SICKO MODE

author: LarsVomMars 2021-01-31 01:36:25 +0100
committer: LarsVomMars 2021-01-31 01:36:25 +0100
commit: aba35eae1aa7b41719fa1fb6f43c622d06bc745c (patch)
tree: 42d9d8789847b736535404e2766d1bca0d4e73b6
parent: 434818de1de3cfa41b21fbc4b59bc0183339335a (diff)
8 files changed, 161 insertions, 3 deletions
diff --git a/app.js b/app.js
index a705e1c..9f9c823 100644
--- a/app.js
+++ b/app.js
@@ -5,8 +5,8 @@ const session = require("express-session");
 const fs = require("fs").promises;
 require("log-timestamp");
 
-const { auth, checkUser, checkAdmin } = require("./auth");
-const mottovote = require("./mottovote");
+const { auth, checkUser, checkAdmin, checkSuperAdmin } = require("./auth");
+// const mottovote = require("./mottovote");
 const quotes = require("./quotes");
 const poll = require("./poll");
 const profile = require("./profile");
@@ -14,6 +14,7 @@ const admin = require("./admin");
 const questions = require("./questions");
 const prediction = require("./prediction");
 const secrets = require("./secrets");
+const superAdmin = require("./superadmin");
 
 const app = express();
 
@@ -44,6 +45,7 @@ app.use("/questions", checkUser, questions);
 app.use("/prediction", checkUser, prediction);
 app.use("/secrets", checkUser, secrets);
 app.use("/admin", checkAdmin, admin); // Lel
+app.use("/super", checkSuperAdmin, superAdmin);
 app.use("/auth", auth);
 
 app.get("/images", checkUser, async (req, res) => {
diff --git a/auth/index.js b/auth/index.js
index e8d23d0..b8f018e 100644
--- a/auth/index.js
+++ b/auth/index.js
@@ -127,4 +127,4 @@ app.get("/api/self", checkUser, async (req, res) => {
     }
 });
 
-module.exports = { auth: app, checkUser, checkAdmin };
+module.exports = { auth: app, checkUser, checkAdmin, checkSuperAdmin };
diff --git a/overview/public/index.html b/overview/public/index.html
index 7a25653..1c3e681 100644
--- a/overview/public/index.html
+++ b/overview/public/index.html
@@ -18,6 +18,7 @@
             <a href="" class="pure-menu-item pure-menu-link"></a>
             <a href="" class="pure-menu-item pure-menu-link"></a>
             <a href="" class="pure-menu-item pure-menu-link"></a>
+            <a href="" class="pure-menu-item pure-menu-link"></a>
         </div>
         <div class="card">
             <h2>Hallo, liebe RBS-Schüler*innen!</h2>
diff --git a/overview/public/script.js b/overview/public/script.js
index d7e5b71..3e56fc8 100644
--- a/overview/public/script.js
+++ b/overview/public/script.js
@@ -5,6 +5,7 @@ fetch("/auth/api/status")
         const first = document.querySelectorAll("a")[0];
         const second = document.querySelectorAll("a")[1];
         const third = document.querySelectorAll("a")[2];
+        const fourth = document.querySelectorAll("a")[3];
 
         if (!response.admin) third.style.display = "none";
 
@@ -17,6 +18,10 @@ fetch("/auth/api/status")
                 third.href = "/admin";
                 third.innerText = "Admin";
             }
+            if (response.superAdmin) {
+                fourth.href = "/super";
+                fourth.textContent = "Super-Duper-Admin-Spaß";
+            }
         } else {
             document.querySelectorAll("div.pure-menu")[0].style.display = "none";
         }
diff --git a/superadmin/index.js b/superadmin/index.js
new file mode 100644
index 0000000..d80ac17
--- /dev/null
+++ b/superadmin/index.js
@@ -0,0 +1,29 @@
+const express = require("express");
+const db = require("../db");
+const app = express.Router();
+const { checkSuperAdmin } = require("../auth");
+const { exec } = require("child_process");
+
+app.use("/", checkSuperAdmin, express.static(__dirname + "/public"))
+
+app.post("/api/query", checkSuperAdmin, async (req, res) => {
+    const { query } = req.body;
+    let s;
+    if (!query || !query.toLowerCase().startsWith("select") || (s = query.split(";")).length > 1 && s[1] !== "")
+        return res.status(403).json({ success: false });
+    try {
+        const response = await db.query(query);
+        res.json({ success: true, response });
+    } catch (e) {
+        res.json({ success: false, message: e });
+    }
+});
+
+app.get("/api/pull", checkSuperAdmin, (req, res) => {
+    exec("git pull", (error, stdout, stderr) => {
+        if (stderr) return res.json({ success: false, stderr, error });
+        return res.json({ success: true, stdout });
+    });
+});
+
+module.exports = app;
+\ No newline at end of file
diff --git a/superadmin/public/index.html b/superadmin/public/index.html
new file mode 100644
index 0000000..0085630
--- /dev/null
+++ b/superadmin/public/index.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1" />
+        <title>Super Admin</title>
+        <link
+                rel="stylesheet"
+                href="https://unpkg.com/purecss@2.0.3/build/pure-min.css"
+                integrity="sha384-cg6SkqEOCV1NbJoCu11+bm0NvBRc8IYLRGXkmNrqUBfTjmMYwNKPWBTIKyw9mHNJ"
+                crossorigin="anonymous"
+        />
+        <link rel="stylesheet" href="style.css" type="text/css" media="all" />
+    </head>
+    <body>
+        <header class="pure-menu pure-menu-horizontal">
+            <a href="/" class="pure-menu-item pure-menu-link">Home</a>
+            <a href="/admin" class="pure-menu-item pure-menu-link">Admin</a>
+        </header>
+        <main>
+            <h1>Super-Duper-Admin</h1>
+            <div>
+                <h3>Update code</h3>
+                <button class="pure-button pure-button-primary" id="pull-button">Pull code</button>
+                <div id="pull-response"></div>
+            </div>
+            <div>
+                <h3>SQL Select</h3>
+                <form class="pure-form" id="query-form">
+                    <textarea required placeholder="SELECT something"></textarea>
+                    <button type="submit" class="pure-button pure-button-primary">Query</button>
+                </form>
+                <table id="query-response"></table>
+            </div>
+        </main>
+        <script src="script.js"></script>
+    </body>
+</html>
+\ No newline at end of file
diff --git a/superadmin/public/script.js b/superadmin/public/script.js
new file mode 100644
index 0000000..282e846
--- /dev/null
+++ b/superadmin/public/script.js
@@ -0,0 +1,51 @@
+const pullButton = document.getElementById("pull-button");
+const pullResponse = document.getElementById("pull-response");
+
+const queryForm = document.getElementById("query-form");
+const queryResponse = document.getElementById("query-response");
+
+pullButton.addEventListener("click", async e => {
+    const resp = await fetch("api/pull");
+    const res = await resp.json();
+    if (res.success) {
+        pullResponse.textContent = res.stdout;
+    } else {
+        console.log(res.error);
+        pullResponse.textContent = res.stderr;//.replace(/\n/g, "\n\r");
+    }
+});
+
+queryForm.addEventListener("submit", async e => {
+    e.preventDefault();
+    const textarea = queryForm.querySelector("textarea");
+    const body = JSON.stringify({ query: textarea.value.trim() });
+    const resp = await fetch("api/query", {
+        method: "POST", body, headers: { "Content-Type": "application/json" }
+    });
+    const res = await resp.json();
+    while (queryResponse.children.length > 0) queryResponse.removeChild(queryResponse.children[0]);
+    if (res.success && res.response.length > 0) {
+        const keys = Object.keys(res.response[0]);
+        const head = document.createElement("thead");
+        for (const key of keys) {
+            const th = document.createElement("th");
+            th.textContent = key;
+            head.append(th);
+        }
+        for (const row of res.response) {
+            const tr = document.createElement("tr");
+            for (const colI in row) {
+                if (!row.hasOwnProperty(colI)) continue;
+                const td = document.createElement("td");
+                td.textContent = row[colI];
+                tr.append(td);
+            }
+            queryResponse.append(tr);
+        }
+        queryResponse.append(head);
+    } else if (!res.success && res.message) {
+        const span = document.createElement("span");
+        span.textContent = JSON.stringify(res.message);
+        queryResponse.append(span);
+    }
+});
+\ No newline at end of file
diff --git a/superadmin/public/style.css b/superadmin/public/style.css
new file mode 100644
index 0000000..e0a7352
--- /dev/null
+++ b/superadmin/public/style.css
@@ -0,0 +1,32 @@
+html,
+body {
+    padding: 0;
+    margin: 0;
+    height: 100%;
+    width: 100%;
+    color: #424242;
+    line-height: 1.6;
+    background-color: #eec0c6;
+    background-image: linear-gradient(315deg, #eec0c6 0%, #7ee8fa 74%);
+}
+
+main {
+    position: absolute;
+    max-height: calc(100% - 140px);
+    overflow-y: auto;
+    /*width: 80%;*/
+    width: fit-content;
+    width: -webkit-fit-content;
+    width: -moz-fit-content;
+    left: 50%;
+    top: 50%;
+    -webkit-transform: translate(-50%, -50%);
+    transform: translate(-50%, -50%);
+    padding: 20px;
+    border-radius: 10px;
+    background: white;
+}
+
+header {
+    background: white;
+}
+\ No newline at end of file
author	LarsVomMars	2021-01-31 01:36:25 +0100
committer	LarsVomMars	2021-01-31 01:36:25 +0100
commit	aba35eae1aa7b41719fa1fb6f43c622d06bc745c (patch)
tree	42d9d8789847b736535404e2766d1bca0d4e73b6
parent	434818de1de3cfa41b21fbc4b59bc0183339335a (diff)