diff --git a/CyberCP/secMiddleware.py b/CyberCP/secMiddleware.py index b6de2c7ac..3efed4d2b 100755 --- a/CyberCP/secMiddleware.py +++ b/CyberCP/secMiddleware.py @@ -2,19 +2,24 @@ from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging import json from django.shortcuts import HttpResponse import re +from loginSystem.models import Administrator class secMiddleware: + HIGH = 0 + LOW = 1 + def __init__(self, get_response): self.get_response = get_response def __call__(self, request): try: uID = request.session['userID'] + admin = Administrator.objects.get(pk=uID) ipAddr = request.META.get('REMOTE_ADDR') if ipAddr.find('.') > -1: - if request.session['ipAddr'] == ipAddr: + if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW: pass else: del request.session['userID'] @@ -27,7 +32,7 @@ class secMiddleware: else: ipAddr = request.META.get('REMOTE_ADDR').split(':')[:3] - if request.session['ipAddr'] == ipAddr: + if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW: pass else: del request.session['userID'] diff --git a/WebTerminal/CPWebSocket.py b/WebTerminal/CPWebSocket.py index 42f30fdb9..b378f959e 100644 --- a/WebTerminal/CPWebSocket.py +++ b/WebTerminal/CPWebSocket.py @@ -12,6 +12,22 @@ class SSHServer(multi.Thread): OKGREEN = '\033[92m' ENDC = '\033[0m' + DEFAULT_PORT = 22 + + @staticmethod + def findSSHPort(): + try: + sshData = open('/etc/ssh/sshd_config', 'r').readlines() + + for items in sshData: + if items.find('Port') > -1: + if items[0] == 0: + pass + else: + SSHServer.DEFAULT_PORT = int(items.split(' ')[1]) + except: + pass + def loadPublicKey(self): pubkey = '/root/.ssh/cyberpanel.pub' data = open(pubkey, 'r').read() @@ -41,7 +57,7 @@ class SSHServer(multi.Thread): ## Load Public Key self.loadPublicKey() - self.sshclient.connect('127.0.0.1', 22, username='root', pkey=k) + self.sshclient.connect('127.0.0.1', SSHServer.DEFAULT_PORT, username='root', pkey=k) self.shell = self.sshclient.invoke_shell(term='xterm') self.shell.settimeout(0) @@ -113,6 +129,8 @@ if __name__ == "__main__": writeToFile.write(str(os.getpid())) writeToFile.close() + SSHServer.findSSHPort() + server = SimpleSSLWebSocketServer('0.0.0.0', '5678', WebTerminalServer, '/usr/local/lscp/conf/cert.pem', '/usr/local/lscp/conf/key.pem', version=ssl.PROTOCOL_TLSv1) def close_sig_handler(signal, frame): diff --git a/install/install.py b/install/install.py index 08138a487..435c075bd 100755 --- a/install/install.py +++ b/install/install.py @@ -279,8 +279,6 @@ class preFlightsChecks: ## - count = 0 - if self.distro == ubuntu: # self.stdOut("Fix sudoers") # try: diff --git a/loginSystem/models.py b/loginSystem/models.py index 01ecff50b..c00538038 100755 --- a/loginSystem/models.py +++ b/loginSystem/models.py @@ -85,6 +85,7 @@ class Administrator(models.Model): owner = models.IntegerField(default=1) token = models.CharField(max_length=500, default='None') api = models.IntegerField(default=0) + securityLevel = models.IntegerField(default=0) initWebsitesLimit = models.IntegerField(default=0) acl = models.ForeignKey(ACL, default=1) diff --git a/plogical/cPanelImporter.py b/plogical/cPanelImporter.py index 0f9a7470c..5c75c1493 100644 --- a/plogical/cPanelImporter.py +++ b/plogical/cPanelImporter.py @@ -25,6 +25,7 @@ from plogical.vhost import vhost from plogical.virtualHostUtilities import virtualHostUtilities from plogical.mailUtilities import mailUtilities from mailServer.models import EUsers +import time class ChildDomains: @@ -48,6 +49,7 @@ class cPanelImporter: self.homeDir = '' self.documentRoot = '' self.mailFormat = 1 + self.externalApp = '' def PHPDecider(self): @@ -209,18 +211,21 @@ class cPanelImporter: message = 'Calling core to create %s.' % (DomainName) logging.statusWriter(self.logFile, message, 1) - externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7] + self.externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7] try: counter = 0 - while 1: - tWeb = Websites.objects.get(externalApp=externalApp) - externalApp = '%s%s' % (tWeb.externalApp, str(counter)) + while True: + tWeb = Websites.objects.get(externalApp=self.externalApp) + self.externalApp = '%s%s' % (tWeb.externalApp, str(counter)) counter = counter + 1 - except: - pass + print self.externalApp + except BaseException, msg: + logging.statusWriter(self.logFile, str(msg), 1) + time.sleep(2) - result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, externalApp, 0, 0, + + result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, self.externalApp, 0, 0, 0, 'admin', 'Default', 0) if result[0] == 1: @@ -278,7 +283,7 @@ class cPanelImporter: shutil.copytree(movePath, nowPath, symlinks=True) - command = 'chown -R %s:%s %s' % (externalApp, externalApp, nowPath) + command = 'chown -R %s:%s %s' % (self.externalApp, self.externalApp, nowPath) ProcessUtilities.normalExecutioner(command) message = 'Main site %s created from archive file: %s' % (DomainName, self.backupFile) @@ -708,7 +713,7 @@ class cPanelImporter: return 0 def FixPermissions(self): - externalApp = "".join(re.findall("[a-zA-Z]+", self.mainDomain))[:7] + externalApp = self.externalApp command = "sudo chown -R " + externalApp + ":" + externalApp + " /home/" + self.mainDomain ProcessUtilities.normalExecutioner(command) diff --git a/plogical/upgrade.py b/plogical/upgrade.py index d4b030b22..ea55d5dfd 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -201,7 +201,7 @@ class Upgrade: os.chdir("/usr/local/CyberCP/public") - command = '/usr/local/lsws/lsphp70/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin' + command = '/usr/local/lsws/lsphp71/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin' Upgrade.executioner(command, 0) ## Write secret phrase @@ -494,7 +494,7 @@ class Upgrade: def upgradeVersion(): try: vers = version.objects.get(pk=1) - getVersion = requests.get('https://cyberpanel.net/version.txt') + getVersion = requests.get('https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/version.txt') latest = getVersion.json() vers.currentVersion = latest['version'] vers.build = latest['build'] @@ -553,6 +553,11 @@ class Upgrade: except: pass + try: + cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer DEFAULT 1') + except: + pass + try: cursor.execute('ALTER TABLE loginSystem_administrator ADD api integer') except: diff --git a/plogical/virtualHostUtilities.py b/plogical/virtualHostUtilities.py index a016ab138..bbf6da9fa 100755 --- a/plogical/virtualHostUtilities.py +++ b/plogical/virtualHostUtilities.py @@ -105,11 +105,21 @@ class virtualHostUtilities: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]') return 0, "This website already exists." + + if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]') + return 0, "This website already exists." + if ChildDomains.objects.filter(domain=virtualHostName).count() > 0: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists as child domain. [404]') return 0, "This website already exists as child domain." + if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This website already exists as child domain. [404]') + return 0, "This website already exists as child domain." + ####### Limitations Check End logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'Creating DNS records..,10') @@ -1040,11 +1050,22 @@ class virtualHostUtilities: 'This Domain already exists as a website. [404]') return 0, "This Domain already exists as a website." + if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This Domain already exists as a website. [404]') + return 0, "This Domain already exists as a website." + if ChildDomains.objects.filter(domain=virtualHostName).count() > 0: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This domain already exists as child domain. [404]') return 0, "This domain already exists as child domain." + + if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This domain already exists as child domain. [404]') + return 0, "This domain already exists as child domain." + ####### Limitations check master = Websites.objects.get(domain=masterDomain) diff --git a/static/userManagment/userManagment.js b/static/userManagment/userManagment.js index d0bc4057a..869e7099d 100644 --- a/static/userManagment/userManagment.js +++ b/static/userManagment/userManagment.js @@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) { selectedACL: selectedACL, websitesLimit: websitesLimits, userName: userName, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { @@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.firstName = userDetails.firstName; $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; + $scope.secLevel = userDetails.securityLevel; $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = false; $scope.userAccountsLimit = true; $scope.websitesLimit = true; + } else { $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; @@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) { firstName: firstName, lastName: lastName, email: email, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { diff --git a/upgrade.sh b/upgrade.sh old mode 100644 new mode 100755 index e312a77eb..2fcaed6e7 --- a/upgrade.sh +++ b/upgrade.sh @@ -6,7 +6,7 @@ ## Then run it like below. ## /usr/local/CyberCP/upgrade.sh -cd /usr/local/CyberCP && python manage.py collectstatic --no-input +cd /usr/local/CyberCP && /usr/local/CyberCP/bin/python2 manage.py collectstatic --no-input rm -rf /usr/local/CyberCP/public/static/* cp -R /usr/local/CyberCP/static/* /usr/local/CyberCP/public/static/ find /usr/local/CyberCP -type d -exec chmod 0755 {} \; diff --git a/userManagment/static/userManagment/userManagment.js b/userManagment/static/userManagment/userManagment.js index d0bc4057a..869e7099d 100755 --- a/userManagment/static/userManagment/userManagment.js +++ b/userManagment/static/userManagment/userManagment.js @@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) { selectedACL: selectedACL, websitesLimit: websitesLimits, userName: userName, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { @@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.firstName = userDetails.firstName; $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; + $scope.secLevel = userDetails.securityLevel; $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = false; $scope.userAccountsLimit = true; $scope.websitesLimit = true; + } else { $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; @@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) { firstName: firstName, lastName: lastName, email: email, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { diff --git a/userManagment/templates/userManagment/createUser.html b/userManagment/templates/userManagment/createUser.html index 17c0008b3..f6db608f8 100755 --- a/userManagment/templates/userManagment/createUser.html +++ b/userManagment/templates/userManagment/createUser.html @@ -102,6 +102,17 @@ + +
+ +
+ +
+
+
diff --git a/userManagment/templates/userManagment/modifyUser.html b/userManagment/templates/userManagment/modifyUser.html index 40f564df0..07d34bdab 100755 --- a/userManagment/templates/userManagment/modifyUser.html +++ b/userManagment/templates/userManagment/modifyUser.html @@ -81,6 +81,20 @@
+
+ +
+ +
+
+ Currently: {$ secLevel $} +
+
+ +
diff --git a/userManagment/views.py b/userManagment/views.py index 4b9caaa18..0cfb10f72 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -10,6 +10,7 @@ from plogical import hashPassword from plogical import CyberCPLogFileWriter as logging from plogical.acl import ACLManager from plogical.virtualHostUtilities import virtualHostUtilities +from CyberCP.secMiddleware import secMiddleware # Create your views here. @@ -138,6 +139,7 @@ def submitUserCreation(request): password = data['password'] websitesLimit = data['websitesLimit'] selectedACL = data['selectedACL'] + securityLevel = data['securityLevel'] selectedACL = ACL.objects.get(name=selectedACL) @@ -146,6 +148,11 @@ def submitUserCreation(request): else: type = 3 + if securityLevel == 'LOW': + securityLevel = secMiddleware.LOW + else: + securityLevel = secMiddleware.HIGH + token = hashPassword.generateToken(userName, password) password = hashPassword.hash_password(password) currentAdmin = Administrator.objects.get(pk=userID) @@ -168,7 +175,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() @@ -183,7 +191,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() elif currentACL['createNewUser'] == 1: @@ -197,7 +206,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() else: @@ -261,6 +271,12 @@ def fetchUserDetails(request): email = user.email websitesLimit = user.initWebsitesLimit + securityLevel = '' + + if user.securityLevel == secMiddleware.LOW: + securityLevel = 'Low' + else: + securityLevel = 'High' userDetails = { "id": user.id, @@ -268,7 +284,8 @@ def fetchUserDetails(request): "lastName": lastName, "email": email, "acl": user.acl.name, - "websitesLimit": websitesLimit + "websitesLimit": websitesLimit, + "securityLevel": securityLevel } data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails} @@ -296,6 +313,7 @@ def saveModifications(request): firstName = data['firstName'] lastName = data['lastName'] email = data['email'] + securityLevel = data['securityLevel'] user = Administrator.objects.get(userName=accountUsername) @@ -323,6 +341,11 @@ def saveModifications(request): user.token = token user.type = 0 + if securityLevel == 'LOW': + user.securityLevel = secMiddleware.LOW + else: + user.securityLevel = secMiddleware.HIGH + user.save() data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'}