Mirrored_Repos/crafty-4
1
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2024-08-30 18:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'secops/pre-beta-security-fixes' into 'dev'

Browse Source 
Pass 2 sec advisory fixes

See merge request crafty-controller/crafty-4!294
This commit is contained in:
Iain Powrie 2022-06-03 20:10:17 +00:00
commit ebf00a1900
7 changed files with 50 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/classes/shared/helpers.py
View File

@ -440,9 +440,7 @@ class Helpers:
full_root_path = temp_dir
for item in os.listdir(full_root_path):
print(item)
if os.path.isdir(os.path.join(full_root_path, item)):
print("dir")
try:
FileHelpers.move_dir(
os.path.join(full_root_path, item),
@ -459,7 +457,7 @@ class Helpers:
except Exception as ex:
logger.error(f"ERROR IN ZIP IMPORT: {ex}")
except Exception as ex:
print(ex)
Console.error(ex)
else:
return "false"
return

1
app/classes/shared/server.py
View File

@ -1115,6 +1115,7 @@ class ServerInstance:
+ ". Check log file for details.",
)
logger.error("Executable download failed.")
self.stats_helper.set_update(False)
# **********************************************************************************
# Minecraft Servers Statistics

2
app/classes/web/file_handler.py
View File

@ -223,6 +223,8 @@ class FileHandler(BaseHandler):
self.redirect("/panel/error?error=Unauthorized access to Files")
return
path = Helpers.get_os_understandable_path(self.get_argument("path", None))
if Helpers.is_os_windows():
path = Helpers.wtol_path(path)
Helpers.unzip_file(path)
self.redirect(f"/panel/server_detail?id={server_id}&subpage=files")
return

12
app/frontend/templates/panel/dashboard.html
View File

@ -601,17 +601,19 @@
server_players.setAttribute('data-players', server.online);
server_players.setAttribute('data-max', server.max);
let servers = document.getElementsByClassName("server-player-totals");
let servers = Array.from(document.getElementsByClassName("server-player-totals"));
let all_total_players = 0;
let all_total_max_players = 0;
for (let i = 0; i < servers.length; i++) {
servers.forEach(server => {
try {
all_total_players += parseInt(servers[i].getAttribute('data-players'));
all_total_max_players += parseInt(servers[i].getAttribute('data-max'));
all_total_players += parseInt(server.getAttribute('data-players'));
all_total_max_players += parseInt(server.getAttribute('data-max'));
} catch {
console.log("Player totals are not of type int");
}
}
})
total_players.innerHTML = all_total_players;
document.getElementById('max_players').innerHTML = all_total_max_players;
document.getElementById('sync').innerHTML = '';

61
app/frontend/templates/panel/server_files.html
View File

@ -450,9 +450,7 @@
var ctxmenuName = e.target.getAttribute('data-name');
document.getElementById('context-title').innerHTML = ctxmenuName;
console.log(ctxmenuName);
if (!ctxmenuPath) {
console.log({ 'event.target': e.target, ctxmenuPath });
return;
}
$('#renameItem').show();
@ -466,7 +464,6 @@
var isFile = e.target.classList.contains('tree-file');
$('#deleteFile').toggle(isFile);
$('#downloadFile').toggle(isFile);
console.log({ 'event.target': e.target, isDir, isFile });
if (e.target.classList.contains('root-dir')) {
$('#createFile').show();
@ -479,7 +476,6 @@
}
if (e.target.textContent.endsWith('.zip')) {
$('#unzip').show();
console.log(e.target.textContent)
} else {
$('#unzip').hide();
}
@ -502,7 +498,6 @@
}
document.getElementById("files-tree-nav").style.top = clientY + 'px';
document.getElementById("files-tree-nav").style.left = clientX + 'px';
console.log(window.innerHeight)
timer = null;
};
}
@ -585,7 +580,6 @@
console.log("got response:");
document.getElementById("save_status").innerHTML = '<i class="fal fa-file-check"></i>';
document.getElementById('save_status').style.color = '#2fb689';
console.log(data);
},
});
}
@ -602,7 +596,6 @@
},
success: function (data) {
console.log("got response:");
console.log(data);
callback();
},
});
@ -620,7 +613,6 @@
},
success: function (data) {
console.log("got response:");
console.log(data);
callback();
},
});
@ -638,7 +630,6 @@
},
success: function (data) {
console.log("got response:");
console.log(data);
callback();
},
});
@ -656,7 +647,6 @@
},
success: function (data) {
console.log("got response:");
console.log(data);
callback();
},
});
@ -673,13 +663,13 @@
},
success: function (data) {
console.log("got response:");
console.log(data);
callback();
},
});
}
function unZip(path, callback) {
console.log('path: ', path)
var token = getCookie("_xsrf")
$.ajax({
type: "POST",
@ -731,7 +721,6 @@
function uploadFilesE(event) {
path = event.target.parentElement.getAttribute('data-path');
console.log("PATH: " + path);
$(function () {
var uploadHtml = "<div>" +
'<form id="upload_file" enctype="multipart/form-data">' + "<label class='upload-area' style='width:100%;text-align:center;' for='files'>" +
@ -765,14 +754,15 @@
message: waitMessage,
closeButton: false
});
let nFiles = files.files.length;
for (i = 0; i < files.files.length; i++) {
for (i = 0; i < nFiles; i++) {
if (!doUpload) {
doUpload = true;
hideUploadBox();
break;
}
console.log(files.files[i].name);
const progressHtml = `
<div style="width: 100%; min-width: 100%;">
${files.files[i].name}:
@ -788,8 +778,8 @@
</div><br>
`;
$('#upload-progress-bar-parent').append(progressHtml);
console.log(files.files.length)
sendFile(files.files[i], path, serverId, files.files.length - i - 1, (progress) => {
sendFile(files.files[i], path, serverId, nFiles - i - 1, (progress) => {
$(`#upload-progress-bar-${i + 1}`).attr('aria-valuenow', progress)
$(`#upload-progress-bar-${i + 1}`).css('width', progress + '%')
});
@ -804,16 +794,17 @@
var fileList = document.getElementById("files");
fileList.addEventListener("change", function (e) {
var list = "";
for (var i = 0; i < this.files.length; i++) {
list += "<li class='col-xs-12 file-list'>" + this.files[i].name + "</li>"
}
let files = Array.from(this.files)
files.forEach(file => {
list += "<li class='col-xs-12 file-list'>" + file.name + "</li>"
})
document.getElementById("fileList").innerHTML = list;
}, false);
});
}
function getTreeView(event) {
function getTreeView(event) {
const path = $('#root_dir').data('path');;
$.ajax({
@ -822,7 +813,6 @@
dataType: 'text',
success: function (data) {
console.log("got response:");
console.log(data);
dataArr = data.split('\n');
serverDir = dataArr.shift(); // Remove & return first element (server directory)
@ -899,10 +889,9 @@
}
function setTreeViewContext() {
var treeItems = document.getElementsByClassName('tree-ctx-item');
var treeItems = Array.from(document.getElementsByClassName('tree-ctx-item'));
for (var i = 0; i < treeItems.length; i++) {
var treeItem = treeItems[i];
treeItems.forEach(item => {
if ([
'iPad Simulator',
'iPhone Simulator',
@ -913,10 +902,10 @@
].includes(navigator.platform)
// iPad on iOS 13 detection
|| (navigator.userAgent.includes("Mac") && "ontouchend" in document)) {
treeItem.addEventListener("touchstart", touchstart, false);
treeItem.addEventListener("touchend", touchend, false);
item.addEventListener("touchstart", touchstart, false);
item.addEventListener("touchend", touchend, false);
}
treeItem.addEventListener('contextmenu', function contextListener(event) {
item.addEventListener('contextmenu', function contextListener(event) {
event.preventDefault();
var ctxmenuPath = event.target.getAttribute('data-path');
var ctxmenuName = event.target.getAttribute('data-name');
@ -933,12 +922,10 @@
$('#upload').toggle(isDir);
document.getElementById('context-title').innerHTML = ctxmenuName;
console.log(ctxmenuName);
var isFile = event.target.classList.contains('tree-file');
$('#deleteFile').toggle(isFile);
$('#downloadFile').toggle(isFile);
console.log({ 'event.target': event.target, isDir, isFile });
if (event.target.classList.contains('root-dir')) {
$('#createFile').show();
@ -951,7 +938,6 @@
}
if (event.target.textContent.endsWith('.zip')) {
$('#unzip').show();
console.log(event.target.textContent)
} else {
$('#unzip').hide();
}
@ -959,8 +945,6 @@
var clientX = event.clientX;
var clientY = event.clientY;
document.getElementById('files-tree-nav-content')
.setAttribute('data-path', ctxmenuPath);
document.getElementById('files-tree-nav-content')
@ -974,10 +958,8 @@
}
document.getElementById("files-tree-nav").style.top = clientY + 'px';
document.getElementById("files-tree-nav").style.left = clientX + 'px';
console.log(domRect)
console.log(window.innerHeight)
})
}
})
}
document.addEventListener('click', function (e) {
@ -1049,6 +1031,7 @@
}
function unzipFilesE(event) {
path = event.target.parentElement.getAttribute('data-path');
console.log(path)
unZip(path)
}
@ -1117,10 +1100,10 @@
editor.setKeyboardHandler(handlerName);
var nodes = target.parentNode.querySelectorAll("[data-handler-name]");
for (var i = 0; i < nodes.length; i++) {
nodes[i].classList.remove('btn-primary');
nodes[i].classList.add('btn-secondary');
}
nodes.forEach(node => {
node.classList.remove('btn-primary');
node.classList.add('btn-secondary');
})
target.classList.remove('btn-secondary');
target.classList.add('btn-primary');

17
app/frontend/templates/server/bedrock_wizard.html
View File

@ -448,21 +448,4 @@ function hide(event) {
}
</script>
<script type="text/javascript">
//<![CDATA[
// array of possible countries in the same order as they appear in the country selection list
function decodeHtmlCharCodes(str) {
return str.replace("&quot;", "\"");
}
function convertHtmlJsonToJavacriptArray(str) {
var result = []
str = decodeHtmlCharCodes(str)
for(var i in str)
result.push([i, str [i]]);
return result
}
//]]>
</script>
{% end %}

34
app/frontend/templates/server/wizard.html
View File

@ -522,13 +522,16 @@
event.target.parentElement.children[1].classList.remove("d-none");
document.getElementById("overlay").classList.remove("d-none");
}
function hide(event) {
var items = document.getElementsByClassName('menu');
for (let i = 0; i < items.length; i++) {
items[i].classList.add("d-none");
}
items.forEach(item => {
item.classList.add("d-none");
})
document.getElementById("overlay").classList.add("d-none");
}
$(document).ready(function () {
console.log('ready');
var forms = $('form.server-wizard');
@ -672,24 +675,8 @@
</script>
<script type="text/javascript">
//<![CDATA[
// array of possible countries in the same order as they appear in the country selection list
function decodeHtmlCharCodes(str) {
return str.replace("&quot;", "\"");
}
function convertHtmlJsonToJavacriptArray(str) {
var result = []
str = decodeHtmlCharCodes(str)
for (var i in str)
result.push([i, str[i]]);
return result
}
var text = '{% raw data["js_server_types"] %}';
var serverTypesLists = JSON.parse(text);
//convertHtmlJsonToJavacriptArray('{{ data["js_server_types"] }}')
/* CountryChange() is called from the onchange event of a select element.
* param selectObj - the select object which fired the on change event.
*/
@ -709,10 +696,10 @@
}
var newOption;
// create new options ordered by ascending
for (var i = 0; i < (cList.length); i++) {
cList.forEach(type => {
newOption = document.createElement("option");
newOption.value = which + "|" + cList[i]; // assumes option string and value are the same
newOption.text = cList[i];
newOption.value = which + "|" + type; // assumes option string and value are the same
newOption.text = type;
// add the new option
try {
cSelect.add(newOption); // this will fail in DOM browsers but is needed for IE
@ -720,8 +707,7 @@
catch (e) {
cSelect.appendChild(newOption);
}
})
}
}
//]]>
</script>
{% end %}