2020-07-22 22:19:39 +08:00
|
|
|
package helpers
|
|
|
|
|
|
|
|
|
|
import (
|
2020-12-02 20:31:42 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
|
2020-07-22 22:19:39 +08:00
|
|
|
teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
|
2022-08-03 21:15:12 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/events"
|
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/goman"
|
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
|
2020-10-13 20:05:29 +08:00
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/setup"
|
2021-10-15 12:54:23 +08:00
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
|
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
2020-07-22 22:19:39 +08:00
|
|
|
"github.com/iwind/TeaGo/actions"
|
2021-10-15 12:54:23 +08:00
|
|
|
"github.com/iwind/TeaGo/logs"
|
2020-11-10 15:40:22 +08:00
|
|
|
"github.com/iwind/TeaGo/maps"
|
2021-08-11 10:01:23 +08:00
|
|
|
"net"
|
2020-07-22 22:19:39 +08:00
|
|
|
"net/http"
|
2021-11-08 20:52:02 +08:00
|
|
|
"net/url"
|
2020-07-22 22:19:39 +08:00
|
|
|
"reflect"
|
2021-07-21 22:14:33 +08:00
|
|
|
"strings"
|
2020-07-22 22:19:39 +08:00
|
|
|
)
|
|
|
|
|
|
2022-08-03 21:15:12 +08:00
|
|
|
var nodeLogsCountChanges = make(chan bool, 1)
|
|
|
|
|
var ipItemsCountChanges = make(chan bool, 1)
|
|
|
|
|
|
|
|
|
|
// 运行日志
|
|
|
|
|
var countUnreadNodeLogs int64 = 0
|
|
|
|
|
var nodeLogsType = ""
|
|
|
|
|
|
|
|
|
|
// IP名单
|
|
|
|
|
var countUnreadIPItems int64 = 0
|
|
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
events.On(events.EventStart, func() {
|
|
|
|
|
// 节点日志数量
|
|
|
|
|
goman.New(func() {
|
|
|
|
|
for range nodeLogsCountChanges {
|
|
|
|
|
rpcClient, err := rpc.SharedRPC()
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
countNodeLogsResp, err := rpcClient.NodeLogRPC().CountNodeLogs(rpcClient.Context(0), &pb.CountNodeLogsRequest{
|
|
|
|
|
Role: nodeconfigs.NodeRoleNode,
|
|
|
|
|
IsUnread: true,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
logs.Error(err)
|
|
|
|
|
} else {
|
|
|
|
|
var countNodeLogs = countNodeLogsResp.Count
|
|
|
|
|
if countNodeLogs > 0 {
|
|
|
|
|
countUnreadNodeLogs = countNodeLogs
|
|
|
|
|
if countUnreadNodeLogs >= 100 {
|
|
|
|
|
countUnreadNodeLogs = 99
|
|
|
|
|
}
|
|
|
|
|
nodeLogsType = "unread"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// 服务数量
|
|
|
|
|
goman.New(func() {
|
|
|
|
|
for range ipItemsCountChanges {
|
|
|
|
|
rpcClient, err := rpc.SharedRPC()
|
|
|
|
|
if err != nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
countUnreadIPItemsResp, err := rpcClient.IPItemRPC().CountAllEnabledIPItems(rpcClient.Context(0), &pb.CountAllEnabledIPItemsRequest{Unread: true})
|
|
|
|
|
if err != nil {
|
|
|
|
|
logs.Error(err)
|
|
|
|
|
} else {
|
|
|
|
|
countUnreadIPItems = countUnreadIPItemsResp.Count
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
// 认证拦截
|
2020-12-03 11:03:12 +08:00
|
|
|
type userMustAuth struct {
|
2020-12-02 23:47:50 +08:00
|
|
|
AdminId int64
|
2020-12-03 11:03:12 +08:00
|
|
|
module string
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-12-03 11:03:12 +08:00
|
|
|
func NewUserMustAuth(module string) *userMustAuth {
|
|
|
|
|
return &userMustAuth{module: module}
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-12-03 11:03:12 +08:00
|
|
|
func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
|
2021-07-21 22:14:33 +08:00
|
|
|
var action = actionPtr.Object()
|
|
|
|
|
|
|
|
|
|
// 恢复模式
|
2021-07-20 17:15:17 +08:00
|
|
|
if teaconst.IsRecoverMode {
|
2021-07-21 22:14:33 +08:00
|
|
|
action.RedirectURL("/recover")
|
2021-07-20 17:15:17 +08:00
|
|
|
return false
|
|
|
|
|
}
|
2021-07-21 22:14:33 +08:00
|
|
|
|
|
|
|
|
// DEMO模式
|
|
|
|
|
if teaconst.IsDemoMode {
|
|
|
|
|
if action.Request.Method == http.MethodPost {
|
|
|
|
|
var actionName = action.Spec.ClassName[strings.LastIndex(action.Spec.ClassName, ".")+1:]
|
2021-07-22 08:25:14 +08:00
|
|
|
var denyPrefixes = []string{"Update", "Create", "Delete", "Truncate", "Clean", "Clear", "Reset", "Add", "Remove", "Sync"}
|
2021-07-21 22:14:33 +08:00
|
|
|
for _, prefix := range denyPrefixes {
|
|
|
|
|
if strings.HasPrefix(actionName, prefix) {
|
|
|
|
|
action.Fail(teaconst.ErrorDemoOperation)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if strings.Index(action.Spec.PkgPath, "settings") > 0 || strings.Index(action.Spec.PkgPath, "delete") > 0 || strings.Index(action.Spec.PkgPath, "update") > 0 {
|
|
|
|
|
action.Fail(teaconst.ErrorDemoOperation)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-07-22 22:19:39 +08:00
|
|
|
|
2020-11-10 12:47:24 +08:00
|
|
|
// 安全相关
|
2020-12-02 20:31:42 +08:00
|
|
|
securityConfig, _ := configloaders.LoadSecurityConfig()
|
2020-11-20 18:06:54 +08:00
|
|
|
if securityConfig == nil {
|
2020-11-10 12:47:24 +08:00
|
|
|
action.AddHeader("X-Frame-Options", "SAMEORIGIN")
|
2020-11-20 18:06:54 +08:00
|
|
|
} else if len(securityConfig.Frame) > 0 {
|
|
|
|
|
action.AddHeader("X-Frame-Options", securityConfig.Frame)
|
2020-11-10 12:47:24 +08:00
|
|
|
}
|
|
|
|
|
action.AddHeader("Content-Security-Policy", "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'")
|
|
|
|
|
|
2020-11-20 21:59:12 +08:00
|
|
|
// 检查IP
|
|
|
|
|
if !checkIP(securityConfig, action.RequestRemoteIP()) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
return false
|
|
|
|
|
}
|
2021-08-11 10:01:23 +08:00
|
|
|
remoteAddr, _, _ := net.SplitHostPort(action.Request.RemoteAddr)
|
|
|
|
|
if len(remoteAddr) > 0 && remoteAddr != action.RequestRemoteIP() && !checkIP(securityConfig, remoteAddr) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
return false
|
|
|
|
|
}
|
2020-11-20 21:59:12 +08:00
|
|
|
|
2022-07-07 19:58:30 +08:00
|
|
|
// 检查请求
|
|
|
|
|
if !checkRequestSecurity(securityConfig, action.Request) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-13 20:05:29 +08:00
|
|
|
// 检查系统是否已经配置过
|
|
|
|
|
if !setup.IsConfigured() {
|
|
|
|
|
action.RedirectURL("/setup")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
var session = action.Session()
|
2020-12-02 23:47:50 +08:00
|
|
|
var adminId = session.GetInt64("adminId")
|
2020-12-07 11:45:45 +08:00
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
if adminId <= 0 {
|
|
|
|
|
this.login(action)
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 检查用户是否存在
|
2020-12-07 11:45:45 +08:00
|
|
|
if !configloaders.CheckAdmin(adminId) {
|
|
|
|
|
session.Delete()
|
2020-07-22 22:19:39 +08:00
|
|
|
|
2020-12-07 11:45:45 +08:00
|
|
|
this.login(action)
|
2020-07-22 22:19:39 +08:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-07 11:45:45 +08:00
|
|
|
// 检查用户权限
|
|
|
|
|
if len(this.module) > 0 && !configloaders.AllowModule(adminId, this.module) {
|
|
|
|
|
action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
|
|
|
action.WriteString("Permission Denied.")
|
2020-07-22 22:19:39 +08:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
this.AdminId = adminId
|
|
|
|
|
action.Context.Set("adminId", this.AdminId)
|
|
|
|
|
|
|
|
|
|
if action.Request.Method != http.MethodGet {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-16 15:49:15 +08:00
|
|
|
config, err := configloaders.LoadAdminUIConfig()
|
2020-11-22 15:34:13 +08:00
|
|
|
if err != nil {
|
|
|
|
|
action.WriteString(err.Error())
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-22 22:19:39 +08:00
|
|
|
// 初始化内置方法
|
|
|
|
|
action.ViewFunc("teaTitle", func() string {
|
|
|
|
|
return action.Data["teaTitle"].(string)
|
|
|
|
|
})
|
|
|
|
|
|
2020-11-22 15:34:13 +08:00
|
|
|
action.Data["teaShowVersion"] = config.ShowVersion
|
|
|
|
|
action.Data["teaTitle"] = config.AdminSystemName
|
|
|
|
|
action.Data["teaName"] = config.ProductName
|
2021-02-25 20:54:30 +08:00
|
|
|
action.Data["teaFaviconFileId"] = config.FaviconFileId
|
|
|
|
|
action.Data["teaLogoFileId"] = config.LogoFileId
|
2020-12-07 11:45:45 +08:00
|
|
|
action.Data["teaUsername"] = configloaders.FindAdminFullname(adminId)
|
2021-07-12 10:21:17 +08:00
|
|
|
action.Data["teaTheme"] = configloaders.FindAdminTheme(adminId)
|
2020-11-20 21:59:12 +08:00
|
|
|
|
|
|
|
|
action.Data["teaUserAvatar"] = ""
|
|
|
|
|
|
2020-11-27 15:18:32 +08:00
|
|
|
if !action.Data.Has("teaMenu") {
|
|
|
|
|
action.Data["teaMenu"] = ""
|
|
|
|
|
}
|
2021-10-15 12:54:23 +08:00
|
|
|
action.Data["teaModules"] = this.modules(actionPtr, adminId)
|
2020-11-20 21:59:12 +08:00
|
|
|
action.Data["teaSubMenus"] = []map[string]interface{}{}
|
|
|
|
|
action.Data["teaTabbar"] = []map[string]interface{}{}
|
2020-11-22 15:34:13 +08:00
|
|
|
if len(config.Version) == 0 {
|
|
|
|
|
action.Data["teaVersion"] = teaconst.Version
|
|
|
|
|
} else {
|
|
|
|
|
action.Data["teaVersion"] = config.Version
|
|
|
|
|
}
|
|
|
|
|
action.Data["teaShowOpenSourceInfo"] = config.ShowOpenSourceInfo
|
2020-11-20 21:59:12 +08:00
|
|
|
action.Data["teaIsSuper"] = false
|
2021-04-29 16:47:45 +08:00
|
|
|
action.Data["teaIsPlus"] = teaconst.IsPlus
|
2021-07-21 22:14:33 +08:00
|
|
|
action.Data["teaDemoEnabled"] = teaconst.IsDemoMode
|
2021-01-13 17:50:03 +08:00
|
|
|
action.Data["teaShowFinance"] = configloaders.ShowFinance()
|
2020-11-20 21:59:12 +08:00
|
|
|
if !action.Data.Has("teaSubMenu") {
|
|
|
|
|
action.Data["teaSubMenu"] = ""
|
|
|
|
|
}
|
2021-01-27 22:59:46 +08:00
|
|
|
action.Data["teaCheckNodeTasks"] = configloaders.AllowModule(adminId, configloaders.AdminModuleCodeNode)
|
|
|
|
|
action.Data["teaCheckDNSTasks"] = configloaders.AllowModule(adminId, configloaders.AdminModuleCodeDNS)
|
2020-11-20 21:59:12 +08:00
|
|
|
|
|
|
|
|
// 菜单
|
|
|
|
|
action.Data["firstMenuItem"] = ""
|
|
|
|
|
|
|
|
|
|
// 未读消息数
|
|
|
|
|
action.Data["teaBadge"] = 0
|
|
|
|
|
|
|
|
|
|
// 调用Init
|
|
|
|
|
initMethod := reflect.ValueOf(actionPtr).MethodByName("Init")
|
|
|
|
|
if initMethod.IsValid() {
|
|
|
|
|
initMethod.Call([]reflect.Value{})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 菜单配置
|
2021-10-15 12:54:23 +08:00
|
|
|
func (this *userMustAuth) modules(actionPtr actions.ActionWrapper, adminId int64) []maps.Map {
|
|
|
|
|
// 父级动作
|
2022-08-03 21:15:12 +08:00
|
|
|
var action = actionPtr.Object()
|
|
|
|
|
|
|
|
|
|
// 未读日志数
|
|
|
|
|
var mainMenu = action.Data.GetString("teaMenu")
|
|
|
|
|
if mainMenu == "clusters" {
|
|
|
|
|
select {
|
|
|
|
|
case nodeLogsCountChanges <- true:
|
|
|
|
|
default:
|
|
|
|
|
}
|
|
|
|
|
} else if mainMenu == "servers" {
|
|
|
|
|
select {
|
|
|
|
|
case ipItemsCountChanges <- true:
|
|
|
|
|
default:
|
2021-10-15 12:54:23 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-02 23:47:50 +08:00
|
|
|
result := []maps.Map{}
|
2022-01-08 16:48:45 +08:00
|
|
|
for _, m := range FindAllMenuMaps(nodeLogsType, countUnreadNodeLogs, countUnreadIPItems) {
|
2021-01-13 17:50:03 +08:00
|
|
|
if m.GetString("code") == "finance" && !configloaders.ShowFinance() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-02 23:47:50 +08:00
|
|
|
module := m.GetString("module")
|
|
|
|
|
if configloaders.AllowModule(adminId, module) {
|
|
|
|
|
result = append(result, m)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return result
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
|
|
|
|
|
2020-11-20 21:59:12 +08:00
|
|
|
// 跳转到登录页
|
2020-12-03 11:03:12 +08:00
|
|
|
func (this *userMustAuth) login(action *actions.ActionObject) {
|
2021-11-08 20:52:02 +08:00
|
|
|
action.RedirectURL("/?from=" + url.QueryEscape(action.Request.RequestURI))
|
2020-07-22 22:19:39 +08:00
|
|
|
}
|
