overleaf/services/web/app/views/admin/index.pug
Alasdair Smith 41f75b5936 Merge pull request #1543 from sharelatex/as-fix-potential-angular-xss
Fix potential Angular XSS issues

GitOrigin-RevId: a18a609a25b29e910cb78e28a37398417cfe4842
2019-03-18 10:37:15 +00:00

87 lines
3.3 KiB
Text

extends ../layout
block content
.content.content-alt
.container
.row
.col-xs-12
.card
.page-header
h1 Admin Panel
tabset(ng-cloak)
tab(heading="System Messages")
each message in systemMessages
.alert.alert-info.row-spaced(ng-non-bindable) #{message.content}
hr
form(method='post', action='/admin/messages')
input(name="_csrf", type="hidden", value=csrfToken)
.form-group
label(for="content")
input.form-control(name="content", type="text", placeholder="Message...", required)
button.btn.btn-primary(type="submit") Post Message
hr
form(method='post', action='/admin/messages/clear')
input(name="_csrf", type="hidden", value=csrfToken)
button.btn.btn-danger(type="submit") Clear all messages
tab(heading="Open Sockets")
.row-spaced
ul
each agents, url in openSockets
li(ng-non-bindable) #{url} - total : #{agents.length}
ul
each agent in agents
li(ng-non-bindable) #{agent}
tab(heading="Close Editor")
.row-spaced
form(method='post',action='/admin/closeEditor')
input(name="_csrf", type="hidden", value=csrfToken)
button.btn.btn-danger(type="submit") Close Editor
p.small Will stop anyone opening the editor. Will NOT disconnect already connected users.
.row-spaced
form(method='post',action='/admin/dissconectAllUsers')
input(name="_csrf", type="hidden", value=csrfToken)
button.btn.btn-danger(type="submit") Disconnect all users
p.small Will force disconnect all users with the editor open. Make sure to close the editor first to avoid them reconnecting.
tab(heading="Subscriptions")
h3 Link Recurly subscription to user
.row
form.form.col-xs-6(method='post',action='/admin/syncUserToSubscription')
input(name="_csrf", type="hidden", value=csrfToken)
.form-group
label(for='subscription_id') subscription_id (in Recurly)
input.form-control(type='text', name='subscription_id', placeholder='subscription_id', required)
.form-group
label(for='user_id') user_id
input.form-control(type='text', name='user_id', placeholder='user_id', required)
.form-group
button.btn-primary.btn(type='submit') Link
tab(heading="TPDS/Dropbox Management")
h3 Flush project to TPDS
.row
form.col-xs-6(method='post',action='/admin/flushProjectToTpds')
input(name="_csrf", type="hidden", value=csrfToken)
.form-group
label(for='project_id') project_id
input.form-control(type='text', name='project_id', placeholder='project_id', required)
.form-group
button.btn-primary.btn(type='submit') Flush
hr
h3 Poll Dropbox for user
.row
form.col-xs-6(method='post',action='/admin/pollDropboxForUser')
input(name="_csrf", type="hidden", value=csrfToken)
.form-group
label(for='user_id') user_id
input.form-control(type='text', name='user_id', placeholder='user_id', required)
.form-group
button.btn-primary.btn(type='submit') Poll