Merge pull request #840 from EdiWang/security/remove-reset

Security: Remove System Reset Functionality
EdiWang · Nov 2, 2024 · c6105b7 · c6105b7
2 parents f4bf075 + b30567b
commit c6105b7
Show file tree

Hide file tree

Showing 7 changed files with 0 additions and 108 deletions.
diff --git a/src/Moonglade.Web/Controllers/SettingsController.cs b/src/Moonglade.Web/Controllers/SettingsController.cs
@@ -173,18 +173,6 @@ public async Task<IActionResult> SocialLink(SocialLinkSettingsJsonModel model)
         return NoContent();
     }
 
-    [HttpPost("reset")]
-    [ProducesResponseType(StatusCodes.Status202Accepted)]
-    public async Task<IActionResult> Reset(BlogDbContext context, IHostApplicationLifetime applicationLifetime)
-    {
-        logger.LogWarning($"System reset is requested by '{User.Identity?.Name}', IP: {Helper.GetClientIP(HttpContext)}.");
-
-        await context.ClearAllData();
-
-        applicationLifetime.StopApplication();
-        return Accepted();
-    }
-
     [HttpPost("custom-css")]
     [ProducesResponseType(StatusCodes.Status204NoContent)]
     [ProducesResponseType(StatusCodes.Status400BadRequest)]

diff --git a/src/Moonglade.Web/Pages/Settings/Advanced.cshtml b/src/Moonglade.Web/Pages/Settings/Advanced.cshtml
@@ -30,21 +30,6 @@
             }, 1000);
         }
 
-        document.querySelector('.btn-reset').addEventListener('click', function () {
-            callApi(`/api/settings/reset`, 'POST', {}, () => { });
-
-            var btnReset = document.querySelector('.btn-reset');
-            btnReset.textContent = 'Wait...';
-            btnReset.classList.add('disabled');
-            btnReset.setAttribute('disabled', 'disabled');
-
-            startTimer(30, btnReset);
-
-            setTimeout(function () {
-                location.href = '/';
-            }, 30000);
-        });
-
         document.querySelector('.btn-check-update').addEventListener('click', function () {
             document.querySelector('.spinner-border').style.display = 'block';
             document.querySelector('.alert-has-new-release').style.display = 'none';
@@ -271,23 +256,6 @@
                             </a>
                         </div>
                     </div>
-
-                    <div class="settings-entry row align-items-center py-3 px-2 rounded-3 shadow-sm border">
-                        <div class="col-auto">
-                            <i class="bi-eraser settings-entry-icon"></i>
-                        </div>
-                        <div class="col">
-                            @SharedLocalizer["System Reset"]
-                            <div class="form-text">
-                                @SharedLocalizer["Erase all data and configuration."]
-                            </div>
-                        </div>
-                        <div class="col-md-3 text-end">
-                            <a href="javascript:;" class="btn btn-sm btn-danger" data-bs-toggle="modal" data-bs-target="#resetModal">
-                                @SharedLocalizer["Reset"]
-                            </a>
-                        </div>
-                    </div>
                 </div>
             </div>
         </div>
@@ -298,5 +266,4 @@
 </form>
 
 <partial name="_RestartModal" />
-<partial name="_ResetModal" />
 <partial name="_UpdateCheckCanvas" />
diff --git a/src/Moonglade.Web/Pages/Settings/_ResetModal.cshtml b/src/Moonglade.Web/Pages/Settings/_ResetModal.cshtml
diff --git a/src/Moonglade.Web/Resources/Program.de-DE.resx b/src/Moonglade.Web/Resources/Program.de-DE.resx
@@ -168,9 +168,6 @@
   <data name="Archive" xml:space="preserve">
     <value>Archiv</value>
   </data>
-  <data name="Are you ABSOLUTELY sure? ALL data and configuration will be erased!" xml:space="preserve">
-    <value>Sind sie WIRKLICH sicher? Alle Daten und Konfigurationen werden gelöscht!</value>
-  </data>
   <data name="Are you sure to restart website? All current requests will be terminated." xml:space="preserve">
     <value>Möchten Sie die Webseite wirklich neu starten? Alle aktuellen Anfragen werden verworfen.</value>
   </data>
@@ -393,9 +390,6 @@
   <data name="Environment" xml:space="preserve">
     <value>Umgebung</value>
   </data>
-  <data name="Erase all data and configuration." xml:space="preserve">
-    <value>Alle Daten und Konfigurationen löschen.</value>
-  </data>
   <data name="Export Data" xml:space="preserve">
     <value>Daten exportieren</value>
   </data>
@@ -606,9 +600,6 @@
   <data name="Reply" xml:space="preserve">
     <value>Antworten</value>
   </data>
-  <data name="Reset" xml:space="preserve">
-    <value>Zurücksetzen</value>
-  </data>
   <data name="Reset Password" xml:space="preserve">
     <value>Passwort zurücksetzen</value>
   </data>
@@ -696,9 +687,6 @@
   <data name="System" xml:space="preserve">
     <value>System</value>
   </data>
-  <data name="System Reset" xml:space="preserve">
-    <value>System zurücksetzen</value>
-  </data>
   <data name="Tag name" xml:space="preserve">
     <value>Tagname</value>
   </data>

diff --git a/src/Moonglade.Web/Resources/Program.ja-JP.resx b/src/Moonglade.Web/Resources/Program.ja-JP.resx
@@ -168,9 +168,6 @@
   <data name="Archive" xml:space="preserve">
     <value>鳩</value>
   </data>
-  <data name="Are you ABSOLUTELY sure? ALL data and configuration will be erased!" xml:space="preserve">
-    <value>本当に本当ですか? すべてのデータと設定が消去されます。</value>
-  </data>
   <data name="Are you sure to restart website? All current requests will be terminated." xml:space="preserve">
     <value>あなたはあなたのウェブサイトを再起動してもよろしいですか? 現在のすべての要求が終了します。</value>
   </data>
@@ -393,9 +390,6 @@
   <data name="Environment" xml:space="preserve">
     <value>環境</value>
   </data>
-  <data name="Erase all data and configuration." xml:space="preserve">
-    <value>すべてのデータと設定を消去</value>
-  </data>
   <data name="Export Data" xml:space="preserve">
     <value>データのエクスポート</value>
   </data>
@@ -606,9 +600,6 @@
   <data name="Reply" xml:space="preserve">
     <value>答える</value>
   </data>
-  <data name="Reset" xml:space="preserve">
-    <value>リセット</value>
-  </data>
   <data name="Reset Password" xml:space="preserve">
     <value>パスワードを再設定する</value>
   </data>
@@ -696,9 +687,6 @@
   <data name="System" xml:space="preserve">
     <value>制</value>
   </data>
-  <data name="System Reset" xml:space="preserve">
-    <value>システムリセット</value>
-  </data>
   <data name="Tag name" xml:space="preserve">
     <value>タグ名</value>
   </data>

diff --git a/src/Moonglade.Web/Resources/Program.zh-Hans.resx b/src/Moonglade.Web/Resources/Program.zh-Hans.resx
@@ -171,9 +171,6 @@
   <data name="Archive" xml:space="preserve">
     <value>归档</value>
   </data>
-  <data name="Are you ABSOLUTELY sure? ALL data and configuration will be erased!" xml:space="preserve">
-    <value>你真的确定吗？所有数据和配置都将灰飞烟灭！</value>
-  </data>
   <data name="Are you sure to restart website? All current requests will be terminated." xml:space="preserve">
     <value>你确定要重启网站吗？所有当前请求都会被终止。</value>
   </data>
@@ -399,9 +396,6 @@
   <data name="Environment" xml:space="preserve">
     <value>环境</value>
   </data>
-  <data name="Erase all data and configuration." xml:space="preserve">
-    <value>抹除所有数据及配置</value>
-  </data>
   <data name="Export Data" xml:space="preserve">
     <value>导出数据</value>
   </data>
@@ -630,9 +624,6 @@
   <data name="Reply" xml:space="preserve">
     <value>回复</value>
   </data>
-  <data name="Reset" xml:space="preserve">
-    <value>重置</value>
-  </data>
   <data name="Reset Password" xml:space="preserve">
     <value>重置密码</value>
   </data>
@@ -723,9 +714,6 @@
   <data name="System" xml:space="preserve">
     <value>系统</value>
   </data>
-  <data name="System Reset" xml:space="preserve">
-    <value>系统重置</value>
-  </data>
   <data name="Tag name" xml:space="preserve">
     <value>标签名</value>
   </data>

diff --git a/src/Moonglade.Web/Resources/Program.zh-Hant.resx b/src/Moonglade.Web/Resources/Program.zh-Hant.resx
@@ -171,9 +171,6 @@
   <data name="Archive" xml:space="preserve">
     <value>歸檔時間軸</value>
   </data>
-  <data name="Are you ABSOLUTELY sure? ALL data and configuration will be erased!" xml:space="preserve">
-    <value>你真的確定嗎？所有數據和配置都將灰飛煙滅！</value>
-  </data>
   <data name="Are you sure to restart website? All current requests will be terminated." xml:space="preserve">
     <value>你確定要重啟網站嗎？所有當前請求都會被終止。</value>
   </data>
@@ -624,9 +621,6 @@
   <data name="Reply" xml:space="preserve">
     <value>回復</value>
   </data>
-  <data name="Reset" xml:space="preserve">
-    <value>重置</value>
-  </data>
   <data name="Reset Password" xml:space="preserve">
     <value>重置密碼</value>
   </data>
@@ -717,9 +711,6 @@
   <data name="System" xml:space="preserve">
     <value>系統</value>
   </data>
-  <data name="System Reset" xml:space="preserve">
-    <value>系統重置</value>
-  </data>
   <data name="Tag name" xml:space="preserve">
     <value>標籤名</value>
   </data>