From 0128321642d747721c9623d5a3d31e8f31b4c4ae Mon Sep 17 00:00:00 2001 From: Aidaho Date: Mon, 4 Nov 2024 16:46:54 +0300 Subject: [PATCH] v8.1.2: Refactor database interactions and cleanup unused code Refactor multiple functions to call `get_group` instead of `get_group_name_by_id`. Remove the `ApiToken` class and related database table operations. Simplify the template logic in `show_sub_ovw.html` by removing unnecessary loop and context variables. Cleanup unused imports and streamline several function implementations across the codebase. --- app/login.py | 4 +- app/modules/db/db_model.py | 15 +------ app/modules/db/group.py | 31 ++----------- app/modules/db/roxy.py | 56 +++++------------------ app/modules/db/user.py | 14 ++---- app/modules/roxywi/auth.py | 11 ----- app/modules/roxywi/common.py | 17 ++++--- app/modules/roxywi/group.py | 14 +++--- app/modules/roxywi/overview.py | 2 +- app/modules/roxywi/roxy.py | 4 +- app/modules/roxywi/user.py | 57 ++++++++++-------------- app/modules/server/ssh.py | 4 +- app/modules/service/ha_cluster.py | 2 - app/templates/ajax/show_sub_ovw.html | 20 ++++----- app/templates/include/admin_servers.html | 1 + app/views/server/views.py | 9 ++-- app/views/user/views.py | 4 +- 17 files changed, 79 insertions(+), 186 deletions(-) diff --git a/app/login.py b/app/login.py index b7ed842c..1a1df2f5 100644 --- a/app/login.py +++ b/app/login.py @@ -55,10 +55,12 @@ def login_page(): print(str(e)) return roxywi_common.handle_json_exceptions(e, 'Cannot check login password'), 401 try: - return roxywi_auth.do_login(user_params, next_url) + response = roxywi_auth.do_login(user_params, next_url) except Exception as e: return roxywi_common.handle_json_exceptions(e, 'Cannot do login'), 401 + return response + @app.route('/logout', methods=['GET', 'POST']) @jwt_required() diff --git a/app/modules/db/db_model.py b/app/modules/db/db_model.py index c17e7acf..5560376c 100644 --- a/app/modules/db/db_model.py +++ b/app/modules/db/db_model.py @@ -149,19 +149,6 @@ class PD(BaseModel): table_name = 'pd' -class ApiToken(BaseModel): - token = CharField() - user_name = CharField() - user_group_id = IntegerField() - user_role = IntegerField() - create_date = DateTimeField(default=datetime.now) - expire_date = DateTimeField(default=datetime.now) - - class Meta: - table_name = 'api_tokens' - primary_key = False - - class Setting(BaseModel): param = CharField() value = CharField(null=True) @@ -804,7 +791,7 @@ def create_tables(): conn = connect() with conn: conn.create_tables( - [User, Server, Role, Telegram, Slack, ApiToken, Groups, UserGroups, ConfigVersion, Setting, RoxyTool, Alerts, + [User, Server, Role, Telegram, Slack, Groups, UserGroups, ConfigVersion, Setting, RoxyTool, Alerts, Cred, Backup, Metrics, WafMetrics, Version, Option, SavedServer, Waf, ActionHistory, PortScannerSettings, PortScannerPorts, PortScannerHistory, ServiceSetting, MetricsHttpStatus, SMON, WafRules, GeoipCodes, NginxMetrics, SystemInfo, Services, UserName, GitSetting, CheckerSetting, ApacheMetrics, WafNginx, ServiceStatus, diff --git a/app/modules/db/group.py b/app/modules/db/group.py index 1282fa80..363b07a0 100644 --- a/app/modules/db/group.py +++ b/app/modules/db/group.py @@ -3,20 +3,11 @@ from app.modules.db.common import out_error from app.modules.roxywi.exception import RoxywiResourceNotFound -def select_groups(**kwargs): - if kwargs.get("group") is not None: - query = Groups.select().where(Groups.name == kwargs.get('group')) - elif kwargs.get("id") is not None: - query = Groups.select().where(Groups.group_id == kwargs.get('id')) - else: - query = Groups.select().order_by(Groups.group_id) - +def select_groups(): try: - query_res = query.execute() + return Groups.select().order_by(Groups.group_id).execute() except Exception as e: out_error(e) - else: - return query_res def add_group(name: str, description: str) -> int: @@ -107,8 +98,6 @@ def delete_group_settings(group_id): group_for_delete.execute() except Exception as e: out_error(e) - else: - return True def update_group(name, descript, group_id): @@ -117,24 +106,12 @@ def update_group(name, descript, group_id): group_update.execute() except Exception as e: out_error(e) - return False - else: - return True -def get_group_name_by_id(group_id): +def get_group(group_id: int) -> Groups: try: - return Groups.get(Groups.group_id == group_id).name + return Groups.get(Groups.group_id == group_id) except Groups.DoesNotExist: raise RoxywiResourceNotFound except Exception as e: out_error(e) - - -def get_group_id_by_name(group_name): - try: - group_id = Groups.get(Groups.name == group_name) - except Exception as e: - out_error(e) - else: - return group_id.group_id diff --git a/app/modules/db/roxy.py b/app/modules/db/roxy.py index 99a96679..736d0c40 100644 --- a/app/modules/db/roxy.py +++ b/app/modules/db/roxy.py @@ -1,3 +1,5 @@ +from typing import Union + from app.modules.db.db_model import UserName, RoxyTool, Version from app.modules.db.common import out_error @@ -9,19 +11,9 @@ def insert_user_name(user_name): pass -def select_user_name(): - try: - query_res = UserName.get().UserName - except Exception: - return False - else: - return query_res - - def update_user_name(user_name): - user_update = UserName.update(UserName=user_name) try: - user_update.execute() + UserName.update(UserName=user_name).execute() except Exception as e: out_error(e) return False @@ -30,46 +22,22 @@ def update_user_name(user_name): def update_user_status(status, plan, method): - user_update = UserName.update(Status=status, Method=method, Plan=plan) try: - user_update.execute() + UserName.update(Status=status, Method=method, Plan=plan).execute() + except Exception as e: + out_error(e) + + +def get_user() -> Union[UserName, bool]: + try: + return UserName.get() except Exception: return False - else: - return True - - -def select_user_status(): - try: - query_res = UserName.get().Status - except Exception: - return False - else: - return query_res - - -def select_user_plan(): - try: - query_res = UserName.get().Plan - except Exception: - return False - else: - return query_res - - -def select_user_all(): - try: - query_res = UserName.select() - except Exception: - return False - else: - return query_res def get_roxy_tools(): - query = RoxyTool.select() try: - query_res = query.where(RoxyTool.is_roxy == 1).execute() + query_res = RoxyTool.select().where(RoxyTool.is_roxy == 1).execute() except Exception as e: out_error(e) else: diff --git a/app/modules/db/user.py b/app/modules/db/user.py index 1b342762..7cc879d9 100644 --- a/app/modules/db/user.py +++ b/app/modules/db/user.py @@ -1,6 +1,6 @@ from peewee import Case, JOIN -from app.modules.db.db_model import User, UserGroups, Groups, ApiToken +from app.modules.db.db_model import User, UserGroups, Groups from app.modules.db.sql import get_setting from app.modules.db.common import out_error import app.modules.roxy_wi_tools as roxy_wi_tools @@ -29,13 +29,6 @@ def add_user(user, email, password, role, enabled, group): return last_id -def update_user(user, email, role, user_id, enabled): - try: - User.update(username=user, email=email, role_id=role, enabled=enabled).where(User.user_id == user_id).execute() - except Exception as e: - out_error(e) - - def update_user_from_admin_area(user_id, **kwargs): try: User.update(**kwargs).where(User.user_id == user_id).execute() @@ -85,11 +78,10 @@ def delete_user(user_id): user_for_delete = User.delete().where(User.user_id == user_id) user_for_delete.execute() delete_user_groups(user_id) + except User.DoesNotExist: + raise RoxywiResourceNotFound except Exception as e: out_error(e) - return False - else: - return True def update_user_role(user_id: int, group_id: int, role_id: int) -> None: diff --git a/app/modules/roxywi/auth.py b/app/modules/roxywi/auth.py index d8c6d4ac..5616497f 100644 --- a/app/modules/roxywi/auth.py +++ b/app/modules/roxywi/auth.py @@ -5,7 +5,6 @@ from flask_jwt_extended import verify_jwt_in_request import app.modules.db.sql as sql import app.modules.db.user as user_sql -import app.modules.db.group as group_sql import app.modules.db.service as service_sql import app.modules.roxywi.common as roxywi_common import app.modules.roxy_wi_tools as roxy_wi_tools @@ -113,16 +112,6 @@ def do_login(user_params: dict, next_url: str): access_token = create_jwt_token(user_params) set_access_cookies(response, access_token) - try: - user_group_name = group_sql.get_group_name_by_id(user_params['group']) - except Exception: - user_group_name = '' - - try: - roxywi_common.logging('Roxy-WI server', f'user: {user_params["name"]}, group: {user_group_name} login', roxywi=1) - except Exception as e: - print(str(e)) - return response diff --git a/app/modules/roxywi/common.py b/app/modules/roxywi/common.py index 73c325a0..e977304e 100644 --- a/app/modules/roxywi/common.py +++ b/app/modules/roxywi/common.py @@ -33,13 +33,12 @@ def get_user_group(**kwargs) -> int: verify_jwt_in_request() claims = get_jwt() user_group_id = claims['group'] - groups = group_sql.select_groups(id=user_group_id) - for group in groups: - if group.group_id == int(user_group_id): - if kwargs.get('id'): - user_group = group.group_id - else: - user_group = group.name + group = group_sql.get_group(user_group_id) + if group.group_id == int(user_group_id): + if kwargs.get('id'): + user_group = group.group_id + else: + user_group = group.name except Exception as e: raise Exception(f'error: {e}') return user_group @@ -273,8 +272,8 @@ def get_user_lang_for_flask() -> str: def return_user_status() -> dict: user_subscription = {} - user_subscription.setdefault('user_status', roxy_sql.select_user_status()) - user_subscription.setdefault('user_plan', roxy_sql.select_user_plan()) + user_subscription.setdefault('user_status', roxy_sql.get_user().Status) + user_subscription.setdefault('user_plan', roxy_sql.get_user().Plan) return user_subscription diff --git a/app/modules/roxywi/group.py b/app/modules/roxywi/group.py index 2933a37c..77339f7c 100644 --- a/app/modules/roxywi/group.py +++ b/app/modules/roxywi/group.py @@ -13,13 +13,11 @@ def update_group(group_id: int, group_name: str, desc: str) -> None: raise Exception(e) -def delete_group(group_id: int) -> str: - group = group_sql.select_groups(id=group_id) - group_name = '' +def delete_group(group_id: int) -> None: + group_name = group_sql.get_group(group_id).name - for g in group: - group_name = g.name - - if group_sql.delete_group(group_id): + try: + group_sql.delete_group(group_id) roxywi_common.logging('Roxy-WI server', f'The {group_name} has been deleted', roxywi=1, login=1) - return 'ok' + except Exception as e: + raise e diff --git a/app/modules/roxywi/overview.py b/app/modules/roxywi/overview.py index 1889fb52..c3ee4eb1 100644 --- a/app/modules/roxywi/overview.py +++ b/app/modules/roxywi/overview.py @@ -37,7 +37,7 @@ def user_owv() -> str: def show_sub_ovw() -> str: lang = roxywi_common.get_user_lang_for_flask() - return render_template('ajax/show_sub_ovw.html', sub=roxy_sql.select_user_all(), lang=lang) + return render_template('ajax/show_sub_ovw.html', sub=roxy_sql.get_user(), lang=lang) def show_overview(serv) -> str: diff --git a/app/modules/roxywi/roxy.py b/app/modules/roxywi/roxy.py index 2bb2ab28..462f3ae3 100644 --- a/app/modules/roxywi/roxy.py +++ b/app/modules/roxywi/roxy.py @@ -102,7 +102,7 @@ def action_service(action: str, service: str) -> str: 'restart': 'restart', } cmd = f"sudo systemctl {actions[action]} {service}" - if not roxy_sql.select_user_status(): + if not roxy_sql.get_user().Status: return 'warning: The service is disabled because you are not subscribed. Read here about subscriptions' if is_in_docker: @@ -138,7 +138,7 @@ def update_plan(): else: user_name = 'git' - if roxy_sql.select_user_name(): + if roxy_sql.get_user().UserName: roxy_sql.update_user_name(user_name) else: roxy_sql.insert_user_name(user_name) diff --git a/app/modules/roxywi/user.py b/app/modules/roxywi/user.py index c941bb73..6eeb5c8a 100644 --- a/app/modules/roxywi/user.py +++ b/app/modules/roxywi/user.py @@ -1,4 +1,5 @@ import os +from typing import Union from flask import render_template, make_response @@ -9,27 +10,27 @@ import app.modules.roxywi.common as roxywi_common import app.modules.tools.alerting as alerting -def create_user(new_user: str, email: str, password: str, role: int, enabled: int, group: int) -> int: +def create_user(new_user: str, email: str, password: str, role: int, enabled: int, group: int) -> Union[int, tuple]: try: user_id = user_sql.add_user(new_user, email, password, role, enabled, group) roxywi_common.logging(f'a new user {new_user}', 'has been created', roxywi=1, login=1) - try: - user_sql.update_user_role(user_id, group, role) - except Exception as e: - raise Exception(f'error: cannot update user role {e}') - try: - if password == 'aduser': - password = 'your domain password' - message = f"A user has been created for you on Roxy-WI portal!\n\n" \ - f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \ - f"Your credentials are:\n" \ - f"Login: {new_user}\n" \ - f"Password: {password}" - alerting.send_email(email, 'A user has been created for you', message) - except Exception as e: - roxywi_common.logging('error: Cannot send email for a new user', e, roxywi=1, login=1) except Exception as e: - roxywi_common.handle_exceptions(e, 'Roxy-WI server', 'Cannot create a new user', roxywi=1, login=1) + return roxywi_common.handler_exceptions_for_json_data(e, 'Cannot create a new user') + try: + user_sql.update_user_role(user_id, group, role) + except Exception as e: + return roxywi_common.handler_exceptions_for_json_data(e, 'Cannot update user role') + try: + if password == 'aduser': + password = 'your domain password' + message = f"A user has been created for you on Roxy-WI portal!\n\n" \ + f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \ + f"Your credentials are:\n" \ + f"Login: {new_user}\n" \ + f"Password: {password}" + alerting.send_email(email, 'A user has been created for you', message) + except Exception as e: + roxywi_common.logging('error: Cannot send email for a new user', str(e), roxywi=1, login=1) return user_id @@ -39,10 +40,13 @@ def delete_user(user_id: int): count_super_admin_users = user_sql.get_super_admin_count() if count_super_admin_users < 2: raise Exception('error: you cannot delete a last user with superAdmin role') - user = user_sql.get_user_id(user_id) - if user_sql.delete_user(user_id): + try: + user = user_sql.get_user_id(user_id) + user_sql.delete_user(user_id) user_sql.delete_user_groups(user_id) roxywi_common.logging(user.username, 'has been deleted user', roxywi=1, login=1) + except Exception as e: + return roxywi_common.handler_exceptions_for_json_data(e) def update_user_password(password, user_id): @@ -83,26 +87,11 @@ def change_user_active_group(group_id: int, user_id: int) -> str: def get_user_active_group(group_id: int, user_id: int) -> str: - # group_id = user_sql.get_user_id_by_uuid(uuid) groups = user_sql.select_user_groups_with_names(user_id) lang = roxywi_common.get_user_lang_for_flask() return render_template('ajax/user_current_group.html', groups=groups, group=group_id, lang=lang) -# def show_user_groups_and_roles(user_id: int, lang: str) -> str: -# groups = user_sql.select_user_groups_with_names(user_id, user_not_in_group=1) -# roles = sql.select_roles() -# user_groups = user_sql.select_user_groups_with_names(user_id) -# return render_template('ajax/user_groups_and_roles.html', groups=groups, user_groups=user_groups, roles=roles, lang=lang) - - -# def is_current_user(user_id: int, user_uuid: str) -> bool: -# current_user_id = user_sql.get_user_id_by_uuid(user_uuid) -# if current_user_id == user_id: -# return True -# return False - - def save_user_group_and_role(user: str, groups_and_roles: dict): resp = make_response('ok') for k, v in groups_and_roles.items(): diff --git a/app/modules/server/ssh.py b/app/modules/server/ssh.py index f853bb35..c522a7a0 100644 --- a/app/modules/server/ssh.py +++ b/app/modules/server/ssh.py @@ -93,7 +93,7 @@ def create_ssh_cred(name: str, password: str, group: int, username: str, enable: def upload_ssh_key(ssh_id: int, key: str, passphrase: str) -> None: key = key.replace("'", "") ssh = cred_sql.get_ssh(ssh_id) - group_name = group_sql.get_group_name_by_id(ssh.group_id) + group_name = group_sql.get_group(ssh.group_id).name lib_path = get_config.get_config_var('main', 'lib_path') full_dir = f'{lib_path}/keys/' name = ssh.name @@ -242,7 +242,7 @@ def get_creds(group_id: int = None, cred_id: int = None, not_shared: bool = Fals def _return_correct_ssh_file(cred: CredRequest) -> str: lib_path = get_config.get_config_var('main', 'lib_path') - group_name = group_sql.get_group_name_by_id(cred.group_id) + group_name = group_sql.get_group(cred.group_id).name if group_name not in cred.name: return f'{lib_path}/keys/{cred.name}_{group_name}.pem' else: diff --git a/app/modules/service/ha_cluster.py b/app/modules/service/ha_cluster.py index 6ec6056d..faeb5c25 100644 --- a/app/modules/service/ha_cluster.py +++ b/app/modules/service/ha_cluster.py @@ -1,7 +1,5 @@ from typing import Union -from matplotlib.artist import kwdoc - import app.modules.db.server as server_sql import app.modules.db.ha_cluster as ha_sql import app.modules.db.service as service_sql diff --git a/app/templates/ajax/show_sub_ovw.html b/app/templates/ajax/show_sub_ovw.html index f792cd15..035fddde 100644 --- a/app/templates/ajax/show_sub_ovw.html +++ b/app/templates/ajax/show_sub_ovw.html @@ -1,14 +1,13 @@ {% import 'languages/'+lang|default('en')+'.html' as lang %} -{% for s in sub %} - {% if s.Plan == 'user' %} + {% if sub.Plan == 'user' %} {% set plan = 'Home' %} - {% elif s.Plan == 'company' %} + {% elif sub.Plan == 'company' %} {% set plan = 'Enterprise' %} - {% elif s.Plan == 'cloud' %} + {% elif sub.Plan == 'cloud' %} {% set plan = 'Cloud' %} - {% elif s.Plan == 'support' %} + {% elif sub.Plan == 'support' %} {% set plan = 'Premium' %} - {% elif s.Plan == 'Trial' %} + {% elif sub.Plan == 'Trial' %} {% set plan = 'Trial' %} {% else %} {% set plan = 'Free' %} @@ -24,7 +23,7 @@ N/A {% else %} {{lang.words.active|title()}} {% else %} style="color: var(--red-color); font-weight: bold">Blocked @@ -39,14 +38,13 @@ {% if plan == 'Free' %} N/A {% else %} - {% if s.Method == 'Boosty' %} + {% if sub.Method == 'Boosty' %} Boosty - {% elif s.Method == 'Patreon' %} + {% elif sub.Method == 'Patreon' %} Patreon {% else %} - {{s.Method}} + {{sub.Method}} {% endif %} {% endif %} -{% endfor %} diff --git a/app/templates/include/admin_servers.html b/app/templates/include/admin_servers.html index e2bd979f..9c4ccc8f 100644 --- a/app/templates/include/admin_servers.html +++ b/app/templates/include/admin_servers.html @@ -176,6 +176,7 @@ {% endif %}