This commit is contained in:
2026-06-25 22:24:10 -05:00
parent 12e97e3020
commit d27811254d
13 changed files with 1368 additions and 15 deletions

View File

@@ -512,6 +512,7 @@ Payload:
| --- | --- | --- | --- |
| `GET` | `/api/hosts` | User | List host library. |
| `POST` | `/api/hosts` | User | Create host. |
| `POST` | `/api/hosts/:id/rdp-session` | User | Create a short-lived browser RDP launch session for a visible Windows host with an assigned visible username/password credential. Returns a same-origin `/rdp/:token` URL. |
| `GET` | `/api/hosts/import/vcenter/status` | User | Return legacy effective vCenter status plus visible saved VMware connection records. |
| `GET` | `/api/hosts/import/vcenter/connections` | User | List visible saved VMware connections. |
| `POST` | `/api/hosts/import/vcenter/connections` | User | Create a VMware connection record using a Credential Vault `credentialId`. Use `targetType: "vcenter"` for vCenter inventory or `targetType: "host"` for standalone ESXi Web Services inventory. |
@@ -562,6 +563,15 @@ and `sourceRef` to the vCenter VM id. `osFamily` is normalized to `windows`,
infer it from inventory. vCenter imports infer Windows/Linux from VMware Tools
guest identity when available; unknown guests are imported as `other`.
Windows hosts with an assigned visible username/password Credential Vault entry
show an RDP icon in the Hosts table. Clicking it calls
`POST /api/hosts/:id/rdp-session`, opens a same-origin `/rdp/:token`
tab, and renders a browser RDP canvas through `mstsc.js`. The browser receives
only a short-lived opaque launch token; POSHManager resolves the host address
and decrypts the assigned credential server-side. The RDP gateway uses the
default RDP port `3389`; PowerShell remoting `port` metadata remains separate
from RDP launch behavior.
Host Groups let operators aggregate manual, imported, and VMware-sourced hosts
without duplicating RunPlans. Manual groups store an explicit list of visible
host IDs that an operator can add/remove in the Hosts screen. Dynamic groups
@@ -1379,6 +1389,7 @@ on the target platform before broad execution.
- SQLite access uses prepared statements through `node:sqlite`.
- Credential secrets are encrypted with AES-256-GCM and are not returned by API reads.
- Browser RDP sessions use `mstsc.js` with short-lived POSHManager launch tokens; host passwords stay in the API process and are never embedded in the Vue app or launch URL. The upstream `mstsc.js` dependency is legacy and currently brings transitive npm audit findings, so expose `/rdp` only through authenticated POSHManager/reverse-proxy paths and restrict network access to trusted operators.
- Request logs redact authorization and cookie headers.
- Protected routes use JWT auth.
- Admin-only APIs are guarded by `requireAdmin`.