Added MongoDB change stream support.

This commit is contained in:
Ylian Saint-Hilaire 2019-05-28 17:25:23 -07:00
parent 5d57c71e2e
commit 0e7c091530
9 changed files with 122 additions and 36 deletions

View File

@ -335,6 +335,7 @@ module.exports.CreateAmtScanner = function (parent) {
var node2 = obj.parent.common.Clone(node); var node2 = obj.parent.common.Clone(node);
if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = node2; event.node = node2;
if (obj.parent.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
obj.parent.DispatchEvent(['*', node.meshid], obj, event); obj.parent.DispatchEvent(['*', node.meshid], obj, event);
} }
}); });

43
db.js
View File

@ -33,6 +33,7 @@ module.exports.CreateDB = function (parent, func) {
var expireServerStatsSeconds = (60 * 60 * 24 * 30); // By default, expire power events after 30 days. (Seconds * Minutes * Hours * Days) var expireServerStatsSeconds = (60 * 60 * 24 * 30); // By default, expire power events after 30 days. (Seconds * Minutes * Hours * Days)
obj.identifier = null; obj.identifier = null;
obj.dbKey = null; obj.dbKey = null;
obj.changeStream = false;
obj.SetupDatabase = function (func) { obj.SetupDatabase = function (func) {
// Check if the database unique identifier is present // Check if the database unique identifier is present
@ -228,14 +229,18 @@ module.exports.CreateDB = function (parent, func) {
} }
}); });
/* // Setup the changeStream on the MongoDB main collection if possible
// Setup the changeStream on the MongoDB main collection try {
obj.fileChangeStream = obj.file.watch({ fullDocument: 'updateLookup' }); obj.fileChangeStream = obj.file.watch([{ $match: { 'fullDocument.type': { $in: [ 'node', 'mesh', 'user' ] } } }], { fullDocument: 'updateLookup' });
obj.fileChangeStream.on('change', function (next) { obj.fileChangeStream.on('change', function (change) {
// Process next document switch (change.fullDocument.type) {
console.log('change', next); case 'node': { dbNodeChange(change); break; } // A node has changed
case 'mesh': { dbMeshChange(change); break; } // A device group has changed
case 'user': { dbUserChange(change); break; } // A user account has changed
}
}); });
*/ obj.changeStream = true;
} catch (ex) { }
// Setup MongoDB events collection and indexes // Setup MongoDB events collection and indexes
obj.eventsfile = db.collection('events'); // Collection containing all events obj.eventsfile = db.collection('events'); // Collection containing all events
@ -767,5 +772,29 @@ module.exports.CreateDB = function (parent, func) {
function padNumber(number, digits) { return Array(Math.max(digits - String(number).length + 1, 0)).join(0) + number; } function padNumber(number, digits) { return Array(Math.max(digits - String(number).length + 1, 0)).join(0) + number; }
// Called when a node has changed
function dbNodeChange(nodeChange) {
const node = nodeChange.fullDocument;
if (node.intelamt && node.intelamt.pass) { delete node.intelamt.pass; } // Remove the Intel AMT password before eventing this.
parent.DispatchEvent(['*', node.meshid], obj, { etype: 'node', action: 'changenode', node: node, nodeid: node._id, domain: node.domain, nolog: 1 });
}
// Called when a device group has changed
function dbMeshChange(meshChange) {
const mesh = meshChange.fullDocument;
mesh.action = 'meshchange';
mesh.meshid = mesh._id;
mesh.nolog = 1;
delete mesh.type;
delete mesh._id;
parent.DispatchEvent(['*', mesh._id], obj, mesh);
}
// Called when a user account has changed
function dbUserChange(userChange) {
const user = userChange.fullDocument;
parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: user.name, account: parent.webserver.CloneSafeUser(user), action: 'accountchange', domain: user.domain, nolog: 1 });
}
return obj; return obj;
}; };

View File

@ -714,6 +714,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
const device2 = common.Clone(device); const device2 = common.Clone(device);
if (device2.intelamt && device2.intelamt.pass) delete device2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (device2.intelamt && device2.intelamt.pass) delete device2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = device; event.node = device;
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
parent.parent.DispatchEvent(['*', device.meshid], obj, event); parent.parent.DispatchEvent(['*', device.meshid], obj, event);
} }
} }
@ -1296,6 +1297,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
var device2 = common.Clone(device); var device2 = common.Clone(device);
if (device2.intelamt && device2.intelamt.pass) { delete device2.intelamt.pass; } // Remove the Intel AMT password before eventing this. if (device2.intelamt && device2.intelamt.pass) { delete device2.intelamt.pass; } // Remove the Intel AMT password before eventing this.
event.node = device; event.node = device;
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
parent.parent.DispatchEvent(['*', device.meshid], obj, event); parent.parent.DispatchEvent(['*', device.meshid], obj, event);
} }
} }
@ -1339,6 +1341,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
var device2 = common.Clone(device); var device2 = common.Clone(device);
if (device2.intelamt && device2.intelamt.pass) { delete device2.intelamt.pass; } // Remove the Intel AMT password before eventing this. if (device2.intelamt && device2.intelamt.pass) { delete device2.intelamt.pass; } // Remove the Intel AMT password before eventing this.
event.node = device; event.node = device;
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
parent.parent.DispatchEvent(['*', device.meshid], obj, event); parent.parent.DispatchEvent(['*', device.meshid], obj, event);
} }
} }
@ -1370,6 +1373,7 @@ module.exports.CreateMeshAgent = function (parent, db, ws, req, args, domain) {
var device2 = common.Clone(device); var device2 = common.Clone(device);
if (device2.intelamt && device2.intelamt.pass) delete device2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (device2.intelamt && device2.intelamt.pass) delete device2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = device; event.node = device;
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
parent.parent.DispatchEvent(['*', device.meshid], obj, event); parent.parent.DispatchEvent(['*', device.meshid], obj, event);
} }
} }

View File

@ -598,6 +598,8 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
} }
case 'info': { case 'info': {
var info = process.memoryUsage(); var info = process.memoryUsage();
info.dbType = ['None','NeDB','MongoJS','MongoDB'][parent.db.databaseType];
if (parent.db.databaseType == 3) { info.dbChangeStream = parent.db.changeStream; }
try { info.platform = process.platform; } catch (ex) { } try { info.platform = process.platform; } catch (ex) { }
try { info.arch = process.arch; } catch (ex) { } try { info.arch = process.arch; } catch (ex) { }
try { info.pid = process.pid; } catch (ex) { } try { info.pid = process.pid; } catch (ex) { }
@ -841,6 +843,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Event the change // Event the change
var message = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', domain: domain.id }; var message = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', domain: domain.id };
if (db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
if (oldemail != null) { if (oldemail != null) {
message.msg = 'Changed email of user ' + user.name + ' from ' + oldemail + ' to ' + user.email; message.msg = 'Changed email of user ' + user.name + ' from ' + oldemail + ' to ' + user.email;
} else { } else {
@ -930,7 +933,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (mesh.links[deluser._id] != null) { delete mesh.links[deluser._id]; parent.db.Set(mesh); } if (mesh.links[deluser._id] != null) { delete mesh.links[deluser._id]; parent.db.Set(mesh); }
// Notify mesh change // Notify mesh change
change = 'Removed user ' + deluser.name + ' from group ' + mesh.name; change = 'Removed user ' + deluser.name + ' from group ' + mesh.name;
parent.parent.DispatchEvent(['*', mesh._id, deluser._id, user._id], obj, { etype: 'mesh', username: user.name, userid: user._id, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id }); var event = { etype: 'mesh', username: user.name, userid: user._id, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', mesh._id, deluser._id, user._id], obj, event);
} }
} }
} }
@ -1160,7 +1165,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var targets = ['*', 'server-users', user._id, chguser._id]; var targets = ['*', 'server-users', user._id, chguser._id];
if (allTargetGroups) { for (var i in allTargetGroups) { targets.push('server-users:' + i); } } if (allTargetGroups) { for (var i in allTargetGroups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(chguser), action: 'accountchange', msg: 'Account changed: ' + chguser.name, domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(chguser), action: 'accountchange', msg: 'Account changed: ' + chguser.name, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} }
if ((chguser.siteadmin) && (chguser.siteadmin != 0xFFFFFFFF) && (chguser.siteadmin & 32)) { if ((chguser.siteadmin) && (chguser.siteadmin != 0xFFFFFFFF) && (chguser.siteadmin & 32)) {
// If the user is locked out of this account, disconnect now // If the user is locked out of this account, disconnect now
@ -1201,7 +1208,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var targets = ['*', 'server-users']; var targets = ['*', 'server-users'];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Account password changed: ' + user.name, domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Account password changed: ' + user.name, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
// Send user notification of password change // Send user notification of password change
displayNotificationMessage('Password changed.', 'Account Settings', 'ServerNotify'); displayNotificationMessage('Password changed.', 'Account Settings', 'ServerNotify');
@ -1249,7 +1258,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var targets = ['*', 'server-users', user._id, chguser._id]; var targets = ['*', 'server-users', user._id, chguser._id];
if (chguser.groups) { for (var i in chguser.groups) { targets.push('server-users:' + i); } } if (chguser.groups) { for (var i in chguser.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(chguser), action: 'accountchange', msg: 'Changed account credentials.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(chguser), action: 'accountchange', msg: 'Changed account credentials.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} else { } else {
// Report that the password change failed // Report that the password change failed
// TODO // TODO
@ -1447,7 +1458,12 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if ((common.validateString(command.desc, 0, 1024) == true) && (command.desc != mesh.desc)) { if (change != '') change += ' and description changed'; else change += 'Group "' + mesh.name + '" description changed'; mesh.desc = command.desc; } if ((common.validateString(command.desc, 0, 1024) == true) && (command.desc != mesh.desc)) { if (change != '') change += ' and description changed'; else change += 'Group "' + mesh.name + '" description changed'; mesh.desc = command.desc; }
if ((common.validateInt(command.flags) == true) && (command.flags != mesh.flags)) { if (change != '') change += ' and flags changed'; else change += 'Group "' + mesh.name + '" flags changed'; mesh.flags = command.flags; } if ((common.validateInt(command.flags) == true) && (command.flags != mesh.flags)) { if (change != '') change += ' and flags changed'; else change += 'Group "' + mesh.name + '" flags changed'; mesh.flags = command.flags; }
if ((common.validateInt(command.consent) == true) && (command.consent != mesh.consent)) { if (change != '') change += ' and consent changed'; else change += 'Group "' + mesh.name + '" consent changed'; mesh.consent = command.consent; } if ((common.validateInt(command.consent) == true) && (command.consent != mesh.consent)) { if (change != '') change += ' and consent changed'; else change += 'Group "' + mesh.name + '" consent changed'; mesh.consent = command.consent; }
if (change != '') { db.Set(common.escapeLinksFieldName(mesh)); parent.parent.DispatchEvent(['*', mesh._id, user._id], obj, { etype: 'mesh', username: user.name, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, flags: mesh.flags, consent: mesh.consent, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id }); } if (change != '') {
db.Set(common.escapeLinksFieldName(mesh));
var event = { etype: 'mesh', username: user.name, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, flags: mesh.flags, consent: mesh.consent, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', mesh._id, user._id], obj, event);
}
} }
break; break;
} }
@ -1483,7 +1499,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
db.Set(common.escapeLinksFieldName(mesh)); db.Set(common.escapeLinksFieldName(mesh));
// Notify mesh change // Notify mesh change
parent.parent.DispatchEvent(['*', mesh._id, user._id, newuserid], obj, { etype: 'mesh', username: newuser.name, userid: command.userid, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Added user ' + newuser.name + ' to mesh ' + mesh.name, domain: domain.id }); var event = { etype: 'mesh', username: newuser.name, userid: command.userid, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Added user ' + newuser.name + ' to mesh ' + mesh.name, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', mesh._id, user._id, newuserid], obj, event);
} }
break; break;
} }
@ -1518,11 +1536,14 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
db.Set(common.escapeLinksFieldName(mesh)); db.Set(common.escapeLinksFieldName(mesh));
// Notify mesh change // Notify mesh change
var event;
if (deluser != null) { if (deluser != null) {
parent.parent.DispatchEvent(['*', mesh._id, user._id, command.userid], obj, { etype: 'mesh', username: user.name, userid: deluser.name, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Removed user ' + deluser.name + ' from group ' + mesh.name, domain: domain.id }); event = { etype: 'mesh', username: user.name, userid: deluser.name, meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Removed user ' + deluser.name + ' from group ' + mesh.name, domain: domain.id };
} else { } else {
parent.parent.DispatchEvent(['*', mesh._id, user._id, command.userid], obj, { etype: 'mesh', username: user.name, userid: (deluserid.split('/')[2]), meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Removed user ' + (deluserid.split('/')[2]) + ' from group ' + mesh.name, domain: domain.id }); event = { etype: 'mesh', username: user.name, userid: (deluserid.split('/')[2]), meshid: mesh._id, name: mesh.name, mtype: mesh.mtype, desc: mesh.desc, action: 'meshchange', links: mesh.links, msg: 'Removed user ' + (deluserid.split('/')[2]) + ' from group ' + mesh.name, domain: domain.id };
} }
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', mesh._id, user._id, command.userid], obj, event);
} }
} }
break; break;
@ -1553,7 +1574,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (command.amtpolicy.type === 2) { amtpolicy = { type: command.amtpolicy.type, password: command.amtpolicy.password, badpass: command.amtpolicy.badpass, cirasetup: command.amtpolicy.cirasetup }; } if (command.amtpolicy.type === 2) { amtpolicy = { type: command.amtpolicy.type, password: command.amtpolicy.password, badpass: command.amtpolicy.badpass, cirasetup: command.amtpolicy.cirasetup }; }
mesh.amt = amtpolicy; mesh.amt = amtpolicy;
db.Set(common.escapeLinksFieldName(mesh)); db.Set(common.escapeLinksFieldName(mesh));
parent.parent.DispatchEvent(['*', mesh._id, user._id], obj, { etype: 'mesh', username: user.name, meshid: mesh._id, amt: amtpolicy, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id }); var event = { etype: 'mesh', username: user.name, meshid: mesh._id, amt: amtpolicy, action: 'meshchange', links: mesh.links, msg: change, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', mesh._id, user._id], obj, event);
// Send new policy to all computers on this mesh // Send new policy to all computers on this mesh
//routeCommandToMesh(command.meshid, { action: 'amtPolicy', amtPolicy: amtpolicy }); //routeCommandToMesh(command.meshid, { action: 'amtPolicy', amtPolicy: amtpolicy });
@ -1663,7 +1686,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Event the node change // Event the node change
var newMesh = parent.meshes[command.meshid]; var newMesh = parent.meshes[command.meshid];
parent.parent.DispatchEvent(['*', oldMeshId, command.meshid], obj, { etype: 'node', username: user.name, action: 'nodemeshchange', nodeid: node._id, node: node, oldMeshId: oldMeshId, newMeshId: command.meshid, msg: 'Moved device ' + node.name + ' to group ' + newMesh.name, domain: domain.id }); var event = { etype: 'node', username: user.name, action: 'nodemeshchange', nodeid: node._id, node: node, oldMeshId: oldMeshId, newMeshId: command.meshid, msg: 'Moved device ' + node.name + ' to group ' + newMesh.name, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', oldMeshId, command.meshid], obj, event);
}); });
} }
break; break;
@ -1931,11 +1956,12 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Save the node // Save the node
db.Set(node); db.Set(node);
// Event the node change // Event the node change. Only do this if the database will not do it.
event.msg = 'Changed device ' + node.name + ' from group ' + mesh.name + ': ' + changes.join(', '); event.msg = 'Changed device ' + node.name + ' from group ' + mesh.name + ': ' + changes.join(', ');
var node2 = common.Clone(node); var node2 = common.Clone(node);
if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = node2; event.node = node2;
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
parent.parent.DispatchEvent(['*', node.meshid], obj, event); parent.parent.DispatchEvent(['*', node.meshid], obj, event);
} }
} }
@ -2138,7 +2164,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change // Notify change
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added authentication application.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added authentication application.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} else { } else {
ws.send(JSON.stringify({ action: 'otpauth-setup', success: false })); // Report fail ws.send(JSON.stringify({ action: 'otpauth-setup', success: false })); // Report fail
} }
@ -2159,7 +2187,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change // Notify change
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Removed authentication application.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Removed authentication application.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} else { } else {
ws.send(JSON.stringify({ action: 'otpauth-clear', success: false })); // Report fail ws.send(JSON.stringify({ action: 'otpauth-clear', success: false })); // Report fail
} }
@ -2196,7 +2226,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change // Notify change
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
break; break;
} }
case 'otp-hkey-get': case 'otp-hkey-get':
@ -2229,7 +2261,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change // Notify change
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Removed security key.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Removed security key.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
break; break;
} }
case 'otp-hkey-yubikey-add': case 'otp-hkey-yubikey-add':
@ -2277,7 +2311,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change TODO: Should be done on all sessions/servers for this user. // Notify change TODO: Should be done on all sessions/servers for this user.
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} else { } else {
ws.send(JSON.stringify({ action: 'otp-hkey-yubikey-add', result: false, name: command.name })); ws.send(JSON.stringify({ action: 'otp-hkey-yubikey-add', result: false, name: command.name }));
} }
@ -2328,7 +2364,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Notify change // Notify change
var targets = ['*', 'server-users', user._id]; var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } } if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id }); var event = { etype: 'user', username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', msg: 'Added security key.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
} else { } else {
//console.log('webauthn-endregister-error', regResult.error); //console.log('webauthn-endregister-error', regResult.error);
ws.send(JSON.stringify({ action: 'otp-hkey-setup-response', result: false, error: regResult.error, name: command.name, index: keyIndex })); ws.send(JSON.stringify({ action: 'otp-hkey-setup-response', result: false, error: regResult.error, name: command.name, index: keyIndex }));

View File

@ -776,6 +776,7 @@ module.exports.CreateMpsServer = function (parent, db, args, certificates) {
var node2 = common.Clone(node); var node2 = common.Clone(node);
if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = node2; event.node = node2;
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
obj.parent.DispatchEvent(['*', node.meshid], obj, event); obj.parent.DispatchEvent(['*', node.meshid], obj, event);
}); });
}); });

View File

@ -1,6 +1,6 @@
{ {
"name": "meshcentral", "name": "meshcentral",
"version": "0.3.5-i", "version": "0.3.5-j",
"keywords": [ "keywords": [
"Remote Management", "Remote Management",
"Intel AMT", "Intel AMT",

View File

@ -799,6 +799,7 @@
events_update(); events_update();
} }
*/ */
if (message.event.noact) break; // Take no action on this event
switch (message.event.action) { switch (message.event.action) {
case 'accountchange': { case 'accountchange': {
// An account was created or changed // An account was created or changed

View File

@ -1624,6 +1624,7 @@
while (events.length > eventLimit) { events.pop(); } // Remove element(s) at the end while (events.length > eventLimit) { events.pop(); } // Remove element(s) at the end
masterUpdate(32); masterUpdate(32);
} }
if (message.event.noact) break; // Take no action on this event
switch (message.event.action) { switch (message.event.action) {
case 'userWebState': { case 'userWebState': {
// New user web state, update the web page as needed // New user web state, update the web page as needed
@ -1670,7 +1671,7 @@
} }
if (users == null) break; if (users == null) break;
// Check if the account if part of our user group // Check if the account is part of our user group
if ((userinfo.groups == null) || (userinfo.groups.length == 0) || (findOne(message.event.account.groups, userinfo.groups) == true)) { if ((userinfo.groups == null) || (userinfo.groups.length == 0) || (findOne(message.event.account.groups, userinfo.groups) == true)) {
users[message.event.account._id] = message.event.account; // Part of our groups, update this user. users[message.event.account._id] = message.event.account; // Part of our groups, update this user.
} else { } else {
@ -1704,8 +1705,8 @@
meshserver.send({ action: 'nodes' }); // Request a refresh of all nodes (TODO: We could optimize this to only request nodes for the new mesh). meshserver.send({ action: 'nodes' }); // Request a refresh of all nodes (TODO: We could optimize this to only request nodes for the new mesh).
} else { } else {
// This is an existing mesh // This is an existing mesh
if (message.event.name) { meshes[message.event.meshid].name = message.event.name; } if (message.event.name != null) { meshes[message.event.meshid].name = message.event.name; }
if (message.event.desc) { meshes[message.event.meshid].desc = message.event.desc; } if (message.event.desc != null) { meshes[message.event.meshid].desc = message.event.desc; }
if (message.event.flags != null) { meshes[message.event.meshid].flags = message.event.flags; } if (message.event.flags != null) { meshes[message.event.meshid].flags = message.event.flags; }
if (message.event.consent != null) { meshes[message.event.meshid].consent = message.event.consent; } if (message.event.consent != null) { meshes[message.event.meshid].consent = message.event.consent; }
if (message.event.links) { meshes[message.event.meshid].links = message.event.links; } if (message.event.links) { meshes[message.event.meshid].links = message.event.links; }

View File

@ -316,8 +316,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// If the display username has changes, update it. // If the display username has changes, update it.
if (user.name != username) { if (user.name != username) {
user.name = username; user.name = username;
db.SetUser(user); obj.db.SetUser(user);
parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Changed account display name to ' + username, domain: domain.id }); var event = { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Changed account display name to ' + username, domain: domain.id };
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
} }
// If user is locker out, block here. // If user is locker out, block here.
if ((user.siteadmin) && (user.siteadmin != 0xFFFFFFFF) && (user.siteadmin & 32) != 0) { fn('locked'); return; } if ((user.siteadmin) && (user.siteadmin != 0xFFFFFFFF) && (user.siteadmin & 32) != 0) { fn('locked'); return; }
@ -368,8 +370,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
// If the display username has changes, update it. // If the display username has changes, update it.
if (user.name != username) { if (user.name != username) {
user.name = username; user.name = username;
db.SetUser(user); obj.db.SetUser(user);
parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Changed account display name to ' + username, domain: domain.id }); var event = { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Changed account display name to ' + username, domain: domain.id };
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
} }
// If user is locker out, block here. // If user is locker out, block here.
if ((user.siteadmin) && (user.siteadmin != 0xFFFFFFFF) && (user.siteadmin & 32) != 0) { fn('locked'); return; } if ((user.siteadmin) && (user.siteadmin != 0xFFFFFFFF) && (user.siteadmin & 32) != 0) { fn('locked'); return; }
@ -870,7 +874,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
user.passchange = Math.floor(Date.now() / 1000); user.passchange = Math.floor(Date.now() / 1000);
delete user.passtype; delete user.passtype;
obj.db.SetUser(user); obj.db.SetUser(user);
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'User password reset', domain: domain.id }); var event = { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'User password reset', domain: domain.id };
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
// Login succesful // Login succesful
req.session.userid = userid; req.session.userid = userid;
@ -995,7 +1001,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.db.SetUser(user); obj.db.SetUser(user);
// Event the change // Event the change
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Verified email of user ' + EscapeHtml(user.name) + ' (' + EscapeHtml(user.email) + ')', domain: domain.id }); var event = { etype: 'user', username: user.name, account: obj.CloneSafeUser(user), action: 'accountchange', msg: 'Verified email of user ' + EscapeHtml(user.name) + ' (' + EscapeHtml(user.email) + ')', domain: domain.id };
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
// Send the confirmation page // Send the confirmation page
res.render(obj.path.join(obj.parent.webViewsPath, 'message'), { title: domain.title, title2: domain.title2, title3: 'Account Verification', domainurl: domain.url, message: 'Verified email <b>' + EscapeHtml(user.email) + '</b> for user account <b>' + EscapeHtml(user.name) + '</b>. <a href="' + domain.url + '">Go to login page</a>.' }); res.render(obj.path.join(obj.parent.webViewsPath, 'message'), { title: domain.title, title2: domain.title2, title3: 'Account Verification', domainurl: domain.url, message: 'Verified email <b>' + EscapeHtml(user.email) + '</b> for user account <b>' + EscapeHtml(user.name) + '</b>. <a href="' + domain.url + '">Go to login page</a>.' });
@ -1028,7 +1036,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
obj.db.SetUser(userinfo); obj.db.SetUser(userinfo);
// Event the change // Event the change
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, { etype: 'user', username: userinfo.name, account: obj.CloneSafeUser(userinfo), action: 'accountchange', msg: 'Password reset for user ' + EscapeHtml(user.name), domain: domain.id }); var event = { etype: 'user', username: userinfo.name, account: obj.CloneSafeUser(userinfo), action: 'accountchange', msg: 'Password reset for user ' + EscapeHtml(user.name), domain: domain.id };
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
// Send the new password // Send the new password
res.render(obj.path.join(obj.parent.webViewsPath, 'message'), { title: domain.title, title2: domain.title2, title3: 'Account Verification', domainurl: domain.url, message: '<div>Password for account <b>' + EscapeHtml(user.name) + '</b> has been reset to:</div><div style=padding:14px;font-size:18px><b>' + EscapeHtml(newpass) + '</b></div>Login and go to the \"My Account\" tab to update your password. <a href="' + domain.url + '">Go to login page</a>.' }); res.render(obj.path.join(obj.parent.webViewsPath, 'message'), { title: domain.title, title2: domain.title2, title3: 'Account Verification', domainurl: domain.url, message: '<div>Password for account <b>' + EscapeHtml(user.name) + '</b> has been reset to:</div><div style=padding:14px;font-size:18px><b>' + EscapeHtml(newpass) + '</b></div>Login and go to the \"My Account\" tab to update your password. <a href="' + domain.url + '">Go to login page</a>.' });
@ -2169,6 +2179,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
var node2 = obj.common.Clone(node); var node2 = obj.common.Clone(node);
if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this. if (node2.intelamt && node2.intelamt.pass) delete node2.intelamt.pass; // Remove the Intel AMT password before eventing this.
event.node = node2; event.node = node2;
if (obj.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the node. Another event will come.
obj.parent.DispatchEvent(['*', node.meshid], obj, event); obj.parent.DispatchEvent(['*', node.meshid], obj, event);
} }
} }