Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added users to servers. Fixed some bugs with assigning users to role/servers. Fixed bug where user could not edit server config

Browse Source
This commit is contained in:
Andrew 2021-08-06 00:34:57 -04:00
parent 2f8abc25bd
commit b39e0e3a62
4 changed files with 87 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/classes/shared/controller.py
View File

@ -112,10 +112,15 @@ class Controller:
@staticmethod @staticmethod
def list_authorized_servers(userId): def list_authorized_servers(userId):
#servers = db_helper.get_authorized_servers(userId) servers = db_helper.get_authorized_servers(userId)
servers = db_helper.get_authorized_servers_from_roles(userId) server_list = []
for item in servers:
server_list.append(item)
role_servers = db_helper.get_authorized_servers_from_roles(userId)
for item in role_servers:
server_list.append(item)
logger.debug("servers list = {}".format(servers)) logger.debug("servers list = {}".format(servers))
return servers return server_list
def get_server_data(self, server_id): def get_server_data(self, server_id):
for s in self.servers_list: for s in self.servers_list:

52
app/classes/shared/models.py
View File

@ -130,6 +130,16 @@ class Servers(BaseModel):
class Meta: class Meta:
table_name = "servers" table_name = "servers"
class User_Servers(BaseModel):
user_id = ForeignKeyField(Users, backref='user_server')
server_id = ForeignKeyField(Servers, backref='user_server')
class Meta:
table_name = 'user_servers'
primary_key = CompositeKey('user_id', 'server_id')
class Role_Servers(BaseModel): class Role_Servers(BaseModel):
role_id = ForeignKeyField(Roles, backref='role_server') role_id = ForeignKeyField(Roles, backref='role_server')
server_id = ForeignKeyField(Servers, backref='role_server') server_id = ForeignKeyField(Servers, backref='role_server')
@ -222,6 +232,7 @@ class db_builder:
Users, Users,
Roles, Roles,
User_Roles, User_Roles,
User_Servers,
Host_Stats, Host_Stats,
Webhooks, Webhooks,
Servers, Servers,
@ -396,13 +407,28 @@ class db_shortcuts:
user_servers = User_Servers.select().where(User_Servers.user_id == user_id) user_servers = User_Servers.select().where(User_Servers.user_id == user_id)
authorized_servers = [] authorized_servers = []
server_data = [] server_data = []
user_roles = User_Roles.select().where(User_Roles.user_id == user_id)
roles_list = []
role_server = []
for u in user_servers: for u in user_servers:
authorized_servers.append(db_helper.get_server_data_by_id(u.server_id)) authorized_servers.append(db_helper.get_server_data_by_id(u.server_id))
for u in user_roles:
roles_list.append(db_helper.get_role(u.role_id))
for r in roles_list:
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
for t in role_test:
role_server.append(t)
for s in role_server:
authorized_servers.append(db_helper.get_server_data_by_id(s.server_id))
for s in authorized_servers: for s in authorized_servers:
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1) latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)}) Server_Stats.created.desc()).limit(1)
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)[0]})
return server_data return server_data
@ -531,13 +557,13 @@ class db_shortcuts:
roles = set() roles = set()
for r in roles_query: for r in roles_query:
roles.add(r.role_id.role_id) roles.add(r.role_id.role_id)
#servers_query = User_Servers.select().join(Servers, JOIN.INNER).where(User_Servers.user_id == user_id) servers_query = User_Servers.select().join(Servers, JOIN.INNER).where(User_Servers.user_id == user_id)
## TODO: this query needs to be narrower ## TODO: this query needs to be narrower
servers = set() servers = set()
#for s in servers_query: for s in servers_query:
# servers.add(s.server_id.server_id) servers.add(s.server_id.server_id)
user['roles'] = roles user['roles'] = roles
#user['servers'] = servers user['servers'] = servers
#logger.debug("user: ({}) {}".format(user_id, user)) #logger.debug("user: ({}) {}".format(user_id, user))
return user return user
@ -557,7 +583,7 @@ class db_shortcuts:
superuser: False, superuser: False,
api_token: None, api_token: None,
roles: [], roles: [],
servers: [] servers: [],
} }
user = model_to_dict(Users.get(Users.user_id == user_id)) user = model_to_dict(Users.get(Users.user_id == user_id))
@ -583,9 +609,9 @@ class db_shortcuts:
elif key == "roles": elif key == "roles":
added_roles = user_data['roles'].difference(base_data['roles']) added_roles = user_data['roles'].difference(base_data['roles'])
removed_roles = base_data['roles'].difference(user_data['roles']) removed_roles = base_data['roles'].difference(user_data['roles'])
#elif key == "servers": elif key == "servers":
# added_servers = user_data['servers'].difference(base_data['servers']) added_servers = user_data['servers'].difference(base_data['servers'])
# removed_servers = base_data['servers'].difference(user_data['servers']) removed_servers = base_data['servers'].difference(user_data['servers'])
elif key == "regen_api": elif key == "regen_api":
if user_data['regen_api']: if user_data['regen_api']:
up_data['api_token'] = db_shortcuts.new_api_token() up_data['api_token'] = db_shortcuts.new_api_token()
@ -602,10 +628,10 @@ class db_shortcuts:
# TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point # TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
User_Roles.delete().where(User_Roles.user_id == user_id).where(User_Roles.role_id.in_(removed_roles)).execute() User_Roles.delete().where(User_Roles.user_id == user_id).where(User_Roles.role_id.in_(removed_roles)).execute()
#for server in added_servers: for server in added_servers:
# User_Servers.get_or_create(user_id=user_id, server_id=server) User_Servers.get_or_create(user_id=user_id, server_id=server)
# # TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point # # TODO: This is horribly inefficient and we should be using bulk queries but im going for functionality at this point
#User_Servers.delete().where(User_Servers.user_id == user_id).where(User_Servers.server_id.in_(removed_servers)).execute() User_Servers.delete().where(User_Servers.user_id == user_id).where(User_Servers.server_id.in_(removed_servers)).execute()
if up_data: if up_data:
Users.update(up_data).where(Users.user_id == user_id).execute() Users.update(up_data).where(Users.user_id == user_id).execute()

45
app/classes/web/panel_handler.py
View File

@ -53,7 +53,7 @@ class PanelHandler(BaseHandler):
'running': len(self.controller.list_running_servers()), 'running': len(self.controller.list_running_servers()),
'stopped': (len(self.controller.list_defined_servers()) - len(self.controller.list_running_servers())) 'stopped': (len(self.controller.list_defined_servers()) - len(self.controller.list_running_servers()))
}, },
'menu_servers': defined_servers, 'menu_servers': self.controller.list_authorized_servers(exec_user_id),
'hosts_data': db_helper.get_latest_hosts_stats(), 'hosts_data': db_helper.get_latest_hosts_stats(),
'show_contribute': helper.get_setting("show_contribute_link", True), 'show_contribute': helper.get_setting("show_contribute_link", True),
'error': error, 'error': error,
@ -109,10 +109,9 @@ class PanelHandler(BaseHandler):
if exec_user['superuser'] == 1: if exec_user['superuser'] == 1:
page_data['servers'] = db_helper.get_all_servers_stats() page_data['servers'] = db_helper.get_all_servers_stats()
else: else:
#page_data['servers'] = db_helper.get_authorized_servers_stats(exec_user_id) user_auth = db_helper.get_authorized_servers_stats(exec_user_id)
ras = db_helper.get_authorized_servers_stats_from_roles(exec_user_id) logger.debug("ASFR: {}".format(user_auth))
logger.debug("ASFR: {}".format(ras)) page_data['servers'] = user_auth
page_data['servers'] = ras
for s in page_data['servers']: for s in page_data['servers']:
try: try:
@ -137,7 +136,7 @@ class PanelHandler(BaseHandler):
return return
if exec_user['superuser'] != 1: if exec_user['superuser'] != 1:
#if not db_helper.server_id_authorized(server_id, exec_user_id): if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id): if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
return False return False
@ -286,10 +285,17 @@ class PanelHandler(BaseHandler):
template = "panel/panel_edit_user.html" template = "panel/panel_edit_user.html"
elif page == "edit_user": elif page == "edit_user":
page_data['new_user'] = False
user_id = self.get_argument('id', None) user_id = self.get_argument('id', None)
role_servers = db_helper.get_authorized_servers_stats_from_roles(user_id)
user_servers = db_helper.get_authorized_servers(user_id)
servers = set()
for server in role_servers:
servers.add(server['server_id'])
for server in user_servers:
servers.add(server['server_id'])
page_data['new_user'] = False
page_data['user'] = db_helper.get_user(user_id) page_data['user'] = db_helper.get_user(user_id)
page_data['servers'] = db_helper.get_authorized_servers_stats_from_roles(user_id) page_data['servers'] = servers
page_data['roles_all'] = db_helper.get_all_roles() page_data['roles_all'] = db_helper.get_all_roles()
page_data['servers_all'] = self.controller.list_defined_servers() page_data['servers_all'] = self.controller.list_defined_servers()
@ -433,7 +439,9 @@ class PanelHandler(BaseHandler):
subpage = self.get_argument('subpage', None) subpage = self.get_argument('subpage', None)
if not exec_user['superuser']: if not exec_user['superuser']:
self.redirect("/panel/error?error=Unauthorized access: not superuser") if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(server_id, exec_user_id):
self.redirect("/panel/error?error=Unauthorized access: invalid server id")
return return
elif server_id is None: elif server_id is None:
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
@ -538,17 +546,28 @@ class PanelHandler(BaseHandler):
if argument: if argument:
roles.add(role.role_id) roles.add(role.role_id)
servers = set()
for server in self.controller.list_defined_servers():
argument = int(float(
bleach.clean(
self.get_argument('server_{}_access'.format(server['server_id']), '0')
)
))
if argument:
servers.add(server['server_id'])
user_data = { user_data = {
"username": username, "username": username,
"password": password0, "password": password0,
"enabled": enabled, "enabled": enabled,
"regen_api": regen_api, "regen_api": regen_api,
"roles": roles, "roles": roles,
"servers": servers,
} }
db_helper.update_user(user_id, user_data=user_data) db_helper.update_user(user_id, user_data=user_data)
db_helper.add_to_audit_log(exec_user['user_id'], db_helper.add_to_audit_log(exec_user['user_id'],
"Edited user {} (UID:{}) with roles {}".format(username, user_id, roles), "Edited user {} (UID:{}) with roles {} and servers {}".format(username, user_id, roles, servers),
server_id=0, server_id=0,
source_ip=self.get_remote_ip()) source_ip=self.get_remote_ip())
self.redirect("/panel/panel_config") self.redirect("/panel/panel_config")
@ -597,7 +616,11 @@ class PanelHandler(BaseHandler):
servers.add(server['server_id']) servers.add(server['server_id'])
user_id = db_helper.add_user(username, password=password0, enabled=enabled) user_id = db_helper.add_user(username, password=password0, enabled=enabled)
db_helper.update_user(user_id, {"roles":roles}) user_data = {
"roles": roles,
"servers": servers,
}
db_helper.update_user(user_id, user_data)
db_helper.add_to_audit_log(exec_user['user_id'], db_helper.add_to_audit_log(exec_user['user_id'],
"Added user {} (UID:{})".format(username, user_id), "Added user {} (UID:{})".format(username, user_id),

4
app/frontend/templates/panel/panel_edit_user.html
View File

@ -123,9 +123,9 @@
<td>{{ server['server_name'] }}</td> <td>{{ server['server_name'] }}</td>
<td> <td>
{% if server['server_id'] in data['servers'] %} {% if server['server_id'] in data['servers'] %}
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" checked="" disabled> <input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" checked="" value="1">
{% else %} {% else %}
<input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" disabled> <input type="checkbox" class="form-check-input" id="server_{{ server['server_id'] }}_access" name="server_{{ server['server_id'] }}_access" value="1">
{% end %} {% end %}
</td> </td>
</tr> </tr>