diff --git a/app/classes/web/ajax_handler.py b/app/classes/web/ajax_handler.py
index 0f0cdb4c..4f98d98f 100644
--- a/app/classes/web/ajax_handler.py
+++ b/app/classes/web/ajax_handler.py
@@ -48,7 +48,7 @@ class AjaxHandler(BaseHandler):
if server_id is None:
logger.warning("Server ID not found in server_log ajax call")
self.redirect("/panel/error?error=Server ID Not Found")
- return False
+ return
server_id = bleach.clean(server_id)
@@ -86,14 +86,14 @@ class AjaxHandler(BaseHandler):
file_path = self.get_argument('file_path', None)
server_id = self.get_argument('id', None)
- if not self.check_server_id(server_id, 'get_file'): return False
+ if not self.check_server_id(server_id, 'get_file'): return
else: server_id = bleach.clean(server_id)
if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path)\
or not helper.check_file_exists(os.path.abspath(file_path)):
logger.warning("Invalid path in get_file ajax call ({})".format(file_path))
console.warning("Invalid path in get_file ajax call ({})".format(file_path))
- return False
+ return
error = None
@@ -114,7 +114,7 @@ class AjaxHandler(BaseHandler):
elif page == "get_tree":
server_id = self.get_argument('id', None)
- if not self.check_server_id(server_id, 'get_tree'): return False
+ if not self.check_server_id(server_id, 'get_tree'): return
else: server_id = bleach.clean(server_id)
self.write(db_helper.get_server_data_by_id(server_id)['path'] + '\n' +
@@ -152,14 +152,14 @@ class AjaxHandler(BaseHandler):
server_id = self.get_argument('id', None)
print(server_id)
- if not self.check_server_id(server_id, 'create_file'): return False
+ if not self.check_server_id(server_id, 'create_file'): return
else: server_id = bleach.clean(server_id)
if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path) \
or helper.check_file_exists(os.path.abspath(file_path)):
logger.warning("Invalid path in create_file ajax call ({})".format(file_path))
console.warning("Invalid path in create_file ajax call ({})".format(file_path))
- return False
+ return
# Create the file by opening it
with open(file_path, 'w') as file_object:
@@ -172,14 +172,14 @@ class AjaxHandler(BaseHandler):
server_id = self.get_argument('id', None)
print(server_id)
- if not self.check_server_id(server_id, 'create_dir'): return False
+ if not self.check_server_id(server_id, 'create_dir'): return
else: server_id = bleach.clean(server_id)
if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], dir_path) \
or helper.check_path_exists(os.path.abspath(dir_path)):
logger.warning("Invalid path in create_dir ajax call ({})".format(dir_path))
console.warning("Invalid path in create_dir ajax call ({})".format(dir_path))
- return False
+ return
# Create the directory
os.mkdir(dir_path)
@@ -192,7 +192,7 @@ class AjaxHandler(BaseHandler):
console.warning("delete {} for server {}".format(file_path, server_id))
- if not self.check_server_id(server_id, 'del_file'): return False
+ if not self.check_server_id(server_id, 'del_file'): return
else: server_id = bleach.clean(server_id)
server_info = db_helper.get_server_data_by_id(server_id)
@@ -201,7 +201,7 @@ class AjaxHandler(BaseHandler):
or not helper.check_file_exists(os.path.abspath(file_path)):
logger.warning("Invalid path in del_file ajax call ({})".format(file_path))
console.warning("Invalid path in del_file ajax call ({})".format(file_path))
- return False
+ return
# Delete the file
os.remove(file_path)
@@ -213,7 +213,7 @@ class AjaxHandler(BaseHandler):
console.warning("delete {} for server {}".format(file_path, server_id))
- if not self.check_server_id(server_id, 'del_dir'): return False
+ if not self.check_server_id(server_id, 'del_dir'): return
else: server_id = bleach.clean(server_id)
server_info = db_helper.get_server_data_by_id(server_id)
@@ -221,7 +221,7 @@ class AjaxHandler(BaseHandler):
or not helper.check_path_exists(os.path.abspath(dir_path)):
logger.warning("Invalid path in del_file ajax call ({})".format(dir_path))
console.warning("Invalid path in del_file ajax call ({})".format(dir_path))
- return False
+ return
# Delete the directory
# os.rmdir(dir_path) # Would only remove empty directories
@@ -237,14 +237,14 @@ class AjaxHandler(BaseHandler):
print(file_path)
print(server_id)
- if not self.check_server_id(server_id, 'save_file'): return False
+ if not self.check_server_id(server_id, 'save_file'): return
else: server_id = bleach.clean(server_id)
if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path)\
or not helper.check_file_exists(os.path.abspath(file_path)):
logger.warning("Invalid path in save_file ajax call ({})".format(file_path))
console.warning("Invalid path in save_file ajax call ({})".format(file_path))
- return False
+ return
# Open the file in write mode and store the content in file_object
with open(file_path, 'w') as file_object:
@@ -256,19 +256,19 @@ class AjaxHandler(BaseHandler):
server_id = self.get_argument('id', None)
print(server_id)
- if not self.check_server_id(server_id, 'rename_item'): return False
+ if not self.check_server_id(server_id, 'rename_item'): return
else: server_id = bleach.clean(server_id)
if item_path is None or new_item_name is None:
logger.warning("Invalid path(s) in rename_item ajax call")
console.warning("Invalid path(s) in rename_item ajax call")
- return False
+ return
if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], item_path) \
or not helper.check_path_exists(os.path.abspath(item_path)):
logger.warning("Invalid old name path in rename_item ajax call ({})".format(server_id))
console.warning("Invalid old name path in rename_item ajax call ({})".format(server_id))
- return False
+ return
new_item_path = os.path.join(os.path.split(item_path)[0], new_item_name)
@@ -276,7 +276,7 @@ class AjaxHandler(BaseHandler):
or helper.check_path_exists(os.path.abspath(new_item_path)):
logger.warning("Invalid new name path in rename_item ajax call ({})".format(server_id))
console.warning("Invalid new name path in rename_item ajax call ({})".format(server_id))
- return False
+ return
# RENAME
os.rename(item_path, new_item_path)
@@ -284,7 +284,7 @@ class AjaxHandler(BaseHandler):
if server_id is None:
logger.warning("Server ID not defined in {} ajax call ({})".format(page_name, server_id))
console.warning("Server ID not defined in {} ajax call ({})".format(page_name, server_id))
- return False
+ return
else:
server_id = bleach.clean(server_id)
@@ -292,5 +292,5 @@ class AjaxHandler(BaseHandler):
if not db_helper.server_id_exists(server_id):
logger.warning("Server ID not found in {} ajax call ({})".format(page_name, server_id))
console.warning("Server ID not found in {} ajax call ({})".format(page_name, server_id))
- return False
+ return
return True
diff --git a/app/classes/web/api_handler.py b/app/classes/web/api_handler.py
index 933b6235..50035c9f 100644
--- a/app/classes/web/api_handler.py
+++ b/app/classes/web/api_handler.py
@@ -41,11 +41,11 @@ class ApiHandler(BaseHandler):
else:
logging.debug("Auth unsuccessful")
self.access_denied("unknown", "the user provided an invalid token")
- return False
+ return
except Exception as e:
log.warning("An error occured while authenticating an API user: %s", e)
self.access_denied("unknown"), "an error occured while authenticating the user"
- return False
+ return
class ServersStats(ApiHandler):
diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py
index 98a0b4a1..aade9b2e 100644
--- a/app/classes/web/panel_handler.py
+++ b/app/classes/web/panel_handler.py
@@ -140,7 +140,7 @@ class PanelHandler(BaseHandler):
#if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID")
- return False
+ return
valid_subpages = ['term', 'logs', 'backup', 'config', 'files', 'admin_controls']
@@ -200,7 +200,7 @@ class PanelHandler(BaseHandler):
#if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID")
- return False
+ return
server_info = db_helper.get_server_data_by_id(server_id)
backup_file = os.path.abspath(os.path.join(server_info["backup_path"], file))
@@ -249,7 +249,7 @@ class PanelHandler(BaseHandler):
#if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID")
- return False
+ return
server = self.controller.get_server_obj(server_id).backup_server()
self.redirect("/panel/server_detail?id={}&subpage=backup".format(server_id))
diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py
index 3e9913db..4388f909 100644
--- a/app/classes/web/public_handler.py
+++ b/app/classes/web/public_handler.py
@@ -37,9 +37,6 @@ class PublicHandler(BaseHandler):
def get(self, page=None):
- self.clear_cookie("user")
- self.clear_cookie("user_data")
-
error = bleach.clean(self.get_argument('error', "Invalid Login!"))
page_data = {
@@ -59,9 +56,16 @@ class PublicHandler(BaseHandler):
elif page == "error":
template = "public/error.html"
+ elif page == "logout":
+ self.clear_cookie("user")
+ self.clear_cookie("user_data")
+ self.redirect('/public/login')
+ return
+
# if we have no page, let's go to login
else:
self.redirect('/public/login')
+ return
self.render(
template,
@@ -82,14 +86,18 @@ class PublicHandler(BaseHandler):
# if we don't have a user
if not user_data:
next_page = "/public/error?error=Login Failed"
+ self.clear_cookie("user")
+ self.clear_cookie("user_data")
self.redirect(next_page)
- return False
+ return
# if they are disabled
if not user_data.enabled:
next_page = "/public/error?error=Login Failed"
+ self.clear_cookie("user")
+ self.clear_cookie("user_data")
self.redirect(next_page)
- return False
+ return
login_result = helper.verify_pass(entered_password, user_data.password)
@@ -118,6 +126,8 @@ class PublicHandler(BaseHandler):
next_page = "/panel/dashboard"
self.redirect(next_page)
else:
+ self.clear_cookie("user")
+ self.clear_cookie("user_data")
# log this failed login attempt
db_helper.add_to_audit_log(user_data.user_id, "Tried to log in", 0, self.get_remote_ip())
self.redirect('/public/error?error=Login Failed')
diff --git a/app/classes/web/server_handler.py b/app/classes/web/server_handler.py
index 7768280d..f89fc1e2 100644
--- a/app/classes/web/server_handler.py
+++ b/app/classes/web/server_handler.py
@@ -96,7 +96,7 @@ class ServerHandler(BaseHandler):
for server in db_helper.get_all_defined_servers():
if server['server_name'] == name:
return True
- return False
+ return
server_data = db_helper.get_server_data_by_id(server_id)
server_uuid = server_data.get('server_uuid')
@@ -165,14 +165,14 @@ class ServerHandler(BaseHandler):
if not server_name:
self.redirect("/panel/error?error=Server name cannot be empty!")
- return False
+ return
if import_type == 'import_jar':
good_path = self.controller.verify_jar_server(import_server_path, import_server_jar)
if not good_path:
self.redirect("/panel/error?error=Server path or Server Jar not found!")
- return False
+ return
new_server_id = self.controller.import_jar_server(server_name, import_server_path,import_server_jar, min_mem, max_mem, port)
db_helper.add_to_audit_log(exec_user_data['user_id'],
@@ -184,12 +184,12 @@ class ServerHandler(BaseHandler):
good_path = self.controller.verify_zip_server(import_server_path)
if not good_path:
self.redirect("/panel/error?error=Zip file not found!")
- return False
+ return
new_server_id = self.controller.import_zip_server(server_name, import_server_path,import_server_jar, min_mem, max_mem, port)
if new_server_id == "false":
self.redirect("/panel/error?error=Zip file not accessible! You can fix this permissions issue with sudo chown -R crafty:crafty {} And sudo chmod 2775 -R {}".format(import_server_path, import_server_path))
- return False
+ return
db_helper.add_to_audit_log(exec_user_data['user_id'],
"imported a zip server named \"{}\"".format(server_name), # Example: Admin imported a server named "old creative"
new_server_id,
@@ -197,7 +197,7 @@ class ServerHandler(BaseHandler):
else:
if len(server_parts) != 2:
self.redirect("/panel/error?error=Invalid server data")
- return False
+ return
server_type, server_version = server_parts
# todo: add server type check here and call the correct server add functions if not a jar
new_server_id = self.controller.create_jar_server(server_type, server_version, server_name, min_mem, max_mem, port)
diff --git a/app/frontend/templates/notify.html b/app/frontend/templates/notify.html
index 09e6c7da..5cafcacd 100644
--- a/app/frontend/templates/notify.html
+++ b/app/frontend/templates/notify.html
@@ -29,7 +29,7 @@
{% end %}
Activity
- Sign Out
+ Sign Out
\ No newline at end of file