Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding permissions on role_servers with edit

Browse Source
This commit is contained in:
Florian RVT 2021-08-20 00:18:50 +02:00
parent c1ce2b985a
commit 8b66fc3fc4
6 changed files with 166 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
app/classes/shared/controller.py
View File

@ -12,7 +12,7 @@ from distutils import dir_util
from app.classes.shared.helpers import helper
from app.classes.shared.console import console
from app.classes.shared.models import db_helper
from app.classes.shared.models import db_helper, permissions
from app.classes.shared.server import Server
from app.classes.minecraft.server_props import ServerProps
@ -110,6 +110,21 @@ class Controller:
servers = db_helper.get_all_defined_servers()
return servers
@staticmethod
def list_defined_permissions():
permissions_list = permissions.get_permissions_list()
return permissions_list
@staticmethod
def get_mask_permissions(role_id, server_id):
permissions_mask = db_helper.get_permissions_mask(role_id, server_id)
return permissions_mask
@staticmethod
def get_role_permissions(role_id):
permissions_list = db_helper.get_role_permissions_list(role_id)
return permissions_list
@staticmethod
def list_authorized_servers(userId):
servers = db_helper.get_authorized_servers(userId)

78
app/classes/shared/models.py
View File

@ -15,6 +15,7 @@ peewee_logger.setLevel(logging.INFO)
try:
from peewee import *
from playhouse.shortcuts import model_to_dict
from enum import Enum
import yaml
except ModuleNotFoundError as e:
@ -122,6 +123,7 @@ class Servers(Model):
class User_Servers(Model):
user_id = ForeignKeyField(Users, backref='user_server')
server_id = ForeignKeyField(Servers, backref='user_server')
permissions = CharField(default="00000000")
class Meta:
table_name = 'user_servers'
@ -132,6 +134,7 @@ class User_Servers(Model):
class Role_Servers(Model):
role_id = ForeignKeyField(Roles, backref='role_server')
server_id = ForeignKeyField(Servers, backref='role_server')
permissions = CharField(default="00000000")
class Meta:
table_name = 'role_servers'
@ -416,6 +419,20 @@ class db_shortcuts:
roles_list.append(db_helper.get_role(r.role_id)['role_name'])
return roles_list
@staticmethod
def get_permissions_mask(role_id, server_id):
permissions_mask = ''
role_server = Role_Servers.select().where(Role_Servers.role_id == role_id).where(Role_Servers.server_id == server_id).execute()
permissions_mask = role_server.permissions
return permissions_mask
@staticmethod
def get_role_permissions_list(role_id):
permissions_mask = ''
role_server = Role_Servers.select().where(Role_Servers.role_id == role_id).execute()
permissions_mask = role_server[0].permissions
permissions_list = permissions.get_permissions(permissions_mask)
return permissions_list
@staticmethod
def get_authorized_servers_stats_from_roles(user_id):
@ -553,8 +570,8 @@ class db_shortcuts:
return user
@staticmethod
def add_user_server(server_id, user_id):
servers = User_Servers.insert({User_Servers.server_id: server_id, User_Servers.user_id: user_id}).execute()
def add_user_server(server_id, user_id, us_permissions):
servers = User_Servers.insert({User_Servers.server_id: server_id, User_Servers.user_id: user_id, User_Servers.permissions: us_permissions}).execute()
return servers
@ -697,10 +714,11 @@ class db_shortcuts:
return {}
@staticmethod
def update_role(role_id, role_data={}):
def update_role(role_id, role_data={}, permissions_mask="00000000"):
base_data = db_helper.get_role(role_id)
up_data = {}
added_servers = set()
edited_servers = set()
removed_servers = set()
for key in role_data:
if key == "role_id":
@ -714,7 +732,11 @@ class db_shortcuts:
logger.debug("role: {} +server:{} -server{}".format(role_data, added_servers, removed_servers))
with database.atomic():
for server in added_servers:
Role_Servers.get_or_create(role_id=role_id, server_id=server)
Role_Servers.get_or_create(role_id=role_id, server_id=server, permissions=permissions_mask)
for server in base_data['servers']:
role_server = Role_Servers.select().where(Role_Servers.role_id == role_id).where(Role_Servers.server_id == server).get()
role_server.permissions = permissions_mask
Role_Servers.save(role_server)
# TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
Role_Servers.delete().where(Role_Servers.role_id == role_id).where(Role_Servers.server_id.in_(removed_servers)).execute()
if up_data:
@ -928,5 +950,51 @@ class db_shortcuts:
b = Backups.create(**conf)
logger.debug("Creating new backup record.")
class Enum_Permissions(Enum):
Commands = 0
Terminal = 1
Logs = 2
Schedule = 3
Backup = 4
Files = 5
Config = 6
Players = 7
class Permissions_Servers:
@staticmethod
def get_permissions_list():
permissions_list = []
for member in Enum_Permissions.__members__.items():
permissions_list.append(member[1])
return permissions_list
@staticmethod
def get_permissions(permissions_mask):
permissions_list = []
for member in Enum_Permissions.__members__.items():
if permissions.has_permission(permissions_mask, member[1]):
permissions_list.append(member[1])
return permissions_list
@staticmethod
def has_permission(permission_mask, permission_tested):
result = False
if permission_mask[permission_tested.value] == '1':
result = True
return result
@staticmethod
def set_permission(permission_mask, permission_tested, value):
l = list(permission_mask)
l[permission_tested.value] = str(value)
permission_mask = ''.join(l)
return permission_mask
@staticmethod
def get_permission(permission_mask, permission_tested):
return permission_mask[permission_tested.value]
installer = db_builder()
db_helper = db_shortcuts()
db_helper = db_shortcuts()
permissions = Permissions_Servers()

32
app/classes/web/panel_handler.py
View File

@ -12,7 +12,7 @@ from tornado import iostream
from app.classes.shared.console import console
from app.classes.shared.models import Users, installer
from app.classes.web.base_handler import BaseHandler
from app.classes.shared.models import db_helper, Servers
from app.classes.shared.models import db_helper, permissions, Servers, Enum_Permissions
from app.classes.shared.helpers import helper
logger = logging.getLogger(__name__)
@ -319,6 +319,7 @@ class PanelHandler(BaseHandler):
page_data['roles_all'] = db_helper.get_all_roles()
page_data['servers'] = []
page_data['servers_all'] = self.controller.list_defined_servers()
page_data['permissions_all'] = self.controller.list_defined_permissions()
page_data['role-servers'] = []
template = "panel/panel_edit_user.html"
@ -343,6 +344,7 @@ class PanelHandler(BaseHandler):
page_data['role-servers'] = page_role_servers
page_data['roles_all'] = db_helper.get_all_roles()
page_data['servers_all'] = self.controller.list_defined_servers()
page_data['permissions_all'] = self.controller.list_defined_permissions()
if user_id is None:
self.redirect("/panel/error?error=Invalid User ID")
@ -406,6 +408,8 @@ class PanelHandler(BaseHandler):
return
page_data['servers_all'] = self.controller.list_defined_servers()
page_data['permissions_all'] = self.controller.list_defined_permissions()
page_data['permissions_list'] = set()
template = "panel/panel_edit_role.html"
elif page == "edit_role":
@ -421,6 +425,8 @@ class PanelHandler(BaseHandler):
role_id = self.get_argument('id', None)
page_data['role'] = db_helper.get_role(role_id)
page_data['servers_all'] = self.controller.list_defined_servers()
page_data['permissions_all'] = self.controller.list_defined_permissions()
page_data['permissions_list'] = self.controller.get_role_permissions(role_id)
page_data['user-roles'] = user_roles
page_data['users'] = db_helper.get_all_users()
@ -736,12 +742,22 @@ class PanelHandler(BaseHandler):
))
if argument:
servers.add(server['server_id'])
permissions_mask = "00000000"
for permission in self.controller.list_defined_permissions():
argument = int(float(
bleach.clean(
self.get_argument('permission_{}'.format(permission.name), '0')
)
))
if argument:
permissions_mask = permissions.set_permission(permissions_mask, permission, argument)
role_data = {
"role_name": role_name,
"servers": servers
}
db_helper.update_role(role_id, role_data=role_data)
db_helper.update_role(role_id, role_data=role_data, permissions_mask=permissions_mask)
db_helper.add_to_audit_log(exec_user['user_id'],
"Edited role {} (RID:{}) with servers {}".format(role_name, role_id, servers),
@ -774,9 +790,19 @@ class PanelHandler(BaseHandler):
))
if argument:
servers.add(server['server_id'])
permissions_mask = "00000000"
for permission in self.controller.list_defined_permissions():
argument = int(float(
bleach.clean(
self.get_argument('permission_{}'.format(permission.name), '0')
)
))
if argument:
permissions_mask = permissions.set_permission(permissions_mask, permission, argument)
role_id = db_helper.add_role(role_name)
db_helper.update_role(role_id, {"servers": servers})
db_helper.update_role(role_id, {"servers": servers}, permissions_mask)
db_helper.add_to_audit_log(exec_user['user_id'],
"Added role {} (RID:{})".format(role_name, role_id),

2
app/classes/web/server_handler.py
View File

@ -196,7 +196,7 @@ class ServerHandler(BaseHandler):
server_type, server_version = server_parts
# todo: add server type check here and call the correct server add functions if not a jar
new_server_id = self.controller.create_jar_server(server_type, server_version, server_name, min_mem, max_mem, port)
db_helper.add_user_server(new_server_id, exec_user_id)
db_helper.add_user_server(new_server_id, exec_user_id, "11111111")
db_helper.add_to_audit_log(exec_user_data['user_id'],
"created a {} {} server named \"{}\"".format(server_version, str(server_type).capitalize(), server_name), # Example: Admin created a 1.16.5 Bukkit server named "survival"
new_server_id,

29
app/frontend/templates/panel/panel_edit_role.html
View File

@ -93,6 +93,35 @@
</div>
</div>
<div class="form-group">
<label for="server_membership">Permissions <small class="text-muted ml-1"> - permissions this role has on this/these servers </small> </label>
<div class="table-responsive">
<table class="table">
<thead>
<tr class="rounded">
<th>Permission Name</th>
<th>Authorized ?</th>
</tr>
</thead>
<tbody>
{% for permission in data['permissions_all'] %}
<tr>
<td>{{ permission.name }}</td>
<td>
{% if permission in data['permissions_list'] %}
<input type="checkbox" class="form-check-input" id="permission_{{ permission.name }}" name="permission_{{ permission.name }}" checked="" value="1">
{% else %}
<input type="checkbox" class="form-check-input" id="permission_{{ permission.name }}" name="permission_{{ permission.name }}" value="1">
{% end %}
</td>
</tr>
{% end %}
</tbody>
</table>
</div>
</div>
<button type="submit" class="btn btn-success mr-2">Save</button>
<button type="reset" onclick="location.href='/panel/panel_config'" class="btn btn-light">Cancel</button>
</form>

18
app/migrations/20210819155737_permissions.py Normal file
View File

@ -0,0 +1,18 @@
# Generated by database migrator
import peewee
def migrate(migrator, database, **kwargs):
migrator.add_columns('user_servers', permissions=peewee.CharField(default="00000000")) # First argument can be model class OR table name
migrator.add_columns('role_servers', permissions=peewee.CharField(default="00000000")) # First argument can be model class OR table name
"""
Write your migrations here.
"""
def rollback(migrator, database, **kwargs):
migrator.drop_columns('user_servers', ['permissions']) # First argument can be model class OR table name
migrator.drop_columns('role_servers', ['permissions']) # First argument can be model class OR table name
"""
Write your rollback migrations here.
"""