From f58fdefbc47f37f9bcdaf314d14c970b4c358b17 Mon Sep 17 00:00:00 2001 From: Robert Adams Date: Mon, 2 Nov 2020 20:28:45 -0800 Subject: [PATCH] Remove code that assumed domain-server network address was connection IP addr. The immediate connection can be from a proxy server so it's often wrong. More design and debugging is needed for this feature. Add /api/maint/fixDomainIP to allow an admin to clean out bad domain IP addresses. --- src/routes/api/maint/fixDomainIP.ts | 59 +++++++++++++++++++++++++++ src/routes/api/v1/domains/domainId.ts | 6 +++ 2 files changed, 65 insertions(+) create mode 100755 src/routes/api/maint/fixDomainIP.ts diff --git a/src/routes/api/maint/fixDomainIP.ts b/src/routes/api/maint/fixDomainIP.ts new file mode 100755 index 00000000..3745b8ee --- /dev/null +++ b/src/routes/api/maint/fixDomainIP.ts @@ -0,0 +1,59 @@ +// Copyright 2020 Vircadia Contributors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +'use strict' + +import { Config } from '@Base/config'; + +import { Router, RequestHandler, Request, Response, NextFunction } from 'express'; +import { setupMetaverseAPI, finishMetaverseAPI, param1FromParams } from '@Route-Tools/middleware'; + +import { Accounts } from '@Entities/Accounts'; +import { Domains } from '@Entities/Domains'; +import { GenericFilter } from '@Entities/EntityFilters/GenericFilter'; + +import { SArray, VKeyedCollection } from '@Tools/vTypes'; +import { Logger } from '@Tools/Logging'; + +// Temporary maint function to create the first admin account +const procFixDomainIP: RequestHandler = async (req: Request, resp: Response, next: NextFunction) => { + if (req.vAuthAccount && Accounts.isAdmin(req.vAuthAccount)) { + if (req.vParam1 && typeof(req.vParam1) === 'string') { + Logger.info(`procFixDomainIP: removing networkAddr ${req.vParam1} from domains`); + for await (const aDomain of Domains.enumerateAsync( new GenericFilter( { 'networkAddr': req.vParam1 }) )) { + const updates: VKeyedCollection = { 'networkAddr': null }; + await Domains.updateEntityFields(aDomain, updates); + Logger.info(`procFixDomainIP: removed networkAddr ${req.vParam1} from domain ${aDomain.name}`); + }; + }; + } + else { + Logger.error(`procFixDomainIP: non-admin attempt to reset domain IPs`); + req.vRestResp.respondFailure('unauthorized'); + }; + next(); +}; + +export const name = '/api/maint/fixDomainIP'; + +export const router = Router(); + +router.get('/api/maint/fixDomainIP/:param1', [ setupMetaverseAPI, + param1FromParams, + procFixDomainIP, + finishMetaverseAPI ] ); + + + + diff --git a/src/routes/api/v1/domains/domainId.ts b/src/routes/api/v1/domains/domainId.ts index 57fd34d0..0c33a966 100755 --- a/src/routes/api/v1/domains/domainId.ts +++ b/src/routes/api/v1/domains/domainId.ts @@ -90,6 +90,11 @@ const procPutDomains: RequestHandler = async (req: Request, resp: Response, next }; }; + /* FOLLOWING CODE DOES NOT WORK: the socker.remoteAddress is the IP addr + of the front end proxy server. Need to use 'x-forwarded-for:' header + or whatever is the right source. + Could also have the domain-server send the information more often. + Need to figure out what this IP address is used for. // If domain doesn't have a network_address, assume the sender is the domain if (Config["metaverse-server"]["fix-domain-network-address"]) { if (IsNullOrEmpty(req.vDomain.networkAddr)) { @@ -100,6 +105,7 @@ const procPutDomains: RequestHandler = async (req: Request, resp: Response, next Logger.info(`Assuming domain address of "${req.vDomain.name}" to ${req.vDomain.networkAddr}:${req.vDomain.networkPort}`); }; }; + */ // This 'POST" is used as the domain heartbeat. Remember it's alive. updated.timeOfLastHeartbeat = new Date();