NussNougate/crafty-4
2
0
Fork 0
mirror of https://gitlab.com/crafty-controller/crafty-4.git synced 2025-01-31 21:06:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into dev-Silversthorn

Browse Source
This commit is contained in:
Silversthorn 2021-08-22 12:14:31 +02:00
commit 88042998d9
4 changed files with 19 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
DBCHANGES.md
View File

@ -39,18 +39,21 @@ import peewee
def migrate(migrator, database, **kwargs): def migrate(migrator, database, **kwargs):
db = database
#Copy Paste here the class of the New Table from models.py
class NewTable(peewee.Model): class NewTable(peewee.Model):
my_id = peewee.IntegerField(unique=True, primary_key=True) my_id = peewee.IntegerField(unique=True, primary_key=True)
class Meta: class Meta:
table_name = 'new_table' table_name = 'new_table'
database = database database = db
create_table(NewTable)
migrator.create_table(NewTable)
def rollback(migrator, database, **kwargs): def rollback(migrator, database, **kwargs):
drop_table('new_table') # Can be model class OR table name migrator.drop_table('new_table') # Can be model class OR table name
``` ```

29
app/classes/shared/models.py
View File

@ -506,36 +506,17 @@ class db_shortcuts:
@staticmethod @staticmethod
def server_id_authorized(serverId, user_id): def server_id_authorized(serverId, user_id):
userServer = User_Servers.select().where(User_Servers.server_id == serverId) authorized = 0
authorized = userServer.select().where(User_Servers.user_id == user_id) user_roles = User_Roles.select().where(User_Roles.user_id == user_id)
for role in user_roles:
authorized = (Role_Servers.select().where(Role_Servers.role_id == role.role_id))
#authorized = db_helper.return_rows(authorized) #authorized = db_helper.return_rows(authorized)
if authorized.count() == 0: if authorized.count() == 0:
return False return False
return True return True
@staticmethod
def server_id_authorized_from_roles(serverId, user_id):
cpt_authorized = 0
roles_list = []
role_server = []
authorized = []
user_roles = User_Roles.select().where(User_Roles.user_id == user_id)
for u in user_roles:
roles_list.append(db_helper.get_role(u.role_id))
for r in roles_list:
role_test = Role_Servers.select().where(Role_Servers.role_id == r.get('role_id'))
for s in role_test:
if s.server_id.server_id == serverId:
cpt_authorized += 1
if cpt_authorized == 0:
return False
return True
@staticmethod @staticmethod
def get_latest_hosts_stats(): def get_latest_hosts_stats():
query = Host_Stats.select().order_by(Host_Stats.id.desc()).get() query = Host_Stats.select().order_by(Host_Stats.id.desc()).get()

7
app/classes/web/panel_handler.py
View File

@ -139,7 +139,7 @@ class PanelHandler(BaseHandler):
if exec_user['superuser'] != 1: if exec_user['superuser'] != 1:
if not db_helper.server_id_authorized(server_id, exec_user_id): if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id): if not db_helper.server_id_authorized(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
return False return False
@ -212,7 +212,7 @@ class PanelHandler(BaseHandler):
if exec_user['superuser'] != 1: if exec_user['superuser'] != 1:
#if not db_helper.server_id_authorized(server_id, exec_user_id): #if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id): if not db_helper.server_id_authorized(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
return return
@ -261,7 +261,7 @@ class PanelHandler(BaseHandler):
if exec_user['superuser'] != 1: if exec_user['superuser'] != 1:
#if not db_helper.server_id_authorized(server_id, exec_user_id): #if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(int(server_id), exec_user_id): if not db_helper.server_id_authorized(int(server_id), exec_user_id):
self.redirect("/panel/error?error=Invalid Server ID") self.redirect("/panel/error?error=Invalid Server ID")
return return
@ -516,7 +516,6 @@ class PanelHandler(BaseHandler):
if not exec_user['superuser']: if not exec_user['superuser']:
if not db_helper.server_id_authorized(server_id, exec_user_id): if not db_helper.server_id_authorized(server_id, exec_user_id):
if not db_helper.server_id_authorized_from_roles(server_id, exec_user_id):
self.redirect("/panel/error?error=Unauthorized access: invalid server id") self.redirect("/panel/error?error=Unauthorized access: invalid server id")
return return
elif server_id is None: elif server_id is None:

2
app/frontend/templates/panel/server_config.html
View File

@ -242,7 +242,7 @@ let server_id = '{{ data['server_stats']['server_id']['server_id'] }}';
className: 'btn-danger', className: 'btn-danger',
}, },
cancel: { cancel: {
label: "<i class="fas fa-times"></i>{{ translate('serverConfig', 'noDeleteFiles') }}", label: "{{ translate('serverConfig', 'noDeleteFiles') }}",
className: 'btn-link', className: 'btn-link',
} }
}, },