileTypes: true }, (err, entries) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('Error reading directory:', err);
|
|
||||||
return res.render('error-recovery-file');
|
|
||||||
}
|
|
||||||
|
|
||||||
const folders = entries
|
|
||||||
.filter(entry => entry.isDirectory())
|
|
||||||
.map(entry => entry.name);
|
|
||||||
|
|
||||||
fs.readdir(userFolderPath, { withFileTypes: true }, (err, allEntries) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('Error reading user directory:', err);
|
|
||||||
return res.render('error-recovery-file');
|
|
||||||
}
|
|
||||||
|
|
||||||
const allFolders = allEntries
|
|
||||||
.filter(entry => entry.isDirectory())
|
|
||||||
.map(entry => entry.name);
|
|
||||||
|
|
||||||
const fileDetailsPromises = entries.map(entry => {
|
|
||||||
const filePath = path.join(folderPath, entry.name);
|
|
||||||
|
|
||||||
return new Promise((resolve, reject) => {
|
|
||||||
fs.stat(filePath, (err, stats) => {
|
|
||||||
if (err) {
|
|
||||||
console.error('Error getting file stats:', err);
|
|
||||||
return reject(err);
|
|
||||||
}
|
|
||||||
|
|
||||||
const encodedFileName = encodeURIComponent(entry.name);
|
|
||||||
const fileLink = `https://${domain}/attachments/${userRealId}/${encodedFileName}`;
|
|
||||||
|
|
||||||
const fileType = entry.isDirectory() ? 'folder' : 'file';
|
|
||||||
|
|
||||||
resolve({
|
|
||||||
name: entry.name,
|
|
||||||
size: stats.size,
|
|
||||||
url: fileLink,
|
|
||||||
extension: path.extname(entry.name).toLowerCase(),
|
|
||||||
type: fileType
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
Promise.all(fileDetailsPromises)
|
|
||||||
.then(fileDetails => {
|
|
||||||
const availableExtensions = Array.from(new Set(fileDetails.map(file => file.extension)));
|
|
||||||
|
|
||||||
res.render('folder', { files: fileDetails, folders, allFolders, extensions: availableExtensions, currentFolder: currentFolderName, folderName: folderName, fileInfoNames });
|
|
||||||
})
|
|
||||||
.catch(error => {
|
|
||||||
console.error('Error processing file details:', error);
|
|
||||||
res.status(500).send('Erreur lors du traitement des détails des fichiers.');
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/newfolder', authMiddleware, (req, res) => {
|
|
||||||
try {
|
|
||||||
console.log('Received POST request to create a new folder.');
|
|
||||||
|
|
||||||
const userId = req.userData.name;
|
|
||||||
let { folderName } = req.body;
|
|
||||||
|
|
||||||
console.log('Received folderName:', folderName);
|
|
||||||
|
|
||||||
if (!folderName || typeof folderName !== 'string') {
|
|
||||||
console.log('Invalid folderName:', folderName);
|
|
||||||
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
folderName = folderName.trim();
|
|
||||||
|
|
||||||
if (!folderName) {
|
|
||||||
console.log('Trimmed folderName is empty.');
|
|
||||||
return res.status(400).json({ message: 'Le nom du dossier ne peut pas être vide.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
const folderPath = path.join('cdn-files', userId, folderName);
|
|
||||||
|
|
||||||
if (fs.existsSync(folderPath)) {
|
|
||||||
console.log('Folder already exists:', folderPath);
|
|
||||||
return res.status(400).json({ message: 'Le dossier existe déjà.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
fs.mkdir(folderPath, (err) => {
|
|
||||||
if (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: err });
|
|
||||||
}
|
|
||||||
console.log('Folder created successfully:', folderPath);
|
|
||||||
res.status(200).json({ message: 'Dossier créé avec succès.' });
|
|
||||||
});
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error creating folder:', error);
|
|
||||||
return res.status(500).json({ message: 'Erreur lors de la création du dossier.', error: error });
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/rename', authMiddleware, async (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const { currentName, newName } = req.body;
|
|
||||||
|
|
||||||
if (!currentName || !newName) {
|
|
||||||
return res.status(400).send('Both currentName and newName must be provided.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const currentPath = path.join('cdn-files', userId || '', currentName);
|
|
||||||
const newPath = path.join('cdn-files', userId, newName);
|
|
||||||
|
|
||||||
try {
|
|
||||||
await fs.promises.rename(currentPath, newPath);
|
|
||||||
|
|
||||||
const data = await fs.promise.readFileSync(path.join(__dirname, '../data', 'file_info.json'), 'utf-8')
|
|
||||||
let fileInfo = JSON.parse(data);
|
|
||||||
|
|
||||||
let found = false;
|
|
||||||
for (let i = 0; i < fileInfo.length; i++) {
|
|
||||||
if (fileInfo[i].fileName === currentName) {
|
|
||||||
fileInfo[i].fileName = newName;
|
|
||||||
found = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (found) {
|
|
||||||
await fs.promises.writeFile(path.join(__dirname, '../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.status(200).send('L\'opération a été effectuée avec succès.');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).send('Erreur lors du changement de nom du fichier.');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/rename/:filePath*', authMiddleware, async (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const { currentName, newName } = req.body;
|
|
||||||
const filePath = path.join(req.params.filePath, req.params[0] || '');
|
|
||||||
|
|
||||||
if (!currentName || !newName) {
|
|
||||||
return res.status(400).send('Both currentName and newName must be provided.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const currentPath = path.join('cdn-files', userId || '', filePath, currentName);
|
|
||||||
const newPath = path.join('cdn-files', userId, filePath, newName);
|
|
||||||
|
|
||||||
try {
|
|
||||||
await fs.promises.rename(currentPath, newPath);
|
|
||||||
|
|
||||||
const data = await fs.promises.readFile(path.join(__dirname, '../data', 'file_info.json'), 'utf8');
|
|
||||||
let fileInfo = JSON.parse(data);
|
|
||||||
|
|
||||||
let found = false;
|
|
||||||
for (let i = 0; i < fileInfo.length; i++) {
|
|
||||||
if (fileInfo[i].fileName === currentName) {
|
|
||||||
fileInfo[i].fileName = newName;
|
|
||||||
found = true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (found) {
|
|
||||||
await fs.promises.writeFile(path.join(__dirname, '../data', 'file_info.json'), JSON.stringify(fileInfo, null, 2), 'utf8');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.status(200).send('L\'opération a été effectuée avec succès.');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).send('Erreur lors du changement de nom du fichier.');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/delete', authMiddleware, (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const { filename } = req.body;
|
|
||||||
|
|
||||||
if (!userId || !filename) {
|
|
||||||
return res.status(400).json({ message: 'Identifiant d\'utilisateur ou nom de fichier manquant pour la suppression du fichier.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
const userFolderPath = path.join('cdn-files', userId);
|
|
||||||
|
|
||||||
function findAndDeleteFile(folderPath) {
|
|
||||||
const filesInFolder = fs.readdirSync(folderPath);
|
|
||||||
|
|
||||||
for (const file of filesInFolder) {
|
|
||||||
const filePath = path.join(folderPath, file);
|
|
||||||
|
|
||||||
if (fs.statSync(filePath).isDirectory()) {
|
|
||||||
findAndDeleteFile(filePath);
|
|
||||||
} else if (file === filename) {
|
|
||||||
try {
|
|
||||||
fs.unlinkSync(filePath);
|
|
||||||
console.log('File deleted:', filePath);
|
|
||||||
return true;
|
|
||||||
} catch (error) {
|
|
||||||
console.error('Error deleting file:', error);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
const fileDeleted = findAndDeleteFile(userFolderPath);
|
|
||||||
|
|
||||||
if (fileDeleted) {
|
|
||||||
res.status(200).json({ status: 'success', message: 'Le fichier a été supprimé avec succès.' });
|
|
||||||
} else {
|
|
||||||
res.status(404).json({ status: 'error', message: 'Le fichier que vous essayez de supprimer n\'existe pas.' });
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
const ncpAsync = (source, destination) => {
|
|
||||||
return new Promise((resolve, reject) => {
|
|
||||||
ncp(source, destination, (err) => {
|
|
||||||
if (err) {
|
|
||||||
reject(err);
|
|
||||||
} else {
|
|
||||||
resolve();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
};
|
|
||||||
|
|
||||||
router.post('/dashboard/movefile', authMiddleware, async (req, res) => {
|
|
||||||
const fileName = req.body.fileName;
|
|
||||||
const folderName = req.body.folderName;
|
|
||||||
|
|
||||||
const data = await fs.readFileSync(path.join(__dirname, '../data', 'user.json.json'), 'utf-8')
|
|
||||||
const users = JSON.parse(data);
|
|
||||||
const user = users.find(user => user.id === req.user.id);
|
|
||||||
|
|
||||||
if (!user) {
|
|
||||||
console.error('User not found in user.json');
|
|
||||||
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const userId = user.name;
|
|
||||||
|
|
||||||
if (!fileName || !userId) {
|
|
||||||
console.error('fileName or userId is undefined');
|
|
||||||
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const sourcePath = path.join('cdn-files', userId, fileName);
|
|
||||||
|
|
||||||
let destinationDir;
|
|
||||||
if (folderName && folderName.trim() !== '') {
|
|
||||||
destinationDir = path.join('cdn-files', userId, folderName);
|
|
||||||
} else {
|
|
||||||
destinationDir = path.join('cdn-files', userId);
|
|
||||||
}
|
|
||||||
|
|
||||||
const destinationPath = path.join(destinationDir, fileName);
|
|
||||||
|
|
||||||
try {
|
|
||||||
const normalizedSourcePath = path.normalize(sourcePath);
|
|
||||||
console.log('Full Source Path:', normalizedSourcePath);
|
|
||||||
|
|
||||||
if (fs.existsSync(normalizedSourcePath)) {
|
|
||||||
await fs.promises.access(destinationDir);
|
|
||||||
|
|
||||||
await ncpAsync(normalizedSourcePath, destinationPath);
|
|
||||||
|
|
||||||
await fs.promises.unlink(normalizedSourcePath);
|
|
||||||
} else {
|
|
||||||
console.log('File does not exist');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.redirect('/dpanel/dashboard');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/movefile/:folderName', authMiddleware, async (req, res) => {
|
|
||||||
|
|
||||||
const fileName = req.body.fileName;
|
|
||||||
const newFolderName = req.body.folderName;
|
|
||||||
const oldFolderName = req.params.folderName;
|
|
||||||
const userId = req.user && req.user._json ? req.userData.name : undefined;
|
|
||||||
|
|
||||||
if (!fileName || !userId || !oldFolderName || !newFolderName) {
|
|
||||||
console.error('fileName, userId, oldFolderName, or newFolderName is undefined');
|
|
||||||
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const sourcePath = path.join(process.cwd(), 'cdn-files', userId, oldFolderName, fileName);
|
|
||||||
const destinationDir = path.join(process.cwd(), 'cdn-files', userId, newFolderName);
|
|
||||||
const destinationPath = path.join(destinationDir, fileName);
|
|
||||||
|
|
||||||
try {
|
|
||||||
const normalizedSourcePath = path.normalize(sourcePath);
|
|
||||||
console.log('Full Source Path:', normalizedSourcePath);
|
|
||||||
|
|
||||||
if (fs.existsSync(normalizedSourcePath)) {
|
|
||||||
await fs.promises.access(destinationDir, fs.constants.W_OK);
|
|
||||||
|
|
||||||
await fs.promises.rename(normalizedSourcePath, destinationPath);
|
|
||||||
} else {
|
|
||||||
console.log('File does not exist');
|
|
||||||
}
|
|
||||||
|
|
||||||
res.redirect('/dpanel/dashboard');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).send('Erreur lors du déplacement du fichier.');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.delete('/dashboard/deletefolder/:folderName', authMiddleware, (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const { filename } = req.body;
|
|
||||||
|
|
||||||
const userFolderPath = path.join('cdn-files', userId || '');
|
|
||||||
const folderPath = path.join(userFolderPath, req.params.folderName || '');
|
|
||||||
|
|
||||||
if (!fs.existsSync(folderPath)) {
|
|
||||||
return res.status(404).json({ error: 'Le dossier spécifié n\'existe pas.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
fs.rmdirSync(folderPath, { recursive: true });
|
|
||||||
|
|
||||||
res.json({ deleted: true, success: 'Dossier supprimé avec succès.' });
|
|
||||||
});
|
|
||||||
|
|
||||||
router.delete('/dashboard/deletefolder/:folderName', authMiddleware, (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const folderName = req.params.folderName;
|
|
||||||
const folderPath = path.join('cdn-files', userId, folderName);
|
|
||||||
|
|
||||||
fs.rmdir(folderPath, { recursive: true }, (err) => {
|
|
||||||
if (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).json({ error: 'Erreur lors de la suppression du dossier.' });
|
|
||||||
}
|
|
||||||
res.json({ deleted: true, success: 'Dossier supprimé avec succès.' });
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/deletefile/:folderName', authMiddleware, (req, res) => {
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const { filename } = req.body;
|
|
||||||
|
|
||||||
const userFolderPath = path.join('cdn-files', userId || '');
|
|
||||||
const filePath = path.join(userFolderPath, req.params.folderName, filename || '');
|
|
||||||
|
|
||||||
if (!fs.existsSync(filePath)) {
|
|
||||||
return res.status(404).json({ error: 'Le fichier spécifié n\'existe pas.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
fs.unlink(filePath, (err) => {
|
|
||||||
if (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).json({ error: 'Erreur lors de la suppression du fichier.' });
|
|
||||||
}
|
|
||||||
res.json({ deleted: true, success: 'Fichier supprimé avec succès.' });
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/upload', authMiddleware, (req, res) => {
|
|
||||||
res.render('upload');
|
|
||||||
});
|
|
||||||
|
|
||||||
router.use(fileUpload({
|
|
||||||
limits: { fileSize: 15 * 1024 * 1024 * 1024 },
|
|
||||||
}));
|
|
||||||
|
|
||||||
router.post('/upload', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
if (!req.files || Object.keys(req.files).length === 0) {
|
|
||||||
return res.status(400).send('5410 - Erreur de téléchargement, veuillez retenter ultérieurement.');
|
|
||||||
}
|
|
||||||
|
|
||||||
const file = req.files.file;
|
|
||||||
const userId = req.userData.name;
|
|
||||||
const Id = req.userData.id;
|
|
||||||
const uploadDir = path.join('cdn-files', userId);
|
|
||||||
const originalFileName = file.name;
|
|
||||||
const domain = config.domain || 'mydomain.com';
|
|
||||||
let expiryDate = req.body.expiryDate;
|
|
||||||
let password = req.body.password;
|
|
||||||
|
|
||||||
if (!fs.existsSync(uploadDir)) {
|
|
||||||
fs.mkdirSync(uploadDir, { recursive: true });
|
|
||||||
}
|
|
||||||
|
|
||||||
file.mv(path.join(uploadDir, originalFileName), async (err) => {
|
|
||||||
if (err) {
|
|
||||||
console.error(err);
|
|
||||||
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
|
|
||||||
}
|
|
||||||
|
|
||||||
const fileExtension = path.extname(originalFileName).toLowerCase();
|
|
||||||
|
|
||||||
let encryptedPassword = '';
|
|
||||||
if (password) {
|
|
||||||
const algorithm = 'aes-256-cbc';
|
|
||||||
const key = crypto.scryptSync(password, 'salt', 32);
|
|
||||||
const iv = Buffer.alloc(16, 0);
|
|
||||||
const cipher = crypto.createCipheriv(algorithm, key, iv);
|
|
||||||
encryptedPassword = cipher.update('', 'utf8', 'hex');
|
|
||||||
encryptedPassword += cipher.final('hex');
|
|
||||||
}
|
|
||||||
|
|
||||||
const fileInfo = {
|
|
||||||
fileName: originalFileName,
|
|
||||||
expiryDate: expiryDate || '',
|
|
||||||
password: encryptedPassword,
|
|
||||||
Id: Id,
|
|
||||||
path: path.join(uploadDir, originalFileName)
|
|
||||||
};
|
|
||||||
|
|
||||||
if (expiryDate || password) {
|
|
||||||
let data = [];
|
|
||||||
if (fs.existsSync(path.join(__dirname, '../data', 'file_info.json'))) {
|
|
||||||
const existingData = await fs.promises.readFile(path.join(__dirname, '../data', 'file_info.json'), 'utf8');
|
|
||||||
data = JSON.parse(existingData);
|
|
||||||
}
|
|
||||||
data.push(fileInfo);
|
|
||||||
await fs.promises.writeFile(path.join(__dirname, '../data', 'file_info.json'), JSON.stringify(data, null, 2));
|
|
||||||
}
|
|
||||||
|
|
||||||
res.redirect('/dpanel/dashboard');
|
|
||||||
});
|
|
||||||
} catch (error) {
|
|
||||||
console.error(error);
|
|
||||||
return res.status(500).send({ message: 'Erreur lors du téléchargement du fichier.' });
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
const User = require('../data/user.json');
|
|
||||||
const setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'));
|
|
||||||
|
|
||||||
router.get('/dashboard/admin', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
res.render('paramAdmin', { users: User, setup: setup });
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
|
|
||||||
router.get('/dashboard/admin/users', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
let currentPage = Number(req.query.page) || 1;
|
|
||||||
let limit = Number(req.query.limit) || 10;
|
|
||||||
|
|
||||||
let rawdata = fs.readFileSync(path.join(__dirname, '../data/user.json'));
|
|
||||||
let users = JSON.parse(rawdata);
|
|
||||||
|
|
||||||
let totalUsers = users.length;
|
|
||||||
let pages = Math.ceil(totalUsers / limit);
|
|
||||||
|
|
||||||
let start = (currentPage - 1) * limit;
|
|
||||||
let end = start + limit;
|
|
||||||
let usersForPage = users.slice(start, end);
|
|
||||||
|
|
||||||
res.render('paramAdminUser', { users: usersForPage, setup: setup, pages: pages, currentPage: currentPage, limit: limit });
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/dashboard/admin/settingsetup', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
res.render('paramAdminSettingSetup', { users: User, setup: setup });
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
const osUtils = require('os-utils');
|
|
||||||
|
|
||||||
const Convert = require('ansi-to-html');
|
|
||||||
const convert = new Convert();
|
|
||||||
|
|
||||||
router.get('/dashboard/admin/stats-logs', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
const uptime = os.uptime();
|
|
||||||
const memoryUsage = process.memoryUsage().heapUsed / 1024 / 1024;
|
|
||||||
|
|
||||||
osUtils.cpuUsage(function(cpuUsage) {
|
|
||||||
fs.readdir('./logs', (err, files) => {
|
|
||||||
if (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Error reading logs');
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
const logs = files.map(file => {
|
|
||||||
return fs.promises.readFile(path.join('./logs', file), 'utf8')
|
|
||||||
.then(content => {
|
|
||||||
content = convert.toHtml(content);
|
|
||||||
return { name: file, content: content };
|
|
||||||
})
|
|
||||||
.catch(err => {
|
|
||||||
console.error(err);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
Promise.all(logs).then(completed => {
|
|
||||||
res.render('paramAdminStats&Logs', { users: User, setup: setup, uptime, memoryUsage, cpuUsage, logs: completed });
|
|
||||||
});
|
|
||||||
});
|
|
||||||
});
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.get('/dashboard/admin/Privacy-Security', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
const files = await fs.promises.readdir('./report');
|
|
||||||
const reports = files.filter(file => file.endsWith('.json')).map(file => {
|
|
||||||
return fs.promises.readFile(path.join('./report', file), 'utf8')
|
|
||||||
.then(content => {
|
|
||||||
return { name: file, content: content };
|
|
||||||
})
|
|
||||||
.catch(err => {
|
|
||||||
console.error(err);
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
Promise.all([Promise.all(reports)]).then(([completedReports]) => {
|
|
||||||
res.render('paramAdminPrivacy&Security', { users: User, reports: completedReports });
|
|
||||||
});
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/update-role', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
const { id, role } = req.body;
|
|
||||||
|
|
||||||
const user = User.find(user => user.id === id);
|
|
||||||
|
|
||||||
if (user) {
|
|
||||||
user.role = role;
|
|
||||||
}
|
|
||||||
|
|
||||||
fs.writeFileSync(path.join(__dirname, '../data/user.json'), JSON.stringify(User, null, 2));
|
|
||||||
|
|
||||||
res.redirect('/dpanel/dashboard/admin');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
router.post('/dashboard/update-setup', authMiddleware, async (req, res) => {
|
|
||||||
try {
|
|
||||||
let setup = JSON.parse(fs.readFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'));
|
|
||||||
|
|
||||||
if (!req.body.ldap || !req.body.ldap.enabled) {
|
|
||||||
delete setup.ldap;
|
|
||||||
} else {
|
|
||||||
setup.ldap = req.body.ldap;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!req.body.discord || !req.body.discord.enabled) {
|
|
||||||
delete setup.discord;
|
|
||||||
} else {
|
|
||||||
setup.discord = req.body.discord;
|
|
||||||
}
|
|
||||||
|
|
||||||
setup.domain = req.body.domain;
|
|
||||||
setup.uptime = req.body.uptime;
|
|
||||||
|
|
||||||
fs.writeFileSync(path.join(__dirname, '../data', 'setup.json'), 'utf-8'), JSON.stringify(setup, null, 2);
|
|
||||||
|
|
||||||
res.redirect('/dpanel/dashboard/admin');
|
|
||||||
} catch (err) {
|
|
||||||
console.error(err);
|
|
||||||
res.status(500).send('Server Error');
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
module.exports = router;
|
|
||||||
59
routes/routes.js
Normal file
59
routes/routes.js
Normal file
@@ -0,0 +1,59 @@
|
|||||||
|
const express = require('express');
|
||||||
|
const router = express.Router();
|
||||||
|
const path = require('path');
|
||||||
|
|
||||||
|
const indexRoute = require('./index.js');
|
||||||
|
const DpanelDashboardRoute = require('./Dpanel/Dashboard/index.js');
|
||||||
|
const DpanelFolderRoute = require('./Dpanel/Folder/index.js');
|
||||||
|
const DpanelUploadRoute = require('./Dpanel/Upload.js');
|
||||||
|
const AttachmentsRoute = require('./attachments.js');
|
||||||
|
|
||||||
|
const NewFolderRoute = require('./Dpanel/API/NewFolder.js');
|
||||||
|
const RenameFileRoute = require('./Dpanel/API/RenameFile.js');
|
||||||
|
const DeleteFileRoute = require('./Dpanel/API/DeleteFile.js');
|
||||||
|
const MoveFileRoute = require('./Dpanel/API/MoveFile.js');
|
||||||
|
const UploadRoute = require('./Dpanel/API/Upload.js');
|
||||||
|
const UpdateRoleAdminRoute = require('./Dpanel/API/Upload-Role-Admin.js');
|
||||||
|
const UpdateSetupAdminRoute = require('./Dpanel/API/Update-Setup-Admin.js');
|
||||||
|
const DeleteFolderRoute = require('./Dpanel/API/DeleteFolfder.js');
|
||||||
|
const DeleteFileFolderRoute = require('./Dpanel/API/DeleteFileFolder.js');
|
||||||
|
|
||||||
|
const loginRoute = require('./Auth/Login.js');
|
||||||
|
const logoutRoute = require('./Auth/Logout.js');
|
||||||
|
const activeDirectoryRoute = require('./Auth/ActiveDirectory.js');
|
||||||
|
const discordRoute = require('./Auth/Discord.js');
|
||||||
|
|
||||||
|
const AdminDpanelRoute = require('./Dpanel/Admin/index.js');
|
||||||
|
const AdminUsersDpanelRoute = require('./Dpanel/Admin/User.js');
|
||||||
|
const AdminSettingSetupDpanelRoute = require('./Dpanel/Admin/SettingSetup.js');
|
||||||
|
const AdminStatsLogsDpanelRoute = require('./Dpanel/Admin/Stats-Logs.js');
|
||||||
|
const AdminPrivacySecurityDpanelRoute = require('./Dpanel/Admin/Privacy-Security.js');
|
||||||
|
|
||||||
|
router.use('/', indexRoute);
|
||||||
|
router.use('/attachments', AttachmentsRoute);
|
||||||
|
|
||||||
|
router.use('/dpanel/dashboard', DpanelDashboardRoute);
|
||||||
|
router.use('/dpanel/upload', DpanelUploadRoute);
|
||||||
|
router.use('/dpanel/dashboard/folder', DpanelFolderRoute);
|
||||||
|
router.use('/dpanel/dashboard/admin', AdminDpanelRoute);
|
||||||
|
router.use('/dpanel/dashboard/admin/users', AdminUsersDpanelRoute);
|
||||||
|
router.use('/dpanel/dashboard/admin/settingsetup', AdminSettingSetupDpanelRoute)
|
||||||
|
router.use('/dpanel/dashboard/admin/stats-logs', AdminStatsLogsDpanelRoute);;
|
||||||
|
router.use('/dpanel/dashboard/admin/Privacy-Security', AdminPrivacySecurityDpanelRoute);
|
||||||
|
|
||||||
|
router.use('/api/dpanel/dashboard/newfolder', NewFolderRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/rename', RenameFileRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/delete', DeleteFileRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/movefile', MoveFileRoute);
|
||||||
|
router.use('/api/dpanel/upload', UploadRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/admin/update-role', UpdateRoleAdminRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/admin/update-setup', UpdateSetupAdminRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/deletefolder', DeleteFolderRoute);
|
||||||
|
router.use('/api/dpanel/dashboard/deletefile/', DeleteFileFolderRoute);
|
||||||
|
|
||||||
|
router.use('/auth/login', loginRoute);
|
||||||
|
router.use('/auth/logout', logoutRoute);
|
||||||
|
router.use('/auth/activedirectory', activeDirectoryRoute);
|
||||||
|
router.use('/auth/discord', discordRoute);
|
||||||
|
|
||||||
|
module.exports = router;
|
||||||
18
server.js
18
server.js
@@ -33,7 +33,7 @@ if (setup.ldap !== undefined) {
|
|||||||
app.use(express.static(path.join(__dirname, 'public')));
|
app.use(express.static(path.join(__dirname, 'public')));
|
||||||
|
|
||||||
app.get(['/data/user.json', '/data/file_info.json', '/data/setup.json'], (req, res) => {
|
app.get(['/data/user.json', '/data/file_info.json', '/data/setup.json'], (req, res) => {
|
||||||
res.status(403).send('Access Denied');
|
res.status(403).json({ error: 'Access Denied. You do not have permission to access this resource.' });
|
||||||
});app.use(express.urlencoded({ extended: true }));
|
});app.use(express.urlencoded({ extended: true }));
|
||||||
|
|
||||||
function generateSecretKey() {
|
function generateSecretKey() {
|
||||||
@@ -54,19 +54,11 @@ app.use(bodyParser.urlencoded({ extended: true }));
|
|||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
app.use(flash());
|
app.use(flash());
|
||||||
|
|
||||||
const indexRoute = require('./routes/index.js');
|
const routes = require('./routes/routes.js');
|
||||||
const AuthRoute = require('./routes/auth.js');
|
app.use('/public', express.static(path.join(__dirname, 'public')));
|
||||||
const DpanelRoute = require('./routes/dpanel.js');
|
|
||||||
const AttachmentsRoute = require('./routes/attachments.js');
|
|
||||||
|
|
||||||
app.set('view engine', 'ejs');
|
app.set('view engine', 'ejs');
|
||||||
app.set('views', __dirname + '/views');
|
app.set('views', __dirname + '/views');
|
||||||
|
app.use(routes);
|
||||||
app.use('/', indexRoute);
|
|
||||||
app.use('/auth', AuthRoute);
|
|
||||||
app.use('/dpanel', DpanelRoute);
|
|
||||||
app.use('/attachments', AttachmentsRoute);
|
|
||||||
app.use('/public', express.static(path.join(__dirname, 'public')));
|
|
||||||
|
|
||||||
app.use(logRequestInfo);
|
app.use(logRequestInfo);
|
||||||
|
|
||||||
@@ -85,7 +77,7 @@ cron.schedule('00 03 * * *', async () => {
|
|||||||
|
|
||||||
cron.schedule('0 * * * *', async () => {
|
cron.schedule('0 * * * *', async () => {
|
||||||
try {
|
try {
|
||||||
const fileInfoData = await fs.promises.readFile(path.join(__dirname, 'file_info.json'), 'utf8');
|
const fileInfoData = await fs.promises.readFile(path.join(__dirname,'/data/', 'file_info.json'), 'utf8');
|
||||||
const fileInfo = JSON.parse(fileInfoData);
|
const fileInfo = JSON.parse(fileInfoData);
|
||||||
|
|
||||||
const now = new Date();
|
const now = new Date();
|
||||||
|
|||||||
@@ -51,7 +51,7 @@
|
|||||||
<body class="light-mode animate">
|
<body class="light-mode animate">
|
||||||
<div class="container mt-4 animate">
|
<div class="container mt-4 animate">
|
||||||
<h1 class="title text-center animate">Connexion</h1>
|
<h1 class="title text-center animate">Connexion</h1>
|
||||||
<% if (currentUrl === '/auth/activedirectory' || setupData.hasOwnProperty('ldap')) { %>
|
<% if (currentUrl === '/auth/activedirectory' || (setupData[0] && setupData[0].hasOwnProperty('ldap'))) { %>
|
||||||
<h3 class="text-center animate">Connexion avec Active Directory</h3>
|
<h3 class="text-center animate">Connexion avec Active Directory</h3>
|
||||||
<form action="/auth/activedirectory" method="post" class="mb-4 animate">
|
<form action="/auth/activedirectory" method="post" class="mb-4 animate">
|
||||||
<% if (typeof errorMessage !== 'undefined' && errorMessage) { %>
|
<% if (typeof errorMessage !== 'undefined' && errorMessage) { %>
|
||||||
|
|||||||
@@ -127,7 +127,7 @@
|
|||||||
<button class="btn btn-primary btn-round" onclick="renameFile('<%= folderName %>', '<%= file.name %>')">
|
<button class="btn btn-primary btn-round" onclick="renameFile('<%= folderName %>', '<%= file.name %>')">
|
||||||
<i class="fas fa-edit"></i> Renommer
|
<i class="fas fa-edit"></i> Renommer
|
||||||
</button>
|
</button>
|
||||||
<form class="file-actions mb-2" id="deleteForm" action="/dpanel/dashboard/delete" method="post">
|
<form class="file-actions mb-2" id="deleteForm" action="/api/dpanel/dashboard/delete" method="post">
|
||||||
<input type="hidden" name="_method" value="DELETE">
|
<input type="hidden" name="_method" value="DELETE">
|
||||||
<input type="hidden" name="filename" value="<%= file.name %>">
|
<input type="hidden" name="filename" value="<%= file.name %>">
|
||||||
<button class="delete-button btn btn-danger btn-round" type="button" onclick="confirmDelete('<%= file.name %>')">
|
<button class="delete-button btn btn-danger btn-round" type="button" onclick="confirmDelete('<%= file.name %>')">
|
||||||
@@ -142,7 +142,7 @@
|
|||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<form class="file-actions d-flex align-items-center mb-2" action="/dpanel/dashboard/movefile" method="post">
|
<form class="file-actions d-flex align-items-center mb-2" action="/api/dpanel/dashboard/movefile" method="post">
|
||||||
<input type="hidden" name="fileName" value="<%= file.name %>">
|
<input type="hidden" name="fileName" value="<%= file.name %>">
|
||||||
<select class="form-control rounded mr-2" name="folderName">
|
<select class="form-control rounded mr-2" name="folderName">
|
||||||
<option value="" disabled selected>Déplacer vers...</option>
|
<option value="" disabled selected>Déplacer vers...</option>
|
||||||
@@ -172,24 +172,38 @@
|
|||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="patch-note-item">
|
<div class="patch-note-item pl-3">
|
||||||
<p><i class="fas fa-shield-alt"></i> Sécurité :</p>
|
<p><i class="fas fa-tools"></i> Améliorations :</p>
|
||||||
<ul>
|
<ul>
|
||||||
<li>Correction Critique de Sécurité - Gérée par SwiftLogic CyberShield :</li>
|
<li>Refactor total de l'application pour une performance optimisée et une maintenance simplifiée.<span class="badge badge-success ml-1">AMÉLIORATION MAJEURE</span></li>
|
||||||
<ul>
|
<li>Renforcement de la sécurité à tous les niveaux de l'application.<span class="badge badge-success ml-1">AMÉLIORATION MAJEURE</span></li>
|
||||||
<li>Mise en place d'une correction critique de sécurité pour remédier aux vulnérabilités potentielles et assurer un environnement plus sûr pour les utilisateurs.<span class="badge badge-warning ml-1">PATCH</span></li>
|
<li>Améliorations mineures pour renforcer la stabilité globale de l'application.<span class="badge badge-success ml-1">AMÉLIORATION MINEURE</span></li>
|
||||||
</ul>
|
</ul>
|
||||||
</ul>
|
</div>
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="patch-note-item">
|
<div class="patch-note-item pl-3">
|
||||||
<p>Remarque : Merci de continuer à fournir vos retours d'expérience et rapports de bugs pour nous aider à améliorer constamment notre plateforme. Nous sommes reconnaissants de votre engagement et de votre contribution.</p>
|
<p><i class="fab fa-docker"></i> Version Docker :</p>
|
||||||
</div>
|
<ul>
|
||||||
|
<li>La version Docker est désormais la principale version utilisée, offrant une gestion plus flexible et une déployabilité accrue.<span class="badge badge-info ml-1">NOUVEAU</span></li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="patch-note-item pl-3">
|
||||||
|
<p><i class="fas fa-exclamation-triangle"></i> Avis :</p>
|
||||||
|
<ul>
|
||||||
|
<li>La version en dur est désormais abandonnée et ne sera plus maintenue à jour.<span class="badge badge-danger ml-1">OBSOLÈTE</span></li>
|
||||||
|
<li>Les failles de sécurité critiques ne seront plus mises à jour sur la version en dur. Il est fortement recommandé de migrer vers la version Docker pour bénéficier des correctifs de sécurité continus.<span class="badge badge-danger ml-1">OBSOLÈTE</span></li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="patch-note-item pl-3">
|
||||||
|
<p>Remarque : Nous apprécions vos retours d'expérience et vos rapports de bogues pour continuer à améliorer notre plateforme. Merci pour votre soutien continu !</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
<div class="container">
|
<div class="container">
|
||||||
<footer class="py-3 my-4">
|
<footer class="py-3 my-4">
|
||||||
<ul class="nav justify-content-center border-bottom pb-3 mb-3">
|
<ul class="nav justify-content-center border-bottom pb-3 mb-3">
|
||||||
|
|||||||
@@ -125,7 +125,7 @@
|
|||||||
<button class="btn btn-primary btn-round" onclick="renameFile('<%= folderName %>', '<%= file.name %>')">
|
<button class="btn btn-primary btn-round" onclick="renameFile('<%= folderName %>', '<%= file.name %>')">
|
||||||
<i class="fas fa-edit fa-xs btn-icon"></i> Renommer
|
<i class="fas fa-edit fa-xs btn-icon"></i> Renommer
|
||||||
</button>
|
</button>
|
||||||
<form class="file-actions mb-2" id="deleteForm" action="/dpanel/dashboard/delete" method="post">
|
<form class="file-actions mb-2" id="deleteForm" action="/api/dpanel/dashboard/delete" method="post">
|
||||||
<input type="hidden" name="_method" value="DELETE">
|
<input type="hidden" name="_method" value="DELETE">
|
||||||
<input type="hidden" name="filename" value="<%= file.name %>">
|
<input type="hidden" name="filename" value="<%= file.name %>">
|
||||||
<button class="delete-button btn btn-danger btn-round" type="button" onclick="confirmDeleteFile('<%= currentFolder %>', '<%= file.name %>')">
|
<button class="delete-button btn btn-danger btn-round" type="button" onclick="confirmDeleteFile('<%= currentFolder %>', '<%= file.name %>')">
|
||||||
@@ -140,7 +140,7 @@
|
|||||||
</button>
|
</button>
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
<form class="file-actions d-flex align-items-center mb-2" action="/dpanel/dashboard/movefile/<%= folderName %>" method="post">
|
<form class="file-actions d-flex align-items-center mb-2" action="/api/dpanel/dashboard/movefile/<%= folderName %>" method="post">
|
||||||
<input type="hidden" name="fileName" value="<%= file.name %>">
|
<input type="hidden" name="fileName" value="<%= file.name %>">
|
||||||
<select class="form-control rounded mr-2" name="folderName">
|
<select class="form-control rounded mr-2" name="folderName">
|
||||||
<option value="" disabled selected>Déplacer vers...</option>
|
<option value="" disabled selected>Déplacer vers...</option>
|
||||||
|
|||||||
@@ -113,7 +113,7 @@ input:checked + .slider:before {
|
|||||||
<h2 class="text-center">Gestion de la configuration</h2><br>
|
<h2 class="text-center">Gestion de la configuration</h2><br>
|
||||||
<div class="table-responsive">
|
<div class="table-responsive">
|
||||||
|
|
||||||
<form action="/dpanel/dashboard/update-setup" method="POST">
|
<form action="/api/dpanel/dashboard/admin/update-setup" method="POST">
|
||||||
<table class="table w-100">
|
<table class="table w-100">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
|
|||||||
@@ -82,7 +82,7 @@
|
|||||||
<td><%= user.name %></td>
|
<td><%= user.name %></td>
|
||||||
<td><%= user.role %></td>
|
<td><%= user.role %></td>
|
||||||
<td>
|
<td>
|
||||||
<form action="/dpanel/dashboard/update-role" method="POST" class="d-flex align-items-center">
|
<form action="/api/dpanel/dashboard/admin/update-role" method="POST" class="d-flex align-items-center">
|
||||||
<input type="hidden" name="id" value="<%= user.id %>">
|
<input type="hidden" name="id" value="<%= user.id %>">
|
||||||
<input type="hidden" name="name" value="<%= user.name %>">
|
<input type="hidden" name="name" value="<%= user.name %>">
|
||||||
<select class="form-control rounded mr-2" name="role">
|
<select class="form-control rounded mr-2" name="role">
|
||||||
|
|||||||
@@ -77,7 +77,7 @@
|
|||||||
formData.append('password', password);
|
formData.append('password', password);
|
||||||
|
|
||||||
const xhr = new XMLHttpRequest();
|
const xhr = new XMLHttpRequest();
|
||||||
xhr.open('POST', '/dpanel/upload', true);
|
xhr.open('POST', '/api/dpanel/upload', true);
|
||||||
|
|
||||||
xhr.upload.onprogress = (event) => {
|
xhr.upload.onprogress = (event) => {
|
||||||
if (event.lengthComputable) {
|
if (event.lengthComputable) {
|
||||||
|
|||||||
Reference in New Issue
Block a user