Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-10-31 10:26:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bug fixes

Browse Source
This commit is contained in:
usmannasir
2018-08-21 13:10:40 +05:00
parent 6c33b38d9f
commit 5c014765db
14 changed files with 437 additions and 555 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dns/views.py
View File

@@ -652,7 +652,7 @@ def submitZoneDeletion(request):
if currentACL['admin'] == 1: if currentACL['admin'] == 1:
if delZone.admin != admin: if delZone.admin != admin:
ACLManager.loadErrorJson() return ACLManager.loadErrorJson()
delZone.delete() delZone.delete()

4
emailPremium/templates/emailPremium/policyServer.html
View File

@@ -27,7 +27,7 @@
<form action="/" id="createPackages" class="form-horizontal bordered-row"> <form action="/" id="createPackages" class="form-horizontal bordered-row">
<div class="form-group"> <div class="form-group">
<label class="col-sm-4 control-label">Server Status</label> <label class="col-sm-4 control-label">{% trans "Server Status" %}</label>
<div class="col-sm-6"> <div class="col-sm-6">
<input type="checkbox" id="policServerStatus" data-toggle="toggle"> <input type="checkbox" id="policServerStatus" data-toggle="toggle">
</div> </div>
@@ -78,4 +78,4 @@
</div> </div>
{% endblock %} {% endblock %}

20
filemanager/templates/filemanager/index.html
View File

@@ -697,17 +697,17 @@
<div style="position: absolute;top: 0;left: 0;" id="rightClick" class="card" style="width: 20rem;"> <div style="position: absolute;top: 0;left: 0;" id="rightClick" class="card" style="width: 20rem;">
<ul class="list-group list-group-flush"> <ul class="list-group list-group-flush">
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showMoveModal()" href="#"><li class="list-group-item"><i class="fa fa-arrows-alt" aria-hidden="true"></i> Move</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showMoveModal()" href="#"><li class="list-group-item"><i class="fa fa-arrows-alt" aria-hidden="true"></i> {% trans "Move" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" id="downloadOnRight" onclick="return false;" ng-click="downloadFile()" href="#"><li class="list-group-item"><i class="fa fa-download" aria-hidden="true"></i> Download</li></a> <a style="border-bottom: 1px solid #007bff;" id="downloadOnRight" onclick="return false;" ng-click="downloadFile()" href="#"><li class="list-group-item"><i class="fa fa-download" aria-hidden="true"></i> {% trans "Download" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showCopyModal()" href="#"><li class="list-group-item"><i class="fa fa-files-o" aria-hidden="true"></i> Copy</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showCopyModal()" href="#"><li class="list-group-item"><i class="fa fa-files-o" aria-hidden="true"></i> {% trans "Copy" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showRenameModal()" href="#"><li class="list-group-item"><i class="fa fa-file-text-o" aria-hidden="true"></i> Rename</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showRenameModal()" href="#"><li class="list-group-item"><i class="fa fa-file-text-o" aria-hidden="true"></i> {% trans "Rename" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showPermissionsModal()" href="#"><li class="list-group-item"><i class="fa fa-lock" aria-hidden="true"></i> Change Permissions</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showPermissionsModal()" href="#"><li class="list-group-item"><i class="fa fa-lock" aria-hidden="true"></i> {% trans "Change Permissions" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showDeleteModal()" href="#"><li class="list-group-item"><i class="fa fa-trash" aria-hidden="true"></i> Delete</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showDeleteModal()" href="#"><li class="list-group-item"><i class="fa fa-trash" aria-hidden="true"></i> {% trans "Delete" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showCompressionModal()" href="#"><li class="list-group-item"><i class="fa fa-compress" aria-hidden="true"></i> Compress</li></a> <a style="border-bottom: 1px solid #007bff;" onclick="return false;" ng-click="showCompressionModal()" href="#"><li class="list-group-item"><i class="fa fa-compress" aria-hidden="true"></i> {% trans "Compress" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" id="extractOnRight" onclick="return false;" ng-click="showExtractionModal()" href="#"><li class="list-group-item"><i class="fa fa-expand" aria-hidden="true"></i> Extract</li></a> <a style="border-bottom: 1px solid #007bff;" id="extractOnRight" onclick="return false;" ng-click="showExtractionModal()" href="#"><li class="list-group-item"><i class="fa fa-expand" aria-hidden="true"></i> {% trans "Extract" %}</li></a>
<a style="border-bottom: 1px solid #007bff;" id="editOnRight" onclick="return false;" ng-click="showHTMLEditorModal()" href="#"><li class="list-group-item"><i class="fa fa-pencil-square-o" aria-hidden="true"></i> Edit</li></a> <a style="border-bottom: 1px solid #007bff;" id="editOnRight" onclick="return false;" ng-click="showHTMLEditorModal()" href="#"><li class="list-group-item"><i class="fa fa-pencil-square-o" aria-hidden="true"></i> {% trans "Edit" %}</li></a>
</ul> </ul>
</div> </div>
</body> </body>
</html> </html>

91
filemanager/views.py
View File

@@ -20,43 +20,36 @@ from plogical.acl import ACLManager
def loadFileManagerHome(request,domain): def loadFileManagerHome(request,domain):
try: try:
userID = request.session['userID'] userID = request.session['userID']
admin = Administrator.objects.get(pk=userID)
if Websites.objects.filter(domain=domain).exists(): if Websites.objects.filter(domain=domain).exists():
admin = Administrator.objects.get(pk=userID)
currentACL = ACLManager.loadedACL(userID) currentACL = ACLManager.loadedACL(userID)
if currentACL['admin'] == 1:
viewStatus = 1
if admin.type == 3:
viewStatus = 0
return render(request, 'filemanager/index.html', {"viewStatus": viewStatus}) if ACLManager.checkOwnership(domain, admin, currentACL) == 1:
return render(request, 'filemanager/index.html')
else: else:
website = Websites.objects.get(domain=domain) return ACLManager.loadError()
if website.admin == admin:
viewStatus = 1
if admin.type == 3:
viewStatus = 0
return render(request, 'filemanager/index.html', {"viewStatus": viewStatus})
else:
return HttpResponse("Domain ownership error.")
else: else:
return HttpResponse("Domain does not exists.") return HttpResponse("Domain does not exists.")
except KeyError: except KeyError:
return redirect(loadLoginPage) return redirect(loadLoginPage)
def changePermissions(request): def changePermissions(request):
try: try:
val = request.session['userID'] userID = request.session['userID']
admin = Administrator.objects.get(pk=userID)
try: try:
data = json.loads(request.body) data = json.loads(request.body)
domainName = data['domainName'] domainName = data['domainName']
currentACL = ACLManager.loadedACL(userID)
if ACLManager.checkOwnership(domainName, admin, currentACL) == 1:
pass
else:
return ACLManager.loadErrorJson('permissionsChanged', 0)
website = Websites.objects.get(domain=domainName) website = Websites.objects.get(domain=domainName)
externalApp = website.externalApp externalApp = website.externalApp
@@ -99,8 +92,6 @@ def downloadFile(request):
except KeyError: except KeyError:
return redirect(loadLoginPage) return redirect(loadLoginPage)
def createTemporaryFile(request): def createTemporaryFile(request):
try: try:
userID = request.session['userID'] userID = request.session['userID']
@@ -109,52 +100,32 @@ def createTemporaryFile(request):
admin = Administrator.objects.get(pk=userID) admin = Administrator.objects.get(pk=userID)
currentACL = ACLManager.loadedACL(userID)
if ACLManager.checkOwnership(domainName, admin, currentACL) == 1:
pass
else:
return ACLManager.loadErrorJson('createTemporaryFile', 0)
## Create file manager entry ## Create file manager entry
if Websites.objects.filter(domain=domainName).exists(): if Websites.objects.filter(domain=domainName).exists():
currentACL = ACLManager.loadedACL(userID) execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py"
if currentACL['admin'] == 1:
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py" execPath = execPath + " createTemporaryFile --domainName " + domainName
execPath = execPath + " createTemporaryFile --domainName " + domainName output = subprocess.check_output(shlex.split(execPath))
output = subprocess.check_output(shlex.split(execPath)) if output.find("0,") > -1:
data_ret = {'createTemporaryFile': 0, 'error_message': "None"}
if output.find("0,") > -1: json_data = json.dumps(data_ret)
data_ret = {'createTemporaryFile': 0, 'error_message': "None"} return HttpResponse(json_data)
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
domainRandomSeed = output.rstrip('\n')
data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed':domainRandomSeed}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else: else:
website = Websites.objects.get(domain=domainName) domainRandomSeed = output.rstrip('\n')
if website.admin == admin: data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed': domainRandomSeed}
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/filemanager.py" json_data = json.dumps(data_ret)
return HttpResponse(json_data)
execPath = execPath + " createTemporaryFile --domainName " + domainName
output = subprocess.check_output(shlex.split(execPath))
if output.find("0,") > -1:
data_ret = {'createTemporaryFile': 0, 'error_message': "None"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
domainRandomSeed = output.rstrip('\n')
data_ret = {'createTemporaryFile': 1, 'error_message': "None", 'domainRandomSeed': domainRandomSeed}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
else:
data_ret = {'createTemporaryFile': 0, 'error_message': "Domain ownership error."}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
except KeyError: except KeyError:
return redirect(loadLoginPage) return redirect(loadLoginPage)

1
firewall/static/firewall/firewall.js
View File

@@ -1037,7 +1037,6 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
if(response.data.installed === 1) { if(response.data.installed === 1) {
if (response.data.modsecurity === 1) { if (response.data.modsecurity === 1) {
$('#modsecurity_status').bootstrapToggle('on'); $('#modsecurity_status').bootstrapToggle('on');
} }

1
manageServices/views.py
View File

@@ -27,6 +27,7 @@ def managePowerDNS(request):
return ACLManager.loadError() return ACLManager.loadError()
try: try:
return render(request, 'manageServices/managePowerDNS.html', {"status": 1}) return render(request, 'manageServices/managePowerDNS.html', {"status": 1})
except BaseException, msg: except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg)) logging.CyberCPLogFileWriter.writeToFile(str(msg))
return HttpResponse("See CyberCP main log file.") return HttpResponse("See CyberCP main log file.")

1
plogical/CyberCPLogFileWriter.py
View File

@@ -11,6 +11,7 @@ class CyberCPLogFileWriter:
file.writelines("[" + time.strftime( file.writelines("[" + time.strftime(
"%I-%M-%S-%a-%b-%Y") + "] "+ message + "\n") "%I-%M-%S-%a-%b-%Y") + "] "+ message + "\n")
file.close() file.close()
except IOError,msg: except IOError,msg:
return "Can not write to error file." return "Can not write to error file."

18
plogical/acl.py
View File

@@ -369,4 +369,22 @@ class ACLManager:
return domainsList return domainsList
@staticmethod
def checkOwnership(domain, admin, currentACL):
domainName = Websites.objects.get(domain=domain)
if currentACL['admin'] == 1:
return 1
elif domainName.admin == admin:
return 1
else:
if domainName.admin.owner == admin.pk:
return 1
else:
return 0

386
plogical/applicationInstaller.py
View File

@@ -71,6 +71,41 @@ class ApplicationInstaller(multi.Thread):
except BaseException, msg: except BaseException, msg:
logging.writeToFile( str(msg) + ' [ApplicationInstaller.installGit]') logging.writeToFile( str(msg) + ' [ApplicationInstaller.installGit]')
def dbCreation(self, tempStatusPath, website):
try:
dbName = randomPassword.generate_pass()
dbUser = dbName
dbPassword = randomPassword.generate_pass()
## DB Creation
if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter(
dbUser=dbUser).exists():
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"This database or user is already taken." + " [404]")
statusFile.close()
return 0
result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword)
if result == 1:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Not able to create database." + " [404]")
statusFile.close()
return 0
db = Databases(website=website, dbName=dbName, dbUser=dbUser)
db.save()
return dbName, dbUser, dbPassword
except BaseException, msg:
logging.writeToFile(str(msg) + '[ApplicationInstallerdbCreation]')
def installWordPress(self): def installWordPress(self):
try: try:
@@ -83,6 +118,7 @@ class ApplicationInstaller(multi.Thread):
adminPassword = self.extraArgs['adminPassword'] adminPassword = self.extraArgs['adminPassword']
adminEmail = self.extraArgs['adminEmail'] adminEmail = self.extraArgs['adminEmail']
FNULL = open(os.devnull, 'w')
### Check WP CLI ### Check WP CLI
@@ -101,37 +137,59 @@ class ApplicationInstaller(multi.Thread):
statusFile.writelines('Setting up paths,0') statusFile.writelines('Setting up paths,0')
statusFile.close() statusFile.close()
finalPath = ''
try: try:
website = ChildDomains.objects.get(domain=domainName) website = ChildDomains.objects.get(domain=domainName)
externalApp = website.master.externalApp externalApp = website.master.externalApp
if admin.type != 1: if home == '0':
if website.master.admin != admin: path = self.extraArgs['path']
statusFile = open(tempStatusPath, 'w') finalPath = website.path.rstrip('/') + "/" + path + "/"
statusFile.writelines("You do not own this website." + " [404]") else:
statusFile.close() finalPath = website.path
return 0
if website.master.package.dataBases > website.master.databases_set.all().count():
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website.master)
except: except:
website = Websites.objects.get(domain=domainName) website = Websites.objects.get(domain=domainName)
externalApp = website.externalApp externalApp = website.externalApp
if admin.type != 1: if home == '0':
if website.admin != admin: path = self.extraArgs['path']
statusFile = open(tempStatusPath, 'w') finalPath = "/home/" + domainName + "/public_html/" + path + "/"
statusFile.writelines("You do not own this website." + " [404]") else:
statusFile.close() finalPath = "/home/" + domainName + "/public_html/"
return 0
finalPath = ""
if home == '0': if website.package.dataBases > website.databases_set.all().count():
path = self.extraArgs['path'] pass
finalPath = "/home/" + domainName + "/public_html/" + path + "/" else:
else: statusFile = open(tempStatusPath, 'w')
finalPath = "/home/" + domainName + "/public_html/" statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website)
## Security Check ## Security Check
@@ -141,8 +199,6 @@ class ApplicationInstaller(multi.Thread):
statusFile.close() statusFile.close()
return 0 return 0
FNULL = open(os.devnull, 'w')
if not os.path.exists(finalPath): if not os.path.exists(finalPath):
command = 'sudo mkdir -p ' + finalPath command = 'sudo mkdir -p ' + finalPath
subprocess.call(shlex.split(command)) subprocess.call(shlex.split(command))
@@ -169,52 +225,6 @@ class ApplicationInstaller(multi.Thread):
return 0 return 0
## DB Creation
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
dbName = randomPassword.generate_pass()
dbUser = dbName
dbPassword = randomPassword.generate_pass()
## DB Creation
if website.package.dataBases > website.databases_set.all().count():
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter(
dbUser=dbUser).exists():
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"This database or user is already taken." + " [404]")
statusFile.close()
return 0
result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword)
if result == 1:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Not able to create database." + " [404]")
statusFile.close()
return 0
db = Databases(website=website, dbName=dbName, dbUser=dbUser)
db.save()
#### ####
statusFile = open(tempStatusPath, 'w') statusFile = open(tempStatusPath, 'w')
@@ -261,14 +271,10 @@ class ApplicationInstaller(multi.Thread):
## ##
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + "/home/" + domainName + "/public_html/" command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
vhost.addRewriteRules(domainName)
installUtilities.reStartLiteSpeed()
statusFile = open(tempStatusPath, 'w') statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Successfully Installed. [200]") statusFile.writelines("Successfully Installed. [200]")
statusFile.close() statusFile.close()
@@ -277,23 +283,11 @@ class ApplicationInstaller(multi.Thread):
except BaseException, msg: except BaseException, msg:
# remove the downloaded files # remove the downloaded files
try: FNULL = open(os.devnull, 'w')
command = "sudo rm -rf " + finalPath
cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
except BaseException, msg:
logging.writeToFile(str(msg) + " [installWordPress]")
homeDir = "/home/" + domainName + "/public_html" homeDir = "/home/" + domainName + "/public_html"
if not os.path.exists(homeDir): if not os.path.exists(homeDir):
FNULL = open(os.devnull, 'w')
command = 'sudo mkdir ' + homeDir
subprocess.call(shlex.split(command))
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir
cmd = shlex.split(command) cmd = shlex.split(command)
@@ -325,9 +319,7 @@ class ApplicationInstaller(multi.Thread):
password = self.extraArgs['password'] password = self.extraArgs['password']
tempStatusPath = self.extraArgs['tempStatusPath'] tempStatusPath = self.extraArgs['tempStatusPath']
FNULL = open(os.devnull, 'w')
### Check WP CLI
## Open Status File ## Open Status File
@@ -335,37 +327,57 @@ class ApplicationInstaller(multi.Thread):
statusFile.writelines('Setting up paths,0') statusFile.writelines('Setting up paths,0')
statusFile.close() statusFile.close()
finalPath = ''
try: try:
website = ChildDomains.objects.get(domain=domainName) website = ChildDomains.objects.get(domain=domainName)
externalApp = website.master.externalApp externalApp = website.master.externalApp
if admin.type != 1: if home == '0':
if website.master.admin != admin: path = self.extraArgs['path']
statusFile = open(tempStatusPath, 'w') finalPath = website.path.rstrip('/') + "/" + path + "/"
statusFile.writelines("You do not own this website." + " [404]") else:
statusFile.close() finalPath = website.path + "/"
return 0
if website.master.package.dataBases > website.master.databases_set.all().count():
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website.master)
except: except:
website = Websites.objects.get(domain=domainName) website = Websites.objects.get(domain=domainName)
externalApp = website.externalApp externalApp = website.externalApp
if admin.type != 1: if home == '0':
if website.admin != admin: path = self.extraArgs['path']
statusFile = open(tempStatusPath, 'w') finalPath = "/home/" + domainName + "/public_html/" + path + "/"
statusFile.writelines("You do not own this website." + " [404]") else:
statusFile.close() finalPath = "/home/" + domainName + "/public_html/"
return 0
finalPath = "" if website.package.dataBases > website.databases_set.all().count():
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
if home == '0': dbName, dbUser, dbPassword = self.dbCreation(tempStatusPath, website)
path = self.extraArgs['path']
finalPath = "/home/" + domainName + "/public_html/" + path + "/"
else:
finalPath = "/home/" + domainName + "/public_html/"
## Security Check ## Security Check
@@ -375,8 +387,6 @@ class ApplicationInstaller(multi.Thread):
statusFile.close() statusFile.close()
return 0 return 0
FNULL = open(os.devnull, 'w')
if not os.path.exists(finalPath): if not os.path.exists(finalPath):
command = 'sudo mkdir -p ' + finalPath command = 'sudo mkdir -p ' + finalPath
subprocess.call(shlex.split(command)) subprocess.call(shlex.split(command))
@@ -402,53 +412,6 @@ class ApplicationInstaller(multi.Thread):
statusFile.close() statusFile.close()
return 0 return 0
## DB Creation
statusFile = open(tempStatusPath, 'w')
statusFile.writelines('Setting up Database,20')
statusFile.close()
dbName = randomPassword.generate_pass()
dbUser = dbName
dbPassword = randomPassword.generate_pass()
## DB Creation
if website.package.dataBases > website.databases_set.all().count():
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Maximum database limit reached for this website." + " [404]")
statusFile.close()
return 0
if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter(
dbUser=dbUser).exists():
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"This database or user is already taken." + " [404]")
statusFile.close()
return 0
result = mysqlUtilities.createDatabase(dbName, dbUser, dbPassword)
if result == 1:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Not able to create database." + " [404]")
statusFile.close()
return 0
db = Databases(website=website, dbName=dbName, dbUser=dbUser)
db.save()
#### ####
statusFile = open(tempStatusPath, 'w') statusFile = open(tempStatusPath, 'w')
@@ -488,12 +451,12 @@ class ApplicationInstaller(multi.Thread):
## ##
command = "sudo rm -rf" + finalPath + "install" command = "sudo rm -rf " + finalPath + "install"
subprocess.call(shlex.split(command)) subprocess.call(shlex.split(command))
## ##
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + "/home/" + domainName + "/public_html/" command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
@@ -501,10 +464,6 @@ class ApplicationInstaller(multi.Thread):
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
vhost.addRewriteRules(domainName)
installUtilities.reStartLiteSpeed()
statusFile = open(tempStatusPath, 'w') statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Successfully Installed. [200]") statusFile.writelines("Successfully Installed. [200]")
statusFile.close() statusFile.close()
@@ -513,24 +472,10 @@ class ApplicationInstaller(multi.Thread):
except BaseException, msg: except BaseException, msg:
# remove the downloaded files # remove the downloaded files
try:
command = "sudo rm -rf " + finalPath
cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
except BaseException, msg:
logging.writeToFile(str(msg) + " [installWordPress]")
homeDir = "/home/" + domainName + "/public_html" homeDir = "/home/" + domainName + "/public_html"
if not os.path.exists(homeDir): if not os.path.exists(homeDir):
FNULL = open(os.devnull, 'w')
command = 'sudo mkdir ' + homeDir
subprocess.call(shlex.split(command))
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir command = "sudo chown -R " + externalApp + ":" + externalApp + " " + homeDir
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
@@ -561,9 +506,6 @@ class ApplicationInstaller(multi.Thread):
statusFile.writelines('Checking if GIT installed..,0') statusFile.writelines('Checking if GIT installed..,0')
statusFile.close() statusFile.close()
finalPath = "/home/" + domainName + "/public_html/"
### Check git ### Check git
try: try:
@@ -596,24 +538,12 @@ class ApplicationInstaller(multi.Thread):
try: try:
website = ChildDomains.objects.get(domain=domainName) website = ChildDomains.objects.get(domain=domainName)
externalApp = website.master.externalApp externalApp = website.master.externalApp
finalPath = website.path
if admin.type != 1:
if website.master.admin != admin:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("You do not own this website." + " [404]")
statusFile.close()
return 0
except: except:
website = Websites.objects.get(domain=domainName) website = Websites.objects.get(domain=domainName)
externalApp = website.externalApp externalApp = website.externalApp
finalPath = "/home/" + domainName + "/public_html/"
if admin.type != 1:
if website.admin != admin:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("You do not own this website." + " [404]")
statusFile.close()
return 0
## Security Check ## Security Check
@@ -703,13 +633,20 @@ class ApplicationInstaller(multi.Thread):
try: try:
domain = self.extraArgs['domain'] domain = self.extraArgs['domain']
try:
website = Websites.objects.get(domain=domain)
finalPath = "/home/" + domain + "/public_html/"
except:
childDomain = ChildDomains.objects.get(domain=domain)
finalPath = childDomain.path
path = '/home/cyberpanel/' + domain + '.git' path = '/home/cyberpanel/' + domain + '.git'
if not os.path.exists(path): if not os.path.exists(path):
logging.writeToFile('Git is not setup for this website.') logging.writeToFile('Git is not setup for this website.')
return 0 return 0
command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C /home/' + domain + '/public_html/ pull' command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C ' + finalPath + ' pull'
subprocess.check_output(shlex.split(command)) subprocess.check_output(shlex.split(command))
website = Websites.objects.get(domain=domain) website = Websites.objects.get(domain=domain)
@@ -717,7 +654,7 @@ class ApplicationInstaller(multi.Thread):
## ##
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + '/home/' + domain + '/public_html/' command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath
cmd = shlex.split(command) cmd = shlex.split(command)
subprocess.call(cmd) subprocess.call(cmd)
@@ -737,30 +674,28 @@ class ApplicationInstaller(multi.Thread):
website = ChildDomains.objects.get(domain=domain) website = ChildDomains.objects.get(domain=domain)
externalApp = website.master.externalApp externalApp = website.master.externalApp
if admin.type != 1:
if website.master.admin != admin:
logging.writeToFile("You do not own this website, detach failed. [404]")
return 0
except: except:
website = Websites.objects.get(domain=domain) website = Websites.objects.get(domain=domain)
externalApp = website.externalApp externalApp = website.externalApp
if admin.type != 1: try:
if website.admin != admin: website = Websites.objects.get(domain=domain)
logging.writeToFile("You do not own this website, detach failed. [404]") finalPath = "/home/" + domain + "/public_html/"
return 0 except:
childDomain = ChildDomains.objects.get(domain=domain)
finalPath = childDomain.path
command = 'sudo rm -rf /home/' + domain + '/public_html' command = 'sudo rm -rf ' + finalPath
subprocess.check_output(shlex.split(command)) subprocess.check_output(shlex.split(command))
command = 'sudo mkdir /home/' + domain + '/public_html' command = 'sudo mkdir ' + finalPath
subprocess.check_output(shlex.split(command)) subprocess.check_output(shlex.split(command))
## ##
command = "sudo chown -R " + externalApp + ":" + externalApp + " " + '/home/' + domain + '/public_html' command = "sudo chown -R " + externalApp + ":" + externalApp + " " + finalPath
cmd = shlex.split(command) cmd = shlex.split(command)
subprocess.call(cmd) subprocess.call(cmd)
@@ -926,10 +861,8 @@ class ApplicationInstaller(multi.Thread):
shutil.rmtree(finalPath + "installation") shutil.rmtree(finalPath + "installation")
command = "chown -R " + virtualHostUser + ":" + virtualHostUser + " " + "/home/" + domainName + "/public_html/" command = "sudo chown -R " + virtualHostUser + ":" + virtualHostUser + " " + finalPath
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
vhost.addRewriteRules(domainName) vhost.addRewriteRules(domainName)
@@ -943,20 +876,21 @@ class ApplicationInstaller(multi.Thread):
except BaseException, msg: except BaseException, msg:
# remove the downloaded files # remove the downloaded files
try:
shutil.rmtree(finalPath)
except:
logging.writeToFile("shutil.rmtree(finalPath)")
homeDir = "/home/" + domainName + "/public_html" homeDir = "/home/" + domainName + "/public_html"
if not os.path.exists(homeDir): if not os.path.exists(homeDir):
FNULL = open(os.devnull, 'w') command = "sudo chown -R " + virtualHostUser + ":" + virtualHostUser + " " + homeDir
os.mkdir(homeDir)
command = "chown -R " + virtualHostUser + ":" + virtualHostUser + " " + homeDir
cmd = shlex.split(command) cmd = shlex.split(command)
res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT) res = subprocess.call(cmd, stdout=FNULL, stderr=subprocess.STDOUT)
try:
mysqlUtilities.deleteDatabase(dbName, dbUser)
db = Databases.objects.get(dbName=dbName)
db.delete()
except:
pass
statusFile = open(tempStatusPath, 'w') statusFile = open(tempStatusPath, 'w')
statusFile.writelines(str(msg) + " [404]") statusFile.writelines(str(msg) + " [404]")
statusFile.close() statusFile.close()
@@ -968,24 +902,16 @@ class ApplicationInstaller(multi.Thread):
githubBranch = self.extraArgs['githubBranch'] githubBranch = self.extraArgs['githubBranch']
admin = self.extraArgs['admin'] admin = self.extraArgs['admin']
try: try:
website = ChildDomains.objects.get(domain=domainName)
if admin.type != 1:
if website.master.admin != admin:
logging.writeToFile("You do not own this website, failed to change branch. [404]")
return 0
except:
website = Websites.objects.get(domain=domainName) website = Websites.objects.get(domain=domainName)
finalPath = "/home/" + domainName + "/public_html/"
if admin.type != 1: except:
if website.admin != admin: childDomain = ChildDomains.objects.get(domain=domainName)
logging.writeToFile("You do not own this website, failed to change branch. [404]") finalPath = childDomain.path
return 0
try: try:
command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C /home/' + domainName + '/public_html/ checkout -b' + githubBranch command = 'sudo GIT_SSH_COMMAND="ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no" git -C ' + finalPath + ' checkout -b ' + githubBranch
subprocess.check_output(shlex.split(command)) subprocess.check_output(shlex.split(command))
except subprocess.CalledProcessError, msg: except subprocess.CalledProcessError, msg:

6
plogical/modSec.py
View File

@@ -11,7 +11,7 @@ from mailUtilities import mailUtilities
class modSec: class modSec:
installLogPath = "/home/cyberpanel/modSecInstallLog" installLogPath = "/home/cyberpanel/modSecInstallLog"
tempRulesFile = "/home/cyberpanel/tempModSecRules" tempRulesFile = "/home/cyberpanel/tempModSecRules"
mirrorPath = "mirror.cyberpanel.net" mirrorPath = "cyberpanel.net"
@staticmethod @staticmethod
@@ -450,10 +450,6 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-999-EXCL
print "0," + str(msg) print "0," + str(msg)
def main(): def main():
parser = argparse.ArgumentParser(description='CyberPanel Installer') parser = argparse.ArgumentParser(description='CyberPanel Installer')

423
plogical/upgrade.py
View File

@@ -12,6 +12,7 @@ import requests
import json import json
import time import time
from baseTemplate.models import version from baseTemplate.models import version
from CyberCP import settings
class Upgrade: class Upgrade:
logPath = "/usr/local/lscp/logs/upgradeLog" logPath = "/usr/local/lscp/logs/upgradeLog"
@@ -32,7 +33,7 @@ class Upgrade:
r = requests.get(url, verify=True) r = requests.get(url, verify=True)
data = json.loads(r.text) data = json.loads(r.text)
version_number = str(data['version']) version_number = str(data['version'])
version_build = str(0) version_build = str(data['build'])
return (version_number + "." + version_build + ".tar.gz") return (version_number + "." + version_build + ".tar.gz")
except BaseException, msg: except BaseException, msg:
Upgrade.stdOut(str(msg) + ' [downloadLink]') Upgrade.stdOut(str(msg) + ' [downloadLink]')
@@ -41,6 +42,7 @@ class Upgrade:
@staticmethod @staticmethod
def setupVirtualEnv(): def setupVirtualEnv():
try: try:
Upgrade.stdOut('Setting up virtual enviroment for CyberPanel.')
## ##
count = 0 count = 0
while (1): while (1):
@@ -114,7 +116,7 @@ class Upgrade:
Upgrade.stdOut( Upgrade.stdOut(
"Trying to install project dependant modules, trying again, try number: " + str(count)) "Trying to install project dependant modules, trying again, try number: " + str(count))
if count == 3: if count == 3:
Upgrade.InstallLog.writeToFile( Upgrade.stdOut(
"Failed to install project dependant modules! [setupVirtualEnv]") "Failed to install project dependant modules! [setupVirtualEnv]")
break break
else: else:
@@ -124,8 +126,12 @@ class Upgrade:
command = "systemctl stop gunicorn.socket" command = "systemctl stop gunicorn.socket"
res = subprocess.call(shlex.split(command)) res = subprocess.call(shlex.split(command))
command = "virtualenv --system-site-packages /usr/local/CyberCP" command = "virtualenv --system-site-packages /usr/local/CyberCP"
res = subprocess.call(shlex.split(command)) res = subprocess.call(shlex.split(command))
Upgrade.stdOut('Virtual enviroment for CyberPanel successfully installed.')
except OSError, msg: except OSError, msg:
Upgrade.stdOut(str(msg) + " [setupVirtualEnv]") Upgrade.stdOut(str(msg) + " [setupVirtualEnv]")
os._exit(0) os._exit(0)
@@ -196,7 +202,6 @@ WantedBy=multi-user.target"""
Upgrade.stdOut(str(msg) + " [updateGunicornConf]") Upgrade.stdOut(str(msg) + " [updateGunicornConf]")
os._exit(0) os._exit(0)
@staticmethod @staticmethod
def fileManager(): def fileManager():
## Copy File manager files ## Copy File manager files
@@ -239,27 +244,16 @@ WantedBy=multi-user.target"""
@staticmethod @staticmethod
def setupCLI(): def setupCLI():
try: try:
count = 0
while (1):
command = "ln -s /usr/local/CyberCP/cli/cyberPanel.py /usr/bin/cyberpanel"
res = subprocess.call(shlex.split(command))
if res == 1: command = "ln -s /usr/local/CyberCP/cli/cyberPanel.py /usr/bin/cyberpanel"
count = count + 1 res = subprocess.call(shlex.split(command))
Upgrade.stdOut(
"Trying to setup CLI, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to setup CLI! [setupCLI]")
break
else:
Upgrade.stdOut("CLI setup successfull!")
break
command = "chmod +x /usr/local/CyberCP/cli/cyberPanel.py" command = "chmod +x /usr/local/CyberCP/cli/cyberPanel.py"
res = subprocess.call(shlex.split(command)) res = subprocess.call(shlex.split(command))
except OSError, msg: except OSError, msg:
command = "chmod +x /usr/local/CyberCP/cli/cyberPanel.py"
res = subprocess.call(shlex.split(command))
Upgrade.stdOut(str(msg) + " [setupCLI]") Upgrade.stdOut(str(msg) + " [setupCLI]")
return 0 return 0
@@ -313,52 +307,49 @@ WantedBy=multi-user.target"""
cwd = os.getcwd() cwd = os.getcwd()
os.chdir('/usr/local/CyberCP') os.chdir('/usr/local/CyberCP')
try: command = "echo 'CREATE TABLE `loginSystem_acl` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `name` varchar(50) NOT NULL UNIQUE, `adminStatus` integer NOT NULL, `versionManagement` integer NOT NULL, `createNewUser` integer NOT NULL, `deleteUser` integer NOT NULL, `resellerCenter` integer NOT NULL, `changeUserACL` integer NOT NULL, `createWebsite` integer NOT NULL, `modifyWebsite` integer NOT NULL, `suspendWebsite` integer NOT NULL, `deleteWebsite` integer NOT NULL, `createPackage` integer NOT NULL, `deletePackage` integer NOT NULL, `modifyPackage` integer NOT NULL, `createDatabase` integer NOT NULL, `deleteDatabase` integer NOT NULL, `listDatabases` integer NOT NULL, `createNameServer` integer NOT NULL, `createDNSZone` integer NOT NULL, `deleteZone` integer NOT NULL, `addDeleteRecords` integer NOT NULL, `createEmail` integer NOT NULL, `deleteEmail` integer NOT NULL, `emailForwarding` integer NOT NULL, `changeEmailPassword` integer NOT NULL, `dkimManager` integer NOT NULL, `createFTPAccount` integer NOT NULL, `deleteFTPAccount` integer NOT NULL, `listFTPAccounts` integer NOT NULL, `createBackup` integer NOT NULL, `restoreBackup` integer NOT NULL, `addDeleteDestinations` integer NOT NULL, `scheDuleBackups` integer NOT NULL, `remoteBackups` integer NOT NULL, `manageSSL` integer NOT NULL, `hostnameSSL` integer NOT NULL, `mailServerSSL` integer NOT NULL);' | python manage.py dbshell"
## subprocess.check_output(command, shell=True)
command = "python manage.py makemigrations loginSystem"
res = subprocess.call(shlex.split(command))
command = "python manage.py migrate loginSystem" command = "echo 'ALTER TABLE loginSystem_administrator ADD acl_id integer;' | python manage.py dbshell"
res = subprocess.call(shlex.split(command)) subprocess.call(command, shell=True)
except:
pass
from loginSystem.models import Administrator, ACL command = "echo 'ALTER TABLE loginSystem_administrator ADD FOREIGN KEY (acl_id) REFERENCES loginSystem_acl(id);' | python manage.py dbshell"
subprocess.check_output(command, shell=True)
adminACL = ACL(name='admin', adminStatus=1) dbName = settings.DATABASES['default']['NAME']
adminACL.save() dbUser = settings.DATABASES['default']['USER']
password = settings.DATABASES['default']['PASSWORD']
host = settings.DATABASES['default']['HOST']
port = settings.DATABASES['default']['PORT']
## Reseller ACL if len(port) == 0:
port = '3306'
resellerACL = ACL(name='reseller', passwordCMD = "use " + dbName+";insert into loginSystem_acl (id, name, adminStatus) values (1,'admin',1);"
createNewUser=1, command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"'
deleteUser=1, cmd = shlex.split(command)
createWebsite=1, subprocess.call(cmd)
resellerCenter=1,
modifyWebsite=1,
suspendWebsite=1,
deleteWebsite=1,
createPackage=1,
deletePackage=1,
modifyPackage=1,
createNameServer=1,
restoreBackup=1,
)
resellerACL.save()
## User ACL
userACL = ACL(name='user') passwordCMD = "use " + dbName + ";insert into loginSystem_acl (id, name, adminStatus, createNewUser, deleteUser, createWebsite, resellerCenter, modifyWebsite, suspendWebsite, deleteWebsite, createPackage, deletePackage, modifyPackage, createNameServer, restoreBackup) values (2,'reseller',0,1,1,1,1,1,1,1,1,1,1,1,1);"
userACL.save() command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"'
cmd = shlex.split(command)
subprocess.call(cmd)
allUsers = Administrator.objects.all() passwordCMD = "use " + dbName + ";insert into loginSystem_acl (id, name) values (3,'user');"
command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"'
cmd = shlex.split(command)
subprocess.call(cmd)
for items in allUsers: passwordCMD = "use " + dbName + ";UPDATE loginSystem_administrator SET acl_id = 3;"
command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"'
cmd = shlex.split(command)
subprocess.call(cmd)
if items.userName == 'admin': passwordCMD = "use " + dbName + ";UPDATE loginSystem_administrator SET acl_id = 1 where userName = 'admin';"
items.acl = adminACL command = 'sudo mysql --host=' + host + ' --port=' + port + ' -u ' + dbUser + ' -p' + password + ' -e "' + passwordCMD + '"'
else: cmd = shlex.split(command)
items.acl = userACL subprocess.call(cmd)
os.chdir(cwd) os.chdir(cwd)
@@ -366,19 +357,155 @@ WantedBy=multi-user.target"""
Upgrade.stdOut(str(msg) + " [applyLoginSystemMigrations]") Upgrade.stdOut(str(msg) + " [applyLoginSystemMigrations]")
os._exit(0) os._exit(0)
@staticmethod
def mailServerMigrations():
try:
os.chdir('/usr/local/CyberCP')
command = "echo 'ALTER TABLE e_forwardings DROP PRIMARY KEY;ALTER TABLE e_forwardings ADD id INT AUTO_INCREMENT PRIMARY KEY;' | python manage.py dbshell"
res = subprocess.check_output(command, shell=True)
command = "python manage.py makemigrations emailPremium"
res = subprocess.call(shlex.split(command))
command = "python manage.py migrate emailPremium"
res = subprocess.call(shlex.split(command))
except:
pass
@staticmethod
def enableServices():
try:
servicePath = '/home/cyberpanel/powerdns'
writeToFile = open(servicePath, 'w+')
writeToFile.close()
servicePath = '/home/cyberpanel/postfix'
writeToFile = open(servicePath, 'w+')
writeToFile.close()
servicePath = '/home/cyberpanel/pureftpd'
writeToFile = open(servicePath, 'w+')
writeToFile.close()
except:
pass
@staticmethod
def downloadAndUpgrade(Version, versionNumbring):
try:
## Download latest version.
count = 0
while (1):
command = "wget https://cyberpanel.net/CyberPanel." + versionNumbring
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Downloading latest version, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut("Failed to download latest version! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("Latest version successfully downloaded!")
break
## Backup settings file.
Upgrade.stdOut("Backing up settings file.")
shutil.copy("/usr/local/CyberCP/CyberCP/settings.py", "/usr/local/settings.py")
Upgrade.stdOut("Settings file backed up.")
## Extract Latest files
count = 1
while (1):
command = "tar zxf CyberPanel." + versionNumbring
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to extract new version, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut("Failed to extract new version! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("New version successfully extracted!")
break
## Copy settings file
Upgrade.stdOut('Restoring settings file!')
data = open("/usr/local/settings.py", 'r').readlines()
writeToFile = open("/usr/local/CyberCP/CyberCP/settings.py", 'w')
for items in data:
if items.find("'filemanager',") > -1:
writeToFile.writelines(items)
if Version.currentVersion == '1.6':
writeToFile.writelines(" 'emailPremium'\n")
else:
writeToFile.writelines(items)
writeToFile.close()
Upgrade.stdOut('Settings file restored!')
## Move static files
Upgrade.staticContent()
## Upgrade File Manager
Upgrade.fileManager()
except:
pass
@staticmethod
def installTLDExtract():
try:
count = 0
while (1):
command = "pip install tldextract"
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to install tldextract, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to install tldextract! [installTLDExtract]")
else:
Upgrade.stdOut("tldextract successfully installed! [pip]")
Upgrade.stdOut("tldextract successfully installed! [pip]")
break
except OSError, msg:
Upgrade.stdOut(str(msg) + " [installTLDExtract]")
return 0
@staticmethod @staticmethod
def upgrade(): def upgrade():
os.chdir("/usr/local") os.chdir("/usr/local")
## Current Version ## Current Version
Version = version.objects.get(pk=1) Version = version.objects.get(pk=1)
if Version.currentVersion == '1.7' and Version.build == 0: command = "systemctl stop gunicorn.socket"
Upgrade.stdOut('You can not upgrade to v1.7.1 via automatic upgrade.') res = subprocess.call(shlex.split(command))
os._exit(0)
command = "systemctl stop lscpd"
res = subprocess.call(shlex.split(command))
## ##
@@ -392,183 +519,31 @@ WantedBy=multi-user.target"""
Upgrade.stdOut('Upgrades works for version 1.6 onwards.') Upgrade.stdOut('Upgrades works for version 1.6 onwards.')
os._exit(0) os._exit(0)
## RC Check ##
rcCheck = 1 Upgrade.downloadAndUpgrade(Version, versionNumbring)
if os.path.exists('/usr/local/CyberCP/postfixSenderPolicy'):
rcCheck = 0
## Download latest version.
count = 0
while (1):
command = "wget https://cyberpanel.net/CyberPanel." + versionNumbring
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Downloading latest version, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut("Failed to download latest version! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("Latest version successfully downloaded!")
break
## Backup settings file.
Upgrade.stdOut("Backing up settings file.")
shutil.copy("/usr/local/CyberCP/CyberCP/settings.py","/usr/local/settings.py")
Upgrade.stdOut("Settings file backed up.")
## Extract Latest files
count = 1
while (1):
command = "tar zxf CyberPanel." + versionNumbring
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to extract new version, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut("Failed to extract new version! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("New version successfully extracted!")
break
## Copy settings file
Upgrade.stdOut('Restoring settings file!')
data = open("/usr/local/settings.py", 'r').readlines() ##
writeToFile = open("/usr/local/CyberCP/CyberCP/settings.py", 'w')
for items in data: Upgrade.installTLDExtract()
if items.find("'filemanager',") > -1:
writeToFile.writelines(items)
if Version.currentVersion == '1.6':
writeToFile.writelines(" 'emailPremium'\n")
else:
writeToFile.writelines(items)
writeToFile.close() ##
Upgrade.stdOut('Settings file restored!') Upgrade.mailServerMigrations()
## Move static files ##
Upgrade.staticContent()
## Upgrade File Manager
Upgrade.fileManager()
## Install TLDExtract
count = 1
while (1):
command = "pip install tldextract"
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to install tldextract, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to install tldextract! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("tldextract successfully installed! [pip]")
break
## Install dnspython
#command = "pip install dnspython"
#subprocess.call(shlex.split(command))
## MailServer Model Changes
if Version.currentVersion == '1.6' and rcCheck :
os.chdir('/usr/local/CyberCP')
count = 1
while (1):
command = "echo 'ALTER TABLE e_forwardings DROP PRIMARY KEY;ALTER TABLE e_forwardings ADD id INT AUTO_INCREMENT PRIMARY KEY;' | python manage.py dbshell"
res = subprocess.check_output(command, shell=True)
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to patch database for email forwarding, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to patch database for email forwarding! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("Database successfully patched for email forwarding!")
break
count = 1
while (1):
command = "python manage.py makemigrations emailPremium"
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to setup migration file for email limits, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to setup migration file for email limits! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("Migrations file for email limits successfully prepared!")
break
count = 1
while (1):
command = "python manage.py migrate emailPremium"
res = subprocess.call(shlex.split(command))
if res == 1:
count = count + 1
Upgrade.stdOut(
"Trying to execute migration file for email limits, trying again, try number: " + str(count))
if count == 3:
Upgrade.stdOut(
"Failed to execute migration file for email limits! [upgrade]")
os._exit(0)
else:
Upgrade.stdOut("Migrations file for email limits successfully executed!")
break
Upgrade.stdOut('Setting up virtual enviroment for CyberPanel.')
Upgrade.setupVirtualEnv() Upgrade.setupVirtualEnv()
Upgrade.stdOut('Virtual enviroment for CyberPanel successfully installed.') Upgrade.updateGunicornConf()
if Version.currentVersion == '1.6':
Upgrade.updateGunicornConf() ##
command = 'systemctl restart gunicorn.socket'
subprocess.call(shlex.split(command))
#if Version.currentVersion == '1.7' and Version.build == 0: if Version.currentVersion == '1.7' and Version.build == 0:
# Upgrade.applyLoginSystemMigrations() Upgrade.applyLoginSystemMigrations()
Upgrade.enableServices()
## Upgrade OpenLiteSpeed ## Upgrade OpenLiteSpeed
@@ -580,6 +555,8 @@ WantedBy=multi-user.target"""
Upgrade.upgradeVersion() Upgrade.upgradeVersion()
command = "systemctl start lscpd"
res = subprocess.call(shlex.split(command))
Upgrade.stdOut("Upgrade Completed.") Upgrade.stdOut("Upgrade Completed.")

32
static/firewall/firewall.js
View File

@@ -985,10 +985,15 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
///// ModSec configs ///// ModSec configs
var modsecurity_status = false;
var SecAuditEngine = false; var SecAuditEngine = false;
var SecRuleEngine = false; var SecRuleEngine = false;
$('#modsecurity_status').change(function() {
modsecurity_status = $(this).prop('checked');
});
$('#SecAuditEngine').change(function() { $('#SecAuditEngine').change(function() {
SecAuditEngine = $(this).prop('checked'); SecAuditEngine = $(this).prop('checked');
}); });
@@ -1003,6 +1008,7 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
$scope.modsecLoading = false; $scope.modsecLoading = false;
$('#modsecurity_status').bootstrapToggle('off');
$('#SecAuditEngine').bootstrapToggle('off'); $('#SecAuditEngine').bootstrapToggle('off');
$('#SecRuleEngine').bootstrapToggle('off'); $('#SecRuleEngine').bootstrapToggle('off');
@@ -1031,6 +1037,9 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
if(response.data.installed === 1) { if(response.data.installed === 1) {
if (response.data.modsecurity === 1) {
$('#modsecurity_status').bootstrapToggle('on');
}
if (response.data.SecAuditEngine === 1) { if (response.data.SecAuditEngine === 1) {
$('#SecAuditEngine').bootstrapToggle('on'); $('#SecAuditEngine').bootstrapToggle('on');
} }
@@ -1073,12 +1082,13 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
url = "/firewall/saveModSecConfigurations"; url = "/firewall/saveModSecConfigurations";
var data = { var data = {
modsecurity_status:modsecurity_status,
SecAuditEngine:SecAuditEngine, SecAuditEngine:SecAuditEngine,
SecRuleEngine:SecRuleEngine, SecRuleEngine:SecRuleEngine,
SecDebugLogLevel:$scope.SecDebugLogLevel, SecDebugLogLevel:$scope.SecDebugLogLevel,
SecAuditLogParts:$scope.SecAuditLogParts, SecAuditLogParts:$scope.SecAuditLogParts,
SecAuditLogRelevantStatus:$scope.SecAuditLogRelevantStatus, SecAuditLogRelevantStatus:$scope.SecAuditLogRelevantStatus,
SecAuditLogType:$scope.SecAuditLogType SecAuditLogType:$scope.SecAuditLogType,
}; };
var config = { var config = {
@@ -1483,6 +1493,8 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.modsecLoading = false; $scope.modsecLoading = false;
url = "/firewall/enableDisableRuleFile"; url = "/firewall/enableDisableRuleFile";
var data = { var data = {
@@ -1516,12 +1528,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.installationFailed = true; $scope.installationFailed = true;
$scope.installationSuccess = false; $scope.installationSuccess = false;
new PNotify({
title: 'Success!',
text: 'Changes successfully applied.',
type:'success'
});
$scope.fetchRulesFile(packName); $scope.fetchRulesFile(packName);
}else{ }else{
@@ -1534,12 +1540,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.installationFailed = false; $scope.installationFailed = false;
$scope.installationSuccess = true; $scope.installationSuccess = true;
new PNotify({
title: 'Error!',
text: response.data.error_message,
type:'error'
});
$scope.errorMessage = response.data.error_message; $scope.errorMessage = response.data.error_message;
} }
@@ -1553,12 +1553,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.couldNotConnect = false; $scope.couldNotConnect = false;
$scope.installationFailed = true; $scope.installationFailed = true;
$scope.installationSuccess = true; $scope.installationSuccess = true;
new PNotify({
title: 'Error!',
text: 'Could not connect to server, please refresh this page.',
type:'error'
});
} }
} }

6
userManagment/views.py
View File

@@ -393,7 +393,7 @@ def createACLFunc(request):
finalResponse = { 'status': 1} finalResponse = { 'status': 1}
else: else:
finalResponse = ACLManager.loadErrorJson() return ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse) json_data = json.dumps(finalResponse)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -431,7 +431,7 @@ def deleteACLFunc(request):
else: else:
finalResponse = {'status': 0, 'errorMesssage' : 'This ACL is currently in used by existing users.'} finalResponse = {'status': 0, 'errorMesssage' : 'This ACL is currently in used by existing users.'}
else: else:
finalResponse = ACLManager.loadErrorJson() return ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse) json_data = json.dumps(finalResponse)
return HttpResponse(json_data) return HttpResponse(json_data)
@@ -535,7 +535,7 @@ def fetchACLDetails(request):
finalResponse['status'] = 1 finalResponse['status'] = 1
else: else:
finalResponse = ACLManager.loadErrorJson() return ACLManager.loadErrorJson()
json_data = json.dumps(finalResponse) json_data = json.dumps(finalResponse)
return HttpResponse(json_data) return HttpResponse(json_data)

1
websiteFunctions/views.py
View File

@@ -1866,7 +1866,6 @@ def installWordpressStatus(request):
try: try:
val = request.session['userID'] val = request.session['userID']
admin = Administrator.objects.get(pk=val) admin = Administrator.objects.get(pk=val)
if request.method == 'POST': if request.method == 'POST':
try: try:
data = json.loads(request.body) data = json.loads(request.body)