NussNougate/crafty-4
2
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2025-01-19 01:35:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use error_data for additional info EVERYWHERE

Browse Source
This commit is contained in:
= 2024-09-18 16:10:29 -04:00
parent 1167e46077
commit 2d5d31cb6e
48 changed files with 986 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/classes/web/base_api_handler.py
View File

@ -11,7 +11,14 @@ class BaseApiHandler(BaseHandler):
# {{{ 405 Method Not Allowed as JSON
def _unimplemented_method(self, *_args: str, **_kwargs: str) -> None:
self.finish_json(405, {"status": "error", "error": "METHOD_NOT_ALLOWED"})
self.finish_json(
405,
{
"status": "error",
"error": "METHOD_NOT_ALLOWED",
"error_data": "METHOD NOT ALLOWED",
},
)
head = _unimplemented_method # type: Callable[..., Optional[Awaitable[None]]]
get = _unimplemented_method # type: Callable[..., Optional[Awaitable[None]]]

6
app/classes/web/public_handler.py
View File

@ -261,7 +261,11 @@ class PublicHandler(BaseHandler):
)
return self.finish_json(
403,
{"status": "error", "error": error_msg},
{
"status": "error",
"error": "INVALID CREDENTIALS",
"error_data": error_msg,
},
)
else:
self.redirect("/login?")

21
app/classes/web/routes/api/auth/login.py
View File

@ -68,7 +68,12 @@ class ApiAuthLoginHandler(BaseApiHandler):
)
return self.finish_json(
401,
{"status": "error", "error": "INCORRECT_CREDENTIALS", "token": None},
{
"status": "error",
"error": "INCORRECT_CREDENTIALS",
"error_data": "INVALID CREDENTIALS",
"token": None,
},
)
if not user_data.enabled:
@ -78,7 +83,13 @@ class ApiAuthLoginHandler(BaseApiHandler):
f" IP {self.get_remote_ip()} account disabled"
)
self.finish_json(
403, {"status": "error", "error": "ACCOUNT_DISABLED", "token": None}
403,
{
"status": "error",
"error": "ACCOUNT_DISABLED",
"error_data": "ACCOUNT DISABLED",
"token": None,
},
)
return
@ -123,5 +134,9 @@ class ApiAuthLoginHandler(BaseApiHandler):
)
self.finish_json(
401,
{"status": "error", "error": "INCORRECT_CREDENTIALS"},
{
"status": "error",
"error": "INCORRECT_CREDENTIALS",
"error_data": "INCORRECT CREDENTIALS",
},
)

9
app/classes/web/routes/api/crafty/announcements/index.py
View File

@ -115,7 +115,14 @@ class ApiAnnounceIndexHandler(BaseApiHandler):
if str(data["id"]) in str(res):
cleared_notifs.append(data["id"])
else:
self.finish_json(200, {"status": "error", "error": "INVALID_DATA"})
self.finish_json(
200,
{
"status": "error",
"error": "INVALID_DATA",
"error_data": "INVALID NOTIFICATION ID",
},
)
return
updata = {"cleared_notifs": ",".join(cleared_notifs)}
self.controller.users.update_user(auth_data[4]["user_id"], updata)

11
app/classes/web/routes/api/crafty/clogs/index.py
View File

@ -18,7 +18,16 @@ class ApiCraftyLogIndexHandler(BaseApiHandler):
) = auth_data
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
log_types = ["audit", "session", "schedule"]
if log_type not in log_types:

55
app/classes/web/routes/api/crafty/config/index.py
View File

@ -169,7 +169,16 @@ class ApiCraftyConfigIndexHandler(BaseApiHandler):
get_only_ids = self.get_query_argument("ids", None) == "true"
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,
@ -192,7 +201,16 @@ class ApiCraftyConfigIndexHandler(BaseApiHandler):
(_, _, _, superuser, user, _) = auth_data
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = orjson.loads(self.request.body)
@ -255,7 +273,16 @@ class ApiCraftyCustomizeIndexHandler(BaseApiHandler):
get_only_ids = self.get_query_argument("ids", None) == "true"
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,
@ -284,7 +311,16 @@ class ApiCraftyCustomizeIndexHandler(BaseApiHandler):
_,
) = auth_data
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = orjson.loads(self.request.body)
@ -350,7 +386,16 @@ class ApiCraftyCustomizeIndexHandler(BaseApiHandler):
return
if not auth_data[4]["superuser"]:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)

31
app/classes/web/routes/api/crafty/config/server_dir.py
View File

@ -31,7 +31,16 @@ class ApiCraftyConfigServerDirHandler(BaseApiHandler):
get_only_ids = self.get_query_argument("ids", None) == "true"
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,
@ -61,10 +70,26 @@ class ApiCraftyConfigServerDirHandler(BaseApiHandler):
) = auth_data
if not auth_data:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": "NOT AUTHORIZED",
},
)
if not auth_data[4]["superuser"]:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if self.helper.is_env_docker():
raise NotImplementedError

9
app/classes/web/routes/api/crafty/exe_cache.py
View File

@ -16,7 +16,14 @@ class ApiCraftyJarCacheIndexHandler(BaseApiHandler):
) = auth_data
if not auth_data[4]["superuser"]:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": "NOT A SUPER USER",
},
)
self.controller.big_bucket.manual_refresh_cache()
self.finish_json(

9
app/classes/web/routes/api/crafty/imports/index.py
View File

@ -52,7 +52,14 @@ class ApiImportFilesIndexHandler(BaseApiHandler):
and not auth_data[4]["superuser"]
):
# if the user doesn't have Files or Backup permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": "INSUFFICEN PERMISSIONS",
},
)
try:
data = json.loads(self.request.body)

22
app/classes/web/routes/api/crafty/upload/index.py
View File

@ -47,7 +47,14 @@ class ApiFilesUploadHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(
400, {"status": "error", "error": "NOT_AUTHORIZED"}
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
@ -60,7 +67,14 @@ class ApiFilesUploadHandler(BaseApiHandler):
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(
400, {"status": "error", "error": "NOT_AUTHORIZED"}
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
u_type = "server_upload"
@ -111,9 +125,9 @@ class ApiFilesUploadHandler(BaseApiHandler):
try:
file_size = int(self.request.headers.get("fileSize", None))
total_chunks = int(self.request.headers.get("totalChunks", 0))
except TypeError:
except TypeError as why:
return self.finish_json(
400, {"status": "error", "error": "TYPE ERROR", "data": {}}
400, {"status": "error", "error": "TYPE ERROR", "error_data": {why}}
)
self.chunk_index = self.request.headers.get("chunkId")
if u_type == "server_upload":

7
app/classes/web/routes/api/not_found.py
View File

@ -6,7 +6,12 @@ class ApiNotFoundHandler(BaseApiHandler):
def _not_found(self, page: str) -> None:
self.finish_json(
404,
{"status": "error", "error": "API_HANDLER_NOT_FOUND", "page": page},
{
"status": "error",
"error": "API_HANDLER_NOT_FOUND",
"error_data": f"{page} not found",
"page": page,
},
)
head = _not_found # type: Callable[..., Optional[Awaitable[None]]]

29
app/classes/web/routes/api/roles/index.py
View File

@ -97,7 +97,16 @@ class ApiRolesIndexHandler(BaseApiHandler):
not superuser
and EnumPermissionsCrafty.ROLES_CONFIG not in exec_user_permissions_crafty
):
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,
@ -130,7 +139,16 @@ class ApiRolesIndexHandler(BaseApiHandler):
not superuser
and EnumPermissionsCrafty.ROLES_CONFIG not in exec_user_permissions_crafty
):
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = orjson.loads(self.request.body)
@ -183,7 +201,12 @@ class ApiRolesIndexHandler(BaseApiHandler):
if self.controller.roles.get_roleid_by_name(role_name) is not None:
return self.finish_json(
400, {"status": "error", "error": "ROLE_NAME_ALREADY_EXISTS"}
400,
{
"status": "error",
"error": "ROLE_NAME_ALREADY_EXISTS",
"error_data": "UNIQUE VALUE ERROR",
},
)
role_id = self.controller.roles.add_role_advanced(role_name, servers, manager)

38
app/classes/web/routes/api/roles/role/index.py
View File

@ -93,15 +93,26 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
not superuser
and EnumPermissionsCrafty.ROLES_CONFIG not in exec_user_permissions_crafty
):
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
self.finish_json(
200,
{"status": "ok", "data": self.controller.roles.get_role(role_id)},
)
except DoesNotExist:
self.finish_json(404, {"status": "error", "error": "ROLE_NOT_FOUND"})
except DoesNotExist as why:
self.finish_json(
404, {"status": "error", "error": "ROLE_NOT_FOUND", "error_data": why}
)
def delete(self, role_id: str):
auth_data = self.authenticate_user()
@ -120,7 +131,16 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
str(role.get("manager", "no manager found")) != str(auth_data[4]["user_id"])
and not superuser
):
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.controller.roles.remove_role(role_id)
@ -206,11 +226,13 @@ class ApiRolesRoleIndexHandler(BaseApiHandler):
data.get("servers", None),
manager,
)
except DoesNotExist:
return self.finish_json(404, {"status": "error", "error": "ROLE_NOT_FOUND"})
except IntegrityError:
except DoesNotExist as why:
return self.finish_json(
404, {"status": "error", "error": "ROLE_NAME_EXISTS"}
404, {"status": "error", "error": "ROLE_NOT_FOUND", "error_data": why}
)
except IntegrityError as why:
return self.finish_json(
404, {"status": "error", "error": "ROLE_NAME_EXISTS", "error_data": why}
)
self.controller.management.add_to_audit_log(
user["user_id"],

11
app/classes/web/routes/api/roles/role/servers.py
View File

@ -20,7 +20,16 @@ class ApiRolesRoleServersHandler(BaseApiHandler):
get_only_ids = self.get_query_argument("ids", None) == "true"
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,

11
app/classes/web/routes/api/roles/role/users.py
View File

@ -16,7 +16,16 @@ class ApiRolesRoleUsersHandler(BaseApiHandler):
) = auth_data
if not superuser:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
all_user_ids = self.controller.users.get_all_user_ids()

18
app/classes/web/routes/api/servers/index.py
View File

@ -818,7 +818,16 @@ class ApiServersIndexHandler(BaseApiHandler):
) = auth_data
if EnumPermissionsCrafty.SERVER_CREATION not in exec_user_crafty_permissions:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = orjson.loads(self.request.body)
@ -858,7 +867,12 @@ class ApiServersIndexHandler(BaseApiHandler):
port = 19132
if port > 65535 or port < 1:
self.finish_json(
405, {"status": "error", "error": "DATA CONSTRAINT FAILED"}
405,
{
"status": "error",
"error": "DATA CONSTRAINT FAILED",
"error_data": "1 - 65535",
},
)
return
new_server_id = self.controller.create_api_server(data, user["user_id"])

29
app/classes/web/routes/api/servers/server/action.py
View File

@ -18,7 +18,16 @@ class ApiServersServerActionHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -28,7 +37,16 @@ class ApiServersServerActionHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.COMMANDS not in server_permissions:
# if the user doesn't have Commands permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if action == "clone_server":
if (
@ -49,7 +67,12 @@ class ApiServersServerActionHandler(BaseApiHandler):
self._clone_server(server_id, auth_data[4]["user_id"])
return self.finish_json(200, {"status": "ok"})
return self.finish_json(
200, {"status": "error", "error": "SERVER_LIMIT_REACHED"}
200,
{
"status": "error",
"error": "SERVER_LIMIT_REACHED",
"error_data": "LIMIT REACHED",
},
)
if action == "eula":
return self._agree_eula(server_id, auth_data[4]["user_id"])

5
app/classes/web/routes/api/servers/server/backups/backup/index.py
View File

@ -272,7 +272,8 @@ class ApiServersServerBackupsBackupIndexHandler(BaseApiHandler):
temp_dir = Helpers.unzip_backup_archive(backup_location, zip_name)
except (FileNotFoundError, NotADirectoryError) as e:
return self.finish_json(
400, {"status": "error", "error": f"NO BACKUP FOUND {e}"}
400,
{"status": "error", "error": "NO BACKUP FOUND", "error_data": e},
)
if server_data["type"] == "minecraft-java":
new_server = self.controller.restore_java_zip_server(
@ -518,7 +519,7 @@ class ApiServersServerBackupsBackupFilesIndexHandler(BaseApiHandler):
)
except Exception as e:
return self.finish_json(
400, {"status": "error", "error": f"DELETE FAILED with error {e}"}
400, {"status": "error", "error": "DELETE FAILED", "error_data": e}
)
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],

33
app/classes/web/routes/api/servers/server/backups/index.py
View File

@ -107,7 +107,16 @@ class ApiServersServerBackupsIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.BACKUP not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200, self.controller.management.get_backups_by_server(server_id)
)
@ -148,7 +157,16 @@ class ApiServersServerBackupsIndexHandler(BaseApiHandler):
)
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -158,7 +176,16 @@ class ApiServersServerBackupsIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.BACKUP not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
# Set the backup location automatically for non-super users. We should probably
# make the default location configurable for SU eventually
if not auth_data[4]["superuser"]:

158
app/classes/web/routes/api/servers/server/files.py
View File

@ -125,7 +125,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -138,7 +147,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
and EnumPermissionsServer.BACKUP not in server_permissions
):
# if the user doesn't have Files or Backup permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
@ -256,7 +274,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -266,7 +293,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:
@ -313,7 +349,9 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
# but not a true boolean value
if proc == True: # pylint: disable=singleton-comparison
return self.finish_json(200, {"status": "ok"})
return self.finish_json(500, {"status": "error", "error": str(proc)})
return self.finish_json(
500, {"status": "error", "error": "SERVER RUNNING", "error_data": str(proc)}
)
def patch(self, server_id: str, _backup_id):
auth_data = self.authenticate_user()
@ -322,7 +360,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -332,7 +379,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:
@ -384,7 +440,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -394,7 +459,16 @@ class ApiServersServerFilesIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:
@ -459,7 +533,16 @@ class ApiServersServerFilesCreateHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -469,7 +552,16 @@ class ApiServersServerFilesCreateHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:
@ -533,7 +625,16 @@ class ApiServersServerFilesCreateHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -543,7 +644,16 @@ class ApiServersServerFilesCreateHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:
@ -608,7 +718,16 @@ class ApiServersServerFilesZipHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -618,7 +737,16 @@ class ApiServersServerFilesZipHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.FILES not in server_permissions:
# if the user doesn't have Files permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
except json.decoder.JSONDecodeError as e:

11
app/classes/web/routes/api/servers/server/history.py
View File

@ -14,7 +14,16 @@ class ApiServersServerHistoryHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
srv = ServersController().get_server_instance_by_id(server_id)
history = srv.get_server_history()

62
app/classes/web/routes/api/servers/server/index.py
View File

@ -186,7 +186,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
server_obj = self.controller.servers.get_server_obj(server_id)
server = model_to_dict(server_obj)
@ -233,7 +242,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -243,7 +261,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Config permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
server_obj = self.controller.servers.get_server_obj(server_id)
java_flag = False
@ -257,7 +284,12 @@ class ApiServersServerIndexHandler(BaseApiHandler):
setattr(server_obj, "execution_command", command)
except ValueError:
return self.finish_json(
400, {"status": "error", "error": "INVALID EXECUTION COMMAND"}
400,
{
"status": "error",
"error": "INVALID EXECUTION COMMAND",
"error_data": "INVALID COMMAND",
},
)
java_flag = True
@ -286,7 +318,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -296,7 +337,16 @@ class ApiServersServerIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Config permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
logger.info(
(

22
app/classes/web/routes/api/servers/server/logs.py
View File

@ -29,7 +29,16 @@ class ApiServersServerLogsHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -39,7 +48,16 @@ class ApiServersServerLogsHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.LOGS not in server_permissions:
# if the user doesn't have Logs permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
server_data = self.controller.servers.get_server_data_by_id(server_id)

11
app/classes/web/routes/api/servers/server/stats.py
View File

@ -14,7 +14,16 @@ class ApiServersServerStatsHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
srv = ServersController().get_server_instance_by_id(server_id)
latest = srv.stats_helper.get_latest_server_stats()

39
app/classes/web/routes/api/servers/server/stdin.py
View File

@ -15,7 +15,16 @@ class ApiServersServerStdinHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -25,7 +34,16 @@ class ApiServersServerStdinHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.COMMANDS not in server_permissions:
# if the user doesn't have Commands permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
svr = self.controller.servers.get_server_obj_optional(server_id)
if svr is None:
@ -35,7 +53,16 @@ class ApiServersServerStdinHandler(BaseApiHandler):
"Crafty can't access the server object. "
"Please report this to the devs"
)
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
decoded = self.request.body.decode("utf-8")
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],
@ -50,5 +77,9 @@ class ApiServersServerStdinHandler(BaseApiHandler):
)
self.finish_json(
200,
{"status": "error", "error": "SERVER_NOT_RUNNING"},
{
"status": "error",
"error": "SERVER_NOT_RUNNING",
"error_data": "SERVER NOT RUNNING",
},
)

22
app/classes/web/routes/api/servers/server/tasks/index.py
View File

@ -132,7 +132,16 @@ class ApiServersServerTasksIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -142,7 +151,16 @@ class ApiServersServerTasksIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.SCHEDULE not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
data["server_id"] = server_id
if not data.get("start_time"):
data["start_time"] = "00:00"

49
app/classes/web/routes/api/servers/server/tasks/task/index.py
View File

@ -110,7 +110,16 @@ class ApiServersServerTasksTaskIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.SCHEDULE not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(200, self.controller.management.get_scheduled_task(task_id))
def delete(self, server_id: str, task_id: str):
@ -126,13 +135,23 @@ class ApiServersServerTasksTaskIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.SCHEDULE not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
self.tasks_manager.remove_job(task_id)
except Exception:
except Exception as why:
return self.finish_json(
400, {"status": "error", "error": "NO SCHEDULE FOUND"}
400,
{"status": "error", "error": "NO SCHEDULE FOUND", "error_data": why},
)
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],
@ -178,7 +197,16 @@ class ApiServersServerTasksTaskIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -188,7 +216,16 @@ class ApiServersServerTasksTaskIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.SCHEDULE not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
# Checks to make sure some doofus didn't actually make the newly
# created task a child of itself.

33
app/classes/web/routes/api/servers/server/users.py
View File

@ -14,13 +14,40 @@ class ApiServersServerUsersHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if EnumPermissionsCrafty.USER_CONFIG not in auth_data[1]:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if EnumPermissionsCrafty.ROLES_CONFIG not in auth_data[1]:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,

33
app/classes/web/routes/api/servers/server/webhooks/index.py
View File

@ -76,7 +76,16 @@ class ApiServersServerWebhooksIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.finish_json(
200,
{
@ -119,7 +128,16 @@ class ApiServersServerWebhooksIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -129,7 +147,16 @@ class ApiServersServerWebhooksIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
data["server_id"] = server_id
self.controller.management.add_to_audit_log(

84
app/classes/web/routes/api/servers/server/webhooks/webhook/index.py
View File

@ -77,13 +77,27 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if (
not str(webhook_id)
in self.controller.management.get_webhooks_by_server(server_id).keys()
):
return self.finish_json(
400, {"status": "error", "error": "NO WEBHOOK FOUND"}
400,
{
"status": "error",
"error": "NO WEBHOOK FOUND",
"error_data": "NOT FOUND",
},
)
self.finish_json(
200,
@ -106,13 +120,27 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
self.controller.management.delete_webhook(webhook_id)
except Exception:
return self.finish_json(
400, {"status": "error", "error": "NO WEBHOOK FOUND"}
400,
{
"status": "error",
"error": "NO WEBHOOK FOUND",
"error_data": "NOT FOUND",
},
)
self.controller.management.add_to_audit_log(
auth_data[4]["user_id"],
@ -157,7 +185,16 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -167,7 +204,16 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
data["server_id"] = server_id
if "trigger" in data.keys():
@ -200,7 +246,16 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
)
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
mask = self.controller.server_perms.get_lowest_api_perm_mask(
self.controller.server_perms.get_user_permissions_mask(
auth_data[4]["user_id"], server_id
@ -210,7 +265,16 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
server_permissions = self.controller.server_perms.get_permissions(mask)
if EnumPermissionsServer.CONFIG not in server_permissions:
# if the user doesn't have Schedule permission, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
webhook = self.controller.management.get_webhook_by_id(webhook_id)
try:
webhook_provider = WebhookFactory.create_provider(webhook["webhook_type"])
@ -225,6 +289,8 @@ class ApiServersServerWebhooksManagementIndexHandler(BaseApiHandler):
bot_name="Crafty Webhooks Tester",
)
except Exception as e:
self.finish_json(500, {"status": "error", "error": str(e)})
self.finish_json(
500, {"status": "error", "error": "WEBHOOK ERROR", "error_data": str(e)}
)
self.finish_json(200, {"status": "ok"})

45
app/classes/web/routes/api/users/index.py
View File

@ -77,7 +77,16 @@ class ApiUsersIndexHandler(BaseApiHandler):
) = auth_data
if EnumPermissionsCrafty.USER_CONFIG not in exec_user_crafty_permissions:
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
try:
data = json.loads(self.request.body)
@ -128,11 +137,23 @@ class ApiUsersIndexHandler(BaseApiHandler):
if username.lower() in ["system", ""]:
return self.finish_json(
400, {"status": "error", "error": "INVALID_USERNAME"}
400,
{
"status": "error",
"error": "INVALID_USERNAME",
"error_data": "INVALID USERNAME",
},
)
if self.controller.users.get_id_by_name(username) is not None:
return self.finish_json(400, {"status": "error", "error": "USER_EXISTS"})
return self.finish_json(
400,
{
"status": "error",
"error": "USER_EXISTS",
"error_data": "UNIQUE VALUE ERROR",
},
)
if roles is None:
roles = set()
@ -158,7 +179,14 @@ class ApiUsersIndexHandler(BaseApiHandler):
if new_superuser and not superuser:
return self.finish_json(
400, {"status": "error", "error": "INVALID_SUPERUSER_CREATE"}
400,
{
"status": "error",
"error": "INVALID_SUPERUSER_CREATE",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
for role in roles:
@ -169,7 +197,14 @@ class ApiUsersIndexHandler(BaseApiHandler):
and not superuser
):
return self.finish_json(
400, {"status": "error", "error": "INVALID_ROLES_CREATE"}
400,
{
"status": "error",
"error": "INVALID_ROLES_CREATE",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
# TODO: do this in the most efficient way

77
app/classes/web/routes/api/users/user/index.py
View File

@ -169,7 +169,12 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
if "username" in data:
if data["username"].lower() in ["system", ""]:
return self.finish_json(
400, {"status": "error", "error": "INVALID_USERNAME"}
400,
{
"status": "error",
"error": "INVALID_USERNAME",
"error_data": "INVALID USERNAME",
},
)
if self.controller.users.get_id_by_name(
data["username"]
@ -179,7 +184,12 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
user_id
):
return self.finish_json(
400, {"status": "error", "error": "USER_EXISTS"}
400,
{
"status": "error",
"error": "USER_EXISTS",
"error_data": "UNIQUE CONSTAINT FAILED",
},
)
if "superuser" in data:
@ -187,7 +197,14 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
# Checks if user is trying to change super user status
# of self without superuser. We don't want that.
return self.finish_json(
400, {"status": "error", "error": "INVALID_SUPERUSER_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_SUPERUSER_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if not superuser:
# The user is not superuser so they can't change the superuser status
@ -198,13 +215,27 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
# Checks if user is trying to change permissions
# of self without superuser. We don't want that.
return self.finish_json(
400, {"status": "error", "error": "INVALID_PERMISSIONS_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_PERMISSIONS_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if EnumPermissionsCrafty.USER_CONFIG not in exec_user_crafty_permissions:
# Checks if user is trying to change permissions of someone
# else without User Config permission. We don't want that.
return self.finish_json(
400, {"status": "error", "error": "INVALID_PERMISSIONS_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_PERMISSIONS_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if "roles" in data:
@ -212,13 +243,27 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
# Checks if user is trying to change roles of
# self without superuser. We don't want that.
return self.finish_json(
400, {"status": "error", "error": "INVALID_ROLES_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_ROLES_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if EnumPermissionsCrafty.USER_CONFIG not in exec_user_crafty_permissions:
# Checks if user is trying to change roles of someone
# else without User Config permission. We don't want that.
return self.finish_json(
400, {"status": "error", "error": "INVALID_ROLES_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_ROLES_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
user_modify = self.controller.users.get_user_roles_id(user_id)
@ -237,7 +282,14 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
for item in user_modify:
print(type(role), type(item))
return self.finish_json(
400, {"status": "error", "error": "INVALID_ROLES_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_ROLES_MODIFY",
"error_data": self.helper.translation.translate(
"error", "no-file", auth_data[4]["lang"]
),
},
)
user_obj = HelperUsers.get_user_model(user_id)
@ -245,7 +297,14 @@ class ApiUsersUserIndexHandler(BaseApiHandler):
if str(user["user_id"]) != str(user_obj.manager) and not user["superuser"]:
# TODO: edit your own password
return self.finish_json(
400, {"status": "error", "error": "INVALID_PASSWORD_MODIFY"}
400,
{
"status": "error",
"error": "INVALID_PASSWORD_MODIFY",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
if "roles" in data:

11
app/classes/web/routes/metrics/host.py
View File

@ -13,7 +13,16 @@ class ApiOpenMetricsCraftyHandler(BaseMetricsHandler):
if not auth_data[3]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.get_registry()

20
app/classes/web/routes/metrics/servers.py
View File

@ -14,13 +14,29 @@ class ApiOpenMetricsServersHandler(BaseMetricsHandler):
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
# if the user doesn't have access to the server, return an error
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
return self.finish_json(
400,
{
"status": "error",
"error": "NOT_AUTHORIZED",
"error_data": self.helper.translation.translate(
"validators", "insufficientPerms", auth_data[4]["lang"]
),
},
)
self.get_registry(server_id)
def get_registry(self, server_id=None) -> None:
if server_id is None:
return self.finish_json(500, {"status": "error", "error": "UNKNOWN_SERVER"})
return self.finish_json(
500,
{
"status": "error",
"error": "UNKNOWN_SERVER",
"error_data": "UNKNOWN SERVER",
},
)
# Prepare parameters
registry = (

4
app/frontend/static/assets/js/shared/root-dir.js
View File

@ -55,8 +55,8 @@ async function getTreeView(path, unzip = false, upload = false) {
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

8
app/frontend/templates/panel/custom_login.html
View File

@ -325,8 +325,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
})
@ -349,8 +349,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
})

8
app/frontend/templates/panel/dashboard.html
View File

@ -617,8 +617,8 @@
setTimeout(function(){
$('.modal').modal('hide');
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}, 2000)
}
@ -1024,8 +1024,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

12
app/frontend/templates/panel/panel_config.html
View File

@ -372,8 +372,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -410,8 +410,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -451,8 +451,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
});

4
app/frontend/templates/panel/panel_edit_user.html
View File

@ -122,7 +122,7 @@ data['lang']) }}{% end %}
name="lang" form="user_form">
{% for lang in data['languages'] %}
{% if not 'incomplete' in lang %}
<option value="{{lang}}" >{{translate('language', lang, 'humanized_index')}}</option>
<option value="{{lang}}" >{{translate('language', lang, 'humanized_index', False)}}</option>
{% else %}
<option value="{{lang}}" disabled>{{lang}}</option>
{% end %}
@ -547,7 +547,7 @@ data['lang']) }}{% end %}
bootbox.alert({
title: responseData.error,
message: responseData.error
message: responseData.error_data
});
}
}

8
app/frontend/templates/panel/server_backup.html
View File

@ -266,8 +266,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
return;
@ -485,8 +485,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

8
app/frontend/templates/panel/server_backup_edit.html
View File

@ -342,8 +342,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
return;
@ -676,8 +676,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

32
app/frontend/templates/panel/server_files.html
View File

@ -429,8 +429,8 @@
else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -605,8 +605,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -627,8 +627,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -650,8 +650,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -672,8 +672,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -695,8 +695,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -717,8 +717,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -841,8 +841,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

4
app/frontend/templates/panel/server_logs.html
View File

@ -212,8 +212,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

8
app/frontend/templates/panel/server_term.html
View File

@ -189,8 +189,8 @@
console.log("Command received successfully")
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -256,8 +256,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

8
app/frontend/templates/panel/server_webhook_edit.html
View File

@ -218,8 +218,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
});
@ -259,8 +259,8 @@
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
});

8
app/frontend/templates/panel/server_webhooks.html
View File

@ -359,8 +359,8 @@
} else {
console.log(responseData);
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}
@ -379,8 +379,8 @@
window.location.reload();
} else {
bootbox.alert({
title: responseData.status,
message: responseData.error
title: responseData.error,
message: responseData.error_data
});
}
}

2
app/frontend/templates/server/wizard.html
View File

@ -1099,7 +1099,7 @@
bootbox.alert({
title: responseData.error,
message: responseData.error
message: responseData.error_data
});
}
}

4
app/translations/en_EN.json
View File

@ -671,6 +671,7 @@
"backupName": "Backup name must be a string and a minimum length of 3.",
"enumErr": "failed validating. Acceptable data includes: ",
"filesPageLen": "length must be greater than 1 for property",
"insufficientPerms": "Permission Error: Missing permissions for this resource",
"passLength": "Password Too Short. Minimum Length: 8",
"roleManager": "Role manager must be of type integer (manager ID) or None",
"roleName": "Role name must be a string that is greater than 1 character. It must not include any of the following symbols: [ ] , ",
@ -685,7 +686,8 @@
"typeInteger": "must be a number.",
"typeIntMinVal0": "must be an integer with a minimum value of 0.",
"typeList": "must be of type list/array ",
"typeString": "must be of type string."
"typeString": "must be of type string.",
"userName": " must be of type string, all LOWERCASE, a minimum of 4 characters and a max of 20 characters"
},
"webhooks": {
"areYouSureDel": "Are you sure you want to delete this webhook?",