# -*- coding: utf-8 -*- import time from random import randint from django.shortcuts import redirect, HttpResponse from django.views.decorators.csrf import csrf_exempt from cloudAPI.cloudManager import CloudManager from loginSystem.views import loadLoginPage from .databaseManager import DatabaseManager from .mysqlOptimizer import MySQLOptimizer from .pluginManager import pluginManager import json from plogical.processUtilities import ProcessUtilities from loginSystem.models import Administrator from plogical.acl import ACLManager from databases.models import GlobalUserDB from plogical import randomPassword from cryptography.fernet import Fernet from plogical.mysqlUtilities import mysqlUtilities from plogical.CyberCPLogFileWriter import CyberCPLogFileWriter as logging # Create your views here. def loadDatabaseHome(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.loadDatabaseHome(request, userID) except KeyError: return redirect(loadLoginPage) def createDatabase(request): try: result = pluginManager.preCreateDatabase(request) if result != 200: return result userID = request.session['userID'] dm = DatabaseManager() coreResult = dm.createDatabase(request, userID) result = pluginManager.postCreateDatabase(request, coreResult) if result != 200: return result return coreResult except KeyError: return redirect(loadLoginPage) def submitDBCreation(request): try: userID = request.session['userID'] result = pluginManager.preSubmitDBCreation(request) if result != 200: return result dm = DatabaseManager() coreResult = dm.submitDBCreation(userID, json.loads(request.body)) result = pluginManager.postSubmitDBCreation(request, coreResult) if result != 200: return result return coreResult except KeyError: return redirect(loadLoginPage) def deleteDatabase(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.deleteDatabase(request, userID) except KeyError: return redirect(loadLoginPage) def fetchDatabases(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.fetchDatabases(userID, json.loads(request.body)) except KeyError: return redirect(loadLoginPage) def submitDatabaseDeletion(request): try: userID = request.session['userID'] result = pluginManager.preSubmitDatabaseDeletion(request) if result != 200: return result dm = DatabaseManager() coreResult = dm.submitDatabaseDeletion(userID, json.loads(request.body)) result = pluginManager.postSubmitDatabaseDeletion(request, coreResult) if result != 200: return result return coreResult except KeyError: return redirect(loadLoginPage) def listDBs(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.listDBs(request, userID) except KeyError: return redirect(loadLoginPage) def changePassword(request): try: userID = request.session['userID'] result = pluginManager.preChangePassword(request) if result != 200: return result dm = DatabaseManager() coreResult = dm.changePassword(userID, json.loads(request.body)) result = pluginManager.postChangePassword(request, coreResult) if result != 200: return result return coreResult except KeyError: return redirect(loadLoginPage) def remoteAccess(request): try: userID = request.session['userID'] dm = DatabaseManager() coreResult = dm.remoteAccess(userID, json.loads(request.body)) return coreResult except KeyError: return redirect(loadLoginPage) def allowRemoteIP(request): try: userID = request.session['userID'] dm = DatabaseManager() coreResult = dm.allowRemoteIP(userID, json.loads(request.body)) return coreResult except KeyError: return redirect(loadLoginPage) def phpMyAdmin(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.phpMyAdmin(request, userID) except KeyError: return redirect(loadLoginPage) def generateAccess(request): try: userID = request.session['userID'] admin = Administrator.objects.get(id=userID) currentACL = ACLManager.loadedACL(userID) ## if user ACL is admin login as root command = 'chmod 640 /usr/local/lscp/cyberpanel/logs/access.log' ProcessUtilities.executioner(command) if currentACL['admin'] == 1: try: GlobalUserDB.objects.get(username=admin.userName).delete() except: try: gbobs = GlobalUserDB.objects.filter(username=admin.userName) for gbobs in gbobs: gbobs.delete() except: pass password = randomPassword.generate_pass() token = randomPassword.generate_pass() GlobalUserDB(username=admin.userName, password=password, token=token).save() data_ret = {'status': 1, 'token': token, 'username': admin.userName} json_data = json.dumps(data_ret) return HttpResponse(json_data) keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName) try: GlobalUserDB.objects.get(username=admin.userName).delete() except: pass command = 'rm -f %s' % (keySavePath) ProcessUtilities.executioner(command) ## Create and save new key key = Fernet.generate_key() writeToFile = open(keySavePath, 'w') writeToFile.write(key.decode()) writeToFile.close() command = 'chown root:root %s' % (keySavePath) ProcessUtilities.executioner(command) command = 'chmod 600 %s' % (keySavePath) ProcessUtilities.executioner(command) ## password = randomPassword.generate_pass() token = randomPassword.generate_pass() f = Fernet(key) GlobalUserDB(username=admin.userName, password=f.encrypt(password.encode('utf-8')).decode(), token=token).save() sites = ACLManager.findWebsiteObjects(currentACL, userID) mysqlUtilities.addUserToDB(None, admin.userName, password, 1) for site in sites: for db in site.databases_set.all(): mysqlUtilities.addUserToDB(db.dbName, admin.userName, password, 0) data_ret = {'status': 1, 'token': token, 'username': admin.userName} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException as msg: logging.writeToFile(str(msg)) data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) @csrf_exempt def fetchDetailsPHPMYAdmin(request): try: userID = request.session['userID'] admin = Administrator.objects.get(id=userID) currentACL = ACLManager.loadedACL(userID) token = request.POST.get('token') username = request.POST.get('username') from plogical.httpProc import httpProc proc = httpProc(request, None, ) # return proc.ajax(0, str(request.POST.get('token'))) if username != admin.userName: return redirect(loadLoginPage) ## Key generation gdb = GlobalUserDB.objects.get(username=admin.userName) if gdb.token == token: if currentACL['admin'] == 1: passFile = "/etc/cyberpanel/mysqlPassword" try: jsonData = json.loads(open(passFile, 'r').read()) mysqluser = jsonData['mysqluser'] password = jsonData['mysqlpassword'] # returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % ( # mysqluser, password) # return redirect(returnURL) data = {} data['userName'] = mysqluser data['password'] = password proc = httpProc(request, 'databases/AutoLogin.html', data, 'admin') return proc.render() except BaseException as msg: f = open(passFile) data = f.read() password = data.split('\n', 1)[0] password = password.strip('\n').strip('\r') data = {} data['userName'] = 'root' data['password'] = password # return redirect(returnURL) proc = httpProc(request, 'databases/AutoLogin.html', data, 'admin') return proc.render() # returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % ( # 'root', password) # return redirect(returnURL) keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName) key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode() f = Fernet(key) password = f.decrypt(gdb.password.encode('utf-8')) sites = ACLManager.findWebsiteObjects(currentACL, userID) for site in sites: for db in site.databases_set.all(): mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), 0) data = {} data['userName'] = admin.userName data['password'] = password.decode() # return redirect(returnURL) proc = httpProc(request, 'databases/AutoLogin.html', data, 'listDatabases') return proc.render() # returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode()) # return redirect(returnURL) else: return redirect(loadLoginPage) except BaseException as msg: data_ret = {'status': 0, 'createDBStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) def MySQLManager(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.MySQLManager(request, userID) except KeyError: return redirect(loadLoginPage) def OptimizeMySQL(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.OptimizeMySQL(request, userID) except KeyError: return redirect(loadLoginPage) def UpgradeMySQL(request): try: userID = request.session['userID'] dm = DatabaseManager() return dm.Upgardemysql(request, userID) except KeyError: return redirect(loadLoginPage) def getMysqlstatus(request): try: userID = request.session['userID'] finalData = mysqlUtilities.showStatus() currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) finalData = json.dumps(finalData) return HttpResponse(finalData) except KeyError: return redirect(loadLoginPage) def restartMySQL(request): try: userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) data = {} finalData = mysqlUtilities.restartMySQL() data['status'] = finalData[0] data['error_message'] = finalData[1] json_data = json.dumps(data) return HttpResponse(json_data) except KeyError: return redirect(loadLoginPage) def generateRecommendations(request): try: userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) data = json.loads(request.body) detectedRam = data['detectedRam'] data = {} data['status'] = 1 data['generatedConf'] = MySQLOptimizer.generateRecommendations(detectedRam) final_json = json.dumps(data) return HttpResponse(final_json) except KeyError: return redirect(loadLoginPage) def applyMySQLChanges(request): try: userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) data = json.loads(request.body) finalData = mysqlUtilities.applyMySQLChanges(data) data = {} data['status'] = finalData[0] data['error_message'] = finalData[1] final_json = json.dumps(data) return HttpResponse(final_json) except KeyError: return redirect(loadLoginPage) def upgrademysqlnow(request): try: from plogical.virtualHostUtilities import virtualHostUtilities userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) data = json.loads(request.body) version =data['mysqlversion'] tempStatusPath = "/home/cyberpanel/" + str(randint(1000, 9999)) execPath = f"/usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/mysqlUtilities.py UpgradeMariaDB --version {version} --tempStatusPath {tempStatusPath}" ProcessUtilities.popenExecutioner(execPath) time.sleep(2) data_ret = {'status': 1, 'error_message': "None", 'tempStatusPath': tempStatusPath} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError: return redirect(loadLoginPage) def upgrademysqlstatus(request): try: userID = request.session['userID'] currentACL = ACLManager.loadedACL(userID) if currentACL['admin'] == 1: pass else: return ACLManager.loadErrorJson('FilemanagerAdmin', 0) data = json.loads(request.body) statusfile = data['statusfile'] installStatus = ProcessUtilities.outputExecutioner("sudo cat " + statusfile) if installStatus.find("[200]") > -1: command = 'sudo rm -f ' + statusfile ProcessUtilities.executioner(command) final_json = json.dumps({ 'error_message': "None", 'requestStatus': installStatus, 'abort': 1, 'installed': 1, }) return HttpResponse(final_json) elif installStatus.find("[404]") > -1: command = 'sudo rm -f ' + statusfile ProcessUtilities.executioner(command) final_json = json.dumps({ 'abort': 1, 'installed': 0, 'error_message': "None", 'requestStatus': installStatus, }) return HttpResponse(final_json) else: final_json = json.dumps({ 'abort': 0, 'error_message': "None", 'requestStatus': installStatus, }) return HttpResponse(final_json) except KeyError: return redirect(loadLoginPage)