dennii/Termix
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases 22 Wiki Activity

chore: cleanup files (possible RC)

Browse Source
This commit is contained in:
LukeGus
2025-12-29 02:46:52 -06:00
parent 7c850c1072
commit dcbc9454ab
123 changed files with 3521 additions and 4844 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.github/workflows/translate.yml vendored
View File

@@ -345,7 +345,33 @@ jobs:
continue-on-error: true
create-pr:
needs: [translate-zh, translate-ru, translate-pt, translate-fr, translate-es, translate-de, translate-hi, translate-bn, translate-ja, translate-vi, translate-tr, translate-ko, translate-it, translate-he, translate-ar, translate-pl, translate-nl, translate-sv, translate-id, translate-th, translate-uk, translate-cs, translate-ro, translate-el]
needs:
[
translate-zh,
translate-ru,
translate-pt,
translate-fr,
translate-es,
translate-de,
translate-hi,
translate-bn,
translate-ja,
translate-vi,
translate-tr,
translate-ko,
translate-it,
translate-he,
translate-ar,
translate-pl,
translate-nl,
translate-sv,
translate-id,
translate-th,
translate-uk,
translate-cs,
translate-ro,
translate-el,
]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

2
electron/main.cjs
View File

@@ -11,10 +11,8 @@ const fs = require("fs");
const os = require("os");
if (process.platform === "linux") {
// Enable Ozone platform auto-detection for Wayland/X11 support
app.commandLine.appendSwitch("--ozone-platform-hint=auto");
// Enable hardware video decoding if available
app.commandLine.appendSwitch("--enable-features=VaapiVideoDecoder");
}

15
electron/preload.js
View File

@@ -2,21 +2,6 @@ const { contextBridge, ipcRenderer } = require("electron");
contextBridge.exposeInMainWorld("electronAPI", {
getAppVersion: () => ipcRenderer.invoke("get-app-version"),
getPlatform: () => ipcRenderer.invoke("get-platform"),
checkElectronUpdate: () => ipcRenderer.invoke("check-electron-update"),
getServerConfig: () => ipcRenderer.invoke("get-server-config"),
saveServerConfig: (config) =>
ipcRenderer.invoke("save-server-config", config),
testServerConnection: (serverUrl) =>
ipcRenderer.invoke("test-server-connection", serverUrl),
showSaveDialog: (options) => ipcRenderer.invoke("show-save-dialog", options),
showOpenDialog: (options) => ipcRenderer.invoke("show-open-dialog", options),
onUpdateAvailable: (callback) => ipcRenderer.on("update-available", callback),
onUpdateDownloaded: (callback) =>
ipcRenderer.on("update-downloaded", callback),
removeAllListeners: (channel) => ipcRenderer.removeAllListeners(channel),
isElectron: true,

2
src/backend/dashboard.ts
View File

@@ -15,7 +15,7 @@ const authManager = AuthManager.getInstance();
const serverStartTime = Date.now();
const activityRateLimiter = new Map<string, number>();
const RATE_LIMIT_MS = 1000; // 1 second window
const RATE_LIMIT_MS = 1000;
app.use(
cors({

69
src/backend/database/db/index.ts
View File

@@ -578,7 +578,6 @@ const migrateSchema = () => {
addColumnIfNotExists("ssh_data", "notes", "TEXT");
// SOCKS5 Proxy columns
addColumnIfNotExists("ssh_data", "use_socks5", "INTEGER");
addColumnIfNotExists("ssh_data", "socks5_host", "TEXT");
addColumnIfNotExists("ssh_data", "socks5_port", "INTEGER");
@@ -590,7 +589,6 @@ const migrateSchema = () => {
addColumnIfNotExists("ssh_credentials", "public_key", "TEXT");
addColumnIfNotExists("ssh_credentials", "detected_key_type", "TEXT");
// System-encrypted fields for offline credential sharing
addColumnIfNotExists("ssh_credentials", "system_password", "TEXT");
addColumnIfNotExists("ssh_credentials", "system_key", "TEXT");
addColumnIfNotExists("ssh_credentials", "system_key_password", "TEXT");
@@ -655,7 +653,6 @@ const migrateSchema = () => {
}
}
// RBAC Phase 1: Host Access table
try {
sqlite.prepare("SELECT id FROM host_access LIMIT 1").get();
} catch {
@@ -678,9 +675,6 @@ const migrateSchema = () => {
FOREIGN KEY (granted_by) REFERENCES users (id) ON DELETE CASCADE
);
`);
databaseLogger.info("Created host_access table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create host_access table", {
operation: "schema_migration",
@@ -689,15 +683,11 @@ const migrateSchema = () => {
}
}
// Migration: Add role_id column to existing host_access table
try {
sqlite.prepare("SELECT role_id FROM host_access LIMIT 1").get();
} catch {
try {
sqlite.exec("ALTER TABLE host_access ADD COLUMN role_id INTEGER REFERENCES roles(id) ON DELETE CASCADE");
databaseLogger.info("Added role_id column to host_access table", {
operation: "schema_migration",
});
} catch (alterError) {
databaseLogger.warn("Failed to add role_id column", {
operation: "schema_migration",
@@ -706,15 +696,11 @@ const migrateSchema = () => {
}
}
// Migration: Add sudo_password column to ssh_data table
try {
sqlite.prepare("SELECT sudo_password FROM ssh_data LIMIT 1").get();
} catch {
try {
sqlite.exec("ALTER TABLE ssh_data ADD COLUMN sudo_password TEXT");
databaseLogger.info("Added sudo_password column to ssh_data table", {
operation: "schema_migration",
});
} catch (alterError) {
databaseLogger.warn("Failed to add sudo_password column", {
operation: "schema_migration",
@@ -723,7 +709,6 @@ const migrateSchema = () => {
}
}
// RBAC Phase 2: Roles tables
try {
sqlite.prepare("SELECT id FROM roles LIMIT 1").get();
} catch {
@@ -740,9 +725,6 @@ const migrateSchema = () => {
updated_at TEXT NOT NULL DEFAULT CURRENT_TIMESTAMP
);
`);
databaseLogger.info("Created roles table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create roles table", {
operation: "schema_migration",
@@ -768,9 +750,6 @@ const migrateSchema = () => {
FOREIGN KEY (granted_by) REFERENCES users (id) ON DELETE SET NULL
);
`);
databaseLogger.info("Created user_roles table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create user_roles table", {
operation: "schema_migration",
@@ -779,7 +758,6 @@ const migrateSchema = () => {
}
}
// RBAC Phase 3: Audit logging tables
try {
sqlite.prepare("SELECT id FROM audit_logs LIMIT 1").get();
} catch {
@@ -802,9 +780,6 @@ const migrateSchema = () => {
FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE
);
`);
databaseLogger.info("Created audit_logs table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create audit_logs table", {
operation: "schema_migration",
@@ -836,9 +811,6 @@ const migrateSchema = () => {
FOREIGN KEY (access_id) REFERENCES host_access (id) ON DELETE SET NULL
);
`);
databaseLogger.info("Created session_recordings table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create session_recordings table", {
operation: "schema_migration",
@@ -847,7 +819,6 @@ const migrateSchema = () => {
}
}
// RBAC: Shared Credentials table
try {
sqlite.prepare("SELECT id FROM shared_credentials LIMIT 1").get();
} catch {
@@ -872,9 +843,6 @@ const migrateSchema = () => {
FOREIGN KEY (target_user_id) REFERENCES users (id) ON DELETE CASCADE
);
`);
databaseLogger.info("Created shared_credentials table", {
operation: "schema_migration",
});
} catch (createError) {
databaseLogger.warn("Failed to create shared_credentials table", {
operation: "schema_migration",
@@ -883,51 +851,31 @@ const migrateSchema = () => {
}
}
// Clean up old system roles and seed correct ones
try {
// First, check what roles exist
const existingRoles = sqlite.prepare("SELECT name, is_system FROM roles").all() as Array<{ name: string; is_system: number }>;
databaseLogger.info("Current roles in database", {
operation: "schema_migration",
roles: existingRoles,
});
// Migration: Remove ALL old unwanted roles (system or not) and keep only admin and user
try {
const validSystemRoles = ['admin', 'user'];
const unwantedRoleNames = ['superAdmin', 'powerUser', 'readonly', 'member'];
let deletedCount = 0;
// First delete known unwanted role names
const deleteByName = sqlite.prepare("DELETE FROM roles WHERE name = ?");
for (const roleName of unwantedRoleNames) {
const result = deleteByName.run(roleName);
if (result.changes > 0) {
deletedCount += result.changes;
databaseLogger.info(`Deleted role by name: ${roleName}`, {
operation: "schema_migration",
});
}
}
// Then delete any system roles that are not admin or user
const deleteOldSystemRole = sqlite.prepare("DELETE FROM roles WHERE name = ? AND is_system = 1");
for (const role of existingRoles) {
if (role.is_system === 1 && !validSystemRoles.includes(role.name) && !unwantedRoleNames.includes(role.name)) {
const result = deleteOldSystemRole.run(role.name);
if (result.changes > 0) {
deletedCount += result.changes;
databaseLogger.info(`Deleted system role: ${role.name}`, {
operation: "schema_migration",
});
}
}
}
databaseLogger.info("Cleanup completed", {
operation: "schema_migration",
deletedCount,
});
} catch (cleanupError) {
databaseLogger.warn("Failed to clean up old system roles", {
operation: "schema_migration",
@@ -935,7 +883,6 @@ const migrateSchema = () => {
});
}
// Ensure only admin and user system roles exist
const systemRoles = [
{
name: "admin",
@@ -954,7 +901,6 @@ const migrateSchema = () => {
for (const role of systemRoles) {
const existingRole = sqlite.prepare("SELECT id FROM roles WHERE name = ?").get(role.name);
if (!existingRole) {
// Create if doesn't exist
try {
sqlite.prepare(`
INSERT INTO roles (name, display_name, description, is_system, permissions)
@@ -969,11 +915,6 @@ const migrateSchema = () => {
}
}
databaseLogger.info("System roles migration completed", {
operation: "schema_migration",
});
// Migrate existing is_admin users to roles
try {
const adminUsers = sqlite.prepare("SELECT id FROM users WHERE is_admin = 1").all() as { id: string }[];
const normalUsers = sqlite.prepare("SELECT id FROM users WHERE is_admin = 0").all() as { id: string }[];
@@ -994,11 +935,6 @@ const migrateSchema = () => {
// Ignore duplicate errors
}
}
databaseLogger.info("Migrated admin users to admin role", {
operation: "schema_migration",
count: adminUsers.length,
});
}
if (userRole) {
@@ -1014,11 +950,6 @@ const migrateSchema = () => {
// Ignore duplicate errors
}
}
databaseLogger.info("Migrated normal users to user role", {
operation: "schema_migration",
count: normalUsers.length,
});
}
} catch (migrationError) {
databaseLogger.warn("Failed to migrate existing users to roles", {

60
src/backend/database/db/schema.ts
View File

@@ -101,7 +101,7 @@ export const sshData = sqliteTable("ssh_data", {
socks5Port: integer("socks5_port"),
socks5Username: text("socks5_username"),
socks5Password: text("socks5_password"),
socks5ProxyChain: text("socks5_proxy_chain"), // JSON array for proxy chains
socks5ProxyChain: text("socks5_proxy_chain"),
createdAt: text("created_at")
.notNull()
@@ -186,7 +186,6 @@ export const sshCredentials = sqliteTable("ssh_credentials", {
keyType: text("key_type"),
detectedKeyType: text("detected_key_type"),
// System-encrypted fields for offline credential sharing
systemPassword: text("system_password"),
systemKey: text("system_key", { length: 16384 }),
systemKeyPassword: text("system_key_password"),
@@ -296,32 +295,27 @@ export const commandHistory = sqliteTable("command_history", {
.default(sql`CURRENT_TIMESTAMP`),
});
// RBAC Phase 1: Host Sharing
export const hostAccess = sqliteTable("host_access", {
id: integer("id").primaryKey({ autoIncrement: true }),
hostId: integer("host_id")
.notNull()
.references(() => sshData.id, { onDelete: "cascade" }),
// Share target: either userId OR roleId (at least one must be set)
userId: text("user_id")
.references(() => users.id, { onDelete: "cascade" }), // Optional
.references(() => users.id, { onDelete: "cascade" }),
roleId: integer("role_id")
.references(() => roles.id, { onDelete: "cascade" }), // Optional
.references(() => roles.id, { onDelete: "cascade" }),
grantedBy: text("granted_by")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
// Permission level (view-only)
permissionLevel: text("permission_level")
.notNull()
.default("view"), // Only "view" is supported
.default("view"),
// Time-based access
expiresAt: text("expires_at"), // NULL = never expires
expiresAt: text("expires_at"),
// Metadata
createdAt: text("created_at")
.notNull()
.default(sql`CURRENT_TIMESTAMP`),
@@ -329,26 +323,21 @@ export const hostAccess = sqliteTable("host_access", {
accessCount: integer("access_count").notNull().default(0),
});
// RBAC: Shared Credentials (per-user encrypted credential copies)
export const sharedCredentials = sqliteTable("shared_credentials", {
id: integer("id").primaryKey({ autoIncrement: true }),
// Link to the host access grant (CASCADE delete when share revoked)
hostAccessId: integer("host_access_id")
.notNull()
.references(() => hostAccess.id, { onDelete: "cascade" }),
// Link to the original credential (for tracking updates/CASCADE delete)
originalCredentialId: integer("original_credential_id")
.notNull()
.references(() => sshCredentials.id, { onDelete: "cascade" }),
// Target user (recipient of the share) - CASCADE delete when user deleted
targetUserId: text("target_user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
// Encrypted credential data (encrypted with targetUserId's DEK)
encryptedUsername: text("encrypted_username").notNull(),
encryptedAuthType: text("encrypted_auth_type").notNull(),
encryptedPassword: text("encrypted_password"),
@@ -356,7 +345,6 @@ export const sharedCredentials = sqliteTable("shared_credentials", {
encryptedKeyPassword: text("encrypted_key_password"),
encryptedKeyType: text("encrypted_key_type"),
// Metadata
createdAt: text("created_at")
.notNull()
.default(sql`CURRENT_TIMESTAMP`),
@@ -364,26 +352,22 @@ export const sharedCredentials = sqliteTable("shared_credentials", {
.notNull()
.default(sql`CURRENT_TIMESTAMP`),
// Track if needs re-encryption (when original credential updated but target user offline)
needsReEncryption: integer("needs_re_encryption", { mode: "boolean" })
.notNull()
.default(false),
});
// RBAC Phase 2: Roles
export const roles = sqliteTable("roles", {
id: integer("id").primaryKey({ autoIncrement: true }),
name: text("name").notNull().unique(),
displayName: text("display_name").notNull(), // For i18n
displayName: text("display_name").notNull(),
description: text("description"),
// System roles cannot be deleted
isSystem: integer("is_system", { mode: "boolean" })
.notNull()
.default(false),
// Permissions stored as JSON array (optional - used for grouping only in current phase)
permissions: text("permissions"), // ["hosts.*", "credentials.read", ...] - optional
permissions: text("permissions"),
createdAt: text("created_at")
.notNull()
@@ -410,32 +394,26 @@ export const userRoles = sqliteTable("user_roles", {
.default(sql`CURRENT_TIMESTAMP`),
});
// RBAC Phase 3: Audit Logging
export const auditLogs = sqliteTable("audit_logs", {
id: integer("id").primaryKey({ autoIncrement: true }),
// Who
userId: text("user_id")
.notNull()
.references(() => users.id, { onDelete: "cascade" }),
username: text("username").notNull(), // Snapshot in case user deleted
username: text("username").notNull(),
// What
action: text("action").notNull(), // "create", "read", "update", "delete", "share"
resourceType: text("resource_type").notNull(), // "host", "credential", "user", "session"
resourceId: text("resource_id"), // Can be text or number, store as text
resourceName: text("resource_name"), // Human-readable identifier
action: text("action").notNull(),
resourceType: text("resource_type").notNull(),
resourceId: text("resource_id"),
resourceName: text("resource_name"),
// Context
details: text("details"), // JSON: { oldValue, newValue, reason, ... }
details: text("details"),
ipAddress: text("ip_address"),
userAgent: text("user_agent"),
// Result
success: integer("success", { mode: "boolean" }).notNull(),
errorMessage: text("error_message"),
// When
timestamp: text("timestamp")
.notNull()
.default(sql`CURRENT_TIMESTAMP`),
@@ -454,21 +432,17 @@ export const sessionRecordings = sqliteTable("session_recordings", {
onDelete: "set null",
}),
// Session info
startedAt: text("started_at")
.notNull()
.default(sql`CURRENT_TIMESTAMP`),
endedAt: text("ended_at"),
duration: integer("duration"), // seconds
duration: integer("duration"),
// Command log (lightweight)
commands: text("commands"), // JSON: [{ts, cmd, exitCode, blocked}]
dangerousActions: text("dangerous_actions"), // JSON: blocked commands
commands: text("commands"),
dangerousActions: text("dangerous_actions"),
// Full recording (optional, heavy)
recordingPath: text("recording_path"), // Path to .cast file
recordingPath: text("recording_path"),
// Metadata
terminatedByOwner: integer("terminated_by_owner", { mode: "boolean" })
.default(false),
terminationReason: text("termination_reason"),

9
src/backend/database/routes/credentials.ts
View File

@@ -478,7 +478,6 @@ router.put(
userId,
);
// Update shared credentials if this credential is shared
const { SharedCredentialManager } =
await import("../../utils/shared-credential-manager.js");
const sharedCredManager = SharedCredentialManager.getInstance();
@@ -541,8 +540,6 @@ router.delete(
return res.status(404).json({ error: "Credential not found" });
}
// Update hosts using this credential to set credentialId to null
// This prevents orphaned references before deletion
const hostsUsingCredential = await db
.select()
.from(sshData)
@@ -570,7 +567,6 @@ router.delete(
),
);
// Revoke all shares for hosts that used this credential
for (const host of hostsUsingCredential) {
const revokedShares = await db
.delete(hostAccess)
@@ -592,16 +588,11 @@ router.delete(
}
}
// Delete shared credentials for this original credential
// Note: This will also be handled by CASCADE, but we do it explicitly for logging
const { SharedCredentialManager } =
await import("../../utils/shared-credential-manager.js");
const sharedCredManager = SharedCredentialManager.getInstance();
await sharedCredManager.deleteSharedCredentialsForOriginal(parseInt(id));
// sshCredentialUsage will be automatically deleted by ON DELETE CASCADE
// No need for manual deletion
await db
.delete(sshCredentials)
.where(

201
src/backend/database/routes/rbac.ts
View File

@@ -27,10 +27,8 @@ function isNonEmptyString(value: unknown): value is string {
return typeof value === "string" && value.trim().length > 0;
}
/**
* Share a host with a user or role
* POST /rbac/host/:id/share
*/
//Share a host with a user or role
//POST /rbac/host/:id/share
router.post(
"/host/:id/share",
authenticateJWT,
@@ -44,21 +42,19 @@ router.post(
try {
const {
targetType = "user", // "user" or "role"
targetType = "user",
targetUserId,
targetRoleId,
durationHours,
permissionLevel = "view", // Only "view" is supported
permissionLevel = "view",
} = req.body;
// Validate target type
if (!["user", "role"].includes(targetType)) {
return res
.status(400)
.json({ error: "Invalid target type. Must be 'user' or 'role'" });
}
// Validate required fields based on target type
if (targetType === "user" && !isNonEmptyString(targetUserId)) {
return res
.status(400)
@@ -70,7 +66,6 @@ router.post(
.json({ error: "Target role ID is required when sharing with role" });
}
// Verify user owns the host
const host = await db
.select()
.from(sshData)
@@ -86,7 +81,6 @@ router.post(
return res.status(403).json({ error: "Not host owner" });
}
// Check if host uses credentials (required for sharing)
if (!host[0].credentialId) {
return res.status(400).json({
error:
@@ -95,7 +89,6 @@ router.post(
});
}
// Verify target exists (user or role)
if (targetType === "user") {
const targetUser = await db
.select({ id: users.id, username: users.username })
@@ -118,7 +111,6 @@ router.post(
}
}
// Calculate expiry time
let expiresAt: string | null = null;
if (
durationHours &&
@@ -130,7 +122,6 @@ router.post(
expiresAt = expiryDate.toISOString();
}
// Validate permission level (only "view" is supported)
const validLevels = ["view"];
if (!validLevels.includes(permissionLevel)) {
return res.status(400).json({
@@ -139,7 +130,6 @@ router.post(
});
}
// Check if access already exists
const whereConditions = [eq(hostAccess.hostId, hostId)];
if (targetType === "user") {
whereConditions.push(eq(hostAccess.userId, targetUserId));
@@ -154,7 +144,6 @@ router.post(
.limit(1);
if (existing.length > 0) {
// Update existing access
await db
.update(hostAccess)
.set({
@@ -163,7 +152,6 @@ router.post(
})
.where(eq(hostAccess.id, existing[0].id));
// Re-create shared credential (delete old, create new)
await db
.delete(sharedCredentials)
.where(eq(sharedCredentials.hostAccessId, existing[0].id));
@@ -187,16 +175,6 @@ router.post(
);
}
databaseLogger.info("Updated existing host access", {
operation: "share_host",
hostId,
targetType,
targetUserId: targetType === "user" ? targetUserId : undefined,
targetRoleId: targetType === "role" ? targetRoleId : undefined,
permissionLevel,
expiresAt,
});
return res.json({
success: true,
message: "Host access updated",
@@ -204,7 +182,6 @@ router.post(
});
}
// Create new access
const result = await db.insert(hostAccess).values({
hostId,
userId: targetType === "user" ? targetUserId : null,
@@ -214,7 +191,6 @@ router.post(
expiresAt,
});
// Create shared credential for the target
const { SharedCredentialManager } =
await import("../../utils/shared-credential-manager.js");
const sharedCredManager = SharedCredentialManager.getInstance();
@@ -235,17 +211,6 @@ router.post(
);
}
databaseLogger.info("Created host access", {
operation: "share_host",
hostId,
hostName: host[0].name,
targetType,
targetUserId: targetType === "user" ? targetUserId : undefined,
targetRoleId: targetType === "role" ? targetRoleId : undefined,
permissionLevel,
expiresAt,
});
res.json({
success: true,
message: `Host shared successfully with ${targetType}`,
@@ -262,10 +227,8 @@ router.post(
},
);
/**
* Revoke host access
* DELETE /rbac/host/:id/access/:accessId
*/
// Revoke host access
// DELETE /rbac/host/:id/access/:accessId
router.delete(
"/host/:id/access/:accessId",
authenticateJWT,
@@ -279,7 +242,6 @@ router.delete(
}
try {
// Verify user owns the host
const host = await db
.select()
.from(sshData)
@@ -290,16 +252,8 @@ router.delete(
return res.status(403).json({ error: "Not host owner" });
}
// Delete the access
await db.delete(hostAccess).where(eq(hostAccess.id, accessId));
databaseLogger.info("Revoked host access", {
operation: "revoke_host_access",
hostId,
accessId,
userId,
});
res.json({ success: true, message: "Access revoked" });
} catch (error) {
databaseLogger.error("Failed to revoke host access", error, {
@@ -313,10 +267,8 @@ router.delete(
},
);
/**
* Get host access list
* GET /rbac/host/:id/access
*/
// Get host access list
// GET /rbac/host/:id/access
router.get(
"/host/:id/access",
authenticateJWT,
@@ -329,7 +281,6 @@ router.get(
}
try {
// Verify user owns the host
const host = await db
.select()
.from(sshData)
@@ -340,7 +291,6 @@ router.get(
return res.status(403).json({ error: "Not host owner" });
}
// Get all access records (both user and role based)
const rawAccessList = await db
.select({
id: hostAccess.id,
@@ -361,7 +311,6 @@ router.get(
.where(eq(hostAccess.hostId, hostId))
.orderBy(desc(hostAccess.createdAt));
// Format access list with type information
const accessList = rawAccessList.map((access) => ({
id: access.id,
targetType: access.userId ? "user" : "role",
@@ -389,10 +338,8 @@ router.get(
},
);
/**
* Get user's shared hosts (hosts shared WITH this user)
* GET /rbac/shared-hosts
*/
// Get user's shared hosts (hosts shared WITH this user)
// GET /rbac/shared-hosts
router.get(
"/shared-hosts",
authenticateJWT,
@@ -438,10 +385,8 @@ router.get(
},
);
/**
* Get all roles
* GET /rbac/roles
*/
// Get all roles
// GET /rbac/roles
router.get(
"/roles",
authenticateJWT,
@@ -468,14 +413,8 @@ router.get(
},
);
// ============================================================================
// Role Management (CRUD)
// ============================================================================
/**
* Get all roles
* GET /rbac/roles
*/
// Get all roles
// GET /rbac/roles
router.get(
"/roles",
authenticateJWT,
@@ -504,10 +443,8 @@ router.get(
},
);
/**
* Create new role
* POST /rbac/roles
*/
// Create new role
// POST /rbac/roles
router.post(
"/roles",
authenticateJWT,
@@ -515,14 +452,12 @@ router.post(
async (req: AuthenticatedRequest, res: Response) => {
const { name, displayName, description } = req.body;
// Validate required fields
if (!isNonEmptyString(name) || !isNonEmptyString(displayName)) {
return res.status(400).json({
error: "Role name and display name are required",
});
}
// Validate name format (alphanumeric, underscore, hyphen only)
if (!/^[a-z0-9_-]+$/.test(name)) {
return res.status(400).json({
error:
@@ -531,7 +466,6 @@ router.post(
}
try {
// Check if role name already exists
const existing = await db
.select({ id: roles.id })
.from(roles)
@@ -544,23 +478,16 @@ router.post(
});
}
// Create new role
const result = await db.insert(roles).values({
name,
displayName,
description: description || null,
isSystem: false,
permissions: null, // Roles are for grouping only
permissions: null,
});
const newRoleId = result.lastInsertRowid;
databaseLogger.info("Created new role", {
operation: "create_role",
roleId: newRoleId,
roleName: name,
});
res.status(201).json({
success: true,
roleId: newRoleId,
@@ -576,10 +503,8 @@ router.post(
},
);
/**
* Update role
* PUT /rbac/roles/:id
*/
// Update role
// PUT /rbac/roles/:id
router.put(
"/roles/:id",
authenticateJWT,
@@ -592,7 +517,6 @@ router.put(
return res.status(400).json({ error: "Invalid role ID" });
}
// Validate at least one field to update
if (!displayName && description === undefined) {
return res.status(400).json({
error: "At least one field (displayName or description) is required",
@@ -600,7 +524,6 @@ router.put(
}
try {
// Get existing role
const existingRole = await db
.select({
id: roles.id,
@@ -615,7 +538,6 @@ router.put(
return res.status(404).json({ error: "Role not found" });
}
// Build update object
const updates: {
displayName?: string;
description?: string | null;
@@ -632,15 +554,8 @@ router.put(
updates.description = description || null;
}
// Update role
await db.update(roles).set(updates).where(eq(roles.id, roleId));
databaseLogger.info("Updated role", {
operation: "update_role",
roleId,
roleName: existingRole[0].name,
});
res.json({
success: true,
message: "Role updated successfully",
@@ -655,10 +570,8 @@ router.put(
},
);
/**
* Delete role
* DELETE /rbac/roles/:id
*/
// Delete role
// DELETE /rbac/roles/:id
router.delete(
"/roles/:id",
authenticateJWT,
@@ -671,7 +584,6 @@ router.delete(
}
try {
// Get role details
const role = await db
.select({
id: roles.id,
@@ -686,41 +598,28 @@ router.delete(
return res.status(404).json({ error: "Role not found" });
}
// Cannot delete system roles
if (role[0].isSystem) {
return res.status(403).json({
error: "Cannot delete system roles",
});
}
// Delete user-role assignments first
const deletedUserRoles = await db
.delete(userRoles)
.where(eq(userRoles.roleId, roleId))
.returning({ userId: userRoles.userId });
// Invalidate permission cache for affected users
for (const { userId } of deletedUserRoles) {
permissionManager.invalidateUserPermissionCache(userId);
}
// Delete host_access entries for this role
const deletedHostAccess = await db
.delete(hostAccess)
.where(eq(hostAccess.roleId, roleId))
.returning({ id: hostAccess.id });
// Note: sharedCredentials will be auto-deleted by CASCADE
// Delete role
await db.delete(roles).where(eq(roles.id, roleId));
databaseLogger.info("Deleted role", {
operation: "delete_role",
roleId,
roleName: role[0].name,
});
res.json({
success: true,
message: "Role deleted successfully",
@@ -735,14 +634,8 @@ router.delete(
},
);
// ============================================================================
// User-Role Assignment
// ============================================================================
/**
* Assign role to user
* POST /rbac/users/:userId/roles
*/
// Assign role to user
// POST /rbac/users/:userId/roles
router.post(
"/users/:userId/roles",
authenticateJWT,
@@ -758,7 +651,6 @@ router.post(
return res.status(400).json({ error: "Role ID is required" });
}
// Verify target user exists
const targetUser = await db
.select()
.from(users)
@@ -769,7 +661,6 @@ router.post(
return res.status(404).json({ error: "User not found" });
}
// Verify role exists
const role = await db
.select()
.from(roles)
@@ -780,7 +671,6 @@ router.post(
return res.status(404).json({ error: "Role not found" });
}
// Prevent manual assignment of system roles
if (role[0].isSystem) {
return res.status(403).json({
error:
@@ -788,7 +678,6 @@ router.post(
});
}
// Check if already assigned
const existing = await db
.select()
.from(userRoles)
@@ -801,14 +690,12 @@ router.post(
return res.status(409).json({ error: "Role already assigned" });
}
// Assign role
await db.insert(userRoles).values({
userId: targetUserId,
roleId,
grantedBy: currentUserId,
});
// Create shared credentials for all hosts shared with this role
const hostsSharedWithRole = await db
.select()
.from(hostAccess)
@@ -839,31 +726,12 @@ router.post(
hostId: ssh_data.id,
},
);
// Continue with other hosts even if one fails
}
}
}
if (hostsSharedWithRole.length > 0) {
databaseLogger.info("Created shared credentials for new role member", {
operation: "assign_role_create_credentials",
targetUserId,
roleId,
hostCount: hostsSharedWithRole.length,
});
}
// Invalidate permission cache
permissionManager.invalidateUserPermissionCache(targetUserId);
databaseLogger.info("Assigned role to user", {
operation: "assign_role",
targetUserId,
roleId,
roleName: role[0].name,
grantedBy: currentUserId,
});
res.json({
success: true,
message: "Role assigned successfully",
@@ -878,10 +746,8 @@ router.post(
},
);
/**
* Remove role from user
* DELETE /rbac/users/:userId/roles/:roleId
*/
// Remove role from user
// DELETE /rbac/users/:userId/roles/:roleId
router.delete(
"/users/:userId/roles/:roleId",
authenticateJWT,
@@ -895,7 +761,6 @@ router.delete(
}
try {
// Verify role exists and get its details
const role = await db
.select({
id: roles.id,
@@ -910,7 +775,6 @@ router.delete(
return res.status(404).json({ error: "Role not found" });
}
// Prevent removal of system roles
if (role[0].isSystem) {
return res.status(403).json({
error:
@@ -918,22 +782,14 @@ router.delete(
});
}
// Delete the user-role assignment
await db
.delete(userRoles)
.where(
and(eq(userRoles.userId, targetUserId), eq(userRoles.roleId, roleId)),
);
// Invalidate permission cache
permissionManager.invalidateUserPermissionCache(targetUserId);
databaseLogger.info("Removed role from user", {
operation: "remove_role",
targetUserId,
roleId,
});
res.json({
success: true,
message: "Role removed successfully",
@@ -949,10 +805,8 @@ router.delete(
},
);
/**
* Get user's roles
* GET /rbac/users/:userId/roles
*/
// Get user's roles
// GET /rbac/users/:userId/roles
router.get(
"/users/:userId/roles",
authenticateJWT,
@@ -960,7 +814,6 @@ router.get(
const targetUserId = req.params.userId;
const currentUserId = req.userId!;
// Users can only see their own roles unless they're admin
if (
targetUserId !== currentUserId &&
!(await permissionManager.isAdmin(currentUserId))

83
src/backend/database/routes/ssh.ts
View File

@@ -604,7 +604,6 @@ router.put(
}
try {
// Check if user can update this host (owner or manage permission)
const accessInfo = await permissionManager.canAccessHost(
userId,
Number(hostId),
@@ -620,7 +619,6 @@ router.put(
return res.status(403).json({ error: "Access denied" });
}
// Shared users cannot edit hosts (view-only)
if (!accessInfo.isOwner) {
sshLogger.warn("Shared user attempted to update host (view-only)", {
operation: "host_update",
@@ -632,7 +630,6 @@ router.put(
});
}
// Get the actual owner ID for the update
const hostRecord = await db
.select({
userId: sshData.userId,
@@ -654,7 +651,6 @@ router.put(
const ownerId = hostRecord[0].userId;
// Only owner can change credentialId
if (
!accessInfo.isOwner &&
sshDataObj.credentialId !== undefined &&
@@ -665,7 +661,6 @@ router.put(
});
}
// Only owner can change authType
if (
!accessInfo.isOwner &&
sshDataObj.authType !== undefined &&
@@ -676,31 +671,15 @@ router.put(
});
}
// Check if credentialId is changing from non-null to null
// This happens when switching from "credential" auth to "password"/"key"/"none"
if (sshDataObj.credentialId !== undefined) {
if (
hostRecord[0].credentialId !== null &&
sshDataObj.credentialId === null
) {
// Auth type changed away from credential - revoke all shares
const revokedShares = await db
.delete(hostAccess)
.where(eq(hostAccess.hostId, Number(hostId)))
.returning({ id: hostAccess.id, userId: hostAccess.userId });
if (revokedShares.length > 0) {
sshLogger.info(
"Auto-revoked host shares due to auth type change from credential",
{
operation: "auto_revoke_shares",
hostId: Number(hostId),
revokedCount: revokedShares.length,
reason: "auth_type_changed_from_credential",
},
);
// Note: sharedCredentials will be auto-deleted by CASCADE
}
}
}
@@ -830,17 +809,14 @@ router.get(
try {
const now = new Date().toISOString();
// Get user's role IDs
const userRoleIds = await db
.select({ roleId: userRoles.roleId })
.from(userRoles)
.where(eq(userRoles.userId, userId));
const roleIds = userRoleIds.map((r) => r.roleId);
// Query own hosts + shared hosts with access check
const rawData = await db
.select({
// All ssh_data fields
id: sshData.id,
userId: sshData.userId,
name: sshData.name,
@@ -881,7 +857,6 @@ router.get(
socks5Password: sshData.socks5Password,
socks5ProxyChain: sshData.socks5ProxyChain,
// Shared access info
ownerId: sshData.userId,
isShared: sql<boolean>`${hostAccess.id} IS NOT NULL`,
permissionLevel: hostAccess.permissionLevel,
@@ -903,15 +878,13 @@ router.get(
)
.where(
or(
eq(sshData.userId, userId), // Own hosts
eq(sshData.userId, userId),
and(
// Shared to user directly (not expired)
eq(hostAccess.userId, userId),
or(isNull(hostAccess.expiresAt), gte(hostAccess.expiresAt, now)),
),
roleIds.length > 0
? and(
// Shared to user's role (not expired)
inArray(hostAccess.roleId, roleIds),
or(
isNull(hostAccess.expiresAt),
@@ -922,11 +895,9 @@ router.get(
),
);
// Separate own hosts from shared hosts for proper decryption
const ownHosts = rawData.filter((row) => row.userId === userId);
const sharedHosts = rawData.filter((row) => row.userId !== userId);
// Decrypt own hosts with user's DEK
let decryptedOwnHosts: any[] = [];
try {
decryptedOwnHosts = await SimpleDBOps.select(
@@ -934,38 +905,16 @@ router.get(
"ssh_data",
userId,
);
sshLogger.debug("Own hosts decrypted successfully", {
operation: "host_fetch_own_decrypted",
userId,
count: decryptedOwnHosts.length,
});
} catch (decryptError) {
sshLogger.error("Failed to decrypt own hosts", decryptError, {
operation: "host_fetch_own_decrypt_failed",
userId,
});
// Return empty array if decryption fails
decryptedOwnHosts = [];
}
// For shared hosts, DON'T try to decrypt them with user's DEK
// Just pass them through as plain objects without encrypted credential fields
// The credentials will be resolved via SharedCredentialManager later when resolveHostCredentials is called
sshLogger.info("Processing shared hosts", {
operation: "host_fetch_shared_process",
userId,
count: sharedHosts.length,
});
const sanitizedSharedHosts = sharedHosts;
sshLogger.info("Combining hosts", {
operation: "host_fetch_combine",
userId,
ownCount: decryptedOwnHosts.length,
sharedCount: sanitizedSharedHosts.length,
});
const data = [...decryptedOwnHosts, ...sanitizedSharedHosts];
const result = await Promise.all(
@@ -1001,7 +950,6 @@ router.get(
? JSON.parse(row.socks5ProxyChain as string)
: [],
// Add shared access metadata
isShared: !!row.isShared,
permissionLevel: row.permissionLevel || undefined,
sharedExpiresAt: row.expiresAt || undefined,
@@ -1013,12 +961,6 @@ router.get(
}),
);
sshLogger.info("Credential resolution complete, sending response", {
operation: "host_fetch_complete",
userId,
hostCount: result.length,
});
res.json(result);
} catch (err) {
sshLogger.error("Failed to fetch SSH hosts from database", err, {
@@ -1220,7 +1162,6 @@ router.delete(
const numericHostId = Number(hostId);
// Delete all related data in correct order (child tables first)
await db
.delete(fileManagerRecent)
.where(eq(fileManagerRecent.hostId, numericHostId));
@@ -1245,15 +1186,12 @@ router.delete(
.delete(recentActivity)
.where(eq(recentActivity.hostId, numericHostId));
// Delete RBAC host access entries
await db.delete(hostAccess).where(eq(hostAccess.hostId, numericHostId));
// Delete session recordings
await db
.delete(sessionRecordings)
.where(eq(sessionRecordings.hostId, numericHostId));
// Finally delete the host itself
await db
.delete(sshData)
.where(and(eq(sshData.id, numericHostId), eq(sshData.userId, userId)));
@@ -1762,21 +1700,11 @@ async function resolveHostCredentials(
requestingUserId?: string,
): Promise<Record<string, unknown>> {
try {
sshLogger.info("Resolving credentials for host", {
operation: "resolve_credentials_start",
hostId: host.id as number,
hasCredentialId: !!host.credentialId,
requestingUserId,
ownerId: (host.ownerId || host.userId) as string,
});
if (host.credentialId && (host.userId || host.ownerId)) {
const credentialId = host.credentialId as number;
const ownerId = (host.ownerId || host.userId) as string;
// Check if this is a shared host access
if (requestingUserId && requestingUserId !== ownerId) {
// User is accessing a shared host - use shared credential
try {
const { SharedCredentialManager } =
await import("../../utils/shared-credential-manager.js");
@@ -1796,7 +1724,6 @@ async function resolveHostCredentials(
keyType: sharedCred.keyType,
};
// Only override username if overrideCredentialUsername is not enabled
if (!host.overrideCredentialUsername) {
resolvedHost.username = sharedCred.username;
}
@@ -1816,11 +1743,9 @@ async function resolveHostCredentials(
: "Unknown error",
},
);
// Fall through to try owner's credential
}
}
// Original owner access - use original credential
const credentials = await SimpleDBOps.select(
db
.select()
@@ -1846,7 +1771,6 @@ async function resolveHostCredentials(
keyType: credential.key_type || credential.keyType,
};
// Only override username if overrideCredentialUsername is not enabled
if (!host.overrideCredentialUsername) {
resolvedHost.username = credential.username;
}
@@ -2053,7 +1977,6 @@ router.delete(
const hostIds = hostsToDelete.map((host) => host.id);
// Delete all related data for all hosts in the folder (child tables first)
if (hostIds.length > 0) {
await db
.delete(fileManagerRecent)
@@ -2079,21 +2002,17 @@ router.delete(
.delete(recentActivity)
.where(inArray(recentActivity.hostId, hostIds));
// Delete RBAC host access entries
await db.delete(hostAccess).where(inArray(hostAccess.hostId, hostIds));
// Delete session recordings
await db
.delete(sessionRecordings)
.where(inArray(sessionRecordings.hostId, hostIds));
}
// Now delete the hosts themselves
await db
.delete(sshData)
.where(and(eq(sshData.userId, userId), eq(sshData.folder, folderName)));
// Finally delete the folder metadata
await db
.delete(sshFolders)
.where(

62
src/backend/database/routes/users.ts
View File

@@ -139,33 +139,12 @@ function isNonEmptyString(val: unknown): val is string {
const authenticateJWT = authManager.createAuthMiddleware();
const requireAdmin = authManager.createAdminMiddleware();
/**
* Comprehensive user deletion utility that ensures all related data is deleted
* in proper order to avoid foreign key constraint errors.
*
* This function explicitly deletes all user-related data before deleting the user record.
* It wraps everything in a transaction for atomicity.
*
* @param userId - The ID of the user to delete
* @returns Promise<void>
* @throws Error if deletion fails
*/
async function deleteUserAndRelatedData(userId: string): Promise<void> {
try {
authLogger.info("Starting comprehensive user data deletion", {
operation: "delete_user_and_related_data_start",
userId,
});
// Delete all related data in proper order to avoid FK constraint errors
// Order matters due to foreign key relationships
// 1. Delete credential usage logs
await db
.delete(sshCredentialUsage)
.where(eq(sshCredentialUsage.userId, userId));
// 2. Delete file manager data
await db
.delete(fileManagerRecent)
.where(eq(fileManagerRecent.userId, userId));
@@ -176,32 +155,23 @@ async function deleteUserAndRelatedData(userId: string): Promise<void> {
.delete(fileManagerShortcuts)
.where(eq(fileManagerShortcuts.userId, userId));
// 3. Delete activity and alerts
await db.delete(recentActivity).where(eq(recentActivity.userId, userId));
await db.delete(dismissedAlerts).where(eq(dismissedAlerts.userId, userId));
// 4. Delete snippets and snippet folders
await db.delete(snippets).where(eq(snippets.userId, userId));
await db.delete(snippetFolders).where(eq(snippetFolders.userId, userId));
// 5. Delete SSH folders
await db.delete(sshFolders).where(eq(sshFolders.userId, userId));
// 6. Delete command history
await db.delete(commandHistory).where(eq(commandHistory.userId, userId));
// 7. Delete SSH data and credentials
await db.delete(sshData).where(eq(sshData.userId, userId));
await db.delete(sshCredentials).where(eq(sshCredentials.userId, userId));
// 8. Delete user-specific settings (encryption keys, etc.)
db.$client
.prepare("DELETE FROM settings WHERE key LIKE ?")
.run(`user_%_${userId}`);
// 9. Finally, delete the user record
// Note: Sessions, user_roles, host_access, audit_logs, and session_recordings
// will be automatically deleted via CASCADE DELETE foreign key constraints
await db.delete(users).where(eq(users.id, userId));
authLogger.success("User and all related data deleted successfully", {
@@ -293,7 +263,6 @@ router.post("/create", async (req, res) => {
totp_backup_codes: null,
});
// Assign default role to new user
try {
const defaultRoleName = isFirstUser ? "admin" : "user";
const defaultRole = await db
@@ -306,12 +275,7 @@ router.post("/create", async (req, res) => {
await db.insert(userRoles).values({
userId: id,
roleId: defaultRole[0].id,
grantedBy: id, // Self-assigned during registration
});
authLogger.info("Assigned default role to new user", {
operation: "assign_default_role",
userId: id,
roleName: defaultRoleName,
grantedBy: id,
});
} else {
authLogger.warn("Default role not found during user registration", {
@@ -325,7 +289,6 @@ router.post("/create", async (req, res) => {
operation: "assign_default_role",
userId: id,
});
// Don't fail user creation if role assignment fails
}
try {
@@ -934,7 +897,6 @@ router.get("/oidc/callback", async (req, res) => {
scopes: String(config.scopes),
});
// Assign default role to new OIDC user
try {
const defaultRoleName = isFirstUser ? "admin" : "user";
const defaultRole = await db
@@ -947,12 +909,7 @@ router.get("/oidc/callback", async (req, res) => {
await db.insert(userRoles).values({
userId: id,
roleId: defaultRole[0].id,
grantedBy: id, // Self-assigned during registration
});
authLogger.info("Assigned default role to new OIDC user", {
operation: "assign_default_role_oidc",
userId: id,
roleName: defaultRoleName,
grantedBy: id,
});
} else {
authLogger.warn(
@@ -973,7 +930,6 @@ router.get("/oidc/callback", async (req, res) => {
userId: id,
},
);
// Don't fail user creation if role assignment fails
}
try {
@@ -1215,7 +1171,6 @@ router.post("/login", async (req, res) => {
return res.status(401).json({ error: "Incorrect password" });
}
// Re-encrypt any pending shared credentials for this user
try {
const { SharedCredentialManager } =
await import("../../utils/shared-credential-manager.js");
@@ -1227,7 +1182,6 @@ router.post("/login", async (req, res) => {
userId: userRecord.id,
error,
});
// Continue with login even if re-encryption fails
}
if (userRecord.totp_enabled) {
@@ -1303,15 +1257,7 @@ router.post("/logout", authenticateJWT, async (req, res) => {
try {
const payload = await authManager.verifyJWTToken(token);
sessionId = payload?.sessionId;
} catch (error) {
authLogger.debug(
"Token verification failed during logout (expected if token expired)",
{
operation: "logout_token_verify_failed",
userId,
},
);
}
} catch (error) {}
}
await authManager.logoutUser(userId, sessionId);
@@ -2840,11 +2786,9 @@ router.post("/link-oidc-to-password", authenticateJWT, async (req, res) => {
});
}
// Revoke all sessions and logout the OIDC user before deletion
await authManager.revokeAllUserSessions(oidcUserId);
authManager.logoutUser(oidcUserId);
// Use the comprehensive deletion utility to ensure all data is properly deleted
await deleteUserAndRelatedData(oidcUserId);
try {

94
src/backend/ssh/docker-console.ts
View File

@@ -21,7 +21,6 @@ interface SSHSession {
const activeSessions = new Map<string, SSHSession>();
// WebSocket server on port 30008
const wss = new WebSocketServer({
port: 30008,
verifyClient: async (info, callback) => {
@@ -49,14 +48,8 @@ const wss = new WebSocketServer({
return callback(false, 401, "Invalid token");
}
// Store userId in the request for later use
(info.req as any).userId = decoded.userId;
dockerConsoleLogger.info("WebSocket connection verified", {
operation: "ws_verify",
userId: decoded.userId,
});
callback(true);
} catch (error) {
dockerConsoleLogger.error("WebSocket verification error", error, {
@@ -67,7 +60,6 @@ const wss = new WebSocketServer({
},
});
// Helper function to detect available shell in container
async function detectShell(
session: SSHSession,
containerId: string,
@@ -102,19 +94,15 @@ async function detectShell(
);
});
// If we get here, the shell was found
return shell;
} catch {
// Try next shell
continue;
}
}
// Default to sh if nothing else works
return "sh";
}
// Helper function to create jump host chain
async function createJumpHostChain(
jumpHosts: any[],
userId: string,
@@ -128,7 +116,6 @@ async function createJumpHostChain(
for (let i = 0; i < jumpHosts.length; i++) {
const jumpHostId = jumpHosts[i].hostId;
// Fetch jump host from database
const jumpHostData = await SimpleDBOps.select(
getDb()
.select()
@@ -154,7 +141,6 @@ async function createJumpHostChain(
}
}
// Resolve credentials for jump host
let resolvedCredentials: any = {
password: jumpHost.password,
sshKey: jumpHost.key,
@@ -203,7 +189,6 @@ async function createJumpHostChain(
tcpKeepAliveInitialDelay: 30000,
};
// Set authentication
if (
resolvedCredentials.authType === "password" &&
resolvedCredentials.password
@@ -223,7 +208,6 @@ async function createJumpHostChain(
}
}
// If we have a previous client, use it as the sock
if (currentClient) {
await new Promise<void>((resolve, reject) => {
currentClient!.forwardOut(
@@ -252,17 +236,10 @@ async function createJumpHostChain(
return currentClient;
}
// Handle WebSocket connections
wss.on("connection", async (ws: WebSocket, req) => {
const userId = (req as any).userId;
const sessionId = `docker-console-${Date.now()}-${Math.random()}`;
dockerConsoleLogger.info("Docker console WebSocket connected", {
operation: "ws_connect",
sessionId,
userId,
});
let sshSession: SSHSession | null = null;
ws.on("message", async (data) => {
@@ -304,7 +281,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
return;
}
// Check if Docker is enabled for this host
if (!hostConfig.enableDocker) {
ws.send(
JSON.stringify({
@@ -317,7 +293,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
try {
// Resolve credentials
let resolvedCredentials: any = {
password: hostConfig.password,
sshKey: hostConfig.key,
@@ -355,7 +330,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
}
// Create SSH client
const client = new SSHClient();
const config: any = {
@@ -370,7 +344,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
tcpKeepAliveInitialDelay: 30000,
};
// Set authentication
if (
resolvedCredentials.authType === "password" &&
resolvedCredentials.password
@@ -390,7 +363,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
}
// Handle jump hosts if configured
if (hostConfig.jumpHosts && hostConfig.jumpHosts.length > 0) {
const jumpClient = await createJumpHostChain(
hostConfig.jumpHosts,
@@ -413,7 +385,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
}
// Connect to SSH
await new Promise<void>((resolve, reject) => {
client.on("ready", () => resolve());
client.on("error", reject);
@@ -429,10 +400,8 @@ wss.on("connection", async (ws: WebSocket, req) => {
activeSessions.set(sessionId, sshSession);
// Validate or detect shell
let shellToUse = shell || "bash";
// If a shell is explicitly provided, verify it exists in the container
if (shell) {
try {
await new Promise<void>((resolve, reject) => {
@@ -461,7 +430,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
);
});
} catch {
// Requested shell not found, detect available shell
dockerConsoleLogger.warn(
`Requested shell ${shell} not found, detecting available shell`,
{
@@ -474,13 +442,11 @@ wss.on("connection", async (ws: WebSocket, req) => {
shellToUse = await detectShell(sshSession, containerId);
}
} else {
// No shell specified, detect available shell
shellToUse = await detectShell(sshSession, containerId);
}
sshSession.shell = shellToUse;
// Create docker exec PTY
const execCommand = `docker exec -it ${containerId} /bin/${shellToUse}`;
client.exec(
@@ -515,7 +481,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
sshSession!.stream = stream;
// Forward stream output to WebSocket
stream.on("data", (data: Buffer) => {
if (ws.readyState === WebSocket.OPEN) {
ws.send(
@@ -527,15 +492,7 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
});
stream.stderr.on("data", (data: Buffer) => {
// Log stderr but don't send to terminal to avoid duplicate error messages
dockerConsoleLogger.debug("Docker exec stderr", {
operation: "docker_exec_stderr",
sessionId,
containerId,
data: data.toString("utf8"),
});
});
stream.stderr.on("data", (data: Buffer) => {});
stream.on("close", () => {
if (ws.readyState === WebSocket.OPEN) {
@@ -547,7 +504,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
);
}
// Cleanup
if (sshSession) {
sshSession.client.end();
activeSessions.delete(sessionId);
@@ -564,14 +520,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
},
}),
);
dockerConsoleLogger.info("Docker console session started", {
operation: "console_start",
sessionId,
containerId,
shell: shellToUse,
requestedShell: shell,
});
},
);
} catch (error) {
@@ -605,13 +553,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
if (sshSession && sshSession.stream) {
const { cols, rows } = message.data;
sshSession.stream.setWindow(rows, cols);
dockerConsoleLogger.debug("Console resized", {
operation: "console_resize",
sessionId,
cols,
rows,
});
}
break;
}
@@ -624,11 +565,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
sshSession.client.end();
activeSessions.delete(sessionId);
dockerConsoleLogger.info("Docker console disconnected", {
operation: "console_disconnect",
sessionId,
});
ws.send(
JSON.stringify({
type: "disconnected",
@@ -640,7 +576,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
}
case "ping": {
// Respond with pong to acknowledge keepalive
if (ws.readyState === WebSocket.OPEN) {
ws.send(JSON.stringify({ type: "pong" }));
}
@@ -669,12 +604,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
});
ws.on("close", () => {
dockerConsoleLogger.info("WebSocket connection closed", {
operation: "ws_close",
sessionId,
});
// Cleanup SSH session if still active
if (sshSession) {
if (sshSession.stream) {
sshSession.stream.end();
@@ -690,7 +619,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
sessionId,
});
// Cleanup
if (sshSession) {
if (sshSession.stream) {
sshSession.stream.end();
@@ -701,37 +629,17 @@ wss.on("connection", async (ws: WebSocket, req) => {
});
});
dockerConsoleLogger.info(
"Docker console WebSocket server started on port 30008",
{
operation: "startup",
},
);
// Graceful shutdown
process.on("SIGTERM", () => {
dockerConsoleLogger.info("Shutting down Docker console server...", {
operation: "shutdown",
});
// Close all active sessions
activeSessions.forEach((session, sessionId) => {
if (session.stream) {
session.stream.end();
}
session.client.end();
dockerConsoleLogger.info("Closed session during shutdown", {
operation: "shutdown",
sessionId,
});
});
activeSessions.clear();
wss.close(() => {
dockerConsoleLogger.info("Docker console server closed", {
operation: "shutdown",
});
process.exit(0);
});
});

92
src/backend/ssh/docker.ts
View File

@@ -11,10 +11,8 @@ import { SimpleDBOps } from "../utils/simple-db-ops.js";
import { AuthManager } from "../utils/auth-manager.js";
import type { AuthenticatedRequest, SSHHost } from "../../types/index.js";
// Create dedicated logger for Docker operations
const dockerLogger = logger;
// SSH Session Management
interface SSHSession {
client: SSHClient;
isConnected: boolean;
@@ -26,7 +24,6 @@ interface SSHSession {
const sshSessions: Record<string, SSHSession> = {};
// Session cleanup with 60-minute idle timeout
const SESSION_IDLE_TIMEOUT = 60 * 60 * 1000;
function cleanupSession(sessionId: string) {
@@ -47,9 +44,7 @@ function cleanupSession(sessionId: string) {
try {
session.client.end();
} catch (error) {
dockerLogger.debug("Error ending SSH client during cleanup", { error });
}
} catch (error) {}
clearTimeout(session.timeout);
delete sshSessions[sessionId];
dockerLogger.info("Docker SSH session cleaned up", {
@@ -70,7 +65,6 @@ function scheduleSessionCleanup(sessionId: string) {
}
}
// Helper function to resolve jump host
async function resolveJumpHost(
hostId: number,
userId: string,
@@ -131,7 +125,6 @@ async function resolveJumpHost(
}
}
// Helper function to create jump host chain
async function createJumpHostChain(
jumpHosts: Array<{ hostId: number }>,
userId: string,
@@ -239,7 +232,6 @@ async function createJumpHostChain(
}
}
// Helper function to execute Docker CLI commands
async function executeDockerCommand(
session: SSHSession,
command: string,
@@ -290,7 +282,6 @@ async function executeDockerCommand(
});
}
// Express app setup
const app = express();
app.use(
@@ -334,12 +325,9 @@ app.use(cookieParser());
app.use(express.json({ limit: "100mb" }));
app.use(express.urlencoded({ limit: "100mb", extended: true }));
// Initialize AuthManager and apply middleware
const authManager = AuthManager.getInstance();
app.use(authManager.createAuthMiddleware());
// Session management endpoints
// POST /docker/ssh/connect - Establish SSH session
app.post("/docker/ssh/connect", async (req, res) => {
const { sessionId, hostId } = req.body;
@@ -373,7 +361,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
}
try {
// Get host configuration - check both owned and shared hosts
const hosts = await SimpleDBOps.select(
getDb().select().from(sshData).where(eq(sshData.id, hostId)),
"ssh_data",
@@ -386,7 +373,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
const host = hosts[0] as unknown as SSHHost;
// Verify user has access to this host (either owner or shared access)
if (host.userId !== userId) {
const { PermissionManager } =
await import("../utils/permission-manager.js");
@@ -417,7 +403,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
}
}
// Check if Docker is enabled for this host
if (!host.enableDocker) {
dockerLogger.warn("Docker not enabled for host", {
operation: "docker_connect",
@@ -431,12 +416,10 @@ app.post("/docker/ssh/connect", async (req, res) => {
});
}
// Clean up existing session if any
if (sshSessions[sessionId]) {
cleanupSession(sessionId);
}
// Resolve credentials
let resolvedCredentials: any = {
password: host.password,
sshKey: host.key,
@@ -447,9 +430,7 @@ app.post("/docker/ssh/connect", async (req, res) => {
if (host.credentialId) {
const ownerId = host.userId;
// Check if this is a shared host access
if (userId !== ownerId) {
// User is accessing a shared host - use shared credential
try {
const { SharedCredentialManager } =
await import("../utils/shared-credential-manager.js");
@@ -475,7 +456,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
});
}
} else {
// Owner accessing their own host
const credentials = await SimpleDBOps.select(
getDb()
.select()
@@ -503,7 +483,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
}
}
// Create SSH client
const client = new SSHClient();
const config: any = {
@@ -518,7 +497,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
tcpKeepAliveInitialDelay: 30000,
};
// Set authentication
if (
resolvedCredentials.authType === "password" &&
resolvedCredentials.password
@@ -554,13 +532,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
scheduleSessionCleanup(sessionId);
dockerLogger.info("Docker SSH session established", {
operation: "docker_connect",
sessionId,
hostId,
userId,
});
res.json({ success: true, message: "SSH connection established" });
});
@@ -588,7 +559,6 @@ app.post("/docker/ssh/connect", async (req, res) => {
}
});
// Handle jump hosts if configured
if (host.jumpHosts && host.jumpHosts.length > 0) {
const jumpClient = await createJumpHostChain(
host.jumpHosts as Array<{ hostId: number }>,
@@ -654,11 +624,6 @@ app.post("/docker/ssh/disconnect", async (req, res) => {
cleanupSession(sessionId);
dockerLogger.info("Docker SSH session disconnected", {
operation: "docker_disconnect",
sessionId,
});
res.json({ success: true, message: "SSH session disconnected" });
});
@@ -724,7 +689,6 @@ app.get("/docker/validate/:sessionId", async (req, res) => {
session.activeOperations++;
try {
// Check if Docker is installed
try {
const versionOutput = await executeDockerCommand(
session,
@@ -733,7 +697,6 @@ app.get("/docker/validate/:sessionId", async (req, res) => {
const versionMatch = versionOutput.match(/Docker version ([^\s,]+)/);
const version = versionMatch ? versionMatch[1] : "unknown";
// Check if Docker daemon is running
try {
await executeDockerCommand(session, "docker ps >/dev/null 2>&1");
@@ -798,7 +761,7 @@ app.get("/docker/validate/:sessionId", async (req, res) => {
// GET /docker/containers/:sessionId - List all containers
app.get("/docker/containers/:sessionId", async (req, res) => {
const { sessionId } = req.params;
const all = req.query.all !== "false"; // Default to true
const all = req.query.all !== "false";
const userId = (req as any).userId;
if (!userId) {
@@ -942,13 +905,6 @@ app.post(
session.activeOperations--;
dockerLogger.info("Container started", {
operation: "start_container",
sessionId,
containerId,
userId,
});
res.json({
success: true,
message: "Container started successfully",
@@ -1007,13 +963,6 @@ app.post(
session.activeOperations--;
dockerLogger.info("Container stopped", {
operation: "stop_container",
sessionId,
containerId,
userId,
});
res.json({
success: true,
message: "Container stopped successfully",
@@ -1072,13 +1021,6 @@ app.post(
session.activeOperations--;
dockerLogger.info("Container restarted", {
operation: "restart_container",
sessionId,
containerId,
userId,
});
res.json({
success: true,
message: "Container restarted successfully",
@@ -1137,13 +1079,6 @@ app.post(
session.activeOperations--;
dockerLogger.info("Container paused", {
operation: "pause_container",
sessionId,
containerId,
userId,
});
res.json({
success: true,
message: "Container paused successfully",
@@ -1202,13 +1137,6 @@ app.post(
session.activeOperations--;
dockerLogger.info("Container unpaused", {
operation: "unpause_container",
sessionId,
containerId,
userId,
});
res.json({
success: true,
message: "Container unpaused successfully",
@@ -1272,14 +1200,6 @@ app.delete(
session.activeOperations--;
dockerLogger.info("Container removed", {
operation: "remove_container",
sessionId,
containerId,
force,
userId,
});
res.json({
success: true,
message: "Container removed successfully",
@@ -1425,17 +1345,14 @@ app.get(
const output = await executeDockerCommand(session, command);
const rawStats = JSON.parse(output.trim());
// Parse memory usage (e.g., "1.5GiB / 8GiB" -> { used: "1.5GiB", limit: "8GiB" })
const memoryParts = rawStats.memory.split(" / ");
const memoryUsed = memoryParts[0]?.trim() || "0B";
const memoryLimit = memoryParts[1]?.trim() || "0B";
// Parse network I/O (e.g., "1.5MB / 2.3MB" -> { input: "1.5MB", output: "2.3MB" })
const netIOParts = rawStats.netIO.split(" / ");
const netInput = netIOParts[0]?.trim() || "0B";
const netOutput = netIOParts[1]?.trim() || "0B";
// Parse block I/O (e.g., "10MB / 5MB" -> { read: "10MB", write: "5MB" })
const blockIOParts = rawStats.blockIO.split(" / ");
const blockRead = blockIOParts[0]?.trim() || "0B";
const blockWrite = blockIOParts[1]?.trim() || "0B";
@@ -1482,13 +1399,11 @@ app.get(
},
);
// Start server
const PORT = 30007;
app.listen(PORT, async () => {
try {
await authManager.initialize();
dockerLogger.info(`Docker backend server started on port ${PORT}`);
} catch (err) {
dockerLogger.error("Failed to initialize Docker backend", err, {
operation: "startup",
@@ -1496,9 +1411,7 @@ app.listen(PORT, async () => {
}
});
// Graceful shutdown
process.on("SIGINT", () => {
dockerLogger.info("Shutting down Docker backend");
Object.keys(sshSessions).forEach((sessionId) => {
cleanupSession(sessionId);
});
@@ -1506,7 +1419,6 @@ process.on("SIGINT", () => {
});
process.on("SIGTERM", () => {
dockerLogger.info("Shutting down Docker backend");
Object.keys(sshSessions).forEach((sessionId) => {
cleanupSession(sessionId);
});

70
src/backend/ssh/file-manager.ts
View File

@@ -815,34 +815,10 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
},
);
fileLogger.info("SFTP connection request received", {
operation: "sftp_connect_request",
sessionId,
hostId,
ip,
port,
useSocks5,
socks5Host,
socks5Port,
hasSocks5ProxyChain: !!(
socks5ProxyChain && (socks5ProxyChain as any).length > 0
),
proxyChainLength: socks5ProxyChain ? (socks5ProxyChain as any).length : 0,
});
// Check if SOCKS5 proxy is enabled (either single proxy or chain)
if (
useSocks5 &&
(socks5Host || (socks5ProxyChain && (socks5ProxyChain as any).length > 0))
) {
fileLogger.info("SOCKS5 enabled for SFTP, creating connection", {
operation: "sftp_socks5_enabled",
sessionId,
socks5Host,
socks5Port,
hasChain: !!(socks5ProxyChain && (socks5ProxyChain as any).length > 0),
});
try {
const socks5Socket = await createSocks5Connection(ip, port, {
useSocks5,
@@ -854,10 +830,6 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
});
if (socks5Socket) {
fileLogger.info("SOCKS5 socket created for SFTP", {
operation: "sftp_socks5_socket_ready",
sessionId,
});
config.sock = socks5Socket;
client.connect(config);
return;
@@ -883,17 +855,7 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
: "Unknown error"),
});
}
} else {
fileLogger.info("SOCKS5 NOT enabled for SFTP connection", {
operation: "sftp_no_socks5",
sessionId,
useSocks5,
socks5Host,
hasChain: !!(socks5ProxyChain && (socks5ProxyChain as any).length > 0),
});
}
if (jumpHosts && jumpHosts.length > 0 && userId) {
} else if (jumpHosts && jumpHosts.length > 0 && userId) {
try {
const jumpClient = await createJumpHostChain(jumpHosts, userId);
@@ -976,9 +938,7 @@ app.post("/ssh/file_manager/ssh/connect-totp", async (req, res) => {
delete pendingTOTPSessions[sessionId];
try {
session.client.end();
} catch (error) {
sshLogger.debug("Operation failed, continuing", { error });
}
} catch (error) {}
fileLogger.warn("TOTP session timeout before code submission", {
operation: "file_totp_verify",
sessionId,
@@ -3055,21 +3015,10 @@ app.post("/ssh/file_manager/ssh/extractArchive", async (req, res) => {
let errorOutput = "";
stream.on("data", (data: Buffer) => {
fileLogger.debug("Extract stdout", {
operation: "extract_archive",
sessionId,
output: data.toString(),
});
});
stream.on("data", (data: Buffer) => {});
stream.stderr.on("data", (data: Buffer) => {
errorOutput += data.toString();
fileLogger.debug("Extract stderr", {
operation: "extract_archive",
sessionId,
error: data.toString(),
});
});
stream.on("close", (code: number) => {
@@ -3247,21 +3196,10 @@ app.post("/ssh/file_manager/ssh/compressFiles", async (req, res) => {
let errorOutput = "";
stream.on("data", (data: Buffer) => {
fileLogger.debug("Compress stdout", {
operation: "compress_files",
sessionId,
output: data.toString(),
});
});
stream.on("data", (data: Buffer) => {});
stream.stderr.on("data", (data: Buffer) => {
errorOutput += data.toString();
fileLogger.debug("Compress stderr", {
operation: "compress_files",
sessionId,
error: data.toString(),
});
});
stream.on("close", (code: number) => {

142
src/backend/ssh/server-stats.ts
View File

@@ -201,7 +201,6 @@ class SSHConnectionPool {
private cleanupInterval: NodeJS.Timeout;
constructor() {
// Reduce cleanup interval from 5 minutes to 2 minutes for faster dead connection removal
this.cleanupInterval = setInterval(
() => {
this.cleanup();
@@ -211,8 +210,6 @@ class SSHConnectionPool {
}
private getHostKey(host: SSHHostWithCredentials): string {
// Include SOCKS5 settings in the key to ensure separate connection pools
// for direct connections vs SOCKS5 connections
const socks5Key = host.useSocks5
? `:socks5:${host.socks5Host}:${host.socks5Port}:${JSON.stringify(host.socks5ProxyChain || [])}`
: "";
@@ -221,9 +218,8 @@ class SSHConnectionPool {
private isConnectionHealthy(client: Client): boolean {
try {
// Check if the connection has been destroyed or closed
// @ts-ignore - accessing internal property to check connection state
if (client._sock && (client._sock.destroyed || !client._sock.writable)) {
const sock = (client as any)._sock;
if (sock && (sock.destroyed || !sock.writable)) {
return false;
}
return true;
@@ -236,28 +232,13 @@ class SSHConnectionPool {
const hostKey = this.getHostKey(host);
let connections = this.connections.get(hostKey) || [];
statsLogger.info("Getting connection from pool", {
operation: "get_connection_from_pool",
hostKey: hostKey,
availableConnections: connections.length,
useSocks5: host.useSocks5,
socks5Host: host.socks5Host,
hasSocks5ProxyChain: !!(
host.socks5ProxyChain && host.socks5ProxyChain.length > 0
),
hostId: host.id,
});
// Find available connection and validate health
const available = connections.find((conn) => !conn.inUse);
if (available) {
// Health check before reuse
if (!this.isConnectionHealthy(available.client)) {
statsLogger.warn("Removing unhealthy connection from pool", {
operation: "remove_dead_connection",
hostKey,
});
// Remove dead connection
try {
available.client.end();
} catch (error) {
@@ -265,12 +246,7 @@ class SSHConnectionPool {
}
connections = connections.filter((c) => c !== available);
this.connections.set(hostKey, connections);
// Fall through to create new connection
} else {
statsLogger.info("Reusing existing connection from pool", {
operation: "reuse_connection",
hostKey,
});
available.inUse = true;
available.lastUsed = Date.now();
return available.client;
@@ -278,10 +254,6 @@ class SSHConnectionPool {
}
if (connections.length < this.maxConnectionsPerHost) {
statsLogger.info("Creating new connection for pool", {
operation: "create_new_connection",
hostKey,
});
const client = await this.createConnection(host);
const pooled: PooledConnection = {
client,
@@ -369,24 +341,11 @@ class SSHConnectionPool {
try {
const config = buildSshConfig(host);
// Check if SOCKS5 proxy is enabled (either single proxy or chain)
if (
host.useSocks5 &&
(host.socks5Host ||
(host.socks5ProxyChain && host.socks5ProxyChain.length > 0))
) {
statsLogger.info("Using SOCKS5 proxy for connection", {
operation: "socks5_enabled",
hostIp: host.ip,
hostPort: host.port,
socks5Host: host.socks5Host,
socks5Port: host.socks5Port,
hasChain: !!(
host.socks5ProxyChain && host.socks5ProxyChain.length > 0
),
chainLength: host.socks5ProxyChain?.length || 0,
});
try {
const socks5Socket = await createSocks5Connection(
host.ip,
@@ -402,10 +361,6 @@ class SSHConnectionPool {
);
if (socks5Socket) {
statsLogger.info("SOCKS5 socket created successfully", {
operation: "socks5_socket_ready",
hostIp: host.ip,
});
config.sock = socks5Socket;
client.connect(config);
return;
@@ -492,12 +447,6 @@ class SSHConnectionPool {
const hostKey = this.getHostKey(host);
const connections = this.connections.get(hostKey) || [];
statsLogger.info("Clearing all connections for host", {
operation: "clear_host_connections",
hostKey,
connectionCount: connections.length,
});
for (const conn of connections) {
try {
conn.client.end();
@@ -519,7 +468,6 @@ class SSHConnectionPool {
for (const [hostKey, connections] of this.connections.entries()) {
const activeConnections = connections.filter((conn) => {
// Remove if idle for too long
if (!conn.inUse && now - conn.lastUsed > maxAge) {
try {
conn.client.end();
@@ -527,7 +475,6 @@ class SSHConnectionPool {
totalCleaned++;
return false;
}
// Also remove if connection is unhealthy (even if recently used)
if (!this.isConnectionHealthy(conn.client)) {
statsLogger.warn("Removing unhealthy connection during cleanup", {
operation: "cleanup_unhealthy",
@@ -549,23 +496,9 @@ class SSHConnectionPool {
this.connections.set(hostKey, activeConnections);
}
}
if (totalCleaned > 0 || totalUnhealthy > 0) {
statsLogger.info("Connection pool cleanup completed", {
operation: "cleanup_complete",
idleCleaned: totalCleaned,
unhealthyCleaned: totalUnhealthy,
remainingHosts: this.connections.size,
});
}
}
clearAllConnections(): void {
statsLogger.info("Clearing ALL connections from pool", {
operation: "clear_all_connections",
totalHosts: this.connections.size,
});
for (const [hostKey, connections] of this.connections.entries()) {
for (const conn of connections) {
try {
@@ -601,13 +534,12 @@ class SSHConnectionPool {
class RequestQueue {
private queues = new Map<number, Array<() => Promise<unknown>>>();
private processing = new Set<number>();
private requestTimeout = 60000; // 60 second timeout for requests
private requestTimeout = 60000;
async queueRequest<T>(hostId: number, request: () => Promise<T>): Promise<T> {
return new Promise<T>((resolve, reject) => {
const wrappedRequest = async () => {
try {
// Add timeout wrapper to prevent indefinite hanging
const result = await Promise.race<T>([
request(),
new Promise<never>((_, rej) =>
@@ -646,19 +578,11 @@ class RequestQueue {
if (request) {
try {
await request();
} catch (error) {
// Log errors but continue processing queue
statsLogger.debug("Request queue error", {
operation: "queue_request_error",
hostId,
error: error instanceof Error ? error.message : String(error),
});
}
} catch (error) {}
}
}
this.processing.delete(hostId);
// Check if new items were added during processing
const currentQueue = this.queues.get(hostId);
if (currentQueue && currentQueue.length > 0) {
this.processQueue(hostId);
@@ -797,9 +721,9 @@ class AuthFailureTracker {
class PollingBackoff {
private failures = new Map<number, { count: number; nextRetry: number }>();
private baseDelay = 30000; // 30s base delay
private maxDelay = 600000; // 10 min max delay
private maxRetries = 5; // Max retry attempts before giving up
private baseDelay = 30000;
private maxDelay = 600000;
private maxRetries = 5;
recordFailure(hostId: number): void {
const existing = this.failures.get(hostId) || { count: 0, nextRetry: 0 };
@@ -811,25 +735,16 @@ class PollingBackoff {
count: existing.count + 1,
nextRetry: Date.now() + delay,
});
statsLogger.debug("Recorded polling backoff", {
operation: "polling_backoff_recorded",
hostId,
failureCount: existing.count + 1,
nextRetryDelay: delay,
});
}
shouldSkip(hostId: number): boolean {
const backoff = this.failures.get(hostId);
if (!backoff) return false;
// If exceeded max retries, always skip
if (backoff.count >= this.maxRetries) {
return true;
}
// Otherwise check if we're still in backoff period
return Date.now() < backoff.nextRetry;
}
@@ -852,18 +767,13 @@ class PollingBackoff {
reset(hostId: number): void {
this.failures.delete(hostId);
statsLogger.debug("Reset polling backoff", {
operation: "polling_backoff_reset",
hostId,
});
}
cleanup(): void {
const maxAge = 60 * 60 * 1000; // 1 hour
const maxAge = 60 * 60 * 1000;
const now = Date.now();
for (const [hostId, backoff] of this.failures.entries()) {
// Only cleanup if not at max retries and old enough
if (backoff.count < this.maxRetries && now - backoff.nextRetry > maxAge) {
this.failures.delete(hostId);
}
@@ -906,7 +816,6 @@ interface SSHHostWithCredentials {
updatedAt: string;
userId: string;
// SOCKS5 Proxy configuration
useSocks5?: boolean;
socks5Host?: string;
socks5Port?: number;
@@ -1051,7 +960,6 @@ class PollingManager {
}
private async pollHostStatus(host: SSHHostWithCredentials): Promise<void> {
// Refresh host data from database to get latest settings
const refreshedHost = await fetchHostById(host.id, host.userId);
if (!refreshedHost) {
statsLogger.warn("Host not found during status polling", {
@@ -1082,18 +990,11 @@ class PollingManager {
}
private async pollHostMetrics(host: SSHHostWithCredentials): Promise<void> {
// Check if we should skip due to backoff
if (pollingBackoff.shouldSkip(host.id)) {
const backoffInfo = pollingBackoff.getBackoffInfo(host.id);
statsLogger.debug("Skipping metrics polling due to backoff", {
operation: "poll_metrics_skipped",
hostId: host.id,
backoffInfo,
});
return;
}
// Refresh host data from database to get latest SOCKS5 and other settings
const refreshedHost = await fetchHostById(host.id, host.userId);
if (!refreshedHost) {
statsLogger.warn("Host not found during metrics polling", {
@@ -1114,13 +1015,11 @@ class PollingManager {
data: metrics,
timestamp: Date.now(),
});
// Reset backoff on successful collection
pollingBackoff.reset(refreshedHost.id);
} catch (error) {
const errorMessage =
error instanceof Error ? error.message : String(error);
// Record failure for backoff
pollingBackoff.recordFailure(refreshedHost.id);
const latestConfig = this.pollingConfigs.get(refreshedHost.id);
@@ -1356,7 +1255,6 @@ async function resolveHostCredentials(
createdAt: host.createdAt,
updatedAt: host.updatedAt,
userId: host.userId,
// SOCKS5 proxy settings
useSocks5: !!host.useSocks5,
socks5Host: host.socks5Host || undefined,
socks5Port: host.socks5Port || undefined,
@@ -1415,21 +1313,6 @@ async function resolveHostCredentials(
addLegacyCredentials(baseHost, host);
}
statsLogger.info("Resolved host credentials with SOCKS5 settings", {
operation: "resolve_host",
hostId: host.id as number,
useSocks5: baseHost.useSocks5,
socks5Host: baseHost.socks5Host,
socks5Port: baseHost.socks5Port,
hasSocks5ProxyChain: !!(
baseHost.socks5ProxyChain &&
(baseHost.socks5ProxyChain as any[]).length > 0
),
proxyChainLength: baseHost.socks5ProxyChain
? (baseHost.socks5ProxyChain as any[]).length
: 0,
});
return baseHost as unknown as SSHHostWithCredentials;
} catch (error) {
statsLogger.error(
@@ -1654,12 +1537,7 @@ async function collectMetrics(host: SSHHostWithCredentials): Promise<{
};
try {
login_stats = await collectLoginStats(client);
} catch (e) {
statsLogger.debug("Failed to collect login stats", {
operation: "login_stats_failed",
error: e instanceof Error ? e.message : String(e),
});
}
} catch (e) {}
const result = {
cpu,
@@ -1800,7 +1678,6 @@ app.post("/refresh", async (req, res) => {
});
}
// Clear all connections to ensure fresh connections with updated settings
connectionPool.clearAllConnections();
await pollingManager.refreshHostPolling(userId);
@@ -1825,7 +1702,6 @@ app.post("/host-updated", async (req, res) => {
try {
const host = await fetchHostById(hostId, userId);
if (host) {
// Clear existing connections for this host to ensure new settings (like SOCKS5) are used
connectionPool.clearHostConnections(host);
await pollingManager.startPollingForHost(host);

4
src/backend/ssh/terminal.ts
View File

@@ -137,12 +137,10 @@ async function createJumpHostChain(
const clients: Client[] = [];
try {
// Fetch all jump host configurations in parallel
const jumpHostConfigs = await Promise.all(
jumpHosts.map((jh) => resolveJumpHost(jh.hostId, userId)),
);
// Validate all configs resolved
for (let i = 0; i < jumpHostConfigs.length; i++) {
if (!jumpHostConfigs[i]) {
sshLogger.error(`Jump host ${i + 1} not found`, undefined, {
@@ -154,7 +152,6 @@ async function createJumpHostChain(
}
}
// Connect through jump hosts sequentially
for (let i = 0; i < jumpHostConfigs.length; i++) {
const jumpHostConfig = jumpHostConfigs[i];
@@ -1196,7 +1193,6 @@ wss.on("connection", async (ws: WebSocket, req) => {
return;
}
// Check if SOCKS5 proxy is enabled (either single proxy or chain)
if (
hostConfig.useSocks5 &&
(hostConfig.socks5Host ||

28
src/backend/ssh/tunnel.ts
View File

@@ -594,11 +594,6 @@ async function connectSSHTunnel(
keyType: sharedCred.keyType,
authMethod: sharedCred.authType,
};
tunnelLogger.info("Resolved shared credentials for tunnel source", {
operation: "tunnel_connect_shared_cred",
tunnelName,
userId: effectiveUserId,
});
} else {
const errorMessage = `Cannot connect tunnel '${tunnelName}': shared credentials not available`;
tunnelLogger.error(errorMessage);
@@ -1126,7 +1121,6 @@ async function connectSSHTunnel(
});
}
// Check if SOCKS5 proxy is enabled (either single proxy or chain)
if (
tunnelConfig.useSocks5 &&
(tunnelConfig.socks5Host ||
@@ -1399,7 +1393,6 @@ async function killRemoteTunnelByMarker(
callback(err);
});
// Check if SOCKS5 proxy is enabled (either single proxy or chain)
if (
tunnelConfig.useSocks5 &&
(tunnelConfig.socks5Host ||
@@ -1517,12 +1510,6 @@ app.post(
if (accessInfo.isShared && !accessInfo.isOwner) {
tunnelConfig.requestingUserId = userId;
tunnelLogger.info("Shared host tunnel connect", {
operation: "tunnel_connect_shared",
userId,
hostId: tunnelConfig.sourceHostId,
tunnelName,
});
}
}
@@ -1552,14 +1539,7 @@ app.post(
}
}
// If endpoint details are missing, resolve them from database
if (!tunnelConfig.endpointIP || !tunnelConfig.endpointUsername) {
tunnelLogger.info("Resolving endpoint host details from database", {
operation: "tunnel_connect_resolve_endpoint",
tunnelName,
endpointHost: tunnelConfig.endpointHost,
});
try {
const systemCrypto = SystemCrypto.getInstance();
const internalAuthToken = await systemCrypto.getInternalAuthToken();
@@ -1587,7 +1567,6 @@ app.post(
);
}
// Populate endpoint fields
tunnelConfig.endpointIP = endpointHost.ip;
tunnelConfig.endpointSSHPort = endpointHost.port;
tunnelConfig.endpointUsername = endpointHost.username;
@@ -1598,13 +1577,6 @@ app.post(
tunnelConfig.endpointKeyType = endpointHost.keyType;
tunnelConfig.endpointCredentialId = endpointHost.credentialId;
tunnelConfig.endpointUserId = endpointHost.userId;
tunnelLogger.info("Endpoint host details resolved", {
operation: "tunnel_connect_endpoint_resolved",
tunnelName,
endpointIP: tunnelConfig.endpointIP,
endpointUsername: tunnelConfig.endpointUsername,
});
} catch (resolveError) {
tunnelLogger.error(
"Failed to resolve endpoint host",

1
src/backend/ssh/widgets/cpu-collector.ts
View File

@@ -26,7 +26,6 @@ export async function collectCpuMetrics(client: Client): Promise<{
let loadTriplet: [number, number, number] | null = null;
try {
// Wrap Promise.all with timeout to prevent indefinite blocking
const [stat1, loadAvgOut, coresOut] = await Promise.race([
Promise.all([
execCommand(client, "cat /proc/stat"),

10
src/backend/utils/auth-manager.ts
View File

@@ -169,7 +169,6 @@ class AuthManager {
await saveMemoryDatabaseToFile();
}
// Migrate credentials to system encryption for offline sharing
try {
const { CredentialSystemEncryptionMigration } =
await import("./credential-system-encryption-migration.js");
@@ -177,18 +176,9 @@ class AuthManager {
const credResult = await credMigration.migrateUserCredentials(userId);
if (credResult.migrated > 0) {
databaseLogger.info(
"Credentials migrated to system encryption on login",
{
operation: "login_credential_migration",
userId,
migrated: credResult.migrated,
},
);
await saveMemoryDatabaseToFile();
}
} catch (error) {
// Log but don't fail login
databaseLogger.warn("Credential migration failed during login", {
operation: "login_credential_migration_failed",
userId,

33
src/backend/utils/credential-system-encryption-migration.ts
View File

@@ -6,31 +6,21 @@ import { SystemCrypto } from "./system-crypto.js";
import { FieldCrypto } from "./field-crypto.js";
import { databaseLogger } from "./logger.js";
/**
* Migrates credentials to include system-encrypted fields for offline sharing
*/
export class CredentialSystemEncryptionMigration {
/**
* Migrates a user's credentials to include system-encrypted fields
* Requires user to be logged in (DEK available)
*/
async migrateUserCredentials(userId: string): Promise<{
migrated: number;
failed: number;
skipped: number;
}> {
try {
// Get user's DEK (requires logged in)
const userDEK = DataCrypto.getUserDataKey(userId);
if (!userDEK) {
throw new Error("User must be logged in to migrate credentials");
}
// Get system key
const systemCrypto = SystemCrypto.getInstance();
const CSKEK = await systemCrypto.getCredentialSharingKey();
// Find credentials without system encryption
const credentials = await db
.select()
.from(sshCredentials)
@@ -51,7 +41,6 @@ export class CredentialSystemEncryptionMigration {
for (const cred of credentials) {
try {
// Decrypt with user DEK
const plainPassword = cred.password
? FieldCrypto.decryptField(
cred.password,
@@ -79,7 +68,6 @@ export class CredentialSystemEncryptionMigration {
)
: null;
// Re-encrypt with CSKEK
const systemPassword = plainPassword
? FieldCrypto.encryptField(
plainPassword,
@@ -107,7 +95,6 @@ export class CredentialSystemEncryptionMigration {
)
: null;
// Update database
await db
.update(sshCredentials)
.set({
@@ -119,12 +106,6 @@ export class CredentialSystemEncryptionMigration {
.where(eq(sshCredentials.id, cred.id));
migrated++;
databaseLogger.info("Credential migrated for offline sharing", {
operation: "credential_system_encryption_migrated",
credentialId: cred.id,
userId,
});
} catch (error) {
databaseLogger.error("Failed to migrate credential", error, {
credentialId: cred.id,
@@ -133,20 +114,6 @@ export class CredentialSystemEncryptionMigration {
failed++;
}
}
if (migrated > 0) {
databaseLogger.success(
"Credential system encryption migration completed",
{
operation: "credential_migration_complete",
userId,
migrated,
failed,
skipped,
},
);
}
return { migrated, failed, skipped };
} catch (error) {
databaseLogger.error(

4
src/backend/utils/data-crypto.ts
View File

@@ -488,12 +488,10 @@ class DataCrypto {
const systemEncrypted: Record<string, unknown> = {};
const recordId = record.id || "temp-" + Date.now();
// Only encrypt for sshCredentials table
if (tableName !== "ssh_credentials") {
return systemEncrypted as Partial<T>;
}
// Encrypt password field
if (record.password && typeof record.password === "string") {
systemEncrypted.systemPassword = FieldCrypto.encryptField(
record.password as string,
@@ -503,7 +501,6 @@ class DataCrypto {
);
}
// Encrypt key field
if (record.key && typeof record.key === "string") {
systemEncrypted.systemKey = FieldCrypto.encryptField(
record.key as string,
@@ -513,7 +510,6 @@ class DataCrypto {
);
}
// Encrypt key_password field
if (record.key_password && typeof record.key_password === "string") {
systemEncrypted.systemKeyPassword = FieldCrypto.encryptField(
record.key_password as string,

6
src/backend/utils/database-file-encryption.ts
View File

@@ -327,11 +327,7 @@ class DatabaseFileEncryption {
fs.accessSync(envPath, fs.constants.R_OK);
envFileReadable = true;
}
} catch (error) {
databaseLogger.debug("Operation failed, continuing", {
error: error instanceof Error ? error.message : String(error),
});
}
} catch (error) {}
databaseLogger.error(
"Database decryption authentication failed - possible causes: wrong DATABASE_KEY, corrupted files, or interrupted write",

26
src/backend/utils/permission-manager.ts
View File

@@ -19,7 +19,7 @@ interface HostAccessInfo {
hasAccess: boolean;
isOwner: boolean;
isShared: boolean;
permissionLevel?: "view"; // Only "view" is supported for shared access
permissionLevel?: "view";
expiresAt?: string | null;
}
@@ -34,12 +34,11 @@ class PermissionManager {
string,
{ permissions: string[]; timestamp: number }
>;
private readonly CACHE_TTL = 5 * 60 * 1000; // 5 minutes
private readonly CACHE_TTL = 5 * 60 * 1000;
private constructor() {
this.permissionCache = new Map();
// Auto-cleanup expired host access every 1 minute
setInterval(() => {
this.cleanupExpiredAccess().catch((error) => {
databaseLogger.error(
@@ -52,7 +51,6 @@ class PermissionManager {
});
}, 60 * 1000);
// Clear permission cache every 5 minutes
setInterval(() => {
this.clearPermissionCache();
}, this.CACHE_TTL);
@@ -80,13 +78,6 @@ class PermissionManager {
),
)
.returning({ id: hostAccess.id });
if (result.length > 0) {
databaseLogger.info("Cleaned up expired host access", {
operation: "host_access_cleanup",
count: result.length,
});
}
} catch (error) {
databaseLogger.error("Failed to cleanup expired host access", error, {
operation: "host_access_cleanup_failed",
@@ -112,7 +103,6 @@ class PermissionManager {
* Get user permissions from roles
*/
async getUserPermissions(userId: string): Promise<string[]> {
// Check cache first
const cached = this.permissionCache.get(userId);
if (cached && Date.now() - cached.timestamp < this.CACHE_TTL) {
return cached.permissions;
@@ -145,7 +135,6 @@ class PermissionManager {
const permissionsArray = Array.from(allPermissions);
// Cache the result
this.permissionCache.set(userId, {
permissions: permissionsArray,
timestamp: Date.now(),
@@ -168,17 +157,14 @@ class PermissionManager {
async hasPermission(userId: string, permission: string): Promise<boolean> {
const userPermissions = await this.getUserPermissions(userId);
// Check for wildcard "*" (god mode)
if (userPermissions.includes("*")) {
return true;
}
// Check exact match
if (userPermissions.includes(permission)) {
return true;
}
// Check wildcard matches
const parts = permission.split(".");
for (let i = parts.length; i > 0; i--) {
const wildcardPermission = parts.slice(0, i).join(".") + ".*";
@@ -199,7 +185,6 @@ class PermissionManager {
action: "read" | "write" | "execute" | "delete" | "share" = "read",
): Promise<HostAccessInfo> {
try {
// Check if user is the owner
const host = await db
.select()
.from(sshData)
@@ -214,14 +199,12 @@ class PermissionManager {
};
}
// Get user's role IDs
const userRoleIds = await db
.select({ roleId: userRoles.roleId })
.from(userRoles)
.where(eq(userRoles.userId, userId));
const roleIds = userRoleIds.map((r) => r.roleId);
// Check if host is shared with user OR user's roles
const now = new Date().toISOString();
const sharedAccess = await db
.select()
@@ -246,7 +229,6 @@ class PermissionManager {
if (sharedAccess.length > 0) {
const access = sharedAccess[0];
// All shared access is view-only - deny write/delete
if (action === "write" || action === "delete") {
return {
hasAccess: false,
@@ -257,7 +239,6 @@ class PermissionManager {
};
}
// Update last accessed time
try {
await db
.update(hostAccess)
@@ -306,7 +287,6 @@ class PermissionManager {
*/
async isAdmin(userId: string): Promise<boolean> {
try {
// Check old is_admin field
const user = await db
.select({ isAdmin: users.is_admin })
.from(users)
@@ -317,7 +297,6 @@ class PermissionManager {
return true;
}
// Check if user has admin or super_admin role
const adminRoles = await db
.select({ roleName: roles.name })
.from(userRoles)
@@ -415,7 +394,6 @@ class PermissionManager {
});
}
// Attach access info to request for use in route handlers
(req as any).hostAccessInfo = accessInfo;
next();

123
src/backend/utils/shared-credential-manager.ts
View File

@@ -49,14 +49,11 @@ class SharedCredentialManager {
ownerId: string,
): Promise<void> {
try {
// Try owner's DEK first (existing path)
const ownerDEK = DataCrypto.getUserDataKey(ownerId);
if (ownerDEK) {
// Owner online - use existing flow
const targetDEK = DataCrypto.getUserDataKey(targetUserId);
if (!targetDEK) {
// Target user is offline, mark for lazy re-encryption
await this.createPendingSharedCredential(
hostAccessId,
originalCredentialId,
@@ -65,14 +62,12 @@ class SharedCredentialManager {
return;
}
// Fetch and decrypt original credential using owner's DEK
const credentialData = await this.getDecryptedCredential(
originalCredentialId,
ownerId,
ownerDEK,
);
// Encrypt credential data with target user's DEK
const encryptedForTarget = this.encryptCredentialForUser(
credentialData,
targetUserId,
@@ -80,7 +75,6 @@ class SharedCredentialManager {
hostAccessId,
);
// Store shared credential
await db.insert(sharedCredentials).values({
hostAccessId,
originalCredentialId,
@@ -88,28 +82,9 @@ class SharedCredentialManager {
...encryptedForTarget,
needsReEncryption: false,
});
databaseLogger.info("Created shared credential for user", {
operation: "create_shared_credential",
hostAccessId,
targetUserId,
});
} else {
// NEW: Owner offline - use system key fallback
databaseLogger.info(
"Owner offline, attempting to share using system key",
{
operation: "create_shared_credential_system_key",
hostAccessId,
targetUserId,
ownerId,
},
);
// Get target user's DEK
const targetDEK = DataCrypto.getUserDataKey(targetUserId);
if (!targetDEK) {
// Both offline - create pending
await this.createPendingSharedCredential(
hostAccessId,
originalCredentialId,
@@ -118,11 +93,9 @@ class SharedCredentialManager {
return;
}
// Decrypt using system key
const credentialData =
await this.getDecryptedCredentialViaSystemKey(originalCredentialId);
// Encrypt for target user
const encryptedForTarget = this.encryptCredentialForUser(
credentialData,
targetUserId,
@@ -130,7 +103,6 @@ class SharedCredentialManager {
hostAccessId,
);
// Store shared credential
await db.insert(sharedCredentials).values({
hostAccessId,
originalCredentialId,
@@ -138,12 +110,6 @@ class SharedCredentialManager {
...encryptedForTarget,
needsReEncryption: false,
});
databaseLogger.info("Created shared credential using system key", {
operation: "create_shared_credential_system_key",
hostAccessId,
targetUserId,
});
}
} catch (error) {
databaseLogger.error("Failed to create shared credential", error, {
@@ -166,13 +132,11 @@ class SharedCredentialManager {
ownerId: string,
): Promise<void> {
try {
// Get all users in the role
const roleUsers = await db
.select({ userId: userRoles.userId })
.from(userRoles)
.where(eq(userRoles.roleId, roleId));
// Create shared credential for each user
for (const { userId } of roleUsers) {
try {
await this.createSharedCredentialForUser(
@@ -192,16 +156,8 @@ class SharedCredentialManager {
userId,
},
);
// Continue with other users even if one fails
}
}
databaseLogger.info("Created shared credentials for role", {
operation: "create_shared_credentials_role",
hostAccessId,
roleId,
userCount: roleUsers.length,
});
} catch (error) {
databaseLogger.error(
"Failed to create shared credentials for role",
@@ -230,7 +186,6 @@ class SharedCredentialManager {
throw new Error(`User ${userId} data not unlocked`);
}
// Find shared credential via hostAccess
const sharedCred = await db
.select()
.from(sharedCredentials)
@@ -252,7 +207,6 @@ class SharedCredentialManager {
const cred = sharedCred[0].shared_credentials;
// Check if needs re-encryption
if (cred.needsReEncryption) {
databaseLogger.warn(
"Shared credential needs re-encryption but cannot be accessed yet",
@@ -262,12 +216,9 @@ class SharedCredentialManager {
userId,
},
);
// Credential is pending re-encryption - owner must be offline
// Return null instead of trying to re-encrypt (which would cause infinite loop)
return null;
}
// Decrypt credential data with user's DEK
return this.decryptSharedCredential(cred, userDEK);
} catch (error) {
databaseLogger.error("Failed to get shared credential", error, {
@@ -288,34 +239,21 @@ class SharedCredentialManager {
ownerId: string,
): Promise<void> {
try {
// Get all shared credentials for this original credential
const sharedCreds = await db
.select()
.from(sharedCredentials)
.where(eq(sharedCredentials.originalCredentialId, credentialId));
// Try owner's DEK first
const ownerDEK = DataCrypto.getUserDataKey(ownerId);
let credentialData: CredentialData;
if (ownerDEK) {
// Owner online - use owner's DEK
credentialData = await this.getDecryptedCredential(
credentialId,
ownerId,
ownerDEK,
);
} else {
// Owner offline - use system key fallback
databaseLogger.info(
"Updating shared credentials using system key (owner offline)",
{
operation: "update_shared_credentials_system_key",
credentialId,
ownerId,
},
);
try {
credentialData =
await this.getDecryptedCredentialViaSystemKey(credentialId);
@@ -329,7 +267,6 @@ class SharedCredentialManager {
error: error instanceof Error ? error.message : "Unknown error",
},
);
// Mark all shared credentials for re-encryption
await db
.update(sharedCredentials)
.set({ needsReEncryption: true })
@@ -338,12 +275,10 @@ class SharedCredentialManager {
}
}
// Update each shared credential
for (const sharedCred of sharedCreds) {
const targetDEK = DataCrypto.getUserDataKey(sharedCred.targetUserId);
if (!targetDEK) {
// Target user offline, mark for lazy re-encryption
await db
.update(sharedCredentials)
.set({ needsReEncryption: true })
@@ -351,7 +286,6 @@ class SharedCredentialManager {
continue;
}
// Re-encrypt with target user's DEK
const encryptedForTarget = this.encryptCredentialForUser(
credentialData,
sharedCred.targetUserId,
@@ -368,12 +302,6 @@ class SharedCredentialManager {
})
.where(eq(sharedCredentials.id, sharedCred.id));
}
databaseLogger.info("Updated shared credentials for original", {
operation: "update_shared_credentials",
credentialId,
count: sharedCreds.length,
});
} catch (error) {
databaseLogger.error("Failed to update shared credentials", error, {
operation: "update_shared_credentials",
@@ -394,12 +322,6 @@ class SharedCredentialManager {
.delete(sharedCredentials)
.where(eq(sharedCredentials.originalCredentialId, credentialId))
.returning({ id: sharedCredentials.id });
databaseLogger.info("Deleted shared credentials for original", {
operation: "delete_shared_credentials",
credentialId,
count: result.length,
});
} catch (error) {
databaseLogger.error("Failed to delete shared credentials", error, {
operation: "delete_shared_credentials",
@@ -416,7 +338,7 @@ class SharedCredentialManager {
try {
const userDEK = DataCrypto.getUserDataKey(userId);
if (!userDEK) {
return; // User not unlocked yet
return;
}
const pendingCreds = await db
@@ -432,14 +354,6 @@ class SharedCredentialManager {
for (const cred of pendingCreds) {
await this.reEncryptSharedCredential(cred.id, userId);
}
if (pendingCreds.length > 0) {
databaseLogger.info("Re-encrypted pending credentials for user", {
operation: "reencrypt_pending_credentials",
userId,
count: pendingCreds.length,
});
}
} catch (error) {
databaseLogger.error("Failed to re-encrypt pending credentials", error, {
operation: "reencrypt_pending_credentials",
@@ -448,8 +362,6 @@ class SharedCredentialManager {
}
}
// ========== PRIVATE HELPER METHODS ==========
private async getDecryptedCredential(
credentialId: number,
ownerId: string,
@@ -472,8 +384,6 @@ class SharedCredentialManager {
const cred = creds[0];
// Decrypt sensitive fields
// Note: username and authType are NOT encrypted
return {
username: cred.username,
authType: cred.authType,
@@ -513,7 +423,6 @@ class SharedCredentialManager {
const cred = creds[0];
// Check if system fields exist
if (!cred.systemPassword && !cred.systemKey && !cred.systemKeyPassword) {
throw new Error(
"Credential not yet migrated for offline sharing. " +
@@ -521,12 +430,10 @@ class SharedCredentialManager {
);
}
// Get system key
const { SystemCrypto } = await import("./system-crypto.js");
const systemCrypto = SystemCrypto.getInstance();
const CSKEK = await systemCrypto.getCredentialSharingKey();
// Decrypt using system-encrypted fields
return {
username: cred.username,
authType: cred.authType,
@@ -575,7 +482,7 @@ class SharedCredentialManager {
recordId,
"username",
),
encryptedAuthType: credentialData.authType, // authType is not sensitive
encryptedAuthType: credentialData.authType,
encryptedPassword: credentialData.password
? FieldCrypto.encryptField(
credentialData.password,
@@ -660,7 +567,6 @@ class SharedCredentialManager {
fieldName,
);
} catch (error) {
// If decryption fails, value might not be encrypted (legacy data)
databaseLogger.warn("Field decryption failed, returning as-is", {
operation: "decrypt_field",
fieldName,
@@ -675,12 +581,11 @@ class SharedCredentialManager {
originalCredentialId: number,
targetUserId: string,
): Promise<void> {
// Create placeholder with needsReEncryption flag
await db.insert(sharedCredentials).values({
hostAccessId,
originalCredentialId,
targetUserId,
encryptedUsername: "", // Will be filled during re-encryption
encryptedUsername: "",
encryptedAuthType: "",
needsReEncryption: true,
});
@@ -697,7 +602,6 @@ class SharedCredentialManager {
userId: string,
): Promise<void> {
try {
// Get the shared credential
const sharedCred = await db
.select()
.from(sharedCredentials)
@@ -714,7 +618,6 @@ class SharedCredentialManager {
const cred = sharedCred[0];
// Get the host access to find the owner
const access = await db
.select()
.from(hostAccess)
@@ -732,7 +635,6 @@ class SharedCredentialManager {
const ownerId = access[0].ssh_data.userId;
// Get user's DEK (must be available)
const userDEK = DataCrypto.getUserDataKey(userId);
if (!userDEK) {
databaseLogger.warn("Re-encrypt: user DEK not available", {
@@ -740,29 +642,19 @@ class SharedCredentialManager {
sharedCredId,
userId,
});
// User offline, keep pending
return;
}
// Try owner's DEK first
const ownerDEK = DataCrypto.getUserDataKey(ownerId);
let credentialData: CredentialData;
if (ownerDEK) {
// Owner online - use owner's DEK
credentialData = await this.getDecryptedCredential(
cred.originalCredentialId,
ownerId,
ownerDEK,
);
} else {
// Owner offline - use system key fallback
databaseLogger.info("Re-encrypt: using system key (owner offline)", {
operation: "reencrypt_system_key",
sharedCredId,
ownerId,
});
try {
credentialData = await this.getDecryptedCredentialViaSystemKey(
cred.originalCredentialId,
@@ -776,12 +668,10 @@ class SharedCredentialManager {
error: error instanceof Error ? error.message : "Unknown error",
},
);
// Keep pending if system fields don't exist yet
return;
}
}
// Re-encrypt for user
const encryptedForTarget = this.encryptCredentialForUser(
credentialData,
userId,
@@ -789,7 +679,6 @@ class SharedCredentialManager {
cred.hostAccessId,
);
// Update shared credential
await db
.update(sharedCredentials)
.set({
@@ -798,12 +687,6 @@ class SharedCredentialManager {
updatedAt: new Date().toISOString(),
})
.where(eq(sharedCredentials.id, sharedCredId));
databaseLogger.info("Re-encrypted shared credential successfully", {
operation: "reencrypt_shared_credential",
sharedCredId,
userId,
});
} catch (error) {
databaseLogger.error("Failed to re-encrypt shared credential", error, {
operation: "reencrypt_shared_credential",

2
src/backend/utils/simple-db-ops.ts
View File

@@ -28,7 +28,6 @@ class SimpleDBOps {
userDataKey,
);
// Also encrypt with system key for ssh_credentials (offline sharing)
if (tableName === "ssh_credentials") {
const { SystemCrypto } = await import("./system-crypto.js");
const systemCrypto = SystemCrypto.getInstance();
@@ -125,7 +124,6 @@ class SimpleDBOps {
userDataKey,
);
// Also encrypt with system key for ssh_credentials (offline sharing)
if (tableName === "ssh_credentials") {
const { SystemCrypto } = await import("./system-crypto.js");
const systemCrypto = SystemCrypto.getInstance();

49
src/backend/utils/socks5-helper.ts
View File

@@ -25,22 +25,25 @@ export async function createSocks5Connection(
targetPort: number,
socks5Config: SOCKS5Config,
): Promise<net.Socket | null> {
// If SOCKS5 is not enabled, return null
if (!socks5Config.useSocks5) {
return null;
}
// If proxy chain is provided, use chain connection
if (socks5Config.socks5ProxyChain && socks5Config.socks5ProxyChain.length > 0) {
return createProxyChainConnection(targetHost, targetPort, socks5Config.socks5ProxyChain);
if (
socks5Config.socks5ProxyChain &&
socks5Config.socks5ProxyChain.length > 0
) {
return createProxyChainConnection(
targetHost,
targetPort,
socks5Config.socks5ProxyChain,
);
}
// If single proxy is configured, use single proxy connection
if (socks5Config.socks5Host) {
return createSingleProxyConnection(targetHost, targetPort, socks5Config);
}
// No proxy configured
return null;
}
@@ -67,24 +70,9 @@ async function createSingleProxyConnection(
},
};
sshLogger.info("Creating SOCKS5 connection", {
operation: "socks5_connect",
proxyHost: socks5Config.socks5Host,
proxyPort: socks5Config.socks5Port || 1080,
targetHost,
targetPort,
hasAuth: !!(socks5Config.socks5Username && socks5Config.socks5Password),
});
try {
const info = await SocksClient.createConnection(socksOptions);
sshLogger.info("SOCKS5 connection established", {
operation: "socks5_connected",
targetHost,
targetPort,
});
return info.socket;
} catch (error) {
sshLogger.error("SOCKS5 connection failed", error, {
@@ -113,14 +101,6 @@ async function createProxyChainConnection(
}
const chainPath = proxyChain.map((p) => `${p.host}:${p.port}`).join(" → ");
sshLogger.info(`Creating SOCKS proxy chain: ${chainPath}${targetHost}:${targetPort}`, {
operation: "socks5_chain_connect",
chainLength: proxyChain.length,
targetHost,
targetPort,
proxies: proxyChain.map((p) => `${p.host}:${p.port}`),
});
try {
const info = await SocksClient.createConnectionChain({
proxies: proxyChain.map((p) => ({
@@ -129,7 +109,7 @@ async function createProxyChainConnection(
type: p.type,
userId: p.username,
password: p.password,
timeout: 10000, // 10-second timeout for each hop
timeout: 10000,
})),
command: "connect",
destination: {
@@ -137,15 +117,6 @@ async function createProxyChainConnection(
port: targetPort,
},
});
sshLogger.info(`✓ Proxy chain established: ${chainPath}${targetHost}:${targetPort}`, {
operation: "socks5_chain_connected",
chainLength: proxyChain.length,
targetHost,
targetPort,
fullPath: `${chainPath}${targetHost}:${targetPort}`,
});
return info.socket;
} catch (error) {
sshLogger.error("SOCKS proxy chain connection failed", error, {

1
src/constants/terminal-themes.ts
View File

@@ -28,7 +28,6 @@ export interface TerminalTheme {
}
export const TERMINAL_THEMES: Record<string, TerminalTheme> = {
// Legacy "termix" theme - auto-switches between termixDark and termixLight based on app theme
termix: {
name: "Termix Default",
category: "dark",

2
src/hooks/use-confirmation.ts
View File

@@ -39,13 +39,11 @@ export function useConfirmation() {
opts: ConfirmationOptions | string,
callback?: () => void,
): Promise<boolean> => {
// Legacy signature support
if (typeof opts === "string" && callback) {
callback();
return Promise.resolve(true);
}
// New Promise-based signature
return Promise.resolve(true);
};

27
src/index.css
View File

@@ -48,19 +48,18 @@
--sidebar-border: #e4e4e7;
--sidebar-ring: #a1a1aa;
/* NEW SEMANTIC VARIABLES - Light Mode Backgrounds */
--bg-base: #fcfcfc;
--bg-elevated: #ffffff;
--bg-surface: #f3f4f6;
--bg-surface-hover: #e5e7eb; /* Panel hover - replaces dark-bg-panel-hover */
--bg-surface-hover: #e5e7eb;
--bg-input: #ffffff;
--bg-deepest: #e5e7eb;
--bg-header: #eeeeef;
--bg-button: #f3f4f6;
--bg-active: #e5e7eb;
--bg-light: #fafafa; /* Light background - replaces dark-bg-light */
--bg-subtle: #f5f5f5; /* Very light background - replaces dark-bg-very-light */
--bg-interact: #d1d5db; /* Interactive/active state - replaces dark-active */
--bg-light: #fafafa;
--bg-subtle: #f5f5f5;
--bg-interact: #d1d5db;
--border-base: #e5e7eb;
--border-panel: #d1d5db;
--border-subtle: #f3f4f6;
@@ -71,16 +70,13 @@
--border-hover: #d1d5db;
--border-active: #9ca3af;
/* NEW SEMANTIC VARIABLES - Light Mode Text Colors */
--foreground-secondary: #334155;
--foreground-subtle: #94a3b8;
/* Scrollbar Colors - Light Mode */
--scrollbar-thumb: #c1c1c3;
--scrollbar-thumb-hover: #a1a1a3;
--scrollbar-track: #f3f4f6;
/* Modal Overlay - Light Mode */
--bg-overlay: rgba(0, 0, 0, 0.5);
}
@@ -143,8 +139,6 @@
--color-dark-border-panel: #222224;
--color-dark-bg-panel-hover: #232327;
/* NEW SEMANTIC COLOR MAPPINGS - Creates Tailwind classes */
/* Backgrounds: bg-canvas, bg-elevated, bg-surface, etc. */
--color-canvas: var(--bg-base);
--color-elevated: var(--bg-elevated);
--color-surface: var(--bg-surface);
@@ -160,7 +154,7 @@
--color-hover: var(--bg-hover);
--color-hover-alt: var(--bg-hover-alt);
--color-pressed: var(--bg-pressed);
/* Borders: border-edge, border-edge-panel, etc. */
--color-edge: var(--border-base);
--color-edge-panel: var(--border-panel);
--color-edge-subtle: var(--border-subtle);
@@ -168,11 +162,9 @@
--color-edge-hover: var(--border-hover);
--color-edge-active: var(--border-active);
/* NEW SEMANTIC TEXT COLOR MAPPINGS - Creates Tailwind text classes */
--color-foreground-secondary: var(--foreground-secondary);
--color-foreground-subtle: var(--foreground-subtle);
/* Modal Overlay Mapping - Creates Tailwind bg-overlay class */
--color-overlay: var(--bg-overlay);
}
@@ -231,16 +223,13 @@
--border-hover: #434345;
--border-active: #2d2d30;
/* NEW SEMANTIC VARIABLES - Dark Mode Text Color Overrides */
--foreground-secondary: #d1d5db; /* Matches text-gray-300 */
--foreground-subtle: #6b7280; /* Matches text-gray-500 */
--foreground-secondary: #d1d5db;
--foreground-subtle: #6b7280;
/* Scrollbar Colors - Dark Mode */
--scrollbar-thumb: #434345;
--scrollbar-thumb-hover: #5a5a5d;
--scrollbar-track: #18181b;
/* Modal Overlay - Dark Mode */
--bg-overlay: rgba(0, 0, 0, 0.7);
}
@@ -259,7 +248,6 @@
}
}
/* Thin Scrollbar - Theme Aware */
.thin-scrollbar {
scrollbar-width: thin;
scrollbar-color: var(--scrollbar-thumb) var(--scrollbar-track);
@@ -283,7 +271,6 @@
background: var(--scrollbar-thumb-hover);
}
/* Skinny scrollbar - even thinner variant */
.skinny-scrollbar {
scrollbar-width: thin;
scrollbar-color: var(--scrollbar-thumb) transparent;

85
src/lib/terminal-syntax-highlighter.ts
View File

@@ -1,17 +1,3 @@
/**
* Terminal Syntax Highlighter
*
* Adds syntax highlighting to terminal output by injecting ANSI color codes
* for common patterns like commands, paths, IPs, log levels, and keywords.
*
* Features:
* - Preserves existing ANSI codes from SSH output
* - Performance-optimized for streaming logs
* - Priority-based pattern matching to avoid overlaps
* - Configurable via localStorage
*/
// ANSI escape code constants
const ANSI_CODES = {
reset: "\x1b[0m",
colors: {
@@ -22,7 +8,7 @@ const ANSI_CODES = {
magenta: "\x1b[35m",
cyan: "\x1b[36m",
white: "\x1b[37m",
brightBlack: "\x1b[90m", // Gray
brightBlack: "\x1b[90m",
brightRed: "\x1b[91m",
brightGreen: "\x1b[92m",
brightYellow: "\x1b[93m",
@@ -39,16 +25,14 @@ const ANSI_CODES = {
},
} as const;
// Pattern definition interface
interface HighlightPattern {
name: string;
regex: RegExp;
ansiCode: string;
priority: number;
quickCheck?: string; // Optional fast string.includes() check
quickCheck?: string;
}
// Match result interface for tracking ranges
interface MatchResult {
start: number;
end: number;
@@ -56,16 +40,10 @@ interface MatchResult {
priority: number;
}
// Configuration
const MAX_LINE_LENGTH = 5000; // Skip highlighting for very long lines
const MAX_ANSI_CODES = 10; // Skip if text has many ANSI codes (likely already colored/interactive app)
const MAX_LINE_LENGTH = 5000;
const MAX_ANSI_CODES = 10;
// Pattern definitions by category (pre-compiled)
// Based on SecureCRT proven patterns with strict boundaries
const PATTERNS: HighlightPattern[] = [
// Priority 1: IP Addresses (HIGHEST - from SecureCRT line 94)
// Matches: 192.168.1.1, 10.0.0.5, 127.0.0.1:8080
// WON'T match: dates like "2025" or "03:11:36"
{
name: "ipv4",
regex:
@@ -74,7 +52,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 10,
},
// Priority 2: Log Levels - Error (bright red)
{
name: "log-error",
regex:
@@ -83,7 +60,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 9,
},
// Priority 3: Log Levels - Warning (yellow)
{
name: "log-warn",
regex: /\b(WARN(?:ING)?|ALERT)\b|\[WARN(?:ING)?\]/gi,
@@ -91,7 +67,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 9,
},
// Priority 4: Log Levels - Success (bright green)
{
name: "log-success",
regex:
@@ -100,7 +75,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 8,
},
// Priority 5: URLs (must start with http/https)
{
name: "url",
regex: /https?:\/\/[^\s\])}]+/g,
@@ -108,9 +82,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 8,
},
// Priority 6: Absolute paths - STRICT (must have 2+ segments)
// Matches: /var/log/file.log, /home/user/docs
// WON'T match: /03, /2025, single segments
{
name: "path-absolute",
regex: /\/[a-zA-Z][a-zA-Z0-9_\-@.]*(?:\/[a-zA-Z0-9_\-@.]+)+/g,
@@ -118,7 +89,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 7,
},
// Priority 7: Home paths
{
name: "path-home",
regex: /~\/[a-zA-Z0-9_\-@./]+/g,
@@ -126,7 +96,6 @@ const PATTERNS: HighlightPattern[] = [
priority: 7,
},
// Priority 8: Other log levels
{
name: "log-info",
regex: /\bINFO\b|\[INFO\]/gi,
@@ -141,11 +110,7 @@ const PATTERNS: HighlightPattern[] = [
},
];
/**
* Check if text contains existing ANSI escape sequences
*/
function hasExistingAnsiCodes(text: string): boolean {
// Count all ANSI escape sequences (not just CSI)
const ansiCount = (
text.match(
/\x1b[\[\]()#;?]*(?:[0-9]{1,4}(?:;[0-9]{0,4})*)?[0-9A-PRZcf-nq-uy=><~]/g,
@@ -154,17 +119,10 @@ function hasExistingAnsiCodes(text: string): boolean {
return ansiCount > MAX_ANSI_CODES;
}
/**
* Check if text appears to be incomplete (partial ANSI sequence at end)
*/
function hasIncompleteAnsiSequence(text: string): boolean {
// Check if text ends with incomplete ANSI escape sequence
return /\x1b(?:\[(?:[0-9;]*)?)?$/.test(text);
}
/**
* Parse text into segments: plain text and ANSI codes
*/
interface TextSegment {
isAnsi: boolean;
content: string;
@@ -172,13 +130,11 @@ interface TextSegment {
function parseAnsiSegments(text: string): TextSegment[] {
const segments: TextSegment[] = [];
// More comprehensive ANSI regex - matches SGR (colors), cursor movement, erase sequences, etc.
const ansiRegex = /\x1b(?:[@-Z\\-_]|\[[0-9;]*[@-~])/g;
let lastIndex = 0;
let match;
while ((match = ansiRegex.exec(text)) !== null) {
// Plain text before ANSI code
if (match.index > lastIndex) {
segments.push({
isAnsi: false,
@@ -186,7 +142,6 @@ function parseAnsiSegments(text: string): TextSegment[] {
});
}
// ANSI code itself
segments.push({
isAnsi: true,
content: match[0],
@@ -195,7 +150,6 @@ function parseAnsiSegments(text: string): TextSegment[] {
lastIndex = ansiRegex.lastIndex;
}
// Remaining plain text
if (lastIndex < text.length) {
segments.push({
isAnsi: false,
@@ -206,25 +160,18 @@ function parseAnsiSegments(text: string): TextSegment[] {
return segments;
}
/**
* Apply highlights to plain text (no ANSI codes)
*/
function highlightPlainText(text: string): string {
// Skip very long lines for performance
if (text.length > MAX_LINE_LENGTH) {
return text;
}
// Skip if text is empty or whitespace
if (!text.trim()) {
return text;
}
// Find all matches for all patterns
const matches: MatchResult[] = [];
for (const pattern of PATTERNS) {
// Reset regex lastIndex
pattern.regex.lastIndex = 0;
let match;
@@ -238,12 +185,10 @@ function highlightPlainText(text: string): string {
}
}
// If no matches, return original text
if (matches.length === 0) {
return text;
}
// Sort matches by priority (descending) then by position
matches.sort((a, b) => {
if (a.priority !== b.priority) {
return b.priority - a.priority;
@@ -251,7 +196,6 @@ function highlightPlainText(text: string): string {
return a.start - b.start;
});
// Filter out overlapping matches (keep higher priority)
const appliedRanges: Array<{ start: number; end: number }> = [];
const finalMatches = matches.filter((match) => {
const overlaps = appliedRanges.some(
@@ -268,7 +212,6 @@ function highlightPlainText(text: string): string {
return false;
});
// Apply ANSI codes from end to start (to preserve indices)
let result = text;
finalMatches.reverse().forEach((match) => {
const before = result.slice(0, match.start);
@@ -281,41 +224,28 @@ function highlightPlainText(text: string): string {
return result;
}
/**
* Main export: Highlight terminal output text
*
* @param text - Terminal output text (may contain ANSI codes)
* @returns Text with syntax highlighting applied
*/
export function highlightTerminalOutput(text: string): string {
// Early exit for empty or whitespace-only text
if (!text || !text.trim()) {
return text;
}
// Skip highlighting if text has incomplete ANSI sequence (streaming chunk)
if (hasIncompleteAnsiSequence(text)) {
return text;
}
// Skip highlighting if text already has many ANSI codes
// (likely already styled by SSH output or application)
if (hasExistingAnsiCodes(text)) {
return text;
}
// Parse text into segments (plain text vs ANSI codes)
const segments = parseAnsiSegments(text);
// If no ANSI codes found, highlight entire text
if (segments.length === 0) {
return highlightPlainText(text);
}
// Highlight only plain text segments, preserve ANSI segments
const highlightedSegments = segments.map((segment) => {
if (segment.isAnsi) {
return segment.content; // Preserve existing ANSI codes
return segment.content;
} else {
return highlightPlainText(segment.content);
}
@@ -324,15 +254,10 @@ export function highlightTerminalOutput(text: string): string {
return highlightedSegments.join("");
}
/**
* Check if syntax highlighting is enabled in localStorage
* Defaults to false if not set (opt-in behavior - BETA feature)
*/
export function isSyntaxHighlightingEnabled(): boolean {
try {
return localStorage.getItem("terminalSyntaxHighlighting") === "true";
} catch {
// If localStorage is not available, default to disabled
return false;
}
}

2
src/locales/ar.json
View File

@@ -2328,4 +2328,4 @@
"noContainersMatchFiltersHint": "التبديل إلى الوضع الداكن"
},
"theme": {}
}
}

2
src/locales/bn.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "আলোতে স্যুইচ করুন",
"switchToDark": "অন্ধকারে স্যুইচ করুন"
}
}
}

2
src/locales/cs.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Spusťte kontejner pro přístup ke konzoli",
"switchToDark": "Přepnout na světlou verzi"
}
}
}

2
src/locales/de.json
View File

@@ -2360,4 +2360,4 @@
"console": "Auf Dunkel umschalten"
},
"theme": {}
}
}

2
src/locales/el.json
View File

@@ -2376,4 +2376,4 @@
"startContainerToAccess": "Μετάβαση σε σκούρο"
},
"theme": {}
}
}

2
src/locales/es.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Cambiar a Claro",
"switchToDark": "Cambiar a Oscuro"
}
}
}

2
src/locales/fr.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Passer en mode clair",
"switchToDark": "Passer en mode sombre"
}
}
}

2
src/locales/he.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "עבור לבהיר",
"switchToDark": "עבור לכהה"
}
}
}

2
src/locales/hi.json
View File

@@ -2378,4 +2378,4 @@
"theme": {
"switchToLight": "डार्क मोड पर स्विच करें"
}
}
}

2
src/locales/id.json
View File

@@ -2369,4 +2369,4 @@
"clickToConnect": "Beralih ke Gelap"
},
"theme": {}
}
}

2
src/locales/it.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Passa a chiaro",
"switchToDark": "Passa a scuro"
}
}
}

2
src/locales/ja.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "ライトモードに切り替える",
"switchToDark": "ダークモードに切り替える"
}
}
}

2
src/locales/ko.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "라이트 모드로 전환",
"switchToDark": "다크 모드로 전환"
}
}
}

2
src/locales/nl.json
View File

@@ -2371,4 +2371,4 @@
"containerNotFound": "Schakelen naar donker"
},
"theme": {}
}
}

2
src/locales/pl.json
View File

@@ -2358,4 +2358,4 @@
"errorMessage": "Przełącz na Ciemny"
},
"theme": {}
}
}

2
src/locales/pt.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Alternar para o modo claro",
"switchToDark": "Alternar para o modo escuro"
}
}
}

2
src/locales/ro.json
View File

@@ -2375,4 +2375,4 @@
"consoleTab": "Comutați pe Întunecat"
},
"theme": {}
}
}

2
src/locales/ru.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Переключиться на светлый режим",
"switchToDark": "Переключиться на темный режим"
}
}
}

2
src/locales/sv.json
View File

@@ -2371,4 +2371,4 @@
"containerNotFound": "Växla till mörk"
},
"theme": {}
}
}

2
src/locales/th.json
View File

@@ -2371,4 +2371,4 @@
"containerNotFound": "สลับเป็นโหมดมืด"
},
"theme": {}
}
}

2
src/locales/tr.json
View File

@@ -2347,4 +2347,4 @@
"pids": "Koyu moda geç"
},
"theme": {}
}
}

2
src/locales/uk.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "Переключитися на світлий режим",
"switchToDark": "Переключитися на темний режим"
}
}
}

2
src/locales/vi.json
View File

@@ -2378,4 +2378,4 @@
"theme": {
"switchToLight": "Chuyển sang Tối"
}
}
}

2
src/locales/zh.json
View File

@@ -2379,4 +2379,4 @@
"switchToLight": "切换到浅色模式",
"switchToDark": "切换到深色模式"
}
}
}

9
src/types/index.ts
View File

@@ -60,7 +60,6 @@ export interface SSHHost {
createdAt: string;
updatedAt: string;
// Shared access metadata (view-only)
isShared?: boolean;
permissionLevel?: "view";
sharedExpiresAt?: string;
@@ -78,7 +77,7 @@ export interface QuickActionData {
export interface ProxyNode {
host: string;
port: number;
type: 4 | 5; // SOCKS4 or SOCKS5
type: 4 | 5;
username?: string;
password?: string;
}
@@ -112,7 +111,6 @@ export interface SSHHostData {
terminalConfig?: TerminalConfig;
notes?: string;
// SOCKS5 Proxy configuration
useSocks5?: boolean;
socks5Host?: string;
socks5Port?: number;
@@ -213,11 +211,9 @@ export interface TunnelConnection {
export interface TunnelConfig {
name: string;
// Unique identifiers for collision prevention
sourceHostId: number;
tunnelIndex: number;
// User context for RBAC
requestingUserId?: string;
hostName: string;
@@ -249,7 +245,6 @@ export interface TunnelConfig {
autoStart: boolean;
isPinned: boolean;
// SOCKS5 Proxy configuration
useSocks5?: boolean;
socks5Host?: string;
socks5Port?: number;
@@ -418,7 +413,7 @@ export interface SplitLayoutOption {
name: string;
description: string;
cellCount: number;
icon: string; // lucide icon name
icon: string;
}
// ============================================================================

8
src/ui/desktop/DesktopApp.tsx
View File

@@ -43,8 +43,6 @@ function AppContent() {
const lastShiftPressTime = useRef(0);
// DEBUG: Theme toggle - double-tap left Alt/Option to toggle light/dark mode
// Comment out the next line and the AltLeft handler below to disable
const lastAltPressTime = useRef(0);
useEffect(() => {
@@ -62,26 +60,20 @@ function AppContent() {
}
}
// DEBUG: Double-tap left Alt/Option to toggle light/dark theme
// Remove or comment out this block for production
/* DEBUG_THEME_TOGGLE_START */
if (event.code === "AltLeft" && !event.repeat) {
const now = Date.now();
if (now - lastAltPressTime.current < 300) {
// Use setTheme to properly update React state (not just DOM class)
const currentIsDark =
theme === "dark" ||
(theme === "system" &&
window.matchMedia("(prefers-color-scheme: dark)").matches);
const newTheme = currentIsDark ? "light" : "dark";
setTheme(newTheme);
console.log("[DEBUG] Theme toggled:", newTheme);
lastAltPressTime.current = 0;
} else {
lastAltPressTime.current = now;
}
}
/* DEBUG_THEME_TOGGLE_END */
if (event.key === "Escape") {
setIsCommandPaletteOpen(false);

2
src/ui/desktop/apps/admin/AdminSettings.tsx
View File

@@ -72,7 +72,6 @@ export function AdminSettings({
>([]);
const [usersLoading, setUsersLoading] = React.useState(false);
// New dialog states
const [createUserDialogOpen, setCreateUserDialogOpen] = React.useState(false);
const [userEditDialogOpen, setUserEditDialogOpen] = React.useState(false);
const [selectedUserForEdit, setSelectedUserForEdit] = React.useState<{
@@ -216,7 +215,6 @@ export function AdminSettings({
}
};
// New dialog handlers
const handleEditUser = (user: (typeof users)[0]) => {
setSelectedUserForEdit(user);
setUserEditDialogOpen(true);

1
src/ui/desktop/apps/admin/dialogs/CreateUserDialog.tsx
View File

@@ -34,7 +34,6 @@ export function CreateUserDialog({
const [loading, setLoading] = useState(false);
const [error, setError] = useState<string | null>(null);
// Reset form when dialog closes
useEffect(() => {
if (!open) {
setUsername("");

1
src/ui/desktop/apps/admin/dialogs/LinkAccountDialog.tsx
View File

@@ -33,7 +33,6 @@ export function LinkAccountDialog({
const [linkTargetUsername, setLinkTargetUsername] = useState("");
const [linkLoading, setLinkLoading] = useState(false);
// Reset form when dialog closes
useEffect(() => {
if (!open) {
setLinkTargetUsername("");

14
src/ui/desktop/apps/admin/dialogs/UserEditDialog.tsx
View File

@@ -114,7 +114,6 @@ export function UserEditDialog({
return;
}
// Close dialog temporarily to show confirmation toast on top
const userToUpdate = user;
onOpenChange(false);
@@ -165,7 +164,6 @@ export function UserEditDialog({
const handlePasswordReset = async () => {
if (!user) return;
// Close dialog temporarily to show confirmation toast on top
const userToReset = user;
onOpenChange(false);
@@ -217,7 +215,6 @@ export function UserEditDialog({
const handleRemoveRole = async (roleId: number) => {
if (!user) return;
// Close dialog temporarily to show confirmation toast on top
const userToUpdate = user;
onOpenChange(false);
@@ -253,7 +250,6 @@ export function UserEditDialog({
const isRevokingSelf = isCurrentUser;
// Close dialog temporarily to show confirmation toast on top
const userToUpdate = user;
onOpenChange(false);
@@ -302,7 +298,6 @@ export function UserEditDialog({
return;
}
// Close dialog temporarily to show confirmation toast on top
const userToDelete = user;
onOpenChange(false);
@@ -315,7 +310,6 @@ export function UserEditDialog({
});
if (!confirmed) {
// Reopen dialog if user cancels
onOpenChange(true);
return;
}
@@ -366,7 +360,6 @@ export function UserEditDialog({
</DialogHeader>
<div className="space-y-6 py-4 max-h-[70vh] overflow-y-auto thin-scrollbar pr-2">
{/* READ-ONLY INFO SECTION */}
<div className="grid grid-cols-2 gap-4 p-4 bg-surface rounded-lg border border-edge">
<div>
<Label className="text-muted-foreground text-xs">
@@ -402,7 +395,6 @@ export function UserEditDialog({
<Separator />
{/* ADMIN TOGGLE SECTION */}
<div className="space-y-3">
<Label className="text-base font-semibold flex items-center gap-2">
<Shield className="h-4 w-4" />
@@ -430,7 +422,6 @@ export function UserEditDialog({
<Separator />
{/* PASSWORD RESET SECTION */}
{showPasswordReset && (
<>
<div className="space-y-3">
@@ -460,7 +451,6 @@ export function UserEditDialog({
</>
)}
{/* ROLE MANAGEMENT SECTION */}
<div className="space-y-4">
<Label className="text-base font-semibold flex items-center gap-2">
<UserCog className="h-4 w-4" />
@@ -473,7 +463,6 @@ export function UserEditDialog({
</div>
) : (
<>
{/* Current Roles */}
<div className="space-y-2">
<Label className="text-sm text-muted-foreground">
{t("rbac.currentRoles")}
@@ -520,7 +509,6 @@ export function UserEditDialog({
)}
</div>
{/* Assign New Role */}
<div className="space-y-2">
<Label className="text-sm text-muted-foreground">
{t("rbac.assignNewRole")}
@@ -560,7 +548,6 @@ export function UserEditDialog({
<Separator />
{/* SESSION MANAGEMENT SECTION */}
<div className="space-y-3">
<Label className="text-base font-semibold flex items-center gap-2">
<Clock className="h-4 w-4" />
@@ -588,7 +575,6 @@ export function UserEditDialog({
<Separator />
{/* DANGER ZONE - DELETE USER */}
<div className="space-y-3">
<Label className="text-base font-semibold text-destructive flex items-center gap-2">
<AlertCircle className="h-4 w-4" />

8
src/ui/desktop/apps/admin/tabs/RolesTab.tsx
View File

@@ -39,14 +39,12 @@ export function RolesTab(): React.ReactElement {
const [roles, setRoles] = React.useState<Role[]>([]);
const [loading, setLoading] = React.useState(false);
// Create/Edit Role Dialog
const [roleDialogOpen, setRoleDialogOpen] = React.useState(false);
const [editingRole, setEditingRole] = React.useState<Role | null>(null);
const [roleName, setRoleName] = React.useState("");
const [roleDisplayName, setRoleDisplayName] = React.useState("");
const [roleDescription, setRoleDescription] = React.useState("");
// Load roles
const loadRoles = React.useCallback(async () => {
setLoading(true);
try {
@@ -65,7 +63,6 @@ export function RolesTab(): React.ReactElement {
loadRoles();
}, [loadRoles]);
// Create role
const handleCreateRole = () => {
setEditingRole(null);
setRoleName("");
@@ -74,7 +71,6 @@ export function RolesTab(): React.ReactElement {
setRoleDialogOpen(true);
};
// Edit role
const handleEditRole = (role: Role) => {
setEditingRole(role);
setRoleName(role.name);
@@ -83,7 +79,6 @@ export function RolesTab(): React.ReactElement {
setRoleDialogOpen(true);
};
// Save role
const handleSaveRole = async () => {
if (!roleDisplayName.trim()) {
toast.error(t("rbac.roleDisplayNameRequired"));
@@ -97,14 +92,12 @@ export function RolesTab(): React.ReactElement {
try {
if (editingRole) {
// Update existing role
await updateRole(editingRole.id, {
displayName: roleDisplayName,
description: roleDescription || null,
});
toast.success(t("rbac.roleUpdatedSuccessfully"));
} else {
// Create new role
await createRole({
name: roleName,
displayName: roleDisplayName,
@@ -120,7 +113,6 @@ export function RolesTab(): React.ReactElement {
}
};
// Delete role
const handleDeleteRole = async (role: Role) => {
const confirmed = await confirmWithToast({
title: t("rbac.confirmDeleteRole"),

2
src/ui/desktop/apps/command-palette/CommandPalette.tsx
View File

@@ -329,7 +329,6 @@ export function CommandPalette({
? host.name
: `${host.username}@${host.ip}:${host.port}`;
// Parse statsConfig to determine if metrics should be shown
let shouldShowMetrics = true;
try {
const statsConfig = host.statsConfig
@@ -340,7 +339,6 @@ export function CommandPalette({
shouldShowMetrics = true;
}
// Check if host has at least one tunnel connection
let hasTunnelConnections = false;
try {
const tunnelConnections = Array.isArray(

2
src/ui/desktop/apps/dashboard/Dashboard.tsx
View File

@@ -600,10 +600,8 @@ export function Dashboard({
) : (
recentActivity
.filter((item, index, array) => {
// Always show the first item
if (index === 0) return true;
// Show if different from previous item (by hostId and type)
const prevItem = array[index - 1];
return !(
item.hostId === prevItem.hostId &&

17
src/ui/desktop/apps/features/docker/DockerManager.tsx
View File

@@ -21,9 +21,6 @@ import { SimpleLoader } from "@/ui/desktop/navigation/animations/SimpleLoader.ts
import { AlertCircle } from "lucide-react";
import { Alert, AlertDescription } from "@/components/ui/alert.tsx";
import { ContainerList } from "./components/ContainerList.tsx";
import { LogViewer } from "./components/LogViewer.tsx";
import { ContainerStats } from "./components/ContainerStats.tsx";
import { ConsoleTerminal } from "./components/ConsoleTerminal.tsx";
import { ContainerDetail } from "./components/ContainerDetail.tsx";
interface DockerManagerProps {
@@ -105,7 +102,6 @@ export function DockerManager({
window.removeEventListener("ssh-hosts:changed", handleHostsChanged);
}, [hostConfig?.id]);
// SSH session lifecycle
React.useEffect(() => {
const initSession = async () => {
if (!currentHostConfig?.id || !currentHostConfig.enableDocker) {
@@ -119,7 +115,6 @@ export function DockerManager({
await connectDockerSession(sid, currentHostConfig.id);
setSessionId(sid);
// Validate Docker availability
setIsValidating(true);
const validation = await validateDockerAvailability(sid);
setDockerValidation(validation);
@@ -152,7 +147,6 @@ export function DockerManager({
};
}, [currentHostConfig?.id, currentHostConfig?.enableDocker]);
// Keepalive interval
React.useEffect(() => {
if (!sessionId || !isVisible) return;
@@ -163,12 +157,11 @@ export function DockerManager({
});
},
10 * 60 * 1000,
); // Every 10 minutes
);
return () => clearInterval(keepalive);
}, [sessionId, isVisible]);
// Refresh containers function
const refreshContainers = React.useCallback(async () => {
if (!sessionId) return;
try {
@@ -179,7 +172,6 @@ export function DockerManager({
}
}, [sessionId]);
// Poll containers
React.useEffect(() => {
if (!sessionId || !isVisible || !dockerValidation?.available) return;
@@ -196,8 +188,8 @@ export function DockerManager({
}
};
pollContainers(); // Initial fetch
const interval = setInterval(pollContainers, 5000); // Poll every 5 seconds
pollContainers();
const interval = setInterval(pollContainers, 5000);
return () => {
cancelled = true;
@@ -229,7 +221,6 @@ export function DockerManager({
? "h-full w-full text-foreground overflow-hidden bg-transparent"
: "bg-canvas text-foreground rounded-lg border-2 border-edge overflow-hidden";
// Check if Docker is enabled
if (!currentHostConfig?.enableDocker) {
return (
<div style={wrapperStyle} className={containerClass}>
@@ -256,7 +247,6 @@ export function DockerManager({
);
}
// Loading state
if (isConnecting || isValidating) {
return (
<div style={wrapperStyle} className={containerClass}>
@@ -287,7 +277,6 @@ export function DockerManager({
);
}
// Docker not available
if (dockerValidation && !dockerValidation.available) {
return (
<div style={wrapperStyle} className={containerClass}>

39
src/ui/desktop/apps/features/docker/components/ConsoleTerminal.tsx
View File

@@ -46,7 +46,6 @@ export function ConsoleTerminal({
const getWebSocketBaseUrl = React.useCallback(() => {
const isElectronApp = isElectron();
// Development mode check (similar to Terminal.tsx)
const isDev =
!isElectronApp &&
process.env.NODE_ENV === "development" &&
@@ -55,28 +54,23 @@ export function ConsoleTerminal({
window.location.port === "");
if (isDev) {
// Development: connect directly to port 30008
const protocol = window.location.protocol === "https:" ? "wss:" : "ws:";
return `${protocol}//localhost:30008`;
}
if (isElectronApp) {
// Electron: construct URL from configured server
const baseUrl =
(window as { configuredServerUrl?: string }).configuredServerUrl ||
"http://127.0.0.1:30001";
const wsProtocol = baseUrl.startsWith("https://") ? "wss://" : "ws://";
const wsHost = baseUrl.replace(/^https?:\/\//, "");
// Use nginx path routing, not direct port
return `${wsProtocol}${wsHost}/docker/console/`;
}
// Production web: use nginx proxy path (same as Terminal uses /ssh/websocket/)
const protocol = window.location.protocol === "https:" ? "wss:" : "ws:";
return `${protocol}//${window.location.host}/docker/console/`;
}, []);
// Initialize terminal
React.useEffect(() => {
if (!terminal) return;
@@ -94,7 +88,6 @@ export function ConsoleTerminal({
terminal.options.fontSize = 14;
terminal.options.fontFamily = "monospace";
// Get theme colors from CSS variables
const backgroundColor = getComputedStyle(document.documentElement)
.getPropertyValue("--bg-elevated")
.trim();
@@ -132,13 +125,10 @@ export function ConsoleTerminal({
return () => {
window.removeEventListener("resize", resizeHandler);
// Clean up WebSocket before disposing terminal
if (wsRef.current) {
try {
wsRef.current.send(JSON.stringify({ type: "disconnect" }));
} catch (error) {
// Ignore errors during cleanup
}
} catch (error) {}
wsRef.current.close();
wsRef.current = null;
}
@@ -151,9 +141,7 @@ export function ConsoleTerminal({
if (wsRef.current) {
try {
wsRef.current.send(JSON.stringify({ type: "disconnect" }));
} catch (error) {
// WebSocket might already be closed
}
} catch (error) {}
wsRef.current.close();
wsRef.current = null;
}
@@ -161,9 +149,7 @@ export function ConsoleTerminal({
if (terminal) {
try {
terminal.clear();
} catch (error) {
// Terminal might be disposed
}
} catch (error) {}
}
}, [terminal, t]);
@@ -185,7 +171,6 @@ export function ConsoleTerminal({
return;
}
// Ensure terminal is fitted before connecting
if (fitAddonRef.current) {
fitAddonRef.current.fit();
}
@@ -194,7 +179,6 @@ export function ConsoleTerminal({
const ws = new WebSocket(wsUrl);
ws.onopen = () => {
// Double-check terminal dimensions
const cols = terminal.cols || 80;
const rows = terminal.rows || 24;
@@ -225,7 +209,6 @@ export function ConsoleTerminal({
setIsConnected(true);
setIsConnecting(false);
// Check if shell was changed due to unavailability
if (msg.data?.shellChanged) {
toast.warning(
`Shell "${msg.data.requestedShell}" not available. Using "${msg.data.shell}" instead.`,
@@ -234,13 +217,11 @@ export function ConsoleTerminal({
toast.success(t("docker.connectedTo", { containerName }));
}
// Fit terminal and send resize to ensure correct dimensions
setTimeout(() => {
if (fitAddonRef.current) {
fitAddonRef.current.fit();
}
// Send resize message with correct dimensions
if (ws.readyState === WebSocket.OPEN) {
ws.send(
JSON.stringify({
@@ -284,7 +265,6 @@ export function ConsoleTerminal({
toast.error(t("docker.failedToConnect"));
};
// Set up periodic ping to keep connection alive
if (pingIntervalRef.current) {
clearInterval(pingIntervalRef.current);
}
@@ -292,7 +272,7 @@ export function ConsoleTerminal({
if (ws.readyState === WebSocket.OPEN) {
ws.send(JSON.stringify({ type: "ping" }));
}
}, 30000); // Ping every 30 seconds
}, 30000);
ws.onclose = () => {
if (pingIntervalRef.current) {
@@ -308,7 +288,6 @@ export function ConsoleTerminal({
wsRef.current = ws;
// Handle terminal input
terminal.onData((data) => {
if (ws.readyState === WebSocket.OPEN) {
ws.send(
@@ -335,7 +314,6 @@ export function ConsoleTerminal({
containerName,
]);
// Cleanup WebSocket on unmount (terminal cleanup is handled in the terminal effect)
React.useEffect(() => {
return () => {
if (pingIntervalRef.current) {
@@ -345,9 +323,7 @@ export function ConsoleTerminal({
if (wsRef.current) {
try {
wsRef.current.send(JSON.stringify({ type: "disconnect" }));
} catch (error) {
// Ignore errors during cleanup
}
} catch (error) {}
wsRef.current.close();
wsRef.current = null;
}
@@ -373,7 +349,6 @@ export function ConsoleTerminal({
return (
<div className="flex flex-col h-full gap-3">
{/* Controls */}
<Card className="py-3">
<CardContent className="px-3">
<div className="flex flex-col sm:flex-row gap-2 items-center sm:items-center">
@@ -431,17 +406,14 @@ export function ConsoleTerminal({
</CardContent>
</Card>
{/* Terminal */}
<Card className="flex-1 overflow-hidden pt-1 pb-0">
<CardContent className="p-0 h-full relative">
{/* Terminal container - always rendered */}
<div
ref={xtermRef}
className="h-full w-full"
style={{ display: isConnected ? "block" : "none" }}
/>
{/* Not connected message */}
{!isConnected && !isConnecting && (
<div className="absolute inset-0 flex items-center justify-center">
<div className="text-center space-y-2">
@@ -456,7 +428,6 @@ export function ConsoleTerminal({
</div>
)}
{/* Connecting message */}
{isConnecting && (
<div className="absolute inset-0 flex items-center justify-center">
<div className="text-center">

4
src/ui/desktop/apps/features/docker/components/ContainerCard.tsx
View File

@@ -213,10 +213,8 @@ export function ContainerCard({
const isLoading =
isStarting || isStopping || isRestarting || isPausing || isRemoving;
// Format the created date to be more readable
const formatCreatedDate = (dateStr: string): string => {
try {
// Remove the timezone suffix like "+0000 UTC"
const cleanDate = dateStr.replace(/\s*\+\d{4}\s*UTC\s*$/, "").trim();
return cleanDate;
} catch {
@@ -224,11 +222,9 @@ export function ContainerCard({
}
};
// Parse ports into array of port mappings
const parsePorts = (portsStr: string | undefined): string[] => {
if (!portsStr || portsStr.trim() === "") return [];
// Split by comma and clean up
return portsStr
.split(",")
.map((p) => p.trim())

2
src/ui/desktop/apps/features/docker/components/ContainerDetail.tsx
View File

@@ -52,7 +52,6 @@ export function ContainerDetail({
return (
<div className="flex flex-col h-full">
{/* Header with back button */}
<div className="flex items-center gap-4 px-4 pt-3 pb-3">
<Button variant="ghost" onClick={onBack} size="sm">
<ArrowLeft className="h-4 w-4 mr-2" />
@@ -67,7 +66,6 @@ export function ContainerDetail({
</div>
<Separator className="p-0.25 w-full" />
{/* Tabs for Logs, Stats, Console */}
<div className="flex-1 overflow-hidden min-h-0">
<Tabs
value={activeTab}

2
src/ui/desktop/apps/features/docker/components/ContainerList.tsx
View File

@@ -70,7 +70,6 @@ export function ContainerList({
return (
<div className="flex flex-col h-full gap-3">
{/* Search and Filter Bar */}
<div className="flex flex-col sm:flex-row gap-2">
<div className="relative flex-1">
<Search className="absolute left-3 top-1/2 transform -translate-y-1/2 h-4 w-4 text-muted-foreground" />
@@ -106,7 +105,6 @@ export function ContainerList({
</div>
</div>
{/* Container Grid */}
{filteredContainers.length === 0 ? (
<div className="flex items-center justify-center flex-1">
<div className="text-center space-y-2">

6
src/ui/desktop/apps/features/docker/components/ContainerStats.tsx
View File

@@ -53,7 +53,6 @@ export function ContainerStats({
React.useEffect(() => {
fetchStats();
// Poll stats every 2 seconds
const interval = setInterval(fetchStats, 2000);
return () => clearInterval(interval);
@@ -114,7 +113,6 @@ export function ContainerStats({
return (
<div className="grid grid-cols-1 md:grid-cols-2 gap-3 h-full overflow-auto thin-scrollbar">
{/* CPU Usage */}
<Card className="py-3">
<CardHeader className="pb-2 px-4">
<CardTitle className="text-base flex items-center gap-2">
@@ -137,7 +135,6 @@ export function ContainerStats({
</CardContent>
</Card>
{/* Memory Usage */}
<Card className="py-3">
<CardHeader className="pb-2 px-4">
<CardTitle className="text-base flex items-center gap-2">
@@ -168,7 +165,6 @@ export function ContainerStats({
</CardContent>
</Card>
{/* Network I/O */}
<Card className="py-3">
<CardHeader className="pb-2 px-4">
<CardTitle className="text-base flex items-center gap-2">
@@ -194,7 +190,6 @@ export function ContainerStats({
</CardContent>
</Card>
{/* Block I/O */}
<Card className="py-3">
<CardHeader className="pb-2 px-4">
<CardTitle className="text-base flex items-center gap-2">
@@ -228,7 +223,6 @@ export function ContainerStats({
</CardContent>
</Card>
{/* Container Info */}
<Card className="md:col-span-2 py-3">
<CardHeader className="pb-2 px-4">
<CardTitle className="text-base flex items-center gap-2">

11
src/ui/desktop/apps/features/docker/components/LogViewer.tsx
View File

@@ -59,18 +59,16 @@ export function LogViewer({
fetchLogs();
}, [fetchLogs]);
// Auto-refresh
React.useEffect(() => {
if (!autoRefresh) return;
const interval = setInterval(() => {
fetchLogs();
}, 3000); // Refresh every 3 seconds
}, 3000);
return () => clearInterval(interval);
}, [autoRefresh, fetchLogs]);
// Auto-scroll to bottom when new logs arrive
React.useEffect(() => {
if (autoRefresh && logsEndRef.current) {
logsEndRef.current.scrollIntoView({ behavior: "smooth" });
@@ -115,11 +113,9 @@ export function LogViewer({
return (
<div className="flex flex-col h-full gap-3">
{/* Controls */}
<Card className="py-3">
<CardContent className="px-3">
<div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-3">
{/* Tail Lines */}
<div className="flex flex-col">
<Label htmlFor="tail-lines" className="mb-1">
Lines to show
@@ -138,7 +134,6 @@ export function LogViewer({
</Select>
</div>
{/* Timestamps */}
<div className="flex flex-col">
<Label htmlFor="timestamps" className="mb-1">
Show Timestamps
@@ -155,7 +150,6 @@ export function LogViewer({
</div>
</div>
{/* Auto Refresh */}
<div className="flex flex-col">
<Label htmlFor="auto-refresh" className="mb-1">
Auto Refresh
@@ -172,7 +166,6 @@ export function LogViewer({
</div>
</div>
{/* Actions */}
<div className="flex flex-col">
<Label className="mb-1">Actions</Label>
<div className="flex gap-2 h-10">
@@ -206,7 +199,6 @@ export function LogViewer({
</div>
</div>
{/* Search Filter */}
<div className="mt-2">
<div className="relative">
<Filter className="absolute left-3 top-1/2 transform -translate-y-1/2 h-4 w-4 text-muted-foreground" />
@@ -222,7 +214,6 @@ export function LogViewer({
</CardContent>
</Card>
{/* Logs Display */}
<Card className="flex-1 overflow-hidden py-0">
<CardContent className="p-0 h-full">
{isLoading && !logs ? (

1
src/ui/desktop/apps/features/file-manager/components/TerminalWindow.tsx
View File

@@ -60,7 +60,6 @@ export function TerminalWindow({
const handleMaximize = () => {
maximizeWindow(windowId);
// Trigger resize after maximize/restore
if (resizeTimeoutRef.current) {
clearTimeout(resizeTimeoutRef.current);
}

19
src/ui/desktop/apps/features/terminal/Terminal.tsx
View File

@@ -100,7 +100,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
const config = { ...DEFAULT_TERMINAL_CONFIG, ...hostConfig.terminalConfig };
// Auto-switch terminal theme based on app theme when using "termix" (default)
const isDarkMode =
appTheme === "dark" ||
(appTheme === "system" &&
@@ -108,7 +107,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
let themeColors;
if (config.theme === "termix") {
// Auto-switch between termixDark and termixLight based on app theme
themeColors = isDarkMode
? TERMINAL_THEMES.termixDark.colors
: TERMINAL_THEMES.termixLight.colors;
@@ -679,7 +677,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
const msg = JSON.parse(event.data);
if (msg.type === "data") {
if (typeof msg.data === "string") {
// Apply syntax highlighting if enabled (BETA - defaults to false/off)
const syntaxHighlightingEnabled =
localStorage.getItem("terminalSyntaxHighlighting") === "true";
@@ -688,7 +685,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
: msg.data;
terminal.write(outputData);
// Sudo password prompt detection
const sudoPasswordPattern =
/(?:\[sudo\] password for \S+:|sudo: a password is required)/;
const passwordToFill =
@@ -724,7 +720,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
}, 15000);
}
} else {
// Apply syntax highlighting to non-string data as well (BETA - defaults to false/off)
const syntaxHighlightingEnabled =
localStorage.getItem("terminalSyntaxHighlighting") === "true";
@@ -799,7 +794,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
...hostConfig.terminalConfig,
};
// Send all environment variables immediately without delays
if (
terminalConfig.environmentVariables &&
terminalConfig.environmentVariables.length > 0
@@ -816,7 +810,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
}
}
// Send startup snippet immediately after env vars
if (terminalConfig.startupSnippetId) {
try {
const snippets = await getSnippets();
@@ -837,7 +830,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
}
}
// Execute mosh command immediately if enabled
if (terminalConfig.autoMosh && ws.readyState === 1) {
ws.send(
JSON.stringify({
@@ -1019,8 +1011,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
setTimeout(() => {
terminal?.focus();
}, 50);
console.log(`[Autocomplete] ${currentCmd}${selectedCommand}`);
},
[terminal, updateCurrentCommand],
);
@@ -1043,8 +1033,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
autocompleteHistory.current = autocompleteHistory.current.filter(
(cmd) => cmd !== command,
);
console.log(`[Terminal] Command deleted from history: ${command}`);
} catch (error) {
console.error("Failed to delete command from history:", error);
}
@@ -1064,7 +1052,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
...hostConfig.terminalConfig,
};
// Auto-switch terminal theme based on app theme when using "termix" (default)
let themeColors;
if (config.theme === "termix") {
themeColors = isDarkMode
@@ -1142,10 +1129,8 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
terminal.open(xtermRef.current);
// Immediately fit to establish correct dimensions
fitAddonRef.current?.fit();
if (terminal.cols < 10 || terminal.rows < 3) {
// Terminal opened with invalid dimensions, retry fit in next frame
requestAnimationFrame(() => {
fitAddonRef.current?.fit();
});
@@ -1448,14 +1433,11 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
terminal.attachCustomKeyEventHandler(handleCustomKey);
}, [terminal]);
// Connection initialization effect
useEffect(() => {
if (!terminal || !hostConfig || !isVisible) return;
if (isConnected || isConnecting) return;
// Ensure terminal has valid dimensions before connecting
if (terminal.cols < 10 || terminal.rows < 3) {
// Wait for next frame when dimensions will be valid
requestAnimationFrame(() => {
if (terminal.cols > 0 && terminal.rows > 0) {
setIsConnecting(true);
@@ -1475,7 +1457,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
}
}, [terminal, hostConfig, isVisible, isConnected, isConnecting]);
// Consolidated fitting and focus effect
useEffect(() => {
if (!terminal || !fitAddonRef.current || !isVisible) return;

1
src/ui/desktop/apps/features/terminal/TerminalPreview.tsx
View File

@@ -26,7 +26,6 @@ export function TerminalPreview({
}: TerminalPreviewProps) {
const { theme: appTheme } = useTheme();
// Resolve "termix" to termixDark or termixLight based on app theme
const resolvedTheme =
theme === "termix"
? appTheme === "dark" ||

17
src/ui/desktop/apps/features/tunnel/Tunnel.tsx
View File

@@ -132,15 +132,12 @@ export function Tunnel({ filterHostKey }: SSHTunnelProps): React.ReactElement {
try {
if (action === "connect") {
// Try to find endpoint host in user's accessible hosts
const endpointHost = allHosts.find(
(h) =>
h.name === tunnel.endpointHost ||
`${h.username}@${h.ip}` === tunnel.endpointHost,
);
// For shared users who don't have access to endpoint host,
// send a minimal config and let backend resolve endpoint details
const tunnelConfig = {
name: tunnelName,
sourceHostId: host.id,
@@ -190,20 +187,6 @@ export function Tunnel({ filterHostKey }: SSHTunnelProps): React.ReactElement {
socks5Password: host.socks5Password,
socks5ProxyChain: host.socks5ProxyChain,
};
console.log("Tunnel connect config:", {
tunnelName,
sourceHostId: tunnelConfig.sourceHostId,
sourceCredentialId: tunnelConfig.sourceCredentialId,
sourceUserId: tunnelConfig.sourceUserId,
hasSourcePassword: !!tunnelConfig.sourcePassword,
hasSourceKey: !!tunnelConfig.sourceSSHKey,
hasEndpointHost: !!endpointHost,
endpointHost: tunnel.endpointHost,
isShared: (host as any).isShared,
ownerId: (host as any).ownerId,
});
await connectTunnel(tunnelConfig);
} else if (action === "disconnect") {
await disconnectTunnel(tunnelName);

1
src/ui/desktop/apps/host-manager/credentials/CredentialEditor.tsx
View File

@@ -42,7 +42,6 @@ export function CredentialEditor({
const { t } = useTranslation();
const { theme: appTheme } = useTheme();
// Determine CodeMirror theme based on app theme
const isDarkMode =
appTheme === "dark" ||
(appTheme === "system" &&

18
src/ui/desktop/apps/host-manager/hosts/HostManager.tsx
View File

@@ -30,6 +30,8 @@ export function HostManager({
hostConfig || null,
);
useEffect(() => {}, [editingHost]);
const [editingCredential, setEditingCredential] = useState<{
id: number;
name?: string;
@@ -39,30 +41,27 @@ export function HostManager({
const ignoreNextHostConfigChangeRef = useRef<boolean>(false);
const lastProcessedHostIdRef = useRef<number | undefined>(undefined);
// Sync state when tab is updated externally (via updateTab or addTab)
useEffect(() => {
// Always sync on timestamp changes
if (_updateTimestamp !== undefined) {
// Update activeTab if initialTab has changed
if (initialTab && initialTab !== activeTab) {
setActiveTab(initialTab);
}
// Update editingHost if hostConfig has changed
if (hostConfig && hostConfig.id !== editingHost?.id) {
setEditingHost(hostConfig);
lastProcessedHostIdRef.current = hostConfig.id;
} else if (!hostConfig && editingHost) {
// Clear editingHost if hostConfig is now undefined
} else if (
!hostConfig &&
editingHost &&
editingHost.id !== lastProcessedHostIdRef.current
) {
setEditingHost(null);
}
// Clear editingCredential if switching away from add_credential
if (initialTab !== "add_credential" && editingCredential) {
setEditingCredential(null);
}
} else {
// Initial mount - set state from props
if (initialTab) {
setActiveTab(initialTab);
}
@@ -78,7 +77,6 @@ export function HostManager({
setActiveTab("add_host");
lastProcessedHostIdRef.current = host.id;
// Persist to tab context
if (updateTab && currentTabId !== undefined) {
updateTab(currentTabId, { initialTab: "add_host" });
}
@@ -101,7 +99,6 @@ export function HostManager({
setEditingCredential(credential);
setActiveTab("add_credential");
// Persist to tab context
if (updateTab && currentTabId !== undefined) {
updateTab(currentTabId, { initialTab: "add_credential" });
}
@@ -121,7 +118,6 @@ export function HostManager({
}
setActiveTab(value);
// Persist to tab context
if (updateTab && currentTabId !== undefined) {
updateTab(currentTabId, { initialTab: value });
}

3453
src/ui/desktop/apps/host-manager/hosts/HostManagerEditor.tsx
View File

File diff suppressed because it is too large Load Diff

1
src/ui/desktop/apps/host-manager/hosts/HostManagerViewer.tsx
View File

@@ -363,7 +363,6 @@ export function HostManagerViewer({ onEditHost }: SSHManagerHostViewerProps) {
),
);
// Wrap in hosts array for valid import format
const exportFormat = {
hosts: [cleanExportData],
};

29
src/ui/desktop/apps/host-manager/hosts/tabs/HostDockerTab.tsx Normal file
View File

@@ -0,0 +1,29 @@
import {
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
} from "@/components/ui/form.tsx";
import { Switch } from "@/components/ui/switch.tsx";
import type { HostDockerTabProps } from "./shared/tab-types";
export function HostDockerTab({ form, t }: HostDockerTabProps) {
return (
<div className="space-y-4">
<FormField
control={form.control}
name="enableDocker"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.enableDocker")}</FormLabel>
<FormControl>
<Switch checked={field.value} onCheckedChange={field.onChange} />
</FormControl>
<FormDescription>{t("hosts.enableDockerDesc")}</FormDescription>
</FormItem>
)}
/>
</div>
);
}

57
src/ui/desktop/apps/host-manager/hosts/tabs/HostFileManagerTab.tsx Normal file
View File

@@ -0,0 +1,57 @@
import {
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
} from "@/components/ui/form.tsx";
import { Input } from "@/components/ui/input.tsx";
import { Switch } from "@/components/ui/switch.tsx";
import type { HostFileManagerTabProps } from "./shared/tab-types";
export function HostFileManagerTab({ form, t }: HostFileManagerTabProps) {
return (
<div>
<FormField
control={form.control}
name="enableFileManager"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.enableFileManager")}</FormLabel>
<FormControl>
<Switch checked={field.value} onCheckedChange={field.onChange} />
</FormControl>
<FormDescription>
{t("hosts.enableFileManagerDesc")}
</FormDescription>
</FormItem>
)}
/>
{form.watch("enableFileManager") && (
<div className="mt-4">
<FormField
control={form.control}
name="defaultPath"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.defaultPath")}</FormLabel>
<FormControl>
<Input
placeholder={t("placeholders.homePath")}
{...field}
onBlur={(e) => {
field.onChange(e.target.value.trim());
field.onBlur();
}}
/>
</FormControl>
<FormDescription>{t("hosts.defaultPathDesc")}</FormDescription>
</FormItem>
)}
/>
</div>
)}
</div>
);
}

1047
src/ui/desktop/apps/host-manager/hosts/tabs/HostGeneralTab.tsx Normal file
View File

File diff suppressed because it is too large Load Diff

560
src/ui/desktop/apps/host-manager/hosts/tabs/HostSharingTab.tsx Normal file
View File

@@ -0,0 +1,560 @@
import React from "react";
import { cn } from "@/lib/utils.ts";
import { Button } from "@/components/ui/button.tsx";
import { Input } from "@/components/ui/input.tsx";
import { Badge } from "@/components/ui/badge.tsx";
import {
Table,
TableBody,
TableCell,
TableHead,
TableHeader,
TableRow,
} from "@/components/ui/table.tsx";
import {
Tabs,
TabsContent,
TabsList,
TabsTrigger,
} from "@/components/ui/tabs.tsx";
import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert.tsx";
import { toast } from "sonner";
import { useConfirmation } from "@/hooks/use-confirmation.ts";
import {
getRoles,
getUserList,
getUserInfo,
shareHost,
getHostAccess,
revokeHostAccess,
getSSHHostById,
type Role,
type AccessRecord,
} from "@/ui/main-axios.ts";
import { useTranslation } from "react-i18next";
import {
Command,
CommandEmpty,
CommandGroup,
CommandInput,
CommandItem,
} from "@/components/ui/command.tsx";
import {
Popover,
PopoverContent,
PopoverTrigger,
} from "@/components/ui/popover.tsx";
import {
Plus,
Check,
ChevronsUpDown,
AlertCircle,
Trash2,
Users,
Shield,
Clock,
UserCircle,
} from "lucide-react";
import type { SSHHost } from "@/types";
import type { HostSharingTabProps } from "./shared/tab-types";
interface User {
id: string;
username: string;
is_admin: boolean;
}
interface HostSharingTabProps {
hostId: number | undefined;
isNewHost: boolean;
}
export function HostSharingTab({
hostId,
isNewHost,
}: SharingTabContentProps): React.ReactElement {
const { t } = useTranslation();
const { confirmWithToast } = useConfirmation();
const [shareType, setShareType] = React.useState<"user" | "role">("user");
const [selectedUserId, setSelectedUserId] = React.useState<string>("");
const [selectedRoleId, setSelectedRoleId] = React.useState<number | null>(
null,
);
const [permissionLevel, setPermissionLevel] = React.useState("view");
const [expiresInHours, setExpiresInHours] = React.useState<string>("");
const [roles, setRoles] = React.useState<Role[]>([]);
const [users, setUsers] = React.useState<User[]>([]);
const [accessList, setAccessList] = React.useState<AccessRecord[]>([]);
const [loading, setLoading] = React.useState(false);
const [currentUserId, setCurrentUserId] = React.useState<string>("");
const [hostData, setHostData] = React.useState<SSHHost | null>(null);
const [userComboOpen, setUserComboOpen] = React.useState(false);
const [roleComboOpen, setRoleComboOpen] = React.useState(false);
const loadRoles = React.useCallback(async () => {
try {
const response = await getRoles();
setRoles(response.roles || []);
} catch (error) {
console.error("Failed to load roles:", error);
setRoles([]);
}
}, []);
const loadUsers = React.useCallback(async () => {
try {
const response = await getUserList();
const mappedUsers = (response.users || []).map((user) => ({
id: user.id,
username: user.username,
is_admin: user.is_admin,
}));
setUsers(mappedUsers);
} catch (error) {
console.error("Failed to load users:", error);
setUsers([]);
}
}, []);
const loadAccessList = React.useCallback(async () => {
if (!hostId) return;
setLoading(true);
try {
const response = await getHostAccess(hostId);
setAccessList(response.accessList || []);
} catch (error) {
console.error("Failed to load access list:", error);
setAccessList([]);
} finally {
setLoading(false);
}
}, [hostId]);
const loadHostData = React.useCallback(async () => {
if (!hostId) return;
try {
const host = await getSSHHostById(hostId);
setHostData(host);
} catch (error) {
console.error("Failed to load host data:", error);
setHostData(null);
}
}, [hostId]);
React.useEffect(() => {
loadRoles();
loadUsers();
if (!isNewHost) {
loadAccessList();
loadHostData();
}
}, [loadRoles, loadUsers, loadAccessList, loadHostData, isNewHost]);
React.useEffect(() => {
const fetchCurrentUser = async () => {
try {
const userInfo = await getUserInfo();
setCurrentUserId(userInfo.userId);
} catch (error) {
console.error("Failed to load current user:", error);
}
};
fetchCurrentUser();
}, []);
const handleShare = async () => {
if (!hostId) {
toast.error(t("rbac.saveHostFirst"));
return;
}
if (shareType === "user" && !selectedUserId) {
toast.error(t("rbac.selectUser"));
return;
}
if (shareType === "role" && !selectedRoleId) {
toast.error(t("rbac.selectRole"));
return;
}
if (shareType === "user" && selectedUserId === currentUserId) {
toast.error(t("rbac.cannotShareWithSelf"));
return;
}
try {
await shareHost(hostId, {
targetType: shareType,
targetUserId: shareType === "user" ? selectedUserId : undefined,
targetRoleId: shareType === "role" ? selectedRoleId : undefined,
permissionLevel,
durationHours: expiresInHours
? parseInt(expiresInHours, 10)
: undefined,
});
toast.success(t("rbac.sharedSuccessfully"));
setSelectedUserId("");
setSelectedRoleId(null);
setExpiresInHours("");
loadAccessList();
} catch (error) {
toast.error(t("rbac.failedToShare"));
}
};
const handleRevoke = async (accessId: number) => {
if (!hostId) return;
const confirmed = await confirmWithToast({
title: t("rbac.confirmRevokeAccess"),
description: t("rbac.confirmRevokeAccessDescription"),
confirmText: t("common.revoke"),
cancelText: t("common.cancel"),
});
if (!confirmed) return;
try {
await revokeHostAccess(hostId, accessId);
toast.success(t("rbac.accessRevokedSuccessfully"));
loadAccessList();
} catch (error) {
toast.error(t("rbac.failedToRevokeAccess"));
}
};
const formatDate = (dateString: string | null) => {
if (!dateString) return "-";
return new Date(dateString).toLocaleString();
};
const isExpired = (expiresAt: string | null) => {
if (!expiresAt) return false;
return new Date(expiresAt) < new Date();
};
const availableUsers = React.useMemo(() => {
return users.filter((user) => user.id !== currentUserId);
}, [users, currentUserId]);
const selectedUser = availableUsers.find((u) => u.id === selectedUserId);
const selectedRole = roles.find((r) => r.id === selectedRoleId);
if (isNewHost) {
return (
<Alert>
<AlertCircle className="h-4 w-4" />
<AlertTitle>{t("rbac.saveHostFirst")}</AlertTitle>
<AlertDescription>
{t("rbac.saveHostFirstDescription")}
</AlertDescription>
</Alert>
);
}
return (
<div className="space-y-6">
{!hostData?.credentialId && (
<Alert variant="destructive">
<AlertCircle className="h-4 w-4" />
<AlertTitle>{t("rbac.credentialRequired")}</AlertTitle>
<AlertDescription>
{t("rbac.credentialRequiredDescription")}
</AlertDescription>
</Alert>
)}
{hostData?.credentialId && (
<>
<div className="space-y-4 border rounded-lg p-4">
<h3 className="text-lg font-semibold flex items-center gap-2">
<Plus className="h-5 w-5" />
{t("rbac.shareHost")}
</h3>
<Tabs
value={shareType}
onValueChange={(v) => setShareType(v as "user" | "role")}
>
<TabsList className="grid w-full grid-cols-2">
<TabsTrigger value="user" className="flex items-center gap-2">
<UserCircle className="h-4 w-4" />
{t("rbac.shareWithUser")}
</TabsTrigger>
<TabsTrigger value="role" className="flex items-center gap-2">
<Shield className="h-4 w-4" />
{t("rbac.shareWithRole")}
</TabsTrigger>
</TabsList>
<TabsContent value="user" className="space-y-4">
<div className="space-y-2">
<label htmlFor="user-select">{t("rbac.selectUser")}</label>
<Popover open={userComboOpen} onOpenChange={setUserComboOpen}>
<PopoverTrigger asChild>
<Button
variant="outline"
role="combobox"
aria-expanded={userComboOpen}
className="w-full justify-between"
>
{selectedUser
? `${selectedUser.username}${selectedUser.is_admin ? " (Admin)" : ""}`
: t("rbac.selectUserPlaceholder")}
<ChevronsUpDown className="ml-2 h-4 w-4 shrink-0 opacity-50" />
</Button>
</PopoverTrigger>
<PopoverContent
className="p-0"
style={{ width: "var(--radix-popover-trigger-width)" }}
>
<Command>
<CommandInput placeholder={t("rbac.searchUsers")} />
<CommandEmpty>{t("rbac.noUserFound")}</CommandEmpty>
<CommandGroup className="max-h-[300px] overflow-y-auto thin-scrollbar">
{availableUsers.map((user) => (
<CommandItem
key={user.id}
value={`${user.username} ${user.id}`}
onSelect={() => {
setSelectedUserId(user.id);
setUserComboOpen(false);
}}
>
<Check
className={cn(
"mr-2 h-4 w-4",
selectedUserId === user.id
? "opacity-100"
: "opacity-0",
)}
/>
{user.username}
{user.is_admin ? " (Admin)" : ""}
</CommandItem>
))}
</CommandGroup>
</Command>
</PopoverContent>
</Popover>
</div>
</TabsContent>
<TabsContent value="role" className="space-y-4">
<div className="space-y-2">
<label htmlFor="role-select">{t("rbac.selectRole")}</label>
<Popover open={roleComboOpen} onOpenChange={setRoleComboOpen}>
<PopoverTrigger asChild>
<Button
variant="outline"
role="combobox"
aria-expanded={roleComboOpen}
className="w-full justify-between"
>
{selectedRole
? `${t(selectedRole.displayName)}${selectedRole.isSystem ? ` (${t("rbac.systemRole")})` : ""}`
: t("rbac.selectRolePlaceholder")}
<ChevronsUpDown className="ml-2 h-4 w-4 shrink-0 opacity-50" />
</Button>
</PopoverTrigger>
<PopoverContent
className="p-0"
style={{ width: "var(--radix-popover-trigger-width)" }}
>
<Command>
<CommandInput placeholder={t("rbac.searchRoles")} />
<CommandEmpty>{t("rbac.noRoleFound")}</CommandEmpty>
<CommandGroup className="max-h-[300px] overflow-y-auto thin-scrollbar">
{roles.map((role) => (
<CommandItem
key={role.id}
value={`${role.displayName} ${role.name} ${role.id}`}
onSelect={() => {
setSelectedRoleId(role.id);
setRoleComboOpen(false);
}}
>
<Check
className={cn(
"mr-2 h-4 w-4",
selectedRoleId === role.id
? "opacity-100"
: "opacity-0",
)}
/>
{t(role.displayName)}
{role.isSystem
? ` (${t("rbac.systemRole")})`
: ""}
</CommandItem>
))}
</CommandGroup>
</Command>
</PopoverContent>
</Popover>
</div>
</TabsContent>
</Tabs>
<div className="space-y-2">
<label>{t("rbac.permissionLevel")}</label>
<div className="text-sm text-muted-foreground">
{t("rbac.view")} - {t("rbac.viewDesc")}
</div>
</div>
<div className="space-y-2">
<label htmlFor="expires-in">{t("rbac.durationHours")}</label>
<Input
id="expires-in"
type="number"
value={expiresInHours}
onChange={(e) => {
const value = e.target.value;
if (value === "" || /^\d+$/.test(value)) {
setExpiresInHours(value);
}
}}
placeholder={t("rbac.neverExpires")}
min="1"
/>
</div>
<Button
type="button"
onClick={handleShare}
className="w-full"
disabled={!hostData?.credentialId}
>
<Plus className="h-4 w-4 mr-2" />
{t("rbac.share")}
</Button>
</div>
<div className="space-y-4">
<h3 className="text-lg font-semibold flex items-center gap-2">
<Users className="h-5 w-5" />
{t("rbac.accessList")}
</h3>
<Table>
<TableHeader>
<TableRow>
<TableHead>{t("rbac.type")}</TableHead>
<TableHead>{t("rbac.target")}</TableHead>
<TableHead>{t("rbac.permissionLevel")}</TableHead>
<TableHead>{t("rbac.grantedBy")}</TableHead>
<TableHead>{t("rbac.expires")}</TableHead>
<TableHead className="text-right">
{t("common.actions")}
</TableHead>
</TableRow>
</TableHeader>
<TableBody>
{loading ? (
<TableRow>
<TableCell
colSpan={6}
className="text-center text-muted-foreground"
>
{t("common.loading")}
</TableCell>
</TableRow>
) : accessList.length === 0 ? (
<TableRow>
<TableCell
colSpan={6}
className="text-center text-muted-foreground"
>
{t("rbac.noAccessRecords")}
</TableCell>
</TableRow>
) : (
accessList.map((access) => (
<TableRow
key={access.id}
className={
isExpired(access.expiresAt) ? "opacity-50" : ""
}
>
<TableCell>
{access.targetType === "user" ? (
<Badge
variant="outline"
className="flex items-center gap-1 w-fit"
>
<UserCircle className="h-3 w-3" />
{t("rbac.user")}
</Badge>
) : (
<Badge
variant="outline"
className="flex items-center gap-1 w-fit"
>
<Shield className="h-3 w-3" />
{t("rbac.role")}
</Badge>
)}
</TableCell>
<TableCell>
{access.targetType === "user"
? access.username
: t(access.roleDisplayName || access.roleName || "")}
</TableCell>
<TableCell>
<Badge variant="secondary">
{access.permissionLevel}
</Badge>
</TableCell>
<TableCell>{access.grantedByUsername}</TableCell>
<TableCell>
{access.expiresAt ? (
<div className="flex items-center gap-2">
<Clock className="h-3 w-3" />
<span
className={
isExpired(access.expiresAt)
? "text-red-500"
: ""
}
>
{formatDate(access.expiresAt)}
{isExpired(access.expiresAt) && (
<span className="ml-2">
({t("rbac.expired")})
</span>
)}
</span>
</div>
) : (
t("rbac.never")
)}
</TableCell>
<TableCell className="text-right">
<Button
type="button"
size="sm"
variant="ghost"
onClick={() => handleRevoke(access.id)}
>
<Trash2 className="h-4 w-4" />
</Button>
</TableCell>
</TableRow>
))
)}
</TableBody>
</Table>
</div>
</>
)}
</div>
);
}

340
src/ui/desktop/apps/host-manager/hosts/tabs/HostStatisticsTab.tsx Normal file
View File

@@ -0,0 +1,340 @@
import {
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
} from "@/components/ui/form.tsx";
import { Input } from "@/components/ui/input.tsx";
import { Switch } from "@/components/ui/switch.tsx";
import { Button } from "@/components/ui/button.tsx";
import { Checkbox } from "@/components/ui/checkbox.tsx";
import { Alert, AlertDescription } from "@/components/ui/alert.tsx";
import {
Select,
SelectContent,
SelectItem,
SelectTrigger,
SelectValue,
} from "@/components/ui/select.tsx";
import { Plus, X } from "lucide-react";
import type { HostStatisticsTabProps } from "./shared/tab-types";
import { QuickActionItem } from "./shared/QuickActionItem";
export function HostStatisticsTab({
form,
statusIntervalUnit,
setStatusIntervalUnit,
metricsIntervalUnit,
setMetricsIntervalUnit,
snippets,
t,
}: HostStatisticsTabProps) {
return (
<div className="space-y-6">
<div className="space-y-4">
<div className="space-y-3">
<Button
variant="outline"
size="sm"
className="h-8 px-3 text-xs"
onClick={() =>
window.open("https://docs.termix.site/server-stats", "_blank")
}
>
{t("common.documentation")}
</Button>
<FormField
control={form.control}
name="statsConfig.statusCheckEnabled"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.statusCheckEnabled")}</FormLabel>
<FormDescription>
{t("hosts.statusCheckEnabledDesc")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
{form.watch("statsConfig.statusCheckEnabled") && (
<FormField
control={form.control}
name="statsConfig.statusCheckInterval"
render={({ field }) => {
const displayValue =
statusIntervalUnit === "minutes"
? Math.round((field.value || 30) / 60)
: field.value || 30;
const handleIntervalChange = (value: string) => {
const numValue = parseInt(value) || 0;
const seconds =
statusIntervalUnit === "minutes" ? numValue * 60 : numValue;
field.onChange(seconds);
};
return (
<FormItem>
<FormLabel>{t("hosts.statusCheckInterval")}</FormLabel>
<div className="flex gap-2">
<FormControl>
<Input
type="number"
value={displayValue}
onChange={(e) => handleIntervalChange(e.target.value)}
className="flex-1"
/>
</FormControl>
<Select
value={statusIntervalUnit}
onValueChange={(value: "seconds" | "minutes") => {
setStatusIntervalUnit(value);
const currentSeconds = field.value || 30;
if (value === "minutes") {
const minutes = Math.round(currentSeconds / 60);
field.onChange(minutes * 60);
}
}}
>
<SelectTrigger className="w-[120px]">
<SelectValue />
</SelectTrigger>
<SelectContent>
<SelectItem value="seconds">
{t("hosts.intervalSeconds")}
</SelectItem>
<SelectItem value="minutes">
{t("hosts.intervalMinutes")}
</SelectItem>
</SelectContent>
</Select>
</div>
<FormDescription>
{t("hosts.statusCheckIntervalDesc")}
</FormDescription>
</FormItem>
);
}}
/>
)}
</div>
<div className="space-y-3">
<FormField
control={form.control}
name="statsConfig.metricsEnabled"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.metricsEnabled")}</FormLabel>
<FormDescription>
{t("hosts.metricsEnabledDesc")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
{form.watch("statsConfig.metricsEnabled") && (
<FormField
control={form.control}
name="statsConfig.metricsInterval"
render={({ field }) => {
const displayValue =
metricsIntervalUnit === "minutes"
? Math.round((field.value || 30) / 60)
: field.value || 30;
const handleIntervalChange = (value: string) => {
const numValue = parseInt(value) || 0;
const seconds =
metricsIntervalUnit === "minutes"
? numValue * 60
: numValue;
field.onChange(seconds);
};
return (
<FormItem>
<FormLabel>{t("hosts.metricsInterval")}</FormLabel>
<div className="flex gap-2">
<FormControl>
<Input
type="number"
value={displayValue}
onChange={(e) => handleIntervalChange(e.target.value)}
className="flex-1"
/>
</FormControl>
<Select
value={metricsIntervalUnit}
onValueChange={(value: "seconds" | "minutes") => {
setMetricsIntervalUnit(value);
const currentSeconds = field.value || 30;
if (value === "minutes") {
const minutes = Math.round(currentSeconds / 60);
field.onChange(minutes * 60);
}
}}
>
<SelectTrigger className="w-[120px]">
<SelectValue />
</SelectTrigger>
<SelectContent>
<SelectItem value="seconds">
{t("hosts.intervalSeconds")}
</SelectItem>
<SelectItem value="minutes">
{t("hosts.intervalMinutes")}
</SelectItem>
</SelectContent>
</Select>
</div>
<FormDescription>
{t("hosts.metricsIntervalDesc")}
</FormDescription>
</FormItem>
);
}}
/>
)}
</div>
</div>
{form.watch("statsConfig.metricsEnabled") && (
<>
<FormField
control={form.control}
name="statsConfig.enabledWidgets"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.enabledWidgets")}</FormLabel>
<FormDescription>
{t("hosts.enabledWidgetsDesc")}
</FormDescription>
<div className="space-y-3 mt-3">
{(
[
"cpu",
"memory",
"disk",
"network",
"uptime",
"processes",
"system",
"login_stats",
] as const
).map((widget) => (
<div key={widget} className="flex items-center space-x-2">
<Checkbox
checked={field.value?.includes(widget)}
onCheckedChange={(checked) => {
const currentWidgets = field.value || [];
if (checked) {
field.onChange([...currentWidgets, widget]);
} else {
field.onChange(
currentWidgets.filter((w) => w !== widget),
);
}
}}
/>
<label className="text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70">
{widget === "cpu" && t("serverStats.cpuUsage")}
{widget === "memory" && t("serverStats.memoryUsage")}
{widget === "disk" && t("serverStats.diskUsage")}
{widget === "network" &&
t("serverStats.networkInterfaces")}
{widget === "uptime" && t("serverStats.uptime")}
{widget === "processes" && t("serverStats.processes")}
{widget === "system" && t("serverStats.systemInfo")}
{widget === "login_stats" &&
t("serverStats.loginStats")}
</label>
</div>
))}
</div>
</FormItem>
)}
/>
</>
)}
<div className="space-y-4">
<h3 className="text-lg font-semibold">{t("hosts.quickActions")}</h3>
<Alert>
<AlertDescription>
{t("hosts.quickActionsDescription")}
</AlertDescription>
</Alert>
<FormField
control={form.control}
name="quickActions"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.quickActionsList")}</FormLabel>
<FormControl>
<div className="space-y-3">
{field.value.map((quickAction, index) => (
<QuickActionItem
key={index}
quickAction={quickAction}
index={index}
snippets={snippets}
onUpdate={(name, snippetId) => {
const newQuickActions = [...field.value];
newQuickActions[index] = {
name,
snippetId,
};
field.onChange(newQuickActions);
}}
onRemove={() => {
const newQuickActions = field.value.filter(
(_, i) => i !== index,
);
field.onChange(newQuickActions);
}}
t={t}
/>
))}
<Button
type="button"
variant="outline"
size="sm"
onClick={() => {
field.onChange([
...field.value,
{ name: "", snippetId: 0 },
]);
}}
>
<Plus className="h-4 w-4 mr-2" />
{t("hosts.addQuickAction")}
</Button>
</div>
</FormControl>
<FormDescription>{t("hosts.quickActionsOrder")}</FormDescription>
</FormItem>
)}
/>
</div>
</div>
);
}

767
src/ui/desktop/apps/host-manager/hosts/tabs/HostTerminalTab.tsx Normal file
View File

@@ -0,0 +1,767 @@
import {
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
} from "@/components/ui/form.tsx";
import { Input } from "@/components/ui/input.tsx";
import { Switch } from "@/components/ui/switch.tsx";
import { Button } from "@/components/ui/button.tsx";
import {
Select,
SelectContent,
SelectItem,
SelectTrigger,
SelectValue,
} from "@/components/ui/select.tsx";
import {
Accordion,
AccordionContent,
AccordionItem,
AccordionTrigger,
} from "@/components/ui/accordion.tsx";
import {
Popover,
PopoverContent,
PopoverTrigger,
} from "@/components/ui/popover.tsx";
import {
Command,
CommandEmpty,
CommandGroup,
CommandInput,
CommandItem,
} from "@/components/ui/command.tsx";
import { Slider } from "@/components/ui/slider.tsx";
import { PasswordInput } from "@/components/ui/password-input.tsx";
import { Check, ChevronsUpDown, Plus, X } from "lucide-react";
import { cn } from "@/lib/utils.ts";
import {
TERMINAL_THEMES,
TERMINAL_FONTS,
CURSOR_STYLES,
BELL_STYLES,
FAST_SCROLL_MODIFIERS,
} from "@/constants/terminal-themes.ts";
import { TerminalPreview } from "@/ui/desktop/apps/features/terminal/TerminalPreview.tsx";
import type { HostTerminalTabProps } from "./shared/tab-types";
import React from "react";
export function HostTerminalTab({ form, snippets, t }: HostTerminalTabProps) {
return (
<div className="space-y-1">
<FormField
control={form.control}
name="enableTerminal"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.enableTerminal")}</FormLabel>
<FormControl>
<Switch checked={field.value} onCheckedChange={field.onChange} />
</FormControl>
<FormDescription>{t("hosts.enableTerminalDesc")}</FormDescription>
</FormItem>
)}
/>
<h1 className="text-xl font-semibold mt-7">
{t("hosts.terminalCustomization")}
</h1>
<Accordion
type="multiple"
className="w-full"
defaultValue={["appearance", "behavior", "advanced"]}
>
<AccordionItem value="appearance">
<AccordionTrigger>{t("hosts.appearance")}</AccordionTrigger>
<AccordionContent className="space-y-4 pt-4">
<div className="space-y-2">
<label className="text-sm font-medium">
{t("hosts.themePreview")}
</label>
<TerminalPreview
theme={form.watch("terminalConfig.theme")}
fontSize={form.watch("terminalConfig.fontSize")}
fontFamily={form.watch("terminalConfig.fontFamily")}
cursorStyle={form.watch("terminalConfig.cursorStyle")}
cursorBlink={form.watch("terminalConfig.cursorBlink")}
letterSpacing={form.watch("terminalConfig.letterSpacing")}
lineHeight={form.watch("terminalConfig.lineHeight")}
/>
</div>
<FormField
control={form.control}
name="terminalConfig.theme"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.theme")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue placeholder={t("hosts.selectTheme")} />
</SelectTrigger>
</FormControl>
<SelectContent>
{Object.entries(TERMINAL_THEMES).map(([key, theme]) => (
<SelectItem key={key} value={key}>
{theme.name}
</SelectItem>
))}
</SelectContent>
</Select>
<FormDescription>
{t("hosts.chooseColorTheme")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.fontFamily"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.fontFamily")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue placeholder={t("hosts.selectFont")} />
</SelectTrigger>
</FormControl>
<SelectContent>
{TERMINAL_FONTS.map((font) => (
<SelectItem key={font.value} value={font.value}>
{font.label}
</SelectItem>
))}
</SelectContent>
</Select>
<FormDescription>{t("hosts.selectFontDesc")}</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.fontSize"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.fontSizeValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={8}
max={24}
step={1}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>{t("hosts.adjustFontSize")}</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.letterSpacing"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.letterSpacingValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={-2}
max={10}
step={0.5}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>
{t("hosts.adjustLetterSpacing")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.lineHeight"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.lineHeightValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={1}
max={2}
step={0.1}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>
{t("hosts.adjustLineHeight")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.cursorStyle"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.cursorStyle")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue
placeholder={t("hosts.selectCursorStyle")}
/>
</SelectTrigger>
</FormControl>
<SelectContent>
<SelectItem value="block">
{t("hosts.cursorStyleBlock")}
</SelectItem>
<SelectItem value="underline">
{t("hosts.cursorStyleUnderline")}
</SelectItem>
<SelectItem value="bar">
{t("hosts.cursorStyleBar")}
</SelectItem>
</SelectContent>
</Select>
<FormDescription>
{t("hosts.chooseCursorAppearance")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.cursorBlink"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.cursorBlink")}</FormLabel>
<FormDescription>
{t("hosts.enableCursorBlink")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
</AccordionContent>
</AccordionItem>
<AccordionItem value="behavior">
<AccordionTrigger>{t("hosts.behavior")}</AccordionTrigger>
<AccordionContent className="space-y-4 pt-4">
<FormField
control={form.control}
name="terminalConfig.scrollback"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.scrollbackBufferValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={1000}
max={100000}
step={1000}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>
{t("hosts.scrollbackBufferDesc")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.bellStyle"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.bellStyle")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue placeholder={t("hosts.selectBellStyle")} />
</SelectTrigger>
</FormControl>
<SelectContent>
<SelectItem value="none">
{t("hosts.bellStyleNone")}
</SelectItem>
<SelectItem value="sound">
{t("hosts.bellStyleSound")}
</SelectItem>
<SelectItem value="visual">
{t("hosts.bellStyleVisual")}
</SelectItem>
<SelectItem value="both">
{t("hosts.bellStyleBoth")}
</SelectItem>
</SelectContent>
</Select>
<FormDescription>{t("hosts.bellStyleDesc")}</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.rightClickSelectsWord"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.rightClickSelectsWord")}</FormLabel>
<FormDescription>
{t("hosts.rightClickSelectsWordDesc")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.fastScrollModifier"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.fastScrollModifier")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue placeholder={t("hosts.selectModifier")} />
</SelectTrigger>
</FormControl>
<SelectContent>
<SelectItem value="alt">
{t("hosts.modifierAlt")}
</SelectItem>
<SelectItem value="ctrl">
{t("hosts.modifierCtrl")}
</SelectItem>
<SelectItem value="shift">
{t("hosts.modifierShift")}
</SelectItem>
</SelectContent>
</Select>
<FormDescription>
{t("hosts.fastScrollModifierDesc")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.fastScrollSensitivity"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.fastScrollSensitivityValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={1}
max={10}
step={1}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>
{t("hosts.fastScrollSensitivityDesc")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.minimumContrastRatio"
render={({ field }) => (
<FormItem>
<FormLabel>
{t("hosts.minimumContrastRatioValue", {
value: field.value,
})}
</FormLabel>
<FormControl>
<Slider
min={1}
max={21}
step={1}
value={[field.value]}
onValueChange={([value]) => field.onChange(value)}
/>
</FormControl>
<FormDescription>
{t("hosts.minimumContrastRatioDesc")}
</FormDescription>
</FormItem>
)}
/>
</AccordionContent>
</AccordionItem>
<AccordionItem value="advanced">
<AccordionTrigger>{t("hosts.advanced")}</AccordionTrigger>
<AccordionContent className="space-y-4 pt-4">
<FormField
control={form.control}
name="terminalConfig.agentForwarding"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.sshAgentForwarding")}</FormLabel>
<FormDescription>
{t("hosts.sshAgentForwardingDesc")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.backspaceMode"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.backspaceMode")}</FormLabel>
<Select onValueChange={field.onChange} value={field.value}>
<FormControl>
<SelectTrigger>
<SelectValue
placeholder={t("hosts.selectBackspaceMode")}
/>
</SelectTrigger>
</FormControl>
<SelectContent>
<SelectItem value="normal">
{t("hosts.backspaceModeNormal")}
</SelectItem>
<SelectItem value="control-h">
{t("hosts.backspaceModeControlH")}
</SelectItem>
</SelectContent>
</Select>
<FormDescription>
{t("hosts.backspaceModeDesc")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name="terminalConfig.startupSnippetId"
render={({ field }) => {
const [open, setOpen] = React.useState(false);
const selectedSnippet = snippets.find(
(s) => s.id === field.value,
);
return (
<FormItem>
<FormLabel>{t("hosts.startupSnippet")}</FormLabel>
<Popover open={open} onOpenChange={setOpen}>
<PopoverTrigger asChild>
<FormControl>
<Button
variant="outline"
role="combobox"
aria-expanded={open}
className="w-full justify-between"
>
{selectedSnippet
? selectedSnippet.name
: t("hosts.selectSnippet")}
<ChevronsUpDown className="ml-2 h-4 w-4 shrink-0 opacity-50" />
</Button>
</FormControl>
</PopoverTrigger>
<PopoverContent
className="p-0"
style={{
width: "var(--radix-popover-trigger-width)",
}}
>
<Command>
<CommandInput
placeholder={t("hosts.searchSnippets")}
/>
<CommandEmpty>
{t("hosts.noSnippetFound")}
</CommandEmpty>
<CommandGroup className="max-h-[300px] overflow-y-auto thin-scrollbar">
<CommandItem
value="none"
onSelect={() => {
field.onChange(null);
setOpen(false);
}}
>
<Check
className={cn(
"mr-2 h-4 w-4",
!field.value ? "opacity-100" : "opacity-0",
)}
/>
{t("hosts.snippetNone")}
</CommandItem>
{snippets.map((snippet) => (
<CommandItem
key={snippet.id}
value={`${snippet.name} ${snippet.content} ${snippet.id}`}
onSelect={() => {
field.onChange(snippet.id);
setOpen(false);
}}
>
<Check
className={cn(
"mr-2 h-4 w-4",
field.value === snippet.id
? "opacity-100"
: "opacity-0",
)}
/>
<div className="flex flex-col">
<span className="font-medium">
{snippet.name}
</span>
<span className="text-xs text-muted-foreground truncate max-w-[350px]">
{snippet.content}
</span>
</div>
</CommandItem>
))}
</CommandGroup>
</Command>
</PopoverContent>
</Popover>
<FormDescription>
{t("hosts.executeSnippetOnConnect")}
</FormDescription>
</FormItem>
);
}}
/>
<FormField
control={form.control}
name="terminalConfig.autoMosh"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3 bg-elevated dark:bg-input/30">
<div className="space-y-0.5">
<FormLabel>{t("hosts.autoMosh")}</FormLabel>
<FormDescription>{t("hosts.autoMoshDesc")}</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
{form.watch("terminalConfig.autoMosh") && (
<FormField
control={form.control}
name="terminalConfig.moshCommand"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.moshCommand")}</FormLabel>
<FormControl>
<Input
placeholder={t("placeholders.moshCommand")}
{...field}
onBlur={(e) => {
field.onChange(e.target.value.trim());
field.onBlur();
}}
/>
</FormControl>
<FormDescription>
{t("hosts.moshCommandDesc")}
</FormDescription>
</FormItem>
)}
/>
)}
<FormField
control={form.control}
name="terminalConfig.sudoPasswordAutoFill"
render={({ field }) => (
<FormItem className="flex flex-row items-center justify-between rounded-lg border p-3">
<div className="space-y-0.5">
<FormLabel>{t("hosts.sudoPasswordAutoFill")}</FormLabel>
<FormDescription>
{t("hosts.sudoPasswordAutoFillDesc")}
</FormDescription>
</div>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
</FormItem>
)}
/>
{form.watch("terminalConfig.sudoPasswordAutoFill") && (
<FormField
control={form.control}
name="terminalConfig.sudoPassword"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.sudoPassword")}</FormLabel>
<FormControl>
<PasswordInput
placeholder={t("placeholders.sudoPassword")}
{...field}
/>
</FormControl>
<FormDescription>
{t("hosts.sudoPasswordDesc")}
</FormDescription>
</FormItem>
)}
/>
)}
<div className="space-y-2">
<label className="text-sm font-medium">
{t("hosts.environmentVariables")}
</label>
<FormDescription>
{t("hosts.environmentVariablesDesc")}
</FormDescription>
{form
.watch("terminalConfig.environmentVariables")
?.map((_, index) => (
<div key={index} className="flex gap-2">
<FormField
control={form.control}
name={`terminalConfig.environmentVariables.${index}.key`}
render={({ field }) => (
<FormItem className="flex-1">
<FormControl>
<Input
placeholder={t("hosts.variableName")}
{...field}
onBlur={(e) => {
field.onChange(e.target.value.trim());
field.onBlur();
}}
/>
</FormControl>
</FormItem>
)}
/>
<FormField
control={form.control}
name={`terminalConfig.environmentVariables.${index}.value`}
render={({ field }) => (
<FormItem className="flex-1">
<FormControl>
<Input
placeholder={t("hosts.variableValue")}
{...field}
onBlur={(e) => {
field.onChange(e.target.value.trim());
field.onBlur();
}}
/>
</FormControl>
</FormItem>
)}
/>
<Button
type="button"
variant="outline"
size="icon"
onClick={() => {
const current = form.getValues(
"terminalConfig.environmentVariables",
);
form.setValue(
"terminalConfig.environmentVariables",
current.filter((_, i) => i !== index),
);
}}
>
<X className="h-4 w-4" />
</Button>
</div>
))}
<Button
type="button"
variant="outline"
size="sm"
onClick={() => {
const current =
form.getValues("terminalConfig.environmentVariables") || [];
form.setValue("terminalConfig.environmentVariables", [
...current,
{ key: "", value: "" },
]);
}}
>
<Plus className="h-4 w-4 mr-2" />
{t("hosts.addVariable")}
</Button>
</div>
</AccordionContent>
</AccordionItem>
</Accordion>
</div>
);
}

361
src/ui/desktop/apps/host-manager/hosts/tabs/HostTunnelTab.tsx Normal file
View File

@@ -0,0 +1,361 @@
import {
FormControl,
FormDescription,
FormField,
FormItem,
FormLabel,
} from "@/components/ui/form.tsx";
import { Input } from "@/components/ui/input.tsx";
import { Switch } from "@/components/ui/switch.tsx";
import { Alert, AlertDescription } from "@/components/ui/alert.tsx";
import { Button } from "@/components/ui/button.tsx";
import type { HostTunnelTabProps } from "./shared/tab-types";
export function HostTunnelTab({
form,
sshConfigDropdownOpen,
setSshConfigDropdownOpen,
sshConfigInputRefs,
sshConfigDropdownRefs,
getFilteredSshConfigs,
handleSshConfigClick,
t,
}: HostTunnelTabProps) {
return (
<div>
<FormField
control={form.control}
name="enableTunnel"
render={({ field }) => (
<FormItem>
<FormLabel>{t("hosts.enableTunnel")}</FormLabel>
<FormControl>
<Switch checked={field.value} onCheckedChange={field.onChange} />
</FormControl>
<FormDescription>{t("hosts.enableTunnelDesc")}</FormDescription>
</FormItem>
)}
/>
{form.watch("enableTunnel") && (
<>
<Alert className="mt-4">
<AlertDescription>
<strong>{t("hosts.sshpassRequired")}</strong>
<div>
{t("hosts.sshpassRequiredDesc")}{" "}
<code className="bg-muted px-1 rounded inline">
sudo apt install sshpass
</code>{" "}
{t("hosts.debianUbuntuEquivalent")}
</div>
<div className="mt-2">
<strong>{t("hosts.otherInstallMethods")}</strong>
<div>
{t("hosts.centosRhelFedora")}{" "}
<code className="bg-muted px-1 rounded inline">
sudo yum install sshpass
</code>{" "}
{t("hosts.or")}{" "}
<code className="bg-muted px-1 rounded inline">
sudo dnf install sshpass
</code>
</div>
<div>
{t("hosts.macos")}{" "}
<code className="bg-muted px-1 rounded inline">
brew install hudochenkov/sshpass/sshpass
</code>
</div>
<div> {t("hosts.windows")}</div>
</div>
</AlertDescription>
</Alert>
<Alert className="mt-4">
<AlertDescription>
<strong>{t("hosts.sshServerConfigRequired")}</strong>
<div>{t("hosts.sshServerConfigDesc")}</div>
<div>
{" "}
<code className="bg-muted px-1 rounded inline">
GatewayPorts yes
</code>{" "}
{t("hosts.gatewayPortsYes")}
</div>
<div>
{" "}
<code className="bg-muted px-1 rounded inline">
AllowTcpForwarding yes
</code>{" "}
{t("hosts.allowTcpForwardingYes")}
</div>
<div>
{" "}
<code className="bg-muted px-1 rounded inline">
PermitRootLogin yes
</code>{" "}
{t("hosts.permitRootLoginYes")}
</div>
<div className="mt-2">{t("hosts.editSshConfig")}</div>
</AlertDescription>
</Alert>
<div className="mt-3 flex justify-between">
<Button
variant="outline"
size="sm"
className="h-8 px-3 text-xs"
onClick={() =>
window.open("https://docs.termix.site/tunnels", "_blank")
}
>
{t("common.documentation")}
</Button>
</div>
<FormField
control={form.control}
name="tunnelConnections"
render={({ field }) => (
<FormItem className="mt-4">
<FormLabel>{t("hosts.tunnelConnections")}</FormLabel>
<FormControl>
<div className="space-y-4">
{field.value.map((connection, index) => (
<div
key={index}
className="p-4 border rounded-lg bg-muted/50"
>
<div className="flex items-center justify-between mb-3">
<h4 className="text-sm font-bold">
{t("hosts.connection")} {index + 1}
</h4>
<Button
type="button"
variant="ghost"
size="sm"
onClick={() => {
const newConnections = field.value.filter(
(_, i) => i !== index,
);
field.onChange(newConnections);
}}
>
{t("hosts.remove")}
</Button>
</div>
<div className="grid grid-cols-12 gap-4">
<FormField
control={form.control}
name={`tunnelConnections.${index}.sourcePort`}
render={({ field: sourcePortField }) => (
<FormItem className="col-span-4">
<FormLabel>
{t("hosts.sourcePort")}
{t("hosts.sourcePortDesc")}
</FormLabel>
<FormControl>
<Input
placeholder={t("placeholders.defaultPort")}
{...sourcePortField}
/>
</FormControl>
</FormItem>
)}
/>
<FormField
control={form.control}
name={`tunnelConnections.${index}.endpointPort`}
render={({ field: endpointPortField }) => (
<FormItem className="col-span-4">
<FormLabel>{t("hosts.endpointPort")}</FormLabel>
<FormControl>
<Input
placeholder={t(
"placeholders.defaultEndpointPort",
)}
{...endpointPortField}
/>
</FormControl>
</FormItem>
)}
/>
<FormField
control={form.control}
name={`tunnelConnections.${index}.endpointHost`}
render={({ field: endpointHostField }) => (
<FormItem className="col-span-4 relative">
<FormLabel>
{t("hosts.endpointSshConfig")}
</FormLabel>
<FormControl>
<Input
ref={(el) => {
sshConfigInputRefs.current[index] = el;
}}
placeholder={t("placeholders.sshConfig")}
className="min-h-[40px]"
autoComplete="off"
value={endpointHostField.value}
onFocus={() =>
setSshConfigDropdownOpen((prev) => ({
...prev,
[index]: true,
}))
}
onChange={(e) => {
endpointHostField.onChange(e);
setSshConfigDropdownOpen((prev) => ({
...prev,
[index]: true,
}));
}}
onBlur={(e) => {
endpointHostField.onChange(
e.target.value.trim(),
);
endpointHostField.onBlur();
}}
/>
</FormControl>
{sshConfigDropdownOpen[index] &&
getFilteredSshConfigs(index).length > 0 && (
<div
ref={(el) => {
sshConfigDropdownRefs.current[index] =
el;
}}
className="absolute top-full left-0 z-50 mt-1 w-full bg-canvas border border-input rounded-md shadow-lg max-h-40 overflow-y-auto thin-scrollbar p-1"
>
<div className="grid grid-cols-1 gap-1 p-0">
{getFilteredSshConfigs(index).map(
(config) => (
<Button
key={config}
type="button"
variant="ghost"
size="sm"
className="w-full justify-start text-left rounded px-2 py-1.5 hover:bg-surface-hover focus:bg-surface-hover focus:outline-none"
onClick={() =>
handleSshConfigClick(
config,
index,
)
}
>
{config}
</Button>
),
)}
</div>
</div>
)}
</FormItem>
)}
/>
</div>
<p className="text-sm text-muted-foreground mt-2">
{t("hosts.tunnelForwardDescription", {
sourcePort:
form.watch(
`tunnelConnections.${index}.sourcePort`,
) || "22",
endpointPort:
form.watch(
`tunnelConnections.${index}.endpointPort`,
) || "224",
})}
</p>
<div className="grid grid-cols-12 gap-4 mt-4">
<FormField
control={form.control}
name={`tunnelConnections.${index}.maxRetries`}
render={({ field: maxRetriesField }) => (
<FormItem className="col-span-4">
<FormLabel>{t("hosts.maxRetries")}</FormLabel>
<FormControl>
<Input
placeholder={t("placeholders.maxRetries")}
{...maxRetriesField}
/>
</FormControl>
<FormDescription>
{t("hosts.maxRetriesDescription")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name={`tunnelConnections.${index}.retryInterval`}
render={({ field: retryIntervalField }) => (
<FormItem className="col-span-4">
<FormLabel>
{t("hosts.retryInterval")}
</FormLabel>
<FormControl>
<Input
placeholder={t(
"placeholders.retryInterval",
)}
{...retryIntervalField}
/>
</FormControl>
<FormDescription>
{t("hosts.retryIntervalDescription")}
</FormDescription>
</FormItem>
)}
/>
<FormField
control={form.control}
name={`tunnelConnections.${index}.autoStart`}
render={({ field }) => (
<FormItem className="col-span-4">
<FormLabel>
{t("hosts.autoStartContainer")}
</FormLabel>
<FormControl>
<Switch
checked={field.value}
onCheckedChange={field.onChange}
/>
</FormControl>
<FormDescription>
{t("hosts.autoStartDesc")}
</FormDescription>
</FormItem>
)}
/>
</div>
</div>
))}
<Button
type="button"
variant="outline"
onClick={() => {
field.onChange([
...field.value,
{
sourcePort: 22,
endpointPort: 224,
endpointHost: "",
maxRetries: 3,
retryInterval: 10,
autoStart: false,
},
]);
}}
>
{t("hosts.addConnection")}
</Button>
</div>
</FormControl>
</FormItem>
)}
/>
</>
)}
</div>
);
}

2
src/ui/desktop/apps/host-manager/hosts/tabs/shared/JumpHostItem.tsx
View File

@@ -1,4 +1,5 @@
import React from "react";
import { cn } from "@/lib/utils.ts";
import { Button } from "@/components/ui/button.tsx";
import {
Popover,
@@ -13,7 +14,6 @@ import {
CommandItem,
} from "@/components/ui/command.tsx";
import { Check, ChevronsUpDown, X } from "lucide-react";
import { cn } from "@/lib/utils.ts";
import type { JumpHostItemProps } from "./tab-types";
export function JumpHostItem({

2
src/ui/desktop/apps/host-manager/hosts/tabs/shared/QuickActionItem.tsx
View File

@@ -1,4 +1,5 @@
import React from "react";
import { cn } from "@/lib/utils.ts";
import { Button } from "@/components/ui/button.tsx";
import { Input } from "@/components/ui/input.tsx";
import {
@@ -14,7 +15,6 @@ import {
CommandItem,
} from "@/components/ui/command.tsx";
import { Check, ChevronsUpDown, X } from "lucide-react";
import { cn } from "@/lib/utils.ts";
import type { QuickActionItemProps } from "./tab-types";
export function QuickActionItem({

82
src/ui/desktop/apps/host-manager/hosts/tabs/shared/tab-types.ts
View File

@@ -1,4 +1,84 @@
import type { SSHHost } from "@/types";
import type { UseFormReturn } from "react-hook-form";
import type React from "react";
import type { SSHHost, Credential } from "@/types";
export interface HostGeneralTabProps {
form: UseFormReturn<FormData>;
authTab: "password" | "key" | "credential" | "none";
setAuthTab: (value: "password" | "key" | "credential" | "none") => void;
keyInputMethod: "upload" | "paste";
setKeyInputMethod: (value: "upload" | "paste") => void;
proxyMode: "single" | "chain";
setProxyMode: (value: "single" | "chain") => void;
tagInput: string;
setTagInput: (value: string) => void;
folderDropdownOpen: boolean;
setFolderDropdownOpen: (value: boolean) => void;
folderInputRef: React.RefObject<HTMLInputElement>;
folderDropdownRef: React.RefObject<HTMLDivElement>;
filteredFolders: string[];
handleFolderClick: (folder: string) => void;
keyTypeDropdownOpen: boolean;
setKeyTypeDropdownOpen: (value: boolean) => void;
keyTypeButtonRef: React.RefObject<HTMLButtonElement>;
keyTypeDropdownRef: React.RefObject<HTMLDivElement>;
keyTypeOptions: Array<{ value: string; label: string }>;
ipInputRef: React.RefObject<HTMLInputElement>;
editorTheme: unknown;
hosts: SSHHost[];
editingHost?: SSHHost | null;
folders: string[];
credentials: Credential[];
t: (key: string) => string;
}
export interface HostTerminalTabProps {
form: UseFormReturn<FormData>;
snippets: Array<{ id: number; name: string; content: string }>;
t: (key: string) => string;
}
export interface HostDockerTabProps {
form: UseFormReturn<FormData>;
t: (key: string) => string;
}
export interface HostTunnelTabProps {
form: UseFormReturn<FormData>;
sshConfigDropdownOpen: { [key: number]: boolean };
setSshConfigDropdownOpen: React.Dispatch<
React.SetStateAction<{ [key: number]: boolean }>
>;
sshConfigInputRefs: React.MutableRefObject<{
[key: number]: HTMLInputElement | null;
}>;
sshConfigDropdownRefs: React.MutableRefObject<{
[key: number]: HTMLDivElement | null;
}>;
getFilteredSshConfigs: (index: number) => string[];
handleSshConfigClick: (config: string, index: number) => void;
t: (key: string) => string;
}
export interface HostFileManagerTabProps {
form: UseFormReturn<FormData>;
t: (key: string) => string;
}
export interface HostStatisticsTabProps {
form: UseFormReturn<FormData>;
statusIntervalUnit: "seconds" | "minutes";
setStatusIntervalUnit: (value: "seconds" | "minutes") => void;
metricsIntervalUnit: "seconds" | "minutes";
setMetricsIntervalUnit: (value: "seconds" | "minutes") => void;
snippets: Array<{ id: number; name: string; content: string }>;
t: (key: string) => string;
}
export interface HostSharingTabProps {
hostId: number | undefined;
isNewHost: boolean;
}
export interface JumpHostItemProps {
jumpHost: { hostId: number };

2
src/ui/desktop/navigation/AppView.tsx
View File

@@ -56,7 +56,6 @@ export function AppView({
const { state: sidebarState } = useSidebar();
const { theme: appTheme } = useTheme();
// Auto-switch terminal theme based on app theme
const isDarkMode = useMemo(() => {
if (appTheme === "dark") return true;
if (appTheme === "light") return false;
@@ -698,7 +697,6 @@ export function AppView({
...DEFAULT_TERMINAL_CONFIG,
...(currentTabData?.hostConfig as any)?.terminalConfig,
};
// Auto-switch between termixDark and termixLight based on app theme
let containerThemeColors;
if (terminalConfig.theme === "termix") {
containerThemeColors = isDarkMode

4
src/ui/desktop/navigation/LeftSidebar.tsx
View File

@@ -366,11 +366,9 @@ export function LeftSidebar({
const searchQuery = debouncedSearch.trim().toLowerCase();
return hosts.filter((h) => {
// Check for field-specific search patterns
const fieldMatches: Record<string, string> = {};
let remainingQuery = searchQuery;
// Extract field-specific queries (e.g., "tag:production", "user:root", "ip:192.168")
const fieldPattern = /(\w+):([^\s]+)/g;
let match;
while ((match = fieldPattern.exec(searchQuery)) !== null) {
@@ -379,7 +377,6 @@ export function LeftSidebar({
remainingQuery = remainingQuery.replace(fullMatch, "").trim();
}
// Handle field-specific searches
for (const [field, value] of Object.entries(fieldMatches)) {
switch (field) {
case "tag":
@@ -418,7 +415,6 @@ export function LeftSidebar({
}
}
// If there's remaining query text (not field-specific), search across all fields
if (remainingQuery) {
const searchableText = [
h.name || "",

3
src/ui/desktop/navigation/SSHAuthDialog.tsx
View File

@@ -233,7 +233,8 @@ export function SSHAuthDialog({
".cm-scroller": {
overflow: "auto",
scrollbarWidth: "thin",
scrollbarColor: "var(--scrollbar-thumb) var(--scrollbar-track)",
scrollbarColor:
"var(--scrollbar-thumb) var(--scrollbar-track)",
},
}),
]}

4
src/ui/desktop/navigation/animations/SimpleLoader.tsx
View File

@@ -52,7 +52,9 @@ export function SimpleLoader({
<div className="flex flex-col items-center gap-4">
<div className="simple-spinner"></div>
{message && (
<p className="text-sm text-foreground-secondary font-medium">{message}</p>
<p className="text-sm text-foreground-secondary font-medium">
{message}
</p>
)}
</div>
</div>

1
src/ui/desktop/navigation/hosts/Host.tsx
View File

@@ -84,7 +84,6 @@ export function Host({ host: initialHost }: HostProps): React.ReactElement {
const shouldShowStatus = statsConfig.statusCheckEnabled !== false;
const shouldShowMetrics = statsConfig.metricsEnabled !== false;
// Check if host has at least one tunnel connection
const hasTunnelConnections = useMemo(() => {
if (!host.tunnelConnections) return false;
try {

3
src/ui/desktop/navigation/tabs/Tab.tsx
View File

@@ -153,7 +153,8 @@ export function Tab({
onClick={!disableActivate ? onActivate : undefined}
style={{
marginBottom: "-2px",
borderBottom: isActive || isSplit ? "2px solid var(--foreground)" : "none",
borderBottom:
isActive || isSplit ? "2px solid var(--foreground)" : "none",
}}
>
<div className="flex items-center gap-1.5 flex-1 min-w-0">

6
src/ui/desktop/navigation/tabs/TabContext.tsx
View File

@@ -56,7 +56,6 @@ export function TabProvider({ children }: TabProviderProps) {
const [allSplitScreenTab, setAllSplitScreenTab] = useState<number[]>([]);
const nextTabId = useRef(2);
// Update home tab title when translation changes
React.useEffect(() => {
setTabs((prev) =>
prev.map((tab) =>
@@ -174,10 +173,8 @@ export function TabProvider({ children }: TabProviderProps) {
setTabs((prev) => prev.filter((tab) => tab.id !== tabId));
// Remove from split screen
setAllSplitScreenTab((prev) => {
const newSplits = prev.filter((id) => id !== tabId);
// Auto-clear split mode if only 1 or fewer tabs remain in split
if (newSplits.length <= 1) {
return [];
}
@@ -187,7 +184,6 @@ export function TabProvider({ children }: TabProviderProps) {
if (currentTab === tabId) {
const remainingTabs = tabs.filter((tab) => tab.id !== tabId);
if (remainingTabs.length > 0) {
// Try to set current tab to another split tab first, if any remain
const remainingSplitTabs = allSplitScreenTab.filter(
(id) => id !== tabId,
);
@@ -197,7 +193,7 @@ export function TabProvider({ children }: TabProviderProps) {
setCurrentTab(remainingTabs[0].id);
}
} else {
setCurrentTab(1); // Home tab
setCurrentTab(1);
}
}
};

16
src/ui/desktop/user/UserProfile.tsx
View File

@@ -18,7 +18,15 @@ import {
SelectTrigger,
SelectValue,
} from "@/components/ui/select.tsx";
import { User, Shield, AlertCircle, Palette, Sun, Moon, Monitor } from "lucide-react";
import {
User,
Shield,
AlertCircle,
Palette,
Sun,
Moon,
Monitor,
} from "lucide-react";
import { useTheme } from "@/components/theme-provider";
import { TOTPSetup } from "@/ui/desktop/user/TOTPSetup.tsx";
import {
@@ -154,7 +162,6 @@ export function UserProfile({
totp_enabled: info.totp_enabled || false,
});
// Fetch user roles
try {
const rolesResponse = await getUserRoles(info.userId);
setUserRoles(rolesResponse.roles || []);
@@ -473,7 +480,10 @@ export function UserProfile({
{t("profile.theme", "Theme")}
</Label>
<p className="text-sm text-muted-foreground mt-1">
{t("profile.appearanceDesc", "Choose your preferred theme")}
{t(
"profile.appearanceDesc",
"Choose your preferred theme",
)}
</p>
</div>
<Select value={theme} onValueChange={setTheme}>

4
src/ui/main-axios.ts
View File

@@ -1964,7 +1964,7 @@ export async function getServerStatusById(id: number): Promise<ServerStatus> {
return response.data;
} catch (error) {
handleApiError(error, "fetch server status");
throw error; // Explicit throw to propagate error
throw error;
}
}
@@ -1974,7 +1974,7 @@ export async function getServerMetricsById(id: number): Promise<ServerMetrics> {
return response.data;
} catch (error) {
handleApiError(error, "fetch server metrics");
throw error; // Explicit throw to propagate error
throw error;
}
}

3
src/ui/mobile/MobileApp.tsx
View File

@@ -30,14 +30,12 @@ const AppContent: FC = () => {
useEffect(() => {
const checkAuth = () => {
setAuthLoading(true);
// Don't optimistically set isAuthenticated before checking
getUserInfo()
.then((meRes) => {
if (typeof meRes === "string" || !meRes.username) {
setIsAuthenticated(false);
setIsAdmin(false);
setUsername(null);
// Clear invalid token
localStorage.removeItem("jwt");
} else {
setIsAuthenticated(true);
@@ -50,7 +48,6 @@ const AppContent: FC = () => {
setIsAdmin(false);
setUsername(null);
// Clear invalid token on any auth error
localStorage.removeItem("jwt");
const errorCode = err?.response?.data?.code;

1
src/ui/mobile/apps/terminal/Terminal.tsx
View File

@@ -68,7 +68,6 @@ export const Terminal = forwardRef<TerminalHandle, SSHTerminalProps>(
const notifyTimerRef = useRef<NodeJS.Timeout | null>(null);
const DEBOUNCE_MS = 140;
// Auto-switch terminal theme based on app theme
const isDarkMode =
appTheme === "dark" ||
(appTheme === "system" &&

6
src/ui/mobile/apps/terminal/TerminalKeyboard.tsx
View File

@@ -19,8 +19,10 @@ export function TerminalKeyboard({
const [isAlt, setIsAlt] = useState(false);
const { theme: appTheme } = useTheme();
const isDarkMode = appTheme === "dark" ||
(appTheme === "system" && window.matchMedia("(prefers-color-scheme: dark)").matches);
const isDarkMode =
appTheme === "dark" ||
(appTheme === "system" &&
window.matchMedia("(prefers-color-scheme: dark)").matches);
useEffect(() => {
if (onLayoutChange) {

2
translations-temp/translations-ar/ar.json
View File

@@ -2328,4 +2328,4 @@
"noContainersMatchFiltersHint": "التبديل إلى الوضع الداكن"
},
"theme": {}
}
}

Some files were not shown because too many files have changed in this diff Show More