v7.0.0.0

Changelog: https://roxy-wi.org/changelog#7.0.0
2023-09-20 13:11:10 +03:00 · 2023-09-20 13:11:10 +03:00 · 3edd512c91
parent 191267a90a
commit 3edd512c91
9 changed files with 47 additions and 44 deletions
--- a/app/modules/roxywi/auth.py
+++ b/app/modules/roxywi/auth.py
@ -1,4 +1,4 @@
-from flask import request, redirect, url_for
+from flask import request, redirect, url_for, abort

 import modules.db.sql as sql

@ -54,7 +54,7 @@ def is_admin(level=1, **kwargs):

 def page_for_admin(level=1) -> None:
 	if not is_admin(level=level):
-		return redirect(url_for('index'))
+		return abort(400, 'bad permission')


 def check_in_ldap(user, password):
--- a/app/modules/roxywi/waf.py
+++ b/app/modules/roxywi/waf.py
@ -66,7 +66,7 @@ def waf_overview(serv, waf_service) -> None:
    lang = roxywi_common.get_user_lang_for_flask()
    servers_sorted = sorted(returned_servers, key=common.get_key)

-    return render_template('ajax/overivewWaf.html', service_status=servers_sorted, role=role, waf_service=waf_service, lang=lang)
+    return render_template('ajax/overviewWaf.html', service_status=servers_sorted, role=role, waf_service=waf_service, lang=lang)


 def change_waf_mode(waf_mode: str, server_hostname: str, service: str) -> str:
--- a/app/modules/service/haproxy.py
+++ b/app/modules/service/haproxy.py
@ -239,7 +239,7 @@ def show_map(serv: str) -> str:
        nx.draw_networkx_edge_labels(G, pos, alpha=0.4, label_pos=0.5, font_color="#5d9ceb", edge_labels=edge_labels,
                                     font_size=8)

-        plt.savefig("/var/www/haproxy-wi/app/map.png")
+        plt.savefig("/var/www/haproxy-wi/map.png")
        plt.show()
    except Exception as e:
        return f'error: Cannot create a map: {e}'
--- a/app/routes/admin/routes.py
+++ b/app/routes/admin/routes.py
@ -140,8 +140,8 @@ def load_openvpn():

@bp.post('/openvpn/upload')
 def upload_openvpn():
+    roxywi_auth.page_for_admin()
    name = common.checkAjaxInput(request.form.get('ovpnname'))
-
    ovpn_file = f"{os.path.dirname('/tmp/')}/{name}.ovpn"

    try:
@ -175,6 +175,7 @@ def upload_openvpn():

@bp.post('/openvpn/delete')
 def delete_openvpn():
+    roxywi_auth.page_for_admin()
    openvpndel = common.checkAjaxInput(request.form.get('openvpndel'))

    cmd = f'sudo openvpn3 config-remove --config /tmp/{openvpndel}.ovpn --force'
@ -191,6 +192,7 @@ def delete_openvpn():

@bp.route('/openvpn/action/<action>/<openvpn>')
 def action_openvpn(action, openvpn):
+    roxywi_auth.page_for_admin()
    openvpn = common.checkAjaxInput(openvpn)

    if action == 'start':
@ -210,9 +212,10 @@ def action_openvpn(action, openvpn):
        return f'error: Cannot {action} OpenVPN: {e}'


-@bp.route('/setting/<param>/<val>', methods=['POST'])
-def update_settings(param, val):
-    val = val.replace('92', '/')
+@bp.post('/setting/<param>')
+def update_settings(param):
+    roxywi_auth.page_for_admin(level=2)
+    val = request.form.get('val').replace('92', '/')
    user_group = roxywi_common.get_user_group(id=1)
    if sql.update_setting(param, val, user_group):
        roxywi_common.logging('Roxy-WI server', f'The {param} setting has been changed to: {val}', roxywi=1, login=1)
--- a/app/routes/service/routes.py
+++ b/app/routes/service/routes.py
@ -211,11 +211,11 @@ def services(service, serv):
    )


-@bp.route('/action/check-service', methods=['POST'])
-def check_service():
+@bp.post('/action/<service>/check-service')
+@check_services
+def check_service(service):
    user_uuid = request.cookies.get('uuid')
    server_ip = common.checkAjaxInput(request.form.get('server_ip'))
-    service = common.checkAjaxInput(request.form.get('service'))

    try:
        return service_action.check_service(server_ip, user_uuid, service)
@ -224,7 +224,6 @@ def check_service():


@bp.route('/action/<service>/<server_ip>/<action>', methods=['GET'])
-@check_services
 def action_service(service, server_ip, action):
    server_ip = common.is_ip_or_dns(server_ip)

--- a/app/templates/ajax/overviewWaf.html
+++ b/app/templates/ajax/overviewWaf.html
@ -73,9 +73,9 @@
 		</td>
 		<td>
 			{% if waf_service == 'haproxy' %}
-			<a href="/app/logs/{{waf_service}}/waf/{{ service.1 }}" class="ui-button ui-widget ui-corner-all" title="{{lang.words.view|title()}} {{lang.words.log}}">{{lang.words.view|title()}}</a>
+			<a href="/app/logs/{{waf_service}}/waf" class="ui-button ui-widget ui-corner-all" title="{{lang.words.view|title()}} {{lang.words.log}}">{{lang.words.view|title()}}</a>
 			{% elif waf_service == 'nginx' %}
-			<a href="/app/logs/{{waf_service}}/?serv={{ service.1 }}&rows=100&grep=ModSecurity&hour=00&minute=00&hour1=24&minute1=00&file=error.log&waf=0" class="ui-button ui-widget ui-corner-all" title="{{lang.words.view|title()}} {{lang.words.log}}">{{lang.words.view|title()}}</a>
+			<a href="/app/logs/{{waf_service}}?serv={{ service.1 }}&rows=100&grep=ModSecurity&hour=00&minute=00&hour1=24&minute1=00&file=error.log&waf=0" class="ui-button ui-widget ui-corner-all" title="{{lang.words.view|title()}} {{lang.words.log}}">{{lang.words.view|title()}}</a>
 			{% endif %}
 		</td>
 		<td></td>
--- a/inc/overview.js
+++ b/inc/overview.js
@ -533,9 +533,8 @@ function check_service_status(id, ip, service) {
 	NProgress.configure({showSpinner: false});
 	if (service == 'keepalived') return false;
 	$.ajax({
-		url: "/app/service/action/check-service",
+		url: "/app/service/action/" + service + "/check-service",
 		data: {
-			service: service,
 			server_ip: ip
 		},
 		type: "POST",
--- a/inc/script.js
+++ b/inc/script.js
@ -356,8 +356,10 @@ function openSection() {
 function showLog() {
 	var waf = cur_url[2];
 	var file = $('#log_files').val();
-	if ((file === undefined || file === null) && waf == '') {
+	var serv = $("#serv").val();
+	if ((file === undefined || file === null) && (waf == '' || waf === undefined)) {
 		var file_from_get = findGetParameter('file');
+		console.log(file_from_get)
 		if (file_from_get === undefined || file_from_get === null) {
 			toastr.warning('Select a log file first')
 			return false;
@ -365,22 +367,22 @@ function showLog() {
 			file = file_from_get;
 		}
 	}
-	var rows = $('#rows').val()
-	var grep = $('#grep').val()
-	var exgrep = $('#exgrep').val()
-	var hour = $('#time_range_out_hour').val()
-	var minute = $('#time_range_out_minut').val()
-	var hour1 = $('#time_range_out_hour1').val()
-	var minute1 = $('#time_range_out_minut1').val()
-	var service = $('#service').val()
+	var rows = $('#rows').val();
+	var grep = $('#grep').val();
+	var exgrep = $('#exgrep').val();
+	var hour = $('#time_range_out_hour').val();
+	var minute = $('#time_range_out_minut').val();
+	var hour1 = $('#time_range_out_hour1').val();
+	var minute1 = $('#time_range_out_minut1').val();
+	var service = $('#service').val();
 	if (service == 'None') {
 		service = 'haproxy';
 	}
 	if (waf) {
-		var url = "/app/logs/" + service + "/waf/" + $("#serv").val() + "/" + rows;
+		var url = "/app/logs/" + service + "/waf/" + serv + "/" + rows;
 		waf = 1;
 	} else {
-		var url = "/app/logs/" + service + "/" + $("#serv").val() + "/" + rows;
+		var url = "/app/logs/" + service + "/" + serv + "/" + rows;
 	}
 	$.ajax( {
 		url: url,
--- a/inc/users.js
+++ b/inc/users.js
@ -1398,25 +1398,26 @@ function updateSettings(param, val) {
 		val = val;
 	}
 	toastr.clear();
-	$.ajax( {
-		url: "/app/admin/setting/" + param + "/" + val,
+	$.ajax({
+		url: "/app/admin/setting/" + param,
 		data: {
+			val: val,
 			token: $('#token').val()
 		},
 		type: "POST",
-		success: function( data ) {
-			data = data.replace(/\s+/g,' ');
+		success: function (data) {
+			data = data.replace(/\s+/g, ' ');
 			if (data.indexOf('error:') != '-1') {
 				toastr.error(data);
 			} else {
 				toastr.clear();
-				$("#"+param).parent().parent().addClass( "update", 1000 );
-			setTimeout(function() {
-				$( "#"+param ).parent().parent().removeClass( "update" );
-			}, 2500 );
+				$("#" + param).parent().parent().addClass("update", 1000);
+				setTimeout(function () {
+					$("#" + param).parent().parent().removeClass("update");
+				}, 2500);
 			}
 		}
-	} );
+	});
 }
 function sshKeyEnableShow(id) {
 	$('#ssh_enable-'+id).click(function() {
@ -1651,8 +1652,7 @@ function cloneServer(id) {
 	$('#slavefor').selectmenu("refresh");
 	$('#credentials').val($('#credentials-'+id+' option:selected').val()).change()
 	$('#credentials').selectmenu("refresh");
-	cur_url = cur_url[0].split('#')[0]
-	if (cur_url == 'users.py') {
+	if (cur_url[0].indexOf('admin') != '-1') {
 		$('#new-server-group-add').val($('#servergroup-'+id+' option:selected').val()).change()
 		$('#new-server-group-add').selectmenu("refresh");
 	}
@ -1927,7 +1927,7 @@ function updateServer(id) {
 		protected_serv = '1';
 	}
 	var servergroup = $('#servergroup-' + id + ' option:selected').val();
-	if (cur_url[0].split('#')[0] == "servers.py") {
+	if (cur_url[0].indexOf('servers') != '-1') {
 		servergroup = $('#new-server-group-add').val();
 	}
 	$.ajax({
@ -1995,7 +1995,7 @@ function updateSSH(id) {
 		ssh_enable = '1';
 	}
 	var group = $('#sshgroup-' + id).val();
-	if (cur_url[0].split('#')[0] == "servers.py") {
+	if (cur_url[0].indexOf('servers') != '-1') {
 		group = $('#new-server-group-add').val();
 	}
 	$.ajax({
@ -2029,7 +2029,7 @@ function updateSSH(id) {
 	});
 }
 function updateReceiver(id, receiver_name) {
-	if (cur_url[0].split('#')[0] == 'servers.py') {
+	if (cur_url[0].indexOf('servers') != '-1') {
 		var group = $('#new-group').val();
 	} else {
 		var group = $('#' + receiver_name + 'group-' + id).val();
@ -2382,16 +2382,16 @@ function updateService(service, action='update') {
 				toastr.success(service + ' has been ' + action + 'ed');
 			} else if (data.indexOf('Unauthorized') != '-1' || data.indexOf('Status code: 401') != '-1') {
 				toastr.clear();
-				toastr.error('It looks like there is no authorization in the Roxy-WI repository. Your subscription may have expired or there is no subscription. How to get the <b><a href="https://roxy-wi.org/pricing.py" title="Pricing" target="_blank">subscription</a></b>');
+				toastr.error('It looks like there is no authorization in the Roxy-WI repository. Your subscription may have expired or there is no subscription. How to get the <b><a href="https://roxy-wi.org/pricing" title="Pricing" target="_blank">subscription</a></b>');
 			} else if (data.indexOf('but not installed') != '-1') {
 				toastr.clear();
 				toastr.error('There is setting for Roxy-WI repository, but Roxy-WI is installed without repository. Please reinstall with package manager');
 			} else if (data.indexOf('No Match for argument') != '-1' || data.indexOf('Unable to find a match') != '-1') {
 				toastr.clear();
-				toastr.error('It seems like Roxy-WI repository is not set. Please read docs for <b><a href="https://roxy-wi.org/updates.py">detail</a></b>');
+				toastr.error('It seems like Roxy-WI repository is not set. Please read docs for <b><a href="https://roxy-wi.org/updates">detail</a></b>');
 			} else if (data.indexOf('password for') != '-1') {
 				toastr.clear();
-				toastr.error('It seems like apache user needs to be add to sudoers. Please read docs for <b><a href="https://roxy-wi.org/updates.py">detail</a></b>');
+				toastr.error('It seems like apache user needs to be add to sudoers. Please read docs for <b><a href="https://roxy-wi.org/installation#ansible">detail</a></b>');
 			} else if (data.indexOf('No packages marked for update') != '-1') {
 				toastr.clear();
 				toastr.info('It seems like the lastest version Roxy-WI is installed');