be fussier about boot key; log more problems

2024-10-27 20:44:07 +00:00 · 2024-05-15 16:17:57 -04:00 · 2024-05-15 16:17:57 -04:00 · 9947eabdbc
commit 9947eabdbc
parent 19f40085fa
3 changed files with 29 additions and 7 deletions
--- a/app/client/models/AdminChecks.ts
+++ b/app/client/models/AdminChecks.ts
@ -1,3 +1,4 @@
+import { reportError } from 'app/client/models/errors';
 import { BootProbeIds, BootProbeInfo, BootProbeResult } from 'app/common/BootProbe';
 import { InstallAPI } from 'app/common/InstallAPI';
 import { getGristConfig } from 'app/common/urlUtils';
@ -32,7 +33,7 @@ export class AdminChecks {
    const config = getGristConfig();
    const errMessage = config.errMessage;
    if (!errMessage) {
-      const _probes = await this._installAPI.getChecks().catch(() => undefined);
+      const _probes = await this._installAPI.getChecks().catch(reportError);
      if (!this._parent.isDisposed()) {
        // Currently, probes are forbidden if not admin.
        // TODO: May want to relax this to allow some probes that help
--- a/app/client/ui/AdminPanel.ts
+++ b/app/client/ui/AdminPanel.ts
@ -484,9 +484,7 @@ Please log in as an administrator.`),
                          result: BootProbeResult,
                          details: ProbeDetails|undefined) {

-    const status = (result.success !== undefined) ?
-        (result.success ? '✅' : '❗') : '―';
-
+    const status = this._encodeSuccess(result);
    return dom.create(AdminSectionItem, {
      id: `probe-${info.id}`,
      name: info.id,
@ -521,6 +519,20 @@ Please log in as an administrator.`),
      ],
    });
  }
+
+  /**
+   * Give an icon summarizing success or failure. Factor in the
+   * severity of the result for failures. This is crude, the
+   * visualization of the results can be elaborated in future.
+   */
+  private _encodeSuccess(result: BootProbeResult) {
+    if (result.success === undefined)  { return '―';  }
+    if (result.success)                { return '✅'; }
+    if (result.severity === 'warning') { return '❗';  }
+    if (result.severity === 'hmm') { return '?';  }
+    // remaining case is a fault.
+    return '❌';
+  }
 }

 //function maybeSwitchToggle(value: Observable<boolean|null>): DomContents {
--- a/app/server/lib/BootProbes.ts
+++ b/app/server/lib/BootProbes.ts
@ -169,7 +169,7 @@ const _bootProbe: Probe = {
  id: 'boot-page',
  name: 'Is the boot page adequately protected',
  apply: async (server) => {
-    const bootKey = server.getBootKey;
+    const bootKey = server.getBootKey() || '';
    const hasBoot = Boolean(bootKey);
    const details: Record<string, any> = {
      bootKeySet: hasBoot,
@ -178,10 +178,19 @@ const _bootProbe: Probe = {
      return { success: true, details };
    }
    details.bootKeyLength = bootKey.length;
+    if (bootKey.length < 10) {
+      return {
+        success: false,
+        verdict: 'Boot key length is shorter than 10.',
+        details,
+        severity: 'fault',
+      };
+    }
    return {
-      success: bootKey.length > 10,
+      success: false,
+      verdict: 'Boot key ideally should be removed after installation.',
      details,
-      severity: 'hmm',
+      severity: 'warning',
    };
  },
 };