feat(system-security): Optimize Route Matching for Secure Entry (#7537)

1Panel-dev · Dec 23, 2024 · da73f26 · da73f26
1 parent cd266d2
commit da73f26
Show file tree

Hide file tree

Showing 8 changed files with 60 additions and 172 deletions.
diff --git a/agent/app/service/app.go b/agent/app/service/app.go
@@ -70,10 +70,7 @@ func (a AppService) PageApp(req request.AppSearch) (interface{}, error) {
 	if req.Resource != "" && req.Resource != "all" {
 		opts = append(opts, appRepo.WithResource(req.Resource))
 	}
-	if req.Type == "php" {
-		info, _ := NewISettingService().GetSettingInfo()
-		opts = append(opts, appRepo.WithPanelVersion(info.SystemVersion))
-	}
+
 	if req.ShowCurrentArch {
 		info, err := NewIDashboardService().LoadOsInfo()
 		if err != nil {
@@ -101,12 +98,22 @@ func (a AppService) PageApp(req request.AppSearch) (interface{}, error) {
 		opts = append(opts, commonRepo.WithByIDs(appIds))
 	}
 	var res response.AppRes
+
 	total, apps, err := appRepo.Page(req.Page, req.PageSize, opts...)
 	if err != nil {
 		return nil, err
 	}
 	var appDTOs []*response.AppDto
+	info := &dto.SettingInfo{}
+	if req.Type == "php" {
+		info, _ = NewISettingService().GetSettingInfo()
+	}
 	for _, ap := range apps {
+		if req.Type == "php" {
+			if ap.RequiredPanelVersion == 0 || !common.CompareAppVersion(fmt.Sprintf("%f", ap.RequiredPanelVersion), info.SystemVersion) {
+				continue
+			}
+		}
 		appDTO := &response.AppDto{
 			ID:          ap.ID,
 			Name:        ap.Name,
@@ -789,7 +796,7 @@ func (a AppService) GetAppUpdate() (*response.AppUpdateRes, error) {
 		return res, err
 	}
 	if list.Extra.Version != "" && setting.SystemVersion != list.Extra.Version && !common.CompareVersion(setting.SystemVersion, list.Extra.Version) {
-		global.LOG.Errorf("The current version is too low to synchronize with the App Store. The minimum required version is %s", list.Extra.Version)
+		global.LOG.Errorf("The current version %s is too low to synchronize with the App Store. The minimum required version is %s", setting.SystemVersion, list.Extra.Version)
 		return nil, buserr.New("ErrVersionTooLow")
 	}
 	res.AppList = list

diff --git a/agent/app/service/runtime.go b/agent/app/service/runtime.go
@@ -86,6 +86,13 @@ func (r *RuntimeService) Create(create request.RuntimeCreate) (*model.Runtime, e
 	}
 	fileOp := files.NewFileOp()
 
+	runtimeDir := path.Join(constant.RuntimeDir, create.Type)
+	if !fileOp.Stat(runtimeDir) {
+		if err := fileOp.CreateDir(runtimeDir, constant.DirPerm); err != nil {
+			return nil, err
+		}
+	}
+
 	switch create.Type {
 	case constant.RuntimePHP:
 		if create.Resource == constant.ResourceLocal {

diff --git a/agent/utils/common/common.go b/agent/utils/common/common.go
@@ -47,6 +47,33 @@ func CompareVersion(version1, version2 string) bool {
 	return false
 }
 
+func CompareAppVersion(version1, version2 string) bool {
+	v1s := extractNumbers(version1)
+	v2s := extractNumbers(version2)
+
+	maxLen := max(len(v1s), len(v2s))
+	v1s = append(v1s, make([]string, maxLen-len(v1s))...)
+	v2s = append(v2s, make([]string, maxLen-len(v2s))...)
+
+	for i := 0; i < maxLen; i++ {
+		v1, err1 := strconv.Atoi(v1s[i])
+		v2, err2 := strconv.Atoi(v2s[i])
+		if err1 != nil {
+			v1 = 0
+		}
+		if err2 != nil {
+			v2 = 0
+		}
+		if v1 > v2 {
+			return true
+		}
+		if v1 < v2 {
+			return false
+		}
+	}
+	return true
+}
+
 func ComparePanelVersion(version1, version2 string) bool {
 	if version1 == version2 {
 		return false

diff --git a/core/constant/common.go b/core/constant/common.go
@@ -132,6 +132,7 @@ var WebUrlMap = map[string]struct{}{
 	"/xpack/alert/log":         {},
 	"/xpack/alert/setting":     {},
 	"/xpack/setting":           {},
+	"xpack/node":               {},
 }
 
 var DynamicRoutes = []string{

diff --git a/core/init/viper/viper.go b/core/init/viper/viper.go
@@ -20,7 +20,7 @@ func Init() {
 	baseDir := "/opt"
 	port := "9999"
 	mode := ""
-	version := "v1.0.0"
+	version := "v2.0.0"
 	username, password, entrance := "", "", ""
 	v := viper.NewWithOptions()
 	v.SetConfigType("yaml")

diff --git a/frontend/src/routers/router.ts b/frontend/src/routers/router.ts
@@ -75,7 +75,7 @@ export const routes: RouteRecordRaw[] = [
     {
         path: '/:code?',
         name: 'entrance',
-        component: () => import('@/views/login/entrance/index.vue'),
+        component: () => import('@/views/login/index.vue'),
         props: true,
     },
     ...routerArray,

diff --git a/frontend/src/views/login/entrance/index.vue b/frontend/src/views/login/entrance/index.vue
diff --git a/frontend/src/views/login/index.vue b/frontend/src/views/login/index.vue
@@ -29,9 +29,20 @@ import { getXpackSettingForTheme } from '@/utils/xpack';
 const gStore = GlobalStore();
 const loading = ref();
 
+const mySafetyCode = defineProps({
+    code: {
+        type: String,
+        default: '',
+    },
+});
+
 const screenWidth = ref(null);
 
 const getStatus = async () => {
+    let code = mySafetyCode.code;
+    if (code != '') {
+        gStore.entrance = code;
+    }
     loading.value = true;
     await checkIsSafety(gStore.entrance)
         .then((res) => {