0ct0pu5/pangolin
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of https://github.com/fosrl/pangolin

Browse source
This commit is contained in:
Milo Schwartz 2024-12-24 15:37:04 -05:00
commit b3d371c01e
No known key found for this signature in database
6 changed files with 141 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/db/schema.ts
View file

@ -130,8 +130,10 @@ export const userOrgs = sqliteTable("userOrgs", {
.notNull()
.references(() => users.userId),
orgId: text("orgId")
.notNull()
.references(() => orgs.orgId),
.references(() => orgs.orgId, {
onDelete: "cascade"
})
.notNull(),
roleId: integer("roleId")
.notNull()
.references(() => roles.roleId),

3
server/middlewares/verifyUserIsOrgOwner.ts
View file

@ -27,7 +27,6 @@ export async function verifyUserIsOrgOwner(
)
);
}
try {
if (!req.userOrg) {
const res = await db
@ -56,6 +55,8 @@ export async function verifyUserIsOrgOwner(
)
);
}
return next();
} catch (e) {
return next(
createHttpError(

17
server/routers/org/deleteOrg.ts
View file

@ -24,6 +24,10 @@ const deleteOrgSchema = z
})
.strict();
export type DeleteOrgResponse = {
}
export async function deleteOrg(
req: Request,
res: Response,
@ -41,7 +45,6 @@ export async function deleteOrg(
}
const { orgId } = parsedParams.data;
// Check if the user has permission to list sites
const hasPermission = await checkUserActionPermission(
ActionsEnum.deleteOrg,
@ -55,7 +58,6 @@ export async function deleteOrg(
)
);
}
const [org] = await db
.select()
.from(orgs)
@ -70,7 +72,6 @@ export async function deleteOrg(
)
);
}
// we need to handle deleting each site
const orgSites = await db
.select()
@ -97,20 +98,20 @@ export async function deleteOrg(
sendToClient(deletedNewt.newtId, payload);
// delete all of the sessions for the newt
db.delete(newtSessions)
await db.delete(newtSessions)
.where(
eq(newtSessions.newtId, deletedNewt.newtId)
)
.run();
);
}
}
}
db.delete(sites).where(eq(sites.siteId, site.siteId)).run();
logger.info(`Deleting site ${site.siteId}`);
await db.delete(sites).where(eq(sites.siteId, site.siteId))
}
}
await db.delete(orgs).where(eq(orgs.orgId, orgId)).returning();
await db.delete(orgs).where(eq(orgs.orgId, orgId));
return response(res, {
data: null,

4
server/routers/site/getSite.ts
View file

@ -28,6 +28,7 @@ export type GetSiteResponse = {
name: string;
subdomain: string;
subnet: string;
type: string;
};
export async function getSite(
@ -81,7 +82,8 @@ export async function getSite(
siteId: site[0].siteId,
niceId: site[0].niceId,
name: site[0].name,
subnet: site[0].subnet
subnet: site[0].subnet,
type: site[0].type
},
success: true,
error: false,

46
src/app/[orgId]/settings/general/page.tsx
View file

@ -30,6 +30,9 @@ import {
CardHeader,
CardTitle
} from "@/components/ui/card";
import { AxiosResponse } from "axios";
import { DeleteOrgResponse, ListOrgsResponse } from "@server/routers/org";
import { redirect, useRouter } from "next/navigation";
const GeneralFormSchema = z.object({
name: z.string()
@ -41,6 +44,7 @@ export default function GeneralPage() {
const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false);
const { orgUser } = userOrgUserContext();
const router = useRouter();
const { org } = useOrgContext();
const { toast } = useToast();
const api = createApiClient(useEnvContext());
@ -54,17 +58,55 @@ export default function GeneralPage() {
});
async function deleteOrg() {
await api.delete(`/org/${org?.org.orgId}`).catch((e) => {
try {
const res = await api.delete<AxiosResponse<DeleteOrgResponse>>(
`/org/${org?.org.orgId}`
);
if (res.status === 200) {
pickNewOrgAndNavigate();
}
} catch (err) {
console.error(err);
toast({
variant: "destructive",
title: "Failed to delete org",
description: formatAxiosError(
e,
err,
"An error occurred while deleting the org."
)
});
}
}
async function pickNewOrgAndNavigate() {
try {
const res = await api.get<AxiosResponse<ListOrgsResponse>>(
`/orgs`
);
if (res.status === 200) {
if (res.data.data.orgs.length > 0) {
const orgId = res.data.data.orgs[0].orgId;
// go to `/${orgId}/settings`);
router.push(`/${orgId}/settings`);
} else {
// go to `/setup`
router.push("/setup");
}
}
} catch (err) {
console.error(err);
toast({
variant: "destructive",
title: "Failed to fetch orgs",
description: formatAxiosError(
err,
"An error occurred while listing your orgs"
)
});
}
}
async function onSubmit(data: GeneralFormValues) {
await api

80
src/app/[orgId]/settings/resources/[resourceId]/connectivity/page.tsx
View file

@ -51,6 +51,7 @@ import { ArrayElement } from "@server/types/ArrayElement";
import { formatAxiosError } from "@app/lib/utils";
import { useEnvContext } from "@app/hooks/useEnvContext";
import { createApiClient } from "@app/api";
import { GetSiteResponse } from "@server/routers/site";
const addTargetSchema = z.object({
ip: z.string().ip(),
@ -85,6 +86,7 @@ export default function ReverseProxyTargets(props: {
const api = createApiClient(useEnvContext());
const [targets, setTargets] = useState<LocalTarget[]>([]);
const [site, setSite] = useState<GetSiteResponse>();
const [targetsToRemove, setTargetsToRemove] = useState<number[]>([]);
const [sslEnabled, setSslEnabled] = useState(resource.ssl);
@ -103,7 +105,7 @@ export default function ReverseProxyTargets(props: {
});
useEffect(() => {
const fetchSites = async () => {
const fetchTargets = async () => {
try {
const res = await api.get<AxiosResponse<ListTargetsResponse>>(
`/resource/${params.resourceId}/targets`,
@ -126,7 +128,30 @@ export default function ReverseProxyTargets(props: {
setPageLoading(false);
}
};
fetchSites();
fetchTargets();
const fetchSite = async () => {
try {
const res = await api.get<AxiosResponse<GetSiteResponse>>(
`/site/${resource.siteId}`,
);
if (res.status === 200) {
setSite(res.data.data);
}
} catch (err) {
console.error(err);
toast({
variant: "destructive",
title: "Failed to fetch resource",
description: formatAxiosError(
err,
"An error occurred while fetching resource",
),
});
}
}
fetchSite();
}, []);
async function addTarget(data: AddTargetFormValues) {
@ -146,6 +171,20 @@ export default function ReverseProxyTargets(props: {
return;
}
if (site && site.type == "wireguard" && site.subnet) {
// make sure that the target IP is within the site subnet
const targetIp = data.ip;
const subnet = site.subnet;
if (!isIPInSubnet(targetIp, subnet)) {
toast({
variant: "destructive",
title: "Invalid target IP",
description: "Target IP must be within the site subnet",
});
return;
}
}
const newTarget: LocalTarget = {
...data,
enabled: true,
@ -602,3 +641,40 @@ export default function ReverseProxyTargets(props: {
</>
);
}
function isIPInSubnet(subnet: string, ip: string): boolean {
// Split subnet into IP and mask parts
const [subnetIP, maskBits] = subnet.split('/');
const mask = parseInt(maskBits);
if (mask < 0 || mask > 32) {
throw new Error('Invalid subnet mask. Must be between 0 and 32.');
}
// Convert IP addresses to binary numbers
const subnetNum = ipToNumber(subnetIP);
const ipNum = ipToNumber(ip);
// Calculate subnet mask
const maskNum = mask === 32 ? -1 : ~((1 << (32 - mask)) - 1);
// Check if the IP is in the subnet
return (subnetNum & maskNum) === (ipNum & maskNum);
}
function ipToNumber(ip: string): number {
// Validate IP address format
const parts = ip.split('.');
if (parts.length !== 4) {
throw new Error('Invalid IP address format');
}
// Convert IP octets to 32-bit number
return parts.reduce((num, octet) => {
const oct = parseInt(octet);
if (isNaN(oct) || oct < 0 || oct > 255) {
throw new Error('Invalid IP address octet');
}
return (num << 8) + oct;
}, 0);
}