mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-07-29 23:25:58 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Resources working with new picker

Browse source
This commit is contained in:
Owen 2025-07-14 15:36:15 -07:00
parent ec57996b01
commit 78661799f2
No known key found for this signature in database
GPG key ID: 8271FDFFD9E0CCBD
6 changed files with 218 additions and 160 deletions
Download patch file Download diff file Expand all files Collapse all files

3
messages/en-US.json
View file

@ -1213,5 +1213,6 @@
"domainNotFoundDescription": "This resource is disabled because the domain no longer exists our system. Please set a new domain for this resource.", "domainNotFoundDescription": "This resource is disabled because the domain no longer exists our system. Please set a new domain for this resource.",
"failed": "Failed", "failed": "Failed",
"createNewOrgDescription": "Create a new organization", "createNewOrgDescription": "Create a new organization",
"organization": "Organization" "organization": "Organization",
"port": "Port"
} }

100
server/routers/resource/createResource.ts
View file

@ -21,6 +21,7 @@ import logger from "@server/logger";
import { subdomainSchema } from "@server/lib/schemas"; import { subdomainSchema } from "@server/lib/schemas";
import config from "@server/lib/config"; import config from "@server/lib/config";
import { OpenAPITags, registry } from "@server/openApi"; import { OpenAPITags, registry } from "@server/openApi";
import { build } from "@server/build";
const createResourceParamsSchema = z const createResourceParamsSchema = z
.object({ .object({
@ -36,7 +37,6 @@ const createHttpResourceSchema = z
.string() .string()
.optional() .optional()
.transform((val) => val?.toLowerCase()), .transform((val) => val?.toLowerCase()),
isBaseDomain: z.boolean().optional(),
siteId: z.number(), siteId: z.number(),
http: z.boolean(), http: z.boolean(),
protocol: z.enum(["tcp", "udp"]), protocol: z.enum(["tcp", "udp"]),
@ -52,19 +52,6 @@ const createHttpResourceSchema = z
}, },
{ message: "Invalid subdomain" } { message: "Invalid subdomain" }
) )
.refine(
(data) => {
if (!config.getRawConfig().flags?.allow_base_domain_resources) {
if (data.isBaseDomain) {
return false;
}
}
return true;
},
{
message: "Base domain resources are not allowed"
}
);
const createRawResourceSchema = z const createRawResourceSchema = z
.object({ .object({
@ -101,9 +88,12 @@ registry.registerPath({
body: { body: {
content: { content: {
"application/json": { "application/json": {
schema: createHttpResourceSchema.or( schema:
build == "oss"
? createHttpResourceSchema.or(
createRawResourceSchema createRawResourceSchema
) )
: createHttpResourceSchema
} }
} }
} }
@ -166,7 +156,7 @@ export async function createResource(
{ siteId, orgId } { siteId, orgId }
); );
} else { } else {
if (!config.getRawConfig().flags?.allow_raw_resources) { if (!config.getRawConfig().flags?.allow_raw_resources && build == "oss") {
return next( return next(
createHttpError( createHttpError(
HttpCode.BAD_REQUEST, HttpCode.BAD_REQUEST,
@ -211,34 +201,80 @@ async function createHttpResource(
); );
} }
const { name, subdomain, isBaseDomain, http, protocol, domainId } = const { name, subdomain, domainId } = parsedBody.data;
parsedBody.data;
const [orgDomain] = await db const [domainRes] = await db
.select() .select()
.from(orgDomains) .from(domains)
.where( .where(eq(domains.domainId, domainId))
.leftJoin(
orgDomains,
and(eq(orgDomains.orgId, orgId), eq(orgDomains.domainId, domainId)) and(eq(orgDomains.orgId, orgId), eq(orgDomains.domainId, domainId))
) );
.leftJoin(domains, eq(orgDomains.domainId, domains.domainId));
if (!orgDomain || !orgDomain.domains) { if (!domainRes || !domainRes.domains) {
return next( return next(
createHttpError( createHttpError(
HttpCode.NOT_FOUND, HttpCode.NOT_FOUND,
`Domain with ID ${parsedBody.data.domainId} not found` `Domain with ID ${domainId} not found`
) )
); );
} }
const domain = orgDomain.domains; if (domainRes.orgDomains && domainRes.orgDomains.orgId !== orgId) {
return next(
createHttpError(
HttpCode.FORBIDDEN,
`Organization does not have access to domain with ID ${domainId}`
)
);
}
if (!domainRes.domains.verified) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
`Domain with ID ${domainRes.domains.domainId} is not verified`
)
);
}
let fullDomain = ""; let fullDomain = "";
if (isBaseDomain) { if (domainRes.domains.type == "ns") {
fullDomain = domain.baseDomain; if (subdomain) {
fullDomain = `${subdomain}.${domainRes.domains.baseDomain}`;
} else { } else {
fullDomain = `${subdomain}.${domain.baseDomain}`; fullDomain = domainRes.domains.baseDomain;
} }
} else if (domainRes.domains.type == "cname") {
fullDomain = domainRes.domains.baseDomain;
} else if (domainRes.domains.type == "wildcard") {
if (subdomain) {
// the subdomain cant have a dot in it
const parsedSubdomain = subdomainSchema.safeParse(subdomain);
if (!parsedSubdomain.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedSubdomain.error).toString()
)
);
}
if (parsedSubdomain.data.includes(".")) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Subdomain cannot contain a dot when using wildcard domains"
)
);
}
fullDomain = `${subdomain}.${domainRes.domains.baseDomain}`;
} else {
fullDomain = domainRes.domains.baseDomain;
}
}
fullDomain = fullDomain.toLowerCase();
logger.debug(`Full domain: ${fullDomain}`); logger.debug(`Full domain: ${fullDomain}`);
@ -269,10 +305,10 @@ async function createHttpResource(
orgId, orgId,
name, name,
subdomain, subdomain,
http, http: true,
protocol, protocol: "tcp",
ssl: true, ssl: true,
isBaseDomain isBaseDomain: false
}) })
.returning(); .returning();

158
server/routers/resource/updateResource.ts
View file

@ -20,6 +20,7 @@ import { tlsNameSchema } from "@server/lib/schemas";
import { subdomainSchema } from "@server/lib/schemas"; import { subdomainSchema } from "@server/lib/schemas";
import { registry } from "@server/openApi"; import { registry } from "@server/openApi";
import { OpenAPITags } from "@server/openApi"; import { OpenAPITags } from "@server/openApi";
import { build } from "@server/build";
const updateResourceParamsSchema = z const updateResourceParamsSchema = z
.object({ .object({
@ -40,7 +41,6 @@ const updateHttpResourceBodySchema = z
sso: z.boolean().optional(), sso: z.boolean().optional(),
blockAccess: z.boolean().optional(), blockAccess: z.boolean().optional(),
emailWhitelistEnabled: z.boolean().optional(), emailWhitelistEnabled: z.boolean().optional(),
isBaseDomain: z.boolean().optional(),
applyRules: z.boolean().optional(), applyRules: z.boolean().optional(),
domainId: z.string().optional(), domainId: z.string().optional(),
enabled: z.boolean().optional(), enabled: z.boolean().optional(),
@ -61,19 +61,6 @@ const updateHttpResourceBodySchema = z
}, },
{ message: "Invalid subdomain" } { message: "Invalid subdomain" }
) )
.refine(
(data) => {
if (!config.getRawConfig().flags?.allow_base_domain_resources) {
if (data.isBaseDomain) {
return false;
}
}
return true;
},
{
message: "Base domain resources are not allowed"
}
)
.refine( .refine(
(data) => { (data) => {
if (data.tlsServerName) { if (data.tlsServerName) {
@ -134,9 +121,12 @@ registry.registerPath({
body: { body: {
content: { content: {
"application/json": { "application/json": {
schema: updateHttpResourceBodySchema.and( schema:
build == "oss"
? updateHttpResourceBodySchema.and(
updateRawResourceBodySchema updateRawResourceBodySchema
) )
: updateHttpResourceBodySchema
} }
} }
} }
@ -242,44 +232,89 @@ async function updateHttpResource(
const updateData = parsedBody.data; const updateData = parsedBody.data;
if (updateData.domainId) { if (updateData.domainId) {
const [existingDomain] = await db const domainId = updateData.domainId;
.select()
.from(orgDomains)
.where(
and(
eq(orgDomains.orgId, org.orgId),
eq(orgDomains.domainId, updateData.domainId)
)
)
.leftJoin(domains, eq(orgDomains.domainId, domains.domainId));
if (!existingDomain) { const [domainRes] = await db
return next(
createHttpError(HttpCode.NOT_FOUND, `Domain not found`)
);
}
}
const domainId = updateData.domainId || resource.domainId!;
const subdomain = updateData.subdomain || resource.subdomain;
const [domain] = await db
.select() .select()
.from(domains) .from(domains)
.where(eq(domains.domainId, domainId)); .where(eq(domains.domainId, domainId))
.leftJoin(
orgDomains,
and(
eq(orgDomains.orgId, resource.orgId),
eq(orgDomains.domainId, domainId)
)
);
const isBaseDomain = if (!domainRes || !domainRes.domains) {
updateData.isBaseDomain !== undefined return next(
? updateData.isBaseDomain createHttpError(
: resource.isBaseDomain; HttpCode.NOT_FOUND,
`Domain with ID ${updateData.domainId} not found`
let fullDomain: string | null = null; )
if (isBaseDomain) { );
fullDomain = domain.baseDomain;
} else if (subdomain && domain) {
fullDomain = `${subdomain}.${domain.baseDomain}`;
} }
if (
domainRes.orgDomains &&
domainRes.orgDomains.orgId !== resource.orgId
) {
return next(
createHttpError(
HttpCode.FORBIDDEN,
`You do not have permission to use domain with ID ${updateData.domainId}`
)
);
}
if (!domainRes.domains.verified) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
`Domain with ID ${updateData.domainId} is not verified`
)
);
}
let fullDomain = "";
if (domainRes.domains.type == "ns") {
if (updateData.subdomain) {
fullDomain = `${updateData.subdomain}.${domainRes.domains.baseDomain}`;
} else {
fullDomain = domainRes.domains.baseDomain;
}
} else if (domainRes.domains.type == "cname") {
fullDomain = domainRes.domains.baseDomain;
} else if (domainRes.domains.type == "wildcard") {
if (updateData.subdomain) {
// the subdomain cant have a dot in it
const parsedSubdomain = subdomainSchema.safeParse(updateData.subdomain);
if (!parsedSubdomain.success) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
fromError(parsedSubdomain.error).toString()
)
);
}
if (parsedSubdomain.data.includes(".")) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Subdomain cannot contain a dot when using wildcard domains"
)
);
}
fullDomain = `${updateData.subdomain}.${domainRes.domains.baseDomain}`;
} else {
fullDomain = domainRes.domains.baseDomain;
}
}
fullDomain = fullDomain.toLowerCase();
logger.debug(`Full domain: ${fullDomain}`);
if (fullDomain) { if (fullDomain) {
const [existingDomain] = await db const [existingDomain] = await db
.select() .select()
@ -299,29 +334,18 @@ async function updateHttpResource(
} }
} }
const updatePayload = { // update the full domain if it has changed
...updateData, if (fullDomain && fullDomain !== resource.fullDomain) {
fullDomain await db
}; .update(resources)
.set({ fullDomain })
.where(eq(resources.resourceId, resource.resourceId));
}
}
const updatedResource = await db const updatedResource = await db
.update(resources) .update(resources)
.set({ .set(updateData)
name: updatePayload.name,
subdomain: updatePayload.subdomain,
ssl: updatePayload.ssl,
sso: updatePayload.sso,
blockAccess: updatePayload.blockAccess,
emailWhitelistEnabled: updatePayload.emailWhitelistEnabled,
isBaseDomain: updatePayload.isBaseDomain,
applyRules: updatePayload.applyRules,
domainId: updatePayload.domainId,
enabled: updatePayload.enabled,
stickySession: updatePayload.stickySession,
tlsServerName: updatePayload.tlsServerName,
setHostHeader: updatePayload.setHostHeader,
fullDomain: updatePayload.fullDomain
})
.where(eq(resources.resourceId, resource.resourceId)) .where(eq(resources.resourceId, resource.resourceId))
.returning(); .returning();

20
src/app/[orgId]/settings/resources/ResourcesTable.tsx
View file

@ -162,18 +162,16 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) {
const resourceRow = row.original; const resourceRow = row.original;
return ( return (
<div className="flex items-center space-x-2"> <div className="flex items-center space-x-2">
{!resourceRow.domainId ? (
<InfoPopup
info={t("domainNotFoundDescription")}
text={t("domainNotFound")}
/>
) : (
<div>
{!resourceRow.http ? ( {!resourceRow.http ? (
<CopyToClipboard <CopyToClipboard
text={resourceRow.proxyPort!.toString()} text={resourceRow.proxyPort!.toString()}
isLink={false} isLink={false}
/> />
) : !resourceRow.domainId ? (
<InfoPopup
info={t("domainNotFoundDescription")}
text={t("domainNotFound")}
/>
) : ( ) : (
<CopyToClipboard <CopyToClipboard
text={resourceRow.domain} text={resourceRow.domain}
@ -181,8 +179,6 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) {
/> />
)} )}
</div> </div>
)}
</div>
); );
} }
}, },
@ -228,9 +224,11 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) {
cell: ({ row }) => ( cell: ({ row }) => (
<Switch <Switch
defaultChecked={ defaultChecked={
!row.original.domainId ? false : row.original.enabled row.original.http
? (!!row.original.domainId && row.original.enabled)
: row.original.enabled
} }
disabled={!row.original.domainId} disabled={row.original.http ? !row.original.domainId : false}
onCheckedChange={(val) => onCheckedChange={(val) =>
toggleResourceEnabled(val, row.original.id) toggleResourceEnabled(val, row.original.id)
} }

38
src/app/[orgId]/settings/resources/[resourceId]/proxy/page.tsx
View file

@ -339,34 +339,32 @@ export default function ReverseProxyTargets(props: {
await api.delete(`/target/${targetId}`); await api.delete(`/target/${targetId}`);
} }
// Save sticky session setting if (resource.http) {
// Gather all settings
const stickySessionData = targetsSettingsForm.getValues(); const stickySessionData = targetsSettingsForm.getValues();
await api.post(`/resource/${params.resourceId}`, {
stickySession: stickySessionData.stickySession
});
updateResource({ stickySession: stickySessionData.stickySession });
// Save TLS settings
const tlsData = tlsSettingsForm.getValues(); const tlsData = tlsSettingsForm.getValues();
await api.post(`/resource/${params.resourceId}`, {
ssl: tlsData.ssl,
tlsServerName: tlsData.tlsServerName || null
});
updateResource({
...resource,
ssl: tlsData.ssl,
tlsServerName: tlsData.tlsServerName || null
});
// Save proxy settings
const proxyData = proxySettingsForm.getValues(); const proxyData = proxySettingsForm.getValues();
await api.post(`/resource/${params.resourceId}`, {
// Combine into one payload
const payload = {
stickySession: stickySessionData.stickySession,
ssl: tlsData.ssl,
tlsServerName: tlsData.tlsServerName || null,
setHostHeader: proxyData.setHostHeader || null setHostHeader: proxyData.setHostHeader || null
}); };
// Single API call to update all settings
await api.post(`/resource/${params.resourceId}`, payload);
// Update local resource context
updateResource({ updateResource({
...resource, ...resource,
stickySession: stickySessionData.stickySession,
ssl: tlsData.ssl,
tlsServerName: tlsData.tlsServerName || null,
setHostHeader: proxyData.setHostHeader || null setHostHeader: proxyData.setHostHeader || null
}); });
}
toast({ toast({
title: t("settingsUpdated"), title: t("settingsUpdated"),

3
src/app/[orgId]/settings/resources/create/page.tsx
View file

@ -165,7 +165,8 @@ export default function Page() {
const httpData = httpForm.getValues(); const httpData = httpForm.getValues();
Object.assign(payload, { Object.assign(payload, {
subdomain: httpData.subdomain, subdomain: httpData.subdomain,
domainId: httpData.domainId domainId: httpData.domainId,
protocol: "tcp",
}); });
} else { } else {
const tcpUdpData = tcpUdpForm.getValues(); const tcpUdpData = tcpUdpForm.getValues();