writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
542 Commits
45 Branches
215 MiB
 
 
 
 
 
Tree: 0286dcf214
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0286dcf214'
${ noResults }
writefreely/admin.go

460 lines
13 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2018-2019 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"fmt"

  16. 	"net/http"

  17. 	"runtime"

  18. 	"strconv"

  19. 	"time"

  20. 

  21. 	"github.com/gorilla/mux"

  22. 	"github.com/writeas/impart"

  23. 	"github.com/writeas/web-core/auth"

  24. 	"github.com/writeas/web-core/log"

  25. 	"github.com/writeas/writefreely/appstats"

  26. 	"github.com/writeas/writefreely/config"

  27. )

  28. 

  29. var (

  30. 	appStartTime = time.Now()

  31. 	sysStatus    systemStatus

  32. )

  33. 

  34. const adminUsersPerPage = 30

  35. 

  36. type systemStatus struct {

  37. 	Uptime       string

  38. 	NumGoroutine int

  39. 

  40. 	// General statistics.

  41. 	MemAllocated string // bytes allocated and still in use

  42. 	MemTotal     string // bytes allocated (even if freed)

  43. 	MemSys       string // bytes obtained from system (sum of XxxSys below)

  44. 	Lookups      uint64 // number of pointer lookups

  45. 	MemMallocs   uint64 // number of mallocs

  46. 	MemFrees     uint64 // number of frees

  47. 

  48. 	// Main allocation heap statistics.

  49. 	HeapAlloc    string // bytes allocated and still in use

  50. 	HeapSys      string // bytes obtained from system

  51. 	HeapIdle     string // bytes in idle spans

  52. 	HeapInuse    string // bytes in non-idle span

  53. 	HeapReleased string // bytes released to the OS

  54. 	HeapObjects  uint64 // total number of allocated objects

  55. 

  56. 	// Low-level fixed-size structure allocator statistics.

  57. 	//	Inuse is bytes used now.

  58. 	//	Sys is bytes obtained from system.

  59. 	StackInuse  string // bootstrap stacks

  60. 	StackSys    string

  61. 	MSpanInuse  string // mspan structures

  62. 	MSpanSys    string

  63. 	MCacheInuse string // mcache structures

  64. 	MCacheSys   string

  65. 	BuckHashSys string // profiling bucket hash table

  66. 	GCSys       string // GC metadata

  67. 	OtherSys    string // other system allocations

  68. 

  69. 	// Garbage collector statistics.

  70. 	NextGC       string // next run in HeapAlloc time (bytes)

  71. 	LastGC       string // last run in absolute time (ns)

  72. 	PauseTotalNs string

  73. 	PauseNs      string // circular buffer of recent GC pause times, most recent at [(NumGC+255)%256]

  74. 	NumGC        uint32

  75. }

  76. 

  77. type inspectedCollection struct {

  78. 	CollectionObj

  79. 	Followers int

  80. 	LastPost  string

  81. }

  82. 

  83. type instanceContent struct {

  84. 	ID      string

  85. 	Type    string

  86. 	Title   sql.NullString

  87. 	Content string

  88. 	Updated time.Time

  89. }

  90. 

  91. func (c instanceContent) UpdatedFriendly() string {

  92. 	/*

  93. 		// TODO: accept a locale in this method and use that for the format

  94. 		var loc monday.Locale = monday.LocaleEnUS

  95. 		return monday.Format(u.Created, monday.DateTimeFormatsByLocale[loc], loc)

  96. 	*/

  97. 	return c.Updated.Format("January 2, 2006, 3:04 PM")

  98. }

  99. 

  100. func handleViewAdminDash(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  101. 	updateAppStats()

  102. 	p := struct {

  103. 		*UserPage

  104. 		SysStatus systemStatus

  105. 		Config    config.AppCfg

  106. 

  107. 		Message, ConfigMessage string

  108. 	}{

  109. 		UserPage:  NewUserPage(app, r, u, "Admin", nil),

  110. 		SysStatus: sysStatus,

  111. 		Config:    app.cfg.App,

  112. 

  113. 		Message:       r.FormValue("m"),

  114. 		ConfigMessage: r.FormValue("cm"),

  115. 	}

  116. 

  117. 	showUserPage(w, "admin", p)

  118. 	return nil

  119. }

  120. 

  121. func handleViewAdminUsers(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  122. 	p := struct {

  123. 		*UserPage

  124. 		Config  config.AppCfg

  125. 		Message string

  126. 

  127. 		Users      *[]User

  128. 		CurPage    int

  129. 		TotalUsers int64

  130. 		TotalPages []int

  131. 	}{

  132. 		UserPage: NewUserPage(app, r, u, "Users", nil),

  133. 		Config:   app.cfg.App,

  134. 		Message:  r.FormValue("m"),

  135. 	}

  136. 

  137. 	p.TotalUsers = app.db.GetAllUsersCount()

  138. 	ttlPages := p.TotalUsers / adminUsersPerPage

  139. 	p.TotalPages = []int{}

  140. 	for i := 1; i <= int(ttlPages); i++ {

  141. 		p.TotalPages = append(p.TotalPages, i)

  142. 	}

  143. 

  144. 	var err error

  145. 	p.CurPage, err = strconv.Atoi(r.FormValue("p"))

  146. 	if err != nil || p.CurPage < 1 {

  147. 		p.CurPage = 1

  148. 	} else if p.CurPage > int(ttlPages) {

  149. 		p.CurPage = int(ttlPages)

  150. 	}

  151. 

  152. 	p.Users, err = app.db.GetAllUsers(uint(p.CurPage))

  153. 	if err != nil {

  154. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get users: %v", err)}

  155. 	}

  156. 

  157. 	showUserPage(w, "users", p)

  158. 	return nil

  159. }

  160. 

  161. func handleViewAdminUser(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  162. 	vars := mux.Vars(r)

  163. 	username := vars["username"]

  164. 	if username == "" {

  165. 		return impart.HTTPError{http.StatusFound, "/admin/users"}

  166. 	}

  167. 

  168. 	p := struct {

  169. 		*UserPage

  170. 		Config  config.AppCfg

  171. 		Message string

  172. 

  173. 		User     *User

  174. 		Colls    []inspectedCollection

  175. 		LastPost string

  176. 

  177. 		TotalPosts int64

  178. 	}{

  179. 		Config:  app.cfg.App,

  180. 		Message: r.FormValue("m"),

  181. 		Colls:   []inspectedCollection{},

  182. 	}

  183. 

  184. 	var err error

  185. 	p.User, err = app.db.GetUserForAuth(username)

  186. 	if err != nil {

  187. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user: %v", err)}

  188. 	}

  189. 	p.UserPage = NewUserPage(app, r, u, p.User.Username, nil)

  190. 	p.TotalPosts = app.db.GetUserPostsCount(p.User.ID)

  191. 	lp, err := app.db.GetUserLastPostTime(p.User.ID)

  192. 	if err != nil {

  193. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user's last post time: %v", err)}

  194. 	}

  195. 	if lp != nil {

  196. 		p.LastPost = lp.Format("January 2, 2006, 3:04 PM")

  197. 	}

  198. 

  199. 	colls, err := app.db.GetCollections(p.User, app.cfg.App.Host)

  200. 	if err != nil {

  201. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user's collections: %v", err)}

  202. 	}

  203. 	for _, c := range *colls {

  204. 		ic := inspectedCollection{

  205. 			CollectionObj: CollectionObj{Collection: c},

  206. 		}

  207. 

  208. 		if app.cfg.App.Federation {

  209. 			folls, err := app.db.GetAPFollowers(&c)

  210. 			if err == nil {

  211. 				// TODO: handle error here (at least log it)

  212. 				ic.Followers = len(*folls)

  213. 			}

  214. 		}

  215. 

  216. 		app.db.GetPostsCount(&ic.CollectionObj, true)

  217. 

  218. 		lp, err := app.db.GetCollectionLastPostTime(c.ID)

  219. 		if err != nil {

  220. 			log.Error("Didn't get last post time for collection %d: %v", c.ID, err)

  221. 		}

  222. 		if lp != nil {

  223. 			ic.LastPost = lp.Format("January 2, 2006, 3:04 PM")

  224. 		}

  225. 

  226. 		p.Colls = append(p.Colls, ic)

  227. 	}

  228. 

  229. 	showUserPage(w, "view-user", p)

  230. 	return nil

  231. }

  232. 

  233. func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  234. 	p := struct {

  235. 		*UserPage

  236. 		Config  config.AppCfg

  237. 		Message string

  238. 

  239. 		Pages []*instanceContent

  240. 	}{

  241. 		UserPage: NewUserPage(app, r, u, "Pages", nil),

  242. 		Config:   app.cfg.App,

  243. 		Message:  r.FormValue("m"),

  244. 	}

  245. 

  246. 	var err error

  247. 	p.Pages, err = app.db.GetInstancePages()

  248. 	if err != nil {

  249. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get pages: %v", err)}

  250. 	}

  251. 

  252. 	// Add in default pages

  253. 	var hasAbout, hasPrivacy bool

  254. 	for i, c := range p.Pages {

  255. 		if hasAbout && hasPrivacy {

  256. 			break

  257. 		}

  258. 		if c.ID == "about" {

  259. 			hasAbout = true

  260. 			if !c.Title.Valid {

  261. 				p.Pages[i].Title = defaultAboutTitle(app.cfg)

  262. 			}

  263. 		} else if c.ID == "privacy" {

  264. 			hasPrivacy = true

  265. 			if !c.Title.Valid {

  266. 				p.Pages[i].Title = defaultPrivacyTitle()

  267. 			}

  268. 		}

  269. 	}

  270. 	if !hasAbout {

  271. 		p.Pages = append(p.Pages, &instanceContent{

  272. 			ID:      "about",

  273. 			Title:   defaultAboutTitle(app.cfg),

  274. 			Content: defaultAboutPage(app.cfg),

  275. 			Updated: defaultPageUpdatedTime,

  276. 		})

  277. 	}

  278. 	if !hasPrivacy {

  279. 		p.Pages = append(p.Pages, &instanceContent{

  280. 			ID:      "privacy",

  281. 			Title:   defaultPrivacyTitle(),

  282. 			Content: defaultPrivacyPolicy(app.cfg),

  283. 			Updated: defaultPageUpdatedTime,

  284. 		})

  285. 	}

  286. 

  287. 	showUserPage(w, "pages", p)

  288. 	return nil

  289. }

  290. 

  291. func handleViewAdminPage(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  292. 	vars := mux.Vars(r)

  293. 	slug := vars["slug"]

  294. 	if slug == "" {

  295. 		return impart.HTTPError{http.StatusFound, "/admin/pages"}

  296. 	}

  297. 

  298. 	p := struct {

  299. 		*UserPage

  300. 		Config  config.AppCfg

  301. 		Message string

  302. 

  303. 		Banner  *instanceContent

  304. 		Content *instanceContent

  305. 	}{

  306. 		Config:  app.cfg.App,

  307. 		Message: r.FormValue("m"),

  308. 	}

  309. 

  310. 	var err error

  311. 	// Get pre-defined pages, or select slug

  312. 	if slug == "about" {

  313. 		p.Content, err = getAboutPage(app)

  314. 	} else if slug == "privacy" {

  315. 		p.Content, err = getPrivacyPage(app)

  316. 	} else if slug == "landing" {

  317. 		p.Banner, err = getLandingBanner(app)

  318. 		if err != nil {

  319. 			return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get banner: %v", err)}

  320. 		}

  321. 		p.Content, err = getLandingBody(app)

  322. 		p.Content.ID = "landing"

  323. 	} else if slug == "reader" {

  324. 		p.Content, err = getReaderSection(app)

  325. 	} else {

  326. 		p.Content, err = app.db.GetDynamicContent(slug)

  327. 	}

  328. 	if err != nil {

  329. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get page: %v", err)}

  330. 	}

  331. 	title := "New page"

  332. 	if p.Content != nil {

  333. 		title = "Edit " + p.Content.ID

  334. 	} else {

  335. 		p.Content = &instanceContent{}

  336. 	}

  337. 	p.UserPage = NewUserPage(app, r, u, title, nil)

  338. 

  339. 	showUserPage(w, "view-page", p)

  340. 	return nil

  341. }

  342. 

  343. func handleAdminUpdateSite(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  344. 	vars := mux.Vars(r)

  345. 	id := vars["page"]

  346. 

  347. 	// Validate

  348. 	if id != "about" && id != "privacy" && id != "landing" && id != "reader" {

  349. 		return impart.HTTPError{http.StatusNotFound, "No such page."}

  350. 	}

  351. 

  352. 	var err error

  353. 	m := ""

  354. 	if id == "landing" {

  355. 		// Handle special landing page

  356. 		err = app.db.UpdateDynamicContent("landing-banner", "", r.FormValue("banner"), "section")

  357. 		if err != nil {

  358. 			m = "?m=" + err.Error()

  359. 			return impart.HTTPError{http.StatusFound, "/admin/page/" + id + m}

  360. 		}

  361. 		err = app.db.UpdateDynamicContent("landing-body", "", r.FormValue("content"), "section")

  362. 	} else if id == "reader" {

  363. 		// Update sections with titles

  364. 		err = app.db.UpdateDynamicContent(id, r.FormValue("title"), r.FormValue("content"), "section")

  365. 	} else {

  366. 		// Update page

  367. 		err = app.db.UpdateDynamicContent(id, r.FormValue("title"), r.FormValue("content"), "page")

  368. 	}

  369. 	if err != nil {

  370. 		m = "?m=" + err.Error()

  371. 	}

  372. 	return impart.HTTPError{http.StatusFound, "/admin/page/" + id + m}

  373. }

  374. 

  375. func handleAdminUpdateConfig(apper Apper, u *User, w http.ResponseWriter, r *http.Request) error {

  376. 	apper.App().cfg.App.SiteName = r.FormValue("site_name")

  377. 	apper.App().cfg.App.SiteDesc = r.FormValue("site_desc")

  378. 	apper.App().cfg.App.Landing = r.FormValue("landing")

  379. 	apper.App().cfg.App.OpenRegistration = r.FormValue("open_registration") == "on"

  380. 	mul, err := strconv.Atoi(r.FormValue("min_username_len"))

  381. 	if err == nil {

  382. 		apper.App().cfg.App.MinUsernameLen = mul

  383. 	}

  384. 	mb, err := strconv.Atoi(r.FormValue("max_blogs"))

  385. 	if err == nil {

  386. 		apper.App().cfg.App.MaxBlogs = mb

  387. 	}

  388. 	apper.App().cfg.App.Federation = r.FormValue("federation") == "on"

  389. 	apper.App().cfg.App.PublicStats = r.FormValue("public_stats") == "on"

  390. 	apper.App().cfg.App.Private = r.FormValue("private") == "on"

  391. 	apper.App().cfg.App.LocalTimeline = r.FormValue("local_timeline") == "on"

  392. 	if apper.App().cfg.App.LocalTimeline && apper.App().timeline == nil {

  393. 		log.Info("Initializing local timeline...")

  394. 		initLocalTimeline(apper.App())

  395. 	}

  396. 	apper.App().cfg.App.UserInvites = r.FormValue("user_invites")

  397. 	if apper.App().cfg.App.UserInvites == "none" {

  398. 		apper.App().cfg.App.UserInvites = ""

  399. 	}

  400. 	apper.App().cfg.App.DefaultVisibility = r.FormValue("default_visibility")

  401. 

  402. 	m := "?cm=Configuration+saved."

  403. 	err = apper.SaveConfig(apper.App().cfg)

  404. 	if err != nil {

  405. 		m = "?cm=" + err.Error()

  406. 	}

  407. 	return impart.HTTPError{http.StatusFound, "/admin" + m + "#config"}

  408. }

  409. 

  410. func updateAppStats() {

  411. 	sysStatus.Uptime = appstats.TimeSincePro(appStartTime)

  412. 

  413. 	m := new(runtime.MemStats)

  414. 	runtime.ReadMemStats(m)

  415. 	sysStatus.NumGoroutine = runtime.NumGoroutine()

  416. 

  417. 	sysStatus.MemAllocated = appstats.FileSize(int64(m.Alloc))

  418. 	sysStatus.MemTotal = appstats.FileSize(int64(m.TotalAlloc))

  419. 	sysStatus.MemSys = appstats.FileSize(int64(m.Sys))

  420. 	sysStatus.Lookups = m.Lookups

  421. 	sysStatus.MemMallocs = m.Mallocs

  422. 	sysStatus.MemFrees = m.Frees

  423. 

  424. 	sysStatus.HeapAlloc = appstats.FileSize(int64(m.HeapAlloc))

  425. 	sysStatus.HeapSys = appstats.FileSize(int64(m.HeapSys))

  426. 	sysStatus.HeapIdle = appstats.FileSize(int64(m.HeapIdle))

  427. 	sysStatus.HeapInuse = appstats.FileSize(int64(m.HeapInuse))

  428. 	sysStatus.HeapReleased = appstats.FileSize(int64(m.HeapReleased))

  429. 	sysStatus.HeapObjects = m.HeapObjects

  430. 

  431. 	sysStatus.StackInuse = appstats.FileSize(int64(m.StackInuse))

  432. 	sysStatus.StackSys = appstats.FileSize(int64(m.StackSys))

  433. 	sysStatus.MSpanInuse = appstats.FileSize(int64(m.MSpanInuse))

  434. 	sysStatus.MSpanSys = appstats.FileSize(int64(m.MSpanSys))

  435. 	sysStatus.MCacheInuse = appstats.FileSize(int64(m.MCacheInuse))

  436. 	sysStatus.MCacheSys = appstats.FileSize(int64(m.MCacheSys))

  437. 	sysStatus.BuckHashSys = appstats.FileSize(int64(m.BuckHashSys))

  438. 	sysStatus.GCSys = appstats.FileSize(int64(m.GCSys))

  439. 	sysStatus.OtherSys = appstats.FileSize(int64(m.OtherSys))

  440. 

  441. 	sysStatus.NextGC = appstats.FileSize(int64(m.NextGC))

  442. 	sysStatus.LastGC = fmt.Sprintf("%.1fs", float64(time.Now().UnixNano()-int64(m.LastGC))/1000/1000/1000)

  443. 	sysStatus.PauseTotalNs = fmt.Sprintf("%.1fs", float64(m.PauseTotalNs)/1000/1000/1000)

  444. 	sysStatus.PauseNs = fmt.Sprintf("%.3fs", float64(m.PauseNs[(m.NumGC+255)%256])/1000/1000/1000)

  445. 	sysStatus.NumGC = m.NumGC

  446. }

  447. 

  448. func adminResetPassword(app *App, u *User, newPass string) error {

  449. 	hashedPass, err := auth.HashPass([]byte(newPass))

  450. 	if err != nil {

  451. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not create password hash: %v", err)}

  452. 	}

  453. 

  454. 	err = app.db.ChangePassphrase(u.ID, true, "", hashedPass)

  455. 	if err != nil {

  456. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not update passphrase: %v", err)}

  457. 	}

  458. 	return nil

  459. }