Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-05 12:55:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b51ef9df65f6b935da2f14f94dd679d1cd24e6ba
CyberPanel/userManagment/views.py

1069 lines
38 KiB
Python
Raw Normal View History

Initial Commit
2017-10-24 19:16:36 +05:00
# -*- coding: utf-8 -*-
p3
2019-12-10 15:09:10 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
from django.shortcuts import render, redirect
Initial Commit
2017-10-24 19:16:36 +05:00
from django.http import HttpResponse
from loginSystem.views import loadLoginPage
ACL Manager
2018-08-18 00:39:10 +05:00
from loginSystem.models import Administrator, ACL
Initial Commit
2017-10-24 19:16:36 +05:00
import json
from plogical import hashPassword
from plogical import CyberCPLogFileWriter as logging
ACL Manager
2018-08-18 00:39:10 +05:00
from plogical.acl import ACLManager
v1.8.9
2019-08-13 16:27:56 +05:00
from plogical.virtualHostUtilities import virtualHostUtilities
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
from CyberCP.secMiddleware import secMiddleware
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
# Create your views here.
def loadUserHome(request):
try:
val = request.session['userID']
try:
admin = Administrator.objects.get(pk=val)
LIST USERS should also be available from the /users/ page.
2019-08-17 02:11:08 +05:00
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
listUsers = 1
else:
listUsers = currentACL['listUsers']
return render(request, 'userManagment/index.html', {"type": admin.type, 'listUsers': listUsers})
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
Initial Commit
2017-10-24 19:16:36 +05:00
logging.CyberCPLogFileWriter.writeToFile(str(msg))
return HttpResponse(str(msg))
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def viewProfile(request):
try:
userID = request.session['userID']
admin = Administrator.objects.get(pk=userID)
AdminData = {}
AdminData['userName'] = admin.userName
AdminData['firstName'] = admin.firstName
AdminData['lastName'] = admin.lastName
AdminData['websitesLimit'] = admin.initWebsitesLimit
AdminData['email'] = admin.email
ACL Manager
2018-08-18 00:39:10 +05:00
AdminData['accountACL'] = admin.acl.name
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/userProfile.html', AdminData)
Initial Commit
2017-10-24 19:16:36 +05:00
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def createUser(request):
try:
userID = request.session['userID']
ACL Manager
2018-08-18 00:39:10 +05:00
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/createUser.html', {'aclNames': aclNames})
ACL Manager
2018-08-18 00:39:10 +05:00
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
return render(request, 'userManagment/createUser.html', {'aclNames': aclNames})
elif currentACL['createNewUser'] == 1:
aclNames = ['user']
return render(request, 'userManagment/createUser.html', {'aclNames': aclNames})
else:
return ACLManager.loadError()
Initial Commit
2017-10-24 19:16:36 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
ACL Manager
2018-08-18 00:39:10 +05:00
logging.CyberCPLogFileWriter.writeToFile(str(msg))
Initial Commit
2017-10-24 19:16:36 +05:00
return redirect(loadLoginPage)
v1.8.9
2019-08-13 16:27:56 +05:00
centralized execution ph3
2019-03-30 14:21:52 +05:00
def apiAccess(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
adminNames.append("admin")
return render(request, 'userManagment/apiAccess.html', {'acctNames': adminNames})
else:
return ACLManager.loadError()
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
centralized execution ph3
2019-03-30 14:21:52 +05:00
logging.CyberCPLogFileWriter.writeToFile(str(msg))
return redirect(loadLoginPage)
def saveChangesAPIAccess(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
data = json.loads(request.body)
if currentACL['admin'] != 1:
finalResponse = {'status': 0, "error_message": "Only administrators are allowed to perform this task."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
else:
accountUsername = data['accountUsername']
access = data['access']
userAcct = Administrator.objects.get(userName=accountUsername)
if access == "Enable":
userAcct.api = 1
else:
userAcct.api = 0
userAcct.save()
finalResponse = {'status': 1}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
centralized execution ph3
2019-03-30 14:21:52 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
Initial Commit
2017-10-24 19:16:36 +05:00
def submitUserCreation(request):
try:
ACL Manager
2018-08-18 00:39:10 +05:00
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
data = json.loads(request.body)
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
userName = data['userName']
password = data['password']
websitesLimit = data['websitesLimit']
selectedACL = data['selectedACL']
bug fix: default value for security level
2020-01-18 10:16:38 +05:00
try:
securityLevel = data['securityLevel']
except:
securityLevel = 'HIGH'
ACL Manager
2018-08-18 00:39:10 +05:00
selectedACL = ACL.objects.get(name=selectedACL)
if selectedACL.adminStatus == 1:
type = 1
Initial Commit
2017-10-24 19:16:36 +05:00
else:
ACL Manager
2018-08-18 00:39:10 +05:00
type = 3
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
if securityLevel == 'LOW':
securityLevel = secMiddleware.LOW
else:
securityLevel = secMiddleware.HIGH
change auth type for cloud api
2018-11-20 15:43:43 +05:00
token = hashPassword.generateToken(userName, password)
ACL Manager
2018-08-18 00:39:10 +05:00
password = hashPassword.hash_password(password)
currentAdmin = Administrator.objects.get(pk=userID)
if ACLManager.websitesLimitCheck(currentAdmin, websitesLimit) == 0:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "You've reached maximum websites limit as a reseller."}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
if currentACL['admin'] == 1:
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
elif currentACL['changeUserACL'] == 1:
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
elif currentACL['createNewUser'] == 1:
security check for user creation
2020-01-21 19:53:58 +05:00
if selectedACL != 'user':
data_ret = {'status': 0, 'createStatus': 0,
'error_message': "You are not authorized to access this resource."}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
ACL Manager
2018-08-18 00:39:10 +05:00
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
else:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "You are not authorized to access this resource."}
Language updates and Bug fixes to user managment.
2017-10-30 14:34:07 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 1, 'createStatus': 1,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "None"}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
Initial Commit
2017-10-24 19:16:36 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
def modifyUsers(request):
try:
userID = request.session['userID']
ACL Manager
2018-08-18 00:39:10 +05:00
adminNames = ACLManager.loadAllUsers(userID)
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/modifyUser.html', {"acctNames": adminNames})
Initial Commit
2017-10-24 19:16:36 +05:00
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def fetchUserDetails(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
accountUsername = data['accountUsername']
user = Administrator.objects.get(userName=accountUsername)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Initial Commit
2017-10-24 19:16:36 +05:00
firstName = user.firstName
lastName = user.lastName
email = user.email
websitesLimit = user.initWebsitesLimit
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
securityLevel = ''
if user.securityLevel == secMiddleware.LOW:
securityLevel = 'Low'
else:
securityLevel = 'High'
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
userDetails = {
"id": user.id,
"firstName": firstName,
"lastName": lastName,
"email": email,
"acl": user.acl.name,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
"websitesLimit": websitesLimit,
"securityLevel": securityLevel
combine robert changes
2018-11-16 14:41:40 +05:00
}
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
Initial Commit
2017-10-24 19:16:36 +05:00
data_ret = {'fetchStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'fetchStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def saveModifications(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
accountUsername = data['accountUsername']
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
bug fix: default value for security level
2020-01-18 10:16:38 +05:00
try:
securityLevel = data['securityLevel']
except:
securityLevel = 'HIGH'
Initial Commit
2017-10-24 19:16:36 +05:00
user = Administrator.objects.get(userName=accountUsername)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
bug fix: ignore password filter
2019-12-06 16:21:13 +05:00
token = hashPassword.generateToken(accountUsername, data['passwordByPass'])
password = hashPassword.hash_password(data['passwordByPass'])
Initial Commit
2017-10-24 19:16:36 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
user.firstName = firstName
user.lastName = lastName
user.email = email
user.password = password
change auth type for cloud api
2018-11-20 15:43:43 +05:00
user.token = token
ACL Manager
2018-08-18 00:39:10 +05:00
user.type = 0
Initial Commit
2017-10-24 19:16:36 +05:00
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
if securityLevel == 'LOW':
user.securityLevel = secMiddleware.LOW
else:
user.securityLevel = secMiddleware.HIGH
ACL Manager
2018-08-18 00:39:10 +05:00
user.save()
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def deleteUser(request):
try:
userID = request.session['userID']
ACL Manager
2018-08-18 00:39:10 +05:00
currentACL = ACLManager.loadedACL(userID)
Initial Commit
2017-10-24 19:16:36 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
if currentACL['admin'] == 1:
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
return render(request, 'userManagment/deleteUser.html', {"acctNames": adminNames})
elif currentACL['deleteUser'] == 1:
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
return render(request, 'userManagment/deleteUser.html', {"acctNames": adminNames})
Initial Commit
2017-10-24 19:16:36 +05:00
else:
ACL Manager
2018-08-18 00:39:10 +05:00
return ACLManager.loadError()
Initial Commit
2017-10-24 19:16:36 +05:00
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def submitUserDeletion(request):
try:
ACL Manager
2018-08-18 00:39:10 +05:00
userID = request.session['userID']
Initial Commit
2017-10-24 19:16:36 +05:00
try:
if request.method == 'POST':
data = json.loads(request.body)
accountUsername = data['accountUsername']
ACL Manager
2018-08-18 00:39:10 +05:00
currentACL = ACLManager.loadedACL(userID)
Initial Commit
2017-10-24 19:16:36 +05:00
bug fix to wp staging
2019-08-03 14:53:31 +05:00
currentUser = Administrator.objects.get(pk=userID)
userInQuestion = Administrator.objects.get(userName=accountUsername)
combine robert changes
2018-11-16 14:41:40 +05:00
bug fix to wp staging
2019-08-03 14:53:31 +05:00
if ACLManager.checkUserOwnerShip(currentACL, currentUser, userInQuestion):
Bug fix to email policy server.
2018-06-30 15:29:56 +05:00
user = Administrator.objects.get(userName=accountUsername)
v1.8.9
2019-08-13 16:27:56 +05:00
childUsers = Administrator.objects.filter(owner=user.pk)
for items in childUsers:
items.delete()
Bug fix to email policy server.
2018-06-30 15:29:56 +05:00
user.delete()
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': 'None'}
Bug fix to email policy server.
2018-06-30 15:29:56 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
bug fix to wp staging
2019-08-03 14:53:31 +05:00
data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': 'Not enough privileges.'}
Bug fix to email policy server.
2018-06-30 15:29:56 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Initial Commit
2017-10-24 19:16:36 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'deleteStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def createNewACL(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
return render(request, 'userManagment/createACL.html')
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def createACLFunc(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
newACL = ACL(name=data['aclName'],
combine robert changes
2018-11-16 14:41:40 +05:00
adminStatus=int(data['makeAdmin']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
versionManagement=int(data['versionManagement']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## User Management
createNewUser=int(data['createNewUser']),
v1.8.9
2019-08-13 16:27:56 +05:00
listUsers=int(data['listUsers']),
combine robert changes
2018-11-16 14:41:40 +05:00
resellerCenter=int(data['resellerCenter']),
deleteUser=int(data['deleteUser']),
changeUserACL=int(data['changeUserACL']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## Website Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createWebsite=int(data['createWebsite']),
modifyWebsite=int(data['modifyWebsite']),
suspendWebsite=int(data['suspendWebsite']),
deleteWebsite=int(data['deleteWebsite']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## Package Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createPackage=int(data['createPackage']),
v1.8.9
2019-08-13 16:27:56 +05:00
listPackages=int(data['listPackages']),
combine robert changes
2018-11-16 14:41:40 +05:00
deletePackage=int(data['deletePackage']),
modifyPackage=int(data['modifyPackage']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## Database Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createDatabase=int(data['createDatabase']),
deleteDatabase=int(data['deleteDatabase']),
listDatabases=int(data['listDatabases']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## DNS Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createNameServer=int(data['createNameServer']),
createDNSZone=int(data['createDNSZone']),
deleteZone=int(data['deleteZone']),
addDeleteRecords=int(data['addDeleteRecords']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## Email Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createEmail=int(data['createEmail']),
v1.8.9
2019-08-13 16:27:56 +05:00
listEmails=int(data['listEmails']),
combine robert changes
2018-11-16 14:41:40 +05:00
deleteEmail=int(data['deleteEmail']),
emailForwarding=int(data['emailForwarding']),
changeEmailPassword=int(data['changeEmailPassword']),
dkimManager=int(data['dkimManager']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## FTP Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createFTPAccount=int(data['createFTPAccount']),
deleteFTPAccount=int(data['deleteFTPAccount']),
listFTPAccounts=int(data['listFTPAccounts']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## Backup Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
createBackup=int(data['createBackup']),
restoreBackup=int(data['restoreBackup']),
addDeleteDestinations=int(data['addDeleteDestinations']),
scheDuleBackups=int(data['scheDuleBackups']),
remoteBackups=int(data['remoteBackups']),
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
## SSL Management
ACL Manager
2018-08-18 00:39:10 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
manageSSL=int(data['manageSSL']),
hostnameSSL=int(data['hostnameSSL']),
mailServerSSL=int(data['mailServerSSL']),
)
ACL Manager
2018-08-18 00:39:10 +05:00
newACL.save()
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 1}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def deleteACL(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.findAllACLs()
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/deleteACL.html', {'aclNames': aclNames})
ACL Manager
2018-08-18 00:39:10 +05:00
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
v1.8.9
2019-08-13 16:27:56 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def deleteACLFunc(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
acl = ACL.objects.get(name=data['aclToBeDeleted'])
if acl.administrator_set.all().count() == 0:
acl.delete()
finalResponse = {'status': 1}
else:
v1.8.9
2019-08-13 16:27:56 +05:00
finalResponse = {'status': 0, 'errorMesssage': 'This ACL is currently in used by existing users.',
'error_message': 'This ACL is currently in used by existing users.'}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def modifyACL(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.findAllACLs()
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/modifyACL.html', {'aclNames': aclNames})
ACL Manager
2018-08-18 00:39:10 +05:00
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def fetchACLDetails(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
finalResponse = {}
acl = ACL.objects.get(name=data['aclToModify'])
finalResponse['versionManagement'] = acl.versionManagement
finalResponse['adminStatus'] = acl.adminStatus
## User Management
finalResponse['createNewUser'] = acl.createNewUser
v1.8.9
2019-08-13 16:27:56 +05:00
finalResponse['listUsers'] = acl.listUsers
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse['resellerCenter'] = acl.resellerCenter
finalResponse['deleteUser'] = acl.deleteUser
finalResponse['changeUserACL'] = acl.changeUserACL
## Website Management
finalResponse['createWebsite'] = acl.createWebsite
finalResponse['modifyWebsite'] = acl.modifyWebsite
finalResponse['suspendWebsite'] = acl.suspendWebsite
finalResponse['deleteWebsite'] = acl.deleteWebsite
## Package Management
finalResponse['createPackage'] = acl.createPackage
v1.8.9
2019-08-13 16:27:56 +05:00
finalResponse['listPackages'] = acl.listPackages
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse['deletePackage'] = acl.deletePackage
finalResponse['modifyPackage'] = acl.modifyPackage
## Database Management
finalResponse['createDatabase'] = acl.createDatabase
finalResponse['deleteDatabase'] = acl.deleteDatabase
finalResponse['listDatabases'] = acl.listDatabases
## DNS Management
finalResponse['createNameServer'] = acl.createNameServer
finalResponse['createDNSZone'] = acl.createDNSZone
finalResponse['deleteZone'] = acl.deleteZone
finalResponse['addDeleteRecords'] = acl.addDeleteRecords
## Email Management
finalResponse['createEmail'] = acl.createEmail
v1.8.9
2019-08-13 16:27:56 +05:00
finalResponse['listEmails'] = acl.listEmails
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse['deleteEmail'] = acl.deleteEmail
finalResponse['emailForwarding'] = acl.emailForwarding
finalResponse['changeEmailPassword'] = acl.changeEmailPassword
finalResponse['dkimManager'] = acl.dkimManager
## FTP Management
finalResponse['createFTPAccount'] = acl.createFTPAccount
finalResponse['deleteFTPAccount'] = acl.deleteFTPAccount
finalResponse['listFTPAccounts'] = acl.listFTPAccounts
## Backup Management
finalResponse['createBackup'] = acl.createBackup
finalResponse['restoreBackup'] = acl.restoreBackup
finalResponse['addDeleteDestinations'] = acl.addDeleteDestinations
finalResponse['scheDuleBackups'] = acl.scheDuleBackups
finalResponse['remoteBackups'] = acl.remoteBackups
## SSL Management
finalResponse['manageSSL'] = acl.manageSSL
finalResponse['hostnameSSL'] = acl.hostnameSSL
finalResponse['mailServerSSL'] = acl.mailServerSSL
finalResponse['status'] = 1
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg)}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def submitACLModifications(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
acl = ACL.objects.get(name=data['aclToModify'])
acl.adminStatus = int(data['adminStatus'])
acl.versionManagement = int(data['versionManagement'])
## User Management
acl.createNewUser = int(data['createNewUser'])
v1.8.9
2019-08-13 16:27:56 +05:00
acl.listUsers = int(data['listUsers'])
ACL Manager
2018-08-18 00:39:10 +05:00
acl.resellerCenter = int(data['resellerCenter'])
acl.deleteUser = int(data['deleteUser'])
acl.changeUserACL = int(data['changeUserACL'])
## Website Management
acl.createWebsite = int(data['createWebsite'])
acl.modifyWebsite = int(data['modifyWebsite'])
acl.suspendWebsite = int(data['suspendWebsite'])
acl.deleteWebsite = int(data['deleteWebsite'])
## Package Management
acl.createPackage = int(data['createPackage'])
v1.8.9
2019-08-13 16:27:56 +05:00
acl.listPackages = int(data['listPackages'])
ACL Manager
2018-08-18 00:39:10 +05:00
acl.deletePackage = int(data['deletePackage'])
acl.modifyPackage = int(data['modifyPackage'])
## Database Management
acl.createDatabase = int(data['createDatabase'])
acl.deleteDatabase = int(data['deleteDatabase'])
acl.listDatabases = int(data['listDatabases'])
## DNS Management
acl.createNameServer = int(data['createNameServer'])
acl.createDNSZone = int(data['createDNSZone'])
acl.deleteZone = int(data['deleteZone'])
acl.addDeleteRecords = int(data['addDeleteRecords'])
## Email Management
acl.createEmail = int(data['createEmail'])
v1.8.9
2019-08-13 16:27:56 +05:00
acl.listEmails = int(data['listEmails'])
ACL Manager
2018-08-18 00:39:10 +05:00
acl.deleteEmail = int(data['deleteEmail'])
acl.emailForwarding = int(data['emailForwarding'])
acl.changeEmailPassword = int(data['changeEmailPassword'])
acl.dkimManager = int(data['dkimManager'])
## FTP Management
acl.createFTPAccount = int(data['createFTPAccount'])
acl.deleteFTPAccount = int(data['deleteFTPAccount'])
acl.listFTPAccounts = int(data['listFTPAccounts'])
## Backup Management
acl.createBackup = int(data['createBackup'])
acl.restoreBackup = int(data['restoreBackup'])
acl.addDeleteDestinations = int(data['addDeleteDestinations'])
acl.scheDuleBackups = int(data['scheDuleBackups'])
acl.remoteBackups = int(data['remoteBackups'])
## SSL Management
acl.manageSSL = int(data['manageSSL'])
acl.hostnameSSL = int(data['hostnameSSL'])
acl.mailServerSSL = int(data['mailServerSSL'])
acl.save()
Changes to modsec
2018-08-19 00:28:31 +05:00
if int(data['adminStatus']) == 1:
allUsers = acl.administrator_set.all()
for items in allUsers:
items.type = 1
items.save()
else:
allUsers = acl.administrator_set.all()
for items in allUsers:
items.type = 3
items.save()
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 1}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
finalResponse = ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def changeUserACL(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
userNames = ACLManager.findAllUsers()
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/changeUserACL.html', {'aclNames': aclNames, 'usersList': userNames})
ACL Manager
2018-08-18 00:39:10 +05:00
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
userNames = ACLManager.findAllUsers()
return render(request, 'userManagment/changeUserACL.html', {'aclNames': aclNames, 'usersList': userNames})
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def changeACLFunc(request):
try:
val = request.session['userID']
combine robert changes
2018-11-16 14:41:40 +05:00
data = json.loads(request.body)
if data['selectedUser'] == 'admin':
finalResponse = {'status': 0,
'errorMessage': "Super user can not be modified.",
'error_message': "Super user can not be modified."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
ACL Manager
2018-08-18 00:39:10 +05:00
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
selectedACL = ACL.objects.get(name=data['selectedACL'])
selectedUser = Administrator.objects.get(userName=data['selectedUser'])
selectedUser.acl = selectedACL
selectedUser.save()
finalResponse = {'status': 1}
elif currentACL['changeUserACL'] == 1:
selectedACL = ACL.objects.get(name=data['selectedACL'])
selectedUser = Administrator.objects.get(userName=data['selectedUser'])
selectedUser.acl = selectedACL
selectedUser.save()
finalResponse = {'status': 1}
else:
finalResponse = ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def resellerCenter(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
userNames = ACLManager.loadDeletionUsers(userID, currentACL)
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/resellerCenter.html',
{'userToBeModified': userNames, 'resellerPrivUsers': resellerPrivUsers})
ACL Manager
2018-08-18 00:39:10 +05:00
elif currentACL['resellerCenter'] == 1:
userNames = ACLManager.loadDeletionUsers(userID, currentACL)
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
combine robert changes
2018-11-16 14:41:40 +05:00
return render(request, 'userManagment/resellerCenter.html',
{'userToBeModified': userNames, 'resellerPrivUsers': resellerPrivUsers})
ACL Manager
2018-08-18 00:39:10 +05:00
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
combine robert changes
2018-11-16 14:41:40 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
def saveResellerChanges(request):
try:
val = request.session['userID']
data = json.loads(request.body)
combine robert changes
2018-11-16 14:41:40 +05:00
if data['userToBeModified'] == 'admin':
finalResponse = {'status': 0,
'errorMessage': "Super user can not be modified.",
'error_message': "Super user can not be modified."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
pass
elif currentACL['resellerCenter'] == 1:
pass
else:
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified = Administrator.objects.get(userName=data['userToBeModified'])
newOwner = Administrator.objects.get(userName=data['newOwner'])
v1.8.9
2019-08-13 16:27:56 +05:00
try:
if ACLManager.websitesLimitCheck(newOwner, data['websitesLimit'], userToBeModified) == 0:
finalResponse = {'status': 0,
'errorMessage': "You've reached maximum websites limit as a reseller.",
'error_message': "You've reached maximum websites limit as a reseller."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
except:
pass
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified.owner = newOwner.pk
v1.8.9
2019-08-13 16:27:56 +05:00
try:
userToBeModified.initWebsitesLimit = data['websitesLimit']
except:
pass
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified.save()
finalResponse = {'status': 1}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
combine robert changes
2018-11-16 14:41:40 +05:00
return HttpResponse(json_data)
v1.8.9
2019-08-13 16:27:56 +05:00
def listUsers(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
elif currentACL['createNewUser'] == 1:
aclNames = ['user']
else:
aclNames = []
if currentACL['admin'] == 1:
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
elif currentACL['resellerCenter'] == 1:
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
else:
resellerPrivUsers = []
if currentACL['admin'] == 1:
return render(request, 'userManagment/listUsers.html', {'aclNames': aclNames, 'resellerPrivUsers': resellerPrivUsers})
elif currentACL['listUsers'] == 1:
return render(request, 'userManagment/listUsers.html', {'aclNames': aclNames, 'resellerPrivUsers': resellerPrivUsers})
else:
return ACLManager.loadError()
except KeyError:
return redirect(loadLoginPage)
def fetchTableUsers(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
users = ACLManager.fetchTableUserObjects(userID)
elif currentACL['listUsers'] == 1:
users = ACLManager.fetchTableUserObjects(userID)
else:
return ACLManager.loadErrorJson()
json_data = "["
checker = 0
for items in users:
diskUsage = 0
for webs in items.websites_set.all():
diskUsage = virtualHostUtilities.getDiskUsage("/home/" + webs.domain, webs.package.diskSpace)[0] + diskUsage
owner = Administrator.objects.get(pk=items.owner)
dic = {'id': items.pk,
'name': items.userName,
'owner': owner.userName,
'acl': items.acl.name,
'diskUsage': '%sMB' % str(diskUsage),
add state to list users
2020-01-21 00:44:56 +05:00
'websites': items.initWebsitesLimit,
'state': items.state
v1.8.9
2019-08-13 16:27:56 +05:00
}
if checker == 0:
json_data = json_data + json.dumps(dic)
checker = 1
else:
json_data = json_data + ',' + json.dumps(dic)
json_data = json_data + ']'
final_json = json.dumps({'status': 1, 'fetchStatus': 1, 'error_message': "None", "data": json_data})
return HttpResponse(final_json)
except KeyError:
return redirect(loadLoginPage)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
def controlUserState(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
accountUsername = data['accountUsername']
state = data['state']
user = Administrator.objects.get(userName=accountUsername)
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if state == 'SUSPEND':
user.state = 'SUSPENDED'
else:
user.state = 'ACTIVE'
user.save()
extraArgs = {}
extraArgs['user'] = user
extraArgs['currentACL'] = currentACL
extraArgs['state'] = state
from userManagment.userManager import UserManager
um = UserManager('controlUserState', extraArgs)
um.start()
data_ret = {'status': 1}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except BaseException as msg:
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': "Not logged in as admin", }
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Reference in New Issue Copy Permalink