From 5c014765db11e9dcb3038c7f72871cb8f86919f4 Mon Sep 17 00:00:00 2001 From: usmannasir <01-134132-158@student.bahria.edu.pk> Date: Tue, 21 Aug 2018 13:10:40 +0500 Subject: [PATCH] Bug fixes --- dns/views.py | 2 +- .../templates/emailPremium/policyServer.html | 4 +- filemanager/templates/filemanager/index.html | 20 +- filemanager/views.py | 91 ++-- firewall/static/firewall/firewall.js | 1 - manageServices/views.py | 1 + plogical/CyberCPLogFileWriter.py | 1 + plogical/acl.py | 18 + plogical/applicationInstaller.py | 386 +++++++--------- plogical/modSec.py | 6 +- plogical/upgrade.py | 423 +++++++++--------- static/firewall/firewall.js | 32 +- userManagment/views.py | 6 +- websiteFunctions/views.py | 1 - 14 files changed, 437 insertions(+), 555 deletions(-) diff --git a/dns/views.py b/dns/views.py index d92d9f2be..84c7d157a 100644 --- a/dns/views.py +++ b/dns/views.py @@ -652,7 +652,7 @@ def submitZoneDeletion(request): if currentACL['admin'] == 1: if delZone.admin != admin: - ACLManager.loadErrorJson() + return ACLManager.loadErrorJson() delZone.delete() diff --git a/emailPremium/templates/emailPremium/policyServer.html b/emailPremium/templates/emailPremium/policyServer.html index 3d9fea014..4641f7db1 100644 --- a/emailPremium/templates/emailPremium/policyServer.html +++ b/emailPremium/templates/emailPremium/policyServer.html @@ -27,7 +27,7 @@
- +
@@ -78,4 +78,4 @@
-{% endblock %} \ No newline at end of file +{% endblock %} diff --git a/filemanager/templates/filemanager/index.html b/filemanager/templates/filemanager/index.html index 0093e2bcc..2d46971d6 100644 --- a/filemanager/templates/filemanager/index.html +++ b/filemanager/templates/filemanager/index.html @@ -697,17 +697,17 @@
- \ No newline at end of file + diff --git a/filemanager/views.py b/filemanager/views.py index fe8cfa18d..c1b96fcbd 100644 --- a/filemanager/views.py +++ b/filemanager/views.py @@ -20,43 +20,36 @@ from plogical.acl import ACLManager def loadFileManagerHome(request,domain): try: userID = request.session['userID'] - - admin = Administrator.objects.get(pk=userID) - if Websites.objects.filter(domain=domain).exists(): + admin = Administrator.objects.get(pk=userID) currentACL = ACLManager.loadedACL(userID) - if currentACL['admin'] == 1: - viewStatus = 1 - if admin.type == 3: - viewStatus = 0 - return render(request, 'filemanager/index.html', {"viewStatus": viewStatus}) + if ACLManager.checkOwnership(domain, admin, currentACL) == 1: + return render(request, 'filemanager/index.html') else: - website = Websites.objects.get(domain=domain) - if website.admin == admin: - viewStatus = 1 - - if admin.type == 3: - viewStatus = 0 - - return render(request, 'filemanager/index.html', {"viewStatus": viewStatus}) - else: - return HttpResponse("Domain ownership error.") + return ACLManager.loadError() else: return HttpResponse("Domain does not exists.") - except KeyError: return redirect(loadLoginPage) def changePermissions(request): try: - val = request.session['userID'] + userID = request.session['userID'] + admin = Administrator.objects.get(pk=userID) try: data = json.loads(request.body) domainName = data['domainName'] + currentACL = ACLManager.loadedACL(userID) + + if ACLManager.checkOwnership(domainName, admin, currentACL) == 1: + pass + else: + return ACLManager.loadErrorJson('permissionsChanged', 0) + website = Websites.objects.get(domain=domainName) externalApp = website.externalApp @@ -99,8 +92,6 @@ def downloadFile(request): except KeyError: return redirect(loadLoginPage) - - def createTemporaryFile(request): try: userID = request.session['userID'] @@ -109,52 +100,32 @@ def createTemporaryFile(request): admin = Administrator.objects.get(pk=userID) + currentACL = ACLManager.loadedACL(userID) + + if ACLManager.checkOwnership(domainName, admin, currentACL) == 1: + pass + else: + return ACLManager.loadErrorJson('createTemporaryFile', 0) + ## Create file manager entry if Websites.objects.filter(domain=domainName).exists(): - currentACL = ACLManager.loadedACL(userID) - if currentACL['admin'] == 1: + execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py" - execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py" + execPath = execPath + " createTemporaryFile --domainName " + domainName - execPath = execPath + " createTemporaryFile --domainName " + domainName + output = subprocess.check_output(shlex.split(execPath)) - output = subprocess.check_output(shlex.split(execPath)) - - if output.find("0,") > -1: - data_ret = {'createTemporaryFile': 0, 'error_message': "None"} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) - - else: - domainRandomSeed = output.rstrip('\n') - data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed':domainRandomSeed} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) + if output.find("0,") > -1: + data_ret = {'createTemporaryFile': 0, 'error_message': "None"} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) else: - website = Websites.objects.get(domain=domainName) - if website.admin == admin: - execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py" - - execPath = execPath + " createTemporaryFile --domainName " + domainName - - output = subprocess.check_output(shlex.split(execPath)) - - if output.find("0,") > -1: - data_ret = {'createTemporaryFile': 0, 'error_message': "None"} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) - - else: - domainRandomSeed = output.rstrip('\n') - data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed': domainRandomSeed} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) - else: - data_ret = {'createTemporaryFile': 0, 'error_message': "Domain ownership error."} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) + domainRandomSeed = output.rstrip('\n') + data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed': domainRandomSeed} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) except KeyError: return redirect(loadLoginPage) diff --git a/firewall/static/firewall/firewall.js b/firewall/static/firewall/firewall.js index fa10a43b0..ba9df9207 100644 --- a/firewall/static/firewall/firewall.js +++ b/firewall/static/firewall/firewall.js @@ -1037,7 +1037,6 @@ app.controller('modSec', function($scope, $http, $timeout, $window) { if(response.data.installed === 1) { - if (response.data.modsecurity === 1) { $('#modsecurity_status').bootstrapToggle('on'); } diff --git a/manageServices/views.py b/manageServices/views.py index d647f4d8e..0f2856f00 100644 --- a/manageServices/views.py +++ b/manageServices/views.py @@ -27,6 +27,7 @@ def managePowerDNS(request): return ACLManager.loadError() try: return render(request, 'manageServices/managePowerDNS.html', {"status": 1}) + except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile(str(msg)) return HttpResponse("See CyberCP main log file.") diff --git a/plogical/CyberCPLogFileWriter.py b/plogical/CyberCPLogFileWriter.py index 5324eea56..08834aaa8 100644 --- a/plogical/CyberCPLogFileWriter.py +++ b/plogical/CyberCPLogFileWriter.py @@ -11,6 +11,7 @@ class CyberCPLogFileWriter: file.writelines("[" + time.strftime( "%I-%M-%S-%a-%b-%Y") + "] "+ message + "\n") file.close() + except IOError,msg: return "Can not write to error file." diff --git a/plogical/acl.py b/plogical/acl.py index 42cf6ef90..a74cd34c2 100644 --- a/plogical/acl.py +++ b/plogical/acl.py @@ -369,4 +369,22 @@ class ACLManager: return domainsList + @staticmethod + def checkOwnership(domain, admin, currentACL): + + domainName = Websites.objects.get(domain=domain) + + if currentACL['admin'] == 1: + return 1 + elif domainName.admin == admin: + return 1 + else: + if domainName.admin.owner == admin.pk: + return 1 + else: + return 0 + + + + diff --git a/plogical/applicationInstaller.py b/plogical/applicationInstaller.py index b42ef1356..3574f6546 100644 --- a/plogical/applicationInstaller.py +++ b/plogical/applicationInstaller.py @@ -71,6 +71,41 @@ class ApplicationInstaller(multi.Thread): except BaseException, msg: logging.writeToFile( str(msg) + ' [ApplicationInstaller.installGit]') + def dbCreation(self, tempStatusPath, website): + try: + dbName = randomPassword.generate_pass() + dbUser = dbName + dbPassword = randomPassword.generate_pass() + + ## DB Creation + + if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter( + dbUser=dbUser).exists(): + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "This database or user is already taken." + " [404]") + statusFile.close() + return 0 + + result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword) + + if result == 1: + pass + else: + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "Not able to create database." + " [404]") + statusFile.close() + return 0 + + db = Databases(website=website, dbName=dbName, dbUser=dbUser) + db.save() + + return dbName, dbUser, dbPassword + + except BaseException, msg: + logging.writeToFile(str(msg) + '[ApplicationInstallerdbCreation]') + def installWordPress(self): try: @@ -83,6 +118,7 @@ class ApplicationInstaller(multi.Thread): adminPassword = self.extraArgs['adminPassword'] adminEmail = self.extraArgs['adminEmail'] + FNULL = open(os.devnull, 'w') ### Check WP CLI @@ -101,37 +137,59 @@ class ApplicationInstaller(multi.Thread): statusFile.writelines('Setting up paths,0') statusFile.close() + finalPath = '' + try: website = ChildDomains.objects.get(domain=domainName) externalApp = website.master.externalApp - if admin.type != 1: - if website.master.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 + if home == '0': + path = self.extraArgs['path'] + finalPath = website.path.rstrip('/') + "/" + path + "/" + else: + finalPath = website.path + + + if website.master.package.dataBases > website.master.databases_set.all().count(): + pass + else: + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "Maximum database limit reached for this website." + " [404]") + statusFile.close() + return 0 + + statusFile = open(tempStatusPath, 'w') + statusFile.writelines('Setting up Database,20') + statusFile.close() + + dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website.master) except: website = Websites.objects.get(domain=domainName) externalApp = website.externalApp - if admin.type != 1: - if website.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 - - finalPath = "" + if home == '0': + path = self.extraArgs['path'] + finalPath = "/home/" + domainName + "/public_html/" + path + "/" + else: + finalPath = "/home/" + domainName + "/public_html/" - if home == '0': - path = self.extraArgs['path'] - finalPath = "/home/" + domainName + "/public_html/" + path + "/" - else: - finalPath = "/home/" + domainName + "/public_html/" + if website.package.dataBases > website.databases_set.all().count(): + pass + else: + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "Maximum database limit reached for this website." + " [404]") + statusFile.close() + return 0 + statusFile = open(tempStatusPath, 'w') + statusFile.writelines('Setting up Database,20') + statusFile.close() + + dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website) ## Security Check @@ -141,8 +199,6 @@ class ApplicationInstaller(multi.Thread): statusFile.close() return 0 - FNULL = open(os.devnull, 'w') - if not os.path.exists(finalPath): command = 'sudo mkdir -p ' + finalPath subprocess.call(shlex.split(command)) @@ -169,52 +225,6 @@ class ApplicationInstaller(multi.Thread): return 0 - - - ## DB Creation - - statusFile = open(tempStatusPath, 'w') - statusFile.writelines('Setting up Database,20') - statusFile.close() - - dbName = randomPassword.generate_pass() - dbUser = dbName - dbPassword = randomPassword.generate_pass() - - ## DB Creation - - if website.package.dataBases > website.databases_set.all().count(): - pass - else: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "Maximum database limit reached for this website." + " [404]") - statusFile.close() - return 0 - - if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter( - dbUser=dbUser).exists(): - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "This database or user is already taken." + " [404]") - statusFile.close() - return 0 - - result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword) - - if result == 1: - pass - else: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "Not able to create database." + " [404]") - statusFile.close() - return 0 - - db = Databases(website=website, dbName=dbName, dbUser=dbUser) - db.save() - - #### statusFile = open(tempStatusPath, 'w') @@ -261,14 +271,10 @@ class ApplicationInstaller(multi.Thread): ## - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + "/home/" + domainName + "/public_html/" + command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath cmd = shlex.split(command) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) - vhost.addRewriteRules(domainName) - installUtilities.reStartLiteSpeed() - - statusFile = open(tempStatusPath, 'w') statusFile.writelines("Successfully Installed. [200]") statusFile.close() @@ -277,23 +283,11 @@ class ApplicationInstaller(multi.Thread): except BaseException, msg: # remove the downloaded files - try: - - command = "sudo rm -rf " + finalPath - cmd = shlex.split(command) - res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) - - except BaseException, msg: - logging.writeToFile(str(msg) + " [installWordPress]") + FNULL = open(os.devnull, 'w') homeDir = "/home/" + domainName + "/public_html" if not os.path.exists(homeDir): - FNULL = open(os.devnull, 'w') - - command = 'sudo mkdir ' + homeDir - subprocess.call(shlex.split(command)) - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir cmd = shlex.split(command) @@ -325,9 +319,7 @@ class ApplicationInstaller(multi.Thread): password = self.extraArgs['password'] tempStatusPath = self.extraArgs['tempStatusPath'] - - ### Check WP CLI - + FNULL = open(os.devnull, 'w') ## Open Status File @@ -335,37 +327,57 @@ class ApplicationInstaller(multi.Thread): statusFile.writelines('Setting up paths,0') statusFile.close() + finalPath = '' + try: website = ChildDomains.objects.get(domain=domainName) externalApp = website.master.externalApp - if admin.type != 1: - if website.master.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 + if home == '0': + path = self.extraArgs['path'] + finalPath = website.path.rstrip('/') + "/" + path + "/" + else: + finalPath = website.path + "/" + + if website.master.package.dataBases > website.master.databases_set.all().count(): + pass + else: + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "Maximum database limit reached for this website." + " [404]") + statusFile.close() + return 0 + + statusFile = open(tempStatusPath, 'w') + statusFile.writelines('Setting up Database,20') + statusFile.close() + + dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website.master) except: website = Websites.objects.get(domain=domainName) externalApp = website.externalApp - if admin.type != 1: - if website.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 + if home == '0': + path = self.extraArgs['path'] + finalPath = "/home/" + domainName + "/public_html/" + path + "/" + else: + finalPath = "/home/" + domainName + "/public_html/" - finalPath = "" + if website.package.dataBases > website.databases_set.all().count(): + pass + else: + statusFile = open(tempStatusPath, 'w') + statusFile.writelines( + "Maximum database limit reached for this website." + " [404]") + statusFile.close() + return 0 + statusFile = open(tempStatusPath, 'w') + statusFile.writelines('Setting up Database,20') + statusFile.close() - if home == '0': - path = self.extraArgs['path'] - finalPath = "/home/" + domainName + "/public_html/" + path + "/" - else: - finalPath = "/home/" + domainName + "/public_html/" - + dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website) ## Security Check @@ -375,8 +387,6 @@ class ApplicationInstaller(multi.Thread): statusFile.close() return 0 - FNULL = open(os.devnull, 'w') - if not os.path.exists(finalPath): command = 'sudo mkdir -p ' + finalPath subprocess.call(shlex.split(command)) @@ -402,53 +412,6 @@ class ApplicationInstaller(multi.Thread): statusFile.close() return 0 - - - - ## DB Creation - - statusFile = open(tempStatusPath, 'w') - statusFile.writelines('Setting up Database,20') - statusFile.close() - - dbName = randomPassword.generate_pass() - dbUser = dbName - dbPassword = randomPassword.generate_pass() - - ## DB Creation - - if website.package.dataBases > website.databases_set.all().count(): - pass - else: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "Maximum database limit reached for this website." + " [404]") - statusFile.close() - return 0 - - if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter( - dbUser=dbUser).exists(): - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "This database or user is already taken." + " [404]") - statusFile.close() - return 0 - - result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword) - - if result == 1: - pass - else: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines( - "Not able to create database." + " [404]") - statusFile.close() - return 0 - - db = Databases(website=website, dbName=dbName, dbUser=dbUser) - db.save() - - #### statusFile = open(tempStatusPath, 'w') @@ -488,12 +451,12 @@ class ApplicationInstaller(multi.Thread): ## - command = "sudo rm -rf" + finalPath + "install" + command = "sudo rm -rf " + finalPath + "install" subprocess.call(shlex.split(command)) ## - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + "/home/" + domainName + "/public_html/" + command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath cmd = shlex.split(command) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) @@ -501,10 +464,6 @@ class ApplicationInstaller(multi.Thread): cmd = shlex.split(command) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) - vhost.addRewriteRules(domainName) - installUtilities.reStartLiteSpeed() - - statusFile = open(tempStatusPath, 'w') statusFile.writelines("Successfully Installed. [200]") statusFile.close() @@ -513,24 +472,10 @@ class ApplicationInstaller(multi.Thread): except BaseException, msg: # remove the downloaded files - try: - - command = "sudo rm -rf " + finalPath - cmd = shlex.split(command) - res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) - - except BaseException, msg: - logging.writeToFile(str(msg) + " [installWordPress]") homeDir = "/home/" + domainName + "/public_html" if not os.path.exists(homeDir): - FNULL = open(os.devnull, 'w') - - command = 'sudo mkdir ' + homeDir - subprocess.call(shlex.split(command)) - - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir cmd = shlex.split(command) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) @@ -561,9 +506,6 @@ class ApplicationInstaller(multi.Thread): statusFile.writelines('Checking if GIT installed..,0') statusFile.close() - finalPath = "/home/" + domainName + "/public_html/" - - ### Check git try: @@ -596,24 +538,12 @@ class ApplicationInstaller(multi.Thread): try: website = ChildDomains.objects.get(domain=domainName) externalApp = website.master.externalApp - - if admin.type != 1: - if website.master.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 + finalPath = website.path except: website = Websites.objects.get(domain=domainName) externalApp = website.externalApp - - if admin.type != 1: - if website.admin != admin: - statusFile = open(tempStatusPath, 'w') - statusFile.writelines("You do not own this website." + " [404]") - statusFile.close() - return 0 + finalPath = "/home/" + domainName + "/public_html/" ## Security Check @@ -703,13 +633,20 @@ class ApplicationInstaller(multi.Thread): try: domain = self.extraArgs['domain'] + try: + website = Websites.objects.get(domain=domain) + finalPath = "/home/" + domain + "/public_html/" + except: + childDomain = ChildDomains.objects.get(domain=domain) + finalPath = childDomain.path + path = '/home/cyberpanel/' + domain + '.git' if not os.path.exists(path): logging.writeToFile('Git is not setup for this website.') return 0 - command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C /home/' + domain + '/public_html/ pull' + command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C ' + finalPath + ' pull' subprocess.check_output(shlex.split(command)) website = Websites.objects.get(domain=domain) @@ -717,7 +654,7 @@ class ApplicationInstaller(multi.Thread): ## - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + '/home/' + domain + '/public_html/' + command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath cmd = shlex.split(command) subprocess.call(cmd) @@ -737,30 +674,28 @@ class ApplicationInstaller(multi.Thread): website = ChildDomains.objects.get(domain=domain) externalApp = website.master.externalApp - if admin.type != 1: - if website.master.admin != admin: - logging.writeToFile("You do not own this website, detach failed. [404]") - return 0 except: website = Websites.objects.get(domain=domain) externalApp = website.externalApp - if admin.type != 1: - if website.admin != admin: - logging.writeToFile("You do not own this website, detach failed. [404]") - return 0 + try: + website = Websites.objects.get(domain=domain) + finalPath = "/home/" + domain + "/public_html/" + except: + childDomain = ChildDomains.objects.get(domain=domain) + finalPath = childDomain.path - command = 'sudo rm -rf /home/' + domain + '/public_html' + command = 'sudo rm -rf ' + finalPath subprocess.check_output(shlex.split(command)) - command = 'sudo mkdir /home/' + domain + '/public_html' + command = 'sudo mkdir ' + finalPath subprocess.check_output(shlex.split(command)) ## - command = "sudo chown -R " + externalApp + ":" + externalApp + " " + '/home/' + domain + '/public_html' + command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath cmd = shlex.split(command) subprocess.call(cmd) @@ -926,10 +861,8 @@ class ApplicationInstaller(multi.Thread): shutil.rmtree(finalPath + "installation") - command = "chown -R " + virtualHostUser + ":" + virtualHostUser + " " + "/home/" + domainName + "/public_html/" - + command = "sudo chown -R " + virtualHostUser + ":" + virtualHostUser + " " + finalPath cmd = shlex.split(command) - res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) vhost.addRewriteRules(domainName) @@ -943,20 +876,21 @@ class ApplicationInstaller(multi.Thread): except BaseException, msg: # remove the downloaded files - try: - shutil.rmtree(finalPath) - except: - logging.writeToFile("shutil.rmtree(finalPath)") homeDir = "/home/" + domainName + "/public_html" if not os.path.exists(homeDir): - FNULL = open(os.devnull, 'w') - os.mkdir(homeDir) - command = "chown -R " + virtualHostUser + ":" + virtualHostUser + " " + homeDir + command = "sudo chown -R " + virtualHostUser + ":" + virtualHostUser + " " + homeDir cmd = shlex.split(command) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) + try: + mysqlUtilities.deleteDatabase(dbName, dbUser) + db = Databases.objects.get(dbName=dbName) + db.delete() + except: + pass + statusFile = open(tempStatusPath, 'w') statusFile.writelines(str(msg) + " [404]") statusFile.close() @@ -968,24 +902,16 @@ class ApplicationInstaller(multi.Thread): githubBranch = self.extraArgs['githubBranch'] admin = self.extraArgs['admin'] + try: - website = ChildDomains.objects.get(domain=domainName) - - if admin.type != 1: - if website.master.admin != admin: - logging.writeToFile("You do not own this website, failed to change branch. [404]") - return 0 - - except: website = Websites.objects.get(domain=domainName) - - if admin.type != 1: - if website.admin != admin: - logging.writeToFile("You do not own this website, failed to change branch. [404]") - return 0 + finalPath = "/home/" + domainName + "/public_html/" + except: + childDomain = ChildDomains.objects.get(domain=domainName) + finalPath = childDomain.path try: - command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C /home/' + domainName + '/public_html/ checkout -b' + githubBranch + command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C ' + finalPath + ' checkout -b ' + githubBranch subprocess.check_output(shlex.split(command)) except subprocess.CalledProcessError, msg: diff --git a/plogical/modSec.py b/plogical/modSec.py index 0ab8d6dd6..efcfae27b 100644 --- a/plogical/modSec.py +++ b/plogical/modSec.py @@ -11,7 +11,7 @@ from mailUtilities import mailUtilities class modSec: installLogPath = "/home/cyberpanel/modSecInstallLog" tempRulesFile = "/home/cyberpanel/tempModSecRules" - mirrorPath = "mirror.cyberpanel.net" + mirrorPath = "cyberpanel.net" @staticmethod @@ -450,10 +450,6 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-999-EXCL print "0," + str(msg) - - - - def main(): parser = argparse.ArgumentParser(description='CyberPanel Installer') diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 43d6b4e84..8cf6196e4 100644 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -12,6 +12,7 @@ import requests import json import time from baseTemplate.models import version +from CyberCP import settings class Upgrade: logPath = "/usr/local/lscp/logs/upgradeLog" @@ -32,7 +33,7 @@ class Upgrade: r = requests.get(url, verify=True) data = json.loads(r.text) version_number = str(data['version']) - version_build = str(0) + version_build = str(data['build']) return (version_number + "." + version_build + ".tar.gz") except BaseException, msg: Upgrade.stdOut(str(msg) + ' [downloadLink]') @@ -41,6 +42,7 @@ class Upgrade: @staticmethod def setupVirtualEnv(): try: + Upgrade.stdOut('Setting up virtual enviroment for CyberPanel.') ## count = 0 while (1): @@ -114,7 +116,7 @@ class Upgrade: Upgrade.stdOut( "Trying to install project dependant modules, trying again, try number: " + str(count)) if count == 3: - Upgrade.InstallLog.writeToFile( + Upgrade.stdOut( "Failed to install project dependant modules! [setupVirtualEnv]") break else: @@ -124,8 +126,12 @@ class Upgrade: command = "systemctl stop gunicorn.socket" res = subprocess.call(shlex.split(command)) + command = "virtualenv --system-site-packages /usr/local/CyberCP" res = subprocess.call(shlex.split(command)) + + Upgrade.stdOut('Virtual enviroment for CyberPanel successfully installed.') + except OSError, msg: Upgrade.stdOut(str(msg) + " [setupVirtualEnv]") os._exit(0) @@ -196,7 +202,6 @@ WantedBy=multi-user.target""" Upgrade.stdOut(str(msg) + " [updateGunicornConf]") os._exit(0) - @staticmethod def fileManager(): ## Copy File manager files @@ -239,27 +244,16 @@ WantedBy=multi-user.target""" @staticmethod def setupCLI(): try: - count = 0 - while (1): - command = "ln -s /usr/local/CyberCP/cli/cyberPanel.py /usr/bin/cyberpanel" - res = subprocess.call(shlex.split(command)) - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to setup CLI, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut( - "Failed to setup CLI! [setupCLI]") - break - else: - Upgrade.stdOut("CLI setup successfull!") - break + command = "ln -s /usr/local/CyberCP/cli/cyberPanel.py /usr/bin/cyberpanel" + res = subprocess.call(shlex.split(command)) command = "chmod +x /usr/local/CyberCP/cli/cyberPanel.py" res = subprocess.call(shlex.split(command)) except OSError, msg: + command = "chmod +x /usr/local/CyberCP/cli/cyberPanel.py" + res = subprocess.call(shlex.split(command)) Upgrade.stdOut(str(msg) + " [setupCLI]") return 0 @@ -313,52 +307,49 @@ WantedBy=multi-user.target""" cwd = os.getcwd() os.chdir('/usr/local/CyberCP') - try: - ## - command = "python manage.py makemigrations loginSystem" - res = subprocess.call(shlex.split(command)) + command = "echo 'CREATE TABLE `loginSystem_acl` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `name` varchar(50) NOT NULL UNIQUE, `adminStatus` integer NOT NULL, `versionManagement` integer NOT NULL, `createNewUser` integer NOT NULL, `deleteUser` integer NOT NULL, `resellerCenter` integer NOT NULL, `changeUserACL` integer NOT NULL, `createWebsite` integer NOT NULL, `modifyWebsite` integer NOT NULL, `suspendWebsite` integer NOT NULL, `deleteWebsite` integer NOT NULL, `createPackage` integer NOT NULL, `deletePackage` integer NOT NULL, `modifyPackage` integer NOT NULL, `createDatabase` integer NOT NULL, `deleteDatabase` integer NOT NULL, `listDatabases` integer NOT NULL, `createNameServer` integer NOT NULL, `createDNSZone` integer NOT NULL, `deleteZone` integer NOT NULL, `addDeleteRecords` integer NOT NULL, `createEmail` integer NOT NULL, `deleteEmail` integer NOT NULL, `emailForwarding` integer NOT NULL, `changeEmailPassword` integer NOT NULL, `dkimManager` integer NOT NULL, `createFTPAccount` integer NOT NULL, `deleteFTPAccount` integer NOT NULL, `listFTPAccounts` integer NOT NULL, `createBackup` integer NOT NULL, `restoreBackup` integer NOT NULL, `addDeleteDestinations` integer NOT NULL, `scheDuleBackups` integer NOT NULL, `remoteBackups` integer NOT NULL, `manageSSL` integer NOT NULL, `hostnameSSL` integer NOT NULL, `mailServerSSL` integer NOT NULL);' | python manage.py dbshell" + subprocess.check_output(command, shell=True) - command = "python manage.py migrate loginSystem" - res = subprocess.call(shlex.split(command)) - except: - pass + command = "echo 'ALTER TABLE loginSystem_administrator ADD acl_id integer;' | python manage.py dbshell" + subprocess.call(command, shell=True) - from loginSystem.models import Administrator, ACL + command = "echo 'ALTER TABLE loginSystem_administrator ADD FOREIGN KEY (acl_id) REFERENCES loginSystem_acl(id);' | python manage.py dbshell" + subprocess.check_output(command, shell=True) - adminACL = ACL(name='admin', adminStatus=1) - adminACL.save() + dbName = settings.DATABASES['default']['NAME'] + dbUser = settings.DATABASES['default']['USER'] + password = settings.DATABASES['default']['PASSWORD'] + host = settings.DATABASES['default']['HOST'] + port = settings.DATABASES['default']['PORT'] - ## Reseller ACL + if len(port) == 0: + port = '3306' - resellerACL = ACL(name='reseller', - createNewUser=1, - deleteUser=1, - createWebsite=1, - resellerCenter=1, - modifyWebsite=1, - suspendWebsite=1, - deleteWebsite=1, - createPackage=1, - deletePackage=1, - modifyPackage=1, - createNameServer=1, - restoreBackup=1, - ) - resellerACL.save() + passwordCMD = "use " + dbName+";insert into loginSystem_acl (id, name, adminStatus) values (1,'admin',1);" + command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"' + cmd = shlex.split(command) + subprocess.call(cmd) - ## User ACL - userACL = ACL(name='user') - userACL.save() + passwordCMD = "use " + dbName + ";insert into loginSystem_acl (id, name, adminStatus, createNewUser, deleteUser, createWebsite, resellerCenter, modifyWebsite, suspendWebsite, deleteWebsite, createPackage, deletePackage, modifyPackage, createNameServer, restoreBackup) values (2,'reseller',0,1,1,1,1,1,1,1,1,1,1,1,1);" + command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"' + cmd = shlex.split(command) + subprocess.call(cmd) - allUsers = Administrator.objects.all() + passwordCMD = "use " + dbName + ";insert into loginSystem_acl (id, name) values (3,'user');" + command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"' + cmd = shlex.split(command) + subprocess.call(cmd) - for items in allUsers: + passwordCMD = "use " + dbName + ";UPDATE loginSystem_administrator SET acl_id = 3;" + command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"' + cmd = shlex.split(command) + subprocess.call(cmd) - if items.userName == 'admin': - items.acl = adminACL - else: - items.acl = userACL + passwordCMD = "use " + dbName + ";UPDATE loginSystem_administrator SET acl_id = 1 where userName = 'admin';" + command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"' + cmd = shlex.split(command) + subprocess.call(cmd) os.chdir(cwd) @@ -366,19 +357,155 @@ WantedBy=multi-user.target""" Upgrade.stdOut(str(msg) + " [applyLoginSystemMigrations]") os._exit(0) + @staticmethod + def mailServerMigrations(): + try: + os.chdir('/usr/local/CyberCP') + + command = "echo 'ALTER TABLE e_forwardings DROP PRIMARY KEY;ALTER TABLE e_forwardings ADD id INT AUTO_INCREMENT PRIMARY KEY;' | python manage.py dbshell" + res = subprocess.check_output(command, shell=True) + + command = "python manage.py makemigrations emailPremium" + res = subprocess.call(shlex.split(command)) + + command = "python manage.py migrate emailPremium" + res = subprocess.call(shlex.split(command)) + except: + pass + + @staticmethod + def enableServices(): + try: + servicePath = '/home/cyberpanel/powerdns' + writeToFile = open(servicePath, 'w+') + writeToFile.close() + + servicePath = '/home/cyberpanel/postfix' + writeToFile = open(servicePath, 'w+') + writeToFile.close() + + servicePath = '/home/cyberpanel/pureftpd' + writeToFile = open(servicePath, 'w+') + writeToFile.close() + + except: + pass + + @staticmethod + def downloadAndUpgrade(Version, versionNumbring): + try: + ## Download latest version. + + count = 0 + while (1): + command = "wget https://cyberpanel.net/CyberPanel." + versionNumbring + res = subprocess.call(shlex.split(command)) + + if res == 1: + count = count + 1 + Upgrade.stdOut( + "Downloading latest version, trying again, try number: " + str(count)) + if count == 3: + Upgrade.stdOut("Failed to download latest version! [upgrade]") + os._exit(0) + else: + Upgrade.stdOut("Latest version successfully downloaded!") + break + + ## Backup settings file. + + Upgrade.stdOut("Backing up settings file.") + + shutil.copy("/usr/local/CyberCP/CyberCP/settings.py", "/usr/local/settings.py") + + Upgrade.stdOut("Settings file backed up.") + + ## Extract Latest files + + count = 1 + while (1): + command = "tar zxf CyberPanel." + versionNumbring + res = subprocess.call(shlex.split(command)) + + if res == 1: + count = count + 1 + Upgrade.stdOut( + "Trying to extract new version, trying again, try number: " + str(count)) + if count == 3: + Upgrade.stdOut("Failed to extract new version! [upgrade]") + os._exit(0) + else: + Upgrade.stdOut("New version successfully extracted!") + break + + ## Copy settings file + + Upgrade.stdOut('Restoring settings file!') + + data = open("/usr/local/settings.py", 'r').readlines() + writeToFile = open("/usr/local/CyberCP/CyberCP/settings.py", 'w') + + for items in data: + if items.find("'filemanager',") > -1: + writeToFile.writelines(items) + if Version.currentVersion == '1.6': + writeToFile.writelines(" 'emailPremium'\n") + else: + writeToFile.writelines(items) + + writeToFile.close() + + Upgrade.stdOut('Settings file restored!') + + ## Move static files + + Upgrade.staticContent() + + ## Upgrade File Manager + + Upgrade.fileManager() + except: + pass + + @staticmethod + def installTLDExtract(): + try: + count = 0 + while (1): + command = "pip install tldextract" + + res = subprocess.call(shlex.split(command)) + + if res == 1: + count = count + 1 + Upgrade.stdOut( + "Trying to install tldextract, trying again, try number: " + str(count)) + if count == 3: + Upgrade.stdOut( + "Failed to install tldextract! [installTLDExtract]") + else: + Upgrade.stdOut("tldextract successfully installed! [pip]") + Upgrade.stdOut("tldextract successfully installed! [pip]") + break + except OSError, msg: + Upgrade.stdOut(str(msg) + " [installTLDExtract]") + return 0 + + @staticmethod def upgrade(): os.chdir("/usr/local") - ## Current Version Version = version.objects.get(pk=1) - if Version.currentVersion == '1.7' and Version.build == 0: - Upgrade.stdOut('You can not upgrade to v1.7.1 via automatic upgrade.') - os._exit(0) + command = "systemctl stop gunicorn.socket" + res = subprocess.call(shlex.split(command)) + + command = "systemctl stop lscpd" + res = subprocess.call(shlex.split(command)) ## @@ -392,183 +519,31 @@ WantedBy=multi-user.target""" Upgrade.stdOut('Upgrades works for version 1.6 onwards.') os._exit(0) - ## RC Check + ## - rcCheck = 1 - - if os.path.exists('/usr/local/CyberCP/postfixSenderPolicy'): - rcCheck = 0 - - ## Download latest version. - - count = 0 - while (1): - command = "wget https://cyberpanel.net/CyberPanel." + versionNumbring - res = subprocess.call(shlex.split(command)) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Downloading latest version, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut("Failed to download latest version! [upgrade]") - os._exit(0) - else: - Upgrade.stdOut("Latest version successfully downloaded!") - break - - ## Backup settings file. - - Upgrade.stdOut("Backing up settings file.") - - shutil.copy("/usr/local/CyberCP/CyberCP/settings.py","/usr/local/settings.py") - - Upgrade.stdOut("Settings file backed up.") - - ## Extract Latest files - - count = 1 - while (1): - command = "tar zxf CyberPanel." + versionNumbring - res = subprocess.call(shlex.split(command)) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to extract new version, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut("Failed to extract new version! [upgrade]") - os._exit(0) - else: - Upgrade.stdOut("New version successfully extracted!") - break - - ## Copy settings file - - Upgrade.stdOut('Restoring settings file!') + Upgrade.downloadAndUpgrade(Version, versionNumbring) - data = open("/usr/local/settings.py", 'r').readlines() - writeToFile = open("/usr/local/CyberCP/CyberCP/settings.py", 'w') + ## - for items in data: - if items.find("'filemanager',") > -1: - writeToFile.writelines(items) - if Version.currentVersion == '1.6': - writeToFile.writelines(" 'emailPremium'\n") - else: - writeToFile.writelines(items) + Upgrade.installTLDExtract() - writeToFile.close() + ## - Upgrade.stdOut('Settings file restored!') + Upgrade.mailServerMigrations() - ## Move static files - - Upgrade.staticContent() - - ## Upgrade File Manager - - Upgrade.fileManager() + ## - ## Install TLDExtract - - count = 1 - while (1): - command = "pip install tldextract" - res = subprocess.call(shlex.split(command)) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to install tldextract, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut( - "Failed to install tldextract! [upgrade]") - os._exit(0) - else: - Upgrade.stdOut("tldextract successfully installed! [pip]") - break - - - - ## Install dnspython - - #command = "pip install dnspython" - #subprocess.call(shlex.split(command)) - - - ## MailServer Model Changes - - if Version.currentVersion == '1.6' and rcCheck : - os.chdir('/usr/local/CyberCP') - - count = 1 - while (1): - command = "echo 'ALTER TABLE e_forwardings DROP PRIMARY KEY;ALTER TABLE e_forwardings ADD id INT AUTO_INCREMENT PRIMARY KEY;' | python manage.py dbshell" - res = subprocess.check_output(command, shell=True) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to patch database for email forwarding, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut( - "Failed to patch database for email forwarding! [upgrade]") - os._exit(0) - - else: - Upgrade.stdOut("Database successfully patched for email forwarding!") - break - - count = 1 - while (1): - command = "python manage.py makemigrations emailPremium" - res = subprocess.call(shlex.split(command)) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to setup migration file for email limits, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut( - "Failed to setup migration file for email limits! [upgrade]") - os._exit(0) - else: - Upgrade.stdOut("Migrations file for email limits successfully prepared!") - break - - count = 1 - while (1): - command = "python manage.py migrate emailPremium" - res = subprocess.call(shlex.split(command)) - - if res == 1: - count = count + 1 - Upgrade.stdOut( - "Trying to execute migration file for email limits, trying again, try number: " + str(count)) - if count == 3: - Upgrade.stdOut( - "Failed to execute migration file for email limits! [upgrade]") - os._exit(0) - else: - Upgrade.stdOut("Migrations file for email limits successfully executed!") - break - - - Upgrade.stdOut('Setting up virtual enviroment for CyberPanel.') Upgrade.setupVirtualEnv() - Upgrade.stdOut('Virtual enviroment for CyberPanel successfully installed.') - if Version.currentVersion == '1.6': - Upgrade.updateGunicornConf() - command = 'systemctl restart gunicorn.socket' - subprocess.call(shlex.split(command)) + Upgrade.updateGunicornConf() + + ## - #if Version.currentVersion == '1.7' and Version.build == 0: - # Upgrade.applyLoginSystemMigrations() - + if Version.currentVersion == '1.7' and Version.build == 0: + Upgrade.applyLoginSystemMigrations() + Upgrade.enableServices() ## Upgrade OpenLiteSpeed @@ -580,6 +555,8 @@ WantedBy=multi-user.target""" Upgrade.upgradeVersion() + command = "systemctl start lscpd" + res = subprocess.call(shlex.split(command)) Upgrade.stdOut("Upgrade Completed.") diff --git a/static/firewall/firewall.js b/static/firewall/firewall.js index 062e43dcf..ba9df9207 100644 --- a/static/firewall/firewall.js +++ b/static/firewall/firewall.js @@ -985,10 +985,15 @@ app.controller('modSec', function($scope, $http, $timeout, $window) { ///// ModSec configs + var modsecurity_status = false; var SecAuditEngine = false; var SecRuleEngine = false; + $('#modsecurity_status').change(function() { + modsecurity_status = $(this).prop('checked'); + }); + $('#SecAuditEngine').change(function() { SecAuditEngine = $(this).prop('checked'); }); @@ -1003,6 +1008,7 @@ app.controller('modSec', function($scope, $http, $timeout, $window) { $scope.modsecLoading = false; + $('#modsecurity_status').bootstrapToggle('off'); $('#SecAuditEngine').bootstrapToggle('off'); $('#SecRuleEngine').bootstrapToggle('off'); @@ -1031,6 +1037,9 @@ app.controller('modSec', function($scope, $http, $timeout, $window) { if(response.data.installed === 1) { + if (response.data.modsecurity === 1) { + $('#modsecurity_status').bootstrapToggle('on'); + } if (response.data.SecAuditEngine === 1) { $('#SecAuditEngine').bootstrapToggle('on'); } @@ -1073,12 +1082,13 @@ app.controller('modSec', function($scope, $http, $timeout, $window) { url = "/firewall/saveModSecConfigurations"; var data = { + modsecurity_status:modsecurity_status, SecAuditEngine:SecAuditEngine, SecRuleEngine:SecRuleEngine, SecDebugLogLevel:$scope.SecDebugLogLevel, SecAuditLogParts:$scope.SecAuditLogParts, SecAuditLogRelevantStatus:$scope.SecAuditLogRelevantStatus, - SecAuditLogType:$scope.SecAuditLogType + SecAuditLogType:$scope.SecAuditLogType, }; var config = { @@ -1483,6 +1493,8 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { $scope.modsecLoading = false; + + url = "/firewall/enableDisableRuleFile"; var data = { @@ -1516,12 +1528,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { $scope.installationFailed = true; $scope.installationSuccess = false; - new PNotify({ - title: 'Success!', - text: 'Changes successfully applied.', - type:'success' - }); - $scope.fetchRulesFile(packName); }else{ @@ -1534,12 +1540,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { $scope.installationFailed = false; $scope.installationSuccess = true; - new PNotify({ - title: 'Error!', - text: response.data.error_message, - type:'error' - }); - $scope.errorMessage = response.data.error_message; } @@ -1553,12 +1553,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) { $scope.couldNotConnect = false; $scope.installationFailed = true; $scope.installationSuccess = true; - - new PNotify({ - title: 'Error!', - text: 'Could not connect to server, please refresh this page.', - type:'error' - }); } } diff --git a/userManagment/views.py b/userManagment/views.py index e325e9c3b..d1d3a02ab 100644 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -393,7 +393,7 @@ def createACLFunc(request): finalResponse = { 'status': 1} else: - finalResponse = ACLManager.loadErrorJson() + return ACLManager.loadErrorJson() json_data = json.dumps(finalResponse) return HttpResponse(json_data) @@ -431,7 +431,7 @@ def deleteACLFunc(request): else: finalResponse = {'status': 0, 'errorMesssage' : 'This ACL is currently in used by existing users.'} else: - finalResponse = ACLManager.loadErrorJson() + return ACLManager.loadErrorJson() json_data = json.dumps(finalResponse) return HttpResponse(json_data) @@ -535,7 +535,7 @@ def fetchACLDetails(request): finalResponse['status'] = 1 else: - finalResponse = ACLManager.loadErrorJson() + return ACLManager.loadErrorJson() json_data = json.dumps(finalResponse) return HttpResponse(json_data) diff --git a/websiteFunctions/views.py b/websiteFunctions/views.py index 6ca60b423..63bd8a66c 100644 --- a/websiteFunctions/views.py +++ b/websiteFunctions/views.py @@ -1866,7 +1866,6 @@ def installWordpressStatus(request): try: val = request.session['userID'] admin = Administrator.objects.get(pk=val) - if request.method == 'POST': try: data = json.loads(request.body)