Pavel Loginov 5 years ago
parent 7b024f18f1
commit a7e6c0a324

@ -925,3 +925,16 @@ def get_users_params(**kwargs):
servers = sql.get_dick_permit() servers = sql.get_dick_permit()
return user, user_id, role, token, servers return user, user_id, role, token, servers
def check_group(group, role_id):
import http.cookies
import sql
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user_group = sql.get_user_group_by_uuid(user_id.value)
if user_group == group or user_group == '1' or role_id == 1:
return True
else:
logging('localhost', ' has tried to actions in not own group ', haproxywi=1, login=1)
return False

@ -378,7 +378,7 @@ if serv is not None and act == "stats":
data = response.content data = response.content
if form.getvalue('service') == 'nginx': if form.getvalue('service') == 'nginx':
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/')) env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ajax/nginx_stats.html') template = env.get_template('ajax/nginx_stats.html')
servers_with_status = list() servers_with_status = list()
@ -1112,11 +1112,11 @@ if form.getvalue('newuser') is not None:
activeuser = form.getvalue('activeuser') activeuser = form.getvalue('activeuser')
role_id = sql.get_role_id_by_name(role) role_id = sql.get_role_id_by_name(role)
if sql.check_group(group, role_id): if funct.check_group(group, role_id):
if funct.is_admin(level=role_id): if funct.is_admin(level=role_id):
if sql.add_user(new_user, email, password, role, group, activeuser): if sql.add_user(new_user, email, password, role, group, activeuser):
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/')) env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ajax/new_user.html') template = env.get_template('ajax/new_user.html')
template = template.render(users=sql.select_users(user=new_user), template = template.render(users=sql.select_users(user=new_user),
@ -1148,7 +1148,7 @@ if form.getvalue('updateuser') is not None:
activeuser = form.getvalue('activeuser') activeuser = form.getvalue('activeuser')
role_id = sql.get_role_id_by_name(role) role_id = sql.get_role_id_by_name(role)
if sql.check_group(group, role_id): if funct.check_group(group, role_id):
if funct.is_admin(level=role_id): if funct.is_admin(level=role_id):
sql.update_user(new_user, email, role, group, id, activeuser) sql.update_user(new_user, email, role, group, id, activeuser)
funct.logging(new_user, ' has updated user ', haproxywi=1, login=1) funct.logging(new_user, ' has updated user ', haproxywi=1, login=1)
@ -1184,7 +1184,7 @@ if form.getvalue('newserver') is not None:
if sql.add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx): if sql.add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx):
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/')) env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ajax/new_server.html') template = env.get_template('ajax/new_server.html')
template = template.render(groups = sql.select_groups(), template = template.render(groups = sql.select_groups(),

@ -1601,22 +1601,9 @@ def check_token():
sys.exit() sys.exit()
def check_group(group, role_id):
import http.cookies
import os
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user_group = get_user_group_by_uuid(user_id.value)
if user_group == group or user_group == '1' or role_id == 1:
return True
else:
funct.logging('localhost', ' has tried to actions in not own group ', haproxywi=1, login=1)
return False
def show_update_option(option): def show_update_option(option):
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/ajax')) env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True)
template = env.get_template('/new_option.html') template = env.get_template('/new_option.html')
print('Content-type: text/html\n') print('Content-type: text/html\n')
@ -1626,7 +1613,7 @@ def show_update_option(option):
def show_update_savedserver(server): def show_update_savedserver(server):
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/ajax')) env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True)
template = env.get_template('/new_saved_servers.html') template = env.get_template('/new_saved_servers.html')
print('Content-type: text/html\n') print('Content-type: text/html\n')

Loading…
Cancel
Save