diff --git a/app/routes/add/routes.py b/app/routes/add/routes.py index 184c4624..3da47e39 100644 --- a/app/routes/add/routes.py +++ b/app/routes/add/routes.py @@ -1,12 +1,12 @@ import os -from typing import Union +from typing import Literal from flask import render_template, request, jsonify, redirect, url_for, g from flask_jwt_extended import jwt_required, get_jwt from flask_pydantic import validate -from pydantic import IPvAnyAddress -from app.modules.roxywi.class_models import SSLCertUploadRequest, DataStrResponse, SavedServerRequest, BaseResponse +from app.modules.roxywi.class_models import SSLCertUploadRequest, DataStrResponse, SavedServerRequest, BaseResponse, \ + EscapedString from app.routes.add import bp import app.modules.db.add as add_sql import app.modules.db.server as server_sql @@ -19,7 +19,6 @@ import app.modules.roxy_wi_tools as roxy_wi_tools from app.views.service.haproxy_section_views import (GlobalSectionView, DefaultsSectionView, ListenSectionView, UserListSectionView, PeersSectionView) from app.views.service.haproxy_lists_views import HaproxyListView -from app.modules.roxywi.class_models import DomainName get_config = roxy_wi_tools.GetConfigVar() @@ -106,9 +105,8 @@ def get_section_html(): @bp.route('/haproxy/bwlists//') -def get_bwlists(color, group): - color = common.checkAjaxInput(color) - +@validate() +def get_bwlists(color: Literal['black', 'white'], group): return add_mod.get_bwlists_for_autocomplete(color, group) @@ -196,8 +194,8 @@ def get_certs(server_id: int): @bp.route('/cert//', methods=['DELETE', 'GET']) -def get_cert(server_id: int, cert_id: str): - cert_id = common.checkAjaxInput(cert_id) +@validate() +def get_cert(server_id: int, cert_id: EscapedString): server_ip = server_sql.get_server(server_id).ip if request.method == 'DELETE': return add_mod.del_ssl_cert(server_ip, cert_id) @@ -209,17 +207,17 @@ def get_cert(server_id: int, cert_id: str): @validate(body=SSLCertUploadRequest) def upload_cert(body: SSLCertUploadRequest): try: - data = add_mod.upload_ssl_cert(body.server_ip, body.name, body.cert.replace("'", "")) + data = add_mod.upload_ssl_cert(body.server_ip, body.name, body.cert.replace("'", ""), body.cert_type) return jsonify(data), 201 except Exception as e: return roxywi_common.handler_exceptions_for_json_data(e, 'Cannot upload SSL certificate') -@bp.route('/cert/get/raw//') +@bp.route('/cert/get/raw//') @validate() -def get_cert_raw(server_ip: Union[IPvAnyAddress, DomainName], cert_id): - cert_id = common.checkAjaxInput(cert_id) - return add_mod.get_ssl_raw_cert(str(server_ip), cert_id) +def get_cert_raw(server_id: int, cert_id: EscapedString): + server_ip = server_sql.get_server(server_id).ip + return add_mod.get_ssl_raw_cert(server_ip, cert_id) @bp.route('/map', methods=['POST', 'PUT', 'DELETE', 'GET']) diff --git a/app/scripts/ansible/roles/haproxy_section/templates/section.j2 b/app/scripts/ansible/roles/haproxy_section/templates/section.j2 index 65623a9b..f3e27415 100644 --- a/app/scripts/ansible/roles/haproxy_section/templates/section.j2 +++ b/app/scripts/ansible/roles/haproxy_section/templates/section.j2 @@ -32,7 +32,7 @@ tcp-request content reject {% endif %} {% if config.blacklist and config.blacklist != 'None' -%} - tcp-request connection reject if { src -f {{ haproxy_dir }}/white/{{ config.blacklist }} } + tcp-request connection reject if { src -f {{ haproxy_dir }}/black/{{ config.blacklist }} } {% endif %} {% if config.acls != 'None' -%} diff --git a/app/static/js/edit_config.js b/app/static/js/edit_config.js index ec79faf3..950e83be 100644 --- a/app/static/js/edit_config.js +++ b/app/static/js/edit_config.js @@ -93,6 +93,18 @@ function openSection(section) { $(section_id + ' input[name="port"]').get(i).value = bind.port; i++; } + if (data.blacklist) { + $('#'+section_type+'_blacklist_checkbox').prop("checked", true); + $("#" + section_type + "_blacklist-hide").show("fast"); + } else { + $('#'+section_type+'_blacklist_checkbox').prop("checked", false); + } + if (data.whitelist) { + $('#'+section_type+'_whitelist_checkbox').prop("checked", true); + $("#" + section_type + "_whitelist-hide").show("fast"); + } else { + $('#'+section_type+'_whitelist_checkbox').prop("checked", false); + } } if (section_type === 'listen' || section_type === 'backend') { if (data.config.backend_servers) { @@ -366,7 +378,7 @@ function addProxy(form_name, generate=false) { data.data = data.data.replace(/\n/g, "
"); if (returnNiceCheckingConfig(data.data) === 0) { toastr.info('Section has been added. Do not forget to restart the server'); - let ip = frm.find('select[name=serv]').val(); + let ip = $('select[name=serv]').val(); localStorage.setItem('restart', ip); resetProxySettings(); } @@ -401,7 +413,7 @@ function editProxy(form_name, dialog_id, generate=false) { data.data = data.data.replace(/\n/g, "
"); if (returnNiceCheckingConfig(data.data) === 0) { toastr.info('Section has been updated. Do not forget to restart the server'); - let ip = frm.find('select[name=serv]').val(); + let ip = $('select[name=serv]').val(); localStorage.setItem('restart', ip); showConfig(); $(dialog_id).dialog( "close" ); diff --git a/app/templates/ajax/config_show.html b/app/templates/ajax/config_show.html index 1de0ba5b..08487956 100644 --- a/app/templates/ajax/config_show.html +++ b/app/templates/ajax/config_show.html @@ -424,6 +424,7 @@ openSection('{{ edit_section }}'); {% endif %} +