Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'refactor/subpages' into 'dev'

Browse Source 
Refactor subpage perm checks

See merge request crafty-controller/crafty-4!695
This commit is contained in:
Iain Powrie 2024-01-28 23:26:55 +00:00
commit ad20d4bc95
2 changed files with 54 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -3,6 +3,8 @@
### New features ### New features
- Use Papermc Group's API for `paper` & `folia` builds in server builder ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/688)) - Use Papermc Group's API for `paper` & `folia` builds in server builder ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/688))
- Allow omission of player count from Dashboard (e.g. for proxy servers) ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/692)) - Allow omission of player count from Dashboard (e.g. for proxy servers) ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/692))
### Refactor
- Refactor subpage perm checks ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/695))
### Bug fixes ### Bug fixes
- Fix bukkit and downstream fork MOTD crash ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/686)) - Fix bukkit and downstream fork MOTD crash ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/686))
- Fix bug where invalid server Id leads to stack ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/690)) - Fix bug where invalid server Id leads to stack ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/690))

159
app/classes/web/panel_handler.py
View File

@ -28,6 +28,18 @@ from app.classes.web.base_handler import BaseHandler
from app.classes.web.webhooks.webhook_factory import WebhookFactory from app.classes.web.webhooks.webhook_factory import WebhookFactory
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
# You must put any new subpages in here
SUBPAGE_PERMS = {
"term": EnumPermissionsServer.TERMINAL,
"logs": EnumPermissionsServer.LOGS,
"schedules": EnumPermissionsServer.SCHEDULE,
"backup": EnumPermissionsServer.BACKUP,
"files": EnumPermissionsServer.FILES,
"config": EnumPermissionsServer.CONFIG,
"admin_controls": EnumPermissionsServer.PLAYERS,
"metrics": EnumPermissionsServer.LOGS,
"webhooks": EnumPermissionsServer.CONFIG,
}
class PanelHandler(BaseHandler): class PanelHandler(BaseHandler):
@ -138,6 +150,11 @@ class PanelHandler(BaseHandler):
# increasing and will eat up the RAM # increasing and will eat up the RAM
del chunk del chunk
def check_subpage_perms(self, user_perms, subpage):
if SUBPAGE_PERMS.get(subpage, False) in user_perms:
return True
return False
def check_server_id(self): def check_server_id(self):
server_id = self.get_argument("id", None) server_id = self.get_argument("id", None)
@ -489,8 +506,17 @@ class PanelHandler(BaseHandler):
server_id = self.check_server_id() server_id = self.check_server_id()
# load page the user was on last # load page the user was on last
server_subpage = self.controller.servers.server_subpage.get(server_id, "") server_subpage = self.controller.servers.server_subpage.get(server_id, "")
if subpage == "" and server_subpage != "": if (
subpage = self.controller.servers.server_subpage.get(server_id, "") subpage == ""
and server_subpage != ""
and self.check_subpage_perms(
self.controller.server_perms.get_user_id_permissions_list(
exec_user["user_id"], server_id
),
server_subpage,
)
):
subpage = server_subpage
else: else:
self.controller.servers.server_subpage[server_id] = subpage self.controller.servers.server_subpage[server_id] = subpage
if server_id is None: if server_id is None:
@ -502,16 +528,6 @@ class PanelHandler(BaseHandler):
page_data["backup_failed"] = server_obj.last_backup_status() page_data["backup_failed"] = server_obj.last_backup_status()
server_obj = None server_obj = None
valid_subpages = [
"term",
"logs",
"backup",
"config",
"files",
"admin_controls",
"schedules",
"metrics",
]
if not self.failed_server: if not self.failed_server:
server = self.controller.servers.get_server_instance_by_id(server_id) server = self.controller.servers.get_server_instance_by_id(server_id)
# server_data isn't needed since the server_stats also pulls server data # server_data isn't needed since the server_stats also pulls server data
@ -577,7 +593,6 @@ class PanelHandler(BaseHandler):
page_data["get_players"] = server.get_server_players() page_data["get_players"] = server.get_server_players()
else: else:
page_data["get_players"] = [] page_data["get_players"] = []
page_data["active_link"] = subpage
page_data["permissions"] = { page_data["permissions"] = {
"Commands": EnumPermissionsServer.COMMANDS, "Commands": EnumPermissionsServer.COMMANDS,
"Terminal": EnumPermissionsServer.TERMINAL, "Terminal": EnumPermissionsServer.TERMINAL,
@ -601,83 +616,41 @@ class PanelHandler(BaseHandler):
page_data["server_stats"][ page_data["server_stats"][
"server_type" "server_type"
] = self.controller.servers.get_server_type_by_id(server_id) ] = self.controller.servers.get_server_type_by_id(server_id)
if subpage not in valid_subpages:
logger.debug("not a valid subpage")
if not subpage: if not subpage:
if ( for spage, perm in SUBPAGE_PERMS.items():
page_data["permissions"]["Terminal"] if perm in page_data["user_permissions"]:
in page_data["user_permissions"] subpage = spage
): break
subpage = "term" # If we still don't have a subpage we're going to assume they
elif page_data["permissions"]["Logs"] in page_data["user_permissions"]: # have no perms
subpage = "logs" if not subpage:
elif (
page_data["permissions"]["Schedule"]
in page_data["user_permissions"]
):
subpage = "schedules"
elif (
page_data["permissions"]["Backup"] in page_data["user_permissions"]
):
subpage = "backup"
elif page_data["permissions"]["Files"] in page_data["user_permissions"]:
subpage = "files"
elif (
page_data["permissions"]["Config"] in page_data["user_permissions"]
):
subpage = "config"
elif (
page_data["permissions"]["Players"] in page_data["user_permissions"]
):
subpage = "admin_controls"
else:
self.redirect("/panel/error?error=Unauthorized access to Server") self.redirect("/panel/error?error=Unauthorized access to Server")
if subpage not in SUBPAGE_PERMS.keys():
self.set_status(404)
page_data["background"] = self.controller.cached_login
return self.render(
"public/404.html",
data=page_data,
translate=self.translator.translate,
)
page_data["active_link"] = subpage
logger.debug(f'Subpage: "{subpage}"') logger.debug(f'Subpage: "{subpage}"')
if subpage == "term": if (
if ( not self.check_subpage_perms(page_data["user_permissions"], subpage)
not page_data["permissions"]["Terminal"] and not superuser
in page_data["user_permissions"] ):
): return self.redirect(
if not superuser: f"/panel/error?error=Unauthorized access to {subpage}"
self.redirect( )
"/panel/error?error=Unauthorized access to Terminal"
)
return
if subpage == "logs":
if (
not page_data["permissions"]["Logs"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect("/panel/error?error=Unauthorized access to Logs")
return
if subpage == "schedules": if subpage == "schedules":
if (
not page_data["permissions"]["Schedule"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect(
"/panel/error?error=Unauthorized access To Schedules"
)
return
page_data["schedules"] = HelpersManagement.get_schedules_by_server( page_data["schedules"] = HelpersManagement.get_schedules_by_server(
server_id server_id
) )
if subpage == "config": if subpage == "config":
if (
not page_data["permissions"]["Config"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect(
"/panel/error?error=Unauthorized access Server Config"
)
return
page_data["java_versions"] = Helpers.find_java_installs() page_data["java_versions"] = Helpers.find_java_installs()
server_obj: Servers = self.controller.servers.get_server_obj(server_id) server_obj: Servers = self.controller.servers.get_server_obj(server_id)
page_data["failed"] = self.failed_server page_data["failed"] = self.failed_server
@ -691,26 +664,7 @@ class PanelHandler(BaseHandler):
page_java.append(version) page_java.append(version)
page_data["java_versions"] = page_java page_data["java_versions"] = page_java
if subpage == "files":
if (
not page_data["permissions"]["Files"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect("/panel/error?error=Unauthorized access Files")
return
if subpage == "backup": if subpage == "backup":
if (
not page_data["permissions"]["Backup"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect(
"/panel/error?error=Unauthorized access to Backups"
)
return
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
page_data[ page_data[
"backup_config" "backup_config"
@ -761,15 +715,6 @@ class PanelHandler(BaseHandler):
server_id, hours=(days * 24) server_id, hours=(days * 24)
) )
if subpage == "webhooks": if subpage == "webhooks":
if (
not page_data["permissions"]["Config"]
in page_data["user_permissions"]
):
if not superuser:
self.redirect(
"/panel/error?error=Unauthorized access to Webhooks Config"
)
return
page_data[ page_data[
"webhooks" "webhooks"
] = self.controller.management.get_webhooks_by_server( ] = self.controller.management.get_webhooks_by_server(