From 791f316170525c0e828ed8d7c65b31e3528edc88 Mon Sep 17 00:00:00 2001 From: humzayunasnandla <58523126+humzayunasnandla@users.noreply.github.com> Date: Wed, 17 Jun 2020 00:03:40 +0500 Subject: [PATCH 1/5] Update urls.py --- api/urls.py | 1 + 1 file changed, 1 insertion(+) diff --git a/api/urls.py b/api/urls.py index b694236e7..b238fa906 100755 --- a/api/urls.py +++ b/api/urls.py @@ -14,6 +14,7 @@ urlpatterns = [ url(r'^changeUserPassAPI', views.changeUserPassAPI, name='changeUserPassAPI'), url(r'^submitUserDeletion$', views.submitUserDeletion, name='submitUserDeletion'), + url(r'^listPackage',views.getPackagesListAPI,name='getPackagesListAPI'), url(r'^changePackageAPI', views.changePackageAPI, name='changePackageAPI'), url(r'^fetchSSHkey', views.fetchSSHkey, name='fetchSSHkey'), url(r'^remoteTransfer', views.remoteTransfer, name='remoteTransfer'), From 5e3d5d39e55aa48ee68d88b912ae9b4cd05c8f24 Mon Sep 17 00:00:00 2001 From: humzayunasnandla <58523126+humzayunasnandla@users.noreply.github.com> Date: Wed, 17 Jun 2020 00:04:12 +0500 Subject: [PATCH 2/5] Update views.py --- api/views.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/api/views.py b/api/views.py index 52323f091..41613aafd 100755 --- a/api/views.py +++ b/api/views.py @@ -14,6 +14,7 @@ import os from baseTemplate.models import version from plogical.mailUtilities import mailUtilities from websiteFunctions.website import WebsiteManager +from packages.packagesManager import PackagesManager from s3Backups.s3Backups import S3Backups from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging from plogical.processUtilities import ProcessUtilities @@ -67,6 +68,19 @@ def createWebsite(request): wm = WebsiteManager() return wm.createWebsiteAPI(json.loads(request.body)) +@csrf_exempt +def getPackagesListAPI(request): + data = json.loads(request.body) + adminUser = data['adminUser'] + admin = Administrator.objects.get(userName=adminUser) + if admin.api == 0: + data_ret = {"existsStatus": 0, 'listPackages': [], + 'error_message': "API Access Disabled."} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + pm = PackagesManager() + return pm.listPackagesAPI(data) + @csrf_exempt def getUserInfo(request): try: From 06e11634f24dac0c79f99c381befd2b82b5d4744 Mon Sep 17 00:00:00 2001 From: humzayunasnandla <58523126+humzayunasnandla@users.noreply.github.com> Date: Wed, 17 Jun 2020 00:04:59 +0500 Subject: [PATCH 3/5] Update packagesManager.py --- packages/packagesManager.py | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/packages/packagesManager.py b/packages/packagesManager.py index 897465283..4137aaaa9 100755 --- a/packages/packagesManager.py +++ b/packages/packagesManager.py @@ -2,6 +2,9 @@ import os.path import sys import django + +from plogical import hashPassword + sys.path.append('/usr/local/CyberCP') os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings") django.setup() @@ -235,6 +238,30 @@ class PackagesManager: except BaseException as msg: return redirect(loadLoginPage) + def listPackagesAPI(self,data=None): + """ + List of packages for API + :param data: + :return HttpResponse: + """ + try: + adminUser = data['adminUser'] + adminPass = data['adminPass'] + admin = Administrator.objects.get(userName=adminUser) + if hashPassword.check_password(admin.password, adminPass): + currentACL = ACLManager.loadedACL(admin.id) + packageList = ACLManager.loadPackages(admin.id, currentACL) + return HttpResponse(json.dumps(packageList)) + else: + data_ret = {"status": 0, + 'error_message': "Could not authorize access to API"} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + except BaseException as msg: + data_ret = {'status': 0, 'error_message': str(msg)} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + def fetchPackagesTable(self): try: userID = self.request.session['userID'] From c7209b52da47a1b0032fb37e7ec2690944dd119d Mon Sep 17 00:00:00 2001 From: humzayunasnandla <58523126+humzayunasnandla@users.noreply.github.com> Date: Wed, 17 Jun 2020 15:08:46 +0500 Subject: [PATCH 4/5] Update packagesManager.py --- packages/packagesManager.py | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/packages/packagesManager.py b/packages/packagesManager.py index 4137aaaa9..1f033ad18 100755 --- a/packages/packagesManager.py +++ b/packages/packagesManager.py @@ -246,17 +246,10 @@ class PackagesManager: """ try: adminUser = data['adminUser'] - adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) - if hashPassword.check_password(admin.password, adminPass): - currentACL = ACLManager.loadedACL(admin.id) - packageList = ACLManager.loadPackages(admin.id, currentACL) - return HttpResponse(json.dumps(packageList)) - else: - data_ret = {"status": 0, - 'error_message': "Could not authorize access to API"} - json_data = json.dumps(data_ret) - return HttpResponse(json_data) + currentACL = ACLManager.loadedACL(admin.id) + packageList = ACLManager.loadPackages(admin.id, currentACL) + return HttpResponse(json.dumps(packageList); except BaseException as msg: data_ret = {'status': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) From 9f9b9962c438784f1cf586eef7398b7a77778968 Mon Sep 17 00:00:00 2001 From: humzayunasnandla <58523126+humzayunasnandla@users.noreply.github.com> Date: Wed, 17 Jun 2020 15:09:01 +0500 Subject: [PATCH 5/5] Update views.py --- api/views.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/api/views.py b/api/views.py index 41613aafd..af3f5a51b 100755 --- a/api/views.py +++ b/api/views.py @@ -72,14 +72,20 @@ def createWebsite(request): def getPackagesListAPI(request): data = json.loads(request.body) adminUser = data['adminUser'] + adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if admin.api == 0: data_ret = {"existsStatus": 0, 'listPackages': [], 'error_message': "API Access Disabled."} + return HttpResponse(json.dumps(data_ret)) + if hashPassword.check_password(admin.password, adminPass): + pm = PackagesManager() + return pm.listPackagesAPI(data) + else: + data_ret = {"status": 0,'error_message': "Could not authorize access to API"} json_data = json.dumps(data_ret) return HttpResponse(json_data) - pm = PackagesManager() - return pm.listPackagesAPI(data) + @csrf_exempt def getUserInfo(request):