diff --git a/app/classes/web/routes/api/servers/server/index.py b/app/classes/web/routes/api/servers/server/index.py index a3623beb..35fe7980 100644 --- a/app/classes/web/routes/api/servers/server/index.py +++ b/app/classes/web/routes/api/servers/server/index.py @@ -1,5 +1,6 @@ import logging import json +import shlex from jsonschema import validate from jsonschema.exceptions import ValidationError from playhouse.shortcuts import model_to_dict @@ -13,11 +14,11 @@ server_patch_schema = { "type": "object", "properties": { "server_name": {"type": "string", "minLength": 1}, - "path": {"type": "string", "minLength": 1}, "backup_path": {"type": "string"}, "executable": {"type": "string"}, "log_path": {"type": "string", "minLength": 1}, "execution_command": {"type": "string", "minLength": 1}, + "java_selection": {"type": "string"}, "auto_start": {"type": "boolean"}, "auto_start_delay": {"type": "integer"}, "crash_detection": {"type": "boolean"}, @@ -25,8 +26,27 @@ server_patch_schema = { "executable_update_url": {"type": "string", "minLength": 1}, "server_ip": {"type": "string", "minLength": 1}, "server_port": {"type": "integer"}, + "shutdown_timeout": {"type": "integer"}, "logs_delete_after": {"type": "integer"}, - "type": {"type": "string", "minLength": 1}, + "ignored_exits": {"type": "string"}, + "show_status": {"type": "boolean"}, + }, + "additionalProperties": False, + "minProperties": 1, +} +basic_server_patch_schema = { + "type": "object", + "properties": { + "server_name": {"type": "string", "minLength": 1}, + "executable": {"type": "string"}, + "java_selection": {"type": "string"}, + "auto_start": {"type": "boolean"}, + "auto_start_delay": {"type": "integer"}, + "crash_detection": {"type": "boolean"}, + "stop_command": {"type": "string"}, + "shutdown_timeout": {"type": "integer"}, + "logs_delete_after": {"type": "integer"}, + "ignored_exits": {"type": "string"}, }, "additionalProperties": False, "minProperties": 1, @@ -63,8 +83,12 @@ class ApiServersServerIndexHandler(BaseApiHandler): ) try: - validate(data, server_patch_schema) + if auth_data[4]["superuser"]: + validate(data, server_patch_schema) + else: + validate(data, basic_server_patch_schema) except ValidationError as e: + print(e) return self.finish_json( 400, { @@ -88,9 +112,45 @@ class ApiServersServerIndexHandler(BaseApiHandler): return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"}) server_obj = self.controller.servers.get_server_obj(server_id) + java_flag = False for key in data: # If we don't validate the input there could be security issues + if key == "java_selection" and data[key] != "none": + java_flag = True + try: + if self.helper.is_os_windows(): + execution_list = shlex.split( + server_obj.execution_command, posix=False + ) + else: + execution_list = shlex.split( + server_obj.execution_command, posix=True + ) + except ValueError: + return self.finish_json( + 200, {"status": "error", "error": "INVALID EXECUTION COMMAND"} + ) + if ( + not any( + data[key] in path for path in self.helper.find_java_installs() + ) + and data[key] != "java" + ): + return + if data[key] != "java": + if self.helper.is_os_windows(): + execution_list[0] = '"' + data[key] + '/bin/java"' + else: + execution_list[0] = '"' + data[key] + '"' + else: + execution_list[0] = "java" + execution_command = "" + for item in execution_list: + execution_command += item + " " + setattr(server_obj, "execution_command", execution_command) if key != "path": + if key == "execution_command" and java_flag: + continue setattr(server_obj, key, data[key]) self.controller.servers.update_server(server_obj)