-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[3.0.39] Fix: Hardening resolve script path
- Loading branch information
1 parent
a46ff29
commit 3e2e43d
Showing
95 changed files
with
14,189 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,78 @@ | ||
#!/usr/bin/env python3 | ||
# -*- coding: utf-8 -*- | ||
|
||
################### | ||
# This file adds a new group | ||
# Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
|
||
# This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, either version 3 of the License, or | ||
# (at your option) any later version. | ||
|
||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
|
||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
################### | ||
|
||
""" | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file adds a new group. | ||
""" | ||
|
||
__version__ = "0.0.2" | ||
__author__ = "Maurice Lambert" | ||
__author_email__ = "mauricelambert434@gmail.com" | ||
__maintainer__ = "Maurice Lambert" | ||
__maintainer_email__ = "mauricelambert434@gmail.com" | ||
__description__ = """ | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file adds a new group. | ||
""" | ||
__license__ = "GPL-3.0 License" | ||
__url__ = "https://github.com/mauricelambert/WebScripts" | ||
|
||
copyright = """ | ||
WebScripts Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
This program comes with ABSOLUTELY NO WARRANTY. | ||
This is free software, and you are welcome to redistribute it | ||
under certain conditions. | ||
""" | ||
license = __license__ | ||
__copyright__ = copyright | ||
|
||
__all__ = [] | ||
|
||
from modules.manage_defaults_databases import add_group, GroupError | ||
from sys import exit, argv, stderr | ||
|
||
|
||
def main() -> int: | ||
if len(argv) != 3 and not argv[2].isdigit(): | ||
print( | ||
"USAGES: add_group.py [NAME string required] [ID integer required]" | ||
) | ||
return 1 | ||
|
||
try: | ||
group = add_group(argv[2], argv[1]) | ||
except GroupError as error: | ||
print(error.__class__.__name__, error, file=stderr) | ||
return 2 | ||
except Exception as error: | ||
print(error.__class__.__name__, error, file=stderr) | ||
return 127 | ||
|
||
print(f"Group added:\n\t - Name: {group.name}\n\t - ID: {group.ID}") | ||
|
||
return 0 | ||
|
||
|
||
if __name__ == "__main__": | ||
exit(main()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,174 @@ | ||
#!/usr/bin/env python3 | ||
# -*- coding: utf-8 -*- | ||
|
||
################### | ||
# This file adds a new user. | ||
# Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
|
||
# This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, either version 3 of the License, or | ||
# (at your option) any later version. | ||
|
||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
|
||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
################### | ||
|
||
""" | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file adds a new user. | ||
""" | ||
|
||
__version__ = "1.0.3" | ||
__author__ = "Maurice Lambert" | ||
__author_email__ = "mauricelambert434@gmail.com" | ||
__maintainer__ = "Maurice Lambert" | ||
__maintainer_email__ = "mauricelambert434@gmail.com" | ||
__description__ = """ | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file adds a new user. | ||
""" | ||
__license__ = "GPL-3.0 License" | ||
__url__ = "https://github.com/mauricelambert/WebScripts" | ||
|
||
copyright = """ | ||
WebScripts Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
This program comes with ABSOLUTELY NO WARRANTY. | ||
This is free software, and you are welcome to redistribute it | ||
under certain conditions. | ||
""" | ||
license = __license__ | ||
__copyright__ = copyright | ||
|
||
__all__ = ["parse_args", "main"] | ||
|
||
from modules.manage_defaults_databases import ( | ||
add_user, | ||
UserError, | ||
get_dict_groups, | ||
) | ||
from argparse import ArgumentParser, Namespace | ||
from sys import exit, stderr | ||
|
||
|
||
def parse_args() -> Namespace: | ||
""" | ||
This function parse command line arguments. | ||
""" | ||
|
||
parser = ArgumentParser(description="This file adds a new user.") | ||
add_argument = parser.add_argument | ||
|
||
add_argument("username", help="Name of the new user") | ||
add_argument("password", help="Password of the new user") | ||
add_argument( | ||
"--groups", | ||
"-g", | ||
help="List of groups IDs to add permissions to the new user.", | ||
type=int, | ||
nargs="+", | ||
default=[], | ||
) | ||
add_argument( | ||
"--group-names", | ||
"-n", | ||
help="List of groups names to add permissions to the new user.", | ||
nargs="+", | ||
default=[], | ||
) | ||
add_argument( | ||
"--ips", | ||
"-i", | ||
help="List of glob syntax for authorized IPs", | ||
type=str, | ||
nargs="+", | ||
default=["*"], | ||
) | ||
add_argument( | ||
"--categories", | ||
"-c", | ||
help="List of glob syntax for authorized categories", | ||
type=str, | ||
nargs="+", | ||
default=["*"], | ||
) | ||
add_argument( | ||
"--scripts", | ||
"-s", | ||
help="List of glob syntax for authorized scripts", | ||
type=str, | ||
nargs="+", | ||
default=["*"], | ||
) | ||
return parser.parse_args() | ||
|
||
|
||
def main() -> int: | ||
""" | ||
This function adds a new user using the | ||
default user manager. | ||
""" | ||
|
||
arguments = parse_args() | ||
|
||
groups = { | ||
k.casefold(): v for k, v in get_dict_groups(by_name=True).items() | ||
} | ||
user_namedgroups = [] | ||
|
||
for name in arguments.group_names: | ||
name = name.casefold() | ||
if name in groups: | ||
user_namedgroups.append(groups[name]) | ||
else: | ||
print("Group name not found:", name, file=stderr) | ||
return 4 | ||
|
||
groups = arguments.groups + user_namedgroups | ||
if not groups: | ||
print( | ||
"A group is required you must use [--groups/-g] or/and " | ||
"[--group-names/-n] option.", | ||
file=stderr, | ||
) | ||
return 3 | ||
|
||
try: | ||
user = add_user( | ||
arguments.username, | ||
arguments.password, | ||
groups, | ||
arguments.ips, | ||
arguments.categories, | ||
arguments.scripts, | ||
) | ||
except UserError as error: | ||
print(error, file=stderr) | ||
return 2 | ||
except Exception as error: | ||
print(error, file=stderr) | ||
return 127 | ||
|
||
groups = get_dict_groups() | ||
|
||
print( | ||
f"User added:\n\t - Name: {user.name!r}\n\t - ID: {user.ID}\n\t - IPs:" | ||
f" {user.IPs}\n\t - Groups: " | ||
+ ",".join( | ||
f'{groups.get(group, "UNKNOWN")!r} ({group})' | ||
for group in user.groups.split(",") | ||
) | ||
) | ||
|
||
return 0 | ||
|
||
|
||
if __name__ == "__main__": | ||
exit(main()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
#!/usr/bin/env python3 | ||
# -*- coding: utf-8 -*- | ||
|
||
################### | ||
# This file print groups in JSON objects | ||
# Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
|
||
# This program is free software: you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License as published by | ||
# the Free Software Foundation, either version 3 of the License, or | ||
# (at your option) any later version. | ||
|
||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
|
||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
################### | ||
|
||
""" | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file can print groups in JSON objects. | ||
""" | ||
|
||
__version__ = "0.1.0" | ||
__author__ = "Maurice Lambert" | ||
__author_email__ = "mauricelambert434@gmail.com" | ||
__maintainer__ = "Maurice Lambert" | ||
__maintainer_email__ = "mauricelambert434@gmail.com" | ||
__description__ = """ | ||
This tool runs CLI scripts and displays output in a Web Interface. | ||
This file can print groups in JSON objects.""" | ||
__license__ = "GPL-3.0 License" | ||
__url__ = "https://github.com/mauricelambert/WebScripts" | ||
|
||
copyright = """ | ||
WebScripts Copyright (C) 2021, 2022, 2023 Maurice Lambert | ||
This program comes with ABSOLUTELY NO WARRANTY. | ||
This is free software, and you are welcome to redistribute it | ||
under certain conditions. | ||
""" | ||
license = __license__ | ||
__copyright__ = copyright | ||
|
||
__all__ = [] | ||
|
||
from modules.manage_defaults_databases import get_groups | ||
from argparse import ArgumentParser, Namespace | ||
from sys import exit, stdout, stderr | ||
from json import dump | ||
|
||
|
||
def parse_args() -> Namespace: | ||
""" | ||
This function parse command line arguments. | ||
""" | ||
|
||
parser = ArgumentParser() | ||
parser.add_argument( | ||
"--ids", | ||
"-i", | ||
help="List of group IDs to display them only.", | ||
nargs="+", | ||
default=[], | ||
) | ||
parser.add_argument( | ||
"--names", | ||
"-n", | ||
help="List of group names to display them only.", | ||
nargs="+", | ||
default=[], | ||
) | ||
return parser.parse_args() | ||
|
||
|
||
def main() -> int: | ||
""" | ||
Main function to print users using default manager for group database. | ||
""" | ||
|
||
arguments = parse_args() | ||
|
||
for i, value in enumerate(arguments.ids): | ||
if not value.isdigit(): | ||
print( | ||
f'ERROR: ids must be integer. "{value}" is not digits.', | ||
file=stderr, | ||
) | ||
return 3 | ||
|
||
groups = [] | ||
|
||
for group in get_groups(): | ||
if ( | ||
(len(arguments.ids) == 0 and len(arguments.names) == 0) | ||
or (arguments.ids and group.ID in arguments.ids) | ||
or (arguments.names and group.name in arguments.names) | ||
): | ||
groups.append(group._asdict()) | ||
|
||
dump(groups, stdout) | ||
return 0 | ||
|
||
|
||
if __name__ == "__main__": | ||
exit(main()) |
Oops, something went wrong.