mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-11-06 05:15:49 +01:00
253 lines
7.4 KiB
Python
Executable File
253 lines
7.4 KiB
Python
Executable File
# -*- coding: utf-8 -*-
|
|
|
|
|
|
from django.shortcuts import redirect, HttpResponse
|
|
from loginSystem.views import loadLoginPage
|
|
from .databaseManager import DatabaseManager
|
|
from .pluginManager import pluginManager
|
|
import json
|
|
from plogical.processUtilities import ProcessUtilities
|
|
from loginSystem.models import Administrator
|
|
from plogical.acl import ACLManager
|
|
from databases.models import GlobalUserDB
|
|
from plogical import randomPassword
|
|
from cryptography.fernet import Fernet
|
|
from plogical.mysqlUtilities import mysqlUtilities
|
|
# Create your views here.
|
|
|
|
def loadDatabaseHome(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
return dm.loadDatabaseHome(request, userID)
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def createDatabase(request):
|
|
try:
|
|
result = pluginManager.preCreateDatabase(request)
|
|
if result != 200:
|
|
return result
|
|
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
coreResult = dm.createDatabase(request, userID)
|
|
|
|
result = pluginManager.postCreateDatabase(request, coreResult)
|
|
if result != 200:
|
|
return result
|
|
|
|
return coreResult
|
|
|
|
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def submitDBCreation(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
|
|
result = pluginManager.preSubmitDBCreation(request)
|
|
if result != 200:
|
|
return result
|
|
|
|
dm = DatabaseManager()
|
|
coreResult = dm.submitDBCreation(userID, json.loads(request.body))
|
|
|
|
result = pluginManager.postSubmitDBCreation(request, coreResult)
|
|
if result != 200:
|
|
return result
|
|
|
|
return coreResult
|
|
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def deleteDatabase(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
return dm.deleteDatabase(request, userID)
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def fetchDatabases(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
return dm.fetchDatabases(userID, json.loads(request.body))
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def submitDatabaseDeletion(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
result = pluginManager.preSubmitDatabaseDeletion(request)
|
|
if result != 200:
|
|
return result
|
|
|
|
dm = DatabaseManager()
|
|
coreResult = dm.submitDatabaseDeletion(userID, json.loads(request.body))
|
|
|
|
result = pluginManager.postSubmitDatabaseDeletion(request, coreResult)
|
|
if result != 200:
|
|
return result
|
|
|
|
return coreResult
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def listDBs(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
return dm.listDBs(request, userID)
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def changePassword(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
|
|
result = pluginManager.preChangePassword(request)
|
|
if result != 200:
|
|
return result
|
|
|
|
dm = DatabaseManager()
|
|
coreResult = dm.changePassword(userID, json.loads(request.body))
|
|
|
|
result = pluginManager.postChangePassword(request, coreResult)
|
|
if result != 200:
|
|
return result
|
|
|
|
return coreResult
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def remoteAccess(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
|
|
dm = DatabaseManager()
|
|
coreResult = dm.remoteAccess(userID, json.loads(request.body))
|
|
|
|
return coreResult
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def allowRemoteIP(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
|
|
dm = DatabaseManager()
|
|
coreResult = dm.allowRemoteIP(userID, json.loads(request.body))
|
|
|
|
return coreResult
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def phpMyAdmin(request):
|
|
try:
|
|
userID = request.session['userID']
|
|
dm = DatabaseManager()
|
|
return dm.phpMyAdmin(request, userID)
|
|
except KeyError:
|
|
return redirect(loadLoginPage)
|
|
|
|
def generateAccess(request):
|
|
try:
|
|
|
|
userID = request.session['userID']
|
|
admin = Administrator.objects.get(id = userID)
|
|
currentACL = ACLManager.loadedACL(userID)
|
|
|
|
try:
|
|
gdb = GlobalUserDB.objects.get(username=admin.userName)
|
|
token = randomPassword.generate_pass()
|
|
gdb.token = token
|
|
gdb.save()
|
|
except:
|
|
## Key generation
|
|
|
|
keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
|
|
key = Fernet.generate_key()
|
|
|
|
writeToFile = open(keySavePath, 'w')
|
|
writeToFile.write(key.decode())
|
|
writeToFile.close()
|
|
|
|
command = 'chown root:root %s' % (keySavePath)
|
|
ProcessUtilities.executioner(command)
|
|
|
|
command = 'chmod 600 %s' % (keySavePath)
|
|
ProcessUtilities.executioner(command)
|
|
|
|
##
|
|
|
|
password = randomPassword.generate_pass()
|
|
token = randomPassword.generate_pass()
|
|
f = Fernet(key)
|
|
GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(), token=token).save()
|
|
|
|
sites = ACLManager.findWebsiteObjects(currentACL, userID)
|
|
|
|
createUser = 1
|
|
|
|
for site in sites:
|
|
for db in site.databases_set.all():
|
|
mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, createUser)
|
|
createUser = 0
|
|
|
|
data_ret = {'status': 1, 'token': token, 'username': admin.userName}
|
|
json_data = json.dumps(data_ret)
|
|
return HttpResponse(json_data)
|
|
|
|
|
|
except BaseException as msg:
|
|
data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
|
|
json_data = json.dumps(data_ret)
|
|
return HttpResponse(json_data)
|
|
|
|
def fetchDetailsPHPMYAdmin(request):
|
|
try:
|
|
|
|
|
|
userID = request.session['userID']
|
|
admin = Administrator.objects.get(id = userID)
|
|
currentACL = ACLManager.loadedACL(userID)
|
|
|
|
username = request.GET.get('username')
|
|
token = request.GET.get('token')
|
|
|
|
if username != admin.userName:
|
|
return redirect(loadLoginPage)
|
|
|
|
## Key generation
|
|
|
|
gdb = GlobalUserDB.objects.get(username=admin.userName)
|
|
|
|
if gdb.token == token:
|
|
keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
|
|
key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode()
|
|
f = Fernet(key)
|
|
password = f.decrypt(gdb.password.encode('utf-8'))
|
|
|
|
sites = ACLManager.findWebsiteObjects(currentACL, userID)
|
|
|
|
createUser = 0
|
|
|
|
for site in sites:
|
|
for db in site.databases_set.all():
|
|
mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), createUser)
|
|
createUser = 0
|
|
|
|
returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode())
|
|
return redirect(returnURL)
|
|
else:
|
|
return redirect(loadLoginPage)
|
|
|
|
|
|
except BaseException as msg:
|
|
data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)}
|
|
json_data = json.dumps(data_ret)
|
|
return HttpResponse(json_data) |