mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-10-29 07:15:01 -04:00
autoAcceptIfLocked and more! (#7319)
This commit is contained in:
stephannn
GitHub
parent
1bd06ccded
commit
49da5da9dd
@ -1176,6 +1176,13 @@ function handleServerCommand(data) {
|
||||
tunnel.consentTimeout = (tunnel.soptions && tunnel.soptions.consentTimeout) ? tunnel.soptions.consentTimeout : 30;
|
||||
tunnel.consentAutoAccept = (tunnel.soptions && (tunnel.soptions.consentAutoAccept === true));
|
||||
tunnel.consentAutoAcceptIfNoUser = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfNoUser === true));
|
||||
tunnel.consentAutoAcceptIfDesktopNoUser = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfDesktopNoUser === true));
|
||||
tunnel.consentAutoAcceptIfTerminalNoUser = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfTerminalNoUser === true));
|
||||
tunnel.consentAutoAcceptIfFileNoUser = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfFileNoUser === true));
|
||||
tunnel.consentAutoAcceptIfLocked = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfLocked === true));
|
||||
tunnel.consentAutoAcceptIfDesktopLocked = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfDesktopLocked === true));
|
||||
tunnel.consentAutoAcceptIfTerminalLocked = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfTerminalLocked === true));
|
||||
tunnel.consentAutoAcceptIfFileLocked = (tunnel.soptions && (tunnel.soptions.consentAutoAcceptIfFileLocked === true));
|
||||
tunnel.oldStyle = (tunnel.soptions && tunnel.soptions.oldStyle) ? tunnel.soptions.oldStyle : false;
|
||||
tunnel.tcpaddr = data.tcpaddr;
|
||||
tunnel.tcpport = data.tcpport;
|
||||
@ -3067,7 +3074,7 @@ function onTunnelData(data)
|
||||
// Perform User-Consent if needed.
|
||||
if (this.httprequest.consent && (this.httprequest.consent & 16)) {
|
||||
// User asked for consent so now we check if we can auto accept if no user is present/loggedin
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser) {
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser || this.httprequest.consentAutoAcceptIfTerminalNoUser || this.httprequest.consentAutoAcceptIfLocked || this.httprequest.consentAutoAcceptIfTerminalLocked) {
|
||||
var p = require('user-sessions').enumerateUsers();
|
||||
p.sessionid = this.httprequest.sessionid;
|
||||
p.ws = this;
|
||||
@ -3076,10 +3083,35 @@ function onTunnelData(data)
|
||||
for (var i in u) {
|
||||
if (u[i].State == 'Active') { v.push({ tsid: i, type: u[i].StationName, user: u[i].Username, domain: u[i].Domain }); }
|
||||
}
|
||||
if (v.length == 0) { // No user is present, auto accept
|
||||
var autoAccept = false;
|
||||
|
||||
// Check if we should auto-accept because no user is present
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfNoUser || this.ws.httprequest.consentAutoAcceptIfTerminalNoUser) && (v.length == 0)) {
|
||||
autoAccept = true;
|
||||
}
|
||||
|
||||
// Check if we should auto-accept because all users are locked
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfLocked || this.ws.httprequest.consentAutoAcceptIfTerminalLocked) && (v.length > 0)) {
|
||||
var allUsersLocked = true;
|
||||
if (!meshCoreObj.lusers || meshCoreObj.lusers.length == 0) {
|
||||
// No locked users list available, assume users are not locked
|
||||
allUsersLocked = false;
|
||||
} else {
|
||||
for (var i in v) {
|
||||
var username = v[i].domain ? (v[i].domain + '\\' + v[i].user) : v[i].user;
|
||||
if (meshCoreObj.lusers.indexOf(username) == -1) {
|
||||
allUsersLocked = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (allUsersLocked) { autoAccept = true; }
|
||||
}
|
||||
|
||||
if (autoAccept) {
|
||||
this.ws.httprequest.tpromise._res();
|
||||
} else {
|
||||
// User is present so we still need consent
|
||||
// User is present and not all locked, so we still need consent
|
||||
terminal_consent_ask(this.ws);
|
||||
}
|
||||
});
|
||||
@ -3188,7 +3220,7 @@ function onTunnelData(data)
|
||||
if (this.httprequest.consent && (this.httprequest.consent & 8)) {
|
||||
|
||||
// User asked for consent but now we check if can auto accept if no user is present
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser) {
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser || this.httprequest.consentAutoAcceptIfDesktopNoUser || this.httprequest.consentAutoAcceptIfLocked || this.httprequest.consentAutoAcceptIfDesktopLocked) {
|
||||
// Get list of users to check if we any actual users logged in, and if users logged in, we still need consent
|
||||
var p = require('user-sessions').enumerateUsers();
|
||||
p.sessionid = this.httprequest.sessionid;
|
||||
@ -3198,10 +3230,36 @@ function onTunnelData(data)
|
||||
for (var i in u) {
|
||||
if (u[i].State == 'Active') { v.push({ tsid: i, type: u[i].StationName, user: u[i].Username, domain: u[i].Domain }); }
|
||||
}
|
||||
if (v.length == 0) { // No user is present, auto accept
|
||||
var autoAccept = false;
|
||||
|
||||
// Check if we can auto-accept because no user is present
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfNoUser || this.ws.httprequest.consentAutoAcceptIfDesktopNoUser) && (v.length == 0)) {
|
||||
// No user is present, auto accept
|
||||
autoAccept = true;
|
||||
}
|
||||
|
||||
// Check if we can auto-accept because all users are locked
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfLocked || this.ws.httprequest.consentAutoAcceptIfDesktopLocked) && (v.length > 0)) {
|
||||
var allUsersLocked = true;
|
||||
if (!meshCoreObj.lusers || meshCoreObj.lusers.length == 0) {
|
||||
// No locked users list available, assume users are not locked
|
||||
allUsersLocked = false;
|
||||
} else {
|
||||
for (var i in v) {
|
||||
var username = v[i].domain ? (v[i].domain + '\\' + v[i].user) : v[i].user;
|
||||
if (meshCoreObj.lusers.indexOf(username) == -1) {
|
||||
allUsersLocked = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (allUsersLocked) { autoAccept = true; }
|
||||
}
|
||||
|
||||
if (autoAccept) {
|
||||
kvm_consent_ok(this.ws);
|
||||
} else {
|
||||
// User is present so we still need consent
|
||||
// User is present and not all locked, so we still need consent
|
||||
kvm_consent_ask(this.ws);
|
||||
}
|
||||
});
|
||||
@ -3259,10 +3317,7 @@ function onTunnelData(data)
|
||||
};
|
||||
|
||||
// Perform notification if needed. Toast messages may not be supported on all platforms.
|
||||
if (this.httprequest.consent && (this.httprequest.consent & 32))
|
||||
{
|
||||
// User asked for consent so now we check if we can auto accept if no user is present/loggedin
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser) {
|
||||
if (this.httprequest.consentAutoAcceptIfNoUser || this.httprequest.consentAutoAcceptIfFileNoUser || this.httprequest.consentAutoAcceptIfLocked || this.httprequest.consentAutoAcceptIfFileLocked) {
|
||||
var p = require('user-sessions').enumerateUsers();
|
||||
p.sessionid = this.httprequest.sessionid;
|
||||
p.ws = this;
|
||||
@ -3271,19 +3326,40 @@ function onTunnelData(data)
|
||||
for (var i in u) {
|
||||
if (u[i].State == 'Active') { v.push({ tsid: i, type: u[i].StationName, user: u[i].Username, domain: u[i].Domain }); }
|
||||
}
|
||||
if (v.length == 0) { // No user is present, auto accept
|
||||
var autoAccept = false;
|
||||
|
||||
// Check if we should auto-accept because no user is present
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfNoUser || this.ws.httprequest.consentAutoAcceptIfFileNoUser) && (v.length == 0)) {
|
||||
autoAccept = true;
|
||||
}
|
||||
|
||||
// Check if we should auto-accept because all users are locked
|
||||
if ((this.ws.httprequest.consentAutoAcceptIfLocked || this.ws.httprequest.consentAutoAcceptIfFileLocked) && (v.length > 0)) {
|
||||
var allUsersLocked = true;
|
||||
if (!meshCoreObj.lusers || meshCoreObj.lusers.length == 0) {
|
||||
// No locked users list available, assume users are not locked
|
||||
allUsersLocked = false;
|
||||
} else {
|
||||
for (var i in v) {
|
||||
var username = v[i].domain ? (v[i].domain + '\\' + v[i].user) : v[i].user;
|
||||
if (meshCoreObj.lusers.indexOf(username) == -1) {
|
||||
allUsersLocked = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (allUsersLocked) { autoAccept = true; }
|
||||
}
|
||||
|
||||
if (autoAccept) {
|
||||
// User Consent Prompt is not required
|
||||
files_consent_ok(this.ws);
|
||||
} else {
|
||||
// User is present so we still need consent
|
||||
// User is present and not all locked, so we still need consent
|
||||
files_consent_ask(this.ws);
|
||||
}
|
||||
});
|
||||
} else {
|
||||
// User Consent Prompt is required
|
||||
files_consent_ask(this);
|
||||
}
|
||||
} else {
|
||||
// User Consent Prompt is not required
|
||||
files_consent_ok(this);
|
||||
}
|
||||
|
||||
@ -2080,7 +2080,42 @@
|
||||
"autoAcceptIfNoUser": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent is accepted if no user is logged in."
|
||||
"description": "If true, user consents for desktop, terminal, and file are accepted if no user is logged in."
|
||||
},
|
||||
"autoAcceptIfDesktopNoUser": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for desktop access is accepted if no user is logged in."
|
||||
},
|
||||
"autoAcceptIfTerminalNoUser": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for terminal access is accepted if no user is logged in."
|
||||
},
|
||||
"autoAcceptIfFileNoUser": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for file access is accepted if no user is logged in."
|
||||
},
|
||||
"autoAcceptIfLocked": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consents for desktop, terminal, and file are accepted if device is locked."
|
||||
},
|
||||
"autoAcceptIfDesktopLocked": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for desktop access is accepted if device is locked."
|
||||
},
|
||||
"autoAcceptIfTerminalLocked": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for terminal access is accepted if device is locked."
|
||||
},
|
||||
"autoAcceptIfFileLocked": {
|
||||
"type": "boolean",
|
||||
"default": false,
|
||||
"description": "If true, user consent for file access is accepted if device is locked."
|
||||
},
|
||||
"oldStyle": {
|
||||
"type": "boolean",
|
||||
|
||||
@ -1348,6 +1348,13 @@ function CreateMeshRelayEx2(parent, ws, req, domain, user, cookie) {
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
|
||||
28
meshrelay.js
28
meshrelay.js
@ -906,6 +906,13 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
@ -945,6 +952,13 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
@ -964,6 +978,13 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
@ -1017,6 +1038,13 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
|
||||
@ -1009,6 +1009,13 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
if ((typeof domain.consentmessages.consenttimeout == 'number') && (domain.consentmessages.consenttimeout > 0)) { command.soptions.consentTimeout = domain.consentmessages.consenttimeout; }
|
||||
if (domain.consentmessages.autoacceptontimeout === true) { command.soptions.consentAutoAccept = true; }
|
||||
if (domain.consentmessages.autoacceptifnouser === true) { command.soptions.consentAutoAcceptIfNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktopnouser === true) { command.soptions.consentAutoAcceptIfDesktopNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptifterminalnouser === true) { command.soptions.consentAutoAcceptIfTerminalNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiffilenouser === true) { command.soptions.consentAautoAcceptIfFileNoUser = true; }
|
||||
if (domain.consentmessages.autoacceptiflocked === true) { command.soptions.consentAutoAcceptIfLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifdesktoplocked === true) { command.soptions.consentAutoAcceptIfDesktopLocked = true; }
|
||||
if (domain.consentmessages.autoacceptifterminallocked === true) { command.soptions.consentAutoAcceptIfTerminalLocked = true; }
|
||||
if (domain.consentmessages.autoacceptiffilelocked === true) { command.soptions.consentAutoAcceptIfFileLocked = true; }
|
||||
if (domain.consentmessages.oldstyle === true) { command.soptions.oldStyle = true; }
|
||||
}
|
||||
if (typeof domain.notificationmessages == 'object') {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user