diff --git a/meshcentral.js b/meshcentral.js index 685d66cb..d9395cd1 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -563,6 +563,25 @@ function CreateMeshCentralServer(config, args) { return; } if ((obj.config.domains[i].auth == 'ldap') || (obj.config.domains[i].auth == 'sspi')) { obj.config.domains[i].newaccounts = 0; } // No new accounts allowed in SSPI/LDAP authentication modes. + + // Convert newAccountsRights from a array of strings to flags number. + if (obj.config.domains[i].newaccountsrights && Array.isArray(obj.config.domains[i].newaccountsrights)) { + var newAccRights = 0; + for (var j in obj.config.domains[i].newaccountsrights) { + var r = obj.config.domains[i].newaccountsrights[j].toLowerCase(); + if (r == 'fulladmin') { newAccRights = 0xFFFFFFFF; } + if (r == 'serverbackup') { newAccRights |= 1; } + if (r == 'manageusers') { newAccRights |= 2; } + if (r == 'serverrestore') { newAccRights |= 4; } + if (r == 'fileaccess') { newAccRights |= 8; } + if (r == 'serverupdate') { newAccRights |= 16; } + if (r == 'locked') { newAccRights |= 32; } + if (r == 'nonewgroups') { newAccRights |= 64; } + if (r == 'notools') { newAccRights |= 128; } + } + obj.config.domains[i].newaccountsrights = newAccRights; + } + if (obj.config.domains[i].newaccountsrights && (typeof (obj.config.domains[i].newaccountsrights) != 'number')) { delete obj.config.domains[i].newaccountsrights; } } // Log passed arguments into Windows Service Log diff --git a/meshuser.js b/meshuser.js index 8bbb3578..c6e60029 100644 --- a/meshuser.js +++ b/meshuser.js @@ -981,6 +981,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use } else { // Check if this is an existing user var newuser = { type: 'user', _id: newuserid, name: newusername, creation: Math.floor(Date.now() / 1000), domain: domain.id }; + if (domain.newaccountsrights) { newuser.siteadmin = domain.newaccountsrights; } if (command.email != null) { newuser.email = command.email; } // Email if (command.resetNextLogin === true) { newuser.passchange = -1; } else { newuser.passchange = Math.floor(Date.now() / 1000); } if ((user.groups != null) && (user.groups.length > 0)) { newuser.groups = user.groups; } // New account are automatically part of our groups. diff --git a/package.json b/package.json index 19333940..7dbe574e 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "meshcentral", - "version": "0.3.4-c", + "version": "0.3.4-e", "keywords": [ "Remote Management", "Intel AMT", diff --git a/public/styles/style.css b/public/styles/style.css index 5b5a4881..8f1b09cb 100644 --- a/public/styles/style.css +++ b/public/styles/style.css @@ -344,6 +344,10 @@ body { width:50%; } +.night #logincell a { + color: blue; +} + #loginpanel, #createpanel, #resetpanel, #tokenpanel, #resettokenpanel, #resetpasswordpanel, #resetpasswordpanel { display: inline-block; margin: 0; @@ -1844,6 +1848,10 @@ a { max-height: 200px; } +.night .notifiyBox { + color: black; +} + .notifiyBox:before { content: ' '; position: absolute; @@ -1886,6 +1894,9 @@ a { padding: 4px; } +.night #notificationCount { + color: black; +} .deskareaicon { cursor: pointer; diff --git a/sample-config.json b/sample-config.json index 660ff887..d1a6522a 100644 --- a/sample-config.json +++ b/sample-config.json @@ -47,6 +47,7 @@ "_MeshQuota": 248576, "_NewAccounts": true, "_NewAccountEmailDomains": [ "sample.com" ], + "_NewAccountsRights": [ "nonewgroups", "notools" ], "Footer": "Twitter", "_CertUrl": "https://192.168.2.106:443/", "_PasswordRequirements": { "min": 8, "max": 128, "upper": 1, "lower": 1, "numeric": 1, "nonalpha": 1, "reset": 90, "force2factor": true }, diff --git a/views/default-min.handlebars b/views/default-min.handlebars index 3cfa49e6..9e1e5674 100644 --- a/views/default-min.handlebars +++ b/views/default-min.handlebars @@ -1 +1 @@ - {{{title}}}
{{{title}}}
{{{title2}}}

{{{logoutControl}}}

 

\ No newline at end of file + {{{title}}}
{{{title}}}
{{{title2}}}

{{{logoutControl}}}

 

\ No newline at end of file diff --git a/views/default.handlebars b/views/default.handlebars index 4307fb77..0392a5a4 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -6958,7 +6958,7 @@ x += 'Manage Users
'; x += '
Lock Account
'; x += 'No New Device Groups
'; - x += 'No MeshCmd
'; + x += 'No Tools (MeshCmd/Router)
'; x += ''; var user = users[userid.toLowerCase()]; setDialogMode(2, "Server Permissions", 3, showUserAdminDialogEx, x, user); @@ -6971,7 +6971,7 @@ Q('ua_serverupdate').checked = ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 16) != 0)); // Server Update Q('ua_lockedaccount').checked = ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 32) != 0)); // Account locked Q('ua_nonewgroups').checked = ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 64) != 0)); // No New Groups - Q('ua_nomeshcmd').checked = ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 128) != 0)); // No MeshCmd + Q('ua_nomeshcmd').checked = ((user.siteadmin != 0xFFFFFFFF) && ((user.siteadmin & 128) != 0)); // No Tools (MeshCMD / Router) } QE('ua_fulladmin', userinfo.siteadmin == 0xFFFFFFFF); QE('ua_serverbackup', userinfo.siteadmin == 0xFFFFFFFF); @@ -7473,12 +7473,13 @@ // If web notifications are granted, use it. var notification = null; if (Notification && (Notification.permission == "granted")) { + var text = n.text.split('®').join(''); // Clean up any HTML codes if (n.nodeid) { var node = getNodeFromId(n.nodeid); - if (node) { notification = new Notification("{{{title}}} - " + node.name, { tag: n.tag, body: n.text, icon: '/images/notify/icons128-' + node.icon + '.png' }); } + if (node) { notification = new Notification("{{{title}}} - " + node.name, { tag: n.tag, body: text, icon: '/images/notify/icons128-' + node.icon + '.png' }); } } else { if (n.icon == null) { n.icon = 0; } - notification = new Notification("{{{title}}} - " + n.title, { tag: n.tag, body: n.text, icon: '/images/notify/icons128-' + n.icon + '.png' }); + notification = new Notification("{{{title}}} - " + n.title, { tag: n.tag, body: text, icon: '/images/notify/icons128-' + n.icon + '.png' }); } notification.id = n.id; notification.xtag = n.tag; diff --git a/views/login-min.handlebars b/views/login-min.handlebars index 3b655241..1fbcd7a3 100644 --- a/views/login-min.handlebars +++ b/views/login-min.handlebars @@ -1 +1 @@ - {{{title}}} - Login
{{{title}}}
{{{title2}}}

Welcome


\ No newline at end of file + {{{title}}} - Login
{{{title}}}
{{{title2}}}

Welcome


\ No newline at end of file diff --git a/views/login.handlebars b/views/login.handlebars index 846977e0..b88702cf 100644 --- a/views/login.handlebars +++ b/views/login.handlebars @@ -669,11 +669,10 @@ function center() { /* Now we use CSS media to achive the same effect as deleted JS */ - if (webPageFullScreen == false) { QS('centralTable')['margin-top'] = ''; } else { - var h = (Q('column_l').clientHeight / 2) - 250; + var h = ((Q('column_l').clientHeight) / 2) - 220; if (h < 0) h = 0; QS('centralTable')['margin-top'] = h + 'px'; } diff --git a/views/messenger-min.handlebars b/views/messenger-min.handlebars index c0b87922..90b8f8bf 100644 --- a/views/messenger-min.handlebars +++ b/views/messenger-min.handlebars @@ -1 +1 @@ - MeshMessenger
MeshMessenger
\ No newline at end of file + MeshMessenger
MeshMessenger
\ No newline at end of file diff --git a/webserver.js b/webserver.js index aa8c28e6..aec662f9 100644 --- a/webserver.js +++ b/webserver.js @@ -299,6 +299,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (user == null) { // Create a new user var user = { type: 'user', _id: userid, name: username, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; + if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } var usercount = 0; for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } } if (usercount == 0) { user.siteadmin = 0xFFFFFFFF; /*if (domain.newaccounts === 2) { delete domain.newaccounts; }*/ } // If this is the first user, give the account site admin. @@ -350,6 +351,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (user == null) { // This user does not exist, create a new account. var user = { type: 'user', _id: userid, name: shortname, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; + if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } var usercount = 0; for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } } if (usercount == 0) { user.siteadmin = 0xFFFFFFFF; /*if (domain.newaccounts === 2) { delete domain.newaccounts; }*/ } // If this is the first user, give the account site admin. @@ -835,6 +837,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { req.session.error = 'Username already exists.'; } else { var user = { type: 'user', _id: 'user/' + domain.id + '/' + req.body.username.toLowerCase(), name: req.body.username, email: req.body.email, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000), domain: domain.id }; + if (domain.newaccountsrights) { user.siteadmin = domain.newaccountsrights; } if ((domain.passwordrequirements != null) && (domain.passwordrequirements.hint === true) && (req.body.apasswordhint)) { var hint = req.body.apasswordhint; if (hint.length > 250) { hint = hint.substring(0, 250); } user.passhint = hint; } if (domainUserCount == 0) { user.siteadmin = 0xFFFFFFFF; /*if (domain.newaccounts === 2) { delete domain.newaccounts; }*/ } // If this is the first user, give the account site admin. obj.users[user._id] = user; @@ -1265,6 +1268,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if ((user == null) || (user.sid != req.session.usersid)) { // Create the domain user var usercount = 0, user2 = { type: 'user', _id: req.session.userid, name: req.connection.user, domain: domain.id, sid: req.session.usersid, creation: Math.floor(Date.now() / 1000), login: Math.floor(Date.now() / 1000) }; + if (domain.newaccountsrights) { user2.siteadmin = domain.newaccountsrights; } for (var i in obj.users) { if (obj.users[i].domain == domain.id) { usercount++; } } if (usercount == 0) { user2.siteadmin = 0xFFFFFFFF; } // If this is the first user, give the account site admin. obj.users[req.session.userid] = user2;