Merge branch 'dev' of gitlab.com:crafty-controller/crafty-4 into dev

app/classes/shared/main_controller.py

@@ -82,7 +82,15 @@ class Controller:
         if exec_user["preparing"]:
             return
         self.users.set_prepare(exec_user["user_id"])
-        # Delete previous instace of logs
+        logger.info("Checking for previous support logs.")
+        if exec_user["support_logs"] != "":
+            logger.info(
+                f"Found previous support log request at {exec_user['support_logs']}"
+            )
+            if self.helper.validate_traversal(
+                tempfile.gettempdir(), exec_user["support_logs"]
+            ):
+                logger.debug("No transversal detected. Going for the delete.")
                 self.del_support_file(exec_user["support_logs"])
         # pausing so on screen notifications can run for user
         time.sleep(7)
@@ -177,6 +185,9 @@ class Controller:
     def del_support_file(self, temp_zip_storage):
         try:
             FileHelpers.del_file(temp_zip_storage)
+            logger.info(
+                f"Old support logs successfully deleted from {temp_zip_storage}"
+            )
         except FileNotFoundError:
             logger.info("No temp file found. Assuming it's already been cleaned up")
         except PermissionError:

app/classes/web/api_handler.py

@@ -338,7 +338,7 @@ class CreateUser(ApiHandler):
             self.access_denied(user)
             return
 
-        new_username = self.get_argument("username")
+        new_username = self.get_argument("username").lower()
         new_pass = self.get_argument("password")
 
         if new_username:

app/classes/web/panel_handler.py

@@ -1223,8 +1223,6 @@ class PanelHandler(BaseHandler):
 
         elif page == "download_support_package":
             temp_zip_storage = exec_user["support_logs"]
-            # We'll reset the support path for this user now.
-            self.controller.users.set_support_path(exec_user["user_id"], "")
 
             self.set_header("Content-Type", "application/octet-stream")
             self.set_header(
@@ -1774,7 +1772,7 @@ class PanelHandler(BaseHandler):
                     "system user is not editable"
                 )
             user_id = bleach.clean(self.get_argument("id", None))
-            username = bleach.clean(self.get_argument("username", None))
+            username = bleach.clean(self.get_argument("username", None).lower())
             password0 = bleach.clean(self.get_argument("password0", None))
             password1 = bleach.clean(self.get_argument("password1", None))
             email = bleach.clean(self.get_argument("email", "default@example.com"))
@@ -1943,7 +1941,7 @@ class PanelHandler(BaseHandler):
             self.finish()
 
         elif page == "add_user":
-            username = bleach.clean(self.get_argument("username", None))
+            username = bleach.clean(self.get_argument("username", None).lower())
             if username.lower() == "system":
                 self.redirect(
                     "/panel/error?error=Unauthorized access: "

app/classes/web/routes/api/users/index.py

@@ -95,6 +95,7 @@ class ApiUsersIndexHandler(BaseApiHandler):
             )
 
         username = data["username"]
+        username = str(username).lower()
         password = data["password"]
         email = data.get("email", "default@example.com")
         enabled = data.get("enabled", True)

docker_launcher.sh

@@ -2,7 +2,7 @@
 
 # Check if config exists taking one from image if needed.
 if [ ! "$(ls -A --ignore=.gitkeep ./app/config)" ]; then
-    echo "Wrapper | 🏗️ Config not found, pulling defaults..."
+    echo "\033[36mWrapper | \033[33m🏗️  Config not found, pulling defaults..."
     mkdir ./app/config/ 2> /dev/null
     cp -r ./app/config_original/* ./app/config/
 
@@ -10,11 +10,24 @@ if [ ! "$(ls -A --ignore=.gitkeep ./app/config)" ]; then
         # We're running as root;
         # Look for files & dirs that require group permissions to be fixed
         # This will do the full /crafty dir, so will take a miniute.
-        echo "Wrapper | 📋 Looking for problem bind mount permissions globally..."
+        echo "\033[36mWrapper | \033[35m📋 Looking for problem bind mount permissions globally..."
         find . ! -group root -exec chgrp root {} \;
         find . ! -perm g+rw -exec chmod g+rw {} \;
         find . -type d ! -perm g+s -exec chmod g+s {} \;
     fi
+else
+    # Keep version file up to date with image
+    cp -f ./app/config_original/version.json ./app/config/version.json
+
+    # Compare if user's config is different from image, and show differences.
+    echo "\033[36mWrapper | \033[35m🏗️  Checking for config.json changes..."
+    cp -f ./app/config_original/config.json ./app/config/config_image_template
+    if [ "$(diff -q ./app/config/config.json ./app/config/config_image_template)" ]; then
+        echo "\033[36mWrapper | \033[33m👷 We've found differences in your local config, please review!,"
+        echo "\033[36m        | \033[33m   (This could be an outdated config.json)"
+    else
+        echo "\033[36mWrapper | \033[32m✅ Config good! Proceeding..."
+    fi
 fi
 
 
@@ -24,21 +37,21 @@ if [ $(id -u) -eq 0 ]; then
     # If we find files in import directory, we need to ensure all dirs are owned by the root group,
     # This fixes bind mounts that may have incorrect perms.
     if [ "$(ls -A --ignore=.gitkeep ./import)" ]; then
-        echo "Wrapper | 📋 Files present in import, checking/fixing permissions..."
+        echo "\033[36mWrapper | \033[35m📋 Files present in import directory, checking/fixing permissions..."
-        echo "Wrapper | ⏳ Please be paitent for larger servers..."
+        echo "\033[36mWrapper | \033[33m⏳ Please be paitent for larger servers..."
         find . ! -group root -exec chgrp root {} \;
         find . ! -perm g+rw -exec chmod g+rw {} \;
         find . -type d ! -perm g+s -exec chmod g+s {} \;
-        echo "Wrapper | ✅ Permissions Fixed! (This will happen every boot until /import is empty!)"
+        echo "\033[36mWrapper | \033[32m✅ Permissions Fixed! (This will happen every boot until /import is empty!)"
     fi
 
     # Switch user, activate our prepared venv and lauch crafty
     args="$@"
-    echo "Wrapper | 🚀 Launching crafty with [$args]"
+    echo "\033[36mWrapper | \033[32m🚀 Launching crafty with [\033[34m$args\033[32m]"
     exec sudo -u crafty bash -c "source ./.venv/bin/activate && exec python3 main.py $args"
 else
     # Activate our prepared venv
-    echo "Wrapper | 🚀 Non-root host detected, using normal exec"
+    echo "\033[36mWrapper | \033[32m🚀 Non-root host detected, using normal exec"
     . ./.venv/bin/activate
     # Use exec as our perms are already correct
     # This is likely if using Kubernetes/OpenShift etc