2017-10-24 19:16:36 +05:00
# -*- coding: utf-8 -*-
2019-12-10 15:09:10 +05:00
2017-10-24 19:16:36 +05:00
2018-11-16 14:41:40 +05:00
from django . shortcuts import render , redirect
2017-10-24 19:16:36 +05:00
from django . http import HttpResponse
from loginSystem . views import loadLoginPage
2018-08-18 00:39:10 +05:00
from loginSystem . models import Administrator , ACL
2017-10-24 19:16:36 +05:00
import json
from plogical import hashPassword
2018-08-18 00:39:10 +05:00
from plogical . acl import ACLManager
2021-03-03 19:45:05 +05:00
from plogical . httpProc import httpProc
2019-08-13 16:27:56 +05:00
from plogical . virtualHostUtilities import virtualHostUtilities
2019-11-12 14:01:29 +05:00
from CyberCP . secMiddleware import secMiddleware
2020-08-15 00:06:52 -04:00
from CyberCP . SecurityLevel import SecurityLevel
2018-11-16 14:41:40 +05:00
2017-10-24 19:16:36 +05:00
def loadUserHome ( request ) :
2021-03-03 19:45:05 +05:00
2021-03-07 11:34:08 +05:00
val = request . session [ ' userID ' ]
admin = Administrator . objects . get ( pk = val )
currentACL = ACLManager . loadedACL ( val )
2017-10-24 19:16:36 +05:00
2021-03-07 11:34:08 +05:00
if currentACL [ ' admin ' ] == 1 :
listUsers = 1
else :
listUsers = currentACL [ ' listUsers ' ]
2017-10-24 19:16:36 +05:00
2021-03-07 11:34:08 +05:00
proc = httpProc ( request , ' userManagment/index.html ' ,
{ " type " : admin . type , ' listUsers ' : listUsers } , ' listUsers ' )
return proc . render ( )
2017-10-24 19:16:36 +05:00
2021-10-16 00:28:44 +06:00
2021-03-07 11:34:08 +05:00
def viewProfile ( request ) :
userID = request . session [ ' userID ' ]
admin = Administrator . objects . get ( pk = userID )
2017-10-24 19:16:36 +05:00
2021-03-07 11:34:08 +05:00
AdminData = { }
2017-10-24 19:16:36 +05:00
2021-03-07 11:34:08 +05:00
AdminData [ ' userName ' ] = admin . userName
AdminData [ ' firstName ' ] = admin . firstName
AdminData [ ' lastName ' ] = admin . lastName
AdminData [ ' websitesLimit ' ] = admin . initWebsitesLimit
AdminData [ ' email ' ] = admin . email
AdminData [ ' accountACL ' ] = admin . acl . name
2017-10-24 19:16:36 +05:00
2021-03-07 11:34:08 +05:00
proc = httpProc ( request , ' userManagment/userProfile.html ' ,
AdminData )
return proc . render ( )
2017-10-24 19:16:36 +05:00
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def createUser ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
2018-08-18 00:39:10 +05:00
2021-03-07 11:34:08 +05:00
if currentACL [ ' admin ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
proc = httpProc ( request , ' userManagment/createUser.html ' ,
{ ' aclNames ' : aclNames , ' securityLevels ' : SecurityLevel . list ( ) } )
return proc . render ( )
elif currentACL [ ' changeUserACL ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
proc = httpProc ( request , ' userManagment/createUser.html ' ,
{ ' aclNames ' : aclNames , ' securityLevels ' : SecurityLevel . list ( ) } )
return proc . render ( )
elif currentACL [ ' createNewUser ' ] == 1 :
aclNames = [ ' user ' ]
proc = httpProc ( request , ' userManagment/createUser.html ' ,
{ ' aclNames ' : aclNames , ' securityLevels ' : SecurityLevel . list ( ) } )
return proc . render ( )
else :
return ACLManager . loadError ( )
2017-10-24 19:16:36 +05:00
2021-10-16 00:28:44 +06:00
2019-03-30 14:21:52 +05:00
def apiAccess ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
adminNames = ACLManager . loadDeletionUsers ( userID , currentACL )
adminNames . append ( " admin " )
proc = httpProc ( request , ' userManagment/apiAccess.html ' ,
{ ' acctNames ' : adminNames } , ' admin ' )
return proc . render ( )
2019-03-30 14:21:52 +05:00
2021-10-16 00:28:44 +06:00
2019-03-30 14:21:52 +05:00
def saveChangesAPIAccess ( request ) :
try :
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
data = json . loads ( request . body )
if currentACL [ ' admin ' ] != 1 :
finalResponse = { ' status ' : 0 , " error_message " : " Only administrators are allowed to perform this task. " }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
else :
accountUsername = data [ ' accountUsername ' ]
access = data [ ' access ' ]
userAcct = Administrator . objects . get ( userName = accountUsername )
if access == " Enable " :
userAcct . api = 1
else :
userAcct . api = 0
userAcct . save ( )
finalResponse = { ' status ' : 1 }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2019-03-30 14:21:52 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def submitUserCreation ( request ) :
try :
2018-08-18 00:39:10 +05:00
try :
2020-06-01 19:30:22 +05:00
try :
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
data = json . loads ( request . body )
except :
userID = request [ ' userID ' ]
data = request
currentACL = ACLManager . loadedACL ( userID )
2018-08-18 00:39:10 +05:00
firstName = data [ ' firstName ' ]
lastName = data [ ' lastName ' ]
email = data [ ' email ' ]
userName = data [ ' userName ' ]
password = data [ ' password ' ]
websitesLimit = data [ ' websitesLimit ' ]
selectedACL = data [ ' selectedACL ' ]
2020-06-01 19:30:22 +05:00
2021-08-13 14:55:08 +05:00
if ACLManager . CheckRegEx ( " ^[ \ w ' \ -,.][^0-9_!¡?÷?¿/ \\ +=@#$ % ˆ {} |~<>;:[ \ ]] { 2,}$ " , firstName ) == 0 :
2023-10-30 20:30:56 +13:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 , ' error_message ' : ' First Name can only contain alphabetic characters, and should be more than 2 characters long... ' }
2021-08-13 14:55:08 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
if ACLManager . CheckRegEx ( " ^[ \ w ' \ -,.][^0-9_!¡?÷?¿/ \\ +=@#$ % ˆ {} |~<>;:[ \ ]] { 2,}$ " , lastName ) == 0 :
2023-10-30 20:30:56 +13:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 , ' error_message ' : ' Last Name can only contain alphabetic characters, and should be more than 2 characters long... ' }
2021-08-13 14:55:08 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
import validators
if not validators . email ( email ) :
data_ret = { ' status ' : 0 , ' createStatus ' : 0 ,
' error_message ' : ' Invalid email address. ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2020-01-18 10:16:38 +05:00
try :
securityLevel = data [ ' securityLevel ' ]
except :
securityLevel = ' HIGH '
2018-08-18 00:39:10 +05:00
selectedACL = ACL . objects . get ( name = selectedACL )
if selectedACL . adminStatus == 1 :
type = 1
2017-10-24 19:16:36 +05:00
else :
2018-08-18 00:39:10 +05:00
type = 3
2019-11-12 14:01:29 +05:00
if securityLevel == ' LOW ' :
securityLevel = secMiddleware . LOW
else :
securityLevel = secMiddleware . HIGH
2018-11-20 15:43:43 +05:00
token = hashPassword . generateToken ( userName , password )
2018-08-18 00:39:10 +05:00
password = hashPassword . hash_password ( password )
currentAdmin = Administrator . objects . get ( pk = userID )
if ACLManager . websitesLimitCheck ( currentAdmin , websitesLimit ) == 0 :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 ,
2018-08-18 00:39:10 +05:00
' error_message ' : " You ' ve reached maximum websites limit as a reseller. " }
final_json = json . dumps ( data_ret )
return HttpResponse ( final_json )
if currentACL [ ' admin ' ] == 1 :
newAdmin = Administrator ( firstName = firstName ,
lastName = lastName ,
email = email ,
type = type ,
userName = userName ,
password = password ,
initWebsitesLimit = websitesLimit ,
owner = currentAdmin . pk ,
2018-11-20 15:43:43 +05:00
acl = selectedACL ,
2019-11-12 14:01:29 +05:00
token = token ,
securityLevel = securityLevel ,
2018-08-18 00:39:10 +05:00
)
newAdmin . save ( )
elif currentACL [ ' changeUserACL ' ] == 1 :
newAdmin = Administrator ( firstName = firstName ,
lastName = lastName ,
email = email ,
type = type ,
userName = userName ,
password = password ,
initWebsitesLimit = websitesLimit ,
owner = currentAdmin . pk ,
2018-11-20 15:43:43 +05:00
acl = selectedACL ,
2019-11-12 14:01:29 +05:00
token = token ,
securityLevel = securityLevel ,
2018-08-18 00:39:10 +05:00
)
newAdmin . save ( )
elif currentACL [ ' createNewUser ' ] == 1 :
2020-01-23 20:13:29 +05:00
if selectedACL . name != ' user ' :
2020-01-21 19:53:58 +05:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 ,
' error_message ' : " You are not authorized to access this resource. " }
final_json = json . dumps ( data_ret )
return HttpResponse ( final_json )
2018-08-18 00:39:10 +05:00
newAdmin = Administrator ( firstName = firstName ,
lastName = lastName ,
email = email ,
type = type ,
userName = userName ,
password = password ,
initWebsitesLimit = websitesLimit ,
owner = currentAdmin . pk ,
2018-11-20 15:43:43 +05:00
acl = selectedACL ,
2019-11-12 14:01:29 +05:00
token = token ,
securityLevel = securityLevel ,
2018-08-18 00:39:10 +05:00
)
newAdmin . save ( )
else :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 ,
2018-08-18 00:39:10 +05:00
' error_message ' : " You are not authorized to access this resource. " }
2017-10-30 14:34:07 +05:00
2018-08-18 00:39:10 +05:00
final_json = json . dumps ( data_ret )
return HttpResponse ( final_json )
2017-10-24 19:16:36 +05:00
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 1 , ' createStatus ' : 1 ,
2018-08-18 00:39:10 +05:00
' error_message ' : " None " }
final_json = json . dumps ( data_ret )
return HttpResponse ( final_json )
2017-10-24 19:16:36 +05:00
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 , ' error_message ' : str ( msg ) }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
except KeyError :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' createStatus ' : 0 , ' error_message ' : " Not logged in as admin " , }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2020-08-15 00:06:52 -04:00
2017-10-24 19:16:36 +05:00
def modifyUsers ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
userNames = ACLManager . loadAllUsers ( userID )
proc = httpProc ( request , ' userManagment/modifyUser.html ' ,
{ " acctNames " : userNames , ' securityLevels ' : SecurityLevel . list ( ) } )
return proc . render ( )
2017-10-24 19:16:36 +05:00
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def fetchUserDetails ( request ) :
try :
val = request . session [ ' userID ' ]
try :
if request . method == ' POST ' :
data = json . loads ( request . body )
accountUsername = data [ ' accountUsername ' ]
user = Administrator . objects . get ( userName = accountUsername )
2019-07-16 23:23:16 +05:00
currentACL = ACLManager . loadedACL ( val )
loggedUser = Administrator . objects . get ( pk = val )
if currentACL [ ' admin ' ] == 1 :
pass
elif user . owner == loggedUser . pk :
pass
elif user . pk == loggedUser . pk :
pass
else :
data_ret = { ' fetchStatus ' : 0 , ' error_message ' : ' Un-authorized access. ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2017-10-24 19:16:36 +05:00
firstName = user . firstName
lastName = user . lastName
email = user . email
websitesLimit = user . initWebsitesLimit
2020-08-10 23:55:46 +05:00
import pyotp
if user . secretKey == ' None ' :
user . secretKey = pyotp . random_base32 ( )
user . save ( )
otpauth = pyotp . totp . TOTP ( user . secretKey ) . provisioning_uri ( email , issuer_name = " CyberPanel " )
2018-11-16 14:41:40 +05:00
userDetails = {
" id " : user . id ,
" firstName " : firstName ,
" lastName " : lastName ,
" email " : email ,
" acl " : user . acl . name ,
2019-11-12 14:01:29 +05:00
" websitesLimit " : websitesLimit ,
2020-08-15 00:06:52 -04:00
" securityLevel " : SecurityLevel ( user . securityLevel ) . name ,
2020-08-10 23:55:46 +05:00
" otpauth " : otpauth ,
' twofa ' : user . twoFA
2018-11-16 14:41:40 +05:00
}
2017-10-24 19:16:36 +05:00
2018-11-16 14:41:40 +05:00
data_ret = { ' fetchStatus ' : 1 , ' error_message ' : ' None ' , " userDetails " : userDetails }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2017-10-24 19:16:36 +05:00
data_ret = { ' fetchStatus ' : 0 , ' error_message ' : str ( msg ) }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
except KeyError :
2018-11-16 14:41:40 +05:00
data_ret = { ' fetchStatus ' : 0 , ' error_message ' : " Not logged in as admin " , }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def saveModifications ( request ) :
try :
try :
2020-06-02 15:57:02 +05:00
val = request . session [ ' userID ' ]
except :
val = request [ ' userID ' ]
try :
try :
2017-10-24 19:16:36 +05:00
data = json . loads ( request . body )
2020-06-02 15:57:02 +05:00
except :
data = request
2017-10-24 19:16:36 +05:00
2020-06-02 15:57:02 +05:00
accountUsername = data [ ' accountUsername ' ]
firstName = data [ ' firstName ' ]
lastName = data [ ' lastName ' ]
email = data [ ' email ' ]
try :
securityLevel = data [ ' securityLevel ' ]
except :
securityLevel = ' HIGH '
2017-10-24 19:16:36 +05:00
2020-08-10 23:55:46 +05:00
try :
twofa = int ( data [ ' twofa ' ] )
except :
twofa = 0
2020-06-02 15:57:02 +05:00
user = Administrator . objects . get ( userName = accountUsername )
2019-07-16 23:23:16 +05:00
2020-06-02 15:57:02 +05:00
currentACL = ACLManager . loadedACL ( val )
loggedUser = Administrator . objects . get ( pk = val )
if currentACL [ ' admin ' ] == 1 :
pass
elif user . owner == loggedUser . pk :
pass
elif user . pk == loggedUser . pk :
pass
else :
data_ret = { ' fetchStatus ' : 0 , ' error_message ' : ' Un-authorized access. ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2019-07-16 23:23:16 +05:00
2020-06-02 15:57:02 +05:00
token = hashPassword . generateToken ( accountUsername , data [ ' passwordByPass ' ] )
password = hashPassword . hash_password ( data [ ' passwordByPass ' ] )
2017-10-24 19:16:36 +05:00
2020-06-02 15:57:02 +05:00
user . firstName = firstName
user . lastName = lastName
user . email = email
user . password = password
user . token = token
user . type = 0
2020-08-10 23:55:46 +05:00
user . twoFA = twofa
2017-10-24 19:16:36 +05:00
2020-06-02 15:57:02 +05:00
if securityLevel == ' LOW ' :
user . securityLevel = secMiddleware . LOW
else :
user . securityLevel = secMiddleware . HIGH
2019-11-12 14:01:29 +05:00
2020-06-02 15:57:02 +05:00
user . save ( )
2017-10-24 19:16:36 +05:00
2020-06-02 15:57:02 +05:00
adminEmailPath = ' /home/cyberpanel/adminEmail '
2020-01-30 21:38:39 +05:00
2020-06-02 15:57:02 +05:00
if accountUsername == ' admin ' :
writeToFile = open ( adminEmailPath , ' w ' )
writeToFile . write ( email )
writeToFile . close ( )
data_ret = { ' status ' : 1 , ' saveStatus ' : 1 , ' error_message ' : ' None ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2020-01-30 21:38:39 +05:00
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' saveStatus ' : 0 , ' error_message ' : str ( msg ) }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
except KeyError :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' saveStatus ' : 0 , ' error_message ' : " Not logged in as admin " , }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def deleteUser ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
2018-08-18 00:39:10 +05:00
2021-03-07 11:34:08 +05:00
if currentACL [ ' admin ' ] == 1 :
adminNames = ACLManager . loadDeletionUsers ( userID , currentACL )
proc = httpProc ( request , ' userManagment/deleteUser.html ' ,
{ " acctNames " : adminNames } )
return proc . render ( )
elif currentACL [ ' deleteUser ' ] == 1 :
adminNames = ACLManager . loadDeletionUsers ( userID , currentACL )
proc = httpProc ( request , ' userManagment/deleteUser.html ' ,
{ " acctNames " : adminNames } )
return proc . render ( )
else :
return ACLManager . loadError ( )
2017-10-24 19:16:36 +05:00
2021-10-16 00:28:44 +06:00
2017-10-24 19:16:36 +05:00
def submitUserDeletion ( request ) :
2020-06-01 19:36:36 +05:00
2017-10-24 19:16:36 +05:00
try :
2020-06-01 19:36:36 +05:00
try :
userID = request . session [ ' userID ' ]
except :
userID = request [ ' userID ' ]
2017-10-24 19:16:36 +05:00
try :
2020-06-01 19:36:36 +05:00
try :
2017-10-24 19:16:36 +05:00
data = json . loads ( request . body )
2020-06-01 19:36:36 +05:00
except :
data = request
2017-10-24 19:16:36 +05:00
2020-06-01 19:36:36 +05:00
accountUsername = data [ ' accountUsername ' ]
2017-10-24 19:16:36 +05:00
2020-09-15 09:35:55 +05:00
try :
force = data [ ' force ' ]
except :
force = 0
2020-06-01 19:36:36 +05:00
currentACL = ACLManager . loadedACL ( userID )
2018-11-16 14:41:40 +05:00
2020-06-01 19:36:36 +05:00
currentUser = Administrator . objects . get ( pk = userID )
userInQuestion = Administrator . objects . get ( userName = accountUsername )
2019-08-13 16:27:56 +05:00
2020-06-01 19:36:36 +05:00
if ACLManager . checkUserOwnerShip ( currentACL , currentUser , userInQuestion ) :
2020-09-15 09:35:55 +05:00
if force :
userACL = ACLManager . loadedACL ( userInQuestion . pk )
websitesName = ACLManager . findAllSites ( userACL , userInQuestion . pk )
from websiteFunctions . website import WebsiteManager
wm = WebsiteManager ( )
for website in websitesName :
wm . submitWebsiteDeletion ( userID , { ' websiteName ' : website } )
2020-06-01 19:36:36 +05:00
user = Administrator . objects . get ( userName = accountUsername )
2019-08-13 16:27:56 +05:00
2020-06-01 19:36:36 +05:00
childUsers = Administrator . objects . filter ( owner = user . pk )
2019-08-13 16:27:56 +05:00
2020-06-01 19:36:36 +05:00
for items in childUsers :
items . delete ( )
user . delete ( )
data_ret = { ' status ' : 1 , ' deleteStatus ' : 1 , ' error_message ' : ' None ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
else :
data_ret = { ' status ' : 0 , ' deleteStatus ' : 0 , ' error_message ' : ' Not enough privileges. ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2017-10-24 19:16:36 +05:00
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
data_ret = { ' status ' : 0 , ' deleteStatus ' : 0 , ' error_message ' : str ( msg ) }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
except KeyError :
2018-11-16 14:41:40 +05:00
data_ret = { ' deleteStatus ' : 0 , ' error_message ' : " Not logged in as admin " , }
2017-10-24 19:16:36 +05:00
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def createNewACL ( request ) :
2021-03-07 11:34:08 +05:00
proc = httpProc ( request , ' userManagment/createACL.html ' ,
None , ' admin ' )
return proc . render ( )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def createACLFunc ( request ) :
try :
val = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
data = json . loads ( request . body )
## Version Management
2021-02-22 10:18:50 +05:00
if data [ ' makeAdmin ' ] :
data [ ' adminStatus ' ] = 1
else :
data [ ' adminStatus ' ] = 0
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
newACL = ACL ( name = data [ ' aclName ' ] , config = json . dumps ( data ) )
2018-08-18 00:39:10 +05:00
newACL . save ( )
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 1 }
2018-08-18 00:39:10 +05:00
else :
2018-08-21 13:10:40 +05:00
return ACLManager . loadErrorJson ( )
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def deleteACL ( request ) :
2021-03-03 19:45:05 +05:00
aclNames = ACLManager . findAllACLs ( )
proc = httpProc ( request , ' userManagment/deleteACL.html ' ,
{ ' aclNames ' : aclNames } , ' admin ' )
return proc . render ( )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def deleteACLFunc ( request ) :
try :
val = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
data = json . loads ( request . body )
acl = ACL . objects . get ( name = data [ ' aclToBeDeleted ' ] )
if acl . administrator_set . all ( ) . count ( ) == 0 :
acl . delete ( )
finalResponse = { ' status ' : 1 }
else :
2019-08-13 16:27:56 +05:00
finalResponse = { ' status ' : 0 , ' errorMesssage ' : ' This ACL is currently in used by existing users. ' ,
' error_message ' : ' This ACL is currently in used by existing users. ' }
2018-08-18 00:39:10 +05:00
else :
2018-08-21 13:10:40 +05:00
return ACLManager . loadErrorJson ( )
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def modifyACL ( request ) :
2021-03-03 19:45:05 +05:00
aclNames = ACLManager . findAllACLs ( )
proc = httpProc ( request , ' userManagment/modifyACL.html ' ,
{ ' aclNames ' : aclNames } , ' admin ' )
return proc . render ( )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def fetchACLDetails ( request ) :
try :
val = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
data = json . loads ( request . body )
## Version Management
finalResponse = { }
acl = ACL . objects . get ( name = data [ ' aclToModify ' ] )
2021-02-22 10:18:50 +05:00
finalResponse = json . loads ( acl . config )
2018-08-18 00:39:10 +05:00
finalResponse [ ' status ' ] = 1
else :
2018-08-21 13:10:40 +05:00
return ACLManager . loadErrorJson ( )
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-08-18 00:39:10 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def submitACLModifications ( request ) :
try :
val = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
data = json . loads ( request . body )
## Version Management
acl = ACL . objects . get ( name = data [ ' aclToModify ' ] )
2021-10-16 00:28:44 +06:00
acl . config = json . dumps ( data )
2018-08-18 00:39:10 +05:00
acl . save ( )
2018-08-19 00:28:31 +05:00
if int ( data [ ' adminStatus ' ] ) == 1 :
allUsers = acl . administrator_set . all ( )
for items in allUsers :
items . type = 1
items . save ( )
else :
allUsers = acl . administrator_set . all ( )
for items in allUsers :
items . type = 3
items . save ( )
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 1 }
2018-08-18 00:39:10 +05:00
else :
finalResponse = ACLManager . loadErrorJson ( )
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
def changeUserACL ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
if currentACL [ ' admin ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
userNames = ACLManager . findAllUsers ( )
proc = httpProc ( request , ' userManagment/changeUserACL.html ' ,
{ ' aclNames ' : aclNames , ' usersList ' : userNames } , ' admin ' )
return proc . render ( )
elif currentACL [ ' changeUserACL ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
userNames = ACLManager . findAllUsers ( )
proc = httpProc ( request , ' userManagment/changeUserACL.html ' ,
{ ' aclNames ' : aclNames , ' usersList ' : userNames } )
return proc . render ( )
else :
return ACLManager . loadError ( )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def changeACLFunc ( request ) :
try :
val = request . session [ ' userID ' ]
2018-11-16 14:41:40 +05:00
data = json . loads ( request . body )
if data [ ' selectedUser ' ] == ' admin ' :
finalResponse = { ' status ' : 0 ,
' errorMessage ' : " Super user can not be modified. " ,
' error_message ' : " Super user can not be modified. " }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2018-08-18 00:39:10 +05:00
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
selectedACL = ACL . objects . get ( name = data [ ' selectedACL ' ] )
selectedUser = Administrator . objects . get ( userName = data [ ' selectedUser ' ] )
selectedUser . acl = selectedACL
selectedUser . save ( )
finalResponse = { ' status ' : 1 }
elif currentACL [ ' changeUserACL ' ] == 1 :
selectedACL = ACL . objects . get ( name = data [ ' selectedACL ' ] )
selectedUser = Administrator . objects . get ( userName = data [ ' selectedUser ' ] )
selectedUser . acl = selectedACL
selectedUser . save ( )
finalResponse = { ' status ' : 1 }
else :
finalResponse = ACLManager . loadErrorJson ( )
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def resellerCenter ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
if currentACL [ ' admin ' ] == 1 :
userNames = ACLManager . loadDeletionUsers ( userID , currentACL )
resellerPrivUsers = ACLManager . userWithResellerPriv ( userID )
proc = httpProc ( request , ' userManagment/resellerCenter.html ' ,
{ ' userToBeModified ' : userNames , ' resellerPrivUsers ' : resellerPrivUsers } )
return proc . render ( )
elif currentACL [ ' resellerCenter ' ] == 1 :
userNames = ACLManager . loadDeletionUsers ( userID , currentACL )
resellerPrivUsers = ACLManager . userWithResellerPriv ( userID )
proc = httpProc ( request , ' userManagment/resellerCenter.html ' ,
{ ' userToBeModified ' : userNames , ' resellerPrivUsers ' : resellerPrivUsers } )
return proc . render ( )
else :
return ACLManager . loadError ( )
2018-08-18 00:39:10 +05:00
2021-10-16 00:28:44 +06:00
2018-08-18 00:39:10 +05:00
def saveResellerChanges ( request ) :
try :
val = request . session [ ' userID ' ]
data = json . loads ( request . body )
2018-11-16 14:41:40 +05:00
if data [ ' userToBeModified ' ] == ' admin ' :
finalResponse = { ' status ' : 0 ,
' errorMessage ' : " Super user can not be modified. " ,
' error_message ' : " Super user can not be modified. " }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-07-16 23:23:16 +05:00
currentACL = ACLManager . loadedACL ( val )
if currentACL [ ' admin ' ] == 1 :
pass
elif currentACL [ ' resellerCenter ' ] == 1 :
pass
else :
return ACLManager . loadErrorJson ( )
2020-02-18 11:29:29 +05:00
loggedUser = Administrator . objects . get ( pk = val )
2018-08-18 00:39:10 +05:00
userToBeModified = Administrator . objects . get ( userName = data [ ' userToBeModified ' ] )
newOwner = Administrator . objects . get ( userName = data [ ' newOwner ' ] )
2020-02-18 11:29:29 +05:00
### Check user owners
if ACLManager . checkUserOwnerShip ( currentACL , loggedUser , userToBeModified ) == 0 or ACLManager . checkUserOwnerShip ( currentACL , loggedUser , newOwner ) == 0 :
return ACLManager . loadErrorJson ( )
2019-08-13 16:27:56 +05:00
try :
if ACLManager . websitesLimitCheck ( newOwner , data [ ' websitesLimit ' ] , userToBeModified ) == 0 :
finalResponse = { ' status ' : 0 ,
' errorMessage ' : " You ' ve reached maximum websites limit as a reseller. " ,
' error_message ' : " You ' ve reached maximum websites limit as a reseller. " }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
except :
pass
2018-08-18 00:39:10 +05:00
userToBeModified . owner = newOwner . pk
2019-08-13 16:27:56 +05:00
try :
userToBeModified . initWebsitesLimit = data [ ' websitesLimit ' ]
except :
pass
2018-08-18 00:39:10 +05:00
userToBeModified . save ( )
finalResponse = { ' status ' : 1 }
json_data = json . dumps ( finalResponse )
return HttpResponse ( json_data )
2019-12-10 15:09:10 +05:00
except BaseException as msg :
2018-11-16 14:41:40 +05:00
finalResponse = { ' status ' : 0 , ' errorMessage ' : str ( msg ) , ' error_message ' : str ( msg ) }
2018-08-18 00:39:10 +05:00
json_data = json . dumps ( finalResponse )
2018-11-16 14:41:40 +05:00
return HttpResponse ( json_data )
2019-08-13 16:27:56 +05:00
2021-10-16 00:28:44 +06:00
2019-08-13 16:27:56 +05:00
def listUsers ( request ) :
2021-03-07 11:34:08 +05:00
userID = request . session [ ' userID ' ]
currentACL = ACLManager . loadedACL ( userID )
if currentACL [ ' admin ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
elif currentACL [ ' changeUserACL ' ] == 1 :
aclNames = ACLManager . unFileteredACLs ( )
elif currentACL [ ' createNewUser ' ] == 1 :
aclNames = [ ' user ' ]
else :
aclNames = [ ]
if currentACL [ ' admin ' ] == 1 :
resellerPrivUsers = ACLManager . userWithResellerPriv ( userID )
elif currentACL [ ' resellerCenter ' ] == 1 :
resellerPrivUsers = ACLManager . userWithResellerPriv ( userID )
else :
resellerPrivUsers = [ ]
if currentACL [ ' admin ' ] == 1 :
proc = httpProc ( request , ' userManagment/listUsers.html ' ,
{ ' aclNames ' : aclNames , ' resellerPrivUsers ' : resellerPrivUsers } )
return proc . render ( )
elif currentACL [ ' listUsers ' ] == 1 :
proc = httpProc ( request , ' userManagment/listUsers.html ' ,
{ ' aclNames ' : aclNames , ' resellerPrivUsers ' : resellerPrivUsers } )
return proc . render ( )
else :
return ACLManager . loadError ( )
2019-08-13 16:27:56 +05:00
def fetchTableUsers ( request ) :
try :
2020-06-01 19:40:43 +05:00
try :
userID = request . session [ ' userID ' ]
except :
userID = request [ ' userID ' ]
2019-08-13 16:27:56 +05:00
currentACL = ACLManager . loadedACL ( userID )
if currentACL [ ' admin ' ] == 1 :
users = ACLManager . fetchTableUserObjects ( userID )
elif currentACL [ ' listUsers ' ] == 1 :
users = ACLManager . fetchTableUserObjects ( userID )
else :
return ACLManager . loadErrorJson ( )
json_data = " [ "
checker = 0
for items in users :
2021-01-18 14:01:26 +05:00
diskUsageCurrent = 0
2019-08-13 16:27:56 +05:00
for webs in items . websites_set . all ( ) :
2021-01-18 14:01:26 +05:00
DiskUsage , DiskUsagePercentage , bwInMB , bwUsage = virtualHostUtilities . FindStats ( webs )
diskUsageCurrent = DiskUsage + diskUsageCurrent
2021-07-21 12:31:18 +05:00
try :
owner = Administrator . objects . get ( pk = items . owner )
except :
### If user owner is deleted then owner is admin
items . owner = 1
items . save ( )
owner = Administrator . objects . get ( pk = 1 )
2019-08-13 16:27:56 +05:00
dic = { ' id ' : items . pk ,
' name ' : items . userName ,
' owner ' : owner . userName ,
' acl ' : items . acl . name ,
2021-01-18 14:01:26 +05:00
' diskUsage ' : ' %s MB ' % str ( diskUsageCurrent ) ,
2020-01-21 00:44:56 +05:00
' websites ' : items . initWebsitesLimit ,
' state ' : items . state
2019-08-13 16:27:56 +05:00
}
if checker == 0 :
json_data = json_data + json . dumps ( dic )
checker = 1
else :
json_data = json_data + ' , ' + json . dumps ( dic )
json_data = json_data + ' ] '
final_json = json . dumps ( { ' status ' : 1 , ' fetchStatus ' : 1 , ' error_message ' : " None " , " data " : json_data } )
return HttpResponse ( final_json )
except KeyError :
return redirect ( loadLoginPage )
2020-01-21 20:33:33 +05:00
2021-10-16 00:28:44 +06:00
2020-01-21 20:33:33 +05:00
def controlUserState ( request ) :
try :
try :
2020-06-02 15:49:08 +05:00
val = request . session [ ' userID ' ]
except :
val = request [ ' userID ' ]
try :
try :
2020-01-21 20:33:33 +05:00
data = json . loads ( request . body )
2020-06-02 15:49:08 +05:00
except :
data = request
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
accountUsername = data [ ' accountUsername ' ]
state = data [ ' state ' ]
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
user = Administrator . objects . get ( userName = accountUsername )
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
currentACL = ACLManager . loadedACL ( val )
loggedUser = Administrator . objects . get ( pk = val )
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
if currentACL [ ' admin ' ] == 1 :
pass
elif user . owner == loggedUser . pk :
pass
elif user . pk == loggedUser . pk :
pass
else :
data_ret = { ' fetchStatus ' : 0 , ' error_message ' : ' Un-authorized access. ' }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
if state == ' SUSPEND ' :
user . state = ' SUSPENDED '
else :
user . state = ' ACTIVE '
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
user . save ( )
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
extraArgs = { }
extraArgs [ ' user ' ] = user
extraArgs [ ' currentACL ' ] = ACLManager . loadedACL ( user . pk )
extraArgs [ ' state ' ] = state
2020-01-21 20:33:33 +05:00
2020-06-02 15:49:08 +05:00
from userManagment . userManager import UserManager
um = UserManager ( ' controlUserState ' , extraArgs )
um . start ( )
data_ret = { ' status ' : 1 }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
2020-01-21 20:33:33 +05:00
except BaseException as msg :
data_ret = { ' status ' : 0 , ' saveStatus ' : 0 , ' error_message ' : str ( msg ) }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
except KeyError :
data_ret = { ' status ' : 0 , ' saveStatus ' : 0 , ' error_message ' : " Not logged in as admin " , }
json_data = json . dumps ( data_ret )
return HttpResponse ( json_data )
