doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit - realms platform

Browse source
This commit is contained in:
doomtube 2026-01-05 22:54:27 -05:00
parent c590ab6d18
commit c717c3751c
234 changed files with 74103 additions and 15231 deletions
Download patch file Download diff file Expand all files Collapse all files

60
backend/src/admin_tool.cpp
View file

@ -1,11 +1,54 @@
#include <drogon/drogon.h>
#include <drogon/orm/DbClient.h>
#include <iostream>
#include <fstream>
#include <cstdlib>
#include <ctime>
#include <iomanip>
#include <sstream>
using namespace drogon;
using namespace drogon::orm;
// SECURITY FIX #32: Add audit logging for admin CLI operations
namespace {
void writeAuditLog(const std::string& action, const std::string& target,
const std::string& status, const std::string& details = "") {
// Get current timestamp
auto now = std::time(nullptr);
auto tm = *std::localtime(&now);
std::ostringstream timestamp;
timestamp << std::put_time(&tm, "%Y-%m-%d %H:%M:%S");
// Get hostname for audit trail
char hostname[256] = "unknown";
gethostname(hostname, sizeof(hostname));
// Build log entry
std::ostringstream logEntry;
logEntry << "[" << timestamp.str() << "] "
<< "HOST=" << hostname << " "
<< "ACTION=" << action << " "
<< "TARGET=" << target << " "
<< "STATUS=" << status;
if (!details.empty()) {
logEntry << " DETAILS=" << details;
}
logEntry << std::endl;
// Write to audit log file
std::string logPath = "/var/log/admin_tool_audit.log";
std::ofstream logFile(logPath, std::ios::app);
if (logFile.is_open()) {
logFile << logEntry.str();
logFile.close();
}
// Also output to stderr for immediate visibility
std::cerr << "[AUDIT] " << logEntry.str();
}
}
int main(int argc, char* argv[]) {
if (argc < 2) {
std::cerr << "Usage: " << argv[0] << " -promote-admin <username>" << std::endl;
@ -34,37 +77,44 @@ int main(int argc, char* argv[]) {
1 // connection number
);
writeAuditLog("PROMOTE_ADMIN_ATTEMPT", username, "STARTED");
try {
// Check if user exists
auto result = dbClient->execSqlSync(
"SELECT id, username, is_admin FROM users WHERE username = $1",
username
);
if (result.empty()) {
writeAuditLog("PROMOTE_ADMIN", username, "FAILED", "user_not_found");
std::cerr << "Error: User '" << username << "' not found." << std::endl;
return 1;
}
bool isAdmin = result[0]["is_admin"].as<bool>();
if (isAdmin) {
writeAuditLog("PROMOTE_ADMIN", username, "SKIPPED", "already_admin");
std::cout << "User '" << username << "' is already an admin." << std::endl;
return 0;
}
// Promote to admin
dbClient->execSqlSync(
"UPDATE users SET is_admin = true WHERE username = $1",
username
);
writeAuditLog("PROMOTE_ADMIN", username, "SUCCESS");
std::cout << "Successfully promoted '" << username << "' to admin." << std::endl;
return 0;
} catch (const DrogonDbException& e) {
writeAuditLog("PROMOTE_ADMIN", username, "ERROR", e.base().what());
std::cerr << "Database error: " << e.base().what() << std::endl;
return 1;
} catch (const std::exception& e) {
writeAuditLog("PROMOTE_ADMIN", username, "ERROR", e.what());
std::cerr << "Error: " << e.what() << std::endl;
return 1;
}