Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2026-01-15 03:52:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'stable' into henna

Browse Source
This commit is contained in:
hennaboy
2019-11-13 08:40:49 +00:00
parent c2300b2890 c0fbfdbe7c
commit e79eef2e7f
13 changed files with 134 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CyberCP/secMiddleware.py
View File

@@ -2,19 +2,24 @@ from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging
import json
from django.shortcuts import HttpResponse
import re
from loginSystem.models import Administrator
class secMiddleware:
HIGH = 0
LOW = 1
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
try:
uID = request.session['userID']
admin = Administrator.objects.get(pk=uID)
ipAddr = request.META.get('REMOTE_ADDR')
if ipAddr.find('.') > -1:
if request.session['ipAddr'] == ipAddr:
if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
pass
else:
del request.session['userID']
@@ -27,7 +32,7 @@ class secMiddleware:
else:
ipAddr = request.META.get('REMOTE_ADDR').split(':')[:3]
if request.session['ipAddr'] == ipAddr:
if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
pass
else:
del request.session['userID']

20
WebTerminal/CPWebSocket.py
View File

@@ -12,6 +12,22 @@ class SSHServer(multi.Thread):
OKGREEN = '\033[92m'
ENDC = '\033[0m'
DEFAULT_PORT = 22
@staticmethod
def findSSHPort():
try:
sshData = open('/etc/ssh/sshd_config', 'r').readlines()
for items in sshData:
if items.find('Port') > -1:
if items[0] == 0:
pass
else:
SSHServer.DEFAULT_PORT = int(items.split(' ')[1])
except:
pass
def loadPublicKey(self):
pubkey = '/root/.ssh/cyberpanel.pub'
data = open(pubkey, 'r').read()
@@ -41,7 +57,7 @@ class SSHServer(multi.Thread):
## Load Public Key
self.loadPublicKey()
self.sshclient.connect('127.0.0.1', 22, username='root', pkey=k)
self.sshclient.connect('127.0.0.1', SSHServer.DEFAULT_PORT, username='root', pkey=k)
self.shell = self.sshclient.invoke_shell(term='xterm')
self.shell.settimeout(0)
@@ -113,6 +129,8 @@ if __name__ == "__main__":
writeToFile.write(str(os.getpid()))
writeToFile.close()
SSHServer.findSSHPort()
server = SimpleSSLWebSocketServer('0.0.0.0', '5678', WebTerminalServer, '/usr/local/lscp/conf/cert.pem', '/usr/local/lscp/conf/key.pem', version=ssl.PROTOCOL_TLSv1)
def close_sig_handler(signal, frame):

2
install/install.py
View File

@@ -279,8 +279,6 @@ class preFlightsChecks:
##
count = 0
if self.distro == ubuntu:
# self.stdOut("Fix sudoers")
# try:

1
loginSystem/models.py
View File

@@ -85,6 +85,7 @@ class Administrator(models.Model):
owner = models.IntegerField(default=1)
token = models.CharField(max_length=500, default='None')
api = models.IntegerField(default=0)
securityLevel = models.IntegerField(default=0)
initWebsitesLimit = models.IntegerField(default=0)
acl = models.ForeignKey(ACL, default=1)

23
plogical/cPanelImporter.py
View File

@@ -25,6 +25,7 @@ from plogical.vhost import vhost
from plogical.virtualHostUtilities import virtualHostUtilities
from plogical.mailUtilities import mailUtilities
from mailServer.models import EUsers
import time
class ChildDomains:
@@ -48,6 +49,7 @@ class cPanelImporter:
self.homeDir = ''
self.documentRoot = ''
self.mailFormat = 1
self.externalApp = ''
def PHPDecider(self):
@@ -209,18 +211,21 @@ class cPanelImporter:
message = 'Calling core to create %s.' % (DomainName)
logging.statusWriter(self.logFile, message, 1)
externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7]
self.externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7]
try:
counter = 0
while 1:
tWeb = Websites.objects.get(externalApp=externalApp)
externalApp = '%s%s' % (tWeb.externalApp, str(counter))
while True:
tWeb = Websites.objects.get(externalApp=self.externalApp)
self.externalApp = '%s%s' % (tWeb.externalApp, str(counter))
counter = counter + 1
except:
pass
print self.externalApp
except BaseException, msg:
logging.statusWriter(self.logFile, str(msg), 1)
time.sleep(2)
result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, externalApp, 0, 0,
result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, self.externalApp, 0, 0,
0, 'admin', 'Default', 0)
if result[0] == 1:
@@ -278,7 +283,7 @@ class cPanelImporter:
shutil.copytree(movePath, nowPath, symlinks=True)
command = 'chown -R %s:%s %s' % (externalApp, externalApp, nowPath)
command = 'chown -R %s:%s %s' % (self.externalApp, self.externalApp, nowPath)
ProcessUtilities.normalExecutioner(command)
message = 'Main site %s created from archive file: %s' % (DomainName, self.backupFile)
@@ -708,7 +713,7 @@ class cPanelImporter:
return 0
def FixPermissions(self):
externalApp = "".join(re.findall("[a-zA-Z]+", self.mainDomain))[:7]
externalApp = self.externalApp
command = "sudo chown -R " + externalApp + ":" + externalApp + " /home/" + self.mainDomain
ProcessUtilities.normalExecutioner(command)

9
plogical/upgrade.py
View File

@@ -201,7 +201,7 @@ class Upgrade:
os.chdir("/usr/local/CyberCP/public")
command = '/usr/local/lsws/lsphp70/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin'
command = '/usr/local/lsws/lsphp71/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin'
Upgrade.executioner(command, 0)
## Write secret phrase
@@ -494,7 +494,7 @@ class Upgrade:
def upgradeVersion():
try:
vers = version.objects.get(pk=1)
getVersion = requests.get('https://cyberpanel.net/version.txt')
getVersion = requests.get('https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/version.txt')
latest = getVersion.json()
vers.currentVersion = latest['version']
vers.build = latest['build']
@@ -553,6 +553,11 @@ class Upgrade:
except:
pass
try:
cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer DEFAULT 1')
except:
pass
try:
cursor.execute('ALTER TABLE loginSystem_administrator ADD api integer')
except:

21
plogical/virtualHostUtilities.py
View File

@@ -105,11 +105,21 @@ class virtualHostUtilities:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]')
return 0, "This website already exists."
if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]')
return 0, "This website already exists."
if ChildDomains.objects.filter(domain=virtualHostName).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath,
'This website already exists as child domain. [404]')
return 0, "This website already exists as child domain."
if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath,
'This website already exists as child domain. [404]')
return 0, "This website already exists as child domain."
####### Limitations Check End
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'Creating DNS records..,10')
@@ -1040,11 +1050,22 @@ class virtualHostUtilities:
'This Domain already exists as a website. [404]')
return 0, "This Domain already exists as a website."
if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath,
'This Domain already exists as a website. [404]')
return 0, "This Domain already exists as a website."
if ChildDomains.objects.filter(domain=virtualHostName).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath,
'This domain already exists as child domain. [404]')
return 0, "This domain already exists as child domain."
if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0:
logging.CyberCPLogFileWriter.statusWriter(tempStatusPath,
'This domain already exists as child domain. [404]')
return 0, "This domain already exists as child domain."
####### Limitations check
master = Websites.objects.get(domain=masterDomain)

8
static/userManagment/userManagment.js
View File

@@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) {
selectedACL: selectedACL,
websitesLimit: websitesLimits,
userName: userName,
password: password
password: password,
securityLevel: $scope.securityLevel
};
var config = {
@@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.firstName = userDetails.firstName;
$scope.lastName = userDetails.lastName;
$scope.email = userDetails.email;
$scope.secLevel = userDetails.securityLevel;
$scope.userModificationLoading = true;
$scope.acctDetailsFetched = false;
@@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.detailsFetched = false;
$scope.userAccountsLimit = true;
$scope.websitesLimit = true;
} else {
$scope.userModificationLoading = true;
$scope.acctDetailsFetched = true;
@@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) {
firstName: firstName,
lastName: lastName,
email: email,
password: password
password: password,
securityLevel: $scope.securityLevel
};
var config = {

2
upgrade.sh Normal file → Executable file
View File

@@ -6,7 +6,7 @@
## Then run it like below.
## /usr/local/CyberCP/upgrade.sh
cd /usr/local/CyberCP && python manage.py collectstatic --no-input
cd /usr/local/CyberCP && /usr/local/CyberCP/bin/python2 manage.py collectstatic --no-input
rm -rf /usr/local/CyberCP/public/static/*
cp -R /usr/local/CyberCP/static/* /usr/local/CyberCP/public/static/
find /usr/local/CyberCP -type d -exec chmod 0755 {} \;

8
userManagment/static/userManagment/userManagment.js
View File

@@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) {
selectedACL: selectedACL,
websitesLimit: websitesLimits,
userName: userName,
password: password
password: password,
securityLevel: $scope.securityLevel
};
var config = {
@@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.firstName = userDetails.firstName;
$scope.lastName = userDetails.lastName;
$scope.email = userDetails.email;
$scope.secLevel = userDetails.securityLevel;
$scope.userModificationLoading = true;
$scope.acctDetailsFetched = false;
@@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.detailsFetched = false;
$scope.userAccountsLimit = true;
$scope.websitesLimit = true;
} else {
$scope.userModificationLoading = true;
$scope.acctDetailsFetched = true;
@@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) {
firstName: firstName,
lastName: lastName,
email: email,
password: password
password: password,
securityLevel: $scope.securityLevel
};
var config = {

11
userManagment/templates/userManagment/createUser.html
View File

@@ -102,6 +102,17 @@
</div>
</div>
<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Security Level" %}</label>
<div class="col-sm-6">
<select ng-change="fetchUserDetails()" ng-model="securityLevel" class="form-control">
<option>HIGH</option>
<option>LOW</option>
</select>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label"></label>
<div class="col-sm-4">

14
userManagment/templates/userManagment/modifyUser.html
View File

@@ -81,6 +81,20 @@
</div>
<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Security Level" %}</label>
<div class="col-sm-6">
<select ng-change="fetchUserDetails()" ng-model="securityLevel" class="form-control">
<option>HIGH</option>
<option>LOW</option>
</select>
</div>
<div class="col-sm-3">
Currently: {$ secLevel $}
</div>
</div>
<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label"></label>
<div class="col-sm-4">

31
userManagment/views.py
View File

@@ -10,6 +10,7 @@ from plogical import hashPassword
from plogical import CyberCPLogFileWriter as logging
from plogical.acl import ACLManager
from plogical.virtualHostUtilities import virtualHostUtilities
from CyberCP.secMiddleware import secMiddleware
# Create your views here.
@@ -138,6 +139,7 @@ def submitUserCreation(request):
password = data['password']
websitesLimit = data['websitesLimit']
selectedACL = data['selectedACL']
securityLevel = data['securityLevel']
selectedACL = ACL.objects.get(name=selectedACL)
@@ -146,6 +148,11 @@ def submitUserCreation(request):
else:
type = 3
if securityLevel == 'LOW':
securityLevel = secMiddleware.LOW
else:
securityLevel = secMiddleware.HIGH
token = hashPassword.generateToken(userName, password)
password = hashPassword.hash_password(password)
currentAdmin = Administrator.objects.get(pk=userID)
@@ -168,7 +175,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()
@@ -183,7 +191,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()
elif currentACL['createNewUser'] == 1:
@@ -197,7 +206,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()
else:
@@ -261,6 +271,12 @@ def fetchUserDetails(request):
email = user.email
websitesLimit = user.initWebsitesLimit
securityLevel = ''
if user.securityLevel == secMiddleware.LOW:
securityLevel = 'Low'
else:
securityLevel = 'High'
userDetails = {
"id": user.id,
@@ -268,7 +284,8 @@ def fetchUserDetails(request):
"lastName": lastName,
"email": email,
"acl": user.acl.name,
"websitesLimit": websitesLimit
"websitesLimit": websitesLimit,
"securityLevel": securityLevel
}
data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails}
@@ -296,6 +313,7 @@ def saveModifications(request):
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
securityLevel = data['securityLevel']
user = Administrator.objects.get(userName=accountUsername)
@@ -323,6 +341,11 @@ def saveModifications(request):
user.token = token
user.type = 0
if securityLevel == 'LOW':
user.securityLevel = secMiddleware.LOW
else:
user.securityLevel = secMiddleware.HIGH
user.save()
data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'}