From 86193d912b93a2a598393f3235f5264d5bc753ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Aime?= Date: Sun, 27 Dec 2020 19:40:25 +0100 Subject: [PATCH] Some improvements and modifications related to the issue #25 --- server/backend/app/blueprints/config.py | 43 ++++++++++++------------- server/backend/app/classes/config.py | 43 ++++++++++++++++++++++--- 2 files changed, 59 insertions(+), 27 deletions(-) diff --git a/server/backend/app/blueprints/config.py b/server/backend/app/blueprints/config.py index 8edc803..6ccea85 100644 --- a/server/backend/app/blueprints/config.py +++ b/server/backend/app/blueprints/config.py @@ -9,6 +9,7 @@ import sys config_bp = Blueprint("config", __name__) config = Config() + @config_bp.route('/switch//', methods=['GET']) @require_header_token def switch(cat, key): @@ -18,20 +19,21 @@ def switch(cat, key): """ try: value = config.read_config((cat, key)) - if value: + if value: config.write_config(cat, key, False) - res = { "status" : True, - "message" : "Key switched to false" } + res = {"status": True, + "message": "Key switched to false"} else: config.write_config(cat, key, True) - res = { "status" : True, - "message" : "Key switched to true" } + res = {"status": True, + "message": "Key switched to true"} except: - res = { "status" : True, - "message" : "Issue while changing value" } - + res = {"status": True, + "message": "Issue while changing value"} + return jsonify(res) + @config_bp.route('/edit///', methods=['GET']) @require_header_token def edit(cat, key, value): @@ -39,15 +41,8 @@ def edit(cat, key, value): Edit the string (or array) value of a configuration key. :return: status in JSON """ - value = value.split("|") if "|" in value else value - if config.write_config(cat, key, value): - res = { "status" : True, - "message" : "Configuration updated" } - else: - res = { "status" : False, - "message" : "Can't edit this configuration key" } - - return jsonify(res) + return jsonify(config.write_config(cat, key, value)) + @config_bp.route('/db/export', methods=['GET']) @require_get_token @@ -58,6 +53,7 @@ def export_db(): """ return config.export_db() + @config_bp.route('/db/import', methods=['POST']) @require_header_token def import_db(): @@ -70,13 +66,14 @@ def import_db(): assert f.read(15) == b"SQLite format 3" d = "/".join(sys.path[0].split("/")[:-2]) f.save("/{}/tinycheck.sqlite3".format(d)) - res = { "status" : True, - "message" : "Database updated" } + res = {"status": True, + "message": "Database updated"} except: - res = { "status" : False, - "message" : "Error while database upload" } + res = {"status": False, + "message": "Error while database upload"} return jsonify(res) - + + @config_bp.route('/list', methods=['GET']) def list(): """ @@ -85,4 +82,4 @@ def list(): """ res = config.export_config() res["backend"]["password"] = "" - return jsonify(res) \ No newline at end of file + return jsonify(res) diff --git a/server/backend/app/classes/config.py b/server/backend/app/classes/config.py index 2cfbcc8..5f6bf59 100644 --- a/server/backend/app/classes/config.py +++ b/server/backend/app/classes/config.py @@ -44,21 +44,55 @@ class Config(object): config = yaml.load( open(os.path.join(self.dir, "config.yaml"), "r"), Loader=yaml.SafeLoader) + # Some checks prior configuration changes. + if cat not in config: + return {"status": False, + "message": "Wrong category specified"} + + if key not in config[cat]: + return {"status": False, + "message": "Wrong key specified"} + + # Changes for network interfaces. if cat == "network" and key in ["in", "out"]: if re.match("^wlan[0-9]{1}$", value): if key == "in": self.edit_configuration_files(value) config[cat][key] = value else: - return False + return {"status": False, + "message": "Wrong value specified"} + + # Changes for network SSIDs. + elif cat == "network" and key == "ssids": + ssids = list(set(value.split("|"))) if "|" in value else [value] + if len(ssids): + config[cat][key] = ssids + + # Changes for watchers. + elif cat == "watchers" and key in ["iocs", "whitelists"]: + urls = [] + values = list(set(value.split("|"))) if "|" in value else [value] + for value in values: # Preventing SSRF based on watchers URLs. + if "https://raw.githubusercontent.com" in value[0:33]: + urls.append(value) + if len(urls): + config[cat][key] = urls + + # Changes for backend password. elif cat == "backend" and key == "password": config[cat][key] = self.make_password(value) + + # Changes for anything not specified. + # Warning: can break your config if you play with it (eg. arrays, ints & bools). else: - config[cat][key] = value + if len(value): + config[cat][key] = value with open(os.path.join(self.dir, "config.yaml"), "w") as yaml_file: yaml_file.write(yaml.dump(config, default_flow_style=False)) - return True + return {"status": True, + "message": "Configuration updated"} def make_password(self, clear_text): """ @@ -86,7 +120,7 @@ class Config(object): try: return [i for i in os.listdir("/sys/class/net/") if i.startswith("wlan")] except: - return ["Fake iface1", "Fake iface 2"] + return ["Interface not found", "Interface not found"] def edit_configuration_files(self, iface): """ @@ -103,6 +137,7 @@ class Config(object): content[i] = "interface {}\n".format(iface) with open("/etc/dhcpcd.conf", 'w') as file: file.writelines(content) + # Edit of DNSMASQ.conf with open("/etc/dnsmasq.conf", 'r') as file: content = file.readlines()