v5.0.2.0

Changelog: https://haproxy-wi.org/changelog.py#5_0_2
2021-03-29 23:54:08 +06:00 · 2021-03-29 23:54:08 +06:00 · 8550b15b22
parent 236f25113b
commit 8550b15b22
3 changed files with 161 additions and 14 deletions
--- a/app/create_db.py
+++ b/app/create_db.py
@ -138,6 +138,28 @@ def create_table(**kwargs):
 		CREATE TABLE IF NOT EXISTS `waf` (`server_id` INTEGER UNIQUE, metrics INTEGER);
 		CREATE TABLE IF NOT EXISTS `waf_metrics` (`serv` varchar(64), conn INTEGER, `date` DATETIME default '0000-00-00 00:00:00');
 		CREATE TABLE IF NOT EXISTS user_groups(user_id INTEGER NOT NULL, user_group_id INTEGER NOT NULL, UNIQUE(user_id,user_group_id));
+		CREATE TABLE IF NOT EXISTS port_scanner_settings (
+			server_id INTEGER NOT NULL, 
+			user_group_id INTEGER NOT NULL, 
+			enabled INTEGER NOT NULL, 
+			notify INTEGER NOT NULL, 
+			history INTEGER NOT NULL, 
+			UNIQUE(server_id)
+		);
+		CREATE TABLE IF NOT EXISTS port_scanner_ports (
+			`serv` varchar(64), 
+			user_group_id INTEGER NOT NULL,
+			port INTEGER NOT NULL,
+			service_name varchar(64),
+			`date`  DATETIME default '0000-00-00 00:00:00'
+		);
+		CREATE TABLE IF NOT EXISTS port_scanner_history (
+			`serv` varchar(64), 
+			port INTEGER NOT NULL,
+			status varchar(64),
+			service_name varchar(64),
+			`date`  DATETIME default '0000-00-00 00:00:00'
+		);
 		CREATE TABLE IF NOT EXISTS providers_creds (
 			`id` INTEGER NOT NULL,
 			`name` VARCHAR ( 64 ), 
@ -173,7 +195,15 @@ def create_table(**kwargs):
 			`last_error` VARCHAR ( 256 ),
 			`delete_on_termination` INTEGER,
 			PRIMARY KEY(`id`)
-		); 
+		);
+		CREATE TABLE api_tokens (
+			`token` varchar(64),
+			`user_name` varchar(64),
+			`user_group_id` INTEGER NOT NULL,
+			`user_role` INTEGER NOT NULL,
+			`create_date`  DATETIME default '0000-00-00 00:00:00',
+			`expire_date`  DATETIME default '0000-00-00 00:00:00'
+		);
 		"""
 		try:
 			cur.executescript(sql)
@ -1012,6 +1042,7 @@ def update_db_v_5(**kwargs):
 	cur.close()
 	con.close()

+
 def update_db_v_51(**kwargs):
 	con, cur = get_cur()
 	sql = """CREATE TABLE IF NOT EXISTS provisioned_servers (
@ -1073,6 +1104,51 @@ def update_db_v_5_0_1(**kwargs):
 	con.close()


+def update_db_v_5_1_0(**kwargs):
+	con, cur = get_cur()
+	sql = """
+	INSERT  INTO settings (param, value, section, `desc`) values('port_scan_interval', '5', 'monitoring', 'Port scanner check interval, in minutes');
+	"""
+	try:
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		if kwargs.get('silent') != 1:
+			if e.args[0] == 'columns param, group are not unique' or e == " 1060 (42S21): columns param, group are not unique ":
+				print('Updating... DB has been updated to version 5.1.0')
+			else:
+				print("An error occurred:", e)
+	else:
+		print("Updating... DB has been updated to version 5.1.0")
+
+	cur.close()
+	con.close()
+
+
+def update_db_v_5_1_0_1(**kwargs):
+	con, cur = get_cur()
+	sql = """CREATE TABLE api_tokens (
+			`token` varchar(64),
+			`user_name` varchar(64),
+			`user_group_id` INTEGER NOT NULL,
+			`user_role` INTEGER NOT NULL,
+			`create_date`  DATETIME default '0000-00-00 00:00:00',
+			`expire_date`  DATETIME default '0000-00-00 00:00:00'
+		);  """
+	try:
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		if kwargs.get('silent') != 1:
+			if e.args[0] == 'duplicate column name: version' or e == "1060 (42S21): Duplicate column name 'version' ":
+				print('Updating... DB has been updated to version 5.1.0')
+			else:
+				print("Updating... DB has been updated to version 5.1.0")
+
+	cur.close()
+	con.close()
+
+
 def update_ver():
 	con, cur = get_cur()
 	sql = """update version set version = '5.0.2.0'; """
@ -1112,6 +1188,8 @@ def update_all():
 	update_db_v_5()
 	update_db_v_51()
 	update_db_v_5_0_1()
+	update_db_v_5_1_0()
+	update_db_v_5_1_0_1()
 	update_ver()


@ -1142,6 +1220,8 @@ def update_all_silent():
 	update_db_v_5(silent=1)
 	update_db_v_51(silent=1)
 	update_db_v_5_0_1(silent=1)
+	update_db_v_5_1_0(silent=1)
+	update_db_v_5_1_0_1(silent=1)
 	update_ver()


--- a/app/funct.py
+++ b/app/funct.py
@ -16,7 +16,7 @@ def get_app_dir():
 def get_config_var(sec, var):
 	from configparser import ConfigParser, ExtendedInterpolation
 	try:
-		path_config = "haproxy-wi.cfg"
+		path_config = "/var/www/haproxy-wi/app/haproxy-wi.cfg"
 		config = ConfigParser(interpolation=ExtendedInterpolation())
 		config.read(path_config)
 	except Exception:
@ -63,7 +63,7 @@ def get_user_group(**kwargs):
 				else:
 					user_group = g[1]
 	except Exception:
-		user_group = ''
+		check_user_group()

 	return user_group

@ -72,8 +72,11 @@ def logging(serv, action, **kwargs):
 	import sql
 	import http.cookies
 	log_path = get_config_var('main', 'log_path')
-	user_group = get_user_group()
-	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	try:
+		user_group = get_user_group()
+		cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	except:
+		user_group = ''

 	if not os.path.exists(log_path):
 		os.makedirs(log_path)
@ -140,7 +143,7 @@ def telegram_send_mess(mess, **kwargs):
 		channel_name = telegram[2]
 		
 	if token_bot == '' or channel_name == '':
-		mess = " Fatal: Can't send message. Add Telegram channel before use alerting at this servers group"
+		mess = " error: Can't send message. Add Telegram channel before use alerting at this servers group"
 		print(mess)
 		logging('localhost', mess, haproxywi=1)
 		sys.exit()
@ -1177,7 +1180,10 @@ def get_users_params(**kwargs):
 	return user, user_id, role, token, servers


-def check_user_group():
+def check_user_group(**kwargs):
+	if kwargs.get('token') is not None:
+		return True
+
 	import http.cookies
 	import os
 	import sql
@ -1218,9 +1224,10 @@ def get_services_status():
 	services_name = {'checker_haproxy': 'Checker backends master service',
 					 'keep_alive': 'Auto start service',
 					 'metrics_haproxy': 'Metrics master service',
+					 'portscanner': 'Port scanner service',
+					 'smon': 'Simple monitoring network ports',
 					 'prometheus': 'Prometheus service',
 					 'grafana-server': 'Grafana service',
-					 'smon': 'Simple monitoring network ports',
 					 'fail2ban': 'Fail2ban service'}
 	for s, v in services_name.items():
 		cmd = "systemctl status %s |grep Act |awk  '{print $2}'" % s
--- a/app/sql.py
+++ b/app/sql.py
@ -525,6 +525,21 @@ def get_group_name_by_id(group_id):
 	con.close()


+def get_group_id_by_name(group_name):
+	con, cur = get_cur()
+	sql = """select id from groups where name = '%s' """ % group_name
+
+	try:
+		cur.execute(sql)
+	except sqltool.Error as e:
+		return funct.out_error(e)
+	else:
+		for group_id in cur.fetchone():
+			return group_id
+	cur.close()
+	con.close()
+
+
 def select_server_by_name(name):
 	con, cur = get_cur()
 	sql = """select ip from servers where hostname='%s' """ % name
@ -620,6 +635,52 @@ def write_user_token(login, user_token):
 	con.close()


+def write_api_token(user_token, group_id, user_role, user_name):
+	con, cur = get_cur()
+	token_ttl = get_setting('token_ttl')
+
+	if mysql_enable == '1':
+		sql = """ insert into api_tokens (token, user_name, user_group_id, user_role, create_date, expire_date) values('%s', '%s', '%s', '%s', now(), now()+ INTERVAL %s day) """ % (user_token, user_name, group_id, user_role, token_ttl)
+	else:
+		sql = """ insert into api_tokens (token, user_name, user_group_id, user_role, create_date, expire_date) values('%s', '%s', '%s', '%s', datetime('now'), datetime('now', '+%s days')) """ % (user_token, user_name, group_id, user_role, token_ttl)
+	try:
+		cur.execute(sql)
+		con.commit()
+	except sqltool.Error as e:
+		return str(e)
+		con.rollback()
+	cur.close()
+	con.close()
+
+
+def get_api_token(token):
+	con, cur = get_cur()
+	sql = """ select token from api_tokens where token = '%s' """ % token
+	try:
+		cur.execute(sql)
+	except sqltool.Error as e:
+		return str(e)
+	else:
+		for user_token in cur.fetchall():
+			return True if token == user_token[0] else False
+	cur.close()
+	con.close()
+
+
+def get_username_groupid_from_api_token(token):
+	con, cur = get_cur()
+	sql = """ select user_name, user_group_id from api_tokens where token = '%s' """ % token
+	try:
+		cur.execute(sql)
+	except sqltool.Error as e:
+		return str(e)
+	else:
+		for u in cur.fetchall():
+			return u[0], u[1]
+	cur.close()
+	con.close()
+
+
 def get_token(uuid):
 	con, cur = get_cur()
 	sql = """ select token.token from token left join uuid as uuid on uuid.user_id = token.user_id where uuid.uuid = '%s' """ % uuid
@ -784,14 +845,14 @@ def get_dick_permit(**kwargs):
 	import http.cookies
 	import os
 	if kwargs.get('username'):
-		user = kwargs.get('username')
-		grp = '1'
+		# user = kwargs.get('username')
+		grp = kwargs.get('group_id')
 	else:
 		cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
-		user_id = cookie.get('uuid')
+		# user_id = cookie.get('uuid')
 		group = cookie.get('group')
 		grp = group.value
-		user = get_user_id_by_uuid(user_id.value)
+		# user = get_user_id_by_uuid(user_id.value)
 	if kwargs.get('token'):
 		token = kwargs.get('token')
 	else:
@ -818,7 +879,7 @@ def get_dick_permit(**kwargs):
 	if kwargs.get('keepalived'):
 		nginx = "and keepalived = 1"

-	if funct.check_user_group():
+	if funct.check_user_group(token=token):
 		con, cur = get_cur()
 		if grp == '1' and not only_group:
 			sql = """ select * from servers where enable = 1 %s %s %s %s order by pos""" % (disable, type_ip, nginx, ip)
@ -2442,7 +2503,6 @@ def insert_port_scanner_settings(server_id, user_group_id, enabled, notify, hist
 		con.commit()
 		return True
 	except sqltool.Error as e:
-		funct.out_error(e)
 		con.rollback()
 		return False
 	finally: