From c4eaf8184b760485b7643aad365d01fa3ac4c492 Mon Sep 17 00:00:00 2001
From: Gunnar Skjold <gunnar.skjold@gmail.com>
Date: Sat, 10 Dec 2022 09:27:18 +0100
Subject: [PATCH] Check if authenticated to show upgrade links and config
 up/download

---
 lib/SvelteUi/app/src/App.svelte            |  2 +-
 lib/SvelteUi/app/src/lib/Header.svelte     |  6 +++-
 lib/SvelteUi/app/src/lib/StatusPage.svelte | 32 ++++++++++++----------
 lib/SvelteUi/include/AmsWebServer.h        |  2 +-
 lib/SvelteUi/json/data.json                |  3 +-
 lib/SvelteUi/json/sysinfo.json             |  3 +-
 lib/SvelteUi/src/AmsWebServer.cpp          | 12 ++++----
 7 files changed, 36 insertions(+), 24 deletions(-)

diff --git a/lib/SvelteUi/app/src/App.svelte b/lib/SvelteUi/app/src/App.svelte
index 19b4d9c9..785b1688 100644
--- a/lib/SvelteUi/app/src/App.svelte
+++ b/lib/SvelteUi/app/src/App.svelte
@@ -39,7 +39,7 @@
       <ConfigurationPanel sysinfo={sysinfo}/>
     </Route>
     <Route path="/status">
-      <StatusPage sysinfo={sysinfo}/>
+      <StatusPage sysinfo={sysinfo} data={data}/>
     </Route>
     <Route path="/mqtt-ca">
       <FileUploadComponent title="CA" action="/mqtt-ca"/>
diff --git a/lib/SvelteUi/app/src/lib/Header.svelte b/lib/SvelteUi/app/src/lib/Header.svelte
index fd3d2f53..85466def 100644
--- a/lib/SvelteUi/app/src/lib/Header.svelte
+++ b/lib/SvelteUi/app/src/lib/Header.svelte
@@ -87,7 +87,11 @@
           </div>
           {#if sysinfo.fwconsent === 1 && nextVersion}
           <div class="flex-none mr-3 text-yellow-500" title="New version: {nextVersion.tag_name}">
-            <button on:click={askUpgrade} class="flex"><DownloadIcon/> <span class="mt-1">{nextVersion.tag_name}</span></button>
+            {#if sysinfo.security == 0 || data.a}
+            <button on:click={askUpgrade} class="flex"><span class="mt-1">New version: {nextVersion.tag_name}</span> <DownloadIcon/></button>
+            {:else}
+            <span>New version: {nextVersion.tag_name}</span>
+            {/if}
           </div>
           {/if}
         </div> 
diff --git a/lib/SvelteUi/app/src/lib/StatusPage.svelte b/lib/SvelteUi/app/src/lib/StatusPage.svelte
index 66441c55..6091a676 100644
--- a/lib/SvelteUi/app/src/lib/StatusPage.svelte
+++ b/lib/SvelteUi/app/src/lib/StatusPage.svelte
@@ -6,6 +6,7 @@
     import { Link } from 'svelte-navigator';
     import Mask from './Mask.svelte';
   
+    export let data;
     export let sysinfo;
   
     let nextVersion = {};
@@ -112,26 +113,27 @@
             Installed version: {sysinfo.version}
         </div>
         {#if nextVersion}
-        <div class="my-2 flex">
-            Latest version: 
-            <a href={nextVersion.html_url} class="ml-2 text-blue-600 hover:text-blue-800" target='_blank' rel="noreferrer">{nextVersion.tag_name}</a>
-            {#if sysinfo.fwconsent === 1 && nextVersion && nextVersion.tag_name}
-            <div class="flex-none ml-2 text-green-500" title="Install this version">
-                <button on:click={askUpgrade}><DownloadIcon/></button>
+            <div class="my-2 flex">
+                Latest version: 
+                <a href={nextVersion.html_url} class="ml-2 text-blue-600 hover:text-blue-800" target='_blank' rel="noreferrer">{nextVersion.tag_name}</a>
+                {#if (sysinfo.security == 0 || data.a) && sysinfo.fwconsent === 1 && nextVersion && nextVersion.tag_name}
+                <div class="flex-none ml-2 text-green-500" title="Install this version">
+                    <button on:click={askUpgrade}><DownloadIcon/></button>
+                </div>
+                {/if}
+            </div>
+            {#if sysinfo.fwconsent === 2}
+            <div class="my-2">
+                <div class="bd-ylo">You have disabled one-click firmware upgrade, link to self-upgrade is disabled</div>
             </div>
             {/if}
-        </div>
-        {#if sysinfo.fwconsent === 2}
-        <div class="my-2">
-            <div class="bd-ylo">You have disabled one-click firmware upgrade, link to self-upgrade is disabled</div>
-        </div>
         {/if}
-        {/if}
-        {#if sysinfo.board == 2 || sysinfo.board == 4 || sysinfo.board == 7 }
+        {#if (sysinfo.security == 0 || data.a) && (sysinfo.board == 2 || sysinfo.board == 4 || sysinfo.board == 7) }
         <div class="bd-red">
             {boardtype(sysinfo.chip, sysinfo.board)} must be connected to an external power supply during firmware upgrade. Failure to do so may cause power-down during upload resulting in non-functioning unit. 
         </div>
         {/if}
+        {#if sysinfo.security == 0 || data.a}
         <div class="my-2 flex">
             <form action="/firmware" enctype="multipart/form-data" method="post" on:submit={() => firmwareUploading=true}>
                 <input style="display:none" name="file" type="file" accept=".bin" bind:this={firmwareFileInput} bind:files={firmwareFiles}>
@@ -143,7 +145,9 @@
                 {/if}
             </form>
         </div>
+        {/if}
     </div>
+    {#if sysinfo.security == 0 || data.a}
     <div class="cnt">
         <strong class="text-sm">Configuration</strong>
         <form method="get" action="/configfile.cfg">
@@ -172,8 +176,8 @@
             <button type="submit" class="ml-2 text-xs py-1 px-2 rounded bg-blue-500 text-white mr-3">Upload</button>
             {/if}
         </form>
-
     </div>
+    {/if}
 </div>
 <Mask active={firmwareUploading} message="Uploading firmware, please wait"/>
 <Mask active={configUploading} message="Uploading configuration, please wait"/>
diff --git a/lib/SvelteUi/include/AmsWebServer.h b/lib/SvelteUi/include/AmsWebServer.h
index fb747065..1a49ecfb 100644
--- a/lib/SvelteUi/include/AmsWebServer.h
+++ b/lib/SvelteUi/include/AmsWebServer.h
@@ -71,7 +71,7 @@ private:
 	WebServer server;
 #endif
 
-	bool checkSecurity(byte level);
+	bool checkSecurity(byte level, bool send401 = true);
 
 	void indexHtml();
 	void indexJs();
diff --git a/lib/SvelteUi/json/data.json b/lib/SvelteUi/json/data.json
index 6b840e41..00d89d87 100644
--- a/lib/SvelteUi/json/data.json
+++ b/lib/SvelteUi/json/data.json
@@ -59,5 +59,6 @@
     "pr" : "%s",
     "he" : %d,
     "ee" : %d,
-    "c" : %lu
+    "c" : %lu,
+    "a" : %s
 }
\ No newline at end of file
diff --git a/lib/SvelteUi/json/sysinfo.json b/lib/SvelteUi/json/sysinfo.json
index 7844d7ee..77c61290 100644
--- a/lib/SvelteUi/json/sysinfo.json
+++ b/lib/SvelteUi/json/sysinfo.json
@@ -21,5 +21,6 @@
         "mfg": %d,
         "model": "%s",
         "id": "%s"
-    }
+    },
+    "security": %d
 }
\ No newline at end of file
diff --git a/lib/SvelteUi/src/AmsWebServer.cpp b/lib/SvelteUi/src/AmsWebServer.cpp
index 4f79c38e..81b73f37 100644
--- a/lib/SvelteUi/src/AmsWebServer.cpp
+++ b/lib/SvelteUi/src/AmsWebServer.cpp
@@ -141,7 +141,7 @@ void AmsWebServer::loop() {
 	}
 }
 
-bool AmsWebServer::checkSecurity(byte level) {
+bool AmsWebServer::checkSecurity(byte level, bool send401) {
 	bool access = WiFi.getMode() == WIFI_AP || webConfig.security < level;
 	if(!access && webConfig.security >= level && server.hasHeader("Authorization")) {
 		String expectedAuth = String(webConfig.username) + ":" + String(webConfig.password);
@@ -161,7 +161,7 @@ bool AmsWebServer::checkSecurity(byte level) {
 		access = providedPwd.equals(expectedBase64);
 	}
 
-	if(!access) {
+	if(!access && send401) {
 		server.sendHeader(HEADER_AUTHENTICATE, AUTHENTICATE_BASIC);
 		server.setContentLength(0);
 		server.send(401, MIME_HTML, "");
@@ -247,7 +247,8 @@ void AmsWebServer::sysinfoJson() {
 		#endif
 		meterState->getMeterType(),
 		meterState->getMeterModel().c_str(),
-		meterState->getMeterId().c_str()
+		meterState->getMeterId().c_str(),
+		webConfig.security
 	);
 
 	server.sendHeader(HEADER_CACHE_CONTROL, CACHE_CONTROL_NO_CACHE);
@@ -417,7 +418,8 @@ void AmsWebServer::dataJson() {
 		priceRegion.c_str(),
 		meterState->getLastError(),
 		eapi == NULL ? 0 : eapi->getLastError(),
-		(uint32_t) now
+		(uint32_t) now,
+		checkSecurity(1, false) ? "true" : "false"
 	);
 
 	server.sendHeader(HEADER_CACHE_CONTROL, CACHE_CONTROL_NO_CACHE);
@@ -1618,7 +1620,7 @@ void AmsWebServer::mqttKeyUpload() {
 void AmsWebServer::tariffJson() {
 	if(debugger->isActive(RemoteDebug::DEBUG)) debugger->printf("Serving /tariff.json over http...\n");
 
-	if(!checkSecurity(1))
+	if(!checkSecurity(2))
 		return;
 
 	EnergyAccountingConfig* eac = ea->getConfig();