def put(self):
self.parser.parse_args()
orgin_data = request.json
nid = orgin_data.pop("nid")
if nid == "":
return api_abort(errcode=4012)
# 站点名、路径不支持修改
orgin_data.pop("ftp_user", "")
orgin_data.pop("ftp_path", "")
ftp_obj = Ftp.get(nid)
if ftp_obj:
if orgin_data:
self.ftpop.update_ftp(status=orgin_data.get("status"),
ftp_user=ftp_obj.ftp_user,
ftp_passwd=orgin_data.get("ftp_passwd"))
Ftp.update(nid, orgin_data)
ftp_dict = ftp_obj.to_json()
res = BaseResponse()
res.data = ftp_dict
return res.dict
else:
# 未传入修改的值
return api_abort(errcode=4019)
else:
# 记录不存在
return api_abort(errcode=4018)
def post(self):
rets = self.ftpop.check()
if rets:
api_abort(httpcode=400, errcode=4025, key=rets)
self.parser.parse_args()
orgin_data = request.json
ftp_user = orgin_data.get("ftp_user")
if ftp_user == "":
return api_abort(errcode=4012)
orgin_data["ftp_passwd"] = orgin_data.get(
"ftp_passwd") or getRandomString()
orgin_data["ftp_path"] = orgin_data.get(
"ftp_path") or f'{www_path}/{ftp_user}'
orgin_data["note"] = orgin_data.get("note") or ftp_user
parms = {"ftp_user": ftp_user}
check(Ftp, extra=parms, obj_path=orgin_data["ftp_path"])
create_dict = {
"ftp_user": ftp_user,
"ftp_passwd": orgin_data.get("ftp_passwd"),
"ftp_path": orgin_data.get("ftp_path")
}
# 创建FTP站点
self.ftpop.create_ftp(**create_dict)
ftpobj = Ftp(**orgin_data)
ftpobj.add()
res = BaseResponse()
res.data = ftpobj.to_json()
return res.dict
def put(self):
self.parser.parse_args()
orgin_data = request.json
nid = orgin_data.pop("nid")
if nid == "":
return api_abort(errcode=4012)
mysql_obj = Mysql.get(nid)
if mysql_obj:
if orgin_data:
accept = orgin_data.get("accept")
check(Mysql, accept=accept)
update_dict = {
"mysql_user": mysql_obj.mysql_user,
"old_passwd": mysql_obj.mysql_passwd,
"mysql_passwd": orgin_data.get("mysql_passwd"),
"mysql_name": mysql_obj.mysql_name,
"accept": accept,
"old_accept": mysql_obj.accept
}
# 更新数据库
result = self.mysqlop.update_mysql(**update_dict)
Mysql.update(nid, orgin_data)
ftp_dict = mysql_obj.to_json()
res = BaseResponse()
res.data = ftp_dict
res.errmsg = result
return res.dict
else:
# 未传入修改的值
return api_abort(errcode=4019)
else:
# 记录不存在
return api_abort(errcode=4018)
def post(self):
rets = self.mysqlop.check()
if rets:
api_abort(httpcode=400, errcode=4025, key=rets)
self.parser.parse_args()
orgin_data = request.json
mysql_user = orgin_data.get("mysql_user")
if mysql_user == "":
return api_abort(errcode=4012)
orgin_data["mysql_name"] = orgin_data.get("mysql_name") or mysql_user
orgin_data["mysql_passwd"] = orgin_data.get("mysql_passwd") or getRandomString()
orgin_data["accept"] = orgin_data.get("accept") or "localhost"
orgin_data["note"] = orgin_data.get("note") or mysql_user
accept = orgin_data.get("accept")
extra = {"mysql_user": mysql_user}
check(Mysql, extra=extra, accept=accept)
extra = {"mysql_name": orgin_data.get("mysql_name")}
check(Mysql, extra=extra)
create_dict = {
"mysql_user": mysql_user,
"mysql_passwd": orgin_data.get("mysql_passwd"),
"mysql_name": orgin_data.get("mysql_name"),
"accept": accept
}
# 创建mysql数据库
result = self.mysqlop.create_mysql(**create_dict)
mysqlobj = Mysql(**orgin_data)
mysqlobj.add()
res = BaseResponse()
res.errmsg = result
res.data = mysqlobj.to_json()
return res.dict
def put(self):
filename = request.form.get("file")
file_content = request.form.get('content')
ret = self.savefile(filename, file_content)
res = BaseResponse()
if not ret:
api_abort(httpcode=400, errcode=4025, key="文件保存失败")
return res.dict
def delete(self):
self.parser.parse_args()
nid = request.json.get("nid")
if nid == "":
return api_abort(errcode=4012)
soft_obj = Soft.get(nid)
if soft_obj:
Soft.delete(nid)
res = BaseResponse()
res.dict.pop("data")
return res.dict
else:
return api_abort(errcode=4018)
def post(self):
username = request.headers.get("username")
oldpasswd = request.json.get("oldpasswd")
newpasswd = request.json.get("newpasswd")
print(username, oldpasswd, newpasswd)
if username == "" or oldpasswd == "" or newpasswd == "":
api_abort(errcode=4012)
user_obj = User.query.filter_by(username=username).first()
if not user_obj.check_password(user_obj.password, oldpasswd):
api_abort(httpcode=400, errcode=4025, key="原密码不正确")
User.update(user_obj.nid, {'password': User.set_password(newpasswd)})
res = BaseResponse()
res.errmsg = "密码修改成功"
return res.dict
def delete(self):
self.parser.parse_args()
nid = request.json.get("nid")
if nid == "":
return api_abort(errcode=4012)
ftpobj = Ftp.get(nid)
if ftpobj:
self.ftpop.delete_ftp(ftp_user=ftpobj.ftp_user,
ftp_path=ftpobj.ftp_path)
Ftp.delete(nid)
res = BaseResponse()
res.dict.pop("data")
return res.dict
else:
return api_abort(errcode=4018)
def before_request():
# 白名单
for white_url in WHITE_URL_LIST:
if re.match(white_url, request.path):
return None
from api.utils.auth import verify_token
auth = verify_token()
if auth.get("userinfo") and auth.get("token"):
return None
else:
return api_abort(httpcode=200, **auth)
def delete(self):
self.parser.parse_args()
nid = request.json.get("nid")
print(nid)
if nid == "":
return api_abort(errcode=4012)
siteobj = Site.get(nid)
siteinfoobj = SiteInfo.sget(nid)
if siteobj:
self.siteop.delete_site(site_name=siteobj.site_name,
root_path=siteobj.root_path,
is_ssl=siteinfoobj.is_ssl,
log_path=siteinfoobj.log_path)
if siteinfoobj:
SiteInfo.sdelete(nid)
Site.delete(nid)
res = BaseResponse()
res.dict.pop("data")
return res.dict
else:
return api_abort(errcode=4018)
def delete(self):
self.parser.parse_args()
nid = request.json.get("nid")
if nid == "":
return api_abort(errcode=4012)
mysqlobj = Mysql.get(nid)
if mysqlobj:
delete_dict = {
"mysql_user": mysqlobj.mysql_user,
"mysql_name": mysqlobj.mysql_name,
"accept": mysqlobj.accept
}
# 删除数据库
result = self.mysqlop.delete_mysql(**delete_dict)
Mysql.delete(nid)
res = BaseResponse()
res.errmsg = result
res.dict.pop("data")
return res.dict
else:
return api_abort(errcode=4018)
def post(self):
crt = request.form.get('crt')
key = request.form.get('key')
site_name = request.form.get('site_name')
bind_domain = request.form.get('bind_domain')
if site_name == "" or bind_domain == "" or crt == "" or key == "":
api_abort(httpcode=400, errcode=4025, key="站点名或绑定域名或证书或秘钥内容不能为空")
crttmppath = f"/tmp/{site_name}.crt"
keytmppath = f"/tmp/{site_name}.key"
self.save(crttmppath, crt)
self.save(keytmppath, key)
from OpenSSL import crypto
try:
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
open(crttmppath).read())
subject = cert.get_subject()
ssl_domain = subject.CN
except:
api_abort(httpcode=400, errcode=4025, key="证书文件错误")
execShell(f"rm -rf {crttmppath}")
execShell(f"rm -rf {keytmppath}")
ssl_domain_flag = set(bind_domain.split(',')) & set([
ssl_domain,
])
if not ssl_domain_flag:
api_abort(httpcode=400,
errcode=4025,
key=f"证书不匹配,此证书文件是{ssl_domain}")
execShell(f"rm -rf {crttmppath}")
execShell(f"rm -rf {keytmppath}")
execShell(f"mv {crttmppath} /home/panel/ssl/{site_name}.crt")
execShell(f"mv {keytmppath} /home/panel/ssl/{site_name}.key")
res = BaseResponse()
return res.dict
def post(self):
self.parser.parse_args()
orgin_data = request.json
soft_name = orgin_data.get("soft_name")
soft_ver = orgin_data.get("soft_ver")
if soft_name == "" or soft_ver == "":
return api_abort(errcode=4012)
orgin_data["soft_desc"] = orgin_data.get("soft_desc") or soft_name
softobj = Soft(**orgin_data)
softobj.add()
res = BaseResponse()
res.data = softobj.to_json()
return res.dict
def check(models=None,
obj_domain=None,
extra=None,
obj_path=None,
site_name=None,
accept=None):
if obj_domain:
if type(obj_domain) == str:
domains = obj_domain.split(',')
else:
domains = []
# 检查域名是否合法、重复
reg = "^((xn--)?[A-Za-z0-9*]{1,100}\.){1,8}((xn--)?[A-Za-z0-9]){1,24}$"
for domain in domains:
if not re.match(reg, domain):
return api_abort(httpcode=400, errcode=4014, key=domain)
if models:
site = models.query.filter(
models.bind_domain.contains(domain)).first()
if site and site_name is None:
return api_abort(httpcode=400, errcode=4016, key=domain)
if extra:
obj_name = extra.get("site_name") or extra.get(
"ftp_user") or extra.get("mysql_user") or extra.get("mysql_name")
reg = "^([A-Za-z0-9]{3,10})$"
if not re.match(reg, obj_name):
return api_abort(httpcode=400, errcode=4013, key=obj_name)
# 检查站点名重复性
obj_obj = models.query.filter_by(**extra).first()
if obj_obj:
return api_abort(httpcode=400, errcode=4017, key=obj_name)
if obj_path:
# 检查路径是否合法
reg = "^%s\/([A-Za-z0-9]{1,20})(\/[A-Za-z0-9]{1,100}){0,10}$" % www_path.replace(
"/", "\/")
if not re.match(reg, obj_path):
return api_abort(httpcode=422, errcode=4015, key=obj_path)
if accept:
reg = "^(((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?))?(localhost)?(%)?$"
if not re.match(reg, accept):
return api_abort(httpcode=422, errcode=4027, key=accept)
def put(self):
self.parser.parse_args()
fields = {
"nid", "site_name", "bind_domain", "root_path", "site_info", "note"
}
orgin_data = {}
if fields.issubset(set(request.json.keys())):
for key in fields:
orgin_data[key] = request.json.get(key)
orgin_data = request.json
nid = orgin_data.pop("nid")
if nid == "":
return api_abort(errcode=4012)
bind_domain = orgin_data.get("bind_domain")
# 站点名、路径不支持修改
orgin_data.pop("site_name", "")
orgin_data.pop("root_path", "")
site_obj = Site.get(nid)
if site_obj:
check(Site, obj_domain=bind_domain, site_name=site_obj.site_name)
bind_domain = bind_domain or site_obj.bind_domain
siteinfo_orgin_data = orgin_data.pop("site_info", {})
if siteinfo_orgin_data.get('is_log'):
siteinfo_orgin_data[
"log_path"] = f'{logs_path}/{site_obj.site_name}'
else:
siteinfo_orgin_data["log_path"] = ""
if siteinfo_orgin_data:
extra_kwargs = siteinfo_orgin_data.pop("extra_kwargs", {})
if extra_kwargs:
siteinfo_orgin_data["extra_kwargs"] = json.dumps(
extra_kwargs)
if orgin_data:
site_info = SiteInfo.sget(nid)
php_ver = siteinfo_orgin_data.get(
'php_ver') or site_info.php_ver
domain_301 = siteinfo_orgin_data.get("domain_301")
if extra_kwargs.get('set_301') and domain_301 == "":
api_abort(httpcode=400, errcode=4025, key="开启301,跳转域名不能为空")
check(obj_domain=domain_301)
create_dict = {
"site_name": site_obj.site_name,
"bind_domain": bind_domain.replace(",", " "),
"root_path": site_obj.root_path,
"is_ssl": siteinfo_orgin_data.get('is_ssl'),
"is_log": siteinfo_orgin_data.get('is_log'),
"log_path": siteinfo_orgin_data.get('log_path'),
"domain_301": domain_301,
"default_index": site_info.default_index,
"php_ver": php_ver.replace(".", ""),
"extra_kwargs": extra_kwargs
}
# 更新站点调用 创建站点
res = self.siteop.create_site(**create_dict)
if res:
api_abort(httpcode=400, errcode=4025, key=res)
SiteInfo.supdate(nid, siteinfo_orgin_data)
Site.update(nid, orgin_data)
site_dict = site_obj.to_json()
if site_info:
site_dict["site_info"] = site_info.to_json()
res = BaseResponse()
res.data = site_dict
return res.dict
else:
# 未传入修改的值
return api_abort(errcode=4019)
else:
# 记录不存在
return api_abort(errcode=4018)
def put(self):
self.parser.parse_args()
orgin_data = request.json
nid = orgin_data.pop("nid")
installtype = orgin_data.get("installtype")
soft_name = orgin_data.get("soft_name")
soft_ver = orgin_data.get("soft_ver")
if nid == "":
return api_abort(errcode=4012)
soft_obj = Soft.get(nid)
if soft_obj:
if orgin_data:
softobj = Soft.query.filter_by(**{
'soft_name': soft_name,
'is_install': 1
}).first()
if softobj:
api_abort(httpcode=400,
errcode=4025,
key=f"已安装{softobj.soft_name},若要安装新版请先卸载")
softobj2 = Soft.query.filter_by(**{'is_install': 2}).first()
if softobj2:
api_abort(httpcode=400,
errcode=4025,
key=f"正在安装{softobj2.soft_name},请稍后重试")
if installtype == "rpm":
api_abort(httpcode=400, errcode=4025, key=f"暂时不支持极速安装")
res = 0
# res = os.system(f"/bin/bash {self.shellpath}/{soft_name}_rpm.sh {soft_ver}")
elif installtype == "bash":
Soft.update(nid, {"is_install": 2})
res = os.system(
f"/bin/bash {self.shellpath}/{soft_name}.sh {soft_ver}"
)
# res = execShell(f"bash {self.shellpath}/{soft_name}.sh {soft_ver}")
if res == 1:
Soft.update(nid, {"is_install": 0})
api_abort(httpcode=400,
errcode=4025,
key=f"{soft_name}安装失败")
Soft.update(nid, {"is_install": 1})
soft_dict = soft_obj.to_json()
res = BaseResponse()
res.data = soft_dict
res.errmsg = f"正在安装{soft_name}..."
return res.dict
else:
# 未传入修改的值
return api_abort(errcode=4019)
else:
# 记录不存在
return api_abort(errcode=4018)
def post(self):
rets = self.siteop.check()
if rets:
api_abort(httpcode=400, errcode=4025, key=rets)
self.parser.parse_args()
orgin_data = request.json
site_name = orgin_data.get("site_name", "")
bind_domain = orgin_data.get("bind_domain", "")
if site_name == "" or bind_domain == "":
api_abort(errcode=4012)
orgin_data["root_path"] = orgin_data.get(
"root_path") or f'{www_path}/{site_name}'
orgin_data["note"] = orgin_data.get("note") or site_name
# 检查域名、路径合法性及站点、域名重复性
parms = {"site_name": site_name}
check(Site, bind_domain, parms, orgin_data.get("root_path"))
orgin_data.pop("ftpinfo")
orgin_data.pop("mysqlinfo")
# orgin_data.pop("sslinfo")
siteinfo_orgin_data = orgin_data.pop("site_info", {})
if siteinfo_orgin_data.get('is_log'):
siteinfo_orgin_data["log_path"] = f'{logs_path}/{site_name}'
else:
siteinfo_orgin_data["log_path"] = ""
# 规范 port is_ssl 值
if siteinfo_orgin_data.get("port") == 80:
siteinfo_orgin_data["is_ssl"] = False
elif siteinfo_orgin_data.get("port") == 443:
siteinfo_orgin_data["is_ssl"] = True
if siteinfo_orgin_data.get("is_ssl") == False:
siteinfo_orgin_data["port"] = 80
elif siteinfo_orgin_data.get("is_ssl") == True:
siteinfo_orgin_data["port"] = 443
extra_kwargs = siteinfo_orgin_data.pop("extra_kwargs",
{}) or extra_kwargs_dict
domain_301 = siteinfo_orgin_data.get("domain_301")
if extra_kwargs.get('set_301') and domain_301 == "":
api_abort(httpcode=400, errcode=4025, key="开启301,跳转域名不能为空")
check(obj_domain=domain_301)
siteinfo_orgin_data["extra_kwargs"] = json.dumps(extra_kwargs)
phpver = siteinfo_orgin_data.get("php_ver") or php_ver
create_dict = {
"site_name": site_name,
"bind_domain": bind_domain.replace(",", " "),
"root_path": orgin_data.get("root_path"),
"is_ssl": siteinfo_orgin_data.get("is_ssl") or False,
"is_log": siteinfo_orgin_data.get('is_log') or False,
"log_path": siteinfo_orgin_data.get("log_path"),
"domain_301": siteinfo_orgin_data.get("domain_301") or "",
"default_index": siteinfo_orgin_data.get("default_index")
or default_index,
"php_ver": phpver.replace(".", ""),
"extra_kwargs": extra_kwargs
}
# 创建站点
res = self.siteop.create_site(**create_dict)
if res:
api_abort(httpcode=400, errcode=4025, key=res)
siteobj = Site(**orgin_data)
siteobj.add()
site_dict = siteobj.to_json()
siteinfo_orgin_data["site_id"] = siteobj.nid
siteinfoobj = SiteInfo(**siteinfo_orgin_data)
siteinfoobj.add()
site_info = SiteInfo.sget(siteobj.nid)
if site_info:
site_dict["site_info"] = site_info.to_json()
res = BaseResponse()
res.data = site_dict
return res.dict
