Acasă Explorează Ajutor
Autentificare
wiki
/
weseek__growi
oglindă de https://github.com/weseek/growi
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

create new folder security settings

ryoji-s 2 ani în urmă
părinte
e5d3d735bc
comite
0827174e1c
3 a modificat fișierele cu 49 adăugiri și 44 ștergeri
Vizualizare divizată Arată Statisticile Diff
  1. 2 1
      apps/app/src/server/routes/apiv3/index.js
  2. 41 0
      apps/app/src/server/routes/apiv3/security-settings/checkAllSetupStrategiesHasAdmin.ts
  3. 6 43
      apps/app/src/server/routes/apiv3/security-settings/index.js

+ 2 - 1
apps/app/src/server/routes/apiv3/index.js
Vizualizați fișierul 

@@ -9,6 +9,7 @@ import * as registerFormValidator from '../../middlewares/register-form-validato
 
 import g2gTransfer from './g2g-transfer';
 
 import importRoute from './import';
 
 import pageListing from './page-listing';
 
+import securitySettings from './security-settings';
 
 import * as userActivation from './user-activation';
 
 
 const logger = loggerFactory('growi:routes:apiv3'); // eslint-disable-line no-unused-vars
 
@@ -38,7 +39,7 @@ module.exports = (crowi, app) => {
 
   routerForAdmin.use('/export', require('./export')(crowi));
 
   routerForAdmin.use('/import', importRoute(crowi));
 
   routerForAdmin.use('/search', require('./search')(crowi));
 
-  routerForAdmin.use('/security-setting', require('./security-setting')(crowi));
 
+  routerForAdmin.use('/security-setting', securitySettings(crowi));
 
   routerForAdmin.use('/mongo', require('./mongo')(crowi));
 
   routerForAdmin.use('/slack-integration-settings', require('./slack-integration-settings')(crowi));
 
   routerForAdmin.use('/slack-integration-legacy-settings', require('./slack-integration-legacy-settings')(crowi));

+ 41 - 0
apps/app/src/server/routes/apiv3/security-settings/checkAllSetupStrategiesHasAdmin.ts
Vizualizați fișierul 

@@ -0,0 +1,41 @@
 
+import Crowi from '~/server/crowi';
 
+
 
+const checkAuthStrategyHasAdmin = (async(crowi: Crowi, strategy: string): Promise<boolean> => {
 
+  const ExternalAccount = crowi.model('ExternalAccount');
 
+  const User = crowi.model('User');
 
+
 
+  if (strategy === 'local') {
 
+    // Get all local admin accounts and filter local admins that are not in external accounts
 
+    const localAdmins = await User.aggregate([
 
+      { $match: { admin: true, status: User.STATUS_ACTIVE } },
 
+      {
 
+        $lookup: {
 
+          from: 'externalaccounts',
 
+          localField: '_id',
 
+          foreignField: 'user',
 
+          as: 'externalAccounts',
 
+        },
 
+      },
 
+      { $match: { externalAccounts: [] } },
 
+    ]).exec();
 
+    return localAdmins.length > 0;
 
+  }
 
+
 
+  const externalAccounts = await ExternalAccount.find({ providerType: strategy })
 
+    .populate('user', null, { admin: true, status: User.STATUS_ACTIVE })
 
+    .exec();
 
+
 
+  const hasAdmin = externalAccounts.some(account => account.user !== null);
 
+
 
+  return hasAdmin;
 
+});
 
+
 
+
 
+export const checkAllSetupStrategiesHasAdmin = (async(crowi: Crowi, setupStrategies: string[]): Promise<boolean> => {
 
+  const results = await Promise.all(setupStrategies.map(async(strategy) => {
 
+    const hasAdmin = await checkAuthStrategyHasAdmin(crowi, strategy);
 
+    return hasAdmin;
 
+  }));
 
+
 
+  return results.some(hasAdmin => hasAdmin);
 
+});

+ 6 - 43
apps/app/src/server/routes/apiv3/security-setting.js → apps/app/src/server/routes/apiv3/security-settings/index.js
Vizualizați fișierul 

@@ -2,12 +2,13 @@ import { ErrorV3 } from '@growi/core';
 
 
 import { SupportedAction } from '~/interfaces/activity';
 
 import { PageDeleteConfigValue } from '~/interfaces/page-delete-config';
 
+import { generateAddActivityMiddleware } from '~/server/middlewares/add-activity';
 
+import { apiV3FormValidator } from '~/server/middlewares/apiv3-form-validator';
 
 import { configManager } from '~/server/service/config-manager';
 
 import loggerFactory from '~/utils/logger';
 
 import { validateDeleteConfigs, prepareDeleteConfigValuesForCalc } from '~/utils/page-delete-config';
 
 
-import { generateAddActivityMiddleware } from '../../middlewares/add-activity';
 
-import { apiV3FormValidator } from '../../middlewares/apiv3-form-validator';
 
+import { checkAllSetupStrategiesHasAdmin } from './checkAllSetupStrategiesHasAdmin';
 
 
 
 const logger = loggerFactory('growi:routes:apiv3:security-setting');
 
@@ -309,8 +310,8 @@ const validator = {
 
  *            description: local account automatically linked the email matched
 
  */
 
 module.exports = (crowi) => {
 
-  const loginRequiredStrictly = require('../../middlewares/login-required')(crowi);
 
-  const adminRequired = require('../../middlewares/admin-required')(crowi);
 
+  const loginRequiredStrictly = require('~/server/middlewares/login-required')(crowi);
 
+  const adminRequired = require('~/server/middlewares/admin-required')(crowi);
 
   const addActivity = generateAddActivityMiddleware(crowi);
 
 
   const activityEvent = crowi.event('activity');
 
@@ -477,8 +478,6 @@ module.exports = (crowi) => {
 
   // eslint-disable-next-line max-len
 
   router.put('/authentication/enabled', loginRequiredStrictly, adminRequired, addActivity, validator.authenticationSetting, apiV3FormValidator, async(req, res) => {
 
     const { isEnabled, authId } = req.body;
 
-    const ExternalAccount = crowi.model('ExternalAccount');
 
-    const User = crowi.model('User');
 
 
     let setupStrategies = await crowi.passportService.getSetupStrategies();
 
 
@@ -491,44 +490,8 @@ module.exports = (crowi) => {
 
       return res.apiv3Err(new ErrorV3('Can not turn everything off'), 405);
 
     }
 
 
-    async function checkAuthStrategyHasAdmin(strategy) {
 
-      if (strategy === 'local') {
 
-        // Get all local admin accounts and filter local admins that are not in external accounts
 
-        const localAdmins = await User.aggregate([
 
-          { $match: { admin: true, status: User.STATUS_ACTIVE } },
 
-          {
 
-            $lookup: {
 
-              from: 'externalaccounts',
 
-              localField: '_id',
 
-              foreignField: 'user',
 
-              as: 'externalAccounts',
 
-            },
 
-          },
 
-          { $match: { externalAccounts: [] } },
 
-        ]).exec();
 
-        return localAdmins.length > 0;
 
-      }
 
-
 
-      const externalAccounts = await ExternalAccount.find({ providerType: strategy })
 
-        .populate('user', null, { admin: true, status: User.STATUS_ACTIVE })
 
-        .exec();
 
-
 
-      const hasAdmin = externalAccounts.some(account => account.user !== null);
 
-
 
-      return hasAdmin;
 
-    }
 
-
 
-    async function checkAllSetupStrategiesHasAdmin() {
 
-      const results = await Promise.all(setupStrategies.map(async(strategy) => {
 
-        const hasAdmin = await checkAuthStrategyHasAdmin(strategy);
 
-        return hasAdmin;
 
-      }));
 
-
 
-      return results.some(hasAdmin => hasAdmin);
 
-    }
 
-
 
     if (!isEnabled) {
 
-      const isSetupStrategiesHasAdmin = await checkAllSetupStrategiesHasAdmin();
 
+      const isSetupStrategiesHasAdmin = await checkAllSetupStrategiesHasAdmin(crowi, setupStrategies);
 
 
       // Return an error when disabling an strategy when there are no setup strategies with admin-enabled login
 
       if (!isSetupStrategiesHasAdmin) {