Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-06 21:35:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f39c8fc22d45f25c746e02cf73ae521df03f2466
CyberPanel/userManagment/views.py

928 lines
32 KiB
Python
Raw Normal View History

Initial Commit
2017-10-24 19:16:36 +05:00
# -*- coding: utf-8 -*-
p3
2019-12-10 15:09:10 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
from django.shortcuts import render, redirect
Initial Commit
2017-10-24 19:16:36 +05:00
from django.http import HttpResponse
from loginSystem.views import loadLoginPage
ACL Manager
2018-08-18 00:39:10 +05:00
from loginSystem.models import Administrator, ACL
Initial Commit
2017-10-24 19:16:36 +05:00
import json
from plogical import hashPassword
ACL Manager
2018-08-18 00:39:10 +05:00
from plogical.acl import ACLManager
add default renderer to userManagement
2021-03-03 19:45:05 +05:00
from plogical.httpProc import httpProc
v1.8.9
2019-08-13 16:27:56 +05:00
from plogical.virtualHostUtilities import virtualHostUtilities
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
from CyberCP.secMiddleware import secMiddleware
fix createUser and modifyUser securityLevel defaults
2020-08-15 00:06:52 -04:00
from CyberCP.SecurityLevel import SecurityLevel
combine robert changes
2018-11-16 14:41:40 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
def loadUserHome(request):
add default renderer to userManagement
2021-03-03 19:45:05 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
val = request.session['userID']
admin = Administrator.objects.get(pk=val)
currentACL = ACLManager.loadedACL(val)
Initial Commit
2017-10-24 19:16:36 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
if currentACL['admin'] == 1:
listUsers = 1
else:
listUsers = currentACL['listUsers']
Initial Commit
2017-10-24 19:16:36 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
proc = httpProc(request, 'userManagment/index.html',
{"type": admin.type, 'listUsers': listUsers}, 'listUsers')
return proc.render()
Initial Commit
2017-10-24 19:16:36 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
def viewProfile(request):
userID = request.session['userID']
admin = Administrator.objects.get(pk=userID)
Initial Commit
2017-10-24 19:16:36 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
AdminData = {}
Initial Commit
2017-10-24 19:16:36 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
AdminData['userName'] = admin.userName
AdminData['firstName'] = admin.firstName
AdminData['lastName'] = admin.lastName
AdminData['websitesLimit'] = admin.initWebsitesLimit
AdminData['email'] = admin.email
AdminData['accountACL'] = admin.acl.name
Initial Commit
2017-10-24 19:16:36 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
proc = httpProc(request, 'userManagment/userProfile.html',
AdminData)
return proc.render()
Initial Commit
2017-10-24 19:16:36 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def createUser(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
ACL Manager
2018-08-18 00:39:10 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
proc = httpProc(request, 'userManagment/createUser.html',
{'aclNames': aclNames, 'securityLevels': SecurityLevel.list()})
return proc.render()
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
proc = httpProc(request, 'userManagment/createUser.html',
{'aclNames': aclNames, 'securityLevels': SecurityLevel.list()})
return proc.render()
elif currentACL['createNewUser'] == 1:
aclNames = ['user']
proc = httpProc(request, 'userManagment/createUser.html',
{'aclNames': aclNames, 'securityLevels': SecurityLevel.list()})
return proc.render()
else:
return ACLManager.loadError()
Initial Commit
2017-10-24 19:16:36 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
centralized execution ph3
2019-03-30 14:21:52 +05:00
def apiAccess(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
adminNames.append("admin")
proc = httpProc(request, 'userManagment/apiAccess.html',
{'acctNames': adminNames}, 'admin')
return proc.render()
centralized execution ph3
2019-03-30 14:21:52 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
centralized execution ph3
2019-03-30 14:21:52 +05:00
def saveChangesAPIAccess(request):
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
data = json.loads(request.body)
if currentACL['admin'] != 1:
finalResponse = {'status': 0, "error_message": "Only administrators are allowed to perform this task."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
else:
accountUsername = data['accountUsername']
access = data['access']
userAcct = Administrator.objects.get(userName=accountUsername)
if access == "Enable":
userAcct.api = 1
else:
userAcct.api = 0
userAcct.save()
finalResponse = {'status': 1}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
centralized execution ph3
2019-03-30 14:21:52 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def submitUserCreation(request):
try:
ACL Manager
2018-08-18 00:39:10 +05:00
try:
create user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:30:22 +05:00
try:
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
data = json.loads(request.body)
except:
userID = request['userID']
data = request
currentACL = ACLManager.loadedACL(userID)
ACL Manager
2018-08-18 00:39:10 +05:00
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
userName = data['userName']
password = data['password']
websitesLimit = data['websitesLimit']
selectedACL = data['selectedACL']
create user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:30:22 +05:00
security fix: CP-18: Users – Create New User
2021-08-13 14:55:08 +05:00
if ACLManager.CheckRegEx("^[\w'\-,.][^0-9_!¡?÷?¿/\\+=@#$%ˆ&*(){}|~<>;:[\]]{2,}$", firstName) == 0:
data_ret = {'status': 0, 'createStatus': 0, 'error_message': 'First Name can only contain Alphabets and should be more then 2 characters..'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
if ACLManager.CheckRegEx("^[\w'\-,.][^0-9_!¡?÷?¿/\\+=@#$%ˆ&*(){}|~<>;:[\]]{2,}$", lastName) == 0:
data_ret = {'status': 0, 'createStatus': 0, 'error_message': 'First Name can only contain Alphabets and should be more then 2 characters..'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
import validators
if not validators.email(email):
data_ret = {'status': 0, 'createStatus': 0,
'error_message': 'Invalid email address.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
bug fix: default value for security level
2020-01-18 10:16:38 +05:00
try:
securityLevel = data['securityLevel']
except:
securityLevel = 'HIGH'
ACL Manager
2018-08-18 00:39:10 +05:00
selectedACL = ACL.objects.get(name=selectedACL)
if selectedACL.adminStatus == 1:
type = 1
Initial Commit
2017-10-24 19:16:36 +05:00
else:
ACL Manager
2018-08-18 00:39:10 +05:00
type = 3
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
if securityLevel == 'LOW':
securityLevel = secMiddleware.LOW
else:
securityLevel = secMiddleware.HIGH
change auth type for cloud api
2018-11-20 15:43:43 +05:00
token = hashPassword.generateToken(userName, password)
ACL Manager
2018-08-18 00:39:10 +05:00
password = hashPassword.hash_password(password)
currentAdmin = Administrator.objects.get(pk=userID)
if ACLManager.websitesLimitCheck(currentAdmin, websitesLimit) == 0:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "You've reached maximum websites limit as a reseller."}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
if currentACL['admin'] == 1:
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
elif currentACL['changeUserACL'] == 1:
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
elif currentACL['createNewUser'] == 1:
add owner protection
2020-01-23 20:13:29 +05:00
if selectedACL.name != 'user':
security check for user creation
2020-01-21 19:53:58 +05:00
data_ret = {'status': 0, 'createStatus': 0,
'error_message': "You are not authorized to access this resource."}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
ACL Manager
2018-08-18 00:39:10 +05:00
newAdmin = Administrator(firstName=firstName,
lastName=lastName,
email=email,
type=type,
userName=userName,
password=password,
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
change auth type for cloud api
2018-11-20 15:43:43 +05:00
acl=selectedACL,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
token=token,
securityLevel=securityLevel,
ACL Manager
2018-08-18 00:39:10 +05:00
)
newAdmin.save()
else:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "You are not authorized to access this resource."}
Language updates and Bug fixes to user managment.
2017-10-30 14:34:07 +05:00
ACL Manager
2018-08-18 00:39:10 +05:00
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 1, 'createStatus': 1,
ACL Manager
2018-08-18 00:39:10 +05:00
'error_message': "None"}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
Initial Commit
2017-10-24 19:16:36 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'createStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
fix createUser and modifyUser securityLevel defaults
2020-08-15 00:06:52 -04:00
Initial Commit
2017-10-24 19:16:36 +05:00
def modifyUsers(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
userNames = ACLManager.loadAllUsers(userID)
proc = httpProc(request, 'userManagment/modifyUser.html',
{"acctNames": userNames, 'securityLevels': SecurityLevel.list()})
return proc.render()
Initial Commit
2017-10-24 19:16:36 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def fetchUserDetails(request):
try:
val = request.session['userID']
try:
if request.method == 'POST':
data = json.loads(request.body)
accountUsername = data['accountUsername']
user = Administrator.objects.get(userName=accountUsername)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Initial Commit
2017-10-24 19:16:36 +05:00
firstName = user.firstName
lastName = user.lastName
email = user.email
websitesLimit = user.initWebsitesLimit
complete https://feedback.cyberpanel.net/b/requests/p/2fa-support-in-login
2020-08-10 23:55:46 +05:00
import pyotp
if user.secretKey == 'None':
user.secretKey = pyotp.random_base32()
user.save()
otpauth = pyotp.totp.TOTP(user.secretKey).provisioning_uri(email, issuer_name="CyberPanel")
combine robert changes
2018-11-16 14:41:40 +05:00
userDetails = {
"id": user.id,
"firstName": firstName,
"lastName": lastName,
"email": email,
"acl": user.acl.name,
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
"websitesLimit": websitesLimit,
fix createUser and modifyUser securityLevel defaults
2020-08-15 00:06:52 -04:00
"securityLevel": SecurityLevel(user.securityLevel).name,
complete https://feedback.cyberpanel.net/b/requests/p/2fa-support-in-login
2020-08-10 23:55:46 +05:00
"otpauth": otpauth,
'twofa': user.twoFA
combine robert changes
2018-11-16 14:41:40 +05:00
}
Initial Commit
2017-10-24 19:16:36 +05:00
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
Initial Commit
2017-10-24 19:16:36 +05:00
data_ret = {'fetchStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'fetchStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def saveModifications(request):
try:
try:
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
val = request.session['userID']
except:
val = request['userID']
try:
try:
Initial Commit
2017-10-24 19:16:36 +05:00
data = json.loads(request.body)
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
except:
data = request
Initial Commit
2017-10-24 19:16:36 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
accountUsername = data['accountUsername']
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
try:
securityLevel = data['securityLevel']
except:
securityLevel = 'HIGH'
Initial Commit
2017-10-24 19:16:36 +05:00
complete https://feedback.cyberpanel.net/b/requests/p/2fa-support-in-login
2020-08-10 23:55:46 +05:00
try:
twofa = int(data['twofa'])
except:
twofa = 0
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
user = Administrator.objects.get(userName=accountUsername)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
token = hashPassword.generateToken(accountUsername, data['passwordByPass'])
password = hashPassword.hash_password(data['passwordByPass'])
Initial Commit
2017-10-24 19:16:36 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
user.firstName = firstName
user.lastName = lastName
user.email = email
user.password = password
user.token = token
user.type = 0
complete https://feedback.cyberpanel.net/b/requests/p/2fa-support-in-login
2020-08-10 23:55:46 +05:00
user.twoFA = twofa
Initial Commit
2017-10-24 19:16:36 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
if securityLevel == 'LOW':
user.securityLevel = secMiddleware.LOW
else:
user.securityLevel = secMiddleware.HIGH
Feature: allow user to disable session ip check
2019-11-12 14:01:29 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
user.save()
Initial Commit
2017-10-24 19:16:36 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
adminEmailPath = '/home/cyberpanel/adminEmail'
bug fix: email reporting
2020-01-30 21:38:39 +05:00
Edit user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:57:02 +05:00
if accountUsername == 'admin':
writeToFile = open(adminEmailPath, 'w')
writeToFile.write(email)
writeToFile.close()
data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
bug fix: email reporting
2020-01-30 21:38:39 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def deleteUser(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
ACL Manager
2018-08-18 00:39:10 +05:00
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
if currentACL['admin'] == 1:
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
proc = httpProc(request, 'userManagment/deleteUser.html',
{"acctNames": adminNames})
return proc.render()
elif currentACL['deleteUser'] == 1:
adminNames = ACLManager.loadDeletionUsers(userID, currentACL)
proc = httpProc(request, 'userManagment/deleteUser.html',
{"acctNames": adminNames})
return proc.render()
else:
return ACLManager.loadError()
Initial Commit
2017-10-24 19:16:36 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
Initial Commit
2017-10-24 19:16:36 +05:00
def submitUserDeletion(request):
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
Initial Commit
2017-10-24 19:16:36 +05:00
try:
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
try:
userID = request.session['userID']
except:
userID = request['userID']
Initial Commit
2017-10-24 19:16:36 +05:00
try:
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
try:
Initial Commit
2017-10-24 19:16:36 +05:00
data = json.loads(request.body)
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
except:
data = request
Initial Commit
2017-10-24 19:16:36 +05:00
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
accountUsername = data['accountUsername']
Initial Commit
2017-10-24 19:16:36 +05:00
bug fix: improve size for smtphost
2020-09-15 09:35:55 +05:00
try:
force = data['force']
except:
force = 0
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
currentACL = ACLManager.loadedACL(userID)
combine robert changes
2018-11-16 14:41:40 +05:00
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
currentUser = Administrator.objects.get(pk=userID)
userInQuestion = Administrator.objects.get(userName=accountUsername)
v1.8.9
2019-08-13 16:27:56 +05:00
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
if ACLManager.checkUserOwnerShip(currentACL, currentUser, userInQuestion):
bug fix: improve size for smtphost
2020-09-15 09:35:55 +05:00
if force:
userACL = ACLManager.loadedACL(userInQuestion.pk)
websitesName = ACLManager.findAllSites(userACL, userInQuestion.pk)
from websiteFunctions.website import WebsiteManager
wm = WebsiteManager()
for website in websitesName:
wm.submitWebsiteDeletion(userID, {'websiteName': website})
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
user = Administrator.objects.get(userName=accountUsername)
v1.8.9
2019-08-13 16:27:56 +05:00
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
childUsers = Administrator.objects.filter(owner=user.pk)
v1.8.9
2019-08-13 16:27:56 +05:00
delete user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:36:36 +05:00
for items in childUsers:
items.delete()
user.delete()
data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': 'None'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': 'Not enough privileges.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Initial Commit
2017-10-24 19:16:36 +05:00
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)}
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
combine robert changes
2018-11-16 14:41:40 +05:00
data_ret = {'deleteStatus': 0, 'error_message': "Not logged in as admin", }
Initial Commit
2017-10-24 19:16:36 +05:00
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def createNewACL(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
proc = httpProc(request, 'userManagment/createACL.html',
None, 'admin')
return proc.render()
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def createACLFunc(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
enroute fixing https://github.com/usmannasir/cyberpanel/issues/527
2021-02-22 10:18:50 +05:00
if data['makeAdmin']:
data['adminStatus'] = 1
else:
data['adminStatus'] = 0
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
newACL = ACL(name=data['aclName'], config=json.dumps(data))
ACL Manager
2018-08-18 00:39:10 +05:00
newACL.save()
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 1}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def deleteACL(request):
add default renderer to userManagement
2021-03-03 19:45:05 +05:00
aclNames = ACLManager.findAllACLs()
proc = httpProc(request, 'userManagment/deleteACL.html',
{'aclNames': aclNames}, 'admin')
return proc.render()
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def deleteACLFunc(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
acl = ACL.objects.get(name=data['aclToBeDeleted'])
if acl.administrator_set.all().count() == 0:
acl.delete()
finalResponse = {'status': 1}
else:
v1.8.9
2019-08-13 16:27:56 +05:00
finalResponse = {'status': 0, 'errorMesssage': 'This ACL is currently in used by existing users.',
'error_message': 'This ACL is currently in used by existing users.'}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def modifyACL(request):
add default renderer to userManagement
2021-03-03 19:45:05 +05:00
aclNames = ACLManager.findAllACLs()
proc = httpProc(request, 'userManagment/modifyACL.html',
{'aclNames': aclNames}, 'admin')
return proc.render()
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def fetchACLDetails(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
finalResponse = {}
acl = ACL.objects.get(name=data['aclToModify'])
enroute fixing https://github.com/usmannasir/cyberpanel/issues/527
2021-02-22 10:18:50 +05:00
finalResponse = json.loads(acl.config)
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse['status'] = 1
else:
Bug fixes
2018-08-21 13:10:40 +05:00
return ACLManager.loadErrorJson()
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
ACL Manager
2018-08-18 00:39:10 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg)}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def submitACLModifications(request):
try:
val = request.session['userID']
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
data = json.loads(request.body)
## Version Management
acl = ACL.objects.get(name=data['aclToModify'])
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
acl.config = json.dumps(data)
ACL Manager
2018-08-18 00:39:10 +05:00
acl.save()
Changes to modsec
2018-08-19 00:28:31 +05:00
if int(data['adminStatus']) == 1:
allUsers = acl.administrator_set.all()
for items in allUsers:
items.type = 1
items.save()
else:
allUsers = acl.administrator_set.all()
for items in allUsers:
items.type = 3
items.save()
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 1}
ACL Manager
2018-08-18 00:39:10 +05:00
else:
finalResponse = ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
def changeUserACL(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
userNames = ACLManager.findAllUsers()
proc = httpProc(request, 'userManagment/changeUserACL.html',
{'aclNames': aclNames, 'usersList': userNames}, 'admin')
return proc.render()
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
userNames = ACLManager.findAllUsers()
proc = httpProc(request, 'userManagment/changeUserACL.html',
{'aclNames': aclNames, 'usersList': userNames})
return proc.render()
else:
return ACLManager.loadError()
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def changeACLFunc(request):
try:
val = request.session['userID']
combine robert changes
2018-11-16 14:41:40 +05:00
data = json.loads(request.body)
if data['selectedUser'] == 'admin':
finalResponse = {'status': 0,
'errorMessage': "Super user can not be modified.",
'error_message': "Super user can not be modified."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
ACL Manager
2018-08-18 00:39:10 +05:00
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
selectedACL = ACL.objects.get(name=data['selectedACL'])
selectedUser = Administrator.objects.get(userName=data['selectedUser'])
selectedUser.acl = selectedACL
selectedUser.save()
finalResponse = {'status': 1}
elif currentACL['changeUserACL'] == 1:
selectedACL = ACL.objects.get(name=data['selectedACL'])
selectedUser = Administrator.objects.get(userName=data['selectedUser'])
selectedUser.acl = selectedACL
selectedUser.save()
finalResponse = {'status': 1}
else:
finalResponse = ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def resellerCenter(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
userNames = ACLManager.loadDeletionUsers(userID, currentACL)
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
proc = httpProc(request, 'userManagment/resellerCenter.html',
{'userToBeModified': userNames, 'resellerPrivUsers': resellerPrivUsers})
return proc.render()
elif currentACL['resellerCenter'] == 1:
userNames = ACLManager.loadDeletionUsers(userID, currentACL)
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
proc = httpProc(request, 'userManagment/resellerCenter.html',
{'userToBeModified': userNames, 'resellerPrivUsers': resellerPrivUsers})
return proc.render()
else:
return ACLManager.loadError()
ACL Manager
2018-08-18 00:39:10 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
ACL Manager
2018-08-18 00:39:10 +05:00
def saveResellerChanges(request):
try:
val = request.session['userID']
data = json.loads(request.body)
combine robert changes
2018-11-16 14:41:40 +05:00
if data['userToBeModified'] == 'admin':
finalResponse = {'status': 0,
'errorMessage': "Super user can not be modified.",
'error_message': "Super user can not be modified."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
CloudLinux, CageFS and security improvements
2019-07-16 23:23:16 +05:00
currentACL = ACLManager.loadedACL(val)
if currentACL['admin'] == 1:
pass
elif currentACL['resellerCenter'] == 1:
pass
else:
return ACLManager.loadErrorJson()
add owner protection for reseller center
2020-02-18 11:29:29 +05:00
loggedUser = Administrator.objects.get(pk=val)
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified = Administrator.objects.get(userName=data['userToBeModified'])
newOwner = Administrator.objects.get(userName=data['newOwner'])
add owner protection for reseller center
2020-02-18 11:29:29 +05:00
### Check user owners
if ACLManager.checkUserOwnerShip(currentACL, loggedUser, userToBeModified) == 0 or ACLManager.checkUserOwnerShip(currentACL, loggedUser, newOwner) == 0:
return ACLManager.loadErrorJson()
v1.8.9
2019-08-13 16:27:56 +05:00
try:
if ACLManager.websitesLimitCheck(newOwner, data['websitesLimit'], userToBeModified) == 0:
finalResponse = {'status': 0,
'errorMessage': "You've reached maximum websites limit as a reseller.",
'error_message': "You've reached maximum websites limit as a reseller."}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
except:
pass
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified.owner = newOwner.pk
v1.8.9
2019-08-13 16:27:56 +05:00
try:
userToBeModified.initWebsitesLimit = data['websitesLimit']
except:
pass
ACL Manager
2018-08-18 00:39:10 +05:00
userToBeModified.save()
finalResponse = {'status': 1}
json_data = json.dumps(finalResponse)
return HttpResponse(json_data)
p3
2019-12-10 15:09:10 +05:00
except BaseException as msg:
combine robert changes
2018-11-16 14:41:40 +05:00
finalResponse = {'status': 0, 'errorMessage': str(msg), 'error_message': str(msg)}
ACL Manager
2018-08-18 00:39:10 +05:00
json_data = json.dumps(finalResponse)
combine robert changes
2018-11-16 14:41:40 +05:00
return HttpResponse(json_data)
v1.8.9
2019-08-13 16:27:56 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
v1.8.9
2019-08-13 16:27:56 +05:00
def listUsers(request):
further refoctor default render userManagement
2021-03-07 11:34:08 +05:00
userID = request.session['userID']
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
aclNames = ACLManager.unFileteredACLs()
elif currentACL['changeUserACL'] == 1:
aclNames = ACLManager.unFileteredACLs()
elif currentACL['createNewUser'] == 1:
aclNames = ['user']
else:
aclNames = []
if currentACL['admin'] == 1:
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
elif currentACL['resellerCenter'] == 1:
resellerPrivUsers = ACLManager.userWithResellerPriv(userID)
else:
resellerPrivUsers = []
if currentACL['admin'] == 1:
proc = httpProc(request, 'userManagment/listUsers.html',
{'aclNames': aclNames, 'resellerPrivUsers': resellerPrivUsers})
return proc.render()
elif currentACL['listUsers'] == 1:
proc = httpProc(request, 'userManagment/listUsers.html',
{'aclNames': aclNames, 'resellerPrivUsers': resellerPrivUsers})
return proc.render()
else:
return ACLManager.loadError()
v1.8.9
2019-08-13 16:27:56 +05:00
def fetchTableUsers(request):
try:
list user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-01 19:40:43 +05:00
try:
userID = request.session['userID']
except:
userID = request['userID']
v1.8.9
2019-08-13 16:27:56 +05:00
currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
users = ACLManager.fetchTableUserObjects(userID)
elif currentACL['listUsers'] == 1:
users = ACLManager.fetchTableUserObjects(userID)
else:
return ACLManager.loadErrorJson()
json_data = "["
checker = 0
for items in users:
fix: disk/bw usage to calculate every 12 hour
2021-01-18 14:01:26 +05:00
diskUsageCurrent = 0
v1.8.9
2019-08-13 16:27:56 +05:00
for webs in items.websites_set.all():
fix: disk/bw usage to calculate every 12 hour
2021-01-18 14:01:26 +05:00
DiskUsage, DiskUsagePercentage, bwInMB, bwUsage = virtualHostUtilities.FindStats(webs)
diskUsageCurrent = DiskUsage + diskUsageCurrent
bug fix: user owner shift
2021-07-21 12:31:18 +05:00
try:
owner = Administrator.objects.get(pk=items.owner)
except:
### If user owner is deleted then owner is admin
items.owner = 1
items.save()
owner = Administrator.objects.get(pk=1)
v1.8.9
2019-08-13 16:27:56 +05:00
dic = {'id': items.pk,
'name': items.userName,
'owner': owner.userName,
'acl': items.acl.name,
fix: disk/bw usage to calculate every 12 hour
2021-01-18 14:01:26 +05:00
'diskUsage': '%sMB' % str(diskUsageCurrent),
add state to list users
2020-01-21 00:44:56 +05:00
'websites': items.initWebsitesLimit,
'state': items.state
v1.8.9
2019-08-13 16:27:56 +05:00
}
if checker == 0:
json_data = json_data + json.dumps(dic)
checker = 1
else:
json_data = json_data + ',' + json.dumps(dic)
json_data = json_data + ']'
final_json = json.dumps({'status': 1, 'fetchStatus': 1, 'error_message': "None", "data": json_data})
return HttpResponse(final_json)
except KeyError:
return redirect(loadLoginPage)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
follow PEP 8 style guide
2021-10-16 00:28:44 +06:00
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
def controlUserState(request):
try:
try:
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
val = request.session['userID']
except:
val = request['userID']
try:
try:
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
data = json.loads(request.body)
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
except:
data = request
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
accountUsername = data['accountUsername']
state = data['state']
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
user = Administrator.objects.get(userName=accountUsername)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
currentACL = ACLManager.loadedACL(val)
loggedUser = Administrator.objects.get(pk=val)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
if currentACL['admin'] == 1:
pass
elif user.owner == loggedUser.pk:
pass
elif user.pk == loggedUser.pk:
pass
else:
data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
if state == 'SUSPEND':
user.state = 'SUSPENDED'
else:
user.state = 'ACTIVE'
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
user.save()
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
extraArgs = {}
extraArgs['user'] = user
extraArgs['currentACL'] = ACLManager.loadedACL(user.pk)
extraArgs['state'] = state
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
suspend/unsuspend user: ref https://github.com/usmannasir/cyberpanel/issues/335
2020-06-02 15:49:08 +05:00
from userManagment.userManager import UserManager
um = UserManager('controlUserState', extraArgs)
um.start()
data_ret = {'status': 1}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
feature: suspend/unsuspend users
2020-01-21 20:33:33 +05:00
except BaseException as msg:
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError:
data_ret = {'status': 0, 'saveStatus': 0, 'error_message': "Not logged in as admin", }
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
Reference in New Issue Copy Permalink