Skip to content

Commit c667c8f

Browse files
austinwbestaustinwbest
committed
Add an option to redact fields from starr responses if you dont want the 3rd party app to see data they dont need to
1 parent 44f52c1 commit c667c8f

File tree

8 files changed

+133
-16
lines changed

8 files changed

+133
-16
lines changed

root/app/www/public/ajax/settings.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,10 @@
2626
continue;
2727
}
2828

29+
if ($key == 'redactionFields') {
30+
$val = str_replace("\n", ',', $val);
31+
}
32+
2933
$newSettings[$key] = $val;
3034
}
3135

root/app/www/public/ajax/starr.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -90,8 +90,10 @@
9090
if ($_POST['m'] == 'openAppStarrAccess') {
9191
$existing = $proxyDb->getAppFromId($_POST['id'], $appsTable);
9292
$existing['endpoints'] = $existing['endpoints'] ? json_decode($existing['endpoints'], true) : [];
93+
$existing['redactions'] = $existing['redactions'] ? array_filter(explode(',', $existing['redactions'])) : [];
9394
$clone = isset($_POST['clone']) ? $proxyDb->getAppFromId($_POST['clone'], $appsTable) : [];
9495
$endpoints = $starr->getEndpoints($app);
96+
$redactedOptions = array_filter(explode(',', $settingsTable['redactionFields']));
9597
$appInstances = '';
9698

9799
if ($clone) {
@@ -134,6 +136,19 @@
134136
<select class="form-select" id="access-instance"><option value="">-- Select instance --</option><?= $appInstances ?></select>
135137
</td>
136138
</tr>
139+
<tr>
140+
<td>Redactions<br><span class="text-small">Selected fields will have their value replaced with <code>{PROXY-REDACTED}</code> in the response</span></td>
141+
<td>
142+
<select class="form-select" multiple size="5" id="access-redactions">
143+
<?php
144+
foreach ($redactedOptions as $redactedOption) {
145+
$redactedOption = trim($redactedOption);
146+
?><option <?= in_array($redactedOption, $existing['redactions']) ? 'selected ' : '' ?>value="<?= $redactedOption ?>"><?= $redactedOption ?></option><?php
147+
}
148+
?>
149+
</select>
150+
</td>
151+
</tr>
137152
<tr>
138153
<td>Endpoint template<br><span class="text-small">Automatically select the endpoints based on an app template</span></td>
139154
<td>
@@ -221,6 +236,7 @@
221236
$fields['starr_id'] = intval($_POST['starr_id']);
222237
$fields['endpoints'] = json_encode($endpoints, JSON_UNESCAPED_SLASHES);
223238
$fields['template'] = $_POST['template'];
239+
$fields['redactions'] = $_POST['redactions'];
224240

225241
if ($_POST['id'] != 99) {
226242
$error = $proxyDb->updateApp($_POST['id'], $fields);

root/app/www/public/api/index.php

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -267,6 +267,20 @@
267267
apiResponse(502, ['error' => sprintf(APP_API_ERROR, 'could not access the requested starr app, it appears to be down and returning an HTTP 0 code')]);
268268
}
269269

270+
//-- CHECK FOR FIELD REDACTIONS
271+
if ($redactions = $proxiedApp['proxiedAppDetails']['redactions']) {
272+
logger($logfile, ['req' => $requestCounter, 'endpoint' => $originalEndpoint, 'redactions' => $redactions]);
273+
logger($proxiedAppLogfile, ['req' => $requestCounter, 'endpoint' => $originalEndpoint, 'redactions' => $redactions]);
274+
275+
$redactionList = explode(',', $redactions);
276+
foreach ($request['response'] as $responseKey => $responseVal) {
277+
if (in_array($responseKey, $redactionList)) {
278+
logger($logfile, ['req' => $requestCounter, 'endpoint' => $originalEndpoint, 'redaction-match' => $responseKey]);
279+
$request['response'][$responseKey] = REDACTION_VALUE;
280+
}
281+
}
282+
}
283+
270284
apiResponse($request['code'], $request['response'], $request['responseHeaders']);
271285
}
272286
}

root/app/www/public/includes/constants.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,3 +54,6 @@
5454
define('APPS_TABLE_CACHE_TIME', 86400); //-- 1 DAY
5555
define('STARR_ENDPOINT_LIST_KEY', 'endpoints_%s'); //-- _starrApp
5656
define('STARR_ENDPOINT_LIST_TIME', 604800); //-- 1 WEEK
57+
58+
//-- MISC
59+
define('REDACTION_VALUE', '{PROXY-REDACTED}');

root/app/www/public/js/starr.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,7 @@ function saveAppStarrAccess(app, id)
124124
params += '&id=' + id;
125125
params += '&starr_id=' + $('#access-instance').val();
126126
params += '&template=' + $('#access-template').val();
127+
params += '&redactions=' + $('#access-redactions').val();
127128

128129
$.each($('[id^=endpoint-counter-]'), function() {
129130
const counter = $(this).attr('id').replace('endpoint-counter-', '');
@@ -258,4 +259,4 @@ function autoAdjustAppEndpoints(appId)
258259
}
259260
});
260261
}
261-
// -------------------------------------------------------------------------------------------
262+
// -------------------------------------------------------------------------------------------

root/app/www/public/migrations/007_redactions.php

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
<?php
2+
3+
/*
4+
----------------------------------
5+
------ Created: 081425 ------
6+
------ Austin Best ------
7+
----------------------------------
8+
*/
9+
10+
//-- RESET THE LIST
11+
$q = [];
12+
13+
$q[] = "ALTER TABLE " . APPS_TABLE . "
14+
ADD redactions TEXT NULL";
15+
16+
$settings = [
17+
'redactionFields' => 'nzbInfoUrl,downloadUrl,guid,downloadClient,indexer,downloadClientName,torrentInfoHash,apikey,protocol'
18+
];
19+
20+
$settingRows = [];
21+
foreach ($settings as $key => $val) {
22+
$settingRows[] = "('" . $key . "', '" . $val . "')";
23+
}
24+
25+
$q[] = "INSERT INTO " . SETTINGS_TABLE . "
26+
(`name`, `value`)
27+
VALUES " . implode(', ', $settingRows);
28+
29+
//-- ALWAYS NEED TO BUMP THE MIGRATION ID
30+
$q[] = "UPDATE " . SETTINGS_TABLE . "
31+
SET value = '007'
32+
WHERE name = 'migration'";
33+
34+
foreach ($q as $query) {
35+
logger(MIGRATION_LOG, ['text' => '<span class="text-success">[Q]</span> ' . preg_replace('!\s+!', ' ', $query)]);
36+
37+
$proxyDb->query($query);
38+
39+
if ($proxyDb->error() != 'not an error') {
40+
logger(MIGRATION_LOG, ['text' => '<span class="text-info">[R]</span> ' . $proxyDb->error()]);
41+
} else {
42+
logger(MIGRATION_LOG, ['text' => '<span class="text-info">[R]</span> query applied!']);
43+
}
44+
}
45+
46+
//-- NEEDED SINCE WE ADD A NEW FIELD TO THIS TABLE
47+
$cache->bust(APPS_TABLE_CACHE_KEY);

root/app/www/public/pages/settings.php

Lines changed: 39 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -19,10 +19,15 @@
1919
$dir = opendir(MIGRATIONS_PATH);
2020
while ($migration = readdir($dir)) {
2121
if (str_contains($migration, '.php')) {
22-
$migrations .= '<option ' . ($settingsTable['migration'] == substr($migration, 0, 3) ? 'selected ' : '') . 'value="' . substr($migration, 0, 3) . '">' . str_replace('.php', '', $migration) . '</option>';
22+
$migrationFiles[] = $migration;
2323
}
2424
}
2525
closedir($dir);
26+
sort($migrationFiles);
27+
28+
foreach ($migrationFiles as $migrationFile) {
29+
$migrations .= '<option ' . ($settingsTable['migration'] == substr($migrationFile, 0, 3) ? 'selected ' : '') . 'value="' . substr($migrationFile, 0, 3) . '">' . str_replace('.php', '', $migrationFile) . '</option>';
30+
}
2631

2732
$backups = $proxyDb->getBackups();
2833
$cacheStats = $cache->stats();
@@ -36,15 +41,15 @@
3641
<div class="card-header">System</div>
3742
<div class="card-body">
3843
<div class="table-responsive">
39-
<table class="table table-bordered table-hover">
44+
<table class="table table-sm table-bordered table-hover">
4045
<tbody>
4146
<tr>
4247
<td class="w-25">
4348
API key<br>
4449
<span class="text-small">File: <?= APP_APIKEY_FILE ?></span>
4550
</td>
4651
<td>
47-
<div class="input-group mb-3 w-25">
52+
<div class="input-group mb-3 w-50">
4853
<input type="text" class="form-control" aria-describedby="apikey-input" value="<?= APP_APIKEY ?>" id="setting-apikey">
4954
<button title="Copy" class="btn btn-primary" type="button" id="apikey-input" onclick="clipboard('setting-apikey', 'val')"><i class="far fa-copy"></i></button>
5055
</div>
@@ -58,10 +63,13 @@
5863
</div>
5964
<div class="col-sm-12">
6065
<div class="card border-default mb-3">
61-
<div class="card-header">UI</div>
66+
<div class="card-header">
67+
UI
68+
<br><span class="text-small">Adjust settings that impact the interface</span>
69+
</div>
6270
<div class="card-body">
6371
<div class="table-responsive">
64-
<table class="table table-bordered table-hover">
72+
<table class="table table-sm table-bordered table-hover">
6573
<thead>
6674
<tr>
6775
<th colspan="2">Navigation</th>
@@ -123,12 +131,35 @@
123131
</div>
124132
</div>
125133
</div>
134+
<div class="col-sm-12">
135+
<div class="card border-default mb-3">
136+
<div class="card-header">
137+
Redactions
138+
<br><span class="text-small">Remove specific fields from the starr responses</span>
139+
</div>
140+
<div class="card-body">
141+
<div class="table-responsive">
142+
<table class="table table-sm table-bordered table-hover">
143+
<tbody>
144+
<tr>
145+
<td class="w-25">
146+
Fields<br>
147+
<span class="text-small">One field per line</span>
148+
</td>
149+
<td><textarea class="form-control w-25" rows="10" id="setting-redactionFields"><?= implode("\n", explode(',', $settingsTable['redactionFields'])) ?></textarea></td>
150+
</tr>
151+
</tbody>
152+
</table>
153+
</div>
154+
</div>
155+
</div>
156+
</div>
126157
<div class="col-sm-12">
127158
<div class="card border-default mb-3">
128159
<div class="card-header">Database</div>
129160
<div class="card-body">
130161
<div class="table-responsive">
131-
<table class="table table-bordered table-hover">
162+
<table class="table table-sm table-bordered table-hover">
132163
<tbody>
133164
<tr>
134165
<td class="w-25">
@@ -180,7 +211,7 @@
180211
<div class="card-header">Logging</div>
181212
<div class="card-body">
182213
<div class="table-responsive">
183-
<table class="table table-bordered table-hover">
214+
<table class="table table-sm table-bordered table-hover">
184215
<tbody>
185216
<tr>
186217
<td class="w-25">
@@ -207,7 +238,7 @@
207238
<div class="card-header">Cache</div>
208239
<div class="card-body">
209240
<div class="table-responsive">
210-
<table class="table table-bordered table-hover">
241+
<table class="table table-sm table-bordered table-hover">
211242
<tbody>
212243
<tr>
213244
<td class="w-25">Memcache enabled</td>

root/app/www/public/pages/starr.php

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -132,13 +132,13 @@
132132
<a class="nav-link" data-bs-toggle="dropdown" href="#" role="button" aria-haspopup="true" aria-expanded="false"><i class="fas fa-ellipsis-h text-info"></i></a>
133133
<div class="dropdown-menu">
134134
<div class="ms-2">
135-
<span style="cursor: pointer;" onclick="openAppStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Modify the <?= $accessApp['name'] ?> app's details"><i class="far fa-edit"></i> Modify</span><br>
136-
<span style="cursor: pointer;" onclick="viewAppLog('<?= LOGS_PATH . 'access_'. $accessApp['name'] .'.log' ?>', '<?= truncateMiddle($accessApp['apikey'], 20) ?>', '<?= $accessApp['name'] ?>')" title="View <?= $accessApp['name'] ?> app logs"><i class="fas fa-newspaper"></i> Logs</span><br>
137-
<span style="cursor: pointer;" onclick="openAppStarrAccess('<?= $app ?>', 99, <?= $accessApp['id'] ?>)" title="Clone the <?= $accessApp['name'] ?> app"><i class="far fa-clone"></i> Clone</span><br>
138-
<span style="cursor: pointer;" onclick="openTemplateStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Create a new template based on <?= $accessApp['name'] ?>'s settings"><i class="far fa-file-alt"></i> Create template</span><br>
135+
<span style="cursor: pointer;" onclick="openAppStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Modify the <?= $accessApp['name'] ?> app's details"><i class="far fa-edit fa-fw"></i> Modify</span><br>
136+
<span style="cursor: pointer;" onclick="viewAppLog('<?= LOGS_PATH . 'access_'. $accessApp['name'] .'.log' ?>', '<?= truncateMiddle($accessApp['apikey'], 20) ?>', '<?= $accessApp['name'] ?>')" title="View <?= $accessApp['name'] ?> app logs"><i class="fas fa-newspaper fa-fw"></i> Logs</span><br>
137+
<span style="cursor: pointer;" onclick="openAppStarrAccess('<?= $app ?>', 99, <?= $accessApp['id'] ?>)" title="Clone the <?= $accessApp['name'] ?> app"><i class="far fa-clone fa-fw"></i> Clone</span><br>
138+
<span style="cursor: pointer;" onclick="openTemplateStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Create a new template based on <?= $accessApp['name'] ?>'s settings"><i class="far fa-file-alt fa-fw"></i> Create template</span><br>
139139
<div class="dropdown-divider"></div>
140-
<span style="cursor: pointer;" onclick="resetUsage('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Reset usage counter"><i class="fas fa-recycle text-danger"></i> Reset usage</span><br>
141-
<span style="cursor: pointer;" onclick="deleteAppStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Remove the <?= $accessApp['name'] ?> app's access"><i class="far fa-trash-alt text-danger"></i> Delete</span>
140+
<span style="cursor: pointer;" onclick="resetUsage('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Reset usage counter"><i class="fas fa-recycle text-danger fa-fw"></i> Reset usage</span><br>
141+
<span style="cursor: pointer;" onclick="deleteAppStarrAccess('<?= $app ?>', <?= $accessApp['id'] ?>)" title="Remove the <?= $accessApp['name'] ?> app's access"><i class="far fa-trash-alt text-danger fa-fw"></i> Delete</span>
142142
</div>
143143
</div>
144144
</li>
@@ -149,8 +149,9 @@
149149
<div class="card-body">
150150
Instance: <?= $parentStarrApp['name'] ?> <span class="text-small"><?= $parentStarrApp['url'] ?></span><br>
151151
Access: <?= count($accessApp['endpoints'], COUNT_RECURSIVE) ?> endpoint<?= count($accessApp['endpoints'], COUNT_RECURSIVE) == 1 ? '' : 's' ?><?= $template ?><br>
152+
Redactions: <?= count(array_filter(explode(',', $accessApp['redactions']))) ?> applied<br>
152153
Apikey: <?= truncateMiddle($accessApp['apikey'], 20) ?> <i class="far fa-copy text-info" style="cursor: pointer;" onclick="clipboard('app-<?= $accessApp['id'] ?>-apikey', 'html')" title="Copy apikey to clipboard"></i><span id="app-<?= $accessApp['id'] ?>-apikey" style="display: none;"><?= $accessApp['apikey'] ?></span><br>
153-
Usage: <?= number_format($usage['allowed'] + $usage['rejected']) ?> request<?= $usage['allowed'] + $usage['rejected'] == 1 ? '' : 's' ?> (Allowed: <?= number_format($usage['allowed']) ?> Rejected: <?= number_format($usage['rejected']) ?>)
154+
Usage: <?= number_format($usage['allowed'] + $usage['rejected']) ?> request<?= $usage['allowed'] + $usage['rejected'] == 1 ? '' : 's' ?> (Pass: <?= number_format($usage['allowed']) ?> Fail: <?= number_format($usage['rejected']) ?>)
154155
</div>
155156
</div>
156157
</div>

0 commit comments

Comments
 (0)