Fixed docker build.

src/node/hooks/express/admin.ts

@@ -1,7 +1,9 @@
 'use strict';
 import {ArgsExpressType} from "../../types/ArgsExpressType";
+import path from "path";
+const settings = require('ep_etherpad-lite/node/utils/Settings');
 
-const eejs = require('../../eejs');
+const ADMIN_PATH = path.join(settings.root, 'src', 'templates', 'admin');
 
 /**
  * Add the admin navigation link
@@ -11,9 +13,19 @@ const eejs = require('../../eejs');
  * @return {*}
  */
 exports.expressCreateServer = (hookName:string, args: ArgsExpressType, cb:Function): any => {
-  args.app.get('/admin', (req:any, res:any) => {
-    if ('/' !== req.path[req.path.length - 1]) return res.redirect('./admin/');
-    res.send(eejs.require('ep_etherpad-lite/templates/admin/index.html', {req}));
-  });
+  args.app.get('/admin/*', (req:any, res:any, next:Function) => {
+      if (req.path.includes('.')) {
+        const relativPath = req.path.split('/admin/')[1];
+        res.sendFile(path.join(ADMIN_PATH, relativPath));
+      } else {
+        res.header('Cache-Control', 'private, no-cache, no-store, must-revalidate');
+        res.header('Expires', '-1');
+        res.header('Pragma', 'no-cache');
+        res.sendFile(path.join(ADMIN_PATH, 'index.html'));
+      }
+    });
+  args.app.get('/admin', (req:any, res:any, next:Function) => {
+      if ('/' !== req.path[req.path.length - 1]) return res.redirect('./admin/');
+  })
   return cb();
 };

src/node/hooks/express/adminplugins.ts

@@ -12,35 +12,7 @@ const installer = require('../../../static/js/pluginfw/installer');
 const pluginDefs = require('../../../static/js/pluginfw/plugin_defs');
 const plugins = require('../../../static/js/pluginfw/plugins');
 const semver = require('semver');
-const UpdateCheck = require('../../utils/UpdateCheck');
 
-exports.expressCreateServer = (hookName:string, args: ArgsExpressType, cb:Function) => {
-  args.app.get('/admin/plugins', (req:any, res:any) => {
-    res.send(eejs.require('ep_etherpad-lite/templates/admin/plugins.html', {
-      plugins: pluginDefs.plugins,
-      req,
-      errors: [],
-    }));
-  });
-
-  args.app.get('/admin/plugins/info', (req:any, res:any) => {
-    const gitCommit = settings.getGitCommit();
-    const epVersion = settings.getEpVersion();
-
-    res.send(eejs.require('ep_etherpad-lite/templates/admin/plugins-info.html', {
-      gitCommit,
-      epVersion,
-      installedPlugins: `<pre>${plugins.formatPlugins().replace(/, /g, '\n')}</pre>`,
-      installedParts: `<pre>${plugins.formatParts()}</pre>`,
-      installedServerHooks: `<div>${plugins.formatHooks('hooks', true)}</div>`,
-      installedClientHooks: `<div>${plugins.formatHooks('client_hooks', true)}</div>`,
-      latestVersion: UpdateCheck.getLatestVersion(),
-      req,
-    }));
-  });
-
-  return cb();
-};
 
 exports.socketio = (hookName:string, args:ArgsExpressType, cb:Function) => {
   const io = args.io.of('/pluginfw/installer');

src/node/hooks/express/adminsettings.ts

@@ -13,16 +13,6 @@ const UpdateCheck = require('../../utils/UpdateCheck');
 const padManager = require('../../db/PadManager');
 const api = require('../../db/API');
 
-exports.expressCreateServer = (hookName:string, {app}:any) => {
-  app.get('/admin/settings', (req:any, res:any) => {
-    res.send(eejs.require('ep_etherpad-lite/templates/admin/settings.html', {
-      req,
-      settings: '',
-      errors: [],
-    }));
-  });
-};
-
 
 const queryPadLimit = 12;
 

src/node/hooks/express/webaccess.ts

@@ -50,7 +50,7 @@ exports.userCanModify = (padId: string, req: SocketClientRequest) => {
 exports.authnFailureDelayMs = 1000;
 
 const checkAccess = async (req:any, res:any, next: Function) => {
-  const requireAdmin = req.path.toLowerCase().startsWith('/admin');
+  const requireAdmin = req.path.toLowerCase().startsWith('/admin-auth');
 
   // ///////////////////////////////////////////////////////////////////////////////////////////////
   // Step 1: Check the preAuthorize hook for early permit/deny (permit is only allowed for non-admin
@@ -126,7 +126,13 @@ const checkAccess = async (req:any, res:any, next: Function) => {
   // completed, or maybe different credentials are required), go to the next step.
   // ///////////////////////////////////////////////////////////////////////////////////////////////
 
-  if (await authorize()) return next();
+  if (await authorize()) {
+    if(requireAdmin) {
+        res.status(200).send('Authorized')
+        return
+    }
+    return next();
+  }
 
   // ///////////////////////////////////////////////////////////////////////////////////////////////
   // Step 3: Authenticate the user. (Or, if already logged in, reauthenticate with different
@@ -163,7 +169,7 @@ const checkAccess = async (req:any, res:any, next: Function) => {
       if (await aCallFirst0('authnFailure', {req, res})) return;
       if (await aCallFirst0('authFailure', {req, res, next})) return;
       // No plugin handled the authentication failure. Fall back to basic authentication.
-      res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
+      //res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
       // Delay the error response for 1s to slow down brute force attacks.
       await new Promise((resolve) => setTimeout(resolve, exports.authnFailureDelayMs));
       res.status(401).send('Authentication Required');
@@ -188,7 +194,13 @@ const checkAccess = async (req:any, res:any, next: Function) => {
   // a login page).
   // ///////////////////////////////////////////////////////////////////////////////////////////////
 
-  if (await authorize()) return next();
+  const auth = await authorize()
+  if (auth && !requireAdmin) return next();
+  if(auth && requireAdmin) {
+    res.status(200).send('Authorized')
+    return
+  }
+
   if (await aCallFirst0('authzFailure', {req, res})) return;
   if (await aCallFirst0('authFailure', {req, res, next})) return;
   // No plugin handled the authorization failure.