From 0054f25da7cf8c7480452f48e39308b5e392dc67 Mon Sep 17 00:00:00 2001
From: Aidaho <aidaho@roxy-wi.org>
Date: Wed, 22 Feb 2023 10:36:20 +0300
Subject: [PATCH] v6.3.6.0

Changelog: https://roxy-wi.org/changelog#6_3_6
---
 app/modules/roxywi/logs.py                    |  2 +
 app/modules/server/ssh.py                     |  8 +++-
 .../ansible/roles/haproxy/tasks/logs.yml      |  1 +
 app/templates/ajax/new_ssh.html               |  2 +-
 app/templates/base.html                       |  6 ++-
 app/templates/hapservers.html                 |  2 +-
 app/templates/include/admin_add_user.html     | 10 ++---
 app/templates/include/admin_ssh.html          |  2 +-
 app/templates/languages/en.html               |  2 +
 app/templates/languages/ru.html               |  2 +
 inc/overview.js                               | 44 ++++++++++++-------
 11 files changed, 53 insertions(+), 28 deletions(-)

diff --git a/app/modules/roxywi/logs.py b/app/modules/roxywi/logs.py
index ccef16ca..c89c007c 100644
--- a/app/modules/roxywi/logs.py
+++ b/app/modules/roxywi/logs.py
@@ -78,6 +78,8 @@ def show_roxy_log(
 
 	log_file = checkAjaxInput(log_file) if log_file is not None else log_file
 
+	if '..' in log_file: return 'error: nice try'
+
 	if service in ('nginx', 'haproxy', 'apache', 'keepalived'):
 		syslog_server_enable = sql.get_setting('syslog_server_enable')
 		if syslog_server_enable is None or syslog_server_enable == 0:
diff --git a/app/modules/server/ssh.py b/app/modules/server/ssh.py
index 5778c866..4df70bea 100644
--- a/app/modules/server/ssh.py
+++ b/app/modules/server/ssh.py
@@ -51,16 +51,16 @@ def ssh_connect(server_ip):
 def create_ssh_cred() -> None:
 	from jinja2 import Environment, FileSystemLoader
 
-	user_group = roxywi_common.get_user_group()
 	name = common.checkAjaxInput(form.getvalue('new_ssh'))
-	name = f'{name}_{user_group}'
 	enable = common.checkAjaxInput(form.getvalue('ssh_enable'))
 	group = common.checkAjaxInput(form.getvalue('new_group'))
+	group_name = sql.get_group_name_by_id(group)
 	username = common.checkAjaxInput(form.getvalue('ssh_user'))
 	password = common.checkAjaxInput(form.getvalue('ssh_pass'))
 	page = common.checkAjaxInput(form.getvalue('page'))
 	page = page.split("#")[0]
 	lang = roxywi_common.get_user_lang()
+	name = f'{name}_{group_name}'
 
 	if username is None or name is None:
 		print(error_mess)
@@ -91,6 +91,10 @@ def create_ssh_cread_api(name: str, enable: str, group: str, username: str, pass
 
 
 def upload_ssh_key(name: str, user_group: str, key: str) -> bool:
+	if '..' in name:
+		print('error: nice try')
+		return False
+
 	try:
 		key = paramiko.pkey.load_private_key(key)
 	except Exception as e:
diff --git a/app/scripts/ansible/roles/haproxy/tasks/logs.yml b/app/scripts/ansible/roles/haproxy/tasks/logs.yml
index 96291c27..635fdc1a 100644
--- a/app/scripts/ansible/roles/haproxy/tasks/logs.yml
+++ b/app/scripts/ansible/roles/haproxy/tasks/logs.yml
@@ -11,4 +11,5 @@
     src: /var/www/haproxy-wi/app/scripts/ansible/roles/haproxy/templates/logrotate.conf.j2
     dest: /etc/logrotate.d/haproxy.conf
     force: no
+  when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')
   ignore_errors: yes
\ No newline at end of file
diff --git a/app/templates/ajax/new_ssh.html b/app/templates/ajax/new_ssh.html
index 86be6c63..d3a0bf51 100644
--- a/app/templates/ajax/new_ssh.html
+++ b/app/templates/ajax/new_ssh.html
@@ -15,7 +15,7 @@
 			<td>
 				<select id="sshgroup-{{ssh.id}}" name="sshgroup-{{ssh.id}}">
 					{% for group in groups %}
-						{% if ssh.5 == group.group_id %}
+						{% if ssh.groups == group.group_id %}
 							<option value="{{ group.group_id }}" selected>{{ group.name }}</option>
 						{% else %}
 							<option value="{{ group.group_id }}">{{ group.name }}</option>
diff --git a/app/templates/base.html b/app/templates/base.html
index b78bcf75..c3838352 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -6,7 +6,7 @@
 		<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
 		<meta http-equiv="Pragma" content="no-cache" />
 		<meta http-equiv="Expires" content="0" />
-		<meta id="translate" style="display: none;" data-delete="{{lang.words.delete|title()}}" data-cancel="{{lang.words.cancel|title()}}"  data-add="{{lang.words.add|title()}}" \
+		<meta id="translate" style="display: none;" data-delete="{{lang.words.delete|title()}}" data-cancel="{{lang.words.cancel|title()}}" data-add="{{lang.words.add|title()}}"
 			  data-superAdmin_pass="{{lang.phrases.superAdmin_pass}}" data-superAdmin_services="{{lang.phrases.superAdmin_services}}" data-change="{{lang.words.change|title()}}"
 			  data-change2="{{lang.words.change2|title()}}" data-password="{{lang.words.password}}" data-groups="{{lang.words.groups}}" data-save="{{lang.words.save|title()}}"
 			  data-manage="{{lang.words.manage|title()}}" data-services3="{{lang.words.services3}}" data-logout="{{lang.words.logout|title()}}"
@@ -14,7 +14,9 @@
 			  data-just_save="{{lang.words.just|title()}} {{lang.words.save}}" data-upload_and_restart="{{lang.phrases.upload_and_restart|title()}}"
 			  data-are_you_sure="{{lang.phrases.are_you_sure}}" data-upload_and_reload="{{lang.phrases.upload_and_reload|title()}}" data-select_server="{{lang.errors.select_server}}"
 			  data-empty_name="{{lang.errors.empty_name}}" data-edit="{{lang.words.edit|title()}}" data-close="{{lang.words.close|title()}}" data-server_info="{{lang.phrases.server_info}}"
-			  data-generated_config="{{lang.words.generated|title()}} {{lang.words.config}}" />
+			  data-generated_config="{{lang.words.generated|title()}} {{lang.words.config}}" data-restart="{{lang.words.restart|title()}}" data-start="{{lang.words.start|title()}}"
+			  data-stop="{{lang.words.stop|title()}}" data-reload="{{lang.words.reload|title()}}" data-user_groups="{{lang.phrases.user_groups}}" data-settings="{{lang.words.settings|title()}}"
+			  data-for="{{lang.words.for}}" />
 		{% if title == 'Login page' %}
 		<meta name="viewport" content="width=device-width, user-scalable=1">
 		{% endif %}
diff --git a/app/templates/hapservers.html b/app/templates/hapservers.html
index f6fb2c99..1c30fc1b 100644
--- a/app/templates/hapservers.html
+++ b/app/templates/hapservers.html
@@ -419,7 +419,7 @@
 	{% endfor %}
 {% endif %}
 <div id="dialog-confirm" style="display: none;">
-  <p><span class="ui-icon ui-icon-alert" style="float:left; margin:3px 12px 20px 0;"></span>Are you sure?</p>
+  <p><span class="ui-icon ui-icon-alert" style="float:left; margin:3px 12px 20px 0;"></span>{{lang.phrases.are_you_sure}}</p>
 </div>
 <div id="dialog-settings-service" style="display: none;"></div>
 <script>
diff --git a/app/templates/include/admin_add_user.html b/app/templates/include/admin_add_user.html
index 0530edc0..74ca4f3d 100644
--- a/app/templates/include/admin_add_user.html
+++ b/app/templates/include/admin_add_user.html
@@ -1,30 +1,30 @@
 {% from 'include/input_macros.html' import input, checkbox %}
 <tr>
 	<td class="padding20">
-		New user
+		{{lang.words.name|title()}}
 		<span class="need-field">*</span>
 	</td>
 	<td>
 		{{ input('new-username') }}
 			{% if ldap_enable == 1 %}
-				<a href="#" title="Search user in AD" id="search_ldap_user">Search user in AD</a>
+				<a href="#" title="{{lang.phrases.search_id_ad}}" id="search_ldap_user">{{lang.phrases.search_in_ad}}</a>
 			{% endif %}
 	</td>
 </tr>
 <tr>
 	<td class="padding20">
-		Password
+		{{lang.words.password|title()}}
 		<span class="need-field">*</span>
 	</td>
 	<td>{{ input('new-password', type='password') }}</td>
 </tr>
 <tr>
-	<td class="padding20">Active</td>
+	<td class="padding20">{{lang.words.active|title()}}</td>
 	<td>{{ checkbox('activeuser', checked='checked') }}</td>
 </tr>
 <tr>
 	<td class="padding20">
-		Email
+		{{lang.words.email|title()}}
 		<span class="need-field">*</span>
 	</td>
 	<td>{{ input('new-email', type='email') }}</td>
diff --git a/app/templates/include/admin_ssh.html b/app/templates/include/admin_ssh.html
index 865b2808..e805ef05 100644
--- a/app/templates/include/admin_ssh.html
+++ b/app/templates/include/admin_ssh.html
@@ -31,7 +31,7 @@
         <td>
             <select id="sshgroup-{{ssh.id}}" name="sshgroup-{{ssh.id}}">
                 {% for group in groups %}
-                {% if ssh.5 == group.group_id %}
+                {% if ssh.groups == group.group_id %}
                 <option value="{{ group.group_id }}" selected>{{ group.name }}</option>
                 {% else %}
                 <option value="{{ group.group_id }}">{{ group.name }}</option>
diff --git a/app/templates/languages/en.html b/app/templates/languages/en.html
index c0fac72e..c05a9344 100644
--- a/app/templates/languages/en.html
+++ b/app/templates/languages/en.html
@@ -292,6 +292,7 @@
     "port_check": "port check",
     "possible_service_name": "Possible service name",
     "server_info": "Server info",
+    "user_groups": "User groups",
     }
 %}
 {% set roles = {
@@ -541,6 +542,7 @@
     "desc": "description",
     "login": "login",
     "role": "role",
+    "roles": "roles",
     "subs": "subscription",
     "show_all": "show all",
     "plan": "plan",
diff --git a/app/templates/languages/ru.html b/app/templates/languages/ru.html
index f2b8b9e6..4c87657e 100644
--- a/app/templates/languages/ru.html
+++ b/app/templates/languages/ru.html
@@ -294,6 +294,7 @@
     "port_check": "проверка порта",
     "possible_service_name": "Возможное название службы",
     "server_info": "Информация о сервере",
+    "user_groups": "Пользовательские группы",
     }
 %}
 {% set roles = {
@@ -545,6 +546,7 @@
     "desc": "описание",
     "login": "логин",
     "role": "роль",
+    "roles": "роли",
     "subs": "подписка",
     "show_all": "показать все",
     "plan": "план",
diff --git a/inc/overview.js b/inc/overview.js
index 7f956725..22ed4f2c 100644
--- a/inc/overview.js
+++ b/inc/overview.js
@@ -409,19 +409,22 @@ $( function() {
 	});
 });
 function confirmAjaxAction(action, service, id) {
+	var cancel_word = $('#translate').attr('data-cancel');
+	var action_word = $('#translate').attr('data-'+action);
 	$( "#dialog-confirm" ).dialog({
 		resizable: false,
 		height: "auto",
 		width: 400,
 		modal: true,
-		title: "Are you sure you want to "+ action + " " + id + "?",
-		buttons: {
-			"Sure": function() {
-				$( this ).dialog( "close" );
-				if(service == "haproxy") {
+		title: action_word + " " + id + "?",
+		buttons: [{
+			text: action_word,
+			click: function () {
+				$(this).dialog("close");
+				if (service == "haproxy") {
 					ajaxActionServers(action, id);
-					if(action == "restart" || action == "reload") {
-						if(localStorage.getItem('restart')) {
+					if (action == "restart" || action == "reload") {
+						if (localStorage.getItem('restart')) {
 							localStorage.removeItem('restart');
 							$("#apply").css('display', 'none');
 						}
@@ -437,11 +440,13 @@ function confirmAjaxAction(action, service, id) {
 				} else if (service == "waf_nginx") {
 					ajaxActionWafNginxServers(action, id)
 				}
-			},
-			Cancel: function() {
+			}
+		}, {
+			text: cancel_word,
+			click: function() {
 				$( this ).dialog( "close" );
 			}
-		}
+		}]
 	});
 }
 function updateHapWIServer(id, service_name) {
@@ -628,6 +633,10 @@ function showSubOverview() {
 	} );
 }
 function serverSettings(id, name) {
+	var cancel_word = $('#translate').attr('data-cancel');
+	var save_word = $('#translate').attr('data-save');
+	var settings_word = $('#translate').attr('data-settings');
+	var for_word = $('#translate').attr('data-for');
 	var service = $('#service').val();
 	$.ajax({
 		url: "options.py",
@@ -649,16 +658,19 @@ function serverSettings(id, name) {
 					height: "auto",
 					width: 400,
 					modal: true,
-					title: "Settings for " + name,
-					buttons: {
-						"Save": function () {
+					title: settings_word + " "+for_word+" " + name,
+					buttons: [{
+						text: save_word,
+						click: function () {
 							$(this).dialog("close");
 							serverSettingsSave(id, name, service, $(this));
-						},
-						Cancel: function () {
+						}
+					}, {
+						text: cancel_word,
+						click: function () {
 							$(this).dialog("close");
 						}
-					}
+					}]
 				});
 			}
 		}