Replace simple admin UI with a simple UI view (#1446)

Martii · web-flow · commit 0a6ddfabf2b0 · 2018-06-25T06:09:04.000-06:00
NOTES: * This is a continuous WIP e.g. there will be a lot more in stages when there is available time. We need a more user friendly UI though right now. * All columns are to ensure integrity and facilitate easier bug checking. TODO: * Pagination * Possible sort-able column headers * Search-ability * Revoke in `modifySessions.js` and enable with strict logging *(hopefully)* * `authedUser` filter * Possible modified integration with `Session` in Preferences for GDPR Post #1203 ... related to #604 Auto-merge
diff --git a/controllers/admin.js b/controllers/admin.js
@@ -8,10 +8,11 @@ var isDbg = require('../libs/debug').isDbg;
 //
 
 //--- Dependency inclusions
-var async = require('async');
 var exec = require('child_process').exec;
-var git = require('git-rev');
+
+var async = require('async');
 var _ = require('underscore');
+var git = require('git-rev');
 
 //--- Model inclusions
 var Comment = require('../models/comment').Comment;
@@ -345,86 +346,120 @@ exports.adminProcessCloneView = function (aReq, aRes, aNext) {
 }
 
 exports.adminSessionActiveView = function (aReq, aRes, aNext) {
-  if (!userIsAdmin(aReq)) {
+  function preRender() {
+  }
+
+  function render() {
+    aRes.render('pages/adminSessionListPage', options);
+  }
+
+  function asyncComplete(aErr) {
+    if (aErr) {
+      aNext();
+      return;
+    }
+
+    preRender();
+    render();
+  }
+
+  //
+  var options = {};
+  var authedUser = aReq.session.user;
+  var tasks = [];
+
+  var store = aReq.sessionStore;
+  var sessionColl = store.db.collection('sessions');
+
+  // Session
+  options.authedUser = authedUser = modelParser.parseUser(authedUser);
+  options.isMod = authedUser && authedUser.isMod;
+  options.isAdmin = authedUser && authedUser.isAdmin;
+
+  if (!options.isAdmin) {
     statusCodePage(aReq, aRes, aNext, {
       statusCode: 403,
       statusMessage: 'This page is only accessible by admins.'
     });
     return;
   }
 
-  var store = aReq.sessionStore;
-  var sessionColl = store.db.collection('sessions');
 
-  sessionColl.find({
-  }, function (aErr, aUserSessions) {
-    if (aErr) {
-      statusCodePage(aReq, aRes, aNext, {
-        statusCode: 520,
-        statusMessage: 'Unknown error with `sessionColl.find`.'
-      });
-      return;
-    }
+  // Page metadata
+  pageMetadata(options, ['Sessions', 'Admin']);
 
-    if (!aUserSessions) {
-      statusCodePage(aReq, aRes, aNext, {
-        statusCode: 200,
-        statusMessage: 'No sessions'
-      });
-      return;
-    }
+  //--- Tasks
 
-    aUserSessions.toArray(function (aErr, aSessionsData) {
-      var options = {};
-      options.namedCount = 0;
-      options.rawCount = 0;
-      options.session = [];
+  tasks.push(function (aCallback) {
 
+    sessionColl.find({
+    }, function (aErr, aUserSessions) {
       if (aErr) {
-        // We want to know what the error value is in logging review
-        console.error('Unknown error with `toArray`.\n' + aErr);
-
         statusCodePage(aReq, aRes, aNext, {
           statusCode: 520,
-          statusMessage: 'Unknown error with `toArray`.'
+          statusMessage: 'Unknown error with `sessionColl.find`.'
         });
         return;
       }
 
-      aSessionsData.forEach(function (aElement, aIndex) {
-        var data = JSON.parse(aElement.session);
+      if (!aUserSessions) {
+        statusCodePage(aReq, aRes, aNext, {
+          statusCode: 200,
+          statusMessage: 'No sessions'
+        });
+        return;
+      }
 
-        if (data && data.user) {
-          options.session.push({
-            _id: aElement._id,
-            name: data.user.name,
-            cookie: data.cookie
-          });
+      aUserSessions.toArray(function (aErr, aSessionsData) {
+        options.sessionList = [];
 
-          options.namedCount++;
+        if (aErr) {
+          // We want to know what the error value is in logging review
+          console.error('Unknown error with `toArray`.\n' + aErr);
 
-        } else if (data && !data.user) {
-          options.session.push({
-            _id: aElement._id,
-            expires: data.cookie.expires,
-            data: data
+          statusCodePage(aReq, aRes, aNext, {
+            statusCode: 520,
+            statusMessage: 'Unknown error with `toArray`.'
           });
+          return;
         }
-        options.rawCount++;
-      });
 
-      // Sort the sessions
-      options.session = _.sortBy(options.session, function (aSession) {
-        return (aSession.name) ? aSession.name.toLowerCase() : aSession.name;
-      });
+        aSessionsData.forEach(function (aElement, aIndex) {
+          var data = JSON.parse(aElement.session);
+          var obj = null;
+
+          if (data) {
+            obj = {
+              _id: aElement._id,
+              name: (data.user ? data.user.name : data.username),
+              userPageUrl: (data.user ? data.user.userPageUrl : null),
+              cookie: {
+                expires: (data.cookie.expires ? new Date(data.cookie.expires) : false),
+                secure: data.cookie.secure,
+                httpOnly: data.cookie.httpOnly,
+                sameSite: data.cookie.sameSite,
+                sameSiteStrict: data.cookie.sameSite === 'strict',
+                sameSiteLax: data.cookie.sameSite === 'lax' ,
+              }
+            };
+            modelParser.parseDateProperty(obj.cookie, 'expires');
+            options.sessionList.push(obj);
+          }
+        });
 
-      // Currently output in simplified JSON
-      aRes.set('Content-Type', 'application/json; charset=UTF-8');
-      aRes.write(JSON.stringify(options, null, isPro ? '' : ' '));
-      aRes.end();
+        // Sort the sessions for now
+        options.sessionList = _.sortBy(options.sessionList, function (aSession) {
+          return (aSession.name) ? aSession.name.toLowerCase() : aSession.name;
+        });
 
+        aCallback();
+      });
     });
+
   });
+
+  //---
+  async.parallel(tasks, asyncComplete);
 };
 
 // View everything about current deployed `./package.json`
diff --git a/libs/modelParser.js b/libs/modelParser.js
@@ -99,6 +99,7 @@ var parseDateProperty = function (aObj, aKey) {
     }
   }
 };
+exports.parseDateProperty = parseDateProperty;
 
 // Parse persisted model data and return a new object
 // with additional generated fields used in view templates.
diff --git a/views/includes/sessionList.html b/views/includes/sessionList.html
@@ -0,0 +1,44 @@
+<table class="table table-hover table-condensed">
+  <thead>
+    <tr>
+      <th>Name</th>
+      <th class="text-center">expires</th>
+      <th class="text-center">secure</th>
+      <th class="text-center">httpOnly</th>
+      <th class="text-center">sameSite</th>
+      <th>Action</th>
+    </tr>
+  </thead>
+  <tbody>
+    {{#sessionList}}
+    <tr class="tr-link">
+      <td>
+        <b>
+          {{#userPageUrl}}<a href="{{{userPageUrl}}}" class="tr-link-a">{{name}}</a>{{/userPageUrl}}
+          {{^userPageUrl}}{{name}}{{/userPageUrl}}
+        </b>
+      </td>
+      <td class="text-center td-fit">
+        {{#cookie.expires}}<time datetime="{{cookie.expiresISOFormat}}" title="{{cookie.expires}}">{{cookie.expiresHumanized}}</time>{{/cookie.expires}}
+        {{^cookie.expires}}&infin;{{/cookie.expires}}
+      </td>
+      <td class="text-center td-fit">
+        <span class="fa fa-{{^cookie.secure}}un{{/cookie.secure}}lock"></span>
+      </td>
+      <td class="text-center td-fit">
+        <span class="fa fa-{{#cookie.httpOnly}}check{{/cookie.httpOnly}}{{^cookie.httpOnly}}times{{/cookie.httpOnly}}"></span>
+      </td>
+      <td class="text-center td-fit">
+        {{#cookie.sameSiteStrict}}<span class="fa fa-circle"></span>{{/cookie.sameSiteStrict}}
+        {{#cookie.sameSiteLax}}<span class="fa fa-adjust"></span>{{/cookie.sameSiteLax}}
+        {{^cookie.sameSite}}<span class="fa fa-circle-o"></span>{{/cookie.sameSite}}
+      </td>
+      <td class="td-fit">
+        <button type="button" class="btn btn-sm btn-success disabled" aria-label="Left Align">
+          <span class="fa fa-sign-out" aria-hidden="true"> Sign Out</span>
+        </button>
+      </td>
+    </tr>
+    {{/sessionList}}
+  </tbody>
+</table>
diff --git a/views/pages/adminSessionListPage.html b/views/pages/adminSessionListPage.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>{{title}}</title>
+  {{> includes/head.html }}
+</head>
+<body>
+  {{> includes/header.html }}
+  <div class="container-fluid">
+    <div class="row">
+      <div class="col-sm-8">
+        <h2 class="page-heading">
+          Sessions
+        </h2>
+        {{#paginationRendered}}
+        <div class="text-center collapse">
+          {{{paginationRendered}}}
+        </div>
+        {{/paginationRendered}}
+        <div class="panel panel-default">
+          {{> includes/sessionList.html }}
+        </div>
+        {{#paginationRendered}}
+        <div class="text-center">
+          {{{paginationRendered}}}
+        </div>
+        {{/paginationRendered}}
+      </div>
+      <div class="col-sm-4">
+        {{> includes/searchBarPanel.html }}
+        {{#isFlagged}}
+          {{#isAdmin}}
+            {{> includes/flagAdminToolFlaggedFilters.html }}
+          {{/isAdmin}}
+        {{/isFlagged}}
+      </div>
+    </div>
+  </div>
+  {{> includes/footer.html }}
+  {{#paginationRendered}}
+    {{> includes/scripts/showTopPagination.html }}
+  {{/paginationRendered}}
+  {{> includes/scripts/tableTrLinkScript.html }}
+  {{> includes/scripts/formControlClear.html }}
+</body>
+</html>

Original file line number	Diff line number	Diff line change
`@@ -99,6 +99,7 @@ var parseDateProperty = function (aObj, aKey) {`
`99`	`99`	`}`
`100`	`100`	`}`
`101`	`101`	`};`
	`102`	`+exports.parseDateProperty = parseDateProperty;`
`102`	`103`
`103`	`104`	`// Parse persisted model data and return a new object`
`104`	`105`	`// with additional generated fields used in view templates.`