2025-08-01 14:56:30 +05:00
import os
2026-02-04 00:55:58 +01:00
import base64
2025-08-01 14:56:30 +05:00
from django . shortcuts import HttpResponse
import json
from plogical . CyberCPLogFileWriter import CyberCPLogFileWriter as logging
from plogical . processUtilities import ProcessUtilities
from websiteFunctions . models import Websites
from random import randint
from django . core . files . storage import FileSystemStorage
from plogical . acl import ACLManager
from filemanager . models import Trash
class FileManager :
modes = { ' php ' : ' application/x-httpd-php ' , ' javascript ' : ' javascript ' , ' python ' : ' text/x-python ' ,
' html ' : ' text/html ' , ' go ' : ' text/x-go ' , ' css ' : ' text/css ' , ' java ' : ' text/x-java ' , ' perl ' : ' text/x-perl ' ,
' scss ' : ' text/x-sass ' }
def __init__ ( self , request , data ) :
self . request = request
self . data = data
@staticmethod
def findMode ( fileName ) :
if fileName . endswith ( ' .php ' ) :
return FileManager . modes [ ' php ' ]
elif fileName . endswith ( ' .js ' ) :
return FileManager . modes [ ' javascript ' ]
elif fileName . endswith ( ' .py ' ) :
return FileManager . modes [ ' python ' ]
elif fileName . endswith ( ' .html ' ) :
return FileManager . modes [ ' html ' ]
elif fileName . endswith ( ' .go ' ) :
return FileManager . modes [ ' go ' ]
elif fileName . endswith ( ' .css ' ) :
return FileManager . modes [ ' css ' ]
elif fileName . endswith ( ' .pl ' ) or fileName . endswith ( ' .PL ' ) :
return FileManager . modes [ ' perl ' ]
elif fileName . endswith ( ' .java ' ) :
return FileManager . modes [ ' java ' ]
elif fileName . endswith ( ' .scss ' ) :
return FileManager . modes [ ' scss ' ]
else :
return " "
@staticmethod
def findModeFiles ( mode ) :
if mode == FileManager . modes [ ' php ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/javascript/javascript.min.js "
integrity = " sha512-e3U/84Fo+2ZAnRhLkjStm2hYnkmZ/NRmeesZ/GHjDhcLh35eYTQxsfSeDppx6Se5aX0N6mrygH7tr4wugWsPeQ== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/javascript-hint.min.js "
integrity = " sha512-PPI9W6pViVZfJ5uvmYZsHbPwf7T+voS0OpohIrN8Q4CRCCa6JK39JJ0R16HHmyV7EQR8MTa+O56CpWjfKOxl0A== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/css/css.min.js "
integrity = " sha512-DG+5u//fVN9kpDgTGe78IJhJW8e5+tlrPaMgNqcrzyPXsn+GPaF2T62+X3ds7SuhFR9Qeb7XZ6kMD8X09FeJhA== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/xml/xml.min.js "
integrity = " sha512-k1HnoY9EXahEfPz7kq/lD9DltloKH9OrB9XNKYoUQrNz9epe5F4mQP5PfuIfeRfoXHkNrE0gF3Mx4LhC5BVl9Q== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/htmlmixed/htmlmixed.min.js "
integrity = " sha512-p15qsXPrhaUkH+/RPE6QzCmxUAPkCRw89ityx+tWC1lAYI6Et2L0UpN+iqifxUdt+ss1FQ+9CuzxpBeT9mR3/w== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/clike/clike.min.js " integrity = " sha512-HT3t3u7HfQ7USbSZa0Tk5caEnUfO8s58OWqMBwm96xaZAbA17rpnXXHDefR8ixVmSSVssbOv3W3OMh6mNX/XuQ== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/anyword-hint.min.js " integrity = " sha512-wdYOcbX/zcS4tP3HEDTkdOI5UybyuRxJMQzDQIRcafRLY/oTDWyXO+P8SzuajQipcJXkb2vHcd1QetccSFAaVw== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/css-hint.min.js " integrity = " sha512-iXuwWkAmdAUNuO5rUtzmJZ/LoeJoSG8ZeQVdcUBCkV0dxfe7bxfzQMKCwQ6uNNs0FZ9jmSrN/jzJX7G1bOs4Nw== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/html-hint.min.js " integrity = " sha512-aGi2Yn9VkLP9HiwiMXfkY7KQoGfwDW6JiGUtPhiPJAL9J7+rwwPVWUtUYvHW+xp3yJ7F0UhTPoPumUZv3+E/Rg== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/sql-hint.min.js " integrity = " sha512-zVNOyYBOmDcGRo9/Tz+rYW8vjhAO4D/jqbj9+IIb1xWMU1ROyNWPCeWcOoBTquOBBmdiue78xJg5kkdWzsZJog== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/xml-hint.min.js " integrity = " sha512-XtLGFClKrm3hNY3bS01LPiIkF64i9CnlxCqj5O+TSQq7UW8kFhFIc3kOR3bJ98h4ThxFaKdJA9PpQC76LvD/oQ== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/php/php.min.js "
integrity = " sha512-m8sosGXUwyH6Ppzoy+CoQ/r5zAwZRGdNFUgGH81E3RDQkFnAsE4cP1I3tokvZwgMsDZB5mHxs+7egAgvhaCcMw== "
crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' javascript ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/show-hint.min.js "
integrity = " sha512-ge9uKCpgPmuJY2e2zPXhpYCZfyb1/R7KOOfMZ3SzSX3ZayWpINs3sHnI8LGEHUf6UOFX/D03FVHgR36uRL8/Vw== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/javascript/javascript.min.js "
integrity = " sha512-e3U/84Fo+2ZAnRhLkjStm2hYnkmZ/NRmeesZ/GHjDhcLh35eYTQxsfSeDppx6Se5aX0N6mrygH7tr4wugWsPeQ== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/javascript-hint.min.js "
integrity = " sha512-PPI9W6pViVZfJ5uvmYZsHbPwf7T+voS0OpohIrN8Q4CRCCa6JK39JJ0R16HHmyV7EQR8MTa+O56CpWjfKOxl0A== "
crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' python ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/python/python.min.js " integrity = " sha512-DS+asaww1mE0V/N6YGVgoNIRj+yXB9hAV68vM6rVeWs0G+OyMd24LKrnS4Z+g26rgghU7qvGeEnRVUArV7nVog== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' html ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/javascript/javascript.min.js "
integrity = " sha512-e3U/84Fo+2ZAnRhLkjStm2hYnkmZ/NRmeesZ/GHjDhcLh35eYTQxsfSeDppx6Se5aX0N6mrygH7tr4wugWsPeQ== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/javascript-hint.min.js "
integrity = " sha512-PPI9W6pViVZfJ5uvmYZsHbPwf7T+voS0OpohIrN8Q4CRCCa6JK39JJ0R16HHmyV7EQR8MTa+O56CpWjfKOxl0A== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/css/css.min.js "
integrity = " sha512-DG+5u//fVN9kpDgTGe78IJhJW8e5+tlrPaMgNqcrzyPXsn+GPaF2T62+X3ds7SuhFR9Qeb7XZ6kMD8X09FeJhA== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/xml/xml.min.js "
integrity = " sha512-k1HnoY9EXahEfPz7kq/lD9DltloKH9OrB9XNKYoUQrNz9epe5F4mQP5PfuIfeRfoXHkNrE0gF3Mx4LhC5BVl9Q== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/htmlmixed/htmlmixed.min.js "
integrity = " sha512-p15qsXPrhaUkH+/RPE6QzCmxUAPkCRw89ityx+tWC1lAYI6Et2L0UpN+iqifxUdt+ss1FQ+9CuzxpBeT9mR3/w== "
crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/anyword-hint.min.js " integrity = " sha512-wdYOcbX/zcS4tP3HEDTkdOI5UybyuRxJMQzDQIRcafRLY/oTDWyXO+P8SzuajQipcJXkb2vHcd1QetccSFAaVw== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/css-hint.min.js " integrity = " sha512-iXuwWkAmdAUNuO5rUtzmJZ/LoeJoSG8ZeQVdcUBCkV0dxfe7bxfzQMKCwQ6uNNs0FZ9jmSrN/jzJX7G1bOs4Nw== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/html-hint.min.js " integrity = " sha512-aGi2Yn9VkLP9HiwiMXfkY7KQoGfwDW6JiGUtPhiPJAL9J7+rwwPVWUtUYvHW+xp3yJ7F0UhTPoPumUZv3+E/Rg== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/sql-hint.min.js " integrity = " sha512-zVNOyYBOmDcGRo9/Tz+rYW8vjhAO4D/jqbj9+IIb1xWMU1ROyNWPCeWcOoBTquOBBmdiue78xJg5kkdWzsZJog== " crossorigin = " anonymous " > < / script >
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/addon/hint/xml-hint.min.js " integrity = " sha512-XtLGFClKrm3hNY3bS01LPiIkF64i9CnlxCqj5O+TSQq7UW8kFhFIc3kOR3bJ98h4ThxFaKdJA9PpQC76LvD/oQ== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' go ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/go/go.min.js " integrity = " sha512-DxeIplahS44UYHUdqtsLJ21g5xHilhuP7Y4i+NSsD7J4ow+LXIXLHsjvEpMqcTSg15rkaqBRIXEETAjq3yb5Cw== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' css ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/css/css.min.js " integrity = " sha512-DG+5u//fVN9kpDgTGe78IJhJW8e5+tlrPaMgNqcrzyPXsn+GPaF2T62+X3ds7SuhFR9Qeb7XZ6kMD8X09FeJhA== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' java ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/clike/clike.min.js " integrity = " sha512-HT3t3u7HfQ7USbSZa0Tk5caEnUfO8s58OWqMBwm96xaZAbA17rpnXXHDefR8ixVmSSVssbOv3W3OMh6mNX/XuQ== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' perl ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/perl/perl.min.js " integrity = " sha512-6rKFA1mIjmFqxMM/b0dtjQOWFRAoqKCmhb7/6u2KohJcP4poKbrUI08Yf5GXsK+rkCr2dQnppV7gMe2a0HGQBQ== " crossorigin = " anonymous " > < / script >
"""
elif mode == FileManager . modes [ ' scss ' ] :
return """
< script src = " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/mode/sass/sass.min.js " integrity = " sha512-lFZETu8ovGFrFbFWAJnwgJrRcQ06C0BhjySIpBFPUatL/vqFz/mZIvXhlLtbOwbvRCp+XcLCmTEigKOJPN+YhA== " crossorigin = " anonymous " > < / script >
"""
else :
return ' '
@staticmethod
def findThemeFile ( theme ) :
return ' <link rel= " stylesheet " href= " https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.58.1/theme/ %s .min.css " /> ' % ( theme )
@staticmethod
def findAdditionalOptions ( mode ) :
if mode == ' text/x-python ' :
return """ <select ng-model= " optionValue " ng-change= " additionalOptions() " >
< option > Python 2 < / option >
< option > Python 3 < / option >
< / select >
"""
else :
return " "
def ajaxPre ( self , status , errorMessage ) :
final_dic = { ' status ' : status , ' error_message ' : errorMessage , ' uploadStatus ' : status }
final_json = json . dumps ( final_dic )
return HttpResponse ( final_json )
def returnPathEnclosed ( self , path ) :
return " ' " + path + " ' "
2026-02-04 00:55:58 +01:00
def _moveViaPythonBase64 ( self , src_path , dest_path , user ) :
""" Fallback: use helper script or Python to move when mv fails (handles special chars). """
try :
import subprocess
s_b64 = base64 . b64encode ( src_path . encode ( ' utf-8 ' ) ) . decode ( ' ascii ' )
d_b64 = base64 . b64encode ( dest_path . encode ( ' utf-8 ' ) ) . decode ( ' ascii ' )
helper = ' /usr/local/CyberCP/bin/safe-move-path '
if os . path . isfile ( helper ) and os . access ( helper , os . X_OK ) :
cmd = [ helper , s_b64 , d_b64 ]
if os . getuid ( ) != 0 :
cmd = [ ' sudo ' , ' -n ' ] + cmd
try :
res = subprocess . run ( cmd , capture_output = True , timeout = 30 )
if res . returncode == 0 :
return True
except Exception as e :
logging . writeToFile ( f " _moveViaPythonBase64 sudo helper failed: { str ( e ) } " )
command = ' %s %s %s ' % ( helper , s_b64 , d_b64 )
else :
code = " import shutil,base64,sys; s=base64.b64decode(sys.argv[1]).decode(); d=base64.b64decode(sys.argv[2]).decode(); shutil.move(s,d) "
command = " /usr/bin/python3 -c ' %s ' %s %s " % ( code , s_b64 , d_b64 )
result = ProcessUtilities . executioner ( command , user )
return result == 1
except Exception as e :
logging . writeToFile ( f " _moveViaPythonBase64 failed: { str ( e ) } " )
return False
def _deleteViaPythonBase64 ( self , path , user ) :
""" Fallback: use helper script or Python to delete when rm fails (handles special chars). """
try :
import subprocess
p_b64 = base64 . b64encode ( path . encode ( ' utf-8 ' ) ) . decode ( ' ascii ' )
helper = ' /usr/local/CyberCP/bin/safe-delete-path '
if os . path . isfile ( helper ) and os . access ( helper , os . X_OK ) :
cmd = [ helper , p_b64 ]
if os . getuid ( ) != 0 :
cmd = [ ' sudo ' , ' -n ' ] + cmd
try :
res = subprocess . run ( cmd , capture_output = True , timeout = 30 )
if res . returncode == 0 :
return True
except Exception as e :
logging . writeToFile ( f " _deleteViaPythonBase64 sudo helper failed: { str ( e ) } " )
if os . path . isfile ( helper ) and os . access ( helper , os . X_OK ) :
command = ' %s %s ' % ( helper , p_b64 )
else :
code = " import os,base64,sys,shutil; p=base64.b64decode(sys.argv[1]).decode(); (os.path.isfile(p) and os.remove(p)) or (os.path.isdir(p) and shutil.rmtree(p)) "
command = " /usr/bin/python3 -c ' %s ' %s " % ( code , p_b64 )
result = ProcessUtilities . executioner ( command , user )
return result == 1
except Exception as e :
logging . writeToFile ( f " _deleteViaPythonBase64 failed: { str ( e ) } " )
return False
2025-08-01 14:56:30 +05:00
def changeOwner ( self , path ) :
try :
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
2026-02-04 00:55:58 +01:00
homePath = ' /home/ %s ' % ( domainName )
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( path , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = " chown -R " + website . externalApp + ' : ' + website . externalApp + ' ' + self . returnPathEnclosed ( path )
ProcessUtilities . executioner ( command , website . externalApp )
except :
print ( " Permisson not changed " )
def listForTable ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
try :
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
pathCheck = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' completeStartingPath ' ] , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to browse this path, going back home! ' )
command = " ls -la --group-directories-first " + self . returnPathEnclosed (
self . data [ ' completeStartingPath ' ] )
output = ProcessUtilities . outputExecutioner ( command , website . externalApp ) . splitlines ( )
except :
pathCheck = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' completeStartingPath ' ] , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to browse this path, going back home! ' )
command = " ls -la --group-directories-first " + self . returnPathEnclosed (
self . data [ ' completeStartingPath ' ] )
output = ProcessUtilities . outputExecutioner ( command ) . splitlines ( )
counter = 0
for items in output :
try :
currentFile = items . split ( ' ' )
currentFile = [ a for a in currentFile if a != ' ' ]
2025-09-20 19:14:05 +02:00
if currentFile [ - 1 ] == ' . ' or currentFile [ - 1 ] == ' .. ' or currentFile [ 0 ] == ' total ' :
2025-08-01 14:56:30 +05:00
continue
if len ( currentFile ) > 9 :
fileName = currentFile [ 8 : ]
currentFile [ - 1 ] = " " . join ( fileName )
dirCheck = 0
if currentFile [ 0 ] [ 0 ] == ' d ' :
dirCheck = 1
size = str ( int ( int ( currentFile [ 4 ] ) / float ( 1024 ) ) )
lastModified = currentFile [ 5 ] + ' ' + currentFile [ 6 ] + ' ' + currentFile [ 7 ]
finalData [ str ( counter ) ] = [ currentFile [ - 1 ] , currentFile [ - 1 ] , lastModified , size , currentFile [ 0 ] ,
dirCheck ]
counter = counter + 1
except BaseException as msg :
logging . writeToFile ( str ( msg ) )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def list ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
try :
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
command = " ls -la --group-directories-first " + self . returnPathEnclosed (
self . data [ ' completeStartingPath ' ] )
output = ProcessUtilities . outputExecutioner ( command , website . externalApp ) . splitlines ( )
counter = 0
for items in output :
try :
currentFile = items . split ( ' ' )
currentFile = [ a for a in currentFile if a != ' ' ]
if currentFile [ - 1 ] == ' . ' or currentFile [ - 1 ] == ' .. ' or currentFile [ 0 ] == ' total ' :
continue
if len ( currentFile ) > 9 :
fileName = currentFile [ 8 : ]
currentFile [ - 1 ] = " " . join ( fileName )
dirCheck = False
if currentFile [ 0 ] [ 0 ] == ' d ' :
dirCheck = True
finalData [ str ( counter ) ] = [ currentFile [ - 1 ] ,
self . data [ ' completeStartingPath ' ] + ' / ' + currentFile [ - 1 ] , dirCheck ]
counter = counter + 1
except :
continue
except :
command = " ls -la --group-directories-first " + self . returnPathEnclosed (
self . data [ ' completeStartingPath ' ] )
output = ProcessUtilities . outputExecutioner ( command ) . splitlines ( )
counter = 0
for items in output :
try :
currentFile = items . split ( ' ' )
currentFile = [ a for a in currentFile if a != ' ' ]
if currentFile [ - 1 ] == ' . ' or currentFile [ - 1 ] == ' .. ' or currentFile [ 0 ] == ' total ' :
continue
if len ( currentFile ) > 9 :
fileName = currentFile [ 8 : ]
currentFile [ - 1 ] = " " . join ( fileName )
dirCheck = False
if currentFile [ 0 ] [ 0 ] == ' d ' :
dirCheck = True
finalData [ str ( counter ) ] = [ currentFile [ - 1 ] ,
self . data [ ' completeStartingPath ' ] + ' / ' + currentFile [ - 1 ] , dirCheck ]
counter = counter + 1
except :
continue
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def createNewFile ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
try :
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = " touch " + self . returnPathEnclosed ( self . data [ ' fileName ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' fileName ' ] ) )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
except :
homePath = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = " touch " + self . returnPathEnclosed ( self . data [ ' fileName ' ] )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' fileName ' ] ) )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def createNewFolder ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
try :
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' folderName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = " mkdir " + self . returnPathEnclosed ( self . data [ ' folderName ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' folderName ' ] ) )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
except :
homePath = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' folderName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = " mkdir " + self . returnPathEnclosed ( self . data [ ' folderName ' ] )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' folderName ' ] ) )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def deleteFolderOrFile ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
try :
skipTrash = self . data [ ' skipTrash ' ]
except :
skipTrash = False
website = Websites . objects . get ( domain = domainName )
self . homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Attempting to delete files/folders for domain: { domainName } " )
2025-09-20 20:39:35 +02:00
2025-08-01 14:56:30 +05:00
RemoveOK = 1
2025-09-20 20:39:35 +02:00
# Test if directory is writable
2025-09-20 19:14:05 +02:00
command = ' touch %s /public_html/hello.txt ' % ( self . homePath )
2025-08-01 14:56:30 +05:00
result = ProcessUtilities . outputExecutioner ( command )
2026-02-04 00:55:58 +01:00
if result is None :
result = ' '
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
if isinstance ( result , ( str , bytes ) ) and ( ' cannot touch ' in str ( result ) or ' Permission denied ' in str ( result ) ) :
2025-08-01 14:56:30 +05:00
RemoveOK = 0
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Directory { self . homePath } is not writable, removing chattr flags " )
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
# Remove immutable flag from entire directory (executioner returns 1=success, 0=failure)
2025-08-01 14:56:30 +05:00
command = ' chattr -R -i %s ' % ( self . homePath )
2025-09-20 20:39:35 +02:00
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to remove chattr -i from { self . homePath } : { result } " )
2025-09-20 20:39:35 +02:00
else :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Successfully removed chattr -i from { self . homePath } " )
2025-08-01 14:56:30 +05:00
else :
2025-09-20 19:14:05 +02:00
command = ' rm -f %s /public_html/hello.txt ' % ( self . homePath )
2025-08-01 14:56:30 +05:00
ProcessUtilities . executioner ( command )
for item in self . data [ ' fileAndFolders ' ] :
2025-09-20 20:39:35 +02:00
itemPath = self . data [ ' path ' ] + ' / ' + item
# Security check - prevent path traversal
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( itemPath , self . homePath ) :
logging . writeToFile ( f " Security violation: Attempted to delete outside home directory: { itemPath } " )
2025-09-20 20:39:35 +02:00
return self . ajaxPre ( 0 , ' Not allowed to delete files outside home directory! ' )
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Deleting: { itemPath } " )
2025-08-01 14:56:30 +05:00
if skipTrash :
2026-02-04 00:55:58 +01:00
# Permanent deletion (executioner returns 1=success, 0=failure)
2025-09-20 20:39:35 +02:00
command = ' rm -rf ' + self . returnPathEnclosed ( itemPath )
result = ProcessUtilities . executioner ( command , website . externalApp )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Failed to delete { itemPath } : result= { result } , trying Python fallback " )
# Fallback: Python+base64 to handle special chars in paths
if not self . _deleteViaPythonBase64 ( itemPath , website . externalApp ) :
return self . ajaxPre ( 0 , f ' Failed to delete { item } ' )
logging . writeToFile ( f " Successfully deleted: { itemPath } " )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
else :
2025-09-20 20:39:35 +02:00
# Move to trash
2025-08-01 14:56:30 +05:00
trashPath = ' %s /.trash ' % ( self . homePath )
2026-02-04 00:55:58 +01:00
# Ensure trash directory exists (executioner returns 1=success, 0=failure)
2025-09-20 20:39:35 +02:00
command = ' mkdir -p %s ' % ( trashPath )
result = ProcessUtilities . executioner ( command , website . externalApp )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Failed to create trash directory: result= { result } " )
return self . ajaxPre ( 0 , f ' Failed to create trash directory ' )
2025-09-20 20:39:35 +02:00
# Save to trash database
try :
Trash ( website = website , originalPath = self . returnPathEnclosed ( self . data [ ' path ' ] ) ,
fileName = self . returnPathEnclosed ( item ) ) . save ( )
except Exception as e :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Failed to save trash record: { str ( e ) } " )
2025-09-20 20:39:35 +02:00
2026-02-04 00:55:58 +01:00
# Move to trash (executioner returns 1=success, 0=failure)
2025-09-20 20:39:35 +02:00
command = ' mv %s %s ' % ( self . returnPathEnclosed ( itemPath ) , trashPath )
result = ProcessUtilities . executioner ( command , website . externalApp )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Failed to move to trash { itemPath } : result= { result } , trying Python fallback " )
# Fallback: Python+base64 to handle special chars in paths (e.g. lscpd/sendCommand)
if not self . _moveViaPythonBase64 ( itemPath , trashPath , website . externalApp ) :
return self . ajaxPre ( 0 , f ' Failed to move { item } to trash ' )
logging . writeToFile ( f " Successfully moved to trash: { itemPath } " )
2025-08-01 14:56:30 +05:00
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
if RemoveOK == 0 :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Restoring chattr +i flags for { self . homePath } " )
2025-09-20 20:39:35 +02:00
2026-02-04 00:55:58 +01:00
# Restore immutable flag to entire directory (executioner returns 1=success, 0=failure)
2025-08-01 14:56:30 +05:00
command = ' chattr -R +i %s ' % ( self . homePath )
2025-09-20 20:39:35 +02:00
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to restore chattr +i to { self . homePath } : result= { result } " )
2025-09-20 20:39:35 +02:00
else :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Successfully restored chattr +i to { self . homePath } " )
2025-09-20 19:14:05 +02:00
# Allow specific directories to remain mutable
2025-09-20 20:39:35 +02:00
mutable_dirs = [ ' /logs/ ' , ' /.trash/ ' , ' /backup/ ' , ' /incbackup/ ' , ' /lscache/ ' , ' /.cagefs/ ' ]
for dir_name in mutable_dirs :
dir_path = self . homePath + dir_name
command = ' chattr -R -i %s ' % ( dir_path )
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to remove chattr +i from { dir_path } : result= { result } " )
2025-09-20 20:39:35 +02:00
else :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Successfully removed chattr +i from { dir_path } " )
2025-09-20 20:39:35 +02:00
except Exception as e :
2026-02-04 00:55:58 +01:00
import traceback
logging . writeToFile ( f " Error in deleteFolderOrFile for { domainName } : { str ( e ) } " )
logging . writeToFile ( traceback . format_exc ( ) )
2025-08-01 14:56:30 +05:00
try :
skipTrash = self . data [ ' skipTrash ' ]
except :
skipTrash = False
2026-02-04 00:55:58 +01:00
# Fallback to root path for system files (Root File Manager, domainName empty)
2025-08-01 14:56:30 +05:00
self . homePath = ' / '
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Using fallback deletion for system files in { self . data [ ' path ' ] } " )
2025-08-01 14:56:30 +05:00
RemoveOK = 1
2026-02-04 00:55:58 +01:00
# Test if we can write (use /tmp for root path since /public_html doesn't exist at /)
test_path = ' /tmp ' if self . homePath == ' / ' else ( self . homePath + ' /public_html ' )
command = ' touch %s /hello.txt ' % ( test_path )
2025-08-01 14:56:30 +05:00
result = ProcessUtilities . outputExecutioner ( command )
2026-02-04 00:55:58 +01:00
if result is None :
result = ' '
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
if isinstance ( result , ( str , bytes ) ) and ( ' cannot touch ' in str ( result ) or ' Permission denied ' in str ( result ) ) :
2025-08-01 14:56:30 +05:00
RemoveOK = 0
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Directory { self . homePath } is not writable, removing chattr flags " )
2025-08-01 14:56:30 +05:00
command = ' chattr -R -i %s ' % ( self . homePath )
2025-09-20 20:39:35 +02:00
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to remove chattr -i from { self . homePath } : { result } " )
2025-08-01 14:56:30 +05:00
else :
2026-02-04 00:55:58 +01:00
command = ' rm -f %s /hello.txt ' % ( test_path )
2025-08-01 14:56:30 +05:00
ProcessUtilities . executioner ( command )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
base = self . data [ ' path ' ] . rstrip ( ' / ' ) or ' / '
itemPath = base + ' / ' + item
2025-09-20 20:39:35 +02:00
# Security check for system files
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( itemPath , self . homePath ) :
logging . writeToFile ( f " Security violation: Attempted to delete outside allowed path: { itemPath } " )
2025-09-20 20:39:35 +02:00
return self . ajaxPre ( 0 , ' Not allowed to delete files outside allowed path! ' )
2025-08-01 14:56:30 +05:00
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Deleting system file: { itemPath } " )
2025-08-01 14:56:30 +05:00
if skipTrash :
2025-09-20 20:39:35 +02:00
command = ' rm -rf ' + self . returnPathEnclosed ( itemPath )
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Failed to delete system file { itemPath } : result= { result } , trying Python fallback " )
if not self . _deleteViaPythonBase64 ( itemPath , None ) :
return self . ajaxPre ( 0 , f ' Failed to delete { item } ' )
logging . writeToFile ( f " Successfully deleted system file: { itemPath } " )
2025-08-01 14:56:30 +05:00
if RemoveOK == 0 :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Restoring chattr +i flags for system path: { self . homePath } " )
2025-08-01 14:56:30 +05:00
command = ' chattr -R +i %s ' % ( self . homePath )
2025-09-20 20:39:35 +02:00
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to restore chattr +i to system path { self . homePath } : result= { result } " )
2025-09-20 20:39:35 +02:00
else :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Successfully restored chattr +i to system path { self . homePath } " )
2025-09-20 19:14:05 +02:00
2025-09-20 20:39:35 +02:00
# Allow specific directories to remain mutable for system files
mutable_dirs = [ ' /logs/ ' , ' /.trash/ ' , ' /backup/ ' , ' /incbackup/ ' , ' /lscache/ ' , ' /.cagefs/ ' ]
for dir_name in mutable_dirs :
dir_path = self . homePath + dir_name
command = ' chattr -R -i %s ' % ( dir_path )
result = ProcessUtilities . executioner ( command )
2026-02-04 00:55:58 +01:00
if result != 1 :
logging . writeToFile ( f " Warning: Failed to remove chattr +i from system { dir_path } : result= { result } " )
2025-09-20 20:39:35 +02:00
else :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Successfully removed chattr +i from system { dir_path } " )
2025-09-20 20:39:35 +02:00
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " File deletion completed successfully for domain: { domainName } " )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
2026-02-04 00:55:58 +01:00
logging . writeToFile ( f " Critical error in deleteFolderOrFile: { str ( msg ) } " )
2025-09-20 20:39:35 +02:00
return self . ajaxPre ( 0 , f " File deletion failed: { str ( msg ) } " )
2025-08-01 14:56:30 +05:00
def restore ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
skipTrash = self . data [ ' skipTrash ' ]
except :
skipTrash = False
website = Websites . objects . get ( domain = domainName )
self . homePath = ' /home/ %s ' % ( domainName )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' path ' ] + ' / ' + item , self . homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
trashPath = ' %s /.trash ' % ( self . homePath )
tItem = Trash . objects . get ( website = website , fileName = self . returnPathEnclosed ( item ) )
command = ' mv %s %s ' % ( self . returnPathEnclosed ( trashPath + ' / ' + item ) , tItem . originalPath )
ProcessUtilities . executioner ( command , website . externalApp )
tItem . delete ( )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def copy ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' newPath ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
if len ( self . data [ ' fileAndFolders ' ] ) == 1 :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' fileAndFolders ' ] [ 0 ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' yes| cp -Rf %s %s ' % (
self . returnPathEnclosed ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' fileAndFolders ' ] [ 0 ] ) ,
self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . data [ ' newPath ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
command = ' mkdir ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' %s cp -Rf ' % ( ' yes | ' ) + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + item ) + ' ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . data [ ' newPath ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
except :
homePath = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' newPath ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
if len ( self . data [ ' fileAndFolders ' ] ) == 1 :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' fileAndFolders ' ] [ 0 ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' yes| cp -Rf %s %s ' % (
self . returnPathEnclosed ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' fileAndFolders ' ] [ 0 ] ) ,
self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command , )
self . changeOwner ( self . data [ ' newPath ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
command = ' mkdir ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' %s cp -Rf ' % ( ' yes | ' ) + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + item ) + ' ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . data [ ' newPath ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def move ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
command = ' mkdir ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' newPath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' mv ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + item ) + ' ' + self . returnPathEnclosed (
self . data [ ' newPath ' ] + ' / ' + item )
ProcessUtilities . executioner ( command , website . externalApp )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
#self.changeOwner(self.data['newPath'])
#self.fixPermissions(domainName)
except :
homePath = ' / '
command = ' mkdir ' + self . returnPathEnclosed ( self . data [ ' newPath ' ] )
ProcessUtilities . executioner ( command )
for item in self . data [ ' fileAndFolders ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' newPath ' ] + ' / ' + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' mv ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + item ) + ' ' + self . returnPathEnclosed (
self . data [ ' newPath ' ] + ' / ' + item )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . data [ ' newPath ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def rename ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' existingName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' mv ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' existingName ' ] ) + ' ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] )
except :
homePath = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' existingName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' mv ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' existingName ' ] ) + ' ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . data [ ' basePath ' ] + ' / ' + self . data [ ' newFileName ' ] )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def readFileContents ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
pathCheck = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileName ' ] , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed. ' )
# Ensure proper UTF-8 handling for file reading
# Use explicit UTF-8 locale for the cat command
command = ' LANG=C.UTF-8 LC_ALL=C.UTF-8 cat ' + self . returnPathEnclosed ( self . data [ ' fileName ' ] )
finalData [ ' fileContents ' ] = ProcessUtilities . outputExecutioner ( command , website . externalApp )
except :
pathCheck = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileName ' ] , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed. ' )
# Ensure proper UTF-8 handling for file reading
# Use explicit UTF-8 locale for the cat command
command = ' LANG=C.UTF-8 LC_ALL=C.UTF-8 cat ' + self . returnPathEnclosed ( self . data [ ' fileName ' ] )
finalData [ ' fileContents ' ] = ProcessUtilities . outputExecutioner ( command )
# Ensure proper UTF-8 encoding in JSON response
json_data = json . dumps ( finalData , ensure_ascii = False )
return HttpResponse ( json_data , content_type = ' application/json; charset=utf-8 ' )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def writeFileContents ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
try :
self . data [ ' home ' ] = ' /home/ %s ' % ( self . data [ ' domainName ' ] )
ACLManager . CreateSecureDir ( )
tempPath = ' %s / %s ' % ( ' /usr/local/CyberCP/tmp ' , str ( randint ( 1000 , 9999 ) ) )
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
writeToFile = open ( tempPath , ' wb ' )
writeToFile . write ( self . data [ ' fileContent ' ] . encode ( ' utf-8 ' ) )
writeToFile . close ( )
command = ' chown %s : %s %s ' % ( website . externalApp , website . externalApp , tempPath )
ProcessUtilities . executioner ( command )
command = ' cp %s %s ' % ( tempPath , self . returnPathEnclosed ( self . data [ ' fileName ' ] ) )
ProcessUtilities . executioner ( command , website . externalApp )
os . remove ( tempPath )
except :
self . data [ ' home ' ] = ' / '
ACLManager . CreateSecureDir ( )
tempPath = ' %s / %s ' % ( ' /usr/local/CyberCP/tmp ' , str ( randint ( 1000 , 9999 ) ) )
writeToFile = open ( tempPath , ' wb ' )
writeToFile . write ( self . data [ ' fileContent ' ] . encode ( ' utf-8 ' ) )
writeToFile . close ( )
command = ' cp %s %s ' % ( tempPath , self . returnPathEnclosed ( self . data [ ' fileName ' ] ) )
ProcessUtilities . executioner ( command )
os . remove ( tempPath )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def upload ( self ) :
try :
finalData = { }
finalData [ ' uploadStatus ' ] = 1
finalData [ ' answer ' ] = ' File transfer completed. '
ACLManager . CreateSecureDir ( )
UploadPath = ' /usr/local/CyberCP/tmp/ '
## Random file name
RanddomFileName = str ( randint ( 1000 , 9999 ) )
myfile = self . request . FILES [ ' file ' ]
fs = FileSystemStorage ( )
try :
filename = fs . save ( RanddomFileName , myfile )
finalData [ ' fileName ' ] = fs . url ( filename )
except BaseException as msg :
logging . writeToFile ( ' %s . [375:upload] ' % ( str ( msg ) ) )
domainName = self . data [ ' domainName ' ]
try :
pathCheck = ' /home/ %s ' % ( self . data [ ' domainName ' ] )
website = Websites . objects . get ( domain = domainName )
command = ' ls -la %s ' % ( self . data [ ' completePath ' ] )
result = ProcessUtilities . outputExecutioner ( command , website . externalApp )
#
if result . find ( ' -> ' ) > - 1 :
return self . ajaxPre ( 0 , " Symlink attack. " )
2026-02-04 00:55:58 +01:00
uploadPathFull = self . data [ ' completePath ' ] + ' / ' + myfile . name
if not ACLManager . isFilePathSafeForShell ( uploadPathFull ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( uploadPathFull , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' cp ' + self . returnPathEnclosed (
UploadPath + RanddomFileName ) + ' ' + self . returnPathEnclosed (
self . data [ ' completePath ' ] + ' / ' + myfile . name )
ProcessUtilities . executioner ( command , website . externalApp )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' completePath ' ] + ' / ' + myfile . name ) )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
try :
os . remove ( UploadPath + RanddomFileName )
except :
pass
except :
pathCheck = ' / '
command = ' ls -la %s ' % ( self . data [ ' completePath ' ] )
result = ProcessUtilities . outputExecutioner ( command )
logging . writeToFile ( " upload file res %s " % result )
2026-02-04 00:55:58 +01:00
uploadPathFull = self . data [ ' completePath ' ] + ' / ' + myfile . name
if not ACLManager . isFilePathSafeForShell ( uploadPathFull ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( uploadPathFull , pathCheck ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' cp ' + self . returnPathEnclosed (
UploadPath + RanddomFileName ) + ' ' + self . returnPathEnclosed (
self . data [ ' completePath ' ] + ' / ' + myfile . name )
ProcessUtilities . executioner ( command )
self . changeOwner ( self . returnPathEnclosed ( self . data [ ' completePath ' ] + ' / ' + myfile . name ) )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
try :
os . remove ( UploadPath + RanddomFileName )
except :
pass
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
try :
os . remove ( UploadPath + RanddomFileName )
except :
pass
return self . ajaxPre ( 0 , str ( msg ) )
def extract ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
homePath = ' /home/ %s ' % ( domainName )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' extractionLocation ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileToExtract ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
if self . data [ ' extractionType ' ] == ' zip ' :
command = ' unzip -o ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -d ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] )
2025-12-17 19:19:00 +01:00
elif self . data [ ' extractionType ' ] == ' 7z ' :
command = ' 7z x ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -o ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] ) + ' -y '
elif self . data [ ' extractionType ' ] == ' rar ' :
# Try unrar first (free), fallback to 7z if unrar not available
command = ' unrar x ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] ) + ' -y '
2025-08-01 14:56:30 +05:00
else :
command = ' tar -xf ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -C ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
#self.fixPermissions(domainName)
except :
homePath = ' / '
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' extractionLocation ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' fileToExtract ' ] , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
if self . data [ ' extractionType ' ] == ' zip ' :
command = ' unzip -o ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -d ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] )
2025-12-17 19:19:00 +01:00
elif self . data [ ' extractionType ' ] == ' 7z ' :
command = ' 7z x ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -o ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] ) + ' -y '
elif self . data [ ' extractionType ' ] == ' rar ' :
# Try unrar first (free), fallback to 7z if unrar not available
command = ' unrar x ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] ) + ' -y '
2025-08-01 14:56:30 +05:00
else :
command = ' tar -xf ' + self . returnPathEnclosed (
self . data [ ' fileToExtract ' ] ) + ' -C ' + self . returnPathEnclosed ( self . data [ ' extractionLocation ' ] )
ProcessUtilities . executioner ( command )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def compress ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
try :
website = Websites . objects . get ( domain = domainName )
if self . data [ ' compressionType ' ] == ' zip ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .zip ' )
command = ' zip -r ' + compressedFileName + ' '
2025-12-17 19:19:00 +01:00
elif self . data [ ' compressionType ' ] == ' 7z ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .7z ' )
command = ' 7z a -t7z ' + compressedFileName + ' '
elif self . data [ ' compressionType ' ] == ' rar ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .rar ' )
# Use 7z to create RAR format (7z can create RAR archives)
command = ' 7z a -trar ' + compressedFileName + ' '
2025-08-01 14:56:30 +05:00
else :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .tar.gz ' )
command = ' tar -czvf ' + compressedFileName + ' '
homePath = ' /home/ %s ' % ( domainName )
for item in self . data [ ' listOfFiles ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' %s %s ' % ( command , self . returnPathEnclosed ( item ) )
finalCommand = ' cd %s && %s ' % ( self . data [ ' basePath ' ] , command )
ProcessUtilities . executioner ( finalCommand , website . externalApp )
self . changeOwner ( self . data [ ' compressedFileName ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
except :
if self . data [ ' compressionType ' ] == ' zip ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .zip ' )
command = ' zip -r ' + compressedFileName + ' '
2025-12-17 19:19:00 +01:00
elif self . data [ ' compressionType ' ] == ' 7z ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .7z ' )
command = ' 7z a -t7z ' + compressedFileName + ' '
elif self . data [ ' compressionType ' ] == ' rar ' :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .rar ' )
# Use 7z to create RAR format (7z can create RAR archives)
command = ' 7z a -trar ' + compressedFileName + ' '
2025-08-01 14:56:30 +05:00
else :
compressedFileName = self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' compressedFileName ' ] + ' .tar.gz ' )
command = ' tar -czvf ' + compressedFileName + ' '
homePath = ' / '
for item in self . data [ ' listOfFiles ' ] :
2026-02-04 00:55:58 +01:00
if not ACLManager . isPathInsideHome ( self . data [ ' basePath ' ] + item , homePath ) :
2025-08-01 14:56:30 +05:00
return self . ajaxPre ( 0 , ' Not allowed to move in this path, please choose location inside home! ' )
command = ' %s %s ' % ( command , self . returnPathEnclosed ( item ) )
finalCommand = ' cd %s && %s ' % ( self . data [ ' basePath ' ] , command )
res = ProcessUtilities . outputExecutioner ( finalCommand , " root " )
logging . writeToFile ( " compress file res %s " % res )
self . changeOwner ( self . data [ ' compressedFileName ' ] )
2025-10-08 13:40:16 +05:00
## Update disk usage in background
command = " /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/IncScheduler.py UpdateDiskUsageForceDomain --domainName %s " % ( domainName )
ProcessUtilities . popenExecutioner ( command )
2025-08-01 14:56:30 +05:00
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def changePermissions ( self ) :
try :
finalData = { }
finalData [ ' status ' ] = 1
domainName = self . data [ ' domainName ' ]
website = Websites . objects . get ( domain = domainName )
if self . data [ ' recursive ' ] == 1 :
command = ' chmod -R ' + self . data [ ' newPermissions ' ] + ' ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' permissionsPath ' ] )
else :
command = ' chmod ' + self . data [ ' newPermissions ' ] + ' ' + self . returnPathEnclosed (
self . data [ ' basePath ' ] + ' / ' + self . data [ ' permissionsPath ' ] )
ProcessUtilities . executioner ( command , website . externalApp )
json_data = json . dumps ( finalData )
return HttpResponse ( json_data )
except BaseException as msg :
return self . ajaxPre ( 0 , str ( msg ) )
def fixPermissions ( self , domainName ) :
website = Websites . objects . get ( domain = domainName )
externalApp = website . externalApp
if ProcessUtilities . decideDistro ( ) == ProcessUtilities . centos or ProcessUtilities . decideDistro ( ) == ProcessUtilities . cent8 :
groupName = ' nobody '
else :
groupName = ' nogroup '
### symlink checks
command = ' ls -la /home/ %s ' % domainName
result = ProcessUtilities . outputExecutioner ( command )
if result . find ( ' -> ' ) > - 1 :
final_json = json . dumps (
{ ' status ' : 0 , ' logstatus ' : 0 ,
' error_message ' : " Symlink attack. " } )
return HttpResponse ( final_json )
command = ' chown %s : %s /home/ %s ' % ( website . externalApp , website . externalApp , domainName )
ProcessUtilities . popenExecutioner ( command )
### Sym link checks
command = ' ls -la /home/ %s /public_html/ ' % domainName
result = ProcessUtilities . outputExecutioner ( command )
if result . find ( ' -> ' ) > - 1 :
final_json = json . dumps (
{ ' status ' : 0 , ' logstatus ' : 0 ,
' error_message ' : " Symlink attack. " } )
return HttpResponse ( final_json )
command = ' chown -R -P %s : %s /home/ %s /public_html/* ' % ( externalApp , externalApp , domainName )
ProcessUtilities . popenExecutioner ( command )
command = ' chown -R -P %s : %s /home/ %s /public_html/.[^.]* ' % ( externalApp , externalApp , domainName )
ProcessUtilities . popenExecutioner ( command )
# command = "chown root:%s /home/" % (groupName) + domainName + "/logs"
# ProcessUtilities.popenExecutioner(command)
command = " find %s -type d -exec chmod 0755 {} \ ; " % ( " /home/ " + domainName + " /public_html " )
ProcessUtilities . popenExecutioner ( command )
command = " find %s -type f -exec chmod 0644 {} \ ; " % ( " /home/ " + domainName + " /public_html " )
ProcessUtilities . popenExecutioner ( command )
command = ' chown %s : %s /home/ %s /public_html ' % ( externalApp , groupName , domainName )
ProcessUtilities . executioner ( command )
command = ' chmod 750 /home/ %s /public_html ' % ( domainName )
ProcessUtilities . executioner ( command )
for childs in website . childdomains_set . all ( ) :
command = ' ls -la %s ' % childs . path
result = ProcessUtilities . outputExecutioner ( command )
if result . find ( ' -> ' ) > - 1 :
final_json = json . dumps (
{ ' status ' : 0 , ' logstatus ' : 0 ,
' error_message ' : " Symlink attack. " } )
return HttpResponse ( final_json )
command = " find %s -type d -exec chmod 0755 {} \ ; " % ( childs . path )
ProcessUtilities . popenExecutioner ( command )
command = " find %s -type f -exec chmod 0644 {} \ ; " % ( childs . path )
ProcessUtilities . popenExecutioner ( command )
command = ' chown -R -P %s : %s %s /* ' % ( externalApp , externalApp , childs . path )
ProcessUtilities . popenExecutioner ( command )
command = ' chown -R -P %s : %s %s /.[^.]* ' % ( externalApp , externalApp , childs . path )
ProcessUtilities . popenExecutioner ( command )
command = ' chmod 755 %s ' % ( childs . path )
ProcessUtilities . popenExecutioner ( command )
command = ' chown %s : %s %s ' % ( externalApp , groupName , childs . path )
ProcessUtilities . popenExecutioner ( command )