Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-10 07:16:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

change auth type for cloud api

Browse Source
This commit is contained in:
usmannasir
2018-11-20 15:43:43 +05:00
parent 0d76751e59
commit 3ffce793cf
15 changed files with 1286 additions and 1553 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
*.pyc

1
CyberCP/secMiddleware.py
View File

@@ -10,6 +10,7 @@ class secMiddleware:
def __call__(self, request): def __call__(self, request):
if request.method == 'POST': if request.method == 'POST':
try: try:
logging.writeToFile(request.body)
data = json.loads(request.body) data = json.loads(request.body)
for key, value in data.iteritems(): for key, value in data.iteritems():
if type(value) == str or type(value) == unicode: if type(value) == str or type(value) == unicode:

5
api/views.py
View File

@@ -560,9 +560,12 @@ def changeAdminPassword(request):
if numberOfAdministrator == 0: if numberOfAdministrator == 0:
ACLManager.createDefaultACLs() ACLManager.createDefaultACLs()
acl = ACL.objects.get(name='admin') acl = ACL.objects.get(name='admin')
token = hashPassword.generateToken('admin', '1234567')
email = 'usman@cyberpersons.com' email = 'usman@cyberpersons.com'
admin = Administrator(userName="admin", password=hashPassword.hash_password(adminPass), type=1, email=email, admin = Administrator(userName="admin", password=hashPassword.hash_password(adminPass), type=1, email=email,
firstName="Cyber", lastName="Panel", acl=acl) firstName="Cyber", lastName="Panel", acl=acl, token=token)
admin.save() admin.save()
vers = version(currentVersion="1.7", build=3) vers = version(currentVersion="1.7", build=3)

1053
cloudAPI/cloudManager.py
View File

File diff suppressed because it is too large Load Diff

31
cloudAPI/views.py
View File

@@ -3,16 +3,29 @@ from __future__ import unicode_literals
from cloudManager import CloudManager from cloudManager import CloudManager
import json import json
from loginSystem.models import Administrator
def router(request): def router(request):
try: try:
data = json.loads(request.body) data = json.loads(request.body)
controller = data['controller'] controller = data['controller']
cm = CloudManager(data) serverUserName = data['serverUserName']
admin = Administrator.objects.get(userName=serverUserName)
cm = CloudManager(data, admin)
if controller == 'statusFunc':
pass
else:
if cm.verifyLogin(request)[0] == 1:
pass
else:
return cm.verifyLogin(request)[1]
if controller == 'verifyLogin': if controller == 'verifyLogin':
return cm.verifyLogin() return cm.verifyLogin(request)[1]
elif controller == 'fetchWebsites': elif controller == 'fetchWebsites':
return cm.fetchWebsites() return cm.fetchWebsites()
elif controller == 'fetchWebsiteDataJSON': elif controller == 'fetchWebsiteDataJSON':
@@ -117,6 +130,20 @@ def router(request):
return cm.submitACLModifications(request) return cm.submitACLModifications(request)
elif controller == 'submitPackage': elif controller == 'submitPackage':
return cm.submitPackage(request) return cm.submitPackage(request)
elif controller == 'fetchPackages':
return cm.fetchPackages(request)
elif controller == 'submitPackageDelete':
return cm.submitPackageDelete(request)
elif controller == 'submitPackageModify':
return cm.submitPackageModify(request)
elif controller == 'getDataFromLogFile':
return cm.getDataFromLogFile(request)
elif controller == 'fetchErrorLogs':
return cm.fetchErrorLogs(request)
elif controller == 'submitApplicationInstall':
return cm.submitApplicationInstall(request)
elif controller == 'obtainServer':
return cm.obtainServer(request)
except BaseException, msg: except BaseException, msg:
cm = CloudManager(None) cm = CloudManager(None)

1
loginSystem/models.py
View File

@@ -80,6 +80,7 @@ class Administrator(models.Model):
email = models.CharField(max_length=50) email = models.CharField(max_length=50)
type = models.IntegerField() type = models.IntegerField()
owner = models.IntegerField(default=1) owner = models.IntegerField(default=1)
token = models.CharField(max_length=500, default='None')
initWebsitesLimit = models.IntegerField(default=0) initWebsitesLimit = models.IntegerField(default=0)
acl = models.ForeignKey(ACL, default=1) acl = models.ForeignKey(ACL, default=1)

5
loginSystem/views.py
View File

@@ -30,7 +30,6 @@ def verifyLogin(request):
if request.method == "POST": if request.method == "POST":
data = json.loads(request.body) data = json.loads(request.body)
username = data['username'] username = data['username']
password = data['password'] password = data['password']
@@ -153,9 +152,11 @@ def loadLoginPage(request):
acl = ACL.objects.get(name='admin') acl = ACL.objects.get(name='admin')
token = hashPassword.generateToken('admin', '1234567')
email = 'usman@cyberpersons.com' email = 'usman@cyberpersons.com'
admin = Administrator(userName="admin", password=password, type=1,email=email, admin = Administrator(userName="admin", password=password, type=1,email=email,
firstName="Cyber",lastName="Panel", acl=acl) firstName="Cyber",lastName="Panel", acl=acl, token=token)
admin.save() admin.save()
vers = version(currentVersion="1.7",build=3) vers = version(currentVersion="1.7",build=3)

6
managePHP/views.py
View File

@@ -1427,7 +1427,7 @@ def getCurrentPHPConfig(request):
elif phpVers == "PHP 7.2": elif phpVers == "PHP 7.2":
phpVers = "php72" phpVers = "php72"
if ProcessUtilities.decideServer() == ProcessUtilities.centos: if ProcessUtilities.decideDistro() == ProcessUtilities.centos:
path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini"
else: else:
initial = phpVers[3] initial = phpVers[3]
@@ -1612,7 +1612,7 @@ def getCurrentAdvancedPHPConfig(request):
elif phpVers == "PHP 7.2": elif phpVers == "PHP 7.2":
phpVers = "php72" phpVers = "php72"
if ProcessUtilities.decideServer() == ProcessUtilities.centos: if ProcessUtilities.decideDistro() == ProcessUtilities.centos:
path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini"
else: else:
initial = phpVers[3] initial = phpVers[3]
@@ -1665,7 +1665,7 @@ def savePHPConfigAdvance(request):
elif phpVers == "PHP 7.2": elif phpVers == "PHP 7.2":
phpVers = "php72" phpVers = "php72"
if ProcessUtilities.decideServer() == ProcessUtilities.centos: if ProcessUtilities.decideDistro() == ProcessUtilities.centos:
path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini"
else: else:
initial = phpVers[3] initial = phpVers[3]

8
packages/packagesManager.py
View File

@@ -113,13 +113,13 @@ class PackagesManager:
delPackage = Package.objects.get(packageName=packageName) delPackage = Package.objects.get(packageName=packageName)
delPackage.delete() delPackage.delete()
data_ret = {'deleteStatus': 1, 'error_message': "None"} data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
except BaseException, msg: except BaseException, msg:
data_ret = {'deleteStatus': 0, 'error_message': str(msg)} data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -196,11 +196,11 @@ class PackagesManager:
modifyPack.allowedDomains = data['allowedDomains'] modifyPack.allowedDomains = data['allowedDomains']
modifyPack.save() modifyPack.save()
data_ret = {'saveStatus': 1, 'error_message': "None"} data_ret = {'status': 1, 'saveStatus': 1, 'error_message': "None"}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
except BaseException, msg: except BaseException, msg:
data_ret = {'saveStatus': 0, 'error_message': str(msg)} data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)

9
plogical/acl.py
View File

@@ -329,6 +329,15 @@ class ACLManager:
return packNames return packNames
@staticmethod
def loadPackageObjects(userID, finalResponse):
admin = Administrator.objects.get(pk=userID)
if finalResponse['admin'] == 1:
return Package.objects.all()
else:
return admin.package_set.all()
@staticmethod @staticmethod
def findAllSites(currentACL, userID): def findAllSites(currentACL, userID):
websiteNames = [] websiteNames = []

9
plogical/hashPassword.py
View File

@@ -1,6 +1,6 @@
import uuid import uuid
import hashlib import hashlib
import base64
def hash_password(password): def hash_password(password):
# uuid is used to generate a random number # uuid is used to generate a random number
@@ -10,4 +10,9 @@ def hash_password(password):
def check_password(hashed_password, user_password): def check_password(hashed_password, user_password):
password, salt = hashed_password.split(':') password, salt = hashed_password.split(':')
return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest() return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest()
def generateToken(serverUserName, serverPassword):
credentials = '{0}:{1}'.format(serverUserName, serverPassword).encode()
encoded_credentials = base64.b64encode(credentials).decode()
return 'Basic {0}'.format(encoded_credentials)

2
plogical/phpUtilities.py
View File

@@ -94,7 +94,7 @@ class phpUtilities:
def savePHPConfigBasic(phpVers,allow_url_fopen,display_errors,file_uploads,allow_url_include,memory_limit,max_execution_time,upload_max_filesize,max_input_time,post_max_size): def savePHPConfigBasic(phpVers,allow_url_fopen,display_errors,file_uploads,allow_url_include,memory_limit,max_execution_time,upload_max_filesize,max_input_time,post_max_size):
try: try:
if ProcessUtilities.decideServer() == ProcessUtilities.centos: if ProcessUtilities.decideDistro() == ProcessUtilities.centos:
path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini"
else: else:
initial = phpVers[3] initial = phpVers[3]

44
plogical/website.py
View File

@@ -666,7 +666,7 @@ class WebsiteManager:
if output.find("1,None") > -1: if output.find("1,None") > -1:
final_json = json.dumps( final_json = json.dumps(
{'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) {'status': 0,'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"})
return HttpResponse(final_json) return HttpResponse(final_json)
## get log ends here. ## get log ends here.
@@ -700,7 +700,7 @@ class WebsiteManager:
json_data = json_data + ',' + json.dumps(dic) json_data = json_data + ',' + json.dumps(dic)
json_data = json_data + ']' json_data = json_data + ']'
final_json = json.dumps({'logstatus': 1, 'error_message': "None", "data": json_data}) final_json = json.dumps({'status': 1, 'logstatus': 1, 'error_message': "None", "data": json_data})
return HttpResponse(final_json) return HttpResponse(final_json)
def fetchErrorLogs(self, userID = None, data = None): def fetchErrorLogs(self, userID = None, data = None):
@@ -728,12 +728,12 @@ class WebsiteManager:
if output.find("1,None") > -1: if output.find("1,None") > -1:
final_json = json.dumps( final_json = json.dumps(
{'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) {'status': 0, 'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"})
return HttpResponse(final_json) return HttpResponse(final_json)
## get log ends here. ## get log ends here.
final_json = json.dumps({'logstatus': 1, 'error_message': "None", "data": output}) final_json = json.dumps({'status': 1, 'logstatus': 1, 'error_message': "None", "data": output})
return HttpResponse(final_json) return HttpResponse(final_json)
def getDataFromConfigFile(self, userID = None, data = None): def getDataFromConfigFile(self, userID = None, data = None):
@@ -753,12 +753,12 @@ class WebsiteManager:
configData = subprocess.check_output(shlex.split(command)) configData = subprocess.check_output(shlex.split(command))
if len(configData) == 0: if len(configData) == 0:
status = {"configstatus": 0, "error_message": "Configuration file is currently empty!"} status = {'status': 0, "configstatus": 0, "error_message": "Configuration file is currently empty!"}
final_json = json.dumps(status) final_json = json.dumps(status)
return HttpResponse(final_json) return HttpResponse(final_json)
status = {"configstatus": 1, "configData": configData} status = {'status': 1, "configstatus": 1, "configData": configData}
final_json = json.dumps(status) final_json = json.dumps(status)
return HttpResponse(final_json) return HttpResponse(final_json)
@@ -1258,9 +1258,14 @@ class WebsiteManager:
website = Websites.objects.get(domain=self.domain) website = Websites.objects.get(domain=self.domain)
try: try:
subprocess.call(('sudo', 'crontab', '-u', website.externalApp, '-')) output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
except: except:
pass try:
subprocess.call(('sudo', 'crontab', '-u', website.externalApp, '-'))
except:
data_ret = {'addNewCron': 0, 'error_message': 'Unable to initialise crontab file for user'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"]) output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
@@ -1507,14 +1512,14 @@ class WebsiteManager:
time.sleep(2) time.sleep(2)
data_ret = {'installStatus': 1, 'error_message': 'None', data_ret = {'status': 1, 'installStatus': 1, 'error_message': 'None',
'tempStatusPath': extraArgs['tempStatusPath']} 'tempStatusPath': extraArgs['tempStatusPath']}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
except BaseException, msg: except BaseException, msg:
data_ret = {'installStatus': 0, 'error_message': str(msg)} data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1614,7 +1619,7 @@ class WebsiteManager:
if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter( if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter(
dbUser=dbUser).exists(): dbUser=dbUser).exists():
data_ret = {'installStatus': 0, data_ret = {'status': 0, 'installStatus': 0,
'error_message': "0,This database or user is already taken."} 'error_message': "0,This database or user is already taken."}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1624,7 +1629,7 @@ class WebsiteManager:
if result == 1: if result == 1:
pass pass
else: else:
data_ret = {'installStatus': 0, data_ret = {'status': 0, 'installStatus': 0,
'error_message': "0,Not able to create database."} 'error_message': "0,Not able to create database."}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1640,7 +1645,7 @@ class WebsiteManager:
if website.master.package.dataBases > website.master.databases_set.all().count(): if website.master.package.dataBases > website.master.databases_set.all().count():
pass pass
else: else:
data_ret = {'installStatus': 0, data_ret = {'status': 0, 'installStatus': 0,
'error_message': "0,Maximum database limit reached for this website."} 'error_message': "0,Maximum database limit reached for this website."}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1661,7 +1666,7 @@ class WebsiteManager:
if website.package.dataBases > website.databases_set.all().count(): if website.package.dataBases > website.databases_set.all().count():
pass pass
else: else:
data_ret = {'installStatus': 0, data_ret = {'status': 0, 'installStatus': 0,
'error_message': "0,Maximum database limit reached for this website."} 'error_message': "0,Maximum database limit reached for this website."}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1676,7 +1681,7 @@ class WebsiteManager:
db.save() db.save()
if finalPath.find("..") > -1: if finalPath.find("..") > -1:
data_ret = {'installStatus': 0, data_ret = {'status': 0, 'installStatus': 0,
'error_message': "Specified path must be inside virtual host home!"} 'error_message': "Specified path must be inside virtual host home!"}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1704,16 +1709,15 @@ class WebsiteManager:
output = subprocess.Popen(shlex.split(execPath)) output = subprocess.Popen(shlex.split(execPath))
data_ret = {"installStatus": 1, 'tempStatusPath': tempStatusPath} data_ret = {'status': 1, "installStatus": 1, 'tempStatusPath': tempStatusPath}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
## Installation ends ## Installation ends
except BaseException, msg: except BaseException, msg:
data_ret = {'installStatus': 0, 'error_message': str(msg)} data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1925,7 +1929,7 @@ class WebsiteManager:
time.sleep(2) time.sleep(2)
data_ret = {'installStatus': 1, 'error_message': 'None', data_ret = {'status': 1, 'installStatus': 1, 'error_message': 'None',
'tempStatusPath': extraArgs['tempStatusPath']} 'tempStatusPath': extraArgs['tempStatusPath']}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -1933,7 +1937,7 @@ class WebsiteManager:
## Installation ends ## Installation ends
except BaseException, msg: except BaseException, msg:
data_ret = {'installStatus': 0, 'error_message': str(msg)} data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)}
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)

13
userManagment/views.py
View File

@@ -92,9 +92,11 @@ def submitUserCreation(request):
else: else:
type = 3 type = 3
token = hashPassword.generateToken(userName, password)
password = hashPassword.hash_password(password) password = hashPassword.hash_password(password)
currentAdmin = Administrator.objects.get(pk=userID) currentAdmin = Administrator.objects.get(pk=userID)
if ACLManager.websitesLimitCheck(currentAdmin, websitesLimit) == 0: if ACLManager.websitesLimitCheck(currentAdmin, websitesLimit) == 0:
data_ret = {'status': 0, 'createStatus': 0, data_ret = {'status': 0, 'createStatus': 0,
'error_message': "You've reached maximum websites limit as a reseller."} 'error_message': "You've reached maximum websites limit as a reseller."}
@@ -112,7 +114,8 @@ def submitUserCreation(request):
password=password, password=password,
initWebsitesLimit=websitesLimit, initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk, owner=currentAdmin.pk,
acl=selectedACL acl=selectedACL,
token=token
) )
newAdmin.save() newAdmin.save()
@@ -126,7 +129,8 @@ def submitUserCreation(request):
password=password, password=password,
initWebsitesLimit=websitesLimit, initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk, owner=currentAdmin.pk,
acl=selectedACL acl=selectedACL,
token=token
) )
newAdmin.save() newAdmin.save()
elif currentACL['createNewUser'] == 1: elif currentACL['createNewUser'] == 1:
@@ -139,7 +143,8 @@ def submitUserCreation(request):
password=password, password=password,
initWebsitesLimit=websitesLimit, initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk, owner=currentAdmin.pk,
acl=selectedACL acl=selectedACL,
token=token
) )
newAdmin.save() newAdmin.save()
else: else:
@@ -228,12 +233,14 @@ def saveModifications(request):
admin = Administrator.objects.get(pk=val) admin = Administrator.objects.get(pk=val)
user = Administrator.objects.get(userName=accountUsername) user = Administrator.objects.get(userName=accountUsername)
token = hashPassword.generateToken(accountUsername, data['password'])
password = hashPassword.hash_password(data['password']) password = hashPassword.hash_password(data['password'])
user.firstName = firstName user.firstName = firstName
user.lastName = lastName user.lastName = lastName
user.email = email user.email = email
user.password = password user.password = password
user.token = token
user.type = 0 user.type = 0
user.save() user.save()

1651
websiteFunctions/templates/websiteFunctions/website.html
View File

File diff suppressed because it is too large Load Diff