1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
const express = require("express");
const db = require("../db");
const app = express.Router();
const { checkSuperAdmin } = require("../auth");
const { exec } = require("child_process");
app.use("/", checkSuperAdmin, express.static(__dirname + "/public"))
app.post("/api/query", checkSuperAdmin, async (req, res) => {
const { query } = req.body;
let s;
if (!query || !query.toLowerCase().startsWith("select") || (s = query.split(";")).length > 1 && s[1] !== "")
return res.status(403).json({ success: false });
try {
const response = await db.query(query);
res.json({ success: true, response });
} catch (e) {
res.json({ success: false, message: e });
}
});
app.get("/api/pull", checkSuperAdmin, (req, res) => {
exec("git pull", (error, stdout, stderr) => {
if (stderr) return res.json({ success: false, stderr, error });
return res.json({ success: true, stdout });
});
});
module.exports = app;
|
