add createClient for testing

2025-07-30 23:55:49 +02:00 · 2025-02-21 14:39:10 -05:00 · 2025-02-21 14:39:10 -05:00 · 35ccdd3014
commit 35ccdd3014
parent 346f2db5fb
6 changed files with 279 additions and 1 deletions
--- a/server/db/schema.ts
+++ b/server/db/schema.ts
@ -121,6 +121,10 @@ export const clients = sqliteTable("clients", {
    siteId: integer("siteId").references(() => sites.siteId, {
        onDelete: "cascade"
    }),
+    orgId: text("orgId").references(() => orgs.orgId, {
+        onDelete: "cascade"
+    }),
+    name: text("name").notNull(),
    pubKey: text("pubKey"),
    subnet: text("subnet").notNull(),
    megabytesIn: integer("bytesIn"),
--- a/server/routers/client/createClient.ts
+++ b/server/routers/client/createClient.ts
@ -0,0 +1,171 @@
+import { Request, Response, NextFunction } from "express";
+import { z } from "zod";
+import { db } from "@server/db";
+import {
+    roles,
+    userSites,
+    sites,
+    roleSites,
+    Site,
+    Client,
+    clients,
+    roleClients,
+    userClients,
+    olms
+} from "@server/db/schema";
+import response from "@server/lib/response";
+import HttpCode from "@server/types/HttpCode";
+import createHttpError from "http-errors";
+import logger from "@server/logger";
+import { eq, and } from "drizzle-orm";
+import { addPeer } from "../gerbil/peers";
+import { fromError } from "zod-validation-error";
+import { newts } from "@server/db/schema";
+import moment from "moment";
+import { hashPassword } from "@server/auth/password";
+
+const createClientParamsSchema = z
+    .object({
+        siteId: z
+            .string()
+            .transform((val) => parseInt(val))
+            .pipe(z.number())
+    })
+    .strict();
+
+const createClientSchema = z
+    .object({
+        name: z.string().min(1).max(255),
+        siteId: z.number().int().positive(),
+        pubKey: z.string(),
+        subnet: z.string(),
+        olmId: z.string(),
+        secret: z.string(),
+        type: z.enum(["olm"])
+    })
+    .strict();
+
+export type CreateClientBody = z.infer<typeof createClientSchema>;
+
+export type CreateClientResponse = Client;
+
+export async function createClient(
+    req: Request,
+    res: Response,
+    next: NextFunction
+): Promise<any> {
+    try {
+        const parsedBody = createClientSchema.safeParse(req.body);
+        if (!parsedBody.success) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    fromError(parsedBody.error).toString()
+                )
+            );
+        }
+
+        const { name, type, siteId, pubKey, subnet, olmId, secret } =
+            parsedBody.data;
+
+        const parsedParams = createClientParamsSchema.safeParse(req.params);
+        if (!parsedParams.success) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    fromError(parsedParams.error).toString()
+                )
+            );
+        }
+
+        const { siteId: paramSiteId } = parsedParams.data;
+
+        if (siteId != paramSiteId) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    "Site ID in body does not match site ID in URL"
+                )
+            );
+        }
+
+        if (!req.userOrgRoleId) {
+            return next(
+                createHttpError(HttpCode.FORBIDDEN, "User does not have a role")
+            );
+        }
+
+        const [site] = await db
+            .select()
+            .from(sites)
+            .where(eq(sites.siteId, siteId));
+
+        if (!site) {
+            return next(createHttpError(HttpCode.NOT_FOUND, "Site not found"));
+        }
+
+        await db.transaction(async (trx) => {
+            const adminRole = await trx
+                .select()
+                .from(roles)
+                .where(
+                    and(eq(roles.isAdmin, true), eq(roles.orgId, site.orgId))
+                )
+                .limit(1);
+
+            if (adminRole.length === 0) {
+                trx.rollback();
+                return next(
+                    createHttpError(HttpCode.NOT_FOUND, `Admin role not found`)
+                );
+            }
+
+            const [newClient] = await trx
+                .insert(clients)
+                .values({
+                    siteId,
+                    orgId: site.orgId,
+                    name,
+                    pubKey,
+                    subnet,
+                    type
+                })
+                .returning();
+
+            await trx.insert(roleClients).values({
+                roleId: adminRole[0].roleId,
+                clientId: newClient.clientId
+            });
+
+            if (req.userOrgRoleId != adminRole[0].roleId) {
+                // make sure the user can access the site
+                trx.insert(userClients).values({
+                    userId: req.user?.userId!,
+                    clientId: newClient.clientId
+                });
+            }
+
+            const secretHash = await hashPassword(secret);
+
+            await trx.insert(olms).values({
+                olmId,
+                secretHash,
+                clientId: newClient.clientId,
+                dateCreated: moment().toISOString()
+            });
+
+            return response<CreateClientResponse>(res, {
+                data: newClient,
+                success: true,
+                error: false,
+                message: "Site created successfully",
+                status: HttpCode.CREATED
+            });
+        });
+    } catch (error) {
+        logger.error(error);
+        return next(
+            createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
+        );
+    }
+}
--- a/server/routers/client/deleteClient.ts
+++ b/server/routers/client/deleteClient.ts
@ -0,0 +1,94 @@
+import { Request, Response, NextFunction } from "express";
+import { z } from "zod";
+import { db } from "@server/db";
+import { newts, newtSessions, sites } from "@server/db/schema";
+import { eq } from "drizzle-orm";
+import response from "@server/lib/response";
+import HttpCode from "@server/types/HttpCode";
+import createHttpError from "http-errors";
+import logger from "@server/logger";
+import { deletePeer } from "../gerbil/peers";
+import { fromError } from "zod-validation-error";
+import { sendToClient } from "../ws";
+
+const deleteClientSchema = z
+    .object({
+        siteId: z.string().transform(Number).pipe(z.number().int().positive())
+    })
+    .strict();
+
+export async function deleteSite(
+    req: Request,
+    res: Response,
+    next: NextFunction
+): Promise<any> {
+    try {
+        const parsedParams = deleteClientSchema.safeParse(req.params);
+        if (!parsedParams.success) {
+            return next(
+                createHttpError(
+                    HttpCode.BAD_REQUEST,
+                    fromError(parsedParams.error).toString()
+                )
+            );
+        }
+
+        const { siteId } = parsedParams.data;
+
+        const [site] = await db
+            .select()
+            .from(sites)
+            .where(eq(sites.siteId, siteId))
+            .limit(1);
+
+        if (!site) {
+            return next(
+                createHttpError(
+                    HttpCode.NOT_FOUND,
+                    `Site with ID ${siteId} not found`
+                )
+            );
+        }
+
+        await db.transaction(async (trx) => {
+            if (site.pubKey) {
+                if (site.type == "wireguard") {
+                    await deletePeer(site.exitNodeId!, site.pubKey);
+                } else if (site.type == "newt") {
+                    // get the newt on the site by querying the newt table for siteId
+                    const [deletedNewt] = await trx
+                        .delete(newts)
+                        .where(eq(newts.siteId, siteId))
+                        .returning();
+                    if (deletedNewt) {
+                        const payload = {
+                            type: `newt/terminate`,
+                            data: {}
+                        };
+                        sendToClient(deletedNewt.newtId, payload);
+
+                        // delete all of the sessions for the newt
+                        await trx
+                            .delete(newtSessions)
+                            .where(eq(newtSessions.newtId, deletedNewt.newtId));
+                    }
+                }
+            }
+
+            await trx.delete(sites).where(eq(sites.siteId, siteId));
+        });
+
+        return response(res, {
+            data: null,
+            success: true,
+            error: false,
+            message: "Site deleted successfully",
+            status: HttpCode.OK
+        });
+    } catch (error) {
+        logger.error(error);
+        return next(
+            createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred")
+        );
+    }
+}
--- a/server/routers/client/index.ts
+++ b/server/routers/client/index.ts
@ -1 +1,3 @@
 export * from "./pickClientDefaults";
+export * from "./createClient";
+export * from "./deleteClient";
--- a/server/routers/external.ts
+++ b/server/routers/external.ts
@ -103,6 +103,13 @@ authenticated.get(
    client.pickClientDefaults
 );

+authenticated.put(
+    "/site/:siteId/client",
+    verifySiteAccess,
+    verifyUserHasAction(ActionsEnum.createClient),
+    client.createClient
+);
+
 // authenticated.get(
 //     "/site/:siteId/roles",
 //     verifySiteAccess,
--- a/server/routers/site/createSite.ts
+++ b/server/routers/site/createSite.ts
@ -35,7 +35,7 @@ const createSiteSchema = z
        subnet: z.string().optional(),
        newtId: z.string().optional(),
        secret: z.string().optional(),
-        type: z.string()
+        type: z.enum(["newt", "wireguard"])
    })
    .strict();