diff --git a/ApachController/BackupUtil.py b/ApachController/BackupUtil.py index 418b861e6..3991d677e 100644 --- a/ApachController/BackupUtil.py +++ b/ApachController/BackupUtil.py @@ -1,9 +1,11 @@ import smtplib import time import argparse -import subprocess, shlex +import subprocess +import shlex import os + class BackupUtil: @staticmethod @@ -53,8 +55,6 @@ class BackupUtil: subprocess.call(command, shell=True) - - def main(): parser = argparse.ArgumentParser(description='CyberPanel Backup tool.') @@ -70,4 +70,4 @@ def main(): if __name__ == "__main__": - main() \ No newline at end of file + main() diff --git a/api/views.py b/api/views.py index a134aa302..8c61fa691 100755 --- a/api/views.py +++ b/api/views.py @@ -23,6 +23,7 @@ from userManagment.views import submitUserCreation as suc from userManagment.views import submitUserDeletion as duc # Create your views here. + @csrf_exempt def verifyConn(request): try: @@ -53,6 +54,7 @@ def verifyConn(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def createWebsite(request): data = json.loads(request.body) @@ -68,6 +70,7 @@ def createWebsite(request): wm = WebsiteManager() return wm.createWebsiteAPI(json.loads(request.body)) + @csrf_exempt def getPackagesListAPI(request): data = json.loads(request.body) @@ -82,10 +85,11 @@ def getPackagesListAPI(request): pm = PackagesManager() return pm.listPackagesAPI(data) else: - data_ret = {"status": 0,'error_message': "Could not authorize access to API"} + data_ret = {"status": 0, 'error_message': "Could not authorize access to API"} json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def getUserInfo(request): try: @@ -132,6 +136,7 @@ def getUserInfo(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def changeUserPassAPI(request): try: @@ -160,7 +165,6 @@ def changeUserPassAPI(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - websiteOwn = Administrator.objects.get(userName=websiteOwner) websiteOwn.password = hashPassword.hash_password(ownerPassword) websiteOwn.save() @@ -174,6 +178,7 @@ def changeUserPassAPI(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def submitUserDeletion(request): try: @@ -205,6 +210,7 @@ def submitUserDeletion(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def changePackageAPI(request): try: @@ -232,7 +238,6 @@ def changePackageAPI(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - website = Websites.objects.get(domain=websiteName) pack = Package.objects.get(packageName=packageName) @@ -248,6 +253,7 @@ def changePackageAPI(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def deleteWebsite(request): try: @@ -293,6 +299,7 @@ def deleteWebsite(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def submitWebsiteStatus(request): try: @@ -324,6 +331,7 @@ def submitWebsiteStatus(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def loginAPI(request): try: @@ -348,6 +356,7 @@ def loginAPI(request): json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def fetchSSHkey(request): try: @@ -365,7 +374,7 @@ def fetchSSHkey(request): if hashPassword.check_password(admin.password, password): - pubKey = os.path.join("/root",".ssh",'cyberpanel.pub') + pubKey = os.path.join("/root", ".ssh", 'cyberpanel.pub') execPath = "cat " + pubKey data = ProcessUtilities.outputExecutioner(execPath) @@ -373,13 +382,13 @@ def fetchSSHkey(request): 'status': 1, 'pubKeyStatus': 1, 'error_message': "None", - 'pubKey':data + 'pubKey': data } json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = { - 'status' : 0, + 'status': 0, 'pubKeyStatus': 0, 'error_message': "Could not authorize access to API." } @@ -387,10 +396,11 @@ def fetchSSHkey(request): return HttpResponse(json_data) except BaseException as msg: - data = {'status' : 0, 'pubKeyStatus': 0,'error_message': str(msg)} + data = {'status': 0, 'pubKeyStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def remoteTransfer(request): try: @@ -400,7 +410,6 @@ def remoteTransfer(request): username = data['username'] password = data['password'] - admin = Administrator.objects.get(userName=username) if admin.api == 0: @@ -418,7 +427,7 @@ def remoteTransfer(request): mailUtilities.checkHome() path = "/home/cyberpanel/accounts-" + str(randint(1000, 9999)) - writeToFile = open(path,'w') + writeToFile = open(path, 'w') for items in accountsToTransfer: writeToFile.writelines(items + "\n") @@ -439,10 +448,11 @@ def remoteTransfer(request): return HttpResponse(json_data) except BaseException as msg: - data = {'transferStatus': 0,'error_message': str(msg)} + data = {'transferStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def fetchAccountsFromRemoteServer(request): try: @@ -489,10 +499,11 @@ def fetchAccountsFromRemoteServer(request): return HttpResponse(json_data) except BaseException as msg: - data = {'fetchStatus': 0,'error_message': str(msg)} + data = {'fetchStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def FetchRemoteTransferStatus(request): try: @@ -511,10 +522,9 @@ def FetchRemoteTransferStatus(request): dir = "/home/backup/transfer-"+str(data['dir'])+"/backup_log" try: - command = "cat "+ dir + command = f"cat {dir}" status = ProcessUtilities.outputExecutioner(command) - if hashPassword.check_password(admin.password, password): final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "status": status}) @@ -527,13 +537,12 @@ def FetchRemoteTransferStatus(request): final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "status": "Just started.."}) return HttpResponse(final_json) - - except BaseException as msg: - data = {'fetchStatus': 0,'error_message': str(msg)} + data = {'fetchStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def cancelRemoteTransfer(request): try: @@ -551,8 +560,6 @@ def cancelRemoteTransfer(request): dir = "/home/backup/transfer-"+str(data['dir']) - - if hashPassword.check_password(admin.password, password): path = dir + "/pid" @@ -575,12 +582,12 @@ def cancelRemoteTransfer(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - except BaseException as msg: data = {'cancelStatus': 1, 'error_message': str(msg)} json_data = json.dumps(data) return HttpResponse(json_data) + @csrf_exempt def cyberPanelVersion(request): try: @@ -591,7 +598,6 @@ def cyberPanelVersion(request): adminUser = data['username'] adminPass = data['password'] - admin = Administrator.objects.get(userName=adminUser) if admin.api == 0: @@ -606,8 +612,8 @@ def cyberPanelVersion(request): data_ret = { "getVersion": 1, 'error_message': "none", - 'currentVersion':Version.currentVersion, - 'build':Version.build + 'currentVersion': Version.currentVersion, + 'build': Version.build } json_data = json.dumps(data_ret) @@ -628,6 +634,7 @@ def cyberPanelVersion(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def runAWSBackups(request): try: @@ -641,6 +648,7 @@ def runAWSBackups(request): except BaseException as msg: logging.writeToFile(str(msg) + ' [API.runAWSBackups]') + @csrf_exempt def submitUserCreation(request): try: @@ -672,6 +680,7 @@ def submitUserCreation(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def addFirewallRule(request): try: @@ -705,6 +714,7 @@ def addFirewallRule(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + @csrf_exempt def deleteFirewallRule(request): try: diff --git a/install/install.py b/install/install.py index 80998bdde..ea2f3598a 100755 --- a/install/install.py +++ b/install/install.py @@ -17,7 +17,7 @@ import stat VERSION = '2.1' BUILD = 1 -char_set = {'small': 'abcdefghijklmnopqrstuvwxyz','nums': '0123456789','big': 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'} +char_set = {'small': 'abcdefghijklmnopqrstuvwxyz', 'nums': '0123456789', 'big': 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'} def generate_pass(length=14): @@ -621,8 +621,8 @@ class preFlightsChecks: clScripts = ['/usr/local/CyberCP/CLScript/panel_info.py', '/usr/local/CyberCP/CLScript/CloudLinuxPackages.py', '/usr/local/CyberCP/CLScript/CloudLinuxUsers.py', - '/usr/local/CyberCP/CLScript/CloudLinuxDomains.py' - , '/usr/local/CyberCP/CLScript/CloudLinuxResellers.py', '/usr/local/CyberCP/CLScript/CloudLinuxAdmins.py', + '/usr/local/CyberCP/CLScript/CloudLinuxDomains.py', + '/usr/local/CyberCP/CLScript/CloudLinuxResellers.py', '/usr/local/CyberCP/CLScript/CloudLinuxAdmins.py', '/usr/local/CyberCP/CLScript/CloudLinuxDB.py', '/usr/local/CyberCP/CLScript/UserInfo.py'] for items in clScripts: @@ -1374,7 +1374,6 @@ imap_folder_list_limit = 0 logging.InstallLog.writeToFile("FirewallD installed and configured!") preFlightsChecks.stdOut("FirewallD installed and configured!") - except OSError as msg: logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [installFirewalld]") return 0 @@ -1654,7 +1653,6 @@ imap_folder_list_limit = 0 logging.InstallLog.writeToFile("LSCPD Daemon Set!") - except BaseException as msg: logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [setupLSCPDDaemon]") return 0 @@ -1895,7 +1893,6 @@ milter_default_action = accept command = "systemctl start postfix" preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) - except BaseException as msg: logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [configureOpenDKIM]") return 0 @@ -2040,12 +2037,12 @@ milter_default_action = accept CentOSPath = '/etc/redhat-release' if os.path.exists(CentOSPath): - command = 'yum install -y yum-plugin-copr' - preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) - command = 'yum copr enable -y copart/restic' - preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) - command = 'yum install -y restic' - preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + command = 'yum install -y yum-plugin-copr' + preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + command = 'yum copr enable -y copart/restic' + preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + command = 'yum install -y restic' + preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) else: command = 'apt-get update -y' @@ -2185,7 +2182,7 @@ def main(): logging.InstallLog.writeToFile("Starting CyberPanel installation..,10") preFlightsChecks.stdOut("Starting CyberPanel installation..") - if args.ent == None: + if args.ent is None: ent = 0 preFlightsChecks.stdOut("OpenLiteSpeed web server will be installed.") else: @@ -2195,7 +2192,7 @@ def main(): else: preFlightsChecks.stdOut("LiteSpeed Enterprise web server will be installed.") ent = 1 - if args.serial != None: + if args.serial is not None: serial = args.serial preFlightsChecks.stdOut("LiteSpeed Enterprise Serial detected: " + serial) else: @@ -2241,12 +2238,12 @@ def main(): remotemysql, mysqlhost, mysqldb, mysqluser, mysqlpassword, mysqlport) checks.mountTemp() - if args.port == None: + if args.port is None: port = "8090" else: port = args.port - if args.mysql == None: + if args.mysql is None: mysql = 'One' preFlightsChecks.stdOut("Single MySQL instance version will be installed.") else: @@ -2270,7 +2267,7 @@ def main(): checks.fix_selinux_issue() checks.install_psmisc() - if args.postfix == None: + if args.postfix is None: checks.install_postfix_dovecot() checks.setup_email_Passwords(installCyberPanel.InstallCyberPanel.mysqlPassword, mysql) checks.setup_postfix_dovecot_config(mysql) @@ -2297,7 +2294,7 @@ def main(): ## Install and Configure OpenDKIM. - if args.postfix == None: + if args.postfix is None: checks.installOpenDKIM() checks.configureOpenDKIM() else: @@ -2311,22 +2308,22 @@ def main(): checks.setupPythonWSGI() checks.setupLSCPDDaemon() - if args.redis != None: + if args.redis is not None: checks.installRedis() - if args.postfix != None: + if args.postfix is not None: checks.enableDisableEmail(args.postfix.lower()) else: preFlightsChecks.stdOut("Postfix will be installed and enabled.") checks.enableDisableEmail('on') - if args.powerdns != None: + if args.powerdns is not None: checks.enableDisableDNS(args.powerdns.lower()) else: preFlightsChecks.stdOut("PowerDNS will be installed and enabled.") checks.enableDisableDNS('on') - if args.ftp != None: + if args.ftp is not None: checks.enableDisableFTP(args.ftp.lower(), distro) else: preFlightsChecks.stdOut("Pure-FTPD will be installed and enabled.") diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index 6023978e9..5ddd4a1d4 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -74,7 +74,6 @@ class InstallCyberPanel: command = 'yum install -y openlitespeed' install.preFlightsChecks.call(command, self.distro, command, command, 1, 1, os.EX_OSERR) - else: try: try: @@ -201,7 +200,6 @@ class InstallCyberPanel: command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install lsphp80*' os.system(command) - elif self.distro == centos: command = 'yum -y groupinstall lsphp-all' install.preFlightsChecks.call(command, self.distro, command, command, 1, 1, os.EX_OSERR) @@ -678,7 +676,7 @@ def Main(cwd, mysql, distro, ent, serial=None, port="8090", ftp=None, dns=None, mysqlUtilities.createDatabase("cyberpanel", "cyberpanel", InstallCyberPanel.mysqlPassword, publicip) - if ftp == None: + if ftp is None: installer.installPureFTPD() installer.installPureFTPDConfigurations(mysql) installer.startPureFTPD() @@ -688,7 +686,7 @@ def Main(cwd, mysql, distro, ent, serial=None, port="8090", ftp=None, dns=None, installer.installPureFTPDConfigurations(mysql) installer.startPureFTPD() - if dns == None: + if dns is None: installer.installPowerDNS() installer.installPowerDNSConfigurations(InstallCyberPanel.mysqlPassword, mysql) installer.startPowerDNS() @@ -696,4 +694,4 @@ def Main(cwd, mysql, distro, ent, serial=None, port="8090", ftp=None, dns=None, if dns == 'ON': installer.installPowerDNS() installer.installPowerDNSConfigurations(InstallCyberPanel.mysqlPassword, mysql) - installer.startPowerDNS() \ No newline at end of file + installer.startPowerDNS() diff --git a/install/unInstall.py b/install/unInstall.py index 43838bb58..5b94ef8a4 100755 --- a/install/unInstall.py +++ b/install/unInstall.py @@ -8,7 +8,6 @@ import shlex import socket - class unInstallCyberPanel: def unInstallCyberPanelRepo(self): @@ -18,7 +17,7 @@ class unInstallCyberPanel: os.remove(copyPath) except OSError as msg: - logging.InstallLog.writeToFile(str(msg)+ " [unInstallCyberPanelRepo]") + logging.InstallLog.writeToFile(f"{str(msg)} [unInstallCyberPanelRepo]") def removeGunicorn(self): try: @@ -33,7 +32,6 @@ class unInstallCyberPanel: os.remove(socket) os.remove(conf) - except BaseException as msg: logging.InstallLog.writeToFile(str(msg) + " [removeGunicorn]") @@ -71,7 +69,6 @@ class unInstallCyberPanel: shutil.rmtree("/var/lib/mysql") os.remove("/etc/my.cnf") - except OSError as msg: logging.InstallLog.writeToFile(str(msg) + " [removeMysql]") return 0 @@ -84,13 +81,13 @@ class unInstallCyberPanel: def removeLiteSpeed(self): try: - command = 'yum -y remove openlitespeed' + command = 'yum -y remove openlitespeed' - cmd = shlex.split(command) + cmd = shlex.split(command) - res = subprocess.call(cmd) + res = subprocess.call(cmd) - shutil.rmtree("/usr/local/lsws") + shutil.rmtree("/usr/local/lsws") except OSError as msg: logging.InstallLog.writeToFile(str(msg) + " [removeLiteSpeed]") diff --git a/loginSystem/models.py b/loginSystem/models.py index ec8a00208..70178e821 100755 --- a/loginSystem/models.py +++ b/loginSystem/models.py @@ -2,107 +2,93 @@ from django.db import models from CyberCP.SecurityLevel import SecurityLevel -# Create your models here. class ACL(models.Model): - name = models.CharField(unique=True,max_length = 50) - adminStatus = models.IntegerField(default=0) + name = models.CharField(unique=True, max_length=50) + adminStatus = models.IntegerField(default=0) - ## Version Management - versionManagement = models.IntegerField(default=0) + ## Version Management + versionManagement = models.IntegerField(default=0) - ## User Management - createNewUser = models.IntegerField(default=0) - listUsers = models.IntegerField(default=0) - deleteUser = models.IntegerField(default=0) - resellerCenter = models.IntegerField(default=0) - changeUserACL = models.IntegerField(default=0) + ## User Management + createNewUser = models.IntegerField(default=0) + listUsers = models.IntegerField(default=0) + deleteUser = models.IntegerField(default=0) + resellerCenter = models.IntegerField(default=0) + changeUserACL = models.IntegerField(default=0) - ## Website Management + ## Website Management - createWebsite = models.IntegerField(default=0) - modifyWebsite = models.IntegerField(default=0) - suspendWebsite = models.IntegerField(default=0) - deleteWebsite = models.IntegerField(default=0) + createWebsite = models.IntegerField(default=0) + modifyWebsite = models.IntegerField(default=0) + suspendWebsite = models.IntegerField(default=0) + deleteWebsite = models.IntegerField(default=0) - ## Package Management + ## Package Management - createPackage = models.IntegerField(default=0) - listPackages = models.IntegerField(default=0) - deletePackage = models.IntegerField(default=0) - modifyPackage = models.IntegerField(default=0) + createPackage = models.IntegerField(default=0) + listPackages = models.IntegerField(default=0) + deletePackage = models.IntegerField(default=0) + modifyPackage = models.IntegerField(default=0) - ## Database Management + ## Database Management - createDatabase = models.IntegerField(default=1) - deleteDatabase = models.IntegerField(default=1) - listDatabases = models.IntegerField(default=1) + createDatabase = models.IntegerField(default=1) + deleteDatabase = models.IntegerField(default=1) + listDatabases = models.IntegerField(default=1) - ## DNS Management + ## DNS Management - createNameServer = models.IntegerField(default=0) - createDNSZone = models.IntegerField(default=1) - deleteZone = models.IntegerField(default=1) - addDeleteRecords = models.IntegerField(default=1) + createNameServer = models.IntegerField(default=0) + createDNSZone = models.IntegerField(default=1) + deleteZone = models.IntegerField(default=1) + addDeleteRecords = models.IntegerField(default=1) - ## Email Management + ## Email Management - createEmail = models.IntegerField(default=1) - listEmails = models.IntegerField(default=1) - deleteEmail = models.IntegerField(default=1) - emailForwarding = models.IntegerField(default=1) - changeEmailPassword = models.IntegerField(default=1) - dkimManager = models.IntegerField(default=1) + createEmail = models.IntegerField(default=1) + listEmails = models.IntegerField(default=1) + deleteEmail = models.IntegerField(default=1) + emailForwarding = models.IntegerField(default=1) + changeEmailPassword = models.IntegerField(default=1) + dkimManager = models.IntegerField(default=1) - ## FTP Management + ## FTP Management - createFTPAccount = models.IntegerField(default=1) - deleteFTPAccount = models.IntegerField(default=1) - listFTPAccounts = models.IntegerField(default=1) + createFTPAccount = models.IntegerField(default=1) + deleteFTPAccount = models.IntegerField(default=1) + listFTPAccounts = models.IntegerField(default=1) - ## Backup Management + ## Backup Management - createBackup = models.IntegerField(default=1) - restoreBackup = models.IntegerField(default=0) - addDeleteDestinations = models.IntegerField(default=0) - scheduleBackups = models.IntegerField(default=0) - remoteBackups = models.IntegerField(default=0) + createBackup = models.IntegerField(default=1) + restoreBackup = models.IntegerField(default=0) + addDeleteDestinations = models.IntegerField(default=0) + scheduleBackups = models.IntegerField(default=0) + remoteBackups = models.IntegerField(default=0) - ## SSL Management - - manageSSL = models.IntegerField(default=1) - hostnameSSL = models.IntegerField(default=0) - mailServerSSL = models.IntegerField(default=0) - config = models.TextField(default='{}') + ## SSL Management + manageSSL = models.IntegerField(default=1) + hostnameSSL = models.IntegerField(default=0) + mailServerSSL = models.IntegerField(default=0) + config = models.TextField(default='{}') class Administrator(models.Model): - userName = models.CharField(unique=True,max_length = 50) - password = models.CharField(max_length = 200) - firstName = models.CharField(max_length = 20,default="None") - lastName = models.CharField(max_length = 20,default="None") - email = models.CharField(max_length=50) - type = models.IntegerField() - owner = models.IntegerField(default=1) - token = models.CharField(max_length=500, default='None') - api = models.IntegerField(default=0) - securityLevel = models.IntegerField( - default=0, - choices=[(tag, tag.value) for tag in SecurityLevel] - ) - state = models.CharField(max_length=10, default='ACTIVE') - - initWebsitesLimit = models.IntegerField(default=0) - acl = models.ForeignKey(ACL, default=1, on_delete=models.PROTECT) - twoFA = models.IntegerField(default=0) - secretKey = models.CharField(max_length=50, default='None') - config = models.TextField(default='{}') - - - - - - - - + userName = models.CharField(unique=True, max_length=50) + password = models.CharField(max_length=200) + firstName = models.CharField(max_length=20, default="None") + lastName = models.CharField(max_length=20, default="None") + email = models.CharField(max_length=50) + type = models.IntegerField() + owner = models.IntegerField(default=1) + token = models.CharField(max_length=500, default='None') + api = models.IntegerField(default=0) + securityLevel = models.IntegerField(default=0, choices=[(tag, tag.value) for tag in SecurityLevel]) + state = models.CharField(max_length=10, default='ACTIVE') + initWebsitesLimit = models.IntegerField(default=0) + acl = models.ForeignKey(ACL, default=1, on_delete=models.PROTECT) + twoFA = models.IntegerField(default=0) + secretKey = models.CharField(max_length=50, default='None') + config = models.TextField(default='{}') diff --git a/loginSystem/tests.py b/loginSystem/tests.py index f0722b38b..615fb184f 100755 --- a/loginSystem/tests.py +++ b/loginSystem/tests.py @@ -36,11 +36,9 @@ class TestLogin(TestCase): json_data = json.loads(response.content) self.assertEqual(json_data['loginStatus'], 1) - ## Verify response = self.client.get(self.adminLogin) self.assertTemplateUsed(response, 'baseTemplate/homePage.html') ##logging.writeToFile(result.content) self.assertEqual(response.status_code, 200) - diff --git a/loginSystem/urls.py b/loginSystem/urls.py index 091b0afb7..1abdedada 100755 --- a/loginSystem/urls.py +++ b/loginSystem/urls.py @@ -5,4 +5,4 @@ urlpatterns = [ url(r'^$', views.loadLoginPage, name='adminLogin'), url(r'^verifyLogin$', views.verifyLogin, name='verifyLogin'), url(r'^logout$', views.logout, name='logout'), -] \ No newline at end of file +] diff --git a/loginSystem/views.py b/loginSystem/views.py index 4d600cb94..6d8e74f29 100644 --- a/loginSystem/views.py +++ b/loginSystem/views.py @@ -21,10 +21,11 @@ from django.utils import translation VERSION = '2.1' BUILD = 1 + def verifyLogin(request): try: userID = request.session['userID'] - data = {'userID' : userID, 'loginStatus': 1, 'error_message':"None"} + data = {'userID': userID, 'loginStatus': 1, 'error_message': "None"} json_data = json.dumps(data) return HttpResponse(json_data) except KeyError: @@ -83,7 +84,6 @@ def verifyLogin(request): response = HttpResponse() response.set_cookie(settings.LANGUAGE_COOKIE_NAME, user_Language) - admin = Administrator.objects.get(userName=username) if admin.state == 'SUSPENDED': @@ -101,8 +101,6 @@ def verifyLogin(request): response.write(json_data) return response - - if hashPassword.check_password(admin.password, password): if admin.twoFA: if request.session['twofa'] == 0: @@ -143,6 +141,7 @@ def verifyLogin(request): json_data = json.dumps(data) return HttpResponse(json_data) + @ensure_csrf_cookie def loadLoginPage(request): try: @@ -219,25 +218,25 @@ def loadLoginPage(request): token = hashPassword.generateToken('admin', '1234567') email = 'usman@cyberpersons.com' - admin = Administrator(userName="admin", password=password, type=1,email=email, - firstName="Cyber",lastName="Panel", acl=acl, token=token) + admin = Administrator(userName="admin", password=password, type=1, email=email, + firstName="Cyber", lastName="Panel", acl=acl, token=token) admin.save() vers = version(currentVersion=VERSION, build=BUILD) vers.save() - package = Package(admin=admin, packageName="Default", diskSpace=1000, - bandwidth=1000, ftpAccounts=1000, dataBases=1000, - emailAccounts=1000,allowedDomains=20) + package = Package(admin=admin, packageName="Default", diskSpace=1000, bandwidth=1000, ftpAccounts=1000, + dataBases=1000, emailAccounts=1000, allowedDomains=20) package.save() return render(request, 'loginSystem/login.html', {}) else: return render(request, 'loginSystem/login.html', {}) + @ensure_csrf_cookie def logout(request): try: del request.session['userID'] return render(request, 'loginSystem/login.html', {}) except: - return render(request,'loginSystem/login.html',{}) \ No newline at end of file + return render(request, 'loginSystem/login.html', {}) diff --git a/managePHP/models.py b/managePHP/models.py index 6b00d2e33..d6d1ceb00 100755 --- a/managePHP/models.py +++ b/managePHP/models.py @@ -3,11 +3,10 @@ from django.db import models -# Create your models here. - class PHP(models.Model): - phpVers = models.CharField(max_length=5,unique=True) + phpVers = models.CharField(max_length=5, unique=True) + class installedPackages(models.Model): phpVers = models.ForeignKey(PHP, on_delete=models.CASCADE) @@ -17,11 +16,11 @@ class installedPackages(models.Model): class ApachePHP(models.Model): - phpVers = models.CharField(max_length=5,unique=True) + phpVers = models.CharField(max_length=5, unique=True) + class installedPackagesApache(models.Model): phpVers = models.ForeignKey(ApachePHP, on_delete=models.CASCADE) extensionName = models.CharField(max_length=50) description = models.CharField(max_length=255) status = models.IntegerField() - diff --git a/userManagment/urls.py b/userManagment/urls.py index 4afc8e561..d203dde4f 100755 --- a/userManagment/urls.py +++ b/userManagment/urls.py @@ -9,28 +9,28 @@ urlpatterns = [ url(r'^submitUserCreation', views.submitUserCreation, name='submitUserCreation'), - url(r'^modifyUsers',views.modifyUsers,name="modifyUsers"), - url(r'^fetchUserDetails',views.fetchUserDetails,name="fetchUserDetails"), - url(r'^saveModifications',views.saveModifications,name="saveModifications"), + url(r'^modifyUsers', views.modifyUsers, name="modifyUsers"), + url(r'^fetchUserDetails', views.fetchUserDetails, name="fetchUserDetails"), + url(r'^saveModifications', views.saveModifications, name="saveModifications"), - url(r'^deleteUser',views.deleteUser,name="deleteUser"), - url(r'^submitUserDeletion',views.submitUserDeletion,name="submitUserDeletion"), + url(r'^deleteUser', views.deleteUser, name="deleteUser"), + url(r'^submitUserDeletion', views.submitUserDeletion, name="submitUserDeletion"), - url(r'^createNewACL$',views.createNewACL,name="createNewACL"), - url(r'^createACLFunc$',views.createACLFunc,name="createACLFunc"), - url(r'^deleteACL$',views.deleteACL,name="deleteACL"), - url(r'^deleteACLFunc$',views.deleteACLFunc,name="deleteACLFunc"), - url(r'^modifyACL$',views.modifyACL,name="modifyACL"), - url(r'^fetchACLDetails$',views.fetchACLDetails,name="fetchACLDetails"), - url(r'^submitACLModifications$',views.submitACLModifications,name="submitACLModifications"), - url(r'^changeUserACL$',views.changeUserACL,name="changeUserACL"), - url(r'^changeACLFunc$',views.changeACLFunc,name="changeACLFunc"), - url(r'^resellerCenter$',views.resellerCenter,name="resellerCenter"), - url(r'^saveResellerChanges$',views.saveResellerChanges,name="saveResellerChanges"), + url(r'^createNewACL$', views.createNewACL, name="createNewACL"), + url(r'^createACLFunc$', views.createACLFunc, name="createACLFunc"), + url(r'^deleteACL$', views.deleteACL, name="deleteACL"), + url(r'^deleteACLFunc$', views.deleteACLFunc, name="deleteACLFunc"), + url(r'^modifyACL$', views.modifyACL, name="modifyACL"), + url(r'^fetchACLDetails$', views.fetchACLDetails, name="fetchACLDetails"), + url(r'^submitACLModifications$', views.submitACLModifications, name="submitACLModifications"), + url(r'^changeUserACL$', views.changeUserACL, name="changeUserACL"), + url(r'^changeACLFunc$', views.changeACLFunc, name="changeACLFunc"), + url(r'^resellerCenter$', views.resellerCenter, name="resellerCenter"), + url(r'^saveResellerChanges$', views.saveResellerChanges, name="saveResellerChanges"), url(r'^apiAccess$', views.apiAccess, name="apiAccess"), url(r'^saveChangesAPIAccess$', views.saveChangesAPIAccess, name="saveChangesAPIAccess"), url(r'^listUsers$', views.listUsers, name="listUsers"), url(r'^fetchTableUsers$', views.fetchTableUsers, name="fetchTableUsers"), url(r'^controlUserState$', views.controlUserState, name="controlUserState"), -] \ No newline at end of file +] diff --git a/userManagment/userManager.py b/userManagment/userManager.py index 44858cf0d..75299ad68 100644 --- a/userManagment/userManager.py +++ b/userManagment/userManager.py @@ -10,7 +10,6 @@ from plogical.acl import ACLManager from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging - class UserManager(multi.Thread): def __init__(self, function, extraArgs): @@ -18,7 +17,6 @@ class UserManager(multi.Thread): self.function = function self.extraArgs = extraArgs - def run(self): try: if self.function == 'controlUserState': @@ -28,7 +26,7 @@ class UserManager(multi.Thread): def controlUserState(self): try: - websites = ACLManager.findAllSites(self.extraArgs['currentACL'],self.extraArgs['user'].pk) + websites = ACLManager.findAllSites(self.extraArgs['currentACL'], self.extraArgs['user'].pk) from websiteFunctions.website import WebsiteManager wm = WebsiteManager() @@ -42,6 +40,5 @@ class UserManager(multi.Thread): data = {'websiteName': items, 'state': 'UN-Suspend'} wm.submitWebsiteStatus(self.extraArgs['user'].pk, data) - except BaseException as msg: - logging.writeToFile(str(msg) + '[Error:UserManager:32]') \ No newline at end of file + logging.writeToFile(str(msg) + '[Error:UserManager:32]') diff --git a/userManagment/views.py b/userManagment/views.py index 305128f09..47dbba044 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -13,7 +13,6 @@ from plogical.virtualHostUtilities import virtualHostUtilities from CyberCP.secMiddleware import secMiddleware from CyberCP.SecurityLevel import SecurityLevel -# Create your views here. def loadUserHome(request): @@ -30,6 +29,7 @@ def loadUserHome(request): {"type": admin.type, 'listUsers': listUsers}, 'listUsers') return proc.render() + def viewProfile(request): userID = request.session['userID'] admin = Administrator.objects.get(pk=userID) @@ -47,6 +47,7 @@ def viewProfile(request): AdminData) return proc.render() + def createUser(request): userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) @@ -69,6 +70,7 @@ def createUser(request): else: return ACLManager.loadError() + def apiAccess(request): userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) @@ -78,6 +80,7 @@ def apiAccess(request): {'acctNames': adminNames}, 'admin') return proc.render() + def saveChangesAPIAccess(request): try: userID = request.session['userID'] @@ -109,6 +112,7 @@ def saveChangesAPIAccess(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def submitUserCreation(request): try: @@ -122,7 +126,6 @@ def submitUserCreation(request): data = request currentACL = ACLManager.loadedACL(userID) - firstName = data['firstName'] lastName = data['lastName'] email = data['email'] @@ -259,6 +262,7 @@ def modifyUsers(request): {"acctNames": userNames, 'securityLevels': SecurityLevel.list()}) return proc.render() + def fetchUserDetails(request): try: val = request.session['userID'] @@ -323,6 +327,7 @@ def fetchUserDetails(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def saveModifications(request): try: try: @@ -394,7 +399,6 @@ def saveModifications(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - except BaseException as msg: data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) @@ -405,6 +409,7 @@ def saveModifications(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def deleteUser(request): userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) @@ -422,6 +427,7 @@ def deleteUser(request): else: return ACLManager.loadError() + def submitUserDeletion(request): try: @@ -443,16 +449,13 @@ def submitUserDeletion(request): except: force = 0 - currentACL = ACLManager.loadedACL(userID) currentUser = Administrator.objects.get(pk=userID) userInQuestion = Administrator.objects.get(userName=accountUsername) - if ACLManager.checkUserOwnerShip(currentACL, currentUser, userInQuestion): - if force: userACL = ACLManager.loadedACL(userInQuestion.pk) websitesName = ACLManager.findAllSites(userACL, userInQuestion.pk) @@ -480,7 +483,6 @@ def submitUserDeletion(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - except BaseException as msg: data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) @@ -491,11 +493,13 @@ def submitUserDeletion(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def createNewACL(request): proc = httpProc(request, 'userManagment/createACL.html', None, 'admin') return proc.render() + def createACLFunc(request): try: val = request.session['userID'] @@ -512,7 +516,7 @@ def createACLFunc(request): else: data['adminStatus'] = 0 - newACL = ACL(name=data['aclName'],config=json.dumps(data)) + newACL = ACL(name=data['aclName'], config=json.dumps(data)) newACL.save() finalResponse = {'status': 1} @@ -526,12 +530,14 @@ def createACLFunc(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def deleteACL(request): aclNames = ACLManager.findAllACLs() proc = httpProc(request, 'userManagment/deleteACL.html', {'aclNames': aclNames}, 'admin') return proc.render() + def deleteACLFunc(request): try: val = request.session['userID'] @@ -558,12 +564,14 @@ def deleteACLFunc(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def modifyACL(request): aclNames = ACLManager.findAllACLs() proc = httpProc(request, 'userManagment/modifyACL.html', {'aclNames': aclNames}, 'admin') return proc.render() + def fetchACLDetails(request): try: val = request.session['userID'] @@ -588,6 +596,7 @@ def fetchACLDetails(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def submitACLModifications(request): try: val = request.session['userID'] @@ -600,7 +609,7 @@ def submitACLModifications(request): ## Version Management acl = ACL.objects.get(name=data['aclToModify']) - acl.config=json.dumps(data) + acl.config = json.dumps(data) acl.save() if int(data['adminStatus']) == 1: @@ -646,6 +655,7 @@ def changeUserACL(request): else: return ACLManager.loadError() + def changeACLFunc(request): try: val = request.session['userID'] @@ -686,6 +696,7 @@ def changeACLFunc(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def resellerCenter(request): userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) @@ -705,6 +716,7 @@ def resellerCenter(request): else: return ACLManager.loadError() + def saveResellerChanges(request): try: val = request.session['userID'] @@ -761,6 +773,7 @@ def saveResellerChanges(request): json_data = json.dumps(finalResponse) return HttpResponse(json_data) + def listUsers(request): userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) @@ -827,7 +840,6 @@ def fetchTableUsers(request): items.save() owner = Administrator.objects.get(pk=1) - dic = {'id': items.pk, 'name': items.userName, 'owner': owner.userName, @@ -851,6 +863,7 @@ def fetchTableUsers(request): except KeyError: return redirect(loadLoginPage) + def controlUserState(request): try: try: @@ -903,7 +916,6 @@ def controlUserState(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - except BaseException as msg: data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret)