| Server IP : 184.154.167.98 / Your IP : 3.135.201.101 Web Server : Apache System : Linux pink.dnsnetservice.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 User : puertode ( 1767) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /usr/share/l.v.e-manager/panelless-version/daemon/ |
Upload File : |
# coding=utf-8
#
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
#
import asyncio
import collections
import json
import os
import re
import ssl
import sys
import subprocess
from concurrent.futures.process import ProcessPoolExecutor
import configparser
from aiohttp import web
from clcommon.ui_config import UIConfig
from clcommon.cpapi import is_panel_feature_supported
from constants import *
PANEL_CONFIG = '/opt/cpvendor/etc/integration.ini'
config_parser = configparser.ConfigParser(interpolation=None, strict=False)
config_parser.read(PANEL_CONFIG)
def run_cmd_pw_runner(pw, cmd):
"""
Drop privileges and run command
This function run in other process
:param pw: password database entry
:param cmd: command to run
:return: return retcode, stdout, stderr
"""
if not is_reseller(pw.pw_name) and not is_admin(pw.pw_name):
drop_admin(pw.pw_uid, pw.pw_gid)
return run_cmd(cmd)
async def run_cmd_pw(pw, cmd):
"""
Run cmd async
:param pw: password database entry
:param cmd: command to run
:return: return retcode, stdout, stderr
"""
loop = asyncio.get_event_loop()
executor = ProcessPoolExecutor(max_workers=1)
result = await loop.run_in_executor(
executor,
run_cmd_pw_runner, pw, cmd)
return result
def drop_admin(uid, gid):
"""
Drop privileges to user
:param uid: user id
:param gid: user grp
"""
os.setgroups([])
os.setgid(gid)
os.setuid(uid)
def run_cmd(cmd):
"""
Run subprocess
:param cmd: command to run
:return: return retcode, stdout, stderr
"""
if isinstance(cmd, str):
cmd = cmd.split(' ')
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = proc.communicate()
return proc.returncode, stdout.decode(), stderr.decode()
DICT_PARAM = r'^(.*)\[(.*)\]$'
def parse_params(params):
"""
Parse request params array
:param params:
:return: dict
"""
result = collections.defaultdict(dict)
for key in params.keys():
res = re.match(DICT_PARAM, key)
if res:
result[res[1]][res[2]] = params.get(key)
else:
result[key] = params.get(key)
return result
def get_service_port():
"""
Read config file and find custom service port
:return: port
"""
try:
service_port = config_parser.get('lvemanager_config', 'service_port')
except configparser.NoOptionError:
return DEFAULT_PORT
except configparser.NoSectionError:
raise web.HTTPBadRequest(body='Bad configuration file')
return service_port
def get_ssl_context():
"""
Read config file and find custom ssl settings
:return: port
"""
try:
use_ssl = config_parser.get('lvemanager_config', 'use_ssl')
crtfile = config_parser.get('lvemanager_config', 'ssl_cert')
keyfile = config_parser.get('lvemanager_config', 'ssl_key')
except configparser.NoOptionError:
return None
except configparser.NoSectionError:
raise web.HTTPBadRequest(body='Bad configuration file')
if use_ssl and int(use_ssl):
ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
ssl_context.load_cert_chain(crtfile, keyfile)
return ssl_context
async def get_user_data(user_data):
"""
Read config file, find user information script and run it
:param user_data:
:return:
"""
try:
ui_user_info_cli = config_parser.get('lvemanager_config', 'ui_user_info')
except configparser.NoSectionError:
raise web.HTTPBadRequest(body='Bad configuration file')
(retcode, stdout, stderr) = await run_cmd_pw(user_data['pw'], ui_user_info_cli)
try:
result = json.loads(stdout)
result['userName'] = user_data['pw'].pw_name
result['userType'] = user_data['type']
except Exception:
raise web.HTTPBadRequest(body='Bad user information script')
return result
def is_admin(username):
"""
Check if given user is an admin
:param username: The name of reseller
:return: boolean
"""
return username in get_admins()
def is_reseller(username):
"""
Check if given user is a reseller
:param username: The name of reseller
:return: boolean
"""
return username in get_resellers()
def get_admins():
"""
Get list of all admins
:return: List of admins
"""
script = config_parser.get('integration_scripts', 'admins')
admins = json.loads(subprocess.check_output(script, shell=True, executable='/bin/bash'))
return [a['unix_user'] for a in admins['data']]
def get_resellers():
"""
Get list of all resellers
:return: List of resellers
"""
script = config_parser.get('integration_scripts', 'resellers')
resellers = json.loads(subprocess.check_output(script, shell=True, executable='/bin/bash'))
return [r['name'] for r in resellers['data']]
def get_user_type(username):
"""
Get type of given user (admin, reseller, user)
:param username: User name
:return: String (admin|reseller|user)
"""
if is_admin(username):
return TYPE_ADMIN
elif is_reseller(username):
return TYPE_RESELLER
return TYPE_USER
def get_user_plugins():
"""
Get available plugins for end-user
:return: list like [{'key': 'plugin', 'name': 'Main plugin'}, ...]
"""
plugins = []
for plugin_name, plugin_value in PLUGINS.items():
ui_option = plugin_value['ui_option']
if show_plugin(plugin_name, ui_option):
plugins.append({'key': plugin_name, 'name': plugin_value['title']})
return plugins
def show_plugin(app_name, ui_option):
"""
Detect if we need to show plugin for end-user
:return: boolean
"""
return UIConfig().get_param(ui_option, 'uiSettings') == False \
and (app_name == 'resource_usage' or is_panel_feature_supported(app_name))