Merge branch 'dev-Silversthorn' into dev

This commit is contained in:
computergeek125 2021-03-21 23:24:49 -05:00
commit da97597d52
6 changed files with 156 additions and 7 deletions

View File

@ -10,7 +10,7 @@ from distutils import dir_util
from app.classes.shared.helpers import helper
from app.classes.shared.console import console
from app.classes.shared.models import db_helper, Servers
from app.classes.shared.models import db_helper, Servers, User_Servers
from app.classes.shared.server import Server
from app.classes.minecraft.server_props import ServerProps
@ -106,6 +106,13 @@ class Controller:
def list_defined_servers():
servers = db_helper.get_all_defined_servers()
return servers
@staticmethod
def list_authorized_servers(userId):
#servers = db_helper.get_authorized_servers(userId)
servers = db_helper.get_authorized_servers_from_roles(userId)
logger.debug("servers list = {}".format(servers))
return servers
def get_server_data(self, server_id):
for s in self.servers_list:
@ -329,6 +336,7 @@ class Controller:
self.stop_server(server_id)
# remove the server from the DB
User_Servers.delete().where(User_Servers.server_id == server_id).execute()
Servers.delete().where(Servers.server_id == server_id).execute()
# remove the server from servers list
@ -336,5 +344,4 @@ class Controller:
counter += 1
controller = Controller()

View File

@ -269,6 +269,36 @@ class db_shortcuts:
def get_all_defined_servers():
query = Servers.select()
return db_helper.return_rows(query)
@staticmethod
def get_authorized_servers(userId):
userServers = User_Servers.select().where(User_Servers.user_id == userId)
server_data = []
for u in userServers:
server_data.append(db_helper.get_server_data_by_id(u.server_id))
return server_data
@staticmethod
def get_authorized_servers_from_roles(userId):
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
roles_list = []
roleServer = []
server_data = []
for u in userRoles:
roles_list.append(db_helper.get_role(u.role_id))
for r in roles_list:
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
for t in role_test:
roleServer.append(t)
for s in roleServer:
server_data.append(db_helper.get_server_data_by_id(s.server_id))
return server_data
@staticmethod
def get_all_servers_stats():
@ -280,6 +310,45 @@ class db_shortcuts:
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
return server_data
@staticmethod
def get_authorized_servers_stats(userId):
userServers = User_Servers.select().where(User_Servers.user_id == userId)
authorizedServers = []
server_data = []
for u in userServers:
authorizedServers.append(db_helper.get_server_data_by_id(u.server_id))
for s in authorizedServers:
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
return server_data
@staticmethod
def get_authorized_servers_stats_from_roles(userId):
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
roles_list = []
roleServer = []
authorizedServers = []
server_data = []
for u in userRoles:
roles_list.append(db_helper.get_role(u.role_id))
for r in roles_list:
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
for t in role_test:
roleServer.append(t)
for s in roleServer:
authorizedServers.append(db_helper.get_server_data_by_id(s.server_id))
for s in authorizedServers:
latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
return server_data
@staticmethod
def get_server_stats_by_id(server_id):
stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
@ -290,6 +359,38 @@ class db_shortcuts:
if not db_helper.get_server_data_by_id(server_id):
return False
return True
@staticmethod
def server_id_authorized(serverId, userId):
userServer = User_Servers.select().where(User_Servers.server_id == serverId)
authorized = userServer.select().where(User_Servers.user_id == userId)
#authorized = db_helper.return_rows(authorized)
if authorized.count() == 0:
return False
return True
@staticmethod
def server_id_authorized_from_roles(serverId, userId):
cpt_authorized = 0
roles_list = []
roleServer = []
authorized = []
userRoles = User_Roles.select().where(User_Roles.user_id == userId)
for u in userRoles:
roles_list.append(db_helper.get_role(u.role_id))
for r in roles_list:
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
for s in role_test:
if s.server_id.server_id == serverId:
cpt_authorized += 1
if cpt_authorized == 0:
return False
return True
@staticmethod
def get_latest_hosts_stats():
@ -407,6 +508,7 @@ class db_shortcuts:
@staticmethod
def remove_user(user_id):
User_Servers.delete().where(User_Servers.user_id == user_id).execute()
user = Users.get(Users.user_id == user_id)
return user.delete_instance()
@ -474,6 +576,7 @@ class db_shortcuts:
@staticmethod
def remove_role(role_id):
Role_Servers.delete().where(Role_Servers.role_id == role_id).execute()
role = Roles.get(Roles.role_id == role_id)
return role.delete_instance()

View File

@ -29,13 +29,25 @@ class PanelHandler(BaseHandler):
now = time.time()
formatted_time = str(datetime.datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S'))
defined_servers = controller.list_defined_servers()
userId = user_data['user_id']
user = db_helper.get_user(userId)
user_role = []
if user['superuser'] == 1:
defined_servers = controller.list_defined_servers()
user_role = {"Super User"}
else:
defined_servers = controller.list_authorized_servers(userId)
for r in user['roles']:
role = db_helper.get_role(r)
user_role.append(role['role_name'])
page_data = {
# todo: make this actually pull and compare version data
'update_available': False,
'version_data': helper.get_version_string(),
'user_data': user_data,
'user_role' : user_role,
'server_stats': {
'total': len(defined_servers),
'running': len(controller.list_running_servers()),
@ -81,7 +93,11 @@ class PanelHandler(BaseHandler):
return
elif page == 'dashboard':
page_data['servers'] = db_helper.get_all_servers_stats()
if user['superuser'] == 1:
page_data['servers'] = db_helper.get_all_servers_stats()
else:
#page_data['servers'] = db_helper.get_authorized_servers_stats(userId)
page_data['servers'] = db_helper.get_authorized_servers_stats_from_roles(userId)
for s in page_data['servers']:
try:
@ -107,6 +123,12 @@ class PanelHandler(BaseHandler):
self.redirect("/panel/error?error=Invalid Server ID")
return False
if user['superuser'] != 1:
#if not db_helper.server_id_authorized(server_id, userId):
if not db_helper.server_id_authorized_from_roles(int(server_id), userId):
self.redirect("/panel/error?error=Invalid Server ID")
return False
valid_subpages = ['term', 'logs', 'config', 'files', 'admin_controls']
if subpage not in valid_subpages:
@ -164,7 +186,7 @@ class PanelHandler(BaseHandler):
page_data['user']['created'] = "N/A"
page_data['user']['last_login'] = "N/A"
page_data['user']['last_ip'] = "N/A"
page_data['role']['last_update'] = "N/A"
page_data['user']['last_update'] = "N/A"
page_data['user']['roles'] = set()
page_data['user']['servers'] = set()

View File

@ -32,6 +32,19 @@ class ServerHandler(BaseHandler):
def get(self, page):
# name = tornado.escape.json_decode(self.current_user)
user_data = json.loads(self.get_secure_cookie("user_data"))
userId = user_data['user_id']
user = db_helper.get_user(userId)
user_role = []
if user['superuser'] == 1:
defined_servers = controller.list_defined_servers()
user_role = "Super User"
else:
defined_servers = controller.list_authorized_servers(userId)
for r in user['roles']:
role = db_helper.get_role(r)
user_role.append(role['role_name'])
template = "public/404.html"
@ -40,6 +53,7 @@ class ServerHandler(BaseHandler):
page_data = {
'version_data': helper.get_version_string(),
'user_data': user_data,
'user_role' : user_role,
'server_stats': {
'total': len(controller.list_defined_servers()),
'running': len(controller.list_running_servers()),

View File

@ -23,7 +23,10 @@
<div class="dropdown-header text-center">
<img class="img-md rounded-circle" src="/static/assets/images/faces-clipart/pic-1.png" alt="Profile image">
<p class="mb-1 mt-3 font-weight-semibold">{{ data['user_data']['username'] }}</p>
<p class="font-weight-light text-muted mb-0">Role: Admin</p>
<p class="font-weight-light text-muted mb-0">Roles: </p>
{% for r in data['user_role'] %}
<p class="font-weight-light text-muted mb-0">{{ r }}</p>
{% end %}
</div>
<a class="dropdown-item" href="/panel/activity_logs"><i class="dropdown-item-icon mdi mdi-calendar-check-outline text-primary"></i> Activity</a>
<a class="dropdown-item" href="/public/login"><i class="dropdown-item-icon mdi mdi-power text-primary"></i>Sign Out</a>

View File

@ -4,7 +4,7 @@ certifi==2020.6.20
cffi==1.14.1
chardet==3.0.4
colorama==0.4.3
cryptography==3.0
cryptography==3.4
idna==2.10
packaging==20.4
peewee==3.13.3