Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Include self in method call

Browse Source
This commit is contained in:
Andrew 2023-07-04 15:02:47 -04:00
parent a00ea06b9f
commit 6396c3079e
4 changed files with 16 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/classes/web/ajax_handler.py
View File

@ -656,14 +656,13 @@ class AjaxHandler(BaseHandler):
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not ( if not (
file_path, self.helper.is_subdir(
Helpers.is_subdir( file_path, Helpers.get_os_understandable_path(server_info["path"])
Helpers.get_os_understandable_path(server_info["path"])
) )
or Helpers.is_subdir( or self.helper.is_subdir(
file_path, file_path,
Helpers.get_os_understandable_path(server_info["backup_path"]), Helpers.get_os_understandable_path(server_info["backup_path"]),
), )
) or not Helpers.check_file_exists(os.path.abspath(file_path)): ) or not Helpers.check_file_exists(os.path.abspath(file_path)):
logger.warning(f"Invalid path in del_backup ajax call ({file_path})") logger.warning(f"Invalid path in del_backup ajax call ({file_path})")
Console.warning(f"Invalid path in del_backup ajax call ({file_path})") Console.warning(f"Invalid path in del_backup ajax call ({file_path})")

72
app/classes/web/file_handler.py
View File

@ -57,7 +57,7 @@ class FileHandler(BaseHandler):
return return
server_id = bleach.clean(server_id) server_id = bleach.clean(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]
@ -163,7 +163,7 @@ class FileHandler(BaseHandler):
return return
server_id = bleach.clean(server_id) server_id = bleach.clean(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]
@ -196,7 +196,7 @@ class FileHandler(BaseHandler):
return return
server_id = bleach.clean(server_id) server_id = bleach.clean(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
dir_path, dir_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]
@ -263,10 +263,10 @@ class FileHandler(BaseHandler):
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not ( if not (
Helpers.is_subdir( self.helper.is_subdir(
file_path, Helpers.get_os_understandable_path(server_info["path"]) file_path, Helpers.get_os_understandable_path(server_info["path"])
) )
or Helpers.is_subdir( or self.helper.is_subdir(
file_path, file_path,
Helpers.get_os_understandable_path(server_info["backup_path"]), Helpers.get_os_understandable_path(server_info["backup_path"]),
) )
@ -296,7 +296,7 @@ class FileHandler(BaseHandler):
server_id = bleach.clean(server_id) server_id = bleach.clean(server_id)
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
dir_path, Helpers.get_os_understandable_path(server_info["path"]) dir_path, Helpers.get_os_understandable_path(server_info["path"])
) or not Helpers.check_path_exists(os.path.abspath(dir_path)): ) or not Helpers.check_path_exists(os.path.abspath(dir_path)):
logger.warning(f"Invalid path in del_file file ajax call ({dir_path})") logger.warning(f"Invalid path in del_file file ajax call ({dir_path})")
@ -348,7 +348,7 @@ class FileHandler(BaseHandler):
return return
server_id = bleach.clean(server_id) server_id = bleach.clean(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]
@ -366,60 +366,6 @@ class FileHandler(BaseHandler):
with open(file_path, "w", encoding="utf-8") as file_object: with open(file_path, "w", encoding="utf-8") as file_object:
file_object.write(file_contents) file_object.write(file_contents)
elif page == "rename_file":
if not permissions["Files"] in user_perms:
if not superuser:
self.redirect("/panel/error?error=Unauthorized access to Files")
return
item_path = Helpers.get_os_understandable_path(
self.get_body_argument("item_path", default=None, strip=True)
)
new_item_name = self.get_body_argument(
"new_item_name", default=None, strip=True
)
if not self.check_server_id(server_id, "rename_file"):
return
server_id = bleach.clean(server_id)
if item_path is None or new_item_name is None:
logger.warning("Invalid path(s) in rename_file file ajax call")
Console.warning("Invalid path(s) in rename_file file ajax call")
return
if not Helpers.is_subdir(
item_path,
Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"]
),
) or not Helpers.check_path_exists(os.path.abspath(item_path)):
logger.warning(
f"Invalid old name path in rename_file file ajax call ({server_id})"
)
Console.warning(
f"Invalid old name path in rename_file file ajax call ({server_id})"
)
return
new_item_path = os.path.join(os.path.split(item_path)[0], new_item_name)
if not Helpers.is_subdir(
new_item_path,
Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"]
),
) or Helpers.check_path_exists(os.path.abspath(new_item_path)):
logger.warning(
f"Invalid new name path in rename_file file ajax call ({server_id})"
)
Console.warning(
f"Invalid new name path in rename_file file ajax call ({server_id})"
)
return
# RENAME
os.rename(item_path, new_item_path)
@tornado.web.authenticated @tornado.web.authenticated
def patch(self, page): def patch(self, page):
api_key, _, exec_user = self.current_user api_key, _, exec_user = self.current_user
@ -462,7 +408,7 @@ class FileHandler(BaseHandler):
Console.warning("Invalid path(s) in rename_file file ajax call") Console.warning("Invalid path(s) in rename_file file ajax call")
return return
if not Helpers.is_subdir( if not self.helper.is_subdir(
item_path, item_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]
@ -478,7 +424,7 @@ class FileHandler(BaseHandler):
new_item_path = os.path.join(os.path.split(item_path)[0], new_item_name) new_item_path = os.path.join(os.path.split(item_path)[0], new_item_name)
if not Helpers.is_subdir( if not self.helper.is_subdir(
new_item_path, new_item_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]

4
app/classes/web/panel_handler.py
View File

@ -808,7 +808,7 @@ class PanelHandler(BaseHandler):
Helpers.get_os_understandable_path(server_info["backup_path"]), file Helpers.get_os_understandable_path(server_info["backup_path"]), file
) )
) )
if not Helpers.is_subdir( if not self.helper.is_subdir(
backup_file, backup_file,
Helpers.get_os_understandable_path(server_info["backup_path"]), Helpers.get_os_understandable_path(server_info["backup_path"]),
) or not os.path.isfile(backup_file): ) or not os.path.isfile(backup_file):
@ -1463,7 +1463,7 @@ class PanelHandler(BaseHandler):
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not Helpers.is_subdir( if not self.helper.is_subdir(
file, file,
Helpers.get_os_understandable_path(server_info["path"]), Helpers.get_os_understandable_path(server_info["path"]),
) or not os.path.isfile(file): ) or not os.path.isfile(file):

2
app/classes/web/upload_handler.py
View File

@ -278,7 +278,7 @@ class UploadHandler(BaseHandler):
filename = self.request.headers.get("X-FileName", None) filename = self.request.headers.get("X-FileName", None)
full_path = os.path.join(path, filename) full_path = os.path.join(path, filename)
if not Helpers.is_subdir( if not self.helper.is_subdir(
full_path, full_path,
Helpers.get_os_understandable_path( Helpers.get_os_understandable_path(
self.controller.servers.get_server_data_by_id(server_id)["path"] self.controller.servers.get_server_data_by_id(server_id)["path"]