mirror of
https://github.com/Ylianst/MeshCentral.git
synced 2025-01-25 21:53:14 -05:00
Validate user email domain when adding a new user
This commit is contained in:
parent
306c3314fa
commit
bf113954a5
21
common.js
21
common.js
@ -171,7 +171,28 @@ module.exports.validateEmail = function (email, minlen, maxlen) { if (module.exp
|
|||||||
module.exports.validateUsername = function (username, minlen, maxlen) { return (module.exports.validateString(username, minlen, maxlen) && (username.indexOf(' ') == -1) && (username.indexOf('"') == -1) && (username.indexOf(',') == -1)); };
|
module.exports.validateUsername = function (username, minlen, maxlen) { return (module.exports.validateString(username, minlen, maxlen) && (username.indexOf(' ') == -1) && (username.indexOf('"') == -1) && (username.indexOf(',') == -1)); };
|
||||||
module.exports.isAlphaNumeric = function (str) { return (str.match(/^[A-Za-z0-9]+$/) != null); };
|
module.exports.isAlphaNumeric = function (str) { return (str.match(/^[A-Za-z0-9]+$/) != null); };
|
||||||
module.exports.validateAlphaNumericArray = function (array, minlen, maxlen) { if (((array != null) && Array.isArray(array)) == false) return false; for (var i in array) { if ((typeof array[i] != 'string') || (module.exports.isAlphaNumeric(array[i]) == false) || ((minlen != null) && (array[i].length < minlen)) || ((maxlen != null) && (array[i].length > maxlen)) ) return false; } return true; };
|
module.exports.validateAlphaNumericArray = function (array, minlen, maxlen) { if (((array != null) && Array.isArray(array)) == false) return false; for (var i in array) { if ((typeof array[i] != 'string') || (module.exports.isAlphaNumeric(array[i]) == false) || ((minlen != null) && (array[i].length < minlen)) || ((maxlen != null) && (array[i].length > maxlen)) ) return false; } return true; };
|
||||||
|
module.exports.getEmailDomain = function(email) {
|
||||||
|
if (!module.exports.validateEmail(email, 1, 1024)) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
const i = email.indexOf('@');
|
||||||
|
return email.substring(i + 1).toLowerCase();
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports.validateEmailDomain = function(email, allowedDomains) {
|
||||||
|
// Check if this request is for an allows email domain
|
||||||
|
if ((allowedDomains != null) && Array.isArray(allowedDomains)) {
|
||||||
|
const emaildomain = module.exports.getEmailDomain(email);
|
||||||
|
if (emaildomain === '') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
var emailok = false;
|
||||||
|
for (var i in allowedDomains) { if (emaildomain == allowedDomains[i].toLowerCase()) { emailok = true; } }
|
||||||
|
return emailok;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
// Check password requirements
|
// Check password requirements
|
||||||
module.exports.checkPasswordRequirements = function(password, requirements) {
|
module.exports.checkPasswordRequirements = function(password, requirements) {
|
||||||
if ((requirements == null) || (requirements == '') || (typeof requirements != 'object')) return true;
|
if ((requirements == null) || (requirements == '') || (typeof requirements != 'object')) return true;
|
||||||
|
@ -5186,7 +5186,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
if (command.randomPassword === true) { command.pass = getRandomPassword(); }
|
if (command.randomPassword === true) { command.pass = getRandomPassword(); }
|
||||||
|
|
||||||
// Add a new user account
|
// Add a new user account
|
||||||
var err = null, errid = 0, newusername, newuserid, newuserdomain;
|
var err = null, errid = 0, args = null, newusername, newuserid, newuserdomain;
|
||||||
try {
|
try {
|
||||||
if ((user.siteadmin & MESHRIGHT_MANAGEUSERS) == 0) { err = "Permission denied"; errid = 1; }
|
if ((user.siteadmin & MESHRIGHT_MANAGEUSERS) == 0) { err = "Permission denied"; errid = 1; }
|
||||||
else if (common.validateUsername(command.username, 1, 256) == false) { err = "Invalid username"; errid = 2; } // Username is between 1 and 64 characters, no spaces
|
else if (common.validateUsername(command.username, 1, 256) == false) { err = "Invalid username"; errid = 2; } // Username is between 1 and 64 characters, no spaces
|
||||||
@ -5195,6 +5195,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
else if ((command.randomPassword !== true) && (common.checkPasswordRequirements(command.pass, domain.passwordrequirements) == false)) { err = "Invalid password"; errid = 3; } // Password does not meet requirements
|
else if ((command.randomPassword !== true) && (common.checkPasswordRequirements(command.pass, domain.passwordrequirements) == false)) { err = "Invalid password"; errid = 3; } // Password does not meet requirements
|
||||||
else if ((command.email != null) && (common.validateEmail(command.email, 1, 1024) == false)) { err = "Invalid email"; errid = 4; } // Check if this is a valid email address
|
else if ((command.email != null) && (common.validateEmail(command.email, 1, 1024) == false)) { err = "Invalid email"; errid = 4; } // Check if this is a valid email address
|
||||||
else if ((obj.crossDomain === true) && (command.domain != null) && ((typeof command.domain != 'string') || (parent.parent.config.domains[command.domain] == null))) { err = "Invalid domain"; errid = 5; } // Check if this is a valid domain
|
else if ((obj.crossDomain === true) && (command.domain != null) && ((typeof command.domain != 'string') || (parent.parent.config.domains[command.domain] == null))) { err = "Invalid domain"; errid = 5; } // Check if this is a valid domain
|
||||||
|
else if ((domain.newaccountemaildomains != null) && Array.isArray(domain.newaccountemaildomains) && !common.validateEmailDomain(command.email, domain.newaccountemaildomains)) { err = "Email domain is not allowed. Only (" + domain.newaccountemaildomains.join(', ') + ") are allowed."; errid=30; args = [common.getEmailDomain(command.email), domain.newaccountemaildomains.join(', ')]; }
|
||||||
else {
|
else {
|
||||||
newuserdomain = domain;
|
newuserdomain = domain;
|
||||||
if ((obj.crossDomain === true) && (command.domain != null)) { newuserdomain = parent.parent.config.domains[command.domain]; }
|
if ((obj.crossDomain === true) && (command.domain != null)) { newuserdomain = parent.parent.config.domains[command.domain]; }
|
||||||
@ -5215,7 +5216,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
|
|||||||
obj.send({ action: 'adduser', responseid: command.responseid, result: err, msgid: errid });
|
obj.send({ action: 'adduser', responseid: command.responseid, result: err, msgid: errid });
|
||||||
} else {
|
} else {
|
||||||
// Send error back, user not found.
|
// Send error back, user not found.
|
||||||
displayNotificationMessage(err, "New Account", 'ServerNotify', 1, errid);
|
displayNotificationMessage(err, "New Account", 'ServerNotify', 1, errid, args);
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -6437,7 +6437,8 @@
|
|||||||
"No phone number for this user",
|
"No phone number for this user",
|
||||||
"SMS succesfuly sent.",
|
"SMS succesfuly sent.",
|
||||||
"SMS error",
|
"SMS error",
|
||||||
"SMS error: {0}"
|
"SMS error: {0}",
|
||||||
|
"Email domain \"{0}\" is not allowed. Only ({1}) are allowed" // 30
|
||||||
];
|
];
|
||||||
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) { } }
|
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) { } }
|
||||||
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
||||||
|
@ -16063,7 +16063,8 @@
|
|||||||
"No phone number for this user",
|
"No phone number for this user",
|
||||||
"SMS succesfuly sent.",
|
"SMS succesfuly sent.",
|
||||||
"SMS error",
|
"SMS error",
|
||||||
"SMS error: {0}"
|
"SMS error: {0}",
|
||||||
|
"Email domain \"{0}\" is not allowed. Only ({1}) are allowed" // 30
|
||||||
];
|
];
|
||||||
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) {} }
|
if (typeof n.titleid == 'number') { try { n.title = translatedTitles[n.titleid]; } catch (ex) {} }
|
||||||
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
if (typeof n.msgid == 'number') { try { n.text = translatedMessages[n.msgid]; if (Array.isArray(n.args)) { n.text = format(n.text, n.args[0], n.args[1], n.args[2], n.args[3], n.args[4], n.args[5]); } } catch (ex) { } }
|
||||||
|
Loading…
x
Reference in New Issue
Block a user