def put(self): self.parser.parse_args() orgin_data = request.json nid = orgin_data.pop("nid") if nid == "": return api_abort(errcode=4012) # 站点名、路径不支持修改 orgin_data.pop("ftp_user", "") orgin_data.pop("ftp_path", "") ftp_obj = Ftp.get(nid) if ftp_obj: if orgin_data: self.ftpop.update_ftp(status=orgin_data.get("status"), ftp_user=ftp_obj.ftp_user, ftp_passwd=orgin_data.get("ftp_passwd")) Ftp.update(nid, orgin_data) ftp_dict = ftp_obj.to_json() res = BaseResponse() res.data = ftp_dict return res.dict else: # 未传入修改的值 return api_abort(errcode=4019) else: # 记录不存在 return api_abort(errcode=4018)
def post(self): rets = self.ftpop.check() if rets: api_abort(httpcode=400, errcode=4025, key=rets) self.parser.parse_args() orgin_data = request.json ftp_user = orgin_data.get("ftp_user") if ftp_user == "": return api_abort(errcode=4012) orgin_data["ftp_passwd"] = orgin_data.get( "ftp_passwd") or getRandomString() orgin_data["ftp_path"] = orgin_data.get( "ftp_path") or f'{www_path}/{ftp_user}' orgin_data["note"] = orgin_data.get("note") or ftp_user parms = {"ftp_user": ftp_user} check(Ftp, extra=parms, obj_path=orgin_data["ftp_path"]) create_dict = { "ftp_user": ftp_user, "ftp_passwd": orgin_data.get("ftp_passwd"), "ftp_path": orgin_data.get("ftp_path") } # 创建FTP站点 self.ftpop.create_ftp(**create_dict) ftpobj = Ftp(**orgin_data) ftpobj.add() res = BaseResponse() res.data = ftpobj.to_json() return res.dict
def put(self): self.parser.parse_args() orgin_data = request.json nid = orgin_data.pop("nid") if nid == "": return api_abort(errcode=4012) mysql_obj = Mysql.get(nid) if mysql_obj: if orgin_data: accept = orgin_data.get("accept") check(Mysql, accept=accept) update_dict = { "mysql_user": mysql_obj.mysql_user, "old_passwd": mysql_obj.mysql_passwd, "mysql_passwd": orgin_data.get("mysql_passwd"), "mysql_name": mysql_obj.mysql_name, "accept": accept, "old_accept": mysql_obj.accept } # 更新数据库 result = self.mysqlop.update_mysql(**update_dict) Mysql.update(nid, orgin_data) ftp_dict = mysql_obj.to_json() res = BaseResponse() res.data = ftp_dict res.errmsg = result return res.dict else: # 未传入修改的值 return api_abort(errcode=4019) else: # 记录不存在 return api_abort(errcode=4018)
def post(self): rets = self.mysqlop.check() if rets: api_abort(httpcode=400, errcode=4025, key=rets) self.parser.parse_args() orgin_data = request.json mysql_user = orgin_data.get("mysql_user") if mysql_user == "": return api_abort(errcode=4012) orgin_data["mysql_name"] = orgin_data.get("mysql_name") or mysql_user orgin_data["mysql_passwd"] = orgin_data.get("mysql_passwd") or getRandomString() orgin_data["accept"] = orgin_data.get("accept") or "localhost" orgin_data["note"] = orgin_data.get("note") or mysql_user accept = orgin_data.get("accept") extra = {"mysql_user": mysql_user} check(Mysql, extra=extra, accept=accept) extra = {"mysql_name": orgin_data.get("mysql_name")} check(Mysql, extra=extra) create_dict = { "mysql_user": mysql_user, "mysql_passwd": orgin_data.get("mysql_passwd"), "mysql_name": orgin_data.get("mysql_name"), "accept": accept } # 创建mysql数据库 result = self.mysqlop.create_mysql(**create_dict) mysqlobj = Mysql(**orgin_data) mysqlobj.add() res = BaseResponse() res.errmsg = result res.data = mysqlobj.to_json() return res.dict
def put(self): filename = request.form.get("file") file_content = request.form.get('content') ret = self.savefile(filename, file_content) res = BaseResponse() if not ret: api_abort(httpcode=400, errcode=4025, key="文件保存失败") return res.dict
def delete(self): self.parser.parse_args() nid = request.json.get("nid") if nid == "": return api_abort(errcode=4012) soft_obj = Soft.get(nid) if soft_obj: Soft.delete(nid) res = BaseResponse() res.dict.pop("data") return res.dict else: return api_abort(errcode=4018)
def post(self): username = request.headers.get("username") oldpasswd = request.json.get("oldpasswd") newpasswd = request.json.get("newpasswd") print(username, oldpasswd, newpasswd) if username == "" or oldpasswd == "" or newpasswd == "": api_abort(errcode=4012) user_obj = User.query.filter_by(username=username).first() if not user_obj.check_password(user_obj.password, oldpasswd): api_abort(httpcode=400, errcode=4025, key="原密码不正确") User.update(user_obj.nid, {'password': User.set_password(newpasswd)}) res = BaseResponse() res.errmsg = "密码修改成功" return res.dict
def delete(self): self.parser.parse_args() nid = request.json.get("nid") if nid == "": return api_abort(errcode=4012) ftpobj = Ftp.get(nid) if ftpobj: self.ftpop.delete_ftp(ftp_user=ftpobj.ftp_user, ftp_path=ftpobj.ftp_path) Ftp.delete(nid) res = BaseResponse() res.dict.pop("data") return res.dict else: return api_abort(errcode=4018)
def before_request(): # 白名单 for white_url in WHITE_URL_LIST: if re.match(white_url, request.path): return None from api.utils.auth import verify_token auth = verify_token() if auth.get("userinfo") and auth.get("token"): return None else: return api_abort(httpcode=200, **auth)
def delete(self): self.parser.parse_args() nid = request.json.get("nid") print(nid) if nid == "": return api_abort(errcode=4012) siteobj = Site.get(nid) siteinfoobj = SiteInfo.sget(nid) if siteobj: self.siteop.delete_site(site_name=siteobj.site_name, root_path=siteobj.root_path, is_ssl=siteinfoobj.is_ssl, log_path=siteinfoobj.log_path) if siteinfoobj: SiteInfo.sdelete(nid) Site.delete(nid) res = BaseResponse() res.dict.pop("data") return res.dict else: return api_abort(errcode=4018)
def delete(self): self.parser.parse_args() nid = request.json.get("nid") if nid == "": return api_abort(errcode=4012) mysqlobj = Mysql.get(nid) if mysqlobj: delete_dict = { "mysql_user": mysqlobj.mysql_user, "mysql_name": mysqlobj.mysql_name, "accept": mysqlobj.accept } # 删除数据库 result = self.mysqlop.delete_mysql(**delete_dict) Mysql.delete(nid) res = BaseResponse() res.errmsg = result res.dict.pop("data") return res.dict else: return api_abort(errcode=4018)
def post(self): crt = request.form.get('crt') key = request.form.get('key') site_name = request.form.get('site_name') bind_domain = request.form.get('bind_domain') if site_name == "" or bind_domain == "" or crt == "" or key == "": api_abort(httpcode=400, errcode=4025, key="站点名或绑定域名或证书或秘钥内容不能为空") crttmppath = f"/tmp/{site_name}.crt" keytmppath = f"/tmp/{site_name}.key" self.save(crttmppath, crt) self.save(keytmppath, key) from OpenSSL import crypto try: cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(crttmppath).read()) subject = cert.get_subject() ssl_domain = subject.CN except: api_abort(httpcode=400, errcode=4025, key="证书文件错误") execShell(f"rm -rf {crttmppath}") execShell(f"rm -rf {keytmppath}") ssl_domain_flag = set(bind_domain.split(',')) & set([ ssl_domain, ]) if not ssl_domain_flag: api_abort(httpcode=400, errcode=4025, key=f"证书不匹配,此证书文件是{ssl_domain}") execShell(f"rm -rf {crttmppath}") execShell(f"rm -rf {keytmppath}") execShell(f"mv {crttmppath} /home/panel/ssl/{site_name}.crt") execShell(f"mv {keytmppath} /home/panel/ssl/{site_name}.key") res = BaseResponse() return res.dict
def post(self): self.parser.parse_args() orgin_data = request.json soft_name = orgin_data.get("soft_name") soft_ver = orgin_data.get("soft_ver") if soft_name == "" or soft_ver == "": return api_abort(errcode=4012) orgin_data["soft_desc"] = orgin_data.get("soft_desc") or soft_name softobj = Soft(**orgin_data) softobj.add() res = BaseResponse() res.data = softobj.to_json() return res.dict
def check(models=None, obj_domain=None, extra=None, obj_path=None, site_name=None, accept=None): if obj_domain: if type(obj_domain) == str: domains = obj_domain.split(',') else: domains = [] # 检查域名是否合法、重复 reg = "^((xn--)?[A-Za-z0-9*]{1,100}\.){1,8}((xn--)?[A-Za-z0-9]){1,24}$" for domain in domains: if not re.match(reg, domain): return api_abort(httpcode=400, errcode=4014, key=domain) if models: site = models.query.filter( models.bind_domain.contains(domain)).first() if site and site_name is None: return api_abort(httpcode=400, errcode=4016, key=domain) if extra: obj_name = extra.get("site_name") or extra.get( "ftp_user") or extra.get("mysql_user") or extra.get("mysql_name") reg = "^([A-Za-z0-9]{3,10})$" if not re.match(reg, obj_name): return api_abort(httpcode=400, errcode=4013, key=obj_name) # 检查站点名重复性 obj_obj = models.query.filter_by(**extra).first() if obj_obj: return api_abort(httpcode=400, errcode=4017, key=obj_name) if obj_path: # 检查路径是否合法 reg = "^%s\/([A-Za-z0-9]{1,20})(\/[A-Za-z0-9]{1,100}){0,10}$" % www_path.replace( "/", "\/") if not re.match(reg, obj_path): return api_abort(httpcode=422, errcode=4015, key=obj_path) if accept: reg = "^(((25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(25[0-5]|2[0-4]\d|[01]?\d\d?))?(localhost)?(%)?$" if not re.match(reg, accept): return api_abort(httpcode=422, errcode=4027, key=accept)
def put(self): self.parser.parse_args() fields = { "nid", "site_name", "bind_domain", "root_path", "site_info", "note" } orgin_data = {} if fields.issubset(set(request.json.keys())): for key in fields: orgin_data[key] = request.json.get(key) orgin_data = request.json nid = orgin_data.pop("nid") if nid == "": return api_abort(errcode=4012) bind_domain = orgin_data.get("bind_domain") # 站点名、路径不支持修改 orgin_data.pop("site_name", "") orgin_data.pop("root_path", "") site_obj = Site.get(nid) if site_obj: check(Site, obj_domain=bind_domain, site_name=site_obj.site_name) bind_domain = bind_domain or site_obj.bind_domain siteinfo_orgin_data = orgin_data.pop("site_info", {}) if siteinfo_orgin_data.get('is_log'): siteinfo_orgin_data[ "log_path"] = f'{logs_path}/{site_obj.site_name}' else: siteinfo_orgin_data["log_path"] = "" if siteinfo_orgin_data: extra_kwargs = siteinfo_orgin_data.pop("extra_kwargs", {}) if extra_kwargs: siteinfo_orgin_data["extra_kwargs"] = json.dumps( extra_kwargs) if orgin_data: site_info = SiteInfo.sget(nid) php_ver = siteinfo_orgin_data.get( 'php_ver') or site_info.php_ver domain_301 = siteinfo_orgin_data.get("domain_301") if extra_kwargs.get('set_301') and domain_301 == "": api_abort(httpcode=400, errcode=4025, key="开启301,跳转域名不能为空") check(obj_domain=domain_301) create_dict = { "site_name": site_obj.site_name, "bind_domain": bind_domain.replace(",", " "), "root_path": site_obj.root_path, "is_ssl": siteinfo_orgin_data.get('is_ssl'), "is_log": siteinfo_orgin_data.get('is_log'), "log_path": siteinfo_orgin_data.get('log_path'), "domain_301": domain_301, "default_index": site_info.default_index, "php_ver": php_ver.replace(".", ""), "extra_kwargs": extra_kwargs } # 更新站点调用 创建站点 res = self.siteop.create_site(**create_dict) if res: api_abort(httpcode=400, errcode=4025, key=res) SiteInfo.supdate(nid, siteinfo_orgin_data) Site.update(nid, orgin_data) site_dict = site_obj.to_json() if site_info: site_dict["site_info"] = site_info.to_json() res = BaseResponse() res.data = site_dict return res.dict else: # 未传入修改的值 return api_abort(errcode=4019) else: # 记录不存在 return api_abort(errcode=4018)
def put(self): self.parser.parse_args() orgin_data = request.json nid = orgin_data.pop("nid") installtype = orgin_data.get("installtype") soft_name = orgin_data.get("soft_name") soft_ver = orgin_data.get("soft_ver") if nid == "": return api_abort(errcode=4012) soft_obj = Soft.get(nid) if soft_obj: if orgin_data: softobj = Soft.query.filter_by(**{ 'soft_name': soft_name, 'is_install': 1 }).first() if softobj: api_abort(httpcode=400, errcode=4025, key=f"已安装{softobj.soft_name},若要安装新版请先卸载") softobj2 = Soft.query.filter_by(**{'is_install': 2}).first() if softobj2: api_abort(httpcode=400, errcode=4025, key=f"正在安装{softobj2.soft_name},请稍后重试") if installtype == "rpm": api_abort(httpcode=400, errcode=4025, key=f"暂时不支持极速安装") res = 0 # res = os.system(f"/bin/bash {self.shellpath}/{soft_name}_rpm.sh {soft_ver}") elif installtype == "bash": Soft.update(nid, {"is_install": 2}) res = os.system( f"/bin/bash {self.shellpath}/{soft_name}.sh {soft_ver}" ) # res = execShell(f"bash {self.shellpath}/{soft_name}.sh {soft_ver}") if res == 1: Soft.update(nid, {"is_install": 0}) api_abort(httpcode=400, errcode=4025, key=f"{soft_name}安装失败") Soft.update(nid, {"is_install": 1}) soft_dict = soft_obj.to_json() res = BaseResponse() res.data = soft_dict res.errmsg = f"正在安装{soft_name}..." return res.dict else: # 未传入修改的值 return api_abort(errcode=4019) else: # 记录不存在 return api_abort(errcode=4018)
def post(self): rets = self.siteop.check() if rets: api_abort(httpcode=400, errcode=4025, key=rets) self.parser.parse_args() orgin_data = request.json site_name = orgin_data.get("site_name", "") bind_domain = orgin_data.get("bind_domain", "") if site_name == "" or bind_domain == "": api_abort(errcode=4012) orgin_data["root_path"] = orgin_data.get( "root_path") or f'{www_path}/{site_name}' orgin_data["note"] = orgin_data.get("note") or site_name # 检查域名、路径合法性及站点、域名重复性 parms = {"site_name": site_name} check(Site, bind_domain, parms, orgin_data.get("root_path")) orgin_data.pop("ftpinfo") orgin_data.pop("mysqlinfo") # orgin_data.pop("sslinfo") siteinfo_orgin_data = orgin_data.pop("site_info", {}) if siteinfo_orgin_data.get('is_log'): siteinfo_orgin_data["log_path"] = f'{logs_path}/{site_name}' else: siteinfo_orgin_data["log_path"] = "" # 规范 port is_ssl 值 if siteinfo_orgin_data.get("port") == 80: siteinfo_orgin_data["is_ssl"] = False elif siteinfo_orgin_data.get("port") == 443: siteinfo_orgin_data["is_ssl"] = True if siteinfo_orgin_data.get("is_ssl") == False: siteinfo_orgin_data["port"] = 80 elif siteinfo_orgin_data.get("is_ssl") == True: siteinfo_orgin_data["port"] = 443 extra_kwargs = siteinfo_orgin_data.pop("extra_kwargs", {}) or extra_kwargs_dict domain_301 = siteinfo_orgin_data.get("domain_301") if extra_kwargs.get('set_301') and domain_301 == "": api_abort(httpcode=400, errcode=4025, key="开启301,跳转域名不能为空") check(obj_domain=domain_301) siteinfo_orgin_data["extra_kwargs"] = json.dumps(extra_kwargs) phpver = siteinfo_orgin_data.get("php_ver") or php_ver create_dict = { "site_name": site_name, "bind_domain": bind_domain.replace(",", " "), "root_path": orgin_data.get("root_path"), "is_ssl": siteinfo_orgin_data.get("is_ssl") or False, "is_log": siteinfo_orgin_data.get('is_log') or False, "log_path": siteinfo_orgin_data.get("log_path"), "domain_301": siteinfo_orgin_data.get("domain_301") or "", "default_index": siteinfo_orgin_data.get("default_index") or default_index, "php_ver": phpver.replace(".", ""), "extra_kwargs": extra_kwargs } # 创建站点 res = self.siteop.create_site(**create_dict) if res: api_abort(httpcode=400, errcode=4025, key=res) siteobj = Site(**orgin_data) siteobj.add() site_dict = siteobj.to_json() siteinfo_orgin_data["site_id"] = siteobj.nid siteinfoobj = SiteInfo(**siteinfo_orgin_data) siteinfoobj.add() site_info = SiteInfo.sget(siteobj.nid) if site_info: site_dict["site_info"] = site_info.to_json() res = BaseResponse() res.data = site_dict return res.dict