web_sandbox_console 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c4c806cc25ee28c518675afdae02525a3c36f201b4e7d1e282b0924afba91725
-  data.tar.gz: f6cbacc2cea644ca0baf438b2c8080e92ef9b6d28ab10305c0cf897beac04723
+  metadata.gz: 92242034900727caa3f1920df25ef3fc88b886b647d0444431708016785d422a
+  data.tar.gz: 1216442a9f5408aa82218e3dc8ad73e5e896a03b2c9caaa59bb90dc64c6cc09a
 SHA512:
-  metadata.gz: 7ac31b27cb734fe08a57be44e8295f03497a95bfb7720881349497a89b5465ffd39a86700d8a4b2fee2a00c4da318da13e514fe96d646d53572abe80edd682c2
-  data.tar.gz: 5c3d3ec3910f929ffba5f6bca090e55752f3c82c162b22ceeb1b7a48c91b321d5d00076602cb8aca45715f8cdafbc4377d2e0db5a59ed4759085798cfe4a984a
+  metadata.gz: 0bc65c60e3e7657b4475b54c93fbf533c9468ffdb5b3af468bf3d4a9f7aef37dc04c938076b00908e37c41d672a99a38a7de81683649004483af21e162fec721
+  data.tar.gz: 98d09ce9a324f83fb7be0ca158d8090252b6b7ef359b32ff595ad43aa96052b7d40334d679d8a2a6bf9312756d421391418fb11cae18c6cb42b9a593c1699ef7

data/README.md

@@ -19,7 +19,7 @@ $ bundle
 ```
 
 此时，如果是在本地，你访问 `http://localhost:3000/web_sandbox_console` 就能看到web控制台了,下面这个样子。
-![Snip20200625_1.png](https://i.loli.net/2020/06/25/ZD5Ns2HzfME4Whx.png)
+![Snip20200703_1.png](https://i.loli.net/2020/07/03/62JD5ErcPbAwHSn.png)
 
 ## 配置
 ```
@@ -33,10 +33,15 @@ $ bundle
 $ rails g web_sandbox_console
 ```
 
-这会在项目路径下,创建如下文件（即配置文件）
+这会在项目路径下,创建两个配置文件
 ```ruby
 # config/initializers/web_sandbox_console.rb
 
+require 'yaml'
+
+config_file_path = "#{Rails.root}/config/web_sandbox_console.yml"
+config_hash = File.exists?(config_file_path) ? YAML.load_file(config_file_path).with_indifferent_access[:web_sandbox_console] : {}
+
 # web_sandbox_console 配置文件 
 # 以下配置 都是可选的 缺少的情况下用默认值 或者 不生效
 WebSandboxConsole.setup do |config|
@@ -46,8 +51,10 @@ WebSandboxConsole.setup do |config|
   # 配置 ip 白名单
   # config.ip_whitelist = %w(192.168.23.12 192.145.2.0/24)
 
-  # # 配置 基本认证
-  # config.http_basic_auth = {name: 'dmy', password: '123456'}
+  # 配置 基本认证 在 config/web_sandbox_console.yml中配置
+  # PS: 1. 即使config/web_sandbox_console.yml文件不存在，也不会有任何使用上的影响,效果相当于没有开启
+  #     2. 下面这行不用注释掉，只要不配置yml文件就行
+  config.http_basic_auth = config_hash[:http_basic_auth]
 
   # # 配置 黑名单 类方法
   # config.class_method_blacklist = {File: %i(delete read write),Dir: %i(new delete mkdir)}
@@ -59,19 +66,32 @@ WebSandboxConsole.setup do |config|
   # 默认都是项目路径下的
   # config.view_file_blacklist = %w(config/secrets.yml vendor/)
 
-  # 配置 文件权限，是否仅能查看log文件,默开启
+  # 配置 文件权限，是否仅能查看log文件,默认开启
   #config.only_view_log_file = false
 
   # 通过非对称加密方式 升级权限，授权通过后，可获得执行数据权限（PS: 数据操作不再回滚）
-  # config.public_key = "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"
+  # PS：配置同 http_basic_auth
+  config.public_key = config_hash[:public_key]
 
   # # 配置 日志路径 默认路径位于项目下
   # config.console_log_path = "log/web_sandbox_console.log"
 end
 ```
 
+主要用于配置 http_basic_auth 和 public_key,如需使用基本授权、升级授权，参照example文件创建yml文件即可
+```ruby
+# config/web_sandbox_console.yml.example
+
+web_sandbox_console:
+  http_basic_auth:
+    name: dmy
+    password: 123456
+  public_key: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"
+
+```
+
 ## 深入了解
-主要包含两大功能快：代码执行、文件查看，下面分别介绍
+主要包含三大功能块：代码执行、文件查看、日志下载，下面分别介绍
 
 ### 代码执行
 1. 提交和异步执行
@@ -79,16 +99,17 @@ end
 > 提交后代码会立即执行；如果点击异步执行，则代码会在后台异步执行，这对于需要执行非常耗时的代码，强烈建议异步执行；
 
 2. 升级权限
-![Snip20200625_2.png](https://i.loli.net/2020/06/25/GQXlpwLryjtVfdO.png)
+![Snip20200703_1.png](https://i.loli.net/2020/07/03/26zf5WOBFqmaiHC.png)
+
 ```
 通常你能做的操作就是，查查数据等，数据的所有操作都不会写入到数据库，这样很安全；但是每当你需要修改数据时，还是需要让运维处理；为了满足可以数据写入、和安全性的要求；开发了升级权限这个功能。
 
-升级权限你需要在配置文件中配置公钥，自己保存私匙；整个过程采用非对称加密的方式，进行授权，还是比较安全的。
+升级权限你需要在配置文件中配置公钥，自己保存私钥；整个过程采用非对称加密的方式，进行授权，还是比较安全的。
 升级授权成功后，代码执行将不再回滚，会直接写入数据库。
 ```
 
 升级权限流程如下：
-> -  `config/initializers/web_sandbox_console.rb`配置公钥
+> -  `config/web_sandbox_console.yml`中配置公钥
 > - 进入授权页面，点击获取令牌 `web_sandbox_console/auth_page`
 > - 用私钥对令牌加密，然后用base64加密
 > - 将加密的打印结果（注意是puts 文本）,输入加密密文框，提交
@@ -106,7 +127,7 @@ puts encode_text
 ```
 
 ### 文件查看
-![Snip20200625_3.png](https://i.loli.net/2020/06/25/ZtaeGlUpc4fJFgW.png)
+![Snip20200703_2.png](https://i.loli.net/2020/07/03/zFMjpRSX8fCDQ2i.png)
 1. 目录和文件
 
 > 你可以查看一个目录下有哪些文件夹或文件，你也可以直接查看文件的内容，默认返回一个文件的前100行
@@ -128,6 +149,19 @@ PS: a. 在过滤文件（过滤内容/过滤时间）的时候，此时指定行
 
 > 默认情况，只能查看日志文件或目录，当然你也可以去配置做调整。
 
+### 日志下载
+![Snip20200703_3.png](https://i.loli.net/2020/07/03/csW5OfEhPVeSbJz.png)
+你可以直接输入文件名（需要带后缀）下载日志
+
+### 关于数据导出
+在gem 中你可用`CSV.open`的方式导出数据，出于安全考虑，这里open方法是复写之后的，内部没有调用`File.open`方法；
+
+有一下几点需注意：
+> 1. 你写入你任何路径，最终都只会在log目录下创建csv文件
+> 2. 文件名以你路径中（/分隔）的最后一个名称为准
+> 3. csv 文件下载后，会自动删除掉，因此只能下载一次
+
+
 ## Contributing
 Contribution directions go here.
 

data/app/assets/javascripts/web_sandbox_console/application.js

@@ -12,5 +12,4 @@
 //
 //= require jquery
 //= require jquery_ujs
-//= require turbolinks
 //= require_tree .

data/app/assets/stylesheets/web_sandbox_console/application.css

@@ -19,7 +19,7 @@
  }
 
 .tip {
-  color: red;
+  color: #E35520;
   font-size: 12px;
 }
 
@@ -64,7 +64,8 @@
 }
 
 .output-content{
-    height: 600px;
+    min-height: 800px;
+    height: 100%;
     font-size: 14px;
     background-color: #272822;
     color: #F8F8F2;
@@ -83,14 +84,14 @@
   }
 
   .clear-button{
-    background: red;
+    background: #20aee3;
     height: 30px;
     width: 100px;
     font-size: 15px;
     color: white;
     cursor: pointer;
     border-radius: 5px;
-    border: red;
+    border: #20aee3;
   }
 
   .send-button{
@@ -103,19 +104,21 @@
   }
 
   .reset-button{
-    background: red;
+    background: #20aee3;
     color: white;
     height: 30px;
     font-size: 15px;
     color: 15px;
     cursor: pointer;
-    border: red;
+    border: #20aee3;
   }
 
   button,input{
    outline:none;
  }
 
+
+
  button:focus,input:focus,textarea:focus {
    outline: none;
    border: 1px solid #272822;

data/app/assets/stylesheets/web_sandbox_console/common.css

@@ -0,0 +1,218 @@
+  body {
+    background: #fff;
+    font-family: "Montserrat", sans-serif;
+    margin: 0;
+    overflow-x: hidden;
+    color: #67757c;
+    font-weight: 300;
+    font-size: 14px;
+  }
+
+  * {
+    outline: none; 
+  }
+
+  a{ text-decoration:none}
+
+  #main-wrapper {
+    width: 100%;
+    overflow: hidden;
+  }
+
+  .topbar {
+    position: fixed;
+    width: 100%;
+    z-index: 50;
+    background: #ffffff;
+  }
+
+  .topbar .top-navbar {
+    min-height: 70px;
+    padding: 0px;
+}
+
+.topbar .top-navbar .navbar-header {
+    line-height: 72px;
+    padding-left: 10px;
+    border-right: 1px solid rgba(120, 130, 140, 0.13);
+}
+
+.navbar-header {
+    width: 200px;
+    flex-shrink: 0;
+}
+
+.topbar .top-navbar .navbar-header .navbar-brand {
+    margin-right: 0px;
+    padding-bottom: 0px;
+    padding-top: 0px;
+}
+
+.navbar-brand {
+  display: inline-block;
+  padding-top: .3125rem;
+  padding-bottom: .3125rem;
+  margin-right: 1rem;
+  font-size: 1.25rem;
+  line-height: inherit;
+  white-space: nowrap;
+  color: rgba(0,0,0,.9);
+}
+
+.navbar-light .navbar-brand {
+    color: rgba(0,0,0,.9);
+}
+
+.topbar .navbar-collapse {
+    padding: 0px;
+    border-bottom: 1px solid rgba(120, 130, 140, 0.13);
+    display: flex!important;
+    align-items: center;
+}
+
+ .left-sidebar {
+    position: fixed;
+    width: 210px;
+    height: 100%;
+    top: 0px;
+    z-index: 20;
+    padding-top: 70px;
+    background: #fff;
+    border-right: 1px solid rgba(120, 130, 140, 0.13);
+  }
+
+  .ps {
+    -ms-touch-action: auto;
+    touch-action: auto;
+    overflow: hidden !important;
+    -ms-overflow-style: none;
+  }
+
+  .scroll-sidebar {
+    height: 100%;
+  }
+
+  .sidebar-nav {
+    background: #fff;
+    padding: 15px 0 0 0px;
+  }
+
+  .sidebar-nav ul {
+    margin: 0px;
+    padding: 0px;
+  }
+
+  .sidebar-nav > ul > li {
+    margin-bottom: 8px;
+    margin-top: 8px;
+  }
+
+  .sidebar-nav ul li {
+    list-style: none;
+  }
+
+  .sidebar-nav > ul > li > a {
+    border-left: 3px solid transparent;
+  }
+
+  .sidebar-nav > ul > li > a:hover {
+    color: #20aee3;
+    font-size: 16px;
+  }
+
+  .menu-active {
+    color: #20aee3;
+    font-size: 16px;
+  }
+
+.sidebar-nav ul li a {
+    color: #8d97ad;
+    padding: 10px 35px 10px 15px;
+    display: block;
+    font-size: 15px;
+    font-weight: 400;
+}
+
+.waves-effect {
+    position: relative;
+    cursor: pointer;
+    display: inline-block;
+    overflow: hidden;
+    -webkit-user-select: none;
+    -moz-user-select: none;
+    -ms-user-select: none;
+    user-select: none;
+    -webkit-tap-highlight-color: transparent;
+    vertical-align: middle;
+    z-index: 1;
+    will-change: opacity, transform;
+}
+
+.topbar .top-navbar .navbar-header .navbar-brand b {
+    line-height: 70px;
+    display: inline-block;
+    font-weight: bolder;
+}
+
+img {
+    vertical-align: middle;
+    border-style: none;
+}
+
+  .sidebar-nav > ul > li > a i {
+    color: #787f91;
+  }
+
+  .sidebar-nav > ul > li > a i {
+    width: 38px;
+    font-size: 24px;
+    display: inline-block;
+    vertical-align: middle;
+    color: #787f91;
+  }
+
+  .fa {
+    display: inline-block;
+    font: normal normal normal 14px/1 FontAwesome;
+    font-size: inherit;
+    text-rendering: auto;
+    -webkit-font-smoothing: antialiased;
+    -moz-osx-font-smoothing: grayscale;
+  }
+
+  .page-wrapper {
+    background: #f6f9fa;
+    padding-bottom: 60px;
+    position: relative;
+    margin-left: 200px;
+    /*padding-top: 70px;*/
+    z-index: 100
+  }
+
+  .container-fluid {
+    padding: 25px 25px;
+  }
+
+  .container-fluid {
+    width: 100%;
+    margin-right: auto;
+    margin-left: auto;
+    padding-right: 15px;
+    padding-left: 15px;
+    width: 100%;
+  }
+
+  .navbar-nav {
+    display: -ms-flexbox;
+    display: flex;
+    -ms-flex-direction: column;
+    flex-direction: column;
+    padding-left: 0;
+    margin-bottom: 0;
+    list-style: none;
+    flex-direction: row;
+  }
+
+  .mr-auto {
+    margin-right: auto!important;
+  }

data/app/controllers/web_sandbox_console/application_controller.rb

@@ -1,6 +1,10 @@
 module WebSandboxConsole
   class ApplicationController < ActionController::Base
     protect_from_forgery with: :exception
+    
+    before_action :restrict_ip
+    http_basic_authenticate_with name: WebSandboxConsole.http_basic_auth[:name].to_s, password: WebSandboxConsole.http_basic_auth[:password].to_s if WebSandboxConsole.http_basic_auth.present?
+
 
     # 限制ip
     def restrict_ip

data/app/controllers/web_sandbox_console/authorization_controller.rb

@@ -2,8 +2,6 @@ require_dependency "web_sandbox_console/application_controller"
 
 module WebSandboxConsole
   class AuthorizationController < ApplicationController
-    before_action :restrict_ip
-    http_basic_authenticate_with name: WebSandboxConsole.http_basic_auth[:name], password: WebSandboxConsole.http_basic_auth[:password] if WebSandboxConsole.http_basic_auth.present?
     before_action :restrict_fetch_token_times, only: :fetch_token
 
     # 获取令牌

data/app/controllers/web_sandbox_console/home_controller.rb

@@ -2,9 +2,7 @@ require_dependency "web_sandbox_console/application_controller"
 
 module WebSandboxConsole
   class HomeController < ApplicationController
-    before_action :restrict_ip
-    http_basic_authenticate_with name: WebSandboxConsole.http_basic_auth[:name], password: WebSandboxConsole.http_basic_auth[:password] if WebSandboxConsole.http_basic_auth.present?
-
+    
     def index
     end
 
@@ -24,9 +22,37 @@ module WebSandboxConsole
 
     # 查看文件
     def do_view_file
-      results         = ViewFile.new(params).view
-      @lines          = results[:lines]
-      @total_line_num = results[:total_line_num]
+      results             = ViewFile.new(params).view
+      @lines              = results[:lines]
+      @total_line_num     = results[:total_line_num]
+      @touch_grep_protect = results[:touch_grep_protect]
+      @content_is_trimed  = results[:content_is_trimed]
+    end
+
+    # 下载文件页面
+    def download_page
     end
+
+    # 下载文件
+    def download
+      if params[:file_name].blank?
+        flash[:notice] = "文件名不能为空"
+        return redirect_to download_page_path
+      end
+
+      file_full_path = "#{Rails.root}/log/#{params[:file_name]}"
+      unless File.exists?(file_full_path)
+        flash[:notice] = '文件不存在，请检查文件名；或在其它服务器请多次尝试'
+        return redirect_to download_page_path
+      end
+
+      # 打包
+      `tar czf #{file_full_path}.tar.gz #{file_full_path}`
+      # 如果是csv文件，需删除
+      File.delete(file_full_path) if file_full_path.split(".").last == 'csv'
+
+      send_file "#{file_full_path}.tar.gz"
+    end
+
   end
 end

data/app/views/layouts/web_sandbox_console/application.html.erb

@@ -1,16 +1,80 @@
 <!DOCTYPE html>
 <html>
-<head>
-  <title>Web sandbox console</title>
-  <%= stylesheet_link_tag    "web_sandbox_console/application", media: "all" %>
-  <%= javascript_include_tag "web_sandbox_console/application" %>
-  <%= csrf_meta_tags %>
-</head>
-<body>
-  <div class="container">
-    <%= yield %>
-  </div>
-</body>
+  <head>
+    <title>Web sandbox console</title>
+    <%= stylesheet_link_tag    "web_sandbox_console/application", media: "all" %>
+    <%= javascript_include_tag "web_sandbox_console/application" %>
+    <%= csrf_meta_tags %>
+  </head>
+  <body>
+    <div id="main-wrapper">
+      <header class="topbar">
+        <nav class="navbar top-navbar">
+          <div class="navbar-header">
+            <a class="navbar-brand" href="/web_sandbox_console">
+              <b>
+                <img src="/assets/web_sandbox_console/logo-icon.png" />
+              </b>
+              <span style="left-padding: 10px;">运维控制台</span>
+           </a>
+          </div>
+
+          <div class="navbar-collapse">
+          </div>
+        </nav>
+      </header>
+
+      <aside class="left-sidebar">
+        <div class="scroll-sidebar ps">
+          <nav class="sidebar-nav">
+            <ul id="sidebar-nav">
+              <li>
+                <%= link_to root_path, class: 'waves-effect waves-dark' do %>
+                  <i class="fa fa-bookmark-o"></i>
+                  <span class="hide-menu <%= action_name == 'index' ? 'menu-active' : '' %>">执行代码</span>
+                <% end %>
+              </li>
+
+              <li>
+                <%= link_to web_sandbox_console.view_file_path, class: 'waves-effect waves-dark' do %>
+                  <i class="fa fa-bookmark-o"></i>
+                  <span class="hide-menu <%= action_name == 'view_file' ? 'menu-active' : '' %>">查看文件</span>
+                <% end %>
+              </li>
+
+              <li>
+                <%= link_to web_sandbox_console.download_page_path, class: 'waves-effect waves-dark' do %>
+                  <i class="fa fa-bookmark-o"></i>
+                  <span class="hide-menu <%= action_name == 'download_page' ? 'menu-active' : '' %>">下载文件</span>
+                <% end %>
+              </li>
+
+              <li>
+                <%= link_to web_sandbox_console.auth_page_path, class: 'waves-effect waves-dark' do %>
+                  <i class="fa fa-bookmark-o"></i>
+                  <span class="hide-menu <%= action_name == 'auth_page' ? 'menu-active' : '' %>">升级授权</span>
+                <% end %>
+              </li>
+
+              <li>
+                <%= link_to "https://github.com/dongmy54/web_sandbox_console", target: "_blank", class: 'waves-effect waves-dark' do %>
+                  <i class="fa fa-bookmark-o"></i>
+                  <span class="hide-menu <%= action_name == 'auth_page' ? 'menu-active' : '' %>">说明文档</span>
+                <% end %>
+              </li>
+            </ul>
+          </nav>
+
+        </div>
+      </aside>
+
+      <div class="page-wrapper" style="min-height: 800px;">
+        <div class="container-fluid">
+          <%= yield %>
+        </div>
+      </div>
+    </div>
+  </body>
 </html>
 
 <script type="text/javascript">

data/app/views/web_sandbox_console/authorization/auth_page.html.erb

@@ -1,12 +1,10 @@
-# 授权
+<h3>升级授权</h3>
+
 <p>
-  <%= link_to '控制台', web_sandbox_console.root_path %>
-  <%= link_to '获取令牌', web_sandbox_console.fetch_token_path(:format => "js"), remote: true %> 
+  <%= link_to '获取令牌', fetch_token_path,format: 'json', remote: true %>
   <span> PS: 注意获取令牌一天最多20次,有效期仅5分钟</span>
 </p>
 
-
-<h2>授权申请</h1>
 <div class="">
   <%= form_tag web_sandbox_console.auth_path, method: :post do %>
     <table>

data/app/views/web_sandbox_console/home/do_view_file.js.erb

@@ -2,6 +2,15 @@ $(".output-content").empty();
 <% line_num_show = @total_line_num ? "原始文件总行数：#{@total_line_num}" : "" %>
 
 $(".output-content").append("<p>============ <%= Time.current %> 查找结果如下 <%= line_num_show %> ===============</p>");
+
+<% if @touch_grep_protect %>
+  $(".output-content").append("<p>PS: 由于过滤执行时间太长，已触发过滤保护，返回内容为最后1000行</p>");
+<% end %>
+
+<% if @content_is_trimed %>
+  $(".output-content").append("<p>PS: 当前返回内容太多，仅展示满足条件的1000行</p>");
+<% end %>
+
 <% @lines.each do |result| %>
   $(".output-content").append('<pre><%= escape_javascript result %></pre>');
 <% end %>

data/app/views/web_sandbox_console/home/download_page.html.erb

@@ -0,0 +1,22 @@
+<h3>下载文件</h3>
+<div class="">
+  <%= form_tag web_sandbox_console.download_path, method: :get do %>
+    <table>
+      <tr>
+        <td>文件名</td>
+        <td>
+          <%= text_field_tag :file_name, '', style: "width: 400px;height: 35px;font-size: 15px;" %>
+        </td>
+        <td><%= submit_tag '提交', data: { disable_with: "已发送，处理中..." }, class: 'view-file-button' %></td>
+    </table>
+  <% end %>
+</div>
+
+<h4>说明：</h4>
+<div>
+  <pre>
+    1. 只可下载log目录下文件
+    2. 下载时文件名需要带上后缀如：production.log
+    3. csv文件下载后会被删除，不能重复下载
+  </pre>
+</div>

data/app/views/web_sandbox_console/home/index.html.erb

@@ -1,8 +1,4 @@
-控制台 index
-<%= link_to '查看文件', web_sandbox_console.view_file_path %>
-<% unless session[:pass_auth] %>
-  <%= link_to '升级授权', web_sandbox_console.auth_page_path %>
-<% end %>
+<h3>执行代码</h3>
 
 <div class="console margin-b-20">
   <%= form_tag(web_sandbox_console.eval_code_path, remote: true, class: 'form')  do %>

data/app/views/web_sandbox_console/home/view_file.html.erb

@@ -1,5 +1,4 @@
-# view_file
-<%= link_to '控制台', web_sandbox_console.root_path %>
+<h3>查看文件</h3>
 <div class="view_file">
   <%= form_tag do_view_file_path, method: :post, remote: true do %>
     <table>
@@ -28,7 +27,7 @@
       </tr>
     </table>
   <% end %>
-  <span class="tip">注意：过滤时将忽略筛选行数</span>
+  <span class="tip">注意：过滤时将忽略筛选行数;过滤内容中不能出现单引号</span>
 </div>
 
 <div class="output-content">

data/config/routes.rb

@@ -9,5 +9,9 @@ WebSandboxConsole::Engine.routes.draw do
   get :fetch_token, to: "authorization#fetch_token"
   get :auth_page, to: "authorization#auth_page"
   post :auth, to: "authorization#auth"
+
+  # 文件下载
+  get :download_page, to: "home#download_page"
+  get :download, to: "home#download"
 end
 

data/lib/generators/web_sandbox_console/templates/web_sandbox_console.rb

@@ -1,3 +1,8 @@
+require 'yaml'
+
+config_file_path = "#{Rails.root}/config/web_sandbox_console.yml"
+config_hash = File.exists?(config_file_path) ? YAML.load_file(config_file_path).with_indifferent_access[:web_sandbox_console] : {}
+
 # web_sandbox_console 配置文件 
 # 以下配置 都是可选的 缺少的情况下用默认值 或者 不生效
 WebSandboxConsole.setup do |config|
@@ -7,8 +12,10 @@ WebSandboxConsole.setup do |config|
   # 配置 ip 白名单
   # config.ip_whitelist = %w(192.168.23.12 192.145.2.0/24)
 
-  # # 配置 基本认证
-  # config.http_basic_auth = {name: 'dmy', password: '123456'}
+  # 配置 基本认证 在 config/web_sandbox_console.yml中配置
+  # PS: 1. 即使config/web_sandbox_console.yml文件不存在，也不会有任何使用上的影响,效果相当于没有开启
+  #     2. 下面这行不用注释掉，只要不配置yml文件就行
+  config.http_basic_auth = config_hash[:http_basic_auth]
 
   # # 配置 黑名单 类方法
   # config.class_method_blacklist = {File: %i(delete read write),Dir: %i(new delete mkdir)}
@@ -20,13 +27,13 @@ WebSandboxConsole.setup do |config|
   # 默认都是项目路径下的
   # config.view_file_blacklist = %w(config/secrets.yml vendor/)
 
-  # 配置 文件权限，是否仅能查看log文件,默开启
+  # 配置 文件权限，是否仅能查看log文件,默认开启
   #config.only_view_log_file = false
 
   # 通过非对称加密方式 升级权限，授权通过后，可获得执行数据权限（PS: 数据操作不再回滚）
-  # config.public_key = "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"
+  # PS：配置同 http_basic_auth
+  config.public_key = config_hash[:public_key]
 
   # # 配置 日志路径 默认路径位于项目下
   # config.console_log_path = "log/web_sandbox_console.log"
 end
-

data/lib/generators/web_sandbox_console/templates/web_sandbox_console.yml

@@ -0,0 +1,5 @@
+web_sandbox_console:
+  http_basic_auth:
+    name: dmy
+    password: 123456
+  public_key: "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMbJOE1vQT1jFpaH1GPYzdRJN/\nLh8VePmzXs5BYOLHB0xIjArL1NlXMbCJ+AS2rv3/oHIOdHhEuZw0tmm9DhG100R8\nRjBpsEKCDI88jl9qRkFmD3CVk8XQXv6c2IkRZCYSTvgDkmnKAlORksfw+p0cR2AQ\nlAtAsNsNviKYBzXKfQIDAQAB\n-----END PUBLIC KEY-----\n"

data/lib/generators/web_sandbox_console/web_sandbox_console_generator.rb

@@ -5,4 +5,9 @@ class WebSandboxConsoleGenerator < Rails::Generators::Base
     # 源文件 目标位置
     copy_file "web_sandbox_console.rb", "config/initializers/web_sandbox_console.rb"
   end
+
+  # 生成配置yaml文件
+  def copy_config_file
+    copy_file "web_sandbox_console.yml", "config/web_sandbox_console.yml.example"
+  end
 end

data/lib/web_sandbox_console/configuration.rb

@@ -34,7 +34,7 @@ module WebSandboxConsole
   # 内置 类方法 黑名单
   CLASS_METHOD_BUILT_IN_BLACKLIST = {
     Kernel: %i(system exec `),
-    File: %i(chmod chown new open delete read write),
+    File: %i(chmod chown new delete read write open),
     Dir: %i(new delete mkdir)
   }
 

data/lib/web_sandbox_console/safe_ruby.rb

@@ -5,6 +5,8 @@ module WebSandboxConsole
       sanitize_constants
       sanitize_instance_methods
       sanitize_class_methods
+      sanitize_logger_new
+      sanitize_csv
     end
 
     # 净化 类方法
@@ -66,5 +68,42 @@ module WebSandboxConsole
       hash1
     end
 
+    # 发现代码 中有 Logger.new(Rails.root.join('log', 'hubar')) 写法, 会 触发 File.open方法
+    # 封装后避免调用 File.open(禁用)
+    def sanitize_logger_new
+      Logger.instance_eval do
+        def new(logdev, shift_age = 0, shift_size = 1048576)
+          instance = allocate
+          instance.send(:initialize, logdev.to_s, shift_age, shift_size)
+          instance
+        end
+      end
+    end
+
+    # 净化 csv
+    def sanitize_csv
+      require 'csv' unless defined? CSV
+
+      CSV.instance_eval do
+        # 重写方法 以写日志方式 写数据
+        def open(filename, mode="r", **options)
+          # 无论输入什么路径 都只会在log下创建文件
+          basename = File.basename(filename, ".*")
+          file_path = "#{Rails.root}/log/#{basename}.csv"
+          logger = Logger.new(file_path)
+          logger.formatter = proc {|severity, datetime, progname, msg| msg}
+
+          logger.instance_exec do
+            # 支持类型 csv 数据写入方式
+            def << (data_arr)
+              self.info data_arr.join(",") + "\n"
+            end
+          end
+
+          yield(logger)
+        end
+      end
+    end
+
   end
 end

data/lib/web_sandbox_console/sandbox.rb

@@ -46,10 +46,7 @@ module WebSandboxConsole
         WebSandboxConsole.init_safe_env
         result = nil
         begin
-          ActiveRecord::Base.transaction(requires_new: true) do
-            result = eval(#{self.code.inspect})
-            raise ActiveRecord::Rollback  unless #{self.pass_auth}
-          end
+          #{self.pass_auth ? no_rollback_code : rollback_code}
         rescue Exception => e
           WebSandboxConsole.log_p(e, "#{self.uuid}")
         rescue SyntaxError => e
@@ -58,6 +55,23 @@ module WebSandboxConsole
         WebSandboxConsole.log_p(result, "#{self.uuid}")
       CODE
     end
+
+    # 回滚code
+    def rollback_code
+      <<-EOF
+        ActiveRecord::Base.transaction(requires_new: true) do
+          result = eval(#{self.code.inspect})
+          raise ActiveRecord::Rollback
+        end
+      EOF
+    end
+
+    # 不回滚code
+    def no_rollback_code
+      <<-EOF
+        result = eval(#{self.code.inspect})
+      EOF
+    end
     
     # 临时文件目录
     def tmp_file_dir
@@ -102,7 +116,7 @@ module WebSandboxConsole
 
     # 运行rails runner
     def exec_rails_runner
-      @stdout = `bundle exec rails runner #{self.exe_tmp_file}`
+      @stdout = `RAILS_ENV=#{Rails.env} bundle exec rails runner #{self.exe_tmp_file}`
     end
 
     # 返回结果

data/lib/web_sandbox_console/version.rb

@@ -1,3 +1,3 @@
 module WebSandboxConsole
-  VERSION = '0.3.0'
+  VERSION = '0.4.0'
 end

data/lib/web_sandbox_console/view_file.rb

@@ -1,11 +1,13 @@
 module WebSandboxConsole
   class ViewFile
-    attr_accessor :file_or_dir     # 文件或目录
-    attr_accessor :start_line_num  # 起始行数
-    attr_accessor :end_line_num     # 结束行数
-    attr_accessor :sed_start_time   # 开始时间
-    attr_accessor :sed_end_time     # 结束时间
-    attr_accessor :grep_content     # 过滤内容
+    attr_accessor :file_or_dir         # 文件或目录
+    attr_accessor :start_line_num      # 起始行数
+    attr_accessor :end_line_num        # 结束行数
+    attr_accessor :sed_start_time      # 开始时间
+    attr_accessor :sed_end_time        # 结束时间
+    attr_accessor :grep_content        # 过滤内容
+    attr_accessor :touch_grep_protect  # 是否触发过滤保护
+    attr_accessor :content_is_trimed   # 内容是否有裁剪
 
     def initialize(opts = {})
       @file_or_dir     = opts[:file_or_dir]
@@ -14,6 +16,8 @@ module WebSandboxConsole
       @sed_start_time  = parse_time(opts[:sed_start_time])
       @sed_end_time    = parse_time(opts[:sed_end_time])
       @grep_content    = opts[:grep_content]
+      @touch_grep_protect = false
+      @content_is_trimed  = false
     end
 
     def view
@@ -31,6 +35,7 @@ module WebSandboxConsole
     # 检查参数
     def check_param
       raise ViewFileError, '文件或目录参数不能为空' if file_or_dir.blank?
+      raise ViewFileError, "过滤内容中不能出现单引号" if grep_content.to_s.include?("'")
     end
 
     # 转换成项目路径
@@ -119,8 +124,15 @@ module WebSandboxConsole
         else
           special_line_content
         end
-        
-        {lines: add_line_num(lines), total_line_num: cal_file_total_line_num}
+        # 修剪行数
+        lines = content_trim(lines)
+
+        {
+          lines: add_line_num(lines), 
+          total_line_num: cal_file_total_line_num,
+          touch_grep_protect: @touch_grep_protect,
+          content_is_trimed: @content_is_trimed
+        }
       end
     end
 
@@ -129,33 +141,71 @@ module WebSandboxConsole
       `wc -l < #{file_or_dir_path}`.to_i
     end
 
-    # 最后 xx 行内容
+    # 最后 xx 行
     def tail_any_line(num)
-      (`tail -n #{num} #{file_or_dir_path}`).split(/[\r,\r\n]/)
+      tail_any_line_content(num).split("\n")
+    end
+
+    # 最后多少行内容
+    def tail_any_line_content(num)
+      `tail -n #{num} #{file_or_dir_path}`
     end
 
     # 按指定行返回
     def special_line_content
       File.readlines(file_or_dir_path)[(start_line_num - 1)..(end_line_num - 1)]
     end
+    
+    # 过滤超时保护 
+    def grep_timeout_protect
+      begin
+        Timeout::timeout(8) {yield}
+      rescue Timeout::Error => e
+        # 触发过滤保护
+        @touch_grep_protect = true
+        tail_any_line_content(1000)
+      end
+    end
 
     # 过滤文件
     def grep_file_content
       content = if @sed_start_time && @grep_content.present?
-        `sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path} | grep #{@grep_content}`
+        grep_timeout_protect {`sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path} | fgrep '#{@grep_content}'`}
       elsif @sed_start_time
-        `sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path}`
+        grep_timeout_protect {`sed -n '/#{@sed_start_time}/,/#{@sed_end_time}/p' #{file_or_dir_path}`}
       else
-        `grep #{@grep_content} #{file_or_dir_path}`
+        grep_timeout_protect {`fgrep '#{@grep_content}' #{file_or_dir_path}`}
+      end
+      content.split("\n")
+    end
+    
+    # 修剪过滤内容
+    def content_trim(lines)
+      if lines.length > 1000
+        @content_is_trimed = true
+        # 内容太多时 只返回前1000行
+        lines.first(1000)
+      else
+        lines
       end
-      
-      content.split(/[\r,\r\n]/)
     end
 
     # 添加行号
     def add_line_num(lines)
       start_num = is_big_file? ? 1 : start_line_num
-      lines.each_with_index.map{|line, index| "#{index + start_num}:  #{line}"}
+      lines.each_with_index.map do |line, index| 
+        line = "#{index + start_num}:  #{line}"
+        hightlight_grep_content(line)
+      end
+    end
+
+    # 高亮内容
+    def hightlight_grep_content(content)
+      if @grep_content.present?
+        content.gsub(@grep_content.to_s, "<span style='color: #E35520;'> #{@grep_content}</span>").html_safe
+      else
+        content
+      end
     end
 
     private

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: web_sandbox_console
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - dongmingyan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-25 00:00:00.000000000 Z
+date: 2020-07-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -50,9 +50,11 @@ files:
 - README.md
 - Rakefile
 - app/assets/config/web_sandbox_console_manifest.js
+- app/assets/images/web_sandbox_console/logo-icon.png
 - app/assets/javascripts/web_sandbox_console/application.js
 - app/assets/javascripts/web_sandbox_console/home.js
 - app/assets/stylesheets/web_sandbox_console/application.css
+- app/assets/stylesheets/web_sandbox_console/common.css
 - app/assets/stylesheets/web_sandbox_console/home.css
 - app/controllers/web_sandbox_console/application_controller.rb
 - app/controllers/web_sandbox_console/authorization_controller.rb
@@ -65,12 +67,14 @@ files:
 - app/views/web_sandbox_console/authorization/auth_page.html.erb
 - app/views/web_sandbox_console/authorization/fetch_token.js.erb
 - app/views/web_sandbox_console/home/do_view_file.js.erb
+- app/views/web_sandbox_console/home/download_page.html.erb
 - app/views/web_sandbox_console/home/eval_code.js.erb
 - app/views/web_sandbox_console/home/index.html.erb
 - app/views/web_sandbox_console/home/view_file.html.erb
 - config/routes.rb
 - lib/generators/web_sandbox_console/USAGE
 - lib/generators/web_sandbox_console/templates/web_sandbox_console.rb
+- lib/generators/web_sandbox_console/templates/web_sandbox_console.yml
 - lib/generators/web_sandbox_console/web_sandbox_console_generator.rb
 - lib/tasks/web_sandbox_console_tasks.rake
 - lib/web_sandbox_console.rb