From 59836baf74bf1af63d1afe67d8008c15418d70f0 Mon Sep 17 00:00:00 2001 From: Jordan Rodgers Date: Wed, 24 Jan 2018 23:07:59 -0500 Subject: [PATCH] fix all rtp/perms checks, add db parameter to necessary functions --- proxstar/__init__.py | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/proxstar/__init__.py b/proxstar/__init__.py index 25ffac2..802cd88 100644 --- a/proxstar/__init__.py +++ b/proxstar/__init__.py @@ -110,8 +110,7 @@ def vm_details(vmid): rtp = 'rtp' in session['userinfo']['groups'] active = 'active' in session['userinfo']['groups'] proxmox = connect_proxmox() - if 'rtp' in session['userinfo']['groups'] or int( - vmid) in get_user_allowed_vms(proxmox, user): + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): vm = get_vm(proxmox, vmid) vm['vmid'] = vmid vm['config'] = get_vm_config(proxmox, vmid) @@ -147,9 +146,9 @@ def vm_details(vmid): @auth.oidc_auth def vm_power(vmid, action): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if int(vmid) in get_user_allowed_vms( - proxmox, user) or 'rtp' in session['userinfo']['groups']: + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): if action == 'start': config = get_vm_config(proxmox, vmid) usage_check = check_user_usage(proxmox, db, user, config['cores'], @@ -166,17 +165,17 @@ def vm_power(vmid, action): @auth.oidc_auth def vm_cpu(vmid, cores): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if int(vmid) in get_user_allowed_vms( - proxmox, user) or 'rtp' in session['userinfo']['groups']: + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): cur_cores = get_vm_config(proxmox, vmid)['cores'] if cores >= cur_cores: status = get_vm(proxmox, vmid)['qmpstatus'] if status == 'running' or status == 'paused': - usage_check = check_user_usage(proxmox, user, + usage_check = check_user_usage(proxmox, db, user, cores - cur_cores, 0, 0) else: - usage_check = check_user_usage(proxmox, user, cores, 0, 0) + usage_check = check_user_usage(proxmox, db, user, cores, 0, 0) if usage_check: return usage_check change_vm_cpu(proxmox, vmid, cores) @@ -189,17 +188,17 @@ def vm_cpu(vmid, cores): @auth.oidc_auth def vm_mem(vmid, mem): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if 'rtp' in session['userinfo']['groups'] or int( - vmid) in get_user_allowed_vms(proxmox, user): + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): cur_mem = get_vm_config(proxmox, vmid)['memory'] // 1024 if mem >= cur_mem: status = get_vm(proxmox, vmid)['qmpstatus'] if status == 'running' or status == 'paused': - usage_check = check_user_usage(proxmox, user, 0, mem - cur_mem, - 0) + usage_check = check_user_usage(proxmox, db, user, 0, + mem - cur_mem, 0) else: - usage_check = check_user_usage(proxmox, user, 0, mem, 0) + usage_check = check_user_usage(proxmox, db, user, 0, mem, 0) if usage_check: return usage_check change_vm_mem(proxmox, vmid, mem * 1024) @@ -212,9 +211,9 @@ def vm_mem(vmid, mem): @auth.oidc_auth def vm_renew(vmid): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if 'rtp' in session['userinfo']['groups'] or int( - vmid) in get_user_allowed_vms(proxmox, user): + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): renew_vm_expire(db, vmid, app.config['VM_EXPIRE_MONTHS']) for interface in get_vm_interfaces(proxmox, vmid): renew_ip(starrs, get_ip_for_mac(starrs, interface[1])) @@ -227,9 +226,9 @@ def vm_renew(vmid): @auth.oidc_auth def iso_eject(vmid): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if int(vmid) in get_user_allowed_vms( - proxmox, user) or 'rtp' in session['userinfo']['groups']: + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): eject_vm_iso(proxmox, vmid) return '', 200 else: @@ -240,9 +239,9 @@ def iso_eject(vmid): @auth.oidc_auth def iso_mount(vmid, iso): user = session['userinfo']['preferred_username'] + rtp = 'rtp' in session['userinfo']['groups'] proxmox = connect_proxmox() - if int(vmid) in get_user_allowed_vms( - proxmox, user) or 'rtp' in session['userinfo']['groups']: + if rtp or int(vmid) in get_user_allowed_vms(proxmox, user): iso = "{}:iso/{}".format(app.config['PROXMOX_ISO_STORAGE'], iso) mount_vm_iso(proxmox, vmid, iso) return '', 200