diff --git a/src/commands/index.ts b/src/commands/index.ts index f0fb9b3..ef40be2 100644 --- a/src/commands/index.ts +++ b/src/commands/index.ts @@ -13,6 +13,7 @@ export { default as Parse } from './parse'; export { default as Parseall } from './parseall'; export { default as Ping } from './ping'; export { default as Pull } from './pull'; +export { default as SecureSign } from './securesign'; export { default as Sysinfo } from './sysinfo'; export { default as Unlock } from './unlock'; export { default as Warn } from './warn'; diff --git a/src/commands/securesign.ts b/src/commands/securesign.ts new file mode 100644 index 0000000..df4ae28 --- /dev/null +++ b/src/commands/securesign.ts @@ -0,0 +1,25 @@ +import { Message } from 'eris'; +import { Command } from '../class'; +import { Client } from '..'; +import Build from './securesign_build'; +import Init from './securesign_init'; + +export default class SecureSign extends Command { + constructor(client: Client) { + super(client); + this.name = 'securesign'; + this.description = 'Runs SecureSign CLI commands'; + this.usage = `Run ${this.client.config.prefix}${this.name} [subcommand] for usage information`; + this.aliases = ['ss']; + this.subcmds = [Build, Init]; + this.enabled = true; + } + + public async run(message: Message) { + try { + return this.client.commands.get('help').run(message, [this.name]); + } catch (error) { + return this.client.util.handleError(error, message, this); + } + } +} diff --git a/src/commands/securesign_build.ts b/src/commands/securesign_build.ts new file mode 100644 index 0000000..83d36d6 --- /dev/null +++ b/src/commands/securesign_build.ts @@ -0,0 +1,36 @@ +import { Message } from 'eris'; +import { Client } from '..'; +import { Command, RichEmbed } from '../class'; + +export default class SecureSign_Build extends Command { + constructor(client: Client) { + super(client); + this.name = 'build'; + this.description = 'Shows information about the current build of the CLI'; + this.usage = `${this.client.config.prefix}securesign build`; + this.enabled = true; + } + + public async run(message: Message, args: string[]) { + try { + const msg = await message.channel.createMessage(`${this.client.stores.emojis.loading} ***Loading build information...***`); + + const build = await this.client.util.exec("sudo -H -u root bash -c 'securesign build'"); + const info = build.replace(/\n/g, '\n**').replace(/:/g, ':**').split('\n'); + const title = info.shift(); + const description = info.join('\n'); + const content = null; + + const embed = new RichEmbed(); + embed.setTitle(title); + embed.setDescription(description); + embed.setAuthor(this.client.user.username, this.client.user.avatarURL); + embed.setFooter(`Requested by ${message.member.username}#${message.member.discriminator}`, message.member.avatarURL); + + // @ts-ignore + msg.edit({ content, embed }); + } catch (error) { + this.client.util.handleError(error, message, this); + } + } +} diff --git a/src/commands/securesign_init.ts b/src/commands/securesign_init.ts new file mode 100644 index 0000000..8ade7de --- /dev/null +++ b/src/commands/securesign_init.ts @@ -0,0 +1,55 @@ +import { Message, PrivateChannel, TextChannel } from 'eris'; +import axios, { AxiosResponse } from 'axios'; +import { Client } from '..'; +import { Command } from '../class'; + +export default class SecureSign_Init extends Command { + constructor(client: Client) { + super(client); + this.name = 'init'; + this.description = 'Inits configuration files and environment variables (DM only)'; + this.usage = `${this.client.config.prefix}securesign init [hash]`; + this.enabled = true; + this.guildOnly = false; + } + + public async run(message: Message, args: string[]) { + try { + if (!args[0]) return this.client.commands.get('help').run(message, ['securesign', this.name]); + if (!(message.channel instanceof PrivateChannel)) { + message.delete(); + return message.channel.createMessage(`${this.client.stores.emojis.error} ***Run this command in your DMs!***`); + } + const account = await this.client.db.Account.findOne({ id: message.author.id }); + if (!account) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Account not registered***`); + if (account.locked) return message.channel.createMessage(`${this.client.stores.emojis.error} ***Your account is locked***`); + const msg = await message.channel.createMessage(`${this.client.stores.emojis.loading} ***Initializing account...***`); + let verify: AxiosResponse; + try { + verify = await axios({ + method: 'get', + url: 'https://api.securesign.org/account/details', + headers: { Authorization: args[0] }, + }); + } catch (error) { + const { status } = error.response; + if (status === 400 || status === 401 || status === 403 || status === 404) return msg.edit(`${this.client.stores.emojis.error} ***Credentials incorrect***`); + throw error; + } + const { id } = verify.data.message; + if (id !== message.author.id && !account.root) { + // @ts-ignore + const channel: TextChannel = this.client.guilds.get('446067825673633794').channels.get('501089664040697858'); + channel.createMessage(`**__UNAUTHORIZED ACCESS ALERT__**\n${message.author.mention} tried to initialize their account using <@${id}>'s credentials.\nTheir account has been locked under Section 5.2 of the EULA.`); + const tasks = [this.client.util.exec(`lock ${account.username}`), account.updateOne({ locked: true }), this.client.util.createModerationLog(account.userID, this.client.user, 2, 'Violation of Section 5.2 of the EULA')]; + await Promise.all(tasks); + return msg.edit(`${this.client.stores.emojis.error} ***Credentials incorrect***`); + } + const init = await this.client.util.exec(`sudo -H -u ${account.username} bash -c 'securesign init -a ${args[0]}'`); + if (!init.endsWith('Initialization sequence completed.')) throw new Error('Account initialization did not complete successfully'); + return msg.edit(`${this.client.stores.emojis.success} ***Account initialized***`); + } catch (error) { + return this.client.util.handleError(error, message, this); + } + } +}