mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2024-12-24 22:25:52 -05:00
Merge branch 'master' of https://github.com/Ylianst/MeshCentral
This commit is contained in:
commit
8968048377
21
common.js
21
common.js
@ -171,7 +171,28 @@ module.exports.validateEmail = function (email, minlen, maxlen) { if (module.exp
|
||||
module.exports.validateUsername = function (username, minlen, maxlen) { return (module.exports.validateString(username, minlen, maxlen) && (username.indexOf(' ') == -1) && (username.indexOf('"') == -1) && (username.indexOf(',') == -1)); };
|
||||
module.exports.isAlphaNumeric = function (str) { return (str.match(/^[A-Za-z0-9]+$/) != null); };
|
||||
module.exports.validateAlphaNumericArray = function (array, minlen, maxlen) { if (((array != null) && Array.isArray(array)) == false) return false; for (var i in array) { if ((typeof array[i] != 'string') || (module.exports.isAlphaNumeric(array[i]) == false) || ((minlen != null) && (array[i].length < minlen)) || ((maxlen != null) && (array[i].length > maxlen)) ) return false; } return true; };
|
||||
module.exports.getEmailDomain = function(email) {
|
||||
if (!module.exports.validateEmail(email, 1, 1024)) {
|
||||
return '';
|
||||
}
|
||||
const i = email.indexOf('@');
|
||||
return email.substring(i + 1).toLowerCase();
|
||||
}
|
||||
|
||||
module.exports.validateEmailDomain = function(email, allowedDomains) {
|
||||
// Check if this request is for an allows email domain
|
||||
if ((allowedDomains != null) && Array.isArray(allowedDomains)) {
|
||||
const emaildomain = module.exports.getEmailDomain(email);
|
||||
if (emaildomain === '') {
|
||||
return false;
|
||||
}
|
||||
var emailok = false;
|
||||
for (var i in allowedDomains) { if (emaildomain == allowedDomains[i].toLowerCase()) { emailok = true; } }
|
||||
return emailok;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
// Check password requirements
|
||||
module.exports.checkPasswordRequirements = function(password, requirements) {
|
||||
if ((requirements == null) || (requirements == '') || (typeof requirements != 'object')) return true;
|
||||
|
@ -5186,7 +5186,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
if (command.randomPassword === true) { command.pass = getRandomPassword(); }
|
||||
|
||||
// Add a new user account
|
||||
var err = null, errid = 0, newusername, newuserid, newuserdomain;
|
||||
var err = null, errid = 0, args = null, newusername, newuserid, newuserdomain;
|
||||
try {
|
||||
if ((user.siteadmin & MESHRIGHT_MANAGEUSERS) == 0) { err = "Permission denied"; errid = 1; }
|
||||
else if (common.validateUsername(command.username, 1, 256) == false) { err = "Invalid username"; errid = 2; } // Username is between 1 and 64 characters, no spaces
|
||||
@ -5195,6 +5195,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
else if ((command.randomPassword !== true) && (common.checkPasswordRequirements(command.pass, domain.passwordrequirements) == false)) { err = "Invalid password"; errid = 3; } // Password does not meet requirements
|
||||
else if ((command.email != null) && (common.validateEmail(command.email, 1, 1024) == false)) { err = "Invalid email"; errid = 4; } // Check if this is a valid email address
|
||||
else if ((obj.crossDomain === true) && (command.domain != null) && ((typeof command.domain != 'string') || (parent.parent.config.domains[command.domain] == null))) { err = "Invalid domain"; errid = 5; } // Check if this is a valid domain
|
||||
else if ((domain.newaccountemaildomains != null) && Array.isArray(domain.newaccountemaildomains) && !common.validateEmailDomain(command.email, domain.newaccountemaildomains)) { err = "Email domain is not allowed. Only (" + domain.newaccountemaildomains.join(', ') + ") are allowed."; errid=30; args = [common.getEmailDomain(command.email), domain.newaccountemaildomains.join(', ')]; }
|
||||
else {
|
||||
newuserdomain = domain;
|
||||
if ((obj.crossDomain === true) && (command.domain != null)) { newuserdomain = parent.parent.config.domains[command.domain]; }
|
||||
@ -5215,7 +5216,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
||||
obj.send({ action: 'adduser', responseid: command.responseid, result: err, msgid: errid });
|
||||
} else {
|
||||
// Send error back, user not found.
|
||||
displayNotificationMessage(err, "New Account", 'ServerNotify', 1, errid);
|
||||
displayNotificationMessage(err, "New Account", 'ServerNotify', 1, errid, args);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
@ -6437,7 +6437,8 @@
|
||||
"No phone number for this user",
|
||||
"SMS succesfuly sent.",
|
||||
"SMS error",
|
||||
"SMS error: {0}"
|
||||
"SMS error: {0}",
|
||||
"Email domain \"{0}\" is not allowed. Only ({1}) are allowed" // 30
|
||||
];
|
||||
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) { } }
|
||||
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
||||
|
@ -16077,7 +16077,8 @@
|
||||
"No phone number for this user",
|
||||
"SMS succesfuly sent.",
|
||||
"SMS error",
|
||||
"SMS error: {0}"
|
||||
"SMS error: {0}",
|
||||
"Email domain \"{0}\" is not allowed. Only ({1}) are allowed" // 30
|
||||
];
|
||||
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) {} }
|
||||
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
||||
|
@ -1837,7 +1837,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||
render(req, res, getRenderPage((domain.sitestyle == 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 4, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain));
|
||||
} else {
|
||||
obj.db.GetUserWithVerifiedEmail(domain.id, user.email, function (err, docs) {
|
||||
if (docs.length > 0) {
|
||||
if ((docs.length > 0) && (docs.find(function (u) { return (u._id === user._id); }) < 0)) {
|
||||
parent.debug('web', 'handleCheckMailRequest: email already in use.');
|
||||
render(req, res, getRenderPage((domain.sitestyle == 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 5, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27') }, req, domain));
|
||||
} else {
|
||||
|
Loading…
Reference in New Issue
Block a user