diff --git a/app/classes/shared/controller.py b/app/classes/shared/controller.py index 980994a1..be9f354d 100644 --- a/app/classes/shared/controller.py +++ b/app/classes/shared/controller.py @@ -345,8 +345,9 @@ class Controller: self.stop_server(server_id) # remove the server from the DB - #User_Servers.delete().where(User_Servers.server_id == server_id).execute() - Servers.delete().where(Servers.server_id == server_id).execute() + with database.atomic(): + Role_Servers.delete().where(Role_Servers.server_id == server_id).execute() + Servers.delete().where(Servers.server_id == server_id).execute() # remove the server from servers list self.servers_list.pop(counter) diff --git a/app/classes/shared/models.py b/app/classes/shared/models.py index a072b6a4..da4493e0 100644 --- a/app/classes/shared/models.py +++ b/app/classes/shared/models.py @@ -327,31 +327,31 @@ class db_shortcuts: return db_helper.return_rows(query) @staticmethod - def get_authorized_servers(userId): - userServers = User_Servers.select().where(User_Servers.user_id == userId) + def get_authorized_servers(user_id): + user_servers = User_Servers.select().where(User_Servers.user_id == user_id) server_data = [] - for u in userServers: + for u in user_servers: server_data.append(db_helper.get_server_data_by_id(u.server_id)) return server_data @staticmethod - def get_authorized_servers_from_roles(userId): - userRoles = User_Roles.select().where(User_Roles.user_id == userId) + def get_authorized_servers_from_roles(user_id): + user_roles = User_Roles.select().where(User_Roles.user_id == user_id) roles_list = [] - roleServer = [] + role_server = [] server_data = [] - for u in userRoles: + for u in user_roles: roles_list.append(db_helper.get_role(u.role_id)) for r in roles_list: role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id')) for t in role_test: - roleServer.append(t) + role_server.append(t) - for s in roleServer: + for s in role_server: server_data.append(db_helper.get_server_data_by_id(s.server_id)) return server_data @@ -367,40 +367,40 @@ class db_shortcuts: return server_data @staticmethod - def get_authorized_servers_stats(userId): - userServers = User_Servers.select().where(User_Servers.user_id == userId) - authorizedServers = [] + def get_authorized_servers_stats(user_id): + user_servers = User_Servers.select().where(User_Servers.user_id == user_id) + authorized_servers = [] server_data = [] - for u in userServers: - authorizedServers.append(db_helper.get_server_data_by_id(u.server_id)) + for u in user_servers: + authorized_servers.append(db_helper.get_server_data_by_id(u.server_id)) - for s in authorizedServers: + for s in authorized_servers: latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1) server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)}) return server_data @staticmethod - def get_authorized_servers_stats_from_roles(userId): - userRoles = User_Roles.select().where(User_Roles.user_id == userId) + def get_authorized_servers_stats_from_roles(user_id): + user_roles = User_Roles.select().where(User_Roles.user_id == user_id) roles_list = [] - roleServer = [] - authorizedServers = [] + role_server = [] + authorized_servers = [] server_data = [] - for u in userRoles: + for u in user_roles: roles_list.append(db_helper.get_role(u.role_id)) for r in roles_list: role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id')) for t in role_test: - roleServer.append(t) + role_server.append(t) - for s in roleServer: - authorizedServers.append(db_helper.get_server_data_by_id(s.server_id)) + for s in role_server: + authorized_servers.append(db_helper.get_server_data_by_id(s.server_id)) - for s in authorizedServers: + for s in authorized_servers: latest = Server_Stats.select().where(Server_Stats.server_id == s.get('server_id')).order_by(Server_Stats.created.desc()).limit(1) server_data.append({'server_data': s, "stats": db_helper.return_rows(latest)[0]}) return server_data @@ -417,9 +417,9 @@ class db_shortcuts: return True @staticmethod - def server_id_authorized(serverId, userId): + def server_id_authorized(serverId, user_id): userServer = User_Servers.select().where(User_Servers.server_id == serverId) - authorized = userServer.select().where(User_Servers.user_id == userId) + authorized = userServer.select().where(User_Servers.user_id == user_id) #authorized = db_helper.return_rows(authorized) if authorized.count() == 0: @@ -427,14 +427,14 @@ class db_shortcuts: return True @staticmethod - def server_id_authorized_from_roles(serverId, userId): + def server_id_authorized_from_roles(serverId, user_id): cpt_authorized = 0 roles_list = [] - roleServer = [] + role_server = [] authorized = [] - userRoles = User_Roles.select().where(User_Roles.user_id == userId) + user_roles = User_Roles.select().where(User_Roles.user_id == user_id) - for u in userRoles: + for u in user_roles: roles_list.append(db_helper.get_role(u.role_id)) for r in roles_list: @@ -472,7 +472,7 @@ class db_shortcuts: return query @staticmethod - def get_userid_by_name(username): + def get_user_id_by_name(username): if username == "SYSTEM": return 0 try: @@ -582,7 +582,7 @@ class db_shortcuts: @staticmethod def remove_user(user_id): with database.atomic(): - User_Roles.delete().where(User_Servers.user_id == user_id).execute() + User_Roles.delete().where(User_Roles.user_id == user_id).execute() user = Users.get(Users.user_id == user_id) return user.delete_instance() @@ -650,9 +650,11 @@ class db_shortcuts: @staticmethod def remove_role(role_id): - Role_Servers.delete().where(Role_Servers.role_id == role_id).execute() - role = Roles.get(Roles.role_id == role_id) - return role.delete_instance() + with database.atomic(): + Role_Servers.delete().where(Role_Servers.role_id == role_id).execute() + User_Roles.delete().where(User_Roles.role_id == role_id).execute() + role = Roles.get(Roles.role_id == role_id) + return role.delete_instance() @staticmethod def role_id_exists(role_id): diff --git a/app/classes/web/base_handler.py b/app/classes/web/base_handler.py index e578cd17..48a37692 100644 --- a/app/classes/web/base_handler.py +++ b/app/classes/web/base_handler.py @@ -12,6 +12,8 @@ logger = logging.getLogger(__name__) class BaseHandler(tornado.web.RequestHandler): + nobleach = {bool, type(None)} + def initialize(self, controller=None, tasks_manager=None, translator=None): self.controller = controller self.tasks_manager = tasks_manager @@ -27,10 +29,10 @@ class BaseHandler(tornado.web.RequestHandler): return self.get_secure_cookie("user", max_age_days=1) def autobleach(self, text): - if type(text) is bool: + if type(text) in self.nobleach: return text else: - return text + return bleach.clean(text) def get_argument( self, diff --git a/app/classes/web/default_handler.py b/app/classes/web/default_handler.py index ebb53694..0b8e45e1 100644 --- a/app/classes/web/default_handler.py +++ b/app/classes/web/default_handler.py @@ -18,6 +18,6 @@ class DefaultHandler(BaseHandler): else: self.redirect( "/public/login", - translate=self.translator.translate, + #translate=self.translator.translate, ) diff --git a/app/classes/web/panel_handler.py b/app/classes/web/panel_handler.py index c74d3aba..7966be48 100644 --- a/app/classes/web/panel_handler.py +++ b/app/classes/web/panel_handler.py @@ -373,7 +373,7 @@ class PanelHandler(BaseHandler): return else: # does this user id exist? - target_role = db_helper.get_user(role_id) + target_role = db_helper.get_role(role_id) if not target_role: self.redirect("/panel/error?error=Invalid Role ID") return @@ -582,7 +582,7 @@ class PanelHandler(BaseHandler): ) )) if argument: - roles.add(role['role_id']) + roles.add(role.role_id) servers = set() for server in self.controller.list_defined_servers(): diff --git a/app/classes/web/server_handler.py b/app/classes/web/server_handler.py index f3a44e91..75e8f623 100644 --- a/app/classes/web/server_handler.py +++ b/app/classes/web/server_handler.py @@ -50,7 +50,7 @@ class ServerHandler(BaseHandler): page_data = { 'version_data': helper.get_version_string(), 'user_data': exec_user_data, - 'user_role' : user_role, + 'user_role' : exec_user_role, 'server_stats': { 'total': len(self.controller.list_defined_servers()), 'running': len(self.controller.list_running_servers()),