Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixed some escpaing issues, removed dead code, eslint (#8222) 

* fixed some escpaing issues, removed dead code, eslint

* wrong function name

* changelog

* applied requested changes
This commit is contained in:
Heiko 2019-02-27 09:51:14 +01:00 committed by Michael Hackstein
parent b6224c65bb
commit e6ae1e42b1
17 changed files with 43 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@ -1,6 +1,9 @@
devel devel
----- -----
* fixed some escaping issues within the web ui.
* follow up to fix JWT authentication in arangosh (#7530): * follow up to fix JWT authentication in arangosh (#7530):
also fix reconnect also fix reconnect

2
js/apps/system/_admin/aardvark/APP/frontend/js/arango/arango.js
View File

@ -129,7 +129,7 @@
} }
}); });
} }
return shortName; return arangoHelper.escapeHtml(shortName);
}, },
getDatabaseShortName: function (id) { getDatabaseShortName: function (id) {

2
js/apps/system/_admin/aardvark/APP/frontend/js/collections/arangoDocument.js
View File

@ -112,7 +112,7 @@ window.ArangoDocument = Backbone.Collection.extend({
$.ajax({ $.ajax({
cache: false, cache: false,
type: 'GET', type: 'GET',
url: arangoHelper.databaseUrl('/_api/collection/' + identifier + '?' + arangoHelper.getRandomToken()), url: arangoHelper.databaseUrl('/_api/collection/' + encodeURIComponent(identifier) + '?' + arangoHelper.getRandomToken()),
contentType: 'application/json', contentType: 'application/json',
processData: false, processData: false,
success: function (data) { success: function (data) {

27
js/apps/system/_admin/aardvark/APP/frontend/js/routers/router.js
View File

@ -394,29 +394,6 @@
this.nodeView.render(); this.nodeView.render();
}, },
nodeInfo: function (id, initialized) {
this.checkUser();
if (!initialized || this.isCluster === undefined) {
this.waitForInit(this.nodeInfo.bind(this), id);
return;
}
if (this.isCluster === false) {
this.routes[''] = 'dashboard';
this.navigate('#dashboard', {trigger: true});
return;
}
if (this.nodeInfoView) {
this.nodeInfoView.remove();
}
this.nodeInfoView = new window.NodeInfoView({
nodeId: id,
coordinators: this.coordinatorCollection,
dbServers: this.dbServers[0]
});
this.nodeInfoView.render();
},
shards: function (initialized) { shards: function (initialized) {
this.checkUser(); this.checkUser();
if (!initialized || this.isCluster === undefined) { if (!initialized || this.isCluster === undefined) {
@ -533,10 +510,10 @@
xhr.setRequestHeader('Authorization', 'Basic ' + btoa(token)); xhr.setRequestHeader('Authorization', 'Basic ' + btoa(token));
}, },
logger: function (name, initialized) { logger: function (initialized) {
this.checkUser(); this.checkUser();
if (!initialized) { if (!initialized) {
this.waitForInit(this.logger.bind(this), name); this.waitForInit(this.logger.bind(this));
return; return;
} }
if (!this.loggerView) { if (!this.loggerView) {

27
js/apps/system/_admin/aardvark/APP/frontend/js/templates/nodeInfoView.ejs
View File

@ -1,27 +0,0 @@
<script id="nodeInfoView.ejs" type="text/template">
<div class="nodeInfoView">
<div class="modal-body">
<table id="serverInfoTable" class="arango-table">
<tbody>
<% _.each(entries, function (entry, name) { %>
<tr>
<th class="collectionInfoTh2"><%=name%></th>
<th class="collectionInfoTh">
<div id="server-<%=name%>" class="modal-text"><%=entry%></div>
</th>
<th>
<% if (entry.description) { %>
<th class="tooltipInfoTh">
<span class="tippy" title="<%=entry.description%>"></span>
</th>
<% } %>
</th>
</tr>
<% }); %>
</tbody>
</table>
</div>
</div>
</script>

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/collectionsItemView.js
View File

@ -139,7 +139,7 @@
deleteCollection: function () { deleteCollection: function () {
this.model.destroy( this.model.destroy(
{ {
error: function (error, data) { error: function (_, data) {
arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage); arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage);
}, },
success: function () { success: function () {

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/databaseView.js
View File

@ -250,7 +250,7 @@
reducedCollection; reducedCollection;
searchInput = $('#databaseSearchInput'); searchInput = $('#databaseSearchInput');
searchString = $('#databaseSearchInput').val(); searchString = arangoHelper.escapeHtml($('#databaseSearchInput').val());
reducedCollection = this.collection.filter( reducedCollection = this.collection.filter(
function (u) { function (u) {
return u.get('name').indexOf(searchString) !== -1; return u.get('name').indexOf(searchString) !== -1;

7
js/apps/system/_admin/aardvark/APP/frontend/js/views/documentsView.js
View File

@ -121,7 +121,7 @@
$('#docPureTable').html( $('#docPureTable').html(
'<div class="infoBox errorBox">' + '<div class="infoBox errorBox">' +
'<h4>Error</h4>' + '<h4>Error</h4>' +
'<p>Collection not found. Requested name was: "' + name + '".</p>' + '<p>Collection not found. Requested name was: "' + arangoHelper.escapeHtml(name) + '".</p>' +
'</div>' '</div>'
); );
$('#subNavigationBar .breadcrumb').html(); $('#subNavigationBar .breadcrumb').html();
@ -982,6 +982,7 @@
this.collectionName = window.location.hash.split('/')[1]; this.collectionName = window.location.hash.split('/')[1];
$(this.el).html(this.template.render({})); $(this.el).html(this.template.render({}));
if (this.type === 2) { if (this.type === 2) {
this.type = 'document'; this.type = 'document';
} else if (this.type === 3) { } else if (this.type === 3) {
@ -1062,9 +1063,9 @@
if (window.App.naviView && $('#subNavigationBar .breadcrumb').html() !== undefined) { if (window.App.naviView && $('#subNavigationBar .breadcrumb').html() !== undefined) {
$('#subNavigationBar .breadcrumb').html( $('#subNavigationBar .breadcrumb').html(
'Collection: ' + this.collectionName 'Collection: ' + arangoHelper.escapeHtml(this.collectionName)
); );
window.arangoHelper.buildCollectionSubNav(this.collectionName, 'Content'); arangoHelper.buildCollectionSubNav(this.collectionName, 'Content');
} else { } else {
window.setTimeout(function () { window.setTimeout(function () {
self.breadcrumb(); self.breadcrumb();

118
js/apps/system/_admin/aardvark/APP/frontend/js/views/nodeInfoView.js
View File

@ -1,118 +0,0 @@
/* jshint browser: true */
/* jshint unused: false */
/* global arangoHelper, $, Backbone, templateEngine, window */
(function () {
'use strict';
window.NodeInfoView = Backbone.View.extend({
el: '#content',
template: templateEngine.createTemplate('nodeInfoView.ejs'),
initialize: function (options) {
if (window.App.isCluster) {
this.nodeId = options.nodeId;
this.dbServers = options.dbServers;
this.coordinators = options.coordinators;
}
},
remove: function () {
this.$el.empty().off(); /* off to unbind the events */
this.stopListening();
this.unbind();
delete this.el;
return this;
},
render: function () {
this.$el.html(this.template.render({entries: []}));
var callback = function () {
this.continueRender();
this.breadcrumb(arangoHelper.getCoordinatorShortName(this.nodeId));
$(window).trigger('resize');
}.bind(this);
if (!this.initCoordDone) {
this.waitForCoordinators();
}
if (!this.initDBDone) {
this.waitForDBServers(callback);
} else {
this.nodeId = window.location.hash.split('/')[1];
this.coordinator = this.coordinators.findWhere({name: this.coordname});
callback();
}
},
continueRender: function () {
var model;
if (this.coordinator) {
model = this.coordinator.toJSON();
} else {
model = this.dbServer.toJSON();
}
var renderObj = {};
if (model.name) {
renderObj.Name = model.name;
}
if (model.address) {
renderObj.Address = model.address;
}
if (model.status) {
renderObj.Status = model.status;
}
if (model.protocol) {
renderObj.Protocol = model.protocol;
}
if (model.role) {
renderObj.Role = model.role;
}
this.$el.html(this.template.render({entries: renderObj}));
},
breadcrumb: function (name) {
$('#subNavigationBar .breadcrumb').html('Node: ' + name);
},
waitForCoordinators: function (callback) {
var self = this;
window.setTimeout(function () {
if (self.coordinators.length === 0) {
self.waitForCoordinators(callback);
} else {
self.coordinator = self.coordinators.findWhere({name: self.nodeId});
self.initCoordDone = true;
if (callback) {
callback();
}
}
}, 200);
},
waitForDBServers: function (callback) {
var self = this;
window.setTimeout(function () {
if (self.dbServers.length === 0) {
self.waitForDBServers(callback);
} else {
self.initDBDone = true;
self.dbServers.each(function (model) {
if (model.get('id') === self.nodeId) {
self.dbServer = model;
}
});
callback();
}
}, 200);
}
});
}());

27
js/apps/system/_admin/aardvark/APP/frontend/js/views/queryView.js
View File

@ -310,16 +310,24 @@
$(e.currentTarget).addClass('selected'); $(e.currentTarget).addClass('selected');
var name = this.getQueryNameFromTable(e); var name = this.getQueryNameFromTable(e);
this.queryPreview.setValue(this.getCustomQueryValueByName(name), 1);
try {
this.queryPreview.setValue(this.getCustomQueryValueByName(name), 1);
} catch (e) {
this.queryPreview.setValue('Invalid query name', 1);
arangoHelper.arangoError('Query', 'Invalid query name');
throw (e);
}
this.deselect(this.queryPreview); this.deselect(this.queryPreview);
}, },
getQueryNameFromTable: function (e) { getQueryNameFromTable: function (e) {
var name; var name;
if ($(e.currentTarget).is('tr')) { if ($(e.currentTarget).is('tr')) {
name = $(e.currentTarget).children().first().text(); name = arangoHelper.escapeHtml($(e.currentTarget).children().first().text());
} else if ($(e.currentTarget).is('span')) { } else if ($(e.currentTarget).is('span')) {
name = $(e.currentTarget).parent().parent().prev().text(); name = arangoHelper.escapeHtml($(e.currentTarget).parent().parent().prev().text());
} }
return name; return name;
}, },
@ -374,8 +382,13 @@
this.state.lastQuery.query = this.aqlEditor.getValue(); this.state.lastQuery.query = this.aqlEditor.getValue();
this.state.lastQuery.bindParam = this.bindParamTableObj; this.state.lastQuery.bindParam = this.bindParamTableObj;
this.aqlEditor.setValue(this.getCustomQueryValueByName(name), 1); try {
this.fillBindParamTable(this.getCustomQueryParameterByName(name)); this.aqlEditor.setValue(this.getCustomQueryValueByName(name), 1);
this.fillBindParamTable(this.getCustomQueryParameterByName(name));
} catch (e) {
arangoHelper.arangoError('Query', 'Invalid query name');
throw (e);
}
this.updateBindParams(); this.updateBindParams();
this.currentQuery = this.collection.findWhere({name: name}); this.currentQuery = this.collection.findWhere({name: name});
@ -1570,7 +1583,7 @@
}, },
checkSaveName: function () { checkSaveName: function () {
var saveName = $('#new-query-name').val(); var saveName = arangoHelper.escapeHtml($('#new-query-name').val());
if (saveName === 'Insert Query') { if (saveName === 'Insert Query') {
$('#new-query-name').val(''); $('#new-query-name').val('');
return; return;
@ -1600,7 +1613,7 @@
// update queries first, before writing // update queries first, before writing
this.refreshAQL(); this.refreshAQL();
var saveName = $('#new-query-name').val(); var saveName = arangoHelper.escapeHtml($('#new-query-name').val());
var bindVars = this.bindParamTableObj; var bindVars = this.bindParamTableObj;
if ($('#new-query-name').hasClass('invalid-input')) { if ($('#new-query-name').hasClass('invalid-input')) {

18
js/apps/system/_admin/aardvark/APP/frontend/js/views/replicationView.js
View File

@ -142,23 +142,6 @@
}); });
}, },
getActiveFailoverHealth: function () {
/*
$.ajax({
type: 'GET',
cache: false,
url: arangoHelper.databaseUrl('/_admin/cluster/health'),
contentType: 'application/json',
success: function (data) {
console.log(data);
},
error: function (data) {
console.log(data);
}
});
*/
},
renderEndpoints: function (endpoints) { renderEndpoints: function (endpoints) {
var self = this; var self = this;
@ -363,7 +346,6 @@
if (this.mode === 3) { if (this.mode === 3) {
this.getActiveFailoverEndpoints(); this.getActiveFailoverEndpoints();
this.getLoggerState(); this.getLoggerState();
this.getActiveFailoverHealth();
} else if (this.mode === 2) { } else if (this.mode === 2) {
if (this.info.role === 'leader') { if (this.info.role === 'leader') {
this.getLoggerState(); this.getLoggerState();

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/settingsView.js
View File

@ -96,7 +96,7 @@
if (!this.readOnly) { if (!this.readOnly) {
this.model.destroy( this.model.destroy(
{ {
error: function (error, data) { error: function (_, data) {
arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage); arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage);
}, },
success: function () { success: function () {

6
js/apps/system/_admin/aardvark/APP/frontend/js/views/userManagementView.js
View File

@ -21,10 +21,6 @@
events: { events: {
'click #createUser': 'createUser', 'click #createUser': 'createUser',
'click #submitCreateUser': 'submitCreateUser', 'click #submitCreateUser': 'submitCreateUser',
// "click #deleteUser" : "removeUser",
// "click #submitDeleteUser" : "submitDeleteUser",
// "click .editUser" : "editUser",
// "click .icon" : "editUser",
'click #userManagementThumbnailsIn .tile': 'editUser', 'click #userManagementThumbnailsIn .tile': 'editUser',
'click #submitEditUser': 'submitEditUser', 'click #submitEditUser': 'submitEditUser',
'click #userManagementToggle': 'toggleView', 'click #userManagementToggle': 'toggleView',
@ -129,7 +125,7 @@
reducedCollection; reducedCollection;
searchInput = $('#userManagementSearchInput'); searchInput = $('#userManagementSearchInput');
searchString = $('#userManagementSearchInput').val(); searchString = arangoHelper.escapeHtml($('#userManagementSearchInput').val());
reducedCollection = this.collection.filter( reducedCollection = this.collection.filter(
function (u) { function (u) {
return u.get('user').indexOf(searchString) !== -1; return u.get('user').indexOf(searchString) !== -1;

9
js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js
View File

@ -233,14 +233,8 @@
this.currentUser = this.collection.findWhere({ this.currentUser = this.collection.findWhere({
user: this.username user: this.username
}); });
this.breadcrumb();
var url = arangoHelper.databaseUrl('/_api/user/' + encodeURIComponent(self.currentUser.get('user')) + '/database?full=true'); var url = arangoHelper.databaseUrl('/_api/user/' + encodeURIComponent(self.currentUser.get('user')) + '/database?full=true');
/*
if (frontendConfig.db === '_system') {
url = arangoHelper.databaseUrl('/_api/user/root/database');
}
*/
// FETCH COMPLETE DB LIST // FETCH COMPLETE DB LIST
$.ajax({ $.ajax({
@ -281,6 +275,7 @@
arangoHelper.createTooltips(); arangoHelper.createTooltips();
// check if current user is root // check if current user is root
this.checkRoot(); this.checkRoot();
this.breadcrumb();
}, },
checkRoot: function () { checkRoot: function () {
@ -342,7 +337,7 @@
if (window.App.naviView) { if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html( $('#subNavigationBar .breadcrumb').html(
'User: ' + this.currentUser.get('user') 'User: ' + arangoHelper.escapeHtml(this.currentUser.get('user'))
); );
arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'Permissions'); arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'Permissions');
} else { } else {

6
js/apps/system/_admin/aardvark/APP/frontend/js/views/userView.js
View File

@ -1,6 +1,6 @@
/* jshint browser: true */ /* jshint browser: true */
/* jshint unused: false */ /* jshint unused: false */
/* global CryptoJS, _, arangoHelper, Backbone, window $ */ /* global CryptoJS, _, arangoHelper, Backbone, window, $ */
(function () { (function () {
'use strict'; 'use strict';
@ -158,7 +158,7 @@
{ {
type: window.modalView.tables.TEXT, type: window.modalView.tables.TEXT,
label: 'Name', label: 'Name',
value: name, value: _.escape(name),
id: 'editName', id: 'editName',
placeholder: 'Name' placeholder: 'Name'
}, },
@ -301,7 +301,7 @@
if (window.App.naviView) { if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html( $('#subNavigationBar .breadcrumb').html(
'User: ' + this.username 'User: ' + _.escape(this.username)
); );
arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'General'); arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'General');
} else { } else {

4
js/apps/system/_admin/aardvark/APP/frontend/js/views/viewView.js
View File

@ -323,11 +323,11 @@
if (window.App.naviView) { if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html( $('#subNavigationBar .breadcrumb').html(
'View: ' + self.name 'View: ' + arangoHelper.escapeHtml(self.name)
); );
window.setTimeout(function () { window.setTimeout(function () {
$('#subNavigationBar .breadcrumb').html( $('#subNavigationBar .breadcrumb').html(
'View: ' + self.name 'View: ' + arangoHelper.escapeHtml(self.name)
); );
self.checkIfInProgress(); self.checkIfInProgress();
}, 100); }, 100);

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/viewsView.js
View File

@ -98,7 +98,7 @@
}, },
search: function () { search: function () {
this.setSearchString($('#viewsSearchInput').val()); this.setSearchString(arangoHelper.escapeHtml($('#viewsSearchInput').val()));
this.render(); this.render();
}, },