mirror of
https://github.com/Termix-SSH/Termix.git
synced 2026-07-16 05:13:36 +00:00
Merge commit from fork
This commit is contained in:
@@ -362,7 +362,9 @@ router.delete(
|
|||||||
return res.status(403).json({ error: "Not host owner" });
|
return res.status(403).json({ error: "Not host owner" });
|
||||||
}
|
}
|
||||||
|
|
||||||
await db.delete(hostAccess).where(eq(hostAccess.id, accessId));
|
await db
|
||||||
|
.delete(hostAccess)
|
||||||
|
.where(and(eq(hostAccess.id, accessId), eq(hostAccess.hostId, hostId)));
|
||||||
databaseLogger.info("Permission revoked", {
|
databaseLogger.info("Permission revoked", {
|
||||||
operation: "rbac_permission_revoke",
|
operation: "rbac_permission_revoke",
|
||||||
adminId: userId,
|
adminId: userId,
|
||||||
@@ -1369,7 +1371,14 @@ router.delete(
|
|||||||
return res.status(403).json({ error: "Not snippet owner" });
|
return res.status(403).json({ error: "Not snippet owner" });
|
||||||
}
|
}
|
||||||
|
|
||||||
await db.delete(snippetAccess).where(eq(snippetAccess.id, accessId));
|
await db
|
||||||
|
.delete(snippetAccess)
|
||||||
|
.where(
|
||||||
|
and(
|
||||||
|
eq(snippetAccess.id, accessId),
|
||||||
|
eq(snippetAccess.snippetId, snippetId),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
res.json({ success: true, message: "Snippet access revoked" });
|
res.json({ success: true, message: "Snippet access revoked" });
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ const sshLogger = logger;
|
|||||||
|
|
||||||
type DockerSession = {
|
type DockerSession = {
|
||||||
isConnected: boolean;
|
isConnected: boolean;
|
||||||
|
userId?: string;
|
||||||
lastActive: number;
|
lastActive: number;
|
||||||
activeOperations: number;
|
activeOperations: number;
|
||||||
hostId?: number;
|
hostId?: number;
|
||||||
@@ -46,6 +47,10 @@ export function registerDockerContainerRoutes(
|
|||||||
): void {
|
): void {
|
||||||
const getRuntime = (session: DockerSession) =>
|
const getRuntime = (session: DockerSession) =>
|
||||||
session.containerRuntime ?? "docker";
|
session.containerRuntime ?? "docker";
|
||||||
|
const getOwnedSession = (sessionId: string, userId: string) => {
|
||||||
|
const session = sshSessions[sessionId];
|
||||||
|
return session?.userId === userId ? session : undefined;
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @openapi
|
* @openapi
|
||||||
@@ -89,7 +94,7 @@ export function registerDockerContainerRoutes(
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -189,7 +194,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -287,7 +292,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -387,7 +392,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -487,7 +492,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -587,7 +592,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -687,7 +692,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -792,7 +797,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -925,7 +930,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
@@ -1040,7 +1045,7 @@ export function registerDockerContainerRoutes(
|
|||||||
return res.status(401).json({ error: "Authentication required" });
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const session = sshSessions[sessionId];
|
const session = getOwnedSession(sessionId, userId);
|
||||||
|
|
||||||
if (!session || !session.isConnected) {
|
if (!session || !session.isConnected) {
|
||||||
return res.status(400).json({
|
return res.status(400).json({
|
||||||
|
|||||||
@@ -2138,12 +2138,19 @@ app.post("/docker/ssh/keepalive", async (req, res) => {
|
|||||||
*/
|
*/
|
||||||
app.get("/docker/ssh/status", async (req, res) => {
|
app.get("/docker/ssh/status", async (req, res) => {
|
||||||
const sessionId = req.query.sessionId as string;
|
const sessionId = req.query.sessionId as string;
|
||||||
|
const userId = getRequestUserId(req);
|
||||||
|
|
||||||
if (!sessionId) {
|
if (!sessionId) {
|
||||||
return res.status(400).json({ error: "Session ID is required" });
|
return res.status(400).json({ error: "Session ID is required" });
|
||||||
}
|
}
|
||||||
|
|
||||||
const isConnected = !!sshSessions[sessionId]?.isConnected;
|
if (!userId) {
|
||||||
|
return res.status(401).json({ error: "Authentication required" });
|
||||||
|
}
|
||||||
|
|
||||||
|
const session = sshSessions[sessionId];
|
||||||
|
const isConnected =
|
||||||
|
session?.userId === userId && session.isConnected === true;
|
||||||
|
|
||||||
res.json({ success: true, connected: isConnected });
|
res.json({ success: true, connected: isConnected });
|
||||||
});
|
});
|
||||||
@@ -2193,6 +2200,10 @@ app.get("/docker/validate/:sessionId", async (req, res) => {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (session.userId !== userId) {
|
||||||
|
return res.status(403).json({ error: "Session access denied" });
|
||||||
|
}
|
||||||
|
|
||||||
session.lastActive = Date.now();
|
session.lastActive = Date.now();
|
||||||
session.activeOperations++;
|
session.activeOperations++;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user