Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into bugfix/issue_255_status_page_update

Browse Source
This commit is contained in:
Silversthorn 2023-09-02 21:55:51 +02:00
commit af1fdb447a
16 changed files with 268 additions and 256 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md
View File

@ -3,9 +3,14 @@
### New features ### New features
TBD TBD
### Bug fixes ### Bug fixes
TBD - PWA: Removed the custom offline page in favour of browser default ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/607))
- Fix hidden servers appearing visible on public mobile status page ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/612))
- Correctly handle if a server returns a string instead of json data on socket ping ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/614))
### Refactor
- Refractor/Replace bleach with nh3 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/616))
### Tweaks ### Tweaks
TBD - Polish/Enhance display for InApp Documentation ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/613))
- Add get_users command to Crafty's console ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/620))
### Lang ### Lang
TBD TBD
<br><br> <br><br>

6
app/classes/minecraft/mc_ping.py
View File

@ -16,6 +16,12 @@ logger = logging.getLogger(__name__)
class Server: class Server:
def __init__(self, data): def __init__(self, data):
if isinstance(data, str):
logger.error(
"Failed to calculate stats. Expected object. "
f"Server returned string: {data}"
)
return
self.description = data.get("description") self.description = data.get("description")
# print(self.description) # print(self.description)
if isinstance(self.description, dict): if isinstance(self.description, dict):

3
app/classes/shared/command.py
View File

@ -93,6 +93,9 @@ class MainPrompt(cmd.Cmd):
self.controller.users.update_user(user_id, {"password": new_pass}) self.controller.users.update_user(user_id, {"password": new_pass})
def do_get_users(self, _line):
Console.info(self.controller.users.get_all_usernames())
@staticmethod @staticmethod
def do_threads(_line): def do_threads(_line):
for thread in threading.enumerate(): for thread in threading.enumerate():

18
app/classes/web/ajax_handler.py
View File

@ -5,7 +5,7 @@ import re
import logging import logging
import time import time
import urllib.parse import urllib.parse
import bleach import nh3
import tornado.web import tornado.web
import tornado.escape import tornado.escape
@ -31,7 +31,7 @@ class AjaxHandler(BaseHandler):
@tornado.web.authenticated @tornado.web.authenticated
def get(self, page): def get(self, page):
_, _, exec_user = self.current_user _, _, exec_user = self.current_user
error = bleach.clean(self.get_argument("error", "WTF Error!")) error = nh3.clean(self.get_argument("error", "WTF Error!"))
template = "panel/denied.html" template = "panel/denied.html"
@ -50,7 +50,7 @@ class AjaxHandler(BaseHandler):
self.redirect("/panel/error?error=Server ID Not Found") self.redirect("/panel/error?error=Server ID Not Found")
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
server_data = self.controller.servers.get_server_data_by_id(server_id) server_data = self.controller.servers.get_server_data_by_id(server_id)
if not server_data: if not server_data:
@ -248,7 +248,7 @@ class AjaxHandler(BaseHandler):
if not self.check_server_id(server_id, "get_tree"): if not self.check_server_id(server_id, "get_tree"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if Helpers.validate_traversal( if Helpers.validate_traversal(
self.controller.servers.get_server_data_by_id(server_id)["path"], path self.controller.servers.get_server_data_by_id(server_id)["path"], path
@ -329,7 +329,7 @@ class AjaxHandler(BaseHandler):
elif page == "send_order": elif page == "send_order":
self.controller.users.update_server_order( self.controller.users.update_server_order(
exec_user["user_id"], bleach.clean(self.get_argument("order")) exec_user["user_id"], nh3.clean(self.get_argument("order"))
) )
return return
@ -394,8 +394,8 @@ class AjaxHandler(BaseHandler):
if not superuser: if not superuser:
self.redirect("/panel/error?error=Unauthorized access to Backups") self.redirect("/panel/error?error=Unauthorized access to Backups")
return return
server_id = bleach.clean(self.get_argument("id", None)) server_id = nh3.clean(self.get_argument("id", None))
zip_name = bleach.clean(self.get_argument("zip_file", None)) zip_name = nh3.clean(self.get_argument("zip_file", None))
svr_obj = self.controller.servers.get_server_obj(server_id) svr_obj = self.controller.servers.get_server_obj(server_id)
server_data = self.controller.servers.get_server_data_by_id(server_id) server_data = self.controller.servers.get_server_data_by_id(server_id)
@ -654,7 +654,7 @@ class AjaxHandler(BaseHandler):
if not self.check_server_id(server_id, "del_backup"): if not self.check_server_id(server_id, "del_backup"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not ( if not (
@ -686,7 +686,7 @@ class AjaxHandler(BaseHandler):
f"Server ID not defined in {page_name} ajax call ({server_id})" f"Server ID not defined in {page_name} ajax call ({server_id})"
) )
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
# does this server id exist? # does this server id exist?
if not self.controller.servers.server_id_exists(server_id): if not self.controller.servers.server_id_exists(server_id):

4
app/classes/web/base_handler.py
View File

@ -2,7 +2,7 @@ import logging
import re import re
import typing as t import typing as t
import orjson import orjson
import bleach import nh3
import tornado.web import tornado.web
from app.classes.models.crafty_permissions import EnumPermissionsCrafty from app.classes.models.crafty_permissions import EnumPermissionsCrafty
@ -93,7 +93,7 @@ class BaseHandler(tornado.web.RequestHandler):
if type(text) in self.nobleach: if type(text) in self.nobleach:
logger.debug("Auto-bleaching - bypass type") logger.debug("Auto-bleaching - bypass type")
return text return text
return bleach.clean(text) return nh3.clean(text)
def get_argument( def get_argument(
self, self,

22
app/classes/web/file_handler.py
View File

@ -1,6 +1,6 @@
import os import os
import logging import logging
import bleach import nh3
import tornado.web import tornado.web
import tornado.escape import tornado.escape
@ -55,7 +55,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "get_file"): if not self.check_server_id(server_id, "get_file"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if not self.helper.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
@ -92,7 +92,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "get_tree"): if not self.check_server_id(server_id, "get_tree"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if Helpers.validate_traversal( if Helpers.validate_traversal(
self.controller.servers.get_server_data_by_id(server_id)["path"], path self.controller.servers.get_server_data_by_id(server_id)["path"], path
@ -113,7 +113,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "get_tree"): if not self.check_server_id(server_id, "get_tree"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if Helpers.validate_traversal( if Helpers.validate_traversal(
self.controller.servers.get_server_data_by_id(server_id)["path"], path self.controller.servers.get_server_data_by_id(server_id)["path"], path
@ -161,7 +161,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "create_file"): if not self.check_server_id(server_id, "create_file"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if not self.helper.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
@ -194,7 +194,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "create_dir"): if not self.check_server_id(server_id, "create_dir"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if not self.helper.is_subdir( if not self.helper.is_subdir(
dir_path, dir_path,
@ -259,7 +259,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "del_file"): if not self.check_server_id(server_id, "del_file"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not ( if not (
@ -293,7 +293,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "del_dir"): if not self.check_server_id(server_id, "del_dir"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
server_info = self.controller.servers.get_server_data_by_id(server_id) server_info = self.controller.servers.get_server_data_by_id(server_id)
if not self.helper.is_subdir( if not self.helper.is_subdir(
@ -346,7 +346,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "save_file"): if not self.check_server_id(server_id, "save_file"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if not self.helper.is_subdir( if not self.helper.is_subdir(
file_path, file_path,
@ -401,7 +401,7 @@ class FileHandler(BaseHandler):
if not self.check_server_id(server_id, "rename_file"): if not self.check_server_id(server_id, "rename_file"):
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
if item_path is None or new_item_name is None: if item_path is None or new_item_name is None:
logger.warning("Invalid path(s) in rename_file file ajax call") logger.warning("Invalid path(s) in rename_file file ajax call")
@ -450,7 +450,7 @@ class FileHandler(BaseHandler):
f"Server ID not defined in {page_name} file ajax call ({server_id})" f"Server ID not defined in {page_name} file ajax call ({server_id})"
) )
return return
server_id = bleach.clean(server_id) server_id = nh3.clean(server_id)
# does this server id exist? # does this server id exist?
if not self.controller.servers.server_id_exists(server_id): if not self.controller.servers.server_id_exists(server_id):

60
app/classes/web/panel_handler.py
View File

@ -7,7 +7,7 @@ import json
import logging import logging
import threading import threading
import urllib.parse import urllib.parse
import bleach import nh3
import requests import requests
import tornado.web import tornado.web
import tornado.escape import tornado.escape
@ -67,9 +67,7 @@ class PanelHandler(BaseHandler):
) in self.controller.crafty_perms.list_defined_crafty_permissions(): ) in self.controller.crafty_perms.list_defined_crafty_permissions():
argument = int( argument = int(
float( float(
bleach.clean( nh3.clean(self.get_argument(f"permission_{permission.name}", "0"))
self.get_argument(f"permission_{permission.name}", "0")
)
) )
) )
if argument: if argument:
@ -78,9 +76,7 @@ class PanelHandler(BaseHandler):
) )
q_argument = int( q_argument = int(
float( float(nh3.clean(self.get_argument(f"quantity_{permission.name}", "0")))
bleach.clean(self.get_argument(f"quantity_{permission.name}", "0"))
)
) )
if q_argument: if q_argument:
server_quantity[permission.name] = q_argument server_quantity[permission.name] = q_argument
@ -479,7 +475,7 @@ class PanelHandler(BaseHandler):
template = "panel/dashboard.html" template = "panel/dashboard.html"
elif page == "server_detail": elif page == "server_detail":
subpage = bleach.clean(self.get_argument("subpage", "")) subpage = nh3.clean(self.get_argument("subpage", ""))
server_id = self.check_server_id() server_id = self.check_server_id()
if server_id is None: if server_id is None:
@ -1284,7 +1280,7 @@ class PanelHandler(BaseHandler):
template = "panel/panel_edit_user_apikeys.html" template = "panel/panel_edit_user_apikeys.html"
elif page == "remove_user": elif page == "remove_user":
user_id = bleach.clean(self.get_argument("id", None)) user_id = nh3.clean(self.get_argument("id", None))
if ( if (
not superuser not superuser
@ -1416,7 +1412,7 @@ class PanelHandler(BaseHandler):
template = "panel/panel_edit_role.html" template = "panel/panel_edit_role.html"
elif page == "remove_role": elif page == "remove_role":
role_id = bleach.clean(self.get_argument("id", None)) role_id = nh3.clean(self.get_argument("id", None))
if ( if (
not superuser not superuser
@ -1604,7 +1600,7 @@ class PanelHandler(BaseHandler):
backup_path = Helpers.wtol_path(backup_path) backup_path = Helpers.wtol_path(backup_path)
else: else:
backup_path = server_obj.backup_path backup_path = server_obj.backup_path
max_backups = bleach.clean(self.get_argument("max_backups", None)) max_backups = nh3.clean(self.get_argument("max_backups", None))
server_obj = self.controller.servers.get_server_obj(server_id) server_obj = self.controller.servers.get_server_obj(server_id)
@ -1665,15 +1661,15 @@ class PanelHandler(BaseHandler):
self.redirect("/panel/config_json") self.redirect("/panel/config_json")
elif page == "edit_user": elif page == "edit_user":
if bleach.clean(self.get_argument("username", None)).lower() == "system": if nh3.clean(self.get_argument("username", None)).lower() == "system":
self.redirect( self.redirect(
"/panel/error?error=Unauthorized access: " "/panel/error?error=Unauthorized access: "
"system user is not editable" "system user is not editable"
) )
user_id = bleach.clean(self.get_argument("id", None)) user_id = nh3.clean(self.get_argument("id", None))
user = self.controller.users.get_user_by_id(user_id) user = self.controller.users.get_user_by_id(user_id)
username = bleach.clean(self.get_argument("username", None).lower()) username = nh3.clean(self.get_argument("username", None).lower())
theme = bleach.clean(self.get_argument("theme", "default")) theme = nh3.clean(self.get_argument("theme", "default"))
if ( if (
username != self.controller.users.get_user_by_id(user_id)["username"] username != self.controller.users.get_user_by_id(user_id)["username"]
and username in self.controller.users.get_all_usernames() and username in self.controller.users.get_all_usernames()
@ -1681,16 +1677,16 @@ class PanelHandler(BaseHandler):
self.redirect( self.redirect(
"/panel/error?error=Duplicate User: Useranme already exists." "/panel/error?error=Duplicate User: Useranme already exists."
) )
password0 = bleach.clean(self.get_argument("password0", None)) password0 = nh3.clean(self.get_argument("password0", None))
password1 = bleach.clean(self.get_argument("password1", None)) password1 = nh3.clean(self.get_argument("password1", None))
email = bleach.clean(self.get_argument("email", "default@example.com")) email = nh3.clean(self.get_argument("email", "default@example.com"))
enabled = int(float(self.get_argument("enabled", "0"))) enabled = int(float(self.get_argument("enabled", "0")))
try: try:
hints = int(bleach.clean(self.get_argument("hints"))) hints = int(nh3.clean(self.get_argument("hints")))
hints = True hints = True
except: except:
hints = False hints = False
lang = bleach.clean( lang = nh3.clean(
self.get_argument("language"), self.helper.get_setting("language") self.get_argument("language"), self.helper.get_setting("language")
) )
@ -1699,7 +1695,7 @@ class PanelHandler(BaseHandler):
# We don't want that. Automatically make them stay super user # We don't want that. Automatically make them stay super user
# since we know they are. # since we know they are.
if str(exec_user["user_id"]) != str(user_id): if str(exec_user["user_id"]) != str(user_id):
superuser = int(bleach.clean(self.get_argument("superuser", "0"))) superuser = int(nh3.clean(self.get_argument("superuser", "0")))
else: else:
superuser = 1 superuser = 1
else: else:
@ -1877,7 +1873,7 @@ class PanelHandler(BaseHandler):
self.finish() self.finish()
elif page == "add_user": elif page == "add_user":
username = bleach.clean(self.get_argument("username", None).lower()) username = nh3.clean(self.get_argument("username", None).lower())
if username.lower() == "system": if username.lower() == "system":
self.redirect( self.redirect(
"/panel/error?error=Unauthorized access: " "/panel/error?error=Unauthorized access: "
@ -1885,18 +1881,18 @@ class PanelHandler(BaseHandler):
" Please choose a different username." " Please choose a different username."
) )
return return
password0 = bleach.clean(self.get_argument("password0", None)) password0 = nh3.clean(self.get_argument("password0", None))
password1 = bleach.clean(self.get_argument("password1", None)) password1 = nh3.clean(self.get_argument("password1", None))
email = bleach.clean(self.get_argument("email", "default@example.com")) email = nh3.clean(self.get_argument("email", "default@example.com"))
enabled = int(float(self.get_argument("enabled", "0"))) enabled = int(float(self.get_argument("enabled", "0")))
theme = bleach.clean(self.get_argument("theme"), "default") theme = nh3.clean(self.get_argument("theme"), "default")
hints = True hints = True
lang = bleach.clean( lang = nh3.clean(
self.get_argument("lang", self.helper.get_setting("language")) self.get_argument("lang", self.helper.get_setting("language"))
) )
# We don't want a non-super user to be able to create a super user. # We don't want a non-super user to be able to create a super user.
if superuser: if superuser:
new_superuser = int(bleach.clean(self.get_argument("superuser", "0"))) new_superuser = int(nh3.clean(self.get_argument("superuser", "0")))
else: else:
new_superuser = 0 new_superuser = 0
@ -1971,8 +1967,8 @@ class PanelHandler(BaseHandler):
self.redirect("/panel/panel_config") self.redirect("/panel/panel_config")
elif page == "edit_role": elif page == "edit_role":
role_id = bleach.clean(self.get_argument("id", None)) role_id = nh3.clean(self.get_argument("id", None))
role_name = bleach.clean(self.get_argument("role_name", None)) role_name = nh3.clean(self.get_argument("role_name", None))
role = self.controller.roles.get_role(role_id) role = self.controller.roles.get_role(role_id)
@ -2018,7 +2014,7 @@ class PanelHandler(BaseHandler):
self.redirect("/panel/panel_config") self.redirect("/panel/panel_config")
elif page == "add_role": elif page == "add_role":
role_name = bleach.clean(self.get_argument("role_name", None)) role_name = nh3.clean(self.get_argument("role_name", None))
if exec_user["superuser"]: if exec_user["superuser"]:
manager = self.get_argument("manager", None) manager = self.get_argument("manager", None)
if manager == "": if manager == "":
@ -2092,7 +2088,7 @@ class PanelHandler(BaseHandler):
} }
if page == "remove_apikey": if page == "remove_apikey":
key_id = bleach.clean(self.get_argument("id", None)) key_id = nh3.clean(self.get_argument("id", None))
if not superuser: if not superuser:
self.redirect("/panel/error?error=Unauthorized access: not superuser") self.redirect("/panel/error?error=Unauthorized access: not superuser")

14
app/classes/web/public_handler.py
View File

@ -1,5 +1,5 @@
import logging import logging
import bleach import nh3
from app.classes.shared.helpers import Helpers from app.classes.shared.helpers import Helpers
from app.classes.models.users import HelperUsers from app.classes.models.users import HelperUsers
@ -28,8 +28,8 @@ class PublicHandler(BaseHandler):
# self.clear_cookie("user_data") # self.clear_cookie("user_data")
def get(self, page=None): def get(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!")) error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", "")) error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = { page_data = {
"version": self.helper.get_version_string(), "version": self.helper.get_version_string(),
@ -82,8 +82,8 @@ class PublicHandler(BaseHandler):
) )
def post(self, page=None): def post(self, page=None):
error = bleach.clean(self.get_argument("error", "Invalid Login!")) error = nh3.clean(self.get_argument("error", "Invalid Login!"))
error_msg = bleach.clean(self.get_argument("error_msg", "")) error_msg = nh3.clean(self.get_argument("error_msg", ""))
page_data = { page_data = {
"version": self.helper.get_version_string(), "version": self.helper.get_version_string(),
@ -100,8 +100,8 @@ class PublicHandler(BaseHandler):
if self.request.query: if self.request.query:
next_page = "/login?" + self.request.query next_page = "/login?" + self.request.query
entered_username = bleach.clean(self.get_argument("username")) entered_username = nh3.clean(self.get_argument("username"))
entered_password = bleach.clean(self.get_argument("password")) entered_password = nh3.clean(self.get_argument("password"))
# pylint: disable=no-member # pylint: disable=no-member
try: try:

42
app/classes/web/server_handler.py
View File

@ -4,7 +4,7 @@ import os
import time import time
import tornado.web import tornado.web
import tornado.escape import tornado.escape
import bleach import nh3
from app.classes.models.crafty_permissions import EnumPermissionsCrafty from app.classes.models.crafty_permissions import EnumPermissionsCrafty
from app.classes.shared.helpers import Helpers from app.classes.shared.helpers import Helpers
@ -196,8 +196,8 @@ class ServerHandler(BaseHandler):
} }
if page == "command": if page == "command":
server_id = bleach.clean(self.get_argument("id", None)) server_id = nh3.clean(self.get_argument("id", None))
command = bleach.clean(self.get_argument("command", None)) command = nh3.clean(self.get_argument("command", None))
if server_id is not None: if server_id is not None:
if command == "clone_server": if command == "clone_server":
@ -312,24 +312,24 @@ class ServerHandler(BaseHandler):
user_roles = self.controller.roles.get_all_roles() user_roles = self.controller.roles.get_all_roles()
else: else:
user_roles = self.get_user_roles() user_roles = self.get_user_roles()
server = bleach.clean(self.get_argument("server", "")) server = nh3.clean(self.get_argument("server", ""))
server_name = bleach.clean(self.get_argument("server_name", "")) server_name = nh3.clean(self.get_argument("server_name", ""))
min_mem = bleach.clean(self.get_argument("min_memory", "")) min_mem = nh3.clean(self.get_argument("min_memory", ""))
max_mem = bleach.clean(self.get_argument("max_memory", "")) max_mem = nh3.clean(self.get_argument("max_memory", ""))
port = bleach.clean(self.get_argument("port", "")) port = nh3.clean(self.get_argument("port", ""))
if int(port) < 1 or int(port) > 65535: if int(port) < 1 or int(port) > 65535:
self.redirect( self.redirect(
"/panel/error?error=Constraint Error: " "/panel/error?error=Constraint Error: "
"Port must be greater than 0 and less than 65535" "Port must be greater than 0 and less than 65535"
) )
return return
import_type = bleach.clean(self.get_argument("create_type", "")) import_type = nh3.clean(self.get_argument("create_type", ""))
import_server_path = bleach.clean(self.get_argument("server_path", "")) import_server_path = nh3.clean(self.get_argument("server_path", ""))
import_server_jar = bleach.clean(self.get_argument("server_jar", "")) import_server_jar = nh3.clean(self.get_argument("server_jar", ""))
server_parts = server.split("|") server_parts = server.split("|")
captured_roles = [] captured_roles = []
for role in user_roles: for role in user_roles:
if bleach.clean(self.get_argument(str(role), "")) == "on": if nh3.clean(self.get_argument(str(role), "")) == "on":
captured_roles.append(role) captured_roles.append(role)
if not server_name: if not server_name:
@ -373,7 +373,7 @@ class ServerHandler(BaseHandler):
) )
elif import_type == "import_zip": elif import_type == "import_zip":
# here import_server_path means the zip path # here import_server_path means the zip path
zip_path = bleach.clean(self.get_argument("root_path")) zip_path = nh3.clean(self.get_argument("root_path"))
good_path = Helpers.check_path_exists(zip_path) good_path = Helpers.check_path_exists(zip_path)
if not good_path: if not good_path:
self.redirect("/panel/error?error=Temp path not found!") self.redirect("/panel/error?error=Temp path not found!")
@ -477,9 +477,9 @@ class ServerHandler(BaseHandler):
user_roles = self.controller.roles.get_all_roles() user_roles = self.controller.roles.get_all_roles()
else: else:
user_roles = self.controller.roles.get_all_roles() user_roles = self.controller.roles.get_all_roles()
server = bleach.clean(self.get_argument("server", "")) server = nh3.clean(self.get_argument("server", ""))
server_name = bleach.clean(self.get_argument("server_name", "")) server_name = nh3.clean(self.get_argument("server_name", ""))
port = bleach.clean(self.get_argument("port", "")) port = nh3.clean(self.get_argument("port", ""))
if not port: if not port:
port = 19132 port = 19132
@ -489,13 +489,13 @@ class ServerHandler(BaseHandler):
"Port must be greater than 0 and less than 65535" "Port must be greater than 0 and less than 65535"
) )
return return
import_type = bleach.clean(self.get_argument("create_type", "")) import_type = nh3.clean(self.get_argument("create_type", ""))
import_server_path = bleach.clean(self.get_argument("server_path", "")) import_server_path = nh3.clean(self.get_argument("server_path", ""))
import_server_exe = bleach.clean(self.get_argument("server_jar", "")) import_server_exe = nh3.clean(self.get_argument("server_jar", ""))
server_parts = server.split("|") server_parts = server.split("|")
captured_roles = [] captured_roles = []
for role in user_roles: for role in user_roles:
if bleach.clean(self.get_argument(str(role), "")) == "on": if nh3.clean(self.get_argument(str(role), "")) == "on":
captured_roles.append(role) captured_roles.append(role)
if not server_name: if not server_name:
@ -537,7 +537,7 @@ class ServerHandler(BaseHandler):
) )
elif import_type == "import_zip": elif import_type == "import_zip":
# here import_server_path means the zip path # here import_server_path means the zip path
zip_path = bleach.clean(self.get_argument("root_path")) zip_path = nh3.clean(self.get_argument("root_path"))
good_path = Helpers.check_path_exists(zip_path) good_path = Helpers.check_path_exists(zip_path)
if not good_path: if not good_path:
self.redirect("/panel/error?error=Temp path not found!") self.redirect("/panel/error?error=Temp path not found!")

47
app/frontend/static/assets/js/shared/service-worker.js
View File

@ -1,6 +1,8 @@
// This is the "Offline page" service worker // This is the "Offline page" service worker
importScripts('https://storage.googleapis.com/workbox-cdn/releases/5.1.2/workbox-sw.js'); importScripts(
"https://storage.googleapis.com/workbox-cdn/releases/5.1.2/workbox-sw.js"
);
const CACHE = "crafty-controller"; const CACHE = "crafty-controller";
@ -13,34 +15,27 @@ self.addEventListener("message", (event) => {
} }
}); });
self.addEventListener('install', async (event) => {
event.waitUntil(
caches.open(CACHE)
.then((cache) => cache.add(offlineFallbackPage))
);
});
if (workbox.navigationPreload.isSupported()) { if (workbox.navigationPreload.isSupported()) {
workbox.navigationPreload.enable(); workbox.navigationPreload.enable();
} }
self.addEventListener('fetch', (event) => { // self.addEventListener('fetch', (event) => {
if (event.request.mode === 'navigate') { // if (event.request.mode === 'navigate') {
event.respondWith((async () => { // event.respondWith((async () => {
try { // try {
const preloadResp = await event.preloadResponse; // const preloadResp = await event.preloadResponse;
if (preloadResp) { // if (preloadResp) {
return preloadResp; // return preloadResp;
} // }
const networkResp = await fetch(event.request); // const networkResp = await fetch(event.request);
return networkResp; // return networkResp;
} catch (error) { // } catch (error) {
const cache = await caches.open(CACHE); // const cache = await caches.open(CACHE);
const cachedResp = await cache.match(offlineFallbackPage); // const cachedResp = await cache.match(offlineFallbackPage);
return cachedResp; // return cachedResp;
} // }
})()); // })());
} // }
}); // });

83
app/frontend/templates/panel/denied.html
View File

@ -1,73 +1,68 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head>
<head>
<!-- Required meta tags --> <!-- Required meta tags -->
<meta charset="utf-8"> <meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
<title>Crafty Controller</title> <title>Crafty Controller</title>
<!-- plugins:css --> <!-- plugins:css -->
<link rel="stylesheet" href="/static/assets/vendors/mdi/css/materialdesignicons.min.css"> <link rel="stylesheet" href="/static/assets/vendors/mdi/css/materialdesignicons.min.css" />
<link rel="stylesheet" href="/static/assets/vendors/flag-icon-css/css/flag-icon.min.css"> <link rel="stylesheet" href="/static/assets/vendors/flag-icon-css/css/flag-icon.min.css" />
<link rel="stylesheet" href="/static/assets/vendors/ti-icons/css/themify-icons.css"> <link rel="stylesheet" href="/static/assets/vendors/ti-icons/css/themify-icons.css" />
<link rel="stylesheet" href="/static/assets/vendors/typicons/typicons.css"> <link rel="stylesheet" href="/static/assets/vendors/typicons/typicons.css" />
<link rel="stylesheet" href="/static/assets/vendors/css/vendor.bundle.base.css"> <link rel="stylesheet" href="/static/assets/vendors/css/vendor.bundle.base.css" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="mobile-web-app-capable" content="yes" /> <meta name="mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="black"> <meta name="apple-mobile-web-app-status-bar-style" content="black" />
<meta name="apple-mobile-web-app-title" content="Crafty"> <meta name="apple-mobile-web-app-title" content="Crafty" />
<link rel="apple-touch-icon" href="../static/assets/images/Crafty_4-0.png"> <link rel="apple-touch-icon" href="../static/assets/images/Crafty_4-0.png" />
<!-- endinject --> <!-- endinject -->
<!-- Plugin css for this page --> <!-- Plugin css for this page -->
<!-- End Plugin css for this page --> <!-- End Plugin css for this page -->
<!-- Layout styles --> <!-- Layout styles -->
<link rel="stylesheet" href="/static/assets/css/dark/style.css"> <link rel="stylesheet" href="/static/assets/css/dark/style.css" />
<!-- End Layout styles --> <!-- End Layout styles -->
<link rel="shortcut icon" type="image/svg+xml" href="/static/assets/images/logo_small.svg"> <link rel="shortcut icon" type="image/svg+xml" href="/static/assets/images/logo_small.svg" />
<link rel="alternate icon" href="/static/assets/images/favicon.png" /> <link rel="alternate icon" href="/static/assets/images/favicon.png" />
</head> </head>
<style> <style>
.auth.auth-bg-1 { .auth.auth-bg-1 {
background: url("../../static/assets/images/auth/{% raw data['background'] %}"), background: url("../../static/assets/images/auth/{% raw data['background'] %}"),
url("/static/assets/images/auth/login_1.jpg"); url("/static/assets/images/auth/login_1.jpg");
background-size: cover; background-size: cover;
} }
</style> </style>
<body class="dark-theme"> <body class="dark-theme">
<div class="container-scroller"> <div class="container-scroller">
<div class="container-fluid page-body-wrapper full-page-wrapper"> <div class="container-fluid page-body-wrapper full-page-wrapper">
<div class="content-wrapper d-flex align-items-center auth auth-bg-1 theme-one"> <div class="content-wrapper d-flex align-items-center auth auth-bg-1 theme-one" >
<div class="row w-100"> <div class="row w-100">
<div class="col-lg-4 mx-auto"> <div class="col-lg-4 mx-auto">
<div class="auto-form-wrapper"> <div class="auto-form-wrapper">
<div class="text-center"> <div class="text-center">
<img src="/static/assets/images/logo_long.svg"><br /><br /> <img alt="Crafty Logo" src="/static/assets/images/logo_long.svg" /><br /><br />
<div class="col-sm-12 grid-margin stretch-card"> <div class="col-sm-12 grid-margin stretch-card">
<div class="card card-statistics social-card google-card card-colored"> <div class="card card-statistics social-card google-card card-colored" >
<div class="card-body"> <div class="card-body">
<h4 class="platform-name mb-3 mt-4 font-weight-semibold user-name">{{ translate('accessDenied', <h4 class="platform-name mb-3 mt-4 font-weight-semibold user-name" >
'accessDenied', data['lang']) }}</h4> {{ translate('accessDenied', 'accessDenied', data['lang']) }}
<h5 class="headline font-weight-medium">{{ translate('accessDenied', 'noAccess', data['lang']) }} </h4>
<h5 class="headline font-weight-medium">
{{ translate('accessDenied', 'noAccess', data['lang']) }}
</h5> </h5>
<p class="mb-2 comment font-weight-light"> <p class="mb-2 comment font-weight-light">
{{ translate('accessDenied', 'contactAdmin', data['lang']) }}<br /><br /> {{ translate('accessDenied', 'contactAdmin',
<a class="d-inline font-weight-medium" href="https://discord.gg/9VJPhCE"> {{ data['lang']) }}<br /><br />
translate('accessDenied', 'contact', data['lang']) }}</a> <a class="d-inline font-weight-medium" href="https://discord.gg/9VJPhCE" > {{ translate('accessDenied', 'contact', data['lang']) }}</a>
</p> </p>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
@ -88,19 +83,21 @@
<!-- endinject --> <!-- endinject -->
<script> <script>
$(document).ready(function () { $(document).ready(function () {
let login_opacity_div = document.getElementById('login_opacity'); let login_opacity_div = document.getElementById("login_opacity");
let opacity = login_opacity_div.getAttribute('data-value'); let opacity = login_opacity_div.getAttribute("data-value");
document.getElementById('login-form-background').style.background = 'rgb(34, 36, 55, ' + (opacity / 100) + ')'; document.getElementById("login-form-background").style.background =
"rgb(34, 36, 55, " + opacity / 100 + ")";
//Register Service worker for mobile app //Register Service worker for mobile app
if ('serviceWorker' in navigator) { if ("serviceWorker" in navigator) {
navigator.serviceWorker.register('/static/assets/js/shared/service-worker.js', {scope: '/'}) navigator.serviceWorker
.register("/static/assets/js/shared/service-worker.js", {
scope: "/",
})
.then(function (registration) { .then(function (registration) {
console.error('Service Worker Registered'); console.log("Service Worker Registered");
}); });
} }
}); });
</script> </script>
</body> </body>
</html> </html>

58
app/frontend/templates/panel/wiki.html
View File

@ -7,8 +7,8 @@
{% block content %} {% block content %}
<div class="content-wrapper"> <!-- Desktop View -->
<div class="d-none d-sm-block content-wrapper">
<!-- Page Title Header Starts--> <!-- Page Title Header Starts-->
<div class="row page-title-header"> <div class="row page-title-header">
<div class="col-12"> <div class="col-12">
@ -16,35 +16,45 @@
<h4 class="page-title">{{ translate('sidebar', 'documentation', data['lang']) }}</h4> <h4 class="page-title">{{ translate('sidebar', 'documentation', data['lang']) }}</h4>
</div> </div>
</div> </div>
</div> </div>
<div class="row"> <div class="row iframe-row">
<div class="col-md-12 grid-margin"> <div class="col-12 iframe-col">
<iframe src="https://docs.craftycontrol.com/" width=100% height=1100px title="crafty's docs"></iframe> <div class="iframe-wrapper">
<iframe title="crafty's docs" src="https://docs.craftycontrol.com/" class="iframe-item"></iframe>
</div> </div>
</div> </div>
<!-- content-wrapper ends --> </div>
<style> </div>
.popover-body { <!-- Mobile View -->
color: white !important; <div class="d-sm-none content-wrapper mobile-content-wrapper">
; <iframe title="crafty's docs" src="https://docs.craftycontrol.com/" class="iframe-item"></iframe>
</div>
<!-- content-wrapper ends -->
<style>
.iframe-item {
height: 100%;
width: 100%;
border: none;
} }
#desc_id { .iframe-wrapper {
-ms-overflow-style: none; height: 100%;
/* for Internet Explorer, Edge */
scrollbar-width: none;
/* for Firefox */
overflow-y: scroll;
} }
#desc_id::-webkit-scrollbar { .iframe-col {
display: none; height: 100%;
/* for Chrome, Safari, and Opera */
} }
</style>
.iframe-row {
height: 100%;
max-height: calc(100% - 63px);
padding-bottom: 1rem;
}
.mobile-content-wrapper {
padding: 0;
}
</style>
{% end %} {% end %}

2
app/frontend/templates/public/login.html
View File

@ -156,7 +156,7 @@
if ('serviceWorker' in navigator) { if ('serviceWorker' in navigator) {
navigator.serviceWorker.register('/static/assets/js/shared/service-worker.js', {scope: '/'}) navigator.serviceWorker.register('/static/assets/js/shared/service-worker.js', {scope: '/'})
.then(function (registration) { .then(function (registration) {
console.error('Service Worker Registered'); console.log('Service Worker Registered');
}); });
} }
}); });

2
app/frontend/templates/public/status.html
View File

@ -95,6 +95,7 @@
<hr /> <hr />
<div class="accordion" id="accordionServers"> <div class="accordion" id="accordionServers">
{% for server in data['servers'] %} {% for server in data['servers'] %}
{% if server['server_data']['show_status'] %}
<div class="card mb-0"> <div class="card mb-0">
<div class="card-header" id="heading-{{server['server_data']['server_id']}}"> <div class="card-header" id="heading-{{server['server_data']['server_id']}}">
<h2 class="mb-0 container overflow-hidden"> <h2 class="mb-0 container overflow-hidden">
@ -159,6 +160,7 @@
</div> </div>
</div> </div>
{% end %} {% end %}
{% end %}
</div> </div>
</div> </div>
</div> </div>

40
app/frontend/templates/public_base.html
View File

@ -3,31 +3,31 @@
<head> <head>
<!-- Required meta tags --> <!-- Required meta tags -->
<meta charset="utf-8"> <meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
{% block meta %}{% end %} {% block meta %}{% end %}
<title>{% block title %}{{ _('Default') }}{% end %}</title> <title>{% block title %}{{ _('Default') }}{% end %}</title>
<!-- plugins:css --> <!-- plugins:css -->
<link rel="stylesheet" href="/static/assets/vendors/mdi/css/materialdesignicons.min.css"> <link rel="stylesheet" href="/static/assets/vendors/mdi/css/materialdesignicons.min.css" />
<link rel="stylesheet" href="/static/assets/vendors/flag-icon-css/css/flag-icon.min.css"> <link rel="stylesheet" href="/static/assets/vendors/flag-icon-css/css/flag-icon.min.css" />
<link rel="stylesheet" href="/static/assets/vendors/ti-icons/css/themify-icons.css"> <link rel="stylesheet" href="/static/assets/vendors/ti-icons/css/themify-icons.css" />
<link rel="stylesheet" href="/static/assets/vendors/typicons/typicons.css"> <link rel="stylesheet" href="/static/assets/vendors/typicons/typicons.css" />
<link rel="stylesheet" href="/static/assets/vendors/css/vendor.bundle.base.css"> <link rel="stylesheet" href="/static/assets/vendors/css/vendor.bundle.base.css" />
<link rel="stylesheet" href="/static/assets/vendors/fontawesome6/css/all.css"> <link rel="stylesheet" href="/static/assets/vendors/fontawesome6/css/all.css" />
<link rel="manifest" href="/static/assets/crafty.webmanifest"> <link rel="manifest" href="/static/assets/crafty.webmanifest" />
<meta name="apple-mobile-web-app-capable" content="yes"> <meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="mobile-web-app-capable" content="yes" /> <meta name="mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="black"> <meta name="apple-mobile-web-app-status-bar-style" content="black" />
<meta name="apple-mobile-web-app-title" content="Crafty"> <meta name="apple-mobile-web-app-title" content="Crafty" />
<link rel="apple-touch-icon" href="../static/assets/images/Crafty_4-0.png"> <link rel="apple-touch-icon" href="../static/assets/images/Crafty_4-0.png" />
<!-- endinject --> <!-- endinject -->
<!-- Plugin css for this page --> <!-- Plugin css for this page -->
<!-- End Plugin css for this page --> <!-- End Plugin css for this page -->
<!-- Layout styles --> <!-- Layout styles -->
<link rel="stylesheet" href="/static/assets/css/dark/style.css"> <link rel="stylesheet" href="/static/assets/css/dark/style.css" />
<!-- End Layout styles --> <!-- End Layout styles -->
<link rel="shortcut icon" type="image/svg+xml" href="/static/assets/images/logo_small.svg"> <link rel="shortcut icon" type="image/svg+xml" href="/static/assets/images/logo_small.svg" />
<link rel="alternate icon" href="/static/assets/images/favicon.png" /> <link rel="alternate icon" href="/static/assets/images/favicon.png" />
</head> </head>
@ -36,16 +36,15 @@
<div class="container-fluid page-body-wrapper full-page-wrapper"> <div class="container-fluid page-body-wrapper full-page-wrapper">
<div class="content-wrapper d-flex align-items-sm-center auth auth-bg-1 theme-one"> <div class="content-wrapper d-flex align-items-sm-center auth auth-bg-1 theme-one">
<div class="mx-auto"> <div class="mx-auto">
<div class="auto-form-wrapper"> <div class="auto-form-wrapper">{% block content %} {% end %}</div>
{% block content %}
{% end %}
</div>
</div> </div>
</div> </div>
<!-- content-wrapper ends --> <!-- content-wrapper ends -->
</div> </div>
<!-- page-body-wrapper ends --> <!-- page-body-wrapper ends -->
</div> </div>
<!-- page-body-wrapper ends -->
<!-- container-scroller --> <!-- container-scroller -->
<!-- plugins:js --> <!-- plugins:js -->
<script src="/static/assets/vendors/js/vendor.bundle.base.js"></script> <script src="/static/assets/vendors/js/vendor.bundle.base.js"></script>
@ -54,9 +53,8 @@
<script src="/static/assets/js/shared/off-canvas.js"></script> <script src="/static/assets/js/shared/off-canvas.js"></script>
<script src="/static/assets/js/shared/hoverable-collapse.js"></script> <script src="/static/assets/js/shared/hoverable-collapse.js"></script>
<script src="/static/assets/js/shared/misc.js"></script> <script src="/static/assets/js/shared/misc.js"></script>
<!-- endinject --> <!-- endinject -->
{% block js %} {% block js %}
<!-- Custom js for this page --> <!-- Custom js for this page -->
<script> <script>

2
requirements.txt
View File

@ -1,7 +1,7 @@
apscheduler==3.8.1 apscheduler==3.8.1
argon2-cffi==21.3 argon2-cffi==21.3
bleach==4.1 nh3==0.2.14
cached_property==1.5.2 cached_property==1.5.2
colorama==0.4 colorama==0.4
croniter==1.3.5 croniter==1.3.5