lupine.api 1.1.56 → 1.1.58

package/admin/admin-release.tsx

@@ -9,6 +9,7 @@ import {
   formatBytes,
   downloadStream,
   ActionSheetSelectPromise,
+  encodeHtml,
 } from 'lupine.components';
 
 interface ReleaseListProps {
@@ -290,7 +291,7 @@ export const AdminReleasePage = () => {
       NotificationMessage.sendMessage(dataResponse.message || 'Failed to refresh cache', NotificationColor.Error);
       return;
     }
-    domLog.value = <pre>{JSON.stringify(dataResponse, null, 2)}</pre>;
+    domLog.value = <pre>{encodeHtml(JSON.stringify(dataResponse, null, 2))}</pre>;
     NotificationMessage.sendMessage('Cache refreshed successfully', NotificationColor.Success);
   };
 
@@ -332,6 +333,45 @@ export const AdminReleasePage = () => {
     NotificationMessage.sendMessage('Restart App successfully', NotificationColor.Success);
   };
 
+  const onShellLocal = async () => {
+    return onShell(true);
+  };
+  const onShellRemote = async () => {
+    return onShell(false);
+  };
+  const onShell = async (isLocal?: boolean) => {
+    const data = getDomData();
+    if (!isLocal) {
+      if (!data.targetUrl || !data.accessToken) {
+        NotificationMessage.sendMessage('Please fill in all fields', NotificationColor.Error);
+        return;
+      }
+    }
+
+    const index = await ActionSheetSelectPromise({
+      title: 'Run Cmd ?',
+      options: ['OK'],
+      cancelButtonText: 'Cancel',
+    });
+    if (index !== 0) {
+      return;
+    }
+
+    const response = await getRenderPageProps().renderPageFunctions.fetchData('/api/admin/release/shell', {
+      ...data,
+      isLocal,
+      cmd: ref.$('.release-cmd').value,
+    });
+    const dataResponse = await response.json;
+    console.log('shell', dataResponse);
+    if (!dataResponse || dataResponse.status !== 'ok') {
+      NotificationMessage.sendMessage(dataResponse.message || 'Failed to run cmd', NotificationColor.Error);
+      return;
+    }
+    domLog.value = <pre>{encodeHtml(dataResponse.message) + '\r\n<br>' + encodeHtml(dataResponse.result)}</pre>;
+    NotificationMessage.sendMessage('Restart App successfully', NotificationColor.Success);
+  };
+
   const ref: RefProps = {
     onLoad: async () => {
       const data = JSON.parse(localStorage.getItem('admin-release') || '{}');
@@ -341,19 +381,19 @@ export const AdminReleasePage = () => {
   };
   return (
     <div ref={ref} css={css} class='admin-release-top'>
-      <div class='row-box mt1 mb1'>
+      <div class='row-box mt-m'>
         <label class='label mr-m release-label'>Target Url:</label>
         <div class='w-50p'>
           <input type='text' class='input-base w-100p target-url' placeholder='Target Url' />
         </div>
       </div>
-      <div class='row-box mt1 mb1'>
+      <div class='row-box mt-m'>
         <label class='label mr-m release-label'>Access token:</label>
         <div class='w-50p'>
           <input type='text' class='input-base w-100p access-token' placeholder='Access token' />
         </div>
       </div>
-      <div class='row-box mt1 mb1'>
+      <div class='row-box mt-m'>
         <button onClick={onCheck} class='button-base mr-m'>
           Check
         </button>
@@ -370,6 +410,15 @@ export const AdminReleasePage = () => {
           Restart App (Local)
         </button>
       </div>
+      <div class='row-box mt-m mb-m'>
+        <input type='text' class='input-base w-50p release-cmd mr-m' placeholder='Command' />
+        <button onClick={onShellRemote} class='button-base color-red mr-m'>
+          Run Cmd (Remote)
+        </button>
+        <button onClick={onShellLocal} class='button-base'>
+          Run Cmd (Local)
+        </button>
+      </div>
       {domUpdate.node}
       {domLog.node}
     </div>

package/admin/admin-table-data.tsx

@@ -6,7 +6,7 @@ import {
   getDefaultPageLimit,
   HtmlVar,
   PagingLink,
-  escapeHtml,
+  encodeHtml,
 } from 'lupine.components';
 
 const loadData = async (
@@ -34,7 +34,7 @@ const loadData = async (
         <div class='table'>
           <div class='fields bg-gray'>
             {Object.keys(data.json.result[0]).map((field: any, index: number) => {
-              return <div class='p1 item'>{escapeHtml(field)}</div>;
+              return <div class='p1 item'>{encodeHtml(field)}</div>;
             })}
             {update && update.onDelete && update.onEdit && <div class='p1 item'>Action</div>}
           </div>
@@ -43,7 +43,7 @@ const loadData = async (
             return (
               <div class='values'>
                 {Object.keys(item).map((field: any, index: number) => {
-                  return <div class='p1 item'>{escapeHtml(item[field])}</div>;
+                  return <div class='p1 item'>{encodeHtml(item[field])}</div>;
                 })}
                 {update && update.onDelete && update.onEdit && (
                   <div class='p1 item'>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lupine.api",
-  "version": "1.1.56",
+  "version": "1.1.58",
   "license": "MIT",
   "author": "uuware.com",
   "homepage": "https://github.com/uuware/lupine.js",

package/src/admin-api/admin-release.ts

@@ -12,6 +12,7 @@ import {
   processRefreshCache,
   apiStorage,
   processRestartApp,
+  processShell,
 } from 'lupine.api';
 import path from 'path';
 import { needDevAdminSession } from './admin-auth';
@@ -39,12 +40,16 @@ export class AdminRelease implements IApiBase {
     this.router.use('/refresh-cache', needDevAdminSession, this.refreshCache.bind(this));
     this.router.use('/restart-app', needDevAdminSession, this.restartApp.bind(this));
 
+    this.router.use('/shell', needDevAdminSession, this.shell.bind(this));
+
     // ...ByClient will verify credentials from post, so it doesn't need AdminSession
     this.router.use('/byClientCheck', this.byClientCheck.bind(this));
     this.router.use('/byClientUpdate', this.byClientUpdate.bind(this));
     this.router.use('/byClientRefreshCache', this.byClientRefreshCache.bind(this));
     this.router.use('/byClientRestartApp', this.byClientRestartApp.bind(this));
     this.router.use('/byClientViewLog', this.byClientViewLog.bind(this));
+
+    this.router.use('/byClientShell', this.byClientShell.bind(this));
   }
 
   async viewLog(req: ServerRequest, res: ServerResponse) {
@@ -170,6 +175,48 @@ export class AdminRelease implements IApiBase {
     return true;
   }
 
+  async shell(req: ServerRequest, res: ServerResponse) {
+    // check whether it's from online admin
+    const json = await adminApiHelper.getDevAdminFromCookie(req, res, false);
+    const jsonData = req.locals.json();
+    if (json && jsonData && !Array.isArray(jsonData) && jsonData.isLocal) {
+      const result = await processShell(req);
+      const response = {
+        status: 'ok',
+        message: 'Shell executed successfully.',
+        result,
+      };
+      ApiHelper.sendJson(req, res, response);
+      return true;
+    }
+
+    const data = await this.chkData(jsonData, req, res, true);
+    if (!data) return true;
+
+    let targetUrl = data.targetUrl as string;
+    if (targetUrl.endsWith('/')) {
+      targetUrl = targetUrl.slice(0, -1);
+    }
+    const remoteData = await fetch(targetUrl + '/api/admin/release/byClientShell', {
+      method: 'POST',
+      body: JSON.stringify(data),
+    });
+    const resultText = await remoteData.text();
+    let remoteResult: any;
+    try {
+      remoteResult = JSON.parse(resultText);
+    } catch (e: any) {
+      remoteResult = { status: 'error', message: resultText };
+    }
+    const response = {
+      status: 'ok',
+      message: 'check.',
+      ...remoteResult,
+    };
+    ApiHelper.sendJson(req, res, response);
+    return true;
+  }
+
   public async chkData(data: any, req: ServerRequest, res: ServerResponse, chkCredential: boolean) {
     // add access token
     if (!data || Array.isArray(data) || typeof data !== 'object' || !data.accessToken || !data.targetUrl) {
@@ -486,14 +533,12 @@ export class AdminRelease implements IApiBase {
         body: JSON.stringify({ ...data, chkOption, index: cnt, size: fileContent.length }) + '\n\n' + chunk,
       };
       this.logger.info(
-        `updateSendFile, index: ${cnt}, sending: ${chunk.length} (${i + chunk.length} / ${
-          fileContent.length
+        `updateSendFile, index: ${cnt}, sending: ${chunk.length} (${i + chunk.length} / ${fileContent.length
         }), f: ${sendFile}`
       );
       apiStorage.set(
         releaseProgress,
-        `updateSendFile, index: ${cnt}, sending: ${chunk.length} (${i + chunk.length} / ${
-          fileContent.length
+        `updateSendFile, index: ${cnt}, sending: ${chunk.length} (${i + chunk.length} / ${fileContent.length
         }), f: ${sendFile}`
       );
       i > 0 && (await new Promise((resolve) => setTimeout(resolve, 1000)));
@@ -637,4 +682,19 @@ export class AdminRelease implements IApiBase {
     ApiHelper.sendJson(req, res, response);
     return true;
   }
+
+  async byClientShell(req: ServerRequest, res: ServerResponse) {
+    const jsonData = req.locals.json();
+    const data = await this.chkData(jsonData, req, res, true);
+    if (!data) return true;
+
+    const result = await processShell(req);
+    const response = {
+      status: 'ok',
+      message: 'Shell executed successfully.',
+      result,
+    };
+    ApiHelper.sendJson(req, res, response);
+    return true;
+  }
 }

package/src/api/shell-service.ts

@@ -1,4 +1,4 @@
-import { spawn, ChildProcessWithoutNullStreams } from 'child_process';
+import { spawn, exec, ChildProcessWithoutNullStreams } from 'child_process';
 import os from 'os';
 import { MiniWebSocket } from './mini-web-socket';
 import { Duplex } from 'stream';
@@ -13,7 +13,7 @@ export class ShellService {
     this._socket = socket;
     this._miniWebSocket = miniWebSocket;
     try {
-      const shellCmd: string = this.getDefaultShell();
+      const shellCmd: string = ShellService.getDefaultShell();
       this._shell = spawn(shellCmd, [], {
         stdio: ['pipe', 'pipe', 'pipe'],
       });
@@ -35,7 +35,7 @@ export class ShellService {
     });
   }
 
-  getDefaultShell() {
+  static getDefaultShell() {
     const platform = os.platform();
     if (platform === 'win32') {
       return process.env.COMSPEC || 'cmd.exe';
@@ -63,4 +63,12 @@ export class ShellService {
       this._miniWebSocket.sendMessage(this._socket!, 'Shell is not available.');
     }
   }
+
+  public static async directCmd(cmd: string): Promise<string> {
+    return new Promise((resolve) => {
+      exec(cmd, { shell: this.getDefaultShell() }, (error, stdout, stderr) => {
+        resolve(stdout + stderr);
+      });
+    });
+  }
 }

package/src/app/process-dev-requests.ts

@@ -6,6 +6,7 @@ import { appHelper } from './app-helper';
 import { DebugService } from '../api/debug-service';
 import { AppCacheGlobal, AppCacheKeys, getAppCache, ServerRequest } from '../models';
 import { cleanupAndExit } from './cleanup-exit';
+import { ShellService } from '../api/shell-service';
 const logger = new Logger('process-dev-requests');
 
 function deleteRequireCache(moduleName: string) {
@@ -76,6 +77,16 @@ export async function processRestartApp(req: ServerRequest) {
   }
 }
 
+export async function processShell(req: ServerRequest) {
+  const data = req.locals.json();
+  if (!data || Array.isArray(data) || !data.cmd) {
+    return 'Wrong data.';
+  }
+  const cmd = data.cmd as string;
+  const shell = await ShellService.directCmd(cmd);
+  return shell;
+}
+
 // this is called from a request in debug mode
 export async function processDevRequests(req: ServerRequest, res: ServerResponse, rootUrl?: string) {
   res.end();