ok
Direktori : /usr/share/l.v.e-manager/panelless-version/daemon/ |
Current File : //usr/share/l.v.e-manager/panelless-version/daemon/utils.py |
# coding=utf-8 # # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENSE.TXT # import asyncio import collections import json import os import re import ssl import subprocess from concurrent.futures.process import ProcessPoolExecutor import configparser from aiohttp import web from clcommon.ui_config import UIConfig from clcommon.cpapi import is_panel_feature_supported from constants import * PANEL_CONFIG = '/opt/cpvendor/etc/integration.ini' config_parser = configparser.ConfigParser(interpolation=None, strict=False) config_parser.read(PANEL_CONFIG) def run_cmd_pw_runner(pw, cmd): """ Drop privileges and run command This function run in other process :param pw: password database entry :param cmd: command to run :return: return retcode, stdout, stderr """ if not is_reseller(pw.pw_name) and not is_admin(pw.pw_name): drop_admin(pw.pw_uid, pw.pw_gid) return run_cmd(cmd) async def run_cmd_pw(pw, cmd): """ Run cmd async :param pw: password database entry :param cmd: command to run :return: return retcode, stdout, stderr """ loop = asyncio.get_event_loop() executor = ProcessPoolExecutor(max_workers=1) result = await loop.run_in_executor( executor, run_cmd_pw_runner, pw, cmd) return result def drop_admin(uid, gid): """ Drop privileges to user :param uid: user id :param gid: user grp """ os.setgroups([]) os.setgid(gid) os.setuid(uid) def run_cmd(cmd): """ Run subprocess :param cmd: command to run :return: return retcode, stdout, stderr """ if isinstance(cmd, str): cmd = cmd.split(' ') proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) stdout, stderr = proc.communicate() return proc.returncode, stdout.decode(), stderr.decode() DICT_PARAM = r'^(.*)\[(.*)\]$' def parse_params(params): """ Parse request params array :param params: :return: dict """ result = collections.defaultdict(dict) for key in params.keys(): res = re.match(DICT_PARAM, key) if res: result[res[1]][res[2]] = params.get(key) else: result[key] = params.get(key) return result def get_service_port(): """ Read config file and find custom service port :return: port """ try: service_port = config_parser.get('lvemanager_config', 'service_port') except configparser.NoOptionError: return DEFAULT_PORT except configparser.NoSectionError: raise web.HTTPBadRequest(body='Bad configuration file') return int(service_port) def get_ssl_context(): """ Read config file and find custom ssl settings :return: port """ try: use_ssl = config_parser.get('lvemanager_config', 'use_ssl') crtfile = config_parser.get('lvemanager_config', 'ssl_cert') keyfile = config_parser.get('lvemanager_config', 'ssl_key') except configparser.NoOptionError: return None except configparser.NoSectionError: raise web.HTTPBadRequest(body='Bad configuration file') if use_ssl and int(use_ssl): ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_context.load_cert_chain(crtfile, keyfile) return ssl_context async def get_user_data(user_data): """ Read config file, find user information script and run it :param user_data: :return: """ try: ui_user_info_cli = config_parser.get('lvemanager_config', 'ui_user_info') except configparser.NoSectionError: raise web.HTTPBadRequest(body='Bad configuration file') (retcode, stdout, stderr) = await run_cmd_pw(user_data['pw'], ui_user_info_cli) try: result = json.loads(stdout) result['userName'] = user_data['pw'].pw_name result['userType'] = user_data['type'] except Exception: raise web.HTTPBadRequest(body='Bad user information script') return result def is_admin(username): """ Check if given user is an admin :param username: The name of reseller :return: boolean """ return username in get_admins() def is_reseller(username): """ Check if given user is a reseller :param username: The name of reseller :return: boolean """ return username in get_resellers() def get_admins(): """ Get list of all admins :return: List of admins """ script = config_parser.get('integration_scripts', 'admins') admins = json.loads(subprocess.check_output(script, shell=True, executable='/bin/bash')) return [a['unix_user'] for a in admins['data']] def get_resellers(): """ Get list of all resellers :return: List of resellers """ script = config_parser.get('integration_scripts', 'resellers') resellers = json.loads(subprocess.check_output(script, shell=True, executable='/bin/bash')) return [r['name'] for r in resellers['data']] def get_user_type(username): """ Get type of given user (admin, reseller, user) :param username: User name :return: String (admin|reseller|user) """ if is_admin(username): return TYPE_ADMIN elif is_reseller(username): return TYPE_RESELLER return TYPE_USER def get_user_plugins(): """ Get available plugins for end-user :return: list like [{'key': 'plugin', 'name': 'Main plugin'}, ...] """ plugins = [] for plugin_name, plugin_value in PLUGINS.items(): ui_option = plugin_value['ui_option'] if show_plugin(plugin_name, ui_option): plugins.append({'key': plugin_name, 'name': plugin_value['title']}) return plugins def show_plugin(app_name, ui_option): """ Detect if we need to show plugin for end-user :return: boolean """ return UIConfig().get_param(ui_option, 'uiSettings') == False \ and (app_name == 'resource_usage' or is_panel_feature_supported(app_name))