v4.4.2.0

Changelog: https://haproxy-wi.org/changelog.py#4_4_2

app/add.py

@@ -31,14 +31,14 @@ dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')
 white_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/white"
 black_dir = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+user_group+"/black"
 if not os.path.exists(dir):
-    os.makedirs(dir)
+	os.makedirs(dir)
 if not os.path.exists(dir+"/"+user_group):
-    os.makedirs(dir+"/"+user_group)
+	os.makedirs(dir+"/"+user_group)
 if not os.path.exists(white_dir):
-    os.makedirs(white_dir)
+	os.makedirs(white_dir)
 if not os.path.exists(black_dir):
-    os.makedirs(black_dir)
-	
+	os.makedirs(black_dir)
+
 white_lists = funct.get_files(dir=white_dir, format="lst")
 black_lists = funct.get_files(dir=black_dir, format="lst")
 
@@ -58,7 +58,7 @@ template = template.render(title = "Add: ",
 							token = token)										
 print(template)
 
-if form.getvalue('mode') is not None: 
+if form.getvalue('mode') is not None:
 	cert_path = sql.get_setting('cert_path')
 	haproxy_dir = sql.get_setting('haproxy_dir')
 	port = form.getvalue('port')
@@ -222,6 +222,7 @@ if form.getvalue('new_userlist') is not None:
 	config_add = "\n" + name + new_userlist_groups + new_users_list
 	
 try:
+	funct.check_is_server_in_group(serv)
 	if config_add:
 		hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir')
 		cfg = hap_configs_dir + serv + "-" + funct.get_data('config') + ".cfg"
@@ -250,5 +251,3 @@ try:
 		print('</div>')
 except:
 	pass
-
-	

app/funct.py

@@ -65,7 +65,7 @@ def get_user_group(**kwargs):
 		user_group = ''
 
 	return user_group
-			
+
 def logging(serv, action, **kwargs):
 	import sql
 	import http.cookies
@@ -1157,12 +1157,27 @@ def check_user_group(**kwargs):
 	if sql.check_user_group(user_id, group_id):
 		return True
 	else:
-		logging('localhost', ' has tried to actions in not own group ', haproxywi=1, login=1)
+		logging('localhost', ' has tried to actions in not his group ', haproxywi=1, login=1)
 		print('Atata!')
 		sys.exit()
 		return False
 
 
+def check_is_server_in_group(serv):
+	import sql
+	group_id = get_user_group(id=1)
+	servers = sql.select_servers(server=serv)
+	for s in servers:
+		if s[2] == serv and int(s[3]) == int(group_id):
+			return True
+		else:
+			logging('localhost', ' has tried to actions in not his group server ', haproxywi=1, login=1)
+			print('Atata!')
+			sys.exit()
+			return False
+
+
 def check_service(serv, service_name):
 	commands = [ "systemctl status "+service_name+" |grep Active |awk '{print $1}'" ]
 	return ssh_command(serv, commands)
+

app/hapservers.py

@@ -26,16 +26,18 @@ if service == 'nginx':
 	servers = sql.get_dick_permit(virt=1, nginx=1)
 	service = 'nginx'
 	if serv:
-		servers = sql.select_servers(server=serv)
-		autorefresh = 1
+		if funct.check_is_server_in_group(serv):
+			servers = sql.select_servers(server=serv)
+			autorefresh = 1
 else:
 	title = "HAProxy servers overview"
 	cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
 	keep_alive, stderr = funct.subprocess_execute(cmd)
 	service = 'haproxy'
 	if serv:
-		servers = sql.select_servers(server=serv)
-		autorefresh = 1
+		if funct.check_is_server_in_group(serv):
+			servers = sql.select_servers(server=serv)
+			autorefresh = 1
 	else:
 		servers = sql.get_dick_permit(virt=1, haproxy=1)
 	

app/overview.py

@@ -10,7 +10,7 @@ template = env.get_template('ovw.html')
 	
 print('Content-type: text/html\n')
 if create_db.check_db():
-	if create_db.create_table():	
+	if create_db.create_table():
 		create_db.update_all()
 create_db.update_all_silent()
 funct.check_login()
@@ -18,10 +18,7 @@ funct.check_login()
 try:
 	user, user_id, role, token, servers = funct.get_users_params()
 	groups = sql.select_groups()
-	import http.cookies
-	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
-	group = cookie.get('group')
-	user_group = group.value
+	user_group = funct.get_user_group(id=1)
 
 	if (role == 2 or role == 3) and int(user_group) != 1:
 		users = sql.select_users(group=user_group)