external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-12 11:01:52 +00:00
Code Issues Releases Wiki Activity

Added user last access support, #3319

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2021-12-04 13:08:17 -08:00
parent 8f36513078
commit 4fa629f825
5 changed files with 62 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
meshdesktopmultiplex.js
View file

@ -131,6 +131,25 @@ function CreateDesktopMultiplexor(parent, domain, nodeid, func) {
if ((typeof sr == 'number') && (sr > 0) && (sr < 1000)) { peer.slowRelay = sr; } if ((typeof sr == 'number') && (sr > 0) && (sr < 1000)) { peer.slowRelay = sr; }
} }
// Update user last access time
if ((peer.user != null) && (peer.guestName == null)) {
const user = parent.users[peer.user._id];
if (user != null) {
const timeNow = Math.floor(Date.now() / 1000);
if (user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
user.access = timeNow;
parent.db.SetUser(user);
// Event the change
var message = { etype: 'user', userid: user._id, username: user.name, account: parent.CloneSafeUser(user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', user._id];
if (user.groups) { for (var i in user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
}
// Check session recording // Check session recording
var startRecord = false; var startRecord = false;
if (typeof domain.sessionrecording == 'object') { if (typeof domain.sessionrecording == 'object') {

16
meshrelay.js
View file

@ -508,6 +508,22 @@ function CreateMeshRelayEx(parent, ws, req, domain, user, cookie) {
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msgid: msgid, msgArgs: [obj.id, obj.peer.req.clientIp, req.clientIp], msg: msg + ' \"' + obj.id + '\" from ' + obj.peer.req.clientIp + ' to ' + req.clientIp, protocol: req.query.p, nodeid: req.query.nodeid }; var event = { etype: 'relay', action: 'relaylog', domain: domain.id, userid: sessionUser._id, username: sessionUser.name, msgid: msgid, msgArgs: [obj.id, obj.peer.req.clientIp, req.clientIp], msg: msg + ' \"' + obj.id + '\" from ' + obj.peer.req.clientIp + ' to ' + req.clientIp, protocol: req.query.p, nodeid: req.query.nodeid };
if (obj.guestname) { event.guestname = obj.guestname; } else if (relayinfo.peer1.guestname) { event.guestname = relayinfo.peer1.guestname; } // If this is a sharing session, set the guest name here. if (obj.guestname) { event.guestname = obj.guestname; } else if (relayinfo.peer1.guestname) { event.guestname = relayinfo.peer1.guestname; } // If this is a sharing session, set the guest name here.
parent.parent.DispatchEvent(['*', sessionUser._id], obj, event); parent.parent.DispatchEvent(['*', sessionUser._id], obj, event);
// Update user last access time
if ((obj.user != null) && (obj.guestname == null)) {
const timeNow = Math.floor(Date.now() / 1000);
if (obj.user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
obj.user.access = timeNow;
parent.db.SetUser(obj.user);
// Event the change
var message = { etype: 'user', userid: obj.user._id, username: obj.user.name, account: parent.CloneSafeUser(obj.user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', obj.user._id];
if (obj.user.groups) { for (var i in obj.user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
} }
} else { } else {
// Connected already, drop (TODO: maybe we should re-connect?) // Connected already, drop (TODO: maybe we should re-connect?)

16
meshuser.js
View file

@ -186,6 +186,22 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
obj.ws.xclosed = 10; // DEBUG obj.ws.xclosed = 10; // DEBUG
// Update user last access time
if (obj.user != null) {
const timeNow = Math.floor(Date.now() / 1000);
if (obj.user.access < (timeNow - 300)) { // Only update user access time if longer than 5 minutes
obj.user.access = timeNow;
parent.db.SetUser(user);
// Event the change
var message = { etype: 'user', userid: obj.user._id, username: obj.user.name, account: parent.CloneSafeUser(obj.user), action: 'accountchange', domain: domain.id, nolog: 1 };
if (parent.db.changeStream) { message.noact = 1; } // If DB change stream is active, don't use this event to change the user. Another event will come.
var targets = ['*', 'server-users', obj.user._id];
if (obj.user.groups) { for (var i in obj.user.groups) { targets.push('server-users:' + i); } }
parent.parent.DispatchEvent(targets, obj, message);
}
}
// Aggressive cleanup // Aggressive cleanup
delete obj.user; delete obj.user;
delete obj.domain; delete obj.domain;

3
views/default.handlebars
View file

@ -13492,7 +13492,8 @@
} }
if (sessions == 1) { lastAccess += nobreak("1 session"); } else { lastAccess += nobreak(format("{0} sessions", sessions)); } if (sessions == 1) { lastAccess += nobreak("1 session"); } else { lastAccess += nobreak(format("{0} sessions", sessions)); }
} else { } else {
if (user.login) { lastAccess += '<span title="' + format("Last login: {0}", printDateTime(new Date(user.login * 1000))) + '">' + printDate(new Date(user.login * 1000)) + '</span>'; } if (user.access) { lastAccess += '<span title="' + format("Last access: {0}", printDateTime(new Date(user.access * 1000))) + '">' + printDate(new Date(user.access * 1000)) + '</span>'; }
else if (user.login) { lastAccess += '<span title="' + format("Last login: {0}", printDateTime(new Date(user.login * 1000))) + '">' + printDate(new Date(user.login * 1000)) + '</span>'; }
} }
if (self) { permissions += '<a href=# style=cursor:pointer onclick=\'return showUserAdminDialog(event,"' + encodeURIComponentEx(user._id) + '")\'>'; } if (self) { permissions += '<a href=# style=cursor:pointer onclick=\'return showUserAdminDialog(event,"' + encodeURIComponentEx(user._id) + '")\'>'; }
if ((user.siteadmin != null) && ((user.siteadmin & 32) != 0) && (user.siteadmin != 0xFFFFFFFF)) { permissions += "Locked" + ',&nbsp;'; } if ((user.siteadmin != null) && ((user.siteadmin & 32) != 0) && (user.siteadmin != 0xFFFFFFFF)) { permissions += "Locked" + ',&nbsp;'; }

18
webserver.js
View file

@ -476,7 +476,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (user == null) { if (user == null) {
// Create a new user // Create a new user
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (email) { user['email'] = email; user['emailVerified'] = true; } if (email) { user['email'] = email; user['emailVerified'] = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; } if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
@ -586,7 +586,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (user == null) { if (user == null) {
// This user does not exist, create a new account. // This user does not exist, create a new account.
var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (email) { user['email'] = email; user['emailVerified'] = true; } if (email) { user['email'] = email; user['emailVerified'] = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; } if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
@ -1221,7 +1221,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Save login time // Save login time
user.pastlogin = user.login; user.pastlogin = user.login;
user.login = Math.floor(Date.now() / 1000); user.login = user.access = Math.floor(Date.now() / 1000);
obj.db.SetUser(user); obj.db.SetUser(user);
// Notify account login // Notify account login
@ -1381,7 +1381,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
req.session.loginmode = 2; req.session.loginmode = 2;
req.session.messageid = 104; // Username already exists. req.session.messageid = 104; // Username already exists.
} else { } else {
var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; } if (obj.common.validateStrArray(domain.newaccountrealms)) { user.groups = domain.newaccountrealms; }
if ((domain.passwordrequirements != null) && (domain.passwordrequirements.hint === true) && (req.body.apasswordhint)) { var hint = req.body.apasswordhint; if (hint.length > 250) { hint = hint.substring(0, 250); } user.passhint = hint; } if ((domain.passwordrequirements != null) && (domain.passwordrequirements.hint === true) && (req.body.apasswordhint)) { var hint = req.body.apasswordhint; if (hint.length > 250) { hint = hint.substring(0, 250); } user.passhint = hint; }
@ -1508,7 +1508,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
user.salt = salt; user.salt = salt;
user.hash = hash; user.hash = hash;
user.passchange = nowSeconds; user.passchange = user.access = nowSeconds;
delete user.passtype; delete user.passtype;
obj.db.SetUser(user); obj.db.SetUser(user);
@ -1819,7 +1819,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
userinfo.salt = salt; userinfo.salt = salt;
userinfo.hash = hash; userinfo.hash = hash;
delete userinfo.passtype; delete userinfo.passtype;
userinfo.passchange = Math.floor(Date.now() / 1000); userinfo.passchange = userinfo.access = Math.floor(Date.now() / 1000);
delete userinfo.passhint; delete userinfo.passhint;
obj.db.SetUser(userinfo); obj.db.SetUser(userinfo);
@ -2323,7 +2323,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
} }
user.salt = salt; user.salt = salt;
user.hash = hash; user.hash = hash;
user.passchange = nowSeconds; user.passchange = user.access = nowSeconds;
delete user.passtype; delete user.passtype;
obj.db.SetUser(user); obj.db.SetUser(user);
@ -2361,7 +2361,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (newAccountAllowed === true) { if (newAccountAllowed === true) {
// Create the user // Create the user
parent.debug('web', 'handleStrategyLogin: creating new user: ' + userid); parent.debug('web', 'handleStrategyLogin: creating new user: ' + userid);
user = { type: 'user', _id: userid, name: req.user.name, email: req.user.email, creation: Math.floor(Date.now() / 1000), domain: domain.id }; user = { type: 'user', _id: userid, name: req.user.name, email: req.user.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000), domain: domain.id };
if (req.user.email != null) { user.email = req.user.email; user.emailVerified = true; } if (req.user.email != null) { user.email = req.user.email; user.emailVerified = true; }
if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } // New accounts automatically assigned server rights. if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } // New accounts automatically assigned server rights.
if (domain.authstrategies[req.user.strategy].newaccountsrights) { user.siteadmin = obj.common.meshServerRightsArrayToNumber(domain.authstrategies[req.user.strategy].newaccountsrights); } // If there are specific SSO server rights, use these instead. if (domain.authstrategies[req.user.strategy].newaccountsrights) { user.siteadmin = obj.common.meshServerRightsArrayToNumber(domain.authstrategies[req.user.strategy].newaccountsrights); } // If there are specific SSO server rights, use these instead.
@ -2554,7 +2554,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
user = obj.users[req.session.userid]; user = obj.users[req.session.userid];
if ((user == null) || (user.sid != req.session.usersid)) { if ((user == null) || (user.sid != req.session.usersid)) {
// Create the domain user // Create the domain user
var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000) }; var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), access: Math.floor(Date.now() / 1000) };
if (domain.newaccountsrights) { user2.siteadmin = domain.newaccountsrights; } if (domain.newaccountsrights) { user2.siteadmin = domain.newaccountsrights; }
if (obj.common.validateStrArray(domain.newaccountrealms)) { user2.groups = domain.newaccountrealms; } if (obj.common.validateStrArray(domain.newaccountrealms)) { user2.groups = domain.newaccountrealms; }
for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } } for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } }