xls-secret-server/server.js at master · braindelay/xls-secret-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
// server.js
// where your node app starts

// init project
const express = require('express');
const fileUpload = require('express-fileupload');
const yaml = require('js-yaml')
const XLSX = require('xlsx')
const SHA512 = require('js-sha512')
const app = express();
app.use(fileUpload())


app.use(express.static('public'));

app.get("/", function (request, response) {
  response.sendFile(__dirname + '/views/index.html');
});

// Just the one endpoint, and no real validation - this is just a simple tool
// for the good Dr Bray to use
app.post("/fileupload", function (request, response) {

  // load the files,it's super important NOT to load the excel doc to any temp folder
  // since it might contain personal information. By loading it into memory we ensure that
  // should the process crash, nothing will be left hanging about on any server
  let config = yaml.load(request.files.configFile.data)
  let workbook = XLSX.read(request.files.workFile.data, {type:'buffer'});

  //apply each translation
  for (var t in config.translations) {
    const translation = config.translations[t]
    const sheet = workbook.Sheets[translation.sheet]
    // but only if the sheet exists
    if (sheet) {
      // if the requested first row is valid, we start from there, otherwise we
      // start from 1
      var row = translation.from_row >= 1 ? translation.from_row : 1

      // the first key column is where the hash will be written
      const target_key = translation.key[0]

      // we keep going until we find an empty target key
      var no_vals = false
      while(!no_vals) {
        //build the key and salt it if requested
        var hash = SHA512.create();
        if(config.salt) {
          hash.update(config.salt)
        }

        // build up the hash
        for (var k in translation.key) {
          const key = translation.key[k]
          const cell_value = sheet[key+row]
          if (cell_value) {
            hash.update(cell_value.v)
            if (translation.hide.indexOf(key)!= -1) {
              sheet[key+row].v = ''
            }
          } else {
            if(target_key == key) {
              no_vals =true
            }
          }
        }


        // write the hash
        if (!no_vals) {
          sheet[target_key + row].v = hash.hex()
        }
        row++
      }

    }
  }

  //now, finally, write out the file
  var fileName = "secret."+request.files.workFile.name;
  response.setHeader('Content-disposition', 'attachment; filename=' + fileName);
  response.setHeader('Content-type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
  var wbout = XLSX.write(workbook, { bookType: 'xlsx', type: 'buffer'});
   response.send(new Buffer(wbout));

});

// listen for requests :)
var listener = app.listen(process.env.PORT, function () {
  console.log('Your app is listening on port ' + listener.address().port);
});