github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v6.3.7.0 

Changelog: https://roxy-wi.org/changelog#6_3_7
pull/355/head
Aidaho 2023-03-06 12:59:08 +03:00
parent cf87534eb2
commit 8012c88727
2 changed files with 22 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/modules/db/sql.py
View File

@ -92,8 +92,18 @@ def add_user(user, email, password, role, activeuser, group):
def update_user(user, email, role, user_id, activeuser): def update_user(user, email, role, user_id, activeuser):
user_update = User.update(username=user, email=email, role=role, activeuser=activeuser).where( user_update = User.update(username=user, email=email, role=role, activeuser=activeuser).where(User.user_id == user_id)
User.user_id == user_id) try:
user_update.execute()
except Exception as e:
out_error(e)
return False
else:
return True
def update_user_from_admin_area(user, email, user_id, activeuser):
user_update = User.update(username=user, email=email, activeuser=activeuser).where(User.user_id == user_id)
try: try:
user_update.execute() user_update.execute()
except Exception as e: except Exception as e:

6
app/modules/roxywi/user.py
View File

@ -60,19 +60,23 @@ def delete_user():
def update_user(): def update_user():
email = form.getvalue('email') email = form.getvalue('email')
role_id = int(form.getvalue('role'))
new_user = form.getvalue('updateuser') new_user = form.getvalue('updateuser')
user_id = form.getvalue('id') user_id = form.getvalue('id')
activeuser = form.getvalue('activeuser') activeuser = form.getvalue('activeuser')
group_id = int(form.getvalue('usergroup')) group_id = int(form.getvalue('usergroup'))
if roxywi_common.check_user_group(): if roxywi_common.check_user_group():
if form.getvalue('role'):
role_id = int(form.getvalue('role'))
if roxywi_auth.is_admin(level=role_id): if roxywi_auth.is_admin(level=role_id):
sql.update_user(new_user, email, role_id, user_id, activeuser) sql.update_user(new_user, email, role_id, user_id, activeuser)
sql.update_user_role(user_id, group_id, role_id) sql.update_user_role(user_id, group_id, role_id)
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1) roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
else: else:
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1) roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
else:
sql.update_user_from_admin_area(new_user, email, user_id, activeuser)
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
def update_user_password(): def update_user_password():