Merge branch 'dev-Silversthorn' into dev

app/classes/shared/controller.py

@@ -10,7 +10,7 @@ from distutils import dir_util
 from app.classes.shared.helpers import helper
 from app.classes.shared.console import console
 
-from app.classes.shared.models import db_helper, Servers
+from app.classes.shared.models import db_helper, Servers, User_Servers
 
 from app.classes.shared.server import Server
 from app.classes.minecraft.server_props import ServerProps
@@ -107,6 +107,13 @@ class Controller:
         servers = db_helper.get_all_defined_servers()
         return servers
         
+    @staticmethod
+    def list_authorized_servers(userId):
+        #servers = db_helper.get_authorized_servers(userId)
+        servers = db_helper.get_authorized_servers_from_roles(userId)
+        logger.debug("servers list = {}".format(servers))
+        return servers
+
     def get_server_data(self, server_id):
         for s in self.servers_list:
             if int(s['server_id']) == int(server_id):
@@ -329,6 +336,7 @@ class Controller:
                     self.stop_server(server_id)
 
                 # remove the server from the DB
+                User_Servers.delete().where(User_Servers.server_id == server_id).execute()
                 Servers.delete().where(Servers.server_id == server_id).execute()
 
                 # remove the server from servers list
@@ -336,5 +344,4 @@ class Controller:
 
             counter += 1
 
-
 controller = Controller()

app/classes/shared/models.py

@@ -270,6 +270,36 @@ class db_shortcuts:
         query = Servers.select()
         return db_helper.return_rows(query)
         
+    @staticmethod
+    def get_authorized_servers(userId):
+        userServers = User_Servers.select().where(User_Servers.user_id == userId)
+        server_data = []
+
+        for u in userServers:
+            server_data.append(db_helper.get_server_data_by_id(u.server_id))
+
+        return server_data
+        
+    @staticmethod
+    def get_authorized_servers_from_roles(userId):
+        userRoles = User_Roles.select().where(User_Roles.user_id == userId)
+        roles_list = []
+        roleServer = []
+        server_data = []
+
+        for u in userRoles:
+            roles_list.append(db_helper.get_role(u.role_id))
+            
+        for r in roles_list:
+            role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
+            for t in role_test:
+                roleServer.append(t)
+
+        for s in roleServer:
+            server_data.append(db_helper.get_server_data_by_id(s.server_id))
+
+        return server_data
+
     @staticmethod
     def get_all_servers_stats():
         servers = db_helper.get_all_defined_servers()
@@ -280,6 +310,45 @@ class db_shortcuts:
             server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
         return server_data
 
+    @staticmethod
+    def get_authorized_servers_stats(userId):
+        userServers = User_Servers.select().where(User_Servers.user_id == userId)
+        authorizedServers = []
+        server_data = []
+
+        for u in userServers:
+            authorizedServers.append(db_helper.get_server_data_by_id(u.server_id))
+
+        for s in authorizedServers:
+            latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
+            server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
+        return server_data
+
+        
+    @staticmethod
+    def get_authorized_servers_stats_from_roles(userId):
+        userRoles = User_Roles.select().where(User_Roles.user_id == userId)
+        roles_list = []
+        roleServer = []
+        authorizedServers = []
+        server_data = []
+
+        for u in userRoles:
+            roles_list.append(db_helper.get_role(u.role_id))
+            
+        for r in roles_list:
+            role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
+            for t in role_test:
+                roleServer.append(t)
+
+        for s in roleServer:
+            authorizedServers.append(db_helper.get_server_data_by_id(s.server_id))
+
+        for s in authorizedServers:
+            latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1)
+            server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)})
+        return server_data
+
     @staticmethod
     def get_server_stats_by_id(server_id):
         stats = Server_Stats.select().where(Server_Stats.server_id == server_id).order_by(Server_Stats.created.desc()).limit(1)
@@ -291,6 +360,38 @@ class db_shortcuts:
             return False
         return True
         
+    @staticmethod
+    def server_id_authorized(serverId, userId):
+        userServer = User_Servers.select().where(User_Servers.server_id == serverId)
+        authorized = userServer.select().where(User_Servers.user_id == userId)      
+        #authorized = db_helper.return_rows(authorized)
+
+        if authorized.count() == 0:
+            return False
+        return True
+
+    @staticmethod
+    def server_id_authorized_from_roles(serverId, userId):
+        cpt_authorized = 0
+        roles_list = []
+        roleServer = []
+        authorized = []
+        userRoles = User_Roles.select().where(User_Roles.user_id == userId)
+        
+        for u in userRoles:
+            roles_list.append(db_helper.get_role(u.role_id))
+            
+        for r in roles_list:
+            role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
+
+        for s in role_test:
+            if s.server_id.server_id == serverId:
+                cpt_authorized += 1
+
+        if cpt_authorized == 0:
+            return False
+        return True
+
     @staticmethod
     def get_latest_hosts_stats():
         query = Host_Stats.select().order_by(Host_Stats.id.desc()).get()
@@ -407,6 +508,7 @@ class db_shortcuts:
 
     @staticmethod
     def remove_user(user_id):
+        User_Servers.delete().where(User_Servers.user_id == user_id).execute()
         user = Users.get(Users.user_id == user_id)
         return user.delete_instance()
 
@@ -474,6 +576,7 @@ class db_shortcuts:
 
     @staticmethod
     def remove_role(role_id):
+        Role_Servers.delete().where(Role_Servers.role_id == role_id).execute()
         role = Roles.get(Roles.role_id == role_id)
         return role.delete_instance()
 

app/classes/web/panel_handler.py

@@ -29,13 +29,25 @@ class PanelHandler(BaseHandler):
         now = time.time()
         formatted_time = str(datetime.datetime.fromtimestamp(now).strftime('%Y-%m-%d %H:%M:%S'))
 
+        userId = user_data['user_id']
+        user = db_helper.get_user(userId)
+        
+        user_role = []
+        if user['superuser'] == 1:
             defined_servers = controller.list_defined_servers()
+            user_role = {"Super User"}
+        else:
+            defined_servers = controller.list_authorized_servers(userId)
+            for r in user['roles']:
+                role = db_helper.get_role(r)
+                user_role.append(role['role_name'])
 
         page_data = {
             # todo: make this actually pull and compare version data
             'update_available': False,
             'version_data': helper.get_version_string(),
             'user_data': user_data,
+            'user_role' : user_role,
             'server_stats': {
                 'total': len(defined_servers),
                 'running': len(controller.list_running_servers()),
@@ -81,7 +93,11 @@ class PanelHandler(BaseHandler):
             return
 
         elif page == 'dashboard':
+            if user['superuser'] == 1:
                 page_data['servers'] = db_helper.get_all_servers_stats()
+            else:
+                #page_data['servers'] = db_helper.get_authorized_servers_stats(userId)
+                page_data['servers'] = db_helper.get_authorized_servers_stats_from_roles(userId)
 
             for s in page_data['servers']:
                 try:
@@ -107,6 +123,12 @@ class PanelHandler(BaseHandler):
                     self.redirect("/panel/error?error=Invalid Server ID")
                     return False
 
+                if user['superuser'] != 1:
+                    #if not db_helper.server_id_authorized(server_id, userId):
+                    if not db_helper.server_id_authorized_from_roles(int(server_id), userId):
+                        self.redirect("/panel/error?error=Invalid Server ID")
+                        return False
+
             valid_subpages = ['term', 'logs', 'config', 'files', 'admin_controls']
 
             if subpage not in valid_subpages:
@@ -164,7 +186,7 @@ class PanelHandler(BaseHandler):
             page_data['user']['created'] = "N/A"
             page_data['user']['last_login'] = "N/A"
             page_data['user']['last_ip'] = "N/A"
-            page_data['role']['last_update'] = "N/A"
+            page_data['user']['last_update'] = "N/A"
             page_data['user']['roles'] = set()
             page_data['user']['servers'] = set()
 

app/classes/web/server_handler.py

@@ -33,6 +33,19 @@ class ServerHandler(BaseHandler):
         # name = tornado.escape.json_decode(self.current_user)
         user_data = json.loads(self.get_secure_cookie("user_data"))
         
+        userId = user_data['user_id']
+        user = db_helper.get_user(userId)
+        
+        user_role = []
+        if user['superuser'] == 1:
+            defined_servers = controller.list_defined_servers()
+            user_role = "Super User"
+        else:
+            defined_servers = controller.list_authorized_servers(userId)
+            for r in user['roles']:
+                role = db_helper.get_role(r)
+                user_role.append(role['role_name'])
+
         template = "public/404.html"
 
         defined_servers = controller.list_defined_servers()
@@ -40,6 +53,7 @@ class ServerHandler(BaseHandler):
         page_data = {
             'version_data': helper.get_version_string(),
             'user_data': user_data,
+            'user_role' : user_role,
             'server_stats': {
                 'total': len(controller.list_defined_servers()),
                 'running': len(controller.list_running_servers()),

app/frontend/templates/notify.html

@@ -23,7 +23,10 @@
         <div class="dropdown-header text-center">
           <img class="img-md rounded-circle" src="/static/assets/images/faces-clipart/pic-1.png" alt="Profile image">
           <p class="mb-1 mt-3 font-weight-semibold">{{ data['user_data']['username'] }}</p>
-          <p class="font-weight-light text-muted mb-0">Role: Admin</p>
+          <p class="font-weight-light text-muted mb-0">Roles: </p>
+          {% for r in data['user_role'] %}            
+            <p class="font-weight-light text-muted mb-0">{{ r }}</p>
+          {% end %}
         </div>
         <a class="dropdown-item" href="/panel/activity_logs"><i class="dropdown-item-icon mdi mdi-calendar-check-outline text-primary"></i> Activity</a>
         <a class="dropdown-item" href="/public/login"><i class="dropdown-item-icon mdi mdi-power text-primary"></i>Sign Out</a>

requirements.txt

@@ -4,7 +4,7 @@ certifi==2020.6.20
 cffi==1.14.1
 chardet==3.0.4
 colorama==0.4.3
-cryptography==3.0
+cryptography==3.4
 idna==2.10
 packaging==20.4
 peewee==3.13.3