databases/views.py

# -*- coding: utf-8 -*-


from django.shortcuts import redirect, HttpResponse
from loginSystem.views import loadLoginPage
from .databaseManager import DatabaseManager
from .pluginManager import pluginManager
import json
from plogical.processUtilities import ProcessUtilities
from loginSystem.models import Administrator
from plogical.acl import ACLManager
from databases.models import GlobalUserDB
from plogical import randomPassword
from cryptography.fernet import Fernet
from plogical.mysqlUtilities import mysqlUtilities
# Create your views here.

def loadDatabaseHome(request):
    try:
        userID = request.session['userID']
        dm = DatabaseManager()
        return dm.loadDatabaseHome(request, userID)
    except KeyError:
        return redirect(loadLoginPage)

def createDatabase(request):
    try:
        result = pluginManager.preCreateDatabase(request)
        if result != 200:
            return result

        userID = request.session['userID']
        dm = DatabaseManager()
        coreResult = dm.createDatabase(request, userID)

        result = pluginManager.postCreateDatabase(request, coreResult)
        if result != 200:
            return result

        return coreResult


    except KeyError:
        return redirect(loadLoginPage)

def submitDBCreation(request):
    try:
        userID = request.session['userID']

        result = pluginManager.preSubmitDBCreation(request)
        if result != 200:
            return result

        dm = DatabaseManager()
        coreResult = dm.submitDBCreation(userID, json.loads(request.body))

        result = pluginManager.postSubmitDBCreation(request, coreResult)
        if result != 200:
            return result

        return coreResult

    except KeyError:
        return redirect(loadLoginPage)

def deleteDatabase(request):
    try:
        userID = request.session['userID']
        dm = DatabaseManager()
        return dm.deleteDatabase(request, userID)
    except KeyError:
        return redirect(loadLoginPage)

def fetchDatabases(request):
    try:
        userID = request.session['userID']
        dm = DatabaseManager()
        return dm.fetchDatabases(userID, json.loads(request.body))
    except KeyError:
        return redirect(loadLoginPage)

def submitDatabaseDeletion(request):
    try:
        userID = request.session['userID']
        result = pluginManager.preSubmitDatabaseDeletion(request)
        if result != 200:
            return result

        dm = DatabaseManager()
        coreResult = dm.submitDatabaseDeletion(userID, json.loads(request.body))

        result = pluginManager.postSubmitDatabaseDeletion(request, coreResult)
        if result != 200:
            return result

        return coreResult
    except KeyError:
        return redirect(loadLoginPage)

def listDBs(request):
    try:
        userID = request.session['userID']
        dm = DatabaseManager()
        return dm.listDBs(request, userID)
    except KeyError:
        return redirect(loadLoginPage)

def changePassword(request):
    try:
        userID = request.session['userID']

        result = pluginManager.preChangePassword(request)
        if result != 200:
            return result

        dm = DatabaseManager()
        coreResult = dm.changePassword(userID, json.loads(request.body))

        result = pluginManager.postChangePassword(request, coreResult)
        if result != 200:
            return result

        return coreResult
    except KeyError:
        return redirect(loadLoginPage)

def remoteAccess(request):
    try:
        userID = request.session['userID']

        dm = DatabaseManager()
        coreResult = dm.remoteAccess(userID, json.loads(request.body))

        return coreResult
    except KeyError:
        return redirect(loadLoginPage)

def allowRemoteIP(request):
    try:
        userID = request.session['userID']

        dm = DatabaseManager()
        coreResult = dm.allowRemoteIP(userID, json.loads(request.body))

        return coreResult
    except KeyError:
        return redirect(loadLoginPage)

def phpMyAdmin(request):
    try:
        userID = request.session['userID']
        dm = DatabaseManager()
        return dm.phpMyAdmin(request, userID)
    except KeyError:
        return redirect(loadLoginPage)

def generateAccess(request):
    try:

        userID = request.session['userID']
        admin = Administrator.objects.get(id = userID)
        currentACL = ACLManager.loadedACL(userID)

        try:
            gdb = GlobalUserDB.objects.get(username=admin.userName)
            token = randomPassword.generate_pass()
            gdb.token = token
            gdb.save()
        except:
            ## Key generation

            keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
            key = Fernet.generate_key()

            writeToFile = open(keySavePath, 'w')
            writeToFile.write(key.decode())
            writeToFile.close()

            command = 'chown root:root %s' % (keySavePath)
            ProcessUtilities.executioner(command)

            command = 'chmod 600 %s' % (keySavePath)
            ProcessUtilities.executioner(command)

            ##

            password = randomPassword.generate_pass()
            token = randomPassword.generate_pass()
            f = Fernet(key)
            GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(), token=token).save()

            sites = ACLManager.findWebsiteObjects(currentACL, userID)

            createUser = 1

            for site in sites:
                for db in site.databases_set.all():
                    mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, createUser)
                    createUser = 0

        data_ret = {'status': 1, 'token': token, 'username': admin.userName}
        json_data = json.dumps(data_ret)
        return HttpResponse(json_data)


    except BaseException as msg:
        data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
        json_data = json.dumps(data_ret)
        return HttpResponse(json_data)

def fetchDetailsPHPMYAdmin(request):
    try:


        userID = request.session['userID']
        admin = Administrator.objects.get(id = userID)
        currentACL = ACLManager.loadedACL(userID)

        token = request.GET.get('token')

        if token == 'FailedLogin':
            keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
            GlobalUserDB.objects.get(username=admin.userName).delete()

            command = 'rm -f %s' % (keySavePath)
            ProcessUtilities.executioner(command)

            key = Fernet.generate_key()

            writeToFile = open(keySavePath, 'w')
            writeToFile.write(key.decode())
            writeToFile.close()

            command = 'chown root:root %s' % (keySavePath)
            ProcessUtilities.executioner(command)

            command = 'chmod 600 %s' % (keySavePath)
            ProcessUtilities.executioner(command)

            ##

            password = randomPassword.generate_pass()
            token = randomPassword.generate_pass()
            f = Fernet(key)
            GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(),
                         token=token).save()

            sites = ACLManager.findWebsiteObjects(currentACL, userID)
            createUser = 1

            for site in sites:
                for db in site.databases_set.all():
                    mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, createUser)
                    createUser = 0

            returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password)
            return redirect(returnURL)


        username = request.GET.get('username')


        if username != admin.userName:
            return redirect(loadLoginPage)

        ## Key generation

        gdb = GlobalUserDB.objects.get(username=admin.userName)

        if gdb.token == token:
            keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
            key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode()
            f = Fernet(key)
            password = f.decrypt(gdb.password.encode('utf-8'))

            sites = ACLManager.findWebsiteObjects(currentACL, userID)

            createUser = 0

            for site in sites:
                for db in site.databases_set.all():
                    mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), createUser)
                    createUser = 0

            returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode())
            return redirect(returnURL)
        else:
            return redirect(loadLoginPage)


    except BaseException as msg:
        data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
        json_data = json.dumps(data_ret)
        return HttpResponse(json_data)
Initial Commit 2017-10-24 19:16:36 +05:00			`# -- coding: utf-8 --`
p3 2019-12-10 15:09:10 +05:00
Initial Commit 2017-10-24 19:16:36 +05:00
centralized execution ph2 2019-03-26 16:19:03 +05:00			`from django.shortcuts import redirect, HttpResponse`
Initial Commit 2017-10-24 19:16:36 +05:00			`from loginSystem.views import loadLoginPage`
fix imports 2019-12-11 10:40:35 +05:00			`from .databaseManager import DatabaseManager`
			`from .pluginManager import pluginManager`
Initial Commit 2017-10-24 19:16:36 +05:00			`import json`
centralized execution ph2 2019-03-26 16:19:03 +05:00			`from plogical.processUtilities import ProcessUtilities`
			`from loginSystem.models import Administrator`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`from plogical.acl import ACLManager`
			`from databases.models import GlobalUserDB`
			`from plogical import randomPassword`
			`from cryptography.fernet import Fernet`
			`from plogical.mysqlUtilities import mysqlUtilities`
Initial Commit 2017-10-24 19:16:36 +05:00			`# Create your views here.`

			`def loadDatabaseHome(request):`
			`try:`
Plugin installer 2018-10-08 22:12:05 +05:00			`userID = request.session['userID']`
			`dm = DatabaseManager()`
			`return dm.loadDatabaseHome(request, userID)`
Initial Commit 2017-10-24 19:16:36 +05:00			`except KeyError:`
			`return redirect(loadLoginPage)`

			`def createDatabase(request):`
			`try:`
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.preCreateDatabase(request)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`userID = request.session['userID']`
			`dm = DatabaseManager()`
			`coreResult = dm.createDatabase(request, userID)`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.postCreateDatabase(request, coreResult)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`return coreResult`
Initial Commit 2017-10-24 19:16:36 +05:00

			`except KeyError:`
			`return redirect(loadLoginPage)`

			`def submitDBCreation(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.preSubmitDBCreation(request)`
			`if result != 200:`
			`return result`
ACL Manager 2018-08-18 00:39:10 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
Events for Firewall and Bug fixes 2018-10-12 18:18:10 +05:00			`coreResult = dm.submitDBCreation(userID, json.loads(request.body))`
Bug fix to email policy server. 2018-06-30 15:29:56 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.postSubmitDBCreation(request, coreResult)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`return coreResult`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`except KeyError:`
			`return redirect(loadLoginPage)`
Initial Commit 2017-10-24 19:16:36 +05:00
			`def deleteDatabase(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
			`return dm.deleteDatabase(request, userID)`
Initial Commit 2017-10-24 19:16:36 +05:00			`except KeyError:`
			`return redirect(loadLoginPage)`

			`def fetchDatabases(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
			`return dm.fetchDatabases(userID, json.loads(request.body))`
Initial Commit 2017-10-24 19:16:36 +05:00			`except KeyError:`
Plugin installer 2018-10-08 22:12:05 +05:00			`return redirect(loadLoginPage)`
Initial Commit 2017-10-24 19:16:36 +05:00
			`def submitDatabaseDeletion(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.preSubmitDatabaseDeletion(request)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
			`coreResult = dm.submitDatabaseDeletion(userID, json.loads(request.body))`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.postSubmitDatabaseDeletion(request, coreResult)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`return coreResult`
			`except KeyError:`
			`return redirect(loadLoginPage)`
Initial Commit 2017-10-24 19:16:36 +05:00
			`def listDBs(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
			`return dm.listDBs(request, userID)`
Initial Commit 2017-10-24 19:16:36 +05:00			`except KeyError:`
			`return redirect(loadLoginPage)`

			`def changePassword(request):`
			`try:`
ACL Manager 2018-08-18 00:39:10 +05:00			`userID = request.session['userID']`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.preChangePassword(request)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`dm = DatabaseManager()`
			`coreResult = dm.changePassword(userID, json.loads(request.body))`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`result = pluginManager.postChangePassword(request, coreResult)`
			`if result != 200:`
			`return result`
Initial Commit 2017-10-24 19:16:36 +05:00
Plugin installer 2018-10-08 22:12:05 +05:00			`return coreResult`
			`except KeyError:`
			`return redirect(loadLoginPage)`
centralized execution ph2 2019-03-26 16:19:03 +05:00
db username 2020-07-16 22:30:29 +05:00			`def remoteAccess(request):`
			`try:`
			`userID = request.session['userID']`

			`dm = DatabaseManager()`
			`coreResult = dm.remoteAccess(userID, json.loads(request.body))`

			`return coreResult`
			`except KeyError:`
			`return redirect(loadLoginPage)`

finish allow remote access for db user 2020-07-17 00:12:09 +05:00			`def allowRemoteIP(request):`
			`try:`
			`userID = request.session['userID']`

			`dm = DatabaseManager()`
			`coreResult = dm.allowRemoteIP(userID, json.loads(request.body))`

			`return coreResult`
			`except KeyError:`
			`return redirect(loadLoginPage)`

centralized execution ph2 2019-03-26 16:19:03 +05:00			`def phpMyAdmin(request):`
			`try:`
			`userID = request.session['userID']`
			`dm = DatabaseManager()`
			`return dm.phpMyAdmin(request, userID)`
			`except KeyError:`
			`return redirect(loadLoginPage)`

phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`def generateAccess(request):`
centralized execution ph2 2019-03-26 16:19:03 +05:00			`try:`

			`userID = request.session['userID']`
			`admin = Administrator.objects.get(id = userID)`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`currentACL = ACLManager.loadedACL(userID)`
centralized execution ph2 2019-03-26 16:19:03 +05:00
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`try:`
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`gdb = GlobalUserDB.objects.get(username=admin.userName)`
			`token = randomPassword.generate_pass()`
			`gdb.token = token`
			`gdb.save()`
			`except:`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`## Key generation`

			`keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)`
			`key = Fernet.generate_key()`

			`writeToFile = open(keySavePath, 'w')`
			`writeToFile.write(key.decode())`
			`writeToFile.close()`

			`command = 'chown root:root %s' % (keySavePath)`
			`ProcessUtilities.executioner(command)`

			`command = 'chmod 600 %s' % (keySavePath)`
			`ProcessUtilities.executioner(command)`

			`##`

			`password = randomPassword.generate_pass()`
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`token = randomPassword.generate_pass()`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`f = Fernet(key)`
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(), token=token).save()`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00
			`sites = ACLManager.findWebsiteObjects(currentACL, userID)`

			`createUser = 1`

			`for site in sites:`
			`for db in site.databases_set.all():`
			`mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, createUser)`
			`createUser = 0`

complete phpmyadmin 2020-08-09 12:45:18 +05:00			`data_ret = {'status': 1, 'token': token, 'username': admin.userName}`
			`json_data = json.dumps(data_ret)`
			`return HttpResponse(json_data)`


			`except BaseException as msg:`
			`data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}`
phpmyadmin autologin: access keys generation 2020-08-09 00:27:57 +05:00			`json_data = json.dumps(data_ret)`
			`return HttpResponse(json_data)`
centralized execution ph2 2019-03-26 16:19:03 +05:00
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`def fetchDetailsPHPMYAdmin(request):`
			`try:`


			`userID = request.session['userID']`
			`admin = Administrator.objects.get(id = userID)`
			`currentACL = ACLManager.loadedACL(userID)`

			`token = request.GET.get('token')`

regenerate credentials upon failed login 2020-09-04 10:08:03 +05:00			`if token == 'FailedLogin':`
			`keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)`
			`GlobalUserDB.objects.get(username=admin.userName).delete()`

			`command = 'rm -f %s' % (keySavePath)`
			`ProcessUtilities.executioner(command)`

			`key = Fernet.generate_key()`

			`writeToFile = open(keySavePath, 'w')`
			`writeToFile.write(key.decode())`
			`writeToFile.close()`

			`command = 'chown root:root %s' % (keySavePath)`
			`ProcessUtilities.executioner(command)`

			`command = 'chmod 600 %s' % (keySavePath)`
			`ProcessUtilities.executioner(command)`

			`##`

			`password = randomPassword.generate_pass()`
			`token = randomPassword.generate_pass()`
			`f = Fernet(key)`
			`GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(),`
			`token=token).save()`

			`sites = ACLManager.findWebsiteObjects(currentACL, userID)`
			`createUser = 1`

			`for site in sites:`
			`for db in site.databases_set.all():`
			`mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, createUser)`
			`createUser = 0`

			`returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password)`
			`return redirect(returnURL)`


			`username = request.GET.get('username')`


complete phpmyadmin 2020-08-09 12:45:18 +05:00			`if username != admin.userName:`
			`return redirect(loadLoginPage)`

			`## Key generation`

			`gdb = GlobalUserDB.objects.get(username=admin.userName)`

			`if gdb.token == token:`
			`keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)`
			`key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode()`
			`f = Fernet(key)`
			`password = f.decrypt(gdb.password.encode('utf-8'))`

			`sites = ACLManager.findWebsiteObjects(currentACL, userID)`

			`createUser = 0`

			`for site in sites:`
			`for db in site.databases_set.all():`
			`mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), createUser)`
			`createUser = 0`

configure phpmyadmin config.inc for auto login 2020-08-10 11:40:00 +05:00			`returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode())`
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`return redirect(returnURL)`
			`else:`
			`return redirect(loadLoginPage)`

centralized execution ph2 2019-03-26 16:19:03 +05:00
p3 2019-12-10 15:09:10 +05:00			`except BaseException as msg:`
centralized execution ph2 2019-03-26 16:19:03 +05:00			`data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}`
			`json_data = json.dumps(data_ret)`
configure phpmyadmin config.inc for auto login 2020-08-10 11:40:00 +05:00			`return HttpResponse(json_data)`