Compare commits

..

No commits in common. "0c0125b40c925e1451ed32fe4f4f8a04f98dd405" and "a0989ccceff19618d970f55165e65dd0b4b45f78" have entirely different histories.

4 changed files with 10 additions and 119 deletions

4
.gitignore vendored
View File

@ -4,7 +4,3 @@
__pycache__/
templates/assets/css/styles.min.css
ignore/
plugins/signatures.json

26
main.py
View File

@ -96,7 +96,7 @@ def index():
plugins = ""
dashFunctions = plugins_module.getDashboardFunctions()
for function in dashFunctions:
functionOutput = plugins_module.runPluginFunction(function["plugin"],function["function"],{},request.cookies.get("account"))
functionOutput = plugins_module.runPluginFunction(function["plugin"],function["function"],{},account_module.check_account(request.cookies.get("account")))
plugins += render.plugin_output_dash(functionOutput,plugins_module.getPluginFunctionReturns(function["plugin"],function["function"]))
@ -1151,10 +1151,6 @@ def plugin(plugin):
functions = plugins_module.getPluginFunctions(plugin)
functions = render.plugin_functions(functions,plugin)
if data['verified'] == False:
functions = "<div class='container-fluid'><div class='alert alert-warning' role='alert'>This plugin is not verified and is disabled for your protection. Please check the code before marking the plugin as verified <a href='/plugin/" + plugin + "/verify' class='btn btn-danger'>Verify</a></div></div>" + functions
error = request.args.get("error")
if error == None:
@ -1165,26 +1161,6 @@ def plugin(plugin):
author=data['author'],version=data['version'],
functions=functions,error=error)
@app.route('/plugin/<plugin>/verify')
def plugin_verify(plugin):
# Check if the user is logged in
if request.cookies.get("account") is None:
return redirect("/login")
account = account_module.check_account(request.cookies.get("account"))
if not account:
return redirect("/logout")
if not plugins_module.pluginExists(plugin):
return redirect("/plugins")
data = plugins_module.getPluginData(plugin)
if data['verified'] == False:
plugins_module.verifyPlugin(plugin)
return redirect("/plugin/" + plugin)
@app.route('/plugin/<plugin>/<function>', methods=["POST"])
def plugin_function(plugin,function):
# Check if the user is logged in

View File

@ -13,27 +13,6 @@ def listPlugins():
details = plugin.info
details["link"] = file[:-3]
plugins.append(details)
# Verify plugin signature
signatures = []
try:
with open("plugins/signatures.json", "r") as f:
signatures = json.load(f)
except:
# Write a new signatures file
with open("plugins/signatures.json", "w") as f:
json.dump(signatures, f)
for plugin in plugins:
# Hash the plugin file
with open(f"plugins/{plugin['link']}.py", "r") as f:
file = f.read()
plugin_hash = hash(file)
if plugin_hash not in signatures:
plugin["verified"] = False
else:
plugin["verified"] = True
return plugins
@ -43,49 +22,9 @@ def pluginExists(plugin: str):
return True
return False
def verifyPlugin(plugin: str):
signatures = []
try:
with open("plugins/signatures.json", "r") as f:
signatures = json.load(f)
except:
# Write a new signatures file
with open("plugins/signatures.json", "w") as f:
json.dump(signatures, f)
# Hash the plugin file
with open(f"plugins/{plugin}.py", "r") as f:
file = f.read()
plugin_hash = hash(file)
if plugin_hash not in signatures:
signatures.append(plugin_hash)
with open("plugins/signatures.json", "w") as f:
json.dump(signatures, f)
def getPluginData(pluginStr: str):
plugin = importlib.import_module("plugins."+pluginStr)
# Check if the plugin is verified
signatures = []
try:
with open("plugins/signatures.json", "r") as f:
signatures = json.load(f)
except:
# Write a new signatures file
with open("plugins/signatures.json", "w") as f:
json.dump(signatures, f)
info = plugin.info
# Hash the plugin file
with open(f"plugins/{pluginStr}.py", "r") as f:
file = f.read()
plugin_hash = hash(file)
if plugin_hash not in signatures:
info["verified"] = False
else:
info["verified"] = True
return info
def getPluginData(plugin: str):
plugin = importlib.import_module("plugins."+plugin)
return plugin.info
def getPluginFunctions(plugin: str):
plugin = importlib.import_module("plugins."+plugin)
@ -102,24 +41,6 @@ def runPluginFunction(plugin: str, function: str, params: dict, authentication:
# Get the function object from the plugin module
plugin_function = getattr(plugin_module, function)
# Check if the function is in the signature list
signatures = []
try:
with open("plugins/signatures.json", "r") as f:
signatures = json.load(f)
except:
# Write a new signatures file
with open("plugins/signatures.json", "w") as f:
json.dump(signatures, f)
# Hash the plugin file
with open(f"plugins/{plugin}.py", "r") as f:
file = f.read()
plugin_hash = hash(file)
if plugin_hash not in signatures:
return {"error": "Plugin not verified"}
# Call the function with provided parameters
try:
result = plugin_function(params, authentication)

View File

@ -189,10 +189,7 @@ def plugins(plugins):
name = plugin['name']
link = plugin['link']
if plugin['verified']:
html += f'<li class="list-group-item"><a class="btn btn-secondary" style="width:100%;height:100%;margin:0px;font-size: x-large;" role="button" href="/plugin/{link}">{name}</a></li>'
else:
html += f'<li class="list-group-item"><a class="btn btn-danger" style="width:100%;height:100%;margin:0px;font-size: x-large;" role="button" href="/plugin/{link}">{name} (Not verified)</a></li>'
html += f'<li class="list-group-item"><a class="btn btn-secondary" style="width:100%;height:100%;margin:0px;font-size: x-large;" role="button" href="/plugin/{link}">{name}</a></li>'
return html
def plugin_functions(functions, pluginName):
@ -304,8 +301,9 @@ def plugin_output_dash(outputs, returns):
html = ''
for returnOutput in returns:
if returnOutput not in outputs:
html += render_template('components/dashboard-plugin.html', name=returns[returnOutput]["name"], output="No output")
continue
html += render_template('components/dashboard-plugin.html', name=returns[returnOutput]["name"], output=outputs[returnOutput])
html += render_template('components/dashboard-plugin.html', name=returns[returnOutput]["name"], output=outputs[returnOutput])
html += f'</div>'
html += f'</div>'
return html