o

��hp��@s
dd
lZdd
l
Z
dd
lZdd
lZddlmZ
ddlmZ
ddlm	Z	
e
j
�d�

dd
lZej
�dd�
e��
dd	lmZmZ
dd
lmZ
ddlmZ
ddlmZmZmZmZmZ
dd
lZdd
lmZm Z 
ddl!m"Z"
ddl#m#Z$
ddl%m&Z&
ddl'm(Z(
Gdd�d�Z)d
S)�N)
�ApacheVhost)
�
PDNSStatus�
)
�ProcessUtilities�/usr/local/CyberCP�DJANGO_SETTINGS_MODULEzCyberCP.settings)�
Administrator�ACL�
�HttpResponse)
�Package)�Websites�ChildDomains�aliasDomains�DockerSites�WPSites)�call�CalledProcessError)
�split)
�CyberCPLogFileWriter)
�
Containers)
�compilec@s�eZ
dZd
ZdZdZedd��
Zedd��
Zedd	��
Z	ed
d��
Z
edd
��
Zedd��
Zedd��
Z
ed~dd�
�
Zedd��
Zedd��
Zedd��
Zedd��
Zedd��
Zedd ��
Zedd!d"�
�
Zed#d$��
Zed%d&��
Zed'd(��
Zed)d*��
Zed+d,��
Zed-d.��
Zed/d0��
Zed1d2��
Zed~d3d4�
�
Zed5d6��
Zed7d8��
Z ed�d:d;�
�
Z!ed<d=��
Z"ed>d?��
Z#ed@dA��
Z$edBdC��
Z%edDdE��
Z&edFdG��
Z'edHdI��
Z(edJdK��
Z)edLdM��
Z*edNdO��
Z+edPdQ��
Z,edRdS��
Z-edTdU��
Z.edVdW��
Z/edXdY��
Z0edZd[��
Z1ed\d]��
Z2ed~d^d_�
�
Z3ed`da��
Z4edbdc��
Z5eddde��
Z6edfdg��
Z7edhdi��
Z8edjdk��
Z9edldm��
Z:edndo��
Z;edpdq��
Z<edrds��
Z=edtdu��
Z>edvdw��
Z?edxdy��
Z@edzd{��
ZAed|d}��
ZBdS)��
ACLManagera0{"adminStatus":1, "versionManagement": 1, "createNewUser": 1, "listUsers": 1, "deleteUser":1 , "resellerCenter": 1, "changeUserACL": 1, "createWebsite": 1, "modifyWebsite": 1, "suspendWebsite": 1, "deleteWebsite": 1, "createPackage": 1, "listPackages": 1, "deletePackage": 1, "modifyPackage": 1, "createDatabase": 1, "deleteDatabase": 1, "listDatabases": 1, "createNameServer": 1, "createDNSZone": 1, "deleteZone": 1, "addDeleteRecords": 1, "createEmail": 1, "listEmails": 1, "deleteEmail": 1, "emailForwarding": 1, "changeEmailPassword": 1, "dkimManager": 1, "createFTPAccount": 1, "deleteFTPAccount": 1, "listFTPAccounts": 1, "createBackup": 1, "restoreBackup": 1, "addDeleteDestinations": 1, "scheduleBackups": 1, "remoteBackups": 1, "googleDriveBackups": 1, "manageSSL": 1, "hostnameSSL": 1, "mailServerSSL": 1 }a1{"adminStatus":0, "versionManagement": 1, "createNewUser": 1, "listUsers": 1, "deleteUser": 1 , "resellerCenter": 1, "changeUserACL": 0, "createWebsite": 1, "modifyWebsite": 1, "suspendWebsite": 1, "deleteWebsite": 1, "createPackage": 1, "listPackages": 1, "deletePackage": 1, "modifyPackage": 1, "createDatabase": 1, "deleteDatabase": 1, "listDatabases": 1, "createNameServer": 1, "createDNSZone": 1, "deleteZone": 1, "addDeleteRecords": 1, "createEmail": 1, "listEmails": 1, "deleteEmail": 1, "emailForwarding": 1, "changeEmailPassword": 1, "dkimManager": 1, "createFTPAccount": 1, "deleteFTPAccount": 1, "listFTPAccounts": 1, "createBackup": 1, "restoreBackup": 1, "addDeleteDestinations": 0, "scheduleBackups": 0, "remoteBackups": 0, "googleDriveBackups": 1, "manageSSL": 1, "hostnameSSL": 0, "mailServerSSL": 0 }a1{"adminStatus":0, "versionManagement": 1, "createNewUser": 0, "listUsers": 0, "deleteUser": 0 , "resellerCenter": 0, "changeUserACL": 0, "createWebsite": 0, "modifyWebsite": 0, "suspendWebsite": 0, "deleteWebsite": 0, "createPackage": 0, "listPackages": 0, "deletePackage": 0, "modifyPackage": 0, "createDatabase": 1, "deleteDatabase": 1, "listDatabases": 1, "createNameServer": 0, "createDNSZone": 1, "deleteZone": 1, "addDeleteRecords": 1, "createEmail": 1, "listEmails": 1, "deleteEmail": 1, "emailForwarding": 1, "changeEmailPassword": 1, "dkimManager": 1, "createFTPAccount": 1, "deleteFTPAccount": 1, "listFTPAccounts": 1, "createBackup": 1, "restoreBackup": 0, "addDeleteDestinations": 0, "scheduleBackups": 0, "remoteBackups": 0, "googleDriveBackups": 1, "manageSSL": 1, "hostnameSSL": 0, "mailServerSSL": 0 }cCs |d
dkrdS|
|krdSdS�N�adminrr
���
currentACL�owner�userrr�"/usr/local/CyberCP/plogical/acl.py�VerifySMTPHost7s



zACLManager.VerifySMTPHostcCs$|d
dkrdS|
jj
|krdSdSr)�domainOwner�name)r�record�domainrrr �VerifyRecordOwner@s



zACLManager.VerifyRecordOwnercCs>tj
j|
d
�
}tj
j|d�
}|ddkrdS|j|krdSdS)N)
�aliasDomain�
r%rrr
)r�objects�getr
�master)rr'r+�aliasOBJ�	masterOBJrrr �AliasDomainCheckJs





zACLManager.AliasDomainCheckcCs"|d
dkrdS|j|
krdSdSr�
r)�packagerrrrr �CheckPackageOwnershipU�




z ACLManager.CheckPackageOwnershipcCsd
dl}|�
||
�rdSd
S)Nr
r)�re�match)�
RegexCheck�valuer3rrr �
CheckRegEx^s

zACLManager.CheckRegExcCs^z(d
}t|�
}
|
�
�}|�dd�d}t�tdd��
��
}|d|kr&WdSWdS


YdS)N�/etc/cyberpanel/machineIP�

rr
z/home/cyberpanel/cluster�
r�failoverServerIP)�open�readr�json�loads)�ipFile�
f�ipData�	ipAddress�configrrr �FindIfChildhs







zACLManager.FindIfChildcCs<zd
}t|�
}
|
�
�}|�dd�dWSty


YdSw)Nr8r9rr
�
192.168.100.1)r<r=r�
BaseException�r@rArBrrr �fetchIPys





�zACLManager.fetchIPNcCs(|
dkr	td
�
}n|
}|�
|�
rdSdS)Nz[\sa-zA-Z0-9_-]+rr
)r�	fullmatch)r6�regex�verifierrrr �
validateInput�s



zACLManager.validateInputc

Cs4
z}|�d
�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d	�
dksx|�d
�
dksx|�d�
dksx|�d�
dksx|�d
�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d�
dksx|�d�
dkr{WdSWdSt
y�
}

zt�dt|
�
�

WYd}
~
dSd}
~
w
w)N�
;���z&&�
|z...�
`�
$�
(�
)�
'�
[�
]�
{�
}�
:�
<�
>�
&rr
z%s. [32:commandInjectionCheck])�findrG�logging�writeToFile�str)r6�msgrrr �commandInjectionCheck�s 8
8
.

�
�
8


 
��z ACLManager.commandInjectionCheckc
	
Cs�tj
j|d
�
}
i}|
j|d<|
j|d<zd}t|�
}|��}|�dd�d}Wnty;
}
zd}WYd}~nd}~w
w||d	<|
j|d
<t	�
|
jj�
}|drVd|d<|Sd|d<|d
|d
<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d|d<|d |d <|d!|d!<|d"|d"<|d#|d#<|d$|d$<|d%|d%<|d&|d&<|d'|d'<|d(|d(<|d)|d)<|d*|d*<|d+|d+<|d,|d,<|d-|d-<|d.|d.<|d/|d/<|d0|d0<|d1|d1<|d2|d2<|d3|d3<|S)4N�
�pk�	firstName�lastNamer8r9rr
rF�serverIPAddress�	adminName�adminStatusr�versionManagement�
createNewUser�	listUsers�
deleteUser�
changeUserACL�resellerCenter�
createWebsite�
modifyWebsite�suspendWebsite�
deleteWebsite�
createPackage�listPackages�
deletePackage�
modifyPackage�createDatabase�deleteDatabase�
listDatabases�createNameServer�
createDNSZone�
deleteZone�addDeleteRecords�createEmail�
listEmails�deleteEmail�emailForwarding�changeEmailPassword�dkimManager�createFTPAccount�deleteFTPAccount�listFTPAccounts�createBackup�googleDriveBackups�
restoreBackup�addDeleteDestinations�scheduleBackups�
remoteBackups�	manageSSL�hostnameSSL�
mailServerSSL)
rr)r*rfrgr<r=rrGr>r?�aclrD)	�valr�
finalResponser@rArBrhrbrDrrr �	loadedACL�sx










��


G�





























zACLManager.loadedACLcCs0|d
dkrdS|
|krdS|
j|j
krdSdSr)rerrrrr �checkUserOwnerShip�s




zACLManager.checkUserOwnerShipcCs8z|d
dkr
WdS||
dkrWdSWdS


YdSrr)r�contextrrr �currentContextPermission
s





z#ACLManager.currentContextPermissionc
Cspz1td
dt
jd�}|��
tdddddddddddddt
jd�}|��
tdt
jd�}|��
WdS


YdS)Nrr)r#rjrD�reseller)r#rlrnrqrprrrsrtrurwrxr|r�rDr)r#rD)r	r�AdminACL�save�ResellerACL�UserACL)
�newACLrrr �createDefaultACLs
s.













�


zACLManager.createDefaultACLscCsztd
�
WS


YdS)N�/You are not authorized to access this resource.r
rrrr �	loadError5
s



zACLManager.loadErrorcCsLz|dkrd
ddd�}n
dd
dddd||
i}t�
|�
}t|�
WS


YdS)Nr
r�)�status�errorMessage�
error_messager�r�r�)r>�dumpsr)�additionalParameter�additionalParameterValue�	finalJson�	json_datarrr �
loadErrorJson<
s


�

�




zACLManager.loadErrorJsoncCs4g}tj
��}
|
D]}|jd
krq	|�|j�

q	|S)Nr)rr)�all�userName�append)�	userNames�allUsers�itemsrrr �findAllUsersN
s







zACLManager.findAllUserscCsHg}tj
��}
|
D]}|jd
ks|jdks|jdkrq	|�|j�

q	|S)Nrr�r)r	r)r�r#r���aclNames�allACLsr�rrr �findAllACLsX
s




zACLManager.findAllACLscCs(g}tj
��}
|
D]}|�|j�

q	|S�
N)r	r)r�r�r#r�rrr �unFileteredACLsd
s



zACLManager.unFileteredACLsc
Cs�tj
j|d
�
}
g}t�|�
}|ddkr,tj
��}|D]}|j|
jkr$q|�|j�

qntj
j|
j	d�
}|D]}|�|j�

q6|�|
j�

|S�Nrdrr�
r)
rr)r*rr�r�r�r��filterre��userIDr�
adminNamesr��adminsr�rrr �loadAllUsersn
s







�


zACLManager.loadAllUsersc
Csdtj
j|d
�
}
g}t�|�
}|ddkrtj
��Stj
j|
jd�
}|D]}|�|�

|�|
�

q#|Sr�)	rr)r*rr�r�r�rer��r�r�adminObjectsr�r�r�rrr �loadUserObjects�
s






zACLManager.loadUserObjectsc
Csntj
j|d
�
}
g}t�|�
}|ddkr tj
��j|d
�
�d�
Stj
j|
j	d�
�d�
}|D]}|�
|�

q-|S)Nrdrrr�r�)rr)r*rr�r��exclude�order_byr�rer�r�rrr �fetchTableUserObjects�
s




z ACLManager.fetchTableUserObjectscCsztj
j|d
�
}g}|
ddkr(tj
��}|D]}|j|jkrq|�|j�

q|Stj
j|jd�
}|D]}|�|j�

q2|Sr�)rr)r*r�r�r�r�re)r�r�rr�r�r�rrr �loadDeletionUsers�
s






�

zACLManager.loadDeletionUsersc
Cs�tj
j|d
�
}
g}t�|�
}|ddkr2tj
��}|D]}|jjdkr0|j|
jkr*q|�	|j�

qntj
j
|
jd�
}|D]}|jjdkrJ|�	|j�

q<|�	|
j�

|Sr�)rr)r*rr�r�r�rpr�r�r�rer�rrr �userWithResellerPriv�
s&








��


�
zACLManager.userWithResellerPrivcCs�|jj
d
kr>|jdkr<d}tjj|jd�
}|D]}||j}q|dkr(||j}||
|j���	�}||jk
r:d
SdSd
Sd
S)Nrr
r�)
r�rj�initWebsitesLimitrr)r�re�websites_setr��count)�currentAdmin�
websitesLimit�userToBeModified�	webLimitsr�r�rrr �websitesLimitCheck�
s








zACLManager.websitesLimitCheckcCsftj
j|d
�
}g}|
ddkr!tj
��}|D]}|�|j�

q|S|j��}|D]}|�|j�

q(|S�Nrdrr)rr)r*rr�r��packageName�package_set)r�r�r�	packNames�packsr�rrr �loadPackages�
s





�

zACLManager.loadPackagescCs.tj
j|d
�
}|
ddkrtj
��S|j��Sr�)rr)r*rr�r�)r�r�rrrr �loadPackageObjects�
s


zACLManager.loadPackageObjectsr
cCs$
g}|d
dkr0tj
���d�
}|D]}|�|j�

|r-|j���d�
D]}|�|j�

q$q|Stj
j|
d�
}|j	���d�
}tj
j
|jd�
}	|D]}|�|j�

|rd|j���d�
D]}|�|j�

q[qI|	D](}|j	���d�
}
|
D]}|�|j�

|r�|j���d�
D]}|�|j�

q�qsqg|S�Nrrr%rdr��r
r)r�r�r�r%�childdomains_setrr*r�r�re)rr��fetchChilds�websiteNames�allWebsitesr��childr�websitesr��webs�webrrr �findAllSites�
s:



��



�




��zACLManager.findAllSitesc
Cs�|d
krd}
|
S|dkrd}
|
S|dkrd}
|
S|dkr d}
|
S|d	kr(d
}
|
S|dkr0d}
|
S|d
kr8d}
|
S|dkr@d}
|
S|dkrHd}
|
S|dkrPd}
|
S|dkrXd}
|
S|dkr`d}
|
S|dkrhd}
|
S|dkrnd}
|
S)NzPHP 5.3�53zPHP 5.4�54zPHP 5.5�55zPHP 5.6�56zPHP 7.0�70zPHP 7.1�71zPHP 7.2�72zPHP 7.3�73zPHP 7.4�74zPHP 8.0�80zPHP 8.1�81zPHP 8.2�82zPHP 8.3�83zPHP 8.4�84r)�
phpVersion�phprrr �getPHPString%sT
�
�
�
�
�
�
�
�
�

�
�
�
�
zACLManager.getPHPStringcCsF
|d
dkr+tj
j|d�
}tj
j|d�
}|D]}|j|v
r(|tj
j|jjd�
B}q|Sg}tj
j|
d�
}|jj|d�
}|D]}|�	|�

q=tj
j|d�
}|D]}|jj
|kra|j|v
ra|�	|j�

qNtj
j|jd�
}	|	D]4}|jj|d�
}
|
D]}||v
r�|�	|�

qwtj
j|d�
}|D]}|jj
|kr�|j|v
r�|�	|j�

q�ql|S)Nrr)
�domain__istartswith)
�title__icontainsrdr�)r
r)r�rrrerr*r�r�r)rr��
searchTermr��wp_sites�wp�websiteListrr�r�r�r�rrr �searchWebsiteObjectsGs@


�






�




�


��zACLManager.searchWebsiteObjectsc	Cs�|d
dkrtj
���d�
Sg}tj
j|
d�
}|j���d�
}|D]}|�|�

q!tj
j|j	d�
}|D]}|j���d�
}|D]}|�|�

q?q3|Sr�)
r
r)r�r�rr*r�r�r�re)	rr�r�rr�r�r�r�r�rrr �findWebsiteObjectsrs





�zACLManager.findWebsiteObjectsc	C�|d
dkrtj
��Sg}tj
j|
d�
}|j��}|D]}|�|�

qtj
j|jd�
}|D]}|j��}|D]}|�|�

q6q-|S�Nrrrdr�)	rr)r�rr*�DockerSites_setr�r�re)	rr��DockersiteListrr�r�r�r�r�rrr �findDockersiteObjects�s








�z ACLManager.findDockersiteObjectsc
Cs
g}|d
dkr+tj
���d�
}|D]}|�|j�

|j��D]}|�|j�

qq|Stj
j|
d�
}|j	���d�
}|D]}|�|j�

|j��D]}|�|j�

qIq<tj
j
|jd�
}|D]#}|j	���d�
}|D]}	|�|	j�

|	j��D]}|�|j�

qvqiq]|Sr�r�)
rr��domainsList�domainsr��childsrr��doms�domrrr �findAllDomains�s4



��



�




��zACLManager.findAllDomainsc	Cs�g}|d
dkrtj
���d�
}|D]}|�|j�

q|Stj
j|
d�
}|j���d�
}|D]}|�|j�

q.tj
j	|j
d�
}|D]}|j���d�
}|D]}|�|j�

qMqA|Sr�)r
r)r�r�r�r%rr*r�r�re)	rr�r
r

r�rr�r
r
rrr �findAllWebsites�s"


�




�zACLManager.findAllWebsitesc
Cs�d
dlm
}
g}|ddkr"|j���d�
}|D]}|�|j�

qn>tjj|
d�
}|jj	|d�
�d�
}|D]}|�|j�

q5tjj	|j
d�
}|D]}|jj	|d�
�d�
}	|	D]}|�|j�

qVqHtt|�
�
S)	Nr
�
�Domainsrrr#rdr/r�)
�
dns.modelsr
r)r�r�r�r#rr*r�re�list�set)
rr�r
�	zonesList�zones�zonerr��item�owned_zonesrrr �findAllDNSZones�s$



�





�zACLManager.findAllDNSZonescCs�z'tj
j|d
�
}|ddkrWdS|jj|
krWdS|jjj|
jkr%WdSWdS


tj
j|d
�
}|ddkr;YdS|j|
krCYdS|jj|
jkrMYdSYdS)Nr(rrr
)rr)r*r+rrrer
)r%rr�childDomain�
domainNamerrr �checkOwnership�s$




�





zACLManager.checkOwnershipcCsJz|d
dkr
WdS|j|
krWdS|jj|
j
krWdSWdS


YdSr�rre)�gDrrrrr �checkGDriveOwnership
s








zACLManager.checkGDriveOwnershipcCs�|d
dkrdSztj
j|d�
}|j|
ks|jj|
jkrWdSWn


Yztj
j|d�
}|jj|
ks;|jjj|
jkr>WdSWn


Yz"ddlm	}
|j
j|d�
}|j|
krZWdS|jj|
jkrdWdSWdS


YdS)Nrrr(r
r
�
r#)
r
r)r*rrrerr+r	
r
)r%rr�
websiteDomainr
r
�	dnsDomainrrr �checkOwnershipZones8



�



�






��
zACLManager.checkOwnershipZonec

Csdztt
|�
�
}
|
d
krWdSWdSty1
}
zt�t|�
d�

dt|�
fWYd}~Sd}~w
w)Nr)r
zSomething bad happened)r�Nonez [ACLManager.executeCall]r
)rrrr_r`ra)�command�resultrbrrr �executeCall=s





��zACLManager.executeCallcCs\z'tj
j|d
�
}t�|
�
}tj
j|
d�
}|ddkrWdS|j|kr%WdSWdS


YdS)Nr
rdrrr
)rr)r*rr�rr)r#r��	containerrrrrr �checkContainerOwnershipIs









z"ACLManager.checkContainerOwnershipc
Cs�g}|d
dkrtj
��}|D]}|�|j�

q|Stj
j|
d�
}|j��}tj
j|j	d�
}|D]}|�|j�

q0|D]}|j��}|D]}	|�|	j�

qDq;|Sr�)
rr)r�r�r#rr*�containers_setr�re)
rr��
containerName�
allContainersr�r�
containersr��cons�conrrr �findAllContainersYs"



�






�zACLManager.findAllContainersc	Cr�r�)	rr)r�rr*r"
r�r�re)	rr��
containerListrr%
r�r�r&
r'
rrr �findContainersObjectsrs








�z ACLManager.findContainersObjectsc
CsBg}
|D]}tj
j|d
�
}|j���d�
D]}|
�|j�

qq|
S)Nr(r%)r
r)r*r�r�r�r�r%)r��childDomainsr��websiter
rrr �findChildDomains�s


�zACLManager.findChildDomainscCs0|d
dkrdS|j|
j
krdS||
krdSdSrr
)rrr�rrr �checkOwnerProtection�s




zACLManager.checkOwnerProtectionc
Cs�d
dl}
g|
�
��
d�
d�
d�
d�
d�
d�
d�
d	�
d
�
d�
d�
d
�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d�
d �
}|�d!�
}|D]}|d"kr]||kr\
d
SqO|�|�
rjt�|�


d
SqOd"S)#Nr
zhotmail.comz	gmail.comz
yandex.comz	yahoo.com�	localhostzaol.comz	apple.comzcloudlinux.comz	email.comzfacebook.comzgmx.dezgmx.comz
google.comzhushmail.comz
icloud.comz	inbox.comzimunify360.comzjuno.comzlive.comzlocalhost.localdomainzlocalhost4.localdomain4zlocalhost6.localdomain6zmail.comzmail.ruzme.comz
microsoft.comzmxlogic.netzoutlook.comzprotonmail.comztwitter.comz	yandex.ru�
.r)�socket�gethostnamer��endswithr_r`)r%r1
�	BlackList�DotsCounter�blackrrr �CheckDomainBlackList�sz&
�
�
�
�
�
�������������������



�



�zACLManager.CheckDomainBlackListcCs�|�d
�
dkr|�
d
�
d}n|�
d�
d}z
t|�
}t|�

Wn


|
dkr9|�
d�
d}||
�d�kr9YdSYdS|dd�d	ks\|dd
�dks\|dd�d
ks\|dd�dkry|dkry|�d�
dkry|dkry|dkry|dkry|dkrydSdS)Nzpanel/rOrztmp/zcyberpanel/�_rustic_backup_logr
�z/home/cyberpanel/.��/home/cyberpanel�z/tmprz&/usr/local/CyberCP/CyberCP/settings.pyz..z/home/cyberpanel/.my.cnfz/home/cyberpanel/.bashrcz/home/cyberpanel/.bash_logoutz/home/cyberpanel/.profile)r^r�int�print)�
statusFiler%�TemFilePathr6rrr �CheckStatusFilleLoc�s2







2
�
�
�
� 

zACLManager.CheckStatusFilleLocc
Cs8ztj
j|d
�
}
|
jjWS


tj
j|d
�
}|jYS)Nr()rr)r*r+�externalAppr
)r%r
r
rrr �FetchExternalApp�s




zACLManager.FetchExternalAppcCsJd
}tj
�|�
sd|}
t�|
�

d|}
t�|
�

d|}
t�|
�

dS)Nz/usr/local/CyberCP/tmp/zmkdir %szchown cyberpanel:cyberpanel %szchmod 711 %s)�os�path�existsr�executioner)�
UploadPathr
rrr �CreateSecureDir�s





zACLManager.CreateSecureDirc
Cs�tj
�d
�
rd|d<nd|d<tj
�d�
rd|d<nd|d<ztjjdd�
}
|
j|d<WdS


t��tj	ks?t��tj
krBd	}nd
}tj
�|�
rXtdd�
��
d|d<YdSd|d<YdS)Nz/home/cyberpanel/postfixr�emailAsWholer
z/home/cyberpanel/pureftpd�
ftpAsWholerd�
dnsAsWholez
/etc/powerdnsz	/etc/pdns)
�serverStatus)rD
rE
rF
rr)r*rM
r�decideDistro�ubuntu�ubuntu20r�)�dic�pdns�pdnsPathrrr �GetServiceStatus�s"










zACLManager.GetServiceStatuscCs>d
dlm
}
|j��}t�||
�}|D]	}||j��O}q|S)Nr
)
r)�websiteFunctions.modelsrr)�nonerr��wpsites_setr�)rr�r�wpsitesr�r,
rrr �GetALLWPObjectss


zACLManager.GetALLWPObjectscCs$d
}t|�
}
|
�
�}|�dd�dS)Nr8r9rr
)r<r=rrHrrr �GetServerIPs


zACLManager.GetServerIPc
Cs^z(t�
�tjkrWd
Sd}
|t��d�}ddl}|j|
t�|�
d�}|��dWS


Yd
S)Nrz@https://platform.cyberpersons.com/CyberpanelAdOns/Adonpermission)r#�IPr
)
�datar�)	r�decideServer�entrrZ
�requests�postr>r�)�feature�urlr\
r_
�responserrr �CheckForPremFeatures

�



zACLManager.CheckForPremFeaturecC�"|d
dkrdS|
j|krdSdSrr��r�	backupobjrrrr �CheckIPBackupObjectOwner.r2z#ACLManager.CheckIPBackupObjectOwnercCre
rr�rf
rrr �CheckIPPluginObjectOwner7r2z#ACLManager.CheckIPPluginObjectOwnerc
Cs�z,d
}t�
|�
�d�
}
d}t�
|�
�d�
}t|
�
dkr't|�
dkr'd|
|fWSdd|fWStyE
}
z
dt|�
dfWYd}~Sd}~w
w)NzHgrep SAVED_CF_Key= /root/.acme.sh/account.conf | cut -d= -f2 | tr -d "'"r9zJgrep SAVED_CF_Email= /root/.acme.sh/account.conf | cut -d= -f2 | tr -d "'"�rr
zKey not defined)r�outputExecutioner�rstrip�lenrGra)r
�SAVED_CF_Key�SAVED_CF_Emailrbrrr �FetchCloudFlareAPIKeyFromAcme@s



��z(ACLManager.FetchCloudFlareAPIKeyFromAcmecCstz3|dkrd
|
�d�}t�
�tjkr#d|}t�|dd��d�
}|WSd|}t�|dd��d�
}|WS


YdS)N�/usr/local/lsws/conf/vhosts/�/vhost.confzawk '/docRoot/ {print $2}' �rootTr9�&awk '/DocumentRoot/ {print $2; exit}' )rr]
�OLSrk
rl
)�	vhostConfr
r
�docRootrrr �FindDocRootOfSiteSs







zACLManager.FindDocRootOfSitecCsxz5|dkrd
|
�d�}t�
�tjkr$d|�d�|}t�|dd�
WdSd|�d�|}t�|dd�
WdS


YdS)Nrq
rr
z3sed -i 's#docRoot\s\s*.*#docRoot                   �#g' rs
T�6sed -i 's#DocumentRoot\s\s*[^[:space:]]*#DocumentRoot )rr]
ru
rG
)rv
r
�
NewDocRootr
rrr �ReplaceDocRootes




zACLManager.ReplaceDocRootcCsdz+tj
|
d
}t��tjkr)tj�|�
r&d|}t�|dd��	d�
}|WSWdSWdS


YdS)N�.confrt
rs
Tr9)
r�configBasePathrr]
ru
rD
rE
rF
rk
rl
)rv
r
�
finalConfPathr
rw
rrr �FindDocRootOfSiteApachevs




z"ACLManager.FindDocRootOfSiteApachecCsTz#tj
|
d
}t��tjkr!d|�d�|}t�|dd�
WdSWdS


YdS)Nr}
rz
ry
rs
T)rr~
rr]
ru
rG
)rv
r
r{
r
r
rrr �ReplaceDocRootApache�s


�
zACLManager.ReplaceDocRootApachecCs$d
}t�
|�
}
|
�d�
dkrdSdS)Nzuname -a�aarch64rOTF)rrk
r^)r
r
rrr �ISARM�s



zACLManager.ISARMc
Cs��z`z#dIdd�
}d|�}
tdd�}|�
|
�

|��
d}t�|dd	�
Wn


Yd
}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d
}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
d}t�|dd	�
gd�
}|D]
}d|}t�|dd	�
q�gd�
}|D]
}d |}t�|dd	�
q�d!}t�|dd	�
d"}t�|dd	�
d#}t�|dd	�
gd$�
}d%dl}|D]}z|�|�

W�
q"


Y�
q"d&}t�|dd	�
d'}t�|dd	�
d(}t�|dd	�
d)}t�|dd	�
d*}t�|dd	�
d}t�|dd	�
gd+�
}	|	D]}d,|}t�|dd	�
�
qod-}t�|dd	�
d.}t�|dd	�
d/}t�|dd	�
t��tjk�
s�t��tj	k�
r�d0}t�|dd	�
d1}t�|dd	�
nd2}t�|dd	�
d3}t�|dd	�
d4}t�|dd	�
d5}t�|dd	�
d6}t�|dd	�
td7d8�}
|
�
d9�

|
��
d:}t�|dd	�
d;}d<}t
j�|�
�rt
j�|�
�sd=}
nd>}
d?|
}t�|dd	�
d@}t�|dd	�
tdAd8�}|�
dB�

|�
dC�

|��
dD}t�|dd	�
dEdF}t�|dd	�
dG}d |}t�|dd	�
WdSt�y~
}
zt�t|�
dH�

WYd}~dSd}~w
w)JN�c
s2tj
tjtj�|}
d
��f
dd�t|
�
D�
�
S)N�c
3s�|]}
t�
��
V
qdSr�)�random�choice)�.0�
x�
�charsrr �	<genexpr>�s�zCACLManager.fixPermissions.<locals>.generate_pass.<locals>.<genexpr>)�string�ascii_uppercase�ascii_lowercase�digits�join�range)�length�sizerr�
r �
generate_pass�s


z0ACLManager.fixPermissions.<locals>.generate_passz�<?php
$_ENV['snappymail_INCLUDE_AS_API'] = true;
include '/usr/local/CyberCP/public/snappymail/index.php';

$oConfig = \snappymail\Api::Config();
$oConfig->SetPassword('%s');
echo $oConfig->Save() ? 'Done' : 'Error';

?>z(/usr/local/CyberCP/public/snappymail.php�
wz?chown -R lscpd:lscpd /usr/local/lscp/cyberpanel/snappymail/datars
Tz#usermod -G lscpd,lsadm,nobody lscpdz$usermod -G lscpd,lsadm,nogroup lscpdz6find /usr/local/CyberCP -type d -exec chmod 0755 {} \;z6find /usr/local/CyberCP -type f -exec chmod 0644 {} \;z#chmod -R 755 /usr/local/CyberCP/binz%chown -R root:root /usr/local/CyberCPz3find /usr/local/lscp -type d -exec chmod 0755 {} \;z3find /usr/local/lscp -type f -exec chmod 0644 {} \;z chmod -R 755 /usr/local/lscp/binz%chmod -R 755 /usr/local/lscp/fcgi-binz=chown -R lscpd:lscpd /usr/local/CyberCP/public/phpmyadmin/tmpz"chown -R root:root /usr/local/lscpz8chown -R lscpd:lscpd /usr/local/lscp/cyberpanel/rainloopz.chmod 700 /usr/local/CyberCP/cli/cyberPanel.pyz8chmod 700 /usr/local/CyberCP/plogical/upgradeCritical.pyz:chmod 755 /usr/local/CyberCP/postfixSenderPolicy/client.pyz0chmod 640 /usr/local/CyberCP/CyberCP/settings.pyz<chown root:cyberpanel /usr/local/CyberCP/CyberCP/settings.pyz3chmod +x /usr/local/CyberCP/CLManager/CLPackages.py)z/etc/yum.repos.d/MariaDB.repo�/etc/pdns/pdns.confz!/etc/systemd/system/lscpd.service�/etc/pure-ftpd/pure-ftpd.conf�"/etc/pure-ftpd/pureftpd-pgsql.conf�"/etc/pure-ftpd/pureftpd-mysql.conf�!/etc/pure-ftpd/pureftpd-ldap.conf�/etc/dovecot/dovecot.confz%/usr/local/lsws/conf/httpd_config.xmlz /usr/local/lsws/conf/modsec.confz/usr/local/lsws/conf/httpd.confzchmod 644 %s)r�
r�
r�
r�
r�
r�
z/etc/pure-ftpd/db/mysql.confz/etc/powerdns/pdns.confzchmod 600 %szchmod 640 /etc/postfix/*.cfzchmod 640 /etc/dovecot/*.confz+chmod 640 /etc/dovecot/dovecot-sql.conf.ext)z/usr/local/lsws/FileManager/z&/usr/local/CyberCP/install/FileManagerz5/usr/local/CyberCP/serverStatus/litespeed/FileManagerz(/usr/local/lsws/Example/html/FileManagerr
zchmod 755 /etc/pure-ftpd/z#chmod 644 /etc/dovecot/dovecot.confzchmod 644 /etc/postfix/main.cfz%chmod 644 /etc/postfix/dynamicmaps.cfz-chmod +x /usr/local/CyberCP/plogical/renew.py)z)/usr/local/CyberCP/CLScript/panel_info.pyz1/usr/local/CyberCP/CLScript/CloudLinuxPackages.pyz./usr/local/CyberCP/CLScript/CloudLinuxUsers.pyz0/usr/local/CyberCP/CLScript/CloudLinuxDomains.pyz2/usr/local/CyberCP/CLScript/CloudLinuxResellers.pyz//usr/local/CyberCP/CLScript/CloudLinuxAdmins.pyz+/usr/local/CyberCP/CLScript/CloudLinuxDB.pyz'/usr/local/CyberCP/CLScript/UserInfo.pyzchmod +x %sz2chmod 600 /usr/local/CyberCP/plogical/adminPass.pyz/chmod 600 /etc/cagefs/exclude/cyberpanelexcludez.find /usr/local/CyberCP/ -name '*.pyc' -deletez#chown root:pdns /etc/pdns/pdns.confzchmod 640 /etc/pdns/pdns.confz'chown root:pdns /etc/powerdns/pdns.confz!chmod 640 /etc/powerdns/pdns.confz4chmod 640 /usr/local/lscp/cyberpanel/logs/access.logzH/usr/local/lsws/lsphp72/bin/php /usr/local/CyberCP/public/snappymail.phpz2chmod 600 /usr/local/CyberCP/public/snappymail.phpz
/etc/fstab�
az;proc    /proc        proc        defaults,hidepid=2    0 0
z#mount -o remount,rw,hidepid=2 /procz/etc/redhat-releasez/etc/openEuler-release�nobody�nogroupz"chown root:%s /usr/local/lsws/logszchmod 750 /usr/local/lsws/logsz!/usr/lib/sysctl.d/50-default.confzfs.protected_hardlinks = 1
zfs.protected_symlinks = 1
zsysctl --systemzchmod 700 %sr;
z/usr/local/lscp/conf/key.pemz [fixPermissions])
r�
)r<�write�closerrG
�shutil�rmtreerN
�centos�cent8rD
rE
rF
�
writelinesrGr_r`ra)r�
�contentr`r
�filesr��impFile�fileMr�
�	clScripts�WriteToFile�
CentOSPath�
openEulerPath�group�destPrivKeyrbrrr �fixPermissions�s


�
















































 

























 
��zACLManager.fixPermissionsr�)NN)
r
)C�__name__�
__module__�__qualname__r�r�r��staticmethodr!r&r.r1r7rErIrMrcr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r
r
r
r
r
r
r
r!
r(
r*
r-
r.
r7
rA
rC
rI
rT
rY
rZ
rd
rh
ri
rp
rx
r|
r�
r�
r�
r�
rrrr rs�			



	






	



	




^






!




	



	















%

!

*















#














































r)*rD
�sysr�
r�
�ApachController.ApacheVhostsr�manageServices.modelsr�processUtilitiesrrE
r��django�environ�
setdefault�setup�loginSystem.modelsrr	�django.shortcutsr�packages.modelsrrU
r
rrrrr>�
subprocessrr�shlexrrr_�dockerManager.modelsrr3rrrrrr �<module>
s*