diff --git a/app/login.py b/app/login.py index a0db3f9e..9846e1a6 100644 --- a/app/login.py +++ b/app/login.py @@ -147,7 +147,7 @@ if login is not None and password is not None: for users in USERS: if users[7] == 0: print("Content-type: text/html\n") - print('
Your login is disabled


') + print('Your login is disabled') sys.exit() if users[6] == 1: if login in users[1]: diff --git a/app/options.py b/app/options.py index 4c831b2c..da5ebbf5 100644 --- a/app/options.py +++ b/app/options.py @@ -48,32 +48,6 @@ if form.getvalue('getcert') is not None and serv is not None: except: print('
Can not connect to the server
') -if form.getvalue('ssh_cert'): - name = form.getvalue('name') - - if not os.path.exists(os.getcwd()+'/keys/'): - os.makedirs(os.getcwd()+'/keys/') - - ssh_keys = os.path.dirname(os.getcwd())+'/keys/'+name+'.pem' - - try: - with open(ssh_keys, "w") as conf: - conf.write(form.getvalue('ssh_cert')) - except IOError: - print('
Can\'t save ssh keys file. Check ssh keys path in config
') - else: - print('
Ssh key was save into: %s
' % ssh_keys) - - try: - cmd = 'chmod 600 %s' % ssh_keys - funct.subprocess_execute(cmd) - except IOError as e: - funct.logging('localhost', e.args[0], haproxywi=1) - - try: - funct.logging("local", "users.py#ssh upload new ssh cert %s" % ssh_keys) - except: - pass if serv and form.getvalue('ssl_cert'): #cert_local_dir = funct.get_config_var('main', 'cert_local_dir') @@ -1024,3 +998,320 @@ if form.getvalue('change_waf_mode'): commands = [ "sudo sed -i 's/^SecRuleEngine.*/SecRuleEngine %s/' %s/waf/modsecurity.conf " % (waf_mode, haproxy_dir) ] funct.ssh_command(serv, commands) funct.logging(serv, 'Was changed WAF mod to '+waf_mode, haproxywi=1, login=1) + + +error_mess = 'All fields must be completed X' + + +if form.getvalue('newuser') is not None: + email = form.getvalue('newemail') + password = form.getvalue('newpassword') + role = form.getvalue('newrole') + group = form.getvalue('newgroupuser') + new_user = form.getvalue('newusername') + page = form.getvalue('page') + activeuser = form.getvalue('activeuser') + role_id = sql.get_role_id_by_name(role) + + if sql.check_group(group, role_id): + if funct.is_admin(level=role_id): + if sql.add_user(new_user, email, password, role, group, activeuser): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/')) + template = env.get_template('ajax/new_user.html') + + template = template.render(users=sql.select_users(user=new_user), + groups=sql.select_groups(), + page=page, + roles=sql.select_roles()) + print(template) + funct.logging('a new user '+new_user, ' has created ', haproxywi=1, login=1) + else: + funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1) + + +if form.getvalue('userdel') is not None: + userdel = form.getvalue('userdel') + user = sql.select_users(id=userdel) + for u in user: + username = u[1] + if sql.delete_user(userdel): + funct.logging(username, ' has deleted user ', haproxywi=1, login=1) + print("Ok") + + +if form.getvalue('updateuser') is not None: + email = form.getvalue('email') + role = form.getvalue('role') + group = form.getvalue('usergroup') + new_user = form.getvalue('updateuser') + id = form.getvalue('id') + activeuser = form.getvalue('activeuser') + role_id = sql.get_role_id_by_name(role) + + if sql.check_group(group, role_id): + if funct.is_admin(level=role_id): + sql.update_user(new_user, email, role, group, id, activeuser) + funct.logging(new_user, ' has updated user ', haproxywi=1, login=1) + else: + funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1) + + +if form.getvalue('updatepassowrd') is not None: + password = form.getvalue('updatepassowrd') + id = form.getvalue('id') + user = sql.select_users(id=id) + for u in user: + username = u[1] + sql.update_user_password(password, id) + funct.logging('user '+username, ' has changed password ', haproxywi=1, login=1) + print("Ok") + + +if form.getvalue('newserver') is not None: + hostname = form.getvalue('servername') + ip = form.getvalue('newip') + group = form.getvalue('newservergroup') + typeip = form.getvalue('typeip') + enable = form.getvalue('enable') + master = form.getvalue('slave') + cred = form.getvalue('cred') + alert = form.getvalue('alert_en') + metrics = form.getvalue('metrics') + page = form.getvalue('page') + page = page.split("#")[0] + port = form.getvalue('newport') + desc = form.getvalue('desc') + active = form.getvalue('active') + + if sql.add_server(hostname, ip, group, typeip, enable, master, cred, alert, metrics, port, desc, active): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/')) + template = env.get_template('ajax/new_server.html') + + template = template.render(groups = sql.select_groups(), + servers = sql.select_servers(server=ip), + roles = sql.select_roles(), + masters = sql.select_servers(get_master_servers=1), + sshs = sql.select_ssh(), + page = page) + print(template) + funct.logging('a new server '+hostname, ' has created ', haproxywi=1, login=1) + + +if form.getvalue('updateserver') is not None: + name = form.getvalue('updateserver') + ip = form.getvalue('ip') + group = form.getvalue('servergroup') + typeip = form.getvalue('typeip') + enable = form.getvalue('enable') + master = form.getvalue('slave') + id = form.getvalue('id') + cred = form.getvalue('cred') + alert = form.getvalue('alert_en') + metrics = form.getvalue('metrics') + port = form.getvalue('port') + desc = form.getvalue('desc') + active = form.getvalue('active') + if name is None or ip is None or port is None: + print(error_mess) + else: + sql.update_server(name, ip, group, typeip, enable, master, id, cred, alert, metrics, port, desc, active) + funct.logging('the server '+name, ' has updated ', haproxywi=1, login=1) + + +if form.getvalue('serverdel') is not None: + serverdel = form.getvalue('serverdel') + server = sql.select_servers(id=serverdel) + for s in server: + hostname = s[1] + if sql.delete_server(serverdel): + sql.delete_waf_server(serverdel) + print("Ok") + funct.logging(hostname, ' has deleted server with ', haproxywi=1, login=1) + + +if form.getvalue('newgroup') is not None: + newgroup = form.getvalue('groupname') + desc = form.getvalue('newdesc') + if newgroup is None: + print(error_mess) + else: + if sql.add_group(newgroup, desc): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/ajax/')) + template = env.get_template('/new_group.html') + + output_from_parsed_template = template.render(groups = sql.select_groups(group=newgroup)) + print(output_from_parsed_template) + funct.logging('a new group '+newgroup, ' created ', haproxywi=1, login=1) + + +if form.getvalue('groupdel') is not None: + groupdel = form.getvalue('groupdel') + group = sql.select_groups(id=groupdel) + for g in group: + groupname = g[1] + if sql.delete_group(groupdel): + print("Ok") + funct.logging(groupname, ' has deleted group ', haproxywi=1, login=1) + + +if form.getvalue('updategroup') is not None: + name = form.getvalue('updategroup') + descript = form.getvalue('descript') + id = form.getvalue('id') + if name is None: + print(error_mess) + else: + group = sql.select_groups(id=id) + for g in group: + groupname = g[1] + sql.update_group(name, descript, id) + funct.logging('the group '+groupname, ' has update ', haproxywi=1, login=1) + + +if form.getvalue('new_ssh'): + name = form.getvalue('new_ssh') + enable = form.getvalue('ssh_enable') + group = form.getvalue('new_group') + username = form.getvalue('ssh_user') + password = form.getvalue('ssh_pass') + page = form.getvalue('page') + page = page.split("#")[0] + if username is None or name is None: + print(error_mess) + else: + if sql.insert_new_ssh(name, enable, group, username, password): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/ajax')) + template = env.get_template('/new_ssh.html') + output_from_parsed_template = template.render(groups = sql.select_groups(), sshs = sql.select_ssh(name=name),page=page) + print(output_from_parsed_template) + funct.logging(name, ' has created a new SSH credentials ', haproxywi=1, login=1) + + +if form.getvalue('sshdel') is not None: + fullpath = funct.get_config_var('main', 'fullpath') + sshdel = form.getvalue('sshdel') + + for sshs in sql.select_ssh(id=sshdel): + ssh_enable = sshs[2] + name = sshs[1] + ssh_key_name = fullpath+'/keys/%s.pem' % sshs[1] + + if ssh_enable == 1: + cmd = 'rm -f %s' % ssh_key_name + try: + funct.subprocess_execute(cmd) + except: + pass + if sql.delete_ssh(sshdel): + print("Ok") + funct.logging(name, ' has deleted the SSH credentials ', haproxywi=1, login=1) + + +if form.getvalue('updatessh'): + id = form.getvalue('id') + name = form.getvalue('name') + enable = form.getvalue('ssh_enable') + group = form.getvalue('group') + username = form.getvalue('ssh_user') + password = form.getvalue('ssh_pass') + + if username is None: + print(error_mess) + else: + + fullpath = funct.get_config_var('main', 'fullpath') + + for sshs in sql.select_ssh(id=id): + ssh_enable = sshs[2] + ssh_key_name = fullpath+'/keys/%s.pem' % sshs[1] + new_ssh_key_name = fullpath+'/keys/%s.pem' % name + + if ssh_enable == 1: + cmd = 'mv %s %s' % (ssh_key_name, new_ssh_key_name) + cmd1 = 'chmod 600 %s' % new_ssh_key_name + try: + funct.subprocess_execute(cmd) + funct.subprocess_execute(cmd1) + except: + pass + sql.update_ssh(id, name, enable, group, username, password) + funct.logging('the SSH '+name, ' has updated credentials ', haproxywi=1, login=1) + + +if form.getvalue('ssh_cert'): + name = form.getvalue('name') + + if not os.path.exists(os.getcwd()+'/keys/'): + os.makedirs(os.getcwd()+'/keys/') + + ssh_keys = os.path.dirname(os.getcwd())+'/keys/'+name+'.pem' + + try: + with open(ssh_keys, "w") as conf: + conf.write(form.getvalue('ssh_cert')) + except IOError: + print('
Can\'t save ssh keys file. Check ssh keys path in config
') + else: + print('
Ssh key was save into: %s
' % ssh_keys) + + try: + cmd = 'chmod 600 %s' % ssh_keys + funct.subprocess_execute(cmd) + except IOError as e: + funct.logging('localhost', e.args[0], haproxywi=1) + + funct.logging("localhost", " upload a new SSH cert %s" % ssh_keys, haproxywi=1, login=1) + + +if form.getvalue('newtelegram'): + token = form.getvalue('newtelegram') + channel = form.getvalue('chanel') + group = form.getvalue('telegramgroup') + page = form.getvalue('page') + page = page.split("#")[0] + + if token is None or channel is None or group is None: + print(error_mess) + else: + if sql.insert_new_telegram(token, channel, group): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/ajax')) + template = env.get_template('/new_telegram.html') + output_from_parsed_template = template.render(groups = sql.select_groups(), telegrams = sql.select_telegram(token=token),page=page) + print(output_from_parsed_template) + funct.logging(channel, ' has created a new Telegram channel ', haproxywi=1, login=1) + + +if form.getvalue('telegramdel') is not None: + telegramdel = form.getvalue('telegramdel') + telegram = sql.select_telegram(id=telegramdel) + for t in telegram: + telegram_name = t[1] + if sql.delete_telegram(telegramdel): + print("Ok") + funct.logging(telegram_name, ' has deleted the Telegram channel ', haproxywi=1, login=1) + + +if form.getvalue('updatetoken') is not None: + token = form.getvalue('updatetoken') + channel = form.getvalue('updategchanel') + group = form.getvalue('updategroup') + id = form.getvalue('id') + if token is None or channel is None or group is None: + print(error_mess) + else: + sql.update_telegram(token, channel, group, id) + funct.logging('group '+group, ' telegram token has updated channel: '+channel, haproxywi=1, login=1) + + +if form.getvalue('updatesettings') is not None: + settings = form.getvalue('updatesettings') + val = form.getvalue('val') + if sql.update_setting(settings, val): + funct.logging('value '+val, ' changed settings '+settings, haproxywi=1, login=1) + print("Ok") + \ No newline at end of file diff --git a/app/overview.py b/app/overview.py index 033321fd..143603a4 100644 --- a/app/overview.py +++ b/app/overview.py @@ -36,7 +36,21 @@ try: servers = sql.get_dick_permit() except: role = '' - pass + user = '' + users = '' + groups = '' + roles = '' + metrics_master = '' + metrics_worker = '' + checker_master = '' + checker_worker = '' + keep_alive = '' + api = '' + date = '' + error = '' + versions = '' + haproxy_wi_log = '' + servers = '' template = template.render(h2 = 1, diff --git a/app/sql.py b/app/sql.py index fd113d71..b3a72524 100644 --- a/app/sql.py +++ b/app/sql.py @@ -231,11 +231,14 @@ def update_server_master(master, slave): cur.close() con.close() + def select_users(**kwargs): con, cur = get_cur() sql = """select * from user ORDER BY id""" if kwargs.get("user") is not None: sql = """select * from user where username='%s' """ % kwargs.get("user") + if kwargs.get("id") is not None: + sql = """select * from user where id='%s' """ % kwargs.get("id") try: cur.execute(sql) except sqltool.Error as e: @@ -245,11 +248,14 @@ def select_users(**kwargs): cur.close() con.close() + def select_groups(**kwargs): con, cur = get_cur() sql = """select * from groups ORDER BY id""" if kwargs.get("group") is not None: sql = """select * from groups where name='%s' """ % kwargs.get("group") + if kwargs.get("id") is not None: + sql = """select * from groups where id='%s' """ % kwargs.get("id") try: cur.execute(sql) except sqltool.Error as e: @@ -259,6 +265,7 @@ def select_groups(**kwargs): cur.close() con.close() + def select_user_name_group(id): con, cur = get_cur() sql = """select name from groups where id='%s' """ % id @@ -705,14 +712,6 @@ def check_exists_backup(server): cur.close() con.close() -def show_update_ssh(name, page): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax')) - template = env.get_template('/new_ssh.html') - - print('Content-type: text/html\n') - output_from_parsed_template = template.render(groups = select_groups(), sshs = select_ssh(name=name),page=page) - print(output_from_parsed_template) def insert_new_telegram(token, chanel, group): con, cur = get_cur() @@ -728,6 +727,7 @@ def insert_new_telegram(token, chanel, group): cur.close() con.close() + def delete_telegram(id): con, cur = get_cur() sql = """ delete from telegram where id = %s """ % (id) @@ -742,6 +742,7 @@ def delete_telegram(id): cur.close() con.close() + def select_telegram(**kwargs): con, cur = get_cur() sql = """select * from telegram """ @@ -749,6 +750,8 @@ def select_telegram(**kwargs): sql = """select * from telegram where groups = '%s' """ % kwargs.get('group') if kwargs.get('token'): sql = """select * from telegram where token = '%s' """ % kwargs.get('token') + if kwargs.get('id'): + sql = """select * from telegram where id = '%s' """ % kwargs.get('id') try: cur.execute(sql) except sqltool.Error as e: @@ -758,6 +761,7 @@ def select_telegram(**kwargs): cur.close() con.close() + def insert_new_telegram(token, chanel, group): con, cur = get_cur() sql = """insert into telegram(`token`, `chanel_name`, `groups`) values ('%s', '%s', '%s') """ % (token, chanel, group) @@ -772,6 +776,7 @@ def insert_new_telegram(token, chanel, group): cur.close() con.close() + def update_telegram(token, chanel, group, id): con, cur = get_cur() sql = """ update telegram set @@ -788,6 +793,7 @@ def update_telegram(token, chanel, group, id): cur.close() con.close() + def insert_new_option(option, group): con, cur = get_cur() sql = """insert into options(`options`, `groups`) values ('%s', '%s') """ % (option, group) @@ -802,6 +808,7 @@ def insert_new_option(option, group): cur.close() con.close() + def select_options(**kwargs): con, cur = get_cur() sql = """select * from options """ @@ -818,6 +825,7 @@ def select_options(**kwargs): cur.close() con.close() + def update_options(option, id): con, cur = get_cur() sql = """ update options set @@ -832,6 +840,7 @@ def update_options(option, id): cur.close() con.close() + def delete_option(id): con, cur = get_cur() sql = """ delete from options where id = %s """ % (id) @@ -861,6 +870,7 @@ def insert_new_savedserver(server, description, group): cur.close() con.close() + def select_saved_servers(**kwargs): con, cur = get_cur() sql = """select * from saved_servers """ @@ -877,6 +887,7 @@ def select_saved_servers(**kwargs): cur.close() con.close() + def update_savedserver(server, description, id): con, cur = get_cur() sql = """ update saved_servers set @@ -892,6 +903,7 @@ def update_savedserver(server, description, id): cur.close() con.close() + def delete_savedserver(id): con, cur = get_cur() sql = """ delete from saved_servers where id = %s """ % (id) @@ -922,6 +934,7 @@ def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate): cur.close() con.close() + def select_waf_metrics_enable(id): con, cur = get_cur() sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where server_id = '%s' """ % id @@ -934,6 +947,7 @@ def select_waf_metrics_enable(id): cur.close() con.close() + def select_waf_metrics_enable_server(ip): con, cur = get_cur() sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where ip = '%s' """ % ip @@ -996,6 +1010,7 @@ def select_waf_servers_metrics(uuid, **kwargs): cur.close() con.close() + def select_waf_metrics(serv, **kwargs): con, cur = get_cur() sql = """ select * from (select * from waf_metrics where serv = '%s' order by `date` desc limit 60) order by `date`""" % serv @@ -1008,6 +1023,7 @@ def select_waf_metrics(serv, **kwargs): cur.close() con.close() + def insert_waf_metrics_enable(serv, enable): con, cur = get_cur() sql = """ insert into waf (server_id, metrics) values((select id from servers where ip = '%s'), '%s') """ % (serv, enable) @@ -1020,6 +1036,7 @@ def insert_waf_metrics_enable(serv, enable): cur.close() con.close() + def delete_waf_server(id): con, cur = get_cur() sql = """ delete from waf where server_id = '%s' """ % id @@ -1032,6 +1049,7 @@ def delete_waf_server(id): cur.close() con.close() + def insert_waf_mentrics(serv, conn): con, cur = get_cur() if mysql_enable == '1': @@ -1047,6 +1065,7 @@ def insert_waf_mentrics(serv, conn): cur.close() con.close() + def delete_waf_mentrics(): con, cur = get_cur() if mysql_enable == '1': @@ -1062,6 +1081,7 @@ def delete_waf_mentrics(): cur.close() con.close() + def update_waf_metrics_enable(name, enable): con, cur = get_cur() sql = """ update waf set metrics = %s where server_id = (select id from servers where hostname = '%s') """ % (enable, name) @@ -1074,6 +1094,7 @@ def update_waf_metrics_enable(name, enable): cur.close() con.close() + def delete_mentrics(): con, cur = get_cur() if mysql_enable == '1': @@ -1089,6 +1110,7 @@ def delete_mentrics(): cur.close() con.close() + def select_metrics(serv, **kwargs): con, cur = get_cur() sql = """ select * from (select * from metrics where serv = '%s' order by `date` desc limit 60) order by `date` """ % serv @@ -1101,6 +1123,7 @@ def select_metrics(serv, **kwargs): cur.close() con.close() + def select_servers_metrics_for_master(): con, cur = get_cur() sql = """select ip from servers where metrics = 1 """ @@ -1113,6 +1136,7 @@ def select_servers_metrics_for_master(): cur.close() con.close() + def select_servers_metrics(uuid, **kwargs): con, cur = get_cur() sql = """ select * from user where username = '%s' """ % get_user_name_by_uuid(uuid) @@ -1136,6 +1160,7 @@ def select_servers_metrics(uuid, **kwargs): cur.close() con.close() + def select_table_metrics(uuid): con, cur = get_cur() groups = "" @@ -1351,6 +1376,7 @@ def select_table_metrics(uuid): cur.close() con.close() + def get_setting(param, **kwargs): con, cur = get_cur() sql = """select value from `settings` where param='%s' """ % param @@ -1369,6 +1395,7 @@ def get_setting(param, **kwargs): cur.close() con.close() + def update_setting(param, val): con, cur = get_cur() sql = """update `settings` set `value` = '%s' where param = '%s' """ % (val, param) @@ -1396,70 +1423,7 @@ def get_ver(): return ver[0] cur.close() con.close() - -def show_update_option(option): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax')) - template = env.get_template('/new_option.html') - print('Content-type: text/html\n') - template = template.render(options=select_options(option=option)) - print(template) - - -def show_update_savedserver(server): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax')) - template = env.get_template('/new_saved_servers.html') - - print('Content-type: text/html\n') - template = template.render(server=select_saved_servers(server=server)) - print(template) - - -def show_update_telegram(token, page): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax')) - template = env.get_template('/new_telegram.html') - - print('Content-type: text/html\n') - output_from_parsed_template = template.render(groups = select_groups(), telegrams = select_telegram(token=token),page=page) - print(output_from_parsed_template) - -def show_update_user(user,page): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/')) - template = env.get_template('ajax/new_user.html') - - print('Content-type: text/html\n') - template = template.render(users = select_users(user=user), - groups = select_groups(), - page=page, - roles = select_roles()) - print(template) - -def show_update_server(server, page): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/')) - template = env.get_template('ajax/new_server.html') - - print('Content-type: text/html\n') - output_from_parsed_template = template.render(groups = select_groups(), - servers = select_servers(server=server), - roles = select_roles(), - masters = select_servers(get_master_servers=1), - sshs = select_ssh(), - page = page) - print(output_from_parsed_template) - -def show_update_group(group): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax/')) - template = env.get_template('/new_group.html') - - print('Content-type: text/html\n') - output_from_parsed_template = template.render(groups = select_groups(group=group)) - print(output_from_parsed_template) def select_roles(**kwargs): con, cur = get_cur() @@ -1543,257 +1507,28 @@ def check_group(group, role_id): if user_group == group or user_group == '1' or role_id == 1: return True else: - funct.logging(new_user, ' tried to change user group', haproxywi=1, login=1) + funct.logging('localhost', ' has tried to actions in not own group ', haproxywi=1, login=1) return False + +def show_update_option(option): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/ajax')) + template = env.get_template('/new_option.html') -if form.getvalue('newuser') is not None: - email = form.getvalue('newemail') - password = form.getvalue('newpassword') - role = form.getvalue('newrole') - group = form.getvalue('newgroupuser') - new_user = form.getvalue('newusername') - page = form.getvalue('page') - activeuser = form.getvalue('activeuser') - check_token() - if password is None or role is None or group is None: - print(error_mess) - else: - role_id = get_role_id_by_name(role) - if check_group(group, role_id): - if funct.is_admin(level=role_id): - if add_user(new_user, email, password, role, group, activeuser): - show_update_user(new_user, page) - funct.logging('a new user '+new_user, ' created ', haproxywi=1, login=1) - else: - funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1) - + print('Content-type: text/html\n') + template = template.render(options=select_options(option=option)) + print(template) -if form.getvalue('updateuser') is not None: - email = form.getvalue('email') - role = form.getvalue('role') - group = form.getvalue('usergroup') - new_user = form.getvalue('updateuser') - id = form.getvalue('id') - activeuser = form.getvalue('activeuser') - check_token() - if new_user is None or role is None or group is None: - print('Content-type: text/html\n') - print(error_mess) - else: - role_id = get_role_id_by_name(role) - if check_group(group, role_id): - if funct.is_admin(level=role_id): - update_user(new_user, email, role, group, id, activeuser) - funct.logging('user with id '+id, ' user '+new_user+' updated ', haproxywi=1, login=1) - else: - funct.logging(new_user, ' tried to privilege escalation', haproxywi=1, login=1) - +def show_update_savedserver(server): + from jinja2 import Environment, FileSystemLoader + env = Environment(loader=FileSystemLoader('templates/ajax')) + template = env.get_template('/new_saved_servers.html') - -if form.getvalue('updatepassowrd') is not None: - password = form.getvalue('updatepassowrd') - id = form.getvalue('id') print('Content-type: text/html\n') - check_token() - if password is None or id is None: - print(error_mess) - else: - update_user_password(password, id) - funct.logging('user with id '+id, ' changed password ', haproxywi=1, login=1) - print("Ok") - - -if form.getvalue('userdel') is not None: - print('Content-type: text/html\n') - userdel = form.getvalue('userdel') - check_token() - if delete_user(userdel): - print("Ok") - - -if form.getvalue('newserver') is not None: - hostname = form.getvalue('servername') - ip = form.getvalue('newip') - group = form.getvalue('newservergroup') - typeip = form.getvalue('typeip') - enable = form.getvalue('enable') - master = form.getvalue('slave') - cred = form.getvalue('cred') - alert = form.getvalue('alert_en') - metrics = form.getvalue('metrics') - page = form.getvalue('page') - page = page.split("#")[0] - port = form.getvalue('newport') - desc = form.getvalue('desc') - active = form.getvalue('active') - print('Content-type: text/html\n') - check_token() - if ip is None or group is None or cred is None or port is None: - print(error_mess) - else: - if add_server(hostname, ip, group, typeip, enable, master, cred, alert, metrics, port, desc, active): - show_update_server(ip, page) - #funct.logging('a new server '+hostname, ' created ', haproxywi=1, login=1) - - -if form.getvalue('serverdel') is not None: - print('Content-type: text/html\n') - check_token() - serverdel = form.getvalue('serverdel') - if delete_server(serverdel): - delete_waf_server(serverdel) - print("Ok") - - -if form.getvalue('newgroup') is not None: - newgroup = form.getvalue('groupname') - desc = form.getvalue('newdesc') - print('Content-type: text/html\n') - check_token() - if newgroup is None: - print(error_mess) - else: - if add_group(newgroup, desc): - show_update_group(newgroup) - funct.logging('a new group '+newgroup, ' created ', haproxywi=1, login=1) - - -if form.getvalue('groupdel') is not None: - print('Content-type: text/html\n') - check_token() - groupdel = form.getvalue('groupdel') - if delete_group(groupdel): - print("Ok") - - -if form.getvalue('updategroup') is not None: - name = form.getvalue('updategroup') - descript = form.getvalue('descript') - id = form.getvalue('id') - print('Content-type: text/html\n') - check_token() - if name is None: - print(error_mess) - else: - update_group(name, descript, id) - funct.logging('the group '+name, ' update ', haproxywi=1, login=1) - - -if form.getvalue('updateserver') is not None: - name = form.getvalue('updateserver') - ip = form.getvalue('ip') - group = form.getvalue('servergroup') - typeip = form.getvalue('typeip') - enable = form.getvalue('enable') - master = form.getvalue('slave') - id = form.getvalue('id') - cred = form.getvalue('cred') - alert = form.getvalue('alert_en') - metrics = form.getvalue('metrics') - port = form.getvalue('port') - desc = form.getvalue('desc') - active = form.getvalue('active') - print('Content-type: text/html\n') - check_token() - if name is None or ip is None or port is None: - print(error_mess) - else: - update_server(name, ip, group, typeip, enable, master, id, cred, alert, metrics, port, desc, active) - funct.logging('the server '+name, ' updated ', haproxywi=1, login=1) - - -if form.getvalue('updatessh'): - id = form.getvalue('id') - name = form.getvalue('name') - enable = form.getvalue('ssh_enable') - group = form.getvalue('group') - username = form.getvalue('ssh_user') - password = form.getvalue('ssh_pass') - check_token() - print('Content-type: text/html\n') - if username is None: - print(error_mess) - else: - import funct - fullpath = funct.get_config_var('main', 'fullpath') - - for sshs in select_ssh(id=id): - ssh_enable = sshs[2] - ssh_key_name = fullpath+'/keys/%s.pem' % sshs[1] - new_ssh_key_name = fullpath+'/keys/%s.pem' % name - - if ssh_enable == 1: - cmd = 'mv %s %s' % (ssh_key_name, new_ssh_key_name) - cmd1 = 'chmod 600 %s' % new_ssh_key_name - try: - funct.subprocess_execute(cmd) - funct.subprocess_execute(cmd1) - except: - pass - update_ssh(id, name, enable, group, username, password) - funct.logging('the SSH '+name, ' updated ', haproxywi=1, login=1) - - -if form.getvalue('new_ssh'): - name = form.getvalue('new_ssh') - enable = form.getvalue('ssh_enable') - group = form.getvalue('new_group') - username = form.getvalue('ssh_user') - password = form.getvalue('ssh_pass') - page = form.getvalue('page') - page = page.split("#")[0] - check_token() - if username is None or name is None: - print('Content-type: text/html\n') - print(error_mess) - else: - if insert_new_ssh(name, enable, group, username, password): - show_update_ssh(name, page) - - -if form.getvalue('sshdel') is not None: - import funct - print('Content-type: text/html\n') - check_token() - fullpath = funct.get_config_var('main', 'fullpath') - sshdel = form.getvalue('sshdel') - - for sshs in select_ssh(id=sshdel): - ssh_enable = sshs[2] - ssh_key_name = fullpath+'/keys/%s.pem' % sshs[1] - - if ssh_enable == 1: - cmd = 'rm -f %s' % ssh_key_name - try: - funct.subprocess_execute(cmd) - except: - pass - if delete_ssh(sshdel): - print("Ok") - - -if form.getvalue('newtelegram'): - token = form.getvalue('newtelegram') - chanel = form.getvalue('chanel') - group = form.getvalue('telegramgroup') - page = form.getvalue('page') - page = page.split("#")[0] - check_token() - if token is None or chanel is None or group is None: - print('Content-type: text/html\n') - print(error_mess) - else: - if insert_new_telegram(token, chanel, group): - show_update_telegram(token, page) - - -if form.getvalue('telegramdel') is not None: - print('Content-type: text/html\n') - check_token() - if delete_telegram(form.getvalue('telegramdel')): - print("Ok") + template = template.render(server=select_saved_servers(server=server)) + print(template) if form.getvalue('getoption'): @@ -1892,26 +1627,3 @@ if form.getvalue('savedserverdel') is not None: check_token() if delete_savedserver(form.getvalue('savedserverdel')): print("Ok") - - -if form.getvalue('updatetoken') is not None: - token = form.getvalue('updatetoken') - chanel = form.getvalue('updategchanel') - group = form.getvalue('updategroup') - id = form.getvalue('id') - print('Content-type: text/html\n') - if token is None or chanel is None or group is None: - print(error_mess) - else: - update_telegram(token, chanel, group, id) - funct.logging('group '+group, ' telegram token was updated channel: '+chanel, haproxywi=1, login=1) - - -if form.getvalue('updatesettings') is not None: - print('Content-type: text/html\n') - settings = form.getvalue('updatesettings') - val = form.getvalue('val') - check_token() - if update_setting(settings, val): - funct.logging('value '+val, ' changed settings '+settings, haproxywi=1, login=1) - print("Ok") diff --git a/app/templates/add.html b/app/templates/add.html index cb7a2fce..6f39fa32 100644 --- a/app/templates/add.html +++ b/app/templates/add.html @@ -781,7 +781,7 @@ h3 { In this section you can create and edit black and white lists. And after use them in the HAProxy configs or in the "Add proxy" pages
- diff --git a/app/templates/include/add_proxy.html b/app/templates/include/add_proxy.html index 84f54a36..a1f23e86 100644 --- a/app/templates/include/add_proxy.html +++ b/app/templates/include/add_proxy.html @@ -1,4 +1,13 @@ -
+{% if add %} +
+
+ X +
+

{{ add }} was success added

+ {{ conf_add }} +
+{% endif %} +
@@ -126,10 +135,4 @@
- {% if add %} -
-

{{ add }} was success added

- {{ conf_add }} -
- {% endif %}
\ No newline at end of file diff --git a/app/templates/login.html b/app/templates/login.html index 37c2d571..36df67fd 100644 --- a/app/templates/login.html +++ b/app/templates/login.html @@ -23,7 +23,6 @@ body, .container {
{{error_log}} {{error}} - {{db_create}}
diff --git a/inc/add.js b/inc/add.js index d0db2e40..2e6c3671 100644 --- a/inc/add.js +++ b/inc/add.js @@ -2,6 +2,10 @@ var ssl_offloading_var = "http-request set-header X-Forwarded-Port %[dst_port] \ "http-request add-header X-Forwarded-Proto https if { ssl_fc } \n"+ "redirect scheme https if !{ ssl_fc } \n" $( function() { + $('#close').click(function(){ + $('.alert-success').remove(); + $('.alert-danger').remove(); + }); $( "#listen-mode-select" ).on('selectmenuchange',function() { if ($( "#listen-mode-select option:selected" ).val() == "tcp") { $( "#https-listen-span" ).hide("fast"); @@ -1146,4 +1150,84 @@ function change_select_waf(id) { } } } ); +} +function createList(color) { + if(color == 'white') { + list = $('#new_whitelist_name').val() + } else { + list = $('#new_blacklist_name').val() + } + $.ajax( { + url: "options.py", + data: { + bwlists_create: list, + color: color, + group: $('#group').val(), + token: $('#token').val() + }, + type: "POST", + success: function( data ) { + $("#ajax").html(data); + setTimeout(function() { + location.reload(); + }, 2500 ); + } + } ); +} +function editList(list, color) { + $.ajax( { + url: "options.py", + data: { + bwlists: list, + color: color, + group: $('#group').val(), + token: $('#token').val() + }, + type: "POST", + success: function( data ) { + if (data.indexOf('danger') != '-1') { + $("#ajax").html(data); + } else { + $('.alert-danger').remove(); + $('#edit_lists').text(data); + $( "#dialog-confirm-cert-edit" ).dialog({ + resizable: false, + height: "auto", + width: 650, + modal: true, + title: "Edit "+color+" list "+list, + buttons: { + "Just save": function() { + $( this ).dialog( "close" ); + saveList('save', list, color); + }, + "Save and restart": function() { + $( this ).dialog( "close" ); + saveList('restart', list, color); + }, + Cancel: function() { + $( this ).dialog( "close" ); + } + } + }); + } + } + } ); +} +function saveList(action, list, color) { + $.ajax( { + url: "options.py", + data: { + bwlists_save: list, + bwlists_content: $('#edit_lists').val(), + color: color, + group: $('#group').val(), + bwlists_restart: action, + token: $('#token').val() + }, + type: "POST", + success: function( data ) { + $("#ajax").html(data); + } + } ); } \ No newline at end of file diff --git a/inc/script.js b/inc/script.js index 4405ed51..e6a7c048 100644 --- a/inc/script.js +++ b/inc/script.js @@ -601,6 +601,9 @@ $( function() { success: function( data ) { if (data.indexOf('ok') != '-1') { window.location.replace(ref); + } else if (data.indexOf('disabled') != '-1') { + $('.alert').show(); + $('.alert').html(data); } else if (data.indexOf('ban') != '-1') { ban(); } @@ -796,86 +799,6 @@ function replace_text(id_textarea, text_var) { var text_val = str.substring(0, beg) + str.substring(end, len); $(id_textarea).text(text_val); } -function createList(color) { - if(color == 'white') { - list = $('#new_whitelist_name').val() - } else { - list = $('#new_blacklist_name').val() - } - $.ajax( { - url: "options.py", - data: { - bwlists_create: list, - color: color, - group: $('#group').val(), - token: $('#token').val() - }, - type: "POST", - success: function( data ) { - $("#ajax").html(data); - setTimeout(function() { - location.reload(); - }, 2500 ); - } - } ); -} -function editList(list, color) { - $.ajax( { - url: "options.py", - data: { - bwlists: list, - color: color, - group: $('#group').val(), - token: $('#token').val() - }, - type: "POST", - success: function( data ) { - if (data.indexOf('danger') != '-1') { - $("#ajax").html(data); - } else { - $('.alert-danger').remove(); - $('#edit_lists').text(data); - $( "#dialog-confirm" ).dialog({ - resizable: false, - height: "auto", - width: 650, - modal: true, - title: "Edit "+color+" list "+list, - buttons: { - "Just save": function() { - $( this ).dialog( "close" ); - saveList('save', list, color); - }, - "Save and restart": function() { - $( this ).dialog( "close" ); - saveList('restart', list, color); - }, - Cancel: function() { - $( this ).dialog( "close" ); - } - } - }); - } - } - } ); -} -function saveList(action, list, color) { - $.ajax( { - url: "options.py", - data: { - bwlists_save: list, - bwlists_content: $('#edit_lists').val(), - color: color, - group: $('#group').val(), - bwlists_restart: action, - token: $('#token').val() - }, - type: "POST", - success: function( data ) { - $("#ajax").html(data); - } - } ); -} function createHistroy() { try { var get_history_array = JSON.parse(Cookies.get('history')); @@ -922,4 +845,4 @@ function listHistroy() { Cookies.set('history', JSON.stringify(browse_history), { expires: 1, path: '/app' }); } createHistroy() -listHistroy() \ No newline at end of file +listHistroy() diff --git a/inc/users.js b/inc/users.js index 67eb724b..919fad5e 100644 --- a/inc/users.js +++ b/inc/users.js @@ -240,7 +240,7 @@ $( function() { $('#error').remove(); $('.alert-danger').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { newgroup: "1", groupname: $('#new-group-add').val(), @@ -274,7 +274,7 @@ $( function() { ssh_enable = '1'; } $.ajax( { - url: "sql.py", + url: "options.py", data: { new_ssh: $('#new-ssh-add').val(), new_group: $('#new-sshgroup').val(), @@ -315,7 +315,7 @@ $( function() { $('#error').remove(); $('.alert-danger').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { newtelegram: $('#telegram-token-add').val(), chanel: $('#telegram-chanel-add').val(), @@ -582,7 +582,7 @@ function addUser() { } if (valid) { $.ajax( { - url: "sql.py", + url: "options.py", data: { newuser: "1", newusername: $('#new-username').val(), @@ -648,7 +648,7 @@ function addServer() { valid = valid && checkLength( $('#new-port'), "Port", 1 ); if (valid) { $.ajax( { - url: "sql.py", + url: "options.py", data: { newserver: "1", servername: servername, @@ -679,14 +679,14 @@ function addServer() { $('.alert-danger').remove(); $("#ajax-servers").append(data); $(".newserver").addClass( "update", 1000 ); - setTimeout(function() { - $( ".newserver" ).removeClass( "update" ); - }, 2500 ); $( "input[type=submit], button" ).button(); $( "input[type=checkbox]" ).checkboxradio(); $( ".controlgroup" ).controlgroup(); $( "select" ).selectmenu(); - $.getScript(awesome); + $.getScript(awesome); + setTimeout(function() { + $( ".newserver" ).removeClass( "update" ); + }, 2500 ); } } } ); @@ -749,7 +749,7 @@ function addBackup() { function updateSettings(param, val) { $('.alert-danger').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { updatesettings: param, val: val, @@ -977,7 +977,7 @@ function cloneBackup(id) { function removeUser(id) { $("#user-"+id).css("background-color", "#f2dede"); $.ajax( { - url: "sql.py", + url: "options.py", data: { userdel: id, token: $('#token').val() @@ -994,7 +994,7 @@ function removeUser(id) { function removeServer(id) { $("#server-"+id).css("background-color", "#f2dede"); $.ajax( { - url: "sql.py", + url: "options.py", data: { serverdel: id, token: $('#token').val() @@ -1011,7 +1011,7 @@ function removeServer(id) { function removeGroup(id) { $("#group-"+id).css("background-color", "#f2dede"); $.ajax( { - url: "sql.py", + url: "options.py", data: { groupdel: id, token: $('#token').val() @@ -1030,7 +1030,7 @@ function removeGroup(id) { function removeSsh(id) { $("#ssh-table-"+id).css("background-color", "#f2dede"); $.ajax( { - url: "sql.py", + url: "options.py", data: { sshdel: id, token: $('#token').val() @@ -1049,7 +1049,7 @@ function removeSsh(id) { function removeTelegram(id) { $("#telegram-table-"+id).css("background-color", "#f2dede"); $.ajax( { - url: "sql.py", + url: "options.py", data: { telegramdel: id, token: $('#token').val() @@ -1097,7 +1097,7 @@ function updateUser(id) { activeuser = '1'; } $.ajax( { - url: "sql.py", + url: "options.py", data: { updateuser: $('#login-'+id).val(), email: $('#email-'+id).val(), @@ -1129,7 +1129,7 @@ function updateUser(id) { function updateGroup(id) { $('#error').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { updategroup: $('#name-'+id).val(), descript: $('#descript-'+id).val(), @@ -1184,7 +1184,7 @@ function updateServer(id) { servergroup = $('#servergroup-'+id).val(); } $.ajax( { - url: "sql.py", + url: "options.py", data: { updateserver: $('#hostname-'+id).val(), ip: $('#ip-'+id).val(), @@ -1254,7 +1254,7 @@ function updateSSH(id) { ssh_enable = '1'; } $.ajax( { - url: "sql.py", + url: "options.py", data: { updatessh: 1, name: $('#ssh_name-'+id).val(), @@ -1291,7 +1291,7 @@ function updateSSH(id) { function updateTelegram(id) { $('#error').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { updatetoken: $('#telegram-token-'+id).val(), updategchanel: $('#telegram-chanel-'+id).val(), @@ -1453,7 +1453,7 @@ function changeUserPassword(id, d) { $('#missmatchpass').hide(); $('#error').remove(); $.ajax( { - url: "sql.py", + url: "options.py", data: { updatepassowrd: pass, id: id,