diff --git a/app/create_db.py b/app/create_db.py
index 10285eb4..3eef383e 100644
--- a/app/create_db.py
+++ b/app/create_db.py
@@ -1230,9 +1230,30 @@ def update_db_v_5_1_2(**kwargs):
con.close()
+def update_db_v_5_1_3(**kwargs):
+ con, cur = get_cur()
+ sql = """
+ ALTER TABLE `servers` ADD COLUMN protected INTEGER NOT NULL DEFAULT 0;
+ """
+ try:
+ cur.execute(sql)
+ con.commit()
+ except sqltool.Error as e:
+ if kwargs.get('silent') != 1:
+ if e.args[0] == 'duplicate column name: protected' or e == " 1060 (42S21): Duplicate column name 'protected' ":
+ print('Updating... DB has been updated to version 5.1.3')
+ else:
+ print("An error occurred:", e)
+ else:
+ print("DB has been updated to version 5.1.3")
+
+ cur.close()
+ con.close()
+
+
def update_ver():
con, cur = get_cur()
- sql = """update version set version = '5.1.2.0'; """
+ sql = """update version set version = '5.1.3.0'; """
try:
cur.execute(sql)
con.commit()
@@ -1274,6 +1295,7 @@ def update_all():
update_db_v_5_1_0_1()
update_db_v_5_1_1()
update_db_v_5_1_2()
+ update_db_v_5_1_3()
update_ver()
@@ -1309,6 +1331,7 @@ def update_all_silent():
update_db_v_5_1_0_1(silent=1)
update_db_v_5_1_1(silent=1)
update_db_v_5_1_2(silent=1)
+ update_db_v_5_1_3(silent=1)
update_ver()
diff --git a/app/options.py b/app/options.py
index ffd049d2..79d7ceec 100644
--- a/app/options.py
+++ b/app/options.py
@@ -918,6 +918,12 @@ if serv is not None and form.getvalue('right') is not None:
print(stderr)
if serv is not None and act == "configShow":
+ import http.cookies
+
+ cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+ user_uuid = cookie.get('uuid')
+ role_id = sql.get_user_role_by_uuid(user_uuid.value)
+
if form.getvalue('service') == 'keepalived':
configs_dir = funct.get_config_var('configs', 'kp_save_configs_dir')
cfg = '.conf'
@@ -940,6 +946,8 @@ if serv is not None and act == "configShow":
conf = open(cfg, "r")
except IOError:
print('
Can\'t read config file
')
+
+ is_serv_protected = sql.is_serv_protected(serv)
from jinja2 import Environment, FileSystemLoader
@@ -950,8 +958,9 @@ if serv is not None and act == "configShow":
template = template.render(conf=conf,
serv=serv,
configver=form.getvalue('configver'),
- role=funct.is_admin(level=3),
- service=form.getvalue('service'))
+ role=role_id,
+ service=form.getvalue('service'),
+ is_serv_protected=is_serv_protected)
print(template)
if form.getvalue('configver') is None:
@@ -1786,12 +1795,13 @@ if form.getvalue('updateserver') is not None:
serv_id = form.getvalue('id')
cred = form.getvalue('cred')
port = form.getvalue('port')
+ protected = form.getvalue('protected')
desc = form.getvalue('desc')
if name is None or port is None:
print(error_mess)
else:
- sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, haproxy, nginx, firewall)
+ sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, haproxy, nginx, firewall, protected)
funct.logging('the server ' + name, ' has been updated ', haproxywi=1, login=1)
if form.getvalue('serverdel') is not None:
diff --git a/app/sql.py b/app/sql.py
index e7cf8074..8410e2de 100644
--- a/app/sql.py
+++ b/app/sql.py
@@ -365,7 +365,7 @@ def update_hapwi_server(server_id, alert, metrics, active, service_name):
con.close()
-def update_server(hostname, group, typeip, enable, master, id, cred, port, desc, haproxy, nginx, firewall):
+def update_server(hostname, group, typeip, enable, master, id, cred, port, desc, haproxy, nginx, firewall, protected):
con, cur = get_cur()
sql = """ update servers set
hostname = '%s',
@@ -378,8 +378,9 @@ def update_server(hostname, group, typeip, enable, master, id, cred, port, desc,
`desc` = '%s',
haproxy = '%s',
nginx = '%s',
- firewall_enable = '%s'
- where id = '%s'""" % (hostname, group, typeip, enable, master, cred, port, desc, haproxy, nginx, firewall, id)
+ firewall_enable = '%s',
+ protected = '%s'
+ where id = '%s'""" % (hostname, group, typeip, enable, master, cred, port, desc, haproxy, nginx, firewall, protected, id)
try:
cur.execute(sql)
con.commit()
@@ -1367,7 +1368,7 @@ def delete_savedserver(id):
con.close()
-def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
+def insert_metrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
con, cur = get_cur()
if mysql_enable == '1':
sql = """ insert into metrics (serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate, date) values('%s', '%s', '%s', '%s', '%s', now()) """ % (serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate)
@@ -1383,6 +1384,35 @@ def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
con.close()
+def insert_metrics_http(serv, http_2xx, http_3xx, http_4xx, http_5xx):
+ con, cur = get_cur()
+ if mysql_enable == '1':
+ sql = """ insert into metrics_http_status (serv, `2xx`, `3xx`, `4xx`, `5xx`, date) values('%s', '%s', '%s', '%s', '%s', now()) """ % (serv, http_2xx, http_3xx, http_4xx, http_5xx)
+ else:
+ sql = """ insert into metrics_http_status (serv, `2xx`, `3xx`, `4xx`, `5xx`, date) values('%s', '%s', '%s', '%s', '%s', datetime('now', 'localtime')) """ % (serv, http_2xx, http_3xx, http_4xx, http_5xx)
+ try:
+ cur.execute(sql)
+ con.commit()
+ except sqltool.Error as e:
+ funct.out_error(e)
+ con.rollback()
+ cur.close()
+ con.close()
+
+
+# def select_waf_metrics_enable(id):
+# con, cur = get_cur()
+# sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where server_id = '%s' """ % id
+# try:
+# cur.execute(sql)
+# except sqltool.Error as e:
+# funct.out_error(e)
+# else:
+# return cur.fetchall()
+# cur.close()
+# con.close()
+
+
def select_waf_metrics_enable_server(ip):
con, cur = get_cur()
sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where ip = '%s' """ % ip
@@ -1601,7 +1631,7 @@ def delete_waf_server(id):
con.close()
-def insert_waf_mentrics(serv, conn):
+def insert_waf_metrics(serv, conn):
con, cur = get_cur()
if mysql_enable == '1':
sql = """ insert into waf_metrics (serv, conn, date) values('%s', '%s', now()) """ % (serv, conn)
@@ -1617,7 +1647,7 @@ def insert_waf_mentrics(serv, conn):
con.close()
-def delete_waf_mentrics():
+def delete_waf_metrics():
con, cur = get_cur()
if mysql_enable == '1':
sql = """ delete from metrics where date < now() - INTERVAL 3 day """
@@ -1646,7 +1676,7 @@ def update_waf_metrics_enable(name, enable):
con.close()
-def delete_mentrics():
+def delete_metrics():
con, cur = get_cur()
if mysql_enable == '1':
sql = """ delete from metrics where date < now() - INTERVAL 3 day """
@@ -1662,6 +1692,21 @@ def delete_mentrics():
con.close()
+def delete_http_metrics():
+ con, cur = get_cur()
+ if mysql_enable == '1':
+ sql = """ delete from metrics_http_status where date < now() - INTERVAL 3 day """
+ else:
+ sql = """ delete from metrics_http_status where date < datetime('now', '-3 days') """
+ try:
+ cur.execute(sql)
+ con.commit()
+ except sqltool.Error as e:
+ funct.out_error(e)
+ con.rollback()
+ cur.close()
+ con.close()
+
def select_metrics(serv, **kwargs):
con, cur = get_cur()
@@ -1703,6 +1748,46 @@ def select_metrics(serv, **kwargs):
con.close()
+def select_metrics_http(serv, **kwargs):
+ con, cur = get_cur()
+
+ if mysql_enable == '1':
+ if kwargs.get('time_range') == '60':
+ date_from = "and date > now() - INTERVAL 60 minute and rowid % 2 = 0"
+ elif kwargs.get('time_range') == '180':
+ date_from = "and date > now() - INTERVAL 180 minute and rowid % 5 = 0"
+ elif kwargs.get('time_range') == '360':
+ date_from = "and date > now() - INTERVAL 360 minute and rowid % 7 = 0"
+ elif kwargs.get('time_range') == '720':
+ date_from = "and date > now() - INTERVAL 720 minute and rowid % 9 = 0"
+ else:
+ date_from = "and date > now() - INTERVAL 30 minute"
+ sql = """ select * from metrics_http_status where serv = '{serv}' {date_from} order by `date` desc """.format(serv=serv, date_from=date_from)
+ else:
+ if kwargs.get('time_range') == '60':
+ date_from = "and date > datetime('now', '-60 minutes', 'localtime') and rowid % 2 = 0"
+ elif kwargs.get('time_range') == '180':
+ date_from = "and date > datetime('now', '-180 minutes', 'localtime') and rowid % 5 = 0"
+ elif kwargs.get('time_range') == '360':
+ date_from = "and date > datetime('now', '-360 minutes', 'localtime') and rowid % 7 = 0"
+ elif kwargs.get('time_range') == '720':
+ date_from = "and date > datetime('now', '-720 minutes', 'localtime') and rowid % 9 = 0"
+ else:
+ date_from = "and date > datetime('now', '-30 minutes', 'localtime')"
+
+ sql = """ select * from (select * from metrics_http_status where serv = '{serv}' {date_from} order by `date`) order by `date` """.format(serv=serv, date_from=date_from)
+
+ try:
+ cur.execute(sql)
+ except sqltool.Error as e:
+ funct.out_error(e)
+ else:
+ return cur.fetchall()
+
+ cur.close()
+ con.close()
+
+
def select_servers_metrics_for_master(**kwargs):
con, cur = get_cur()
sql = """select ip from servers where metrics = 1 """
@@ -3332,6 +3417,23 @@ def update_aws_provider(new_name, new_key, new_secret, provider_id):
con.close()
+def is_serv_protected(serv):
+ con, cur = get_cur()
+ sql = """ select protected from servers where ip = '%s'""" % serv
+
+ try:
+ cur.execute(sql)
+ except sqltool.Error as e:
+ cur.close()
+ con.close()
+ return ""
+ else:
+ for p in cur.fetchall():
+ return True if p[0] else False
+ cur.close()
+ con.close()
+
+
form = funct.form
error_mess = 'error: All fields must be completed'
diff --git a/app/templates/ajax/config_show.html b/app/templates/ajax/config_show.html
index 0508da3a..5b503571 100644
--- a/app/templates/ajax/config_show.html
+++ b/app/templates/ajax/config_show.html
@@ -1,14 +1,16 @@
-
+
Config from {{serv}}
- {% if role %}
+ {% if role <= 3 %}
+ {% if not is_serv_protected or role <= 2 %}
Edit
+ {% endif %}
{% endif %}
- Expand all
+ Expand all
-
+
{% set i = 0 -%}
@@ -222,6 +224,8 @@
{% if configver %}
+ {% if role <= 3 %}
+ {% if not is_serv_protected or role <= 2 %}
+ {% endif %}
+ {% endif %}
Note: If you reconfigure Master server, Slave will reconfigured automatically
{% endif %}
\ No newline at end of file
diff --git a/app/templates/include/admin_servers.html b/app/templates/include/admin_servers.html
index 2a96ee58..6c72f9b7 100644
--- a/app/templates/include/admin_servers.html
+++ b/app/templates/include/admin_servers.html
@@ -15,9 +15,12 @@