[master] 8.10.0

.env

@@ -6,4 +6,4 @@ UPLOADS_DIR=/Uploads
 ADMIN_USERNAME=root
 ADMIN_PASSWORD=toor
 DEBUG=1
-SECURITY_ENABLED=0
+SECURITY_ENABLED=1

README.md

@@ -55,6 +55,13 @@ https://github.com/Michaelpalacce/Server/releases
 - DEBUG - Whether to write logs on a debug level 1 or 0
 - Others should probably not be touched
 
+#Adding users
+- If you want to add users go to the users page from the sidebar and click on the Add Users button
+- You will be asked to fill in the new user's data
+- Permissions currently does not work
+- Route will be the path from which the user can access the FS
+- When adding a user the user will persist after 5 seconds so don't stop the server
+
 #Known Bugs:
 - When handling big folders and uploading at the same time, may display some items twice or fail loading
 

UPDATELOG.md

@@ -1,3 +1,8 @@
+8.10.0
+- Added ability ot add and delete users
+- Updating users is not possible yet
+- Users will have different route permissions
+
 8.9.1
 - Forgot to update event_request
 

handlers/controllers.js

@@ -15,3 +15,5 @@ require( './folder/controller/upload' );
 require( './folder/controller/move' );
 require( './user/controller/list' );
 require( './user/controller/add' );
+require( './user/controller/get' );
+require( './user/controller/delete' );

handlers/folder/controller/browse.js

@@ -61,7 +61,5 @@ app.get( '/browse/getFiles', ( event )=>{
 		const { items, position, hasMore }	= data;
 
 		event.send( { items, position, dir, hasMore } )
-	}).catch(()=>{
-		event.redirect( event.headers.referer );
-	});
+	}).catch( event.next );
 } );

handlers/main/security.js

@@ -12,7 +12,8 @@ app.add(( event )=>{
 
 	if ( ! userManager.has( process.env.ADMIN_USERNAME ) )
 	{
-		userManager.set( process.env.ADMIN_USERNAME, {
+		userManager.set( {
+			username	: process.env.ADMIN_USERNAME,
 			password	: process.env.ADMIN_PASSWORD,
 			isSU		: true,
 			permissions	: [],
@@ -79,6 +80,7 @@ if ( process.env.SECURITY_ENABLED == true )
 			event.session.add( 'username', user.getUsername() );
 			event.session.add( 'route', user.getRoute() );
 			event.session.add( 'authenticated', true );
+			event.session.add( 'SU', user.isSuperUser() );
 
 			event.redirect( '/' );
 		}

handlers/main/user/user.js

@@ -7,11 +7,27 @@ class User
 	{
 		this.username		= userData.username || '';
 		this.password		= userData.password || '';
-		this.isSU			= userData.isSU || false;
+		this.isSU			= userData.isSU === 'true' || userData.isSU === true;
 		this.route			= userData.route || '/';
 		this.permissions	= userData.permissions || [];
 	}
 
+	/**
+	 * @brief	Gets the user in an object
+	 *
+	 * @return	Object
+	 */
+	getUserData()
+	{
+		return {
+			username	: this.username,
+			password	: this.password,
+			isSU		: this.isSU,
+			route		: this.route,
+			permissions	: this.permissions,
+		}
+	}
+
 	/**
 	 * @brief	Checks if the user is a valid user
 	 *
@@ -51,6 +67,16 @@ class User
 	{
 		return this.route;
 	}
+
+	/**
+	 * @brief	Returns if the user is a super user or not
+	 *
+	 * @return	Boolean
+	 */
+	isSuperUser()
+	{
+		return this.isSU;
+	}
 }
 
 module.exports	= User;

handlers/main/user/user_manager.js

@@ -16,7 +16,7 @@ class UserManager
 
 		setInterval(()=>{
 			this.flushUsers();
-		}, 10000 );
+		}, 5000 );
 	}
 
 	/**
@@ -105,21 +105,18 @@ class UserManager
 	/**
 	 * @brief	Sets a user in the data store
 	 *
-	 * @param	username String
 	 * @param	userData Object
 	 *
 	 * @return	void
 	 */
-	set( username, userData )
+	set( userData )
 	{
-		if ( this.has( username ) )
+		if ( typeof userData.username !== 'string' || this.has( userData.username ) )
 		{
-			throw new Error( `User: ${username} already exist` );
+			throw new Error( `User: ${userData.username} already exist` );
 		}
 
-		userData.username	= username;
-
-		this.users[username]	= new User( userData );
+		this.users[userData.username]	= new User( userData );
 	}
 
 	/**
@@ -142,19 +139,18 @@ class UserManager
 	/**
 	 * @brief	Updates the user if it exists
 	 *
-	 * @param	username String
-	 * @param	userData Object
+	 * @param	user User
 	 *
 	 * @returns	void
 	 */
-	update( username, userData )
+	update( user )
 	{
-		if ( ! this.has( username ) )
+		if ( typeof user.getUsername() !== 'string' || ! this.has( user.getUsername() ) )
 		{
-			throw new Error( `User: ${username} does not exist` );
+			throw new Error( `User: ${user.getUsername()} does not exist` );
 		}
 
-		this.users[username]	= userData;
+		this.users[user.getUsername()]	= user;
 	}
 }
 

handlers/user/controller/add.js

@@ -2,6 +2,41 @@
 const { Server }	= require( 'event_request' );
 const app			= Server();
 
-app.post( '/user', async ( event ) =>{
-	// event.render( 'users', {} );
+/**
+ * @brief	Adds a new user
+ */
+app.post( '/users/add', ( event ) =>{
+	if ( event.session.get( 'SU' ) === false )
+	{
+		return event.sendError( 'Only super users can add other users', 400 );
+	}
+
+	const userManager	= event.userManager;
+	const result		= event.validationHandler.validate( event.body,
+		{
+			username	: 'filled||string||range:3-64',
+			password	: 'filled||string||range:3-64',
+			isSU		: 'filled||boolean',
+			route		: 'filled||string'
+		}
+	);
+
+	if ( result.hasValidationFailed() )
+	{
+		return event.sendError( `There is an error: ${JSON.stringify( result.getValidationResult() )}`, 400 )
+	}
+
+	const { username }	= result.getValidationResult();
+
+	if ( userManager.has( username ) )
+	{
+		return event.sendError( `User: ${username} already exists`, 400 )
+	}
+
+	const userData	= result.getValidationResult();
+	userData.route	= decodeURIComponent( userData.route );
+
+	userManager.set( userData );
+
+	event.send( 'ok' );
 });

handlers/user/controller/delete.js

@@ -0,0 +1,39 @@
+
+const { Server }	= require( 'event_request' );
+const app			= Server();
+
+/**
+ * @brief	Deletes an existing user
+ *
+ * @details	Can only delete if current user is SU
+ * 			Can not delete self
+ */
+app.delete( '/users/:username:', async ( event ) =>{
+	if ( event.session.get( 'SU' ) === false )
+	{
+		return event.sendError( 'Only super users can delete other users', 400 );
+	}
+
+	const userManager	= event.userManager;
+	const result		= event.validationHandler.validate( event.params,
+		{
+			username	: 'filled||string||range:3-64'
+		}
+	);
+
+	if ( result.hasValidationFailed() )
+	{
+		return event.sendError( `There is an error: ${JSON.stringify( result.getValidationResult() )}`, 400 )
+	}
+
+	const { username }	= result.getValidationResult();
+
+	if ( event.session.get( 'username' ) === username )
+	{
+		return event.sendError( 'Cannot delete self!', 400 );
+	}
+
+	userManager.delete( username );
+
+	event.send( 'ok' );
+});

handlers/user/controller/get.js

@@ -0,0 +1,24 @@
+
+const { Server }	= require( 'event_request' );
+const app			= Server();
+
+/**
+ * @brief	Gets information about the user
+ */
+app.get( '/users/:username:', async ( event ) =>{
+	const userManager	= event.userManager;
+	const result		= event.validationHandler.validate( event.params,
+		{
+			username	: 'filled||string||range:3-64'
+		}
+	);
+
+	if ( result.hasValidationFailed() )
+	{
+		return event.sendError( `There is an error: ${JSON.stringify( result.getValidationResult() )}`, 400 )
+	}
+
+	const { username }	= result.getValidationResult();
+
+	event.send( userManager.get( username ).getUserData() );
+});

handlers/user/controller/list.js

@@ -2,10 +2,16 @@
 const { Server }	= require( 'event_request' );
 const app			= Server();
 
+/**
+ * @brief	Renders the Users page
+ */
 app.get( '/users', async ( event ) =>{
 	event.render( 'users', {} );
 });
 
+/**
+ * @brief	Returns all the usernames
+ */
 app.get( '/users/list', async ( event ) =>{
 	event.send( Object.keys( event.userManager.users ) );
 });

package.json

@@ -1,6 +1,6 @@
 {
   "name": "server-emulator",
-  "version": "8.9.1",
+  "version": "8.10.0",
   "description": "Server emulator used to easily emulate the FS in a browser and allow streaming,downloading,deletion, etc.",
   "main": "index.js",
   "scripts": {

public/css/modal.css

@@ -27,7 +27,7 @@
 		margin: auto;
 		padding: 20px;
 		border: 1px solid #888;
-		width: 35% !important;
+		width: 50% !important;
 	}
 
 	.bigger-modal-content{
@@ -74,4 +74,9 @@
 .preview-item{
 	width: 100%;
 	height: auto;
+}
+
+.input-label{
+	margin-right: 10px;
+	font-size: 20px;
 }

public/js/main.js → public/js/browse.js

@@ -3,7 +3,7 @@ window.Dropzone.autoDiscover	= false;
 /**
  * @brief	View Class responsible for altering the page
  */
-class View
+class Browse
 {
 	constructor()
 	{
@@ -56,12 +56,12 @@ class View
 		});
 
 		$( document ).on( 'click', '.file-delete', ( event ) => {
-			this.deleteItem( $( event.target ), View.TYPE_FILE );
+			this.deleteItem( $( event.target ), Browse.TYPE_FILE );
 			return false;
 		});
 
 		$( document ).on( 'click', '.folder-delete', ( event ) => {
-			this.deleteItem( $( event.target ), View.TYPE_FOLDER );
+			this.deleteItem( $( event.target ), Browse.TYPE_FOLDER );
 			return false;
 		});
 
@@ -140,7 +140,7 @@ class View
 	 *
 	 * @return	void
 	 */
-	deleteItem( element, type = View.TYPE_FILE )
+	deleteItem( element, type = Browse.TYPE_FILE )
 	{
 		element				= element.closest( '.item' );
 		const itemToDelete	= element.attr( 'data-item-encoded-uri' );
@@ -161,7 +161,7 @@ class View
 			});
 		};
 
-		if ( type === View.TYPE_FOLDER )
+		if ( type === Browse.TYPE_FOLDER )
 		{
 			modal.askConfirmation( `Are you sure you want to delete this item?` ).then(( confirmDelete )=>{
 				if ( ! confirmDelete )
@@ -266,12 +266,7 @@ class View
 				}
 
 				const { items, position, hasMore, dir }	= JSON.parse( data );
-
-				if ( dir !== decodeURIComponent( this.currentDir ) )
-				{
-					return;
-				}
-				this.currentPosition	= position;
+				this.currentPosition					= position;
 
 				for ( const index in items )
 				{
@@ -417,9 +412,10 @@ class View
 	}
 }
 
-View.TYPE_FILE		= 'file';
-View.TYPE_FOLDER	= 'folder';
+Browse.TYPE_FILE	= 'file';
+Browse.TYPE_FOLDER	= 'folder';
 
-const view	= new View();
+const view			= new Browse();
+const modal			= new Modal();
 
 view.browse( currentDir );