mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2025-01-21 18:55:29 +01:00
197 lines
7.2 KiB
Python
197 lines
7.2 KiB
Python
import logging
|
|
import json
|
|
from jsonschema import validate
|
|
from jsonschema.exceptions import ValidationError
|
|
from playhouse.shortcuts import model_to_dict
|
|
from app.classes.models.server_permissions import EnumPermissionsServer
|
|
from app.classes.web.base_api_handler import BaseApiHandler
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
# TODO: modify monitoring
|
|
server_patch_schema = {
|
|
"type": "object",
|
|
"properties": {
|
|
"server_name": {"type": "string", "minLength": 1},
|
|
"backup_path": {"type": "string"},
|
|
"executable": {"type": "string"},
|
|
"log_path": {"type": "string", "minLength": 1},
|
|
"execution_command": {"type": "string", "minLength": 1},
|
|
"java_selection": {"type": "string"},
|
|
"auto_start": {"type": "boolean"},
|
|
"auto_start_delay": {"type": "integer", "minimum": 0},
|
|
"crash_detection": {"type": "boolean"},
|
|
"stop_command": {"type": "string"},
|
|
"executable_update_url": {"type": "string"},
|
|
"server_ip": {"type": "string", "minLength": 1},
|
|
"server_port": {"type": "integer"},
|
|
"shutdown_timeout": {"type": "integer", "minimum": 0},
|
|
"logs_delete_after": {"type": "integer", "minimum": 0},
|
|
"ignored_exits": {"type": "string"},
|
|
"show_status": {"type": "boolean"},
|
|
},
|
|
"additionalProperties": False,
|
|
"minProperties": 1,
|
|
}
|
|
basic_server_patch_schema = {
|
|
"type": "object",
|
|
"properties": {
|
|
"server_name": {"type": "string", "minLength": 1},
|
|
"executable": {"type": "string"},
|
|
"java_selection": {"type": "string"},
|
|
"auto_start": {"type": "boolean"},
|
|
"auto_start_delay": {"type": "integer", "minimum": 0},
|
|
"crash_detection": {"type": "boolean"},
|
|
"stop_command": {"type": "string"},
|
|
"shutdown_timeout": {"type": "integer"},
|
|
"logs_delete_after": {"type": "integer", "minimum": 0},
|
|
"ignored_exits": {"type": "string"},
|
|
},
|
|
"additionalProperties": False,
|
|
"minProperties": 1,
|
|
}
|
|
|
|
|
|
class ApiServersServerIndexHandler(BaseApiHandler):
|
|
def get(self, server_id: str):
|
|
auth_data = self.authenticate_user()
|
|
if not auth_data:
|
|
return
|
|
|
|
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
|
|
# if the user doesn't have access to the server, return an error
|
|
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
|
|
|
|
server_obj = self.controller.servers.get_server_obj(server_id)
|
|
server = model_to_dict(server_obj)
|
|
|
|
# TODO: limit some columns for specific permissions?
|
|
|
|
self.finish_json(200, {"status": "ok", "data": server})
|
|
|
|
def patch(self, server_id: str):
|
|
auth_data = self.authenticate_user()
|
|
if not auth_data:
|
|
return
|
|
|
|
try:
|
|
data = json.loads(self.request.body)
|
|
except json.decoder.JSONDecodeError as e:
|
|
return self.finish_json(
|
|
400, {"status": "error", "error": "INVALID_JSON", "error_data": str(e)}
|
|
)
|
|
|
|
try:
|
|
# prevent general users from becoming bad actors
|
|
if auth_data[4]["superuser"]:
|
|
validate(data, server_patch_schema)
|
|
else:
|
|
validate(data, basic_server_patch_schema)
|
|
except ValidationError as e:
|
|
return self.finish_json(
|
|
400,
|
|
{
|
|
"status": "error",
|
|
"error": "INVALID_JSON_SCHEMA",
|
|
"error_data": str(e),
|
|
},
|
|
)
|
|
|
|
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
|
|
# if the user doesn't have access to the server, return an error
|
|
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
|
|
|
|
if (
|
|
EnumPermissionsServer.CONFIG
|
|
not in self.controller.server_perms.get_user_id_permissions_list(
|
|
auth_data[4]["user_id"], server_id
|
|
)
|
|
):
|
|
# if the user doesn't have Config permission, return an error
|
|
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
|
|
|
|
server_obj = self.controller.servers.get_server_obj(server_id)
|
|
java_flag = False
|
|
for key in data:
|
|
# If we don't validate the input there could be security issues
|
|
if key == "java_selection" and data[key] != "none":
|
|
try:
|
|
command = self.helper.get_execution_java(
|
|
data[key], server_obj.execution_command
|
|
)
|
|
setattr(server_obj, "execution_command", command)
|
|
except ValueError:
|
|
return self.finish_json(
|
|
400, {"status": "error", "error": "INVALID EXECUTION COMMAND"}
|
|
)
|
|
java_flag = True
|
|
|
|
if key != "path":
|
|
if key == "execution_command" and java_flag:
|
|
continue
|
|
setattr(server_obj, key, data[key])
|
|
self.controller.servers.update_server(server_obj)
|
|
|
|
self.controller.management.add_to_audit_log(
|
|
auth_data[4]["user_id"],
|
|
f"modified the server with ID {server_id}",
|
|
server_id,
|
|
self.get_remote_ip(),
|
|
)
|
|
|
|
return self.finish_json(200, {"status": "ok"})
|
|
|
|
def delete(self, server_id: str):
|
|
auth_data = self.authenticate_user()
|
|
if not auth_data:
|
|
return
|
|
|
|
# DELETE /api/v2/servers/server?files=true
|
|
remove_files = self.get_query_argument("files", None) == "true"
|
|
|
|
if server_id not in [str(x["server_id"]) for x in auth_data[0]]:
|
|
# if the user doesn't have access to the server, return an error
|
|
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
|
|
|
|
if (
|
|
EnumPermissionsServer.CONFIG
|
|
not in self.controller.server_perms.get_user_id_permissions_list(
|
|
auth_data[4]["user_id"], server_id
|
|
)
|
|
):
|
|
# if the user doesn't have Config permission, return an error
|
|
return self.finish_json(400, {"status": "error", "error": "NOT_AUTHORIZED"})
|
|
|
|
logger.info(
|
|
(
|
|
"Removing server and all associated files for server: "
|
|
if remove_files
|
|
else "Removing server from panel for server: "
|
|
)
|
|
+ self.controller.servers.get_server_friendly_name(server_id)
|
|
)
|
|
|
|
self.tasks_manager.remove_all_server_tasks(server_id)
|
|
failed = False
|
|
for item in self.controller.servers.failed_servers[:]:
|
|
if item["server_id"] == int(server_id):
|
|
self.controller.servers.failed_servers.remove(item)
|
|
failed = True
|
|
|
|
if failed:
|
|
self.controller.remove_unloaded_server(server_id)
|
|
else:
|
|
self.controller.remove_server(server_id, remove_files)
|
|
|
|
self.controller.management.add_to_audit_log(
|
|
auth_data[4]["user_id"],
|
|
f"deleted the server {server_id}",
|
|
server_id,
|
|
self.get_remote_ip(),
|
|
)
|
|
|
|
self.finish_json(
|
|
200,
|
|
{"status": "ok"},
|
|
)
|