Now can edit files. Also fixed a bunch of bugs.

app/classes/shared/helpers.py

@@ -457,18 +457,24 @@ class Helpers:
 
     @staticmethod
     def generate_tree(folder, output=""):
-        for filename in os.listdir(folder):
+        for raw_filename in os.listdir(folder):
+            print(raw_filename)
+            filename = html.escape(raw_filename)
             print(filename)
-            filename = html.escape(filename)
+            rel = os.path.join(folder, raw_filename)
-            print(filename)
-            rel = os.path.join(folder, filename)
             if os.path.isdir(rel):
                 output += '<li>\n<span class="tree-caret">{}</span>\n<ul class="tree-nested">'.format(filename)
                 output += helper.generate_tree(rel)
                 output += '</ul>\n</li>'
             else:
-                output += '<li>{}</li>'.format(filename)
+                console.debug('os.path.isdir(rel): "{}", rel: "{}"'.format(os.path.isdir(rel), rel))
+                output += '<li data-path="{}" onclick="clickOnFile(event)">{}</li>'\
+                    .format(os.path.join(folder, filename), filename)
         return output
 
+    @staticmethod
+    def in_path(x, y):
+        return os.path.abspath(y).__contains__(os.path.abspath(x))
+
 
 helper = Helpers()

app/classes/web/ajax_handler.py

@@ -3,6 +3,7 @@ import logging
 import tornado.web
 import tornado.escape
 import bleach
+import os
 
 from app.classes.shared.console import console
 from app.classes.shared.models import Users, installer
@@ -79,6 +80,42 @@ class AjaxHandler(BaseHandler):
             page_data['notify_data'] = data
             self.render_page('ajax/notify.html', page_data)
 
+        elif page == "get_file":
+            file_path = self.get_argument('file_path', None)
+            server_id = self.get_argument('id', None)
+
+            if server_id is None:
+                logger.warning("Server ID not found in get_file ajax call")
+                console.warning("Server ID not found in get_file ajax call")
+                return False
+            else:
+                server_id = bleach.clean(server_id)
+
+                # does this server id exist?
+                if not db_helper.server_id_exists(server_id):
+                    logger.warning("Server ID not found in get_file ajax call")
+                    console.warning("Server ID not found in get_file ajax call")
+                    return False
+
+            if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path)\
+                    or not helper.check_file_exists(os.path.abspath(file_path)):
+                logger.warning("Invalid path in get_file ajax call")
+                console.warning("Invalid path in get_file ajax call")
+                if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path):
+                    console.warning('1')
+                elif not helper.check_file_exists(os.path.abspath(file_path)):
+                    console.warning('2')
+                else:
+                    console.warning('3')
+                return False
+
+            file = open(file_path)
+            file_contents = file.read()
+            file.close()
+
+            console.debug("Send file contents")
+            self.write(file_contents)
+            self.finish()
 
     def post(self, page):
         user_data = json.loads(self.get_secure_cookie("user_data"))
@@ -95,6 +132,7 @@ class AjaxHandler(BaseHandler):
 
             if server_id is None:
                 logger.warning("Server ID not found in send_command ajax call")
+                console.warning("Server ID not found in send_command ajax call")
 
             srv_obj = controller.get_server_obj(server_id)
 
@@ -102,3 +140,33 @@ class AjaxHandler(BaseHandler):
                 if srv_obj.check_running():
                     srv_obj.send_command(command)
 
+        elif page == "save_file":
+            file_contents = bleach.clean(self.get_body_argument('file_contents', default=None, strip=True))
+            file_path = bleach.clean(self.get_body_argument('file_path', default=None, strip=True))
+            server_id = self.get_argument('id', None)
+            print(file_contents)
+            print(file_path)
+            print(server_id)
+
+            if server_id is None:
+                logger.warning("Server ID not found in save_file ajax call")
+                console.warning("Server ID not found in save_file ajax call")
+                return False
+            else:
+                server_id = bleach.clean(server_id)
+
+                # does this server id exist?
+                if not db_helper.server_id_exists(server_id):
+                    logger.warning("Server ID not found in save_file ajax call")
+                    console.warning("Server ID not found in save_file ajax call")
+                    return False
+
+            if not helper.in_path(db_helper.get_server_data_by_id(server_id)['path'], file_path)\
+                    or not helper.check_file_exists(os.path.abspath(file_path)):
+                logger.warning("Invalid path in save_file ajax call")
+                console.warning("Invalid path in save_file ajax call")
+                return False
+
+            # Open the file in write mode and store the content in file_object
+            with open(file_path, 'w') as file_object:
+                file_object.write(file_contents)

app/frontend/templates/panel/server_files.html

@@ -108,7 +108,6 @@
                 }
               </style>
               <div class="col-md-6 col-sm-12">
-                TODO: edit files<br/><br/>
                 Editing file <span id="editingFile"></span>
                 <div id="editor">file_contents</div>
                 <h3 id="file_warn"></h3>
@@ -155,8 +154,17 @@
 
 <script>
 
+
+    //used to get cookies from browser - this is part of tornados xsrf protection - it's for extra security
+    function getCookie(name) {
+      var r = document.cookie.match("\\b" + name + "=([^;]*)\\b");
+      return r ? r[1] : undefined;
+    }
+
+
     let editor = ace.edit('editor');
     editor.setTheme('ace/theme/dracula');
+    editor.session.setUseSoftTabs(true);
 
     let extensionChanges = [
       {
@@ -237,6 +245,24 @@
       }
     ];
 
+    var editorEnabled = false;
+    var filePath = '';
+
+    function clickOnFile(event) {
+      editorEnabled = true;
+      filePath = event.target.getAttribute('data-path');
+      setFileName(event.target.innerText);
+      $.ajax({
+        type: 'GET',
+        url: '/ajax/get_file?id={{ data['server_stats'][0]['server_id']['server_id'] }}&file_path=' + encodeURIComponent(filePath),
+        dataType: 'text',
+        success: function (data) {
+          console.log('Got File Contents From Server');
+          editor.session.setValue(data);
+        },
+      });
+    }
+
     function setFileName(name) {
       let fileName = name || 'default.txt';
       document.getElementById('editingFile').innerText = fileName;
@@ -287,8 +313,21 @@
 
     function save() {
       let text = editor.session.getValue();
-      // Use AJAX or something
+
-      alert(text);
+      var token = getCookie("_xsrf")
+      $.ajax({
+        type: "POST",
+        headers: {'X-XSRFToken': token},
+        url: '/ajax/save_file?id={{ data['server_stats'][0]['server_id']['server_id'] }}',
+        data: {
+          file_contents: text,
+          file_path: filePath
+        },
+        success: function(data){
+          console.log("got response:");
+          console.log(data);
+        },
+      });
     }
 
 </script>