CyTube/lib/web/acp.js

123 lines
3.2 KiB
JavaScript
Raw Normal View History

2014-01-29 02:04:25 +00:00
var path = require("path");
var fs = require("fs");
var webserver = require("./webserver");
var sendJade = require("./jade").sendJade;
var Logger = require("../logger");
var db = require("../database");
2014-01-30 03:50:45 +00:00
var Config = require("../config");
2014-01-29 02:04:25 +00:00
function checkAdmin(cb) {
return function (req, res) {
webserver.logRequest(req);
var auth = req.cookies.auth;
if (!auth) {
res.send(403);
return;
}
db.users.verifyAuth(auth, function (err, user) {
if (err) {
if (err === "Invalid auth string" ||
err === "Auth string does not match an existing user") {
res.send(403);
} else {
res.send(500);
}
return;
}
if (user.global_rank < 255) {
res.send(403);
Logger.eventlog.log("[acp] Attempted GET /acp from non-admin " +
user.name + "@" + webserver.ipForRequest(req));
return;
}
cb(req, res, user);
});
};
}
/**
* Handles a request for the ACP
*/
function handleAcp(req, res, user) {
2014-01-30 03:50:45 +00:00
var sio;
if (req.secure) {
sio = Config.get("https.domain") + ":" + Config.get("https.port");
} else {
sio = Config.get("http.domain") + ":" + Config.get("io.port");
}
sio += "/socket.io/socket.io.js";
2014-01-29 02:04:25 +00:00
sendJade(res, "acp", {
loginName: user.name,
2014-01-30 03:50:45 +00:00
loggedIn: true,
sioSource: sio
2014-01-29 02:04:25 +00:00
});
}
/**
* Streams the last length bytes of file to the given HTTP response
*/
function readLog(res, file, length) {
fs.stat(file, function (err, data) {
if (err) {
res.send(500);
return;
}
var start = Math.max(0, data.size - length);
if (isNaN(start)) {
res.send(500);
}
var end = Math.max(0, data.size - 1);
if (isNaN(end)) {
res.send(500);
}
fs.createReadStream(file, { start: start, end: end })
.pipe(res);
});
}
/**
* Handles a request to read the syslog
*/
function handleReadSyslog(req, res) {
readLog(res, path.join(__dirname, "..", "..", "sys.log"), 1048576);
}
/**
* Handles a request to read the error log
*/
function handleReadErrlog(req, res) {
readLog(res, path.join(__dirname, "..", "..", "error.log"), 1048576);
}
/**
* Handles a request to read the http log
*/
function handleReadHttplog(req, res) {
readLog(res, path.join(__dirname, "..", "..", "http.log"), 1048576);
}
/**
* Handles a request to read a channel log
*/
function handleReadChanlog(req, res) {
if (!req.params.name.match(/^[\w-]{1,30}$/)) {
res.send(400);
return;
}
readLog(res, path.join(__dirname, "..", "..", "chanlogs", req.params.name + ".log"), 1048576);
}
module.exports = {
init: function (app) {
app.get("/acp", checkAdmin(handleAcp));
app.get("/acp/syslog", checkAdmin(handleReadSyslog));
app.get("/acp/errlog", checkAdmin(handleReadErrlog));
app.get("/acp/httplog", checkAdmin(handleReadHttplog));
app.get("/acp/chanlog/:name", checkAdmin(handleReadChanlog));
}
};