diff --git a/api/urls.py b/api/urls.py index 9c63dcb57..89923e4fc 100755 --- a/api/urls.py +++ b/api/urls.py @@ -23,5 +23,6 @@ urlpatterns = [ url(r'^cyberPanelVersion', views.cyberPanelVersion, name='cyberPanelVersion'), url(r'^runAWSBackups$', views.runAWSBackups, name='runAWSBackups'), + url(r'^submitUserCreation$', views.submitUserCreation, name='submitUserCreation'), ] \ No newline at end of file diff --git a/api/views.py b/api/views.py index a87067f5d..759e3ef5a 100755 --- a/api/views.py +++ b/api/views.py @@ -18,6 +18,7 @@ from s3Backups.s3Backups import S3Backups from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging from plogical.processUtilities import ProcessUtilities from django.views.decorators.csrf import csrf_exempt +from userManagment.views import submitUserCreation # Create your views here. @csrf_exempt @@ -590,4 +591,35 @@ def runAWSBackups(request): s3 = S3Backups(request, None, 'runAWSBackups') s3.start() except BaseException, msg: - logging.writeToFile(str(msg) + ' [API.runAWSBackups]') \ No newline at end of file + logging.writeToFile(str(msg) + ' [API.runAWSBackups]') + + +@csrf_exempt +def submitUserCreation(request): + try: + if request.method == 'POST': + + data = json.loads(request.body) + + adminUser = data['adminUser'] + adminPass = data['adminPass'] + + admin = Administrator.objects.get(userName=adminUser) + + if admin.api == 0: + data_ret = {"status": 0, 'error_message': "API Access Disabled."} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + + if hashPassword.check_password(admin.password, adminPass): + return submitUserCreation(request) + else: + data_ret = {"status": 0, + 'error_message': "Could not authorize access to API"} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + + except BaseException, msg: + data_ret = {'changeStatus': 0, 'error_message': str(msg)} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) \ No newline at end of file