Merge branch 'dev' of github.com:bunkerity/bunkerweb into dev

DitZii · May 6, 2023 · a086ff6 · a086ff6
2 parents a286e7b + 5a233ff
commit a086ff6
Show file tree

Hide file tree

Showing 11 changed files with 157 additions and 59 deletions.
diff --git a/src/common/db/model.py b/src/common/db/model.py
@@ -8,7 +8,6 @@
     Integer,
     LargeBinary,
     PrimaryKeyConstraint,
-    SmallInteger,
     String,
 )
 from sqlalchemy.orm import declarative_base, relationship
@@ -53,7 +52,7 @@
 
 
 class Plugins(Base):
-    __tablename__ = "plugins"
+    __tablename__ = "bw_plugins"
 
     id = Column(String(64), primary_key=True)
     order = Column(Integer, nullable=False)
@@ -74,7 +73,7 @@ class Plugins(Base):
 
 
 class Settings(Base):
-    __tablename__ = "settings"
+    __tablename__ = "bw_settings"
     __table_args__ = (
         PrimaryKeyConstraint("id", "name"),
         UniqueConstraint("id"),
@@ -85,7 +84,7 @@ class Settings(Base):
     name = Column(String(256), primary_key=True)
     plugin_id = Column(
         String(64),
-        ForeignKey("plugins.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_plugins.id", onupdate="cascade", ondelete="cascade"),
         nullable=False,
     )
     context = Column(CONTEXTS_ENUM, nullable=False)
@@ -107,22 +106,22 @@ class Settings(Base):
 
 
 class Global_values(Base):
-    __tablename__ = "global_values"
+    __tablename__ = "bw_global_values"
 
     setting_id = Column(
         String(256),
-        ForeignKey("settings.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_settings.id", onupdate="cascade", ondelete="cascade"),
         primary_key=True,
     )
     value = Column(String(4096), nullable=False)
-    suffix = Column(SmallInteger, primary_key=True, nullable=True, default=0)
+    suffix = Column(Integer, primary_key=True, nullable=True, default=0)
     method = Column(METHODS_ENUM, nullable=False)
 
     setting = relationship("Settings", back_populates="global_value")
 
 
 class Services(Base):
-    __tablename__ = "services"
+    __tablename__ = "bw_services"
 
     id = Column(String(64), primary_key=True)
     method = Column(METHODS_ENUM, nullable=False)
@@ -137,34 +136,34 @@ class Services(Base):
 
 
 class Services_settings(Base):
-    __tablename__ = "services_settings"
+    __tablename__ = "bw_services_settings"
 
     service_id = Column(
         String(64),
-        ForeignKey("services.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_services.id", onupdate="cascade", ondelete="cascade"),
         primary_key=True,
     )
     setting_id = Column(
         String(256),
-        ForeignKey("settings.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_settings.id", onupdate="cascade", ondelete="cascade"),
         primary_key=True,
     )
     value = Column(String(4096), nullable=False)
-    suffix = Column(SmallInteger, primary_key=True, nullable=True, default=0)
+    suffix = Column(Integer, primary_key=True, nullable=True, default=0)
     method = Column(METHODS_ENUM, nullable=False)
 
     service = relationship("Services", back_populates="settings")
     setting = relationship("Settings", back_populates="services")
 
 
 class Jobs(Base):
-    __tablename__ = "jobs"
+    __tablename__ = "bw_jobs"
     __table_args__ = (UniqueConstraint("name", "plugin_id"),)
 
     name = Column(String(128), primary_key=True)
     plugin_id = Column(
         String(64),
-        ForeignKey("plugins.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_plugins.id", onupdate="cascade", ondelete="cascade"),
     )
     file_name = Column(String(256), nullable=False)
     every = Column(SCHEDULES_ENUM, nullable=False)
@@ -177,7 +176,7 @@ class Jobs(Base):
 
 
 class Plugin_pages(Base):
-    __tablename__ = "plugin_pages"
+    __tablename__ = "bw_plugin_pages"
 
     id = Column(
         Integer,
@@ -186,7 +185,7 @@ class Plugin_pages(Base):
     )
     plugin_id = Column(
         String(64),
-        ForeignKey("plugins.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_plugins.id", onupdate="cascade", ondelete="cascade"),
         nullable=False,
     )
     template_file = Column(LargeBinary(length=(2**32) - 1), nullable=False)
@@ -198,7 +197,7 @@ class Plugin_pages(Base):
 
 
 class Jobs_cache(Base):
-    __tablename__ = "jobs_cache"
+    __tablename__ = "bw_jobs_cache"
     __table_args__ = (UniqueConstraint("job_name", "service_id", "file_name"),)
 
     id = Column(
@@ -208,12 +207,12 @@ class Jobs_cache(Base):
     )
     job_name = Column(
         String(128),
-        ForeignKey("jobs.name", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_jobs.name", onupdate="cascade", ondelete="cascade"),
         nullable=False,
     )
     service_id = Column(
         String(64),
-        ForeignKey("services.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_services.id", onupdate="cascade", ondelete="cascade"),
         nullable=True,
     )
     file_name = Column(
@@ -229,7 +228,7 @@ class Jobs_cache(Base):
 
 
 class Custom_configs(Base):
-    __tablename__ = "custom_configs"
+    __tablename__ = "bw_custom_configs"
     __table_args__ = (UniqueConstraint("service_id", "type", "name"),)
 
     id = Column(
@@ -239,7 +238,7 @@ class Custom_configs(Base):
     )
     service_id = Column(
         String(64),
-        ForeignKey("services.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_services.id", onupdate="cascade", ondelete="cascade"),
         nullable=True,
     )
     type = Column(CUSTOM_CONFIGS_TYPES_ENUM, nullable=False)
@@ -252,11 +251,11 @@ class Custom_configs(Base):
 
 
 class Selects(Base):
-    __tablename__ = "selects"
+    __tablename__ = "bw_selects"
 
     setting_id = Column(
         String(256),
-        ForeignKey("settings.id", onupdate="cascade", ondelete="cascade"),
+        ForeignKey("bw_settings.id", onupdate="cascade", ondelete="cascade"),
         primary_key=True,
     )
     value = Column(String(256), primary_key=True)
@@ -265,15 +264,15 @@ class Selects(Base):
 
 
 class Instances(Base):
-    __tablename__ = "instances"
+    __tablename__ = "bw_instances"
 
     hostname = Column(String(256), primary_key=True)
     port = Column(Integer, nullable=False)
     server_name = Column(String(256), nullable=False)
 
 
 class Metadata(Base):
-    __tablename__ = "metadata"
+    __tablename__ = "bw_metadata"
 
     id = Column(Integer, primary_key=True, default=1)
     is_initialized = Column(Boolean, nullable=False)

diff --git a/src/common/utils/ApiCaller.py b/src/common/utils/ApiCaller.py
@@ -138,14 +138,16 @@ def _send_to_apis(
                         f"Successfully sent API request to {api.get_endpoint()}{url}",
                     )
 
-            if response:
-                instance = api.get_endpoint().replace("http://", "").split(":")[0]
-                if isinstance(resp, dict):
-                    responses[instance] = resp
-                else:
-                    responses[instance] = resp.json()
+                    if response:
+                        instance = (
+                            api.get_endpoint().replace("http://", "").split(":")[0]
+                        )
+                        if isinstance(resp, dict):
+                            responses[instance] = resp
+                        else:
+                            responses[instance] = resp.json()
 
-        if response:
+        if response and responses:
             return ret, responses
         return ret
 

diff --git a/src/ui/main.py b/src/ui/main.py
@@ -54,7 +54,8 @@
 from kubernetes import config as kube_config
 from kubernetes.client.exceptions import ApiException as kube_ApiException
 from os import _exit, getenv, getpid, listdir
-from re import match as re_match
+from re import compile as re_compile
+from regex import match as regex_match
 from requests import get
 from shutil import move, rmtree
 from signal import SIGINT, signal, SIGTERM
@@ -135,8 +136,13 @@ def handle_stop(signum, frame):
     logger.error("ADMIN_PASSWORD is not set")
     stop(1)
 
-if not vars.get("FLASK_DEBUG", False) and vars["ADMIN_PASSWORD"] == "changeme":
-    logger.error("Please change the default admin password.")
+if not vars.get("FLASK_DEBUG", False) and not regex_match(
+    r"^(?=.*?\p{Lowercase_Letter})(?=.*?\p{Uppercase_Letter})(?=.*?\d)(?=.*?[ !\"#$%&'()*+,\-./:;<=>?@[\\\]^_`{|}~]).{8,}$",
+    vars["ADMIN_PASSWORD"],
+):
+    logger.error(
+        "The admin password is not strong enough. It must contain at least 8 characters, including at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character (#@?!$%^&*-)."
+    )
     stop(1)
 
 if not vars["ABSOLUTE_URI"].endswith("/"):
@@ -231,6 +237,8 @@ def handle_stop(signum, frame):
     logger.error(repr(e), e.filename)
     stop(1)
 
+plugin_id_rx = re_compile(r"^[\w_-]{1,64}$")
+
 # Declare functions for jinja2
 app.jinja_env.globals.update(check_settings=check_settings)
 
@@ -1222,7 +1230,7 @@ def upload_plugin():
 @app.route("/plugins/<plugin>", methods=["GET", "POST"])
 @login_required
 def custom_plugin(plugin):
-    if not re_match(r"^[a-zA-Z0-9_-]{1,64}$", plugin):
+    if not plugin_id_rx.match(plugin):
         flash(
             f"Invalid plugin id, <b>{plugin}</b> (must be between 1 and 64 characters, only letters, numbers, underscores and hyphens)",
             "error",

diff --git a/src/ui/requirements.in b/src/ui/requirements.in
@@ -6,3 +6,4 @@ python_dateutil==2.8.2
 bcrypt==4.0.1
 gunicorn==20.1.0
 gevent==22.10.2
+regex==2023.5.5