From 1b05562a9ed6d4d324b8d1557a504afa6812aa78 Mon Sep 17 00:00:00 2001 From: Silversthorn Date: Fri, 9 Feb 2024 00:10:26 +0100 Subject: [PATCH 01/40] Fix Forge Install bug for 1.20, 1.20.1 and 1.20.2 --- app/classes/shared/server.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/app/classes/shared/server.py b/app/classes/shared/server.py index e47fe19c..c3cee9fc 100644 --- a/app/classes/shared/server.py +++ b/app/classes/shared/server.py @@ -697,6 +697,10 @@ class ServerInstance: version_param = version[0][0].split(".") version_major = int(version_param[0]) version_minor = int(version_param[1]) + if version_param.length > 2: + version_sub = int(version_param[2]) + else: + version_sub = 0 # Checking which version we are with if version_major <= 1 and version_minor < 17: @@ -730,8 +734,8 @@ class ServerInstance: server_obj.execution_command = execution_command Console.debug(SUCCESSMSG) - elif version_major <= 1 and version_minor < 20: - # NEW VERSION >= 1.17 and <= 1.20 + elif version_major <= 1 and version_minor <= 20 and version_sub < 3: + # NEW VERSION >= 1.17 and <= 1.20.2 # (no jar file in server dir, only run.bat and run.sh) run_file_path = "" From a7f7a50ae023e42ae84ad72faccc1face29f72c3 Mon Sep 17 00:00:00 2001 From: Silversthorn Date: Fri, 9 Feb 2024 00:22:42 +0100 Subject: [PATCH 02/40] really fixing the bug --- app/classes/shared/server.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/classes/shared/server.py b/app/classes/shared/server.py index c3cee9fc..ce97cade 100644 --- a/app/classes/shared/server.py +++ b/app/classes/shared/server.py @@ -697,7 +697,7 @@ class ServerInstance: version_param = version[0][0].split(".") version_major = int(version_param[0]) version_minor = int(version_param[1]) - if version_param.length > 2: + if len(version_param) > 2: version_sub = int(version_param[2]) else: version_sub = 0 @@ -782,7 +782,7 @@ class ServerInstance: server_obj.execution_command = execution_command Console.debug(SUCCESSMSG) else: - # NEW VERSION >= 1.20 + # NEW VERSION >= 1.20.3 # (executable jar is back in server dir) # Retrieving the executable jar filename From d673908ce4fd1662793c8b1de0be15ded5644db8 Mon Sep 17 00:00:00 2001 From: Andrew Date: Sat, 17 Feb 2024 22:33:50 -0500 Subject: [PATCH 03/40] Encode password base64 to server --- app/classes/web/public_handler.py | 17 +++++++++++------ app/frontend/templates/public/login.html | 11 ++++++++--- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 762d3fb1..93db9332 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -1,5 +1,7 @@ import logging import nh3 +import base64 +import binascii from app.classes.shared.helpers import Helpers from app.classes.models.users import HelperUsers @@ -112,10 +114,13 @@ class PublicHandler(BaseHandler): if self.request.query: next_page = "/login?" + self.request.query - # pylint: disable=no-member - entered_username = nh3.clean(self.get_argument("username")) - entered_password = self.get_argument("password") - # pylint: enable=no-member + entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member + try: + entered_password = base64.b64decode(self.get_argument("encPassword")) + except binascii.Error: + error_msg = ("Hello? Hello? Anybody home?" + " Go straight to jail. Do not pass go.") + return self.redirect(f"/login?error_msg={error_msg}") try: user_id = HelperUsers.get_user_id_by_name(entered_username.lower()) @@ -132,7 +137,8 @@ class PublicHandler(BaseHandler): # self.clear_cookie("user_data") self.clear_cookie("token") if self.request.query: - self.redirect(f"/login?error_msg={error_msg}&{self.request.query}") + self.redirect(f"/login?err or_msg={error_msg}" + f"&{self.request.query}") else: self.redirect(f"/login?error_msg={error_msg}") return @@ -175,7 +181,6 @@ class PublicHandler(BaseHandler): else: self.redirect(f"/login?error_msg={error_msg}") return - login_result = self.helper.verify_pass(entered_password, user_data.password) # Valid Login diff --git a/app/frontend/templates/public/login.html b/app/frontend/templates/public/login.html index 1b39d8c4..45ef5a6f 100644 --- a/app/frontend/templates/public/login.html +++ b/app/frontend/templates/public/login.html @@ -78,9 +78,9 @@ } {% if data['query'] %} -
+ {% else %} - + {% end %} {% raw xsrf_form_html() %}
@@ -170,7 +170,9 @@ bootbox.alert(responseData.data) } - + function encodePass(){ + $("#encPassword").val(btoa($("#password").val())) + } + \ No newline at end of file From f6bb6eafcdc6f730d599e4545270194cfec71459 Mon Sep 17 00:00:00 2001 From: Andrew Date: Sat, 17 Feb 2024 23:08:23 -0500 Subject: [PATCH 04/40] Add default path password check Change decode to utf-8 --- app/classes/web/public_handler.py | 16 ++++++++++++++-- app/translations/en_EN.json | 4 +++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 93db9332..5280644a 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -116,7 +116,8 @@ class PublicHandler(BaseHandler): entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member try: - entered_password = base64.b64decode(self.get_argument("encPassword")) + entered_password = base64.b64decode( + self.get_argument("encPassword")).decode("utf-8") except binascii.Error: error_msg = ("Hello? Hello? Anybody home?" " Go straight to jail. Do not pass go.") @@ -220,7 +221,18 @@ class PublicHandler(BaseHandler): # self.clear_cookie("user") # self.clear_cookie("user_data") self.clear_cookie("token") - error_msg = "Incorrect username or password. Please try again." + error_msg = ( + self.helper.translation.translate("login", + "incorrect", + self.helper.get_setting("language")) + ) + if entered_password == "app/config/default-creds.txt": + error_msg += ". " + error_msg += ( + self.helper.translation.translate("login", + "defaultPath", + self.helper.get_setting("language")) + ) # log this failed login attempt self.controller.management.add_to_audit_log( user_data.user_id, "Tried to log in", 0, self.get_remote_ip() diff --git a/app/translations/en_EN.json b/app/translations/en_EN.json index 7d2b2cbb..0b7bf022 100644 --- a/app/translations/en_EN.json +++ b/app/translations/en_EN.json @@ -219,7 +219,9 @@ "login": "Log In", "password": "Password", "username": "Username", - "viewStatus": "View Public Status Page" + "viewStatus": "View Public Status Page", + "incorrect": "Incorrect username or password", + "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location." }, "notify": { "activityLog": "Activity Logs", From 166e3c50887c6477bbfa7ac4807cd245ced3dd67 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 12:03:02 -0500 Subject: [PATCH 05/40] Black codebase --- app/classes/web/public_handler.py | 34 ++++++++++++++++--------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 5280644a..ebc2929e 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -1,7 +1,7 @@ import logging -import nh3 -import base64 import binascii +import base64 +import nh3 from app.classes.shared.helpers import Helpers from app.classes.models.users import HelperUsers @@ -114,13 +114,18 @@ class PublicHandler(BaseHandler): if self.request.query: next_page = "/login?" + self.request.query - entered_username = nh3.clean(self.get_argument("username")) # pylint: disable=no-member + entered_username = nh3.clean( + self.get_argument("username") + ) # pylint: disable=no-member try: entered_password = base64.b64decode( - self.get_argument("encPassword")).decode("utf-8") + self.get_argument("encPassword") + ).decode("utf-8") except binascii.Error: - error_msg = ("Hello? Hello? Anybody home?" - " Go straight to jail. Do not pass go.") + error_msg = ( + "Hello? Hello? Anybody home?" + " Go straight to jail. Do not pass go." + ) return self.redirect(f"/login?error_msg={error_msg}") try: @@ -138,8 +143,9 @@ class PublicHandler(BaseHandler): # self.clear_cookie("user_data") self.clear_cookie("token") if self.request.query: - self.redirect(f"/login?err or_msg={error_msg}" - f"&{self.request.query}") + self.redirect( + f"/login?err or_msg={error_msg}" f"&{self.request.query}" + ) else: self.redirect(f"/login?error_msg={error_msg}") return @@ -221,17 +227,13 @@ class PublicHandler(BaseHandler): # self.clear_cookie("user") # self.clear_cookie("user_data") self.clear_cookie("token") - error_msg = ( - self.helper.translation.translate("login", - "incorrect", - self.helper.get_setting("language")) + error_msg = self.helper.translation.translate( + "login", "incorrect", self.helper.get_setting("language") ) if entered_password == "app/config/default-creds.txt": error_msg += ". " - error_msg += ( - self.helper.translation.translate("login", - "defaultPath", - self.helper.get_setting("language")) + error_msg += self.helper.translation.translate( + "login", "defaultPath", self.helper.get_setting("language") ) # log this failed login attempt self.controller.management.add_to_audit_log( From d168a7f8f03a5f1bbefedf20a071ba4e75243de8 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 19:19:30 -0500 Subject: [PATCH 06/40] Remove max password length --- app/classes/web/routes/api/auth/login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/classes/web/routes/api/auth/login.py b/app/classes/web/routes/api/auth/login.py index b91b295d..7a27c6f8 100644 --- a/app/classes/web/routes/api/auth/login.py +++ b/app/classes/web/routes/api/auth/login.py @@ -17,7 +17,7 @@ login_schema = { "minLength": 4, "pattern": "^[a-z0-9_]+$", }, - "password": {"type": "string", "maxLength": 20, "minLength": 4}, + "password": {"type": "string", "minLength": 4}, }, "required": ["username", "password"], "additionalProperties": False, From aac35b14d9a786121bdcc6015f0935c920578b31 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:18:47 -0500 Subject: [PATCH 07/40] Change login payload --- app/classes/web/public_handler.py | 163 +++++++++++++---------- app/frontend/templates/public/login.html | 126 ++++++++++-------- app/translations/en_EN.json | 5 +- 3 files changed, 172 insertions(+), 122 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index ebc2929e..87745220 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -1,7 +1,11 @@ import logging import binascii import base64 +import urllib +import json import nh3 +from jsonschema import validate +from jsonschema.exceptions import ValidationError from app.classes.shared.helpers import Helpers from app.classes.models.users import HelperUsers @@ -47,7 +51,7 @@ class PublicHandler(BaseHandler): } if self.request.query: - page_data["query"] = self.request.query + page_data["query"] = self.request.query_arguments.get("next")[0].decode() # sensible defaults template = "public/404.html" @@ -77,11 +81,7 @@ class PublicHandler(BaseHandler): # if we have no page, let's go to login else: - if self.request.query: - self.redirect("/login?" + self.request.query) - else: - self.redirect("/login") - return + return self.redirect("/login") self.render( template, @@ -91,42 +91,74 @@ class PublicHandler(BaseHandler): ) def post(self, page=None): - # pylint: disable=no-member - error = nh3.clean(self.get_argument("error", "Invalid Login!")) - error_msg = nh3.clean(self.get_argument("error_msg", "")) - # pylint: enable=no-member + login_schema = { + "type": "object", + "properties": { + "username": { + "type": "string", + "pattern": "^[a-z0-9_]+$", + }, + "password": {"type": "string"}, + }, + "required": ["username", "password"], + "additionalProperties": False, + } + try: + data = json.loads(self.request.body) + except json.decoder.JSONDecodeError as e: + logger.error( + "Invalid JSON schema for API" + f" login attempt from {self.get_remote_ip()}" + ) + return self.finish_json( + 400, {"status": "error", "error": "INVALID_JSON", "error_data": str(e)} + ) + + try: + validate(data, login_schema) + except ValidationError as e: + logger.error( + "Invalid JSON schema for API" + f" login attempt from {self.get_remote_ip()}" + ) + return self.finish_json( + 400, + { + "status": "error", + "error": "INVALID_JSON_SCHEMA", + "error_data": str(e), + }, + ) page_data = { "version": self.helper.get_version_string(), - "error": error, "lang": self.helper.get_setting("language"), "lang_page": self.helper.get_lang_page(self.helper.get_setting("language")), "query": "", } if self.request.query: - page_data["query"] = self.request.query + page_data["query"] = self.request.query_arguments.get("next")[0].decode() if page == "login": + data = json.loads(self.request.body) + auth_log.info( f"User attempting to authenticate from {self.get_remote_ip()}" ) - next_page = "/login" - if self.request.query: - next_page = "/login?" + self.request.query - - entered_username = nh3.clean( - self.get_argument("username") - ) # pylint: disable=no-member + entered_username = nh3.clean(data["username"]) # pylint: disable=no-member try: - entered_password = base64.b64decode( - self.get_argument("encPassword") - ).decode("utf-8") - except binascii.Error: - error_msg = ( - "Hello? Hello? Anybody home?" - " Go straight to jail. Do not pass go." + entered_password = urllib.parse.unquote( + base64.b64decode(data["password"]).decode("utf-8") + ) + except binascii.Error: + return self.finish_json( + 403, + { + "status": "error", + "error": "Hello? Hello? Anybody home?" + " Go straight to jail. Do not pass go.", + }, ) - return self.redirect(f"/login?error_msg={error_msg}") try: user_id = HelperUsers.get_user_id_by_name(entered_username.lower()) @@ -138,18 +170,18 @@ class PublicHandler(BaseHandler): f" Authentication failed from remote IP {self.get_remote_ip()}" " Users does not exist." ) - error_msg = "Incorrect username or password. Please try again." + self.finish_json( + 403, + { + "status": "error", + "error": self.helper.translation.translate( + "login", "incorrect", self.helper.get_setting("language") + ), + }, + ) # self.clear_cookie("user") # self.clear_cookie("user_data") - self.clear_cookie("token") - if self.request.query: - self.redirect( - f"/login?err or_msg={error_msg}" f"&{self.request.query}" - ) - else: - self.redirect(f"/login?error_msg={error_msg}") - return - + return self.clear_cookie("token") # if we don't have a user if not user_data: auth_log.error( @@ -158,15 +190,18 @@ class PublicHandler(BaseHandler): " User does not exist." ) self.controller.log_attempt(self.get_remote_ip(), entered_username) - error_msg = "Incorrect username or password. Please try again." + self.finish_json( + 403, + { + "status": "error", + "error": self.helper.translation.translate( + "login", "incorrect", self.helper.get_setting("language") + ), + }, + ) # self.clear_cookie("user") # self.clear_cookie("user_data") - self.clear_cookie("token") - if self.request.query: - self.redirect(f"/login?error_msg={error_msg}&{self.request.query}") - else: - self.redirect(f"/login?error_msg={error_msg}") - return + return self.clear_cookie("token") # if they are disabled if not user_data.enabled: @@ -176,18 +211,18 @@ class PublicHandler(BaseHandler): " User account disabled" ) self.controller.log_attempt(self.get_remote_ip(), entered_username) - error_msg = ( - "User account disabled. Please contact " - "your system administrator for more info." + self.finish_json( + 403, + { + "status": "error", + "error": self.helper.translation.translate( + "login", "disabled", self.helper.get_setting("language") + ), + }, ) # self.clear_cookie("user") # self.clear_cookie("user_data") - self.clear_cookie("token") - if self.request.query: - self.redirect(f"/login?error_msg={error_msg}&{self.request.query}") - else: - self.redirect(f"/login?error_msg={error_msg}") - return + return self.clear_cookie("token") login_result = self.helper.verify_pass(entered_password, user_data.password) # Valid Login @@ -212,12 +247,9 @@ class PublicHandler(BaseHandler): user_data.user_id, "Logged in", 0, self.get_remote_ip() ) - if self.request.query_arguments.get("next"): - next_page = self.request.query_arguments.get("next")[0].decode() - else: - next_page = "/panel/dashboard" - - self.redirect(next_page) + return self.finish_json( + 200, {"status": "ok", "data": {"message": "login successful!"}} + ) else: auth_log.error( f"User attempted to log into {entered_username}." @@ -239,12 +271,9 @@ class PublicHandler(BaseHandler): self.controller.management.add_to_audit_log( user_data.user_id, "Tried to log in", 0, self.get_remote_ip() ) - if self.request.query: - self.redirect(f"/login?error_msg={error_msg}&{self.request.query}") - else: - self.redirect(f"/login?error_msg={error_msg}") + return self.finish_json( + 403, + {"status": "error", "error": error_msg}, + ) else: - if self.request.query: - self.redirect("/login?" + self.request.query) - else: - self.redirect("/login") + self.redirect("/login?") diff --git a/app/frontend/templates/public/login.html b/app/frontend/templates/public/login.html index 45ef5a6f..2d4e6c84 100644 --- a/app/frontend/templates/public/login.html +++ b/app/frontend/templates/public/login.html @@ -77,55 +77,49 @@ box-shadow: 0 12px 16px 0 hsla(0, 0%, 0%, 0.4); } - {% if data['query'] %} - - {% else %} - - {% end %} - {% raw xsrf_form_html() %} -
- -
- -
+ + {% raw xsrf_form_html() %} +
+ +
+
-
- -
- -
+
+
+ +
+
-
- -
- {% if error_msg is not None %} -
- {{error_msg}} -
- {% end %} -
-
-   -
- +
+
+ +
+
+
+
+
+  
+ +
- - - - + + + +
@@ -155,13 +149,13 @@ document.getElementById('login-form-background').style.background = 'rgb(34, 36, 55, ' + (opacity / 100) + ')'; //Register Service worker for mobile app if ('serviceWorker' in navigator) { - navigator.serviceWorker.register('/static/assets/js/shared/service-worker.js', {scope: '/'}) + navigator.serviceWorker.register('/static/assets/js/shared/service-worker.js', { scope: '/' }) .then(function (registration) { console.log('Service Worker Registered'); }); } }); - async function resetPass(){ + async function resetPass() { let res = await fetch(`/api/v2/crafty/resetPass/`, { method: 'GET', }); @@ -170,9 +164,38 @@ bootbox.alert(responseData.data) } - function encodePass(){ - $("#encPassword").val(btoa($("#password").val())) - } + $("#login-form").on("submit", async function (e) { + e.preventDefault(); + let loginForm = document.getElementById("login-form"); + + let formData = new FormData(loginForm); + + //Create an object from the form data entries + let formDataObject = Object.fromEntries(formData.entries()); + console.log(formDataObject) + let res = await fetch(`/login`, { + method: 'POST', + headers: { + 'X-XSRFToken': formDataObject._xsrf, + "Content-Type": "application/json" + }, + body: JSON.stringify({ + "username": formDataObject.username, + "password": btoa(encodeURIComponent(formDataObject.password)) + }), + }); + let responseData = await res.json(); + if (responseData.status === "ok") { + console.log("OK") + if ($("#login-form").data("query")) { + location.href = `${$("#login-form").data("query")}`; + } else { + location.href = `/panel/dashboard` + } + } else { + $("#error-field").html(responseData.error); + } + }); - \ No newline at end of file diff --git a/app/translations/en_EN.json b/app/translations/en_EN.json index 0b7bf022..3ec3b9ed 100644 --- a/app/translations/en_EN.json +++ b/app/translations/en_EN.json @@ -221,7 +221,8 @@ "username": "Username", "viewStatus": "View Public Status Page", "incorrect": "Incorrect username or password", - "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location." + "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location.", + "disabled": "User account disabled. Please contact your system administrator for more info." }, "notify": { "activityLog": "Activity Logs", @@ -670,4 +671,4 @@ "webhook_body": "Webhook Body", "webhooks": "Webhooks" } -} +} \ No newline at end of file From 1cf773bd40bd7e4fb89b5865305ffff050dab7fc Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:32:25 -0500 Subject: [PATCH 08/40] Update error message --- app/classes/web/public_handler.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 87745220..fc4f940e 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -156,7 +156,8 @@ class PublicHandler(BaseHandler): { "status": "error", "error": "Hello? Hello? Anybody home?" - " Go straight to jail. Do not pass go.", + " Go straight to jail. Do not pass go." + " Uh oh! Stinky 💩", }, ) From 1a7c76dca78e21bfe01909723f706b91b479c62a Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:35:36 -0500 Subject: [PATCH 09/40] Add unicode except --- app/classes/web/public_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index fc4f940e..0843e761 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -150,7 +150,7 @@ class PublicHandler(BaseHandler): entered_password = urllib.parse.unquote( base64.b64decode(data["password"]).decode("utf-8") ) - except binascii.Error: + except (binascii.Error, UnicodeDecodeError): return self.finish_json( 403, { From c2c10d46097221ef68c50f5c5688a304b1fe6bf8 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:39:24 -0500 Subject: [PATCH 10/40] Separate errors for unicode/binascii --- app/classes/web/public_handler.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 0843e761..2c04873c 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -150,7 +150,7 @@ class PublicHandler(BaseHandler): entered_password = urllib.parse.unquote( base64.b64decode(data["password"]).decode("utf-8") ) - except (binascii.Error, UnicodeDecodeError): + except binascii.Error: return self.finish_json( 403, { @@ -160,6 +160,14 @@ class PublicHandler(BaseHandler): " Uh oh! Stinky 💩", }, ) + except UnicodeDecodeError: + return self.finish_json( + 403, + { + "status": "error", + "error": "VWggb2ghIFN0aW5reSDwn5Kp", + }, + ) try: user_id = HelperUsers.get_user_id_by_name(entered_username.lower()) From dfe9aeb21203df148923b7245ad5b6eed45cb36d Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:40:07 -0500 Subject: [PATCH 11/40] Remove the stinky --- app/classes/web/public_handler.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 2c04873c..2613f732 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -156,8 +156,7 @@ class PublicHandler(BaseHandler): { "status": "error", "error": "Hello? Hello? Anybody home?" - " Go straight to jail. Do not pass go." - " Uh oh! Stinky 💩", + " Go straight to jail. Do not pass go.", }, ) except UnicodeDecodeError: From 5712d56e0e4ce6de44bcd052b2b2111f2bc8f792 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:43:59 -0500 Subject: [PATCH 12/40] Needed to plunge some errors --- app/classes/web/public_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 2613f732..b857508a 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -164,7 +164,7 @@ class PublicHandler(BaseHandler): 403, { "status": "error", - "error": "VWggb2ghIFN0aW5reSDwn5Kp", + "error": "VWggb2ghIFN0aW5reSDwn5Kp 🪠", }, ) From d5c009960b36c67135c5f7369d6d4207f8741583 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:46:19 -0500 Subject: [PATCH 13/40] Clean up forgot to purge --- app/classes/web/public_handler.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index b857508a..21e8aa44 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -164,7 +164,7 @@ class PublicHandler(BaseHandler): 403, { "status": "error", - "error": "VWggb2ghIFN0aW5reSDwn5Kp 🪠", + "error": "VWggb2ghIFN0aW5reS 🪠", }, ) From bfa0c724126ca01944d3cabf70faf2e19cdc6bd0 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 20:52:35 -0500 Subject: [PATCH 14/40] Appease black --- app/classes/models/server_permissions.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/classes/models/server_permissions.py b/app/classes/models/server_permissions.py index eb5e3f35..56f9d8ac 100644 --- a/app/classes/models/server_permissions.py +++ b/app/classes/models/server_permissions.py @@ -172,9 +172,9 @@ class PermissionsServers: RoleServers.server_id, RoleServers.permissions ).where(RoleServers.role_id == role_id) for role_server in role_servers: - permissions_dict[ - role_server.server_id_id - ] = PermissionsServers.get_permissions(role_server.permissions) + permissions_dict[role_server.server_id_id] = ( + PermissionsServers.get_permissions(role_server.permissions) + ) return permissions_dict @staticmethod From 842e576b5c0ed9a41f253718f13124062e556fd6 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 21:14:15 -0500 Subject: [PATCH 15/40] Refactor minimum password length --- app/classes/controllers/users_controller.py | 2 +- app/classes/shared/command.py | 10 +++++----- app/classes/shared/helpers.py | 1 + app/classes/shared/main_models.py | 11 +++++++++-- 4 files changed, 16 insertions(+), 8 deletions(-) diff --git a/app/classes/controllers/users_controller.py b/app/classes/controllers/users_controller.py index 5c6dd3d2..5425fbf8 100644 --- a/app/classes/controllers/users_controller.py +++ b/app/classes/controllers/users_controller.py @@ -52,7 +52,7 @@ class UsersController: }, "password": { "type": "string", - "minLength": 8, + "minLength": self.helper.minimum_password_length, "examples": ["crafty"], "title": "Password", }, diff --git a/app/classes/shared/command.py b/app/classes/shared/command.py index 155fe083..95a83047 100644 --- a/app/classes/shared/command.py +++ b/app/classes/shared/command.py @@ -77,11 +77,11 @@ class MainPrompt(cmd.Cmd): # get new password from user new_pass = getpass.getpass(prompt=f"NEW password for: {username} > ") # check to make sure it fits our requirements. - if len(new_pass) > 512: - Console.warning("Passwords must be greater than 6char long and under 512") - return False - if len(new_pass) < 6: - Console.warning("Passwords must be greater than 6char long and under 512") + if len(new_pass) < self.helper.minimum_password_length: + Console.warning( + "Passwords must be greater than" + f" {self.helper.minimum_password_length} char long" + ) return False # grab repeated password input new_pass_conf = getpass.getpass(prompt="Re-enter your password: > ") diff --git a/app/classes/shared/helpers.py b/app/classes/shared/helpers.py index 9c63a323..9dff8356 100644 --- a/app/classes/shared/helpers.py +++ b/app/classes/shared/helpers.py @@ -81,6 +81,7 @@ class Helpers: self.update_available = False self.ignored_names = ["crafty_managed.txt", "db_stats"] self.crafty_starting = False + self.minimum_password_length = 8 @staticmethod def auto_installer_fix(ex): diff --git a/app/classes/shared/main_models.py b/app/classes/shared/main_models.py index c166b7fb..0cced56f 100644 --- a/app/classes/shared/main_models.py +++ b/app/classes/shared/main_models.py @@ -18,13 +18,20 @@ class DatabaseBuilder: logger.info("Fresh Install Detected - Creating Default Settings") Console.info("Fresh Install Detected - Creating Default Settings") default_data = self.helper.find_default_password() - if password not in default_data: + if "password" not in default_data: Console.help( "No default password found. Using password created " "by Crafty. Find it in app/config/default-creds.txt" ) username = default_data.get("username", "admin") - password = default_data.get("password", password) + if self.helper.minimum_password_length > default_data.get("password", password): + Console.critical( + "Default password too short" + " using Crafty's created default." + " Find it in app/config/default-creds.txt" + ) + else: + password = default_data.get("password", password) self.users_helper.add_user( username=username, From fcb8b02907ebb355ed7975b42248830c54fc03bb Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Mon, 19 Feb 2024 21:14:28 -0500 Subject: [PATCH 16/40] Black codebase --- app/classes/web/panel_handler.py | 248 +++++++++--------- .../web/routes/api/crafty/config/index.py | 20 +- .../routes/api/crafty/config/server_dir.py | 10 +- app/classes/web/routes/api/roles/index.py | 10 +- .../web/routes/api/roles/role/servers.py | 10 +- app/classes/web/server_handler.py | 20 +- 6 files changed, 170 insertions(+), 148 deletions(-) diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py index a7e54974..e8c93c68 100644 --- a/app/classes/web/panel_handler.py +++ b/app/classes/web/panel_handler.py @@ -345,15 +345,17 @@ class PanelHandler(BaseHandler): self.controller.users.get_user_lang_by_id(exec_user["user_id"]) ), "super_user": superuser, - "api_key": { - "name": api_key.name, - "created": api_key.created, - "server_permissions": api_key.server_permissions, - "crafty_permissions": api_key.crafty_permissions, - "superuser": api_key.superuser, - } - if api_key is not None - else None, + "api_key": ( + { + "name": api_key.name, + "created": api_key.created, + "server_permissions": api_key.server_permissions, + "crafty_permissions": api_key.crafty_permissions, + "superuser": api_key.superuser, + } + if api_key is not None + else None + ), "superuser": superuser, } try: @@ -417,14 +419,14 @@ class PanelHandler(BaseHandler): self.controller.first_login = False if superuser: # TODO: Figure out a better solution try: - page_data[ - "servers" - ] = self.controller.servers.get_all_servers_stats() + page_data["servers"] = ( + self.controller.servers.get_all_servers_stats() + ) except IndexError: self.controller.servers.stats.record_stats() - page_data[ - "servers" - ] = self.controller.servers.get_all_servers_stats() + page_data["servers"] = ( + self.controller.servers.get_all_servers_stats() + ) else: try: user_auth = self.controller.servers.get_authorized_servers_stats( @@ -454,19 +456,19 @@ class PanelHandler(BaseHandler): for server_id in user_order[:]: for server in un_used_servers[:]: if flag == 0: - server["stats"][ - "importing" - ] = self.controller.servers.get_import_status( - str(server["stats"]["server_id"]["server_id"]) + server["stats"]["importing"] = ( + self.controller.servers.get_import_status( + str(server["stats"]["server_id"]["server_id"]) + ) ) server["stats"]["crashed"] = self.controller.servers.is_crashed( str(server["stats"]["server_id"]["server_id"]) ) try: - server["stats"][ - "waiting_start" - ] = self.controller.servers.get_waiting_start( - str(server["stats"]["server_id"]["server_id"]) + server["stats"]["waiting_start"] = ( + self.controller.servers.get_waiting_start( + str(server["stats"]["server_id"]["server_id"]) + ) ) except Exception as e: logger.error(f"Failed to get server waiting to start: {e}") @@ -543,9 +545,9 @@ class PanelHandler(BaseHandler): server_id ) if not self.failed_server: - page_data[ - "server_stats" - ] = self.controller.servers.get_server_stats_by_id(server_id) + page_data["server_stats"] = ( + self.controller.servers.get_server_stats_by_id(server_id) + ) else: server_temp_obj = self.controller.servers.get_server_data_by_id( server_id @@ -611,19 +613,19 @@ class PanelHandler(BaseHandler): "Config": EnumPermissionsServer.CONFIG, "Players": EnumPermissionsServer.PLAYERS, } - page_data[ - "user_permissions" - ] = self.controller.server_perms.get_user_id_permissions_list( - exec_user["user_id"], server_id + page_data["user_permissions"] = ( + self.controller.server_perms.get_user_id_permissions_list( + exec_user["user_id"], server_id + ) ) if not self.failed_server: - page_data["server_stats"][ - "crashed" - ] = self.controller.servers.is_crashed(server_id) + page_data["server_stats"]["crashed"] = ( + self.controller.servers.is_crashed(server_id) + ) if not self.failed_server: - page_data["server_stats"][ - "server_type" - ] = self.controller.servers.get_server_type_by_id(server_id) + page_data["server_stats"]["server_type"] = ( + self.controller.servers.get_server_type_by_id(server_id) + ) if not subpage: for spage, perm in SUBPAGE_PERMS.items(): @@ -674,23 +676,23 @@ class PanelHandler(BaseHandler): page_data["java_versions"] = page_java if subpage == "backup": server_info = self.controller.servers.get_server_data_by_id(server_id) - page_data[ - "backup_config" - ] = self.controller.management.get_backup_config(server_id) + page_data["backup_config"] = ( + self.controller.management.get_backup_config(server_id) + ) exclusions = [] - page_data[ - "exclusions" - ] = self.controller.management.get_excluded_backup_dirs(server_id) - page_data[ - "backing_up" - ] = self.controller.servers.get_server_instance_by_id( - server_id - ).is_backingup - page_data[ - "backup_stats" - ] = self.controller.servers.get_server_instance_by_id( - server_id - ).send_backup_status() + page_data["exclusions"] = ( + self.controller.management.get_excluded_backup_dirs(server_id) + ) + page_data["backing_up"] = ( + self.controller.servers.get_server_instance_by_id( + server_id + ).is_backingup + ) + page_data["backup_stats"] = ( + self.controller.servers.get_server_instance_by_id( + server_id + ).send_backup_status() + ) # makes it so relative path is the only thing shown for file in page_data["exclusions"]: if Helpers.is_os_windows(): @@ -723,10 +725,10 @@ class PanelHandler(BaseHandler): server_id, hours=(days * 24) ) if subpage == "webhooks": - page_data[ - "webhooks" - ] = self.controller.management.get_webhooks_by_server( - server_id, model=True + page_data["webhooks"] = ( + self.controller.management.get_webhooks_by_server( + server_id, model=True + ) ) page_data["triggers"] = WebhookFactory.get_monitored_events() @@ -758,9 +760,9 @@ class PanelHandler(BaseHandler): if not superuser: self.redirect("/panel/error?error=Unauthorized access") page_data["banned_players_html"] = get_banned_players_html() - page_data[ - "banned_players" - ] = self.controller.servers.get_banned_players(server_id) + page_data["banned_players"] = ( + self.controller.servers.get_banned_players(server_id) + ) server_instance = self.controller.servers.get_server_instance_by_id( server_id ) @@ -925,9 +927,9 @@ class PanelHandler(BaseHandler): if item not in page_data["backgrounds"]: page_data["backgrounds"].append(item) page_data["background"] = self.controller.cached_login - page_data[ - "login_opacity" - ] = self.controller.management.get_login_opacity() + page_data["login_opacity"] = ( + self.controller.management.get_login_opacity() + ) page_data["active_link"] = "custom_login" template = "panel/custom_login.html" @@ -959,13 +961,11 @@ class PanelHandler(BaseHandler): page_data["servers"] = [] page_data["servers_all"] = self.controller.servers.get_all_defined_servers() page_data["role-servers"] = [] - page_data[ - "permissions_all" - ] = self.controller.crafty_perms.list_defined_crafty_permissions() + page_data["permissions_all"] = ( + self.controller.crafty_perms.list_defined_crafty_permissions() + ) page_data["permissions_list"] = set() - page_data[ - "quantity_server" - ] = ( + page_data["quantity_server"] = ( self.controller.crafty_perms.list_all_crafty_permissions_quantity_limits() # pylint: disable=line-too-long ) page_data["languages"] = [] @@ -1007,10 +1007,10 @@ class PanelHandler(BaseHandler): page_data["server_data"] = self.controller.servers.get_server_data_by_id( server_id ) - page_data[ - "user_permissions" - ] = self.controller.server_perms.get_user_id_permissions_list( - exec_user["user_id"], server_id + page_data["user_permissions"] = ( + self.controller.server_perms.get_user_id_permissions_list( + exec_user["user_id"], server_id + ) ) page_data["permissions"] = { "Commands": EnumPermissionsServer.COMMANDS, @@ -1025,9 +1025,9 @@ class PanelHandler(BaseHandler): page_data["server_stats"] = self.controller.servers.get_server_stats_by_id( server_id ) - page_data["server_stats"][ - "server_type" - ] = self.controller.servers.get_server_type_by_id(server_id) + page_data["server_stats"]["server_type"] = ( + self.controller.servers.get_server_type_by_id(server_id) + ) page_data["new_webhook"] = True page_data["webhook"] = {} page_data["webhook"]["webhook_type"] = "Custom" @@ -1061,10 +1061,10 @@ class PanelHandler(BaseHandler): page_data["server_data"] = self.controller.servers.get_server_data_by_id( server_id ) - page_data[ - "user_permissions" - ] = self.controller.server_perms.get_user_id_permissions_list( - exec_user["user_id"], server_id + page_data["user_permissions"] = ( + self.controller.server_perms.get_user_id_permissions_list( + exec_user["user_id"], server_id + ) ) page_data["permissions"] = { "Commands": EnumPermissionsServer.COMMANDS, @@ -1079,9 +1079,9 @@ class PanelHandler(BaseHandler): page_data["server_stats"] = self.controller.servers.get_server_stats_by_id( server_id ) - page_data["server_stats"][ - "server_type" - ] = self.controller.servers.get_server_type_by_id(server_id) + page_data["server_stats"]["server_type"] = ( + self.controller.servers.get_server_type_by_id(server_id) + ) page_data["new_webhook"] = False page_data["webhook"] = self.controller.management.get_webhook_by_id( webhook_id @@ -1121,10 +1121,10 @@ class PanelHandler(BaseHandler): "Config": EnumPermissionsServer.CONFIG, "Players": EnumPermissionsServer.PLAYERS, } - page_data[ - "user_permissions" - ] = self.controller.server_perms.get_user_id_permissions_list( - exec_user["user_id"], server_id + page_data["user_permissions"] = ( + self.controller.server_perms.get_user_id_permissions_list( + exec_user["user_id"], server_id + ) ) page_data["server_data"] = self.controller.servers.get_server_data_by_id( server_id @@ -1132,9 +1132,9 @@ class PanelHandler(BaseHandler): page_data["server_stats"] = self.controller.servers.get_server_stats_by_id( server_id ) - page_data["server_stats"][ - "server_type" - ] = self.controller.servers.get_server_type_by_id(server_id) + page_data["server_stats"]["server_type"] = ( + self.controller.servers.get_server_type_by_id(server_id) + ) page_data["new_schedule"] = True page_data["schedule"] = {} page_data["schedule"]["children"] = [] @@ -1189,10 +1189,10 @@ class PanelHandler(BaseHandler): "Config": EnumPermissionsServer.CONFIG, "Players": EnumPermissionsServer.PLAYERS, } - page_data[ - "user_permissions" - ] = self.controller.server_perms.get_user_id_permissions_list( - exec_user["user_id"], server_id + page_data["user_permissions"] = ( + self.controller.server_perms.get_user_id_permissions_list( + exec_user["user_id"], server_id + ) ) page_data["server_data"] = self.controller.servers.get_server_data_by_id( server_id @@ -1200,9 +1200,9 @@ class PanelHandler(BaseHandler): page_data["server_stats"] = self.controller.servers.get_server_stats_by_id( server_id ) - page_data["server_stats"][ - "server_type" - ] = self.controller.servers.get_server_type_by_id(server_id) + page_data["server_stats"]["server_type"] = ( + self.controller.servers.get_server_type_by_id(server_id) + ) page_data["new_schedule"] = False page_data["schedule"] = {} page_data["schedule"]["server_id"] = server_id @@ -1212,9 +1212,9 @@ class PanelHandler(BaseHandler): page_data["schedule"]["name"] = schedule.name else: page_data["schedule"]["name"] = "" - page_data["schedule"][ - "children" - ] = self.controller.management.get_child_schedules(sch_id) + page_data["schedule"]["children"] = ( + self.controller.management.get_child_schedules(sch_id) + ) # We check here to see if the command is any of the default ones. # We do not want a user changing to a custom command # and seeing our command there. @@ -1280,16 +1280,16 @@ class PanelHandler(BaseHandler): } if exec_user["superuser"]: page_data["users"] = self.controller.users.get_all_users() - page_data[ - "permissions_all" - ] = self.controller.crafty_perms.list_defined_crafty_permissions() - page_data[ - "permissions_list" - ] = self.controller.crafty_perms.get_crafty_permissions_list(user_id) - page_data[ - "quantity_server" - ] = self.controller.crafty_perms.list_crafty_permissions_quantity_limits( - user_id + page_data["permissions_all"] = ( + self.controller.crafty_perms.list_defined_crafty_permissions() + ) + page_data["permissions_list"] = ( + self.controller.crafty_perms.get_crafty_permissions_list(user_id) + ) + page_data["quantity_server"] = ( + self.controller.crafty_perms.list_crafty_permissions_quantity_limits( + user_id + ) ) page_data["languages"] = [] page_data["languages"].append( @@ -1349,12 +1349,12 @@ class PanelHandler(BaseHandler): page_data["user"] = self.controller.users.get_user_by_id(user_id) page_data["api_keys"] = self.controller.users.get_user_api_keys(user_id) # self.controller.crafty_perms.list_defined_crafty_permissions() - page_data[ - "server_permissions_all" - ] = self.controller.server_perms.list_defined_permissions() - page_data[ - "crafty_permissions_all" - ] = self.controller.crafty_perms.list_defined_crafty_permissions() + page_data["server_permissions_all"] = ( + self.controller.server_perms.list_defined_permissions() + ) + page_data["crafty_permissions_all"] = ( + self.controller.crafty_perms.list_defined_crafty_permissions() + ) if user_id is None: self.redirect("/panel/error?error=Invalid User ID") @@ -1442,9 +1442,9 @@ class PanelHandler(BaseHandler): DatabaseShortcuts.get_data_obj(server.server_object) ) page_data["servers_all"] = page_servers - page_data[ - "permissions_all" - ] = self.controller.server_perms.list_defined_permissions() + page_data["permissions_all"] = ( + self.controller.server_perms.list_defined_permissions() + ) page_data["permissions_dict"] = {} template = "panel/panel_edit_role.html" @@ -1467,12 +1467,12 @@ class PanelHandler(BaseHandler): DatabaseShortcuts.get_data_obj(server.server_object) ) page_data["servers_all"] = page_servers - page_data[ - "permissions_all" - ] = self.controller.server_perms.list_defined_permissions() - page_data[ - "permissions_dict" - ] = self.controller.server_perms.get_role_permissions_dict(role_id) + page_data["permissions_all"] = ( + self.controller.server_perms.list_defined_permissions() + ) + page_data["permissions_dict"] = ( + self.controller.server_perms.get_role_permissions_dict(role_id) + ) page_data["user-roles"] = user_roles page_data["users"] = self.controller.users.get_all_users() diff --git a/app/classes/web/routes/api/crafty/config/index.py b/app/classes/web/routes/api/crafty/config/index.py index a2bff723..c901732c 100644 --- a/app/classes/web/routes/api/crafty/config/index.py +++ b/app/classes/web/routes/api/crafty/config/index.py @@ -80,9 +80,13 @@ class ApiCraftyConfigIndexHandler(BaseApiHandler): 200, { "status": "ok", - "data": self.controller.roles.get_all_role_ids() - if get_only_ids - else [model_to_dict(r) for r in self.controller.roles.get_all_roles()], + "data": ( + self.controller.roles.get_all_role_ids() + if get_only_ids + else [ + model_to_dict(r) for r in self.controller.roles.get_all_roles() + ] + ), }, ) @@ -158,9 +162,13 @@ class ApiCraftyCustomizeIndexHandler(BaseApiHandler): 200, { "status": "ok", - "data": self.controller.roles.get_all_role_ids() - if get_only_ids - else [model_to_dict(r) for r in self.controller.roles.get_all_roles()], + "data": ( + self.controller.roles.get_all_role_ids() + if get_only_ids + else [ + model_to_dict(r) for r in self.controller.roles.get_all_roles() + ] + ), }, ) diff --git a/app/classes/web/routes/api/crafty/config/server_dir.py b/app/classes/web/routes/api/crafty/config/server_dir.py index 4e41be14..91c4cc89 100644 --- a/app/classes/web/routes/api/crafty/config/server_dir.py +++ b/app/classes/web/routes/api/crafty/config/server_dir.py @@ -36,9 +36,13 @@ class ApiCraftyConfigServerDirHandler(BaseApiHandler): 200, { "status": "ok", - "data": self.controller.roles.get_all_role_ids() - if get_only_ids - else [model_to_dict(r) for r in self.controller.roles.get_all_roles()], + "data": ( + self.controller.roles.get_all_role_ids() + if get_only_ids + else [ + model_to_dict(r) for r in self.controller.roles.get_all_roles() + ] + ), }, ) diff --git a/app/classes/web/routes/api/roles/index.py b/app/classes/web/routes/api/roles/index.py index b0c773a7..dce6f453 100644 --- a/app/classes/web/routes/api/roles/index.py +++ b/app/classes/web/routes/api/roles/index.py @@ -87,9 +87,13 @@ class ApiRolesIndexHandler(BaseApiHandler): 200, { "status": "ok", - "data": self.controller.roles.get_all_role_ids() - if get_only_ids - else [model_to_dict(r) for r in self.controller.roles.get_all_roles()], + "data": ( + self.controller.roles.get_all_role_ids() + if get_only_ids + else [ + model_to_dict(r) for r in self.controller.roles.get_all_roles() + ] + ), }, ) diff --git a/app/classes/web/routes/api/roles/role/servers.py b/app/classes/web/routes/api/roles/role/servers.py index b9b920ca..0a0eff6f 100644 --- a/app/classes/web/routes/api/roles/role/servers.py +++ b/app/classes/web/routes/api/roles/role/servers.py @@ -25,8 +25,12 @@ class ApiRolesRoleServersHandler(BaseApiHandler): 200, { "status": "ok", - "data": PermissionsServers.get_server_ids_from_role(role_id) - if get_only_ids - else self.controller.roles.get_server_ids_and_perms_from_role(role_id), + "data": ( + PermissionsServers.get_server_ids_from_role(role_id) + if get_only_ids + else self.controller.roles.get_server_ids_and_perms_from_role( + role_id + ) + ), }, ) diff --git a/app/classes/web/server_handler.py b/app/classes/web/server_handler.py index e940352e..545029aa 100644 --- a/app/classes/web/server_handler.py +++ b/app/classes/web/server_handler.py @@ -118,15 +118,17 @@ class ServerHandler(BaseHandler): "lang_page": Helpers.get_lang_page( self.controller.users.get_user_lang_by_id(exec_user["user_id"]) ), - "api_key": { - "name": api_key.name, - "created": api_key.created, - "server_permissions": api_key.server_permissions, - "crafty_permissions": api_key.crafty_permissions, - "superuser": api_key.superuser, - } - if api_key is not None - else None, + "api_key": ( + { + "name": api_key.name, + "created": api_key.created, + "server_permissions": api_key.server_permissions, + "crafty_permissions": api_key.crafty_permissions, + "superuser": api_key.superuser, + } + if api_key is not None + else None + ), "superuser": superuser, } From 647e3b1111e501c983b2056138063d10ed42162a Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Tue, 20 Feb 2024 17:32:34 -0500 Subject: [PATCH 17/40] Remove encoding --- app/classes/web/public_handler.py | 4 +--- app/frontend/templates/public/login.html | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 21e8aa44..26a040e2 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -147,9 +147,7 @@ class PublicHandler(BaseHandler): ) entered_username = nh3.clean(data["username"]) # pylint: disable=no-member try: - entered_password = urllib.parse.unquote( - base64.b64decode(data["password"]).decode("utf-8") - ) + entered_password = data["password"] except binascii.Error: return self.finish_json( 403, diff --git a/app/frontend/templates/public/login.html b/app/frontend/templates/public/login.html index 2d4e6c84..5a54ecca 100644 --- a/app/frontend/templates/public/login.html +++ b/app/frontend/templates/public/login.html @@ -181,7 +181,7 @@ }, body: JSON.stringify({ "username": formDataObject.username, - "password": btoa(encodeURIComponent(formDataObject.password)) + "password": formDataObject.password }), }); let responseData = await res.json(); From f6242d65072199b4a643c956332381b281edf43a Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Tue, 20 Feb 2024 18:47:00 -0500 Subject: [PATCH 18/40] Remove username regex --- app/classes/web/public_handler.py | 1 - 1 file changed, 1 deletion(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 26a040e2..cb2c2593 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -96,7 +96,6 @@ class PublicHandler(BaseHandler): "properties": { "username": { "type": "string", - "pattern": "^[a-z0-9_]+$", }, "password": {"type": "string"}, }, From f4f4f9e0b6e029622044214da6a1dfe6aa1afdbe Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Tue, 20 Feb 2024 18:50:32 -0500 Subject: [PATCH 19/40] Remove extraneous error messaging --- app/classes/web/public_handler.py | 22 ++-------------------- 1 file changed, 2 insertions(+), 20 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index cb2c2593..3f46780f 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -124,7 +124,7 @@ class PublicHandler(BaseHandler): 400, { "status": "error", - "error": "INVALID_JSON_SCHEMA", + "error": "VWggb2ghIFN0aW5reS 🪠", "error_data": str(e), }, ) @@ -145,25 +145,7 @@ class PublicHandler(BaseHandler): f"User attempting to authenticate from {self.get_remote_ip()}" ) entered_username = nh3.clean(data["username"]) # pylint: disable=no-member - try: - entered_password = data["password"] - except binascii.Error: - return self.finish_json( - 403, - { - "status": "error", - "error": "Hello? Hello? Anybody home?" - " Go straight to jail. Do not pass go.", - }, - ) - except UnicodeDecodeError: - return self.finish_json( - 403, - { - "status": "error", - "error": "VWggb2ghIFN0aW5reS 🪠", - }, - ) + entered_password = data["password"] try: user_id = HelperUsers.get_user_id_by_name(entered_username.lower()) From 62b55792e5147d94596cf65bc1d014673ab953d6 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Tue, 20 Feb 2024 22:28:29 -0500 Subject: [PATCH 20/40] Update spanish translation Sort english translation --- app/translations/en_EN.json | 10 +++++----- .../{es_ES_incomplete.json => es_ES.json} | 16 ++++++++++++++++ 2 files changed, 21 insertions(+), 5 deletions(-) rename app/translations/{es_ES_incomplete.json => es_ES.json} (96%) diff --git a/app/translations/en_EN.json b/app/translations/en_EN.json index 3ec3b9ed..5c48b873 100644 --- a/app/translations/en_EN.json +++ b/app/translations/en_EN.json @@ -215,14 +215,14 @@ "version": "Version" }, "login": { + "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location.", + "disabled": "User account disabled. Please contact your system administrator for more info.", "forgotPassword": "Forgot Password", + "incorrect": "Incorrect username or password", "login": "Log In", "password": "Password", "username": "Username", - "viewStatus": "View Public Status Page", - "incorrect": "Incorrect username or password", - "defaultPath": "The password you entered is the default credential path, not the password. Please find the default password in that location.", - "disabled": "User account disabled. Please contact your system administrator for more info." + "viewStatus": "View Public Status Page" }, "notify": { "activityLog": "Activity Logs", @@ -671,4 +671,4 @@ "webhook_body": "Webhook Body", "webhooks": "Webhooks" } -} \ No newline at end of file +} diff --git a/app/translations/es_ES_incomplete.json b/app/translations/es_ES.json similarity index 96% rename from app/translations/es_ES_incomplete.json rename to app/translations/es_ES.json index 63f3da36..5f750fc7 100644 --- a/app/translations/es_ES_incomplete.json +++ b/app/translations/es_ES.json @@ -111,6 +111,7 @@ "starting": "Inicio-retrasado", "status": "Estado", "stop": "Detener", + "storage": "Almacenamiento", "version": "Versión", "welcome": "Bienvenido a Crafty Controller" }, @@ -214,7 +215,10 @@ "version": "Versión" }, "login": { + "defaultPath": "La contraseña introducida es la ruta default de las credenciales, no la contraseña. Busca la contraseña accediendo a la carpeta de la ruta", + "disabled": "Cuenta del usuario desactivada. Porfavor contacta al administrador para mas informacion.", "forgotPassword": "Olvidé mi contraseña", + "incorrect": "El nombre de usuario o contraseña es incorrecto", "login": "Iniciar Sesión", "password": "Contraseña", "username": "Usuario", @@ -326,6 +330,7 @@ "bePatientDeleteFiles": "Tenga paciencia mientras eliminamos su servidor del panel de Crafty y eliminamos todos los archivos. Esta pantalla se cerrará en unos momentos.", "bePatientUpdate": "Tenga paciencia mientras actualizamos el servidor. El tiempo de descarga puede variar según la velocidad del Internet...
Esta pantalla se actualizará en unos momentos.", "cancel": "Cancelar", + "countPlayers": "Incluir el servidor en la cuenta total de jugadores", "crashTime": "Tiempo de espera por crasheo", "crashTimeDesc": "¿Cuanto tiempo esperar para considerar el servidor como crasheado?", "deleteFilesQuestion": "¿Eliminar archivos del servidor del host?", @@ -510,6 +515,7 @@ "cpuUsage": "Uso de CPU", "description": "Descripción", "errorCalculatingUptime": "Error calculando tiempo de actividad", + "loadingMotd": "Cargando MOTD", "memUsage": "Uso de memoria", "offline": "Desconectado", "online": "En línea", @@ -577,6 +583,7 @@ "serverUpload": "Subir servidor comprimido", "serverVersion": "Versión del servidor", "sizeInGB": "Tamaño en GB", + "unsupported": "Versiones de Minecraft inferiores a la 1.8 no estan soportadas por Crafty. Es posible instalarlas. Resultados pueden variar.", "uploadButton": "Subir", "uploadZip": "Subir archivo Zip para importar servidor", "zipPath": "Ruta del servidor" @@ -591,6 +598,15 @@ "newServer": "Crear nuevo Servidor", "servers": "Servidores" }, + "startup": { + "almost": "Terminando. Espera un momento...", + "internals": "Configurando e inicializando los componentes internos de Crafty", + "internet": "Verificando conexion a internet", + "server": "Inicializando ", + "serverInit": "Inicializando Servidores", + "starting": "Crafty esta iniciando...", + "tasks": "Iniciando el programador de tareas" + }, "userConfig": { "apiKey": "Claves API", "auth": "¿Autorizado? ", From 4df7858da6c505a75e0890fe9516f64480325ea0 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Wed, 21 Feb 2024 00:04:07 -0500 Subject: [PATCH 21/40] Fix code quality issues --- app/classes/web/public_handler.py | 52 +++++++++++++++---------------- 1 file changed, 25 insertions(+), 27 deletions(-) diff --git a/app/classes/web/public_handler.py b/app/classes/web/public_handler.py index 3f46780f..467765ea 100644 --- a/app/classes/web/public_handler.py +++ b/app/classes/web/public_handler.py @@ -1,7 +1,4 @@ import logging -import binascii -import base64 -import urllib import json import nh3 from jsonschema import validate @@ -237,30 +234,31 @@ class PublicHandler(BaseHandler): return self.finish_json( 200, {"status": "ok", "data": {"message": "login successful!"}} ) - else: - auth_log.error( - f"User attempted to log into {entered_username}." - f" Authentication failed from remote IP {self.get_remote_ip()}" - ) - self.controller.log_attempt(self.get_remote_ip(), entered_username) - # self.clear_cookie("user") - # self.clear_cookie("user_data") - self.clear_cookie("token") - error_msg = self.helper.translation.translate( - "login", "incorrect", self.helper.get_setting("language") - ) - if entered_password == "app/config/default-creds.txt": - error_msg += ". " - error_msg += self.helper.translation.translate( - "login", "defaultPath", self.helper.get_setting("language") - ) - # log this failed login attempt - self.controller.management.add_to_audit_log( - user_data.user_id, "Tried to log in", 0, self.get_remote_ip() - ) - return self.finish_json( - 403, - {"status": "error", "error": error_msg}, + + # We'll continue on and handle unsuccessful logins + auth_log.error( + f"User attempted to log into {entered_username}." + f" Authentication failed from remote IP {self.get_remote_ip()}" + ) + self.controller.log_attempt(self.get_remote_ip(), entered_username) + # self.clear_cookie("user") + # self.clear_cookie("user_data") + self.clear_cookie("token") + error_msg = self.helper.translation.translate( + "login", "incorrect", self.helper.get_setting("language") + ) + if entered_password == "app/config/default-creds.txt": + error_msg += ". " + error_msg += self.helper.translation.translate( + "login", "defaultPath", self.helper.get_setting("language") ) + # log this failed login attempt + self.controller.management.add_to_audit_log( + user_data.user_id, "Tried to log in", 0, self.get_remote_ip() + ) + return self.finish_json( + 403, + {"status": "error", "error": error_msg}, + ) else: self.redirect("/login?") From fb22a753c197b5580a9530496147015297515acc Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Wed, 21 Feb 2024 15:37:03 -0500 Subject: [PATCH 22/40] Update de_DE, lol_EN, lv_LV, and tr_TR translations --- app/translations/de_DE.json | 3 +++ app/translations/lol_EN.json | 3 +++ app/translations/lv_LV.json | 3 +++ app/translations/tr_TR.json | 3 +++ 4 files changed, 12 insertions(+) diff --git a/app/translations/de_DE.json b/app/translations/de_DE.json index 695264a9..c9ffea15 100644 --- a/app/translations/de_DE.json +++ b/app/translations/de_DE.json @@ -215,7 +215,10 @@ "version": "Version" }, "login": { + "defaultPath": "Der eingegebene Text ist der Pfad zum Passwort, nicht das Passwort selbst. Das Standartpasswort kann unter diesen Pfad eingesehen werden.", + "disabled": "Account gesperrt. Für weitere Informationen den Serveradministrator kontaktieren", "forgotPassword": "Passwort vergessen", + "incorrect": "Benutzername oder Passwort falsch", "login": "Einloggen", "password": "Passwort", "username": "Nutzername", diff --git a/app/translations/lol_EN.json b/app/translations/lol_EN.json index 854e7a09..aa07ff5f 100644 --- a/app/translations/lol_EN.json +++ b/app/translations/lol_EN.json @@ -215,7 +215,10 @@ "version": "VERSHUN" }, "login": { + "defaultPath": "Silleh hooman, dat iz da dafault secret path, not da passwurd. Plz find da default passwurd in dat spot.", + "disabled": "User account no play. Plz boop ur system hooman for moar infoz.", "forgotPassword": "FORGWOTS YOUR SEEKRET", + "incorrect": "U gotz wrong name or passwurd", "login": "WOG INZ", "password": "SEEKRET", "username": "USERNAEM", diff --git a/app/translations/lv_LV.json b/app/translations/lv_LV.json index 7756cab0..d337d38f 100644 --- a/app/translations/lv_LV.json +++ b/app/translations/lv_LV.json @@ -216,7 +216,10 @@ "version": "Versija" }, "login": { + "defaultPath": "Parole ko ievadijāt ir celš uz noklusētās paroles vietu, nevis noklusētā parole. Lūdzu apskatiet noklusēto paroli šajā vietā.", + "disabled": "Lietotāja konts atspējots. Lūdzu sazinieties ar savu sistēmas administratoru priekš papildus informācijas.", "forgotPassword": "Aizmirsu Paroli", + "incorrect": "Nepareizs lietotājvārds vai parole", "login": "Ieiet", "password": "Parole", "username": "Lietotājvārds", diff --git a/app/translations/tr_TR.json b/app/translations/tr_TR.json index 3f12fd79..cddd2a50 100644 --- a/app/translations/tr_TR.json +++ b/app/translations/tr_TR.json @@ -215,7 +215,10 @@ "version": "Sürüm" }, "login": { + "defaultPath": "Girdiğiniz şifre varsayılan şifrenin konumudur, varsayılan şifre değil. Lütfen o konumda bulunan varsayılan şifreyi bulunuz.", + "disabled": "Bu kullanıcı hesabı engellenmiştir. Daha fazla bilgi için lütfen sunucu yöneticiniz ile konuşunuz.", "forgotPassword": "Şifremi Unuttum", + "incorrect": "Kullanıcı adınız veya şifreniz yanlış.", "login": "Oturum Aç", "password": "Şifre", "username": "Kullanıcı Adı", From 669ac6389651fc9c01b09a4bb37deb8cf308363c Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Wed, 21 Feb 2024 20:11:13 -0500 Subject: [PATCH 23/40] Add script to fix linux perms --- .gitlab/scripts/linux_perms_fix.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .gitlab/scripts/linux_perms_fix.sh diff --git a/.gitlab/scripts/linux_perms_fix.sh b/.gitlab/scripts/linux_perms_fix.sh new file mode 100644 index 00000000..24b92176 --- /dev/null +++ b/.gitlab/scripts/linux_perms_fix.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# Prompt the user for the directory path +read -p "Enter the directory path to set permissions (/var/opt/minecraft/crafty): " directory_path + +# Check if the script is running within a Docker container +if [ -f "/.dockerenv" ]; then + echo "Script is running within a Docker container. Exiting with error." + exit 1 # Exit with an error code if running in Docker +else + echo "Script is not running within a Docker container. Executing permissions changes..." + # Run the commands to set permissions + sudo chmod 700 $(find "$directory_path" -type d) + sudo chmod 644 $(find "$directory_path" -type f) +fi \ No newline at end of file From f8f428a8d962980be5517c28bc1554755fec2cd4 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Wed, 21 Feb 2024 20:19:47 -0500 Subject: [PATCH 24/40] Update french and chinese translations --- app/translations/fr_FR.json | 3 +++ app/translations/zh_CN.json | 3 +++ 2 files changed, 6 insertions(+) diff --git a/app/translations/fr_FR.json b/app/translations/fr_FR.json index a1649fbc..be429c83 100644 --- a/app/translations/fr_FR.json +++ b/app/translations/fr_FR.json @@ -215,7 +215,10 @@ "version": "Version" }, "login": { + "defaultPath": "Ce que tu as renseigné n'est pas le mot de passe, mais le chemin du fichier où le trouver.", + "disabled": "Ce compte est désactivé. Merci de contacter l'administrateur de ton serveur pour plus d'informations.", "forgotPassword": "Mot de Passe Oublié", + "incorrect": "Identifiant et/ou mot de passe incorrect.", "login": "Connexion", "password": "Mot de Passe", "username": "Nom d'Utilisateur", diff --git a/app/translations/zh_CN.json b/app/translations/zh_CN.json index 1c800502..0b817b7e 100644 --- a/app/translations/zh_CN.json +++ b/app/translations/zh_CN.json @@ -215,7 +215,10 @@ "version": "版本" }, "login": { + "defaultPath": "您输入的密码是默认凭据的路径,不是其中的密码。请在此路径中找到默认密码。", + "disabled": "用户账号已禁用。请联系您的系统管理员以了解更多信息。", "forgotPassword": "忘记密码", + "incorrect": "用户名或密码错误", "login": "登录", "password": "密码", "username": "用户名", From 69dc7dfedb2e298b3aee9452c46c51062af0d78c Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Thu, 22 Feb 2024 13:06:49 -0500 Subject: [PATCH 25/40] Update Hebrew translation --- app/translations/he_IL.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/translations/he_IL.json b/app/translations/he_IL.json index f87142ce..7e2b1403 100644 --- a/app/translations/he_IL.json +++ b/app/translations/he_IL.json @@ -215,7 +215,10 @@ "version": "גרסה" }, "login": { + "defaultPath": "הסיסמה שהזנת היא נתיב האישורים המוגדר כברירת מחדל, ולא הסיסמה עצמה. אנא מצא את הסיסמה המוגדרת כברירת מחדל במיקום זה.", + "disabled": "חשבון המשתמש מושבת. אנא פנה למנהל המערכת שלך לקבלת מידע נוסף.", "forgotPassword": "שכחתי סיסמה", + "incorrect": "שם משתמש או סיסמה שגויים", "login": "התחברות", "password": "סיסמה", "username": "שם משתמש", From fdf3221754c36b682eece75cb7e271b546ca8144 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Thu, 22 Feb 2024 20:21:54 +0000 Subject: [PATCH 26/40] Fix bug where unix installs could not have a space in file name --- app/frontend/templates/server/bedrock_wizard.html | 2 +- app/frontend/templates/server/wizard.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/frontend/templates/server/bedrock_wizard.html b/app/frontend/templates/server/bedrock_wizard.html index 823a4585..4b11e9d2 100644 --- a/app/frontend/templates/server/bedrock_wizard.html +++ b/app/frontend/templates/server/bedrock_wizard.html @@ -556,7 +556,7 @@ xmlHttpRequest.addEventListener('load', (event) => { if (event.target.responseText == 'success') { console.log('Upload for file', file.name, 'was successful!') - document.getElementById("upload_input").innerHTML = `
🔒
`; + $("#upload_input").html(`
🔒
`); document.getElementById("lower_half").style.visibility = "visible"; } else { diff --git a/app/frontend/templates/server/wizard.html b/app/frontend/templates/server/wizard.html index 2d84e6aa..d6d64da3 100644 --- a/app/frontend/templates/server/wizard.html +++ b/app/frontend/templates/server/wizard.html @@ -881,7 +881,7 @@ xmlHttpRequest.addEventListener('load', (event) => { if (event.target.responseText == 'success') { console.log('Upload for file', file.name, 'was successful!') - document.getElementById("upload_input").innerHTML = `
🔒
`; + $("#upload_input").html(`
🔒
`); document.getElementById("lower_half").style.visibility = "visible"; document.getElementById("lower_half").hidden = false; } From 85a6fca65dc1e20b7c0f5e2264cfcb519f06dbdd Mon Sep 17 00:00:00 2001 From: Analicia Abernathy Date: Fri, 23 Feb 2024 07:44:10 -0600 Subject: [PATCH 27/40] updated polish translation --- app/translations/pl_PL.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/translations/pl_PL.json b/app/translations/pl_PL.json index 4f430cfe..6c049668 100644 --- a/app/translations/pl_PL.json +++ b/app/translations/pl_PL.json @@ -215,7 +215,10 @@ "version": "Wersja" }, "login": { + "defaultPath": "Hasło które wprowadziłeś jest podstawową ścieżką w której przechowywane są dane logowania. Znajdź podstawowe hasło w tej lokalizacji.", + "disabled": "Konto tego użytkownika jest wyłączone. Skontaktuj się z administratorem by uzyskać więcej informacji.", "forgotPassword": "Zapomniałem hasła", + "incorrect:": "Niepoprawny login lub hasło/Niepoprawna nazwa użytkownika lub hasło", "login": "Zaloguj się", "password": "Hasło", "username": "Nazwa użytkownika", From 5a019c0f27e9431f170abc695d2a2b6b325dc1f8 Mon Sep 17 00:00:00 2001 From: Analicia Abernathy Date: Fri, 23 Feb 2024 07:44:41 -0600 Subject: [PATCH 28/40] updated dutch translation --- app/translations/nl_BE.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/translations/nl_BE.json b/app/translations/nl_BE.json index 8650fb1a..d20e209c 100644 --- a/app/translations/nl_BE.json +++ b/app/translations/nl_BE.json @@ -215,7 +215,10 @@ "version": "Versie" }, "login": { + "defaultPath": "Het ingevoerde wachtwoord is het pad naar de standaardreferentie, niet het wachtwoord zelf. Raadpleeg de standaardwachtwoord op de aangegeven locatie.", + "disabled": "Gebruikersaccount uitgeschakeld. Neem voor meer informatie contact op met uw systeembeheerder.", "forgotPassword": "Wachtwoord vergeten", + "incorrect": "Verkeerde gebruikersnaam of wachtwoord", "login": "Log In", "password": "Wachtwoord", "username": "gebruikersnaam", From 5fc24f225382b161ca482841c49e9799f4326a95 Mon Sep 17 00:00:00 2001 From: Analicia Abernathy Date: Fri, 23 Feb 2024 07:45:00 -0600 Subject: [PATCH 29/40] updated thai translation --- app/translations/th_TH.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/translations/th_TH.json b/app/translations/th_TH.json index ba03a856..bbb82dae 100644 --- a/app/translations/th_TH.json +++ b/app/translations/th_TH.json @@ -215,7 +215,10 @@ "version": "เวอร์ชั่น" }, "login": { + "defaultPath": "รหัสผ่านที่คุณกรอกคือเส้นทางข้อมูลเริ่มต้น ไม่ใช่รหัสผ่าน กรุณาค้นหารหัสผ่านเริ่มต้นในตำแหน่งนั้น", + "disabled": "บัญชีผู้ใช้ถูกปิดใช้งาน กรุณาติดต่อผู้ดูแลระบบของคุณสำหรับข้อมูลเพิ่มเติม", "forgotPassword": "ลืมรหัสผ่าน", + "incorrect": "ชื่อผู้ใช้หรือรหัสผ่านไม่ถูกต้อง", "login": "เข้าสู่ระบบ", "password": "รหัสผ่าน", "username": "ชื่อผู้ใช้", From 1ead20b9b5bb4c68f74baab067c78f831f5973fe Mon Sep 17 00:00:00 2001 From: Analicia Abernathy Date: Fri, 23 Feb 2024 07:45:23 -0600 Subject: [PATCH 30/40] updated Ukranian translation --- app/translations/uk_UA.json | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/app/translations/uk_UA.json b/app/translations/uk_UA.json index 36b95da2..74b683dd 100644 --- a/app/translations/uk_UA.json +++ b/app/translations/uk_UA.json @@ -85,7 +85,7 @@ "cpuCurFreq": "Швидкість CPU", "cpuMaxFreq": "Максимальна швидкість CPU", "cpuUsage": "Використання CPU", - "crashed": "Аварійне завершення", + "crashed": "Краш", "dashboard": "Панель", "delay-explained": "Служба/агент нещодавно запущено та затримує запуск серверів minecraft", "host": "Хост", @@ -215,7 +215,10 @@ "version": "Версія" }, "login": { + "defaultPath": "Пароль, який ви ввели, є шляхом до облікових даних за умовчанням, а не паролем. Будь ласка, знайдіть стандартний пароль у цьому місці.", + "disabled": "Користувача вимкнено. Зверніться до вашого системного адміністратора за допомогою.", "forgotPassword": "Забули пароль", + "incorrect": "Неправильний логін або пароль", "login": "Вхід", "password": "Пароль", "username": "Логін", @@ -351,7 +354,7 @@ "sendingRequest": "Надсилання вашого запиту...", "serverAutoStart": "Сервер Авто-старт", "serverAutostartDelay": "Сервер Авто-старт затримка", - "serverAutostartDelayDesc": "Затримка Авто-старту сервера (Якщо увімкнуто раніше)", + "serverAutostartDelayDesc": "Затримка Авто-старту сервера (Після запуску Crafty))", "serverCrashDetection": "Детектор крашу сервера", "serverExecutable": "Виконуваний файл Серверу", "serverExecutableDesc": "Це виконуваний файл для запуску сервера", @@ -369,7 +372,7 @@ "serverPortDesc": "Цей порт призначений для статистики Crafty", "serverStopCommand": "Команда зупинки сервера", "serverStopCommandDesc": "Команда яка буде надсилатись, щоб зупинити сервер", - "showStatus": "Показувати на публічній сторінці статус", + "showStatus": "Показувати статус на публічній сторінці", "shutdownTimeout": "Час відклику зупинки", "statsHint1": "Цей порт на якому працює сервер. Це потрібно лиш для того щоб Crafty міг виводити статистику для цього сервера.", "statsHint2": "Це не змінює порт вашого сервера. Ви мусите власноруч змінити налаштування в server.properties або іншому конфігураційному файлі.", @@ -406,7 +409,7 @@ "logs": "Логи", "metrics": "Графік", "playerControls": "Керування Гравцями", - "reset": "Повернутись нагору", + "reset": "Вниз", "schedule": "Розклад", "serverDetails": "Деталі сервера", "terminal": "Термінал" From 440dee7ef5378bd031a0c440522f1281e4b6f737 Mon Sep 17 00:00:00 2001 From: Analicia Abernathy Date: Fri, 23 Feb 2024 09:01:40 -0600 Subject: [PATCH 31/40] really fixed polish translation --- app/translations/pl_PL.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/translations/pl_PL.json b/app/translations/pl_PL.json index 6c049668..ade8c5a5 100644 --- a/app/translations/pl_PL.json +++ b/app/translations/pl_PL.json @@ -218,7 +218,7 @@ "defaultPath": "Hasło które wprowadziłeś jest podstawową ścieżką w której przechowywane są dane logowania. Znajdź podstawowe hasło w tej lokalizacji.", "disabled": "Konto tego użytkownika jest wyłączone. Skontaktuj się z administratorem by uzyskać więcej informacji.", "forgotPassword": "Zapomniałem hasła", - "incorrect:": "Niepoprawny login lub hasło/Niepoprawna nazwa użytkownika lub hasło", + "incorrect": "Niepoprawny login lub hasło/Niepoprawna nazwa użytkownika lub hasło", "login": "Zaloguj się", "password": "Hasło", "username": "Nazwa użytkownika", From 6e28da4195308d3521384b59143d01f7ff4ced28 Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Sat, 2 Mar 2024 16:53:17 -0500 Subject: [PATCH 32/40] Fix bedrock url --- app/classes/shared/helpers.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/classes/shared/helpers.py b/app/classes/shared/helpers.py index 1ed3d71f..abe48b2a 100644 --- a/app/classes/shared/helpers.py +++ b/app/classes/shared/helpers.py @@ -117,7 +117,7 @@ class Helpers: Get latest bedrock executable url \n\n returns url if successful, False if not """ - url = "https://minecraft.net/en-us/download/server/bedrock/" + url = "https://www.minecraft.net/en-us/download/server/bedrock/" headers = { "Accept-Encoding": "identity", "Accept-Language": "en", @@ -127,8 +127,8 @@ class Helpers: "Chrome/104.0.0.0 Safari/537.36" ), } - target_win = 'https://minecraft.azureedge.net/bin-win/[^"]*' - target_linux = 'https://minecraft.azureedge.net/bin-linux/[^"]*' + target_win = 'https://www.minecraft.azureedge.net/bin-win/[^"]*' + target_linux = 'https://www.minecraft.azureedge.net/bin-linux/[^"]*' try: # Get minecraft server download page From 9f524ff1131bfbfbeec1358a4b6383d6624ec0ab Mon Sep 17 00:00:00 2001 From: amcmanu3 Date: Sat, 2 Mar 2024 17:00:52 -0500 Subject: [PATCH 33/40] Too many www's --- app/classes/shared/helpers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/classes/shared/helpers.py b/app/classes/shared/helpers.py index abe48b2a..7bf280c4 100644 --- a/app/classes/shared/helpers.py +++ b/app/classes/shared/helpers.py @@ -127,8 +127,8 @@ class Helpers: "Chrome/104.0.0.0 Safari/537.36" ), } - target_win = 'https://www.minecraft.azureedge.net/bin-win/[^"]*' - target_linux = 'https://www.minecraft.azureedge.net/bin-linux/[^"]*' + target_win = 'https://minecraft.azureedge.net/bin-win/[^"]*' + target_linux = 'https://minecraft.azureedge.net/bin-linux/[^"]*' try: # Get minecraft server download page From 9134f19a43364d8cb15d5b0a7896b937bd903fd7 Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sat, 2 Mar 2024 22:53:55 +0000 Subject: [PATCH 34/40] Update changelog !710 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a9c9fc6..97c4cf70 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ TBD - Make sure default.json is read from correct location ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/714)) - Do not allow users at server limit to clone servers ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/718)) - Fix bug where you cannot get to config with unloaded server ([Commit](https://gitlab.com/crafty-controller/crafty-4/-/commit/9de08973b6bb2ddf91283c5c6b0e189ff34f7e24)) +- Fix forge install v1.20, 1.20.1 and 1.20.2 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/710)) ### Tweaks - Bump pyOpenSSL & cryptography for CVE-2024-0727, CVE-2023-50782 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/716)) ### Lang From a9f2ea0a14dd52b0554daf99dabca05a09571b37 Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sat, 2 Mar 2024 23:24:34 +0000 Subject: [PATCH 35/40] Update changelog !715 --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 97c4cf70..d110e9d5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,10 +10,11 @@ TBD - Do not allow users at server limit to clone servers ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/718)) - Fix bug where you cannot get to config with unloaded server ([Commit](https://gitlab.com/crafty-controller/crafty-4/-/commit/9de08973b6bb2ddf91283c5c6b0e189ff34f7e24)) - Fix forge install v1.20, 1.20.1 and 1.20.2 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/710)) +- Fix Sanitisation on Passwords ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/715)) ### Tweaks - Bump pyOpenSSL & cryptography for CVE-2024-0727, CVE-2023-50782 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/716)) ### Lang -TBD +- Update `de_DE, en_EN, es_ES, fr_FR, he_IL, lol_EN, lv_LV, nl_BE pl_PL, th_TH, tr_TR, uk_UA, zh_CN` translations for `4.3.0` ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/715))

## --- [4.2.3] - 2023/02/02 From 2b2926a1000b87e747286de1eca5d1f6bee2eb59 Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sat, 2 Mar 2024 23:47:14 +0000 Subject: [PATCH 36/40] Update changelog !722 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d110e9d5..d57407dc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ TBD - Fix bug where you cannot get to config with unloaded server ([Commit](https://gitlab.com/crafty-controller/crafty-4/-/commit/9de08973b6bb2ddf91283c5c6b0e189ff34f7e24)) - Fix forge install v1.20, 1.20.1 and 1.20.2 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/710)) - Fix Sanitisation on Passwords ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/715)) +- Fix `Upload Imports` on unix systems, that have a space in the root dir name ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/722)) ### Tweaks - Bump pyOpenSSL & cryptography for CVE-2024-0727, CVE-2023-50782 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/716)) ### Lang From 270f3308482aa2d93c3c2b57dab75ee233b3ee68 Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sun, 3 Mar 2024 00:04:17 +0000 Subject: [PATCH 37/40] Update changelog !723 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d57407dc..bbf7856e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ TBD - Fix forge install v1.20, 1.20.1 and 1.20.2 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/710)) - Fix Sanitisation on Passwords ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/715)) - Fix `Upload Imports` on unix systems, that have a space in the root dir name ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/722)) +- Fix Bedrock downloads, add `www` to download URL ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/723)) ### Tweaks - Bump pyOpenSSL & cryptography for CVE-2024-0727, CVE-2023-50782 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/716)) ### Lang From 8268a769ee19464922a2ad6bb8455d7ba7b32674 Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sun, 3 Mar 2024 00:26:23 +0000 Subject: [PATCH 38/40] Bump cryptography for CVE-2024-26130 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 30414b35..e3a58bad 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ argon2-cffi==23.1.0 cached_property==1.5.2 colorama==0.4.6 croniter==1.4.1 -cryptography==42.0.2 +cryptography==42.0.4 libgravatar==1.0.4 nh3==0.2.14 packaging==23.2 From f8b3c6410511e8f6bca5d738f5f1fb6ce550a48c Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sun, 3 Mar 2024 00:27:24 +0000 Subject: [PATCH 39/40] Update changelog !724 --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index bbf7856e..abd77b2a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ TBD - Fix Bedrock downloads, add `www` to download URL ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/723)) ### Tweaks - Bump pyOpenSSL & cryptography for CVE-2024-0727, CVE-2023-50782 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/716)) +- Bump cryptography for CVE-2024-26130 ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/724)) ### Lang - Update `de_DE, en_EN, es_ES, fr_FR, he_IL, lol_EN, lv_LV, nl_BE pl_PL, th_TH, tr_TR, uk_UA, zh_CN` translations for `4.3.0` ([Merge Request](https://gitlab.com/crafty-controller/crafty-4/-/merge_requests/715))

From c20c6b35b8cbfbe574128385c4dda4a639e2ecfb Mon Sep 17 00:00:00 2001 From: Zedifus Date: Sun, 3 Mar 2024 01:36:53 +0000 Subject: [PATCH 40/40] Re-tag release to 4.3.0 BREAKING: Contains db changes w/ no avail rollback --- CHANGELOG.md | 2 +- README.md | 2 +- app/config/version.json | 4 ++-- sonar-project.properties | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index abd77b2a..aee7e09d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,5 @@ # Changelog -## --- [4.2.4] - 2023/TBD +## --- [4.3.0] - 2023/TBD ### New features TBD ### Refactor diff --git a/README.md b/README.md index b1b401d7..75da23a7 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ [![Crafty Logo](app/frontend/static/assets/images/logo_long.svg)](https://craftycontrol.com) -# Crafty Controller 4.2.4 +# Crafty Controller 4.3.0 > Python based Control Panel for your Minecraft Server ## What is Crafty Controller? diff --git a/app/config/version.json b/app/config/version.json index 3c001e77..db68adb0 100644 --- a/app/config/version.json +++ b/app/config/version.json @@ -1,5 +1,5 @@ { "major": 4, - "minor": 2, - "sub": 4 + "minor": 3, + "sub": 0 } diff --git a/sonar-project.properties b/sonar-project.properties index 635324ef..bf2d9c5c 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -3,7 +3,7 @@ sonar.organization=crafty-controller # This is the name and version displayed in the SonarCloud UI. sonar.projectName=Crafty 4 -sonar.projectVersion=4.2.4 +sonar.projectVersion=4.3.0 sonar.python.version=3.9, 3.10, 3.11 sonar.exclusions=app/migrations/**, app/frontend/static/assets/vendors/**