lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-23 11:37:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: 禁止普通用户使用不安全插件,比如复制到本机、自定义js脚本等

Browse Source
This commit is contained in:
xiaojunnuo
2024-09-29 01:14:21 +08:00
parent 5aa06f5b07
commit 4fcaab5feb
10 changed files with 70 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts
+5 -1
View File
@@ -8,7 +8,7 @@ import path from 'path';
name: 'CopyToLocal',
title: '复制到本机',
icon: 'solar:copy-bold-duotone',
desc: '实际上是复制证书到docker容器内的某个路径,需要做目录映射到宿主机',
desc: '【仅管理员使用】实际上是复制证书到docker容器内的某个路径,需要做目录映射到宿主机',
group: pluginGroups.host.key,
default: {
strategy: {
@@ -114,6 +114,10 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin {
fs.copyFileSync(srcFile, destFile);
}
async execute(): Promise<void> {
if (!this.isAdmin()) {
throw new Error('只有管理员才能运行此任务');
}
let { crtPath, keyPath, icPath, pfxPath, derPath } = this;
const certReader = new CertReader(this.cert);
packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-restart.ts
+4 -1
View File
@@ -4,7 +4,7 @@ import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput
name: 'RestartCertd',
title: '重启Certd',
icon: 'mdi:restart',
desc: '延迟一定时间后自动杀死自己,然后通过Docker来自动重启',
desc: '【仅管理员】延迟一定时间后自动杀死自己,然后通过Docker来自动重启',
group: pluginGroups.other.key,
default: {
strategy: {
@@ -25,6 +25,9 @@ export class RestartCertdPlugin extends AbstractTaskPlugin {
delay = 30;
async onInstance() {}
async execute(): Promise<void> {
if (!this.isAdmin()) {
throw new Error('只有管理员才能运行此任务');
}
this.logger.info(`Certd 将在 ${this.delay} 秒后关闭`);
setTimeout(() => {
this.logger.info('重启 Certd');
packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-script.ts
+5 -2
View File
@@ -9,8 +9,8 @@ export type CustomScriptContext = {
@IsTaskPlugin({
name: 'CustomScript',
title: '自定义js脚本',
icon:"ri:javascript-line",
desc: '测试',
icon: 'ri:javascript-line',
desc: '【仅管理员】运行自定义js脚本执行',
group: pluginGroups.other.key,
default: {
strategy: {
@@ -45,6 +45,9 @@ export class CustomScriptPlugin extends AbstractTaskPlugin {
async onInstance() {}
async execute(): Promise<void> {
if (!this.isAdmin()) {
throw new Error('只有管理员才能运行此任务');
}
this.logger.info('执行自定义脚本:\n', this.script);
const ctx: CustomScriptContext = {
CertReader,