func logout(ctx *macaron.Context) string {
var tpl vision.New
tpl.TemplateFile("template/login.tpl")
user, auth := util.Auth(ctx, "any")
if user.Sudo {
ctx.SetCookie("sudo", "", -1)
set_error("No longer logged in as "+user.System_username+".", ctx)
ctx.Redirect("/dashboard", 302)
return "success"
}
if auth {
new_token := util.MkToken()
db, _ := util.MySQL()
defer db.Close()
ustmt, _ := db.Prepare("update hostcontrol_users set login_token=? where system_username=?")
ustmt.Exec(new_token, user.System_username)
ustmt.Close()
}
ctx.SetCookie("hostcontrol_id", "", -1)
ctx.SetCookie("login_token", "", -1)
tpl.Parse("login")
tpl.Parse("login/logged_out")
return tpl.Out()
}
func die(ctx *macaron.Context, msg string) string {
var tpl vision.New
tpl.TemplateFile("template/error.tpl")
tpl.Assign("message", msg)
tpl.Parse("error")
return header(ctx) + tpl.Out() + footer(ctx)
}
func login(ctx *macaron.Context) string {
var tpl vision.New
tpl.TemplateFile("template/login.tpl")
tpl.Assign("x", "y")
tpl.Parse("login")
return tpl.Out()
}
func dashboard(ctx *macaron.Context) string {
//hcuser, auth := util.Auth(ctx, "any")
_, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/dashboard.tpl")
tpl.Parse("dashboard")
return header(ctx) + tpl.Out() + footer(ctx)
}
func ftpusers(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "ftpusers")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/ftpusers.tpl")
tpl.Assign("homedir", hcuser.HomeDir)
tpl.Parse("ftpusers")
userdata := API("/api/ftpusers/list", ctx)
users := make(map[string]map[string]string)
json.Unmarshal([]byte(userdata), &users)
for _, user := range users {
tpl.Assign("username", user["username"])
tpl.Assign("homedir", user["homedir"])
tpl.Parse("ftpusers/user")
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func databases(ctx *macaron.Context) string {
_, auth := util.Auth(ctx, "databases")
if !auth {
ctx.Redirect("/", 302)
return ""
}
//hostname := string(ctx.Req.Host)
hostname := string(ctx.Req.Header.Get("X-FORWARDED-HOST"))
if hostname == "" {
hostname = string(ctx.Req.Host)
}
hostname = strings.Split(hostname, ":")[0]
var tpl vision.New
tpl.TemplateFile("template/databases.tpl")
tpl.Assign("phpmyadmin_url", "https://"+hostname+"/phpmyadmin")
tpl.Parse("databases")
// list db users
dbuser_data := API("/api/sql/users/list", ctx)
var users []string
json.Unmarshal([]byte(dbuser_data), &users)
for _, user := range users {
tpl.Assign("db_user", user)
tpl.Parse("databases/user")
}
// end: list db users
// list databases
db_data := API("/api/sql/databases/list", ctx)
var databases []string
json.Unmarshal([]byte(db_data), &databases)
for _, db_name := range databases {
// list grants
grant_data := API("/api/sql/grants/list?db_name="+db_name, ctx)
var grants []string
json.Unmarshal([]byte(grant_data), &grants)
tpl.Assign("db_name", db_name)
tpl.Parse("databases/database")
// grant add dropdown
for _, user := range users {
tpl.Assign("db_user", user)
tpl.Assign("db_name", db_name)
tpl.Parse("databases/database/add_grant")
}
// END: grant add dropdown
for _, gdb_user := range grants {
tpl.Assign("db_user", gdb_user)
tpl.Assign("db_name", db_name)
tpl.Parse("databases/database/grant")
}
// end: list grants
}
// end: list databases
return header(ctx) + tpl.Out() + footer(ctx)
}
func mail(ctx *macaron.Context) string {
_, auth := util.Auth(ctx, "mail")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/mail.tpl")
hostname := string(ctx.Req.Header.Get("X-FORWARDED-HOST"))
if hostname == "" {
hostname = string(ctx.Req.Host)
}
hostname = strings.Split(hostname, ":")[0]
tpl.Assign("webmail_url", "https://"+hostname+"/roundcubemail")
tpl.Parse("mail")
// list domains and records
dns_data := API("/api/mail/list", ctx)
// map[domain]map[record_id]map[key]value
data := make(map[string]map[string]map[string]string)
json.Unmarshal([]byte(dns_data), &data)
for domain, email_accounts := range data {
tpl.Assign("domain_name", domain)
tpl.Parse("mail/domain")
for key, email := range email_accounts {
if key == "placebo" {
continue
}
tpl.Assign("email", email["email"])
tpl.Assign("email_id", email["email_id"])
tpl.Parse("mail/domain/email")
}
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func footer(ctx *macaron.Context) string {
var tpl vision.New
tpl.TemplateFile("template/overall.tpl")
tpl.Parse("footer")
return tpl.Out()
}
func file_editor(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return die(ctx, string(err.Error()))
}
selected_object := path.Clean(util.Query(ctx, "path"))
full_object := path.Clean(suser.HomeDir + "/" + selected_object)
// check ownership...
uid, _ := strconv.Atoi(suser.Uid)
gid, _ := strconv.Atoi(suser.Gid)
if !util.ChkPerms(full_object, uid, gid) {
return die(ctx, "You do not have access to object "+full_object)
}
filecontents := util.Query(ctx, "filecontents")
if filecontents != "" {
filecontents = strings.Replace(filecontents, "\r\n", "\n", -1)
ioutil.WriteFile(full_object, []byte(filecontents), 0644)
}
rawcontents, err := ioutil.ReadFile(full_object)
if err != nil {
return die(ctx, string(err.Error()))
}
content := html.EscapeString(string(rawcontents))
var tpl vision.New
tpl.TemplateFile("template/file-editor.tpl")
tpl.Assign("path_up", path.Dir(selected_object))
tpl.Assign("selected_path", selected_object)
tpl.Assign("current_path", full_object)
tpl.Assign("filedata", content)
tpl.Parse("file-editor")
return header(ctx) + tpl.Out() + footer(ctx)
}
func websites(ctx *macaron.Context) string {
_, auth := util.Auth(ctx, "websites")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/websites.tpl")
tpl.Parse("websites")
websites := API("/api/web/domain/list", ctx)
domains := make(map[string]map[string]string)
json.Unmarshal([]byte(websites), &domains)
for _, domain := range domains {
tpl.Assign("vhost_id", domain["vhost_id"])
tpl.Assign("system_username", domain["system_username"])
tpl.Assign("domain", domain["domain"])
tpl.Assign("documentroot", domain["documentroot"])
tpl.Assign("ipaddr", domain["ipaddr"])
tpl.Assign("ssl_enabled", domain["ssl_enabled"])
determin_fm_page := strings.Split(domain["documentroot"], "www")
filemanager_path := "www" + determin_fm_page[1]
tpl.Assign("filemanager_path", filemanager_path)
tpl.Parse("websites/domain")
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func header(ctx *macaron.Context) string {
var tpl vision.New
tpl.TemplateFile("template/overall.tpl")
hcuser, auth := util.Auth(ctx, "any")
if auth {
tpl.Assign("username", hcuser.System_username)
}
hostname := string(ctx.Req.Header.Get("X-FORWARDED-HOST"))
if hostname == "" {
hostname = string(ctx.Req.Host)
}
hostname = strings.Split(hostname, ":")[0]
tpl.Assign("console_url", "https://"+hostname+"/shellinabox")
tpl.Parse("header")
if auth {
if (strings.Contains(hcuser.Privileges, "websites") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("header/websitesbtn")
}
if strings.Contains(hcuser.Privileges, "databases") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("header/databasesbtn")
}
if strings.Contains(hcuser.Privileges, "dns") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("header/dnsbtn")
}
if (strings.Contains(hcuser.Privileges, "mail") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("header/mailbtn")
}
if (strings.Contains(hcuser.Privileges, "ftpusers") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("header/ftpusersbtn")
}
if strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("header/firewallbtn")
}
if strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("header/servicesbtn")
}
if strings.Contains(hcuser.Privileges, "sysusers") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("header/usersbtn")
}
}
err_str := ctx.GetCookie("err_str")
if err_str != "" {
tpl.Assign("message", err_str)
tpl.Parse("header/error")
ctx.SetCookie("err_str", "")
}
info_str := ctx.GetCookie("info_str")
if info_str != "" {
tpl.Assign("message", info_str)
tpl.Parse("header/info")
ctx.SetCookie("info_str", "")
}
return tpl.Out()
}
func dashboard(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/dashboard.tpl")
hostname := string(ctx.Req.Header.Get("X-FORWARDED-HOST"))
if hostname == "" {
hostname = string(ctx.Req.Host)
}
hostname = strings.Split(hostname, ":")[0]
tpl.Assign("console_url", "https://"+hostname+"/shellinabox")
tpl.Parse("dashboard")
if (strings.Contains(hcuser.Privileges, "websites") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("dashboard/websitesbtn")
}
if strings.Contains(hcuser.Privileges, "databases") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("dashboard/databasesbtn")
}
if strings.Contains(hcuser.Privileges, "dns") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("dashboard/dnsbtn")
}
if (strings.Contains(hcuser.Privileges, "mail") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("dashboard/mailbtn")
}
if (strings.Contains(hcuser.Privileges, "ftpusers") || strings.Contains(hcuser.Privileges, "all")) && hcuser.System_username != "root" {
tpl.Parse("dashboard/ftpusersbtn")
}
if strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("dashboard/firewallbtn")
}
if strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("dashboard/servicesbtn")
}
if strings.Contains(hcuser.Privileges, "sysusers") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("dashboard/usersbtn")
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func login_post(ctx *macaron.Context) string {
db, err := util.MySQL()
defer db.Close()
if err != nil {
return "Problem opening MySQL"
}
new_token := util.MkToken()
username := util.Query(ctx, "username")
password := util.Query(ctx, "password")
rememberme := util.Query(ctx, "rememberme")
login_failed := false
if chklogin(username, password) {
stmt, _ := db.Prepare("SELECT * from hostcontrol_users WHERE system_username = ?")
rows, _ := stmt.Query(username)
stmt.Close()
var hostcontrol_id int
var system_username string
var privileges string
var owned_by string
var login_token string
var email_address string
// check if we have a row returned...
if rows.Next() {
rows.Scan(&hostcontrol_id, &system_username, &privileges, &owned_by, &login_token, &email_address)
ustmt, _ := db.Prepare("update hostcontrol_users set login_token=? where system_username=?")
ustmt.Exec(new_token, username)
ustmt.Close()
// insert root if login worked and he doesn't exist!
} else if username == "root" {
istmt, _ := db.Prepare("insert hostcontrol_users set hostcontrol_id=null, system_username=?, privileges=?, owned_by=?, login_token=?, email_address=?")
istmt.Exec("root", "all", "root", new_token, "")
istmt.Close()
// fallback to failure.
} else {
login_failed = true
}
if !login_failed {
// set cookies
if rememberme == "checked" {
ctx.SetCookie("hostcontrol_id", strconv.Itoa(hostcontrol_id), 864000)
ctx.SetCookie("login_token", new_token, 864000)
ctx.SetCookie("sudo", "", 864000)
} else {
ctx.SetCookie("hostcontrol_id", strconv.Itoa(hostcontrol_id), 0)
ctx.SetCookie("login_token", new_token, 0)
ctx.SetCookie("sudo", "", 0)
}
// send to dashboard
ctx.Redirect("/dashboard", 302)
return "Redirecting to the dashboard. Click <a href=\"/dashboard\">here</a> if you are not redirected."
}
} else {
login_failed = true
}
var tpl vision.New
tpl.TemplateFile("template/login.tpl")
tpl.Parse("login")
if login_failed {
tpl.Parse("login/fail")
}
return tpl.Out()
}
func users(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "sysusers")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/users.tpl")
tpl.Parse("users")
if strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_all")
}
if strings.Contains(hcuser.Privileges, "websites") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_websites")
}
if strings.Contains(hcuser.Privileges, "mail") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_mail")
}
if strings.Contains(hcuser.Privileges, "databases") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_databases")
}
if strings.Contains(hcuser.Privileges, "ftpusers") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_ftpusers")
}
if strings.Contains(hcuser.Privileges, "dns") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_dns")
}
if strings.Contains(hcuser.Privileges, "sysusers") || strings.Contains(hcuser.Privileges, "all") {
tpl.Parse("users/perms_sysusers")
}
userdata := API("/api/users/list", ctx)
users := make(map[string]map[string]string)
json.Unmarshal([]byte(userdata), &users)
for _, user := range users {
tpl.Assign("hostcontrol_id", user["hostcontrol_id"])
tpl.Assign("system_username", user["system_username"])
tpl.Assign("privileges", user["privileges"])
tpl.Assign("owned_by", user["owned_by"])
tpl.Assign("login_token", user["login_token"])
tpl.Assign("email_address", user["email_address"])
tpl.Parse("users/user")
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func main() {
var tpl vision.New
tpl.TemplateFile("tpl/hello.tpl")
tpl.Assign("testvar", "Foobar")
tpl.Parse("main")
tpl.Parse("main/row")
tpl.Parse("main/row")
tpl.Parse("main/row")
tpl.Assign("foovar", "Hello World")
tpl.Parse("main/vrow")
tpl.Assign("foovar", "Hello Dog")
tpl.Parse("main/vrow")
tpl.Assign("foovar", "Hello Cat")
tpl.Parse("main/vrow")
fmt.Println(tpl.Out())
}
func sslmanager(ctx *macaron.Context) string {
_, auth := util.Auth(ctx, "websites")
if !auth {
ctx.Redirect("/", 302)
return ""
}
vhost_id := util.Query(ctx, "vhost_id")
var tpl vision.New
tpl.TemplateFile("template/websites.sslmanager.tpl")
websites := API("/api/web/domain/list", ctx)
domains := make(map[string]map[string]string)
json.Unmarshal([]byte(websites), &domains)
found := false
for _, domain := range domains {
if domain["vhost_id"] == vhost_id {
tpl.Assign("vhost_id", domain["vhost_id"])
tpl.Assign("system_username", domain["system_username"])
tpl.Assign("domain", domain["domain"])
tpl.Assign("documentroot", domain["documentroot"])
tpl.Assign("ipaddr", domain["ipaddr"])
tpl.Assign("ssl_certificate", domain["ssl_certificate"])
tpl.Assign("ssl_key", domain["ssl_key"])
tpl.Assign("ssl_ca_certificate", domain["ssl_ca_certificate"])
if domain["ssl_enabled"] == "Y" {
tpl.Assign("ssl_enabled", "checked")
} else {
tpl.Assign("ssl_enabled", "")
}
found = true
}
}
if !found {
set_error("Failed to find requested domain.", ctx)
ctx.Redirect("/websites", 302)
return ""
}
tpl.Parse("sslmanager")
return header(ctx) + tpl.Out() + footer(ctx)
}
func dns(ctx *macaron.Context) string {
_, auth := util.Auth(ctx, "dns")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/dns.tpl")
tpl.Parse("dns")
// list domains and records
dns_data := API("/api/dns/list", ctx)
// map[domain]map[record_id]map[key]value
data := make(map[string]map[string]map[string]string)
json.Unmarshal([]byte(dns_data), &data)
for domain, records := range data {
tpl.Assign("domain_name", domain)
tpl.Parse("dns/domain")
for key, record := range records {
if key == "placebo" {
continue
}
tpl.Assign("record_change_date", record["record_change_date"])
tpl.Assign("record_content", record["record_content"])
tpl.Assign("record_disabled", record["record_disabled"])
tpl.Assign("record_domain_id", record["record_domain_id"])
tpl.Assign("record_id", record["record_id"])
tpl.Assign("record_name", record["record_name"])
tpl.Assign("record_ordername", record["record_ordername"])
tpl.Assign("record_prio", record["record_prio"])
tpl.Assign("record_ttl", record["record_ttl"])
tpl.Assign("record_type", record["record_type"])
tpl.Parse("dns/domain/record")
}
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func header(ctx *macaron.Context) string {
var tpl vision.New
tpl.TemplateFile("template/overall.tpl")
user, auth := util.Auth(ctx, "any")
if auth {
tpl.Assign("username", user.System_username)
}
tpl.Parse("header")
err_str := ctx.GetCookie("err_str")
if err_str != "" {
tpl.Assign("message", err_str)
tpl.Parse("header/error")
ctx.SetCookie("err_str", "")
}
info_str := ctx.GetCookie("info_str")
if info_str != "" {
tpl.Assign("message", info_str)
tpl.Parse("header/info")
ctx.SetCookie("info_str", "")
}
return tpl.Out()
}
func filemanager(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/filemanager.tpl")
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return die(ctx, string(err.Error()))
}
uid, err := strconv.Atoi(suser.Uid)
if err != nil {
return die(ctx, string(err.Error()))
}
gid, err := strconv.Atoi(suser.Gid)
if err != nil {
return die(ctx, string(err.Error()))
}
selected_object := path.Clean(util.Query(ctx, "path"))
full_object := path.Clean(suser.HomeDir + "/" + selected_object)
// check ownership...
if !util.ChkPerms(full_object, uid, gid) {
return die(ctx, "You do not have access to object "+full_object)
}
delete_objectin := util.Query(ctx, "delete")
delete_object := path.Clean(util.Query(ctx, "delete"))
delete_object = path.Clean(suser.HomeDir + "/" + delete_object)
if delete_objectin != "" {
os.RemoveAll(delete_object)
}
newdirin := util.Query(ctx, "dirname")
newdir := path.Clean(util.Query(ctx, "dirname"))
newdir = path.Clean(full_object + "/" + newdir)
newfilein := util.Query(ctx, "filename")
newfile := path.Clean(util.Query(ctx, "filename"))
newfile = path.Clean(full_object + "/" + newfile)
if newdirin != "" {
os.Mkdir(newdir, 0755)
os.Chown(newdir, uid, gid)
}
if newfilein != "" {
f, _ := os.Create(newfile)
f.Close()
os.Chown(newfile, uid, gid)
os.Chmod(newfile, 0644)
}
tpl.GAssign("path_up", path.Dir(selected_object))
tpl.GAssign("current_path", full_object)
tpl.GAssign("selected_path", selected_object)
objects, err := ioutil.ReadDir(full_object)
if err != nil {
return die(ctx, string(err.Error()))
}
tpl.Parse("filemanager")
for _, file := range objects {
tpl.Assign("filename", file.Name())
mode := string(fmt.Sprintf("%s", file.Mode()))
tpl.Assign("mode", mode)
if file.IsDir() {
tpl.Parse("filemanager/directory")
} else {
tpl.Parse("filemanager/file")
}
}
return header(ctx) + tpl.Out() + footer(ctx)
}
func settings(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "any")
if !auth {
ctx.Redirect("/", 302)
return ""
}
var tpl vision.New
tpl.TemplateFile("template/settings.tpl")
tpl.Assign("username", hcuser.System_username)
tpl.Parse("settings")
db, _ := util.MySQL()
defer db.Close()
// tokens
stmt, _ := db.Prepare("select * from hostcontrol_user_tokens where hostcontrol_id=?")
rows, _ := stmt.Query(hcuser.Hostcontrol_id)
stmt.Close()
for rows.Next() {
var token string
var hostcontrol_id string
var description string
var token_id string
rows.Scan(&token, &hostcontrol_id, &description, &token_id)
tpl.Assign("raw_token", token)
tpl.Assign("token", hostcontrol_id+"/"+token)
tpl.Assign("description", description)
tpl.Parse("settings/token")
}
return header(ctx) + tpl.Out() + footer(ctx)
}
