diff --git a/cli/cyberPanel.py b/cli/cyberPanel.py index f4ca95b53..b04273bf5 100755 --- a/cli/cyberPanel.py +++ b/cli/cyberPanel.py @@ -1428,6 +1428,49 @@ def main(): print(response.content.decode()) + elif args.function == "editUser": + + completeCommandExample = 'cyberpanel editUser --userName cyberpanel --firstName Cyber --lastName Panel --email email@cyberpanel.net --password securepassword --securityLevel HIGH' + + if not args.firstName: + print("\n\nPlease enter First Name. For example:\n\n" + completeCommandExample + "\n\n") + return + + if not args.lastName: + print("\n\nPlease enter Last Name. For example:\n\n" + completeCommandExample + "\n\n") + return + + if not args.email: + print("\n\nPlease enter Email. For example:\n\n" + completeCommandExample + "\n\n") + return + + if not args.userName: + print("\n\nPlease enter User name. For example:\n\n" + completeCommandExample + "\n\n") + return + + if not args.password: + print("\n\nPlease enter password. For example:\n\n" + completeCommandExample + "\n\n") + return + + if not args.securityLevel: + print("\n\nPlease set security level. For example:\n\n" + completeCommandExample + "\n\n") + return + + from userManagment.views import saveModifications + + data = {} + data['accountUsername'] = args.userName + data['firstName'] = args.firstName + data['lastName'] = args.lastName + data['email'] = args.email + data['passwordByPass'] = args.password + data['securityLevel'] = args.securityLevel + data['userID'] = 1 + + response = saveModifications(data) + + print(response.content.decode()) + diff --git a/userManagment/views.py b/userManagment/views.py index 8105734d1..0d7da486f 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -32,7 +32,6 @@ def loadUserHome(request): except KeyError: return redirect(loadLoginPage) - def viewProfile(request): try: userID = request.session['userID'] @@ -52,7 +51,6 @@ def viewProfile(request): except KeyError: return redirect(loadLoginPage) - def createUser(request): try: userID = request.session['userID'] @@ -74,7 +72,6 @@ def createUser(request): logging.CyberCPLogFileWriter.writeToFile(str(msg)) return redirect(loadLoginPage) - def apiAccess(request): try: userID = request.session['userID'] @@ -317,63 +314,70 @@ def fetchUserDetails(request): def saveModifications(request): try: - val = request.session['userID'] try: - if request.method == 'POST': + val = request.session['userID'] + except: + val = request['userID'] + try: + try: data = json.loads(request.body) - accountUsername = data['accountUsername'] - firstName = data['firstName'] - lastName = data['lastName'] - email = data['email'] - try: - securityLevel = data['securityLevel'] - except: - securityLevel = 'HIGH' + except: + data = request - user = Administrator.objects.get(userName=accountUsername) + accountUsername = data['accountUsername'] + firstName = data['firstName'] + lastName = data['lastName'] + email = data['email'] + try: + securityLevel = data['securityLevel'] + except: + securityLevel = 'HIGH' - currentACL = ACLManager.loadedACL(val) - loggedUser = Administrator.objects.get(pk=val) + user = Administrator.objects.get(userName=accountUsername) - if currentACL['admin'] == 1: - pass - elif user.owner == loggedUser.pk: - pass - elif user.pk == loggedUser.pk: - pass - else: - data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) + currentACL = ACLManager.loadedACL(val) + loggedUser = Administrator.objects.get(pk=val) - token = hashPassword.generateToken(accountUsername, data['passwordByPass']) - password = hashPassword.hash_password(data['passwordByPass']) - - user.firstName = firstName - user.lastName = lastName - user.email = email - user.password = password - user.token = token - user.type = 0 - - if securityLevel == 'LOW': - user.securityLevel = secMiddleware.LOW - else: - user.securityLevel = secMiddleware.HIGH - - user.save() - - adminEmailPath = '/home/cyberpanel/adminEmail' - - if accountUsername == 'admin': - writeToFile = open(adminEmailPath, 'w') - writeToFile.write(email) - writeToFile.close() - - data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'} + if currentACL['admin'] == 1: + pass + elif user.owner == loggedUser.pk: + pass + elif user.pk == loggedUser.pk: + pass + else: + data_ret = {'fetchStatus': 0, 'error_message': 'Un-authorized access.'} json_data = json.dumps(data_ret) return HttpResponse(json_data) + token = hashPassword.generateToken(accountUsername, data['passwordByPass']) + password = hashPassword.hash_password(data['passwordByPass']) + + user.firstName = firstName + user.lastName = lastName + user.email = email + user.password = password + user.token = token + user.type = 0 + + if securityLevel == 'LOW': + user.securityLevel = secMiddleware.LOW + else: + user.securityLevel = secMiddleware.HIGH + + user.save() + + adminEmailPath = '/home/cyberpanel/adminEmail' + + if accountUsername == 'admin': + writeToFile = open(adminEmailPath, 'w') + writeToFile.write(email) + writeToFile.close() + + data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + + except BaseException as msg: data_ret = {'status': 0, 'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret)