Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into bugfix/require-packaging

Browse Source
This commit is contained in:
Zedifus 2023-09-19 19:13:13 +01:00
commit 81318f641e
7 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -1,7 +1,7 @@
# Changelog
## --- [4.2.0] - 2023/TBD
### New features
- Finish and Activate Arcadia notification backend ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/621))
- Finish and Activate Arcadia notification backend ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/621) | [Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/626))
### Bug fixes
- PWA: Removed the custom offline page in favour of browser default ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/607))
- Fix hidden servers appearing visible on public mobile status page ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/612))
@ -10,9 +10,11 @@
- Bump crypto to resolve #267 & #268 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/622))
### Refactor
- Consolidate remaining frontend functions into API V2, and remove ajax internal API ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/585))
- Replace bleach with nh3 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/628))
### Tweaks
- Polish/Enhance display for InApp Documentation ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/613))
- Add get_users command to Crafty's console ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/620))
- Make files hover cursor pointer ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/627))
### Lang
TBD
<br><br>

4
app/classes/web/base_handler.py
View File

@ -2,7 +2,7 @@ import logging
import re
import typing as t
import orjson
import bleach
import nh3
import tornado.web
from app.classes.models.crafty_permissions import EnumPermissionsCrafty
@ -101,7 +101,7 @@ class BaseHandler(tornado.web.RequestHandler):
if type(text) in self.nobleach:
logger.debug("Auto-bleaching - bypass type")
return text
return bleach.clean(text)
return nh3.clean(text)
def get_argument(
self,

14
app/classes/web/panel_handler.py
View File

@ -7,7 +7,7 @@ import json
import logging
import threading
import urllib.parse
import bleach
import nh3
import requests
import tornado.web
import tornado.escape
@ -67,9 +67,7 @@ class PanelHandler(BaseHandler):
) in self.controller.crafty_perms.list_defined_crafty_permissions():
argument = int(
float(
bleach.clean(
self.get_argument(f"permission_{permission.name}", "0")
)
nh3.clean(self.get_argument(f"permission_{permission.name}", "0"))
)
)
if argument:
@ -78,9 +76,7 @@ class PanelHandler(BaseHandler):
)
q_argument = int(
float(
bleach.clean(self.get_argument(f"quantity_{permission.name}", "0"))
)
float(nh3.clean(self.get_argument(f"quantity_{permission.name}", "0")))
)
if q_argument:
server_quantity[permission.name] = q_argument
@ -479,7 +475,7 @@ class PanelHandler(BaseHandler):
template = "panel/dashboard.html"
elif page == "server_detail":
subpage = bleach.clean(self.get_argument("subpage", ""))
subpage = nh3.clean(self.get_argument("subpage", ""))
server_id = self.check_server_id()
if server_id is None:
@ -1284,7 +1280,7 @@ class PanelHandler(BaseHandler):
template = "panel/panel_edit_user_apikeys.html"
elif page == "remove_user":
user_id = bleach.clean(self.get_argument("id", None))
user_id = nh3.clean(self.get_argument("id", None))
if (
not superuser

14
app/classes/web/public_handler.py
View File

@ -1,5 +1,5 @@
import logging
import bleach
import nh3
from app.classes.shared.helpers import Helpers
from app.classes.models.users import HelperUsers
@ -28,8 +28,8 @@ class PublicHandler(BaseHandler):
# self.clear_cookie("user_data")
def get(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", ""))
error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = {
"version": self.helper.get_version_string(),
@ -82,8 +82,8 @@ class PublicHandler(BaseHandler):
)
def post(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", ""))
error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = {
"version": self.helper.get_version_string(),
@ -100,8 +100,8 @@ class PublicHandler(BaseHandler):
if self.request.query:
next_page = "/login?" + self.request.query
entered_username = bleach.clean(self.get_argument("username"))
entered_password = bleach.clean(self.get_argument("password"))
entered_username = nh3.clean(self.get_argument("username"))
entered_password = nh3.clean(self.get_argument("password"))
# pylint: disable=no-member
try:

1
app/frontend/templates/notify.html
View File

@ -65,6 +65,7 @@
<style>
.badge-notify {
background: var(--purple);
color: var(--dark);
position: absolute;
-moz-transform: translate(-70%, -70%);
/* For Firefox */

3
app/frontend/templates/panel/server_files.html
View File

@ -156,6 +156,9 @@
right: 35px;
}
}
.tree-file:hover{
cursor: pointer;
}
</style>
<ul class="tree-view">
<li>

2
requirements.txt
View File

@ -1,12 +1,12 @@
apscheduler==3.8.1
argon2-cffi==21.3
bleach==4.1
cached_property==1.5.2
colorama==0.4
croniter==1.3.5
cryptography==41.0.3
libgravatar==1.0.0
nh3==0.2.14
packaging==23.1
peewee==3.13
pexpect==4.8