2023-05-23 00:11:48 +00:00
|
|
|
import { getUsedResources, requestPVE } from "./pve.js";
|
2023-05-24 22:21:00 +00:00
|
|
|
import { db } from "./db.js";
|
2023-04-24 21:28:58 +00:00
|
|
|
|
2023-06-29 21:35:19 +00:00
|
|
|
export async function checkAuth (cookies, res, vmpath = null) {
|
2023-05-23 00:11:48 +00:00
|
|
|
let auth = false;
|
|
|
|
|
2023-05-24 22:21:00 +00:00
|
|
|
if (db.getUserConfig(cookies.username) === null) {
|
2023-05-23 00:11:48 +00:00
|
|
|
auth = false;
|
2023-06-29 21:35:19 +00:00
|
|
|
res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: `User ${cookies.username} not found in localdb.` });
|
2023-05-23 00:11:48 +00:00
|
|
|
res.end();
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (vmpath) {
|
2023-06-29 21:35:19 +00:00
|
|
|
const result = await requestPVE(`/${vmpath}/config`, "GET", cookies);
|
2023-05-23 00:11:48 +00:00
|
|
|
auth = result.status === 200;
|
2023-06-29 22:09:57 +00:00
|
|
|
}
|
|
|
|
else { // if no path is specified, then do a simple authentication
|
2023-06-29 21:35:19 +00:00
|
|
|
const result = await requestPVE("/version", "GET", cookies);
|
2023-05-23 00:11:48 +00:00
|
|
|
auth = result.status === 200;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!auth) {
|
2023-06-29 21:35:19 +00:00
|
|
|
res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: "User token did not pass authentication check." });
|
2023-05-23 00:11:48 +00:00
|
|
|
res.end();
|
|
|
|
}
|
|
|
|
return auth;
|
|
|
|
}
|
|
|
|
|
2023-06-29 21:35:19 +00:00
|
|
|
export async function getUserResources (req, username) {
|
|
|
|
const dbResources = db.getResourceConfig();
|
|
|
|
const used = await getUsedResources(req, dbResources);
|
|
|
|
const max = db.getUserConfig(username).resources.max;
|
|
|
|
const avail = {};
|
2023-04-24 21:28:58 +00:00
|
|
|
Object.keys(max).forEach((k) => {
|
2023-06-21 05:06:38 +00:00
|
|
|
if (dbResources[k] && dbResources[k].type === "list") {
|
|
|
|
avail[k] = structuredClone(max[k]);
|
|
|
|
used[k].forEach((usedDeviceName) => {
|
2023-06-29 21:35:19 +00:00
|
|
|
const index = avail[k].findIndex((maxElement) => usedDeviceName.includes(maxElement));
|
2023-06-21 05:06:38 +00:00
|
|
|
avail[k].splice(index, 1);
|
|
|
|
});
|
2023-06-29 22:09:57 +00:00
|
|
|
}
|
|
|
|
else {
|
2023-06-21 05:06:38 +00:00
|
|
|
avail[k] = max[k] - used[k];
|
|
|
|
}
|
2023-04-24 21:28:58 +00:00
|
|
|
});
|
2023-06-29 21:35:19 +00:00
|
|
|
return { used, max, avail, resources: dbResources };
|
2023-04-24 21:28:58 +00:00
|
|
|
}
|
|
|
|
|
2023-06-29 21:35:19 +00:00
|
|
|
export async function approveResources (req, username, request) {
|
|
|
|
const user = await getUserResources(req, username);
|
|
|
|
const avail = user.avail;
|
|
|
|
const resources = user.resources;
|
2023-05-24 23:10:05 +00:00
|
|
|
let approved = true;
|
2023-04-24 21:28:58 +00:00
|
|
|
Object.keys(request).forEach((key) => {
|
2023-05-24 22:21:00 +00:00
|
|
|
if (!(key in avail)) { // if requested resource is not in avail, block
|
2023-05-24 23:10:05 +00:00
|
|
|
approved = false;
|
2023-06-29 22:09:57 +00:00
|
|
|
}
|
|
|
|
else if (resources[key].type === "list") {
|
2023-06-29 21:35:19 +00:00
|
|
|
const inAvail = avail[key].some(availElem => request[key].includes(availElem));
|
|
|
|
if (inAvail !== resources[key].whitelist) {
|
2023-06-14 04:49:43 +00:00
|
|
|
approved = false;
|
|
|
|
}
|
2023-06-29 22:09:57 +00:00
|
|
|
}
|
|
|
|
else if (isNaN(avail[key]) || isNaN(request[key])) { // if either the requested or avail resource is NaN, block
|
2023-05-24 23:10:05 +00:00
|
|
|
approved = false;
|
2023-06-29 22:09:57 +00:00
|
|
|
}
|
|
|
|
else if (avail[key] - request[key] < 0) { // if the avail resources is less than the requested resources, block
|
2023-05-24 23:10:05 +00:00
|
|
|
approved = false;
|
2023-06-09 02:05:26 +00:00
|
|
|
}
|
2023-04-24 21:28:58 +00:00
|
|
|
});
|
2023-05-24 23:10:05 +00:00
|
|
|
return approved; // if all requested resources pass, allow
|
2023-06-29 21:35:19 +00:00
|
|
|
}
|