From 461f4828978b11a64871f2ef002477fdba3797b3 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Mon, 1 Jun 2020 19:36:36 +0500 Subject: [PATCH] delete user: ref https://github.com/usmannasir/cyberpanel/issues/335 --- cli/cyberPanel.py | 19 +++++++++++++++- userManagment/views.py | 50 +++++++++++++++++++++++------------------- 2 files changed, 45 insertions(+), 24 deletions(-) diff --git a/cli/cyberPanel.py b/cli/cyberPanel.py index 9336ba78a..5ff419469 100755 --- a/cli/cyberPanel.py +++ b/cli/cyberPanel.py @@ -24,7 +24,6 @@ from plogical.ftpUtilities import FTPUtilities from plogical.sslUtilities import sslUtilities from plogical.processUtilities import ProcessUtilities from plogical.backupSchedule import backupSchedule -from django.http import HttpRequest # All that we see or seem is but a dream within a dream. @@ -1379,6 +1378,24 @@ def main(): print(response.content.decode()) + elif args.function == "deleteUser": + + completeCommandExample = 'cyberpanel deleteUser --userName cyberpanel' + + if not args.userName: + print("\n\nPlease enter User Name. For example:\n\n" + completeCommandExample + "\n\n") + return + + from userManagment.views import submitUserDeletion + + data = {} + data['accountUsername'] = args.userName + data['userID'] = 1 + + response = submitUserDeletion(data) + + print(response.content.decode()) + if __name__ == "__main__": diff --git a/userManagment/views.py b/userManagment/views.py index f500ee26a..6bb9d1b0c 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -255,7 +255,6 @@ def modifyUsers(request): except KeyError: return redirect(loadLoginPage) - def fetchUserDetails(request): try: val = request.session['userID'] @@ -316,7 +315,6 @@ def fetchUserDetails(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - def saveModifications(request): try: val = request.session['userID'] @@ -386,7 +384,6 @@ def saveModifications(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) - def deleteUser(request): try: userID = request.session['userID'] @@ -405,38 +402,45 @@ def deleteUser(request): except KeyError: return redirect(loadLoginPage) - def submitUserDeletion(request): + try: - userID = request.session['userID'] + try: + userID = request.session['userID'] + except: + userID = request['userID'] try: - if request.method == 'POST': + try: data = json.loads(request.body) - accountUsername = data['accountUsername'] + except: + data = request - currentACL = ACLManager.loadedACL(userID) + accountUsername = data['accountUsername'] - currentUser = Administrator.objects.get(pk=userID) - userInQuestion = Administrator.objects.get(userName=accountUsername) + currentACL = ACLManager.loadedACL(userID) - if ACLManager.checkUserOwnerShip(currentACL, currentUser, userInQuestion): - user = Administrator.objects.get(userName=accountUsername) + currentUser = Administrator.objects.get(pk=userID) + userInQuestion = Administrator.objects.get(userName=accountUsername) - childUsers = Administrator.objects.filter(owner=user.pk) + if ACLManager.checkUserOwnerShip(currentACL, currentUser, userInQuestion): + user = Administrator.objects.get(userName=accountUsername) - for items in childUsers: - items.delete() + childUsers = Administrator.objects.filter(owner=user.pk) - user.delete() + for items in childUsers: + items.delete() + + user.delete() + + data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': 'None'} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + else: + data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': 'Not enough privileges.'} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) - data_ret = {'status': 1, 'deleteStatus': 1, 'error_message': 'None'} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) - else: - data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': 'Not enough privileges.'} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) except BaseException as msg: data_ret = {'status': 0, 'deleteStatus': 0, 'error_message': str(msg)}