Banning and logs interface for siteadmin

calzoneman / sync

Node.JS Server and JavaScript/HTML Client for synchronizing online media

Other

1.47k stars 232 forks source link

Banning and logs interface for siteadmin #83

Closed ghost closed 11 years ago

ghost commented 11 years ago

Detailed logs (may be sys.log that CyTube server outputs in CLI)
Global ban option using any IP address (with range wildcarts)

calzoneman commented 11 years ago

As for the logs, I'm not really sure what would be useful to display in an interface. I don't check sys.log very often, so perhaps you could provide a use case for what data you need.

There's not an interface for global bans currently, but that shouldn't be too hard to add. Also, the range bans don't use wildcards, they just truncate the IP (for example, 66.34.120 would match 66.34.120.27, or 66.34 would match 66.34.51.32

ghost commented 11 years ago

As for the logs, I'm not really sure what would be useful to display in an interface. I don't check sys.log very often, so perhaps you could provide a use case for what data you need.

A situation from today, i've got a report about a guy under nickname "ddddd" who's been spammin all over channels. I quickly grep'd sys.log and got that b*****ds IP.... BTW, it's was a guy from Oconto,Wisconsin,United States, you might recognize him, he was talking about a bugs not being fixed by an incompetent admin (I guess he was talking about CyTube, because it was his first log on synchtube.6irc.net).

Also, I think that spam protection should trigger new log record upon a detection of flood.

calzoneman commented 11 years ago

I usually get the IPs from the channel "Connection Log" tab (IPs are visible to siteadmins). Although it wouldn't be too hard to add a sys.log viewer to an admin page.

I'll probably add the ban feature to an administration page for convenience instead of having to do it through phpMyAdmin.

What do you mean by "trigger new log record"?

ghost commented 11 years ago

It means that there should be a new record added to the log when the flood attempt is detected. If you'd see a few of such records one under another then you'd know that something fishy is going on.

calzoneman commented 11 years ago

I've started on this by adding a logviewer to acp.html. Please note that only the last 1MB of a logfile is sent.

ghost commented 11 years ago

XMLHttpRequest cannot load http://199.16.206.228/api/plain/readlog?type=sys&name=Czterooki&session=[censored] Origin http://synchtube.6irc.net is not allowed by Access-Control-Allow-Origin. Same Origin Policy is really strict in chrome :/

calzoneman commented 11 years ago

Yeah, I didn't think to check for cross-domain requests. It's an easy fix (and I already did it that way for the json api endpoints).

EDIT: It's not just Chrome either, pretty much any modern browser should prevent cross-domain requests.