Merge 7c67daf7cc into 7a9191761d

Co-authored-by: Frank Elsinga <frank@elsinga.de>

server/notification-providers/ceredsms.js

@@ -0,0 +1,45 @@
+const NotificationProvider = require("./notification-provider");
+const axios = require("axios");
+
+class CeredSMS extends NotificationProvider {
+
+    name = "ceredsms";
+
+    /**
+     * @inheritdoc
+     */
+    async send(notification, msg, monitorJSON = null, heartbeatJSON = null) {
+        let okMsg = "Sent Successfully.";
+
+        try {
+            let config = {
+                headers: {
+                    "Content-Type": "application/json",
+                }
+            };
+            let data = {
+                "key": notification.ceredsmsApiKey,
+                "from": notification.ceredsmsSenderName,
+                "phone_number": notification.ceredsmsPhoneNumber,
+                "message": msg.replace(/[^\x00-\x7F]/g, "")
+            };
+
+            let resp = await axios.post("https://sms.cered.pl/api/send", data, config);
+            if (!resp.data.message_id) {
+                if (resp.data.message) {
+                    let error = `CeredSMS.pl API returned error message: ${resp.data.error.message}`;
+                    this.throwGeneralAxiosError(error);
+                } else {
+                    let error = "CeredSMS.pl API returned an unexpected response";
+                    this.throwGeneralAxiosError(error);
+                }
+            }
+
+            return okMsg;
+        } catch (error) {
+            this.throwGeneralAxiosError(error);
+        }
+    }
+}
+
+module.exports = CeredSMS;

server/notification-providers/pushdeer.js

@@ -11,7 +11,8 @@ class PushDeer extends NotificationProvider {
     async send(notification, msg, monitorJSON = null, heartbeatJSON = null) {
         const okMsg = "Sent Successfully.";
         const serverUrl = notification.pushdeerServer || "https://api2.pushdeer.com";
-        const url = `${serverUrl.trim().replace(/\/*$/, "")}/message/push`;
+        // capture group below is nessesary to prevent an ReDOS-attack
+        const url = `${serverUrl.trim().replace(/([^/])\/+$/, "$1")}/message/push`;
 
         let valid = msg != null && monitorJSON != null && heartbeatJSON != null;
 

server/notification-providers/whapi.js

@@ -24,7 +24,7 @@ class Whapi extends NotificationProvider {
                 "body": msg,
             };
 
-            let url = (notification.whapiApiUrl || "https://gate.whapi.cloud/").replace(/\/+$/, "") + "/messages/text";
+            let url = (notification.whapiApiUrl || "https://gate.whapi.cloud/").replace(/([^/])\/+$/, "$1") + "/messages/text";
 
             await axios.post(url, data, config);
 

server/notification.js

@@ -69,6 +69,7 @@ const Cellsynt = require("./notification-providers/cellsynt");
 const Onesender = require("./notification-providers/onesender");
 const Wpush = require("./notification-providers/wpush");
 const SendGrid = require("./notification-providers/send-grid");
+const CeredSMS = require("./notification-providers/ceredsms");
 
 class Notification {
 
@@ -154,7 +155,8 @@ class Notification {
             new GtxMessaging(),
             new Cellsynt(),
             new Wpush(),
-            new SendGrid()
+            new SendGrid(),
+            new CeredSMS()
         ];
         for (let item of list) {
             if (! item.name) {

src/components/NotificationDialog.vue

@@ -183,6 +183,7 @@ export default {
                 "ServerChan": "ServerChan (Server酱)",
                 "smsc": "SMSC",
                 "WPush": "WPush(wpush.cn)",
+                "ceredsms": "cered.pl",
             };
 
             // Sort by notification name

src/components/notifications/CeredSMS.vue

@@ -0,0 +1,24 @@
+<template>
+    <div class="mb-3">
+        <label for="ceredsms-key" class="form-label">{{ $t('API Key') }}</label>
+        <HiddenInput id="ceredsms-key" v-model="$parent.notification.ceredsmsApiKey" :required="true" autocomplete="new-password"></HiddenInput>
+    </div>
+    <div class="mb-3">
+        <label for="ceredsms-phone-number" class="form-label">{{ $t("To Phone Number") }}</label>
+        <input id="ceredsms-phone-number" v-model="$parent.notification.ceredsmsPhoneNumber" type="text" class="form-control" required>
+    </div>
+    <div class="mb-3">
+        <label for="ceredsms-sender-name" class="form-label">{{ $t("Originator") }}</label>
+        <input id="ceredsms-sender-name" v-model="$parent.notification.ceredsmsSenderName" type="text" minlength="3" maxlength="11" class="form-control">
+    </div>
+</template>
+
+<script>
+import HiddenInput from "../HiddenInput.vue";
+
+export default {
+    components: {
+        HiddenInput,
+    },
+};
+</script>

src/components/notifications/index.js

@@ -67,6 +67,7 @@ import Cellsynt from "./Cellsynt.vue";
 import WPush from "./WPush.vue";
 import SIGNL4 from "./SIGNL4.vue";
 import SendGrid from "./SendGrid.vue";
+import CeredSMS from "./CeredSMS.vue";
 
 /**
  * Manage all notification form.
@@ -142,6 +143,7 @@ const NotificationFormList = {
     "Cellsynt": Cellsynt,
     "WPush": WPush,
     "SendGrid": SendGrid,
+    "ceredsms": CeredSMS,
 };
 
 export default NotificationFormList;