Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixed some escpaing issues, removed dead code, eslint (#8222) 

* fixed some escpaing issues, removed dead code, eslint

* wrong function name

* changelog

* applied requested changes
This commit is contained in:
Heiko 2019-02-27 09:51:14 +01:00 committed by Michael Hackstein
parent b6224c65bb
commit e6ae1e42b1
17 changed files with 43 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@ -1,6 +1,9 @@
devel
-----
* fixed some escaping issues within the web ui.
* follow up to fix JWT authentication in arangosh (#7530):
also fix reconnect

2
js/apps/system/_admin/aardvark/APP/frontend/js/arango/arango.js
View File

@ -129,7 +129,7 @@
}
});
}
return shortName;
return arangoHelper.escapeHtml(shortName);
},
getDatabaseShortName: function (id) {

2
js/apps/system/_admin/aardvark/APP/frontend/js/collections/arangoDocument.js
View File

@ -112,7 +112,7 @@ window.ArangoDocument = Backbone.Collection.extend({
$.ajax({
cache: false,
type: 'GET',
url: arangoHelper.databaseUrl('/_api/collection/' + identifier + '?' + arangoHelper.getRandomToken()),
url: arangoHelper.databaseUrl('/_api/collection/' + encodeURIComponent(identifier) + '?' + arangoHelper.getRandomToken()),
contentType: 'application/json',
processData: false,
success: function (data) {

27
js/apps/system/_admin/aardvark/APP/frontend/js/routers/router.js
View File

@ -394,29 +394,6 @@
this.nodeView.render();
},
nodeInfo: function (id, initialized) {
this.checkUser();
if (!initialized || this.isCluster === undefined) {
this.waitForInit(this.nodeInfo.bind(this), id);
return;
}
if (this.isCluster === false) {
this.routes[''] = 'dashboard';
this.navigate('#dashboard', {trigger: true});
return;
}
if (this.nodeInfoView) {
this.nodeInfoView.remove();
}
this.nodeInfoView = new window.NodeInfoView({
nodeId: id,
coordinators: this.coordinatorCollection,
dbServers: this.dbServers[0]
});
this.nodeInfoView.render();
},
shards: function (initialized) {
this.checkUser();
if (!initialized || this.isCluster === undefined) {
@ -533,10 +510,10 @@
xhr.setRequestHeader('Authorization', 'Basic ' + btoa(token));
},
logger: function (name, initialized) {
logger: function (initialized) {
this.checkUser();
if (!initialized) {
this.waitForInit(this.logger.bind(this), name);
this.waitForInit(this.logger.bind(this));
return;
}
if (!this.loggerView) {

27
js/apps/system/_admin/aardvark/APP/frontend/js/templates/nodeInfoView.ejs
View File

@ -1,27 +0,0 @@
<script id="nodeInfoView.ejs" type="text/template">
<div class="nodeInfoView">
<div class="modal-body">
<table id="serverInfoTable" class="arango-table">
<tbody>
<% _.each(entries, function (entry, name) { %>
<tr>
<th class="collectionInfoTh2"><%=name%></th>
<th class="collectionInfoTh">
<div id="server-<%=name%>" class="modal-text"><%=entry%></div>
</th>
<th>
<% if (entry.description) { %>
<th class="tooltipInfoTh">
<span class="tippy" title="<%=entry.description%>"></span>
</th>
<% } %>
</th>
</tr>
<% }); %>
</tbody>
</table>
</div>
</div>
</script>

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/collectionsItemView.js
View File

@ -139,7 +139,7 @@
deleteCollection: function () {
this.model.destroy(
{
error: function (error, data) {
error: function (_, data) {
arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage);
},
success: function () {

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/databaseView.js
View File

@ -250,7 +250,7 @@
reducedCollection;
searchInput = $('#databaseSearchInput');
searchString = $('#databaseSearchInput').val();
searchString = arangoHelper.escapeHtml($('#databaseSearchInput').val());
reducedCollection = this.collection.filter(
function (u) {
return u.get('name').indexOf(searchString) !== -1;

7
js/apps/system/_admin/aardvark/APP/frontend/js/views/documentsView.js
View File

@ -121,7 +121,7 @@
$('#docPureTable').html(
'<div class="infoBox errorBox">' +
'<h4>Error</h4>' +
'<p>Collection not found. Requested name was: "' + name + '".</p>' +
'<p>Collection not found. Requested name was: "' + arangoHelper.escapeHtml(name) + '".</p>' +
'</div>'
);
$('#subNavigationBar .breadcrumb').html();
@ -982,6 +982,7 @@
this.collectionName = window.location.hash.split('/')[1];
$(this.el).html(this.template.render({}));
if (this.type === 2) {
this.type = 'document';
} else if (this.type === 3) {
@ -1062,9 +1063,9 @@
if (window.App.naviView && $('#subNavigationBar .breadcrumb').html() !== undefined) {
$('#subNavigationBar .breadcrumb').html(
'Collection: ' + this.collectionName
'Collection: ' + arangoHelper.escapeHtml(this.collectionName)
);
window.arangoHelper.buildCollectionSubNav(this.collectionName, 'Content');
arangoHelper.buildCollectionSubNav(this.collectionName, 'Content');
} else {
window.setTimeout(function () {
self.breadcrumb();

118
js/apps/system/_admin/aardvark/APP/frontend/js/views/nodeInfoView.js
View File

@ -1,118 +0,0 @@
/* jshint browser: true */
/* jshint unused: false */
/* global arangoHelper, $, Backbone, templateEngine, window */
(function () {
'use strict';
window.NodeInfoView = Backbone.View.extend({
el: '#content',
template: templateEngine.createTemplate('nodeInfoView.ejs'),
initialize: function (options) {
if (window.App.isCluster) {
this.nodeId = options.nodeId;
this.dbServers = options.dbServers;
this.coordinators = options.coordinators;
}
},
remove: function () {
this.$el.empty().off(); /* off to unbind the events */
this.stopListening();
this.unbind();
delete this.el;
return this;
},
render: function () {
this.$el.html(this.template.render({entries: []}));
var callback = function () {
this.continueRender();
this.breadcrumb(arangoHelper.getCoordinatorShortName(this.nodeId));
$(window).trigger('resize');
}.bind(this);
if (!this.initCoordDone) {
this.waitForCoordinators();
}
if (!this.initDBDone) {
this.waitForDBServers(callback);
} else {
this.nodeId = window.location.hash.split('/')[1];
this.coordinator = this.coordinators.findWhere({name: this.coordname});
callback();
}
},
continueRender: function () {
var model;
if (this.coordinator) {
model = this.coordinator.toJSON();
} else {
model = this.dbServer.toJSON();
}
var renderObj = {};
if (model.name) {
renderObj.Name = model.name;
}
if (model.address) {
renderObj.Address = model.address;
}
if (model.status) {
renderObj.Status = model.status;
}
if (model.protocol) {
renderObj.Protocol = model.protocol;
}
if (model.role) {
renderObj.Role = model.role;
}
this.$el.html(this.template.render({entries: renderObj}));
},
breadcrumb: function (name) {
$('#subNavigationBar .breadcrumb').html('Node: ' + name);
},
waitForCoordinators: function (callback) {
var self = this;
window.setTimeout(function () {
if (self.coordinators.length === 0) {
self.waitForCoordinators(callback);
} else {
self.coordinator = self.coordinators.findWhere({name: self.nodeId});
self.initCoordDone = true;
if (callback) {
callback();
}
}
}, 200);
},
waitForDBServers: function (callback) {
var self = this;
window.setTimeout(function () {
if (self.dbServers.length === 0) {
self.waitForDBServers(callback);
} else {
self.initDBDone = true;
self.dbServers.each(function (model) {
if (model.get('id') === self.nodeId) {
self.dbServer = model;
}
});
callback();
}
}, 200);
}
});
}());

27
js/apps/system/_admin/aardvark/APP/frontend/js/views/queryView.js
View File

@ -310,16 +310,24 @@
$(e.currentTarget).addClass('selected');
var name = this.getQueryNameFromTable(e);
this.queryPreview.setValue(this.getCustomQueryValueByName(name), 1);
try {
this.queryPreview.setValue(this.getCustomQueryValueByName(name), 1);
} catch (e) {
this.queryPreview.setValue('Invalid query name', 1);
arangoHelper.arangoError('Query', 'Invalid query name');
throw (e);
}
this.deselect(this.queryPreview);
},
getQueryNameFromTable: function (e) {
var name;
if ($(e.currentTarget).is('tr')) {
name = $(e.currentTarget).children().first().text();
name = arangoHelper.escapeHtml($(e.currentTarget).children().first().text());
} else if ($(e.currentTarget).is('span')) {
name = $(e.currentTarget).parent().parent().prev().text();
name = arangoHelper.escapeHtml($(e.currentTarget).parent().parent().prev().text());
}
return name;
},
@ -374,8 +382,13 @@
this.state.lastQuery.query = this.aqlEditor.getValue();
this.state.lastQuery.bindParam = this.bindParamTableObj;
this.aqlEditor.setValue(this.getCustomQueryValueByName(name), 1);
this.fillBindParamTable(this.getCustomQueryParameterByName(name));
try {
this.aqlEditor.setValue(this.getCustomQueryValueByName(name), 1);
this.fillBindParamTable(this.getCustomQueryParameterByName(name));
} catch (e) {
arangoHelper.arangoError('Query', 'Invalid query name');
throw (e);
}
this.updateBindParams();
this.currentQuery = this.collection.findWhere({name: name});
@ -1570,7 +1583,7 @@
},
checkSaveName: function () {
var saveName = $('#new-query-name').val();
var saveName = arangoHelper.escapeHtml($('#new-query-name').val());
if (saveName === 'Insert Query') {
$('#new-query-name').val('');
return;
@ -1600,7 +1613,7 @@
// update queries first, before writing
this.refreshAQL();
var saveName = $('#new-query-name').val();
var saveName = arangoHelper.escapeHtml($('#new-query-name').val());
var bindVars = this.bindParamTableObj;
if ($('#new-query-name').hasClass('invalid-input')) {

18
js/apps/system/_admin/aardvark/APP/frontend/js/views/replicationView.js
View File

@ -142,23 +142,6 @@
});
},
getActiveFailoverHealth: function () {
/*
$.ajax({
type: 'GET',
cache: false,
url: arangoHelper.databaseUrl('/_admin/cluster/health'),
contentType: 'application/json',
success: function (data) {
console.log(data);
},
error: function (data) {
console.log(data);
}
});
*/
},
renderEndpoints: function (endpoints) {
var self = this;
@ -363,7 +346,6 @@
if (this.mode === 3) {
this.getActiveFailoverEndpoints();
this.getLoggerState();
this.getActiveFailoverHealth();
} else if (this.mode === 2) {
if (this.info.role === 'leader') {
this.getLoggerState();

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/settingsView.js
View File

@ -96,7 +96,7 @@
if (!this.readOnly) {
this.model.destroy(
{
error: function (error, data) {
error: function (_, data) {
arangoHelper.arangoError('Could not drop collection: ' + data.responseJSON.errorMessage);
},
success: function () {

6
js/apps/system/_admin/aardvark/APP/frontend/js/views/userManagementView.js
View File

@ -21,10 +21,6 @@
events: {
'click #createUser': 'createUser',
'click #submitCreateUser': 'submitCreateUser',
// "click #deleteUser" : "removeUser",
// "click #submitDeleteUser" : "submitDeleteUser",
// "click .editUser" : "editUser",
// "click .icon" : "editUser",
'click #userManagementThumbnailsIn .tile': 'editUser',
'click #submitEditUser': 'submitEditUser',
'click #userManagementToggle': 'toggleView',
@ -129,7 +125,7 @@
reducedCollection;
searchInput = $('#userManagementSearchInput');
searchString = $('#userManagementSearchInput').val();
searchString = arangoHelper.escapeHtml($('#userManagementSearchInput').val());
reducedCollection = this.collection.filter(
function (u) {
return u.get('user').indexOf(searchString) !== -1;

9
js/apps/system/_admin/aardvark/APP/frontend/js/views/userPermissions.js
View File

@ -233,14 +233,8 @@
this.currentUser = this.collection.findWhere({
user: this.username
});
this.breadcrumb();
var url = arangoHelper.databaseUrl('/_api/user/' + encodeURIComponent(self.currentUser.get('user')) + '/database?full=true');
/*
if (frontendConfig.db === '_system') {
url = arangoHelper.databaseUrl('/_api/user/root/database');
}
*/
// FETCH COMPLETE DB LIST
$.ajax({
@ -281,6 +275,7 @@
arangoHelper.createTooltips();
// check if current user is root
this.checkRoot();
this.breadcrumb();
},
checkRoot: function () {
@ -342,7 +337,7 @@
if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html(
'User: ' + this.currentUser.get('user')
'User: ' + arangoHelper.escapeHtml(this.currentUser.get('user'))
);
arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'Permissions');
} else {

6
js/apps/system/_admin/aardvark/APP/frontend/js/views/userView.js
View File

@ -1,6 +1,6 @@
/* jshint browser: true */
/* jshint unused: false */
/* global CryptoJS, _, arangoHelper, Backbone, window $ */
/* global CryptoJS, _, arangoHelper, Backbone, window, $ */
(function () {
'use strict';
@ -158,7 +158,7 @@
{
type: window.modalView.tables.TEXT,
label: 'Name',
value: name,
value: _.escape(name),
id: 'editName',
placeholder: 'Name'
},
@ -301,7 +301,7 @@
if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html(
'User: ' + this.username
'User: ' + _.escape(this.username)
);
arangoHelper.buildUserSubNav(self.currentUser.get('user'), 'General');
} else {

4
js/apps/system/_admin/aardvark/APP/frontend/js/views/viewView.js
View File

@ -323,11 +323,11 @@
if (window.App.naviView) {
$('#subNavigationBar .breadcrumb').html(
'View: ' + self.name
'View: ' + arangoHelper.escapeHtml(self.name)
);
window.setTimeout(function () {
$('#subNavigationBar .breadcrumb').html(
'View: ' + self.name
'View: ' + arangoHelper.escapeHtml(self.name)
);
self.checkIfInProgress();
}, 100);

2
js/apps/system/_admin/aardvark/APP/frontend/js/views/viewsView.js
View File

@ -98,7 +98,7 @@
},
search: function () {
this.setSearchString($('#viewsSearchInput').val());
this.setSearchString(arangoHelper.escapeHtml($('#viewsSearchInput').val()));
this.render();
},