From b0169331ce608a00bce0aa2ae4878a1905684f61 Mon Sep 17 00:00:00 2001
From: Pavel Loginov <buffoon2001@mail.ru>
Date: Tue, 11 Aug 2020 08:44:03 +0200
Subject: [PATCH] v4.4.2.0

Changelog: https://haproxy-wi.org/changelog.py#4_4_2
---
 app/funct.py            | 62 ++++++++++++++++++++++++++-----
 app/options.py          |  4 +-
 app/overview.py         | 82 +++++++++++++++++++++++++++++------------
 app/templates/base.html |  3 +-
 app/templates/logs.html | 16 ++++++--
 app/templates/ovw.html  | 26 ++++++++-----
 app/viewlogs.py         | 16 ++++++--
 inc/script.js           |  5 ++-
 8 files changed, 160 insertions(+), 54 deletions(-)

diff --git a/app/funct.py b/app/funct.py
index 4e59da07..b0a82ce5 100644
--- a/app/funct.py
+++ b/app/funct.py
@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 import cgi
-import os, sys
+import os
+import sys
 
 form = cgi.FieldStorage()
 serv = form.getvalue('serv')
@@ -59,6 +60,7 @@ def logging(serv, action, **kwargs):
 		IP = cgi.escape(os.environ["REMOTE_ADDR"])
 	except:
 		IP = ''
+
 	try:
 		user_uuid = cookie.get('uuid')
 		login = sql.get_user_name_by_uuid(user_uuid.value)
@@ -177,8 +179,10 @@ def is_admin(**kwargs):
 
 
 def page_for_admin(**kwargs):
-	give_level = 1
-	give_level = kwargs.get("level")
+	if kwargs.get("level"):
+		give_level = kwargs.get("level")
+	else:
+		give_level = 1
 		
 	if not is_admin(level=give_level):
 		print('<center><h3 style="color: red">How did you get here?! O_o You do not have need permissions</h>')
@@ -282,15 +286,34 @@ def get_config(serv, cfg, **kwargs):
 	
 	
 def diff_config(oldcfg, cfg):
+	import http.cookies
+	import sql
+	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
 	log_path = get_config_var('main', 'log_path')
 	diff = ""
 	date = get_data('date_in_log') 
 	cmd="/bin/diff -ub %s %s" % (oldcfg, cfg)
-	
+
+	try:
+		user_uuid = cookie.get('uuid')
+		login = sql.get_user_name_by_uuid(user_uuid.value)
+	except:
+		login = ''
+
+	try:
+		user_group_id = cookie.get('group')
+		user_group_id1 = user_group_id.value
+		groups = sql.select_groups(id=user_group_id1)
+		for g in groups:
+			if g[0] == int(user_group_id1):
+				user_group = g[1]
+	except:
+		user_group = ''
+
 	output, stderr = subprocess_execute(cmd)
 	
 	for line in output:
-		diff += date + " " + line + "\n"
+		diff += date + " user: " + login + ", group: " + user_group + " " + line + "\n"
 	try:		
 		log = open(log_path + "/config_edit-"+get_data('logs')+".log", "a")
 		log.write(diff)
@@ -330,7 +353,7 @@ def get_sections(config, **kwargs):
 					
 	return return_config
 		
-      
+
 def get_section_from_config(config, section):
 	record = False
 	start_line = ""
@@ -790,12 +813,12 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
 	date1 = hour1+':'+minut1
 	
 	if grep is not None:
-        	grep_act  = '|egrep "%s"' % grep
+		grep_act  = '|egrep "%s"' % grep
 	else:
 		grep_act = ''
 		
 	if exgrep is not None:
-        	exgrep_act  = '|egrep -v "%s"' % exgrep
+		exgrep_act  = '|egrep -v "%s"' % exgrep
 	else:
 		exgrep_act = ''
 
@@ -836,8 +859,27 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
 		
 		return show_log(output, grep=grep)
 	elif service == 'internal':
+		import http.cookies
+		cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+
+		try:
+			user_group_id = cookie.get('group')
+			user_group_id1 = user_group_id.value
+			groups = sql.select_groups(id=user_group_id1)
+			for g in groups:
+				if g[0] == int(user_group_id1):
+					user_group = g[1]
+		except:
+			user_group = ''
+
+		if user_group != '' and user_group != 'All':
+			user_grep = "|grep 'group: " + user_group + "'"
+		else:
+			user_grep = ''
+
 		log_path = get_config_var('main', 'log_path')
 		logs_files = get_files(log_path, format="log")
+
 		for key, value in logs_files:
 			if int(serv) == key:
 				serv = value
@@ -847,9 +889,9 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
 			sys.exit()
 			
 		if serv == 'backup.log':
-			cmd="cat %s| awk '$2>\"%s:00\" && $2<\"%s:00\"' |tail -%s %s %s" % (log_path + serv, date, date1, rows, grep_act, exgrep_act)
+			cmd="cat %s| awk '$2>\"%s:00\" && $2<\"%s:00\"' |tail -%s %s %s %s" % (log_path + serv, date, date1, rows, user_grep, grep_act, exgrep_act)
 		else:
-			cmd="cat %s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (log_path + serv, date, date1, rows, grep_act, exgrep_act)
+			cmd="cat %s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s %s" % (log_path + serv, date, date1, rows, user_grep, grep_act, exgrep_act)
 		
 		output, stderr = subprocess_execute(cmd)
 		
diff --git a/app/options.py b/app/options.py
index ecf64cdc..1ce0856f 100644
--- a/app/options.py
+++ b/app/options.py
@@ -681,8 +681,8 @@ if form.getvalue('viewlogs') is not None:
 
 
 if serv is not None and act == "showMap":
-	from datetime import datetime
-	from pytz import timezone
+	#from datetime import datetime
+	#from pytz import timezone
 	import networkx as nx
 	import matplotlib
 	matplotlib.use('Agg')
diff --git a/app/overview.py b/app/overview.py
index 6ffe4e03..b2674ced 100644
--- a/app/overview.py
+++ b/app/overview.py
@@ -17,37 +17,72 @@ funct.check_login()
 
 try:
 	user, user_id, role, token, servers = funct.get_users_params()
-	users = sql.select_users()
 	groups = sql.select_groups()
-	cmd = "ps ax |grep checker_mas |grep -v grep |wc -l"
-	checker_master, stderr = funct.subprocess_execute(cmd)
-	cmd = "ps ax |grep checker_worker |grep -v grep |wc -l"
-	checker_worker, stderr = funct.subprocess_execute(cmd)
+	import http.cookies
+	cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
+	group = cookie.get('group')
+	user_group = group.value
+
+	if (role == 2 or role == 3) and int(user_group) != 1:
+		users = sql.select_users(group=user_group)
+		servers_for_grep = ''
+		i = 0
+		servers_len = len(servers)
+
+		for s in servers:
+			i += 1
+			if i != servers_len:
+				servers_for_grep += s[2]+'|'
+			else:
+				servers_for_grep += s[2]
+
+		cmd = "ps ax |grep -e 'metrics_worker\|metrics_waf_worker.py'|grep -E %s|grep -v grep |wc -l" % servers_for_grep
+		metrics_worker, stderr = funct.subprocess_execute(cmd)
+		cmd = "ps ax |grep checker_worker|grep -E %s |grep -v grep |wc -l" % servers_for_grep
+		checker_worker, stderr = funct.subprocess_execute(cmd)
+		i = 0
+		for s in sql.select_alert(group=user_group):
+			i += 1
+		is_checker_worker = i
+		is_metrics_workers = sql.select_servers_metrics_for_master(group=user_group)
+		i = 0
+		for s in is_metrics_workers:
+			i += 1
+		is_metrics_worker = i
+		grafana = ''
+		prometheus = ''
+		host = ''
+	else:
+		users = sql.select_users()
+		cmd = "ps ax |grep -e 'metrics_worker\|metrics_waf_worker.py' |grep -v grep |wc -l"
+		metrics_worker, stderr = funct.subprocess_execute(cmd)
+		cmd = "ps ax |grep checker_worker |grep -v grep |wc -l"
+		checker_worker, stderr = funct.subprocess_execute(cmd)
+		i = 0
+		for s in sql.select_alert():
+			i += 1
+		is_checker_worker = i
+		is_metrics_workers = sql.select_servers_metrics_for_master()
+		i = 0
+		for s in is_metrics_workers:
+			i += 1
+		is_metrics_worker = i
+		cmd = "ps ax |grep grafana|grep -v grep|wc -l"
+		grafana, stderr = funct.subprocess_execute(cmd)
+		cmd = "ps ax |grep 'prometheus ' |grep -v grep|wc -l"
+		prometheus, stderr = funct.subprocess_execute(cmd)
+		host = os.environ.get('HTTP_HOST', '')
+
 	cmd = "ps ax |grep metrics_master |grep -v grep |wc -l"
 	metrics_master, stderr = funct.subprocess_execute(cmd)
-	cmd = "ps ax |grep -e 'metrics_worker\|metrics_waf_worker.py' |grep -v grep |wc -l"
-	metrics_worker, stderr = funct.subprocess_execute(cmd)
+	cmd = "ps ax |grep checker_mas |grep -v grep |wc -l"
+	checker_master, stderr = funct.subprocess_execute(cmd)
 	cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
 	keep_alive, stderr = funct.subprocess_execute(cmd)
 	cmd = "systemctl status smon |grep Act |awk  '{print $2}'"
 	smon, stderr = funct.subprocess_execute(cmd)
-	cmd = "ps ax |grep grafana|grep -v grep|wc -l"
-	grafana, stderr = funct.subprocess_execute(cmd)
-	cmd = "ps ax |grep 'prometheus ' |grep -v grep|wc -l"
-	prometheus, stderr = funct.subprocess_execute(cmd)
-	is_checker_workers = sql.select_alert()
-	i = 0
-	for s in sql.select_alert():
-		i += 1 
-	is_checker_worker = i
-	is_metrics_workers = sql.select_servers_metrics_for_master()
-	i = 0
-	for s in is_metrics_workers:
-		i += 1
-	is_metrics_worker = i
-	host = os.environ.get('HTTP_HOST', '')
 
-except:
+except Exception as e:
 	role = ''
 	user = ''
 	users = ''
@@ -69,7 +104,6 @@ except:
 	is_metrics_worker = ''
 	token = ''
 
-
 template = template.render(h2 = 1,
 							autorefresh = 1,
 							title = "Overview",
diff --git a/app/templates/base.html b/app/templates/base.html
index 0d0e7e8f..7bd2e130 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -110,9 +110,10 @@
 									<li><a href="/app/servers.py#users" title="Servers: Manage users - HAProxy-WI" class="users head-submenu">Users</a></li>
 									<li><a href="/app/servers.py#servers" title="Servers: Manage servers - HAProxy-WI" class="runtime head-submenu">Servers</a></li>
 									<li><a href="/app/servers.py#ssh" title="Servers: Manage SSH credentials - HAProxy-WI" class="admin head-submenu">SSH credentials</a></li>
-									<li><a href="/app/servers.py#settings" title="Admin area: Manage HAProxy-WI settings - HAProxy-WI" class="settings head-submenu">Settings</a></li>
+									<li><a href="/app/servers.py#settings" title="Servers: Manage HAProxy-WI settings - HAProxy-WI" class="settings head-submenu">Settings</a></li>
 									<li><a href="/app/servers.py#installproxy" title="Servers: Proxy service installation - HAProxy-WI" class="hap head-submenu">Proxy installation</a> </li>
 									<li><a href="/app/servers.py#installmon" title="Servers: Monitoring service installation - HAProxy-WI" class="hap1 head-submenu">Monitoring installation</a> </li>
+									<li><a href="/app/viewlogs.py?type=2" title="Servers: View internal logs - HAProxy-WI" class="logs head-submenu">Internal logs</a></li>
 									<li><a href="/app/servers.py#backup" title="Servers: Backup configs - HAProxy-WI" class="backup head-submenu">Backups</a> </li>
 								</ul>
 							</li>
diff --git a/app/templates/logs.html b/app/templates/logs.html
index a918289e..bffe5f45 100644
--- a/app/templates/logs.html
+++ b/app/templates/logs.html
@@ -32,10 +32,20 @@
 					<select autofocus required name="serv" id="{{ select_id }}">
 						<option disabled selected>Choose log</option>
 						{% for select in selects %}
-							{% if select.0|int() == serv|int() %}
-								<option value="{{ select.0 }}" selected>{{ select.1 }}</option>
+							{% if page == 'for_editor' %}
+								{% if select.1.startswith('haproxy-wi') or select.1.startswith('config_edit') %}
+									{% if select.0|int() == serv|int() %}
+										<option value="{{ select.0 }}" selected>{{ select.1 }}</option>
+									{% else %}
+										<option value="{{ select.0 }}">{{ select.1 }}</option>
+									{% endif %}
+								{% endif %}
 							{% else %}
-								<option value="{{ select.0 }}">{{ select.1 }}</option>
+								{% if select.0|int() == serv|int() %}
+									<option value="{{ select.0 }}" selected>{{ select.1 }}</option>
+								{% else %}
+									<option value="{{ select.0 }}">{{ select.1 }}</option>
+								{% endif %}
 							{% endif %}
 						{% endfor %}
 					</select>
diff --git a/app/templates/ovw.html b/app/templates/ovw.html
index 188f6c19..32cfc9f0 100644
--- a/app/templates/ovw.html
+++ b/app/templates/ovw.html
@@ -142,8 +142,8 @@
 		{% if metrics_worker|int() >= 1 %}
 			<span title="running {{metrics_worker}} worker processes"><span class="serverUp server-status"></span></span>
 		{% else %}
-			{% if is_metrics_worker|int == 0 %}
-			<span title="There is not jobs for metrics"><span class="serverNone server-status"></span></span>
+			{% if is_metrics_worker|int() == 0 %}
+			<span title="There is not job for metrics"><span class="serverNone server-status"></span></span>
 			{% else %}
 			<span title="running {{is_checker_worker}} worker processes"><span class="serverDown server-status"></span></span>
 			{% endif %}
@@ -160,8 +160,8 @@
 		{% if checker_worker|int() >= 1 %}
 			<span title="running {{ checker_worker }} worker processes"><span class="serverUp server-status"></span></span>
 		{% else %}
-			{% if is_checker_worker|int == 0 %}
-			<span title="There is not jobs for checker"><span class="serverNone server-status"></span> </span>
+			{% if is_checker_worker|int() == 0 %}
+			<span title="There is not job for checker"><span class="serverNone server-status"></span> </span>
 			{% else %}
 			<span title="running {{ checker_worker }} worker processes"><span class="serverDown server-status"></span> </span>
 			{% endif %}
@@ -196,6 +196,7 @@
 		</td>		
 	</tr>
 	<tr>
+		{% if role == 1 %}
 		<td class="padding10 first-collumn-wi">
 		{% if grafana|int() >= 1 %}
 			<span title="running {{grafana}} process"><span class="serverUp server-status"></span></span> 
@@ -212,10 +213,11 @@
 			<span title="The service does not started or does not installed"><span class="serverNone server-status" title="The service does not started or does not installed"></span></span> 
 		{% endif %}
 				<span>Prometheus</span>
-		</td>	
+		</td>
+		{% endif %}
 	</tr>
 </table>
-{% if role <= 1 %}
+{% if role <= 2 %}
 	<table class="overview-wi">
 		<tr class="overviewHead">
 			<td class="padding10 first-collumn-wi">Login</td>
@@ -228,14 +230,19 @@
 					</span>
 				</span>
 			</td>
-		</tr>		
+		</tr>
+		{% if role == 2 %}
+			{% set admin_uri = 'servers.py' %}
+		{% elif role == 1 %}
+			{% set admin_uri = 'users.py' %}
+		{% endif %}
 		{% set counter = 0 %}
 		{% for USER in users %}
 			{% set counter = counter + loop.index0 %}
 			{% if counter <= 2 %}
 				<tr class="{{ loop.cycle('odd', 'even') }}">
 					<td class="padding10 first-collumn-wi"> 
-						<a href="users.py#users" title="Edit user" class="logs_link div-pic">
+						<a href="{{admin_uri}}#users" title="Edit user" class="logs_link div-pic">
 							{{ USER.1 }}							
 						</a>
 					</td>
@@ -267,7 +274,8 @@
 			{% endif %}
 		{% endfor %}
 	</table>
-	
+{% endif %}
+{% if role <= 1 %}
 	<table class="overview-wi">
 		<tr class="overviewHead">
 			<td class="padding10 first-collumn-wi">Group</td> 
diff --git a/app/viewlogs.py b/app/viewlogs.py
index b4e6c2e8..91a17188 100644
--- a/app/viewlogs.py
+++ b/app/viewlogs.py
@@ -31,7 +31,12 @@ minut1 = form.getvalue('minut1')
 
 print('Content-type: text/html\n')
 funct.check_login()
-funct.page_for_admin()
+if form.getvalue('type') == '2':
+	funct.page_for_admin(level=2)
+	page = 'for_editor'
+else:
+	funct.page_for_admin()
+	page = ''
 
 log_path = funct.get_config_var('main', 'log_path')
 time_storage = sql.get_setting('log_time_storage')
@@ -60,9 +65,11 @@ except:
 	pass
 
 selects = funct.get_files(log_path, format="log")
-selects.append(['fail2ban.log', 'fail2ban.log'])
-selects.append(['haproxy-wi.error.log', 'error.log'])
-selects.append(['haproxy-wi.access.log', 'access.log'])
+if form.getvalue('type') is None:
+	selects.append(['fail2ban.log', 'fail2ban.log'])
+	selects.append(['haproxy-wi.error.log', 'error.log'])
+	selects.append(['haproxy-wi.access.log', 'access.log'])
+
 output_from_parsed_template = template.render(h2=1,
                                               autorefresh=1,
                                               title="View internal logs",
@@ -78,5 +85,6 @@ output_from_parsed_template = template.render(h2=1,
                                               minut=minut,
                                               minut1=minut1,
                                               versions=funct.versions(),
+											  page = page,
                                               token=token)
 print(output_from_parsed_template)
diff --git a/inc/script.js b/inc/script.js
index 98bcd806..14a3a753 100644
--- a/inc/script.js
+++ b/inc/script.js
@@ -544,6 +544,8 @@ function viewLogs() {
 		var hour1 = $('#time_range_out_hour1').val()
 		var minut1 = $('#time_range_out_minut1').val()
 		var viewlogs = $('#viewlogs').val()
+		var type = findGetParameter('type')
+		console.log(type)
 		if (viewlogs == null){
 			viewlogs = findGetParameter('viewlogs')
 		}	
@@ -570,7 +572,8 @@ function viewLogs() {
 						'&hour=' + hour +
 						'&minut=' + minut +
 						'&hour1=' + hour1 +
-						'&minut1=' + minut1);
+						'&minut1=' + minut1 +
+						'&type=' + type);
 			}					
 		} );
 	}