Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into bugfix/require-packaging

Browse Source
This commit is contained in:
Zedifus 2023-09-19 19:13:13 +01:00
commit 81318f641e
7 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -1,7 +1,7 @@
# Changelog # Changelog
## --- [4.2.0] - 2023/TBD ## --- [4.2.0] - 2023/TBD
### New features ### New features
- Finish and Activate Arcadia notification backend ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/621)) - Finish and Activate Arcadia notification backend ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/621) | [Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/626))
### Bug fixes ### Bug fixes
- PWA: Removed the custom offline page in favour of browser default ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/607)) - PWA: Removed the custom offline page in favour of browser default ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/607))
- Fix hidden servers appearing visible on public mobile status page ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/612)) - Fix hidden servers appearing visible on public mobile status page ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/612))
@ -10,9 +10,11 @@
- Bump crypto to resolve #267 & #268 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/622)) - Bump crypto to resolve #267 & #268 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/622))
### Refactor ### Refactor
- Consolidate remaining frontend functions into API V2, and remove ajax internal API ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/585)) - Consolidate remaining frontend functions into API V2, and remove ajax internal API ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/585))
- Replace bleach with nh3 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/628))
### Tweaks ### Tweaks
- Polish/Enhance display for InApp Documentation ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/613)) - Polish/Enhance display for InApp Documentation ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/613))
- Add get_users command to Crafty's console ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/620)) - Add get_users command to Crafty's console ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/620))
- Make files hover cursor pointer ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/627))
### Lang ### Lang
TBD TBD
<br><br> <br><br>

4
app/classes/web/base_handler.py
View File

@ -2,7 +2,7 @@ import logging
import re import re
import typing as t import typing as t
import orjson import orjson
import bleach import nh3
import tornado.web import tornado.web
from app.classes.models.crafty_permissions import EnumPermissionsCrafty from app.classes.models.crafty_permissions import EnumPermissionsCrafty
@ -101,7 +101,7 @@ class BaseHandler(tornado.web.RequestHandler):
if type(text) in self.nobleach: if type(text) in self.nobleach:
logger.debug("Auto-bleaching - bypass type") logger.debug("Auto-bleaching - bypass type")
return text return text
return bleach.clean(text) return nh3.clean(text)
def get_argument( def get_argument(
self, self,

14
app/classes/web/panel_handler.py
View File

@ -7,7 +7,7 @@ import json
import logging import logging
import threading import threading
import urllib.parse import urllib.parse
import bleach import nh3
import requests import requests
import tornado.web import tornado.web
import tornado.escape import tornado.escape
@ -67,9 +67,7 @@ class PanelHandler(BaseHandler):
) in self.controller.crafty_perms.list_defined_crafty_permissions(): ) in self.controller.crafty_perms.list_defined_crafty_permissions():
argument = int( argument = int(
float( float(
bleach.clean( nh3.clean(self.get_argument(f"permission_{permission.name}", "0"))
self.get_argument(f"permission_{permission.name}", "0")
)
) )
) )
if argument: if argument:
@ -78,9 +76,7 @@ class PanelHandler(BaseHandler):
) )
q_argument = int( q_argument = int(
float( float(nh3.clean(self.get_argument(f"quantity_{permission.name}", "0")))
bleach.clean(self.get_argument(f"quantity_{permission.name}", "0"))
)
) )
if q_argument: if q_argument:
server_quantity[permission.name] = q_argument server_quantity[permission.name] = q_argument
@ -479,7 +475,7 @@ class PanelHandler(BaseHandler):
template = "panel/dashboard.html" template = "panel/dashboard.html"
elif page == "server_detail": elif page == "server_detail":
subpage = bleach.clean(self.get_argument("subpage", "")) subpage = nh3.clean(self.get_argument("subpage", ""))
server_id = self.check_server_id() server_id = self.check_server_id()
if server_id is None: if server_id is None:
@ -1284,7 +1280,7 @@ class PanelHandler(BaseHandler):
template = "panel/panel_edit_user_apikeys.html" template = "panel/panel_edit_user_apikeys.html"
elif page == "remove_user": elif page == "remove_user":
user_id = bleach.clean(self.get_argument("id", None)) user_id = nh3.clean(self.get_argument("id", None))
if ( if (
not superuser not superuser

14
app/classes/web/public_handler.py
View File

@ -1,5 +1,5 @@
import logging import logging
import bleach import nh3
from app.classes.shared.helpers import Helpers from app.classes.shared.helpers import Helpers
from app.classes.models.users import HelperUsers from app.classes.models.users import HelperUsers
@ -28,8 +28,8 @@ class PublicHandler(BaseHandler):
# self.clear_cookie("user_data") # self.clear_cookie("user_data")
def get(self, page=None): def get(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!")) error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", "")) error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = { page_data = {
"version": self.helper.get_version_string(), "version": self.helper.get_version_string(),
@ -82,8 +82,8 @@ class PublicHandler(BaseHandler):
) )
def post(self, page=None): def post(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!")) error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", "")) error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = { page_data = {
"version": self.helper.get_version_string(), "version": self.helper.get_version_string(),
@ -100,8 +100,8 @@ class PublicHandler(BaseHandler):
if self.request.query: if self.request.query:
next_page = "/login?" + self.request.query next_page = "/login?" + self.request.query
entered_username = bleach.clean(self.get_argument("username")) entered_username = nh3.clean(self.get_argument("username"))
entered_password = bleach.clean(self.get_argument("password")) entered_password = nh3.clean(self.get_argument("password"))
# pylint: disable=no-member # pylint: disable=no-member
try: try:

1
app/frontend/templates/notify.html
View File

@ -65,6 +65,7 @@
<style> <style>
.badge-notify { .badge-notify {
background: var(--purple); background: var(--purple);
color: var(--dark);
position: absolute; position: absolute;
-moz-transform: translate(-70%, -70%); -moz-transform: translate(-70%, -70%);
/* For Firefox */ /* For Firefox */

3
app/frontend/templates/panel/server_files.html
View File

@ -156,6 +156,9 @@
right: 35px; right: 35px;
} }
} }
.tree-file:hover{
cursor: pointer;
}
</style> </style>
<ul class="tree-view"> <ul class="tree-view">
<li> <li>

2
requirements.txt
View File

@ -1,12 +1,12 @@
apscheduler==3.8.1 apscheduler==3.8.1
argon2-cffi==21.3 argon2-cffi==21.3
bleach==4.1
cached_property==1.5.2 cached_property==1.5.2
colorama==0.4 colorama==0.4
croniter==1.3.5 croniter==1.3.5
cryptography==41.0.3 cryptography==41.0.3
libgravatar==1.0.0 libgravatar==1.0.0
nh3==0.2.14
packaging==23.1 packaging==23.1
peewee==3.13 peewee==3.13
pexpect==4.8 pexpect==4.8