mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-11-14 17:26:17 +01:00
add security checks for gdrive
This commit is contained in:
Usman Nasir
@@ -60,7 +60,7 @@ class BackupManager:
|
|||||||
|
|
||||||
admin = Administrator.objects.get(pk=userID)
|
admin = Administrator.objects.get(pk=userID)
|
||||||
|
|
||||||
if ACLManager.currentContextPermission(currentACL, 'addDeleteDestinations') == 0:
|
if ACLManager.currentContextPermission(currentACL, 'createBackup') == 0:
|
||||||
return ACLManager.loadError()
|
return ACLManager.loadError()
|
||||||
|
|
||||||
gDriveAcctsList = []
|
gDriveAcctsList = []
|
||||||
@@ -81,7 +81,7 @@ class BackupManager:
|
|||||||
currentACL = ACLManager.loadedACL(userID)
|
currentACL = ACLManager.loadedACL(userID)
|
||||||
admin = Administrator.objects.get(pk=userID)
|
admin = Administrator.objects.get(pk=userID)
|
||||||
|
|
||||||
if ACLManager.currentContextPermission(currentACL, 'addDeleteDestinations') == 0:
|
if ACLManager.currentContextPermission(currentACL, 'createBackup') == 0:
|
||||||
return ACLManager.loadError()
|
return ACLManager.loadError()
|
||||||
|
|
||||||
gDriveData = {}
|
gDriveData = {}
|
||||||
@@ -114,6 +114,11 @@ class BackupManager:
|
|||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL) == 1:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
logs = gD.gdrivejoblogs_set.all().order_by('-id')
|
logs = gD.gdrivejoblogs_set.all().order_by('-id')
|
||||||
|
|
||||||
from s3Backups.s3Backups import S3Backups
|
from s3Backups.s3Backups import S3Backups
|
||||||
@@ -150,7 +155,6 @@ class BackupManager:
|
|||||||
|
|
||||||
json_data = json_data + ']'
|
json_data = json_data + ']'
|
||||||
|
|
||||||
|
|
||||||
data_ret = {'status': 1, 'logs': json_data, 'pagination': pagination}
|
data_ret = {'status': 1, 'logs': json_data, 'pagination': pagination}
|
||||||
json_data = json.dumps(data_ret)
|
json_data = json.dumps(data_ret)
|
||||||
return HttpResponse(json_data)
|
return HttpResponse(json_data)
|
||||||
@@ -176,6 +180,11 @@ class BackupManager:
|
|||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL) == 1:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
websites = gD.gdrivesites_set.all()
|
websites = gD.gdrivesites_set.all()
|
||||||
|
|
||||||
from s3Backups.s3Backups import S3Backups
|
from s3Backups.s3Backups import S3Backups
|
||||||
@@ -232,6 +241,11 @@ class BackupManager:
|
|||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL) == 1 and ACLManager.checkOwnership(selectedWebsite, admin, currentACL) == 1:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
gdSite = GDriveSites(owner=gD, domain=selectedWebsite)
|
gdSite = GDriveSites(owner=gD, domain=selectedWebsite)
|
||||||
gdSite.save()
|
gdSite.save()
|
||||||
|
|
||||||
@@ -257,6 +271,11 @@ class BackupManager:
|
|||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL):
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
gD.delete()
|
gD.delete()
|
||||||
|
|
||||||
data_ret = {'status': 1}
|
data_ret = {'status': 1}
|
||||||
@@ -281,6 +300,12 @@ class BackupManager:
|
|||||||
backupFrequency = data['backupFrequency']
|
backupFrequency = data['backupFrequency']
|
||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL):
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
gD.runTime = backupFrequency
|
gD.runTime = backupFrequency
|
||||||
|
|
||||||
gD.save()
|
gD.save()
|
||||||
@@ -307,6 +332,12 @@ class BackupManager:
|
|||||||
website = data['website']
|
website = data['website']
|
||||||
|
|
||||||
gD = GDrive.objects.get(name=selectedAccount)
|
gD = GDrive.objects.get(name=selectedAccount)
|
||||||
|
|
||||||
|
if ACLManager.checkGDriveOwnership(gD, admin, currentACL) == 1 and ACLManager.checkOwnership(website, admin, currentACL) == 1:
|
||||||
|
pass
|
||||||
|
else:
|
||||||
|
return ACLManager.loadErrorJson('status', 0)
|
||||||
|
|
||||||
sites = GDriveSites.objects.filter(owner=gD, domain=website)
|
sites = GDriveSites.objects.filter(owner=gD, domain=website)
|
||||||
|
|
||||||
for items in sites:
|
for items in sites:
|
||||||
|
|||||||
@@ -562,6 +562,22 @@ class ACLManager:
|
|||||||
else:
|
else:
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def checkGDriveOwnership(gD, admin, currentACL):
|
||||||
|
|
||||||
|
try:
|
||||||
|
if currentACL['admin'] == 1:
|
||||||
|
return 1
|
||||||
|
elif gD.owner == admin:
|
||||||
|
return 1
|
||||||
|
elif gD.owner.owner == admin.pk:
|
||||||
|
return 1
|
||||||
|
|
||||||
|
return 0
|
||||||
|
except:
|
||||||
|
return 0
|
||||||
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def checkOwnershipZone(domain, admin, currentACL):
|
def checkOwnershipZone(domain, admin, currentACL):
|
||||||
domain = Websites.objects.get(domain=domain)
|
domain = Websites.objects.get(domain=domain)
|
||||||
|
|||||||
Reference in New Issue
Block a user