writefreely
/
writefreely
mirror of https://github.com/writefreely/writefreely.git
2
0
Fork 0
Code Issues Releases 25 Wiki Activity
A clean, Markdown-based publishing platform made for writers. Write together, and build a community. https://writefreely.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
501 Commits
45 Branches
184 MiB
 
 
 
 
 
Tree: eae4097677
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'eae4097677'
${ noResults }
writefreely/admin.go

481 lines
13 KiB
Raw Blame History 

  1. /*

  2.  * Copyright © 2018-2019 A Bunch Tell LLC.

  3.  *

  4.  * This file is part of WriteFreely.

  5.  *

  6.  * WriteFreely is free software: you can redistribute it and/or modify

  7.  * it under the terms of the GNU Affero General Public License, included

  8.  * in the LICENSE file in this source code package.

  9.  */

  10. 

  11. package writefreely

  12. 

  13. import (

  14. 	"database/sql"

  15. 	"fmt"

  16. 	"net/http"

  17. 	"runtime"

  18. 	"strconv"

  19. 	"time"

  20. 

  21. 	"github.com/gogits/gogs/pkg/tool"

  22. 	"github.com/gorilla/mux"

  23. 	"github.com/writeas/impart"

  24. 	"github.com/writeas/web-core/auth"

  25. 	"github.com/writeas/web-core/log"

  26. 	"github.com/writeas/writefreely/config"

  27. )

  28. 

  29. var (

  30. 	appStartTime = time.Now()

  31. 	sysStatus    systemStatus

  32. )

  33. 

  34. const adminUsersPerPage = 30

  35. 

  36. type systemStatus struct {

  37. 	Uptime       string

  38. 	NumGoroutine int

  39. 

  40. 	// General statistics.

  41. 	MemAllocated string // bytes allocated and still in use

  42. 	MemTotal     string // bytes allocated (even if freed)

  43. 	MemSys       string // bytes obtained from system (sum of XxxSys below)

  44. 	Lookups      uint64 // number of pointer lookups

  45. 	MemMallocs   uint64 // number of mallocs

  46. 	MemFrees     uint64 // number of frees

  47. 

  48. 	// Main allocation heap statistics.

  49. 	HeapAlloc    string // bytes allocated and still in use

  50. 	HeapSys      string // bytes obtained from system

  51. 	HeapIdle     string // bytes in idle spans

  52. 	HeapInuse    string // bytes in non-idle span

  53. 	HeapReleased string // bytes released to the OS

  54. 	HeapObjects  uint64 // total number of allocated objects

  55. 

  56. 	// Low-level fixed-size structure allocator statistics.

  57. 	//	Inuse is bytes used now.

  58. 	//	Sys is bytes obtained from system.

  59. 	StackInuse  string // bootstrap stacks

  60. 	StackSys    string

  61. 	MSpanInuse  string // mspan structures

  62. 	MSpanSys    string

  63. 	MCacheInuse string // mcache structures

  64. 	MCacheSys   string

  65. 	BuckHashSys string // profiling bucket hash table

  66. 	GCSys       string // GC metadata

  67. 	OtherSys    string // other system allocations

  68. 

  69. 	// Garbage collector statistics.

  70. 	NextGC       string // next run in HeapAlloc time (bytes)

  71. 	LastGC       string // last run in absolute time (ns)

  72. 	PauseTotalNs string

  73. 	PauseNs      string // circular buffer of recent GC pause times, most recent at [(NumGC+255)%256]

  74. 	NumGC        uint32

  75. }

  76. 

  77. type inspectedCollection struct {

  78. 	CollectionObj

  79. 	Followers int

  80. 	LastPost  string

  81. }

  82. 

  83. type instanceContent struct {

  84. 	ID      string

  85. 	Type    string

  86. 	Title   sql.NullString

  87. 	Content string

  88. 	Updated time.Time

  89. }

  90. 

  91. func (c instanceContent) UpdatedFriendly() string {

  92. 	/*

  93. 		// TODO: accept a locale in this method and use that for the format

  94. 		var loc monday.Locale = monday.LocaleEnUS

  95. 		return monday.Format(u.Created, monday.DateTimeFormatsByLocale[loc], loc)

  96. 	*/

  97. 	return c.Updated.Format("January 2, 2006, 3:04 PM")

  98. }

  99. 

  100. func handleViewAdminDash(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  101. 	updateAppStats()

  102. 	p := struct {

  103. 		*UserPage

  104. 		SysStatus systemStatus

  105. 		Config    config.AppCfg

  106. 

  107. 		Message, ConfigMessage string

  108. 	}{

  109. 		UserPage:  NewUserPage(app, r, u, "Admin", nil),

  110. 		SysStatus: sysStatus,

  111. 		Config:    app.cfg.App,

  112. 

  113. 		Message:       r.FormValue("m"),

  114. 		ConfigMessage: r.FormValue("cm"),

  115. 	}

  116. 	showUserPage(w, "admin", p)

  117. 	return nil

  118. }

  119. 

  120. func handleViewAdminUsers(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  121. 	p := struct {

  122. 		*UserPage

  123. 		Config  config.AppCfg

  124. 		Message string

  125. 

  126. 		Users      *[]User

  127. 		CurPage    int

  128. 		TotalUsers int64

  129. 		TotalPages []int

  130. 	}{

  131. 		UserPage: NewUserPage(app, r, u, "Users", nil),

  132. 		Config:   app.cfg.App,

  133. 		Message:  r.FormValue("m"),

  134. 	}

  135. 

  136. 	p.TotalUsers = app.db.GetAllUsersCount()

  137. 	ttlPages := p.TotalUsers / adminUsersPerPage

  138. 	p.TotalPages = []int{}

  139. 	for i := 1; i <= int(ttlPages); i++ {

  140. 		p.TotalPages = append(p.TotalPages, i)

  141. 	}

  142. 

  143. 	var err error

  144. 	p.CurPage, err = strconv.Atoi(r.FormValue("p"))

  145. 	if err != nil || p.CurPage < 1 {

  146. 		p.CurPage = 1

  147. 	} else if p.CurPage > int(ttlPages) {

  148. 		p.CurPage = int(ttlPages)

  149. 	}

  150. 

  151. 	p.Users, err = app.db.GetAllUsers(uint(p.CurPage))

  152. 	if err != nil {

  153. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get users: %v", err)}

  154. 	}

  155. 

  156. 	showUserPage(w, "users", p)

  157. 	return nil

  158. }

  159. 

  160. func handleViewAdminUser(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  161. 	vars := mux.Vars(r)

  162. 	username := vars["username"]

  163. 	if username == "" {

  164. 		return impart.HTTPError{http.StatusFound, "/admin/users"}

  165. 	}

  166. 

  167. 	p := struct {

  168. 		*UserPage

  169. 		Config  config.AppCfg

  170. 		Message string

  171. 

  172. 		User     *User

  173. 		Colls    []inspectedCollection

  174. 		LastPost string

  175. 

  176. 		TotalPosts int64

  177. 	}{

  178. 		Config:  app.cfg.App,

  179. 		Message: r.FormValue("m"),

  180. 		Colls:   []inspectedCollection{},

  181. 	}

  182. 

  183. 	var err error

  184. 	p.User, err = app.db.GetUserForAuth(username)

  185. 	if err != nil {

  186. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user: %v", err)}

  187. 	}

  188. 	p.UserPage = NewUserPage(app, r, u, p.User.Username, nil)

  189. 	p.TotalPosts = app.db.GetUserPostsCount(p.User.ID)

  190. 	lp, err := app.db.GetUserLastPostTime(p.User.ID)

  191. 	if err != nil {

  192. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user's last post time: %v", err)}

  193. 	}

  194. 	if lp != nil {

  195. 		p.LastPost = lp.Format("January 2, 2006, 3:04 PM")

  196. 	}

  197. 

  198. 	colls, err := app.db.GetCollections(p.User)

  199. 	if err != nil {

  200. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get user's collections: %v", err)}

  201. 	}

  202. 	for _, c := range *colls {

  203. 		ic := inspectedCollection{

  204. 			CollectionObj: CollectionObj{Collection: c},

  205. 		}

  206. 

  207. 		if app.cfg.App.Federation {

  208. 			folls, err := app.db.GetAPFollowers(&c)

  209. 			if err == nil {

  210. 				// TODO: handle error here (at least log it)

  211. 				ic.Followers = len(*folls)

  212. 			}

  213. 		}

  214. 

  215. 		app.db.GetPostsCount(&ic.CollectionObj, true)

  216. 

  217. 		lp, err := app.db.GetCollectionLastPostTime(c.ID)

  218. 		if err != nil {

  219. 			log.Error("Didn't get last post time for collection %d: %v", c.ID, err)

  220. 		}

  221. 		if lp != nil {

  222. 			ic.LastPost = lp.Format("January 2, 2006, 3:04 PM")

  223. 		}

  224. 

  225. 		p.Colls = append(p.Colls, ic)

  226. 	}

  227. 

  228. 	showUserPage(w, "view-user", p)

  229. 	return nil

  230. }

  231. 

  232. func handleViewAdminPages(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  233. 	p := struct {

  234. 		*UserPage

  235. 		Config  config.AppCfg

  236. 		Message string

  237. 

  238. 		Pages []*instanceContent

  239. 	}{

  240. 		UserPage: NewUserPage(app, r, u, "Pages", nil),

  241. 		Config:   app.cfg.App,

  242. 		Message:  r.FormValue("m"),

  243. 	}

  244. 

  245. 	var err error

  246. 	p.Pages, err = app.db.GetInstancePages()

  247. 	if err != nil {

  248. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get pages: %v", err)}

  249. 	}

  250. 

  251. 	// Add in default pages

  252. 	var hasAbout, hasPrivacy bool

  253. 	for i, c := range p.Pages {

  254. 		if hasAbout && hasPrivacy {

  255. 			break

  256. 		}

  257. 		if c.ID == "about" {

  258. 			hasAbout = true

  259. 			if !c.Title.Valid {

  260. 				p.Pages[i].Title = defaultAboutTitle(app.cfg)

  261. 			}

  262. 		} else if c.ID == "privacy" {

  263. 			hasPrivacy = true

  264. 			if !c.Title.Valid {

  265. 				p.Pages[i].Title = defaultPrivacyTitle()

  266. 			}

  267. 		}

  268. 	}

  269. 	if !hasAbout {

  270. 		p.Pages = append(p.Pages, &instanceContent{

  271. 			ID:      "about",

  272. 			Title:   defaultAboutTitle(app.cfg),

  273. 			Content: defaultAboutPage(app.cfg),

  274. 			Updated: defaultPageUpdatedTime,

  275. 		})

  276. 	}

  277. 	if !hasPrivacy {

  278. 		p.Pages = append(p.Pages, &instanceContent{

  279. 			ID:      "privacy",

  280. 			Title:   defaultPrivacyTitle(),

  281. 			Content: defaultPrivacyPolicy(app.cfg),

  282. 			Updated: defaultPageUpdatedTime,

  283. 		})

  284. 	}

  285. 

  286. 	showUserPage(w, "pages", p)

  287. 	return nil

  288. }

  289. 

  290. func handleViewAdminPage(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  291. 	vars := mux.Vars(r)

  292. 	slug := vars["slug"]

  293. 	if slug == "" {

  294. 		return impart.HTTPError{http.StatusFound, "/admin/pages"}

  295. 	}

  296. 

  297. 	p := struct {

  298. 		*UserPage

  299. 		Config  config.AppCfg

  300. 		Message string

  301. 

  302. 		Banner  *instanceContent

  303. 		Content *instanceContent

  304. 	}{

  305. 		Config:  app.cfg.App,

  306. 		Message: r.FormValue("m"),

  307. 	}

  308. 

  309. 	var err error

  310. 	// Get pre-defined pages, or select slug

  311. 	if slug == "about" {

  312. 		p.Content, err = getAboutPage(app)

  313. 	} else if slug == "privacy" {

  314. 		p.Content, err = getPrivacyPage(app)

  315. 	} else if slug == "landing" {

  316. 		p.Banner, err = getLandingBanner(app)

  317. 		if err != nil {

  318. 			return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get banner: %v", err)}

  319. 		}

  320. 		p.Content, err = getLandingBody(app)

  321. 		p.Content.ID = "landing"

  322. 	} else {

  323. 		p.Content, err = app.db.GetDynamicContent(slug)

  324. 	}

  325. 	if err != nil {

  326. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not get page: %v", err)}

  327. 	}

  328. 	title := "New page"

  329. 	if p.Content != nil {

  330. 		title = "Edit " + p.Content.ID

  331. 	} else {

  332. 		p.Content = &instanceContent{}

  333. 	}

  334. 	p.UserPage = NewUserPage(app, r, u, title, nil)

  335. 

  336. 	showUserPage(w, "view-page", p)

  337. 	return nil

  338. }

  339. 

  340. func handleAdminUpdateSite(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  341. 	vars := mux.Vars(r)

  342. 	id := vars["page"]

  343. 

  344. 	// Validate

  345. 	if id != "about" && id != "privacy" && id != "landing" {

  346. 		return impart.HTTPError{http.StatusNotFound, "No such page."}

  347. 	}

  348. 

  349. 	var err error

  350. 	m := ""

  351. 	if id == "landing" {

  352. 		// Handle special landing page

  353. 		err = app.db.UpdateDynamicContent("landing-banner", "", r.FormValue("banner"), "section")

  354. 		if err != nil {

  355. 			m = "?m=" + err.Error()

  356. 			return impart.HTTPError{http.StatusFound, "/admin/page/" + id + m}

  357. 		}

  358. 		err = app.db.UpdateDynamicContent("landing-body", "", r.FormValue("content"), "section")

  359. 	} else {

  360. 		// Update page

  361. 		err = app.db.UpdateDynamicContent(id, r.FormValue("title"), r.FormValue("content"), "page")

  362. 	}

  363. 	if err != nil {

  364. 		m = "?m=" + err.Error()

  365. 	}

  366. 	return impart.HTTPError{http.StatusFound, "/admin/page/" + id + m}

  367. }

  368. 

  369. func handleAdminUpdateConfig(apper Apper, u *User, w http.ResponseWriter, r *http.Request) error {

  370. 	apper.App().cfg.App.SiteName = r.FormValue("site_name")

  371. 	apper.App().cfg.App.SiteDesc = r.FormValue("site_desc")

  372. 	apper.App().cfg.App.Landing = r.FormValue("landing")

  373. 	apper.App().cfg.App.OpenRegistration = r.FormValue("open_registration") == "on"

  374. 	mul, err := strconv.Atoi(r.FormValue("min_username_len"))

  375. 	if err == nil {

  376. 		apper.App().cfg.App.MinUsernameLen = mul

  377. 	}

  378. 	mb, err := strconv.Atoi(r.FormValue("max_blogs"))

  379. 	if err == nil {

  380. 		apper.App().cfg.App.MaxBlogs = mb

  381. 	}

  382. 	apper.App().cfg.App.Federation = r.FormValue("federation") == "on"

  383. 	apper.App().cfg.App.PublicStats = r.FormValue("public_stats") == "on"

  384. 	apper.App().cfg.App.Private = r.FormValue("private") == "on"

  385. 	apper.App().cfg.App.LocalTimeline = r.FormValue("local_timeline") == "on"

  386. 	if apper.App().cfg.App.LocalTimeline && apper.App().timeline == nil {

  387. 		log.Info("Initializing local timeline...")

  388. 		initLocalTimeline(apper.App())

  389. 	}

  390. 	apper.App().cfg.App.UserInvites = r.FormValue("user_invites")

  391. 	if apper.App().cfg.App.UserInvites == "none" {

  392. 		apper.App().cfg.App.UserInvites = ""

  393. 	}

  394. 	apper.App().cfg.App.DefaultVisibility = r.FormValue("default_visibility")

  395. 

  396. 	m := "?cm=Configuration+saved."

  397. 	err = apper.SaveConfig(apper.App().cfg)

  398. 	if err != nil {

  399. 		m = "?cm=" + err.Error()

  400. 	}

  401. 	return impart.HTTPError{http.StatusFound, "/admin" + m + "#config"}

  402. }

  403. 

  404. func updateAppStats() {

  405. 	sysStatus.Uptime = tool.TimeSincePro(appStartTime)

  406. 

  407. 	m := new(runtime.MemStats)

  408. 	runtime.ReadMemStats(m)

  409. 	sysStatus.NumGoroutine = runtime.NumGoroutine()

  410. 

  411. 	sysStatus.MemAllocated = tool.FileSize(int64(m.Alloc))

  412. 	sysStatus.MemTotal = tool.FileSize(int64(m.TotalAlloc))

  413. 	sysStatus.MemSys = tool.FileSize(int64(m.Sys))

  414. 	sysStatus.Lookups = m.Lookups

  415. 	sysStatus.MemMallocs = m.Mallocs

  416. 	sysStatus.MemFrees = m.Frees

  417. 

  418. 	sysStatus.HeapAlloc = tool.FileSize(int64(m.HeapAlloc))

  419. 	sysStatus.HeapSys = tool.FileSize(int64(m.HeapSys))

  420. 	sysStatus.HeapIdle = tool.FileSize(int64(m.HeapIdle))

  421. 	sysStatus.HeapInuse = tool.FileSize(int64(m.HeapInuse))

  422. 	sysStatus.HeapReleased = tool.FileSize(int64(m.HeapReleased))

  423. 	sysStatus.HeapObjects = m.HeapObjects

  424. 

  425. 	sysStatus.StackInuse = tool.FileSize(int64(m.StackInuse))

  426. 	sysStatus.StackSys = tool.FileSize(int64(m.StackSys))

  427. 	sysStatus.MSpanInuse = tool.FileSize(int64(m.MSpanInuse))

  428. 	sysStatus.MSpanSys = tool.FileSize(int64(m.MSpanSys))

  429. 	sysStatus.MCacheInuse = tool.FileSize(int64(m.MCacheInuse))

  430. 	sysStatus.MCacheSys = tool.FileSize(int64(m.MCacheSys))

  431. 	sysStatus.BuckHashSys = tool.FileSize(int64(m.BuckHashSys))

  432. 	sysStatus.GCSys = tool.FileSize(int64(m.GCSys))

  433. 	sysStatus.OtherSys = tool.FileSize(int64(m.OtherSys))

  434. 

  435. 	sysStatus.NextGC = tool.FileSize(int64(m.NextGC))

  436. 	sysStatus.LastGC = fmt.Sprintf("%.1fs", float64(time.Now().UnixNano()-int64(m.LastGC))/1000/1000/1000)

  437. 	sysStatus.PauseTotalNs = fmt.Sprintf("%.1fs", float64(m.PauseTotalNs)/1000/1000/1000)

  438. 	sysStatus.PauseNs = fmt.Sprintf("%.3fs", float64(m.PauseNs[(m.NumGC+255)%256])/1000/1000/1000)

  439. 	sysStatus.NumGC = m.NumGC

  440. }

  441. 

  442. func adminResetPassword(app *App, u *User, newPass string) error {

  443. 	hashedPass, err := auth.HashPass([]byte(newPass))

  444. 	if err != nil {

  445. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not create password hash: %v", err)}

  446. 	}

  447. 

  448. 	err = app.db.ChangePassphrase(u.ID, true, "", hashedPass)

  449. 	if err != nil {

  450. 		return impart.HTTPError{http.StatusInternalServerError, fmt.Sprintf("Could not update passphrase: %v", err)}

  451. 	}

  452. 	return nil

  453. }

  454. 

  455. func handleViewAdminUpdates(app *App, u *User, w http.ResponseWriter, r *http.Request) error {

  456. 	check := r.URL.Query().Get("check")

  457. 

  458. 	if check == "now" && app.cfg.App.UpdateChecks {

  459. 		app.updates.CheckNow()

  460. 	}

  461. 

  462. 	p := struct {

  463. 		*UserPage

  464. 		LastChecked      string

  465. 		LatestVersion    string

  466. 		LatestReleaseURL string

  467. 		UpdateAvailable  bool

  468. 	}{

  469. 		UserPage: NewUserPage(app, r, u, "Updates", nil),

  470. 	}

  471. 	if app.cfg.App.UpdateChecks {

  472. 		p.LastChecked = app.updates.lastCheck.Format("January 2, 2006, 3:04 PM")

  473. 		p.LatestVersion = app.updates.LatestVersion()

  474. 		p.LatestReleaseURL = app.updates.ReleaseURL()

  475. 		p.UpdateAvailable = app.updates.AreAvailable()

  476. 	}

  477. 

  478. 	showUserPage(w, "app-updates", p)

  479. 	return nil

  480. }