From 8138d0f4debe516f82dac6d9721494708b67ab8d Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Mon, 11 Nov 2019 20:04:17 +0500 Subject: [PATCH 1/8] bug fix: check for website existance without www. --- plogical/virtualHostUtilities.py | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/plogical/virtualHostUtilities.py b/plogical/virtualHostUtilities.py index a016ab138..bbf6da9fa 100755 --- a/plogical/virtualHostUtilities.py +++ b/plogical/virtualHostUtilities.py @@ -105,11 +105,21 @@ class virtualHostUtilities: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]') return 0, "This website already exists." + + if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists. [404]') + return 0, "This website already exists." + if ChildDomains.objects.filter(domain=virtualHostName).count() > 0: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This website already exists as child domain. [404]') return 0, "This website already exists as child domain." + if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This website already exists as child domain. [404]') + return 0, "This website already exists as child domain." + ####### Limitations Check End logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'Creating DNS records..,10') @@ -1040,11 +1050,22 @@ class virtualHostUtilities: 'This Domain already exists as a website. [404]') return 0, "This Domain already exists as a website." + if Websites.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This Domain already exists as a website. [404]') + return 0, "This Domain already exists as a website." + if ChildDomains.objects.filter(domain=virtualHostName).count() > 0: logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, 'This domain already exists as child domain. [404]') return 0, "This domain already exists as child domain." + + if ChildDomains.objects.filter(domain=virtualHostName.lstrip('www.')).count() > 0: + logging.CyberCPLogFileWriter.statusWriter(tempStatusPath, + 'This domain already exists as child domain. [404]') + return 0, "This domain already exists as child domain." + ####### Limitations check master = Websites.objects.get(domain=masterDomain) From dd3a5511af74f8417fa4648f2d6cea9ae6fe8e7e Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 13:24:43 +0500 Subject: [PATCH 2/8] bug fix: resolve user conflicts --- plogical/cPanelImporter.py | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/plogical/cPanelImporter.py b/plogical/cPanelImporter.py index 0f9a7470c..5c75c1493 100644 --- a/plogical/cPanelImporter.py +++ b/plogical/cPanelImporter.py @@ -25,6 +25,7 @@ from plogical.vhost import vhost from plogical.virtualHostUtilities import virtualHostUtilities from plogical.mailUtilities import mailUtilities from mailServer.models import EUsers +import time class ChildDomains: @@ -48,6 +49,7 @@ class cPanelImporter: self.homeDir = '' self.documentRoot = '' self.mailFormat = 1 + self.externalApp = '' def PHPDecider(self): @@ -209,18 +211,21 @@ class cPanelImporter: message = 'Calling core to create %s.' % (DomainName) logging.statusWriter(self.logFile, message, 1) - externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7] + self.externalApp = "".join(re.findall("[a-zA-Z]+", DomainName))[:7] try: counter = 0 - while 1: - tWeb = Websites.objects.get(externalApp=externalApp) - externalApp = '%s%s' % (tWeb.externalApp, str(counter)) + while True: + tWeb = Websites.objects.get(externalApp=self.externalApp) + self.externalApp = '%s%s' % (tWeb.externalApp, str(counter)) counter = counter + 1 - except: - pass + print self.externalApp + except BaseException, msg: + logging.statusWriter(self.logFile, str(msg), 1) + time.sleep(2) - result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, externalApp, 0, 0, + + result = virtualHostUtilities.createVirtualHost(DomainName, self.email, self.PHPVersion, self.externalApp, 0, 0, 0, 'admin', 'Default', 0) if result[0] == 1: @@ -278,7 +283,7 @@ class cPanelImporter: shutil.copytree(movePath, nowPath, symlinks=True) - command = 'chown -R %s:%s %s' % (externalApp, externalApp, nowPath) + command = 'chown -R %s:%s %s' % (self.externalApp, self.externalApp, nowPath) ProcessUtilities.normalExecutioner(command) message = 'Main site %s created from archive file: %s' % (DomainName, self.backupFile) @@ -708,7 +713,7 @@ class cPanelImporter: return 0 def FixPermissions(self): - externalApp = "".join(re.findall("[a-zA-Z]+", self.mainDomain))[:7] + externalApp = self.externalApp command = "sudo chown -R " + externalApp + ":" + externalApp + " /home/" + self.mainDomain ProcessUtilities.normalExecutioner(command) From e40fca9596b6976dc72a7ca44b4da773f4e58e7c Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 14:01:29 +0500 Subject: [PATCH 3/8] Feature: allow user to disable session ip check --- CyberCP/secMiddleware.py | 9 ++++-- loginSystem/models.py | 1 + plogical/upgrade.py | 5 +++ upgrade.sh | 2 +- .../static/userManagment/userManagment.js | 8 +++-- .../templates/userManagment/createUser.html | 11 +++++++ .../templates/userManagment/modifyUser.html | 14 +++++++++ userManagment/views.py | 31 ++++++++++++++++--- 8 files changed, 72 insertions(+), 9 deletions(-) mode change 100644 => 100755 upgrade.sh diff --git a/CyberCP/secMiddleware.py b/CyberCP/secMiddleware.py index b6de2c7ac..3efed4d2b 100755 --- a/CyberCP/secMiddleware.py +++ b/CyberCP/secMiddleware.py @@ -2,19 +2,24 @@ from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging import json from django.shortcuts import HttpResponse import re +from loginSystem.models import Administrator class secMiddleware: + HIGH = 0 + LOW = 1 + def __init__(self, get_response): self.get_response = get_response def __call__(self, request): try: uID = request.session['userID'] + admin = Administrator.objects.get(pk=uID) ipAddr = request.META.get('REMOTE_ADDR') if ipAddr.find('.') > -1: - if request.session['ipAddr'] == ipAddr: + if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW: pass else: del request.session['userID'] @@ -27,7 +32,7 @@ class secMiddleware: else: ipAddr = request.META.get('REMOTE_ADDR').split(':')[:3] - if request.session['ipAddr'] == ipAddr: + if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW: pass else: del request.session['userID'] diff --git a/loginSystem/models.py b/loginSystem/models.py index 01ecff50b..c00538038 100755 --- a/loginSystem/models.py +++ b/loginSystem/models.py @@ -85,6 +85,7 @@ class Administrator(models.Model): owner = models.IntegerField(default=1) token = models.CharField(max_length=500, default='None') api = models.IntegerField(default=0) + securityLevel = models.IntegerField(default=0) initWebsitesLimit = models.IntegerField(default=0) acl = models.ForeignKey(ACL, default=1) diff --git a/plogical/upgrade.py b/plogical/upgrade.py index d4b030b22..9bbfc2975 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -553,6 +553,11 @@ class Upgrade: except: pass + try: + cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer') + except: + pass + try: cursor.execute('ALTER TABLE loginSystem_administrator ADD api integer') except: diff --git a/upgrade.sh b/upgrade.sh old mode 100644 new mode 100755 index e312a77eb..2fcaed6e7 --- a/upgrade.sh +++ b/upgrade.sh @@ -6,7 +6,7 @@ ## Then run it like below. ## /usr/local/CyberCP/upgrade.sh -cd /usr/local/CyberCP && python manage.py collectstatic --no-input +cd /usr/local/CyberCP && /usr/local/CyberCP/bin/python2 manage.py collectstatic --no-input rm -rf /usr/local/CyberCP/public/static/* cp -R /usr/local/CyberCP/static/* /usr/local/CyberCP/public/static/ find /usr/local/CyberCP -type d -exec chmod 0755 {} \; diff --git a/userManagment/static/userManagment/userManagment.js b/userManagment/static/userManagment/userManagment.js index d0bc4057a..869e7099d 100755 --- a/userManagment/static/userManagment/userManagment.js +++ b/userManagment/static/userManagment/userManagment.js @@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) { selectedACL: selectedACL, websitesLimit: websitesLimits, userName: userName, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { @@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.firstName = userDetails.firstName; $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; + $scope.secLevel = userDetails.securityLevel; $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = false; $scope.userAccountsLimit = true; $scope.websitesLimit = true; + } else { $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; @@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) { firstName: firstName, lastName: lastName, email: email, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { diff --git a/userManagment/templates/userManagment/createUser.html b/userManagment/templates/userManagment/createUser.html index 17c0008b3..f6db608f8 100755 --- a/userManagment/templates/userManagment/createUser.html +++ b/userManagment/templates/userManagment/createUser.html @@ -102,6 +102,17 @@ + +
+ +
+ +
+
+
diff --git a/userManagment/templates/userManagment/modifyUser.html b/userManagment/templates/userManagment/modifyUser.html index 40f564df0..07d34bdab 100755 --- a/userManagment/templates/userManagment/modifyUser.html +++ b/userManagment/templates/userManagment/modifyUser.html @@ -81,6 +81,20 @@
+
+ +
+ +
+
+ Currently: {$ secLevel $} +
+
+ +
diff --git a/userManagment/views.py b/userManagment/views.py index 4b9caaa18..0cfb10f72 100755 --- a/userManagment/views.py +++ b/userManagment/views.py @@ -10,6 +10,7 @@ from plogical import hashPassword from plogical import CyberCPLogFileWriter as logging from plogical.acl import ACLManager from plogical.virtualHostUtilities import virtualHostUtilities +from CyberCP.secMiddleware import secMiddleware # Create your views here. @@ -138,6 +139,7 @@ def submitUserCreation(request): password = data['password'] websitesLimit = data['websitesLimit'] selectedACL = data['selectedACL'] + securityLevel = data['securityLevel'] selectedACL = ACL.objects.get(name=selectedACL) @@ -146,6 +148,11 @@ def submitUserCreation(request): else: type = 3 + if securityLevel == 'LOW': + securityLevel = secMiddleware.LOW + else: + securityLevel = secMiddleware.HIGH + token = hashPassword.generateToken(userName, password) password = hashPassword.hash_password(password) currentAdmin = Administrator.objects.get(pk=userID) @@ -168,7 +175,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() @@ -183,7 +191,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() elif currentACL['createNewUser'] == 1: @@ -197,7 +206,8 @@ def submitUserCreation(request): initWebsitesLimit=websitesLimit, owner=currentAdmin.pk, acl=selectedACL, - token=token + token=token, + securityLevel=securityLevel, ) newAdmin.save() else: @@ -261,6 +271,12 @@ def fetchUserDetails(request): email = user.email websitesLimit = user.initWebsitesLimit + securityLevel = '' + + if user.securityLevel == secMiddleware.LOW: + securityLevel = 'Low' + else: + securityLevel = 'High' userDetails = { "id": user.id, @@ -268,7 +284,8 @@ def fetchUserDetails(request): "lastName": lastName, "email": email, "acl": user.acl.name, - "websitesLimit": websitesLimit + "websitesLimit": websitesLimit, + "securityLevel": securityLevel } data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails} @@ -296,6 +313,7 @@ def saveModifications(request): firstName = data['firstName'] lastName = data['lastName'] email = data['email'] + securityLevel = data['securityLevel'] user = Administrator.objects.get(userName=accountUsername) @@ -323,6 +341,11 @@ def saveModifications(request): user.token = token user.type = 0 + if securityLevel == 'LOW': + user.securityLevel = secMiddleware.LOW + else: + user.securityLevel = secMiddleware.HIGH + user.save() data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'} From e7823cf624eb6613b06d3948a056a7fe7fb29866 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 14:03:35 +0500 Subject: [PATCH 4/8] set default security level to HIGH --- plogical/upgrade.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 9bbfc2975..32d238e02 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -554,7 +554,7 @@ class Upgrade: pass try: - cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer') + cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer DEFAULT 1') except: pass From 54f83c3d7887e121e4ebfa72a0e07d00fc22619c Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 14:13:03 +0500 Subject: [PATCH 5/8] Bug fix: detect non-default SSH port for WebTerminal --- WebTerminal/CPWebSocket.py | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/WebTerminal/CPWebSocket.py b/WebTerminal/CPWebSocket.py index 42f30fdb9..b378f959e 100644 --- a/WebTerminal/CPWebSocket.py +++ b/WebTerminal/CPWebSocket.py @@ -12,6 +12,22 @@ class SSHServer(multi.Thread): OKGREEN = '\033[92m' ENDC = '\033[0m' + DEFAULT_PORT = 22 + + @staticmethod + def findSSHPort(): + try: + sshData = open('/etc/ssh/sshd_config', 'r').readlines() + + for items in sshData: + if items.find('Port') > -1: + if items[0] == 0: + pass + else: + SSHServer.DEFAULT_PORT = int(items.split(' ')[1]) + except: + pass + def loadPublicKey(self): pubkey = '/root/.ssh/cyberpanel.pub' data = open(pubkey, 'r').read() @@ -41,7 +57,7 @@ class SSHServer(multi.Thread): ## Load Public Key self.loadPublicKey() - self.sshclient.connect('127.0.0.1', 22, username='root', pkey=k) + self.sshclient.connect('127.0.0.1', SSHServer.DEFAULT_PORT, username='root', pkey=k) self.shell = self.sshclient.invoke_shell(term='xterm') self.shell.settimeout(0) @@ -113,6 +129,8 @@ if __name__ == "__main__": writeToFile.write(str(os.getpid())) writeToFile.close() + SSHServer.findSSHPort() + server = SimpleSSLWebSocketServer('0.0.0.0', '5678', WebTerminalServer, '/usr/local/lscp/conf/cert.pem', '/usr/local/lscp/conf/key.pem', version=ssl.PROTOCOL_TLSv1) def close_sig_handler(signal, frame): From 41d4a881be9bd3b2bab42e8728730eeacd757ee8 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 16:12:08 +0500 Subject: [PATCH 6/8] updated static resources --- static/userManagment/userManagment.js | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/static/userManagment/userManagment.js b/static/userManagment/userManagment.js index d0bc4057a..869e7099d 100644 --- a/static/userManagment/userManagment.js +++ b/static/userManagment/userManagment.js @@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) { selectedACL: selectedACL, websitesLimit: websitesLimits, userName: userName, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { @@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.firstName = userDetails.firstName; $scope.lastName = userDetails.lastName; $scope.email = userDetails.email; + $scope.secLevel = userDetails.securityLevel; $scope.userModificationLoading = true; $scope.acctDetailsFetched = false; @@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) { $scope.detailsFetched = false; $scope.userAccountsLimit = true; $scope.websitesLimit = true; + } else { $scope.userModificationLoading = true; $scope.acctDetailsFetched = true; @@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) { firstName: firstName, lastName: lastName, email: email, - password: password + password: password, + securityLevel: $scope.securityLevel }; var config = { From 88c297c58bd7dbcd186f68430684e7fb652cf88d Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 12 Nov 2019 17:09:30 +0500 Subject: [PATCH 7/8] updated path for composer install --- plogical/upgrade.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 32d238e02..b8fea00a5 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -201,7 +201,7 @@ class Upgrade: os.chdir("/usr/local/CyberCP/public") - command = '/usr/local/lsws/lsphp70/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin' + command = '/usr/local/lsws/lsphp71/bin/php /usr/bin/composer create-project phpmyadmin/phpmyadmin' Upgrade.executioner(command, 0) ## Write secret phrase From c0fbfdbe7c827957174d9909ca3ff15de709db81 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Wed, 13 Nov 2019 00:14:29 +0500 Subject: [PATCH 8/8] get proper version during upgrade --- install/install.py | 2 -- plogical/upgrade.py | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/install/install.py b/install/install.py index 08138a487..435c075bd 100755 --- a/install/install.py +++ b/install/install.py @@ -279,8 +279,6 @@ class preFlightsChecks: ## - count = 0 - if self.distro == ubuntu: # self.stdOut("Fix sudoers") # try: diff --git a/plogical/upgrade.py b/plogical/upgrade.py index b8fea00a5..ea55d5dfd 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -494,7 +494,7 @@ class Upgrade: def upgradeVersion(): try: vers = version.objects.get(pk=1) - getVersion = requests.get('https://cyberpanel.net/version.txt') + getVersion = requests.get('https://raw.githubusercontent.com/usmannasir/cyberpanel/stable/version.txt') latest = getVersion.json() vers.currentVersion = latest['version'] vers.build = latest['build']