From 9947eabdbce0871db09fc0c69e5942c56d049c98 Mon Sep 17 00:00:00 2001 From: Paul Fitzpatrick Date: Wed, 15 May 2024 16:17:57 -0400 Subject: [PATCH] be fussier about boot key; log more problems --- app/client/models/AdminChecks.ts | 3 ++- app/client/ui/AdminPanel.ts | 18 +++++++++++++++--- app/server/lib/BootProbes.ts | 15 ++++++++++++--- 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/app/client/models/AdminChecks.ts b/app/client/models/AdminChecks.ts index f8ee5420..51ff8b2b 100644 --- a/app/client/models/AdminChecks.ts +++ b/app/client/models/AdminChecks.ts @@ -1,3 +1,4 @@ +import { reportError } from 'app/client/models/errors'; import { BootProbeIds, BootProbeInfo, BootProbeResult } from 'app/common/BootProbe'; import { InstallAPI } from 'app/common/InstallAPI'; import { getGristConfig } from 'app/common/urlUtils'; @@ -32,7 +33,7 @@ export class AdminChecks { const config = getGristConfig(); const errMessage = config.errMessage; if (!errMessage) { - const _probes = await this._installAPI.getChecks().catch(() => undefined); + const _probes = await this._installAPI.getChecks().catch(reportError); if (!this._parent.isDisposed()) { // Currently, probes are forbidden if not admin. // TODO: May want to relax this to allow some probes that help diff --git a/app/client/ui/AdminPanel.ts b/app/client/ui/AdminPanel.ts index ac231960..0da4c3aa 100644 --- a/app/client/ui/AdminPanel.ts +++ b/app/client/ui/AdminPanel.ts @@ -484,9 +484,7 @@ Please log in as an administrator.`), result: BootProbeResult, details: ProbeDetails|undefined) { - const status = (result.success !== undefined) ? - (result.success ? '✅' : '❗') : '―'; - + const status = this._encodeSuccess(result); return dom.create(AdminSectionItem, { id: `probe-${info.id}`, name: info.id, @@ -521,6 +519,20 @@ Please log in as an administrator.`), ], }); } + + /** + * Give an icon summarizing success or failure. Factor in the + * severity of the result for failures. This is crude, the + * visualization of the results can be elaborated in future. + */ + private _encodeSuccess(result: BootProbeResult) { + if (result.success === undefined) { return '―'; } + if (result.success) { return '✅'; } + if (result.severity === 'warning') { return '❗'; } + if (result.severity === 'hmm') { return '?'; } + // remaining case is a fault. + return '❌'; + } } //function maybeSwitchToggle(value: Observable): DomContents { diff --git a/app/server/lib/BootProbes.ts b/app/server/lib/BootProbes.ts index 11e2d961..b1186c51 100644 --- a/app/server/lib/BootProbes.ts +++ b/app/server/lib/BootProbes.ts @@ -169,7 +169,7 @@ const _bootProbe: Probe = { id: 'boot-page', name: 'Is the boot page adequately protected', apply: async (server) => { - const bootKey = server.getBootKey; + const bootKey = server.getBootKey() || ''; const hasBoot = Boolean(bootKey); const details: Record = { bootKeySet: hasBoot, @@ -178,10 +178,19 @@ const _bootProbe: Probe = { return { success: true, details }; } details.bootKeyLength = bootKey.length; + if (bootKey.length < 10) { + return { + success: false, + verdict: 'Boot key length is shorter than 10.', + details, + severity: 'fault', + }; + } return { - success: bootKey.length > 10, + success: false, + verdict: 'Boot key ideally should be removed after installation.', details, - severity: 'hmm', + severity: 'warning', }; }, };