From ca039cfa38a5e6ec3446474db6206aad239aeef2 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:16:39 +0200 Subject: [PATCH 01/61] add error flash to layout --- templates/layout.html | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/templates/layout.html b/templates/layout.html index 7aa871a..250ad4d 100644 --- a/templates/layout.html +++ b/templates/layout.html @@ -72,6 +72,15 @@ From 08055b4781301728d156cb69c7e67be6c7e86ae8 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:19:00 +0200 Subject: [PATCH 02/61] add user based auth roles --- alogin.py | 2 +- asite.py | 6 +++++- models/database.py | 17 +++++++++++++---- models/session.py | 6 +++--- models/user.py | 32 ++++++++++++++++++++++++++++++++ 5 files changed, 54 insertions(+), 9 deletions(-) diff --git a/alogin.py b/alogin.py index eb5e5e5..dc1c256 100644 --- a/alogin.py +++ b/alogin.py @@ -29,7 +29,7 @@ def login(): if user.verify_password(request.form["password"]): # if new_user: # return render_template("login.html", failed=True) - session["token"] = Session.new_session(request.remote_addr) + session["token"] = Session.new_session(request.remote_addr, User.get_userid(request.form["username"])) print("login success") return redirect(url_for('asite.index')) else: diff --git a/asite.py b/asite.py index 2ae523e..c66cccb 100644 --- a/asite.py +++ b/asite.py @@ -3,7 +3,7 @@ import boto3 from api import solderpy_version -from flask import Blueprint, app, redirect, render_template, request, session, url_for +from flask import Blueprint, app, flash, redirect, render_template, request, session, url_for from models.build import Build from models.build_modversion import Build_modversion from models.client import Client @@ -228,6 +228,10 @@ def mainsettings(): # New or invalid session, send to login return redirect(url_for('alogin.login')) + if User.get_permission_token(session["token"], "solder_env") == 0: + flash("Permission Denied", "error") + return redirect(request.referrer) + return render_template("mainsettings.html", nam=__name__, deb=debug, host=host, port=port, mirror_url=mirror_url, repo_url=repo_url, r2_url=R2_URL, db_name=db_name, versr=__version__, r2_bucket=R2_BUCKET, newuser=new_user, technic=migratetechnic) diff --git a/models/database.py b/models/database.py index b98c6ba..90c00b4 100644 --- a/models/database.py +++ b/models/database.py @@ -145,6 +145,7 @@ def create_tables() -> bool: solder_users BOOLEAN DEFAULT(0), solder_keys BOOLEAN DEFAULT(0), solder_clients BOOLEAN DEFAULT(0), + solder_env BOOLEAN DEFAULT(0), mods_create BOOLEAN DEFAULT(0), mods_manage BOOLEAN DEFAULT(0), mods_delete BOOLEAN DEFAULT(0), @@ -187,7 +188,8 @@ def create_tables() -> bool: """CREATE TABLE IF NOT EXISTS sessions ( token VARCHAR(80) NOT NULL PRIMARY KEY, ip INT NOT NULL, - expiry TIMESTAMP NOT NULL + expiry TIMESTAMP NOT NULL, + user_id INT NOT NULL )""" ) con.commit() @@ -251,7 +253,7 @@ def migratetechnic_tables() -> bool: cur.execute( """ALTER TABLE user_permissions MODIFY created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - MODIFY updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP + MODIFY updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, """ ) cur.execute( @@ -292,11 +294,17 @@ def migratetechnic_tables() -> bool: ADD COLUMN mcversion VARCHAR(255) AFTER version """ ) + cur.execute( + """ALTER TABLE user_permissions + ADD COLUMN solder_env BOOLEAN DEFAULT(0) + """ + ) cur.execute( """CREATE TABLE IF NOT EXISTS sessions ( token VARCHAR(80) NOT NULL PRIMARY KEY, ip INT NOT NULL, - expiry TIMESTAMP NOT NULL + expiry TIMESTAMP NOT NULL, + user_id INT NOT NULL )""" ) con.commit() @@ -314,7 +322,8 @@ def create_session_table() -> bool: """CREATE TABLE IF NOT EXISTS sessions ( token VARCHAR(80) NOT NULL PRIMARY KEY, ip INT NOT NULL, - expiry TIMESTAMP NOT NULL + expiry TIMESTAMP NOT NULL, + user_id INT NOT NULL )""" ) con.commit() diff --git a/models/session.py b/models/session.py index 60508b3..605856c 100644 --- a/models/session.py +++ b/models/session.py @@ -43,14 +43,14 @@ def get_and_update_from_token(cls, token: str) -> Session: return cls(session[0], session[1], session[2]) else: return None - + @staticmethod - def new_session(ip: str) -> str: + def new_session(ip: str, user) -> str: token = secrets.token_hex(40) conn = Database.get_connection() cur = conn.cursor() cur.execute("DELETE FROM sessions WHERE ip = %s", (Session.ip_to_int(ip),)) - cur.execute("INSERT INTO sessions (token, ip, expiry) VALUES (%s, %s, DATE_ADD(NOW(), INTERVAL 1 HOUR))", (token, Session.ip_to_int(ip))) + cur.execute("INSERT INTO sessions (token, ip, expiry, user_id) VALUES (%s, %s, DATE_ADD(NOW(), INTERVAL 1 HOUR), %s)", (token, Session.ip_to_int(ip), user)) conn.commit() conn.close() return token diff --git a/models/user.py b/models/user.py index 1e1e5e8..bb89f61 100644 --- a/models/user.py +++ b/models/user.py @@ -31,6 +31,8 @@ def new(cls, username, email, hash1, ip, creator_id): conn.commit() cur.execute("SELECT LAST_INSERT_ID() AS id") id = cur.fetchone()["id"] + cur.execute("INSERT INTO user_permissions (user_id) VALUES (%s)", (id,)) + conn.commit() return cls(id, username, email, password, ip, ip, now, now, ip, creator_id, creator_id) @classmethod @@ -50,6 +52,7 @@ def delete(cls, id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM users WHERE id=%s", (id,)) + cur.execute("DELETE FROM user_permissions WHERE user_id=%s", (id,)) conn.commit() return None @@ -72,6 +75,35 @@ def get_by_username(cls, username): if row: return cls(row["id"], row["username"], row["email"], row["password"], row["created_ip"], row["last_ip"], row["created_at"], row["updated_at"], row["updated_by_ip"], row["created_by_user_id"], row["updated_by_user_id"]) return None + + @classmethod + def get_userid(cls, username): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT id FROM users WHERE username = %s", (username,)) + try: + user_id = cur.fetchone()["id"] + return (user_id) + except: + return None + + @staticmethod + def get_permission_token(token: str, db_column): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT user_id FROM sessions WHERE token = %s", (token,)) + try: + user_id = cur.fetchone()["user_id"] + conn.commit() + except: + return 0 + cur.execute("SELECT * FROM user_permissions WHERE user_id = %s", (user_id,)) + try: + allowed = cur.fetchone()[db_column] + conn.commit() + return (allowed) + except: + return 0 @staticmethod def get_all_users() -> list: From 3ded6560b5cd8a2d8aa5fed2007bc244d2b61bb0 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:36:14 +0200 Subject: [PATCH 03/61] add some errors for error flash --- asite.py | 9 ++++++++- models/build.py | 7 +++++++ models/build_modversion.py | 3 +++ models/user.py | 7 +++++++ 4 files changed, 25 insertions(+), 1 deletion(-) diff --git a/asite.py b/asite.py index c66cccb..914074b 100644 --- a/asite.py +++ b/asite.py @@ -83,6 +83,7 @@ def modversion(id): except connector.ProgrammingError as e: Database.create_tables() modversions = [] + flash("unable to get modversions", "error") return render_template("modversion.html", modSlug=mod.name, modversions=modversions, mod=mod, mirror_url=mirror_url) @@ -159,6 +160,7 @@ def modpack(id): except connector.ProgrammingError as e: Database.create_tables() builds = [] + flash("error when building modpack build", "error") if request.method == "POST": if "form-submit" in request.form: @@ -229,7 +231,6 @@ def mainsettings(): return redirect(url_for('alogin.login')) if User.get_permission_token(session["token"], "solder_env") == 0: - flash("Permission Denied", "error") return redirect(request.referrer) return render_template("mainsettings.html", nam=__name__, deb=debug, host=host, port=port, mirror_url=mirror_url, repo_url=repo_url, r2_url=R2_URL, db_name=db_name, versr=__version__, r2_bucket=R2_BUCKET, newuser=new_user, technic=migratetechnic) @@ -283,6 +284,7 @@ def clientlibrary(): except connector.ProgrammingError as e: Database.create_tables() clients = [] + flash("error when accessing client table", "error") return render_template("clientlibrary.html", clients=clients) @@ -320,6 +322,7 @@ def userlibrary(): except connector.ProgrammingError as e: Database.create_tables() users = [] + flash("error when accessing user table", "error") return render_template("userlibrary.html", users=users) @@ -369,6 +372,7 @@ def modpackbuild(id): packbuildname = Build.get_modpackname_by_id(id) except connector.ProgrammingError as _: + flash("failed to build modpackbuild", "error") raise _ Database.create_tables() mod_version_combo = [] @@ -422,6 +426,7 @@ def modlibrary(): except connector.ProgrammingError as e: Database.create_tables() mods = [] + flash("error when building mod list", "error") return render_template("modlibrary.html", mods=mods) @@ -477,6 +482,7 @@ def modpacklibrary(): except connector.ProgrammingError as e: Database.create_tables() modpacklibrary = [] + flash("error when getting modpacklist", "error") return render_template("modpacklibrary.html", modpacklibrary=modpacklibrary) @@ -518,6 +524,7 @@ def clients(id): except connector.ProgrammingError as e: Database.create_tables() packs = [] + flash("error when getting clients", "error") if request.method == "POST": if "form-submit" in request.form: diff --git a/models/build.py b/models/build.py index 83f71a2..0a2ad4b 100644 --- a/models/build.py +++ b/models/build.py @@ -1,5 +1,7 @@ import datetime +from flask import flash + from .database import Database from .modversion import Modversion @@ -84,6 +86,7 @@ def get_modpackname_by_id(cls, id): cur.execute("SELECT name FROM modpacks WHERE id = %s", (modpack_id,)) name = cur.fetchone()["name"] if name is None: + flash("unable to get modpackname by id", "error") return None return (name) @@ -94,6 +97,7 @@ def get_by_id(cls, id): cursor.execute("SELECT * FROM builds WHERE id = %s", (id,)) build = cursor.fetchone() if build is None: + flash("unable to get modpack by id", "error") return None return cls(**build) @@ -111,6 +115,7 @@ def get_by_modpack(modpack): builds = cursor.fetchall() if builds: return [Build(**build) for build in builds] + flash("unable to get modpack", "error") return [] @classmethod @@ -120,6 +125,7 @@ def get_by_modpack_version(cls, modpack, version): cursor.execute("SELECT * FROM builds WHERE modpack_id = %s AND version = %s", (modpack.id, version)) build = cursor.fetchone() if build is None: + flash("unable to get modpack by version", "error") return None return cls(**build) @@ -132,6 +138,7 @@ def get_marked_build(): build_id = cur.fetchone()["id"] return (build_id) except: + flash("unable to get marked build", "error") return 0 def get_modversions_minimal(self): diff --git a/models/build_modversion.py b/models/build_modversion.py index dd11378..022e6dc 100644 --- a/models/build_modversion.py +++ b/models/build_modversion.py @@ -1,3 +1,4 @@ +from flask import flash from .database import Database @@ -43,6 +44,7 @@ def get_modpack_build(id): rows = cur.fetchall() if rows: return rows + flash("Unable to get modpack build", "error") return [] @staticmethod @@ -100,4 +102,5 @@ def get_changelog(previd, id): rows = cur.fetchall() if rows: return rows + flash("Failed to make changelog", "error") return [] diff --git a/models/user.py b/models/user.py index bb89f61..469dbd8 100644 --- a/models/user.py +++ b/models/user.py @@ -1,5 +1,7 @@ import datetime +from flask import flash + from .database import Database from .modpack import Modpack from .passhasher import Passhasher @@ -85,6 +87,7 @@ def get_userid(cls, username): user_id = cur.fetchone()["id"] return (user_id) except: + flash("failed to fetch user_id from users", "error") return None @staticmethod @@ -96,13 +99,17 @@ def get_permission_token(token: str, db_column): user_id = cur.fetchone()["user_id"] conn.commit() except: + flash("unable to fetch user_id for permission check", "error") return 0 cur.execute("SELECT * FROM user_permissions WHERE user_id = %s", (user_id,)) try: allowed = cur.fetchone()[db_column] conn.commit() + if allowed == 0: + flash("Permission Denied", "error") return (allowed) except: + flash("unable to check your permission", "error") return 0 @staticmethod From 1f9e61127e0a877882d4e68d15337ec12c5908b0 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:40:33 +0200 Subject: [PATCH 04/61] add more pages to user auth --- asite.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/asite.py b/asite.py index 914074b..08ba636 100644 --- a/asite.py +++ b/asite.py @@ -241,6 +241,9 @@ def apikeylibrary(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_keys") == 0: + return redirect(request.referrer) try: keys = Key.get_all_keys() @@ -256,6 +259,10 @@ def apikeylibrary_post(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_keys") == 0: + return redirect(request.referrer) + if request.method == "POST": if "form-submit" in request.form: if "keyname" not in request.form: @@ -278,6 +285,9 @@ def clientlibrary(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_clients") == 0: + return redirect(request.referrer) try: clients = Client.get_all_clients() @@ -294,6 +304,10 @@ def clientlibrary_post(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_clients") == 0: + return redirect(request.referrer) + if request.method == "POST": if "form-submit" in request.form: if "client_name" not in request.form: @@ -316,6 +330,9 @@ def userlibrary(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) try: users = User.get_all_users() @@ -332,6 +349,10 @@ def userlibrary_post(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) + if request.method == "POST": if "form-submit" in request.form: if "newemail" not in request.form: @@ -518,6 +539,9 @@ def clients(id): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_clients") == 0: + return redirect(request.referrer) try: packs = Client_modpack.get_all_client_modpacks(id) From 1aaccd42eb31e4f7f7f747ee650f5c052a819cab Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:49:06 +0200 Subject: [PATCH 05/61] setup user get full permission --- models/user.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/models/user.py b/models/user.py index 469dbd8..a0d9c17 100644 --- a/models/user.py +++ b/models/user.py @@ -1,6 +1,7 @@ import datetime from flask import flash +from models.globals import new_user from .database import Database from .modpack import Modpack @@ -33,7 +34,10 @@ def new(cls, username, email, hash1, ip, creator_id): conn.commit() cur.execute("SELECT LAST_INSERT_ID() AS id") id = cur.fetchone()["id"] - cur.execute("INSERT INTO user_permissions (user_id) VALUES (%s)", (id,)) + if new_user is False: + cur.execute("INSERT INTO user_permissions (user_id) VALUES (%s)", (id,)) + if new_user is True: + cur.execute("INSERT INTO user_permissions (user_id, solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete) VALUES (%s, 1, 1, 1, 1, 1, 1, 1, 1 ,1 ,1 ,1)", (id,)) conn.commit() return cls(id, username, email, password, ip, ip, now, now, ip, creator_id, creator_id) From e4008bee8e4e0f9cfbe1a11087434cd1a2c46bf9 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 02:58:46 +0200 Subject: [PATCH 06/61] add new table for user modpack --- models/database.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/models/database.py b/models/database.py index 90c00b4..3c9088c 100644 --- a/models/database.py +++ b/models/database.py @@ -175,6 +175,15 @@ def create_tables() -> bool: updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP )""" ) + cur.execute( + """CREATE TABLE IF NOT EXISTS user_modpack ( + id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, + user_id INT NOT NULL, + modpack_id INT NOT NULL, + created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP + )""" + ) cur.execute( """CREATE TABLE IF NOT EXISTS `keys` ( id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, @@ -307,6 +316,15 @@ def migratetechnic_tables() -> bool: user_id INT NOT NULL )""" ) + cur.execute( + """CREATE TABLE IF NOT EXISTS user_modpack ( + id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, + user_id INT NOT NULL, + modpack_id INT NOT NULL, + created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP + )""" + ) con.commit() con.close() print("technic database migrated!") From 94211c4497cd46e0cc1283b76d3e35ea56068777 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 03:09:20 +0200 Subject: [PATCH 07/61] add full permissions --- models/database.py | 2 +- models/user.py | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/models/database.py b/models/database.py index 3c9088c..0e03855 100644 --- a/models/database.py +++ b/models/database.py @@ -323,7 +323,7 @@ def migratetechnic_tables() -> bool: modpack_id INT NOT NULL, created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP - )""" + )""" ) con.commit() con.close() diff --git a/models/user.py b/models/user.py index a0d9c17..188ccfd 100644 --- a/models/user.py +++ b/models/user.py @@ -107,7 +107,10 @@ def get_permission_token(token: str, db_column): return 0 cur.execute("SELECT * FROM user_permissions WHERE user_id = %s", (user_id,)) try: - allowed = cur.fetchone()[db_column] + row = cur.fetchone() + allowed = row[db_column] + if row["solder_full"] == 1: + allowed = 1 conn.commit() if allowed == 0: flash("Permission Denied", "error") From ccd965ef6ceaf0bd282c8cb094bcf9bc83e75f1b Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 03:10:47 +0200 Subject: [PATCH 08/61] bump version --- models/globals.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/globals.py b/models/globals.py index 57f8fb1..e852f7c 100644 --- a/models/globals.py +++ b/models/globals.py @@ -2,7 +2,7 @@ from dotenv import load_dotenv ## Solderpy version -solderpy_version = "1.4.3" +solderpy_version = "1.5.0" load_dotenv(".env") From b84a6b1bb3163992ae3d982d204414b3f8591dc3 Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Sun, 1 Sep 2024 13:30:32 +0200 Subject: [PATCH 09/61] Update dependencies --- Pipfile.lock | 39 +++++++++++++++++---------------------- requirements.txt | Bin 0 -> 824 bytes 2 files changed, 17 insertions(+), 22 deletions(-) create mode 100644 requirements.txt diff --git a/Pipfile.lock b/Pipfile.lock index 5c134aa..65068a1 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -26,28 +26,27 @@ }, "boto3": { "hashes": [ - "sha256:79450f92188a8b992b3d0b802028acadf448bc6fdde877c3262c9f94d74d1c7d", - "sha256:bf3153bf5d66be2bb2112edc94eb143c0cba3fb502c5591437bd1c54f57eb559" + "sha256:189ab1e2b4cd86df56f82438d89b4040eb140c92683f1bda7cb2e62624f20ea5", + "sha256:add26dd58e076dfd387013da4704716d5cff215cf14f6d4347c4b9b7fc1f0b8e" ], "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==1.34.160" + "version": "==1.35.10" }, "botocore": { "hashes": [ - "sha256:39bcf31318a062a8a9260bf7044131694ed18f019568d2eba0a22164fdca49bd", - "sha256:a5fd531c640fb2dc8b83f264efbb87a6e33b9c9f66ebbb1c61b42908f2786cac" + "sha256:0d96d023b9b0cea99a0a428a431d011329d3a958730aee6ed6a6fec5d9bfbc03", + "sha256:6c8a1377b6636a0d80218115e1cd41bcceba0a2f050b79c206f4cf8d002c54d7" ], "markers": "python_version >= '3.8'", - "version": "==1.34.160" + "version": "==1.35.10" }, "certifi": { "hashes": [ - "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", - "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" + "sha256:922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8", + "sha256:bec941d2aa8195e248a60b31ff9f0558284cf01a52591ceda73ea9afffd69fd9" ], "markers": "python_version >= '3.6'", - "version": "==2024.7.4" + "version": "==2024.8.30" }, "charset-normalizer": { "hashes": [ @@ -142,7 +141,7 @@ "sha256:fd1abc0d89e30cc4e02e4064dc67fcc51bd941eb395c502aac3ec19fab46b519", "sha256:ff8fa367d09b717b2a17a052544193ad76cd49979c805768879cb63d9ca50561" ], - "markers": "python_full_version >= '3.7.0'", + "markers": "python_version >= '3.7'", "version": "==3.3.2" }, "click": { @@ -167,16 +166,15 @@ "sha256:ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==3.0.3" }, "idna": { "hashes": [ - "sha256:028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc", - "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0" + "sha256:050b4e5baadcd44d760cedbd2b8e639f2ff89bbc7a5730fcc662954303377aac", + "sha256:d838c2c0ed6fced7693d5e8ab8e734d5f8fda53a039c0164afb0b82e771e3603" ], - "markers": "python_version >= '3.5'", - "version": "==3.7" + "markers": "python_version >= '3.6'", + "version": "==3.8" }, "itsdangerous": { "hashes": [ @@ -298,7 +296,6 @@ "sha256:f41cb8da8bb487ed60329ac31789c50621f0e6d2c26abc7d4ae2383838fb1b93" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==9.0.0" }, "python-dateutil": { @@ -315,7 +312,6 @@ "sha256:f7b63ef50f1b690dddf550d03497b66d609393b40b564ed0d674909a68ebf16a" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==1.0.1" }, "requests": { @@ -324,7 +320,6 @@ "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6" ], "index": "pypi", - "markers": "python_version >= '3.8'", "version": "==2.32.3" }, "s3transfer": { @@ -353,11 +348,11 @@ }, "werkzeug": { "hashes": [ - "sha256:097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18", - "sha256:fc9645dc43e03e4d630d23143a04a7f947a9a3b5727cd535fdfe155a17cc48c8" + "sha256:02c9eb92b7d6c06f31a782811505d2157837cea66aaede3e217c7c27c039476c", + "sha256:34f2371506b250df4d4f84bfe7b0921e4762525762bbd936614909fe25cd7306" ], "markers": "python_version >= '3.8'", - "version": "==3.0.3" + "version": "==3.0.4" } }, "develop": {} diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000000000000000000000000000000000000..ca3ca78aa717da72be7753bffccc65d5a7e4b61c GIT binary patch literal 824 zcmY+CSx&=15JdYMiK7I?cEa+(5%}T+juV4J7RMg59Ugeq<8g?riK40Ms_O3f{aM-0 z8avpVZLG6LzRYgyo|D_PUD?Wx7C6O(6}AM;Y<_`Pa5^-S!X>M6^?*~&5htfUx5emH zjB1s=T8T~%KiG_1Qr&Z>l;2avf;yd;v2wJc2PrGNdbsm^%C&Qq(sjg`gUb2V88vu` zW2}~{@WQdi)?_GMSIGT%8{n_GKiG?BI@-WZ>`SSnq3LaXwp*C_q@iq!5#3YWTMHiO zT=hcbpE=_Rq$Ak?=b8UC{Ny6$(ph`^LghpsGgH3@z77Ahw~o6OT>3&({V;mOj4hnF z;}t%&GvaK|IsPlmyz_v=fNFzlN|bb4^m?$Qe|A@`yf!3x_qxk|^@2|5YATv>QZ9U^ zaVI^y31rsvd!I;rw=u1L*2dz|);{pp)b-v5Hmnrs IUBu1(0q4$mi~s-t literal 0 HcmV?d00001 From 142b10a1f5a32eca08b61661d030708faff1cc06 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 13:54:41 +0200 Subject: [PATCH 10/61] add more pages to permission system --- asite.py | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/asite.py b/asite.py index 08ba636..b51dd03 100644 --- a/asite.py +++ b/asite.py @@ -75,6 +75,9 @@ def modversion(id): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "mods_manage") == 0: + return redirect(request.referrer) mod = Mod.get_by_id(id) @@ -93,12 +96,18 @@ def newmodversion(id): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "mods_manage") == 0: + return redirect(request.referrer) + if "form-submit" in request.form: mod_side = request.form['flexRadioDefault'] mod_type = request.form['type'] Mod.update(id, request.form["name"], request.form["description"], request.form["author"], request.form["link"], request.form["pretty_name"], mod_side, mod_type, request.form["internal_note"]) return redirect(id) if "deleteversion_submit" in request.form: + if User.get_permission_token(session["token"], "mods_delete") == 0: + return redirect(request.referrer) if "delete_id" not in request.form: return redirect(id) Modversion.delete_modversion(request.form["delete_id"]) @@ -109,6 +118,8 @@ def newmodversion(id): Modversion.add_modversion_to_selected_build(request.form["addtoselbuild_id"], id, "0", "1", "0") return redirect(id) if "deletemod_submit" in request.form: + if User.get_permission_token(session["token"], "mods_delete") == 0: + return redirect(request.referrer) if "mod_delete_id" not in request.form: return redirect(id) Mod.delete_mod(request.form["mod_delete_id"]) @@ -139,6 +150,10 @@ def newmod(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "mods_create") == 0: + return redirect(request.referrer) + if request.method == "POST": mod_side = request.form['flexRadioDefault'] mod_type = request.form['type'] @@ -153,6 +168,9 @@ def modpack(id): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) try: modpack = Modpack.get_by_id(id) @@ -164,6 +182,10 @@ def modpack(id): if request.method == "POST": if "form-submit" in request.form: + + if User.get_permission_token(session["token"], "modpacks_create") == 0: + return redirect(request.referrer) + publish = "0" private = "0" if "min_java" in request.form: @@ -201,6 +223,10 @@ def modpack(id): newversion = request.form["changelog_newver"] return redirect(url_for('asite.changelog', oldver=oldversion, newver=newversion)) if "deletemod_submit" in request.form: + + if User.get_permission_token(session["token"], "modpacks_delete") == 0: + return redirect(request.referrer) + if "modpack_delete_id" not in request.form: return redirect(id) modpack.delete_modpack(request.form["modpack_delete_id"]) @@ -384,6 +410,9 @@ def modpackbuild(id): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) try: listmod = Mod.get_all_pretty_names() @@ -419,11 +448,15 @@ def modpackbuild(id): Modversion.update_modversion_in_build(request.form["selmodver_oldver"], request.form["selmodver_ver"], id) return redirect(id) if "delete_submit" in request.form: + if User.get_permission_token(session["token"], "modpacks_delete") == 0: + return redirect(request.referrer) if "delete_id" not in request.form: return redirect(id) Build_modversion.delete_build_modversion(request.form["delete_id"]) return redirect(id) if "deletebuild_submit" in request.form: + if User.get_permission_token(session["token"], "modpacks_delete") == 0: + return redirect(request.referrer) Build.delete_build(id) return redirect(url_for('asite.modpacklibrary')) if "add_mod_submit" in request.form: @@ -441,6 +474,9 @@ def modlibrary(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "mods_manage") == 0: + return redirect(request.referrer) try: mods = Mod.get_all() @@ -457,6 +493,9 @@ def modlibrary_post(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "mods_manage") == 0: + return redirect(request.referrer) if "form-submit" in request.form: markedbuild = "0" @@ -497,6 +536,9 @@ def modpacklibrary(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) try: modpacklibrary = Modpack.get_all() @@ -513,9 +555,14 @@ def modpacklibrary_post(): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) if request.method == "POST": if "form-submit" in request.form: + if User.get_permission_token(session["token"], "modpacks_create") == 0: + return redirect(request.referrer) hidden = "0" private = "0" if "hidden" in request.form: From 3fa52c389af6668fb6a3560f1454e63a7387320f Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 13:59:50 +0200 Subject: [PATCH 11/61] add optinal and server enable database entries --- models/database.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/models/database.py b/models/database.py index 0e03855..b84aee5 100644 --- a/models/database.py +++ b/models/database.py @@ -64,7 +64,9 @@ def create_tables() -> bool: `order` INT DEFAULT(0), hidden TINYINT(1) DEFAULT(1), private TINYINT(1) DEFAULT(0), - pinned TINYINT(1) NOT NULL DEFAULT(0) + pinned TINYINT(1) NOT NULL DEFAULT(0), + enable_optionals BOOLEAN DEFAULT(0), + enable_server BOOLEAN DEFAULT(0) )""" ) cur.execute( @@ -275,7 +277,9 @@ def migratetechnic_tables() -> bool: cur.execute( """ALTER TABLE modpacks ADD COLUMN user_id INT NOT NULL AFTER slug, - ADD COLUMN pinned TINYINT(1) NOT NULL DEFAULT(0) + ADD COLUMN pinned TINYINT(1) NOT NULL DEFAULT(0), + ADD COLUMN enable_optionals BOOLEAN DEFAULT(0), + ADD COLUMN enable_server BOOLEAN DEFAULT(0) """ ) cur.execute( From 771dda4f9750d5e7e97dc903ef6d2eda0257a99e Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Sun, 1 Sep 2024 14:01:10 +0200 Subject: [PATCH 12/61] Add API support for server/optional builds --- api.py | 13 +++++++++---- models/build.py | 29 ++++++++++++++++++++++------- 2 files changed, 31 insertions(+), 11 deletions(-) diff --git a/api.py b/api.py index 374d45b..22e014c 100644 --- a/api.py +++ b/api.py @@ -49,14 +49,19 @@ def modpack_slug(slug: str): @api.route("/api/modpack//") -def modpack_slug_build(slug: str, build: str): - modpack = Modpack.get_by_cid_slug(request.args.get("cid"), slug) +def modpack_slug_build(slugstring: str, buildstring: str): + modpack = Modpack.get_by_cid_slug(request.args.get("cid"), slugstring) if not modpack: return jsonify({"error": "Modpack does not exist/Build does not exist"}), 404 - build = modpack.get_build(build) + + buildsplit = buildstring.split("-") + buildsplit += "" + buildnumber = buildsplit[0] + buildtag = buildsplit[1] + build = modpack.get_build(buildnumber) if not build: return jsonify({"error": "Modpack does not exist/Build does not exist"}), 404 - modversions = build.get_modversions_minimal() + modversions = build.get_modversions_minimal(buildtag) moddata = [] for mv in modversions: moddata.append( diff --git a/models/build.py b/models/build.py index 0a2ad4b..3da9150 100644 --- a/models/build.py +++ b/models/build.py @@ -141,15 +141,30 @@ def get_marked_build(): flash("unable to get marked build", "error") return 0 - def get_modversions_minimal(self): + def get_modversions_minimal(self, tag: str): conn = Database.get_connection() cursor = conn.cursor(dictionary=True) - cursor.execute( - """SELECT modversions.id, modversions.mod_id, modversions.version, modversions.mcversion, modversions.md5, modversions.created_at, modversions.updated_at, modversions.filesize, mods.name AS modname, build_modversion.optional - FROM modversions - INNER JOIN build_modversion ON modversions.id = build_modversion.modversion_id JOIN mods ON modversions.mod_id = mods.id - WHERE build_modversion.build_id = %s AND build_modversion.optional = 0 AND mods.side IN ('CLIENT','BOTH') - """, (self.id,)) + if tag == "OPTIONAL": + cursor.execute( + """SELECT modversions.id, modversions.mod_id, modversions.version, modversions.mcversion, modversions.md5, modversions.created_at, modversions.updated_at, modversions.filesize, mods.name AS modname, build_modversion.optional + FROM modversions + INNER JOIN build_modversion ON modversions.id = build_modversion.modversion_id JOIN mods ON modversions.mod_id = mods.id + WHERE build_modversion.build_id = %s AND build_modversion.optional = 1 AND mods.side IN ('CLIENT','BOTH') + """, (self.id,)) + elif tag == "SERVER": + cursor.execute( + """SELECT modversions.id, modversions.mod_id, modversions.version, modversions.mcversion, modversions.md5, modversions.created_at, modversions.updated_at, modversions.filesize, mods.name AS modname, build_modversion.optional + FROM modversions + INNER JOIN build_modversion ON modversions.id = build_modversion.modversion_id JOIN mods ON modversions.mod_id = mods.id + WHERE build_modversion.build_id = %s AND build_modversion.optional = 0 AND mods.side IN ('SERVER','BOTH') + """, (self.id,)) + else: + cursor.execute( + """SELECT modversions.id, modversions.mod_id, modversions.version, modversions.mcversion, modversions.md5, modversions.created_at, modversions.updated_at, modversions.filesize, mods.name AS modname, build_modversion.optional + FROM modversions + INNER JOIN build_modversion ON modversions.id = build_modversion.modversion_id JOIN mods ON modversions.mod_id = mods.id + WHERE build_modversion.build_id = %s AND build_modversion.optional = 0 AND mods.side IN ('CLIENT','BOTH') + """, (self.id,)) modversions = cursor.fetchall() if modversions: versions = [] From 2dd73586e844a1832d7badf0847b2b5931bf3bd7 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 14:04:42 +0200 Subject: [PATCH 13/61] add error for fileupload to s3 --- asite.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/asite.py b/asite.py index b51dd03..526ef03 100644 --- a/asite.py +++ b/asite.py @@ -516,7 +516,10 @@ def modlibrary_post(): filew.save(os.path.join(UPLOAD_FOLDER + secure_filename(request.form["mod"]) + "/", filename)) if R2_BUCKET != None: keyname = "mods/" + request.form["mod"] + "/" + filename - R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + filename, R2_BUCKET, keyname, ExtraArgs={'ContentType': 'application/zip'}) + try: + R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + filename, R2_BUCKET, keyname, ExtraArgs={'ContentType': 'application/zip'}) + except: + flash("failed to upload file to bucket", "error") jarfilew = request.files['jarfile'] if jarfilew and allowed_file(jarfilew.filename): jarfilename = secure_filename(jarfilew.filename) From 2b031f8b133ff1998238997180d4bd993269e4c2 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 14:09:50 +0200 Subject: [PATCH 14/61] add upload to s3 for jarfiles aswell --- asite.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/asite.py b/asite.py index 526ef03..89e4426 100644 --- a/asite.py +++ b/asite.py @@ -528,7 +528,10 @@ def modlibrary_post(): jarfilew.save(os.path.join(UPLOAD_FOLDER + secure_filename(request.form["mod"]) + "/", jarfilename)) if R2_BUCKET != None: jarkeyname = "mods/" + request.form["mod"] + "/" + jarfilename - R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + jarfilename, R2_BUCKET, jarkeyname, ExtraArgs={'ContentType': 'application/zip'}) + try: + R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + jarfilename, R2_BUCKET, jarkeyname, ExtraArgs={'ContentType': 'application/zip'}) + except: + flash("failed to upload file to bucket", "error") return redirect(url_for('asite.modlibrary')) return redirect(url_for('asite.modlibrary')) From e7c421425cc07825588e53570fb830fbbf72b64c Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 14:11:26 +0200 Subject: [PATCH 15/61] specify jarfile in error --- asite.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asite.py b/asite.py index 89e4426..4c43de6 100644 --- a/asite.py +++ b/asite.py @@ -531,7 +531,7 @@ def modlibrary_post(): try: R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + jarfilename, R2_BUCKET, jarkeyname, ExtraArgs={'ContentType': 'application/zip'}) except: - flash("failed to upload file to bucket", "error") + flash("failed to upload jarfile to bucket", "error") return redirect(url_for('asite.modlibrary')) return redirect(url_for('asite.modlibrary')) From 4214c6c8cea9cff0df5dfeeb24ef4be2c5208690 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 14:11:42 +0200 Subject: [PATCH 16/61] specify zip in error --- asite.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asite.py b/asite.py index 4c43de6..b8b987c 100644 --- a/asite.py +++ b/asite.py @@ -519,7 +519,7 @@ def modlibrary_post(): try: R2.upload_file(UPLOAD_FOLDER + request.form["mod"] + "/" + filename, R2_BUCKET, keyname, ExtraArgs={'ContentType': 'application/zip'}) except: - flash("failed to upload file to bucket", "error") + flash("failed to upload zipfile to bucket", "error") jarfilew = request.files['jarfile'] if jarfilew and allowed_file(jarfilew.filename): jarfilename = secure_filename(jarfilew.filename) From 316e9cf2572f99e78628ac841ab654d9355e2c40 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 14:30:47 +0200 Subject: [PATCH 17/61] allow users to change their own password --- asite.py | 10 ++++++++-- models/session.py | 11 +++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/asite.py b/asite.py index b8b987c..3aa708b 100644 --- a/asite.py +++ b/asite.py @@ -376,11 +376,12 @@ def userlibrary_post(): # New or invalid session, send to login return redirect(url_for('alogin.login')) - if User.get_permission_token(session["token"], "solder_users") == 0: - return redirect(request.referrer) + if request.method == "POST": if "form-submit" in request.form: + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) if "newemail" not in request.form: return redirect(url_for('asite.userlibrary')) if "newpassword" not in request.form: @@ -390,11 +391,16 @@ def userlibrary_post(): User.new(request.form["newuser"], request.form["newemail"], request.form["newpassword"], request.remote_addr, '1') return redirect(url_for('asite.userlibrary')) if "form2-submit" in request.form: + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) if "delete_id" not in request.form: return redirect(url_for('asite.userlibrary')) User.delete(request.form["delete_id"]) return redirect(url_for('asite.userlibrary')) if "changeuser_submit" in request.form: + if session.get_user_id(session["token"]) != request.form["changeuser_id"]: + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) if "changeuser_id" not in request.form: return redirect(url_for('asite.userlibrary')) if "changeuser_password" not in request.form: diff --git a/models/session.py b/models/session.py index 605856c..749bae6 100644 --- a/models/session.py +++ b/models/session.py @@ -44,6 +44,17 @@ def get_and_update_from_token(cls, token: str) -> Session: else: return None + @staticmethod + def get_user_id(token: str): + conn = Database.get_connection() + cur = conn.cursor() + cur.execute("SELECT user_id FROM sessions WHERE token = %s", (token,)) + try: + user_id = cur.fetchone()["user_id"] + return (user_id) + except: + return None + @staticmethod def new_session(ip: str, user) -> str: token = secrets.token_hex(40) From 4c8801ecb2b5468afa0614feaad92e767a06173d Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 15:50:23 +0200 Subject: [PATCH 18/61] stop dublicates --- templates/clients.html | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/clients.html b/templates/clients.html index 25f9737..268d174 100644 --- a/templates/clients.html +++ b/templates/clients.html @@ -37,8 +37,9 @@
From bb7dbcc0ea5f670782ccf9c98f269bd5fca68dfd Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 15:50:42 +0200 Subject: [PATCH 19/61] remove required on notes --- templates/modversion.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/modversion.html b/templates/modversion.html index ae71460..c4ca68b 100644 --- a/templates/modversion.html +++ b/templates/modversion.html @@ -155,7 +155,7 @@
- +
From 636a273e3d0a3c4742f4180b6ba224c1af28fcc8 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 15:51:04 +0200 Subject: [PATCH 20/61] add user manegement --- asite.py | 77 ++++++++++++++++++++++++++++ models/user_modpack.py | 70 +++++++++++++++++++++++++ static/css/layout.css | 4 ++ templates/user.html | 101 +++++++++++++++++++++++++++++++++++++ templates/userlibrary.html | 2 +- 5 files changed, 253 insertions(+), 1 deletion(-) create mode 100644 models/user_modpack.py create mode 100644 templates/user.html diff --git a/asite.py b/asite.py index 3aa708b..6d77d4b 100644 --- a/asite.py +++ b/asite.py @@ -18,6 +18,7 @@ from mysql import connector from werkzeug.utils import secure_filename from models.globals import mirror_url, debug, host, port, repo_url, R2_URL, db_name, R2_BUCKET, new_user, migratetechnic, solderpy_version, R2_REGION, R2_ENDPOINT, R2_ACCESS_KEY, R2_SECRET_KEY, UPLOAD_FOLDER +from models.user_modpack import User_modpack __version__ = solderpy_version @@ -624,8 +625,84 @@ def clients(id): try: modpacklibrary = Modpack.get_all() except connector.ProgrammingError as e: + flash("error when getting modpack list", "error") Database.create_tables() modpacklibrary = [] return render_template("clients.html", clients=packs, modpacklibrary=modpacklibrary) +@asite.route("/user/", methods=["GET", "POST"]) +def user(id): + if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): + # New or invalid session, send to login + return redirect(url_for('alogin.login')) + + if User.get_permission_token(session["token"], "solder_users") == 0: + return redirect(request.referrer) + + try: + packs = User_modpack.get_all_user_modpacks(id) + except connector.ProgrammingError as e: + Database.create_tables() + packs = [] + flash("error when getting user modpack list", "error") + + user_perms = User_modpack.get_user_permission(id) + + if request.method == "POST": + if "form-submit" in request.form: + if "modpack" not in request.form: + return redirect(id) + User_modpack.new(id, request.form["modpack"]) + return redirect(id) + if "form2-submit" in request.form: + if "delete_id" not in request.form: + return redirect(id) + User_modpack.delete_user_modpack(request.form["delete_id"]) + return redirect(id) + if "perm-submit" in request.form: + solder_full = "0" + solder_users = "0" + solder_keys = "0" + solder_clients = "0" + solder_env = "0" + mods_create = "0" + mods_manage = "0" + mods_delete = "0" + modpacks_create = "0" + modpacks_manage = "0" + modpacks_delete = "0" + if "solder_full" in request.form: + solder_full = request.form['solder_full'] + if "solder_users" in request.form: + solder_users = request.form['solder_users'] + if "solder_keys" in request.form: + solder_keys = request.form['solder_keys'] + if "solder_clients" in request.form: + solder_clients = request.form['solder_clients'] + if "solder_env" in request.form: + solder_env = request.form['solder_env'] + if "mods_create" in request.form: + mods_create = request.form['mods_create'] + if "mods_manage" in request.form: + mods_manage = request.form['mods_manage'] + if "mods_delete" in request.form: + mods_delete = request.form['mods_delete'] + if "modpacks_create" in request.form: + modpacks_create = request.form['modpacks_create'] + if "modpacks_manage" in request.form: + modpacks_manage = request.form['modpacks_manage'] + if "modpacks_delete" in request.form: + modpacks_delete = request.form['modpacks_delete'] + User_modpack.update_userpermissions(id, solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete) + return redirect(id) + + try: + modpacklibrary = Modpack.get_all() + except connector.ProgrammingError as e: + flash("error when getting modpack list", "error") + Database.create_tables() + modpacklibrary = [] + + return render_template("user.html", userpacks=packs, modpacklibrary=modpacklibrary, user_perms=user_perms) + diff --git a/models/user_modpack.py b/models/user_modpack.py new file mode 100644 index 0000000..fa25bd0 --- /dev/null +++ b/models/user_modpack.py @@ -0,0 +1,70 @@ +import datetime + +from flask import flash + +from .database import Database + + +class User_modpack: + def __init__(self, id, user_id, modpack_id, created_at, updated_at): + self.id = id + self.user_id = user_id + self.modpack_id = modpack_id + self.created_at = created_at + self.updated_at = updated_at + + @classmethod + def new(cls, user_id, modpack_id): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + now = datetime.datetime.now() + cur.execute("INSERT INTO user_modpack (user_id, modpack_id, created_at, updated_at) VALUES (%s, %s, %s, %s)", (user_id, modpack_id, now, now)) + conn.commit() + cur.execute("SELECT LAST_INSERT_ID() AS id") + id = cur.fetchone()["id"] + return cls(id, user_id, modpack_id, now, now) + + @classmethod + def delete_user_modpack(cls, id): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("DELETE FROM user_modpack WHERE id=%s", (id,)) + conn.commit() + return None + + @staticmethod + def get_all_user_modpacks(id) -> list: + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute( + """SELECT user_modpack.id, user_modpack.user_id, user_modpack.modpack_id, user_modpack.created_at, user_modpack.updated_at, users.username AS user_name, modpacks.name AS modpack_name + FROM user_modpack + INNER JOIN users ON user_modpack.user_id = users.id + INNER JOIN modpacks ON user_modpack.modpack_id = modpacks.id + WHERE user_modpack.user_id = %s + """, (id,)) + rows = cur.fetchall() + if rows: + return rows + return [] + + @staticmethod + def get_user_permission(id) -> list: + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT * FROM user_permissions WHERE user_id = %s", (id,)) + rows = cur.fetchone() + if rows: + return rows + return [] + + @staticmethod + def update_userpermissions(id, solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + now = datetime.datetime.now() + cur.execute("""UPDATE user_permissions + SET solder_full = %s, solder_users = %s, solder_keys = %s, solder_clients = %s, solder_env = %s, mods_create = %s, mods_manage = %s, mods_delete = %s, modpacks_create = %s, modpacks_manage = %s, modpacks_delete = %s + WHERE user_id = %s;""", (solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete, id)) + conn.commit() + return None \ No newline at end of file diff --git a/static/css/layout.css b/static/css/layout.css index 2e916e2..0c8ab8d 100644 --- a/static/css/layout.css +++ b/static/css/layout.css @@ -95,4 +95,8 @@ main { .grid2 { grid-column: 2; grid-row: 1; +} + +.spacers { + min-height: 5vh; } \ No newline at end of file diff --git a/templates/user.html b/templates/user.html new file mode 100644 index 0000000..8a62432 --- /dev/null +++ b/templates/user.html @@ -0,0 +1,101 @@ +{%extends "layout.html"%} {% set active_page = "userlibrary" %} {%block head%} +solder.py + {%endblock%}{%block main%} + +
+ + + + + + + + + + + {%for mod in userpacks%} + + + + + + + {%endfor%} + +
UsernameModpack IDModpack NameAction
{{mod.user_name}}{{mod.modpack_id}}{{mod.modpack_name}}
+
+ + +
+
+ +{% endblock %} + +{%block aside%} +
+
+
+ + +
+ +
+
+
+
+
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+ +
+
+ + +{% endblock %} \ No newline at end of file diff --git a/templates/userlibrary.html b/templates/userlibrary.html index 1d59c8f..2905471 100644 --- a/templates/userlibrary.html +++ b/templates/userlibrary.html @@ -22,8 +22,8 @@ {{mod.username}}
- +
From 12c2d82b026f6fc983b54306a256c12a634d80b1 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 15:52:15 +0200 Subject: [PATCH 21/61] remove old unused flash system --- templates/apikeylibrary.html | 11 ----------- templates/clientlibrary.html | 11 ----------- templates/clients.html | 11 ----------- templates/modlibrary.html | 12 ------------ templates/modpack.html | 11 ----------- templates/modpackbuild.html | 11 ----------- templates/modpacklibrary.html | 10 ---------- templates/modversion.html | 10 ---------- templates/userlibrary.html | 11 ----------- 9 files changed, 98 deletions(-) diff --git a/templates/apikeylibrary.html b/templates/apikeylibrary.html index bd25615..ef46b53 100644 --- a/templates/apikeylibrary.html +++ b/templates/apikeylibrary.html @@ -49,17 +49,6 @@ - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %} diff --git a/templates/clientlibrary.html b/templates/clientlibrary.html index 94eaa4c..e51cf69 100644 --- a/templates/clientlibrary.html +++ b/templates/clientlibrary.html @@ -54,17 +54,6 @@ - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %} diff --git a/templates/clients.html b/templates/clients.html index 268d174..4d86881 100644 --- a/templates/clients.html +++ b/templates/clients.html @@ -45,17 +45,6 @@ - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %} diff --git a/templates/modlibrary.html b/templates/modlibrary.html index 09e58c7..9386df1 100644 --- a/templates/modlibrary.html +++ b/templates/modlibrary.html @@ -106,18 +106,6 @@ - - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %}
diff --git a/templates/modpack.html b/templates/modpack.html index 45750f2..1209d2d 100644 --- a/templates/modpack.html +++ b/templates/modpack.html @@ -125,17 +125,6 @@ - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %}
diff --git a/templates/modpackbuild.html b/templates/modpackbuild.html index bbe38ba..b103898 100644 --- a/templates/modpackbuild.html +++ b/templates/modpackbuild.html @@ -142,17 +142,6 @@
- {% if success %} - - {% endif %} - {% if failed %} - - {% endif %} diff --git a/templates/modpacklibrary.html b/templates/modpacklibrary.html index 93d5e2b..272b28d 100644 --- a/templates/modpacklibrary.html +++ b/templates/modpacklibrary.html @@ -71,16 +71,6 @@ - {% if success %} - - {% endif %} {% if failed %} - - {% endif %} diff --git a/templates/modversion.html b/templates/modversion.html index c4ca68b..b416ca5 100644 --- a/templates/modversion.html +++ b/templates/modversion.html @@ -160,16 +160,6 @@ - {% if success %} - - {% endif %} - {% if failed %} - - {% endif %}
diff --git a/templates/userlibrary.html b/templates/userlibrary.html index 2905471..6be7c94 100644 --- a/templates/userlibrary.html +++ b/templates/userlibrary.html @@ -73,17 +73,6 @@
- {% if success %} - - {% endif %} - {% if failed %} - - {% endif %} From a87680bbc83576f90b32811414b11b77d9745712 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 21:10:22 +0200 Subject: [PATCH 22/61] add per modpack access --- asite.py | 6 ++++++ models/build.py | 13 +++++++++++++ models/user_modpack.py | 29 +++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+) diff --git a/asite.py b/asite.py index 6d77d4b..d91e97b 100644 --- a/asite.py +++ b/asite.py @@ -172,6 +172,9 @@ def modpack(id): if User.get_permission_token(session["token"], "modpacks_manage") == 0: return redirect(request.referrer) + + if User_modpack.get_user_modpackpermission(session["token"], id) == False: + return redirect(request.referrer) try: modpack = Modpack.get_by_id(id) @@ -420,6 +423,9 @@ def modpackbuild(id): if User.get_permission_token(session["token"], "modpacks_manage") == 0: return redirect(request.referrer) + + if User_modpack.get_user_modpackpermission(session["token"], Build.get_modpackid_by_id(id)) == False: + return redirect(request.referrer) try: listmod = Mod.get_all_pretty_names() diff --git a/models/build.py b/models/build.py index 3da9150..631a3e9 100644 --- a/models/build.py +++ b/models/build.py @@ -89,6 +89,19 @@ def get_modpackname_by_id(cls, id): flash("unable to get modpackname by id", "error") return None return (name) + + @classmethod + def get_modpackid_by_id(cls, id): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT modpack_id FROM builds WHERE id = %s", (id,)) + try: + row = cur.fetchone()["modpack_id"] + conn.commit() + return (row) + except: + flash("unable to get modpackid by id", "error") + return 0 @classmethod def get_by_id(cls, id): diff --git a/models/user_modpack.py b/models/user_modpack.py index fa25bd0..7a73959 100644 --- a/models/user_modpack.py +++ b/models/user_modpack.py @@ -48,6 +48,35 @@ def get_all_user_modpacks(id) -> list: return rows return [] + @staticmethod + def get_user_modpackpermission(token: str, modpack_id) -> list: + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT user_id FROM sessions WHERE token = %s", (token,)) + try: + user_id = cur.fetchone()["user_id"] + conn.commit() + except: + flash("unable to fetch user_id for permission check", "error") + return False + cur.execute("SELECT solder_full FROM user_permissions WHERE user_id = %s", (user_id,)) + try: + row = cur.fetchone()["solder_full"] + conn.commit() + if row == 1: + return True + except: + flash("unable to check your admin permission", "error") + cur.execute("SELECT modpack_id FROM user_modpack WHERE user_id = %s AND modpack_id = %s", (user_id, modpack_id)) + try: + rows = cur.fetchone()["modpack_id"] + conn.commit() + if rows == modpack_id: + return True + except: + flash("Permission denied to this modpack", "error") + return False + @staticmethod def get_user_permission(id) -> list: conn = Database.get_connection() From 34c1a496e9eaf7572bf487ca201a4a20cb52916d Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 22:15:40 +0200 Subject: [PATCH 23/61] change/created by users on user table now works --- asite.py | 6 +++--- models/session.py | 10 ++++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/asite.py b/asite.py index d91e97b..40bd532 100644 --- a/asite.py +++ b/asite.py @@ -392,7 +392,7 @@ def userlibrary_post(): return redirect(url_for('asite.userlibrary')) if "newuser" not in request.form: return redirect(url_for('asite.userlibrary')) - User.new(request.form["newuser"], request.form["newemail"], request.form["newpassword"], request.remote_addr, '1') + User.new(request.form["newuser"], request.form["newemail"], request.form["newpassword"], request.remote_addr, Session.get_user_id(session["token"])) return redirect(url_for('asite.userlibrary')) if "form2-submit" in request.form: if User.get_permission_token(session["token"], "solder_users") == 0: @@ -402,14 +402,14 @@ def userlibrary_post(): User.delete(request.form["delete_id"]) return redirect(url_for('asite.userlibrary')) if "changeuser_submit" in request.form: - if session.get_user_id(session["token"]) != request.form["changeuser_id"]: + if Session.get_user_id(session["token"]) != request.form["changeuser_id"]: if User.get_permission_token(session["token"], "solder_users") == 0: return redirect(request.referrer) if "changeuser_id" not in request.form: return redirect(url_for('asite.userlibrary')) if "changeuser_password" not in request.form: return redirect(url_for('asite.userlibrary')) - User.change(request.form["changeuser_id"], request.form["changeuser_password"], request.remote_addr, '1') + User.change(request.form["changeuser_id"], request.form["changeuser_password"], request.remote_addr, Session.get_user_id(session["token"])) return redirect(url_for('asite.userlibrary')) return redirect(url_for('asite.userlibrary')) diff --git a/models/session.py b/models/session.py index 749bae6..4e5975d 100644 --- a/models/session.py +++ b/models/session.py @@ -5,6 +5,8 @@ import time from datetime import datetime +from flask import flash + from .database import Database @@ -47,13 +49,13 @@ def get_and_update_from_token(cls, token: str) -> Session: @staticmethod def get_user_id(token: str): conn = Database.get_connection() - cur = conn.cursor() + cur = conn.cursor(dictionary=True) cur.execute("SELECT user_id FROM sessions WHERE token = %s", (token,)) try: - user_id = cur.fetchone()["user_id"] - return (user_id) + return cur.fetchone()["user_id"] except: - return None + flash("could not fetch user id", "error") + return 0 @staticmethod def new_session(ip: str, user) -> str: From 1159da67eaa7a7599d969d6788ae96716e1f95e0 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 22:52:59 +0200 Subject: [PATCH 24/61] don't allow users without user perm to see other users --- asite.py | 9 +++++---- models/user.py | 22 ++++++++++++++++++++++ templates/userlibrary.html | 2 ++ 3 files changed, 29 insertions(+), 4 deletions(-) diff --git a/asite.py b/asite.py index 40bd532..78cba57 100644 --- a/asite.py +++ b/asite.py @@ -361,8 +361,7 @@ def userlibrary(): # New or invalid session, send to login return redirect(url_for('alogin.login')) - if User.get_permission_token(session["token"], "solder_users") == 0: - return redirect(request.referrer) + fulluserid = User.get_fulluser(session["token"]) try: users = User.get_all_users() @@ -371,7 +370,7 @@ def userlibrary(): users = [] flash("error when accessing user table", "error") - return render_template("userlibrary.html", users=users) + return render_template("userlibrary.html", users=users, fulluserid=fulluserid) @asite.route("/userlibrary", methods=["POST"]) @@ -402,7 +401,9 @@ def userlibrary_post(): User.delete(request.form["delete_id"]) return redirect(url_for('asite.userlibrary')) if "changeuser_submit" in request.form: - if Session.get_user_id(session["token"]) != request.form["changeuser_id"]: + userid = str(Session.get_user_id(session["token"])) + changeid = request.form["changeuser_id"] + if userid not in changeid: if User.get_permission_token(session["token"], "solder_users") == 0: return redirect(request.referrer) if "changeuser_id" not in request.form: diff --git a/models/user.py b/models/user.py index 188ccfd..78b2916 100644 --- a/models/user.py +++ b/models/user.py @@ -118,6 +118,28 @@ def get_permission_token(token: str, db_column): except: flash("unable to check your permission", "error") return 0 + + @staticmethod + def get_fulluser(token: str): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("SELECT user_id FROM sessions WHERE token = %s", (token,)) + try: + user_id = cur.fetchone()["user_id"] + conn.commit() + except: + flash("unable to fetch user_id for permission check", "error") + return 0 + cur.execute("SELECT * FROM user_permissions WHERE user_id = %s", (user_id,)) + try: + row = cur.fetchone() + if row["solder_full"] == 1: + return 0 + if row["solder_user"] == 1: + return 0 + return user_id + except: + return user_id @staticmethod def get_all_users() -> list: diff --git a/templates/userlibrary.html b/templates/userlibrary.html index 6be7c94..a0d1550 100644 --- a/templates/userlibrary.html +++ b/templates/userlibrary.html @@ -16,6 +16,7 @@ {%for mod in users%} + {% if fulluserid==0 or fulluserid==mod.id %} {{mod.id}} {{mod.email}} @@ -28,6 +29,7 @@ + {% endif %} {%endfor%} From fded3fd62fe548e2ff1edafb53f43c855fdda0f9 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 23:16:28 +0200 Subject: [PATCH 25/61] add ability to enable optinal/server builds --- asite.py | 10 +++++++--- models/modpack.py | 6 +++--- templates/modpacklibrary.html | 24 +++++++++++------------- 3 files changed, 21 insertions(+), 19 deletions(-) diff --git a/asite.py b/asite.py index 78cba57..c9d1f4e 100644 --- a/asite.py +++ b/asite.py @@ -592,11 +592,15 @@ def modpacklibrary_post(): Modpack.new(request.form["pretty_name"], request.form["name"], hidden, private, "0") return redirect(url_for('asite.modpacklibrary')) if "hidden_submit" in request.form: - Modpack.update_checkbox(request.form["hidden_modid"], request.form["hidden_check"], "hidden", "modpacks") + Modpack.update_checkbox(request.form["modid"], request.form["check"], "hidden", "modpacks") if "private_submit" in request.form: - Modpack.update_checkbox(request.form["private_modid"], request.form["private_check"], "private", "modpacks") + Modpack.update_checkbox(request.form["modid"], request.form["check"], "private", "modpacks") if "pinned_submit" in request.form: - Modpack.update_checkbox(request.form["pinned_modid"], request.form["pinned_check"], "pinned", "modpacks") + Modpack.update_checkbox(request.form["modid"], request.form["check"], "pinned", "modpacks") + if "optional_submit" in request.form: + Modpack.update_checkbox(request.form["modid"], request.form["check"], "enable_optionals", "modpacks") + if "server_submit" in request.form: + Modpack.update_checkbox(request.form["modid"], request.form["check"], "enable_server", "modpacks") return redirect(url_for('asite.modpacklibrary')) diff --git a/models/modpack.py b/models/modpack.py index ef10c73..bf74d94 100644 --- a/models/modpack.py +++ b/models/modpack.py @@ -45,10 +45,10 @@ def delete_modpack(cls, id): return None @classmethod - def update_checkbox(cls, id, value, column, table): + def update_checkbox(cls, where_id, value, column, table): conn = Database.get_connection() cur = conn.cursor(dictionary=True) - cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, id)) + cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, where_id)) conn.commit() return None @@ -99,7 +99,7 @@ def get_all() -> list: cur.execute("SELECT * FROM modpacks") rows = cur.fetchall() if rows: - return [Modpack(row["id"], row["name"], row["slug"], row["recommended"], row["latest"], row["created_at"], row["updated_at"], row["order"], row["hidden"], row["private"], row["pinned"]) for row in rows] + return rows return [] def get_builds(self): diff --git a/templates/modpacklibrary.html b/templates/modpacklibrary.html index 272b28d..1d208ef 100644 --- a/templates/modpacklibrary.html +++ b/templates/modpacklibrary.html @@ -13,6 +13,8 @@ Hidden Private Pin to menu + Optionalbuilds + Serverbuilds Action @@ -23,9 +25,11 @@ {{mod.name}} ({{mod.slug}}) {{mod.recommended}} {{mod.latest}} - - - + + + + + @@ -34,19 +38,13 @@
- - + + -
-
- - -
-
- - + +
{% endblock %} From a70368134ac8b6a46d3c22332a295bf14be2e1d2 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 23:16:56 +0200 Subject: [PATCH 26/61] reuse code instead of copy paste --- asite.py | 10 +++++----- templates/modpack.html | 30 +++++++----------------------- 2 files changed, 12 insertions(+), 28 deletions(-) diff --git a/asite.py b/asite.py index c9d1f4e..687be30 100644 --- a/asite.py +++ b/asite.py @@ -208,19 +208,19 @@ def modpack(id): Build.new(id, request.form["version"], request.form["mcversion"], publish, private, min_java, request.form["memory"], clonebuild) return redirect(id) if "recommended_submit" in request.form: - Build.update_checkbox(id, request.form["recommended_modid"], "recommended", "modpacks") + Build.update_checkbox(id, request.form["modid"], "recommended", "modpacks") return redirect(id) if "latest_submit" in request.form: - Build.update_checkbox(id, request.form["latest_modid"], "latest", "modpacks") + Build.update_checkbox(id, request.form["modid"], "latest", "modpacks") return redirect(id) if "is_published_submit" in request.form: - Build.update_checkbox(request.form["is_published_modid"], request.form["is_published_check"], "is_published", "builds") + Build.update_checkbox(request.form["modid"], request.form["check"], "is_published", "builds") return redirect(id) if "private_submit" in request.form: - Build.update_checkbox(request.form["private_modid"], request.form["private_check"], 'private', 'builds') + Build.update_checkbox(request.form["modid"], request.form["check"], 'private', 'builds') return redirect(id) if "marked_submit" in request.form: - Build.update_checkbox_marked(request.form["marked_modid"], request.form["marked_check"]) + Build.update_checkbox_marked(request.form["modid"], request.form["check"]) return redirect(id) if "changelog_submit" in request.form: oldversion = request.form["changelog_oldver"] diff --git a/templates/modpack.html b/templates/modpack.html index 1209d2d..b3c6c58 100644 --- a/templates/modpack.html +++ b/templates/modpack.html @@ -25,11 +25,11 @@ {{mod.version}} {{mod.minecraft}} {{mod.count}} - - - - - + + + + +
@@ -42,28 +42,12 @@
- - + + -
-
- - -
-
- - -
-
- - -
-
- -
From e90b15f20ef6a3805fec00ef777a6fc9f808713e Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Sun, 1 Sep 2024 23:22:20 +0200 Subject: [PATCH 27/61] Update README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 4927c65..325bfa3 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,6 @@ solder.py is even compatible with original solder's database, visit the install + Maven integration + Modrinth integration + MCIL export support -+ Advanced user management ## Unfinished Features in dev From fa0c5637013d2b15db2c4eff60579a4ccd17bd7d Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Mon, 2 Sep 2024 15:26:06 +0200 Subject: [PATCH 28/61] API now properly serves server and optional builds --- api.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/api.py b/api.py index 22e014c..5d16e23 100644 --- a/api.py +++ b/api.py @@ -48,14 +48,15 @@ def modpack_slug(slug: str): return jsonify({"error": "Modpack does not exist/Build does not exist"}), 404 -@api.route("/api/modpack//") +@api.route("/api/modpack//") def modpack_slug_build(slugstring: str, buildstring: str): modpack = Modpack.get_by_cid_slug(request.args.get("cid"), slugstring) if not modpack: return jsonify({"error": "Modpack does not exist/Build does not exist"}), 404 buildsplit = buildstring.split("-") - buildsplit += "" + buildsplit.append("") + print(buildsplit) buildnumber = buildsplit[0] buildtag = buildsplit[1] build = modpack.get_build(buildnumber) From eb33009aa28e061bf8804ebd2bc332f3f6210473 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Tue, 3 Sep 2024 23:01:16 +0200 Subject: [PATCH 29/61] fix classmethods when it should be staticmethod --- models/build.py | 20 ++++++++++---------- models/build_modversion.py | 8 ++++---- models/client.py | 4 ++-- models/client_modpack.py | 4 ++-- models/mod.py | 8 ++++---- models/modversion.py | 16 ++++++++-------- models/user.py | 12 ++++++------ models/user_modpack.py | 4 ++-- templates/user.html | 2 +- 9 files changed, 39 insertions(+), 39 deletions(-) diff --git a/models/build.py b/models/build.py index 631a3e9..425a0cd 100644 --- a/models/build.py +++ b/models/build.py @@ -40,8 +40,8 @@ def new(cls, modpack_id, version, minecraft, is_published, private, min_java, mi conn.commit() cls(id, modpack_id, version, now, now, minecraft, "0", is_published, private, min_java, min_memory, "0") - @classmethod - def delete_build(cls, id): + @staticmethod + def delete_build(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM build_modversion WHERE build_id = %s", (id,)) @@ -49,8 +49,8 @@ def delete_build(cls, id): conn.commit() return None - @classmethod - def update(cls, id, version, minecraft, is_published, private, min_java, min_memory): + @staticmethod + def update(id, version, minecraft, is_published, private, min_java, min_memory): conn = Database.get_connection() cur = conn.cursor(dictionary=True) now = datetime.datetime.now() @@ -60,16 +60,16 @@ def update(cls, id, version, minecraft, is_published, private, min_java, min_mem conn.commit() return None - @classmethod - def update_checkbox(cls, id, value, column, table): + @staticmethod + def update_checkbox(id, value, column, table): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, id)) conn.commit() return None - @classmethod - def update_checkbox_marked(cls, id, value): + @staticmethod + def update_checkbox_marked(id, value): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("UPDATE builds SET marked = '0'") @@ -77,8 +77,8 @@ def update_checkbox_marked(cls, id, value): conn.commit() return None - @classmethod - def get_modpackname_by_id(cls, id): + @staticmethod + def get_modpackname_by_id(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("SELECT modpack_id FROM builds WHERE id = %s", (id,)) diff --git a/models/build_modversion.py b/models/build_modversion.py index 022e6dc..dbdf009 100644 --- a/models/build_modversion.py +++ b/models/build_modversion.py @@ -11,16 +11,16 @@ def __init__(self, id, modversion_id, build_id, created_at, updated_at, optional self.updated_at = updated_at self.optional = optional - @classmethod - def delete_build_modversion(cls, id): + @staticmethod + def delete_build_modversion(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM build_modversion WHERE id = %s", (id,)) conn.commit() return None - @classmethod - def update_optional(cls, modversion_id, optional, build_id): + @staticmethod + def update_optional(modversion_id, optional, build_id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("""UPDATE build_modversion diff --git a/models/client.py b/models/client.py index cfce086..0978d85 100644 --- a/models/client.py +++ b/models/client.py @@ -23,8 +23,8 @@ def new(cls, name, uuid): id = cur.fetchone()["id"] return cls(id, name, uuid, now, now) - @classmethod - def delete_client(cls, id): + @staticmethod + def delete_client(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM clients WHERE id=%s", (id,)) diff --git a/models/client_modpack.py b/models/client_modpack.py index 7ac7cb6..ba68177 100644 --- a/models/client_modpack.py +++ b/models/client_modpack.py @@ -24,8 +24,8 @@ def new(cls, client_id, modpack_id): id = cur.fetchone()["id"] return cls(id, client_id, modpack_id, now, now, "", "") - @classmethod - def delete_client_modpack(cls, id): + @staticmethod + def delete_client_modpack(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM client_modpack WHERE id=%s", (id,)) diff --git a/models/mod.py b/models/mod.py index 929b688..f384642 100644 --- a/models/mod.py +++ b/models/mod.py @@ -29,8 +29,8 @@ def new(cls, name, description, author, link, pretty_name, side, modtype, note): id = cur.fetchone()["id"] return cls(id, name, description, author, link, now, now, pretty_name, side, modtype, note) - @classmethod - def update(cls, id, name, description, author, link, pretty_name, side, modtype, note): + @staticmethod + def update(id, name, description, author, link, pretty_name, side, modtype, note): conn = Database.get_connection() cur = conn.cursor(dictionary=True) now = datetime.datetime.now() @@ -42,8 +42,8 @@ def update(cls, id, name, description, author, link, pretty_name, side, modtype, id = cur.fetchone()["id"] return None - @classmethod - def delete_mod(cls, id): + @staticmethod + def delete_mod(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("SELECT * FROM modversions WHERE mod_id = %s", (id,)) diff --git a/models/modversion.py b/models/modversion.py index f3621e0..98f0577 100644 --- a/models/modversion.py +++ b/models/modversion.py @@ -39,8 +39,8 @@ def new(cls, mod_id, version, mcversion, md5, filesize, markedbuild, url="0", ja Modversion.update_modversion_jarmd5(id, jarmd5) return cls(id, mod_id, version, mcversion, md5, now, now, filesize) - @classmethod - def add_modversion_to_selected_build(cls, modver_id, mod_id, build_id, marked, optional): + @staticmethod + def add_modversion_to_selected_build(modver_id, mod_id, build_id, marked, optional): conn = Database.get_connection() cur = conn.cursor(dictionary=True) if marked == "1": @@ -71,24 +71,24 @@ def add_modversion_to_selected_build(cls, modver_id, mod_id, build_id, marked, o conn.commit() return None - @classmethod - def update_modversion_in_build(cls, oldmodver_id, modver_id, build_id): + @staticmethod + def update_modversion_in_build(oldmodver_id, modver_id, build_id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("UPDATE build_modversion SET modversion_id = %s WHERE modversion_id = %s AND build_id = %s", (modver_id, oldmodver_id, build_id)) conn.commit() return None - @classmethod - def update_modversion_jarmd5(cls, id, jarmd5): + @staticmethod + def update_modversion_jarmd5(id, jarmd5): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("UPDATE modversions SET jarmd5 = %s WHERE id = %s", (jarmd5, id)) conn.commit() return None - @classmethod - def delete_modversion(cls, id): + @staticmethod + def delete_modversion(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM modversions WHERE id=%s", (id,)) diff --git a/models/user.py b/models/user.py index 78b2916..efa61b9 100644 --- a/models/user.py +++ b/models/user.py @@ -41,8 +41,8 @@ def new(cls, username, email, hash1, ip, creator_id): conn.commit() return cls(id, username, email, password, ip, ip, now, now, ip, creator_id, creator_id) - @classmethod - def change(cls, userid, hash1, ip, creator_id): + @staticmethod + def change(userid, hash1, ip, creator_id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) now = datetime.datetime.now() @@ -53,8 +53,8 @@ def change(cls, userid, hash1, ip, creator_id): conn.commit() return None - @classmethod - def delete(cls, id): + @staticmethod + def delete(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM users WHERE id=%s", (id,)) @@ -82,8 +82,8 @@ def get_by_username(cls, username): return cls(row["id"], row["username"], row["email"], row["password"], row["created_ip"], row["last_ip"], row["created_at"], row["updated_at"], row["updated_by_ip"], row["created_by_user_id"], row["updated_by_user_id"]) return None - @classmethod - def get_userid(cls, username): + @staticmethod + def get_userid(username): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("SELECT id FROM users WHERE username = %s", (username,)) diff --git a/models/user_modpack.py b/models/user_modpack.py index 7a73959..7cbeae6 100644 --- a/models/user_modpack.py +++ b/models/user_modpack.py @@ -24,8 +24,8 @@ def new(cls, user_id, modpack_id): id = cur.fetchone()["id"] return cls(id, user_id, modpack_id, now, now) - @classmethod - def delete_user_modpack(cls, id): + @staticmethod + def delete_user_modpack(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("DELETE FROM user_modpack WHERE id=%s", (id,)) diff --git a/templates/user.html b/templates/user.html index 8a62432..deef8c4 100644 --- a/templates/user.html +++ b/templates/user.html @@ -51,7 +51,7 @@
- +
From 6cfdcbad69d4c486d5e3f3b30b1e94633d5354d7 Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Tue, 3 Sep 2024 23:01:48 +0200 Subject: [PATCH 30/61] Change to static methods --- models/modpack.py | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/models/modpack.py b/models/modpack.py index bf74d94..606bf30 100644 --- a/models/modpack.py +++ b/models/modpack.py @@ -18,20 +18,17 @@ def __init__(self, id, name, slug, recommended, latest, created_at, updated_at, self.private = private self.pinned = pinned - @classmethod - def new(cls, name, slug, hidden, private, user_id): + @staticmethod + def new(name, slug, hidden, private, user_id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) now = datetime.datetime.now() cur.execute("INSERT INTO modpacks (name, slug, created_at, updated_at, hidden, private, user_id) VALUES (%s, %s, %s, %s, %s, %s, %s)", (name, slug, now, now, hidden, private, user_id)) conn.commit() cur.execute("SELECT LAST_INSERT_ID() AS id") - id = cur.fetchone()["id"] - return None - return cls(id, name, slug, now, now, hidden, private) - @classmethod - def delete_modpack(cls, id): + @staticmethod + def delete_modpack(id): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("SELECT * FROM builds WHERE modpack_id = %s", (id,)) @@ -42,15 +39,13 @@ def delete_modpack(cls, id): cur.execute("DELETE FROM builds WHERE modpack_id = %s", (id,)) cur.execute("DELETE FROM modpacks WHERE id=%s", (id,)) conn.commit() - return None - @classmethod + @staticmethod def update_checkbox(cls, where_id, value, column, table): conn = Database.get_connection() cur = conn.cursor(dictionary=True) cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, where_id)) conn.commit() - return None @classmethod def get_by_id(cls, id): From 34c4f09fdbc0ccb40a5fe90729e0d230e098bdb7 Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Tue, 3 Sep 2024 23:48:03 +0200 Subject: [PATCH 31/61] Make private/hidden packs and builds actually private/hidden --- api.py | 5 +++-- models/build.py | 18 ++++++++++++++++++ models/modpack.py | 20 ++++++++++++++++---- 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/api.py b/api.py index 5d16e23..f4284dd 100644 --- a/api.py +++ b/api.py @@ -40,9 +40,10 @@ def modpack(): @api.route("/api/modpack/") def modpack_slug(slug: str): - modpack = Modpack.get_by_cid_slug(request.args.get("cid"), slug) + cid = request.args.get("cid") + modpack = Modpack.get_by_cid_slug(cid, slug) if modpack: - modpack.builds = modpack.get_builds() + modpack.builds = modpack.get_builds_cid(cid) return jsonify(modpack.to_json()) else: return jsonify({"error": "Modpack does not exist/Build does not exist"}), 404 diff --git a/models/build.py b/models/build.py index 425a0cd..30ee894 100644 --- a/models/build.py +++ b/models/build.py @@ -130,6 +130,24 @@ def get_by_modpack(modpack): return [Build(**build) for build in builds] flash("unable to get modpack", "error") return [] + + @staticmethod + def get_by_modpack_cid(modpack, cid): + conn = Database.get_connection() + cursor = conn.cursor(dictionary=True) + cursor.execute( + """SELECT builds.*, modcount.count + FROM builds + LEFT JOIN (SELECT build_id, COUNT(*) AS count FROM build_modversion GROUP BY build_id) modcount ON builds.id = modcount.build_id + WHERE modpack_id = %s + AND is_published = 1 AND (private = 0 OR modpack_id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s)) + ORDER BY builds.id DESC + """, (modpack.id,)) + builds = cursor.fetchall() + if builds: + return [Build(**build) for build in builds] + flash("unable to get modpack", "error") + return [] @classmethod def get_by_modpack_version(cls, modpack, version): diff --git a/models/modpack.py b/models/modpack.py index 606bf30..94d40c0 100644 --- a/models/modpack.py +++ b/models/modpack.py @@ -5,7 +5,7 @@ class Modpack: - def __init__(self, id, name, slug, recommended, latest, created_at, updated_at, order, hidden, private, pinned): + def __init__(self, id, name, slug, recommended, latest, created_at, updated_at, order, hidden, private, pinned, enable_optionals=0, enable_server=0): self.id = id self.name = name self.slug = slug @@ -17,6 +17,8 @@ def __init__(self, id, name, slug, recommended, latest, created_at, updated_at, self.hidden = hidden self.private = private self.pinned = pinned + self.enable_optionals = enable_optionals + self.enable_server = enable_server @staticmethod def new(name, slug, hidden, private, user_id): @@ -71,7 +73,7 @@ def get_by_pinned(): def get_by_cid(cid): conn = Database.get_connection() cur = conn.cursor(dictionary=True) - cur.execute("SELECT * FROM modpacks WHERE hidden = 0 OR id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s)", (cid,)) + cur.execute("SELECT * FROM modpacks WHERE hidden = 0 AND (private = 0 OR id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s))", (cid,)) rows = cur.fetchall() if rows: return [Modpack(row["id"], row["name"], row["slug"], row["recommended"], row["latest"], row["created_at"], row["updated_at"], row["order"], row["hidden"], row["private"], row["pinned"]) for row in rows] @@ -84,7 +86,7 @@ def get_by_cid_slug(cls, cid, slug): cur.execute("SELECT * FROM modpacks WHERE slug = %s AND (hidden = 0 OR id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s))", (slug, cid)) row = cur.fetchone() if row: - return cls(row["id"], row["name"], row["slug"], row["recommended"], row["latest"], row["created_at"], row["updated_at"], row["order"], row["hidden"], row["private"], row["pinned"]) + return cls(row["id"], row["name"], row["slug"], row["recommended"], row["latest"], row["created_at"], row["updated_at"], row["order"], row["hidden"], row["private"], row["pinned"], row["enable_optionals"], row["enable_server"]) return None @staticmethod @@ -99,6 +101,9 @@ def get_all() -> list: def get_builds(self): return Build.get_by_modpack(self) + + def get_builds_cid(self, cid): + return Build.get_by_modpack_cid(self, cid) def get_build(self, version): return Build.get_by_modpack_version(self, version) @@ -112,5 +117,12 @@ def to_json(self): } if self.builds is not None: - data["builds"] = [build.version for build in self.builds] + buildversions = [] + for build in self.builds: + buildversions.append(build.version) + if self.enable_optionals: + buildversions.append(build.version + "-optional") + if self.enable_server: + buildversions.append(build.version + "-server") + data["builds"] = buildversions return data From b3c356e877ea22875ad5a4b6c606694093392b55 Mon Sep 17 00:00:00 2001 From: Sebastian Kuipers Date: Wed, 4 Sep 2024 00:02:43 +0200 Subject: [PATCH 32/61] Fix small bug forgot argument --- models/build.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/models/build.py b/models/build.py index 30ee894..2e9b377 100644 --- a/models/build.py +++ b/models/build.py @@ -130,7 +130,7 @@ def get_by_modpack(modpack): return [Build(**build) for build in builds] flash("unable to get modpack", "error") return [] - + @staticmethod def get_by_modpack_cid(modpack, cid): conn = Database.get_connection() @@ -142,7 +142,7 @@ def get_by_modpack_cid(modpack, cid): WHERE modpack_id = %s AND is_published = 1 AND (private = 0 OR modpack_id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s)) ORDER BY builds.id DESC - """, (modpack.id,)) + """, (modpack.id, cid)) builds = cursor.fetchall() if builds: return [Build(**build) for build in builds] From 2ee6a1a982ffb448d9a60a747e79ef7ffb51828a Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:19:36 +0200 Subject: [PATCH 33/61] remove additional mods folder in api --- api.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api.py b/api.py index f4284dd..a698d5b 100644 --- a/api.py +++ b/api.py @@ -71,7 +71,7 @@ def modpack_slug_build(slugstring: str, buildstring: str): "name": mv.modname, "version": mv.version, "md5": mv.md5, - "url": f"{mirror_url}/mods/{mv.modname}/{mv.version}.zip", + "url": f"{mirror_url}{mv.modname}/{mv.version}.zip", } ) return {"minecraft": build.minecraft, "java": build.min_java, "memory": build.min_memory, "forge": None, "mods": moddata} From 6e244769a997f9ccff6299c8305b3b65a8cf9106 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:20:52 +0200 Subject: [PATCH 34/61] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 325bfa3..95621cb 100644 --- a/README.md +++ b/README.md @@ -128,6 +128,7 @@ docker run --name solderpy --restart always -d -p 80:5000 thorfusion/solderpy #### Repo variables This is the public facing URL for your repository. This is prefix url that technic launcher uses to download the mods. Include a trailing slash! +You dont actually need to store the files in mods but solder.py own hosting folder is mods. S3 public links can be root for an example, same with repo url aswell. ```bash -e SOLDER_MIRROR_URL=https://solder.example.com/mods/ From 0a69fcf29a86d282a37c1f5ba136924966bd5f6d Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:32:15 +0200 Subject: [PATCH 35/61] add more user auth to actions --- asite.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/asite.py b/asite.py index 687be30..1f66e96 100644 --- a/asite.py +++ b/asite.py @@ -114,6 +114,8 @@ def newmodversion(id): Modversion.delete_modversion(request.form["delete_id"]) return redirect(id) if "addtoselbuild_submit" in request.form: + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) if "addtoselbuild_id" not in request.form: return redirect(id) Modversion.add_modversion_to_selected_build(request.form["addtoselbuild_id"], id, "0", "1", "0") @@ -137,6 +139,8 @@ def newmodversion(id): t = threading.Thread(target=version.rehash, args=(repo_url + request.form["rehash_url"],)) t.start() if "newmodvermanual_submit" in request.form: + if User.get_permission_token(session["token"], "mods_create") == 0: + return redirect(request.referrer) filesie2 = Modversion.get_file_size(repo_url + request.form["newmodvermanual_url"]) if request.form["newmodvermanual_md5"] != "": Modversion.new(id, request.form["newmodvermanual_version"], request.form["newmodvermanual_mcversion"], request.form["newmodvermanual_md5"], filesie2, "0") @@ -244,6 +248,8 @@ def changelog(oldver, newver): if "token" not in session or not Session.verify_session(session["token"], request.remote_addr): # New or invalid session, send to login return redirect(url_for('alogin.login')) + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) try: changelog = Build_modversion.get_changelog(oldver, newver) @@ -514,6 +520,10 @@ def modlibrary_post(): if "form-submit" in request.form: markedbuild = "0" if "markedbuild" in request.form: + if User.get_permission_token(session["token"], "modpacks_manage") == 0: + return redirect(request.referrer) + if User_modpack.get_user_modpackpermission(session["token"], Build.get_modpackid_by_id(request.form['markedbuild'])) == False: + return redirect(request.referrer) markedbuild = request.form['markedbuild'] Modversion.new(request.form["modid"], request.form["mcversion"] + "-" + request.form["version"], request.form["mcversion"], request.form["md5"], request.form["filesize"], markedbuild, "0", request.form["jarmd5"]) if 'file' not in request.files: @@ -591,6 +601,8 @@ def modpacklibrary_post(): private = request.form['private'] Modpack.new(request.form["pretty_name"], request.form["name"], hidden, private, "0") return redirect(url_for('asite.modpacklibrary')) + if User_modpack.get_user_modpackpermission(session["token"], Build.get_modpackid_by_id(request.form["modid"])) == False: + return redirect(request.referrer) if "hidden_submit" in request.form: Modpack.update_checkbox(request.form["modid"], request.form["check"], "hidden", "modpacks") if "private_submit" in request.form: From dc53ab7c6dbe692dffb8e10343228ae2de7ec189 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:44:09 +0200 Subject: [PATCH 36/61] add new issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 38 ---------- .github/ISSUE_TEMPLATE/bug_report.yml | 86 +++++++++++++++++++++++ .github/ISSUE_TEMPLATE/enhancement.yml | 46 ++++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 ------ 4 files changed, 132 insertions(+), 58 deletions(-) delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/enhancement.yml delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index dd84ea7..0000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: '' -assignees: '' - ---- - -**Describe the bug** -A clear and concise description of what the bug is. - -**To Reproduce** -Steps to reproduce the behavior: -1. Go to '...' -2. Click on '....' -3. Scroll down to '....' -4. See error - -**Expected behavior** -A clear and concise description of what you expected to happen. - -**Screenshots** -If applicable, add screenshots to help explain your problem. - -**Desktop (please complete the following information):** - - OS: [e.g. iOS] - - Browser [e.g. chrome, safari] - - Version [e.g. 22] - -**Smartphone (please complete the following information):** - - Device: [e.g. iPhone6] - - OS: [e.g. iOS8.1] - - Browser [e.g. stock browser, safari] - - Version [e.g. 22] - -**Additional context** -Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..1f5f24c --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,86 @@ +name: Bug Report for solder.py +description: File a bug report for solder.py +title: "[BUG]: " +labels: ["TYPE: BUG", "STATUS: NOT STARTED", "PRIORITY: N/A"] +body: + - type: textarea + id: Describe-the-bug + attributes: + label: Describe the bug + placeholder: A clear and concise description of what the bug is. + validations: + required: true + - type: textarea + id: To-Reproduce + attributes: + label: To Reproduce + description: Steps to reproduce the behavior + placeholder: + value: "1. Go to '...' + +2. Click on '....' + +3. Scroll down to '....' + +4. See error" + validations: + required: true + - type: textarea + id: Expected-behavior + attributes: + label: Expected behavior + placeholder: A clear and concise description of what you expected to happen. + validations: + required: true + - type: input + id: solderversion + attributes: + label: solder.py Version + description: What version of solder.py are you running? + validations: + required: true + - type: dropdown + id: os + attributes: + label: What OS/Container are you seeing the problem on? + multiple: true + options: + - Official Docker + - Windows + - Linux + - MAC + - BSD + - Docker + - LVC + validations: + required: false + - type: markdown + attributes: + value: "We only guarantee support trough our official docker container" + - type: textarea + id: Screenshots + attributes: + label: Screenshots + description: + placeholder: "Add screenshots to help explain your problem here. If you don't, we may not help you." + - type: textarea + id: Enviroment Variables + attributes: + label: Provide censored enviroment variables here + description: + placeholder: Paste variables here + render: shell + validations: + required: true + - type: textarea + id: logs + attributes: + label: Snippet of the issue in Logs from your docker container + description: + placeholder: Paste log here + render: shell + validations: + required: true + - type: markdown + attributes: + value: "## Issues not providing the required files will not get help" \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/enhancement.yml b/.github/ISSUE_TEMPLATE/enhancement.yml new file mode 100644 index 0000000..3508b75 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/enhancement.yml @@ -0,0 +1,46 @@ +name: Enhancement request solder.py +description: File a enhancement request solder.py +title: "[ENHANCEMENT]: " +labels: ["TYPE: ENHANCEMENT", "STATUS: NOT STARTED", "PRIORITY: N/A"] +body: + - type: textarea + id: prob + attributes: + label: Is your enhancement request related to a problem? Please describe. + placeholder: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + validations: + required: true + - type: textarea + id: sol + attributes: + label: Describe the solution you'd like + placeholder: A clear and concise description of what you want to happen. + validations: + required: true + - type: textarea + id: alt + attributes: + label: Describe alternatives you've considered + placeholder: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + - type: input + id: solderversion + attributes: + label: solder.py Version + description: What version of solder.py are you running? + validations: + required: true + - type: textarea + id: Screenshots + attributes: + label: Screenshots + description: + placeholder: "Add screenshots to help explain." + - type: textarea + id: cont + attributes: + label: Additional context + placeholder: Add any other context or screenshots about the feature request here. + validations: + required: false \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index bbcbbe7..0000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: '' -assignees: '' - ---- - -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] - -**Describe the solution you'd like** -A clear and concise description of what you want to happen. - -**Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. - -**Additional context** -Add any other context or screenshots about the feature request here. From 96ad8c5c77165489d09bfc0ea9f8bb823aa4aee5 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 17:56:24 +0200 Subject: [PATCH 37/61] fix redirects without url --- asite.py | 58 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/asite.py b/asite.py index 1f66e96..f43c3a0 100644 --- a/asite.py +++ b/asite.py @@ -105,26 +105,26 @@ def newmodversion(id): mod_side = request.form['flexRadioDefault'] mod_type = request.form['type'] Mod.update(id, request.form["name"], request.form["description"], request.form["author"], request.form["link"], request.form["pretty_name"], mod_side, mod_type, request.form["internal_note"]) - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) if "deleteversion_submit" in request.form: if User.get_permission_token(session["token"], "mods_delete") == 0: return redirect(request.referrer) if "delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) Modversion.delete_modversion(request.form["delete_id"]) - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) if "addtoselbuild_submit" in request.form: if User.get_permission_token(session["token"], "modpacks_manage") == 0: return redirect(request.referrer) if "addtoselbuild_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) Modversion.add_modversion_to_selected_build(request.form["addtoselbuild_id"], id, "0", "1", "0") - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) if "deletemod_submit" in request.form: if User.get_permission_token(session["token"], "mods_delete") == 0: return redirect(request.referrer) if "mod_delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) Mod.delete_mod(request.form["mod_delete_id"]) return redirect(url_for('asite.modlibrary')) if "rehash_submit" in request.form: @@ -147,7 +147,7 @@ def newmodversion(id): else: # Todo Add filesize rehash and md5 hash, if fails do not add Modversion.new(id, request.form["newmodvermanual_version"], request.form["newmodvermanual_mcversion"], "0", filesie2, "0", repo_url + request.form["newmodvermanual_url"]) - return redirect(id) + return redirect(url_for("asite.modversion", id=id)) @asite.route("/newmod", methods=["GET", "POST"]) @@ -210,22 +210,22 @@ def modpack(id): if "clonebuildman" in request.form and request.form['clonebuildman'] != "": clonebuild = request.form['clonebuildman'] Build.new(id, request.form["version"], request.form["mcversion"], publish, private, min_java, request.form["memory"], clonebuild) - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "recommended_submit" in request.form: Build.update_checkbox(id, request.form["modid"], "recommended", "modpacks") - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "latest_submit" in request.form: Build.update_checkbox(id, request.form["modid"], "latest", "modpacks") - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "is_published_submit" in request.form: Build.update_checkbox(request.form["modid"], request.form["check"], "is_published", "builds") - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "private_submit" in request.form: Build.update_checkbox(request.form["modid"], request.form["check"], 'private', 'builds') - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "marked_submit" in request.form: Build.update_checkbox_marked(request.form["modid"], request.form["check"]) - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) if "changelog_submit" in request.form: oldversion = request.form["changelog_oldver"] newversion = request.form["changelog_newver"] @@ -236,7 +236,7 @@ def modpack(id): return redirect(request.referrer) if "modpack_delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.modpack", id=id)) modpack.delete_modpack(request.form["modpack_delete_id"]) return redirect(url_for('asite.modpacklibrary')) @@ -460,20 +460,20 @@ def modpackbuild(id): if "private" in request.form: private = request.form['private'] Build.update(id, request.form["version"], request.form["mcversion"], publish, private, min_java, request.form["memory"]) - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) if "optional_submit" in request.form: Build_modversion.update_optional(request.form["optional_modid"], request.form["optional_check"], id) - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) if "selmodver_submit" in request.form: Modversion.update_modversion_in_build(request.form["selmodver_oldver"], request.form["selmodver_ver"], id) - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) if "delete_submit" in request.form: if User.get_permission_token(session["token"], "modpacks_delete") == 0: return redirect(request.referrer) if "delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) Build_modversion.delete_build_modversion(request.form["delete_id"]) - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) if "deletebuild_submit" in request.form: if User.get_permission_token(session["token"], "modpacks_delete") == 0: return redirect(request.referrer) @@ -484,7 +484,7 @@ def modpackbuild(id): if "newoptional" in request.form: newoptional = request.form['newoptional'] Modversion.add_modversion_to_selected_build(request.form["modversion"], request.form["modnames"], id, "0", newoptional) - return redirect(id) + return redirect(url_for("asite.modpackbuild", id=id)) return render_template("modpackbuild.html", listmod=listmod, packbuild=packbuild, packbuildname=packbuildname, listmodversions=listmodversions, buildlist=buildlist) @@ -636,14 +636,14 @@ def clients(id): if request.method == "POST": if "form-submit" in request.form: if "modpack" not in request.form: - return redirect(id) + return redirect(url_for("asite.clients", id=id)) Client_modpack.new(id, request.form["modpack"]) - return redirect(id) + return redirect(url_for("asite.clients", id=id)) if "form2-submit" in request.form: if "delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.clients", id=id)) Client_modpack.delete_client_modpack(request.form["delete_id"]) - return redirect(id) + return redirect(url_for("asite.clients", id=id)) try: modpacklibrary = Modpack.get_all() @@ -675,14 +675,14 @@ def user(id): if request.method == "POST": if "form-submit" in request.form: if "modpack" not in request.form: - return redirect(id) + return redirect(url_for("asite.user", id=id)) User_modpack.new(id, request.form["modpack"]) - return redirect(id) + return redirect(url_for("asite.user", id=id)) if "form2-submit" in request.form: if "delete_id" not in request.form: - return redirect(id) + return redirect(url_for("asite.user", id=id)) User_modpack.delete_user_modpack(request.form["delete_id"]) - return redirect(id) + return redirect(url_for("asite.user", id=id)) if "perm-submit" in request.form: solder_full = "0" solder_users = "0" @@ -718,7 +718,7 @@ def user(id): if "modpacks_delete" in request.form: modpacks_delete = request.form['modpacks_delete'] User_modpack.update_userpermissions(id, solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete) - return redirect(id) + return redirect(url_for("asite.user", id=id)) try: modpacklibrary = Modpack.get_all() From 26ac2ecbce87fd7d364beb784a6d6fb40466ba1c Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 18:05:41 +0200 Subject: [PATCH 38/61] rename to commons --- api.py | 2 +- app.py | 2 +- asetup.py | 2 +- asite.py | 2 +- models/{globals.py => common.py} | 12 ++++++++++++ models/user.py | 2 +- 6 files changed, 17 insertions(+), 5 deletions(-) rename models/{globals.py => common.py} (79%) diff --git a/api.py b/api.py index a698d5b..ee5de35 100644 --- a/api.py +++ b/api.py @@ -2,7 +2,7 @@ from models.key import Key from models.mod import Mod from models.modpack import Modpack -from models.globals import solderpy_version, mirror_url +from models.common import solderpy_version, mirror_url api = Blueprint("api", __name__) diff --git a/app.py b/app.py index d979210..eb5c8f1 100644 --- a/app.py +++ b/app.py @@ -5,7 +5,7 @@ from asetup import asetup from asite import asite from flask import Flask, render_template -from models.globals import debug, host, port, api_only, management_only +from models.common import debug, host, port, api_only, management_only __version__ = solderpy_version diff --git a/asetup.py b/asetup.py index f8e2073..f60f8e1 100644 --- a/asetup.py +++ b/asetup.py @@ -2,7 +2,7 @@ from models.database import Database from models.user import User -from models.globals import migratetechnic, new_user +from models.common import migratetechnic, new_user asetup = Blueprint("asetup", __name__) diff --git a/asite.py b/asite.py index f43c3a0..a5eab3e 100644 --- a/asite.py +++ b/asite.py @@ -17,7 +17,7 @@ from models.user import User from mysql import connector from werkzeug.utils import secure_filename -from models.globals import mirror_url, debug, host, port, repo_url, R2_URL, db_name, R2_BUCKET, new_user, migratetechnic, solderpy_version, R2_REGION, R2_ENDPOINT, R2_ACCESS_KEY, R2_SECRET_KEY, UPLOAD_FOLDER +from models.common import mirror_url, debug, host, port, repo_url, R2_URL, db_name, R2_BUCKET, new_user, migratetechnic, solderpy_version, R2_REGION, R2_ENDPOINT, R2_ACCESS_KEY, R2_SECRET_KEY, UPLOAD_FOLDER, common from models.user_modpack import User_modpack __version__ = solderpy_version diff --git a/models/globals.py b/models/common.py similarity index 79% rename from models/globals.py rename to models/common.py index e852f7c..d42912b 100644 --- a/models/globals.py +++ b/models/common.py @@ -1,6 +1,8 @@ import os from dotenv import load_dotenv +from models.database import Database + ## Solderpy version solderpy_version = "1.5.0" @@ -44,3 +46,13 @@ R2_ACCESS_KEY = os.getenv("R2_ACCESS_KEY") R2_SECRET_KEY = os.getenv("R2_SECRET_KEY") R2_BUCKET = os.getenv("R2_BUCKET") + +class common: + + @staticmethod + def update_checkbox(where_id, value, column, table): + conn = Database.get_connection() + cur = conn.cursor(dictionary=True) + cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, where_id)) + conn.commit() + diff --git a/models/user.py b/models/user.py index efa61b9..f86d966 100644 --- a/models/user.py +++ b/models/user.py @@ -1,7 +1,7 @@ import datetime from flask import flash -from models.globals import new_user +from models.common import new_user from .database import Database from .modpack import Modpack From e1326e94afa48ac35090e90f4b1c07dbe613c74f Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 18:05:54 +0200 Subject: [PATCH 39/61] move a common function to common class --- asite.py | 20 ++++++++++---------- models/build.py | 8 -------- models/modpack.py | 7 ------- 3 files changed, 10 insertions(+), 25 deletions(-) diff --git a/asite.py b/asite.py index a5eab3e..ed67b1b 100644 --- a/asite.py +++ b/asite.py @@ -212,19 +212,19 @@ def modpack(id): Build.new(id, request.form["version"], request.form["mcversion"], publish, private, min_java, request.form["memory"], clonebuild) return redirect(url_for("asite.modpack", id=id)) if "recommended_submit" in request.form: - Build.update_checkbox(id, request.form["modid"], "recommended", "modpacks") + common.update_checkbox(id, request.form["modid"], "recommended", "modpacks") return redirect(url_for("asite.modpack", id=id)) if "latest_submit" in request.form: - Build.update_checkbox(id, request.form["modid"], "latest", "modpacks") + common.update_checkbox(id, request.form["modid"], "latest", "modpacks") return redirect(url_for("asite.modpack", id=id)) if "is_published_submit" in request.form: - Build.update_checkbox(request.form["modid"], request.form["check"], "is_published", "builds") + common.update_checkbox(request.form["modid"], request.form["check"], "is_published", "builds") return redirect(url_for("asite.modpack", id=id)) if "private_submit" in request.form: - Build.update_checkbox(request.form["modid"], request.form["check"], 'private', 'builds') + common.update_checkbox(request.form["modid"], request.form["check"], 'private', 'builds') return redirect(url_for("asite.modpack", id=id)) if "marked_submit" in request.form: - Build.update_checkbox_marked(request.form["modid"], request.form["check"]) + common.update_checkbox_marked(request.form["modid"], request.form["check"]) return redirect(url_for("asite.modpack", id=id)) if "changelog_submit" in request.form: oldversion = request.form["changelog_oldver"] @@ -604,15 +604,15 @@ def modpacklibrary_post(): if User_modpack.get_user_modpackpermission(session["token"], Build.get_modpackid_by_id(request.form["modid"])) == False: return redirect(request.referrer) if "hidden_submit" in request.form: - Modpack.update_checkbox(request.form["modid"], request.form["check"], "hidden", "modpacks") + common.update_checkbox(request.form["modid"], request.form["check"], "hidden", "modpacks") if "private_submit" in request.form: - Modpack.update_checkbox(request.form["modid"], request.form["check"], "private", "modpacks") + common.update_checkbox(request.form["modid"], request.form["check"], "private", "modpacks") if "pinned_submit" in request.form: - Modpack.update_checkbox(request.form["modid"], request.form["check"], "pinned", "modpacks") + common.update_checkbox(request.form["modid"], request.form["check"], "pinned", "modpacks") if "optional_submit" in request.form: - Modpack.update_checkbox(request.form["modid"], request.form["check"], "enable_optionals", "modpacks") + common.update_checkbox(request.form["modid"], request.form["check"], "enable_optionals", "modpacks") if "server_submit" in request.form: - Modpack.update_checkbox(request.form["modid"], request.form["check"], "enable_server", "modpacks") + common.update_checkbox(request.form["modid"], request.form["check"], "enable_server", "modpacks") return redirect(url_for('asite.modpacklibrary')) diff --git a/models/build.py b/models/build.py index 2e9b377..c545163 100644 --- a/models/build.py +++ b/models/build.py @@ -60,14 +60,6 @@ def update(id, version, minecraft, is_published, private, min_java, min_memory): conn.commit() return None - @staticmethod - def update_checkbox(id, value, column, table): - conn = Database.get_connection() - cur = conn.cursor(dictionary=True) - cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, id)) - conn.commit() - return None - @staticmethod def update_checkbox_marked(id, value): conn = Database.get_connection() diff --git a/models/modpack.py b/models/modpack.py index 94d40c0..e6182b8 100644 --- a/models/modpack.py +++ b/models/modpack.py @@ -42,13 +42,6 @@ def delete_modpack(id): cur.execute("DELETE FROM modpacks WHERE id=%s", (id,)) conn.commit() - @staticmethod - def update_checkbox(cls, where_id, value, column, table): - conn = Database.get_connection() - cur = conn.cursor(dictionary=True) - cur.execute("UPDATE {} SET {} = %s WHERE id = %s".format(table, column), (value, where_id)) - conn.commit() - @classmethod def get_by_id(cls, id): conn = Database.get_connection() From 14c92894b7a9118058cd6b2ad2ee1d3147f2c41f Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 18:32:46 +0200 Subject: [PATCH 40/61] fix indentation for flash error --- asite.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asite.py b/asite.py index ed67b1b..89bb08a 100644 --- a/asite.py +++ b/asite.py @@ -87,7 +87,7 @@ def modversion(id): except connector.ProgrammingError as e: Database.create_tables() modversions = [] - flash("unable to get modversions", "error") + flash("unable to get modversions", "error") return render_template("modversion.html", modSlug=mod.name, modversions=modversions, mod=mod, mirror_url=mirror_url) From b223a899c2a3ce1339ecd2d21b61f16bd8cb3b1c Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:31:11 +0200 Subject: [PATCH 41/61] move login error message to flash --- alogin.py | 11 +++++------ templates/login.html | 14 +++++++++----- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/alogin.py b/alogin.py index dc1c256..1ec1329 100644 --- a/alogin.py +++ b/alogin.py @@ -1,4 +1,4 @@ -from flask import Blueprint, redirect, render_template, request, session, url_for +from flask import Blueprint, flash, redirect, render_template, request, session, url_for from models.session import Session from models.user import User @@ -18,19 +18,18 @@ def login_page(): def login(): if "key" in session and Session.verify_session(session["token"], request.remote_addr): # Already logged in - print("already logged in") return redirect(url_for('asite.index')) user = User.get_by_username(request.form["username"]) if user is None: - print("login failed") - return render_template("login.html", failed=True) + flash("Login Failed!", "error") + return render_template("login.html") else: if user.verify_password(request.form["password"]): # if new_user: # return render_template("login.html", failed=True) session["token"] = Session.new_session(request.remote_addr, User.get_userid(request.form["username"])) - print("login success") return redirect(url_for('asite.index')) else: - return render_template("login.html", failed=True) \ No newline at end of file + flash("Login Failed!", "error") + return render_template("login.html") \ No newline at end of file diff --git a/templates/login.html b/templates/login.html index bc8153b..755d39e 100644 --- a/templates/login.html +++ b/templates/login.html @@ -19,11 +19,15 @@ - {% if failed %} - - {% endif %} + {% with errors = get_flashed_messages(category_filter=["error"]) %} + {% if errors %} + + {% endif %} + {% endwith %}
From c9b6f53f421d1e2f9142e56aca262c0cafe49604 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:31:29 +0200 Subject: [PATCH 42/61] add flash errors to setup --- templates/setup.html | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/templates/setup.html b/templates/setup.html index 5a74e06..86ba237 100644 --- a/templates/setup.html +++ b/templates/setup.html @@ -18,11 +18,16 @@ - {% if failed %} - - {% endif %} + + {% with errors = get_flashed_messages(category_filter=["error"]) %} + {% if errors %} + + {% endif %} + {% endwith %} From 98d0ba4a2a0213791b4aaffcdc947d34ea572db2 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:31:39 +0200 Subject: [PATCH 43/61] fix indentation on layout --- templates/layout.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/layout.html b/templates/layout.html index 250ad4d..02bf7fa 100644 --- a/templates/layout.html +++ b/templates/layout.html @@ -80,7 +80,7 @@ {% endfor -%}

{% endif %} - {% endwith %} + {% endwith %} {%block aside%}{% endblock %} From 7bcf71825d5b76ccbfc5d254d3c38ac5f3dc3b7b Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:32:36 +0200 Subject: [PATCH 44/61] proper handling if database is setup with flash messages for confused users --- app.py | 9 ++++++--- asetup.py | 8 +++++--- models/database.py | 18 ++++++++++++------ 3 files changed, 23 insertions(+), 12 deletions(-) diff --git a/app.py b/app.py index eb5c8f1..2a5376f 100644 --- a/app.py +++ b/app.py @@ -5,7 +5,8 @@ from asetup import asetup from asite import asite from flask import Flask, render_template -from models.common import debug, host, port, api_only, management_only +from models.common import debug, host, port, api_only, management_only, migratetechnic, new_user +from models.database import Database __version__ = solderpy_version @@ -14,8 +15,10 @@ app.register_blueprint(api) if not api_only: app.register_blueprint(alogin) - app.register_blueprint(asetup) - app.register_blueprint(asite) + if migratetechnic is True or new_user is True or Database.is_setup() == 0: + app.register_blueprint(asetup) + if Database.is_setup() != 2: + app.register_blueprint(asite) app.secret_key = secrets.token_hex() diff --git a/asetup.py b/asetup.py index f60f8e1..7ed665f 100644 --- a/asetup.py +++ b/asetup.py @@ -1,4 +1,4 @@ -from flask import Blueprint, redirect, render_template, request, url_for +from flask import Blueprint, flash, redirect, render_template, request, url_for from models.database import Database from models.user import User @@ -6,12 +6,12 @@ asetup = Blueprint("asetup", __name__) -if migratetechnic: +if migratetechnic is True or new_user is True or Database.is_setup() == 0: Database.create_session_table() @asetup.route("/setup", methods=["GET"]) def setup(): - if not Database.is_setup(): + if Database.is_setup() == 0: Database.create_tables() if new_user or not User.any_user_exists(): if migratetechnic: @@ -27,9 +27,11 @@ def setup_creation(): if new_user or not User.any_user_exists(): if request.form["setupemail"] is None: print("setup failed") + flash("setup failed due to missing email", "error") return render_template("setup.html", failed=True) if request.form["setuppassword"] is None: print("setup failed") + flash("setup failed due to missing password", "error") return render_template("setup.html", failed=True) User.new(request.form["setupemail"], request.form["setupemail"], request.form["setuppassword"], request.remote_addr, '1') diff --git a/models/database.py b/models/database.py index b84aee5..0003409 100644 --- a/models/database.py +++ b/models/database.py @@ -1,6 +1,7 @@ from os import getenv from dotenv import load_dotenv +from flask import flash from mysql import connector from .errorPrinter import ErrorPrinter @@ -34,17 +35,22 @@ def get_connection() -> connector.connection: def is_setup() -> bool: conn = Database.get_connection() cur = conn.cursor(dictionary=True) - sql = "SELECT table_name FROM information_schema.tables" + sql = "SHOW TABLES" + table_name = "Tables_in_" + db_name try: cur.execute(sql) - curr_tables = [table["table_name"] for table in cur.fetchall()] - for table in tables: - if table not in curr_tables: - return False - return True except Exception as e: ErrorPrinter.message("An error occurred whilst trying to check database setup", e) + flash("Unable to connect to database" + e, "error") + return 2 + table = cur.fetchone() + print(table) conn.close() + if table == None: + print("False") + return 0 + print("True") + return 1 @staticmethod def create_tables() -> bool: From fcc0cffc8da681e9839e11d76ba4e39665eafa20 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 19:33:52 +0200 Subject: [PATCH 45/61] remove uneeded print statements --- models/database.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/models/database.py b/models/database.py index 0003409..3ad36cb 100644 --- a/models/database.py +++ b/models/database.py @@ -47,9 +47,7 @@ def is_setup() -> bool: print(table) conn.close() if table == None: - print("False") return 0 - print("True") return 1 @staticmethod From 549327e25e4effd1d120ebe7f704c4147ae86537 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 20:01:47 +0200 Subject: [PATCH 46/61] add error handling for bad database conn --- app.py | 7 ++++--- asetup.py | 34 ++++++++++++++++++++-------------- asite.py | 3 ++- models/database.py | 6 ++++-- 4 files changed, 30 insertions(+), 20 deletions(-) diff --git a/app.py b/app.py index 2a5376f..f14a13c 100644 --- a/app.py +++ b/app.py @@ -11,13 +11,14 @@ __version__ = solderpy_version app: Flask = Flask(__name__) -if not management_only: +if management_only == False or Database.is_setup() != 2: app.register_blueprint(api) if not api_only: - app.register_blueprint(alogin) - if migratetechnic is True or new_user is True or Database.is_setup() == 0: + if migratetechnic is True or new_user is True or Database.is_setup() == 0 or Database.is_setup() == 2: app.register_blueprint(asetup) if Database.is_setup() != 2: + # Note that asite must be after setup + app.register_blueprint(alogin) app.register_blueprint(asite) app.secret_key = secrets.token_hex() diff --git a/asetup.py b/asetup.py index 7ed665f..9ee2842 100644 --- a/asetup.py +++ b/asetup.py @@ -6,11 +6,15 @@ asetup = Blueprint("asetup", __name__) -if migratetechnic is True or new_user is True or Database.is_setup() == 0: - Database.create_session_table() +if Database.is_setup() != 2: + if migratetechnic is True or new_user is True or Database.is_setup() == 0: + Database.create_session_table() @asetup.route("/setup", methods=["GET"]) def setup(): + if Database.is_setup() == 2: + flash("An error occurred whilst trying to check database connection", "error") + return render_template("setup.html") if Database.is_setup() == 0: Database.create_tables() if new_user or not User.any_user_exists(): @@ -24,15 +28,17 @@ def setup(): @asetup.route("/setup", methods=["POST"]) def setup_creation(): - if new_user or not User.any_user_exists(): - if request.form["setupemail"] is None: - print("setup failed") - flash("setup failed due to missing email", "error") - return render_template("setup.html", failed=True) - if request.form["setuppassword"] is None: - print("setup failed") - flash("setup failed due to missing password", "error") - return render_template("setup.html", failed=True) - User.new(request.form["setupemail"], request.form["setupemail"], - request.form["setuppassword"], request.remote_addr, '1') - return redirect(url_for('asite.index')) \ No newline at end of file + if Database.is_setup() != 2: + if new_user or not User.any_user_exists(): + if request.form["setupemail"] is None: + print("setup failed") + flash("setup failed due to missing email", "error") + return render_template("setup.html") + if request.form["setuppassword"] is None: + print("setup failed") + flash("setup failed due to missing password", "error") + return render_template("setup.html") + User.new(request.form["setupemail"], request.form["setupemail"], + request.form["setuppassword"], request.remote_addr, '1') + return redirect(url_for('asite.index')) + return render_template("setup.html") \ No newline at end of file diff --git a/asite.py b/asite.py index 89bb08a..f5c5a53 100644 --- a/asite.py +++ b/asite.py @@ -24,7 +24,8 @@ asite = Blueprint("asite", __name__) -Session.start_session_loop() +if Database.is_setup() != 2: + Session.start_session_loop() ## Allowed extensions to be uploaded ALLOWED_EXTENSIONS = {'zip', 'jar'} diff --git a/models/database.py b/models/database.py index 3ad36cb..f160d1b 100644 --- a/models/database.py +++ b/models/database.py @@ -29,10 +29,13 @@ def get_connection() -> connector.connection: ) except Exception as e: print("Error connecting to database", e) + return None return conn @staticmethod - def is_setup() -> bool: + def is_setup() -> int: + if Database.get_connection() is None: + return 2 conn = Database.get_connection() cur = conn.cursor(dictionary=True) sql = "SHOW TABLES" @@ -41,7 +44,6 @@ def is_setup() -> bool: cur.execute(sql) except Exception as e: ErrorPrinter.message("An error occurred whilst trying to check database setup", e) - flash("Unable to connect to database" + e, "error") return 2 table = cur.fetchone() print(table) From dd6e8c9cfc48bdf08223ca18c24232c80918ce0a Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 20:17:50 +0200 Subject: [PATCH 47/61] Update database.py --- models/database.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/database.py b/models/database.py index f160d1b..7820c74 100644 --- a/models/database.py +++ b/models/database.py @@ -45,7 +45,7 @@ def is_setup() -> int: except Exception as e: ErrorPrinter.message("An error occurred whilst trying to check database setup", e) return 2 - table = cur.fetchone() + table = cur.fetchall() print(table) conn.close() if table == None: From 59c0f0b658a5d929d0eec95a5e9063ed2d07c485 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 20:49:25 +0200 Subject: [PATCH 48/61] fix some bugs with is database setup function --- app.py | 4 ++-- asetup.py | 2 +- asite.py | 2 +- models/database.py | 4 +++- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/app.py b/app.py index f14a13c..3d246d9 100644 --- a/app.py +++ b/app.py @@ -14,9 +14,9 @@ if management_only == False or Database.is_setup() != 2: app.register_blueprint(api) if not api_only: - if migratetechnic is True or new_user is True or Database.is_setup() == 0 or Database.is_setup() == 2: + if migratetechnic is True or new_user is True or Database.is_setup() != 1: app.register_blueprint(asetup) - if Database.is_setup() != 2: + if Database.is_setup() == 1: # Note that asite must be after setup app.register_blueprint(alogin) app.register_blueprint(asite) diff --git a/asetup.py b/asetup.py index 9ee2842..2483b52 100644 --- a/asetup.py +++ b/asetup.py @@ -7,7 +7,7 @@ asetup = Blueprint("asetup", __name__) if Database.is_setup() != 2: - if migratetechnic is True or new_user is True or Database.is_setup() == 0: + if migratetechnic is True or new_user is True: Database.create_session_table() @asetup.route("/setup", methods=["GET"]) diff --git a/asite.py b/asite.py index f5c5a53..5e8969e 100644 --- a/asite.py +++ b/asite.py @@ -24,7 +24,7 @@ asite = Blueprint("asite", __name__) -if Database.is_setup() != 2: +if Database.is_setup() == 1: Session.start_session_loop() ## Allowed extensions to be uploaded diff --git a/models/database.py b/models/database.py index 7820c74..e7c91bf 100644 --- a/models/database.py +++ b/models/database.py @@ -37,7 +37,7 @@ def is_setup() -> int: if Database.get_connection() is None: return 2 conn = Database.get_connection() - cur = conn.cursor(dictionary=True) + cur = conn.cursor() sql = "SHOW TABLES" table_name = "Tables_in_" + db_name try: @@ -50,6 +50,8 @@ def is_setup() -> int: conn.close() if table == None: return 0 + if not table: + return 0 return 1 @staticmethod From aeb2d4c3160478a9b92f3d0347b7cc87c459cf38 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:00:26 +0200 Subject: [PATCH 49/61] add disable is setup envirable --- models/database.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/models/database.py b/models/database.py index e7c91bf..a8664f0 100644 --- a/models/database.py +++ b/models/database.py @@ -1,4 +1,5 @@ from os import getenv +import os from dotenv import load_dotenv from flask import flash @@ -13,6 +14,11 @@ db_pass = getenv("DB_PASSWORD") db_name = getenv("DB_DATABASE") +DISABLE_is_setup = False + +if os.getenv("DISABLE_is_setup"): + DISABLE_is_setup = os.getenv("DISABLE_is_setup").lower() in ["true", "t", "1", "yes", "y"] + tables = ("modpacks", "builds", "mods", "modversions", "build_modversions", "users", "user_permissions", "clients", "client_modpacks", "keys") @@ -34,6 +40,8 @@ def get_connection() -> connector.connection: @staticmethod def is_setup() -> int: + if DISABLE_is_setup == True: + return 1 if Database.get_connection() is None: return 2 conn = Database.get_connection() From 79e501d14a9deb1c5678255986a210630e3eeb05 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:14:05 +0200 Subject: [PATCH 50/61] add success flash --- templates/layout.html | 9 +++++++++ templates/login.html | 9 +++++++++ templates/setup.html | 9 +++++++++ 3 files changed, 27 insertions(+) diff --git a/templates/layout.html b/templates/layout.html index 02bf7fa..10103a8 100644 --- a/templates/layout.html +++ b/templates/layout.html @@ -82,6 +82,15 @@ {% endif %} {% endwith %} {%block aside%}{% endblock %} + {% with errors = get_flashed_messages(category_filter=["success"]) %} + {% if errors %} + + {% endif %} + {% endwith %} diff --git a/templates/login.html b/templates/login.html index 755d39e..d3963fd 100644 --- a/templates/login.html +++ b/templates/login.html @@ -28,6 +28,15 @@ {% endif %} {% endwith %} + {% with errors = get_flashed_messages(category_filter=["success"]) %} + {% if errors %} + + {% endif %} + {% endwith %} diff --git a/templates/setup.html b/templates/setup.html index 86ba237..ed9b4ef 100644 --- a/templates/setup.html +++ b/templates/setup.html @@ -28,6 +28,15 @@ {% endif %} {% endwith %} + {% with errors = get_flashed_messages(category_filter=["success"]) %} + {% if errors %} + + {% endif %} + {% endwith %} From abf47055e631b336fa294a74e41e9a91957f243f Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:14:31 +0200 Subject: [PATCH 51/61] continue on database is up saga --- app.py | 9 ++++----- asetup.py | 8 +++++--- asite.py | 4 ++-- models/common.py | 2 ++ models/user.py | 11 +++++++++-- 5 files changed, 22 insertions(+), 12 deletions(-) diff --git a/app.py b/app.py index 3d246d9..38f3c59 100644 --- a/app.py +++ b/app.py @@ -5,18 +5,17 @@ from asetup import asetup from asite import asite from flask import Flask, render_template -from models.common import debug, host, port, api_only, management_only, migratetechnic, new_user -from models.database import Database +from models.common import debug, host, port, api_only, management_only, migratetechnic, new_user, DB_IS_UP __version__ = solderpy_version app: Flask = Flask(__name__) -if management_only == False or Database.is_setup() != 2: +if management_only == False or DB_IS_UP != 2: app.register_blueprint(api) if not api_only: - if migratetechnic is True or new_user is True or Database.is_setup() != 1: + if migratetechnic is True or new_user is True or DB_IS_UP != 1: app.register_blueprint(asetup) - if Database.is_setup() == 1: + if DB_IS_UP == 1: # Note that asite must be after setup app.register_blueprint(alogin) app.register_blueprint(asite) diff --git a/asetup.py b/asetup.py index 2483b52..99ad659 100644 --- a/asetup.py +++ b/asetup.py @@ -2,22 +2,23 @@ from models.database import Database from models.user import User -from models.common import migratetechnic, new_user +from models.common import migratetechnic, new_user, DB_IS_UP asetup = Blueprint("asetup", __name__) -if Database.is_setup() != 2: +if DB_IS_UP != 2: if migratetechnic is True or new_user is True: Database.create_session_table() @asetup.route("/setup", methods=["GET"]) def setup(): + flash("Database created and user added", "success") if Database.is_setup() == 2: flash("An error occurred whilst trying to check database connection", "error") return render_template("setup.html") if Database.is_setup() == 0: Database.create_tables() - if new_user or not User.any_user_exists(): + if new_user == True or User.any_user_exists() == True: if migratetechnic: Database.migratetechnic_tables() return render_template("setup.html") @@ -40,5 +41,6 @@ def setup_creation(): return render_template("setup.html") User.new(request.form["setupemail"], request.form["setupemail"], request.form["setuppassword"], request.remote_addr, '1') + flash("Database created and user added", "success") return redirect(url_for('asite.index')) return render_template("setup.html") \ No newline at end of file diff --git a/asite.py b/asite.py index 5e8969e..a6aa28c 100644 --- a/asite.py +++ b/asite.py @@ -17,14 +17,14 @@ from models.user import User from mysql import connector from werkzeug.utils import secure_filename -from models.common import mirror_url, debug, host, port, repo_url, R2_URL, db_name, R2_BUCKET, new_user, migratetechnic, solderpy_version, R2_REGION, R2_ENDPOINT, R2_ACCESS_KEY, R2_SECRET_KEY, UPLOAD_FOLDER, common +from models.common import mirror_url, debug, host, port, repo_url, R2_URL, db_name, R2_BUCKET, new_user, migratetechnic, solderpy_version, R2_REGION, R2_ENDPOINT, R2_ACCESS_KEY, R2_SECRET_KEY, UPLOAD_FOLDER, common, DB_IS_UP from models.user_modpack import User_modpack __version__ = solderpy_version asite = Blueprint("asite", __name__) -if Database.is_setup() == 1: +if DB_IS_UP == 1: Session.start_session_loop() ## Allowed extensions to be uploaded diff --git a/models/common.py b/models/common.py index d42912b..bdcf571 100644 --- a/models/common.py +++ b/models/common.py @@ -47,6 +47,8 @@ R2_SECRET_KEY = os.getenv("R2_SECRET_KEY") R2_BUCKET = os.getenv("R2_BUCKET") +DB_IS_UP = Database.is_setup() + class common: @staticmethod diff --git a/models/user.py b/models/user.py index f86d966..42e762e 100644 --- a/models/user.py +++ b/models/user.py @@ -152,8 +152,15 @@ def get_all_users() -> list: def any_user_exists() -> bool: conn = Database.get_connection() cur = conn.cursor(dictionary=True) - cur.execute("SELECT * FROM users") - return cur.fetchone() is not None + try: + cur.execute("SELECT * FROM users") + check = cur.fetchone() + except: + flash("failed to check for existing users", "error") + return True + if check == None: + return False + return True def get_allowed_packs(self): conn = Database.get_connection() From 0f64dafdc7c954fae882af315e054fec9de80a4b Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:18:44 +0200 Subject: [PATCH 52/61] remove test flash --- asetup.py | 1 - 1 file changed, 1 deletion(-) diff --git a/asetup.py b/asetup.py index 99ad659..535e0ae 100644 --- a/asetup.py +++ b/asetup.py @@ -12,7 +12,6 @@ @asetup.route("/setup", methods=["GET"]) def setup(): - flash("Database created and user added", "success") if Database.is_setup() == 2: flash("An error occurred whilst trying to check database connection", "error") return render_template("setup.html") From 3093ee498575891cfa9cb99df8ed7ab22e3116e5 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:36:25 +0200 Subject: [PATCH 53/61] finish database is up --- app.py | 2 +- asetup.py | 12 +++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/app.py b/app.py index 38f3c59..a73d9c3 100644 --- a/app.py +++ b/app.py @@ -15,7 +15,7 @@ if not api_only: if migratetechnic is True or new_user is True or DB_IS_UP != 1: app.register_blueprint(asetup) - if DB_IS_UP == 1: + if DB_IS_UP != 2: # Note that asite must be after setup app.register_blueprint(alogin) app.register_blueprint(asite) diff --git a/asetup.py b/asetup.py index 535e0ae..a06e50a 100644 --- a/asetup.py +++ b/asetup.py @@ -1,6 +1,7 @@ from flask import Blueprint, flash, redirect, render_template, request, url_for from models.database import Database +from models.session import Session from models.user import User from models.common import migratetechnic, new_user, DB_IS_UP @@ -15,15 +16,16 @@ def setup(): if Database.is_setup() == 2: flash("An error occurred whilst trying to check database connection", "error") return render_template("setup.html") - if Database.is_setup() == 0: + if DB_IS_UP == 0: Database.create_tables() - if new_user == True or User.any_user_exists() == True: + Session.start_session_loop() + if new_user == True or User.any_user_exists() == False: if migratetechnic: Database.migratetechnic_tables() return render_template("setup.html") return render_template("setup.html") else: - return redirect(url_for('asite.index')) + return redirect(url_for('app.login')) @asetup.route("/setup", methods=["POST"]) @@ -40,6 +42,6 @@ def setup_creation(): return render_template("setup.html") User.new(request.form["setupemail"], request.form["setupemail"], request.form["setuppassword"], request.remote_addr, '1') - flash("Database created and user added", "success") - return redirect(url_for('asite.index')) + flash("user added", "success") + return redirect(url_for('alogin.login')) return render_template("setup.html") \ No newline at end of file From e8f2e40c98580282136d46a5edd673246b128e18 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 21:36:48 +0200 Subject: [PATCH 54/61] remove flash, always on when not selected --- models/build.py | 1 - 1 file changed, 1 deletion(-) diff --git a/models/build.py b/models/build.py index c545163..8cee76a 100644 --- a/models/build.py +++ b/models/build.py @@ -161,7 +161,6 @@ def get_marked_build(): build_id = cur.fetchone()["id"] return (build_id) except: - flash("unable to get marked build", "error") return 0 def get_modversions_minimal(self, tag: str): From 341fe2f2cbb9e9f8a759e51d078150ee091dbb7a Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:04:42 +0200 Subject: [PATCH 55/61] add db is up to mainsettings --- asite.py | 2 +- templates/mainsettings.html | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/asite.py b/asite.py index a6aa28c..dadce80 100644 --- a/asite.py +++ b/asite.py @@ -270,7 +270,7 @@ def mainsettings(): if User.get_permission_token(session["token"], "solder_env") == 0: return redirect(request.referrer) - return render_template("mainsettings.html", nam=__name__, deb=debug, host=host, port=port, mirror_url=mirror_url, repo_url=repo_url, r2_url=R2_URL, db_name=db_name, versr=__version__, r2_bucket=R2_BUCKET, newuser=new_user, technic=migratetechnic) + return render_template("mainsettings.html", nam=__name__, deb=debug, host=host, port=port, mirror_url=mirror_url, repo_url=repo_url, r2_url=R2_URL, db_name=db_name, versr=__version__, r2_bucket=R2_BUCKET, newuser=new_user, technic=migratetechnic, DB_IS_UP=DB_IS_UP) @asite.route("/apikeylibrary", methods=["GET"]) diff --git a/templates/mainsettings.html b/templates/mainsettings.html index 8f649d7..5f4b540 100644 --- a/templates/mainsettings.html +++ b/templates/mainsettings.html @@ -34,6 +34,10 @@ MIGRATE_TECHNIC: {{technic}} + + DB_IS_UP: + {{DB_IS_UP}} + NETWORK ENV From 60ef93952a947b6c55ef1e43cbb0ac14347563d5 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:05:16 +0200 Subject: [PATCH 56/61] first user setup get full permission --- asetup.py | 7 +++++-- models/user.py | 10 +++++----- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/asetup.py b/asetup.py index a06e50a..6cdc685 100644 --- a/asetup.py +++ b/asetup.py @@ -10,6 +10,9 @@ if DB_IS_UP != 2: if migratetechnic is True or new_user is True: Database.create_session_table() + if DB_IS_UP == 0: + Database.create_tables() + Session.start_session_loop() @asetup.route("/setup", methods=["GET"]) def setup(): @@ -25,7 +28,7 @@ def setup(): return render_template("setup.html") return render_template("setup.html") else: - return redirect(url_for('app.login')) + return redirect(url_for('alogin.login')) @asetup.route("/setup", methods=["POST"]) @@ -41,7 +44,7 @@ def setup_creation(): flash("setup failed due to missing password", "error") return render_template("setup.html") User.new(request.form["setupemail"], request.form["setupemail"], - request.form["setuppassword"], request.remote_addr, '1') + request.form["setuppassword"], request.remote_addr, '1', True) flash("user added", "success") return redirect(url_for('alogin.login')) return render_template("setup.html") \ No newline at end of file diff --git a/models/user.py b/models/user.py index 42e762e..f75a6aa 100644 --- a/models/user.py +++ b/models/user.py @@ -1,7 +1,7 @@ import datetime from flask import flash -from models.common import new_user +from models.common import DB_IS_UP, new_user from .database import Database from .modpack import Modpack @@ -23,7 +23,7 @@ def __init__(self, id, username, email, hash, created_ip, last_ip, created_at, u self.updated_by_user_id = updated_by_user_id @classmethod - def new(cls, username, email, hash1, ip, creator_id): + def new(cls, username, email, hash1, ip, creator_id, setup=False): conn = Database.get_connection() cur = conn.cursor(dictionary=True) now = datetime.datetime.now() @@ -34,10 +34,10 @@ def new(cls, username, email, hash1, ip, creator_id): conn.commit() cur.execute("SELECT LAST_INSERT_ID() AS id") id = cur.fetchone()["id"] - if new_user is False: - cur.execute("INSERT INTO user_permissions (user_id) VALUES (%s)", (id,)) - if new_user is True: + if new_user is True or setup == True and DB_IS_UP == 0: cur.execute("INSERT INTO user_permissions (user_id, solder_full, solder_users, solder_keys, solder_clients, solder_env, mods_create, mods_manage, mods_delete, modpacks_create, modpacks_manage, modpacks_delete) VALUES (%s, 1, 1, 1, 1, 1, 1, 1, 1 ,1 ,1 ,1)", (id,)) + else: + cur.execute("INSERT INTO user_permissions (user_id) VALUES (%s)", (id,)) conn.commit() return cls(id, username, email, password, ip, ip, now, now, ip, creator_id, creator_id) From c582c0d934b2087c025cf6d4d67842b3fe77bf8f Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:10:29 +0200 Subject: [PATCH 57/61] fix comma --- models/database.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/database.py b/models/database.py index a8664f0..321a521 100644 --- a/models/database.py +++ b/models/database.py @@ -280,7 +280,7 @@ def migratetechnic_tables() -> bool: cur.execute( """ALTER TABLE user_permissions MODIFY created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, - MODIFY updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + MODIFY updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP """ ) cur.execute( From 9d75b2f79d7b844591598f9a471355b42fe98f8b Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:43:43 +0200 Subject: [PATCH 58/61] remove missleading flash --- models/build.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/models/build.py b/models/build.py index 8cee76a..494f8d0 100644 --- a/models/build.py +++ b/models/build.py @@ -120,7 +120,6 @@ def get_by_modpack(modpack): builds = cursor.fetchall() if builds: return [Build(**build) for build in builds] - flash("unable to get modpack", "error") return [] @staticmethod @@ -138,7 +137,6 @@ def get_by_modpack_cid(modpack, cid): builds = cursor.fetchall() if builds: return [Build(**build) for build in builds] - flash("unable to get modpack", "error") return [] @classmethod From 792c96ab4490622d03546ab8cfb751d6ddbc05ca Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:44:54 +0200 Subject: [PATCH 59/61] remove more misleading flash --- models/build_modversion.py | 1 - 1 file changed, 1 deletion(-) diff --git a/models/build_modversion.py b/models/build_modversion.py index dbdf009..053b9ab 100644 --- a/models/build_modversion.py +++ b/models/build_modversion.py @@ -44,7 +44,6 @@ def get_modpack_build(id): rows = cur.fetchall() if rows: return rows - flash("Unable to get modpack build", "error") return [] @staticmethod From b66093567b6dfd81784f41e01d7be95b5349bc70 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Thu, 5 Sep 2024 22:47:07 +0200 Subject: [PATCH 60/61] fix update marked build --- asite.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/asite.py b/asite.py index dadce80..d3bc329 100644 --- a/asite.py +++ b/asite.py @@ -225,7 +225,7 @@ def modpack(id): common.update_checkbox(request.form["modid"], request.form["check"], 'private', 'builds') return redirect(url_for("asite.modpack", id=id)) if "marked_submit" in request.form: - common.update_checkbox_marked(request.form["modid"], request.form["check"]) + Build.update_checkbox_marked(request.form["modid"], request.form["check"]) return redirect(url_for("asite.modpack", id=id)) if "changelog_submit" in request.form: oldversion = request.form["changelog_oldver"] From a734495692cc70520a99eabaf36448492bcee038 Mon Sep 17 00:00:00 2001 From: maggi373 <40539743+maggi373@users.noreply.github.com> Date: Fri, 6 Sep 2024 01:21:07 +0200 Subject: [PATCH 61/61] remove build counting from api its not used and is kinda heavy for api --- models/build.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/models/build.py b/models/build.py index 494f8d0..ac650bc 100644 --- a/models/build.py +++ b/models/build.py @@ -127,9 +127,8 @@ def get_by_modpack_cid(modpack, cid): conn = Database.get_connection() cursor = conn.cursor(dictionary=True) cursor.execute( - """SELECT builds.*, modcount.count + """SELECT builds.* FROM builds - LEFT JOIN (SELECT build_id, COUNT(*) AS count FROM build_modversion GROUP BY build_id) modcount ON builds.id = modcount.build_id WHERE modpack_id = %s AND is_published = 1 AND (private = 0 OR modpack_id IN (SELECT modpack_id FROM client_modpack cm JOIN clients c ON cm.client_id = c.id WHERE c.uuid = %s)) ORDER BY builds.id DESC