Thanks to visit codestin.com
Credit goes to github.com

Skip to content

feature: admin banlist #53

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
Feb 19, 2021
Merged

feature: admin banlist #53

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
96c1209
feat: add a ban list to admin
alfg Feb 18, 2021
66cc358
feat: restrict server if user is on banlist. updated admin server page.
alfg Feb 18, 2021
956ecc9
chore: updated logo and home screenshot
alfg Feb 18, 2021
e63dfaa
chore: fixing logos
alfg Feb 18, 2021
659c8fd
chore: fixing logos
alfg Feb 18, 2021
b430e32
typos and sneaking in some new password generator keywords
alfg Feb 18, 2021
4a1a58e
mumble download updates and generate password css update
alfg Feb 18, 2021
d025802
update last_accessed on banlist if user is banned
alfg Feb 19, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 48 additions & 6 deletions app/controllers/admin.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,12 @@
from flask_login import login_required
import psutil

import settings
from app.util import admin_required
from app import db
from app.forms import UserAdminForm, DeployCustomServerForm, NoticeForm, SuperuserPasswordForm
from app.forms import SendChannelMessageForm, CreateTokenForm, CleanupExpiredServersForm, get_all_hosts
from app.forms import CreateHostForm, HostAdminForm, CreatePackageForm, get_active_hosts_by_type, build_packages_list
from app.models import Server, User, Notice, Rating, Token, Host, Package
from app.forms import SendChannelMessageForm, CreateTokenForm, CleanupExpiredServersForm
from app.forms import CreateHostForm, HostAdminForm, CreatePackageForm, CreateBanForm, get_active_hosts_by_type, build_packages_list
from app.models import Server, User, Notice, Rating, Token, Host, Package, Ban
import app.murmur as murmur

ITEMS_PER_PAGE = 50
Expand Down Expand Up @@ -517,7 +516,7 @@ def get(self, id):
order=package.order,
active=package.active
)
return render_template('admin/package.html', package=package, form=form, title="Pacakge: %s" % package.name)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)

@login_required
@admin_required
Expand All @@ -535,4 +534,47 @@ def update(self, id):
package.active = form.active.data
db.session.commit()
return redirect('/admin/packages/%s' % package.id)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)

class AdminBansView(FlaskView):
@login_required
@admin_required
def index(self):
page = int(request.args.get('page', 1))
banned = Ban.query.order_by(Ban.last_accessed.desc()).paginate(page, ITEMS_PER_PAGE, False)
form = CreateBanForm(request.form)
return render_template('admin/bans.html', banned=banned, form=form, title="Bans")

@login_required
@admin_required
def post(self):
page = int(request.args.get('page', 1))
form = CreateBanForm()
banned = Ban.query.order_by(Ban.last_accessed.desc()).paginate(page, ITEMS_PER_PAGE, False)
if form.validate_on_submit():
try:
# Create database entry
b = Ban()
b.ip = form.ip.data or None
b.reason = form.reason.data or None
b.note = form.note.data or None

db.session.add(b)
db.session.commit()
return redirect('/admin/bans/')

except:
import traceback
db.session.rollback()
traceback.print_exc()
return redirect('/admin/bans/')

return render_template('admin/bans.html', form=form, banned=banned)

@login_required
@admin_required
def delete(self, id):
ban = Ban.query.filter_by(id=id).first_or_404()
db.session.delete(ban)
db.session.commit()
return jsonify({ id: id })
21 changes: 16 additions & 5 deletions app/controllers/home.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import uuid
from datetime import datetime

from flask import render_template, redirect, url_for, g, flash, request, make_response
from flask_classy import FlaskView, route
Expand All @@ -8,7 +9,7 @@
from app import db, cache, tasks, mail
from app.forms import DeployServerForm, ContactForm
from app.forms import duration_choices, get_active_hosts_by_type
from app.models import Server, Package
from app.models import Server, Package, Ban
from app import murmur


Expand All @@ -23,6 +24,20 @@ def index(self):
return render_template('index.html', form=form)

def post(self):
# Set admin's IP.
x_forwarded_for = request.headers.getlist('X-Forwarded-For');
ip = x_forwarded_for[0] if x_forwarded_for else request.remote_addr
ip = ip.split(',')[0]

# Flash message if user is on banlist.
banned = Ban.query.filter_by(ip=ip).first()
if banned:
banned.last_accessed = datetime.utcnow()
db.session.add(banned)
db.session.commit()
flash("User banned! Reason: %s" % banned.reason)
return redirect('/')

form = DeployServerForm()
form.duration.choices = duration_choices()
form.region.choices = get_active_hosts_by_type('free')
Expand All @@ -32,10 +47,6 @@ def post(self):
# Generate UUID
gen_uuid = str(uuid.uuid4())

# Set admin's IP
x_forwarded_for = request.headers.getlist('X-Forwarded-For');
ip = x_forwarded_for[0] if x_forwarded_for else request.remote_addr

# Create database entry
s = Server()
s.duration = form.duration.data
Expand Down
5 changes: 5 additions & 0 deletions app/forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,11 @@ class CreatePackageForm(FlaskForm):
active = BooleanField('active', default=False)
order = IntegerField('duration', default=0)

class CreateBanForm(FlaskForm):
ip = TextField('ip')
reason = TextField('reason')
note = TextField('note')

class LoginForm(FlaskForm):
openid = TextField('openid', validators=[Required()])
remember_me = BooleanField('remember_me', default=False)
Expand Down
10 changes: 9 additions & 1 deletion app/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,4 +187,12 @@ class Package(db.Model):
slots = db.Column(db.Integer)
duration = db.Column(db.Integer)
active = db.Column(db.Boolean, default=False)
order = db.Column(db.Integer, default=0)
order = db.Column(db.Integer, default=0)


class Ban(db.Model):
id = db.Column(db.Integer, primary_key=True)
ip = db.Column(db.String(64))
reason = db.Column(db.String)
note = db.Column(db.String)
last_accessed = db.Column(db.DateTime, default=datetime.datetime.utcnow)
2 changes: 1 addition & 1 deletion app/static/css/style.css
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -215,7 +215,7 @@ a:hover {
.password-generator {
font-size: 14px;
margin-top: -10px;
width: 61.5%;
width: 66.5%;
}

.description {
Expand Down
Binary file removed app/static/img/favicon.ico
View file
Open in desktop
Binary file not shown.
Binary file added app/static/img/favicon.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified app/static/img/guildbit_ico.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified app/static/img/screenshot_home.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 3 additions & 3 deletions app/static/js/main.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,19 +43,19 @@ $(document).ready(function() {
else if (os.indexOf("Win") !== -1) {
$('#os-download #os-text').text(_WindowsDownload);
$('#os-download #download-link i').addClass('fa-windows');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.3/mumble-1.3.3.msi');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.4/mumble-1.3.4.msi');
}
else if (os.indexOf("MacOS") !== -1 || os.indexOf("MacIntel") !== -1) {
$('#os-download #os-text').text(_OSXDownload);
$('#os-download #download-link i').removeClass('fa-windows');
$('#os-download #download-link i').addClass('fa-apple');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.3/Mumble-1.3.3.dmg');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.4/Mumble-1.3.4.dmg');
}
else if (ua.indexOf("android") > -1) {
$('#os-download #os-text').text(_AndroidDownload);
$('#os-download #download-link i').removeClass('fa-windows');
$('#os-download #download-link i').addClass('fa-android');
$('#os-download #download-link').attr('href', 'https://play.google.com/store/apps/details?id=com.morlunk.mumbleclient');
$('#os-download #download-link').attr('href', 'https://play.google.com/store/apps/details?id=se.lublin.mumla');
}
else if (os === 'iPad' || os == 'iPhone' || os === 'iPod') {
$('#os-download #os-text').text(_iOSDownload);
Expand Down
123 changes: 123 additions & 0 deletions app/templates/admin/bans.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
{% extends"layout/admin_base.html" %}

{% block title %}Banned IPs{% endblock %}

{% block body %}
<div class="spacer">
<a class="pure-button button-secondary" data-toggle="modal" data-target="#add-ban">Add Ban</a>
</div>
<table class="pure-table pure-table-horizontal pure-table-striped servers">
<thead>
<tr>
<th>IP</th>
<th>Last Accessed</th>
<th>Reason</th>
<th>Note</th>
<th>Action</th>
</tr>
</thead>

<tbody>
{% for i in banned.items %}
<tr>
<td>{{ i.ip }}</td>
<td class="last-accessed">{{ i.last_accessed }}</td>
<td>{{ i.reason }}</td>
<td>{{ i.note }}</td>
<td>
<button
class="delete-ban pure-button button-error button-small"
data-id="{{ i.id }}">Delete</button>
</td>
</tr>
{% endfor %}
{% if banned == [] %}
<tr><td class="text-center" colspan="9">No Banned Users</td></tr>
{% endif %}

</tbody>
</table>
<ul class="pagination">
{%- for page in banned.iter_pages() %}
{% if page %}
{% if page != banned.page %}
<li><a href="{{ url_for('AdminBansView:index', page=page) }}">{{ page }}</a></li>
{% else %}
<li class="active"><a href="{{ url_for('AdminBansView:index', page=page) }}">{{ page }}</a></li>
{% endif %}
{% else %}
<li class="disabled"><a href="#">…</a></li>
{% endif %}
{%- endfor %}
</ul>
<p>({{ banned.total }} total)</p>

<!-- Create Host Modal -->
<div class="modal fade" id="add-ban" tabindex="-1" role="dialog" aria-labelledby="add-ban" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<form action="" method="post" name="role" class="pure-form pure-form-aligned">
<div class="modal-header">
<h4 class="modal-title">Create a Host</h4>
</div>
<div class="modal-body">
{{ form.csrf_token }}
<div class="pure-control-group">
<label for="role">IP</label>
{{ form.ip }}
</div>
<div class="pure-control-group">
<label for="role">Reason</label>
{{ form.reason }}
</div>
<div class="pure-control-group">
<label for="role">Note</label>
{{ form.note }}
</div>
{% if form.errors %}
<ul>
{% for field_name, field_errors in form.errors|dictsort if field_errors %}
{% for error in field_errors %}
<li>{{ error }}</li>
{% endfor %}
{% endfor %}
</ul>
{% endif %}
</div>
<div class="modal-footer">
<button type="button" class="pure-button" data-dismiss="modal">Close</button>
<button type="submit" class="pure-button button-secondary">Create</button>
</div>
</form>
</div>
</div>
</div>
{% endblock %}

{% block scripts %}
<script src="/static/js/admin.js"></script>
<script src="/static/js/libs/moment.min.js"></script>
<script type="text/javascript">
$(function() {
// Moment.js time formatting
$(".last-accessed").text(function(index, value) {
return moment.utc(value).local().format("MM/DD h:mm:ss a");
});

$(".delete-ban").on('click', function(event) {
if (confirm('Are you sure you want to delete this ban?')) {
var btn = $(this);
var id = btn.data('id');
$.ajax({
url: '/admin/bans/' + id,
type: 'DELETE',
success: function(result) {
btn.html('Deleted');
btn.prop('disabled', true);
}
});
}
});
})
</script>
{% endblock %}
7 changes: 6 additions & 1 deletion app/templates/admin/server.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,13 +25,17 @@
<td>UUID</td>
<td>{{ server.uuid }}</td>
</tr>
<tr>
<td>IP</td>
<td>{{ server.ip }}</td>
</tr>
<tr>
<td>Type</td>
<td><span class="label {{ 'label-blue' if server.type == 'upgrade' }}">{{ server.type }}</span></td>
</tr>
<tr>
<td>Created</td>
<td>{{ server.created_date }}</td>
<td id="created-date">{{ server.created_date }}</td>
</tr>
<tr>
<td>Duration Hours</td>
Expand Down Expand Up @@ -148,6 +152,7 @@
var base_url = '/server/{{ server.uuid }}'
var base_url_id = '/admin/servers/{{ server.uuid }}'
var expire_date = '{{ server.expiration }}';
$("#created-date").text(moment.utc(expire_date).local().format("ddd, MMM Do, h:mm:ss a"));
$("#expires-date").text(moment.utc(expire_date).local().format("ddd, MMM Do, h:mm:ss a"));
$("#expires").text(moment.utc(expire_date).fromNow());
$("#kill-server").on('submit', function() {
Expand Down
4 changes: 3 additions & 1 deletion app/templates/admin/servers.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
<th>ID</th>
<th>UUID</th>
<th>Created Date</th>
<th>IP</th>
<th>Duration</th>
<th>Password</th>
<th>Status</th>
Expand All @@ -39,6 +40,7 @@
<td>{{ s.id }}</td>
<td><a href="/admin/servers/{{ s.uuid }}">{{ s.uuid }}</a></td>
<td class="created-date">{{ s.created_date }}</td>
<td>{{ s.ip }}</td>
{% if s.extensions > 0 %}
<td>{{ s.duration - s.extensions }} <span class="text-green">+{{ s.extensions }}</span></td>
{% else %}
Expand All @@ -51,7 +53,7 @@
<td>{{ s.mumble_instance }}</td>
</tr>
{% else %}
<tr><td class="text-center" colspan="9">No Servers</td></tr>
<tr><td class="text-center" colspan="10">No Servers</td></tr>
{% endfor %}

</tbody>
Expand Down
Loading