mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-07-31 16:14:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

add createClient for testing

Browse source
This commit is contained in:
miloschwartz 2025-02-21 14:39:10 -05:00
parent 346f2db5fb
commit 35ccdd3014
No known key found for this signature in database
6 changed files with 279 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
server/db/schema.ts
View file

@ -121,6 +121,10 @@ export const clients = sqliteTable("clients", {
siteId: integer("siteId").references(() => sites.siteId, { siteId: integer("siteId").references(() => sites.siteId, {
onDelete: "cascade" onDelete: "cascade"
}), }),
orgId: text("orgId").references(() => orgs.orgId, {
onDelete: "cascade"
}),
name: text("name").notNull(),
pubKey: text("pubKey"), pubKey: text("pubKey"),
subnet: text("subnet").notNull(), subnet: text("subnet").notNull(),
megabytesIn: integer("bytesIn"), megabytesIn: integer("bytesIn"),

171
server/routers/client/createClient.ts Normal file
View file

@ -0,0 +1,171 @@
import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db } from "@server/db";
import {
roles,
userSites,
sites,
roleSites,
Site,
Client,
clients,
roleClients,
userClients,
olms
} from "@server/db/schema";
import response from "@server/lib/response";
import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors";
import logger from "@server/logger";
import { eq, and } from "drizzle-orm";
import { addPeer } from "../gerbil/peers";
import { fromError } from "zod-validation-error";
import { newts } from "@server/db/schema";
import moment from "moment";
import { hashPassword } from "@server/auth/password";
const createClientParamsSchema = z
.object({
siteId: z
.string()
.transform((val) => parseInt(val))
.pipe(z.number())
})
.strict();
const createClientSchema = z
.object({
name: z.string().min(1).max(255),
siteId: z.number().int().positive(),
pubKey: z.string(),
subnet: z.string(),
olmId: z.string(),
secret: z.string(),
type: z.enum(["olm"])
})
.strict();
export type CreateClientBody = z.infer<typeof createClientSchema>;
export type CreateClientResponse = Client;
export async function createClient(
req: Request,
res: Response,
next: NextFunction
): Promise<any> {
try {
const parsedBody = createClientSchema.safeParse(req.body);
if (!parsedBody.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedBody.error).toString()
)
);
}
const { name, type, siteId, pubKey, subnet, olmId, secret } =
parsedBody.data;
const parsedParams = createClientParamsSchema.safeParse(req.params);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error).toString()
)
);
}
const { siteId: paramSiteId } = parsedParams.data;
if (siteId != paramSiteId) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Site ID in body does not match site ID in URL"
)
);
}
if (!req.userOrgRoleId) {
return next(
createHttpError(HttpCode.FORBIDDEN, "User does not have a role")
);
}
const [site] = await db
.select()
.from(sites)
.where(eq(sites.siteId, siteId));
if (!site) {
return next(createHttpError(HttpCode.NOT_FOUND, "Site not found"));
}
await db.transaction(async (trx) => {
const adminRole = await trx
.select()
.from(roles)
.where(
and(eq(roles.isAdmin, true), eq(roles.orgId, site.orgId))
)
.limit(1);
if (adminRole.length === 0) {
trx.rollback();
return next(
createHttpError(HttpCode.NOT_FOUND, `Admin role not found`)
);
}
const [newClient] = await trx
.insert(clients)
.values({
siteId,
orgId: site.orgId,
name,
pubKey,
subnet,
type
})
.returning();
await trx.insert(roleClients).values({
roleId: adminRole[0].roleId,
clientId: newClient.clientId
});
if (req.userOrgRoleId != adminRole[0].roleId) {
// make sure the user can access the site
trx.insert(userClients).values({
userId: req.user?.userId!,
clientId: newClient.clientId
});
}
const secretHash = await hashPassword(secret);
await trx.insert(olms).values({
olmId,
secretHash,
clientId: newClient.clientId,
dateCreated: moment().toISOString()
});
return response<CreateClientResponse>(res, {
data: newClient,
success: true,
error: false,
message: "Site created successfully",
status: HttpCode.CREATED
});
});
} catch (error) {
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
);
}
}

94
server/routers/client/deleteClient.ts Normal file
View file

@ -0,0 +1,94 @@
import { Request, Response, NextFunction } from "express";
import { z } from "zod";
import { db } from "@server/db";
import { newts, newtSessions, sites } from "@server/db/schema";
import { eq } from "drizzle-orm";
import response from "@server/lib/response";
import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors";
import logger from "@server/logger";
import { deletePeer } from "../gerbil/peers";
import { fromError } from "zod-validation-error";
import { sendToClient } from "../ws";
const deleteClientSchema = z
.object({
siteId: z.string().transform(Number).pipe(z.number().int().positive())
})
.strict();
export async function deleteSite(
req: Request,
res: Response,
next: NextFunction
): Promise<any> {
try {
const parsedParams = deleteClientSchema.safeParse(req.params);
if (!parsedParams.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedParams.error).toString()
)
);
}
const { siteId } = parsedParams.data;
const [site] = await db
.select()
.from(sites)
.where(eq(sites.siteId, siteId))
.limit(1);
if (!site) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`Site with ID ${siteId} not found`
)
);
}
await db.transaction(async (trx) => {
if (site.pubKey) {
if (site.type == "wireguard") {
await deletePeer(site.exitNodeId!, site.pubKey);
} else if (site.type == "newt") {
// get the newt on the site by querying the newt table for siteId
const [deletedNewt] = await trx
.delete(newts)
.where(eq(newts.siteId, siteId))
.returning();
if (deletedNewt) {
const payload = {
type: `newt/terminate`,
data: {}
};
sendToClient(deletedNewt.newtId, payload);
// delete all of the sessions for the newt
await trx
.delete(newtSessions)
.where(eq(newtSessions.newtId, deletedNewt.newtId));
}
}
}
await trx.delete(sites).where(eq(sites.siteId, siteId));
});
return response(res, {
data: null,
success: true,
error: false,
message: "Site deleted successfully",
status: HttpCode.OK
});
} catch (error) {
logger.error(error);
return next(
createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
);
}
}

2
server/routers/client/index.ts
View file

@ -1 +1,3 @@
export * from "./pickClientDefaults"; export * from "./pickClientDefaults";
export * from "./createClient";
export * from "./deleteClient";

7
server/routers/external.ts
View file

@ -103,6 +103,13 @@ authenticated.get(
client.pickClientDefaults client.pickClientDefaults
); );
authenticated.put(
"/site/:siteId/client",
verifySiteAccess,
verifyUserHasAction(ActionsEnum.createClient),
client.createClient
);
// authenticated.get( // authenticated.get(
// "/site/:siteId/roles", // "/site/:siteId/roles",
// verifySiteAccess, // verifySiteAccess,

2
server/routers/site/createSite.ts
View file

@ -35,7 +35,7 @@ const createSiteSchema = z
subnet: z.string().optional(), subnet: z.string().optional(),
newtId: z.string().optional(), newtId: z.string().optional(),
secret: z.string().optional(), secret: z.string().optional(),
type: z.string() type: z.enum(["newt", "wireguard"])
}) })
.strict(); .strict();