From e93052d4996c5e9f3e02ca037c5d4437f97d530a Mon Sep 17 00:00:00 2001 From: usmannasir Date: Fri, 11 Apr 2025 16:53:34 +0500 Subject: [PATCH] add loader --- websiteFunctions/dockerviews.py | 189 +++++++++++++++++++++----------- 1 file changed, 126 insertions(+), 63 deletions(-) diff --git a/websiteFunctions/dockerviews.py b/websiteFunctions/dockerviews.py index f8b32dfd6..2d4c6136c 100644 --- a/websiteFunctions/dockerviews.py +++ b/websiteFunctions/dockerviews.py @@ -2,12 +2,21 @@ import json import docker from django.http import HttpResponse from .models import DockerSites -from .website import ACLManager +from loginSystem.models import Administrator +from plogical.acl import ACLManager from django.shortcuts import redirect +from loginSystem.views import loadLoginPage +from django.views.decorators.csrf import csrf_exempt from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging -def loadLoginPage(request): - return redirect('/login') +def require_login(view_func): + def wrapper(request, *args, **kwargs): + try: + userID = request.session['userID'] + return view_func(request, *args, **kwargs) + except KeyError: + return redirect(loadLoginPage) + return wrapper class DockerManager: def __init__(self): @@ -22,86 +31,140 @@ class DockerManager: logging.writeToFile(f"Error getting container {container_id}: {str(e)}") return None -def require_login(view_func): - def wrapper(request, *args, **kwargs): - try: +@csrf_exempt +@require_login +def startContainer(request): + try: + if request.method == 'POST': userID = request.session['userID'] - return view_func(request, userID, *args, **kwargs) - except KeyError: - return redirect(loadLoginPage) - return wrapper + currentACL = ACLManager.loadedACL(userID) + admin = Administrator.objects.get(pk=userID) -@require_login -def startContainer(request, userID): - try: - data = json.loads(request.body) - container_id = data.get('container_id') - site_name = data.get('name') + data = json.loads(request.body) + container_id = data.get('container_id') + site_name = data.get('name') - # Verify ownership - docker_site = DockerSites.objects.get(SiteName=site_name) - if not ACLManager.checkOwnership(docker_site.admin.domain, userID): - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Unauthorized access'})) + # Verify Docker site ownership + try: + docker_site = DockerSites.objects.get(SiteName=site_name) + if currentACL['admin'] != 1 and docker_site.admin != admin and docker_site.admin.owner != admin.pk: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Not authorized to access this container' + })) + except DockerSites.DoesNotExist: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Docker site not found' + })) - # Get and start container - docker_manager = DockerManager() - container = docker_manager.get_container(container_id) - - if not container: - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Container not found'})) + docker_manager = DockerManager() + container = docker_manager.get_container(container_id) + + if not container: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Container not found' + })) - container.start() - return HttpResponse(json.dumps({'status': 1})) + container.start() + return HttpResponse(json.dumps({'status': 1})) + return HttpResponse('Not allowed') except Exception as e: - return HttpResponse(json.dumps({'status': 0, 'error_message': str(e)})) + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': str(e) + })) +@csrf_exempt @require_login -def stopContainer(request, userID): +def stopContainer(request): try: - data = json.loads(request.body) - container_id = data.get('container_id') - site_name = data.get('name') + if request.method == 'POST': + userID = request.session['userID'] + currentACL = ACLManager.loadedACL(userID) + admin = Administrator.objects.get(pk=userID) - # Verify ownership - docker_site = DockerSites.objects.get(SiteName=site_name) - if not ACLManager.checkOwnership(docker_site.admin.domain, userID): - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Unauthorized access'})) + data = json.loads(request.body) + container_id = data.get('container_id') + site_name = data.get('name') - # Get and stop container - docker_manager = DockerManager() - container = docker_manager.get_container(container_id) - - if not container: - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Container not found'})) + # Verify Docker site ownership + try: + docker_site = DockerSites.objects.get(SiteName=site_name) + if currentACL['admin'] != 1 and docker_site.admin != admin and docker_site.admin.owner != admin.pk: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Not authorized to access this container' + })) + except DockerSites.DoesNotExist: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Docker site not found' + })) - container.stop() - return HttpResponse(json.dumps({'status': 1})) + docker_manager = DockerManager() + container = docker_manager.get_container(container_id) + + if not container: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Container not found' + })) + container.stop() + return HttpResponse(json.dumps({'status': 1})) + + return HttpResponse('Not allowed') except Exception as e: - return HttpResponse(json.dumps({'status': 0, 'error_message': str(e)})) + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': str(e) + })) +@csrf_exempt @require_login -def restartContainer(request, userID): +def restartContainer(request): try: - data = json.loads(request.body) - container_id = data.get('container_id') - site_name = data.get('name') + if request.method == 'POST': + userID = request.session['userID'] + currentACL = ACLManager.loadedACL(userID) + admin = Administrator.objects.get(pk=userID) - # Verify ownership - docker_site = DockerSites.objects.get(SiteName=site_name) - if not ACLManager.checkOwnership(docker_site.admin.domain, userID): - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Unauthorized access'})) + data = json.loads(request.body) + container_id = data.get('container_id') + site_name = data.get('name') - # Get and restart container - docker_manager = DockerManager() - container = docker_manager.get_container(container_id) - - if not container: - return HttpResponse(json.dumps({'status': 0, 'error_message': 'Container not found'})) + # Verify Docker site ownership + try: + docker_site = DockerSites.objects.get(SiteName=site_name) + if currentACL['admin'] != 1 and docker_site.admin != admin and docker_site.admin.owner != admin.pk: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Not authorized to access this container' + })) + except DockerSites.DoesNotExist: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Docker site not found' + })) - container.restart() - return HttpResponse(json.dumps({'status': 1})) + docker_manager = DockerManager() + container = docker_manager.get_container(container_id) + + if not container: + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': 'Container not found' + })) + container.restart() + return HttpResponse(json.dumps({'status': 1})) + + return HttpResponse('Not allowed') except Exception as e: - return HttpResponse(json.dumps({'status': 0, 'error_message': str(e)})) \ No newline at end of file + return HttpResponse(json.dumps({ + 'status': 0, + 'error_message': str(e) + })) \ No newline at end of file