mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2024-08-30 18:23:09 +00:00
Merge branch 'dev-Silversthorn' into dev
This commit is contained in:
commit
da97597d52
@ -10,7 +10,7 @@ from distutils import dir_util
|
||||
from app.classes.shared.helpers import helper
|
||||
from app.classes.shared.console import console
|
||||
|
||||
from app.classes.shared.models import db_helper, Servers
|
||||
from app.classes.shared.models import db_helper, Servers, User_Servers
|
||||
|
||||
from app.classes.shared.server import Server
|
||||
from app.classes.minecraft.server_props import ServerProps
|
||||
@ -106,6 +106,13 @@ class Controller:
|
||||
def list_defined_servers():
|
||||
servers = db_helper.get_all_defined_servers()
|
||||
return servers
|
||||
|
||||
@staticmethod
|
||||
def list_authorized_servers(userId):
|
||||
#servers = db_helper.get_authorized_servers(userId)
|
||||
servers = db_helper.get_authorized_servers_from_roles(userId)
|
||||
logger.debug("servers list = {}".format(servers))
|
||||
return servers
|
||||
|
||||
def get_server_data(self, server_id):
|
||||
for s in self.servers_list:
|
||||
@ -329,6 +336,7 @@ class Controller:
|
||||
self.stop_server(server_id)
|
||||
|
||||
# remove the server from the DB
|
||||
User_Servers.delete().where(User_Servers.server_id == server_id).execute()
|
||||
Servers.delete().where(Servers.server_id == server_id).execute()
|
||||
|
||||
# remove the server from servers list
|
||||
@ -336,5 +344,4 @@ class Controller:
|
||||
|
||||
counter += 1
|
||||
|
||||
|
||||
controller = Controller()
|
||||
|
@ -269,6 +269,36 @@ class db_shortcuts:
|
||||
def get_all_defined_servers():
|
||||
query = Servers.select()
|
||||
return db_helper.return_rows(query)
|
||||
|
||||
@staticmethod
|
||||
def get_authorized_servers(userId):
|
||||
userServers = User_Servers.select().where(User_Servers.user_id == userId)
|
||||
server_data = []
|
||||
|
||||
for u in userServers:
|
||||
server_data.append(db_helper.get_server_data_by_id(u.server_id))
|
||||
|
||||
return server_data
|
||||
|
||||
@staticmethod
|
||||
def get_authorized_servers_from_roles(userId):
|
||||
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
|
||||
roles_list = []
|
||||
roleServer = []
|
||||
server_data = []
|
||||
|
||||
for u in userRoles:
|
||||
roles_list.append(db_helper.get_role(u.role_id))
|
||||
|
||||
for r in roles_list:
|
||||
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
|
||||
for t in role_test:
|
||||
roleServer.append(t)
|
||||
|
||||
for s in roleServer:
|
||||
server_data.append(db_helper.get_server_data_by_id(s.server_id))
|
||||
|
||||
return server_data
|
||||
|
||||
@staticmethod
|
||||
def get_all_servers_stats():
|
||||
@ -280,6 +310,45 @@ class db_shortcuts:
|
||||
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
|
||||
return server_data
|
||||
|
||||
@staticmethod
|
||||
def get_authorized_servers_stats(userId):
|
||||
userServers = User_Servers.select().where(User_Servers.user_id == userId)
|
||||
authorizedServers = []
|
||||
server_data = []
|
||||
|
||||
for u in userServers:
|
||||
authorizedServers.append(db_helper.get_server_data_by_id(u.server_id))
|
||||
|
||||
for s in authorizedServers:
|
||||
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
|
||||
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
|
||||
return server_data
|
||||
|
||||
|
||||
@staticmethod
|
||||
def get_authorized_servers_stats_from_roles(userId):
|
||||
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
|
||||
roles_list = []
|
||||
roleServer = []
|
||||
authorizedServers = []
|
||||
server_data = []
|
||||
|
||||
for u in userRoles:
|
||||
roles_list.append(db_helper.get_role(u.role_id))
|
||||
|
||||
for r in roles_list:
|
||||
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
|
||||
for t in role_test:
|
||||
roleServer.append(t)
|
||||
|
||||
for s in roleServer:
|
||||
authorizedServers.append(db_helper.get_server_data_by_id(s.server_id))
|
||||
|
||||
for s in authorizedServers:
|
||||
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
|
||||
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
|
||||
return server_data
|
||||
|
||||
@staticmethod
|
||||
def get_server_stats_by_id(server_id):
|
||||
stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
|
||||
@ -290,6 +359,38 @@ class db_shortcuts:
|
||||
if not db_helper.get_server_data_by_id(server_id):
|
||||
return False
|
||||
return True
|
||||
|
||||
@staticmethod
|
||||
def server_id_authorized(serverId, userId):
|
||||
userServer = User_Servers.select().where(User_Servers.server_id == serverId)
|
||||
authorized = userServer.select().where(User_Servers.user_id == userId)
|
||||
#authorized = db_helper.return_rows(authorized)
|
||||
|
||||
if authorized.count() == 0:
|
||||
return False
|
||||
return True
|
||||
|
||||
@staticmethod
|
||||
def server_id_authorized_from_roles(serverId, userId):
|
||||
cpt_authorized = 0
|
||||
roles_list = []
|
||||
roleServer = []
|
||||
authorized = []
|
||||
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
|
||||
|
||||
for u in userRoles:
|
||||
roles_list.append(db_helper.get_role(u.role_id))
|
||||
|
||||
for r in roles_list:
|
||||
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
|
||||
|
||||
for s in role_test:
|
||||
if s.server_id.server_id == serverId:
|
||||
cpt_authorized += 1
|
||||
|
||||
if cpt_authorized == 0:
|
||||
return False
|
||||
return True
|
||||
|
||||
@staticmethod
|
||||
def get_latest_hosts_stats():
|
||||
@ -407,6 +508,7 @@ class db_shortcuts:
|
||||
|
||||
@staticmethod
|
||||
def remove_user(user_id):
|
||||
User_Servers.delete().where(User_Servers.user_id == user_id).execute()
|
||||
user = Users.get(Users.user_id == user_id)
|
||||
return user.delete_instance()
|
||||
|
||||
@ -474,6 +576,7 @@ class db_shortcuts:
|
||||
|
||||
@staticmethod
|
||||
def remove_role(role_id):
|
||||
Role_Servers.delete().where(Role_Servers.role_id == role_id).execute()
|
||||
role = Roles.get(Roles.role_id == role_id)
|
||||
return role.delete_instance()
|
||||
|
||||
|
@ -29,13 +29,25 @@ class PanelHandler(BaseHandler):
|
||||
now = time.time()
|
||||
formatted_time = str(datetime.datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S'))
|
||||
|
||||
defined_servers = controller.list_defined_servers()
|
||||
userId = user_data['user_id']
|
||||
user = db_helper.get_user(userId)
|
||||
|
||||
user_role = []
|
||||
if user['superuser'] == 1:
|
||||
defined_servers = controller.list_defined_servers()
|
||||
user_role = {"Super User"}
|
||||
else:
|
||||
defined_servers = controller.list_authorized_servers(userId)
|
||||
for r in user['roles']:
|
||||
role = db_helper.get_role(r)
|
||||
user_role.append(role['role_name'])
|
||||
|
||||
page_data = {
|
||||
# todo: make this actually pull and compare version data
|
||||
'update_available': False,
|
||||
'version_data': helper.get_version_string(),
|
||||
'user_data': user_data,
|
||||
'user_role' : user_role,
|
||||
'server_stats': {
|
||||
'total': len(defined_servers),
|
||||
'running': len(controller.list_running_servers()),
|
||||
@ -81,7 +93,11 @@ class PanelHandler(BaseHandler):
|
||||
return
|
||||
|
||||
elif page == 'dashboard':
|
||||
page_data['servers'] = db_helper.get_all_servers_stats()
|
||||
if user['superuser'] == 1:
|
||||
page_data['servers'] = db_helper.get_all_servers_stats()
|
||||
else:
|
||||
#page_data['servers'] = db_helper.get_authorized_servers_stats(userId)
|
||||
page_data['servers'] = db_helper.get_authorized_servers_stats_from_roles(userId)
|
||||
|
||||
for s in page_data['servers']:
|
||||
try:
|
||||
@ -107,6 +123,12 @@ class PanelHandler(BaseHandler):
|
||||
self.redirect("/panel/error?error=Invalid Server ID")
|
||||
return False
|
||||
|
||||
if user['superuser'] != 1:
|
||||
#if not db_helper.server_id_authorized(server_id, userId):
|
||||
if not db_helper.server_id_authorized_from_roles(int(server_id), userId):
|
||||
self.redirect("/panel/error?error=Invalid Server ID")
|
||||
return False
|
||||
|
||||
valid_subpages = ['term', 'logs', 'config', 'files', 'admin_controls']
|
||||
|
||||
if subpage not in valid_subpages:
|
||||
@ -164,7 +186,7 @@ class PanelHandler(BaseHandler):
|
||||
page_data['user']['created'] = "N/A"
|
||||
page_data['user']['last_login'] = "N/A"
|
||||
page_data['user']['last_ip'] = "N/A"
|
||||
page_data['role']['last_update'] = "N/A"
|
||||
page_data['user']['last_update'] = "N/A"
|
||||
page_data['user']['roles'] = set()
|
||||
page_data['user']['servers'] = set()
|
||||
|
||||
|
@ -32,6 +32,19 @@ class ServerHandler(BaseHandler):
|
||||
def get(self, page):
|
||||
# name = tornado.escape.json_decode(self.current_user)
|
||||
user_data = json.loads(self.get_secure_cookie("user_data"))
|
||||
|
||||
userId = user_data['user_id']
|
||||
user = db_helper.get_user(userId)
|
||||
|
||||
user_role = []
|
||||
if user['superuser'] == 1:
|
||||
defined_servers = controller.list_defined_servers()
|
||||
user_role = "Super User"
|
||||
else:
|
||||
defined_servers = controller.list_authorized_servers(userId)
|
||||
for r in user['roles']:
|
||||
role = db_helper.get_role(r)
|
||||
user_role.append(role['role_name'])
|
||||
|
||||
template = "public/404.html"
|
||||
|
||||
@ -40,6 +53,7 @@ class ServerHandler(BaseHandler):
|
||||
page_data = {
|
||||
'version_data': helper.get_version_string(),
|
||||
'user_data': user_data,
|
||||
'user_role' : user_role,
|
||||
'server_stats': {
|
||||
'total': len(controller.list_defined_servers()),
|
||||
'running': len(controller.list_running_servers()),
|
||||
|
@ -23,7 +23,10 @@
|
||||
<div class="dropdown-header text-center">
|
||||
<img class="img-md rounded-circle" src="/static/assets/images/faces-clipart/pic-1.png" alt="Profile image">
|
||||
<p class="mb-1 mt-3 font-weight-semibold">{{ data['user_data']['username'] }}</p>
|
||||
<p class="font-weight-light text-muted mb-0">Role: Admin</p>
|
||||
<p class="font-weight-light text-muted mb-0">Roles: </p>
|
||||
{% for r in data['user_role'] %}
|
||||
<p class="font-weight-light text-muted mb-0">{{ r }}</p>
|
||||
{% end %}
|
||||
</div>
|
||||
<a class="dropdown-item" href="/panel/activity_logs"><i class="dropdown-item-icon mdi mdi-calendar-check-outline text-primary"></i> Activity</a>
|
||||
<a class="dropdown-item" href="/public/login"><i class="dropdown-item-icon mdi mdi-power text-primary"></i>Sign Out</a>
|
||||
|
@ -4,7 +4,7 @@ certifi==2020.6.20
|
||||
cffi==1.14.1
|
||||
chardet==3.0.4
|
||||
colorama==0.4.3
|
||||
cryptography==3.0
|
||||
cryptography==3.4
|
||||
idna==2.10
|
||||
packaging==20.4
|
||||
peewee==3.13.3
|
||||
|
Loading…
Reference in New Issue
Block a user