v5.3.1.0

Changelog: https://haproxy-wi.org/changelog.py#5_3_1
2021-10-21 21:41:54 +06:00 · 2021-10-21 21:41:54 +06:00 · f40011bc4f
parent a4b4a33e5f
commit f40011bc4f
3 changed files with 67 additions and 34 deletions
--- a/api/api.py
+++ b/api/api.py
@ -19,8 +19,8 @@ _allow_headers = 'Authorization, Origin, Accept, Content-Type, X-Requested-With'


@hook('before_request')
-def check_login():
-	return api_funct.check_login()
+def check_login(required_service=0):
+	return api_funct.check_login(required_service=required_service)


@hook('after_request')
@ -38,7 +38,7 @@ def error_handler_500(error):
@route('/', method=['GET', 'POST'])
@route('/help', method=['GET', 'POST'])
 def index():
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 		
 	data = {
@ -55,10 +55,10 @@ def index():
 		'haproxy/<id,hostname,ip>/action/restart':'restart HAProxy service by id or hostname or ip. METHOD: GET',
 		'haproxy/<id,hostname,ip>/config':'get HAProxy config from the server by id or hostname or ip. METHOD: GET',
 		'haproxy/<id,hostname,ip>/log':'show HAProxy log by id or hostname or ip. May to have config next headers: rows(format INT) default: 10 grep, waf(if needs WAF log) default: 0, start_hour(format: 24) default: 00, start_minute, end_hour(format: 24) default: 24, end_minute. METHOD: GET',
-		'haproxy/<id,hostname,ip>/section':'show certain section, headers: section_name. METHOD: GET',
-		'haproxy/<id,hostname,ip>/section':'add section to the HAProxy config by id or hostname or ip. Has to have config header with section and action header for action after upload. Action header accepts next value: save, test, reload and restart. May be empty for just save. METHOD: POST',
-		'haproxy/<id,hostname,ip>/acl':'add acl to certain section. Must be JSON body: "section_name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: POST',
-		'haproxy/<id,hostname,ip>/acl':'delete acl to certain section. Must be JSON body: "section_name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: DELETE'
+		'haproxy/<id,hostname,ip>/section':'show certain section, headers: section-name. METHOD: GET',
+		'haproxy/<id,hostname,ip>/section/add':'add section to the HAProxy config by id or hostname or ip. Has to have config header with section and action header for action after upload. Section header must consist type: listen, frontend, etc. Action header accepts next value: save, test, reload and restart. Can be empty for just save. METHOD: POST',
+		'haproxy/<id,hostname,ip>/acl':'add acl to certain section. Must be JSON body: "section-name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: POST',
+		'haproxy/<id,hostname,ip>/acl':'delete acl to certain section. Must be JSON body: "section-name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: DELETE'
 	}
 	return dict(help=data)

@ -108,7 +108,7 @@ def callback():
@route('/haproxy/<haproxy_id>', method=['GET'])
@route('/haproxy/<haproxy_id:int>', method=['GET'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.get_server(haproxy_id)
 	
@ -116,7 +116,7 @@ def callback(haproxy_id):
@route('/haproxy/<haproxy_id>/status', method=['GET'])
@route('/haproxy/<haproxy_id:int>/status', method=['GET'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.get_status(haproxy_id)
 	
@ -124,7 +124,7 @@ def callback(haproxy_id):
@route('/haproxy/<haproxy_id>/action/<action:re:[a-z]+>', method=['GET'])
@route('/haproxy/<haproxy_id:int>/action/<action:re:[a-z]+>', method=['GET'])
 def callback(haproxy_id, action):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.actions(haproxy_id, action)
 	
@ -132,7 +132,7 @@ def callback(haproxy_id, action):
@route('/haproxy/<haproxy_id>/runtime', method=['POST'])
@route('/haproxy/<haproxy_id:int>/runtime', method=['POST'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.runtime(haproxy_id)
 	
@ -140,7 +140,7 @@ def callback(haproxy_id):
@route('/haproxy/<haproxy_id>/backends', method=['GET'])
@route('/haproxy/<haproxy_id:int>/backends', method=['GET'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.show_backends(haproxy_id)
 	
@ -148,7 +148,7 @@ def callback(haproxy_id):
@route('/haproxy/<haproxy_id>/config', method=['GET'])
@route('/haproxy/<haproxy_id:int>/config', method=['GET'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.get_config(haproxy_id)
 #
@ -156,7 +156,7 @@ def callback(haproxy_id):
 # @route('/haproxy/<haproxy_id>/config', method=['POST'])
 # @route('/haproxy/<haproxy_id:int>/config', method=['POST'])
 # def callback(haproxy_id):
-# 	if not check_login():
+# 	if not check_login(required_service=1):
 # 		return dict(error=_error_auth)
 # 	return api_funct.upload_config(haproxy_id)
 	
@ -164,36 +164,37 @@ def callback(haproxy_id):
@route('/haproxy/<haproxy_id>/log', method=['GET'])
@route('/haproxy/<haproxy_id:int>/log', method=['GET'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.show_log(haproxy_id)


@route('/haproxy/<haproxy_id>/section', method=['GET'])
 def get_section(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
+	print(str(request.headers.get('section-name')))
 	return api_funct.get_section(haproxy_id)


-@route('/haproxy/<haproxy_id>/section', method=['POST'])
-@route('/haproxy/<haproxy_id:int>/section', method=['POST'])
+@route('/haproxy/<haproxy_id>/section/add', method=['POST'])
+@route('/haproxy/<haproxy_id:int>/section/add', method=['POST'])
 def callback(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.add_to_config(haproxy_id)


@route('/haproxy/<haproxy_id>/acl', method=['POST'])
 def add_acl(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.add_acl(haproxy_id)


@route('/haproxy/<haproxy_id>/acl', method=['DELETE'])
 def add_acl(haproxy_id):
-	if not check_login():
+	if not check_login(required_service=1):
 		return dict(error=_error_auth)
 	return api_funct.del_acl(haproxy_id)

--- a/api/api_funct.py
+++ b/api/api_funct.py
@ -39,9 +39,22 @@ def get_token():
 			return False


-def check_login():
+def check_login(required_service=0):
 	token = request.headers.get('token')
-	return sql.get_api_token(token)
+	if sql.get_api_token(token):
+		if required_service != 0:
+			user_id = sql.get_user_id_by_api_token(token)
+			user_services = sql.select_user_services(user_id)
+
+			if str(required_service) in user_services:
+				return True
+			else:
+				return False
+
+		else:
+			return True
+	else:
+		return False


 def return_dict_from_out(server_id, out):
@ -214,7 +227,7 @@ def get_config(server_id):


 def get_section(server_id):
-	section_name = request.headers.get('section_name')
+	section_name = request.headers.get('section-name')
 	servers = check_permit_to_server(server_id)
 	for s in servers:
 		cfg = '/tmp/' + s[2] + '.cfg'
@ -239,6 +252,8 @@ def upload_config(server_id):
 		save = 'save'
 	elif save == 'restart':
 		save = ''
+	elif save == 'reload':
+		save = 'reload'

 	try:
 		servers = check_permit_to_server(server_id)
@ -253,8 +268,10 @@ def upload_config(server_id):
 				conf.write(body)
 			return_mess = 'config has been uploaded'
 			os.system("/bin/cp %s %s" % (cfg, cfg_for_save))
-			out = funct.upload_and_restart(ip, cfg, just_save=save)
-			funct.logging('localhost', " config has been uploaded via REST API", login=login)
+			out = funct.master_slave_upload_and_restart(ip, cfg, save, login=login)
+			funct.logging('localhost', " config has been uploaded via API", login=login)
+			funct.logging(ip, 'config has been uploaded via API', haproxywi=1, login=login,
+						  keep_history=1, service='haproxy')

 			if out:
 				return_mess = out
@ -354,7 +371,7 @@ def add_acl(server_id):
 	body = request.body.getvalue().decode('utf-8')
 	json_loads = json.loads(body)
 	save = json_loads['action']
-	section_name = json_loads['section_name']
+	section_name = json_loads['section-name']

 	acl = generate_acl(with_newline=1)
 	servers = check_permit_to_server(server_id)
@ -398,7 +415,7 @@ def del_acl(server_id):
 	body = request.body.getvalue().decode('utf-8')
 	json_loads = json.loads(body)
 	save = json_loads['action']
-	section_name = json_loads['section_name']
+	section_name = json_loads['section-name']

 	acl = generate_acl()
 	servers = check_permit_to_server(server_id)
--- a/app/funct.py
+++ b/app/funct.py
@ -135,7 +135,13 @@ def logging(server_ip, action, **kwargs):
 		user_uuid = cookie.get('uuid')
 		login = sql.get_user_name_by_uuid(user_uuid.value)
 	except Exception:
-		login = ''
+		login_name = kwargs.get('login')
+		try:
+			if len(login_name) > 1:
+				login = kwargs.get('login')
+		except:
+			login = ''
+

 	try:
 		if distro.id() == 'ubuntu':
@ -895,6 +901,11 @@ def upload_and_restart(server_ip, cfg, **kwargs):
 	else:
 		action = 'restart'

+	if kwargs.get('login'):
+		login = kwargs.get('login')
+	else:
+		login = 1
+
 	if service == "nginx":
 		config_path = sql.get_setting('nginx_config_path')
 		tmp_file = sql.get_setting('tmp_config_path') + "/" + get_data('config') + ".conf"
@ -976,12 +987,12 @@ def upload_and_restart(server_ip, cfg, **kwargs):
 		upload(server_ip, tmp_file, cfg, dir='fullpath')
 		try:
 			if action != 'test':
-				logging(server_ip, 'A new config file has been uploaded', login=1, keep_history=1,
-						service=service)
+				logging(server_ip, 'A new config file has been uploaded', login=login, keep_history=1, service=service)
 		except Exception as e:
 			logging('localhost', str(e), haproxywi=1)
 		# If master then save version of config in a new way
 		if not kwargs.get('slave'):
+			diff = ''
 			try:
 				diff = diff_config(kwargs.get('oldcfg'), cfg, return_diff=1)
 			except Exception as e:
@ -1000,8 +1011,7 @@ def upload_and_restart(server_ip, cfg, **kwargs):
 		error = ssh_command(server_ip, commands)
 		try:
 			if action == 'reload' or action == 'restart':
-				logging(server_ip, 'Service has been ' + action + 'ed', login=1, keep_history=1,
-						service=service)
+				logging(server_ip, 'Service has been ' + action + 'ed', login=login, keep_history=1, service=service)
 		except Exception as e:
 			logging('localhost', str(e), haproxywi=1)
 	except Exception as e:
@ -1019,7 +1029,12 @@ def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs):
 		if master[0] is not None:
 			error = upload_and_restart(master[0], cfg, just_save=just_save, nginx=kwargs.get('nginx'), slave=1)

-	error = upload_and_restart(server_ip, cfg, just_save=just_save, nginx=kwargs.get('nginx'), oldcfg=kwargs.get('oldcfg'))
+	if kwargs.get('login'):
+		login = kwargs.get('login')
+	else:
+		login = ''
+	error = upload_and_restart(server_ip, cfg, just_save=just_save,
+							   nginx=kwargs.get('nginx'), oldcfg=kwargs.get('oldcfg'), login=login)

 	return error