From 6be0d308b7b07dd7182b2caff8cd47f69f152991 Mon Sep 17 00:00:00 2001 From: "Patrik J. Braun" Date: Sat, 3 Feb 2018 19:50:42 -0500 Subject: [PATCH] fixing sharing bugs --- backend/middlewares/GalleryMWs.ts | 7 +- backend/middlewares/RenderingMWs.ts | 3 +- backend/middlewares/user/AuthenticationMWs.ts | 18 +-- backend/model/sql/SharingManager.ts | 3 +- common/MessageTypes.ts | 14 -- common/entities/UserDTO.ts | 22 ++-- .../share/share.gallery.component.html | 24 ++-- .../gallery/share/share.gallery.component.ts | 9 +- frontend/app/login/login.component.html | 4 +- frontend/app/model/notification.service.ts | 5 +- frontend/index.html | 2 +- frontend/locale/messages.hu.xlf | 121 +++++++++++------- gulpfile.js | 5 +- package.json | 2 +- test/common/mocha.opts | 1 + test/common/unit/UserDTO.ts | 26 ++++ 16 files changed, 153 insertions(+), 113 deletions(-) delete mode 100644 common/MessageTypes.ts create mode 100644 test/common/mocha.opts create mode 100644 test/common/unit/UserDTO.ts diff --git a/backend/middlewares/GalleryMWs.ts b/backend/middlewares/GalleryMWs.ts index 77d8f51e..4c8523c7 100644 --- a/backend/middlewares/GalleryMWs.ts +++ b/backend/middlewares/GalleryMWs.ts @@ -18,10 +18,12 @@ export class GalleryMWs { public static async listDirectory(req: Request, res: Response, next: NextFunction) { + console.log("listDirectory"); let directoryName = req.params.directory || "/"; let absoluteDirectoryName = path.join(ProjectPath.ImageFolder, directoryName); if (!fs.statSync(absoluteDirectoryName).isDirectory()) { + console.log("not dir"); return next(); } @@ -29,12 +31,15 @@ export class GalleryMWs { const directory = await ObjectManagerRepository.getInstance().GalleryManager.listDirectory(directoryName, req.query.knownLastModified, req.query.knownLastScanned); if (directory == null) { + console.log("null dir"); req.resultPipe = new ContentWrapper(null, null, true); return next(); } + console.log(req.session.user); + console.log(directory); if (req.session.user.permissions && req.session.user.permissions.length > 0 && - req.session.user.permissions[0] != "/") { + req.session.user.permissions[0] != "/*") { (directory).directories = (directory).directories.filter(d => UserDTO.isDirectoryAvailable(d, req.session.user.permissions)); } diff --git a/backend/middlewares/RenderingMWs.ts b/backend/middlewares/RenderingMWs.ts index 009ce5b8..ce8cf5b1 100644 --- a/backend/middlewares/RenderingMWs.ts +++ b/backend/middlewares/RenderingMWs.ts @@ -62,8 +62,7 @@ export class RenderingMWs { if (err instanceof ErrorDTO) { if (err.details) { if (!(req.session.user && req.session.user.role >= UserRoles.Developer)) { - console.log(err); - Logger.warn("Handled error:", err.details.toString() || err.details); + Logger.warn("Handled error:", err); delete (err.details); } else { try { diff --git a/backend/middlewares/user/AuthenticationMWs.ts b/backend/middlewares/user/AuthenticationMWs.ts index 28eaad6e..177a36a6 100644 --- a/backend/middlewares/user/AuthenticationMWs.ts +++ b/backend/middlewares/user/AuthenticationMWs.ts @@ -90,15 +90,15 @@ export class AuthenticationMWs { public static authoriseDirectory(req: Request, res: Response, next: NextFunction) { if (req.session.user.permissions == null || req.session.user.permissions.length == 0 || - req.session.user.permissions[0] == "/") { + req.session.user.permissions[0] == "/*") { return next(); } const directoryName = req.params.directory || "/"; if (UserDTO.isPathAvailable(directoryName, req.session.user.permissions) == true) { return next(); - } + return next(new ErrorDTO(ErrorCodes.PERMISSION_DENIED)); } @@ -130,18 +130,6 @@ export class AuthenticationMWs { return next(); } catch (err) { - //if its a shared link, login as guest - /* try { - const user = Utils.clone(await AuthenticationMWs.getSharingUser(req)); - if (user) { - delete (user.password); - req.session.user = user; - return next(); - } - } catch (err) { - return next(new ErrorDTO(ErrorCodes.CREDENTIAL_NOT_FOUND, null, err)); - }*/ - return next(new ErrorDTO(ErrorCodes.CREDENTIAL_NOT_FOUND)); } @@ -167,7 +155,7 @@ export class AuthenticationMWs { }); if (!sharing || sharing.expires < Date.now() || (Config.Client.Sharing.passwordProtected === true - && sharing.password && !PasswordHelper.comparePassword(password, sharing.password))) { + && sharing.password && !PasswordHelper.comparePassword(password, sharing.password))) { return next(new ErrorDTO(ErrorCodes.CREDENTIAL_NOT_FOUND)); } diff --git a/backend/model/sql/SharingManager.ts b/backend/model/sql/SharingManager.ts index dc3a6cc2..7c87e0c3 100644 --- a/backend/model/sql/SharingManager.ts +++ b/backend/model/sql/SharingManager.ts @@ -44,8 +44,7 @@ export class SharingManager implements ISharingManager { if (sharing.timeStamp < Date.now() - Config.Server.sharing.updateTimeout) { throw "Sharing is locked, can't update anymore" } - - sharing.password = inSharing.password; + sharing.password = PasswordHelper.cryptPassword(inSharing.password); sharing.includeSubfolders = inSharing.includeSubfolders; sharing.expires = inSharing.expires; diff --git a/common/MessageTypes.ts b/common/MessageTypes.ts deleted file mode 100644 index e66961ef..00000000 --- a/common/MessageTypes.ts +++ /dev/null @@ -1,14 +0,0 @@ -export var MessageTypes = { - Client: { - Login: { - Authenticate: "Authenticate" - } - - }, - Server: { - Login: { - Authenticated: "Authenticated" - } - - } -}; diff --git a/common/entities/UserDTO.ts b/common/entities/UserDTO.ts index f50eb756..9b095095 100644 --- a/common/entities/UserDTO.ts +++ b/common/entities/UserDTO.ts @@ -1,6 +1,7 @@ import {DirectoryDTO} from "./DirectoryDTO"; import {Utils} from "../Utils"; -export enum UserRoles{ + +export enum UserRoles { LimitedGuest = 0, Guest = 1, User = 2, @@ -20,7 +21,7 @@ export interface UserDTO { export module UserDTO { export const isPathAvailable = (path: string, permissions: string[]): boolean => { - if (permissions == null || permissions.length == 0 || permissions[0] == "/") { + if (permissions == null || permissions.length == 0 || permissions[0] == "/*") { return true; } for (let i = 0; i < permissions.length; i++) { @@ -28,19 +29,20 @@ export module UserDTO { if (permission[permission.length - 1] == "*") { permission = permission.slice(0, -1); if (path.startsWith(permission)) { - return true - } - } else { - if (path == permission) { - return true - + return true; } + } else if (path == permission) { + return true; + } else if (path == "." && permission == "/") { + return true; } + } return false; }; - export const isDirectoryAvailable = (direcotry: DirectoryDTO, permissions: string[]): boolean => { - return isPathAvailable(Utils.concatUrls(direcotry.path, direcotry.name), permissions); + export const isDirectoryAvailable = (directory: DirectoryDTO, permissions: string[]): boolean => { + + return isPathAvailable(Utils.concatUrls(directory.path, directory.name), permissions); }; } diff --git a/frontend/app/gallery/share/share.gallery.component.html b/frontend/app/gallery/share/share.gallery.component.html index 11b49305..1442ffa0 100644 --- a/frontend/app/gallery/share/share.gallery.component.html +++ b/frontend/app/gallery/share/share.gallery.component.html @@ -37,10 +37,10 @@
-
+
-
+
@@ -48,7 +48,7 @@
-
+
@@ -62,23 +62,25 @@
-
+
+ : +
-
+
-
+
@@ -89,13 +91,13 @@
- -
diff --git a/frontend/app/gallery/share/share.gallery.component.ts b/frontend/app/gallery/share/share.gallery.component.ts index 50cb7b6c..fccf0303 100644 --- a/frontend/app/gallery/share/share.gallery.component.ts +++ b/frontend/app/gallery/share/share.gallery.component.ts @@ -29,18 +29,16 @@ export class GalleryShareComponent implements OnInit, OnDestroy { }, password: "" }; - validityTypes = []; currentDir: string = ""; sharing: SharingDTO = null; contentSubscription = null; passwordProtection = false; + ValidityTypes: any; constructor(private _sharingService: ShareService, public _galleryService: GalleryService, private _notification: NotificationService) { - this.validityTypes = Utils.enumToArray(ValidityTypes); - - + this.ValidityTypes = ValidityTypes; } @@ -87,13 +85,14 @@ export class GalleryShareComponent implements OnInit, OnDestroy { async get() { this.url = "loading.."; this.sharing = await this._sharingService.createSharing(this.currentDir, this.input.includeSubfolders, this.calcValidity()); - console.log(this.sharing); this.url = Config.Client.publicUrl + "/share/" + this.sharing.sharingKey } async showModal() { await this.get(); + this.input.password = ""; this.childModal.show(); + document.body.style.paddingRight = "0px"; } onCopy() { diff --git a/frontend/app/login/login.component.html b/frontend/app/login/login.component.html index 1ace8718..04f17df6 100644 --- a/frontend/app/login/login.component.html +++ b/frontend/app/login/login.component.html @@ -39,9 +39,7 @@
diff --git a/frontend/app/model/notification.service.ts b/frontend/app/model/notification.service.ts index 191be9b7..0b1a1808 100644 --- a/frontend/app/model/notification.service.ts +++ b/frontend/app/model/notification.service.ts @@ -3,7 +3,7 @@ import {ToastsManager} from "ng2-toastr/ng2-toastr"; import {NetworkService} from "./network/network.service"; import {AuthenticationService} from "./network/authentication.service"; import {NotificationDTO, NotificationType} from "../../../common/entities/NotificationDTO"; -import {UserDTO} from "../../../common/entities/UserDTO"; +import {UserDTO, UserRoles} from "../../../common/entities/UserDTO"; @Injectable() export class NotificationService { @@ -22,7 +22,8 @@ export class NotificationService { this._authService.user.subscribe(() => { if (this._authService.isAuthenticated() && (!this.lastUser || - this.lastUser.id != this._authService.user.value.id)) { + this.lastUser.id != this._authService.user.value.id) && + this._authService.user.value.role >= UserRoles.Guest) { this.getServerNotifications(); } this.lastUser = this._authService.user.value; diff --git a/frontend/index.html b/frontend/index.html index 2f6b8200..884384e3 100644 --- a/frontend/index.html +++ b/frontend/index.html @@ -15,7 +15,7 @@ - + Loading... diff --git a/frontend/locale/messages.hu.xlf b/frontend/locale/messages.hu.xlf index 57459a49..15a04bd2 100644 --- a/frontend/locale/messages.hu.xlf +++ b/frontend/locale/messages.hu.xlf @@ -48,7 +48,7 @@ app/gallery/share/share.gallery.component.ts - 66 + 67 app/settings/usermanager/usermanager.settings.component.ts @@ -60,12 +60,11 @@ Jelszó - - Remember - me + + Remember me app/login/login.component.ts - 41 + 42 Jegyezzen meg @@ -74,7 +73,7 @@ app/login/login.component.ts - 51 + 52 Belépés @@ -109,7 +108,7 @@ Link availability app/gallery/gallery.component.ts - 7 + 8 Link érvényes @@ -117,7 +116,7 @@ days app/gallery/gallery.component.ts - 7 + 10 nap @@ -127,7 +126,7 @@ app/gallery/gallery.component.ts - 35 + 39 Túl sok találat. Pontosítsd a keresést. @@ -135,7 +134,7 @@ Searching for: app/gallery/gallery.component.ts - 40 + 44 Keresés: @@ -143,7 +142,7 @@ Logout app/frame/frame.component.ts - 44 + 45 Kijelentkezés @@ -188,10 +187,42 @@ Valid: app/gallery/share/share.gallery.component.ts - 80 + 82 Érvényes: + + Minutes + + app/gallery/share/share.gallery.component.ts + 92 + + Perc + + + Hours + + app/gallery/share/share.gallery.component.ts + 93 + + Óra + + + Days + + app/gallery/share/share.gallery.component.ts + 94 + + Nap + + + Months + + app/gallery/share/share.gallery.component.ts + 95 + + Hónap + Server notifications @@ -404,7 +435,7 @@ is need app/settings/map/map.settings.component.ts - 32 + 33 van szükség @@ -413,11 +444,11 @@ app/settings/map/map.settings.component.ts - 40 + 41 app/settings/thumbnail/thumbanil.settings.component.ts - 96 + 98 app/settings/search/search.settings.component.ts @@ -442,11 +473,11 @@ app/settings/map/map.settings.component.ts - 43 + 44 app/settings/thumbnail/thumbanil.settings.component.ts - 99 + 101 app/settings/search/search.settings.component.ts @@ -474,20 +505,22 @@ Thumbnail beállítások - - It is highly recommended to use hardware accelerated (sharp or gm) lib for thumbnail generation + + It is highly recommended to use hardware accelerated (sharp or gm) lib for thumbnail + generation app/settings/thumbnail/thumbanil.settings.component.ts 10 - Nagyon ajánlott hardveresen gyorsított (sharp vagy gm) könyvtár használata a thumbnail generálásához + Nagyon ajánlott hardveres gyorsított (éles vagy gm) lib használata a miniatűrökhöz +        generáció Thumbnail generation library app/settings/thumbnail/thumbanil.settings.component.ts - 15 + 16 Thumbnail generáló könyvtár @@ -495,7 +528,7 @@ Make sure that sharp node module is installed (npm install sharp). app/settings/thumbnail/thumbanil.settings.component.ts - 23 + 24 Győződj meg arról, hogy a sharp node modul telepítve van (npm telepítés sharp). @@ -503,7 +536,7 @@ Make sure that gm node module and app/settings/thumbnail/thumbanil.settings.component.ts - 25 + 26 Győződjd meg arról, hogy a gm node modul és @@ -511,7 +544,7 @@ GraphicsMagick app/settings/thumbnail/thumbanil.settings.component.ts - 26 + 27 GraphicsMagick @@ -519,7 +552,7 @@ are installed (npm install sharp). app/settings/thumbnail/thumbanil.settings.component.ts - 26 + 27 telepítve van (npm install éles). @@ -527,7 +560,7 @@ Thumbnail folder app/settings/thumbnail/thumbanil.settings.component.ts - 32 + 33 Thumbnail mappa @@ -535,7 +568,7 @@ Thumbnails will be saved in this folder. Write access is required app/settings/thumbnail/thumbanil.settings.component.ts - 38 + 39 A thumbnail-ek ebben a mappában lesznek elmentve. Írási jog szükséges @@ -543,7 +576,7 @@ Thumbnail Quality app/settings/thumbnail/thumbanil.settings.component.ts - 43 + 44 Thumbnail minőség @@ -551,7 +584,7 @@ High quality may be slow. Especially with Jimp. app/settings/thumbnail/thumbanil.settings.component.ts - 57 + 58 A jó minőségű lassú lehet. Különösen a Jimp esetén. @@ -559,7 +592,7 @@ Icon size (used on maps) app/settings/thumbnail/thumbanil.settings.component.ts - 72 + 73 Ikonméret (térképeken használva) @@ -567,7 +600,7 @@ Thumbnail sizes app/settings/thumbnail/thumbanil.settings.component.ts - 78 + 79 Thumbnail méretek @@ -575,7 +608,7 @@ Size of the thumbnails. app/settings/thumbnail/thumbanil.settings.component.ts - 85 + 86 A thumbnail mérete. @@ -583,7 +616,7 @@ The best matching size will be generated. (More size gives better quality, but use storage to store and CPU to render.) app/settings/thumbnail/thumbanil.settings.component.ts - 86 + 87 A legjobban egyezett méret lesz generálva. (Több méret lehetőség jobb minőségéet eredményez, de processzort és tárhelyet fogyaszt) @@ -591,7 +624,7 @@ ';' separated integers. If size is 200, tha thumbnail will have 200^2 pixels. app/settings/thumbnail/thumbanil.settings.component.ts - 87 + 89 ';'-val elválasztott egész számok. Ha a méret 200, akkor a thumnail-ok 200^2 pixelből fognak állni. @@ -861,7 +894,7 @@ Set the reindexing sensitivity. High value check the folders for change more often app/settings/indexing/indexing.settings.component.ts - 44 + 45 Állítsa be az újraindexelés érzékenységét. A magasabb érzékenység gyarkabban ellenőrzi a mappákat válztozás @@ -870,7 +903,7 @@ app/settings/indexing/indexing.settings.component.ts - 51 + 52 Mentés @@ -879,7 +912,7 @@ app/settings/indexing/indexing.settings.component.ts - 54 + 55 Visszaállítás @@ -887,7 +920,7 @@ If you add a new folder to your gallery, the site indexes it automatically. app/settings/indexing/indexing.settings.component.ts - 60 + 61 Ha új mappát ad hozzá a galériához, a webhely automatikusan indexeli. @@ -895,7 +928,7 @@ If you would like to trigger indexing manually, click index button. app/settings/indexing/indexing.settings.component.ts - 61 + 62 Ha kézzel szeretné indítani az indexelést, kattintson az index gombra. @@ -903,7 +936,7 @@ Note: search ony searched among the indexed directories app/settings/indexing/indexing.settings.component.ts - 62 + 65 Megjegyzés: a keresés csak az indexelet mappákban működik @@ -912,7 +945,7 @@ app/settings/indexing/indexing.settings.component.ts - 84 + 88 Index @@ -921,7 +954,7 @@ app/settings/indexing/indexing.settings.component.ts - 89 + 93 Mégse @@ -930,10 +963,10 @@ app/settings/indexing/indexing.settings.component.ts - 93 + 97 Indexek törlése - \ No newline at end of file + diff --git a/gulpfile.js b/gulpfile.js index e1c81756..b927d30b 100644 --- a/gulpfile.js +++ b/gulpfile.js @@ -17,6 +17,7 @@ gulp.task('build-backend', function () { }); var createFornendTask = function (tpye, script) { + //console.log(tpye, script); gulp.task(tpye, function (cb) { exec(script, function (err, stdout, stderr) { console.log(stdout); @@ -38,7 +39,7 @@ gulp.task('build-frontend', function (done) { createFornendTask('build-frontend-release default', "ng build --aot -prod --output-path=./release/dist --no-progress"); tasks.push('build-frontend-release default'); for (var i = 0; i < files.length; i++) { - createFornendTask('build-frontend-release ' + languages[i], "ng build --aot -prod --output-path=./release/dist/" + languages[i] + " --no-progress --locale " + languages[i] + " --i18n-format xlf --i18n-file frontend/locale/" + files[i] + " --missing-translation warning"); + createFornendTask('build-frontend-release ' + languages[i], "ng build --aot -prod --output-path=./release/dist/" + languages[i] + " --no-progress --locale=" + languages[i] + " --i18n-format xlf --i18n-file frontend/locale/" + files[i] + " --missing-translation warning"); tasks.push('build-frontend-release ' + languages[i]); } tasks.push(function () { @@ -100,7 +101,7 @@ var simpleBuild = function (isProd) { createFornendTask('build-frontend default', cmd + "--output-path=./dist --no-progress"); tasks.push('build-frontend default'); for (var i = 0; i < files.length; i++) { - createFornendTask('build-frontend ' + languages[i], cmd + "--output-path=./dist/" + languages[i] + " --no-progress --locale " + languages[i] + " --i18n-format xlf --i18n-file frontend/locale/" + files[i] + " --missing-translation warning"); + createFornendTask('build-frontend ' + languages[i], cmd + "--output-path=./dist/" + languages[i] + " --no-progress --locale " + languages[i] + " --i18n-format=xlf --i18n-file=frontend/locale/" + files[i] + " --missing-translation warning"); tasks.push('build-frontend ' + languages[i]); } tasks.push(function () { diff --git a/package.json b/package.json index fa75a850..d6eecec5 100644 --- a/package.json +++ b/package.json @@ -11,7 +11,7 @@ "install": "tsc && gulp build-prod", "build-release": "gulp build-release", "pretest": "tsc", - "test": "ng test --single-run && mocha --recursive test/backend/unit && mocha --recursive test/backend/integration", + "test": "ng test --single-run && mocha --recursive test/backend/unit && mocha --recursive test/backend/integration && mocha --recursive test/common/unit ", "start": "node ./backend/index", "ng": "ng", "lint": "ng lint", diff --git a/test/common/mocha.opts b/test/common/mocha.opts new file mode 100644 index 00000000..4a523201 --- /dev/null +++ b/test/common/mocha.opts @@ -0,0 +1 @@ +--recursive diff --git a/test/common/unit/UserDTO.ts b/test/common/unit/UserDTO.ts new file mode 100644 index 00000000..22ca9d6d --- /dev/null +++ b/test/common/unit/UserDTO.ts @@ -0,0 +1,26 @@ +import {expect} from "chai"; +import {UserDTO} from "../../../common/entities/UserDTO"; + +describe('UserDTO', () => { + + + it('should check available path', () => { + expect(UserDTO.isPathAvailable("/", ["/"])).to.be.equals(true); + expect(UserDTO.isPathAvailable("/", ["/subfolder", "/"])).to.be.equals(true); + expect(UserDTO.isPathAvailable("/abc", ["/subfolder", "/"])).to.be.equals(false); + expect(UserDTO.isPathAvailable("/abc", ["/subfolder", "/*"])).to.be.equals(true); + expect(UserDTO.isPathAvailable("/abc", ["/subfolder"])).to.be.equals(false); + expect(UserDTO.isPathAvailable("/abc/two", ["/subfolder"])).to.be.equals(false); + expect(UserDTO.isPathAvailable("/abc/two", ["/"])).to.be.equals(false); + expect(UserDTO.isPathAvailable("/abc/two", ["/*"])).to.be.equals(true); + }); + + it('should check directory', () => { + expect(UserDTO.isDirectoryAvailable({path: "/", name: "abc"}, ["/*"])).to.be.equals(true); + expect(UserDTO.isDirectoryAvailable({path: "/", name: "abc"}, ["/"])).to.be.equals(false); + expect(UserDTO.isDirectoryAvailable({path: ".\\", name: "."}, ["/"])).to.be.equals(true); + expect(UserDTO.isDirectoryAvailable({path: "/", name: "abc"}, ["/*", "/asdad"])).to.be.equals(true); + }); + + +});