mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-24 22:25:52 -05:00
Second fix for mesh link escaping.
This commit is contained in:
parent
e879e44713
commit
333c7c7876
173
db.js
173
db.js
@ -108,105 +108,104 @@ module.exports.CreateDB = function (parent, func) {
|
||||
// Add this as a valid user identifier
|
||||
validIdentifiers[docs[i]._id] = 1;
|
||||
}
|
||||
}
|
||||
|
||||
// Fix all of the creating & login to ticks by seconds, not milliseconds.
|
||||
obj.GetAllType('user', function (err, docs) {
|
||||
if (err != null) { parent.debug('db', 'ERROR (GetAll user): ' + err); }
|
||||
if ((err == null) && (docs.length > 0)) {
|
||||
for (var i in docs) {
|
||||
var fixed = false;
|
||||
|
||||
// Fix all of the creating & login to ticks by seconds, not milliseconds.
|
||||
obj.GetAllType('user', function (err, docs) {
|
||||
if (err != null) { parent.debug('db', 'ERROR (GetAll user): ' + err); }
|
||||
if ((err == null) && (docs.length > 0)) {
|
||||
for (var i in docs) {
|
||||
var fixed = false;
|
||||
// Add this as a valid user identifier
|
||||
validIdentifiers[docs[i]._id] = 1;
|
||||
|
||||
// Add this as a valid user identifier
|
||||
validIdentifiers[docs[i]._id] = 1;
|
||||
|
||||
// Fix email address capitalization
|
||||
if (docs[i].email && (docs[i].email != docs[i].email.toLowerCase())) {
|
||||
docs[i].email = docs[i].email.toLowerCase(); fixed = true;
|
||||
}
|
||||
|
||||
// Fix account creation
|
||||
if (docs[i].creation) {
|
||||
if (docs[i].creation > 1300000000000) { docs[i].creation = Math.floor(docs[i].creation / 1000); fixed = true; }
|
||||
if ((docs[i].creation % 1) != 0) { docs[i].creation = Math.floor(docs[i].creation); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix last account login
|
||||
if (docs[i].login) {
|
||||
if (docs[i].login > 1300000000000) { docs[i].login = Math.floor(docs[i].login / 1000); fixed = true; }
|
||||
if ((docs[i].login % 1) != 0) { docs[i].login = Math.floor(docs[i].login); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix last password change
|
||||
if (docs[i].passchange) {
|
||||
if (docs[i].passchange > 1300000000000) { docs[i].passchange = Math.floor(docs[i].passchange / 1000); fixed = true; }
|
||||
if ((docs[i].passchange % 1) != 0) { docs[i].passchange = Math.floor(docs[i].passchange); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix subscriptions
|
||||
if (docs[i].subscriptions != null) { delete docs[i].subscriptions; fixed = true; }
|
||||
|
||||
// Save the user if needed
|
||||
if (fixed) { obj.Set(docs[i]); }
|
||||
// Fix email address capitalization
|
||||
if (docs[i].email && (docs[i].email != docs[i].email.toLowerCase())) {
|
||||
docs[i].email = docs[i].email.toLowerCase(); fixed = true;
|
||||
}
|
||||
|
||||
// Remove all objects that have a "meshid" that no longer points to a valid mesh.
|
||||
// Fix any incorrectly escaped user identifiers
|
||||
obj.GetAllType('mesh', function (err, docs) {
|
||||
if (err != null) { parent.debug('db', 'ERROR (GetAll mesh): ' + err); }
|
||||
var meshlist = [];
|
||||
if ((err == null) && (docs.length > 0)) {
|
||||
for (var i in docs) {
|
||||
var meshChange = false;
|
||||
docs[i] = common.unEscapeLinksFieldName(docs[i]);
|
||||
meshlist.push(docs[i]._id);
|
||||
// Fix account creation
|
||||
if (docs[i].creation) {
|
||||
if (docs[i].creation > 1300000000000) { docs[i].creation = Math.floor(docs[i].creation / 1000); fixed = true; }
|
||||
if ((docs[i].creation % 1) != 0) { docs[i].creation = Math.floor(docs[i].creation); fixed = true; }
|
||||
}
|
||||
|
||||
// Make sure all mesh types are number type, if not, fix it.
|
||||
if (typeof docs[i].mtype == 'string') { docs[i].mtype = parseInt(docs[i].mtype); meshChange = true; }
|
||||
// Fix last account login
|
||||
if (docs[i].login) {
|
||||
if (docs[i].login > 1300000000000) { docs[i].login = Math.floor(docs[i].login / 1000); fixed = true; }
|
||||
if ((docs[i].login % 1) != 0) { docs[i].login = Math.floor(docs[i].login); fixed = true; }
|
||||
}
|
||||
|
||||
// Take a look at the links
|
||||
if (docs[i].links != null) {
|
||||
for (var j in docs[i].links) {
|
||||
if (validIdentifiers[j] == null) {
|
||||
// This identifier is not known, let see if we can fix it.
|
||||
var xid = j, xid2 = common.unEscapeFieldName(xid);
|
||||
while ((xid != xid2) && (validIdentifiers[xid2] == null)) { xid = xid2; xid2 = common.unEscapeFieldName(xid2); }
|
||||
if (validIdentifiers[xid2] == 1) {
|
||||
//console.log('Fixing id: ' + j + ' to ' + common.escapeFieldName(xid2));
|
||||
docs[i].links[xid2] = docs[i].links[j];
|
||||
delete docs[i].links[j];
|
||||
meshChange = true;
|
||||
} else {
|
||||
// TODO: here, we may want to clean up links to users and user groups that do not exist anymore.
|
||||
//console.log('Unknown id: ' + j);
|
||||
}
|
||||
// Fix last password change
|
||||
if (docs[i].passchange) {
|
||||
if (docs[i].passchange > 1300000000000) { docs[i].passchange = Math.floor(docs[i].passchange / 1000); fixed = true; }
|
||||
if ((docs[i].passchange % 1) != 0) { docs[i].passchange = Math.floor(docs[i].passchange); fixed = true; }
|
||||
}
|
||||
|
||||
// Fix subscriptions
|
||||
if (docs[i].subscriptions != null) { delete docs[i].subscriptions; fixed = true; }
|
||||
|
||||
// Save the user if needed
|
||||
if (fixed) { obj.Set(docs[i]); }
|
||||
}
|
||||
|
||||
// Remove all objects that have a "meshid" that no longer points to a valid mesh.
|
||||
// Fix any incorrectly escaped user identifiers
|
||||
obj.GetAllType('mesh', function (err, docs) {
|
||||
if (err != null) { parent.debug('db', 'ERROR (GetAll mesh): ' + err); }
|
||||
var meshlist = [];
|
||||
if ((err == null) && (docs.length > 0)) {
|
||||
for (var i in docs) {
|
||||
var meshChange = false;
|
||||
docs[i] = common.unEscapeLinksFieldName(docs[i]);
|
||||
meshlist.push(docs[i]._id);
|
||||
|
||||
// Make sure all mesh types are number type, if not, fix it.
|
||||
if (typeof docs[i].mtype == 'string') { docs[i].mtype = parseInt(docs[i].mtype); meshChange = true; }
|
||||
|
||||
// Take a look at the links
|
||||
if (docs[i].links != null) {
|
||||
for (var j in docs[i].links) {
|
||||
if (validIdentifiers[j] == null) {
|
||||
// This identifier is not known, let see if we can fix it.
|
||||
var xid = j, xid2 = common.unEscapeFieldName(xid);
|
||||
while ((xid != xid2) && (validIdentifiers[xid2] == null)) { xid = xid2; xid2 = common.unEscapeFieldName(xid2); }
|
||||
if (validIdentifiers[xid2] == 1) {
|
||||
//console.log('Fixing id: ' + j + ' to ' + xid2);
|
||||
docs[i].links[xid2] = docs[i].links[j];
|
||||
delete docs[i].links[j];
|
||||
meshChange = true;
|
||||
} else {
|
||||
// TODO: here, we may want to clean up links to users and user groups that do not exist anymore.
|
||||
//console.log('Unknown id: ' + j);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Save the updated device group if needed
|
||||
if (meshChange) { obj.Set(docs[i]); }
|
||||
}
|
||||
}
|
||||
if ((obj.databaseType == 4) || (obj.databaseType == 5)) {
|
||||
// MariaDB
|
||||
sqlDbQuery('DELETE FROM MeshCentral.Main WHERE (extra LIKE ("mesh/%") AND (extra NOT IN ?)', [meshlist], func);
|
||||
} else if (obj.databaseType == 3) {
|
||||
// MongoDB
|
||||
obj.file.deleteMany({ meshid: { $exists: true, $nin: meshlist } }, { multi: true });
|
||||
} else {
|
||||
// NeDB or MongoJS
|
||||
obj.file.remove({ meshid: { $exists: true, $nin: meshlist } }, { multi: true });
|
||||
}
|
||||
|
||||
// We are done
|
||||
validIdentifiers = null;
|
||||
if (func) { func(); }
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
// Save the updated device group if needed
|
||||
if (meshChange) { obj.Set(docs[i]); }
|
||||
}
|
||||
}
|
||||
if ((obj.databaseType == 4) || (obj.databaseType == 5)) {
|
||||
// MariaDB
|
||||
sqlDbQuery('DELETE FROM MeshCentral.Main WHERE (extra LIKE ("mesh/%") AND (extra NOT IN ?)', [meshlist], func);
|
||||
} else if (obj.databaseType == 3) {
|
||||
// MongoDB
|
||||
obj.file.deleteMany({ meshid: { $exists: true, $nin: meshlist } }, { multi: true });
|
||||
} else {
|
||||
// NeDB or MongoJS
|
||||
obj.file.remove({ meshid: { $exists: true, $nin: meshlist } }, { multi: true });
|
||||
}
|
||||
|
||||
// We are done
|
||||
validIdentifiers = null;
|
||||
if (func) { func(); }
|
||||
});
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
};
|
||||
|
||||
// Get encryption key
|
||||
|
@ -2765,8 +2765,6 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
}
|
||||
case 'createmesh':
|
||||
{
|
||||
console.log(command);
|
||||
|
||||
var err = null;
|
||||
try {
|
||||
// Check if we have new group restriction
|
||||
|
Loading…
Reference in New Issue
Block a user