mirror of
https://github.com/Termix-SSH/Termix.git
synced 2026-07-15 21:03:47 +00:00
fix: resolve jump hosts for shared access users
This commit is contained in:
@@ -142,7 +142,7 @@ async function resolveJumpHost(
|
|||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
.from(hosts)
|
.from(hosts)
|
||||||
.where(and(eq(hosts.id, hostId), eq(hosts.userId, userId))),
|
.where(eq(hosts.id, hostId)),
|
||||||
"ssh_data",
|
"ssh_data",
|
||||||
userId,
|
userId,
|
||||||
);
|
);
|
||||||
@@ -152,8 +152,35 @@ async function resolveJumpHost(
|
|||||||
}
|
}
|
||||||
|
|
||||||
const host = hostResults[0];
|
const host = hostResults[0];
|
||||||
|
const ownerId = (host.userId || userId) as string;
|
||||||
|
|
||||||
if (host.credentialId) {
|
if (host.credentialId) {
|
||||||
|
if (userId !== ownerId) {
|
||||||
|
try {
|
||||||
|
const { SharedCredentialManager } =
|
||||||
|
await import("../utils/shared-credential-manager.js");
|
||||||
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
|
const sharedCred =
|
||||||
|
await sharedCredManager.getSharedCredentialForUser(hostId, userId);
|
||||||
|
if (sharedCred) {
|
||||||
|
return {
|
||||||
|
...host,
|
||||||
|
password: sharedCred.password,
|
||||||
|
key: sharedCred.key,
|
||||||
|
keyPassword: sharedCred.keyPassword,
|
||||||
|
keyType: sharedCred.keyType,
|
||||||
|
authType: sharedCred.key
|
||||||
|
? "key"
|
||||||
|
: sharedCred.password
|
||||||
|
? "password"
|
||||||
|
: "none",
|
||||||
|
} as JumpHostConfig;
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
|
// fall through to owner credential lookup
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const credentials = await SimpleDBOps.select(
|
const credentials = await SimpleDBOps.select(
|
||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
@@ -161,11 +188,11 @@ async function resolveJumpHost(
|
|||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
eq(sshCredentials.id, host.credentialId as number),
|
eq(sshCredentials.id, host.credentialId as number),
|
||||||
eq(sshCredentials.userId, userId),
|
eq(sshCredentials.userId, ownerId),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
"ssh_credentials",
|
"ssh_credentials",
|
||||||
userId,
|
ownerId,
|
||||||
);
|
);
|
||||||
|
|
||||||
if (credentials.length > 0) {
|
if (credentials.length > 0) {
|
||||||
|
|||||||
@@ -154,7 +154,7 @@ async function resolveJumpHost(
|
|||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
.from(hosts)
|
.from(hosts)
|
||||||
.where(and(eq(hosts.id, hostId), eq(hosts.userId, userId))),
|
.where(eq(hosts.id, hostId)),
|
||||||
"ssh_data",
|
"ssh_data",
|
||||||
userId,
|
userId,
|
||||||
);
|
);
|
||||||
@@ -164,8 +164,35 @@ async function resolveJumpHost(
|
|||||||
}
|
}
|
||||||
|
|
||||||
const host = hostResults[0];
|
const host = hostResults[0];
|
||||||
|
const ownerId = (host.userId || userId) as string;
|
||||||
|
|
||||||
if (host.credentialId) {
|
if (host.credentialId) {
|
||||||
|
if (userId !== ownerId) {
|
||||||
|
try {
|
||||||
|
const { SharedCredentialManager } =
|
||||||
|
await import("../utils/shared-credential-manager.js");
|
||||||
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
|
const sharedCred =
|
||||||
|
await sharedCredManager.getSharedCredentialForUser(hostId, userId);
|
||||||
|
if (sharedCred) {
|
||||||
|
return {
|
||||||
|
...host,
|
||||||
|
password: sharedCred.password,
|
||||||
|
key: sharedCred.key,
|
||||||
|
keyPassword: sharedCred.keyPassword,
|
||||||
|
keyType: sharedCred.keyType,
|
||||||
|
authType: sharedCred.key
|
||||||
|
? "key"
|
||||||
|
: sharedCred.password
|
||||||
|
? "password"
|
||||||
|
: "none",
|
||||||
|
} as JumpHostConfig;
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
|
// fall through to owner credential lookup
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const credentials = await SimpleDBOps.select(
|
const credentials = await SimpleDBOps.select(
|
||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
@@ -173,11 +200,11 @@ async function resolveJumpHost(
|
|||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
eq(sshCredentials.id, host.credentialId as number),
|
eq(sshCredentials.id, host.credentialId as number),
|
||||||
eq(sshCredentials.userId, userId),
|
eq(sshCredentials.userId, ownerId),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
"ssh_credentials",
|
"ssh_credentials",
|
||||||
userId,
|
ownerId,
|
||||||
);
|
);
|
||||||
|
|
||||||
if (credentials.length > 0) {
|
if (credentials.length > 0) {
|
||||||
|
|||||||
@@ -78,7 +78,7 @@ async function resolveJumpHost(
|
|||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
.from(hosts)
|
.from(hosts)
|
||||||
.where(and(eq(hosts.id, hostId), eq(hosts.userId, userId))),
|
.where(eq(hosts.id, hostId)),
|
||||||
"ssh_data",
|
"ssh_data",
|
||||||
userId,
|
userId,
|
||||||
);
|
);
|
||||||
@@ -88,8 +88,35 @@ async function resolveJumpHost(
|
|||||||
}
|
}
|
||||||
|
|
||||||
const host = hostResults[0];
|
const host = hostResults[0];
|
||||||
|
const ownerId = (host.userId || userId) as string;
|
||||||
|
|
||||||
if (host.credentialId) {
|
if (host.credentialId) {
|
||||||
|
if (userId !== ownerId) {
|
||||||
|
try {
|
||||||
|
const { SharedCredentialManager } =
|
||||||
|
await import("../utils/shared-credential-manager.js");
|
||||||
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
|
const sharedCred =
|
||||||
|
await sharedCredManager.getSharedCredentialForUser(hostId, userId);
|
||||||
|
if (sharedCred) {
|
||||||
|
return {
|
||||||
|
...host,
|
||||||
|
password: sharedCred.password,
|
||||||
|
key: sharedCred.key,
|
||||||
|
keyPassword: sharedCred.keyPassword,
|
||||||
|
keyType: sharedCred.keyType,
|
||||||
|
authType: sharedCred.key
|
||||||
|
? "key"
|
||||||
|
: sharedCred.password
|
||||||
|
? "password"
|
||||||
|
: "none",
|
||||||
|
} as JumpHostConfig;
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
|
// fall through to owner credential lookup
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const credentials = await SimpleDBOps.select(
|
const credentials = await SimpleDBOps.select(
|
||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
@@ -97,11 +124,11 @@ async function resolveJumpHost(
|
|||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
eq(sshCredentials.id, host.credentialId as number),
|
eq(sshCredentials.id, host.credentialId as number),
|
||||||
eq(sshCredentials.userId, userId),
|
eq(sshCredentials.userId, ownerId),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
"ssh_credentials",
|
"ssh_credentials",
|
||||||
userId,
|
ownerId,
|
||||||
);
|
);
|
||||||
|
|
||||||
if (credentials.length > 0) {
|
if (credentials.length > 0) {
|
||||||
|
|||||||
@@ -148,7 +148,7 @@ async function resolveJumpHost(
|
|||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
.from(hosts)
|
.from(hosts)
|
||||||
.where(and(eq(hosts.id, hostId), eq(hosts.userId, userId))),
|
.where(eq(hosts.id, hostId)),
|
||||||
"ssh_data",
|
"ssh_data",
|
||||||
userId,
|
userId,
|
||||||
);
|
);
|
||||||
@@ -158,8 +158,35 @@ async function resolveJumpHost(
|
|||||||
}
|
}
|
||||||
|
|
||||||
const host = hostResults[0];
|
const host = hostResults[0];
|
||||||
|
const ownerId = (host.userId || userId) as string;
|
||||||
|
|
||||||
if (host.credentialId) {
|
if (host.credentialId) {
|
||||||
|
if (userId !== ownerId) {
|
||||||
|
try {
|
||||||
|
const { SharedCredentialManager } =
|
||||||
|
await import("../utils/shared-credential-manager.js");
|
||||||
|
const sharedCredManager = SharedCredentialManager.getInstance();
|
||||||
|
const sharedCred =
|
||||||
|
await sharedCredManager.getSharedCredentialForUser(hostId, userId);
|
||||||
|
if (sharedCred) {
|
||||||
|
return {
|
||||||
|
...host,
|
||||||
|
password: sharedCred.password,
|
||||||
|
key: sharedCred.key,
|
||||||
|
keyPassword: sharedCred.keyPassword,
|
||||||
|
keyType: sharedCred.keyType,
|
||||||
|
authType: sharedCred.key
|
||||||
|
? "key"
|
||||||
|
: sharedCred.password
|
||||||
|
? "password"
|
||||||
|
: "none",
|
||||||
|
} as JumpHostConfig;
|
||||||
|
}
|
||||||
|
} catch {
|
||||||
|
// fall through to owner credential lookup
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const credentials = await SimpleDBOps.select(
|
const credentials = await SimpleDBOps.select(
|
||||||
getDb()
|
getDb()
|
||||||
.select()
|
.select()
|
||||||
@@ -167,11 +194,11 @@ async function resolveJumpHost(
|
|||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
eq(sshCredentials.id, host.credentialId as number),
|
eq(sshCredentials.id, host.credentialId as number),
|
||||||
eq(sshCredentials.userId, userId),
|
eq(sshCredentials.userId, ownerId),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
"ssh_credentials",
|
"ssh_credentials",
|
||||||
userId,
|
ownerId,
|
||||||
);
|
);
|
||||||
|
|
||||||
if (credentials.length > 0) {
|
if (credentials.length > 0) {
|
||||||
|
|||||||
Reference in New Issue
Block a user