From 2a70548a43e94028626f8a9584ae9c1eede2e75e Mon Sep 17 00:00:00 2001 From: Arthur Lu Date: Thu, 27 Apr 2023 15:39:01 +0000 Subject: [PATCH] add node restriction Signed-off-by: Arthur Lu --- main.js | 5 +++++ utils.js | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/main.js b/main.js index 03e8476..74e2177 100644 --- a/main.js +++ b/main.js @@ -229,6 +229,11 @@ app.post("/api/instance", async (req, res) => { res.end(); return; } + if (!user.nodes.includes(req.body.node)) { + res.status(500).send({error: `Requested node ${req.body.node} is not in allowed nodes [${user.nodes}]`}); + res.end(); + return; + } let action = { vmid: req.body.vmid, cores: req.body.cores, diff --git a/utils.js b/utils.js index 7ab9ca2..8710140 100644 --- a/utils.js +++ b/utils.js @@ -3,8 +3,8 @@ import { getUserConfig, getResourceConfig } from "./db.js"; export async function getUserData (req, username) { let resources = await getAllocatedResources(req, username); - let instances = getUserConfig(req.cookies.username).instances; - return {resources: resources, instances: instances}; + let user = getUserConfig(req.cookies.username); + return {resources: resources, instances: user.instances, nodes: user.nodes}; } async function getAllocatedResources (req, username) {