diff --git a/INSTALL.md b/INSTALL.md index b81c6db..9b135e0 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -69,6 +69,7 @@ git clone https://github.com/jysperm/RootPanel.git cd RootPanel + chmod 750 config.coffee vi config.coffee make install diff --git a/WIKI/Linux/Filesystem.md b/WIKI/Linux/Filesystem.md index d86815f..76647c2 100644 --- a/WIKI/Linux/Filesystem.md +++ b/WIKI/Linux/Filesystem.md @@ -3,6 +3,8 @@ ### 用户目录 在 RP 主机上,你能够修改的文件仅限于你的 home 目录,即 `/home/user`. +为了保护你的文件不被其他人访问,请将文件权限设置为 750 或更低的权限。 + ### Unix Socket 在 RP 主机上,基于 TCP 端口的网络是不安全的,意味着其他用户也可以访问你建立的服务(如 Memcached, MongoDB). 推荐使用 Unix Socket 来创建服务,因为 Unix Socket 基于文件系统的权限,你可以灵活地设置它的权限,阻止其他用户访问。 diff --git a/core/plan.coffee b/core/plan.coffee index 846f7e3..ed4d47a 100644 --- a/core/plan.coffee +++ b/core/plan.coffee @@ -36,9 +36,7 @@ exports.leavePlan = (account, plan, callback) -> 'attribute.services': serviceName $unset: {} - modifier['$unset']["attribute.plugin.#{plan}"] = '' - - console.log modifier + modifier['$unset']["attribute.plugin.#{serviceName}"] = '' mAccount.update _id: account._id, modifier, (err) -> throw err if err diff --git a/core/static/script/account/login.coffee b/core/static/script/account/login.coffee index 67166fd..fd47bcb 100644 --- a/core/static/script/account/login.coffee +++ b/core/static/script/account/login.coffee @@ -1,9 +1,12 @@ $ -> - $('#login-btn').on 'click', (e)-> - e.preventDefault() - $.post '/account/login/', JSON.stringify { + $('.action-login').click -> + $.post '/account/login/', JSON.stringify username : $('#username').val() password : $('#password').val() - } + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> - location.href '/' + location.href = '/panel/' diff --git a/core/static/script/account/signup.coffee b/core/static/script/account/signup.coffee index 1708410..f713853 100644 --- a/core/static/script/account/signup.coffee +++ b/core/static/script/account/signup.coffee @@ -1,13 +1,16 @@ $ -> - $('.signup-btn').on 'click', (e) -> - e.preventDefault() - if $('#password').val() isnt $('#password2').val() - ErrorHandle.flushInfo 'alert', '两次密码不一致' - else - $.post '/account/signup/', JSON.stringify { - username: $('#username').val() - password: $('#password').val() - email: $('#email').val() - } - .success -> - location.href = '/' \ No newline at end of file + $('.action-signup').click -> + unless $('#password').val() == $('#password2').val() + return alert '两次密码不一致' + + $.post '/account/signup/', JSON.stringify + username: $('#username').val() + password: $('#password').val() + email: $('#email').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText + .success -> + location.href = '/panel/' diff --git a/core/static/script/admin.coffee b/core/static/script/admin.coffee index 6c5e89b..265bd72 100644 --- a/core/static/script/admin.coffee +++ b/core/static/script/admin.coffee @@ -1,19 +1,18 @@ $ -> - #充值记录 - $ '.create-payment' - .on 'click', (e) -> - e.preventDefault() - $('#account_id').html $(this).closest('tr').data 'id' - $('#crate_payment_modal').modal 'show' + $('.action-create-payment').click -> + $('#account_id').html $(@).parents('tr').data 'id' + $('#create-payment-modal').modal 'show' - $ '#create_payment_button' - .on 'click', (e) -> - e.preventDefault() - $.post '/admin/create_payment/', JSON.stringify { - account_id: ($ '#account_id').html() - type: 'taobao' - amount: ($ '#amont').val() - order_id: ($ '#order_id').val() - } - .success -> - location.reload() \ No newline at end of file + $('#create-payment-modal .action-create-payment').click -> + $.post '/admin/create_payment/', JSON.stringify + account_id: $('#account_id').html() + type: 'taobao' + amount: $('#amont').val() + order_id: $('#order_id').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText + .success -> + location.reload() diff --git a/core/static/script/layout.coffee b/core/static/script/layout.coffee index 528b115..d8c8be4 100644 --- a/core/static/script/layout.coffee +++ b/core/static/script/layout.coffee @@ -1,14 +1,12 @@ $ -> - $.ajaxSetup { + $.ajaxSetup contentType: 'application/json; charset=UTF-8' - } $('nav a').each -> if $(@).attr('href') == location.pathname $(@).parent().addClass('active') - $('#logout').on 'click', (e) -> - e.preventDefault() + $('#logout').click -> $.post '/account/logout/', {} .success -> - location.href = '/' + location.reload() diff --git a/core/static/script/panel.coffee b/core/static/script/panel.coffee index 0b329c2..a5a9bbf 100644 --- a/core/static/script/panel.coffee +++ b/core/static/script/panel.coffee @@ -3,6 +3,11 @@ $ -> is_enable = if $(@).hasClass 'btn-success' then true else false $.post "/plugin/#{$(@).data('name')}/switch/", JSON.stringify enable: is_enable + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() @@ -10,12 +15,22 @@ $ -> if window.confirm 'Are you sure?' $.post '/plugin/ssh/kill/', JSON.stringify pid: $(@).parents('tr').data 'id' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() $('#widget-mongodb button.create-database').click -> $.post '/plugin/mongodb/create_database', JSON.stringify name: $(@).parents('.input-group').find('input').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() @@ -23,12 +38,22 @@ $ -> if window.confirm 'Are you sure?' $.post '/plugin/mongodb/delete_database', JSON.stringify name: $(@).parents('tr').data 'name' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() $('#widget-mongodb button.update-password').click -> $.post '/plugin/mongodb/update_password', JSON.stringify password: $(@).parents('.input-group').find('input').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() @@ -182,6 +207,11 @@ $ -> $.post '/plugin/nginx/update_site', JSON.stringify action: 'delete' id: $(@).parents('tr').data 'id' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() @@ -191,6 +221,11 @@ $ -> $('#widget-nginx button.btn-info').click -> $.post '/plugin/nginx/site_config', JSON.stringify id: $(@).parents('tr').data 'id' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success (data) -> $('#nginx-type-json textarea').val JSON.stringify(data, null, ' ') syncToGuide() @@ -201,23 +236,43 @@ $ -> if window.confirm 'Are you sure?' $.post "/plan/unsubscribe/", JSON.stringify plan: $(@).parents('tr').data 'name' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() $('.plan-list .btn-success').click -> $.post "/plan/subscribe/", JSON.stringify plan: $(@).parents('tr').data 'name' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() $('#widget-ssh .update-password button').click -> $.post '/plugin/ssh/update_password/', JSON.stringify password: $('#widget-ssh .update-password input').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() $('#widget-mysql .update-password button').click -> $.post '/plugin/mysql/update_password/', JSON.stringify password: $('#widget-mysql .update-password input').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText .success -> location.reload() diff --git a/core/static/script/ticket/create.coffee b/core/static/script/ticket/create.coffee index 3a2ac5a..fa9b8d1 100644 --- a/core/static/script/ticket/create.coffee +++ b/core/static/script/ticket/create.coffee @@ -1,11 +1,13 @@ $ -> - $('#create-ticket').on 'click', (e) -> - e.preventDefault() - - $.post '/ticket/create/', JSON.stringify { + $('.action-create').click -> + $.post '/ticket/create/', JSON.stringify type: $('#type').val() title: $('#title').val() - content: $('#ticket-content').val() - } - .success -> - location.href = '/ticket/list/' + content: $('#content').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText + .success (data, text_status, jqXHR) -> + location.href = "/ticket/view/?id=#{jqXHR.responseJSON.id}" diff --git a/core/static/script/ticket/reply.coffee b/core/static/script/ticket/reply.coffee deleted file mode 100644 index 208fdfd..0000000 --- a/core/static/script/ticket/reply.coffee +++ /dev/null @@ -1,34 +0,0 @@ -$ -> - id = $('#ticketid').data 'id' - #return a promise - changeStatus = (status) -> - $.post '/ticket/update/', JSON.stringify { - id: id - status: status - } - checkContent = -> - if $('#reply-content').val() is '' - console.log 's' - ErrorHandle.flushInfo 'alert', '回复不能为空' - return false - true - $('#reply-btn').on 'click', (e) -> - e.preventDefault() - return unless checkContent() - - $.post '/ticket/reply/', JSON.stringify { - id: id - content: $('#reply-content').val() - } - .success -> - location.reload true - - $('.change-status').on 'click', (e) -> - e.preventDefault() - status = $(this).data 'status' - changeStatus status - .done -> - ErrorHandle.flushInfo 'success', "#{status}工单成功", -> - location.reload true - - diff --git a/core/static/script/ticket/view.coffee b/core/static/script/ticket/view.coffee new file mode 100644 index 0000000..1c2eb1e --- /dev/null +++ b/core/static/script/ticket/view.coffee @@ -0,0 +1,26 @@ +$ -> + id = $('.row.content').data 'id' + + $('.action-reply').click -> + $.post '/ticket/reply/', JSON.stringify + id: id + content: $('#reply-content').val() + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText + .success -> + location.reload() + + $('.change-status').click -> + $.post '/ticket/update/', JSON.stringify + id: id + status: $(@).data 'status' + .fail (jqXHR) -> + if jqXHR.responseJSON?.error + alert jqXHR.responseJSON.error + else + alert jqXHR.statusText + .done -> + location.reload() diff --git a/core/view/account/login.jade b/core/view/account/login.jade index 05d36e7..cb366d1 100644 --- a/core/view/account/login.jade +++ b/core/view/account/login.jade @@ -16,7 +16,7 @@ block main input#password.form-control(type='password', name='password', required) .form-group .col-sm-offset-3 - button#login-btn.btn.btn-lg.btn-primary(type='submit')= t('account.login') + button.action-login.btn.btn-lg.btn-primary(type='button')= t('account.login') prepend sidebar .row diff --git a/core/view/account/signup.jade b/core/view/account/signup.jade index 14ced33..10867ff 100644 --- a/core/view/account/signup.jade +++ b/core/view/account/signup.jade @@ -24,7 +24,7 @@ block main input#password2.form-control(type='password', name='password2', required) .form-group .col-sm-offset-3 - button.signup-btn.btn.btn-lg.btn-primary(type='submit')= t('account.signup') + button.action-signup.btn.btn-lg.btn-primary(type='button')= t('account.signup') prepend sidebar .row diff --git a/core/view/admin/index.jade b/core/view/admin/index.jade index e757623..5ebed2a 100644 --- a/core/view/admin/index.jade +++ b/core/view/admin/index.jade @@ -5,8 +5,31 @@ prepend head block main header= t('admin.admin_panel') + table.table.table-hover + thead + tr + th= t('account.username') + th= t('account.email') + th 套餐 + th 余额 + th 操作 + tbody + for account in accounts + tr(data-id='#{account._id}') + td= account.username + td= account.email + td= account.attribute.plans.join(', ') + td= account.attribute.balance.toFixed(2) + td + .btn-group + button(type='button', data-toggle='dropdown').btn.btn-info.btn-sm.dropdown-toggle + | 操作   + span.caret + ul.dropdown-menu + li + a.action-create-payment(href='#') 创建充值记录 - .modal.fade#crate_payment_modal + #create-payment-modal.modal.fade .modal-dialog .modal-content .modal-header @@ -29,31 +52,7 @@ block main .modal-footer button.btn.btn-danger(type='button', data-dismiss='modal') 关闭 - button.btn.btn-success#create_payment_button(type='button') 创建 - - table.table.table-hover - thead - tr - th= t('account.username') - th= t('account.email') - th 套餐 - th 余额 - th 操作 - tbody - for account in accounts - tr(data-id='#{account._id}') - td= account.username - td= account.email - td= account.attribute.plans.join(', ') - td= account.attribute.balance.toFixed(2) - td - .btn-group - button(type='button', data-toggle='dropdown').btn.btn-info.btn-sm.dropdown-toggle - | 操作 - spann.caret - ul.dropdown-menu - li - a.create-payment(href='#') 创建充值记录 + button.btn.btn-success.action-create-payment(type='button') 创建 prepend sidebar .row diff --git a/core/view/ticket/create.jade b/core/view/ticket/create.jade index 170a6d7..f596911 100644 --- a/core/view/ticket/create.jade +++ b/core/view/ticket/create.jade @@ -15,8 +15,9 @@ block main .col-sm-9 input#title.form-control(type='text', name='title', required) .form-group.padding - textarea#ticket-content.form-control(name='content', rows='15', required) + textarea#content.form-control(name='content', rows='15', required) .form-group.padding - button.btn.btn-lg.btn-primary#create-ticket(type='submit')= t('ticket.create') + button.btn.btn-lg.btn-primary.action-create(type='button')= t('ticket.create') + append footer script(src='/script/ticket/create.js') diff --git a/core/view/ticket/view.jade b/core/view/ticket/view.jade index 525b7d9..d48948f 100644 --- a/core/view/ticket/view.jade +++ b/core/view/ticket/view.jade @@ -5,7 +5,7 @@ prepend head link(rel='stylesheet', href='/style/ticket.css') block main - .row#ticketid(data-id= '#{ticket._id}') + .row.content(data-id= '#{ticket._id}') header= ticket.title p!= ticket.content_html @@ -33,7 +33,7 @@ block main if ticket.status == 'closed' button(disabled).btn.btn-lg.btn-primary 已关闭 else - button.btn.btn-lg.btn-primary#reply-btn(type='submit')= t('ticket.create_reply') + button.btn.btn-lg.btn-primary.action-reply(type='button')= t('ticket.create_reply') button(type='button', data-status='closed').btn.btn-lg.btn-danger.change-status= t('ticket.close_ticket') if mAccount.inGroup(account, 'root') && (ticket.status == 'open' || ticket.status == 'pending') button(type='button', data-status='finish').btn.btn-lg.btn-success.change-status= t('ticket.finish_ticket') @@ -61,4 +61,4 @@ prepend sidebar img(src= member.setting.avatar_url, alt= member.username) append footer - script(src='/script/ticket/reply.js') + script(src='/script/ticket/view.js')