RubyGems - web_sandbox_console - Versions diffs - 0.2.0 → 0.3.0 - Mend

web_sandbox_console 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 59bdbe60c0c4fa3569ef776901c06e5519cdd804fd905fe1c81e15cfd269157c
-  data.tar.gz: d71b8d16c04d900fb270f196d1e2bf89b71e77ca2620e48bfdc178158637e5a6
+  metadata.gz: c4c806cc25ee28c518675afdae02525a3c36f201b4e7d1e282b0924afba91725
+  data.tar.gz: f6cbacc2cea644ca0baf438b2c8080e92ef9b6d28ab10305c0cf897beac04723
 SHA512:
-  metadata.gz: a8f4487e10e9796fbaefa3ee6d4f8b3112e493adf165d6cacaefa71a6975d436e849ce65ad97af3ba76ad5b3261787bcc15db205576a284120a0fae50f9ce74e
-  data.tar.gz: d5395e322921350c55bd3e936782cac340e6f772e075166c81860378c695e79a4711b91016d06590d58384dc812084feef4496a739f64c24acf560b017655343
+  metadata.gz: 7ac31b27cb734fe08a57be44e8295f03497a95bfb7720881349497a89b5465ffd39a86700d8a4b2fee2a00c4da318da13e514fe96d646d53572abe80edd682c2
+  data.tar.gz: 5c3d3ec3910f929ffba5f6bca090e55752f3c82c162b22ceeb1b7a48c91b321d5d00076602cb8aca45715f8cdafbc4377d2e0db5a59ed4759085798cfe4a984a

data/README.md CHANGED

@@ -18,17 +18,22 @@ gem 'web_sandbox_console'
 $ bundle
 ```
-此时，如果是在本地，你访问 `http://localhost:3000/web_sandbox_console` 就能看到web控制台了。
+此时，如果是在本地，你访问 `http://localhost:3000/web_sandbox_console` 就能看到web控制台了,下面这个样子。
+![Snip20200625_1.png](https://i.loli.net/2020/06/25/ZD5Ns2HzfME4Whx.png)
 ## 配置
-在bundle后 你就可以正常使用gem了，如果你需要配置的话，才用来看这步
+```
+在bundle后,就可以使用一些基础的功能了；
+如果你不满足基础的功能、或者需要更高的安全性，很有必要仔细了解配置选项，总之还是很推荐对项目进行适当配置；
+关于配置的详细介绍，在生成的文件中也有详细的说明，参照说明配置即可；
+```
 在 rails 项目路径下,执行：
 ```bash
 $ rails g web_sandbox_console
 ```
-这会在项目路径下,创建如下文件（文件中已详细说明用法）
+这会在项目路径下,创建如下文件（即配置文件）
 ```ruby
 # config/initializers/web_sandbox_console.rb
@@ -50,22 +55,79 @@ WebSandboxConsole.setup do |config|
   # # 配置 黑名单 实例方法
   # config.instance_method_blacklist = {Kernel: %i(system exec `),File: %i(chmod chown)}
-  # 文件黑名单列表 （如果是目录 则目录下所有文件都不用）目录以 / 结尾
+  # 文件黑名单列表 （如果是目录 则目录下所有文件都不可用）目录以 / 结尾
   # 默认都是项目路径下的
   # config.view_file_blacklist = %w(config/secrets.yml vendor/)
+  # 配置 文件权限，是否仅能查看log文件,默开启
+  #config.only_view_log_file = false
+  # 通过非对称加密方式 升级权限，授权通过后，可获得执行数据权限（PS: 数据操作不再回滚）
+  # config.public_key = "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"
   # # 配置 日志路径 默认路径位于项目下
   # config.console_log_path = "log/web_sandbox_console.log"
 end
 ```
-## other
-查看目录或文件路径： `/web_sandbox_console/view_file`
-除了可以查询一些数据外，还可以查看项目路径下任何文件或目录，如果你输入的是一个目录，那么会查出此目录下的文件/目录；如果你输入的是文件，那么将查出文件的内容，默认查看文件的第一行 到 100行，当然你也可以指定你需要查找的行；
+## 深入了解
+主要包含两大功能快：代码执行、文件查看，下面分别介绍
+### 代码执行
+1. 提交和异步执行
+> 提交后代码会立即执行；如果点击异步执行，则代码会在后台异步执行，这对于需要执行非常耗时的代码，强烈建议异步执行；
+2. 升级权限
+![Snip20200625_2.png](https://i.loli.net/2020/06/25/GQXlpwLryjtVfdO.png)
+```
+通常你能做的操作就是，查查数据等，数据的所有操作都不会写入到数据库，这样很安全；但是每当你需要修改数据时，还是需要让运维处理；为了满足可以数据写入、和安全性的要求；开发了升级权限这个功能。
+升级权限你需要在配置文件中配置公钥，自己保存私匙；整个过程采用非对称加密的方式，进行授权，还是比较安全的。
+升级授权成功后，代码执行将不再回滚，会直接写入数据库。
+```
+升级权限流程如下：
+> -  `config/initializers/web_sandbox_console.rb`配置公钥
+> - 进入授权页面，点击获取令牌 `web_sandbox_console/auth_page`
+> - 用私钥对令牌加密，然后用base64加密
+> - 将加密的打印结果（注意是puts 文本）,输入加密密文框，提交
+```ruby
+# 本地生成 加密密文代码
+require 'openssl'
+require 'base64'
+private_key = "你的私钥"
+p_key = OpenSSL::PKey::RSA.new private_key
+secret_text = p_key.private_encrypt("你的令牌")
+encode_text = Base64.encode64(secret_text)
+puts encode_text
+```
+### 文件查看
+![Snip20200625_3.png](https://i.loli.net/2020/06/25/ZtaeGlUpc4fJFgW.png)
+1. 目录和文件
+> 你可以查看一个目录下有哪些文件夹或文件，你也可以直接查看文件的内容，默认返回一个文件的前100行
+2. 指定行数
+```
+你可以根据文件总行数，指定查看文件的开始行数、结束行数。
+PS: a. 在过滤文件（过滤内容/过滤时间）的时候，此时指定行数将被忽略
+    b. 对于大文件（默认超过10M)，处于性能考虑，此时指定行数也会被忽略
+```
+3. 过滤
+```
+需要特别说明的是，过滤时间是针对日志文件写的，因此如果是非日志文件，将不会有任何效果。
+建议：出于性能考虑，过滤时候尽量缩小时间范围
+```
+4. 权限
-如果一个文件特别大，超过10M,此时将查找文件的最后200行，指定行数将无效;当然也可在配置文件中，配置哪些文件不可查看，哪些目录不可以查看，如果指定的是目录，那么目录下的所有子文件或目录都无权查看.
+> 默认情况，只能查看日志文件或目录，当然你也可以去配置做调整。
-![Snip20200508_1.png](https://i.loli.net/2020/05/08/3N8Q7pnzroq9Byw.png)
 ## Contributing
 Contribution directions go here.

data/app/assets/stylesheets/web_sandbox_console/application.css CHANGED

@@ -18,6 +18,47 @@
   line-height: 18px;
  }
+.tip {
+  color: red;
+  font-size: 12px;
+}
+.fr {
+  float: right;
+}
+.fl {
+  float: left;
+}
+.h250{
+  height: 250px;
+}
+.margin-t-10{
+  margin-top: 10px;
+}
+.margin-t-100{
+  margin-top: 100px;
+}
+.margin-b-20{
+  margin-bottom: 20px;
+}
+.text_area_div {
+  height: 250px;
+  width: 88%;
+  display: inline-block;
+}
+.submit_div {
+  height: 250px;
+  width: 9%;
+  display: inline-block;
+}
 .container{
   margin: 20px 15px;
 }
@@ -35,9 +76,10 @@
   .text_area_box{
     font-size: 15px;
-    height: 150px;
-    width: 500px;
+    height: 100%;
+    width: 95%;
     border-width: 2px;
+    overflow: auto;
   }
   .clear-button{
@@ -48,6 +90,7 @@
     color: white;
     cursor: pointer;
     border-radius: 5px;
+    border: red;
   }
   .send-button{
@@ -66,4 +109,15 @@
     font-size: 15px;
     color: 15px;
     cursor: pointer;
-  }
+    border: red;
+  }
+  button,input{
+   outline:none;
+ }
+ button:focus,input:focus,textarea:focus {
+   outline: none;
+   border: 1px solid #272822;
+ }

data/app/assets/stylesheets/web_sandbox_console/home.css CHANGED

@@ -5,7 +5,7 @@
 .file_or_dir{
-  width: 500px;
+  width: 450px;
   height: 30px;
 }

data/app/controllers/web_sandbox_console/authorization_controller.rb ADDED

@@ -0,0 +1,82 @@
+require_dependency "web_sandbox_console/application_controller"
+module WebSandboxConsole
+  class AuthorizationController < ApplicationController
+    before_action :restrict_ip
+    http_basic_authenticate_with name: WebSandboxConsole.http_basic_auth[:name], password: WebSandboxConsole.http_basic_auth[:password] if WebSandboxConsole.http_basic_auth.present?
+    before_action :restrict_fetch_token_times, only: :fetch_token
+    # 获取令牌
+    def fetch_token
+      @token = SecureRandom.uuid
+      save_cache_token(@token)
+    end
+    # 授权
+    def auth
+      if params[:secret_text].blank?
+        flash[:notice] = '密文为空'
+        return redirect_to root_path
+      end
+      if public_key.blank?
+        flash[:notice] = '公钥未配置'
+        return redirect_to root_path
+      end
+      result_hash = decrypt_secret_text(params[:secret_text])
+      token       = result_hash[:content]
+      if result_hash[:success] && fetch_cache_token(token)
+        flash[:notice] = "授权成功"
+        session[:pass_auth] = true
+      else
+        flash[:notice] = "授权失败：#{result_hash[:content]}"
+      end
+      redirect_to root_path
+    end
+    private
+      # 限制获取token次数 一天内不允许超过20次
+      def restrict_fetch_token_times
+        cache = Rails.cache
+        times = cache.fetch('fetch_token_times', expires_in: 1.day) {0}
+        if times > 20
+          flash[:notice] = '一天内获取令牌不允许超过20次'
+          rediect_to root_path
+        end
+        cache.write('fetch_token_times', times + 1)
+      end
+      # 保存token 到缓存
+      def save_cache_token(key, value = nil)
+        Rails.cache.write(key.to_s, value.presence || key.to_s, expires_in: 5.minutes)
+      end
+      # 获取 缓存中 token
+      def fetch_cache_token(key)
+        Rails.cache.read(key.to_s)
+      end
+      # 公钥
+      def public_key
+        WebSandboxConsole.public_key
+      end
+      # 解密
+      def decrypt_secret_text(secret_text)
+        begin
+          base_text = Base64.decode64(secret_text)
+          p_key = OpenSSL::PKey::RSA.new public_key
+          text = p_key.public_decrypt(base_text)
+          {success: true, content: text}
+        rescue OpenSSL::PKey::RSAError
+          {success: false, content: "密钥匹配失败"}
+        rescue Exception => e
+          {success: false, content: "发生未知错误: #{e.inspect};#{e.backtrace[0..2].join('\r\n')}"}
+        end
+      end
+  end
+end

data/app/controllers/web_sandbox_console/home_controller.rb CHANGED

@@ -10,7 +10,13 @@ module WebSandboxConsole
     # 执行代码
     def eval_code
-      @results = Sandbox.new(params[:code]).evalotor
+      sandbox = Sandbox.new(params[:code], session[:pass_auth])
+      @results = if params[:commit] == '异步执行'
+        sandbox.asyn_evalotor
+      else
+        sandbox.evalotor
+      end
     end
     def view_file
@@ -18,7 +24,9 @@ module WebSandboxConsole
     # 查看文件
     def do_view_file
-      @results = ViewFile.new(params).view
+      results         = ViewFile.new(params).view
+      @lines          = results[:lines]
+      @total_line_num = results[:total_line_num]
     end
   end
 end

data/app/views/layouts/web_sandbox_console/application.html.erb CHANGED

@@ -12,3 +12,10 @@
   </div>
 </body>
 </html>
+<script type="text/javascript">
+  <% flash.each do |type, msg| %>
+    <% tip = type == 'notice' ? '提示' : '其它' %>
+    alert("<%= tip %>: <%= msg %>");
+  <% end %>
+</script>

data/app/views/web_sandbox_console/authorization/auth_page.html.erb ADDED

@@ -0,0 +1,35 @@
+# 授权
+<p>
+  <%= link_to '控制台', web_sandbox_console.root_path %>
+  <%= link_to '获取令牌', web_sandbox_console.fetch_token_path(:format => "js"), remote: true %>
+  <span> PS: 注意获取令牌一天最多20次,有效期仅5分钟</span>
+</p>
+<h2>授权申请</h1>
+<div class="">
+  <%= form_tag web_sandbox_console.auth_path, method: :post do %>
+    <table>
+      <tr>
+        <td>加密密文</td>
+        <td>
+          <%= text_area_tag :secret_text, '', style: "width: 300px;height: 100px;" %>
+        </td>
+        <td><%= submit_tag '提交', data: { disable_with: "已发送，处理中..." }, class: 'view-file-button' %></td>
+    </table>
+  <% end %>
+</div>
+<h4>说明令牌使用说明：</h4>
+<div>
+  <pre>
+    require 'openssl'
+    require 'base64'
+    private_key = "你的私钥"
+    p_key = OpenSSL::PKey::RSA.new private_key
+    secret_text = p_key.private_encrypt("你的令牌")
+    encode_text = Base64.encode64(secret_text)
+    puts encode_text
+  </pre>
+</div>

data/app/views/web_sandbox_console/authorization/fetch_token.js.erb ADDED

	@@ -0,0 +1,3 @@
1	+ alert("令牌: <%= @token %>，此令牌先保存，后续使用。");
2	+
3	+

data/app/views/web_sandbox_console/home/do_view_file.js.erb CHANGED

@@ -1,5 +1,7 @@
 $(".output-content").empty();
-$(".output-content").append('<p>============ 查找结果如下 ===============</p>');
-<% @results.each do |result| %>
+<% line_num_show = @total_line_num ? "原始文件总行数：#{@total_line_num}" : "" %>
+$(".output-content").append("<p>============ <%= Time.current %> 查找结果如下 <%= line_num_show %> ===============</p>");
+<% @lines.each do |result| %>
   $(".output-content").append('<pre><%= escape_javascript result %></pre>');
 <% end %>

data/app/views/web_sandbox_console/home/eval_code.js.erb CHANGED

@@ -1,4 +1,4 @@
-$(".output-content").append('<p>============ 本次输出如下（仅代表最后行输出）===============</p>');
+$(".output-content").append("<p>============ <%= Time.current %> 本次输出如下 ===============</p>");
 <% @results.each do |result| %>
   $(".output-content").append('<p><%= escape_javascript result %></p>');
 <% end %>

data/app/views/web_sandbox_console/home/index.html.erb CHANGED

@@ -1,13 +1,28 @@
 控制台 index
 <%= link_to '查看文件', web_sandbox_console.view_file_path %>
+<% unless session[:pass_auth] %>
+  <%= link_to '升级授权', web_sandbox_console.auth_page_path %>
+<% end %>
-<div class="console">
+<div class="console margin-b-20">
   <%= form_tag(web_sandbox_console.eval_code_path, remote: true, class: 'form')  do %>
-    <%= text_area_tag :code, '', class: 'text_area_box'%>
-    <input type="reset" value="重置" class='reset-button'>
-    <%= submit_tag '提交', data: { disable_with: "已发送，处理中..." }, class: 'send-button' %>
+    <div class= "fl text_area_div">
+      <%= text_area_tag :code, '', class: 'text_area_box'%>
+    </div>
+    <div class="submit_div">
+      <div class="fr">
+        <div class="margin-t-100"><input type="reset" value="重置" class='reset-button' %></div>
+        <div class="margin-t-10">
+          <% if session[:pass_auth] %>
+            <span class="tip">授权成功(当前修改将写入数据库)</span>
+          <% end %>
+          <%= submit_tag '提交', data: { disable_with: "已发送，处理中..." }, class: 'send-button' %></div>
+        <div class="margin-t-10"><%= submit_tag '异步执行', data: { disable_with: "已发送，处理中..." }, class: 'send-button' %></div>
+      </div>
+    </div>
   <% end %>
 </div>
 <%= button_tag '清除输出', type: 'button', onclick: "$('.output-content').empty();", class: 'clear-button' %>

data/app/views/web_sandbox_console/home/view_file.html.erb CHANGED

@@ -12,12 +12,27 @@
         <td><%= text_field_tag :start_line_num, nil, class: 'h30', placeholder: '默认从第1行开始...' %></td>
         <td>结束行数</td>
         <td><%= text_field_tag :end_line_num, nil, class: 'h30', placeholder: '默认从第100行结束...' %></td>
+      </tr>
+      <tr>
+        <td>过滤内容</td>
+        <td>
+          <%= text_field_tag :grep_content, nil, class: 'file_or_dir' %>
+        </td>
+        <td>过滤开始时间</td>
+        <td><%= text_field_tag :sed_start_time, nil, class: 'h30', placeholder: Time.current.strftime("%F %T") %></td>
+        <td>过滤结束时间</td>
+        <td><%= text_field_tag :sed_end_time, nil, class: 'h30', placeholder: Time.current.strftime("%F %T") %></td>
         <td><%= submit_tag '提交', data: { disable_with: "已发送，处理中..." }, class: 'view-file-button' %></td>
+      </tr>
     </table>
   <% end %>
+  <span class="tip">注意：过滤时将忽略筛选行数</span>
 </div>
 <div class="output-content">
 </div>
 <style type="text/css">

data/config/routes.rb CHANGED

@@ -4,4 +4,10 @@ WebSandboxConsole::Engine.routes.draw do
   post :eval_code, to: "home#eval_code"
   get :view_file, to: "home#view_file"
   post :do_view_file, to: "home#do_view_file"
+  # 授权相关
+  get :fetch_token, to: "authorization#fetch_token"
+  get :auth_page, to: "authorization#auth_page"
+  post :auth, to: "authorization#auth"
 end

data/lib/generators/web_sandbox_console/templates/web_sandbox_console.rb CHANGED

@@ -16,10 +16,16 @@ WebSandboxConsole.setup do |config|
   # # 配置 黑名单 实例方法
   # config.instance_method_blacklist = {Kernel: %i(system exec `),File: %i(chmod chown)}
-  # 文件黑名单列表 （如果是目录 则目录下所有文件都不用）目录以 / 结尾
+  # 文件黑名单列表 （如果是目录 则目录下所有文件都不可用）目录以 / 结尾
   # 默认都是项目路径下的
   # config.view_file_blacklist = %w(config/secrets.yml vendor/)
+  # 配置 文件权限，是否仅能查看log文件,默开启
+  #config.only_view_log_file = false
+  # 通过非对称加密方式 升级权限，授权通过后，可获得执行数据权限（PS: 数据操作不再回滚）
+  # config.public_key = "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"
   # # 配置 日志路径 默认路径位于项目下
   # config.console_log_path = "log/web_sandbox_console.log"
 end

data/lib/web_sandbox_console/configuration.rb CHANGED

@@ -11,14 +11,19 @@ module WebSandboxConsole
   mattr_accessor :instance_method_blacklist
   # 文件列表 黑名单
   mattr_accessor :view_file_blacklist
+  # 仅能查看日志文件
+  mattr_accessor :only_view_log_file
   # 日志路径
   mattr_accessor :console_log_path
   # 挂载 引擎路由位置
   mattr_accessor :mount_engine_route_path
+  # 公钥
+  mattr_accessor :public_key
   # 默认 引擎路由位置
   @@mount_engine_route_path = '/web_sandbox_console'
+  # 默认 开启仅可查看日志
+  @@only_view_log_file = true
   # 内置 实例方法 黑名单
   INSTANT_METOD_BUILT_IN_BLACKLIST = {

data/lib/web_sandbox_console/sandbox.rb CHANGED

@@ -2,22 +2,42 @@ module WebSandboxConsole
   class Sandbox
     attr_accessor :code           # 代码
     attr_accessor :uuid           # 唯一标识
+    attr_accessor :pass_auth      # 是否通过授权
     attr_accessor :exe_tmp_file   # 执行临时文件（由code 组成的运行代码）
-    def initialize(code = nil)
+    def initialize(code = nil, pass_auth = false)
       @code         = code
       @uuid         = SecureRandom.uuid
+      @pass_auth    = pass_auth.presence || false
       @exe_tmp_file = "#{Rails.root}/tmp/sandbox/#{uuid}.rb"
     end
+    # 同步执行
     def evalotor
+      evalotor_block do
+        exec_rails_runner
+        get_result
+      end
+    end
+    # 异步后台执行
+    def asyn_evalotor
+      evalotor_block do
+        Thread.new {exec_rails_runner}
+        ["已在后台执行，请耐心等待😊"]
+      end
+    end
+    # 执行结构块
+    def evalotor_block
       begin
         check_syntax
         write_exe_tmp_file
-        exec_rails_runner
-        get_result
+        yield
       rescue SandboxError => e
         [e.message]
+      rescue Exception => e
+        ["发生未知错误: #{e.inspect};#{e.backtrace[0..2].join('\r\n')}"]
       end
     end
@@ -28,7 +48,7 @@ module WebSandboxConsole
         begin
           ActiveRecord::Base.transaction(requires_new: true) do
             result = eval(#{self.code.inspect})
-            raise ActiveRecord::Rollback
+            raise ActiveRecord::Rollback  unless #{self.pass_auth}
           end
         rescue Exception => e
           WebSandboxConsole.log_p(e, "#{self.uuid}")
@@ -82,11 +102,11 @@ module WebSandboxConsole
     # 运行rails runner
     def exec_rails_runner
-      `bundle exec rails runner #{self.exe_tmp_file}`
+      @stdout = `bundle exec rails runner #{self.exe_tmp_file}`
     end
-    # 获取 执行结果
-    def get_result
+    # 返回结果
+    def return_result_arr
       last_10_lines = `tail -n 10 #{WebSandboxConsole.log_path} | grep #{self.uuid}`
       last_10_lines.split("\n").map do |line|
@@ -94,5 +114,16 @@ module WebSandboxConsole
       end.flatten
     end
+    # 最终结果
+    def get_result
+      if @stdout.present?
+        stdout_arr = @stdout.to_s.split("\n")
+        stdout_arr << '------------ 返回值 ----------'
+        stdout_arr.concat(return_result_arr)
+      else
+        return_result_arr
+      end
+    end
   end
 end

data/lib/web_sandbox_console/version.rb CHANGED

@@ -1,3 +1,3 @@
 module WebSandboxConsole
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 end

data/lib/web_sandbox_console/view_file.rb CHANGED

@@ -3,11 +3,17 @@ module WebSandboxConsole
     attr_accessor :file_or_dir     # 文件或目录
     attr_accessor :start_line_num  # 起始行数
     attr_accessor :end_line_num     # 结束行数
+    attr_accessor :sed_start_time   # 开始时间
+    attr_accessor :sed_end_time     # 结束时间
+    attr_accessor :grep_content     # 过滤内容
     def initialize(opts = {})
       @file_or_dir     = opts[:file_or_dir]
-      @start_line_num  = opts[:start_line_num].present? ? opts[:start_line_num].to_i : 1
-      @end_line_num    = opts[:end_line_num].present? ? opts[:end_line_num].to_i : 100
+      @start_line_num  = (opts[:start_line_num].presence || 1).to_i
+      @end_line_num    = (opts[:end_line_num].presence || 100).to_i
+      @sed_start_time  = parse_time(opts[:sed_start_time])
+      @sed_end_time    = parse_time(opts[:sed_end_time])
+      @grep_content    = opts[:grep_content]
     end
     def view
@@ -15,9 +21,10 @@ module WebSandboxConsole
         check_param
         file_or_dir_exists
         check_blacklist
+        check_only_view_log
         view_file
       rescue ViewFileError => e
-        [e.message]
+        {lines: [e.message]}
       end
     end
@@ -74,12 +81,20 @@ module WebSandboxConsole
       raise ViewFileError, '文件或目录无权限查看' if black_lists.include?(file_or_dir_path) || black_lists.include?(file_or_dir_path + '/')
     end
+    # 检查 仅能查看日志
+    def check_only_view_log
+      if WebSandboxConsole.only_view_log_file
+        raise ViewFileError, '仅可查看日志目录/文件' unless file_or_dir.split("/")[0] == 'log'
+      end
+    end
     # 目录下文件
     def files_in_dir
-      Dir["#{file_or_dir_path}/*"].map do |path|
+      lines = Dir["#{file_or_dir_path}/*"].map do |path|
         path += is_directory?(path) ? '(目录)' : '(文件）'
         path[file_or_dir_path.length..-1]
       end
+      {lines: lines}
     end
     # 是否为大文件
@@ -87,19 +102,36 @@ module WebSandboxConsole
       File.new(file_or_dir_path).size > 10.megabytes
     end
+    # 是否需要过滤
+    def need_grep?
+      @sed_start_time || @grep_content.present?
+    end
     # 查看文件/目录
     def view_file
       if is_directory?(file_or_dir_path)
         files_in_dir
-      else
-        lines = is_big_file? ? tail_200_line : special_line_content
-        add_line_num(lines)
+      else # 文件
+        lines = if need_grep?
+          grep_file_content
+        elsif is_big_file?
+          tail_any_line(1000)
+        else
+          special_line_content
+        end
+        {lines: add_line_num(lines), total_line_num: cal_file_total_line_num}
       end
     end
-    # 最后 200 行内容
-    def tail_200_line
-      (`tail -n 200 #{file_or_dir_path}`).split(/[\r,\r\n]/)
+    # 计算文件总行数
+    def cal_file_total_line_num
+      `wc -l < #{file_or_dir_path}`.to_i
+    end
+    # 最后 xx 行内容
+    def tail_any_line(num)
+      (`tail -n #{num} #{file_or_dir_path}`).split(/[\r,\r\n]/)
     end
     # 按指定行返回
@@ -107,11 +139,31 @@ module WebSandboxConsole
       File.readlines(file_or_dir_path)[(start_line_num - 1)..(end_line_num - 1)]
     end
+    # 过滤文件
+    def grep_file_content
+      content = if @sed_start_time && @grep_content.present?
+        `sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path} | grep #{@grep_content}`
+      elsif @sed_start_time
+        `sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path}`
+      else
+        `grep #{@grep_content} #{file_or_dir_path}`
+      end
+      content.split(/[\r,\r\n]/)
+    end
     # 添加行号
     def add_line_num(lines)
       start_num = is_big_file? ? 1 : start_line_num
       lines.each_with_index.map{|line, index| "#{index + start_num}:  #{line}"}
     end
+    private
+      # 解析时间
+      def parse_time(str)
+        DateTime.parse(str).strftime("%FT%T") rescue nil
+      end
   end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: web_sandbox_console
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - dongmingyan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-05-08 00:00:00.000000000 Z
+date: 2020-06-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -55,13 +55,15 @@ files:
 - app/assets/stylesheets/web_sandbox_console/application.css
 - app/assets/stylesheets/web_sandbox_console/home.css
 - app/controllers/web_sandbox_console/application_controller.rb
+- app/controllers/web_sandbox_console/authorization_controller.rb
 - app/controllers/web_sandbox_console/home_controller.rb
 - app/helpers/web_sandbox_console/application_helper.rb
 - app/helpers/web_sandbox_console/home_helper.rb
-- app/jobs/web_sandbox_console/application_job.rb
 - app/mailers/web_sandbox_console/application_mailer.rb
 - app/models/web_sandbox_console/application_record.rb
 - app/views/layouts/web_sandbox_console/application.html.erb
+- app/views/web_sandbox_console/authorization/auth_page.html.erb
+- app/views/web_sandbox_console/authorization/fetch_token.js.erb
 - app/views/web_sandbox_console/home/do_view_file.js.erb
 - app/views/web_sandbox_console/home/eval_code.js.erb
 - app/views/web_sandbox_console/home/index.html.erb

data/app/jobs/web_sandbox_console/application_job.rb DELETED

@@ -1,4 +0,0 @@
-module WebSandboxConsole
-  class ApplicationJob < ActiveJob::Base
-  end
-end