Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 jared
|
a1a3a52dd8 | ||
|
jared
|
bcc2ad7f5c | ||
|
jared
|
d4f159ee7c | ||
|
jared
|
61019418d3 | ||
|
jared
|
1a53718cc5 | ||
|
jared
|
afaeb64636 | ||
|
jared
|
b6ee45a842 | ||
|
jared
|
9c4dd5df51 | ||
|
jared
|
4e3d0a1f0a |
@@ -155,6 +155,17 @@ def require_auth(f):
|
||||
return wrapper
|
||||
|
||||
|
||||
def require_admin(f):
|
||||
"""Decorator: require require_auth AND membership in the 'admin' group."""
|
||||
@wraps(f)
|
||||
def wrapper(*args, **kwargs):
|
||||
user = _get_user()
|
||||
if 'admin' not in user.get('groups', []):
|
||||
return jsonify({'error': 'Admin access required'}), 403
|
||||
return f(*args, **kwargs)
|
||||
return wrapper
|
||||
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Helpers
|
||||
# ---------------------------------------------------------------------------
|
||||
@@ -228,6 +239,7 @@ def inspector():
|
||||
|
||||
@app.route('/suppressions')
|
||||
@require_auth
|
||||
@require_admin
|
||||
def suppressions_page():
|
||||
user = _get_user()
|
||||
active = db.get_active_suppressions()
|
||||
@@ -323,6 +335,7 @@ def api_get_suppressions():
|
||||
|
||||
@app.route('/api/suppressions', methods=['POST'])
|
||||
@require_auth
|
||||
@require_admin
|
||||
def api_create_suppression():
|
||||
user = _get_user()
|
||||
data = request.get_json(silent=True) or {}
|
||||
@@ -371,6 +384,7 @@ def api_create_suppression():
|
||||
|
||||
@app.route('/api/suppressions/<int:sup_id>', methods=['DELETE'])
|
||||
@require_auth
|
||||
@require_admin
|
||||
def api_delete_suppression(sup_id: int):
|
||||
user = _get_user()
|
||||
db.deactivate_suppression(sup_id)
|
||||
@@ -612,7 +626,8 @@ def api_avatar():
|
||||
avatar_data = avatar_data.encode('latin-1')
|
||||
if avatar_data[:3] != b'\xFF\xD8\xFF':
|
||||
logger.warning(f'Non-JPEG avatar data for {username}')
|
||||
open(sentinel, 'w').close()
|
||||
with open(sentinel, 'w'):
|
||||
pass
|
||||
return '', 404
|
||||
|
||||
with open(cache_file, 'wb') as f:
|
||||
|
||||
@@ -182,7 +182,7 @@ def get_active_events(limit: int = 200, offset: int = 0) -> list:
|
||||
for r in rows:
|
||||
for k in ('first_seen', 'last_seen'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -210,7 +210,7 @@ def get_recent_resolved(hours: int = 24, limit: int = 50) -> list:
|
||||
for r in rows:
|
||||
for k in ('first_seen', 'last_seen', 'resolved_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -252,7 +252,7 @@ def get_active_suppressions() -> list:
|
||||
for r in rows:
|
||||
for k in ('created_at', 'expires_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
@@ -267,7 +267,7 @@ def get_suppression_history(limit: int = 50) -> list:
|
||||
for r in rows:
|
||||
for k in ('created_at', 'expires_at'):
|
||||
if r.get(k) and hasattr(r[k], 'isoformat'):
|
||||
r[k] = r[k].isoformat()
|
||||
r[k] = r[k].isoformat() + 'Z'
|
||||
return rows
|
||||
|
||||
|
||||
|
||||
+1
-1
@@ -78,7 +78,7 @@ class DiagnosticsRunner:
|
||||
f'ssh -o StrictHostKeyChecking=accept-new -o ConnectTimeout=5 '
|
||||
f'-o BatchMode=yes -o LogLevel=ERROR '
|
||||
f'-o ServerAliveInterval=10 -o ServerAliveCountMax=2 '
|
||||
f'root@{ip_q} \'{remote_cmd}\''
|
||||
f'root@{ip_q} {shlex.quote(remote_cmd)}'
|
||||
)
|
||||
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
+6
-3
@@ -215,7 +215,10 @@ class TicketClient:
|
||||
resp.raise_for_status()
|
||||
data = resp.json()
|
||||
if data.get('success'):
|
||||
tid = data['ticket_id']
|
||||
tid = data.get('ticket_id')
|
||||
if not tid:
|
||||
logger.warning(f'Ticket API success but no ticket_id in response: {data}')
|
||||
return None
|
||||
logger.info(f'Created ticket #{tid}: {title}')
|
||||
return tid
|
||||
if data.get('existing_ticket_id'):
|
||||
@@ -377,7 +380,7 @@ class LinkStatsCollector:
|
||||
f'ssh -o StrictHostKeyChecking=accept-new -o ConnectTimeout=5 '
|
||||
f'-o BatchMode=yes -o LogLevel=ERROR '
|
||||
f'-o ServerAliveInterval=10 -o ServerAliveCountMax=2 '
|
||||
f'root@{ip} "{shell_cmd}"'
|
||||
f'root@{ip} {shlex.quote(shell_cmd)}'
|
||||
)
|
||||
output = self.pulse.run_command(ssh_cmd)
|
||||
if output is None:
|
||||
@@ -918,7 +921,7 @@ class NetworkMonitor:
|
||||
return {
|
||||
'hosts': hosts,
|
||||
'unifi': display_unifi,
|
||||
'updated': datetime.utcnow().isoformat(),
|
||||
'updated': datetime.utcnow().isoformat() + 'Z',
|
||||
}
|
||||
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
+20
-5
@@ -220,7 +220,7 @@ function updateEventsTable(events, totalActive) {
|
||||
? GANDALF_CONFIG.ticket_web_url : 'http://t.lotusguild.org/ticket/';
|
||||
const ticket = e.ticket_id
|
||||
? `<a href="${lt.escHtml(ticketBase)}${lt.escHtml(String(e.ticket_id))}" target="_blank"
|
||||
class="ticket-link">#${e.ticket_id}</a>`
|
||||
class="ticket-link">#${lt.escHtml(String(e.ticket_id))}</a>`
|
||||
: '–';
|
||||
const supBadge = e.is_suppressed
|
||||
? `<span class="lt-badge badge-suppressed" title="Alert suppressed">🔕 sup</span>`
|
||||
@@ -294,18 +294,33 @@ function updateSuppressForm() {
|
||||
const type = document.getElementById('sup-type').value;
|
||||
const nameGrp = document.getElementById('sup-name-group');
|
||||
const detailGrp = document.getElementById('sup-detail-group');
|
||||
const nameInput = document.getElementById('sup-name');
|
||||
const detailInput = document.getElementById('sup-detail');
|
||||
if (nameGrp) nameGrp.style.display = (type === 'all') ? 'none' : '';
|
||||
if (detailGrp) detailGrp.style.display = (type === 'interface') ? '' : 'none';
|
||||
if (nameInput) {
|
||||
const req = (type !== 'all');
|
||||
nameInput.required = req;
|
||||
nameInput.setAttribute('aria-required', String(req));
|
||||
}
|
||||
if (detailInput) {
|
||||
const req = (type === 'interface');
|
||||
detailInput.required = req;
|
||||
detailInput.setAttribute('aria-required', String(req));
|
||||
}
|
||||
}
|
||||
|
||||
function setDuration(mins, el) {
|
||||
document.getElementById('sup-expires').value = mins || '';
|
||||
document.querySelectorAll('#suppress-modal .pill').forEach(p => {
|
||||
function setDuration(mins, el, opts) {
|
||||
const o = opts || {};
|
||||
const expiresEl = document.getElementById(o.expiresId || 'sup-expires');
|
||||
const pillSel = o.pillSel || '#suppress-modal .pill';
|
||||
const hint = document.getElementById(o.hintId || 'duration-hint');
|
||||
if (expiresEl) expiresEl.value = mins || '';
|
||||
document.querySelectorAll(pillSel).forEach(p => {
|
||||
p.classList.remove('active');
|
||||
p.setAttribute('aria-pressed', 'false');
|
||||
});
|
||||
if (el) { el.classList.add('active'); el.setAttribute('aria-pressed', 'true'); }
|
||||
const hint = document.getElementById('duration-hint');
|
||||
if (hint) {
|
||||
if (mins) {
|
||||
const h = Math.floor(mins / 60), m = mins % 60;
|
||||
|
||||
+6
-6
@@ -227,16 +227,16 @@
|
||||
<div class="lt-form-group">
|
||||
<label class="lt-label" for="sup-reason">Reason <span class="required">*</span></label>
|
||||
<input type="text" class="lt-input" id="sup-reason" name="reason"
|
||||
placeholder="e.g. Planned switch reboot" required>
|
||||
placeholder="e.g. Planned switch reboot" required aria-required="true">
|
||||
</div>
|
||||
<div class="lt-form-group lt-form-group--last">
|
||||
<label class="lt-label">Duration</label>
|
||||
<div class="duration-pills" role="group" aria-label="Select suppression duration">
|
||||
<button type="button" class="pill" data-duration="30" aria-pressed="false">30 min</button>
|
||||
<button type="button" class="pill" data-duration="60" aria-pressed="false">1 hr</button>
|
||||
<button type="button" class="pill" data-duration="240" aria-pressed="false">4 hr</button>
|
||||
<button type="button" class="pill" data-duration="480" aria-pressed="false">8 hr</button>
|
||||
<button type="button" class="pill pill-manual active" data-duration="" aria-pressed="true">Manual ∞</button>
|
||||
<button type="button" class="pill" data-duration="30" aria-pressed="false" aria-label="30 minutes">30 min</button>
|
||||
<button type="button" class="pill" data-duration="60" aria-pressed="false" aria-label="1 hour">1 hr</button>
|
||||
<button type="button" class="pill" data-duration="240" aria-pressed="false" aria-label="4 hours">4 hr</button>
|
||||
<button type="button" class="pill" data-duration="480" aria-pressed="false" aria-label="8 hours">8 hr</button>
|
||||
<button type="button" class="pill pill-manual active" data-duration="" aria-pressed="true" aria-label="Manual, no expiry">Manual ∞</button>
|
||||
</div>
|
||||
<input type="hidden" id="sup-expires" name="expires_minutes" value="">
|
||||
<div class="lt-field-hint" id="duration-hint">Persists until manually removed.</div>
|
||||
|
||||
@@ -428,7 +428,7 @@ function renderInspector(data) {
|
||||
|
||||
const updEl = document.getElementById('inspector-updated');
|
||||
if (updEl && data.updated) {
|
||||
const updMs = new Date(data.updated + (data.updated.includes('Z') ? '' : 'Z'));
|
||||
const updMs = new Date(_toIso(data.updated));
|
||||
const ageMin = (Date.now() - updMs) / 60000;
|
||||
const timeStr = updMs.toLocaleTimeString();
|
||||
if (ageMin > 15) {
|
||||
|
||||
@@ -36,7 +36,6 @@
|
||||
{% block scripts %}
|
||||
<script>
|
||||
const escHtml = s => lt.escHtml(s);
|
||||
const _toIso = s => s ? s.replace(' UTC', 'Z').replace(' ', 'T') : s;
|
||||
|
||||
// ── Formatting helpers ────────────────────────────────────────────
|
||||
function fmtRate(bytesPerSec) {
|
||||
@@ -527,7 +526,7 @@ function expandAll() {
|
||||
// ── Stale data warning ────────────────────────────────────────────
|
||||
function checkLinksStale(updatedStr) {
|
||||
if (!updatedStr) return;
|
||||
const age = (Date.now() - new Date(updatedStr + (updatedStr.includes('Z') ? '' : 'Z'))) / 1000;
|
||||
const age = (Date.now() - new Date(_toIso(updatedStr))) / 1000;
|
||||
let banner = document.getElementById('links-stale-banner');
|
||||
if (age > 120) {
|
||||
if (!banner) {
|
||||
@@ -549,14 +548,14 @@ function checkLinksStale(updatedStr) {
|
||||
async function loadLinks() {
|
||||
try {
|
||||
const data = await lt.api.get('/api/links');
|
||||
if (!data.hosts && !data.unifi_switches) {
|
||||
if ((!data.hosts || !Object.keys(data.hosts).length) && (!data.unifi_switches || !Object.keys(data.unifi_switches).length)) {
|
||||
document.getElementById('links-container').innerHTML =
|
||||
'<div class="link-no-data">No link data yet — monitor has not completed a full cycle.</div>';
|
||||
return;
|
||||
}
|
||||
const updEl = document.getElementById('links-updated');
|
||||
if (updEl && data.updated) {
|
||||
updEl.textContent = 'Updated: ' + new Date(data.updated + (data.updated.includes('Z') ? '' : 'Z')).toLocaleTimeString();
|
||||
updEl.textContent = 'Updated: ' + new Date(_toIso(data.updated)).toLocaleTimeString();
|
||||
}
|
||||
renderLinks(data);
|
||||
checkLinksStale(data.updated);
|
||||
|
||||
+15
-24
@@ -32,7 +32,7 @@
|
||||
<label class="lt-label" for="s-name">Target Name <span class="required">*</span></label>
|
||||
<input type="text" class="lt-input" id="s-name" name="target_name"
|
||||
placeholder="hostname or device name" autocomplete="off"
|
||||
list="target-name-list">
|
||||
required aria-required="true" list="target-name-list">
|
||||
<datalist id="target-name-list">
|
||||
{% for name in snapshot.hosts.keys() | sort %}
|
||||
<option value="{{ name }}">
|
||||
@@ -51,7 +51,7 @@
|
||||
<label class="lt-label" for="s-reason">Reason <span class="required">*</span></label>
|
||||
<input type="text" class="lt-input" id="s-reason" name="reason"
|
||||
placeholder="e.g. Planned switch maintenance, replacing SFP on large1/enp43s0"
|
||||
required>
|
||||
required aria-required="true">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -59,11 +59,11 @@
|
||||
<div class="lt-form-group">
|
||||
<label class="lt-label">Duration</label>
|
||||
<div class="duration-pills" role="group" aria-label="Select suppression duration">
|
||||
<button type="button" class="pill" data-duration="30" aria-pressed="false">30 min</button>
|
||||
<button type="button" class="pill" data-duration="60" aria-pressed="false">1 hr</button>
|
||||
<button type="button" class="pill" data-duration="240" aria-pressed="false">4 hr</button>
|
||||
<button type="button" class="pill" data-duration="480" aria-pressed="false">8 hr</button>
|
||||
<button type="button" class="pill pill-manual active" data-duration="" aria-pressed="true">Manual ∞</button>
|
||||
<button type="button" class="pill" data-duration="30" aria-pressed="false" aria-label="30 minutes">30 min</button>
|
||||
<button type="button" class="pill" data-duration="60" aria-pressed="false" aria-label="1 hour">1 hr</button>
|
||||
<button type="button" class="pill" data-duration="240" aria-pressed="false" aria-label="4 hours">4 hr</button>
|
||||
<button type="button" class="pill" data-duration="480" aria-pressed="false" aria-label="8 hours">8 hr</button>
|
||||
<button type="button" class="pill pill-manual active" data-duration="" aria-pressed="true" aria-label="Manual, no expiry">Manual ∞</button>
|
||||
</div>
|
||||
<input type="hidden" id="s-expires" name="expires_minutes" value="">
|
||||
<div class="lt-field-hint" id="s-dur-hint">Persists until manually removed.</div>
|
||||
@@ -217,23 +217,16 @@
|
||||
const t = document.getElementById('s-type').value;
|
||||
document.getElementById('name-group').style.display = (t==='all') ? 'none' : '';
|
||||
document.getElementById('detail-group').style.display = (t==='interface') ? '' : 'none';
|
||||
document.getElementById('s-name').required = (t!=='all');
|
||||
const nameInput = document.getElementById('s-name');
|
||||
if (nameInput) {
|
||||
const req = (t !== 'all');
|
||||
nameInput.required = req;
|
||||
nameInput.setAttribute('aria-required', String(req));
|
||||
}
|
||||
}
|
||||
|
||||
function setDur(mins, el) {
|
||||
document.getElementById('s-expires').value = mins || '';
|
||||
document.querySelectorAll('.duration-pills .pill').forEach(p => {
|
||||
p.classList.remove('active');
|
||||
p.setAttribute('aria-pressed', 'false');
|
||||
});
|
||||
if (el) { el.classList.add('active'); el.setAttribute('aria-pressed', 'true'); }
|
||||
const hint = document.getElementById('s-dur-hint');
|
||||
if (mins) {
|
||||
const h = Math.floor(mins/60), m = mins%60;
|
||||
hint.textContent = `Expires in ${h?h+'h ':''}${m?m+'m':''}`.trim()+'.';
|
||||
} else {
|
||||
hint.textContent = 'Persists until manually removed.';
|
||||
}
|
||||
setDuration(mins, el, { expiresId: 's-expires', pillSel: '#create-suppression-form .pill', hintId: 's-dur-hint' });
|
||||
}
|
||||
|
||||
function renderActiveRows(rows) {
|
||||
@@ -302,9 +295,7 @@
|
||||
showToast('Suppression applied', 'success');
|
||||
form.reset();
|
||||
onTypeChange();
|
||||
document.querySelectorAll('.duration-pills .pill').forEach(p => p.classList.remove('active'));
|
||||
document.querySelector('.duration-pills .pill-manual')?.classList.add('active');
|
||||
document.getElementById('s-dur-hint').textContent = 'Persists until manually removed.';
|
||||
setDur(null, document.querySelector('#create-suppression-form .pill-manual'));
|
||||
await refreshActive();
|
||||
} catch (err) {
|
||||
showToast(err.message || 'Error', 'error');
|
||||
|
||||
Reference in New Issue
Block a user