Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: admin banlist #53

Merged
merged 8 commits into from
Feb 19, 2021
+238 −30
Merged

feature: admin banlist #53

Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
96c1209
feat: add a ban list to admin
alfg Feb 18, 2021
66cc358
feat: restrict server if user is on banlist. updated admin server page.
alfg Feb 18, 2021
956ecc9
chore: updated logo and home screenshot
alfg Feb 18, 2021
e63dfaa
chore: fixing logos
alfg Feb 18, 2021
659c8fd
chore: fixing logos
alfg Feb 18, 2021
b430e32
typos and sneaking in some new password generator keywords
alfg Feb 18, 2021
4a1a58e
mumble download updates and generate password css update
alfg Feb 18, 2021
d025802
update last_accessed on banlist if user is banned
alfg Feb 19, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 48 additions & 6 deletions app/controllers/admin.py
View file
Original file line number Diff line number Diff line change
@@ -5,13 +5,12 @@
from flask_login import login_required
import psutil

import settings
from app.util import admin_required
from app import db
from app.forms import UserAdminForm, DeployCustomServerForm, NoticeForm, SuperuserPasswordForm
from app.forms import SendChannelMessageForm, CreateTokenForm, CleanupExpiredServersForm, get_all_hosts
from app.forms import CreateHostForm, HostAdminForm, CreatePackageForm, get_active_hosts_by_type, build_packages_list
from app.models import Server, User, Notice, Rating, Token, Host, Package
from app.forms import SendChannelMessageForm, CreateTokenForm, CleanupExpiredServersForm
from app.forms import CreateHostForm, HostAdminForm, CreatePackageForm, CreateBanForm, get_active_hosts_by_type, build_packages_list
from app.models import Server, User, Notice, Rating, Token, Host, Package, Ban
import app.murmur as murmur

ITEMS_PER_PAGE = 50
@@ -517,7 +516,7 @@ def get(self, id):
order=package.order,
active=package.active
)
return render_template('admin/package.html', package=package, form=form, title="Pacakge: %s" % package.name)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)

@login_required
@admin_required
@@ -535,4 +534,47 @@ def update(self, id):
package.active = form.active.data
db.session.commit()
return redirect('/admin/packages/%s' % package.id)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)
return render_template('admin/package.html', package=package, form=form, title="Package: %s" % package.name)

class AdminBansView(FlaskView):
@login_required
@admin_required
def index(self):
page = int(request.args.get('page', 1))
banned = Ban.query.order_by(Ban.last_accessed.desc()).paginate(page, ITEMS_PER_PAGE, False)
form = CreateBanForm(request.form)
return render_template('admin/bans.html', banned=banned, form=form, title="Bans")

@login_required
@admin_required
def post(self):
page = int(request.args.get('page', 1))
form = CreateBanForm()
banned = Ban.query.order_by(Ban.last_accessed.desc()).paginate(page, ITEMS_PER_PAGE, False)
if form.validate_on_submit():
try:
# Create database entry
b = Ban()
b.ip = form.ip.data or None
b.reason = form.reason.data or None
b.note = form.note.data or None

db.session.add(b)
db.session.commit()
return redirect('/admin/bans/')

except:
import traceback
db.session.rollback()
traceback.print_exc()
return redirect('/admin/bans/')

return render_template('admin/bans.html', form=form, banned=banned)

@login_required
@admin_required
def delete(self, id):
ban = Ban.query.filter_by(id=id).first_or_404()
db.session.delete(ban)
db.session.commit()
return jsonify({ id: id })
21 changes: 16 additions & 5 deletions app/controllers/home.py
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import uuid
from datetime import datetime

from flask import render_template, redirect, url_for, g, flash, request, make_response
from flask_classy import FlaskView, route
@@ -8,7 +9,7 @@
from app import db, cache, tasks, mail
from app.forms import DeployServerForm, ContactForm
from app.forms import duration_choices, get_active_hosts_by_type
from app.models import Server, Package
from app.models import Server, Package, Ban
from app import murmur


@@ -23,6 +24,20 @@ def index(self):
return render_template('index.html', form=form)

def post(self):
# Set admin's IP.
x_forwarded_for = request.headers.getlist('X-Forwarded-For');
ip = x_forwarded_for[0] if x_forwarded_for else request.remote_addr
ip = ip.split(',')[0]

# Flash message if user is on banlist.
banned = Ban.query.filter_by(ip=ip).first()
if banned:
banned.last_accessed = datetime.utcnow()
db.session.add(banned)
db.session.commit()
flash("User banned! Reason: %s" % banned.reason)
return redirect('/')

form = DeployServerForm()
form.duration.choices = duration_choices()
form.region.choices = get_active_hosts_by_type('free')
@@ -32,10 +47,6 @@ def post(self):
# Generate UUID
gen_uuid = str(uuid.uuid4())

# Set admin's IP
x_forwarded_for = request.headers.getlist('X-Forwarded-For');
ip = x_forwarded_for[0] if x_forwarded_for else request.remote_addr

# Create database entry
s = Server()
s.duration = form.duration.data
5 changes: 5 additions & 0 deletions app/forms.py
View file
Original file line number Diff line number Diff line change
@@ -129,6 +129,11 @@ class CreatePackageForm(FlaskForm):
active = BooleanField('active', default=False)
order = IntegerField('duration', default=0)

class CreateBanForm(FlaskForm):
ip = TextField('ip')
reason = TextField('reason')
note = TextField('note')

class LoginForm(FlaskForm):
openid = TextField('openid', validators=[Required()])
remember_me = BooleanField('remember_me', default=False)
10 changes: 9 additions & 1 deletion app/models.py
View file
Original file line number Diff line number Diff line change
@@ -187,4 +187,12 @@ class Package(db.Model):
slots = db.Column(db.Integer)
duration = db.Column(db.Integer)
active = db.Column(db.Boolean, default=False)
order = db.Column(db.Integer, default=0)
order = db.Column(db.Integer, default=0)


class Ban(db.Model):
id = db.Column(db.Integer, primary_key=True)
ip = db.Column(db.String(64))
reason = db.Column(db.String)
note = db.Column(db.String)
last_accessed = db.Column(db.DateTime, default=datetime.datetime.utcnow)
2 changes: 1 addition & 1 deletion app/static/css/style.css
View file
Original file line number Diff line number Diff line change
@@ -215,7 +215,7 @@ a:hover {
.password-generator {
font-size: 14px;
margin-top: -10px;
width: 61.5%;
width: 66.5%;
}

.description {
Binary file removed app/static/img/favicon.ico
View file
Binary file not shown.
Binary file added app/static/img/favicon.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified app/static/img/guildbit_ico.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified app/static/img/screenshot_home.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 3 additions & 3 deletions app/static/js/main.js
View file
Original file line number Diff line number Diff line change
@@ -43,19 +43,19 @@ $(document).ready(function() {
else if (os.indexOf("Win") !== -1) {
$('#os-download #os-text').text(_WindowsDownload);
$('#os-download #download-link i').addClass('fa-windows');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.3/mumble-1.3.3.msi');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.4/mumble-1.3.4.msi');
}
else if (os.indexOf("MacOS") !== -1 || os.indexOf("MacIntel") !== -1) {
$('#os-download #os-text').text(_OSXDownload);
$('#os-download #download-link i').removeClass('fa-windows');
$('#os-download #download-link i').addClass('fa-apple');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.3/Mumble-1.3.3.dmg');
$('#os-download #download-link').attr('href', 'https://github.com/mumble-voip/mumble/releases/download/1.3.4/Mumble-1.3.4.dmg');
}
else if (ua.indexOf("android") > -1) {
$('#os-download #os-text').text(_AndroidDownload);
$('#os-download #download-link i').removeClass('fa-windows');
$('#os-download #download-link i').addClass('fa-android');
$('#os-download #download-link').attr('href', 'https://play.google.com/store/apps/details?id=com.morlunk.mumbleclient');
$('#os-download #download-link').attr('href', 'https://play.google.com/store/apps/details?id=se.lublin.mumla');
}
else if (os === 'iPad' || os == 'iPhone' || os === 'iPod') {
$('#os-download #os-text').text(_iOSDownload);
123 changes: 123 additions & 0 deletions app/templates/admin/bans.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
{% extends"layout/admin_base.html" %}

{% block title %}Banned IPs{% endblock %}

{% block body %}
<div class="spacer">
<a class="pure-button button-secondary" data-toggle="modal" data-target="#add-ban">Add Ban</a>
</div>
<table class="pure-table pure-table-horizontal pure-table-striped servers">
<thead>
<tr>
<th>IP</th>
<th>Last Accessed</th>
<th>Reason</th>
<th>Note</th>
<th>Action</th>
</tr>
</thead>

<tbody>
{% for i in banned.items %}
<tr>
<td>{{ i.ip }}</td>
<td class="last-accessed">{{ i.last_accessed }}</td>
<td>{{ i.reason }}</td>
<td>{{ i.note }}</td>
<td>
<button
class="delete-ban pure-button button-error button-small"
data-id="{{ i.id }}">Delete</button>
</td>
</tr>
{% endfor %}
{% if banned == [] %}
<tr><td class="text-center" colspan="9">No Banned Users</td></tr>
{% endif %}

</tbody>
</table>
<ul class="pagination">
{%- for page in banned.iter_pages() %}
{% if page %}
{% if page != banned.page %}
<li><a href="{{ url_for('AdminBansView:index', page=page) }}">{{ page }}</a></li>
{% else %}
<li class="active"><a href="{{ url_for('AdminBansView:index', page=page) }}">{{ page }}</a></li>
{% endif %}
{% else %}
<li class="disabled"><a href="#">…</a></li>
{% endif %}
{%- endfor %}
</ul>
<p>({{ banned.total }} total)</p>

<!-- Create Host Modal -->
<div class="modal fade" id="add-ban" tabindex="-1" role="dialog" aria-labelledby="add-ban" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<form action="" method="post" name="role" class="pure-form pure-form-aligned">
<div class="modal-header">
<h4 class="modal-title">Create a Host</h4>
</div>
<div class="modal-body">
{{ form.csrf_token }}
<div class="pure-control-group">
<label for="role">IP</label>
{{ form.ip }}
</div>
<div class="pure-control-group">
<label for="role">Reason</label>
{{ form.reason }}
</div>
<div class="pure-control-group">
<label for="role">Note</label>
{{ form.note }}
</div>
{% if form.errors %}
<ul>
{% for field_name, field_errors in form.errors|dictsort if field_errors %}
{% for error in field_errors %}
<li>{{ error }}</li>
{% endfor %}
{% endfor %}
</ul>
{% endif %}
</div>
<div class="modal-footer">
<button type="button" class="pure-button" data-dismiss="modal">Close</button>
<button type="submit" class="pure-button button-secondary">Create</button>
</div>
</form>
</div>
</div>
</div>
{% endblock %}

{% block scripts %}
<script src="/static/js/admin.js"></script>
<script src="/static/js/libs/moment.min.js"></script>
<script type="text/javascript">
$(function() {
// Moment.js time formatting
$(".last-accessed").text(function(index, value) {
return moment.utc(value).local().format("MM/DD h:mm:ss a");
});

$(".delete-ban").on('click', function(event) {
if (confirm('Are you sure you want to delete this ban?')) {
var btn = $(this);
var id = btn.data('id');
$.ajax({
url: '/admin/bans/' + id,
type: 'DELETE',
success: function(result) {
btn.html('Deleted');
btn.prop('disabled', true);
}
});
}
});
})
</script>
{% endblock %}
7 changes: 6 additions & 1 deletion app/templates/admin/server.html
View file
Original file line number Diff line number Diff line change
@@ -25,13 +25,17 @@
<td>UUID</td>
<td>{{ server.uuid }}</td>
</tr>
<tr>
<td>IP</td>
<td>{{ server.ip }}</td>
</tr>
<tr>
<td>Type</td>
<td><span class="label {{ 'label-blue' if server.type == 'upgrade' }}">{{ server.type }}</span></td>
</tr>
<tr>
<td>Created</td>
<td>{{ server.created_date }}</td>
<td id="created-date">{{ server.created_date }}</td>
</tr>
<tr>
<td>Duration Hours</td>
@@ -148,6 +152,7 @@
var base_url = '/server/{{ server.uuid }}'
var base_url_id = '/admin/servers/{{ server.uuid }}'
var expire_date = '{{ server.expiration }}';
$("#created-date").text(moment.utc(expire_date).local().format("ddd, MMM Do, h:mm:ss a"));
$("#expires-date").text(moment.utc(expire_date).local().format("ddd, MMM Do, h:mm:ss a"));
$("#expires").text(moment.utc(expire_date).fromNow());
$("#kill-server").on('submit', function() {
4 changes: 3 additions & 1 deletion app/templates/admin/servers.html
View file
Original file line number Diff line number Diff line change
@@ -24,6 +24,7 @@
<th>ID</th>
<th>UUID</th>
<th>Created Date</th>
<th>IP</th>
<th>Duration</th>
<th>Password</th>
<th>Status</th>
@@ -39,6 +40,7 @@
<td>{{ s.id }}</td>
<td><a href="/admin/servers/{{ s.uuid }}">{{ s.uuid }}</a></td>
<td class="created-date">{{ s.created_date }}</td>
<td>{{ s.ip }}</td>
{% if s.extensions > 0 %}
<td>{{ s.duration - s.extensions }} <span class="text-green">+{{ s.extensions }}</span></td>
{% else %}
@@ -51,7 +53,7 @@
<td>{{ s.mumble_instance }}</td>
</tr>
{% else %}
<tr><td class="text-center" colspan="9">No Servers</td></tr>
<tr><td class="text-center" colspan="10">No Servers</td></tr>
{% endfor %}

</tbody>
26 changes: 18 additions & 8 deletions app/templates/index.html
View file
Original file line number Diff line number Diff line change
@@ -20,6 +20,16 @@ <h1 class="text-center">{{ _('Deploy a Mumble server for your group. It&apos;s f
<a id="generate-password" href="#">Generate Password</a>
</div>

{% with messages = get_flashed_messages() %}
{% if messages %}
<ul class="errors text-center">
{% for message in messages %}
<li class="warning alert">{{ message }}</li>
{% endfor %}
</ul>
{% endif %}
{% endwith %}

{% if form.errors %}
<ul class="errors text-center">
{% for field_name, field_errors in form.errors|dictsort if field_errors %}
@@ -70,14 +80,14 @@ <h1 class="text-center">{{ _('Deploy a Mumble server for your group. It&apos;s f
'Baby', 'Bad', 'Beautiful', 'Benign', 'Big', 'Bitter', 'Blind', 'Blue',
'Bold', 'Brave', 'Bright', 'Brisk', 'Calm', 'Camouflaged', 'Casual',
'Cautious', 'Choppy', 'Chosen', 'Clever', 'Cold', 'Cool', 'Crawly',
'Crazy', 'Creepy', 'Cruel', 'Curious', 'Cynical', 'Dangerous', 'Dark',
'Crazy', 'Creepy', 'Cruel', 'Curious', 'Cynical', 'Dangerous', 'Dark', 'Dancing',
'Delicate', 'Desperate', 'Difficult', 'Discreet', 'Disguised', 'Dizzy',
'Dumb', 'Eager', 'Easy', 'Edgy', 'Electric', 'Elegant', 'Emancipated',
'Enormous', 'Euphoric', 'Evil', 'Fast', 'Ferocious', 'Fierce', 'Fine',
'Flawed', 'Flying', 'Foolish', 'Foxy', 'Freezing', 'Funny', 'Furious',
'Gentle', 'Glorious', 'Golden', 'Good', 'Green', 'Green', 'Guilty',
'Gentle', 'Glorious', 'Golden', 'Good', 'Green', 'Green', 'Guilty', 'Gnarly',
'Hairy', 'Happy', 'Hard', 'Hasty', 'Hazy', 'Heroic', 'Hostile', 'Hot',
'Humble', 'Humongous', 'Humorous', 'Hysterical', 'Idealistic', 'Ignorant',
'Humble', 'Humongous', 'Humorous', 'Hungry', 'Hysterical', 'Idealistic', 'Ignorant',
'Immense', 'Impartial', 'Impolite', 'Indifferent', 'Infuriated',
'Insightful', 'Intense', 'Interesting', 'Intimidated', 'Intriguing',
'Jealous', 'Jolly', 'Jovial', 'Jumpy', 'Kind', 'Laughing', 'Lazy', 'Liquid',
@@ -86,22 +96,22 @@ <h1 class="text-center">{{ _('Deploy a Mumble server for your group. It&apos;s f
'Mighty', 'Mischievous', 'Miserable', 'Modified', 'Moody', 'Most',
'Mysterious', 'Mystical', 'Needy', 'Nervous', 'Nice', 'Objective',
'Obnoxious', 'Obsessive', 'Obvious', 'Opinionated', 'Orange', 'Painful',
'Passionate', 'Perfect', 'Pink', 'Playful', 'Poisonous', 'Polite', 'Poor',
'Passionate', 'Perfect', 'Pink', 'Playful', 'Pog', 'Poisonous', 'Polite', 'Poor',
'Popular', 'Powerful', 'Precise', 'Preserved', 'Pretty', 'Purple', 'Quick',
'Quiet', 'Random', 'Rapid', 'Rare', 'Real', 'Reassuring', 'Reckless', 'Red',
'Regular', 'Remorseful', 'Responsible', 'Rich', 'Rude', 'Ruthless', 'Sad',
'Scared', 'Scary', 'Scornful', 'Screaming', 'Selfish', 'Serious', 'Shady',
'Scared', 'Scary', 'Scornful', 'Screaming', 'Selfish', 'Serious', 'Sexy', 'Shady',
'Shaky', 'Sharp', 'Shiny', 'Shy', 'Simple', 'Sleepy', 'Slow', 'Sly',
'Small', 'Smart', 'Smelly', 'Smiling', 'Smooth', 'Smug', 'Sober', 'Soft',
'Solemn', 'Square', 'Square', 'Steady', 'Strange', 'Strong', 'Stunning',
'Subjective', 'Successful', 'Surly', 'Sweet', 'Tactful', 'Tense',
'Thoughtful', 'Tight', 'Tiny', 'Tolerant', 'Uneasy', 'Unique', 'Unseen',
'Subjective', 'Successful', 'Surly', 'Sweet', 'Tactful', 'Tense', 'Thick',
'Thoughtful', 'Tight', 'Tiny', 'Tolerant', 'Ugly', 'Uneasy', 'Unique', 'Unseen',
'Warm', 'Weak', 'Weird', 'WellCooked', 'Wild', 'Wise', 'Witty', 'Wonderful',
'Worried', 'Yellow', 'Young', 'Zealous'
];

var _CHARACTERS = [
'Aeris', 'Aerith', 'Lucas', 'Charizard', 'Marth', 'MegaMan', 'Mewtwo',
'Aeris', 'Aerith', 'Lucas', 'Charizard', 'Doomguy', 'Dva', 'Marth', 'MegaMan', 'Mewtwo',
'Android', 'Butthead', 'Turok', 'Bond', 'Ren', 'Stimpy', 'Elvis', 'Frogger',
'Batman', 'Sonic', 'Mario', 'Luigi', 'SuperJoe', 'SolidSnake', 'Shaq',
'Corrin', 'CaptainFalcon', 'Sheik', 'Roy', 'Rosalina', 'Squirtle', 'Wolf',
3 changes: 2 additions & 1 deletion app/templates/layout/admin_base.html
View file
Original file line number Diff line number Diff line change
@@ -6,7 +6,7 @@
<meta name="description" content="A layout example that shows off a responsive product landing page.">

<title>{% block title %}{% endblock %} | GuildBit Admin</title>
<link rel="shortcut icon" href="/static/img/guildbit_ico.png" type="image/x-icon" />
<link rel="shortcut icon" href="/static/img/favicon.png" type="image/x-icon" />
<link rel="stylesheet" href="/static/css/pure-min.css">
<link rel="stylesheet" href="/static/css/grids-responsive-min.css">
<link rel="stylesheet" href="/static/css/admin.css">
@@ -35,6 +35,7 @@ <h1><a href="/admin/">GuildBit</a></h1>
<li {% if title == "Tokens" %}class="menu-item-divided pure-menu-selected"{% endif %}><a href="/admin/tokens/">Tokens</a></li>
<li {% if title == "Packages" %}class="menu-item-divided pure-menu-selected"{% endif %}><a href="/admin/packages/">Packages</a></li>
<li {% if title == "Feedback" %}class="menu-item-divided pure-menu-selected"{% endif %}><a href="/admin/feedback/">Feedback</a></li>
<li {% if title == "Bans" %}class="menu-item-divided pure-menu-selected"{% endif %}><a href="/admin/bans/">Bans</a></li>
<li {% if title == "Tools" %}class="menu-item-divided pure-menu-selected"{% endif %}><a href="/admin/tools/">Tools</a></li>
<hr />
<li><a href="http://flower.guildbit.com" target="_blank">Celery Tasks</a></li>
4 changes: 2 additions & 2 deletions app/templates/layout/base.html
View file
Original file line number Diff line number Diff line change
@@ -6,12 +6,12 @@

<title>{% block title %}{% endblock %} &mdash; GuildBit.com</title>
<meta name="description" content="{{ _('GuildBit - Free Mumble Server Hosting') }}" />
<meta name="keywords" content="mumble, voip, hosting, guild, mmo, ffxiv, server, murmur" />
<meta name="keywords" content="mumble, voip, hosting, guild, server, murmur, vc" />
<meta name="author" content="https://github.com/alfg">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1">
<meta name="google-site-verification" content="6LyHPdggxteOxGctt9IDNoad82I2ONWI0dAuJqyNJMs" />

<link rel="shortcut icon" href="/static/img/guildbit_ico.png" type="image/x-icon" />
<link rel="shortcut icon" href="/static/img/favicon.png" type="image/x-icon" />

<!-- Facebook Metadata /-->
<meta property="og:image" content="https://guildbit.com/static/img/screenshot_home.png" />
3 changes: 2 additions & 1 deletion app/views.py
View file
Original file line number Diff line number Diff line change
@@ -9,7 +9,7 @@
from app.controllers.home import HomeView
from app.controllers.server import ServerView
from app.controllers.admin import AdminView, AdminServersView, AdminPortsView, AdminHostsView, AdminFeedbackView
from app.controllers.admin import AdminTokensView, AdminToolsView, AdminUsersView, AdminPackagesView
from app.controllers.admin import AdminTokensView, AdminToolsView, AdminUsersView, AdminPackagesView, AdminBansView
from app.controllers.payment import PaymentView

from app.forms import LoginForm
@@ -110,3 +110,4 @@ def page_not_found(error):
AdminFeedbackView.register(app, route_prefix='/admin/', route_base='/feedback')
AdminTokensView.register(app, route_prefix='/admin/', route_base='/tokens')
AdminPackagesView.register(app, route_prefix='/admin/', route_base='/packages')
AdminBansView.register(app, route_prefix='/admin/', route_base='/bans')