User access to servers operating

This commit is contained in:
Florian RVT 2021-03-09 23:17:50 +01:00
parent 653a4d6bc7
commit 3f0d1871ff
3 changed files with 56 additions and 3 deletions

View File

@ -107,6 +107,11 @@ class Controller:
servers = db_helper.get_all_defined_servers() servers = db_helper.get_all_defined_servers()
return servers return servers
@staticmethod
def list_authorized_servers(userId):
servers = db_helper.get_authorized_servers(userId)
return servers
def get_server_data(self, server_id): def get_server_data(self, server_id):
for s in self.servers_list: for s in self.servers_list:
if int(s['server_id']) == int(server_id): if int(s['server_id']) == int(server_id):

View File

@ -270,6 +270,16 @@ class db_shortcuts:
query = Servers.select() query = Servers.select()
return db_helper.return_rows(query) return db_helper.return_rows(query)
@staticmethod
def get_authorized_servers(userId):
userServers = User_Servers.select().where(User_Servers.user_id == userId)
server_data = []
for u in userServers:
server_data.append(db_helper.get_server_data_by_id(u.server_id))
return server_data
@staticmethod @staticmethod
def get_all_servers_stats(): def get_all_servers_stats():
servers = db_helper.get_all_defined_servers() servers = db_helper.get_all_defined_servers()
@ -280,6 +290,20 @@ class db_shortcuts:
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)}) server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
return server_data return server_data
@staticmethod
def get_authorized_servers_stats(userId):
userServers = User_Servers.select().where(User_Servers.user_id == userId)
authorizedServers = []
server_data = []
for u in userServers:
authorizedServers.append(db_helper.get_server_data_by_id(u.server_id))
for s in authorizedServers:
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
return server_data
@staticmethod @staticmethod
def get_server_stats_by_id(server_id): def get_server_stats_by_id(server_id):
stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1) stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
@ -291,6 +315,16 @@ class db_shortcuts:
return False return False
return True return True
@staticmethod
def server_id_authorized(serverId, userId):
userServer = User_Servers.select().where(User_Servers.server_id == serverId)
authorized = userServer.select().where(User_Servers.user_id == userId)
#authorized = db_helper.return_rows(authorized)
if authorized.count() == 0:
return False
return True
@staticmethod @staticmethod
def get_latest_hosts_stats(): def get_latest_hosts_stats():
query = Host_Stats.select().order_by(Host_Stats.id.desc()).get() query = Host_Stats.select().order_by(Host_Stats.id.desc()).get()

View File

@ -29,7 +29,14 @@ class PanelHandler(BaseHandler):
now = time.time() now = time.time()
formatted_time = str(datetime.datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S')) formatted_time = str(datetime.datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S'))
userId = user_data['user_id']
user = db_helper.get_user(userId)
if user['superuser'] == 1:
defined_servers = controller.list_defined_servers() defined_servers = controller.list_defined_servers()
else:
defined_servers = controller.list_authorized_servers(userId)
page_data = { page_data = {
# todo: make this actually pull and compare version data # todo: make this actually pull and compare version data
@ -81,7 +88,10 @@ class PanelHandler(BaseHandler):
return return
elif page == 'dashboard': elif page == 'dashboard':
if user['superuser'] == 1:
page_data['servers'] = db_helper.get_all_servers_stats() page_data['servers'] = db_helper.get_all_servers_stats()
else:
page_data['servers'] = db_helper.get_authorized_servers_stats(userId)
for s in page_data['servers']: for s in page_data['servers']:
try: try:
@ -107,6 +117,10 @@ class PanelHandler(BaseHandler):
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
return False return False
if not db_helper.server_id_authorized(server_id, userId):
self.redirect("/panel/error?error=Invalid Server ID")
return False
valid_subpages = ['term', 'logs', 'config', 'files', 'admin_controls'] valid_subpages = ['term', 'logs', 'config', 'files', 'admin_controls']
if subpage not in valid_subpages: if subpage not in valid_subpages:
@ -164,7 +178,7 @@ class PanelHandler(BaseHandler):
page_data['user']['created'] = "N/A" page_data['user']['created'] = "N/A"
page_data['user']['last_login'] = "N/A" page_data['user']['last_login'] = "N/A"
page_data['user']['last_ip'] = "N/A" page_data['user']['last_ip'] = "N/A"
page_data['role']['last_update'] = "N/A" page_data['user']['last_update'] = "N/A"
page_data['user']['roles'] = set() page_data['user']['roles'] = set()
page_data['user']['servers'] = set() page_data['user']['servers'] = set()