func file_editor(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return die(ctx, string(err.Error()))
}
selected_object := path.Clean(util.Query(ctx, "path"))
full_object := path.Clean(suser.HomeDir + "/" + selected_object)
// check ownership...
uid, _ := strconv.Atoi(suser.Uid)
gid, _ := strconv.Atoi(suser.Gid)
if !util.ChkPerms(full_object, uid, gid) {
return die(ctx, "You do not have access to object "+full_object)
}
filecontents := util.Query(ctx, "filecontents")
if filecontents != "" {
filecontents = strings.Replace(filecontents, "\r\n", "\n", -1)
ioutil.WriteFile(full_object, []byte(filecontents), 0644)
}
rawcontents, err := ioutil.ReadFile(full_object)
if err != nil {
return die(ctx, string(err.Error()))
}
content := html.EscapeString(string(rawcontents))
var tpl vision.New
tpl.TemplateFile("template/file-editor.tpl")
tpl.Assign("path_up", path.Dir(selected_object))
tpl.Assign("selected_path", selected_object)
tpl.Assign("current_path", full_object)
tpl.Assign("filedata", content)
tpl.Parse("file-editor")
return header(ctx) + tpl.Out() + footer(ctx)
}
func filemanager(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/filemanager.tpl")
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return die(ctx, string(err.Error()))
}
uid, err := strconv.Atoi(suser.Uid)
if err != nil {
return die(ctx, string(err.Error()))
}
gid, err := strconv.Atoi(suser.Gid)
if err != nil {
return die(ctx, string(err.Error()))
}
selected_object := path.Clean(util.Query(ctx, "path"))
full_object := path.Clean(suser.HomeDir + "/" + selected_object)
// check ownership...
if !util.ChkPerms(full_object, uid, gid) {
return die(ctx, "You do not have access to object "+full_object)
}
delete_objectin := util.Query(ctx, "delete")
delete_object := path.Clean(util.Query(ctx, "delete"))
delete_object = path.Clean(suser.HomeDir + "/" + delete_object)
if delete_objectin != "" {
os.RemoveAll(delete_object)
}
newdirin := util.Query(ctx, "dirname")
newdir := path.Clean(util.Query(ctx, "dirname"))
newdir = path.Clean(full_object + "/" + newdir)
newfilein := util.Query(ctx, "filename")
newfile := path.Clean(util.Query(ctx, "filename"))
newfile = path.Clean(full_object + "/" + newfile)
if newdirin != "" {
os.Mkdir(newdir, 0755)
os.Chown(newdir, uid, gid)
}
if newfilein != "" {
f, _ := os.Create(newfile)
f.Close()
os.Chown(newfile, uid, gid)
os.Chmod(newfile, 0644)
}
tpl.GAssign("path_up", path.Dir(selected_object))
tpl.GAssign("current_path", full_object)
tpl.GAssign("selected_path", selected_object)
objects, err := ioutil.ReadDir(full_object)
if err != nil {
return die(ctx, string(err.Error()))
}
tpl.Parse("filemanager")
for _, file := range objects {
tpl.Assign("filename", file.Name())
mode := string(fmt.Sprintf("%s", file.Mode()))
tpl.Assign("mode", mode)
if file.IsDir() {
tpl.Parse("filemanager/directory")
} else {
tpl.Parse("filemanager/file")
}
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func AddFtpUser(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "ftpusers")
if !auth {
return "not_authorized"
}
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return string(err.Error())
}
username := util.Query(ctx, "ftpuser")
if username == "" {
return "ftpuser_required"
}
password := util.Query(ctx, "password")
if password == "" {
return "password_required"
}
homedir := util.Query(ctx, "homedir")
if homedir == "" {
return "homedir_required"
}
username = hcuser.System_username + "_" + username
// attempt to make homedir as the user
util.Cmd("su", []string{"-", hcuser.System_username, "-c", "mkdir -p " + homedir})
// check ownership...
uid, _ := strconv.Atoi(suser.Uid)
gid, _ := strconv.Atoi(suser.Gid)
if !util.ChkPerms(homedir, uid, gid) {
return "invalid_homedir"
}
db, _ := util.MySQL()
defer db.Close()
// add the user
// useradd {username} -g {gid} -u {uid} -s /sbin/nologin -o
util.Cmd("useradd", []string{username, "-d", homedir, "-g", suser.Gid, "-u", suser.Uid, "-s", "/sbin/nologin", "-o"})
// make sure user was added
_, lookup_err2 := user.Lookup(username)
if lookup_err2 != nil {
return "unable_to_create"
}
// set the password
util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin")
// add the user
istmt, _ := db.Prepare("insert hostcontrol_ftpusers set ftpuser_id=null, ftpusername=?, homedir=?, system_username=?")
istmt.Exec(username, homedir, hcuser.System_username)
istmt.Close()
return "success"
}
