maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add Ftps.list and Ftps.delete

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-26 09:36:58 +01:00
parent c9256c0020
commit 6191ee6fba
3 changed files with 186 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
customer_ftp.php
View File

@@ -90,66 +90,11 @@ if ($page == 'overview') {
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) { if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
if (isset($_POST['send']) && $_POST['send'] == 'send') { if (isset($_POST['send']) && $_POST['send'] == 'send') {
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "` try {
SET `up_count` = `up_count` + :up_count, Ftps::getLocal($userinfo, $_POST)->delete();
`up_bytes` = `up_bytes` + :up_bytes, } catch (Exception $e) {
`down_count` = `down_count` + :down_count, dynamic_error($e->getMessage());
`down_bytes` = `down_bytes` + :down_bytes
WHERE `username` = :username"
);
$params = array(
"up_count" => $result['up_count'],
"up_bytes" => $result['up_bytes'],
"down_count" => $result['down_count'],
"down_bytes" => $result['down_bytes'],
"username" => $userinfo['loginname']
);
Database::pexecute($stmt, $params);
$result_stmt = Database::prepare("SELECT `username`, `homedir` FROM `" . TABLE_FTP_USERS . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
Database::pexecute($stmt, array("name" => $result['username']));
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_USERS . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$stmt = Database::prepare("
UPDATE `" . TABLE_FTP_GROUPS . "` SET
`members` = REPLACE(`members`, :username,'')
WHERE `customerid` = :customerid
");
Database::pexecute($stmt, array("username" => ",".$result['username'], "customerid" => $userinfo['customerid']));
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
$resetaccnumber = ($userinfo['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';
// refs #293
if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
inserttask('8', $userinfo['loginname'], $result['homedir']);
} else {
if (Settings::Get('system.nssextrausers') == 1)
{
// this is used so that the libnss-extrausers cron is fired
inserttask(5);
}
} }
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
WHERE `customerid` = :customerid"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
redirectTo($filename, array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} else { } else {
ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']); ask_yesno_withcheckbox('ftp_reallydelete', 'admin_customer_alsoremoveftphomedir', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);

183
lib/classes/api/commands/class.Ftps.php
View File

@@ -38,7 +38,7 @@ class Ftps extends ApiCommand implements ResourceEntity
$id = $this->getParam('id', true, 0); $id = $this->getParam('id', true, 0);
$un_optional = ($id <= 0 ? false : true); $un_optional = ($id <= 0 ? false : true);
$username = $this->getParam('username', $un_optional, ''); $username = $this->getParam('username', $un_optional, '');
$params = array(); $params = array();
if ($this->isAdmin()) { if ($this->isAdmin()) {
if ($this->getUserDetail('customers_see_all') == false) { if ($this->getUserDetail('customers_see_all') == false) {
@@ -86,9 +86,186 @@ class Ftps extends ApiCommand implements ResourceEntity
public function update() public function update()
{} {}
/**
* list all ftp-users, if called from an admin, list all ftp-users of all customers you are allowed to view, or specify id or loginname for one specific customer
*
* @param int $customerid
* optional, admin-only, select ftp-users of a specific customer by id
* @param string $loginname
* optional, admin-only, select ftp-users of a specific customer by loginname
*
* @access admin, customer
* @throws Exception
* @return array count|list
*/
public function list() public function list()
{} {
if ($this->isAdmin()) {
// if we're an admin, list all ftp-users of all the admins customers
// or optionally for one specific customer identified by id or loginname
$customerid = $this->getParam('customerid', true, 0);
$loginname = $this->getParam('loginname', true, '');
if (! empty($customer_id) || ! empty($loginname)) {
$json_result = Customers::getLocal($this->getUserData(), array(
'id' => $customerid,
'loginname' => $loginname
))->get();
$custom_list_result = array(
json_decode($json_result, true)['data']
);
} else {
$json_result = Customers::getLocal($this->getUserData())->list();
$custom_list_result = json_decode($json_result, true)['data']['list'];
}
$customer_ids = array();
foreach ($custom_list_result as $customer) {
$customer_ids[] = $customer['customerid'];
}
} else {
if (Settings::IsInList('panel.customer_hide_options', 'ftp')) {
throw new Exception("You cannot access this resource", 405);
}
$customer_ids = array(
$this->getUserDetail('customerid')
);
}
$result = array();
$params['customerid'] = implode(", ", $customer_ids);
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_FTP_USERS . "`
WHERE `customerid` IN (:customerid)
");
Database::pexecute($result_stmt, $params);
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$result[] = $row;
}
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_NOTICE, "[API] list ftp-users");
return $this->response(200, "successfull", array(
'count' => count($result),
'list' => $result
));
}
/**
* delete a ftp-user by either id or username
*
* @param int $id
* optional, the ftp-user-id
* @param string $username
* optional, the username
* @param bool $delete_userfiles
* optional, default false
*
* @access admin, customer
* @throws Exception
* @return array
*/
public function delete() public function delete()
{} {
$id = $this->getParam('id', true, 0);
$un_optional = ($id <= 0 ? false : true);
$username = $this->getParam('username', $un_optional, '');
$delete_userfiles = $this->getParam('delete_userfiles', true, 0);
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'ftp')) {
throw new Exception("You cannot access this resource", 405);
}
// get ftp-user
$json_result = Ftps::getLocal($this->getUserData(), array(
'id' => $id,
'username' => $username
))->get();
$result = json_decode($json_result, true)['data'];
$id = $result['id'];
if ($this->isAdmin()) {
// get customer-data
$json_result = Customers::getLocal($this->getUserData(), array(
'id' => $result['customerid']
))->get();
$customer_data = json_decode($json_result, true)['data'];
} else {
$customer_data = $this->getUserData();
}
// add usage of this ftp-user to main-ftp user of customer if different
if ($result['username'] != $customer_data['loginname']) {
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
SET `up_count` = `up_count` + :up_count,
`up_bytes` = `up_bytes` + :up_bytes,
`down_count` = `down_count` + :down_count,
`down_bytes` = `down_bytes` + :down_bytes
WHERE `username` = :username
");
$params = array(
"up_count" => $result['up_count'],
"up_bytes" => $result['up_bytes'],
"down_count" => $result['down_count'],
"down_bytes" => $result['down_bytes'],
"username" => $customer_data['loginname']
);
Database::pexecute($stmt, $params, true, true);
}
// remove all quotatallies
$stmt = Database::prepare("DELETE FROM `" . TABLE_FTP_QUOTATALLIES . "` WHERE `name` = :name");
Database::pexecute($stmt, array(
"name" => $result['username']
), true, tue);
// remove user itself
$stmt = Database::prepare("
DELETE FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :customerid AND `id` = :id
");
Database::pexecute($stmt, array(
"customerid" => $customer_data['customerid'],
"id" => $id
), true, true);
// update ftp-groups
$stmt = Database::prepare("
UPDATE `" . TABLE_FTP_GROUPS . "` SET
`members` = REPLACE(`members`, :username,'')
WHERE `customerid` = :customerid
");
Database::pexecute($stmt, array(
"username" => "," . $result['username'],
"customerid" => $customer_data['customerid']
), true, true);
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
// refs #293
if ($delete_userfiles == 1) {
inserttask('8', $customer_data['loginname'], $result['homedir']);
} else {
if (Settings::Get('system.nssextrausers') == 1) {
// this is used so that the libnss-extrausers cron is fired
inserttask(5);
}
}
// decrease ftp-user usage for customer
$resetaccnumber = ($customer_data['ftps_used'] == '1') ? " , `ftp_lastaccountnumber`='0'" : '';
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `ftps_used` = `ftps_used` - 1 $resetaccnumber
WHERE `customerid` = :customerid");
Database::pexecute($stmt, array(
"customerid" => $customer_data['customerid']
), true, true);
// update admin usage
$stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_ADMINS . "`
SET `mysqls_used` = `mysqls_used` - 1
WHERE `adminid` = :adminid
");
Database::pexecute($stmt, array(
"adminid" => ($this->isAdmin() ? $customer_data['adminid'] : $this->getUserDetail('adminid'))
), true, true);
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted ftp-user '" . $result['username'] . "'");
return $this->response(200, "successfull", $result);
}
} }

3
lib/classes/api/commands/class.Mysqls.php
View File

@@ -440,6 +440,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
* optional, admin-only, select dbs of a specific customer by loginname * optional, admin-only, select dbs of a specific customer by loginname
* *
* @access admin, customer * @access admin, customer
* @throws Exception
* @return array count|list * @return array count|list
*/ */
public function list() public function list()
@@ -560,7 +561,6 @@ class Mysqls extends ApiCommand implements ResourceEntity
Database::needRoot(true, $result['dbserver']); Database::needRoot(true, $result['dbserver']);
$dbm = new DbManager($this->logger()); $dbm = new DbManager($this->logger());
$dbm->getManager()->deleteDatabase($result['databasename']); $dbm->getManager()->deleteDatabase($result['databasename']);
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted database '" . $result['databasename'] . "'");
Database::needRoot(false); Database::needRoot(false);
// End root-session // End root-session
@@ -602,6 +602,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
"adminid" => ($this->isAdmin() ? $customer['adminid'] : $this->getUserDetail('adminid')), "adminid" => ($this->isAdmin() ? $customer['adminid'] : $this->getUserDetail('adminid')),
), true, true); ), true, true);
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] deleted database '" . $result['databasename'] . "'");
return $this->response(200, "successfull", $result); return $this->response(200, "successfull", $result);
} }
} }