external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Server hardening, user alerts and user permission checking.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2018-04-05 16:45:56 -07:00
parent 50002f5f60
commit 3c1797a016
5 changed files with 214 additions and 127 deletions
Download patch file Download diff file Expand all files Collapse all files

39
views/default.handlebars
View file

@ -4197,7 +4197,7 @@
function account_createMesh() {
if (xxdialogMode) return;
var x = "Create a new mesh computer group using the options below.<br /><br />";
x += addHtmlValue('Mesh Name', '<input id=dp2meshname style=width:230px maxlength=32 onchange=account_validateMeshCreate() onkeyup=account_validateMeshCreate() />');
x += addHtmlValue('Mesh Name', '<input id=dp2meshname style=width:230px maxlength=64 onchange=account_validateMeshCreate() onkeyup=account_validateMeshCreate() />');
x += addHtmlValue('Mesh Type', '<div style=width:230px;margin:0;padding:0><select id=dp2meshtype style=width:100% onchange=account_validateMeshCreate() ><option value=2>Mesh Agent Policy</option><option value=1>Intel&reg; AMT Agent-less Policy</option></select></div>');
x += addHtmlValue('Description', '<div style=width:230px;margin:0;padding:0><textarea id=dp2meshdesc maxlength=1024 style=width:100%;resize:none></textarea></div>');
setDialogMode(2, "Create Mesh", 3, account_createMeshEx, x);
@ -4747,15 +4747,24 @@
function updateUsers() {
QV('MainMenuMyUsers', (users != null) && ((features & 4) == 0));
if ((users == null) || ((features & 4) != 0)) { QH('p3users', ''); return; }
// Sort the list of user id's
var sortedUserIds = [];
for (var i in users) { sortedUserIds.push(i); }
sortedUserIds.sort();
// Display the users using the sorted list
var x = '<table style=width:100% cellpadding=0 cellspacing=0>';
for (var i in users) {
var user = users[i], icon = 'm2', msg = '';
for (var i in sortedUserIds) {
var user = users[sortedUserIds[i]], icon = 'm2', msg = '', self = (user.name != userinfo.name);
if (wssessions != null && wssessions[user._id]) {
if (self) { msg += "<a onclick=showUserAlertDialog(event,\"" + user._id + "\")>"; }
var sessions = wssessions[user._id];
if (sessions == 1) { msg = '1 active session'; } else { msg = sessions + ' active sessions'; }
if (sessions == 1) { msg += '1 active session'; } else { msg += sessions + ' active sessions'; }
if (self) { msg += "</a>"; }
}
if (msg != '') msg += ', ';
if (user.name != userinfo.name) { msg += "<a onclick=showUserAdminDialog(event,\"" + user._id + "\")>"; }
if (self) { msg += "<a onclick=showUserAdminDialog(event,\"" + user._id + "\")>"; }
if ((user.siteadmin == null) || (user.siteadmin == 0)) {
msg += "User";
} else if (user.siteadmin == 8) {
@ -4766,7 +4775,7 @@
msg += "Partial Admin";
}
if ((user.quota != null) && ((user.siteadmin & 8) != 0)) { msg += ", " + (user.quota / 1024) + " k"; }
if (user.name != userinfo.name) { msg += "</a>"; }
if (self) { msg += "</a>"; }
var username = EscapeHtml(user.name);
if (user.email != null) { username += ', <a onclick=doemail(event,\"' + user.email + '\")>' + user.email + '</a>' + (((serverinfo.emailcheck == true) && (user.emailVerified != true))?' (unverified)':''); }
x += '<tr><td style=cursor:pointer onclick=showUserInfoDialog(\"' + user._id + '\")>';
@ -4779,6 +4788,16 @@
QH('p3users', x);
}
function showUserAlertDialog(e, userid) {
if (xxdialogMode) return;
haltEvent(e);
setDialogMode(2, "Notify " + EscapeHtml(users[userid].name), 3, showUserAlertDialogEx, 'Send a text notification to this user.<textarea id=d2notifyText maxlength=2048 style="width:100%;height:184px;resize:none"></textarea>', userid);
Q('d2notifyText').focus();
return false;
}
function showUserAlertDialogEx(button, userid) { meshserver.send({ action: 'notifyuser', userid: userid, msg: Q('d2notifyText').value }); }
function doemail(e, addr) {
if (xxdialogMode) return;
haltEvent(e);
@ -4807,10 +4826,10 @@
function showCreateNewAccountDialog() {
if (xxdialogMode) return;
var x = '';
x += addHtmlValue('Name', '<input id=p4name style=width:230px maxlength=32 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Email', '<input id=p4email style=width:230px maxlength=64 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Password', '<input id=p4pass1 type=password style=width:230px maxlength=64 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Password', '<input id=p4pass2 type=password style=width:230px maxlength=64 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Name', '<input id=p4name style=width:230px maxlength=64 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Email', '<input id=p4email style=width:230px maxlength=256 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Password', '<input id=p4pass1 type=password style=width:230px maxlength=256 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
x += addHtmlValue('Password', '<input id=p4pass2 type=password style=width:230px maxlength=256 onchange=showCreateNewAccountDialogValidate() onkeyup=showCreateNewAccountDialogValidate() />');
setDialogMode(2, "Create Account", 3, showCreateNewAccountDialogEx, x);
showCreateNewAccountDialogValidate();
Q('p4name').focus();

18
views/login.handlebars
View file

@ -42,11 +42,11 @@
<table>
<tr>
<td align=right width=100>Username:</td>
<td><input id=username type=text name=username onchange=validateLogin(1) onkeyup=validateLogin(1,event) /></td>
<td><input id=username type=text maxlength=64 name=username onchange=validateLogin(1) onkeyup=validateLogin(1,event) /></td>
</tr>
<tr>
<td align=right>Password:</td>
<td><input id=password type=password name=password autocomplete=off onchange=validateLogin(2) onkeyup=validateLogin(2,event) /></td>
<td><input id=password type=password maxlength=256 name=password autocomplete=off onchange=validateLogin(2) onkeyup=validateLogin(2,event) /></td>
</tr>
<tr>
<td><div id=showPassHintLink style=display:none><a onclick=showPassHint() style="cursor:pointer">Show Hint</a></div></td>
@ -73,27 +73,27 @@
<table>
<tr>
<td align=right width=100>Username:</td>
<td><input id=ausername type=text name=username onchange=validateCreate(1) onkeydown=haltReturn(event) onkeyup=validateCreate(1,event) /></td>
<td><input id=ausername type=text name=username onchange=validateCreate(1) maxlength=64 onkeydown=haltReturn(event) onkeyup=validateCreate(1,event) /></td>
</tr>
<tr>
<td align=right width=100>Email:</td>
<td><input id=aemail type=text name=email onchange=validateCreate(2) onkeydown=haltReturn(event) onkeyup=validateCreate(2,event) /></td>
<td><input id=aemail type=text name=email onchange=validateCreate(2) maxlength=256 onkeydown=haltReturn(event) onkeyup=validateCreate(2,event) /></td>
</tr>
<tr>
<td align=right>Password:</td>
<td><input id=apassword1 type=password name=password1 autocomplete=off onkeydown=haltReturn(event) onchange=validateCreate(3) onkeyup=validateCreate(3,event) /></td>
<td><input id=apassword1 type=password name=password1 autocomplete=off maxlength=256 onkeydown=haltReturn(event) onchange=validateCreate(3) onkeyup=validateCreate(3,event) /></td>
</tr>
<tr>
<td align=right>Password:</td>
<td><input id=apassword2 type=password name=password2 autocomplete=off onkeydown=haltReturn(event) onchange=validateCreate(4) onkeyup=validateCreate(4,event) /></td>
<td><input id=apassword2 type=password name=password2 autocomplete=off maxlength=256 onkeydown=haltReturn(event) onchange=validateCreate(4) onkeyup=validateCreate(4,event) /></td>
</tr>
<tr>
<td align=right>Password Hint:</td>
<td><input id=apasswordhint type=text name=apasswordhint autocomplete=off maxlength=250 onkeydown=haltReturn(event) onchange=validateCreate(5) onkeyup=validateCreate(5,event) /></td>
<td><input id=apasswordhint type=text name=apasswordhint autocomplete=off maxlength=256 onkeydown=haltReturn(event) onchange=validateCreate(5) onkeyup=validateCreate(5,event) /></td>
</tr>
<tr id=newAccountPass title="Enter the account creation token">
<td align=right>Creation Token:</td>
<td><input id=anewaccountpass type=password name=anewaccountpass autocomplete=off maxlength=250 onkeydown=haltReturn(event) onchange=validateCreate(6) onkeyup=validateCreate(6,event) /></td>
<td><input id=anewaccountpass type=password name=anewaccountpass autocomplete=off maxlength=256 onkeydown=haltReturn(event) onchange=validateCreate(6) onkeyup=validateCreate(6,event) /></td>
</tr>
<tr>
<td colspan=2>
@ -116,7 +116,7 @@
<table>
<tr>
<td align=right width=100>Email:</td>
<td><input id=remail type=text name=email onchange=validateReset() onkeyup=validateReset(event) /></td>
<td><input id=remail type=text name=email maxlength=256 onchange=validateReset() onkeyup=validateReset(event) /></td>
</tr>
<tr>
<td colspan=2>