paulmataruso/patchmon.net
1
0
Fork 0
mirror of https://github.com/9technologygroup/patchmon.net.git synced 2025-11-15 11:21:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated frontend to snake_case and fixed bugs with some pages that were not showing. Fixed authentication side.

Browse Source
This commit is contained in:
Muhammad Ibrahim
2025-09-21 20:27:47 +01:00
parent 875ab31317
commit 2de80f0c06
22 changed files with 581 additions and 385 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/src/middleware/auth.js
View File

@@ -25,7 +25,9 @@ const authenticateToken = async (req, res, next) => {
email: true,
role: true,
is_active: true,
last_login: true
last_login: true,
created_at: true,
updated_at: true
}
});
@@ -79,7 +81,10 @@ const optionalAuth = async (req, res, next) => {
username: true,
email: true,
role: true,
is_active: true
is_active: true,
last_login: true,
created_at: true,
updated_at: true
}
});

24
backend/src/middleware/permissions.js
View File

@@ -20,7 +20,7 @@ const requirePermission = (permission) => {
if (!rolePermissions[permission]) {
return res.status(403).json({
error: 'Insufficient permissions',
message: `You don't have permission to ${permission.replace('can', '').toLowerCase()}`
message: `You don't have permission to ${permission.replace('can_', '').replace('_', ' ')}`
});
}
@@ -32,17 +32,17 @@ const requirePermission = (permission) => {
};
};
// Specific permission middlewares
const requireViewDashboard = requirePermission('canViewDashboard');
const requireViewHosts = requirePermission('canViewHosts');
const requireManageHosts = requirePermission('canManageHosts');
const requireViewPackages = requirePermission('canViewPackages');
const requireManagePackages = requirePermission('canManagePackages');
const requireViewUsers = requirePermission('canViewUsers');
const requireManageUsers = requirePermission('canManageUsers');
const requireViewReports = requirePermission('canViewReports');
const requireExportData = requirePermission('canExportData');
const requireManageSettings = requirePermission('canManageSettings');
// Specific permission middlewares - using snake_case field names
const requireViewDashboard = requirePermission('can_view_dashboard');
const requireViewHosts = requirePermission('can_view_hosts');
const requireManageHosts = requirePermission('can_manage_hosts');
const requireViewPackages = requirePermission('can_view_packages');
const requireManagePackages = requirePermission('can_manage_packages');
const requireViewUsers = requirePermission('can_view_users');
const requireManageUsers = requirePermission('can_manage_users');
const requireViewReports = requirePermission('can_view_reports');
const requireExportData = requirePermission('can_export_data');
const requireManageSettings = requirePermission('can_manage_settings');
module.exports = {
requirePermission,

10
backend/src/routes/authRoutes.js
View File

@@ -426,6 +426,10 @@ router.post('/login', [
email: true,
password_hash: true,
role: true,
is_active: true,
last_login: true,
created_at: true,
updated_at: true,
tfa_enabled: true
}
});
@@ -468,7 +472,11 @@ router.post('/login', [
id: user.id,
username: user.username,
email: user.email,
role: user.role
role: user.role,
is_active: user.is_active,
last_login: user.last_login,
created_at: user.created_at,
updated_at: user.updated_at
}
});
} catch (error) {

22
backend/src/routes/hostRoutes.js
View File

@@ -134,7 +134,7 @@ const validateApiCredentials = async (req, res, next) => {
// Admin endpoint to create a new host manually (replaces auto-registration)
router.post('/create', authenticateToken, requireManageHosts, [
body('friendlyName').isLength({ min: 1 }).withMessage('Friendly name is required'),
body('friendly_name').isLength({ min: 1 }).withMessage('Friendly name is required'),
body('hostGroupId').optional()
], async (req, res) => {
try {
@@ -143,14 +143,14 @@ router.post('/create', authenticateToken, requireManageHosts, [
return res.status(400).json({ errors: errors.array() });
}
const { friendlyName, hostGroupId } = req.body;
const { friendly_name, hostGroupId } = req.body;
// Generate unique API credentials for this host
const { apiId, apiKey } = generateApiCredentials();
// Check if host already exists
const existingHost = await prisma.hosts.findUnique({
where: { friendly_name: friendlyName }
where: { friendly_name: friendly_name }
});
if (existingHost) {
@@ -172,7 +172,7 @@ router.post('/create', authenticateToken, requireManageHosts, [
const host = await prisma.hosts.create({
data: {
id: uuidv4(),
friendly_name: friendlyName,
friendly_name: friendly_name,
os_type: 'unknown', // Will be updated when agent connects
os_version: 'unknown', // Will be updated when agent connects
ip: null, // Will be updated when agent connects
@@ -786,7 +786,7 @@ router.delete('/:hostId', authenticateToken, requireManageHosts, async (req, res
// Toggle host auto-update setting
router.patch('/:hostId/auto-update', authenticateToken, requireManageHosts, [
body('autoUpdate').isBoolean().withMessage('Auto-update must be a boolean')
body('auto_update').isBoolean().withMessage('Auto-update must be a boolean')
], async (req, res) => {
try {
const errors = validationResult(req);
@@ -795,12 +795,12 @@ router.patch('/:hostId/auto-update', authenticateToken, requireManageHosts, [
}
const { hostId } = req.params;
const { autoUpdate } = req.body;
const { auto_update } = req.body;
const host = await prisma.hosts.update({
where: { id: hostId },
data: {
auto_update: autoUpdate,
auto_update: auto_update,
updated_at: new Date()
}
});
@@ -1011,7 +1011,7 @@ router.delete('/agent/versions/:versionId', authenticateToken, requireManageSett
// Update host friendly name (admin only)
router.patch('/:hostId/friendly-name', authenticateToken, requireManageHosts, [
body('friendlyName').isLength({ min: 1, max: 100 }).withMessage('Friendly name must be between 1 and 100 characters')
body('friendly_name').isLength({ min: 1, max: 100 }).withMessage('Friendly name must be between 1 and 100 characters')
], async (req, res) => {
try {
const errors = validationResult(req);
@@ -1020,7 +1020,7 @@ router.patch('/:hostId/friendly-name', authenticateToken, requireManageHosts, [
}
const { hostId } = req.params;
const { friendlyName } = req.body;
const { friendly_name } = req.body;
// Check if host exists
const host = await prisma.hosts.findUnique({
@@ -1034,7 +1034,7 @@ router.patch('/:hostId/friendly-name', authenticateToken, requireManageHosts, [
// Check if friendly name is already taken by another host
const existingHost = await prisma.hosts.findFirst({
where: {
friendly_name: friendlyName,
friendly_name: friendly_name,
id: { not: hostId }
}
});
@@ -1046,7 +1046,7 @@ router.patch('/:hostId/friendly-name', authenticateToken, requireManageHosts, [
// Update the friendly name
const updatedHost = await prisma.hosts.update({
where: { id: hostId },
data: { friendly_name: friendlyName },
data: { friendly_name: friendly_name },
select: {
id: true,
friendly_name: true,

20
backend/src/routes/permissionsRoutes.js
View File

@@ -153,16 +153,16 @@ router.get('/user-permissions', authenticateToken, async (req, res) => {
// If no specific permissions found, return default admin permissions
return res.json({
role: userRole,
canViewDashboard: true,
canViewHosts: true,
canManageHosts: true,
canViewPackages: true,
canManagePackages: true,
canViewUsers: true,
canManageUsers: true,
canViewReports: true,
canExportData: true,
canManageSettings: true,
can_view_dashboard: true,
can_view_hosts: true,
can_manage_hosts: true,
can_view_packages: true,
can_manage_packages: true,
can_view_users: true,
can_manage_users: true,
can_view_reports: true,
can_export_data: true,
can_manage_settings: true,
});
}

12
backend/src/routes/tfaRoutes.js
View File

@@ -16,7 +16,7 @@ router.get('/setup', authenticateToken, async (req, res) => {
// Check if user already has TFA enabled
const user = await prisma.users.findUnique({
where: { id: userId },
select: { tfaEnabled: true, tfaSecret: true }
select: { tfa_enabled: true, tfa_secret: true }
});
if (user.tfa_enabled) {
@@ -86,7 +86,7 @@ router.post('/verify-setup', authenticateToken, [
// Verify the token
const verified = speakeasy.totp.verify({
secret: user.tfaSecret,
secret: user.tfa_secret,
encoding: 'base32',
token: token,
window: 2 // Allow 2 time windows (60 seconds) for clock drift
@@ -201,7 +201,7 @@ router.post('/regenerate-backup-codes', authenticateToken, async (req, res) => {
// Check if TFA is enabled
const user = await prisma.users.findUnique({
where: { id: userId },
select: { tfaEnabled: true }
select: { tfa_enabled: true }
});
if (!user.tfa_enabled) {
@@ -219,7 +219,7 @@ router.post('/regenerate-backup-codes', authenticateToken, async (req, res) => {
await prisma.users.update({
where: { id: userId },
data: {
tfaBackupCodes: JSON.stringify(backupCodes)
tfa_backup_codes: JSON.stringify(backupCodes)
}
});
@@ -265,7 +265,7 @@ router.post('/verify', [
}
// Check if it's a backup code
const backupCodes = user.tfaBackupCodes ? JSON.parse(user.tfaBackupCodes) : [];
const backupCodes = user.tfa_backup_codes ? JSON.parse(user.tfa_backup_codes) : [];
const isBackupCode = backupCodes.includes(token);
let verified = false;
@@ -276,7 +276,7 @@ router.post('/verify', [
await prisma.users.update({
where: { id: user.id },
data: {
tfaBackupCodes: JSON.stringify(updatedBackupCodes)
tfa_backup_codes: JSON.stringify(updatedBackupCodes)
}
});
verified = true;