Merge branch 'master' of https://github.com/browngraphicslab/Dash-Web

author: Bob Zeleznik <zzzman@gmail.com> 2020-05-17 19:44:03 -0400
committer: Bob Zeleznik <zzzman@gmail.com> 2020-05-17 19:44:03 -0400
commit: 65243033448654c1efcec8c588128633a56d8409 (patch)
tree: 1d7606a94cad4e06efce8fcc310145598742d61b /src/server/ApiManagers
parent: 2882dfce48e434f0c0b6a5837fc6212cad1df131 (diff)
parent: 35b335eecd1ace5a1b3da04de3ee1e8674d10c15 (diff)
2 files changed, 58 insertions, 28 deletions
diff --git a/src/server/ApiManagers/DeleteManager.ts b/src/server/ApiManagers/DeleteManager.ts
index 7fbb37658..dcb21c30d 100644
--- a/src/server/ApiManagers/DeleteManager.ts
+++ b/src/server/ApiManagers/DeleteManager.ts
@@ -3,7 +3,7 @@ import { Method, _permission_denied } from "../RouteManager";
 import { WebSocket } from "../websocket";
 import { Database } from "../database";
 import rimraf = require("rimraf");
-import { filesDirectory } from "..";
+import { filesDirectory, AdminPriviliges } from "..";
 import { DashUploadUtils } from "../DashUploadUtils";
 import { mkdirSync } from "fs";
 import RouteSubscriber from "../RouteSubscriber";
@@ -15,38 +15,71 @@ export default class DeleteManager extends ApiManager {
         register({
             method: Method.GET,
             subscription: new RouteSubscriber("delete").add("target?"),
-            secureHandler: async ({ req, res, isRelease }) => {
-                if (isRelease) {
-                    return _permission_denied(res, "Cannot perform a delete operation outside of the development environment!");
-                }
-
+            secureHandler: async ({ req, res, isRelease, user: { id } }) => {
                 const { target } = req.params;
-                const { doDelete } = WebSocket;
-
-                if (!target) {
-                    await doDelete();
-                } else {
-                    let all = false;
-                    switch (target) {
-                        case "all":
-                            all = true;
-                        case "database":
-                            await doDelete(false);
-                            if (!all) break;
-                        case "files":
-                            rimraf.sync(filesDirectory);
-                            mkdirSync(filesDirectory);
-                            await DashUploadUtils.buildFileDirectories();
-                            break;
-                        default:
-                            await Database.Instance.dropSchema(target);
+                if (isRelease && process.env.PASSWORD) {
+                    if (AdminPriviliges.get(id)) {
+                        AdminPriviliges.delete(id);
+                    } else {
+                        return res.redirect(`/admin/delete${target ? `:${target}` : ``}`);
                     }
                 }
 
+                this.doDelete(target);
                 res.redirect("/home");
             }
         });
 
+        register({
+            method: Method.GET,
+            subscription: new RouteSubscriber("admin").add("previous_target"),
+            secureHandler: ({ res }) => res.render("admin.pug", { title: "Enter Administrator Password" })
+        })
+
+        register({
+            method: Method.POST,
+            subscription: new RouteSubscriber("admin").add("previous_target"),
+            secureHandler: async ({ req, res, isRelease, user: { id } }) => {
+                const { PASSWORD } = process.env;
+                if (!(isRelease && PASSWORD)) {
+                    return res.redirect("/home");
+                }
+                const { password } = req.body;
+                const { previous_target } = req.params;
+                let redirect: string;
+                if (password === PASSWORD) {
+                    AdminPriviliges.set(id, true);
+                    redirect = `/${previous_target.replace(":", "/")}`;
+                } else {
+                    redirect = `/admin/${previous_target}`;
+                }
+                res.redirect(redirect);
+            }
+        })
+
+    }
+
+
+    private doDelete = async (target?: string) => {
+        if (!target) {
+            await WebSocket.doDelete();
+        } else {
+            let all = false;
+            switch (target) {
+                case "all":
+                    all = true;
+                case "database":
+                    await WebSocket.doDelete(false);
+                    if (!all) break;
+                case "files":
+                    rimraf.sync(filesDirectory);
+                    mkdirSync(filesDirectory);
+                    await DashUploadUtils.buildFileDirectories();
+                    break;
+                default:
+                    await Database.Instance.dropSchema(target);
+            }
+        }
     }
 
 }
 \ No newline at end of file
diff --git a/src/server/ApiManagers/UtilManager.ts b/src/server/ApiManagers/UtilManager.ts
index aec523cd0..e2cd88726 100644
--- a/src/server/ApiManagers/UtilManager.ts
+++ b/src/server/ApiManagers/UtilManager.ts
@@ -1,8 +1,6 @@
 import ApiManager, { Registration } from "./ApiManager";
 import { Method } from "../RouteManager";
 import { exec } from 'child_process';
-import RouteSubscriber from "../RouteSubscriber";
-import { red } from "colors";
 // import { IBM_Recommender } from "../../client/apis/IBM_Recommender";
 // import { Recommender } from "../Recommender";
 
@@ -34,7 +32,6 @@ export default class UtilManager extends ApiManager {
         //     }
         // });
 
-
         register({
             method: Method.GET,
             subscription: "/pull",
author	Bob Zeleznik <zzzman@gmail.com>	2020-05-17 19:44:03 -0400
committer	Bob Zeleznik <zzzman@gmail.com>	2020-05-17 19:44:03 -0400
commit	65243033448654c1efcec8c588128633a56d8409 (patch)
tree	1d7606a94cad4e06efce8fcc310145598742d61b /src/server/ApiManagers
parent	2882dfce48e434f0c0b6a5837fc6212cad1df131 (diff)
parent	35b335eecd1ace5a1b3da04de3ee1e8674d10c15 (diff)