diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000..0d20b6487 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.pyc diff --git a/CyberCP/secMiddleware.py b/CyberCP/secMiddleware.py index 6c7ce7143..3182e5772 100644 --- a/CyberCP/secMiddleware.py +++ b/CyberCP/secMiddleware.py @@ -10,6 +10,7 @@ class secMiddleware: def __call__(self, request): if request.method == 'POST': try: + logging.writeToFile(request.body) data = json.loads(request.body) for key, value in data.iteritems(): if type(value) == str or type(value) == unicode: diff --git a/api/views.py b/api/views.py index c504f7d8f..2600fab74 100644 --- a/api/views.py +++ b/api/views.py @@ -560,9 +560,12 @@ def changeAdminPassword(request): if numberOfAdministrator == 0: ACLManager.createDefaultACLs() acl = ACL.objects.get(name='admin') + + token = hashPassword.generateToken('admin', '1234567') + email = 'usman@cyberpersons.com' admin = Administrator(userName="admin", password=hashPassword.hash_password(adminPass), type=1, email=email, - firstName="Cyber", lastName="Panel", acl=acl) + firstName="Cyber", lastName="Panel", acl=acl, token=token) admin.save() vers = version(currentVersion="1.7", build=3) diff --git a/cloudAPI/cloudManager.py b/cloudAPI/cloudManager.py index 2e516c888..1a51e80ee 100644 --- a/cloudAPI/cloudManager.py +++ b/cloudAPI/cloudManager.py @@ -1,11 +1,10 @@ -from plogical import hashPassword from loginSystem.models import Administrator from django.shortcuts import HttpResponse import json from plogical.website import WebsiteManager -from plogical.acl import ACLManager +from plogical.acl import ACLManager from plogical.virtualHostUtilities import virtualHostUtilities -from websiteFunctions.models import Websites +from websiteFunctions.models import Websites import subprocess, shlex from databases.databaseManager import DatabaseManager from dns.dnsManager import DNSManager @@ -15,541 +14,288 @@ from manageSSL.views import issueSSL from plogical.backupManager import BackupManager import userManagment.views as um from packages.packagesManager import PackagesManager +from plogical.processUtilities import ProcessUtilities class CloudManager: - - def __init__(self, data = None): + def __init__(self, data=None, admin = None): self.data = data + self.admin = admin def ajaxPre(self, status, errorMessage): final_dic = {'status': status, 'error_message': errorMessage} final_json = json.dumps(final_dic) return HttpResponse(final_json) - def verifyLogin(self): + def verifyLogin(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - return self.ajaxPre(1, None) + if request.META['HTTP_AUTHORIZATION'] == self.admin.token: + return 1, self.ajaxPre(1, None) else: - return self.ajaxPre(0, 'Invalid login information.') + return 0, self.ajaxPre(0, 'Invalid login information.') except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchWebsites(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.getFurtherAccounts(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.getFurtherAccounts(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitWebsiteDeletion(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.submitWebsiteDeletion(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + wm = WebsiteManager() + return wm.submitWebsiteDeletion(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitWebsiteCreation(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.submitWebsiteCreation(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.submitWebsiteCreation(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchWebsiteDataJSON(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.fetchWebsiteDataJSON(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.fetchWebsiteDataJSON(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchWebsiteData(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] + currentACL = ACLManager.loadedACL(self.admin.pk) + website = Websites.objects.get(domain=self.data['domainName']) + admin = Administrator.objects.get(pk=self.admin.pk) - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - currentACL = ACLManager.loadedACL(admin.pk) - website = Websites.objects.get(domain=self.data['domainName']) - admin = Administrator.objects.get(pk=admin.pk) - - if ACLManager.checkOwnership(self.data['domainName'], admin, currentACL) == 1: - pass - else: - return ACLManager.loadErrorJson() - - Data = {} - - Data['ftpAllowed'] = website.package.ftpAccounts - Data['ftpUsed'] = website.users_set.all().count() - - Data['dbUsed'] = website.databases_set.all().count() - Data['dbAllowed'] = website.package.dataBases - - diskUsageDetails = virtualHostUtilities.getDiskUsage("/home/" + self.data['domainName'], website.package.diskSpace) - - ## bw usage calculation - - try: - execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py" - execPath = execPath + " findDomainBW --virtualHostName " + self.data['domainName'] + " --bandwidth " + str( - website.package.bandwidth) - - output = subprocess.check_output(shlex.split(execPath)) - bwData = output.split(",") - except BaseException: - bwData = [0, 0] - - ## bw usage calculations - - Data['bwAllowed'] = website.package.bandwidth - Data['bwUsed'] = bwData[0] - Data['bwUsage'] = bwData[1] - - if diskUsageDetails != None: - if diskUsageDetails[1] > 100: - diskUsageDetails[1] = 100 - - Data['diskUsage'] = diskUsageDetails[1] - Data['diskUsed'] = diskUsageDetails[0] - Data['diskAllowed'] = website.package.diskSpace - else: - Data['diskUsed'] = 0 - Data['diskUsage'] = 0 - Data['diskInMBTotal'] = website.package.diskSpace - - Data['status'] = 1 - final_json = json.dumps(Data) - return HttpResponse(final_json) + if ACLManager.checkOwnership(self.data['domainName'], admin, currentACL) == 1: + pass else: - return self.ajaxPre(0, 'Invalid login information.') + return ACLManager.loadErrorJson() + + Data = {} + + Data['ftpAllowed'] = website.package.ftpAccounts + Data['ftpUsed'] = website.users_set.all().count() + + Data['dbUsed'] = website.databases_set.all().count() + Data['dbAllowed'] = website.package.dataBases + + diskUsageDetails = virtualHostUtilities.getDiskUsage("/home/" + self.data['domainName'], + website.package.diskSpace) + + ## bw usage calculation + + try: + execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py" + execPath = execPath + " findDomainBW --virtualHostName " + self.data[ + 'domainName'] + " --bandwidth " + str( + website.package.bandwidth) + + output = subprocess.check_output(shlex.split(execPath)) + bwData = output.split(",") + except BaseException: + bwData = [0, 0] + + ## bw usage calculations + + Data['bwAllowed'] = website.package.bandwidth + Data['bwUsed'] = bwData[0] + Data['bwUsage'] = bwData[1] + + if diskUsageDetails != None: + if diskUsageDetails[1] > 100: + diskUsageDetails[1] = 100 + + Data['diskUsage'] = diskUsageDetails[1] + Data['diskUsed'] = diskUsageDetails[0] + Data['diskAllowed'] = website.package.diskSpace + else: + Data['diskUsed'] = 0 + Data['diskUsage'] = 0 + Data['diskInMBTotal'] = website.package.diskSpace + + Data['status'] = 1 + final_json = json.dumps(Data) + return HttpResponse(final_json) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchModifyData(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.submitWebsiteModify(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.submitWebsiteModify(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def saveModifications(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.saveWebsiteChanges(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.saveWebsiteChanges(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitDBCreation(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DatabaseManager() - return dm.submitDBCreation(admin.pk, self.data, 1) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DatabaseManager() + return dm.submitDBCreation(self.admin.pk, self.data, 1) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchDatabases(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DatabaseManager() - return dm.fetchDatabases(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DatabaseManager() + return dm.fetchDatabases(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitDatabaseDeletion(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DatabaseManager() - return dm.submitDatabaseDeletion(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DatabaseManager() + return dm.submitDatabaseDeletion(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def changePassword(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DatabaseManager() - return dm.changePassword(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DatabaseManager() + return dm.changePassword(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def getCurrentRecordsForDomain(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DNSManager() - return dm.getCurrentRecordsForDomain(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DNSManager() + return dm.getCurrentRecordsForDomain(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def deleteDNSRecord(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DNSManager() - return dm.deleteDNSRecord(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DNSManager() + return dm.deleteDNSRecord(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def addDNSRecord(self): try: - adminUser = self.data['userName'] - adminPass = self.data['password'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - dm = DNSManager() - return dm.addDNSRecord(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + dm = DNSManager() + return dm.addDNSRecord(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitEmailCreation(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.submitEmailCreation() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.submitEmailCreation() except BaseException, msg: return self.ajaxPre(0, str(msg)) def getEmailsForDomain(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.getEmailsForDomain() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.getEmailsForDomain() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitEmailDeletion(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.submitEmailDeletion() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.submitEmailDeletion() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitPasswordChange(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.submitPasswordChange() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.submitPasswordChange() except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchCurrentForwardings(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.fetchCurrentForwardings() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.fetchCurrentForwardings() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitForwardDeletion(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.submitForwardDeletion() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.submitForwardDeletion() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitEmailForwardingCreation(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.submitEmailForwardingCreation() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.submitEmailForwardingCreation() except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchDKIMKeys(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.fetchDKIMKeys() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.fetchDKIMKeys() except BaseException, msg: return self.ajaxPre(0, str(msg)) def generateDKIMKeys(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - msm = MailServerManager(request) - return msm.generateDKIMKeys() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + msm = MailServerManager(request) + return msm.generateDKIMKeys() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitFTPCreation(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - fm = FTPManager(request) - return fm.submitFTPCreation() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + fm = FTPManager(request) + return fm.submitFTPCreation() except BaseException, msg: return self.ajaxPre(0, str(msg)) def getAllFTPAccounts(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - fm = FTPManager(request) - return fm.getAllFTPAccounts() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + fm = FTPManager(request) + return fm.getAllFTPAccounts() except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitFTPDelete(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - fm = FTPManager(request) - return fm.submitFTPDelete() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + fm = FTPManager(request) + return fm.submitFTPDelete() except BaseException, msg: return self.ajaxPre(0, str(msg)) def changeFTPPassword(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - fm = FTPManager(request) - return fm.changePassword() - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + fm = FTPManager(request) + return fm.changePassword() except BaseException, msg: return self.ajaxPre(0, str(msg)) def issueSSL(self, request): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return issueSSL(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return issueSSL(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) @@ -576,476 +322,355 @@ class CloudManager: installationProgress = progress[1] except: installationProgress = 0 - data_ret = {'status': 1, 'abort': 0, 'installationProgress': installationProgress, 'currentStatus': currentStatus} + data_ret = {'status': 1, 'abort': 0, 'installationProgress': installationProgress, + 'currentStatus': currentStatus} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: - data_ret = {'status': 0,'abort': 0, 'installationProgress': "0", 'errorMessage': str(msg)} + data_ret = {'status': 0, 'abort': 0, 'installationProgress': "0", 'errorMessage': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) def submitDomainCreation(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.submitDomainCreation(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.submitDomainCreation(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchDomains(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.fetchDomains(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.fetchDomains(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitDomainDeletion(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.submitDomainDeletion(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.submitDomainDeletion(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def changeOpenBasedir(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.changeOpenBasedir(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.changeOpenBasedir(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def changePHP(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - wm = WebsiteManager() - return wm.changePHP(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + wm = WebsiteManager() + return wm.changePHP(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def backupStatusFunc(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - bm = BackupManager() - return bm.backupStatus(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') + bm = BackupManager() + return bm.backupStatus(self.admin.pk, self.data) except BaseException, msg: - data_ret = {'status': 0,'abort': 0, 'installationProgress': "0", 'errorMessage': str(msg)} + data_ret = {'status': 0, 'abort': 0, 'installationProgress': "0", 'errorMessage': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) def submitBackupCreation(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - bm = BackupManager() - return bm.submitBackupCreation(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + bm = BackupManager() + return bm.submitBackupCreation(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def getCurrentBackups(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - bm = BackupManager() - return bm.getCurrentBackups(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + bm = BackupManager() + return bm.getCurrentBackups(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def deleteBackup(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - bm = BackupManager() - return bm.deleteBackup(admin.pk, self.data) - else: - return self.ajaxPre(0, 'Invalid login information.') - + bm = BackupManager() + return bm.deleteBackup(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchACLs(self): try: - adminUser = self.data['userName'] - adminPass = self.data['serverPassword'] + userID = self.admin.pk + currentACL = ACLManager.loadedACL(userID) - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - - userID = admin.pk - currentACL = ACLManager.loadedACL(userID) - - if currentACL['admin'] == 1: - aclNames = ACLManager.unFileteredACLs() - elif currentACL['changeUserACL'] == 1: - aclNames = ACLManager.unFileteredACLs() - elif currentACL['createNewUser'] == 1: - aclNames = ['user'] - else: - return ACLManager.loadError() - - json_data = "[" - checker = 0 - - for items in aclNames: - dic = {'acl': items} - - if checker == 0: - json_data = json_data + json.dumps(dic) - checker = 1 - else: - json_data = json_data + ',' + json.dumps(dic) - - json_data = json_data + ']' - final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) - return HttpResponse(final_json) + if currentACL['admin'] == 1: + aclNames = ACLManager.unFileteredACLs() + elif currentACL['changeUserACL'] == 1: + aclNames = ACLManager.unFileteredACLs() + elif currentACL['createNewUser'] == 1: + aclNames = ['user'] else: - return self.ajaxPre(0, 'Invalid login information.') + return ACLManager.loadError() + + json_data = "[" + checker = 0 + + for items in aclNames: + dic = {'acl': items} + + if checker == 0: + json_data = json_data + json.dumps(dic) + checker = 1 + else: + json_data = json_data + ',' + json.dumps(dic) + + json_data = json_data + ']' + final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) + return HttpResponse(final_json) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitUserCreation(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.submitUserCreation(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.submitUserCreation(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchUsers(self): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] + userID = self.admin.pk + allUsers = ACLManager.loadUserObjects(userID) - admin = Administrator.objects.get(userName=adminUser) + json_data = "[" + checker = 0 - if hashPassword.check_password(admin.password, adminPass): + for user in allUsers: + dic = { + "id": user.id, + "userName": user.userName, + "firstName": user.firstName, + "lastName": user.lastName, + "email": user.email, + "acl": user.acl.name, + "websitesLimit": user.initWebsitesLimit + } - userID = admin.pk - allUsers = ACLManager.loadUserObjects(userID) + if checker == 0: + json_data = json_data + json.dumps(dic) + checker = 1 + else: + json_data = json_data + ',' + json.dumps(dic) - json_data = "[" - checker = 0 - - for user in allUsers: - dic = { - "id": user.id, - "userName": user.userName, - "firstName": user.firstName, - "lastName": user.lastName, - "email": user.email, - "acl": user.acl.name, - "websitesLimit": user.initWebsitesLimit - } - - if checker == 0: - json_data = json_data + json.dumps(dic) - checker = 1 - else: - json_data = json_data + ',' + json.dumps(dic) - - json_data = json_data + ']' - final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) - return HttpResponse(final_json) - else: - return self.ajaxPre(0, 'Invalid login information.') + json_data = json_data + ']' + final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) + return HttpResponse(final_json) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitUserDeletion(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.submitUserDeletion(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.submitUserDeletion(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def saveModificationsUser(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.saveModifications(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.saveModifications(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def userWithResellerPriv(self): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] + userID = self.admin.pk + allUsers = ACLManager.userWithResellerPriv(userID) - admin = Administrator.objects.get(userName=adminUser) + json_data = "[" + checker = 0 - if hashPassword.check_password(admin.password, adminPass): + for user in allUsers: + dic = { + "userName": user, + } - userID = admin.pk - allUsers = ACLManager.userWithResellerPriv(userID) - - json_data = "[" - checker = 0 - - for user in allUsers: - dic = { - "userName": user, - } - - if checker == 0: - json_data = json_data + json.dumps(dic) - checker = 1 - else: - json_data = json_data + ',' + json.dumps(dic) - - json_data = json_data + ']' - final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) - return HttpResponse(final_json) - else: - return self.ajaxPre(0, 'Invalid login information.') + if checker == 0: + json_data = json_data + json.dumps(dic) + checker = 1 + else: + json_data = json_data + ',' + json.dumps(dic) + json_data = json_data + ']' + final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) + return HttpResponse(final_json) except BaseException, msg: return self.ajaxPre(0, str(msg)) def saveResellerChanges(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.saveResellerChanges(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.saveResellerChanges(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def changeACLFunc(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.changeACLFunc(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.changeACLFunc(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def createACLFunc(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.createACLFunc(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.createACLFunc(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def findAllACLs(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] + userID = self.admin.pk + currentACL = ACLManager.loadedACL(userID) - admin = Administrator.objects.get(userName=adminUser) - - if hashPassword.check_password(admin.password, adminPass): - - userID = admin.pk - currentACL = ACLManager.loadedACL(userID) - - if currentACL['admin'] == 1: - aclNames = ACLManager.findAllACLs() - else: - return ACLManager.loadErrorJson() - - json_data = "[" - checker = 0 - - for items in aclNames: - dic = {'acl': items} - - if checker == 0: - json_data = json_data + json.dumps(dic) - checker = 1 - else: - json_data = json_data + ',' + json.dumps(dic) - - json_data = json_data + ']' - final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) - return HttpResponse(final_json) + if currentACL['admin'] == 1: + aclNames = ACLManager.findAllACLs() else: - return self.ajaxPre(0, 'Invalid login information.') + return ACLManager.loadErrorJson() + json_data = "[" + checker = 0 + + for items in aclNames: + dic = {'acl': items} + + if checker == 0: + json_data = json_data + json.dumps(dic) + checker = 1 + else: + json_data = json_data + ',' + json.dumps(dic) + + json_data = json_data + ']' + final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) + return HttpResponse(final_json) except BaseException, msg: return self.ajaxPre(0, str(msg)) def deleteACLFunc(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.deleteACLFunc(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.deleteACLFunc(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def fetchACLDetails(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.fetchACLDetails(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.fetchACLDetails(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitACLModifications(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] - - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk - - if hashPassword.check_password(admin.password, adminPass): - return um.submitACLModifications(request) - else: - return self.ajaxPre(0, 'Invalid login information.') - + request.session['userID'] = self.admin.pk + return um.submitACLModifications(request) except BaseException, msg: return self.ajaxPre(0, str(msg)) def submitPackage(self, request): try: - adminUser = self.data['serverUserName'] - adminPass = self.data['serverPassword'] + request.session['userID'] = self.admin.pk + pm = PackagesManager(request) + return pm.submitPackage() + except BaseException, msg: + return self.ajaxPre(0, str(msg)) - admin = Administrator.objects.get(userName=adminUser) - request.session['userID'] = admin.pk + def fetchPackages(self, request): + try: + userID = self.admin.pk + currentACL = ACLManager.loadedACL(userID) - if hashPassword.check_password(admin.password, adminPass): - pm = PackagesManager(request) - return pm.submitPackage() - else: - return self.ajaxPre(0, 'Invalid login information.') + if ACLManager.currentContextPermission(currentACL, 'deletePackage') == 0: + return ACLManager.loadError() + + packageList = ACLManager.loadPackageObjects(userID, currentACL) + + json_data = "[" + checker = 0 + + for items in packageList: + dic = { + 'packageName': items.packageName, + 'allowedDomains': items.allowedDomains, + 'diskSpace': items.diskSpace, + 'bandwidth': items.bandwidth, + 'emailAccounts': items.emailAccounts, + 'dataBases': items.dataBases, + 'ftpAccounts': items.ftpAccounts, + } + + if checker == 0: + json_data = json_data + json.dumps(dic) + checker = 1 + else: + json_data = json_data + ',' + json.dumps(dic) + + json_data = json_data + ']' + final_json = json.dumps({'status': 1, 'error_message': "None", "data": json_data}) + return HttpResponse(final_json) + except BaseException, msg: + return self.ajaxPre(0, str(msg)) + + def submitPackageDelete(self, request): + try: + pm = PackagesManager(request) + return pm.submitDelete() + except BaseException, msg: + return self.ajaxPre(0, str(msg)) + + def submitPackageModify(self, request): + try: + pm = PackagesManager(request) + return pm.saveChanges() + except BaseException, msg: + return self.ajaxPre(0, str(msg)) + + def getDataFromLogFile(self, request): + try: + wm = WebsiteManager() + return wm.getDataFromLogFile(self.admin.pk, self.data) + except BaseException, msg: + return self.ajaxPre(0, str(msg)) + + def fetchErrorLogs(self, request): + try: + wm = WebsiteManager() + return wm.fetchErrorLogs(self.admin.pk, self.data) + except BaseException, msg: + return self.ajaxPre(0, str(msg)) + + def submitApplicationInstall(self, request): + try: + request.session['userID'] = self.admin.pk + wm = WebsiteManager() + + if self.data['selectedApplication'] == 'WordPress with LSCache': + return wm.installWordpress(self.admin.pk, self.data) + elif self.data['selectedApplication'] == 'Prestashop': + return wm.prestaShopInstall(self.admin.pk, self.data) + elif self.data['selectedApplication'] == 'Joomla': + return wm.installJoomla(self.admin.pk, self.data) except BaseException, msg: return self.ajaxPre(0, str(msg)) - + def obtainServer(self, request): + try: + request.session['userID'] = self.admin.pk + data_ret = {'status': 1, 'serverStatus': ProcessUtilities.decideServer()} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + except BaseException, msg: + return self.ajaxPre(0, str(msg)) diff --git a/cloudAPI/views.py b/cloudAPI/views.py index 620f41f43..adeb31d5c 100644 --- a/cloudAPI/views.py +++ b/cloudAPI/views.py @@ -3,16 +3,29 @@ from __future__ import unicode_literals from cloudManager import CloudManager import json +from loginSystem.models import Administrator def router(request): try: data = json.loads(request.body) controller = data['controller'] - cm = CloudManager(data) + serverUserName = data['serverUserName'] + admin = Administrator.objects.get(userName=serverUserName) + + cm = CloudManager(data, admin) + + if controller == 'statusFunc': + pass + else: + if cm.verifyLogin(request)[0] == 1: + pass + else: + return cm.verifyLogin(request)[1] + if controller == 'verifyLogin': - return cm.verifyLogin() + return cm.verifyLogin(request)[1] elif controller == 'fetchWebsites': return cm.fetchWebsites() elif controller == 'fetchWebsiteDataJSON': @@ -117,6 +130,20 @@ def router(request): return cm.submitACLModifications(request) elif controller == 'submitPackage': return cm.submitPackage(request) + elif controller == 'fetchPackages': + return cm.fetchPackages(request) + elif controller == 'submitPackageDelete': + return cm.submitPackageDelete(request) + elif controller == 'submitPackageModify': + return cm.submitPackageModify(request) + elif controller == 'getDataFromLogFile': + return cm.getDataFromLogFile(request) + elif controller == 'fetchErrorLogs': + return cm.fetchErrorLogs(request) + elif controller == 'submitApplicationInstall': + return cm.submitApplicationInstall(request) + elif controller == 'obtainServer': + return cm.obtainServer(request) except BaseException, msg: cm = CloudManager(None) diff --git a/loginSystem/models.py b/loginSystem/models.py index 7808810ba..8cad9f8d2 100644 --- a/loginSystem/models.py +++ b/loginSystem/models.py @@ -80,6 +80,7 @@ class Administrator(models.Model): email = models.CharField(max_length=50) type = models.IntegerField() owner = models.IntegerField(default=1) + token = models.CharField(max_length=500, default='None') initWebsitesLimit = models.IntegerField(default=0) acl = models.ForeignKey(ACL, default=1) diff --git a/loginSystem/views.py b/loginSystem/views.py index 74414b3bf..c3323a2e7 100644 --- a/loginSystem/views.py +++ b/loginSystem/views.py @@ -30,7 +30,6 @@ def verifyLogin(request): if request.method == "POST": data = json.loads(request.body) - username = data['username'] password = data['password'] @@ -153,9 +152,11 @@ def loadLoginPage(request): acl = ACL.objects.get(name='admin') + token = hashPassword.generateToken('admin', '1234567') + email = 'usman@cyberpersons.com' admin = Administrator(userName="admin", password=password, type=1,email=email, - firstName="Cyber",lastName="Panel", acl=acl) + firstName="Cyber",lastName="Panel", acl=acl, token=token) admin.save() vers = version(currentVersion="1.7",build=3) diff --git a/managePHP/views.py b/managePHP/views.py index 30904c8d4..2a7680f83 100644 --- a/managePHP/views.py +++ b/managePHP/views.py @@ -1427,7 +1427,7 @@ def getCurrentPHPConfig(request): elif phpVers == "PHP 7.2": phpVers = "php72" - if ProcessUtilities.decideServer() == ProcessUtilities.centos: + if ProcessUtilities.decideDistro() == ProcessUtilities.centos: path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" else: initial = phpVers[3] @@ -1612,7 +1612,7 @@ def getCurrentAdvancedPHPConfig(request): elif phpVers == "PHP 7.2": phpVers = "php72" - if ProcessUtilities.decideServer() == ProcessUtilities.centos: + if ProcessUtilities.decideDistro() == ProcessUtilities.centos: path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" else: initial = phpVers[3] @@ -1665,7 +1665,7 @@ def savePHPConfigAdvance(request): elif phpVers == "PHP 7.2": phpVers = "php72" - if ProcessUtilities.decideServer() == ProcessUtilities.centos: + if ProcessUtilities.decideDistro() == ProcessUtilities.centos: path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" else: initial = phpVers[3] diff --git a/packages/packagesManager.py b/packages/packagesManager.py index 30e8c1397..9dd222dc6 100644 --- a/packages/packagesManager.py +++ b/packages/packagesManager.py @@ -113,13 +113,13 @@ class PackagesManager: delPackage = Package.objects.get(packageName=packageName) delPackage.delete() - data_ret = {'deleteStatus': 1, 'error_message': "None"} + data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: - data_ret = {'deleteStatus': 0, 'error_message': str(msg)} + data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -196,11 +196,11 @@ class PackagesManager: modifyPack.allowedDomains = data['allowedDomains'] modifyPack.save() - data_ret = {'saveStatus': 1, 'error_message': "None"} + data_ret = {'status': 1, 'saveStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: - data_ret = {'saveStatus': 0, 'error_message': str(msg)} + data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) diff --git a/plogical/acl.py b/plogical/acl.py index 5a1becfa7..5902cf3b7 100644 --- a/plogical/acl.py +++ b/plogical/acl.py @@ -329,6 +329,15 @@ class ACLManager: return packNames + @staticmethod + def loadPackageObjects(userID, finalResponse): + admin = Administrator.objects.get(pk=userID) + + if finalResponse['admin'] == 1: + return Package.objects.all() + else: + return admin.package_set.all() + @staticmethod def findAllSites(currentACL, userID): websiteNames = [] diff --git a/plogical/hashPassword.py b/plogical/hashPassword.py index b360186fe..89cce7194 100644 --- a/plogical/hashPassword.py +++ b/plogical/hashPassword.py @@ -1,6 +1,6 @@ import uuid import hashlib - +import base64 def hash_password(password): # uuid is used to generate a random number @@ -10,4 +10,9 @@ def hash_password(password): def check_password(hashed_password, user_password): password, salt = hashed_password.split(':') - return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest() \ No newline at end of file + return password == hashlib.sha256(salt.encode() + user_password.encode()).hexdigest() + +def generateToken(serverUserName, serverPassword): + credentials = '{0}:{1}'.format(serverUserName, serverPassword).encode() + encoded_credentials = base64.b64encode(credentials).decode() + return 'Basic {0}'.format(encoded_credentials) \ No newline at end of file diff --git a/plogical/phpUtilities.py b/plogical/phpUtilities.py index 37d1f93c9..93ee79911 100644 --- a/plogical/phpUtilities.py +++ b/plogical/phpUtilities.py @@ -94,7 +94,7 @@ class phpUtilities: def savePHPConfigBasic(phpVers,allow_url_fopen,display_errors,file_uploads,allow_url_include,memory_limit,max_execution_time,upload_max_filesize,max_input_time,post_max_size): try: - if ProcessUtilities.decideServer() == ProcessUtilities.centos: + if ProcessUtilities.decideDistro() == ProcessUtilities.centos: path = "/usr/local/lsws/ls" + phpVers + "/etc/php.ini" else: initial = phpVers[3] diff --git a/plogical/website.py b/plogical/website.py index 3af406d97..b819cc94a 100644 --- a/plogical/website.py +++ b/plogical/website.py @@ -666,7 +666,7 @@ class WebsiteManager: if output.find("1,None") > -1: final_json = json.dumps( - {'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) + {'status': 0,'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) return HttpResponse(final_json) ## get log ends here. @@ -700,7 +700,7 @@ class WebsiteManager: json_data = json_data + ',' + json.dumps(dic) json_data = json_data + ']' - final_json = json.dumps({'logstatus': 1, 'error_message': "None", "data": json_data}) + final_json = json.dumps({'status': 1, 'logstatus': 1, 'error_message': "None", "data": json_data}) return HttpResponse(final_json) def fetchErrorLogs(self, userID = None, data = None): @@ -728,12 +728,12 @@ class WebsiteManager: if output.find("1,None") > -1: final_json = json.dumps( - {'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) + {'status': 0, 'logstatus': 0, 'error_message': "Not able to fetch logs, see CyberPanel main log file!"}) return HttpResponse(final_json) ## get log ends here. - final_json = json.dumps({'logstatus': 1, 'error_message': "None", "data": output}) + final_json = json.dumps({'status': 1, 'logstatus': 1, 'error_message': "None", "data": output}) return HttpResponse(final_json) def getDataFromConfigFile(self, userID = None, data = None): @@ -753,12 +753,12 @@ class WebsiteManager: configData = subprocess.check_output(shlex.split(command)) if len(configData) == 0: - status = {"configstatus": 0, "error_message": "Configuration file is currently empty!"} + status = {'status': 0, "configstatus": 0, "error_message": "Configuration file is currently empty!"} final_json = json.dumps(status) return HttpResponse(final_json) - status = {"configstatus": 1, "configData": configData} + status = {'status': 1, "configstatus": 1, "configData": configData} final_json = json.dumps(status) return HttpResponse(final_json) @@ -1258,9 +1258,14 @@ class WebsiteManager: website = Websites.objects.get(domain=self.domain) try: - subprocess.call(('sudo', 'crontab', '-u', website.externalApp, '-')) + output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"]) except: - pass + try: + subprocess.call(('sudo', 'crontab', '-u', website.externalApp, '-')) + except: + data_ret = {'addNewCron': 0, 'error_message': 'Unable to initialise crontab file for user'} + final_json = json.dumps(data_ret) + return HttpResponse(final_json) output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"]) @@ -1507,14 +1512,14 @@ class WebsiteManager: time.sleep(2) - data_ret = {'installStatus': 1, 'error_message': 'None', + data_ret = {'status': 1, 'installStatus': 1, 'error_message': 'None', 'tempStatusPath': extraArgs['tempStatusPath']} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: - data_ret = {'installStatus': 0, 'error_message': str(msg)} + data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1614,7 +1619,7 @@ class WebsiteManager: if Databases.objects.filter(dbName=dbName).exists() or Databases.objects.filter( dbUser=dbUser).exists(): - data_ret = {'installStatus': 0, + data_ret = {'status': 0, 'installStatus': 0, 'error_message': "0,This database or user is already taken."} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1624,7 +1629,7 @@ class WebsiteManager: if result == 1: pass else: - data_ret = {'installStatus': 0, + data_ret = {'status': 0, 'installStatus': 0, 'error_message': "0,Not able to create database."} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1640,7 +1645,7 @@ class WebsiteManager: if website.master.package.dataBases > website.master.databases_set.all().count(): pass else: - data_ret = {'installStatus': 0, + data_ret = {'status': 0, 'installStatus': 0, 'error_message': "0,Maximum database limit reached for this website."} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1661,7 +1666,7 @@ class WebsiteManager: if website.package.dataBases > website.databases_set.all().count(): pass else: - data_ret = {'installStatus': 0, + data_ret = {'status': 0, 'installStatus': 0, 'error_message': "0,Maximum database limit reached for this website."} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1676,7 +1681,7 @@ class WebsiteManager: db.save() if finalPath.find("..") > -1: - data_ret = {'installStatus': 0, + data_ret = {'status': 0, 'installStatus': 0, 'error_message': "Specified path must be inside virtual host home!"} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1704,16 +1709,15 @@ class WebsiteManager: output = subprocess.Popen(shlex.split(execPath)) - data_ret = {"installStatus": 1, 'tempStatusPath': tempStatusPath} + data_ret = {'status': 1, "installStatus": 1, 'tempStatusPath': tempStatusPath} json_data = json.dumps(data_ret) return HttpResponse(json_data) - ## Installation ends except BaseException, msg: - data_ret = {'installStatus': 0, 'error_message': str(msg)} + data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1925,7 +1929,7 @@ class WebsiteManager: time.sleep(2) - data_ret = {'installStatus': 1, 'error_message': 'None', + data_ret = {'status': 1, 'installStatus': 1, 'error_message': 'None', 'tempStatusPath': extraArgs['tempStatusPath']} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -1933,7 +1937,7 @@ class WebsiteManager: ## Installation ends except BaseException, msg: - data_ret = {'installStatus': 0, 'error_message': str(msg)} + data_ret = {'status': 0, 'installStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) diff --git a/userManagment/views.py b/userManagment/views.py index 48f85c35a..d5976a61b 100644 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -92,9 +92,11 @@ def submitUserCreation(request): else: type = 3 + token = hashPassword.generateToken(userName, password) password = hashPassword.hash_password(password) currentAdmin = Administrator.objects.get(pk=userID) + if ACLManager.websitesLimitCheck(currentAdmin, websitesLimit) == 0: data_ret = {'status': 0, 'createStatus': 0, 'error_message': "You've reached maximum websites limit as a reseller."} @@ -112,7 +114,8 @@ def submitUserCreation(request): password=password, initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, - acl=selectedACL + acl=selectedACL, + token=token ) newAdmin.save() @@ -126,7 +129,8 @@ def submitUserCreation(request): password=password, initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, - acl=selectedACL + acl=selectedACL, + token=token ) newAdmin.save() elif currentACL['createNewUser'] == 1: @@ -139,7 +143,8 @@ def submitUserCreation(request): password=password, initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, - acl=selectedACL + acl=selectedACL, + token=token ) newAdmin.save() else: @@ -228,12 +233,14 @@ def saveModifications(request): admin = Administrator.objects.get(pk=val) user = Administrator.objects.get(userName=accountUsername) + token = hashPassword.generateToken(accountUsername, data['password']) password = hashPassword.hash_password(data['password']) user.firstName = firstName user.lastName = lastName user.email = email user.password = password + user.token = token user.type = 0 user.save() diff --git a/websiteFunctions/templates/websiteFunctions/website.html b/websiteFunctions/templates/websiteFunctions/website.html index 46e2938b2..7d98ee261 100644 --- a/websiteFunctions/templates/websiteFunctions/website.html +++ b/websiteFunctions/templates/websiteFunctions/website.html @@ -3,31 +3,34 @@ {% block title %}{{ domain }} - CyberPanel{% endblock %} {% block content %} -{% load static %} -{% get_current_language as LANGUAGE_CODE %} - + {% load static %} + {% get_current_language as LANGUAGE_CODE %} + -
+
-
-

{{ domain }} - {% trans "Preview" %}

-

{% trans "All functions related to a particular site." %}

-
+
+

{{ domain }} - {% trans "Preview" %}

+

{% trans "All functions related to a particular site." %}

+
- {% if not error %} + {% if not error %} -
+
-
+
-

- {% trans "Resource Usage" %} -

+

+ {% trans "Resource Usage" %} +

-
-
+
+
@@ -63,65 +66,63 @@ -
-
-
-
+
+
+

{% trans "Disk Usage" %}

-
-
-
-
{{ diskUsage }}%
-
+
+
+
+
{{ diskUsage }}%
- - -

- {% trans "Bandwidth Usage" %} -

-
-
-
-
{{ bwUsage }}%
-
-
- - -
+ +

+ {% trans "Bandwidth Usage" %} +

+
+
+
+
{{ bwUsage }}%
+
+
+ +
-
+ +
+
-
+
-
-
+
+
-
+
-
-

- {% trans "Logs" %} -

+
+

+ {% trans "Logs" %} +

-
+
- + {% trans "Access Logs" %} @@ -132,7 +133,7 @@
- + {% trans "Error Logs" %} @@ -141,42 +142,46 @@
-
+
-
-

{% trans "Logs Fetched" %}

-
+
+

{% trans "Logs Fetched" %}

+
-
-

{% trans "Could not fetch logs, see the logs file through command line. Error message:" %} {$ errorMessage $}

-
+
+

{% trans "Could not fetch logs, see the logs file through command line. Error message:" %} + {$ errorMessage $}

+
-
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
- +
- +
- - + +
-
+
@@ -207,666 +212,703 @@
- +
- - + +
-
- +
+
- +
+ +
+
+
+
+
+ + +
+
+ +

+ {% trans "Domains" %} +

+ +
+ +
+ +
+ + + + + {% trans "Add Domains" %} + + +
+ + +
+ + + + + {% trans "List Domains" %} + + +
+ +
+ + + + + {% trans "Domain Alias" %} + + +
+ + +
+ + + + + {% trans "Cron Jobs" %} + + +
+ + + +
+
+ + +
+ +
+ +
+
+ +
+
+ +
+ +
+ +
+
{% trans "Invalid Domain (Note: You don't need to add 'http' or 'https')" %}
+
+ + +
+ +
+ +
+
+ + +
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+
+ + +
+ +
+ + +
+
+ + +
+ +
+ +
+

{$ currentStatus $}

+
+ +
+
+ 70% Complete +
+
+ +
+

{% trans "Error message:" %} {$ errorMessage $}

+
+ +
+

{% trans "Website succesfully created." %}

+
+ + +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
+ + +
+
+ +
+ +
+ +
+
+ + +
+
+ + + + + +
+ +
+ + +
+

{% trans "PHP Version Changed to:" %} {$ changedPHPVersion $}

+
+ +
+

{% trans "Deleted:" %} {$ deletedDomain $}

+
+ +
+

{% trans "SSL Issued:" %} {$ sslDomainIssued $}

+
+ +
+

{% trans "Changes applied successfully." %}

+
+ + +
+

{$ errorMessage $}

+
+ + +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
+ + +
+ +
+ +
+ +
+ +
+ + +
+ + + + + + + + + + + + + + + + + + + + + + + +
DomainLaunchPathopen_basedirPHPSSLDelete
+ + + + + + + + +
+
+
+ + +
+ +
+ + +
+ +
+
+
+ + +
+ +
+

+ {% trans "Configurations" %} +

+ + +
+
+ +
+ + + + + + {% trans "vHost Conf" %} + + +
+ + +
+ + + + + + {% trans "Rewrite Rules" %} + + +
+ + +
+ + + + + + {% trans "Add SSL" %} + + +
+ + +
+ + + + + + {% trans "Change PHP" %} + + +
+ + + +
+ +
+ +
+

{% trans "SSL Saved" %}

+
+ + +
+

{% trans "Could not save SSL. Error message:" %} {$ errorMessage $}

+
+ + +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
+ + +
+
+ +
+
+ +
+
+ +
+
+ +
+ +
+ + +
+
- - -
-
-
-
-
+ -
-
+ -

- {% trans "Domains" %} -

+
-
+
-
+
+

{% trans "Current configuration in the file fetched." %}

+
-
- - - - - {% trans "Add Domains" %} - -
+
+

{% trans "Could not fetch current configuration. Error message:" %} {$ + errorMessage $}

+
-
- - - - - {% trans "List Domains" %} - +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
-
+
+

{% trans "Configurations saved." %}

+
-
- - - - - {% trans "Domain Alias" %} - +
+

{% trans "Could not fetch current configuration. Error message:" %} {$ + errorMessage $}

+
-
- -
- - - - - {% trans "Cron Jobs" %} - - -
- - - - - -
- - - -
- -
- -
-
- -
-
- -
- -
- -
-
{% trans "Invalid Domain (Note: You don't need to add 'http' or 'https')" %}
-
- - -
- -
- -
-
- - - -
- -
-
- -
-
- -
-
- -
-
- -
-
- -
-
-
- - -
- -
- - -
-
- - - -
- -
- -
-

{$ currentStatus $}

-
- -
-
- 70% Complete -
-
- -
-

{% trans "Error message:" %} {$ errorMessage $}

-
- -
-

{% trans "Website succesfully created." %}

-
- - - -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- - -
-
- -
- -
- -
-
- - - -
- - - - - -
- -
- - - -
-

{% trans "PHP Version Changed to:" %} {$ changedPHPVersion $}

-
- -
-

{% trans "Deleted:" %} {$ deletedDomain $}

-
- -
-

{% trans "SSL Issued:" %} {$ sslDomainIssued $}

-
- -
-

{% trans "Changes applied successfully." %}

-
- - -
-

{$ errorMessage $}

-
- - -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- - - - -
- -
- -
- -
- -
- - -
- - - - - - - - - - - - - - - - - - - - - - - -
DomainLaunchPathopen_basedirPHPSSLDelete
- - - -
-
-
- - -
- -
- - -
- -
-
-
- - -
- -
-

- {% trans "Configurations" %} -

- - -
-
- -
- - - - - - {% trans "vHost Conf" %} - - -
- - -
- - - - - - {% trans "Rewrite Rules" %} - - -
- - -
- - - - - - {% trans "Add SSL" %} - - -
- - -
- - - - - - {% trans "Change PHP" %} - - -
- - - -
- -
- -
-

{% trans "SSL Saved" %}

-
- - -
-

{% trans "Could not save SSL. Error message:" %} {$ errorMessage $}

-
- - -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- - -
-
- -
-
- -
-
- -
+
+
+
- -
- -
- - -
+
+
+
- - - - - - - -
- - - - - - - -
- -
- -
-

{% trans "Current configuration in the file fetched." %}

-
- - -
-

{% trans "Could not fetch current configuration. Error message:" %} {$ errorMessage $}

-
- - -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- -
-

{% trans "Configurations saved." %}

-
- -
-

{% trans "Could not fetch current configuration. Error message:" %} {$ errorMessage $}

-
- - -
-
- -
-
- -
-
- -
- -
- - -
-
- - -
- -
- - - -
- -
- - -
-

{% trans "Current rewrite rules in the file fetched." %} Click to read more about whats changed in rewrite rules from v1.7 onwards.

-
- - -
-

{% trans "Could not fetch current rewrite rules. Error message:" %} {$ errorMessage $}

-
- - -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
- -
-

{% trans "Configurations saved." %}

-
- -
-

{% trans "Could not save rewrite rules. Error message:" %} {$ errorMessage $}

-
- - -
-
- -
-
- -
-
- -
- -
- - -
-
- - -
- -
- - - -
- -
- - - -
- -
- -
- -
- -
- -
- - - - -
- -
- -
-
- - - -
- - -
-
-

{% trans "Failed to change PHP version. Error message:" %} {$ errorMessage $}

-
- -
-

{% trans "PHP successfully changed for: " %} {$ websiteDomain $}

-
- -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
-
- - +
+ +
+
+
-
+ + + +
+ +
+ + +
+

{% trans "Current rewrite rules in the file fetched." %} Click + to read more about whats changed in rewrite + rules from v1.7 onwards.

+
+ + +
+

{% trans "Could not fetch current rewrite rules. Error message:" %} {$ + errorMessage $}

+
+ + +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
+ +
+

{% trans "Configurations saved." %}

+
+ +
+

{% trans "Could not save rewrite rules. Error message:" %} {$ errorMessage + $}

+
+ + +
+
+ +
+
+ +
+
+ +
+ +
+ + +
+
+ + +
+ +
+ + + +
+ +
+ + +
+ +
+ +
+ +
+ +
+ +
+ + +
+ +
+ +
+
+ + +
+ + +
+
+

{% trans "Failed to change PHP version. Error message:" %} {$ + errorMessage $}

+
+ +
+

{% trans "PHP successfully changed for: " %} {$ websiteDomain + $}

+
+ +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
+
+ + +
+ + +
+
+
-
-
+
+
+
-
-
-

- {% trans "Files" %} -

+
+
+

+ {% trans "Files" %} +

-
-
+
+
-
+
- + {% trans "File Manager" %} -
+
-
+
- + {% trans "open_basedir" %} -
+
-
+
- - + + {% trans "Create FTP Acct" %} -
+
-
+
- - + + {% trans "Delete FTP Acct" %} @@ -875,223 +917,230 @@
- + -
+
-
+ -
- -
- +
+ +
+ +
+ +
+ +
+ +
+ +
+ +
+ + +
+ +
+ +
+
+
+ + +
+
+

{% trans "Error message:" %} {$ errorMessage $}

-
- +
+

{% trans "Changes successfully saved." %}

-
- +
+

{% trans "Could not connect to server. Please refresh this page." %}

+
-
+
-
- -
- -
-
-
- - -
-
-

{% trans "Error message:" %} {$ errorMessage $}

-
- -
-

{% trans "Changes successfully saved." %}

-
- -
-

{% trans "Could not connect to server. Please refresh this page." %}

-
-
- +
+ - + +
- - - - -
-
-
- {% if marketingStatus %} + {% if marketingStatus %} -
-
-

- {% trans "Email Marketing" %} -

+
+
+

+ {% trans "Email Marketing" %} +

-
-
+
+
-
+
- - - - - {% trans "Create Lists" %} - + + + + + {% trans "Create Lists" %} + +
+ +
+ + + + + + {% trans "Manage Lists" %} + + +
+ +
+ + + + + + {% trans "SMTP Hosts" %} + + +
+ +
+ + + + + + {% trans "Compose" %} + + +
+ +
+ + + + + + {% trans "Send Emails" %} + + +
+ +
+
- -
- - - - - - {% trans "Manage Lists" %} - - -
- -
- - - - - - {% trans "SMTP Hosts" %} - - -
- -
- - - - - - {% trans "Compose" %} - - -
- -
- - - - - - {% trans "Send Emails" %} - - -
-
-
-
-
- {% endif %} + {% endif %} -
+
-
-

- {% trans "Application Installer" %} -

+
+

+ {% trans "Application Installer" %} +

-
-
+
+
-
+
- - + + - + {% trans "Wordpress with LSCache" %} -
+
-
+
- - + + - + {% trans "Joomla" %} -
+
-
+
- - + + - + {% trans "Git" %} -
+
+
-
- - - + + - + {% trans "Prestashop" %} +
+ + +
-
-
+
-
-
+ {% else %} + +
+

{{ domain }}

+
+ + + {% endif %} - {% else %} -
-

{{ domain }}

- {% endif %} - - - - -
- - {% endblock %} \ No newline at end of file