Source

HackersEdge / he_one / ajax.py

Full commit
Kevin Veroneau 8d6c3a4 


























































































































































from dajax.core import Dajax
from dajaxice.decorators import dajaxice_register
from django.contrib.auth.decorators import login_required
from django.contrib.auth.models import User
from he_one.models import Host, UserPermission, Mailbox, FilePermission, Log
from django.contrib import messages
import datetime

class Ajax(Dajax):
    def append_message(self, tag, message):
        self.add_data({'tag':tag, 'message':message}, 'append_message')
    def error(self, message):
        self.append_message('error', message)
        return self.json()
    def success(self, message):
        self.append_message('info', message)
        return self.json()

@dajaxice_register(method='GET')
def message_push(req):
    dajax = Ajax()
    dajax.error('Some informational.')
    return dajax.json()

@login_required
@dajaxice_register(name='host.user_perms')
def add_user(req, username, perm_set={}):
    dajax = Ajax()
    log = Log(by_who=req.user, logged_at=datetime.datetime.now())
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        return dajax.error('User does not exist.')
    if 'host_ip' not in perm_set:
        return dajax.error('No Host IP address specified.')
    try:
        host = Host.objects.get(owner=req.user, ip=perm_set['host_ip'])
    except Host.DoesNotExist:
        return dajax.error('The specified host could not be found under your ownership.')
    try:
        perms = UserPermission.objects.get(user=user, host=host)
        if 'is_staff' in perm_set:
            perms.is_staff = perm_set['is_staff']
        if 'is_superuser' in perm_set:
            perms.is_superuser = perm_set['is_superuser']
        perms.save()
        log.message = "Updated permissions on user %s" % username
        log.save()
        host.logs.add(log)
        return dajax.success('The user permissions have been updated.')
    except UserPermission.DoesNotExist:
        UserPermission.objects.create(user=user, host=host, is_staff=perm_set.get('is_staff', False), is_superuser=perm_set.get('is_superuser', False))
    log.message = "Added user %s" % username
    log.save()
    host.logs.add(log)
    messages.success(req, "User was added successfully.")
    dajax.redirect(host.get_absolute_url())
    return dajax.json()

@login_required
@dajaxice_register(name='host.add_mailbox')
def add_mailbox(req, username, host_ip):
    dajax = Ajax()
    log = Log(by_who=req.user, logged_at=datetime.datetime.now())
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        return dajax.error('User does not exist.')
    try:
        host = Host.objects.get(owner=req.user, ip=host_ip)
    except Host.DoesNotExist:
        return dajax.error('The specified host could not be found under your ownership.')
    if not host.supports_mail:
        return dajax.error('This host does not support mail routing.')
    try:
        host.mailboxes.get(owner=user)
        return dajax.error('A mailbox already exists for this user.')
    except Mailbox.DoesNotExist:
        mbx = Mailbox.objects.create(owner=user)
        mbx.messages.create(from_user=req.user, to_user=user, subject="Welcome to %s" % host, body="Welcome to your new mailbox!")
        host.mailboxes.add(mbx)
    log.message = "Created Mailbox for %s" % username
    log.save()
    host.logs.add(log)
    messages.success(req, "Mailbox was added successfully.")
    dajax.redirect(host.get_absolute_url())
    return dajax.json()

@login_required
@dajaxice_register(name='host.rm_mailbox')
def rm_mailbox(req, mbx_id, host_ip):
    dajax = Ajax()
    log = Log(by_who=req.user, logged_at=datetime.datetime.now())
    try:
        host = Host.objects.get(owner=req.user, ip=host_ip)
    except Host.DoesNotExist:
        return dajax.error('The specified host could not be found under your ownership.')
    if not host.supports_mail:
        return dajax.error('This host does not support mail routing.')
    try:
        mbx = host.mailboxes.get(pk=mbx_id)
    except Mailbox.DoesNotExist:
        return dajax.error('This mailbox does not exist on this host.')
    mbx.messages.all().delete()
    log.message = "Deleted Mailbox for %s" % mbx.owner
    mbx.delete()
    log.save()
    host.logs.add(log)
    messages.success(req, "Mailbox was deleted successfully.")
    dajax.redirect(host.get_absolute_url())
    return dajax.json()

@login_required
@dajaxice_register(name='host.rm_file')
def rm_pcfile(req, file_id):
    dajax = Ajax()
    log = Log(by_who=req.user, logged_at=datetime.datetime.now())
    try:
        pcfile = FilePermission.objects.get(pk=file_id)
    except FilePermission.DoesNotExist:
        return dajax.error('The specified file does not exist.')
    host = pcfile.host
    if host.owner != req.user:
        log.message = "Attempted to delete %s" % pcfile.pcfile
        log.save()
        host.logs.add(log)
        return dajax.error('You do not have such permissions to this host.')
    log.message = "Deleted file %s" % pcfile.pcfile
    pcfile.delete()
    log.save()
    host.logs.add(log)
    messages.success(req, "File has been deleted.")
    dajax.redirect(host.get_absolute_url())
    return dajax.json()

@login_required
@dajaxice_register(name='host.rm_log')
def rm_pclog(req, log_id, host_ip):
    dajax = Ajax()
    try:
        host = Host.objects.get(owner=req.user, ip=host_ip)
    except Host.DoesNotExist:
        return dajax.error('The specified host could not be found under your ownership.')
    if log_id == 'ALL':
        host.logs.all().delete()
        messages.success(req, "All Logs have been cleared.")
        dajax.redirect(host.get_absolute_url())
        return dajax.json()
    try:
        log = host.logs.get(pk=log_id)
    except Log.DoesNotExist:
        return dajax.error('The log you attempted to delete does not exist.')
    log.delete()
    messages.success(req, "Log has been deleted.")
    dajax.redirect(host.get_absolute_url())
    return dajax.json()