Cleanup ajax handler

send audit log entry on stdin call
2024-08-30 18:23:09 +00:00 · 2023-03-02 13:24:49 -05:00 · 2023-03-02 13:24:49 -05:00 · a373943ae6
commit a373943ae6
parent 81e4e7e450
2 changed files with 8 additions and 8 deletions
--- a/app/classes/web/ajax_handler.py
+++ b/app/classes/web/ajax_handler.py
@ -281,13 +281,7 @@ class AjaxHandler(BaseHandler):
            exec_user["user_id"], server_id
        )

-        if page == "send_order":
-            self.controller.users.update_server_order(
-                exec_user["user_id"], bleach.clean(self.get_argument("order"))
-            )
-            return
-
-        elif page == "select_photo":
+        if page == "select_photo":
            if exec_user["superuser"]:
                photo = urllib.parse.unquote(self.get_argument("photo", ""))
                opacity = self.get_argument("opacity", 100)
--- a/app/classes/web/routes/api/servers/server/stdin.py
+++ b/app/classes/web/routes/api/servers/server/stdin.py
@ -35,7 +35,13 @@ class ApiServersServerStdinHandler(BaseApiHandler):
                "Please report this to the devs"
            )
            return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
-
+        decoded = self.request.body.decode("utf-8")
+        self.controller.management.add_to_audit_log(
+            auth_data[4]["user_id"],
+            f"Sent command ({decoded}) to terminal",
+            server_id=0,
+            source_ip=self.get_remote_ip(),
+        )
        if svr.send_command(self.request.body.decode("utf-8")):
            return self.finish_json(
                200,