diff --git a/package-lock.json b/package-lock.json index aa4cab2..566f7ad 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,6 +24,7 @@ "puppeteer": "^23.11.1", "qrcode": "^1.5.4", "reflect-metadata": "^0.2.2", + "rss-parser": "^3.13.0", "socket.io": "^4.7.5", "speakeasy": "^2.0.0", "typeorm": "^0.3.20", @@ -1496,6 +1497,15 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" }, + "node_modules/entities": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz", + "integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==", + "license": "BSD-2-Clause", + "funding": { + "url": "https://github.com/fb55/entities?sponsor=1" + } + }, "node_modules/env-paths": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz", @@ -3152,6 +3162,16 @@ "node": ">= 0.10" } }, + "node_modules/rss-parser": { + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/rss-parser/-/rss-parser-3.13.0.tgz", + "integrity": "sha512-7jWUBV5yGN3rqMMj7CZufl/291QAhvrrGpDNE4k/02ZchL0npisiYYqULF71jCEKoIiHvK/Q2e6IkDwPziT7+w==", + "license": "MIT", + "dependencies": { + "entities": "^2.0.3", + "xml2js": "^0.5.0" + } + }, "node_modules/runes2": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/runes2/-/runes2-1.1.4.tgz", @@ -3182,6 +3202,12 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, + "node_modules/sax": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/sax/-/sax-1.4.1.tgz", + "integrity": "sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==", + "license": "ISC" + }, "node_modules/semver": { "version": "7.6.3", "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", @@ -4253,6 +4279,28 @@ } } }, + "node_modules/xml2js": { + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz", + "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==", + "license": "MIT", + "dependencies": { + "sax": ">=0.6.0", + "xmlbuilder": "~11.0.0" + }, + "engines": { + "node": ">=4.0.0" + } + }, + "node_modules/xmlbuilder": { + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz", + "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==", + "license": "MIT", + "engines": { + "node": ">=4.0" + } + }, "node_modules/y18n": { "version": "4.0.3", "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.3.tgz", diff --git a/package.json b/package.json index aa36753..a87067a 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "puppeteer": "^23.11.1", "qrcode": "^1.5.4", "reflect-metadata": "^0.2.2", + "rss-parser": "^3.13.0", "socket.io": "^4.7.5", "speakeasy": "^2.0.0", "typeorm": "^0.3.20", diff --git a/src/helpers/permissionHelper.ts b/src/helpers/permissionHelper.ts index 63edffa..990e97d 100644 --- a/src/helpers/permissionHelper.ts +++ b/src/helpers/permissionHelper.ts @@ -89,6 +89,19 @@ export default class PermissionHelper { }; } + static isAdminMiddleware(): (req: Request, res: Response, next: Function) => void { + return (req: Request, res: Response, next: Function) => { + const permissions = req.permissions; + const isOwner = req.isOwner; + + if (isOwner || permissions.admin) { + next(); + } else { + throw new ForbiddenRequestException(`missing admin permission`); + } + }; + } + static convertToObject(permissions: Array): PermissionObject { if (permissions.includes("*")) { return { diff --git a/src/routes/index.ts b/src/routes/index.ts index 3509940..ed10173 100644 --- a/src/routes/index.ts +++ b/src/routes/index.ts @@ -16,6 +16,8 @@ import user from "./user"; import detectPWA from "../middleware/detectPWA"; import api from "./webapi"; import authenticateAPI from "../middleware/authenticateAPI"; +import server from "./server"; +import PermissionHelper from "../helpers/permissionHelper"; export default (app: Express) => { app.set("query parser", "extended"); @@ -38,5 +40,6 @@ export default (app: Express) => { app.use(authenticate); app.use("/api/admin", admin); app.use("/api/user", user); + app.use("/api/server", PermissionHelper.isAdminMiddleware(), server); app.use(errorHandler); }; diff --git a/src/routes/server.ts b/src/routes/server.ts new file mode 100644 index 0000000..964d207 --- /dev/null +++ b/src/routes/server.ts @@ -0,0 +1,35 @@ +import express, { Request, Response } from "express"; +import { FileSystemHelper } from "../helpers/fileSystemHelper"; +import Parser from "rss-parser"; + +var router = express.Router({ mergeParams: true }); + +router.get("/version", async (req: Request, res: Response) => { + let serverPackage = FileSystemHelper.readTemplateFile("/package.json"); + let serverJson = JSON.parse(serverPackage); + res.send({ + name: serverJson.name, + description: serverJson.description, + version: serverJson.version, + author: serverJson.author, + license: serverJson.license, + }); +}); + +router.get("/settings", async (req: Request, res: Response) => { + res.json({}); +}); + +router.get("/serverrss", async (req: Request, res: Response) => { + const parser = new Parser(); + let feed = await parser.parseURL("https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin-server/releases.rss"); + res.json(feed); +}); + +router.get("/clientrss", async (req: Request, res: Response) => { + const parser = new Parser(); + let feed = await parser.parseURL("https://forgejo.jk-effects.cloud/Ehrenamt/ff-admin/releases.rss"); + res.json(feed); +}); + +export default router;