tiago/Dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d84803efc940726be70d6fc4109ce4b67e8ad3f4
Dashboard/assets/app.js
Tiago Santos d84803efc9 Initial commit
2025-11-28 07:49:17 -03:00

1022 lines
39 KiB
JavaScript
Raw Blame History

"use strict";
// Armazenamento e chaves
const STORAGE = {
UNITS: "telseg_units",
CREDS: "telseg_passwords",
VAULT: "telseg_vault",
THEME: "telseg_theme",
NOTES: "telseg_notes",
AUTH: "telseg_auth",
};
const $ = (sel, el = document) => el.querySelector(sel);
const $$ = (sel, el = document) => Array.from(el.querySelectorAll(sel));
// Detecção de API
const state = { useApi: false, units: [], creds: [], vault: null, notes: [], auth: null };
async function probeApi() {
try {
const r = await fetch('/api/health', { cache: 'no-store' });
state.useApi = r.ok; return state.useApi;
} catch { state.useApi = false; return false; }
}
function updateStorageInfo() {
const el = document.getElementById('storageInfo');
if (!el) return;
el.textContent = state.useApi
? 'Servidor • Dados persistem no banco (Postgres) do container.'
: 'Local • Seus dados ficam somente no seu navegador.';
}
// ---- Auth (API) ----
function getToken() { try { return JSON.parse(localStorage.getItem(STORAGE.AUTH) || 'null')?.token || null; } catch { return null; } }
function setToken(token) { localStorage.setItem(STORAGE.AUTH, JSON.stringify({ token })); }
async function apiFetch(path, opts = {}) {
const o = { ...opts, headers: { ...(opts.headers||{}), 'Content-Type': 'application/json' } };
const token = getToken();
if (token) o.headers['Authorization'] = `Bearer ${token}`;
const r = await fetch(path, o);
if (r.status === 401) { showLogin(); throw new Error('unauthorized'); }
return r;
}
function canMaster() { return !!state.auth?.user && state.auth.user.role === 'master'; }
function can(flag) { if (canMaster()) return true; return !!state.auth?.user && !!state.auth.user.permissions?.[flag]; }
function applyPermissionsUI() {
if (!state.useApi || !state.auth?.user) return;
// tabs
const tabs = [
{ id: 'unidades', read: 'units_read' },
{ id: 'senhas', read: 'creds_read' },
{ id: 'notas', read: 'notes_read' },
];
tabs.forEach(t => {
const btn = document.querySelector(`.tab[data-tab="${t.id}"]`);
const view = document.getElementById(`view-${t.id}`);
const visible = can(t.read);
if (btn) btn.style.display = visible ? '' : 'none';
if (view) view.style.display = visible ? '' : 'none';
});
// users tab only master
const userTab = document.querySelector('#tab-users');
const userView = document.getElementById('view-usuarios');
if (userTab) userTab.style.display = canMaster() ? '' : 'none';
if (userView) userView.style.display = canMaster() ? '' : 'none';
// action buttons
document.getElementById('addUnidadeBtn').style.display = can('units_write') ? '' : 'none';
document.getElementById('addCredBtn').style.display = can('creds_write') ? '' : 'none';
document.getElementById('addNoteBtn').style.display = can('notes_write') ? '' : 'none';
}
function showLogin() { document.getElementById('authGate')?.classList.remove('hidden'); }
function hideLogin() { document.getElementById('authGate')?.classList.add('hidden'); }
// Tema (claro/escuro)
function loadTheme() {
const t = localStorage.getItem(STORAGE.THEME) || "dark";
document.documentElement.setAttribute("data-theme", t);
}
function toggleTheme() {
const cur = document.documentElement.getAttribute("data-theme") || "dark";
const next = cur === "dark" ? "light" : "dark";
document.documentElement.setAttribute("data-theme", next);
localStorage.setItem(STORAGE.THEME, next);
}
// Utilidades
function uid() {
// ID simples e estável suficiente para uso local
return `${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 8)}`;
}
function saveJSON(key, value) { localStorage.setItem(key, JSON.stringify(value)); }
function loadJSON(key, fallback) {
try { const v = JSON.parse(localStorage.getItem(key) || ""); return v ?? fallback; }
catch { return fallback; }
}
function todayStr() { return new Date().toISOString().slice(0, 10); }
function copyText(text) {
navigator.clipboard?.writeText(text).catch(() => {
const ta = document.createElement("textarea");
ta.value = text; document.body.appendChild(ta); ta.select();
document.execCommand("copy"); document.body.removeChild(ta);
});
}
// Navegação por abas
function initTabs() {
$$(".tab").forEach(btn => {
btn.addEventListener("click", () => {
$$(".tab").forEach(b => b.classList.remove("active"));
btn.classList.add("active");
const tab = btn.dataset.tab;
$$(".view").forEach(v => v.classList.remove("active"));
$(`#view-${tab}`).classList.add("active");
if (tab === 'usuarios') renderUsers();
});
});
}
// ------- Unidades -------
async function refreshUnits() {
if (state.useApi) {
const r = await apiFetch('/api/units');
state.units = r.ok ? await r.json() : [];
} else {
state.units = loadJSON(STORAGE.UNITS, []);
}
return state.units;
}
function loadUnits() { return state.units || []; }
function saveUnits(list) { saveJSON(STORAGE.UNITS, list); state.units = list; }
function parseOCs(str) {
return (str || "")
.split(/[\n,]/g)
.map(s => s.trim())
.filter(Boolean);
}
async function renderUnits(filter = "") {
if (state.useApi) await refreshUnits();
const listEl = $("#unidadesList");
const items = loadUnits();
const f = filter.trim().toLowerCase();
const filtered = !f ? items : items.filter(u => {
return (
u.nome.toLowerCase().includes(f) ||
(u.ip || "").toLowerCase().includes(f) ||
(u.ocs || []).some(x => x.toLowerCase().includes(f))
);
});
// Ordena por nome: números primeiro, depois letras (ordem alfabética/natural)
filtered.sort((a, b) => {
const an = (a.nome || '').trim();
const bn = (b.nome || '').trim();
const aNum = /^[0-9]/.test(an);
const bNum = /^[0-9]/.test(bn);
if (aNum !== bNum) return aNum ? -1 : 1; // números primeiro
return an.localeCompare(bn, 'pt-BR', { numeric: true, sensitivity: 'base' });
});
const canWrite = !state.useApi || can('units_write');
listEl.innerHTML = filtered.map(u => {
const ocs = (u.ocs || []).map(x => `<span class="chip">OC ${escapeHTML(x)}</span>`).join(" ");
return `
<article class="card" data-id="${u.id}">
<h4>${escapeHTML(u.nome)}</h4>
<div class="meta">Criado em ${formatDate(u.dataCriacao)}${u.ip ? ` • IP ${escapeHTML(u.ip)}` : ""}</div>
${ocs ? `<div class="chips">${ocs}</div>` : ""}
${u.link ? `<div class="row k"><span>Link:</span> <a href="${escapeAttr(u.link)}" target="_blank" rel="noopener">${escapeHTML(u.link)}</a></div>` : ""}
<div class="actions">
${u.link ? `<button class="btn small" data-act="open">Abrir Discadora</button>` : ""}
${u.ip ? `<button class="btn small" data-act="copyip">Copiar IP</button>` : ""}
${canWrite ? `<button class=\"btn small\" data-act=\"edit\">Editar</button>` : ''}
${canWrite ? `<button class=\"btn small danger\" data-act=\"del\">Excluir</button>` : ''}
</div>
</article>`;
}).join("");
// Complementa UI com login/senha
filtered.forEach(u => {
const card = listEl.querySelector(`.card[data-id="${u.id}"]`);
if (!card) return;
const meta = card.querySelector('.meta');
if (u.login && meta && !meta.textContent.includes('Login')) {
meta.innerHTML = `${meta.innerHTML} • Login ${escapeHTML(u.login)}`;
}
const actions = card.querySelector('.actions');
if (actions) {
if (u.login && !actions.querySelector('[data-act="copylogin"]')) {
const b = document.createElement('button');
b.className = 'btn small';
b.setAttribute('data-act', 'copylogin');
b.textContent = 'Copiar Login';
actions.insertBefore(b, actions.querySelector('[data-act="edit"]') || null);
}
if (u.senha && !actions.querySelector('[data-act="copypass"]')) {
const b2 = document.createElement('button');
b2.className = 'btn small';
b2.setAttribute('data-act', 'copypass');
b2.textContent = 'Copiar Senha';
actions.insertBefore(b2, actions.querySelector('[data-act="edit"]') || null);
}
}
});
// Delegação de eventos nos cartões
listEl.onclick = async (ev) => {
const btn = ev.target.closest("[data-act]");
if (!btn) return;
const card = ev.target.closest(".card");
const id = card?.dataset.id;
if (!id) return;
const items2 = loadUnits();
const idx = items2.findIndex(x => x.id === id);
const u = items2[idx];
if (!u) return;
const act = btn.dataset.act;
if (act === "open" && u.link) {
window.open(u.link, "_blank", "noopener");
} else if (act === "copyip" && u.ip) {
copyText(u.ip);
} else if (act === "copylogin" && u.login) {
copyText(u.login);
} else if (act === "copypass" && u.senha) {
copyText(u.senha);
} else if (act === "edit") {
openUnidadeModal(u);
} else if (act === "del") {
if (confirm(`Excluir unidade "${u.nome}"?`)) {
if (state.useApi) {
await apiFetch(`/api/units/${encodeURIComponent(u.id)}`, { method: 'DELETE' });
await refreshUnits();
} else {
items2.splice(idx, 1); saveUnits(items2);
}
renderUnits($("#searchUnidades").value);
}
}
};
}
function openUnidadeModal(u) {
$("#unidadeId").value = u?.id || "";
$("#unidadeNome").value = u?.nome || "";
$("#unidadeData").value = u?.dataCriacao || todayStr();
$("#unidadeOCs").value = (u?.ocs || []).join(", ");
$("#unidadeLink").value = u?.link || "";
$("#unidadeIP").value = u?.ip || "";
$("#unidadeLogin").value = u?.login || "";
$("#unidadeSenha").value = ""; // nunca preencher senha existente
showModal("unidadeModal");
}
// ------- Modal Helpers -------
function showModal(id) { const el = document.getElementById(id); el?.classList.remove("hidden"); }
function hideModal(id) { const el = document.getElementById(id); el?.classList.add("hidden"); }
// Escapar HTML básico
function escapeHTML(s) { return (s ?? "").replace(/[&<>"]/g, c => ({"&":"&amp;","<":"&lt;",">":"&gt;","\"":"&quot;"}[c])); }
function escapeAttr(s) { return escapeHTML(s).replace(/'/g, "&#039;"); }
function formatDate(s) { try { const [y,m,d] = (s||"").split("-"); return d && m && y ? `${d}/${m}/${y}` : s; } catch { return s; } }
// ------- Cofre de Senhas (WebCrypto) -------
async function refreshCreds() {
if (state.useApi) {
const r = await apiFetch('/api/creds');
state.creds = r.ok ? await r.json() : [];
} else {
state.creds = loadJSON(STORAGE.CREDS, []);
}
return state.creds;
}
function loadCreds() { return state.creds || []; }
function saveCreds(list) { saveJSON(STORAGE.CREDS, list); state.creds = list; }
async function refreshVault() {
if (state.useApi) {
const r = await apiFetch('/api/vault');
state.vault = r.ok ? await r.json() : null;
} else {
state.vault = loadJSON(STORAGE.VAULT, null);
}
return state.vault;
}
function getVault() { return state.vault; }
function setVault(v) { saveJSON(STORAGE.VAULT, v); state.vault = v; }
// ------- Notas -------
async function refreshNotes() {
if (state.useApi) {
const r = await apiFetch('/api/notes');
state.notes = r.ok ? await r.json() : [];
} else {
state.notes = loadJSON(STORAGE.NOTES, []);
}
return state.notes;
}
function loadNotes() { return state.notes || []; }
function saveNotes(list) { saveJSON(STORAGE.NOTES, list); state.notes = list; }
function openNoteModal(n) {
$("#noteId").value = n?.id || "";
$("#noteTitle").value = n?.title || "";
$("#noteBody").value = n?.body || "";
$("#noteType").value = n?.data?.type || 'texto';
editingSteps = (n?.data?.steps || []).map(s => ({ id: s.id || uid(), text: s.text || '' }));
toggleStepsBlock();
renderSteps();
showModal("noteModal");
}
async function renderNotes(filter = "") {
if (state.useApi) await refreshNotes();
const listText = document.getElementById('notesTextList');
const listSteps = document.getElementById('notesStepsList');
const items = loadNotes();
const f = filter.trim().toLowerCase();
const filtered = !f ? items : items.filter(n => (
(n.title || "").toLowerCase().includes(f) || (n.body || "").toLowerCase().includes(f)
));
filtered.sort((a,b) => (b.updatedAt||0)-(a.updatedAt||0));
const renderCard = (n) => {
const preview = escapeHTML((n.body || '').split('\n').slice(0,3).join(' '));
const when = n.updatedAt ? new Date(n.updatedAt).toLocaleString() : '';
return `
<article class="card clickable" data-id="${n.id}">
<h4>${escapeHTML(n.title || 'Sem título')}</h4>
<div class="meta">${n.data?.type === 'passos' ? '<span class="chip">Passo a passo</span>' : ''} ${when ? `• Atualizado: ${when}` : ''}</div>
${n.data?.type === 'passos' ? `<div class="k">${(n.data.steps||[]).slice(0,3).map((s,i)=>`${i+1}. ${escapeHTML(s.text||'')}`).join('<br/>')}</div>` : (preview ? `<div class=\"k\">${preview}</div>` : '')}
</article>`;
};
const texts = filtered.filter(n => (n.data?.type || 'texto') !== 'passos');
const steps = filtered.filter(n => n.data?.type === 'passos');
if (listText) listText.innerHTML = texts.map(renderCard).join("");
if (listSteps) listSteps.innerHTML = steps.map(renderCard).join("");
const attach = (el) => {
if (!el) return;
el.onclick = (ev) => {
const card = ev.target.closest('.card');
if (!card) return;
const id = card.dataset.id;
const n = loadNotes().find(x => x.id === id);
if (n) openNoteView(n);
};
};
attach(listText);
attach(listSteps);
}
// --- Editor de passos (modal Nota)
let editingSteps = [];
function toggleStepsBlock() {
const type = $("#noteType").value;
const block = $("#stepsBlock");
if (type === 'passos') block.classList.remove('hidden'); else block.classList.add('hidden');
}
function renderSteps() {
const el = $("#stepsList");
el.innerHTML = editingSteps.map((s, idx) => `
<div class="step-card" data-idx="${idx}">
<div class="text" contenteditable="true">${escapeHTML(s.text)}</div>
<button class="btn small" data-del>Remover</button>
</div>
`).join("");
}
// Visualização de nota (popup)
function openNoteView(n) {
const body = document.getElementById('noteViewBody');
const title = document.getElementById('noteViewTitle');
title.textContent = n.title || 'Sem título';
const when = n.updatedAt ? new Date(n.updatedAt).toLocaleString() : '';
const chip = n.data?.type === 'passos' ? '<span class="chip">Passo a passo</span>' : '<span class="chip">Texto</span>';
const sections = [];
if (n.data?.type === 'passos' && (n.data.steps || []).length) {
const items = (n.data.steps || []).map(s => `<li>${escapeHTML(s.text || '')}</li>`).join('');
sections.push(`<div class="k">Passos</div><ol>${items}</ol>`);
}
if ((n.body || '').trim()) {
sections.push(`<div class="k" style="margin-top:8px;">Conteúdo</div><div class="content">${escapeHTML(n.body)}</div>`);
}
if (!sections.length) {
sections.push('<div class="k">Sem conteúdo</div>');
}
body.innerHTML = `<div><div class="meta">${chip} ${when ? `• Atualizado: ${when}` : ''}</div>${sections.join('')}</div>`;
// Ações
document.getElementById('noteViewEdit').onclick = () => { hideModal('noteViewModal'); openNoteModal(n); };
document.getElementById('noteViewDelete').onclick = async () => {
if (!confirm('Excluir esta nota?')) return;
if (state.useApi) {
await apiFetch(`/api/notes/${encodeURIComponent(n.id)}`, { method: 'DELETE' });
await refreshNotes();
} else {
const list = loadNotes().filter(x => x.id !== n.id); saveNotes(list);
}
hideModal('noteViewModal');
renderNotes($("#searchNotes").value);
};
showModal('noteViewModal');
}
const textEnc = new TextEncoder();
const textDec = new TextDecoder();
function ab2b64(ab) {
const bytes = new Uint8Array(ab);
let bin = ""; for (let i=0; i<bytes.length; i++) bin += String.fromCharCode(bytes[i]);
return btoa(bin);
}
function b642ab(b64) {
const bin = atob(b64); const len = bin.length; const bytes = new Uint8Array(len);
for (let i=0; i<len; i++) bytes[i] = bin.charCodeAt(i);
return bytes.buffer;
}
async function deriveKey(password, saltB64, iterations) {
const salt = b642ab(saltB64);
const keyMaterial = await crypto.subtle.importKey(
"raw", textEnc.encode(password), { name: "PBKDF2" }, false, ["deriveKey"]
);
return crypto.subtle.deriveKey(
{ name: "PBKDF2", salt, iterations, hash: "SHA-256" },
keyMaterial,
{ name: "AES-GCM", length: 256 },
false,
["encrypt", "decrypt"]
);
}
async function encryptString(key, plain) {
const iv = crypto.getRandomValues(new Uint8Array(12));
const ct = await crypto.subtle.encrypt({ name: "AES-GCM", iv }, key, textEnc.encode(plain));
return { iv: ab2b64(iv), data: ab2b64(ct) };
}
async function decryptString(key, enc) {
const iv = new Uint8Array(b642ab(enc.iv));
const data = b642ab(enc.data);
const pt = await crypto.subtle.decrypt({ name: "AES-GCM", iv }, key, data);
return textDec.decode(pt);
}
let vaultKey = null;
const VAULT_ITERS = 200_000;
function renderVaultGate() {
const meta = getVault();
const setForm = $("#setVaultForm");
const unlockForm = $("#unlockVaultForm");
const status = $("#vaultStatus");
$("#vaultLocked").classList.remove("hidden");
$("#vaultUnlocked").classList.add("hidden");
if (!meta) {
status.textContent = "Proteja suas senhas com uma senha mestra.";
setForm.classList.remove("hidden");
unlockForm.classList.add("hidden");
} else {
status.textContent = "Informe sua senha mestra para desbloquear.";
setForm.classList.add("hidden");
unlockForm.classList.remove("hidden");
}
}
async function unlockVault(password) {
const meta = getVault();
if (!meta) throw new Error("Cofre não configurado");
const key = await deriveKey(password, meta.salt, meta.iterations || VAULT_ITERS);
try {
const check = await decryptString(key, meta.verification);
if (check !== "ok") throw new Error("Senha inválida");
vaultKey = key; // mantido em memória
$("#vaultLocked").classList.add("hidden");
$("#vaultUnlocked").classList.remove("hidden");
renderCreds($("#searchCreds").value);
} catch {
alert("Senha mestra incorreta.");
}
}
function lockVault() {
vaultKey = null;
$("#vaultUnlockPass").value = "";
$("#credsList").innerHTML = "";
renderVaultGate();
}
async function renderCreds(filter = "") {
if (state.useApi) await refreshCreds();
const listEl = $("#credsList");
const items = loadCreds();
const f = filter.trim().toLowerCase();
const filtered = !f ? items : items.filter(c => {
return (
c.nome.toLowerCase().includes(f) ||
(c.usuario || "").toLowerCase().includes(f) ||
(c.url || "").toLowerCase().includes(f)
);
});
filtered.sort((a, b) => (b.updatedAt || 0) - (a.updatedAt || 0));
const canWrite = !state.useApi || can('creds_write');
listEl.innerHTML = filtered.map(c => {
const preview = escapeHTML((c.notas || '').split('\n').slice(0,2).join(' '));
const when = c.updatedAt ? new Date(c.updatedAt).toLocaleString() : '';
return `
<article class="card clickable" data-id="${c.id}">
<h4>${escapeHTML(c.nome)}</h4>
<div class="meta">${c.usuario ? `Usuário ${escapeHTML(c.usuario)}`: ''}${c.url ? `<a href="${escapeAttr(c.url)}" target="_blank" rel="noopener">${escapeHTML(c.url)}</a>` : ''} ${when ? `• Atualizado: ${when}` : ''}</div>
${preview ? `<div class=\"k\">${preview}</div>` : ''}
</article>`;
}).join("");
listEl.onclick = async (ev) => {
const btn = ev.target.closest("[data-act]");
const card = ev.target.closest('.card');
if (!card) return;
const id = card.dataset.id;
const items2 = loadCreds();
const idx = items2.findIndex(x => x.id === id);
const c = items2[idx];
if (!c) return;
if (btn) {
// Mantido por compatibilidade caso algum botão exista
if (!vaultKey) { alert("Cofre bloqueado."); return; }
const act = btn.dataset.act;
if (act === "open" && c.url) {
window.open(c.url, "_blank", "noopener");
} else if (act === "copyuser" && c.usuario) {
copyText(c.usuario);
} else if (act === "copypass") {
try { const pass = await decryptString(vaultKey, c.passwordEnc); copyText(pass); } catch { alert("Falha ao descriptografar."); }
} else if (act === "reveal") {
try { const pass = await decryptString(vaultKey, c.passwordEnc); alert(`Senha: ${pass}`); } catch { alert("Falha ao descriptografar."); }
} else if (act === "edit") {
openCredModal(c);
} else if (act === "del") {
if (confirm(`Excluir credencial "${c.nome}"?`)) {
if (state.useApi) {
await apiFetch(`/api/creds/${encodeURIComponent(c.id)}`, { method: 'DELETE' });
await refreshCreds();
} else {
items2.splice(idx,1); saveCreds(items2);
}
renderCreds($("#searchCreds").value);
}
}
} else {
// Clique no card abre visualização
if (!vaultKey) { alert("Cofre bloqueado."); return; }
openCredView(c, canWrite);
}
};
}
function openCredModal(c) {
$("#credId").value = c?.id || "";
$("#credNome").value = c?.nome || "";
$("#credUsuario").value = c?.usuario || "";
$("#credSenha").value = ""; // nunca preencher
$("#credUrl").value = c?.url || "";
$("#credNotas").value = c?.notas || "";
showModal("credModal");
}
// Visualização de credencial (popup)
function openCredView(c, canWrite) {
const body = document.getElementById('credViewBody');
const title = document.getElementById('credViewTitle');
title.textContent = c.nome || 'Credencial';
const when = c.updatedAt ? new Date(c.updatedAt).toLocaleString() : '';
const sections = [];
const access = [];
if (c.usuario) access.push(`<div>Usuário: <strong>${escapeHTML(c.usuario)}</strong></div>`);
if (c.url) access.push(`<div>URL: <a href="${escapeAttr(c.url)}" target="_blank" rel="noopener">${escapeHTML(c.url)}</a></div>`);
if (access.length) sections.push(`<div class="k">Acesso</div><div class="content">${access.join('')}</div>`);
if ((c.notas || '').trim()) sections.push(`<div class="k" style="margin-top:8px;">Notas</div><div class="content">${escapeHTML(c.notas)}</div>`);
if (!sections.length) sections.push('<div class="k">Sem detalhes</div>');
body.innerHTML = `<div><div class="meta">${when ? `Atualizado: ${when}` : ''}</div>${sections.join('')}</div>`;
// Ações
const btnOpen = document.getElementById('credViewOpen');
const btnCopyUser = document.getElementById('credViewCopyUser');
const btnCopyPass = document.getElementById('credViewCopyPass');
const btnReveal = document.getElementById('credViewReveal');
const btnEdit = document.getElementById('credViewEdit');
const btnDelete = document.getElementById('credViewDelete');
btnOpen.style.display = c.url ? '' : 'none';
btnCopyUser.style.display = c.usuario ? '' : 'none';
btnEdit.style.display = canWrite ? '' : 'none';
btnDelete.style.display = canWrite ? '' : 'none';
btnOpen.onclick = () => { if (c.url) window.open(c.url, '_blank', 'noopener'); };
btnCopyUser.onclick = () => { if (c.usuario) copyText(c.usuario); };
btnCopyPass.onclick = async () => {
try { const pass = await decryptString(vaultKey, c.passwordEnc); copyText(pass); } catch { alert('Falha ao descriptografar.'); }
};
btnReveal.onclick = async () => {
try { const pass = await decryptString(vaultKey, c.passwordEnc); alert(`Senha: ${pass}`); } catch { alert('Falha ao descriptografar.'); }
};
btnEdit.onclick = () => { hideModal('credViewModal'); openCredModal(c); };
btnDelete.onclick = async () => {
if (!confirm(`Excluir credencial "${c.nome}"?`)) return;
const items2 = loadCreds();
const idx = items2.findIndex(x => x.id === c.id);
if (state.useApi) {
await apiFetch(`/api/creds/${encodeURIComponent(c.id)}`, { method: 'DELETE' });
await refreshCreds();
} else if (idx >= 0) {
items2.splice(idx,1); saveCreds(items2);
}
hideModal('credViewModal');
renderCreds($("#searchCreds").value);
};
showModal('credViewModal');
}
// ------- Exportar / Importar -------
function exportAll() {
const payload = {
version: 1,
exportedAt: new Date().toISOString(),
theme: document.documentElement.getAttribute("data-theme"),
units: loadUnits(),
vault: getVault(),
creds: loadCreds(),
notes: loadNotes(),
};
const blob = new Blob([JSON.stringify(payload, null, 2)], { type: "application/json" });
const a = document.createElement("a");
const d = new Date();
const y = d.getFullYear();
const m = String(d.getMonth()+1).padStart(2,"0");
const day = String(d.getDate()).padStart(2,"0");
a.download = `telseg_dashboard_backup_${y}${m}${day}.json`;
a.href = URL.createObjectURL(blob);
a.click();
setTimeout(() => URL.revokeObjectURL(a.href), 3000);
}
function importAll(file) {
const reader = new FileReader();
reader.onload = () => {
try {
const data = JSON.parse(String(reader.result || "{}"));
if (!confirm("Importar backup e substituir dados atuais?")) return;
if (data.theme) { localStorage.setItem(STORAGE.THEME, data.theme); document.documentElement.setAttribute("data-theme", data.theme); }
if (Array.isArray(data.units)) saveUnits(data.units);
if (Array.isArray(data.creds)) saveCreds(data.creds);
if (data.vault && data.vault.salt && data.vault.verification) setVault(data.vault);
if (Array.isArray(data.notes)) saveNotes(data.notes);
alert("Importação concluída.");
renderUnits($("#searchUnidades").value);
renderNotes($("#searchNotes").value);
lockVault(); // força rechecagem do cofre
} catch (e) {
alert("Arquivo inválido.");
}
};
reader.readAsText(file);
}
// ------- Inicialização -------
document.addEventListener("DOMContentLoaded", async () => {
loadTheme();
await probeApi();
// Auth flow when API is enabled
if (state.useApi) {
// try existing token
const token = getToken();
if (token) {
try {
const r = await apiFetch('/api/auth/me');
const data = await r.json();
state.auth = data; hideLogin();
applyPermissionsUI();
if (canMaster()) await renderUsers();
} catch { showLogin(); }
} else {
showLogin();
}
}
if (!state.useApi || state.auth?.user) {
await Promise.all([refreshUnits(), refreshCreds(), refreshVault(), refreshNotes()]);
}
updateStorageInfo();
applyPermissionsUI();
$("#themeToggle").addEventListener("click", toggleTheme);
initTabs();
// Unidades
$("#addUnidadeBtn").addEventListener("click", () => openUnidadeModal());
$("#searchUnidades").addEventListener("input", ev => renderUnits(ev.target.value));
$("#unidadeForm").addEventListener("submit", async (ev) => {
ev.preventDefault();
const id = $("#unidadeId").value || uid();
const listBefore = loadUnits();
const idxBefore = listBefore.findIndex(x => x.id === id);
const existing = idxBefore >= 0 ? listBefore[idxBefore] : null;
const item = {
id,
nome: $("#unidadeNome").value.trim(),
dataCriacao: $("#unidadeData").value || todayStr(),
ocs: parseOCs($("#unidadeOCs").value),
link: $("#unidadeLink").value.trim(),
ip: $("#unidadeIP").value.trim(),
login: $("#unidadeLogin").value.trim(),
senha: $("#unidadeSenha").value ? $("#unidadeSenha").value : (existing?.senha || ''),
};
if (!item.nome) { alert("Informe o nome do cliente."); return; }
if (state.useApi) {
const exists = idxBefore >= 0;
await apiFetch(exists ? `/api/units/${encodeURIComponent(id)}` : '/api/units', {
method: exists ? 'PUT' : 'POST',
body: JSON.stringify(item)
});
await refreshUnits();
} else {
const list = listBefore.slice();
if (idxBefore >= 0) list[idxBefore] = item; else list.push(item);
saveUnits(list);
}
$("#unidadeSenha").value = "";
hideModal("unidadeModal");
renderUnits($("#searchUnidades").value);
});
// Fechar modais
document.body.addEventListener("click", (ev) => {
const btn = ev.target.closest("[data-close-modal]");
if (btn) hideModal(btn.getAttribute("data-close-modal"));
});
// Senhas/Cofre
renderVaultGate();
$("#lockVaultBtn").addEventListener("click", lockVault);
$("#searchCreds").addEventListener("input", ev => renderCreds(ev.target.value));
$("#addCredBtn").addEventListener("click", () => {
if (!vaultKey) { alert("Desbloqueie o cofre primeiro."); return; }
openCredModal();
});
// Notas
$("#addNoteBtn").addEventListener("click", () => openNoteModal());
$("#searchNotes").addEventListener("input", ev => renderNotes(ev.target.value));
$("#noteType").addEventListener("change", toggleStepsBlock);
$("#addStepBtn").addEventListener("click", () => {
const input = $("#newStepText");
const text = input.value.trim();
if (!text) return;
editingSteps.push({ id: uid(), text });
input.value = "";
renderSteps();
});
$("#stepsList").addEventListener("click", (ev) => {
const del = ev.target.closest('[data-del]');
const row = ev.target.closest('.step-card');
if (del && row) {
const idx = Number(row.dataset.idx);
editingSteps.splice(idx,1);
renderSteps();
}
});
$("#stepsList").addEventListener("blur", (ev) => {
const row = ev.target.closest('.step-card');
if (!row) return;
const idx = Number(row.dataset.idx);
const textEl = row.querySelector('.text');
if (textEl) editingSteps[idx].text = textEl.textContent.trim();
}, true);
$("#noteForm").addEventListener("submit", async (ev) => {
ev.preventDefault();
const id = $("#noteId").value || uid();
const note = {
id,
title: $("#noteTitle").value.trim(),
body: $("#noteBody").value,
updatedAt: Date.now(),
data: $("#noteType").value === 'passos' ? { type: 'passos', steps: editingSteps.slice() } : { type: 'texto' }
};
if (state.useApi) {
const exists = loadNotes().some(n => n.id === id);
await apiFetch(exists ? `/api/notes/${encodeURIComponent(id)}` : '/api/notes', {
method: exists ? 'PUT' : 'POST',
body: JSON.stringify(note)
});
await refreshNotes();
} else {
const list = loadNotes();
const idx = list.findIndex(n => n.id === id);
if (idx>=0) list[idx] = note; else list.push(note);
saveNotes(list);
}
hideModal('noteModal');
renderNotes($("#searchNotes").value);
});
$("#setVaultForm").addEventListener("submit", async (ev) => {
ev.preventDefault();
const p1 = $("#vaultPass1").value;
const p2 = $("#vaultPass2").value;
if (!p1 || p1 !== p2) { alert("Senhas não conferem."); return; }
const salt = ab2b64(crypto.getRandomValues(new Uint8Array(16)).buffer);
const key = await deriveKey(p1, salt, VAULT_ITERS);
const verification = await encryptString(key, "ok");
const meta = { salt, verification, iterations: VAULT_ITERS, v: 1 };
if (state.useApi) {
await apiFetch('/api/vault', { method: 'PUT', body: JSON.stringify(meta) });
await refreshVault();
} else {
setVault(meta);
}
alert("Cofre configurado. Guarde sua senha mestra!");
$("#vaultPass1").value = ""; $("#vaultPass2").value = "";
unlockVault(p1);
});
$("#unlockVaultForm").addEventListener("submit", async (ev) => {
ev.preventDefault();
const p = $("#vaultUnlockPass").value;
await unlockVault(p);
});
$("#credForm").addEventListener("submit", async (ev) => {
ev.preventDefault();
if (!vaultKey) { alert("Cofre bloqueado."); return; }
const id = $("#credId").value || uid();
const list = loadCreds();
const idx = list.findIndex(x => x.id === id);
const existing = idx >= 0 ? list[idx] : null;
const passwordPlain = $("#credSenha").value; // pode estar vazio ao editar
let passwordEnc = existing?.passwordEnc;
if (passwordPlain) passwordEnc = await encryptString(vaultKey, passwordPlain);
const item = {
id,
nome: $("#credNome").value.trim(),
usuario: $("#credUsuario").value.trim(),
url: $("#credUrl").value.trim(),
notas: $("#credNotas").value.trim(),
passwordEnc,
updatedAt: Date.now(),
};
if (!item.nome) { alert("Informe o nome."); return; }
if (!item.passwordEnc) { alert("Informe a senha."); return; }
if (state.useApi) {
const exists = idx >= 0;
await apiFetch(exists ? `/api/creds/${encodeURIComponent(id)}` : '/api/creds', { method: exists ? 'PUT' : 'POST', body: JSON.stringify(item) });
await refreshCreds();
} else {
if (idx >= 0) list[idx] = item; else list.push(item);
saveCreds(list);
}
hideModal("credModal");
renderCreds($("#searchCreds").value);
});
// Exportar / Importar
$("#exportBtn").addEventListener("click", async () => {
if (state.useApi) {
const r = await apiFetch('/api/export');
const payload = await r.json();
const blob = new Blob([JSON.stringify(payload, null, 2)], { type: "application/json" });
const a = document.createElement("a");
a.download = `telseg_dashboard_backup_api_${new Date().toISOString().slice(0,10)}.json`;
a.href = URL.createObjectURL(blob); a.click(); setTimeout(() => URL.revokeObjectURL(a.href), 3000);
} else {
exportAll();
}
});
$("#importFile").addEventListener("change", async (ev) => {
const f = ev.target.files?.[0]; if (!f) return;
if (state.useApi) {
const text = await f.text();
const data = JSON.parse(text);
if (!confirm("Importar backup e substituir dados atuais no servidor?")) return;
await apiFetch('/api/import', { method: 'POST', body: JSON.stringify(data) });
await Promise.all([refreshUnits(), refreshCreds(), refreshVault(), refreshNotes()]);
lockVault();
renderUnits($("#searchUnidades").value); // re-render
renderNotes($("#searchNotes").value);
} else {
importAll(f);
}
ev.target.value = ""; // permite importar o mesmo arquivo novamente
});
// Login form
const loginForm = document.getElementById('loginForm');
if (loginForm) {
loginForm.addEventListener('submit', async (ev) => {
ev.preventDefault();
const username = document.getElementById('loginUser').value.trim();
const password = document.getElementById('loginPass').value;
try {
const r = await fetch('/api/auth/login', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ username, password }) });
if (!r.ok) throw new Error();
const data = await r.json();
setToken(data.token);
state.auth = { user: data.user };
hideLogin();
applyPermissionsUI();
await Promise.all([refreshUnits(), refreshCreds(), refreshVault(), refreshNotes()]);
if (canMaster()) await renderUsers();
renderUnits(document.getElementById('searchUnidades').value);
renderNotes(document.getElementById('searchNotes').value);
} catch {
alert('Login inválido');
}
});
}
// Render inicial
if (!state.useApi || state.auth?.user) {
renderUnits("");
renderNotes("");
}
});
// ---- Usuários (somente Master) ----
async function renderUsers() {
if (!state.useApi || !canMaster()) return;
try {
const r = await apiFetch('/api/users');
const users = await r.json();
const list = document.getElementById('usersList');
list.innerHTML = users.map(u => {
const p = u.permissions || {};
return `
<article class="card" data-id="${u.id}">
<h4>${escapeHTML(u.username)} ${u.role === 'master' ? '<span class="chip">Master</span>' : ''}</h4>
<div class="grid">
<label><input type="checkbox" data-perm="units_read" ${p.units_read ? 'checked':''}/> OC: ver</label>
<label><input type="checkbox" data-perm="units_write" ${p.units_write ? 'checked':''}/> OC: editar/excluir</label>
<label><input type="checkbox" data-perm="creds_read" ${p.creds_read ? 'checked':''}/> Senhas: ver</label>
<label><input type="checkbox" data-perm="creds_write" ${p.creds_write ? 'checked':''}/> Senhas: editar/excluir</label>
<label><input type="checkbox" data-perm="notes_read" ${p.notes_read ? 'checked':''}/> Notas: ver</label>
<label><input type="checkbox" data-perm="notes_write" ${p.notes_write ? 'checked':''}/> Notas: editar/excluir</label>
</div>
<div class="actions">
<label class="row"><span class="k">Perfil:</span>
<select data-role class="input" style="max-width:160px">
<option value="user" ${u.role==='user'?'selected':''}>Usuário</option>
<option value="master" ${u.role==='master'?'selected':''}>Master</option>
</select>
</label>
<button class="btn small" data-act="reset">Redefinir senha</button>
<button class="btn small danger" data-act="del">Excluir</button>
</div>
</article>`;
}).join('');
// Handlers
list.onchange = async (ev) => {
const card = ev.target.closest('.card'); if (!card) return;
const id = card.dataset.id;
if (ev.target.matches('[data-perm]')) {
// Collect card perms
const inputs = Array.from(card.querySelectorAll('[data-perm]'));
const body = Object.fromEntries(inputs.map(i => [i.getAttribute('data-perm'), i.checked]));
await apiFetch(`/api/users/${encodeURIComponent(id)}/permissions`, { method: 'PUT', body: JSON.stringify(body) });
} else if (ev.target.matches('[data-role]')) {
const role = ev.target.value;
await apiFetch(`/api/users/${encodeURIComponent(id)}`, { method: 'PUT', body: JSON.stringify({ role }) });
await renderUsers();
}
};
list.onclick = async (ev) => {
const card = ev.target.closest('.card'); if (!card) return;
const id = card.dataset.id;
const actBtn = ev.target.closest('[data-act]'); if (!actBtn) return;
if (actBtn.dataset.act === 'reset') {
const pass = prompt('Nova senha:'); if (!pass) return;
await apiFetch(`/api/users/${encodeURIComponent(id)}`, { method: 'PUT', body: JSON.stringify({ password: pass }) });
alert('Senha atualizada');
} else if (actBtn.dataset.act === 'del') {
if (!confirm('Excluir este usuário?')) return;
await apiFetch(`/api/users/${encodeURIComponent(id)}`, { method: 'DELETE' });
await renderUsers();
}
};
} catch (e) {
console.error('renderUsers', e);
}
}
// Create user form
document.addEventListener('DOMContentLoaded', () => {
const form = document.getElementById('userForm');
if (!form) return;
form.addEventListener('submit', async (ev) => {
ev.preventDefault();
const username = document.getElementById('newUserName').value.trim();
const password = document.getElementById('newUserPass').value;
const role = document.getElementById('newUserRole').value;
const body = {
username, password, role,
permissions: {
units_read: document.getElementById('p_units_read').checked,
units_write: document.getElementById('p_units_write').checked,
creds_read: document.getElementById('p_creds_read').checked,
creds_write: document.getElementById('p_creds_write').checked,
notes_read: document.getElementById('p_notes_read').checked,
notes_write: document.getElementById('p_notes_write').checked,
}
};
try {
await apiFetch('/api/users', { method: 'POST', body: JSON.stringify(body) });
form.reset();
await renderUsers();
alert('Usuário criado');
} catch { alert('Falha ao criar usuário'); }
});
});
Reference in New Issue View Git Blame Copy Permalink