#!/usr/local/CyberCP/bin/python2 import os,sys sys.path.append('/usr/local/CyberCP') import django os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings") django.setup() from loginSystem.models import Administrator, ACL from django.shortcuts import HttpResponse from packages.models import Package from websiteFunctions.models import Websites, ChildDomains from dns.models import Domains import json class ACLManager: @staticmethod def loadedACL(val): admin = Administrator.objects.get(pk=val) finalResponse = {} finalResponse['firstName'] = admin.firstName finalResponse['lastName'] = admin.lastName try: ipFile = "/etc/cyberpanel/machineIP" f = open(ipFile) ipData = f.read() serverIPAddress = ipData.split('\n', 1)[0] except BaseException, msg: serverIPAddress = "192.168.100.1" finalResponse['serverIPAddress'] = serverIPAddress finalResponse['adminName'] = admin.firstName + " " + admin.lastName[:3] if admin.acl.adminStatus == 1: finalResponse['admin'] = 1 else: finalResponse['admin'] = 0 acl = ACL.objects.get(name=admin.acl.name) finalResponse['versionManagement'] = acl.versionManagement ## User Management finalResponse['createNewUser'] = acl.createNewUser finalResponse['deleteUser'] = acl.deleteUser finalResponse['changeUserACL'] = acl.changeUserACL finalResponse['resellerCenter'] = acl.resellerCenter ## Website Management finalResponse['createWebsite'] = acl.createWebsite finalResponse['modifyWebsite'] = acl.modifyWebsite finalResponse['suspendWebsite'] = acl.suspendWebsite finalResponse['deleteWebsite'] = acl.deleteWebsite ## Package Management finalResponse['createPackage'] = acl.createPackage finalResponse['deletePackage'] = acl.deletePackage finalResponse['modifyPackage'] = acl.modifyPackage ## Database Management finalResponse['createDatabase'] = acl.createDatabase finalResponse['deleteDatabase'] = acl.deleteDatabase finalResponse['listDatabases'] = acl.listDatabases ## DNS Management finalResponse['createNameServer'] = acl.createNameServer finalResponse['createDNSZone'] = acl.createDNSZone finalResponse['deleteZone'] = acl.deleteZone finalResponse['addDeleteRecords'] = acl.addDeleteRecords ## Email Management finalResponse['createEmail'] = acl.createEmail finalResponse['deleteEmail'] = acl.deleteEmail finalResponse['emailForwarding'] = acl.emailForwarding finalResponse['changeEmailPassword'] = acl.changeEmailPassword finalResponse['dkimManager'] = acl.dkimManager ## FTP Management finalResponse['createFTPAccount'] = acl.createFTPAccount finalResponse['deleteFTPAccount'] = acl.deleteFTPAccount finalResponse['listFTPAccounts'] = acl.listFTPAccounts ## Backup Management finalResponse['createBackup'] = acl.createBackup finalResponse['restoreBackup'] = acl.restoreBackup finalResponse['addDeleteDestinations'] = acl.addDeleteDestinations finalResponse['scheDuleBackups'] = acl.scheDuleBackups finalResponse['remoteBackups'] = acl.remoteBackups ## SSL Management finalResponse['manageSSL'] = acl.manageSSL finalResponse['hostnameSSL'] = acl.hostnameSSL finalResponse['mailServerSSL'] = acl.mailServerSSL return finalResponse @staticmethod def currentContextPermission(currentACL, context): try: if currentACL['admin'] == 1: return 1 elif currentACL[context] == 1: return 1 else: return 0 except: pass @staticmethod def createDefaultACLs(): try: ## Admin ACL newACL = ACL(name='admin', adminStatus=1) newACL.save() ## Reseller ACL newACL = ACL(name='reseller', createNewUser=1, deleteUser=1, createWebsite=1, resellerCenter=1, modifyWebsite=1, suspendWebsite=1, deleteWebsite=1, createPackage=1, deletePackage=1, modifyPackage=1, createNameServer=1, restoreBackup=1, ) newACL.save() ## User ACL newACL = ACL(name='user') newACL.save() except: pass @staticmethod def loadError(): try: return HttpResponse('You are not authorized to access this resource.') except: pass @staticmethod def loadErrorJson(additionalParameter = None, additionalParameterValue = None): try: if additionalParameter == None: finalJson = {"status": 0, "errorMessage": 'You are not authorized to access this resource.', 'error_message': 'You are not authorized to access this resource.', } else: finalJson = {"status": 0, "errorMessage": 'You are not authorized to access this resource.', 'error_message': 'You are not authorized to access this resource.', additionalParameter: additionalParameterValue } json_data = json.dumps(finalJson) return HttpResponse(json_data) except: pass @staticmethod def findAllUsers(): userNames = [] allUsers = Administrator.objects.all() for items in allUsers: if items.userName == 'admin': continue userNames.append(items.userName) return userNames @staticmethod def findAllACLs(): aclNames = [] allACLs = ACL.objects.all() for items in allACLs: if items.name == 'admin' or items.name == 'reseller' or items.name == 'user': continue else: aclNames.append(items.name) return aclNames @staticmethod def unFileteredACLs(): aclNames = [] allACLs = ACL.objects.all() for items in allACLs: aclNames.append(items.name) return aclNames @staticmethod def loadAllUsers(userID): admin = Administrator.objects.get(pk=userID) adminNames = [] finalResponse = ACLManager.loadedACL(userID) if finalResponse['admin'] == 1: admins = Administrator.objects.all() for items in admins: if items.userName == admin.userName: continue adminNames.append(items.userName) else: admins = Administrator.objects.filter(owner=admin.pk) for items in admins: adminNames.append(items.userName) adminNames.append(admin.userName) return adminNames @staticmethod def loadDeletionUsers(userID, finalResponse): admin = Administrator.objects.get(pk=userID) adminNames = [] if finalResponse['admin'] == 1: admins = Administrator.objects.all() for items in admins: if items.userName == admin.userName: continue adminNames.append(items.userName) else: admins = Administrator.objects.filter(owner=admin.pk) for items in admins: adminNames.append(items.userName) return adminNames @staticmethod def userWithResellerPriv(userID): admin = Administrator.objects.get(pk=userID) adminNames = [] finalResponse = ACLManager.loadedACL(userID) if finalResponse['admin'] == 1: admins = Administrator.objects.all() for items in admins: if items.acl.resellerCenter == 1: if items.userName == admin.userName: continue adminNames.append(items.userName) else: admins = Administrator.objects.filter(owner=admin.pk) for items in admins: if items.acl.resellerCenter == 1: adminNames.append(items.userName) adminNames.append(admin.userName) return adminNames @staticmethod def websitesLimitCheck(currentAdmin, websitesLimit, userToBeModified = None): if currentAdmin.acl.adminStatus != 1: if currentAdmin.initWebsitesLimit != 0: webLimits = 0 allUsers = Administrator.objects.filter(owner=currentAdmin.pk) for items in allUsers: webLimits = webLimits + items.initWebsitesLimit if userToBeModified != None: webLimits = webLimits - userToBeModified.initWebsitesLimit webLimits = webLimits + websitesLimit + currentAdmin.websites_set.all().count() if webLimits <= currentAdmin.initWebsitesLimit: return 1 else: return 0 else: return 1 else: return 1 @staticmethod def loadPackages(userID, finalResponse): admin = Administrator.objects.get(pk=userID) packNames = [] if finalResponse['admin'] == 1: packs = Package.objects.all() for items in packs: packNames.append(items.packageName) else: packs = admin.package_set.all() for items in packs: packNames.append(items.packageName) return packNames @staticmethod def findAllSites(currentACL, userID): websiteNames = [] if currentACL['admin'] == 1: allWebsites = Websites.objects.all() for items in allWebsites: websiteNames.append(items.domain) else: admin = Administrator.objects.get(pk=userID) websites = admin.websites_set.all() admins = Administrator.objects.filter(owner=admin.pk) for items in websites: websiteNames.append(items.domain) for items in admins: webs = items.websites_set.all() for web in webs: websiteNames.append(web.domain) return websiteNames @staticmethod def findWebsiteObjects(currentACL, userID): if currentACL['admin'] == 1: return Websites.objects.all() else: websiteList = [] admin = Administrator.objects.get(pk=userID) websites = admin.websites_set.all() for items in websites: websiteList.append(items) admins = Administrator.objects.filter(owner=admin.pk) for items in admins: webs = items.websites_set.all() for web in webs: websiteList.append(web) return websiteList @staticmethod def findAllDomains(currentACL, userID): domainsList = [] if currentACL['admin'] == 1: domains = Domains.objects.all() for items in domains: domainsList.append(items.name) else: admin = Administrator.objects.get(pk=userID) domains = admin.domains_set.all() for items in domains: domainsList.append(items.name) admins = Administrator.objects.filter(owner=admin.pk) for items in admins: doms = items.domains_set.all() for dom in doms: domainsList.append(dom.name) return domainsList @staticmethod def checkOwnership(domain, admin, currentACL): try: childDomain = ChildDomains.objects.get(domain=domain) if currentACL['admin'] == 1: return 1 elif childDomain.master.admin == admin: return 1 else: if childDomain.master.admin.owner == admin.pk: return 1 except: domainName = Websites.objects.get(domain=domain) if currentACL['admin'] == 1: return 1 elif domainName.admin == admin: return 1 else: if domainName.admin.owner == admin.pk: return 1 else: return 0