2017-10-24 19:16:36 +05:00
|
|
|
# -*- coding: utf-8 -*-
|
2019-12-10 15:09:10 +05:00
|
|
|
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2019-03-26 16:19:03 +05:00
|
|
|
from django.shortcuts import redirect, HttpResponse
|
2017-10-24 19:16:36 +05:00
|
|
|
from loginSystem.views import loadLoginPage
|
2019-12-11 10:40:35 +05:00
|
|
|
from .databaseManager import DatabaseManager
|
|
|
|
|
from .pluginManager import pluginManager
|
2017-10-24 19:16:36 +05:00
|
|
|
import json
|
2019-03-26 16:19:03 +05:00
|
|
|
from plogical.processUtilities import ProcessUtilities
|
|
|
|
|
from loginSystem.models import Administrator
|
2020-08-09 00:27:57 +05:00
|
|
|
from plogical.acl import ACLManager
|
|
|
|
|
from databases.models import GlobalUserDB
|
|
|
|
|
from plogical import randomPassword
|
|
|
|
|
from cryptography.fernet import Fernet
|
|
|
|
|
from plogical.mysqlUtilities import mysqlUtilities
|
2020-09-16 13:24:48 +05:00
|
|
|
from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging
|
2017-10-24 19:16:36 +05:00
|
|
|
# Create your views here.
|
|
|
|
|
|
|
|
|
|
def loadDatabaseHome(request):
|
|
|
|
|
try:
|
2018-10-08 22:12:05 +05:00
|
|
|
userID = request.session['userID']
|
|
|
|
|
dm = DatabaseManager()
|
|
|
|
|
return dm.loadDatabaseHome(request, userID)
|
2017-10-24 19:16:36 +05:00
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
|
|
|
|
def createDatabase(request):
|
|
|
|
|
try:
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.preCreateDatabase(request)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
userID = request.session['userID']
|
|
|
|
|
dm = DatabaseManager()
|
|
|
|
|
coreResult = dm.createDatabase(request, userID)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.postCreateDatabase(request, coreResult)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
return coreResult
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
|
|
|
|
def submitDBCreation(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.preSubmitDBCreation(request)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2018-08-18 00:39:10 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
2018-10-12 18:18:10 +05:00
|
|
|
coreResult = dm.submitDBCreation(userID, json.loads(request.body))
|
2018-06-30 15:29:56 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.postSubmitDBCreation(request, coreResult)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
return coreResult
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
def deleteDatabase(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
|
|
|
|
return dm.deleteDatabase(request, userID)
|
2017-10-24 19:16:36 +05:00
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
|
|
|
|
def fetchDatabases(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
|
|
|
|
return dm.fetchDatabases(userID, json.loads(request.body))
|
2017-10-24 19:16:36 +05:00
|
|
|
except KeyError:
|
2018-10-08 22:12:05 +05:00
|
|
|
return redirect(loadLoginPage)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
def submitDatabaseDeletion(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.preSubmitDatabaseDeletion(request)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
|
|
|
|
coreResult = dm.submitDatabaseDeletion(userID, json.loads(request.body))
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.postSubmitDatabaseDeletion(request, coreResult)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
return coreResult
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
2017-10-24 19:16:36 +05:00
|
|
|
|
|
|
|
|
def listDBs(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
|
|
|
|
return dm.listDBs(request, userID)
|
2017-10-24 19:16:36 +05:00
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
|
|
|
|
def changePassword(request):
|
|
|
|
|
try:
|
2018-08-18 00:39:10 +05:00
|
|
|
userID = request.session['userID']
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.preChangePassword(request)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
dm = DatabaseManager()
|
|
|
|
|
coreResult = dm.changePassword(userID, json.loads(request.body))
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
result = pluginManager.postChangePassword(request, coreResult)
|
|
|
|
|
if result != 200:
|
|
|
|
|
return result
|
2017-10-24 19:16:36 +05:00
|
|
|
|
2018-10-08 22:12:05 +05:00
|
|
|
return coreResult
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
2019-03-26 16:19:03 +05:00
|
|
|
|
2020-07-16 22:30:29 +05:00
|
|
|
def remoteAccess(request):
|
|
|
|
|
try:
|
|
|
|
|
userID = request.session['userID']
|
|
|
|
|
|
|
|
|
|
dm = DatabaseManager()
|
|
|
|
|
coreResult = dm.remoteAccess(userID, json.loads(request.body))
|
|
|
|
|
|
|
|
|
|
return coreResult
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
2020-07-17 00:12:09 +05:00
|
|
|
def allowRemoteIP(request):
|
|
|
|
|
try:
|
|
|
|
|
userID = request.session['userID']
|
|
|
|
|
|
|
|
|
|
dm = DatabaseManager()
|
|
|
|
|
coreResult = dm.allowRemoteIP(userID, json.loads(request.body))
|
|
|
|
|
|
|
|
|
|
return coreResult
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
2019-03-26 16:19:03 +05:00
|
|
|
def phpMyAdmin(request):
|
|
|
|
|
try:
|
|
|
|
|
userID = request.session['userID']
|
|
|
|
|
dm = DatabaseManager()
|
|
|
|
|
return dm.phpMyAdmin(request, userID)
|
|
|
|
|
except KeyError:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
2020-08-09 00:27:57 +05:00
|
|
|
def generateAccess(request):
|
2019-03-26 16:19:03 +05:00
|
|
|
try:
|
|
|
|
|
|
2020-09-16 13:24:48 +05:00
|
|
|
|
2019-03-26 16:19:03 +05:00
|
|
|
userID = request.session['userID']
|
|
|
|
|
admin = Administrator.objects.get(id = userID)
|
2020-08-09 00:27:57 +05:00
|
|
|
currentACL = ACLManager.loadedACL(userID)
|
2019-03-26 16:19:03 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
|
2020-08-09 00:27:57 +05:00
|
|
|
try:
|
2020-09-06 01:51:58 +05:00
|
|
|
GlobalUserDB.objects.get(username=admin.userName).delete()
|
2020-08-09 12:45:18 +05:00
|
|
|
except:
|
2020-09-06 01:51:58 +05:00
|
|
|
pass
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
command = 'rm -f %s' % (keySavePath)
|
|
|
|
|
ProcessUtilities.executioner(command)
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
## Create and save new key
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
key = Fernet.generate_key()
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
writeToFile = open(keySavePath, 'w')
|
|
|
|
|
writeToFile.write(key.decode())
|
|
|
|
|
writeToFile.close()
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
command = 'chown root:root %s' % (keySavePath)
|
|
|
|
|
ProcessUtilities.executioner(command)
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
command = 'chmod 600 %s' % (keySavePath)
|
|
|
|
|
ProcessUtilities.executioner(command)
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
##
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-16 13:24:48 +05:00
|
|
|
logging.writeToFile('a')
|
|
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
password = randomPassword.generate_pass()
|
|
|
|
|
token = randomPassword.generate_pass()
|
|
|
|
|
f = Fernet(key)
|
|
|
|
|
GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(),
|
|
|
|
|
token=token).save()
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-09-06 01:51:58 +05:00
|
|
|
sites = ACLManager.findWebsiteObjects(currentACL, userID)
|
2020-09-16 19:56:52 +05:00
|
|
|
mysqlUtilities.addUserToDB(None, None, password, 1)
|
2020-09-06 01:51:58 +05:00
|
|
|
|
|
|
|
|
for site in sites:
|
|
|
|
|
for db in site.databases_set.all():
|
2020-09-16 13:42:04 +05:00
|
|
|
mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, 0)
|
2020-08-09 00:27:57 +05:00
|
|
|
|
2020-08-09 12:45:18 +05:00
|
|
|
data_ret = {'status': 1, 'token': token, 'username': admin.userName}
|
|
|
|
|
json_data = json.dumps(data_ret)
|
|
|
|
|
return HttpResponse(json_data)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
except BaseException as msg:
|
2020-09-16 13:24:48 +05:00
|
|
|
logging.writeToFile(str(msg))
|
2020-08-09 12:45:18 +05:00
|
|
|
data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
|
2020-08-09 00:27:57 +05:00
|
|
|
json_data = json.dumps(data_ret)
|
|
|
|
|
return HttpResponse(json_data)
|
2019-03-26 16:19:03 +05:00
|
|
|
|
2020-08-09 12:45:18 +05:00
|
|
|
def fetchDetailsPHPMYAdmin(request):
|
|
|
|
|
try:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
userID = request.session['userID']
|
|
|
|
|
admin = Administrator.objects.get(id = userID)
|
|
|
|
|
currentACL = ACLManager.loadedACL(userID)
|
|
|
|
|
|
|
|
|
|
token = request.GET.get('token')
|
2020-09-04 19:25:05 +05:00
|
|
|
username = request.GET.get('username')
|
2020-08-09 12:45:18 +05:00
|
|
|
|
2020-09-04 10:08:03 +05:00
|
|
|
|
2020-08-09 12:45:18 +05:00
|
|
|
if username != admin.userName:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
|
|
|
|
## Key generation
|
|
|
|
|
|
|
|
|
|
gdb = GlobalUserDB.objects.get(username=admin.userName)
|
|
|
|
|
|
|
|
|
|
if gdb.token == token:
|
|
|
|
|
keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
|
|
|
|
|
key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode()
|
|
|
|
|
f = Fernet(key)
|
|
|
|
|
password = f.decrypt(gdb.password.encode('utf-8'))
|
|
|
|
|
|
|
|
|
|
sites = ACLManager.findWebsiteObjects(currentACL, userID)
|
|
|
|
|
|
|
|
|
|
for site in sites:
|
|
|
|
|
for db in site.databases_set.all():
|
2020-09-16 13:42:04 +05:00
|
|
|
mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), 0)
|
2020-08-09 12:45:18 +05:00
|
|
|
|
2020-08-10 11:40:00 +05:00
|
|
|
returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode())
|
2020-08-09 12:45:18 +05:00
|
|
|
return redirect(returnURL)
|
|
|
|
|
else:
|
|
|
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
2019-03-26 16:19:03 +05:00
|
|
|
|
2019-12-10 15:09:10 +05:00
|
|
|
except BaseException as msg:
|
2019-03-26 16:19:03 +05:00
|
|
|
data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
|
|
|
|
|
json_data = json.dumps(data_ret)
|
2020-08-10 11:40:00 +05:00
|
|
|
return HttpResponse(json_data)
|
