2014-01-29 02:04:25 +00:00
|
|
|
var path = require("path");
|
|
|
|
var fs = require("fs");
|
|
|
|
var webserver = require("./webserver");
|
|
|
|
var sendJade = require("./jade").sendJade;
|
|
|
|
var Logger = require("../logger");
|
|
|
|
var db = require("../database");
|
2014-01-30 03:50:45 +00:00
|
|
|
var Config = require("../config");
|
2014-01-29 02:04:25 +00:00
|
|
|
|
|
|
|
function checkAdmin(cb) {
|
|
|
|
return function (req, res) {
|
|
|
|
webserver.logRequest(req);
|
|
|
|
var auth = req.cookies.auth;
|
|
|
|
if (!auth) {
|
|
|
|
res.send(403);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
db.users.verifyAuth(auth, function (err, user) {
|
|
|
|
if (err) {
|
|
|
|
if (err === "Invalid auth string" ||
|
|
|
|
err === "Auth string does not match an existing user") {
|
|
|
|
res.send(403);
|
|
|
|
} else {
|
|
|
|
res.send(500);
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (user.global_rank < 255) {
|
|
|
|
res.send(403);
|
|
|
|
Logger.eventlog.log("[acp] Attempted GET /acp from non-admin " +
|
|
|
|
user.name + "@" + webserver.ipForRequest(req));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
cb(req, res, user);
|
|
|
|
});
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles a request for the ACP
|
|
|
|
*/
|
|
|
|
function handleAcp(req, res, user) {
|
2014-01-30 03:50:45 +00:00
|
|
|
var sio;
|
|
|
|
if (req.secure) {
|
|
|
|
sio = Config.get("https.domain") + ":" + Config.get("https.port");
|
|
|
|
} else {
|
|
|
|
sio = Config.get("http.domain") + ":" + Config.get("io.port");
|
|
|
|
}
|
|
|
|
sio += "/socket.io/socket.io.js";
|
|
|
|
|
2014-01-29 02:04:25 +00:00
|
|
|
sendJade(res, "acp", {
|
|
|
|
loginName: user.name,
|
2014-01-30 03:50:45 +00:00
|
|
|
loggedIn: true,
|
|
|
|
sioSource: sio
|
2014-01-29 02:04:25 +00:00
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Streams the last length bytes of file to the given HTTP response
|
|
|
|
*/
|
|
|
|
function readLog(res, file, length) {
|
|
|
|
fs.stat(file, function (err, data) {
|
|
|
|
if (err) {
|
|
|
|
res.send(500);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
var start = Math.max(0, data.size - length);
|
|
|
|
if (isNaN(start)) {
|
|
|
|
res.send(500);
|
|
|
|
}
|
|
|
|
var end = Math.max(0, data.size - 1);
|
|
|
|
if (isNaN(end)) {
|
|
|
|
res.send(500);
|
|
|
|
}
|
|
|
|
fs.createReadStream(file, { start: start, end: end })
|
|
|
|
.pipe(res);
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles a request to read the syslog
|
|
|
|
*/
|
|
|
|
function handleReadSyslog(req, res) {
|
|
|
|
readLog(res, path.join(__dirname, "..", "..", "sys.log"), 1048576);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles a request to read the error log
|
|
|
|
*/
|
|
|
|
function handleReadErrlog(req, res) {
|
|
|
|
readLog(res, path.join(__dirname, "..", "..", "error.log"), 1048576);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles a request to read the http log
|
|
|
|
*/
|
|
|
|
function handleReadHttplog(req, res) {
|
|
|
|
readLog(res, path.join(__dirname, "..", "..", "http.log"), 1048576);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Handles a request to read a channel log
|
|
|
|
*/
|
|
|
|
function handleReadChanlog(req, res) {
|
|
|
|
if (!req.params.name.match(/^[\w-]{1,30}$/)) {
|
|
|
|
res.send(400);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
readLog(res, path.join(__dirname, "..", "..", "chanlogs", req.params.name + ".log"), 1048576);
|
|
|
|
}
|
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
init: function (app) {
|
|
|
|
app.get("/acp", checkAdmin(handleAcp));
|
|
|
|
app.get("/acp/syslog", checkAdmin(handleReadSyslog));
|
|
|
|
app.get("/acp/errlog", checkAdmin(handleReadErrlog));
|
|
|
|
app.get("/acp/httplog", checkAdmin(handleReadHttplog));
|
|
|
|
app.get("/acp/chanlog/:name", checkAdmin(handleReadChanlog));
|
|
|
|
}
|
|
|
|
};
|