def _getclientlist(request, server, search = True): if has_server_perm(request.user, perm.VIEW_HIGH_LEVEL_CLIENT, server): clients = Client.objects.using(server).filter(id__gt=1) else: clients = Client.objects.using(server).filter(Q(group__level__lt=settings.HIGH_LEVEL_CLIENT) | Q(group__isnull=True), id__gt=1) if search: try: field = request.GET['type'] except MultiValueDictKeyError, e: logger.warning(str(e)) field = request.GET['?type'] data = request.GET['data'] filter = field if field == 'name': clients = clients.filter(Q(name__icontains=data) | Q(aliases__alias__icontains=data)).distinct() elif field == 'pbid': clients = clients.filter(pbid__icontains=data).distinct() elif field == 'id': try: clients = clients.filter(id=int(data)) except: clients =[] elif field == 'ip': if settings.SUPPORT_IP_ALIASES: clients = clients.filter(Q(ip__startswith=data) | Q(ip_aliases__ip__startswith=data)).distinct() else: clients = clients.filter(ip__startswith=data).distinct()
def get_group_list(request, client): dict = {} query = Group.objects.using(request.server) groups= [] if has_server_perm(request.user, perm.CLIENT_GROUP_CHANGE, request.server): server = Server.objects.get(pk=request.server) if (request.user.is_superuser or server.is_owner(request.user)): groups = query.all() else: groups = query.all().exclude(level=100) elif client.group_id == 2 and has_server_perm(request.user, perm.CLIENT_REMOVE_REGULAR, request.server): if has_server_perm(request.user, perm.CLIENT_REMOVE_REGISTER, request.server): groups = query.filter(level__lte=2) else: groups = query.filter(level__lte=2).exclude(level=0) elif client.group_id < 2: if has_server_perm(request.user, perm.CLIENT_REGULAR, request.server): if has_server_perm(request.user, perm.CLIENT_REMOVE_REGISTER, request.server): groups = query.filter(level__lte=2) else: groups = query.filter(level__lte=2).exclude(level=0) elif client.group_id == 1 and has_server_perm(request.user, perm.CLIENT_REMOVE_REGISTER, request.server): groups = query.filter(level__lte=1) elif client.group_id == 0 and has_server_perm(request.user, perm.CLIENT_REGISTER, request.server): groups = query.filter(level__lte=1).exclude(level=0) for group in groups: dict[group.id]=str(group) return dict
def more_logs(request, id): client = get_object_or_404(Client, id=id, using=request.server) if has_server_perm(request.user, perm.VIEW_AUDITLOGS, request.server): client_auditlogs = _paginate(request, Auditor.objects.get_by_client(client.id, request.server)) else: client_auditlogs = _paginate(request, Auditor.objects.get_by_client_n_user(client.id, request.server, request.user)) #client_auditlogs = _paginate(request, Auditor.objects.get_by_client(client.id, request.server)) return {'client_auditlogs': client_auditlogs, 'client': client}
def home(request): if not has_server_perm(request.user, perm.RCON, request.server): raise Http403 server = get_object_or_404(Server, uuid=request.server) if not server.is_rcon_supported: raise Http503(_('Server %s does not have RCON support enabled.' % server.name)) # TODO load handler based on server handler = find_handler_for_game(server.game) if not handler: raise Http503(_('No valid handler found for game %s.' % server.game)) h = handler(server=server) return {'form': h.form}
def client(request, id): client = get_object_or_404(Client, id=id, using=request.server) try: if client.group.level >= settings.HIGH_LEVEL_CLIENT: if not has_server_perm(request.user, perm.VIEW_HIGH_LEVEL_CLIENT, request.server): messages.warning(request, _('You are not authorized to view details about this player.')) raise Http403 except Group.DoesNotExist: pass except Exception, e: logger.exception(str(e)) raise
def addpenalty(request, id, notice=False): if notice: if not has_any_server_perms(request.user, [perm.ADD_NOTICE, perm.ADD_PENALTY], request.server): raise Http403 else: if not has_server_perm(request.user, perm.ADD_PENALTY, request.server): raise Http403 client = get_object_or_404(Client, id=id, using=request.server) if notice: frmObj = NoticeForm else: frmObj = PenaltyForm if request.method == 'POST': form = frmObj(request.POST) if form.is_valid(): p = Penalty(client=client, reason= form.cleaned_data['reason'], time_edit=datetime.datetime.now(), time_add=datetime.datetime.now(), data= "UP#%s" % request.user.username, admin_id=0) if form.Meta.type == 1: p.duration=0 p.type='Notice' else: if form.cleaned_data['permanent']: p.duration=0 p.type='Ban' else: #dt = time2minutes(str(form.cleaned_data['time'])+form.cleaned_data['time_type']) p.duration = form.cleaned_data['time'] p.type='TempBan' p.save(using=request.server) Auditor.objects.create(user=request.user, server_id=request.server, clientid=client.id, message=_("Add \"%s\"") % str(p)) try: signals.add_penalty.send(sender=p, user=request.user, client=client, penalty=p, server=request.server) except Exception, e: logger.error(str(e)) if notice: messages.success(request, _('Notice added successfully.')) else: messages.success(request, _('Penalty added successfully.')) return HttpResponse("{\"sucess\": true}", mimetype='application/json')
def execute(request): if not has_server_perm(request.user, perm.RCON, request.server): raise Http403 if request.method != 'POST': raise Http403 server = get_object_or_404(Server, uuid=request.server) if not server.is_rcon_supported: raise Http503(_('Server %s does not have RCON support enabled.' % server.name)) handler = find_handler_for_game(server.game) if not handler: raise Http503(_('No valid handler found for game %s.' % server.game)) h = handler(server=server, data=request.POST) try: resp = h.execute() except ValidationError, ve: logger.error(ve.messages) return {'success': False, 'response': ve.messages}
def game_status(request): if not has_server_perm(request.user, perm.RCON, request.server): raise Http403 if request.method != 'POST': raise Http403 server = get_object_or_404(Server, uuid=request.server) if not server.is_rcon_supported: raise Http503(_('Server %s does not have RCON support enabled.' % server.name)) handler = find_handler_for_game(server.game) if not handler: raise Http503(_('No valid handler found for game %s.' % server.game)) h = handler(server=server) try: currentMap, clientList = h.get_status() except Exception, e: logger.exception(str(e)) return {'error': str(e)}
def direct(request): if request.method != 'POST': raise Http403 pid = request.POST.get('playerid') next = request.POST.get('next') server = request.POST.get('server') if not has_server_perm(request.user, perm.VIEW_CLIENT, server): messages.error(request, _('You don\'t have enough permissions to search on that server.')) return HttpResponseRedirect(next) try: pid = int(pid) except: messages.error(request, _('You entered an invalid player id.')) return HttpResponseRedirect(next) try: player = Client.objects.using(server).get(id=pid) except Client.DoesNotExist: messages.warning(request, _('A player with id %d was not found.' % pid)) return HttpResponseRedirect(next) return HttpResponseRedirect(urlreverse("client_detail",server=request.server,kwargs={'id':player.id}))
def __getitem__(self, perm_name): return has_server_perm(self.user,"%s.%s" % (self.module_name, perm_name), self.server)
def map_editor(request, id): server = get_object_or_404(Server, pk=id) if not has_server_perm(request.user, perm.MAP_EDIT, id): pass maps = Map.objects.filter(server=server) return {'maps': maps, 'server': server}
def change_clientgroup(request, id): if request.method != 'POST': raise Http403 g = int(request.POST.get('value')) if not has_server_perm(request.user, perm.CLIENT_GROUP_CHANGE, request.server): if g < 2 and has_any_server_perms(request.user, [perm.CLIENT_REGISTER, perm.CLIENT_REGULAR, perm.CLIENT_REMOVE_REGULAR, perm.CLIENT_REMOVE_REGISTER], request.server): pass elif g == 2 and has_server_perm(request.user, perm.CLIENT_REGULAR, request.server): pass else: raise Http403 group = get_object_or_404(Group, id=g, using=request.server) client = get_object_or_404(Client, id=id, using=request.server) try: currentLevel = client.group.level if client.group else 0 except Group.DoesNotExist: currentLevel = 0 if g == 100 or currentLevel == 100: server = get_object_or_404(Server, pk=request.server) if not (request.user.is_superuser or server.is_owner(request.user)): raise Http403 if client.group_id > group.id: if client.group_id == 2 and has_server_perm(request.user, perm.CLIENT_REMOVE_REGULAR, request.server): pass elif client.group_id == 1 and has_server_perm(request.user, perm.CLIENT_REMOVE_REGISTER, request.server): pass elif has_server_perm(request.user, perm.CLIENT_GROUP_CHANGE, request.server): pass else: messages.error(request, _('You are not authorized to update this client at this time.')) return HttpResponse(str(client.group), mimetype='plain/text') upgrade = False else: upgrade = True client.group = group client.save() if upgrade: Auditor.objects.create(user=request.user, server_id=request.server, clientid=client.id, message=_("Upgrade client to \"%s\"") % group.name) else: Auditor.objects.create(user=request.user, server_id=request.server, clientid=client.id, message=_("Downgrade client to \"%s\"") % group.name) try: signals.update_player_group.send(sender=client, user=request.user, client=client, server=request.server) except Exception, e: logger.error(str(e))
def _get_banlist(request): if not has_server_perm(request.user, perm.VIEW_PENALTY, request.server): return [] banlist = IpBanList(request.server) return banlist.get_list()
client = get_object_or_404(Client, id=id, using=request.server) try: if client.group.level >= settings.HIGH_LEVEL_CLIENT: if not has_server_perm(request.user, perm.VIEW_HIGH_LEVEL_CLIENT, request.server): messages.warning(request, _('You are not authorized to view details about this player.')) raise Http403 except Group.DoesNotExist: pass except Exception, e: logger.exception(str(e)) raise server = Server.objects.get(uuid=request.server) if has_server_perm(request.user, perm.VIEW_AUDITLOGS, request.server): client_auditlogs = _paginate(request, Auditor.objects.get_by_client(client.id, request.server)) else: client_auditlogs = _paginate(request, Auditor.objects.get_by_client_n_user(client.id, request.server, request.user)) #client_auditlogs = None client_admactions = _paginate(request, client.adminpenalties.all()) if is_plugin_enabled(server, "auditor"): client_actions = _paginate(request, client.commands.all()) client_adm_actions = _paginate(request, client.admin_logs.all()) else: client_actions = None client_adm_actions = None return {'client': client,