webio-node/route/api/system.js
2017-03-22 13:35:45 +08:00

452 lines
16 KiB
JavaScript

const express = require('express');
const router = express.Router();
const rt = require('../ResTool');
const config = require('../../config.json');
const fs = require('fs');
const mysql = require('../../libs/mysql_cls');
const tool = require('../../includes/apiTool');
const exec = require('child_process').exec;
const so = require('../../includes/storeObject');
const crypt = require('../../libs/crypto');
router
.get('/', (req, res, n) => {
// res.db = new mysql();
// res.db.user = config.db.user;
// res.db.password = config.db.pass;
// res.db.host = config.db.host;
// res.db.port = config.db.port;
// res.db.database = config.db.db1;
// res.db.connect();
res.send({ name: 'WebIO System API' });
})
.post('/getnetwork', (req, res, n) => {
fs.exists(config.cmdpath.sysinfo, (exists) => {
if (!exists) return n('ERR0014');
fs.readFile(config.cmdpath.sysinfo, (err, d) => {
if (err) return n('ERR0014');
let str = d.toString().split(/\n/);
let arr = {};
for (var i in str) {
if (!str[i].trim()) continue;
let t = str[i].split(' ');
if (t.langth < 2) continue;
arr[t[0]] = t[1];
}
let data = {};
data.record = [arr];
res.api_res = data;
return n();
});
});
})
.post('/updatenetwork', (req, res, n) => {
let arr = req.body;
if (!tool.checkPermission(req)) return n('ERR9000');
if (!arr.data) return n('ERR0000');
if (!arr.data.type) return n('ERR0009');
if (arr.data.type == 'manual') {
if (!arr.data.ip) return n('ERR0010');
if (!arr.data.netmask) return n('ERR0011');
if (!arr.data.gateway) return n('ERR0012');
if (!arr.data.dns) return n('ERR0013');
}
let cmd = '';
if (arr.data.type == 'manual') {
cmd = `echo "${arr.data.ip}" "${arr.data.gateway}" "${arr.data.netmask}" "${arr.data.dns}" > ${config.cmdpath.manualip}`;
} else {
cmd = `touch ${config.cmdpath.dhcpip}`;
}
if (cmd.length > 0) {
exec(cmd, (err, sout, serr) => {
let data = {};
data.record = [];
res.api_res = data;
return n();
});
}
})
.post('/gettime', (req, res, n) => {
let cmd = 'date +%s';
exec(cmd, (err, sout, serr) => {
let time = parseInt(sout);
let data = {};
data.record = [{ time }];
res.api_res = data;
return n();
});
})
.post('/updatetime', (req, res, n) => {
let arr = req.body;
if (!tool.checkPermission(req)) return n('ERR9000');
if (!arr.data) return n('ERR0000');
if (!arr.data.time || !/^[0-9]{12}$/.test(arr.data.time)) return n('ERR0015');
let cmd = `echo "${arr.data.time}" > ${config.cmdpath.settime}`;
exec(cmd, (err, sout, serr) => {
let data = {};
data.record = [];
res.api_res = data;
return n();
});
})
.post('/login', (req, res, n) => {
let arr = req.body;
if (!arr.data) return n('ERR0000');
if (!arr.data.account) return n('ERR0016');
if (!arr.data.password) return n('ERR0017');
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let query = "select * from ??.?? where `account` = ? and `user_password` = ?";
res.db.query(query, [config.db.db1, 'userlist', arr.data.account, arr.data.password], (err, row) => {
if (err) return n('ERR8000');
if (row.length == 0) return n('ERR0019');
delete row[0]['user_password'];
let token = '';
while (true) {
token = crypt.random(15);
if (!so.chkKey(token)) break;
}
so.set(token, { user: row[0] });
let data = {};
data.record = row;
data.rt = {}
data.rt.permission = [];
let tmp = {};
for(let i in config.permission) {
if(config.permission[i]){
tmp[i] = true;
}
}
data.rt.permission.push(tmp);
data.token = token;
res.api_res = data;
return n();
});
})
.post('/logout', (req, res, n) => {
let token = req.headers['x-auth-token'];
if (token) {
so.del(token);
}
let data = {};
data.record = [];
res.api_res = data;
return n();
})
.post(['/getuserlist', '/getuser'], (req, res, n) => {
let s = false;
let arr = req.body;
if (req.url == '/getuser') {
s = true;
if (!arr.data) return n('ERR0000');
if (!arr.data.account) return n('ERR0016');
}
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let query = "select * from ??.??";
let param = [config.db.db1, 'userlist']
if (s) {
query += " where `account` = ?";
param.push(arr.data.account);
}
res.db.query(query, param, (err, row) => {
if (err) return n('ERR8000');
for (var i in row) {
delete row[i]['user_password'];
}
let data = {};
data.record = row;
res.api_res = data;
return n();
})
})
.post('/deluser', (req, res, n) => {
let arr = req.body;
if (!tool.checkPermission(req)) return n('ERR9000');
if (!arr.data) return n('ERR0000');
if (!arr.data.account) return n('ERR0016');
if (arr.data.account == 'admin') return n('ERR0037');
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let query = "delete from ??.?? where `account` = ?";
let param = [config.db.db1, 'userlist', arr.data.account];
res.db.query(query, param, (err, row) => {
if (err) return n('ERR0020');
let data = {};
data.record = [];
res.api_res = data;
return n();
});
})
.post('/edituser', (req, res, n) => {
let arr = req.body;
if (!tool.checkPermission(req)) return n('ERR9000');
if (!arr.data) return n('ERR0000');
if (!arr.data.account) return n('ERR0016');
let w = arr.data.write_privilege && arr.data.write_privilege == '1' ? 1 : 0;
let r = arr.data.read_privilege && arr.data.read_privilege == '1' ? 1 : 0;
let pass = typeof arr.data.password == 'string' && arr.data.password.length > 0 ? arr.data.password : '';
if(arr.data.account == 'admin') {
w = 1;
r = 1;
}
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let query = "update ??.?? set `write_privilege` = ? , `read_privilege` = ? " +
(pass.length > 0 ? " , `user_password` = ? " : "") + " where `account` = ? ";
let param = [config.db.db1, 'userlist', w.toString(), r.toString()];
if (pass.length > 0) param.push(pass);
param.push(arr.data.account);
res.db.query(query, param, (err, row) => {
if (err) return n('ERR0021');
let data = {};
data.record = [];
res.api_res = data;
return n();
});
})
.post('/adduser', (req, res, n) => {
let arr = req.body;
if (!tool.checkPermission(req)) return n('ERR9000');
if (!arr.data) return n('ERR0000');
if (!arr.data.account) return n('ERR0016');
if (!arr.data.password) return n('ERR0017');
let w = arr.data.write_privilege && arr.data.write_privilege == '1' ? 1 : 0;
let r = arr.data.read_privilege && arr.data.read_privilege == '1' ? 1 : 0;
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let query = "insert into ??.?? (`account`,`user_password`,`write_privilege`,`read_privilege`,`user_add_date`) values (?,?,?,?,unix_timestamp())";
let param = [config.db.db1, 'userlist', arr.data.account, arr.data.password, w.toString(), r.toString()];
res.db.query(query, param, (err, row) => {
if (err) return n('ERR0022');
let data = {};
data.record = [];
res.api_res = data;
return n();
});
})
.post('/dashboard', (req, res, n) => {
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
let data = {
record: [],
rt: {}
};
data.rt['time'] = [{
time: Date.now()
}];
res.api_res = data;
let pros = [];
pros.push(new Promise((resolve, reject) => {
fs.exists(config.cmdpath.sysinfo, exists => {
if (!exists) return resolve({ data: [], key: 'sysinfo' });
fs.readFile(config.cmdpath.sysinfo, (err, d) => {
if (err) return resolve({ data: [], key: 'sysinfo' });
let s = d.toString();
let tmp = s.split(/\n/);
for (let i in tmp) {
if (!tmp[i].trim()) continue;
let tt = tmp[i].split(' ');
if (tt.length > 1 && /^ip$/i.test(tt[0])) {
return resolve({ data: [{ ip: tt[1] }], key: 'sysinfo' });
}
}
});
});
}));
pros.push(new Promise((resolve, reject) => {
fs.exists(config.cmdpath.version, exists => {
if (!exists) return resolve({ data: [], key: 'version' });
fs.readFile(config.cmdpath.version, (err, d) => {
if (err) return resolve({ data: [], key: 'version' });
return resolve({ data: [{ version: d.toString().replace(/\n/, '') }], key: 'version' });
});
});
}));
if (config.permission.dio) {
pros.push(new Promise((resolve, reject) => {
let q = "select `diname`, `diid`, `diuid` from ??.?? ";
let p = [config.db.db1, 'dilist'];
res.db.query(q, p, (err, row) => {
if (err) return resolve({ data: [], key: 'di' });
let c = row.length;
let td = [];
! function chkdi(json) {
if (!json) return;
exec(`ditchk ${json.diid.replace(/^di([0-9]+)$/, '$1')}`, (err, sout, serr) => {
if (err) {
chkdi(row.pop());
if (!--c) return resolve({ data: td, key: 'di' });
return;
}
if (sout == 1) td.push(json);
chkdi(row.pop());
if (!--c) return resolve({ data: td, key: 'di' });
return;
});
}(row.pop());
});
}));
}
if (config.permission.leone) {
pros.push(new Promise((resolve, reject) => {
tool.getLeoneRT(rts => {
let ips = []
for (let i in rts) {
if (rts[i].mode == '9999') {
ips.push(rts[i].ip);
}
}
let q = "select * from ??.?? where `leoneip` in (?) order by `leonelistuid` desc ";
let p = [config.db.db1, 'leonelist', ips];
res.db.query(q, p, (err, row) => {
if (err) return resolve({ data: [], key: 'leone' });
return resolve({ data: row, key: 'leone' });
});
});
}));
}
Promise.all(pros)
.then(r => {
for (let i in r) {
if (r[i].key == 'di') {
data.rt.di = r[i].data;
} else if (r[i].key == 'leone') {
data.rt.leone = r[i].data;
} else if (r[i].key == 'sysinfo') {
data.rt.ip = r[i].data;
} else if (r[i].key == 'version') {
data.rt.version = r[i].data;
}
}
return n();
})
.catch(e => {
return n();
});
})
.post('/getselectlist', (req, res, n) => {
let arr = req.body;
if (!arr.data) return n('ERR0000');
if (!arr.data.type) return n('ERR0009');
res.db = new mysql();
res.db.user = config.db.user;
res.db.password = config.db.pass;
res.db.host = config.db.host;
res.db.port = config.db.port;
res.db.database = config.db.db1;
res.db.connect();
res.api_res = {
record: []
};
let pro = null;
let q, p;
switch (arr.data.type) {
case 'do':
q = "select `doname` as name, `douid` as id from ??.??";
p = [config.db.db1, 'dolist'];
pro = tool.promiseQuery(res, q, p, '');
break;
case 'di':
q = "select `diname` as name, `diuid` as id from ??.??";
p = [config.db.db1, 'dilist'];
pro = tool.promiseQuery(res, q, p, '');
break;
case 'leone':
q = "select `leonename` as name, `leonelistuid` as id from ??.??";
p = [config.db.db1, 'leonelist'];
pro = tool.promiseQuery(res, q, p, '');
break;
case 'iogroup':
q = "select `iogroupname` as name, `iogroupuid` as id from ??.??";
p = [config.db.db1, 'iogroup'];
pro = tool.promiseQuery(res, q, p, '');
break;
default:
return n();
}
pro.then(r => {
if('data' in r) {
res.api_res.record = tool.checkArray(r.data);
}
return n();
}).catch(e => {
return n();
})
})
.all('*', rt.send);
module.exports = router;