mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2024-08-30 18:23:09 +00:00
Merge branch 'macgeek_role_manager' into 'dev'
Basic role manager See merge request crafty-controller/crafty-commander!18
This commit is contained in:
commit
307d14ab77
@ -25,14 +25,20 @@ except ModuleNotFoundError as e:
|
|||||||
|
|
||||||
class ServerJars:
|
class ServerJars:
|
||||||
|
|
||||||
def _get_api_result(self, call_url: str):
|
def __init__(self):
|
||||||
base_url = "https://serverjars.com"
|
self.base_url = "https://serverjars.com"
|
||||||
full_url = "{base}{call_url}".format(base=base_url, call_url=call_url)
|
|
||||||
|
|
||||||
|
def _get_api_result(self, call_url: str):
|
||||||
|
full_url = "{base}{call_url}".format(base=self.base_url, call_url=call_url)
|
||||||
|
|
||||||
|
try:
|
||||||
r = requests.get(full_url, timeout=2)
|
r = requests.get(full_url, timeout=2)
|
||||||
|
|
||||||
if r.status_code not in [200, 201]:
|
if r.status_code not in [200, 201]:
|
||||||
return {}
|
return {}
|
||||||
|
except Exception as e:
|
||||||
|
logger.error("Unable to connect to serverjar.com api due to error: {}".format(e))
|
||||||
|
return {}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
api_data = json.loads(r.content)
|
api_data = json.loads(r.content)
|
||||||
@ -66,18 +72,21 @@ class ServerJars:
|
|||||||
data = self._read_cache()
|
data = self._read_cache()
|
||||||
return data.get('servers')
|
return data.get('servers')
|
||||||
|
|
||||||
@staticmethod
|
def _check_api_alive(self):
|
||||||
def _check_api_alive():
|
|
||||||
logger.info("Checking serverjars.com API status")
|
logger.info("Checking serverjars.com API status")
|
||||||
|
|
||||||
check_url = "https://serverjars.com/api/fetchTypes"
|
check_url = "{base}/api/fetchTypes".format(base=self.base_url)
|
||||||
|
try:
|
||||||
r = requests.get(check_url, timeout=2)
|
r = requests.get(check_url, timeout=2)
|
||||||
|
|
||||||
if r.status_code in [200, 201]:
|
if r.status_code in [200, 201]:
|
||||||
logger.info("Serverjars.com API is alive")
|
logger.info("Serverjars.com API is alive")
|
||||||
return True
|
return True
|
||||||
|
except Exception as e:
|
||||||
|
logger.error("Unable to connect to serverjar.com api due to error: {}".format(e))
|
||||||
|
return {}
|
||||||
|
|
||||||
logger.error("unable to contact Serverjars.com api")
|
logger.error("unable to contact serverjars.com api")
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def refresh_cache(self):
|
def refresh_cache(self):
|
||||||
@ -141,12 +150,11 @@ class ServerJars:
|
|||||||
response = self._get_api_result(url)
|
response = self._get_api_result(url)
|
||||||
return response
|
return response
|
||||||
|
|
||||||
@staticmethod
|
def download_jar(self, server, version, path):
|
||||||
def download_jar(server, version, path):
|
fetch_url = "{base}/api/fetchJar/{server}/{version}".format(base=self.base_url, server=server, version=version)
|
||||||
base_url = "https://serverjars.com/api/fetchJar/{server}/{version}".format(server=server, version=version)
|
|
||||||
|
|
||||||
# open a file stream
|
# open a file stream
|
||||||
with requests.get(base_url, timeout=2, stream=True) as r:
|
with requests.get(fetch_url, timeout=2, stream=True) as r:
|
||||||
try:
|
try:
|
||||||
with open(path, 'wb') as output:
|
with open(path, 'wb') as output:
|
||||||
shutil.copyfileobj(r.raw, output)
|
shutil.copyfileobj(r.raw, output)
|
||||||
|
@ -33,29 +33,49 @@ class Users(BaseModel):
|
|||||||
user_id = AutoField()
|
user_id = AutoField()
|
||||||
created = DateTimeField(default=datetime.datetime.now)
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
last_login = DateTimeField(default=datetime.datetime.now)
|
last_login = DateTimeField(default=datetime.datetime.now)
|
||||||
|
last_update = DateTimeField(default=datetime.datetime.now)
|
||||||
last_ip = CharField(default="")
|
last_ip = CharField(default="")
|
||||||
username = CharField(default="")
|
username = CharField(default="", unique=True, index=True)
|
||||||
password = CharField(default="")
|
password = CharField(default="")
|
||||||
enabled = BooleanField(default=True)
|
enabled = BooleanField(default=True)
|
||||||
api_token = CharField(default="")
|
superuser = BooleanField(default=False)
|
||||||
allowed_servers = CharField(default="[]")
|
api_token = CharField(default="", unique=True, index=True) # we may need to revisit this
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
table_name = "users"
|
table_name = "users"
|
||||||
|
|
||||||
|
|
||||||
|
class Roles(BaseModel):
|
||||||
|
role_id = AutoField()
|
||||||
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
|
last_update = DateTimeField(default=datetime.datetime.now)
|
||||||
|
role_name = CharField(default="", unique=True, index=True)
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
table_name = "roles"
|
||||||
|
|
||||||
|
|
||||||
|
class User_Roles(BaseModel):
|
||||||
|
user_id = ForeignKeyField(Users, backref='user_role')
|
||||||
|
role_id = ForeignKeyField(Roles, backref='user_role')
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
table_name = 'user_roles'
|
||||||
|
primary_key = CompositeKey('user_id', 'role_id')
|
||||||
|
|
||||||
|
|
||||||
class Audit_Log(BaseModel):
|
class Audit_Log(BaseModel):
|
||||||
audit_id = AutoField()
|
audit_id = AutoField()
|
||||||
created = DateTimeField(default=datetime.datetime.now)
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
user_name = CharField(default="")
|
user_name = CharField(default="")
|
||||||
user_id = IntegerField(default=0)
|
user_id = IntegerField(default=0, index=True)
|
||||||
source_ip = CharField(default='127.0.0.1')
|
source_ip = CharField(default='127.0.0.1')
|
||||||
server_id = IntegerField(default=None)
|
server_id = IntegerField(default=None, index=True) # When auditing global events, use server ID 0
|
||||||
log_msg = TextField(default='')
|
log_msg = TextField(default='')
|
||||||
|
|
||||||
|
|
||||||
class Host_Stats(BaseModel):
|
class Host_Stats(BaseModel):
|
||||||
time = DateTimeField(default=datetime.datetime.now)
|
time = DateTimeField(default=datetime.datetime.now, index=True)
|
||||||
boot_time = CharField(default="")
|
boot_time = CharField(default="")
|
||||||
cpu_usage = FloatField(default=0)
|
cpu_usage = FloatField(default=0)
|
||||||
cpu_cores = IntegerField(default=0)
|
cpu_cores = IntegerField(default=0)
|
||||||
@ -73,8 +93,8 @@ class Host_Stats(BaseModel):
|
|||||||
class Servers(BaseModel):
|
class Servers(BaseModel):
|
||||||
server_id = AutoField()
|
server_id = AutoField()
|
||||||
created = DateTimeField(default=datetime.datetime.now)
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
server_uuid = CharField(default="")
|
server_uuid = CharField(default="", index=True)
|
||||||
server_name = CharField(default="Server")
|
server_name = CharField(default="Server", index=True)
|
||||||
path = CharField(default="")
|
path = CharField(default="")
|
||||||
executable = CharField(default="")
|
executable = CharField(default="")
|
||||||
log_path = CharField(default="")
|
log_path = CharField(default="")
|
||||||
@ -90,10 +110,28 @@ class Servers(BaseModel):
|
|||||||
table_name = "servers"
|
table_name = "servers"
|
||||||
|
|
||||||
|
|
||||||
|
class User_Servers(BaseModel):
|
||||||
|
user_id = ForeignKeyField(Users, backref='user_server')
|
||||||
|
server_id = ForeignKeyField(Servers, backref='user_server')
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
table_name = 'user_servers'
|
||||||
|
primary_key = CompositeKey('user_id', 'server_id')
|
||||||
|
|
||||||
|
|
||||||
|
class Role_Servers(BaseModel):
|
||||||
|
role_id = ForeignKeyField(Roles, backref='role_server')
|
||||||
|
server_id = ForeignKeyField(Servers, backref='role_server')
|
||||||
|
|
||||||
|
class Meta:
|
||||||
|
table_name = 'role_servers'
|
||||||
|
primary_key = CompositeKey('role_id', 'server_id')
|
||||||
|
|
||||||
|
|
||||||
class Server_Stats(BaseModel):
|
class Server_Stats(BaseModel):
|
||||||
stats_id = AutoField()
|
stats_id = AutoField()
|
||||||
created = DateTimeField(default=datetime.datetime.now)
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
server_id = ForeignKeyField(Servers, backref='server')
|
server_id = ForeignKeyField(Servers, backref='server', index=True)
|
||||||
started = CharField(default="")
|
started = CharField(default="")
|
||||||
running = BooleanField(default=False)
|
running = BooleanField(default=False)
|
||||||
cpu = FloatField(default=0)
|
cpu = FloatField(default=0)
|
||||||
@ -117,8 +155,8 @@ class Server_Stats(BaseModel):
|
|||||||
class Commands(BaseModel):
|
class Commands(BaseModel):
|
||||||
command_id = AutoField()
|
command_id = AutoField()
|
||||||
created = DateTimeField(default=datetime.datetime.now)
|
created = DateTimeField(default=datetime.datetime.now)
|
||||||
server_id = ForeignKeyField(Servers, backref='server')
|
server_id = ForeignKeyField(Servers, backref='server', index=True)
|
||||||
user = ForeignKeyField(Users, backref='user')
|
user = ForeignKeyField(Users, backref='user', index=True)
|
||||||
source_ip = CharField(default='127.0.0.1')
|
source_ip = CharField(default='127.0.0.1')
|
||||||
command = CharField(default='')
|
command = CharField(default='')
|
||||||
executed = BooleanField(default=False)
|
executed = BooleanField(default=False)
|
||||||
@ -129,7 +167,7 @@ class Commands(BaseModel):
|
|||||||
|
|
||||||
class Webhooks(BaseModel):
|
class Webhooks(BaseModel):
|
||||||
id = AutoField()
|
id = AutoField()
|
||||||
name = CharField(max_length=64, unique=True)
|
name = CharField(max_length=64, unique=True, index=True)
|
||||||
method = CharField(default="POST")
|
method = CharField(default="POST")
|
||||||
url = CharField(unique=True)
|
url = CharField(unique=True)
|
||||||
event = CharField(default="")
|
event = CharField(default="")
|
||||||
@ -143,7 +181,7 @@ class Backups(BaseModel):
|
|||||||
directories = CharField()
|
directories = CharField()
|
||||||
storage_location = CharField()
|
storage_location = CharField()
|
||||||
max_backups = IntegerField()
|
max_backups = IntegerField()
|
||||||
server_id = IntegerField()
|
server_id = IntegerField(index=True)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
table_name = 'backups'
|
table_name = 'backups'
|
||||||
@ -157,9 +195,13 @@ class db_builder:
|
|||||||
database.create_tables([
|
database.create_tables([
|
||||||
Backups,
|
Backups,
|
||||||
Users,
|
Users,
|
||||||
|
Roles,
|
||||||
|
User_Roles,
|
||||||
Host_Stats,
|
Host_Stats,
|
||||||
Webhooks,
|
Webhooks,
|
||||||
Servers,
|
Servers,
|
||||||
|
User_Servers,
|
||||||
|
Role_Servers,
|
||||||
Server_Stats,
|
Server_Stats,
|
||||||
Commands,
|
Commands,
|
||||||
Audit_Log
|
Audit_Log
|
||||||
@ -173,16 +215,18 @@ class db_builder:
|
|||||||
|
|
||||||
username = default_data.get("username", 'admin')
|
username = default_data.get("username", 'admin')
|
||||||
password = default_data.get("password", 'crafty')
|
password = default_data.get("password", 'crafty')
|
||||||
api_token = helper.random_string_generator(32)
|
#api_token = helper.random_string_generator(32)
|
||||||
|
#
|
||||||
|
#Users.insert({
|
||||||
|
# Users.username: username.lower(),
|
||||||
|
# Users.password: helper.encode_pass(password),
|
||||||
|
# Users.api_token: api_token,
|
||||||
|
# Users.enabled: True,
|
||||||
|
# Users.superuser: True
|
||||||
|
#}).execute()
|
||||||
|
db_shortcuts.add_user(username, password=password, superuser=True)
|
||||||
|
|
||||||
Users.insert({
|
#console.info("API token is {}".format(api_token))
|
||||||
Users.username: username.lower(),
|
|
||||||
Users.password: helper.encode_pass(password),
|
|
||||||
Users.api_token: api_token,
|
|
||||||
Users.enabled: True
|
|
||||||
}).execute()
|
|
||||||
|
|
||||||
console.info("API token is {}".format(api_token))
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def is_fresh_install():
|
def is_fresh_install():
|
||||||
@ -196,7 +240,8 @@ class db_builder:
|
|||||||
|
|
||||||
class db_shortcuts:
|
class db_shortcuts:
|
||||||
|
|
||||||
def return_rows(self, query):
|
@staticmethod
|
||||||
|
def return_rows(query):
|
||||||
rows = []
|
rows = []
|
||||||
|
|
||||||
try:
|
try:
|
||||||
@ -209,7 +254,8 @@ class db_shortcuts:
|
|||||||
|
|
||||||
return rows
|
return rows
|
||||||
|
|
||||||
def get_server_data_by_id(self, server_id):
|
@staticmethod
|
||||||
|
def get_server_data_by_id(server_id):
|
||||||
try:
|
try:
|
||||||
query = Servers.get_by_id(server_id)
|
query = Servers.get_by_id(server_id)
|
||||||
except DoesNotExist:
|
except DoesNotExist:
|
||||||
@ -217,25 +263,29 @@ class db_shortcuts:
|
|||||||
|
|
||||||
return model_to_dict(query)
|
return model_to_dict(query)
|
||||||
|
|
||||||
def get_all_defined_servers(self):
|
@staticmethod
|
||||||
|
def get_all_defined_servers():
|
||||||
query = Servers.select()
|
query = Servers.select()
|
||||||
return self.return_rows(query)
|
return db_helper.return_rows(query)
|
||||||
|
|
||||||
def get_all_servers_stats(self):
|
@staticmethod
|
||||||
servers = self.get_all_defined_servers()
|
def get_all_servers_stats():
|
||||||
|
servers = db_helper.get_all_defined_servers()
|
||||||
server_data = []
|
server_data = []
|
||||||
|
|
||||||
for s in servers:
|
for s in servers:
|
||||||
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
|
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
|
||||||
server_data.append({'server_data': s, "stats": self.return_rows(latest)})
|
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
|
||||||
return server_data
|
return server_data
|
||||||
|
|
||||||
def get_server_stats_by_id(self, server_id):
|
@staticmethod
|
||||||
|
def get_server_stats_by_id(server_id):
|
||||||
stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
|
stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
|
||||||
return self.return_rows(stats)
|
return db_helper.return_rows(stats)
|
||||||
|
|
||||||
def server_id_exists(self, server_id):
|
@staticmethod
|
||||||
if not self.get_server_data_by_id(server_id):
|
def server_id_exists(server_id):
|
||||||
|
if not db_helper.get_server_data_by_id(server_id):
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
@ -244,24 +294,210 @@ class db_shortcuts:
|
|||||||
query = Host_Stats.select().order_by(Host_Stats.id.desc()).get()
|
query = Host_Stats.select().order_by(Host_Stats.id.desc()).get()
|
||||||
return model_to_dict(query)
|
return model_to_dict(query)
|
||||||
|
|
||||||
def get_all_users(self):
|
@staticmethod
|
||||||
|
def new_api_token():
|
||||||
|
while True:
|
||||||
|
token = helper.random_string_generator(32)
|
||||||
|
test = list(Users.select(Users.user_id).where(Users.api_token == token))
|
||||||
|
if len(test) == 0:
|
||||||
|
return token
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_all_users():
|
||||||
query = Users.select()
|
query = Users.select()
|
||||||
return query
|
return query
|
||||||
|
|
||||||
def get_unactioned_commands(self):
|
@staticmethod
|
||||||
query = Commands.select().where(Commands.executed == 0)
|
def get_all_roles():
|
||||||
return self.return_rows(query)
|
query = Roles.select()
|
||||||
|
return query
|
||||||
|
|
||||||
def get_server_friendly_name(self, server_id):
|
@staticmethod
|
||||||
server_data = self.get_server_data_by_id(server_id)
|
def get_userid_by_name(username):
|
||||||
|
try:
|
||||||
|
return (Users.get(Users.username == username)).user_id
|
||||||
|
except DoesNotExist:
|
||||||
|
return None
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_user(user_id):
|
||||||
|
user = model_to_dict(Users.get(Users.user_id == user_id))
|
||||||
|
|
||||||
|
if user:
|
||||||
|
roles_query = User_Roles.select().join(Roles, JOIN.INNER).where(User_Roles.user_id == user_id)
|
||||||
|
# TODO: this query needs to be narrower
|
||||||
|
roles = set()
|
||||||
|
for r in roles_query:
|
||||||
|
roles.add(r.role_id.role_id)
|
||||||
|
servers_query = User_Servers.select().join(Servers, JOIN.INNER).where(User_Servers.user_id == user_id)
|
||||||
|
# TODO: this query needs to be narrower
|
||||||
|
servers = set()
|
||||||
|
for s in servers_query:
|
||||||
|
servers.add(s.server_id.server_id)
|
||||||
|
user['roles'] = roles
|
||||||
|
user['servers'] = servers
|
||||||
|
logger.debug("user: ({}) {}".format(user_id, user))
|
||||||
|
return user
|
||||||
|
else:
|
||||||
|
logger.debug("user: ({}) {}".format(user_id, {}))
|
||||||
|
return {}
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def update_user(user_id, user_data={}):
|
||||||
|
base_data = db_helper.get_user(user_id)
|
||||||
|
up_data = {}
|
||||||
|
added_roles = set()
|
||||||
|
removed_roles = set()
|
||||||
|
added_servers = set()
|
||||||
|
removed_servers = set()
|
||||||
|
for key in user_data:
|
||||||
|
if key == "user_id":
|
||||||
|
continue
|
||||||
|
elif key == "roles":
|
||||||
|
added_roles = user_data['roles'].difference(base_data['roles'])
|
||||||
|
removed_roles = base_data['roles'].difference(user_data['roles'])
|
||||||
|
elif key == "servers":
|
||||||
|
added_servers = user_data['servers'].difference(base_data['servers'])
|
||||||
|
removed_servers = base_data['servers'].difference(user_data['servers'])
|
||||||
|
elif key == "regen_api":
|
||||||
|
if user_data['regen_api']:
|
||||||
|
up_data['api_token'] = db_shortcuts.new_api_token()
|
||||||
|
elif key == "password":
|
||||||
|
if user_data['password'] is not None and user_data['password'] != "":
|
||||||
|
up_data['password'] = helper.encode_pass(user_data['password'])
|
||||||
|
elif base_data[key] != user_data[key]:
|
||||||
|
up_data[key] = user_data[key]
|
||||||
|
up_data['last_update'] = helper.get_time_as_string()
|
||||||
|
logger.debug("user: {} +role:{} -role:{} +server:{} -server{}".format(user_data, added_roles, removed_roles, added_servers, removed_servers))
|
||||||
|
with database.atomic():
|
||||||
|
for role in added_roles:
|
||||||
|
User_Roles.get_or_create(user_id=user_id, role_id=role)
|
||||||
|
# TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
|
||||||
|
User_Roles.delete().where(User_Roles.user_id == user_id).where(User_Roles.role_id.in_(removed_roles)).execute()
|
||||||
|
|
||||||
|
for server in added_servers:
|
||||||
|
User_Servers.get_or_create(user_id=user_id, server_id=server)
|
||||||
|
# TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
|
||||||
|
User_Servers.delete().where(User_Servers.user_id == user_id).where(User_Servers.server_id.in_(removed_servers)).execute()
|
||||||
|
if up_data:
|
||||||
|
Users.update(up_data).where(Users.user_id == user_id).execute()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def add_user(username, password=None, api_token=None, enabled=True, superuser=False):
|
||||||
|
if password is not None:
|
||||||
|
pw_enc = helper.encode_pass(password)
|
||||||
|
else:
|
||||||
|
pw_enc = None
|
||||||
|
if api_token is None:
|
||||||
|
api_token = db_shortcuts.new_api_token()
|
||||||
|
else:
|
||||||
|
if type(api_token) is not str and len(api_token) != 32:
|
||||||
|
raise ValueError("API token must be a 32 character string")
|
||||||
|
user_id = Users.insert({
|
||||||
|
Users.username: username.lower(),
|
||||||
|
Users.password: pw_enc,
|
||||||
|
Users.api_token: api_token,
|
||||||
|
Users.enabled: enabled,
|
||||||
|
Users.superuser: superuser,
|
||||||
|
Users.created: helper.get_time_as_string()
|
||||||
|
}).execute()
|
||||||
|
return user_id
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def remove_user(user_id):
|
||||||
|
user = Users.get(Users.user_id == user_id)
|
||||||
|
return user.delete_instance()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def user_id_exists(user_id):
|
||||||
|
if not db_shortcuts.get_user(user_id):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_roleid_by_name(role_name):
|
||||||
|
try:
|
||||||
|
return (Roles.get(Roles.role_name == role_name)).role_id
|
||||||
|
except DoesNotExist:
|
||||||
|
return None
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_role(role_id):
|
||||||
|
role = model_to_dict(Roles.get(Roles.role_id == role_id))
|
||||||
|
|
||||||
|
if role:
|
||||||
|
servers_query = Role_Servers.select().join(Servers, JOIN.INNER).where(Role_Servers.role_id == role_id)
|
||||||
|
# TODO: this query needs to be narrower
|
||||||
|
servers = set()
|
||||||
|
for s in servers_query:
|
||||||
|
servers.add(s.server_id.server_id)
|
||||||
|
role['servers'] = servers
|
||||||
|
logger.debug("role: ({}) {}".format(role_id, role))
|
||||||
|
return role
|
||||||
|
else:
|
||||||
|
logger.debug("role: ({}) {}".format(role_id, {}))
|
||||||
|
return {}
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def update_role(role_id, role_data={}):
|
||||||
|
base_data = db_helper.get_role(role_id)
|
||||||
|
up_data = {}
|
||||||
|
added_servers = set()
|
||||||
|
removed_servers = set()
|
||||||
|
for key in role_data:
|
||||||
|
if key == "role_id":
|
||||||
|
continue
|
||||||
|
elif key == "servers":
|
||||||
|
added_servers = role_data['servers'].difference(base_data['servers'])
|
||||||
|
removed_servers = base_data['servers'].difference(role_data['servers'])
|
||||||
|
elif base_data[key] != role_data[key]:
|
||||||
|
up_data[key] = role_data[key]
|
||||||
|
up_data['last_update'] = helper.get_time_as_string()
|
||||||
|
logger.debug("role: {} +server:{} -server{}".format(role_data, added_servers, removed_servers))
|
||||||
|
with database.atomic():
|
||||||
|
for server in added_servers:
|
||||||
|
Role_Servers.get_or_create(role_id=role_id, server_id=server)
|
||||||
|
# TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
|
||||||
|
Role_Servers.delete().where(Role_Servers.role_id == role_id).where(Role_Servers.server_id.in_(removed_servers)).execute()
|
||||||
|
if up_data:
|
||||||
|
Roles.update(up_data).where(Roles.role_id == role_id).execute()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def add_role(role_name):
|
||||||
|
role_id = Roles.insert({
|
||||||
|
Roles.role_name: role_name.lower(),
|
||||||
|
Roles.created: helper.get_time_as_string()
|
||||||
|
}).execute()
|
||||||
|
return role_id
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def remove_role(role_id):
|
||||||
|
role = Roles.get(Roles.role_id == role_id)
|
||||||
|
return role.delete_instance()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def role_id_exists(role_id):
|
||||||
|
if not db_shortcuts.get_role(role_id):
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_unactioned_commands():
|
||||||
|
query = Commands.select().where(Commands.executed == 0)
|
||||||
|
return db_helper.return_rows(query)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_server_friendly_name(server_id):
|
||||||
|
server_data = db_helper.get_server_data_by_id(server_id)
|
||||||
friendly_name = "{}-{}".format(server_data.get('server_id', 0), server_data.get('server_name', None))
|
friendly_name = "{}-{}".format(server_data.get('server_id', 0), server_data.get('server_name', None))
|
||||||
return friendly_name
|
return friendly_name
|
||||||
|
|
||||||
def send_command(self, user_id, server_id, remote_ip, command):
|
@staticmethod
|
||||||
|
def send_command(user_id, server_id, remote_ip, command):
|
||||||
|
|
||||||
server_name = self.get_server_friendly_name(server_id)
|
server_name = db_helper.get_server_friendly_name(server_id)
|
||||||
|
|
||||||
self.add_to_audit_log(user_id, "Issued Command {} for Server: {}".format(command, server_name),
|
db_helper.add_to_audit_log(user_id, "Issued Command {} for Server: {}".format(command, server_name),
|
||||||
server_id, remote_ip)
|
server_id, remote_ip)
|
||||||
|
|
||||||
Commands.insert({
|
Commands.insert({
|
||||||
@ -271,11 +507,13 @@ class db_shortcuts:
|
|||||||
Commands.command: command
|
Commands.command: command
|
||||||
}).execute()
|
}).execute()
|
||||||
|
|
||||||
def get_actity_log(self):
|
@staticmethod
|
||||||
|
def get_actity_log():
|
||||||
q = Audit_Log.select()
|
q = Audit_Log.select()
|
||||||
return self.return_db_rows(q)
|
return db_helper.return_db_rows(q)
|
||||||
|
|
||||||
def return_db_rows(self, model):
|
@staticmethod
|
||||||
|
def return_db_rows(model):
|
||||||
data = [model_to_dict(row) for row in model]
|
data = [model_to_dict(row) for row in model]
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
@ -125,9 +125,150 @@ class PanelHandler(BaseHandler):
|
|||||||
|
|
||||||
elif page == 'panel_config':
|
elif page == 'panel_config':
|
||||||
page_data['users'] = db_helper.get_all_users()
|
page_data['users'] = db_helper.get_all_users()
|
||||||
# print(page_data['users'])
|
page_data['roles'] = db_helper.get_all_roles()
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
for user in page_data['users']:
|
||||||
|
if user.user_id != exec_user['user_id']:
|
||||||
|
user.api_token = "********"
|
||||||
template = "panel/panel_config.html"
|
template = "panel/panel_config.html"
|
||||||
|
|
||||||
|
elif page == "add_user":
|
||||||
|
page_data['new_user'] = True
|
||||||
|
page_data['user'] = {}
|
||||||
|
page_data['user']['username'] = ""
|
||||||
|
page_data['user']['user_id'] = -1
|
||||||
|
page_data['user']['enabled'] = True
|
||||||
|
page_data['user']['superuser'] = False
|
||||||
|
page_data['user']['api_token'] = "N/A"
|
||||||
|
page_data['user']['created'] = "N/A"
|
||||||
|
page_data['user']['last_login'] = "N/A"
|
||||||
|
page_data['user']['last_ip'] = "N/A"
|
||||||
|
page_data['role']['last_update'] = "N/A"
|
||||||
|
page_data['user']['roles'] = set()
|
||||||
|
page_data['user']['servers'] = set()
|
||||||
|
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
|
||||||
|
page_data['roles_all'] = db_helper.get_all_roles()
|
||||||
|
page_data['servers_all'] = controller.list_defined_servers()
|
||||||
|
template = "panel/panel_edit_user.html"
|
||||||
|
|
||||||
|
elif page == "edit_user":
|
||||||
|
page_data['new_user'] = False
|
||||||
|
user_id = self.get_argument('id', None)
|
||||||
|
page_data['user'] = db_helper.get_user(user_id)
|
||||||
|
page_data['roles_all'] = db_helper.get_all_roles()
|
||||||
|
page_data['servers_all'] = controller.list_defined_servers()
|
||||||
|
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif user_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid User ID")
|
||||||
|
return False
|
||||||
|
|
||||||
|
if exec_user['user_id'] != page_data['user']['user_id']:
|
||||||
|
page_data['user']['api_token'] = "********"
|
||||||
|
template = "panel/panel_edit_user.html"
|
||||||
|
|
||||||
|
elif page == "remove_user":
|
||||||
|
user_id = bleach.clean(self.get_argument('id', None))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif user_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid User ID")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
target_user = db_helper.get_user(user_id)
|
||||||
|
if not target_user:
|
||||||
|
self.redirect("/panel/error?error=Invalid User ID")
|
||||||
|
return False
|
||||||
|
elif target_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Cannot remove a superuser")
|
||||||
|
return False
|
||||||
|
|
||||||
|
db_helper.remove_user(user_id)
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Removed user {} (UID:{})".format(target_user['username'], user_id),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
||||||
|
|
||||||
|
elif page == "add_role":
|
||||||
|
page_data['new_role'] = True
|
||||||
|
page_data['role'] = {}
|
||||||
|
page_data['role']['role_name'] = ""
|
||||||
|
page_data['role']['role_id'] = -1
|
||||||
|
page_data['role']['created'] = "N/A"
|
||||||
|
page_data['role']['last_update'] = "N/A"
|
||||||
|
page_data['role']['servers'] = set()
|
||||||
|
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
|
||||||
|
page_data['servers_all'] = controller.list_defined_servers()
|
||||||
|
template = "panel/panel_edit_role.html"
|
||||||
|
|
||||||
|
elif page == "edit_role":
|
||||||
|
page_data['new_role'] = False
|
||||||
|
role_id = self.get_argument('id', None)
|
||||||
|
page_data['role'] = db_helper.get_role(role_id)
|
||||||
|
page_data['servers_all'] = controller.list_defined_servers()
|
||||||
|
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif role_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid Role ID")
|
||||||
|
return False
|
||||||
|
|
||||||
|
template = "panel/panel_edit_role.html"
|
||||||
|
|
||||||
|
elif page == "remove_role":
|
||||||
|
role_id = bleach.clean(self.get_argument('id', None))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif role_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid Role ID")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
target_role = db_helper.get_user(role_id)
|
||||||
|
if not target_role:
|
||||||
|
self.redirect("/panel/error?error=Invalid Role ID")
|
||||||
|
return False
|
||||||
|
|
||||||
|
db_helper.remove_role(role_id)
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Removed role {} (RID:{})".format(target_role['role_name'], role_id),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
||||||
|
|
||||||
elif page == "activity_logs":
|
elif page == "activity_logs":
|
||||||
page_data['audit_logs'] = db_helper.get_actity_log()
|
page_data['audit_logs'] = db_helper.get_actity_log()
|
||||||
|
|
||||||
@ -158,7 +299,13 @@ class PanelHandler(BaseHandler):
|
|||||||
crash_detection = int(float(self.get_argument('crash_detection', '0')))
|
crash_detection = int(float(self.get_argument('crash_detection', '0')))
|
||||||
subpage = self.get_argument('subpage', None)
|
subpage = self.get_argument('subpage', None)
|
||||||
|
|
||||||
if server_id is None:
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user.superuser:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif server_id is None:
|
||||||
self.redirect("/panel/error?error=Invalid Server ID")
|
self.redirect("/panel/error?error=Invalid Server ID")
|
||||||
return False
|
return False
|
||||||
else:
|
else:
|
||||||
@ -185,11 +332,218 @@ class PanelHandler(BaseHandler):
|
|||||||
|
|
||||||
controller.refresh_server_settings(server_id)
|
controller.refresh_server_settings(server_id)
|
||||||
|
|
||||||
user_data = json.loads(self.get_secure_cookie("user_data"))
|
|
||||||
|
|
||||||
db_helper.add_to_audit_log(user_data['user_id'],
|
db_helper.add_to_audit_log(user_data['user_id'],
|
||||||
"Edited server {} named {}".format(server_id, server_name),
|
"Edited server {} named {}".format(server_id, server_name),
|
||||||
server_id,
|
server_id,
|
||||||
self.get_remote_ip())
|
self.get_remote_ip())
|
||||||
|
|
||||||
self.redirect("/panel/server_detail?id={}&subpage=config".format(server_id))
|
self.redirect("/panel/server_detail?id={}&subpage=config".format(server_id))
|
||||||
|
|
||||||
|
elif page == "edit_user":
|
||||||
|
user_id = bleach.clean(self.get_argument('id', None))
|
||||||
|
username = bleach.clean(self.get_argument('username', None))
|
||||||
|
password0 = bleach.clean(self.get_argument('password0', None))
|
||||||
|
password1 = bleach.clean(self.get_argument('password1', None))
|
||||||
|
enabled = int(float(bleach.clean(self.get_argument('enabled'), '0')))
|
||||||
|
regen_api = int(float(bleach.clean(self.get_argument('regen_api', '0'))))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif username is None or username == "":
|
||||||
|
self.redirect("/panel/error?error=Invalid username")
|
||||||
|
return False
|
||||||
|
elif user_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid User ID")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
if not db_helper.user_id_exists(user_id):
|
||||||
|
self.redirect("/panel/error?error=Invalid User ID")
|
||||||
|
return False
|
||||||
|
|
||||||
|
if password0 != password1:
|
||||||
|
self.redirect("/panel/error?error=Passwords must match")
|
||||||
|
return False
|
||||||
|
|
||||||
|
roles = set()
|
||||||
|
for role in db_helper.get_all_roles():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('role_{}_membership'.format(role.role_id), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
roles.add(role.role_id)
|
||||||
|
|
||||||
|
servers = set()
|
||||||
|
for server in controller.list_defined_servers():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('server_{}_access'.format(server['server_id']), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
servers.add(server['server_id'])
|
||||||
|
|
||||||
|
user_data = {
|
||||||
|
"username": username,
|
||||||
|
"password": password0,
|
||||||
|
"enabled": enabled,
|
||||||
|
"regen_api": regen_api,
|
||||||
|
"roles": roles,
|
||||||
|
"servers": servers
|
||||||
|
}
|
||||||
|
db_helper.update_user(user_id, user_data=user_data)
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Edited user {} (UID:{}) with roles {} and servers {}".format(username, user_id, roles, servers),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
||||||
|
|
||||||
|
|
||||||
|
elif page == "add_user":
|
||||||
|
username = bleach.clean(self.get_argument('username', None))
|
||||||
|
password0 = bleach.clean(self.get_argument('password0', None))
|
||||||
|
password1 = bleach.clean(self.get_argument('password1', None))
|
||||||
|
enabled = int(float(bleach.clean(self.get_argument('enabled'), '0')))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif username is None or username == "":
|
||||||
|
self.redirect("/panel/error?error=Invalid username")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
if db_helper.get_userid_by_name(username) is not None:
|
||||||
|
self.redirect("/panel/error?error=User exists")
|
||||||
|
return False
|
||||||
|
|
||||||
|
if password0 != password1:
|
||||||
|
self.redirect("/panel/error?error=Passwords must match")
|
||||||
|
return False
|
||||||
|
|
||||||
|
roles = set()
|
||||||
|
for role in db_helper.get_all_roles():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('role_{}_membership'.format(role.role_id), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
roles.add(role['role_id'])
|
||||||
|
|
||||||
|
servers = set()
|
||||||
|
for server in controller.list_defined_servers():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('server_{}_access'.format(server['server_id']), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
servers.add(server['server_id'])
|
||||||
|
|
||||||
|
user_id = db_helper.add_user(username, password=password0, enabled=enabled)
|
||||||
|
db_helper.update_user(user_id, {"roles":roles, "servers": servers})
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Added user {} (UID:{})".format(username, user_id),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Edited user {} (UID:{}) with roles {} and servers {}".format(username, user_id, roles, servers),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
||||||
|
|
||||||
|
elif page == "edit_role":
|
||||||
|
role_id = bleach.clean(self.get_argument('id', None))
|
||||||
|
role_name = bleach.clean(self.get_argument('role_name', None))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif role_name is None or role_name == "":
|
||||||
|
self.redirect("/panel/error?error=Invalid username")
|
||||||
|
return False
|
||||||
|
elif role_id is None:
|
||||||
|
self.redirect("/panel/error?error=Invalid Role ID")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
if not db_helper.role_id_exists(role_id):
|
||||||
|
self.redirect("/panel/error?error=Invalid Role ID")
|
||||||
|
return False
|
||||||
|
|
||||||
|
servers = set()
|
||||||
|
for server in controller.list_defined_servers():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('server_{}_access'.format(server['server_id']), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
servers.add(server['server_id'])
|
||||||
|
|
||||||
|
role_data = {
|
||||||
|
"role_name": role_name,
|
||||||
|
"servers": servers
|
||||||
|
}
|
||||||
|
db_helper.update_role(role_id, role_data=role_data)
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Edited role {} (RID:{}) with servers {}".format(role_name, role_id, servers),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
||||||
|
|
||||||
|
|
||||||
|
elif page == "add_role":
|
||||||
|
role_name = bleach.clean(self.get_argument('role_name', None))
|
||||||
|
|
||||||
|
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||||
|
exec_user = db_helper.get_user(user_data['user_id'])
|
||||||
|
if not exec_user['superuser']:
|
||||||
|
self.redirect("/panel/error?error=Unauthorized access: not superuser")
|
||||||
|
return False
|
||||||
|
elif role_name is None or role_name == "":
|
||||||
|
self.redirect("/panel/error?error=Invalid role name")
|
||||||
|
return False
|
||||||
|
else:
|
||||||
|
# does this user id exist?
|
||||||
|
if db_helper.get_roleid_by_name(role_name) is not None:
|
||||||
|
self.redirect("/panel/error?error=Role exists")
|
||||||
|
return False
|
||||||
|
|
||||||
|
servers = set()
|
||||||
|
for server in controller.list_defined_servers():
|
||||||
|
argument = int(float(
|
||||||
|
bleach.clean(
|
||||||
|
self.get_argument('server_{}_access'.format(server['server_id']), '0')
|
||||||
|
)
|
||||||
|
))
|
||||||
|
if argument:
|
||||||
|
servers.add(server['server_id'])
|
||||||
|
|
||||||
|
role_id = db_helper.add_role(role_name)
|
||||||
|
db_helper.update_role(role_id, {"servers": servers})
|
||||||
|
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Added role {} (RID:{})".format(role_name, role_id),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
db_helper.add_to_audit_log(exec_user['user_id'],
|
||||||
|
"Edited role {} (RID:{}) with servers {}".format(role_name, role_id, servers),
|
||||||
|
server_id=0,
|
||||||
|
source_ip=self.get_remote_ip())
|
||||||
|
self.redirect("/panel/panel_config")
|
@ -106,7 +106,7 @@ class PublicHandler(BaseHandler):
|
|||||||
cookie_data = {
|
cookie_data = {
|
||||||
"username": user_data.username,
|
"username": user_data.username,
|
||||||
"user_id": user_data.user_id,
|
"user_id": user_data.user_id,
|
||||||
"account_type": user_data.allowed_servers,
|
"account_type": user_data.superuser,
|
||||||
}
|
}
|
||||||
|
|
||||||
self.set_secure_cookie('user_data', json.dumps(cookie_data))
|
self.set_secure_cookie('user_data', json.dumps(cookie_data))
|
||||||
|
@ -66,8 +66,8 @@
|
|||||||
|
|
||||||
</td>
|
</td>
|
||||||
<td>{{ user.api_token }}</td>
|
<td>{{ user.api_token }}</td>
|
||||||
<td>{{ user.allowed_servers}}</td>
|
<td>{{ [] }}</td>
|
||||||
<td><a href="/panel/edit_user?id={{user.id}}"><i class="fas fa-pencil-alt"></i></a></td>
|
<td><a href="/panel/edit_user?id={{user.user_id}}"><i class="fas fa-pencil-alt"></i></a></td>
|
||||||
</tr>
|
</tr>
|
||||||
{% end %}
|
{% end %}
|
||||||
|
|
||||||
@ -77,7 +77,43 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-12 col-lg-12 grid-margin stretch-card">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-header header-sm d-flex justify-content-between align-items-center">
|
||||||
|
<h4 class="card-title"><i class="fas fa-server"></i> Roles</h4>
|
||||||
|
<div class="d-md-none">
|
||||||
|
<small>Can't see everything on mobile?<br /> Try scrolling the table sideways.</small>
|
||||||
|
</div>
|
||||||
|
<div><a class="nav-link" href="/panel/add_role"><i class="fas fa-plus-circle"></i> Add New Role</a></div>
|
||||||
|
</div>
|
||||||
|
<div class="card-body">
|
||||||
|
<div class="table-responsive">
|
||||||
|
<table class="table">
|
||||||
|
<thead>
|
||||||
|
<tr class="rounded">
|
||||||
|
<th>Role</th>
|
||||||
|
<th>Allowed Servers</th>
|
||||||
|
<th>Edit</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{% for role in data['roles'] %}
|
||||||
|
<tr>
|
||||||
|
<td>{{ role.role_name }}</td>
|
||||||
|
<td>{{ [] }}</td>
|
||||||
|
<td><a href="/panel/edit_role?id={{role.role_id}}"><i class="fas fa-pencil-alt"></i></a></td>
|
||||||
|
</tr>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
159
app/frontend/templates/panel/panel_edit_role.html
Normal file
159
app/frontend/templates/panel/panel_edit_role.html
Normal file
@ -0,0 +1,159 @@
|
|||||||
|
{% extends ../base.html %}
|
||||||
|
|
||||||
|
{% block meta %}
|
||||||
|
<!-- <meta http-equiv="refresh" content="60">-->
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
{% block title %}Crafty Controller - Edit Role{% end %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<div class="content-wrapper">
|
||||||
|
|
||||||
|
<!-- Page Title Header Starts-->
|
||||||
|
<div class="row page-title-header">
|
||||||
|
<div class="col-12">
|
||||||
|
<div class="page-header">
|
||||||
|
{% if data['new_role'] %}
|
||||||
|
<h4 class="page-title">
|
||||||
|
New Role
|
||||||
|
<br />
|
||||||
|
<small>RID: N/A</small>
|
||||||
|
</h4>
|
||||||
|
{% else %}
|
||||||
|
<h4 class="page-title">
|
||||||
|
Edit Role - {{ data['role']['role_name'] }}
|
||||||
|
<br />
|
||||||
|
<small>RID: {{ data['role']['role_id'] }}</small>
|
||||||
|
</h4>
|
||||||
|
{% end %}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<!-- Page Title Header Ends-->
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
|
||||||
|
<div class="col-sm-12 grid-margin">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-body pt-0">
|
||||||
|
<ul class="nav nav-tabs col-md-12 tab-simple-styled " role="tablist">
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link active" href="/panel/edit_role?id={{ data['role']['role_name'] }}&subpage=config" role="tab" aria-selected="true">
|
||||||
|
<i class="fas fa-cogs"></i>Config</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" href="/panel/edit_role?id={{ data['role']['role_name'] }}&subpage=other" role="tab" aria-selected="false">
|
||||||
|
<i class="fas fa-folder-tree"></i>Other</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 col-sm-12">
|
||||||
|
{% if data['new_role'] %}
|
||||||
|
<form class="forms-sample" method="post" action="/panel/add_role">
|
||||||
|
{% else %}
|
||||||
|
<form class="forms-sample" method="post" action="/panel/edit_role">
|
||||||
|
{% end %}
|
||||||
|
{% raw xsrf_form_html() %}
|
||||||
|
<input type="hidden" name="id" value="{{ data['role']['role_id'] }}">
|
||||||
|
<input type="hidden" name="subpage" value="config">
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="role_name">Role Name <small class="text-muted ml-1"> - What you wish to call this role</small> </label>
|
||||||
|
<input type="text" class="form-control" name="role_name" id="role_name" value="{{ data['role']['role_name'] }}" placeholder="Role Name" >
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="server_membership">Servers <small class="text-muted ml-1"> - servers this role is allowed to access </small> </label>
|
||||||
|
<div class="table-responsive">
|
||||||
|
<table class="table">
|
||||||
|
<thead>
|
||||||
|
<tr class="rounded">
|
||||||
|
<th>Server Name</th>
|
||||||
|
<th>Access?</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{% for server in data['servers_all'] %}
|
||||||
|
<tr>
|
||||||
|
<td>{{ server['server_name'] }}</td>
|
||||||
|
<td>
|
||||||
|
{% if server['server_id'] in data['role']['servers'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" checked="" value="1">
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" value="1">
|
||||||
|
{% end %}
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<button type="submit" class="btn btn-success mr-2">Save</button>
|
||||||
|
<button type="reset" class="btn btn-light">Cancel</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="col-md-6 col-sm-12">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-body">
|
||||||
|
<h4 class="card-title">Role Config Area</h4>
|
||||||
|
<p class="card-description"> Here is where you can change the configuration of your role</p>
|
||||||
|
<blockquote class="blockquote">
|
||||||
|
<p class="mb-0">
|
||||||
|
Created: {{ str(data['role']['created']) }}
|
||||||
|
<br />
|
||||||
|
Last updated: {{ str(data['role']['last_update']) }}
|
||||||
|
<br />
|
||||||
|
</p>
|
||||||
|
</blockquote>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="text-center">
|
||||||
|
{% if data['new_role'] %}
|
||||||
|
<a class="btn btn-sm btn-danger disabled">Delete Role</a><br />
|
||||||
|
<small>You cannot delete something that does not yet exist</small>
|
||||||
|
{% else %}
|
||||||
|
<a href="/panel/remove_role?id={{ data['role']['role_id'] }}" class="btn btn-sm btn-danger">Delete Role</a>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<!-- content-wrapper ends -->
|
||||||
|
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
{% block js %}
|
||||||
|
<script>
|
||||||
|
|
||||||
|
|
||||||
|
//used to get cookies from browser - this is part of tornados xsrf protection - it's for extra security
|
||||||
|
function getCookie(name) {
|
||||||
|
var r = document.cookie.match("\\b" + name + "=([^;]*)\\b");
|
||||||
|
return r ? r[1] : undefined;
|
||||||
|
}
|
||||||
|
|
||||||
|
$( document ).ready(function() {
|
||||||
|
console.log( "ready!" );
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
</script>
|
||||||
|
|
||||||
|
{% end %}
|
235
app/frontend/templates/panel/panel_edit_user.html
Normal file
235
app/frontend/templates/panel/panel_edit_user.html
Normal file
@ -0,0 +1,235 @@
|
|||||||
|
{% extends ../base.html %}
|
||||||
|
|
||||||
|
{% block meta %}
|
||||||
|
<!-- <meta http-equiv="refresh" content="60">-->
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
{% block title %}Crafty Controller - Edit User{% end %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<div class="content-wrapper">
|
||||||
|
|
||||||
|
<!-- Page Title Header Starts-->
|
||||||
|
<div class="row page-title-header">
|
||||||
|
<div class="col-12">
|
||||||
|
<div class="page-header">
|
||||||
|
{% if data['new_user'] %}
|
||||||
|
<h4 class="page-title">
|
||||||
|
New User
|
||||||
|
<br />
|
||||||
|
<small>UID: N/A</small>
|
||||||
|
</h4>
|
||||||
|
{% else %}
|
||||||
|
<h4 class="page-title">
|
||||||
|
Edit User - {{ data['user']['user_id'] }}
|
||||||
|
<br />
|
||||||
|
<small>UID: {{ data['user']['user_id'] }}</small>
|
||||||
|
</h4>
|
||||||
|
{% end %}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<!-- Page Title Header Ends-->
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
|
||||||
|
<div class="col-sm-12 grid-margin">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-body pt-0">
|
||||||
|
<ul class="nav nav-tabs col-md-12 tab-simple-styled " role="tablist">
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link active" href="/panel/edit_user?id={{ data['user']['username'] }}&subpage=config" role="tab" aria-selected="true">
|
||||||
|
<i class="fas fa-cogs"></i>Config</a>
|
||||||
|
</li>
|
||||||
|
<li class="nav-item">
|
||||||
|
<a class="nav-link" href="/panel/edit_user?id={{ data['user']['username'] }}&subpage=other" role="tab" aria-selected="false">
|
||||||
|
<i class="fas fa-folder-tree"></i>Other</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-md-6 col-sm-12">
|
||||||
|
{% if data['new_user'] %}
|
||||||
|
<form class="forms-sample" method="post" action="/panel/add_user">
|
||||||
|
{% else %}
|
||||||
|
<form class="forms-sample" method="post" action="/panel/edit_user">
|
||||||
|
{% end %}
|
||||||
|
{% raw xsrf_form_html() %}
|
||||||
|
<input type="hidden" name="id" value="{{ data['user']['user_id'] }}">
|
||||||
|
<input type="hidden" name="subpage" value="config">
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="username">User Name <small class="text-muted ml-1"> - What you wish to call this user</small> </label>
|
||||||
|
<input type="text" class="form-control" name="username" id="username" value="{{ data['user']['username'] }}" placeholder="User Name" >
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="password0">Password <small class="text-muted ml-1"></small> </label>
|
||||||
|
<input type="password" class="form-control" name="password0" id="password0" value="" placeholder="Password" >
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="password1">Repeat Password <small class="text-muted ml-1"></small> </label>
|
||||||
|
<input type="password" class="form-control" name="password1" id="password1" value="" placeholder="Repeat Password" >
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="role_membership">Roles <small class="text-muted ml-1"> - the roles this user is a member of</small> </label>
|
||||||
|
<div class="table-responsive">
|
||||||
|
<table class="table">
|
||||||
|
<thead>
|
||||||
|
<tr class="rounded">
|
||||||
|
<th>Role Name</th>
|
||||||
|
<th>Member?</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{% for role in data['roles_all'] %}
|
||||||
|
<tr>
|
||||||
|
<td>{{ role.role_name }}</td>
|
||||||
|
<td>
|
||||||
|
{% if role.role_id in data['user']['roles'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="role_{{ role.role_id }}_membership" name="role_{{ role.role_id }}_membership" checked="" value="1">
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="role_{{ role.role_id }}_membership" name="role_{{ role.role_id }}_membership" value="1">
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="server_membership">Servers <small class="text-muted ml-1"> - servers this user is allowed to access </small> </label>
|
||||||
|
<div class="table-responsive">
|
||||||
|
<table class="table">
|
||||||
|
<thead>
|
||||||
|
<tr class="rounded">
|
||||||
|
<th>Server Name</th>
|
||||||
|
<th>Access?</th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
{% for server in data['servers_all'] %}
|
||||||
|
<tr>
|
||||||
|
<td>{{ server['server_name'] }}</td>
|
||||||
|
<td>
|
||||||
|
{% if server['server_id'] in data['user']['servers'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" checked="" value="1">
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" value="1">
|
||||||
|
{% end %}
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="form-check-flat">
|
||||||
|
<label for="enabled" class="form-check-label ml-4 mb-4">
|
||||||
|
{% if data['user']['enabled'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="enabled" name="enabled" checked="" value="1">Enabled
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="enabled" name="enabled" value="1">Enabled
|
||||||
|
{% end %}
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<label for="regen_api" class="form-check-label ml-4 mb-4">
|
||||||
|
{% if data['new_user'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="regen_api" name="regen_api" checked="" value="1" disabled >Regenerate API Key
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="regen_api" name="regen_api" value="1">Regenerate API Key
|
||||||
|
{% end %}
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<label for="superuser" class="form-check-label ml-4 mb-4">
|
||||||
|
{% if data['user']['superuser'] %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="superuser" name="superuser" checked="" value="1" disabled >Super User
|
||||||
|
{% else %}
|
||||||
|
<input type="checkbox" class="form-check-input" id="superuser" name="superuser" value="1" disabled >Super User
|
||||||
|
{% end %}
|
||||||
|
</label>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<button type="submit" class="btn btn-success mr-2">Save</button>
|
||||||
|
<button type="reset" class="btn btn-light">Cancel</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="col-md-6 col-sm-12">
|
||||||
|
<div class="card">
|
||||||
|
<div class="card-body">
|
||||||
|
<h4 class="card-title">User Config Area</h4>
|
||||||
|
<p class="card-description"> Here is where you can change the configuration of your user</p>
|
||||||
|
<blockquote class="blockquote">
|
||||||
|
<p class="mb-0">
|
||||||
|
Created: {{ str(data['user']['created']) }}
|
||||||
|
<br />
|
||||||
|
Last login: {{ str(data['user']['last_login']) }}
|
||||||
|
<br />
|
||||||
|
Last update: {{ str(data['user']['last_update']) }}
|
||||||
|
<br />
|
||||||
|
Last IP: {{ data['user']['last_ip'] }}
|
||||||
|
<br />
|
||||||
|
API Key: {{ data['user']['api_token'] }}
|
||||||
|
<br />
|
||||||
|
</p>
|
||||||
|
</blockquote>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class="text-center">
|
||||||
|
{% if data['new_user'] %}
|
||||||
|
<a class="btn btn-sm btn-danger disabled">Delete User</a><br />
|
||||||
|
<small>You cannot delete something that does not yet exist</small>
|
||||||
|
{% elif data['user']['superuser'] %}
|
||||||
|
<a class="btn btn-sm btn-danger disabled">Delete User</a><br />
|
||||||
|
<small>You cannot delete a superuser</small>
|
||||||
|
{% else %}
|
||||||
|
<a href="/panel/remove_user?id={{ data['user']['user_id'] }}" class="btn btn-sm btn-danger">Delete User</a>
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<!-- content-wrapper ends -->
|
||||||
|
|
||||||
|
{% end %}
|
||||||
|
|
||||||
|
{% block js %}
|
||||||
|
<script>
|
||||||
|
|
||||||
|
|
||||||
|
//used to get cookies from browser - this is part of tornados xsrf protection - it's for extra security
|
||||||
|
function getCookie(name) {
|
||||||
|
var r = document.cookie.match("\\b" + name + "=([^;]*)\\b");
|
||||||
|
return r ? r[1] : undefined;
|
||||||
|
}
|
||||||
|
|
||||||
|
$( document ).ready(function() {
|
||||||
|
console.log( "ready!" );
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
</script>
|
||||||
|
|
||||||
|
{% end %}
|
0
app/frontend/templates/public/404.html
Executable file → Normal file
0
app/frontend/templates/public/404.html
Executable file → Normal file
0
app/frontend/templates/public/error.html
Executable file → Normal file
0
app/frontend/templates/public/error.html
Executable file → Normal file
0
app/frontend/templates/public/login.html
Executable file → Normal file
0
app/frontend/templates/public/login.html
Executable file → Normal file
0
app/frontend/templates/setup/setup1.html
Executable file → Normal file
0
app/frontend/templates/setup/setup1.html
Executable file → Normal file
Loading…
Reference in New Issue
Block a user