API: make all resources users-agnostic

pull/3571/head
M1CK431 1 year ago
parent b719d11500
commit d5db40f40d

@ -19,9 +19,7 @@ async function sendNotificationList(socket) {
const timeLogger = new TimeLogger(); const timeLogger = new TimeLogger();
let result = []; let result = [];
let list = await R.find("notification", " user_id = ? ", [ let list = await R.findAll("notification");
socket.userID,
]);
for (let bean of list) { for (let bean of list) {
let notificationObject = bean.export(); let notificationObject = bean.export();
@ -102,7 +100,7 @@ async function sendImportantHeartbeatList(socket, monitorID, toUser = false, ove
async function sendProxyList(socket) { async function sendProxyList(socket) {
const timeLogger = new TimeLogger(); const timeLogger = new TimeLogger();
const list = await R.find("proxy", " user_id = ? ", [ socket.userID ]); const list = await R.findAll("proxy");
io.to(socket.userID).emit("proxyList", list.map(bean => bean.export())); io.to(socket.userID).emit("proxyList", list.map(bean => bean.export()));
timeLogger.print("Send Proxy List"); timeLogger.print("Send Proxy List");
@ -174,9 +172,7 @@ async function sendDockerHostList(socket) {
const timeLogger = new TimeLogger(); const timeLogger = new TimeLogger();
let result = []; let result = [];
let list = await R.find("docker_host", " user_id = ? ", [ let list = await R.findAll("docker_host");
socket.userID,
]);
for (let bean of list) { for (let bean of list) {
result.push(bean.toJSON()); result.push(bean.toJSON());

@ -23,7 +23,7 @@ class DockerHost {
let bean; let bean;
if (dockerHostID) { if (dockerHostID) {
bean = await R.findOne("docker_host", " id = ? AND user_id = ? ", [ dockerHostID, userID ]); bean = await R.findOne("docker_host", " id = ? ", [ dockerHostID ]);
if (!bean) { if (!bean) {
throw new Error("docker host not found"); throw new Error("docker host not found");
@ -46,11 +46,10 @@ class DockerHost {
/** /**
* Delete a Docker host * Delete a Docker host
* @param {number} dockerHostID ID of the Docker host to delete * @param {number} dockerHostID ID of the Docker host to delete
* @param {number} userID ID of the user who created the Docker host
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
static async delete(dockerHostID, userID) { static async delete(dockerHostID) {
let bean = await R.findOne("docker_host", " id = ? AND user_id = ? ", [ dockerHostID, userID ]); let bean = await R.findOne("docker_host", " id = ? ", [ dockerHostID ]);
if (!bean) { if (!bean) {
throw new Error("docker host not found"); throw new Error("docker host not found");

@ -194,10 +194,7 @@ class Notification {
let bean; let bean;
if (notificationID) { if (notificationID) {
bean = await R.findOne("notification", " id = ? AND user_id = ? ", [ bean = await R.findOne("notification", " id = ? ", [ notificationID ]);
notificationID,
userID,
]);
if (! bean) { if (! bean) {
throw new Error("notification not found"); throw new Error("notification not found");
@ -223,14 +220,10 @@ class Notification {
/** /**
* Delete a notification * Delete a notification
* @param {number} notificationID ID of notification to delete * @param {number} notificationID ID of notification to delete
* @param {number} userID ID of user who created notification
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
static async delete(notificationID, userID) { static async delete(notificationID) {
let bean = await R.findOne("notification", " id = ? AND user_id = ? ", [ let bean = await R.findOne("notification", " id = ? ", [ notificationID ]);
notificationID,
userID,
]);
if (! bean) { if (! bean) {
throw new Error("notification not found"); throw new Error("notification not found");
@ -254,13 +247,10 @@ class Notification {
/** /**
* Apply the notification to every monitor * Apply the notification to every monitor
* @param {number} notificationID ID of notification to apply * @param {number} notificationID ID of notification to apply
* @param {number} userID ID of user who created notification
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
async function applyNotificationEveryMonitor(notificationID, userID) { async function applyNotificationEveryMonitor(notificationID) {
let monitors = await R.getAll("SELECT id FROM monitor WHERE user_id = ?", [ let monitors = await R.getAll("SELECT id FROM monitor");
userID
]);
for (let i = 0; i < monitors.length; i++) { for (let i = 0; i < monitors.length; i++) {
let checkNotification = await R.findOne("monitor_notification", " monitor_id = ? AND notification_id = ? ", [ let checkNotification = await R.findOne("monitor_notification", " monitor_id = ? AND notification_id = ? ", [

@ -22,7 +22,7 @@ class Proxy {
let bean; let bean;
if (proxyID) { if (proxyID) {
bean = await R.findOne("proxy", " id = ? AND user_id = ? ", [ proxyID, userID ]); bean = await R.findOne("proxy", " id = ? ", [ proxyID ]);
if (!bean) { if (!bean) {
throw new Error("proxy not found"); throw new Error("proxy not found");
@ -67,11 +67,10 @@ class Proxy {
/** /**
* Deletes proxy with given id and removes it from monitors * Deletes proxy with given id and removes it from monitors
* @param {number} proxyID ID of proxy to delete * @param {number} proxyID ID of proxy to delete
* @param {number} userID ID of proxy owner
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
static async delete(proxyID, userID) { static async delete(proxyID) {
const bean = await R.findOne("proxy", " id = ? AND user_id = ? ", [ proxyID, userID ]); const bean = await R.findOne("proxy", " id = ? ", [ proxyID ]);
if (!bean) { if (!bean) {
throw new Error("proxy not found"); throw new Error("proxy not found");
@ -182,12 +181,11 @@ class Proxy {
/** /**
* Applies given proxy id to monitors * Applies given proxy id to monitors
* @param {number} proxyID ID of proxy to apply * @param {number} proxyID ID of proxy to apply
* @param {number} userID ID of proxy owner
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
async function applyProxyEveryMonitor(proxyID, userID) { async function applyProxyEveryMonitor(proxyID) {
// Find all monitors with id and proxy id // Find all monitors with id and proxy id
const monitors = await R.getAll("SELECT id, proxy_id FROM monitor WHERE user_id = ?", [ userID ]); const monitors = await R.getAll("SELECT id, proxy_id FROM monitor");
// Update proxy id not match with given proxy id // Update proxy id not match with given proxy id
for (const monitor of monitors) { for (const monitor of monitors) {

@ -761,10 +761,6 @@ let needSetup = false;
let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]); let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]);
if (bean.user_id !== socket.userID) {
throw new Error("Permission denied.");
}
// Check if Parent is Descendant (would cause endless loop) // Check if Parent is Descendant (would cause endless loop)
if (monitor.parent !== null) { if (monitor.parent !== null) {
const childIDs = await Monitor.getAllChildrenIDs(monitor.id); const childIDs = await Monitor.getAllChildrenIDs(monitor.id);
@ -924,10 +920,7 @@ let needSetup = false;
log.info("monitor", `Get Monitor: ${monitorID} User ID: ${socket.userID}`); log.info("monitor", `Get Monitor: ${monitorID} User ID: ${socket.userID}`);
let monitor = await R.findOne("monitor", " id = ? AND user_id = ? ", [ let monitor = await R.findOne("monitor", " id = ? ", [ monitorID ]);
monitorID,
socket.userID,
]);
const monitorData = [{ id: monitor.id, const monitorData = [{ id: monitor.id,
active: monitor.active active: monitor.active
}]; }];
@ -1034,10 +1027,7 @@ let needSetup = false;
const startTime = Date.now(); const startTime = Date.now();
await R.exec("DELETE FROM monitor WHERE id = ? AND user_id = ? ", [ await R.exec("DELETE FROM monitor WHERE id = ? ", [ monitorID ]);
monitorID,
socket.userID,
]);
// Fix #2880 // Fix #2880
apicache.clear(); apicache.clear();
@ -1638,24 +1628,6 @@ async function updateMonitorNotification(monitorID, notificationIDList) {
} }
} }
/**
* Check if a given user owns a specific monitor
* @param {number} userID ID of user to check
* @param {number} monitorID ID of monitor to check
* @returns {Promise<void>}
* @throws {Error} The specified user does not own the monitor
*/
async function checkOwner(userID, monitorID) {
let row = await R.getRow("SELECT id FROM monitor WHERE id = ? AND user_id = ? ", [
monitorID,
userID,
]);
if (! row) {
throw new Error("You do not own this monitor.");
}
}
/** /**
* Function called after user login * Function called after user login
* This function is used to send the heartbeat list of a monitor. * This function is used to send the heartbeat list of a monitor.
@ -1739,14 +1711,9 @@ async function initDatabase(testMode = false) {
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
async function startMonitor(userID, monitorID) { async function startMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
log.info("manage", `Resume Monitor: ${monitorID} User ID: ${userID}`); log.info("manage", `Resume Monitor: ${monitorID} User ID: ${userID}`);
await R.exec("UPDATE monitor SET active = 1 WHERE id = ? AND user_id = ? ", [ await R.exec("UPDATE monitor SET active = 1 WHERE id = ? ", [ monitorID ]);
monitorID,
userID,
]);
let monitor = await R.findOne("monitor", " id = ? ", [ let monitor = await R.findOne("monitor", " id = ? ", [
monitorID, monitorID,
@ -1777,14 +1744,9 @@ async function restartMonitor(userID, monitorID) {
* @returns {Promise<void>} * @returns {Promise<void>}
*/ */
async function pauseMonitor(userID, monitorID) { async function pauseMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
log.info("manage", `Pause Monitor: ${monitorID} User ID: ${userID}`); log.info("manage", `Pause Monitor: ${monitorID} User ID: ${userID}`);
await R.exec("UPDATE monitor SET active = 0 WHERE id = ? AND user_id = ? ", [ await R.exec("UPDATE monitor SET active = 0 WHERE id = ? ", [ monitorID ]);
monitorID,
userID,
]);
if (monitorID in server.monitorList) { if (monitorID in server.monitorList) {
await server.monitorList[monitorID].stop(); await server.monitorList[monitorID].stop();

@ -74,10 +74,7 @@ module.exports.apiKeySocketHandler = (socket) => {
log.debug("apikeys", `Deleted API Key: ${keyID} User ID: ${socket.userID}`); log.debug("apikeys", `Deleted API Key: ${keyID} User ID: ${socket.userID}`);
await R.exec("DELETE FROM api_key WHERE id = ? AND user_id = ? ", [ await R.exec("DELETE FROM api_key WHERE id = ? ", [ keyID ]);
keyID,
socket.userID,
]);
apicache.clear(); apicache.clear();

@ -50,10 +50,6 @@ module.exports.maintenanceSocketHandler = (socket) => {
let bean = server.getMaintenance(maintenance.id); let bean = server.getMaintenance(maintenance.id);
if (bean.user_id !== socket.userID) {
throw new Error("Permission denied.");
}
await Maintenance.jsonToBean(bean, maintenance); await Maintenance.jsonToBean(bean, maintenance);
await R.store(bean); await R.store(bean);
await bean.run(true); await bean.run(true);
@ -151,10 +147,7 @@ module.exports.maintenanceSocketHandler = (socket) => {
log.debug("maintenance", `Get Maintenance: ${maintenanceID} User ID: ${socket.userID}`); log.debug("maintenance", `Get Maintenance: ${maintenanceID} User ID: ${socket.userID}`);
let bean = await R.findOne("maintenance", " id = ? AND user_id = ? ", [ let bean = await R.findOne("maintenance", " id = ? ", [ maintenanceID ]);
maintenanceID,
socket.userID,
]);
callback({ callback({
ok: true, ok: true,
@ -244,10 +237,7 @@ module.exports.maintenanceSocketHandler = (socket) => {
delete server.maintenanceList[maintenanceID]; delete server.maintenanceList[maintenanceID];
} }
await R.exec("DELETE FROM maintenance WHERE id = ? AND user_id = ? ", [ await R.exec("DELETE FROM maintenance WHERE id = ? ", [ maintenanceID ]);
maintenanceID,
socket.userID,
]);
apicache.clear(); apicache.clear();

@ -200,7 +200,7 @@ class UptimeKumaServer {
* @returns {Promise<object>} List of monitors * @returns {Promise<object>} List of monitors
*/ */
async sendMonitorList(socket) { async sendMonitorList(socket) {
let list = await this.getMonitorJSONList(socket.userID); let list = await this.getMonitorJSONList();
this.io.to(socket.userID).emit("monitorList", list); this.io.to(socket.userID).emit("monitorList", list);
return list; return list;
} }
@ -227,25 +227,21 @@ class UptimeKumaServer {
} }
/** /**
* Get a list of monitors for the given user. * Get a list of monitors.
* @param {string} userID - The ID of the user to get monitors for.
* @param {number} monitorID - The ID of monitor for. * @param {number} monitorID - The ID of monitor for.
* @returns {Promise<object>} A promise that resolves to an object with monitor IDs as keys and monitor objects as values. * @returns {Promise<object>} A promise that resolves to an object with monitor IDs as keys and monitor objects as values.
* *
* Generated by Trelent * Generated by Trelent
*/ */
async getMonitorJSONList(userID, monitorID = null) { async getMonitorJSONList(monitorID = null) {
let query = " user_id = ? ";
let queryParams = [ userID ];
let monitorList = [];
if (monitorID) { if (monitorID) {
query += "AND id = ? "; monitorList = await R.find("monitor", "id = ? ORDER BY weight DESC, name", [ monitorID ]);
queryParams.push(monitorID); } else {
monitorList = await R.findAll("monitor", "ORDER BY weight DESC, name");
} }
let monitorList = await R.find("monitor", query + "ORDER BY weight DESC, name", queryParams);
const monitorData = monitorList.map(monitor => ({ const monitorData = monitorList.map(monitor => ({
id: monitor.id, id: monitor.id,
active: monitor.active, active: monitor.active,

Loading…
Cancel
Save