MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Server crash fix, improved authlog.

This commit is contained in:
Ylian Saint-Hilaire 2020-04-20 02:44:14 -07:00
parent fd6c333502
commit 955e6f168e
5 changed files with 39 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
meshuser.js
View File

@ -1245,6 +1245,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' changed email from ' + oldemail + ' to ' + user.email); }
// Send the verification email
if (parent.parent.mailserver != null) { parent.parent.mailserver.sendAccountCheckMail(domain, user.name, user.email, parent.getLanguageCodes(req)); }
}
@ -1388,6 +1391,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (command.responseid != null) { try { ws.send(JSON.stringify({ action: 'deleteuser', responseid: command.responseid, result: 'ok' })); } catch (ex) { } }
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' deleted user account ' + deluser.name); }
break;
}
case 'userbroadcast':
@ -1491,6 +1497,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
}
if (parent.db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to create the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' created user account ' + newuser.name); }
}, newuser);
}
}
@ -1592,6 +1601,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
parent.parent.mailserver.sendAccountInviteMail(domain, user.name, newusername, command.email.toLowerCase(), command.pass, parent.getLanguageCodes(req));
}
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' created user account ' + newuser.name); }
// OK Response
if (command.responseid != null) { try { ws.send(JSON.stringify({ action: 'adduser', responseid: command.responseid, result: 'ok' })); } catch (ex) { } }
} else {
@ -1783,6 +1795,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Event any pending events, these must be sent out after the group creation event is displatched.
for (var i in pendingDispatchEvents) { var ev = pendingDispatchEvents[i]; parent.parent.DispatchEvent(ev[0], ev[1], ev[2]); }
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' created user group ' + ugrp.name); }
try { ws.send(JSON.stringify({ action: 'createusergroup', responseid: command.responseid, result: 'ok', ugrpid: ugrpid, links: ugrp.links })); } catch (ex) { }
});
break;
@ -1839,6 +1854,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var event = { etype: 'ugrp', userid: user._id, username: user.name, ugrpid: group._id, action: 'deleteusergroup', msg: change, domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the mesh. Another event will come.
parent.parent.DispatchEvent(['*', group._id, user._id], obj, event);
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' deleted user group ' + group.name); }
});
break;
}
@ -2066,6 +2084,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
// Send user notification of password change
displayNotificationMessage('Password changed.', 'Account Settings', 'ServerNotify');
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' changed this password'); }
}
}, 0);
} else {
@ -2117,6 +2138,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var event = { etype: 'user', userid: user._id, username: user.name, account: parent.CloneSafeUser(chguser), action: 'accountchange', msg: 'Changed account credentials.', domain: domain.id };
if (db.changeStream) { event.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
parent.parent.DispatchEvent(targets, obj, event);
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' changed account password of user ' + chguser.name); }
} else {
// Report that the password change failed
// TODO
@ -2276,6 +2300,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
var event = { etype: 'mesh', userid: user._id, username: user.name, meshid: meshid, name: command.meshname, mtype: command.meshtype, desc: command.desc, action: 'createmesh', links: links, msg: 'Device group created: ' + command.meshname, domain: domain.id };
parent.parent.DispatchEvent(['*', meshid, user._id], obj, event); // Even if DB change stream is active, this event must be acted upon.
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' created device group ' + mesh.name); }
try { ws.send(JSON.stringify({ action: 'createmesh', responseid: command.responseid, result: 'ok', meshid: meshid, links: links })); } catch (ex) { }
});
break;
@ -2365,6 +2392,9 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
db.RemoveMeshDocuments(command.meshid);
// TODO: We are possibly deleting devices that users will have links to. We need to clean up the broken links from on occasion.
// Log in the auth log
if (parent.parent.authlog) { parent.parent.authLog('https', 'User ' + user.name + ' deleted device group ' + mesh.name); }
if (command.responseid != null) { try { ws.send(JSON.stringify({ action: 'deletemesh', responseid: command.responseid, result: 'ok' })); } catch (ex) { } }
break;
}
@ -2479,7 +2509,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (newuserid == obj.user._id) { msgs.push("Can't change self"); continue; }
var targetMeshRights = 0;
if (newuser.links[command.meshid]) { targetMeshRights = newuser.links[command.meshid].rights; }
if ((newuser.links != null) && (newuser.links[command.meshid] != null) && (newuser.links[command.meshid].rights != null)) { targetMeshRights = newuser.links[command.meshid].rights; }
if ((targetMeshRights == 0xFFFFFFFF) && (selfMeshRights != 0xFFFFFFFF)) { msgs.push("Can't change rights of device group administrator"); continue; } // A non-admin can't kick out an admin
if (command.remove === true) {

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "meshcentral",
"version": "0.5.8",
"version": "0.5.9",
"keywords": [
"Remote Management",
"Intel AMT",

5
sample-config.json
View File

@ -56,8 +56,9 @@
"_MpsTlsOffload": true,
"_No2FactorAuth": true,
"_Log": "main,web,webrequest,cert",
"_syslog": true,
"_syslogjson": true,
"_syslog": "meshcentral",
"_syslogauth": "meshcentral-auth",
"_syslogjson": "meshcentral-json",
"_WebRtConfig": {
"iceServers": [
{ "urls": "stun:stun.services.mozilla.com" },

2
views/default.handlebars
View File

@ -8392,7 +8392,9 @@
for (var i in sortedusers) {
var trash = '', r = sortedusers[i].rights, rights = makeDeviceGroupRightsString(r), icon = 2;
if ((sortedusers[i].id != userinfo._id) && (meshrights == 0xFFFFFFFF || (((meshrights & 2) != 0)))) {
if ((meshrights == 0xFFFFFFFF) || (currentMesh.links[sortedusers[i].id].rights != 0xFFFFFFFF)) {
trash = '<a href=# onclick=\'return p20deleteUser(event,"' + encodeURIComponent(sortedusers[i].id) + '")\' title=\"' + "Remove user rights to this device group" + '\" style=cursor:pointer><img src=images/trash.png border=0 height=10 width=10></a>';
}
rights = '<span tabindex=0 style=cursor:pointer onclick=p20viewuser("' + encodeURIComponent(sortedusers[i].id) + '") onkeypress="if (event.key==\'Enter\') p20viewuser(\'' + encodeURIComponent(sortedusers[i].id) + '\')">' + rights + ' <img class=hoverButton style=cursor:pointer src=images/link5.png></span>';
}
if (sortedusers[i].id.startsWith('ugrp/')) { icon = 4; }