Merge pull request #86 from limanmys/1.3-dev

Go Render Yapisi

.github/workflows/main.yml

@@ -13,16 +13,9 @@ jobs:
       - name: Getting Liman' PHP Sandbox
         uses: actions/checkout@v2
         with:
-          repository: mertcelen/liman-sandbox
+          repository: limanmys/php-sandbox
           path: package/liman/sandbox/php
           token: ${{ secrets.CI_TOKEN }}
-
-      - name: Getting Liman' Python Sandbox
-        uses: actions/checkout@v2
-        with:
-          repository: mertcelen/liman-sandbox-python
-          path: package/liman/sandbox/python
-          token: ${{ secrets.CI_TOKEN }}
       - uses: actions/cache@v2
         with:
           path: ~/.npm
@@ -32,7 +25,7 @@ jobs:
       - name: Getting Liman' WebSSH
         uses: actions/checkout@v2
         with:
-          repository: mertcelen/webssh
+          repository: limanmys/webssh
           path: package/liman/webssh
           token: ${{ secrets.CI_TOKEN }}
       - name: Get Composer Cache Directory
@@ -69,6 +62,8 @@ jobs:
           tools: composer
           extensions : ssh2, curl, sqlite3, ldap, mbstring, xml, zip, posix, smbclient, mongodb, gd
       - name: Build Liman Package
+        env:
+          SLACK_TOKEN: ${{ secrets.SLACK_TOKEN }}
         run: |
           DEBIAN_FRONTEND=noninteractive sudo apt install jq -y 1>/dev/null 2>/dev/null
           VERSION=`cat package/liman/server/storage/VERSION`
@@ -79,7 +74,7 @@ jobs:
           DATE=$(date)
           composer install --no-dev -d package/liman/server
           git --git-dir=package/liman/server/.git log -30 --pretty=format:"%s%x09%ad" > package/liman/server/storage/changelog
-          rm -rf package/liman/server/.git package/liman/sandbox/php/.git package/liman/sandbox/python/.git
+          rm -rf package/liman/server/.git package/liman/sandbox/php/.git
           rm -rf package/liman/server/node_modules
           mv package/liman/server/storage/build_tools/DEBIAN package/
           rm -rf package/liman/server/storage/build_tools
@@ -106,6 +101,7 @@ jobs:
           """ > DEBIAN/control
           cd ../
           dpkg-deb -Zgzip --build package
+          ls -lah
           [ "$GITHUB_REF" == "refs/heads/master" ] && CHANNEL="liman-release" || CHANNEL="liman-dev-release"
           [ "$GITHUB_REF" == "refs/heads/master" ] && FILE_NAME="liman-$VERSION-$GITHUB_RUN_NUMBER.deb" || FILE_NAME="liman-${GITHUB_REF#refs/heads/}-$VERSION-$GITHUB_RUN_NUMBER.deb"
-          curl -F "file=@/home/runner/work/liman/liman/package.deb" "https://slack.com/api/files.upload?token=xoxb-474187933397-695167035444-NFLf9tgYahuMsmeT7rwp5wnD&channels=$CHANNEL&filename=$FILE_NAME&pretty=1&initial_comment=$COMMIT" || echo
+          curl -F "file=@package.deb" "https://slack.com/api/files.upload?token=$SLACK_TOKEN&channels=$CHANNEL&filename=$FILE_NAME&pretty=1&initial_comment=$COMMIT" || echo

app/Connectors/WinRMConnector.php

@@ -7,6 +7,7 @@
 use GuzzleHttp\Client;
 use Illuminate\Support\Str;
 use App\Models\ConnectorToken;
+use mervick\aesEverywhere\AES256;
 
 class WinRMConnector implements Connector
 {
@@ -40,15 +41,7 @@ public static function retrieveCredentials()
         }
 
         $key = env('APP_KEY') . user()->id . server()->id;
-        $decrypted = openssl_decrypt($username["value"], 'aes-256-cfb8', $key);
-        $stringToDecode = substr($decrypted, 16);
-        $username = base64_decode($stringToDecode);
-
-        $key = env('APP_KEY') . user()->id . server()->id;
-        $decrypted = openssl_decrypt($password["value"], 'aes-256-cfb8', $key);
-        $stringToDecode = substr($decrypted, 16);
-        $password = base64_decode($stringToDecode);
-        return [$username, $password];
+        return [AES256::decrypt($username["value"],$key), AES256::decrypt($password["value"],$key)];
     }
 
     public function execute($command)

app/Events/ExtensionRendered.php

@@ -6,24 +6,26 @@
 use Illuminate\Broadcasting\InteractsWithSockets;
 use Illuminate\Broadcasting\PresenceChannel;
 use Illuminate\Broadcasting\PrivateChannel;
-use Illuminate\Contracts\Broadcasting\ShouldBroadcast;
+use Illuminate\Contracts\Broadcasting\ShouldBroadcastNow;
 use Illuminate\Foundation\Events\Dispatchable;
 use Illuminate\Queue\SerializesModels;
 
-class ExtensionRendered implements ShouldBroadcast
+class ExtensionRendered implements ShouldBroadcastNow
 {
-    use Dispatchable, InteractsWithSockets, SerializesModels;
+    use SerializesModels,InteractsWithSockets, Dispatchable;
 
-    public $output;
+    private $data;
+    private $user_id;
 
     /**
      * Create a new event instance.
      *
      * @return void
      */
-    public function __construct($output)
+    public function __construct($data, $user_id)
     {
-        $this->output = $output;
+        $this->data = $data;
+        $this->user_id = $user_id;
     }
 
     /**
@@ -33,6 +35,11 @@ public function __construct($output)
      */
     public function broadcastOn()
     {
-        return new PrivateChannel('channel-name');
+        return new PrivateChannel('extension_renderer_' . $this->user_id);
+    }
+
+    public function broadcastWith()
+    {
+        return ['data' => $this->data];
     }
 }

app/Http/Controllers/Auth/LogoutController.php

@@ -29,6 +29,5 @@ public function logout()
             ->regenerateToken();
         hook('logout_successful');
         return redirect(route('login'));
-
     }
 }

app/Http/Controllers/Extension/OneController.php

@@ -12,6 +12,9 @@
 use Illuminate\Routing\Redirector;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Str;
+use mervick\aesEverywhere\AES256;
+use GuzzleHttp\Client;
+use App\Models\Token;
 
 /**
  * Class OneController
@@ -52,127 +55,80 @@ public function serverSettings()
                     ]);
             }
         }
-        //Check Verification
-        if (
-            array_key_exists("verification", $extension) &&
-            $extension["verification"] != null &&
-            $extension["verification"] != ""
-        ) {
-            // Run Function
-            $extensionDb = [];
-            foreach ($extension["database"] as $key) {
-                if (request($key["variable"])) {
-                    $extensionDb[$key["variable"]] = request($key["variable"]);
-                } elseif (
-                    $setting = UserSettings::where([
-                        "user_id" => user()->id,
-                        "server_id" => server()->id,
-                        'name' => $key["variable"],
-                    ])->first()
-                ) {
-                    $extensionDb[$key["variable"]] = lDecrypt($setting->value);
-                } else {
-                    return redirect(
-                        route('extension_server_settings_page', [
-                            "extension_id" => extension()->id,
-                            "server_id" => server()->id,
-                            "city" => server()->city,
-                        ])
-                    )
-                        ->withInput()
-                        ->withErrors([
-                            "message" => "Eksik parametre girildi.",
-                        ]);
-                }
-            }
-            $extensionDb = json_encode($extensionDb);
-            $command = sandbox()->command(
-                $extension["verification"],
-                $extensionDb
-            );
-            $output = rootSystem()->runCommand($command);
-            if (isJson($output)) {
-                $message = json_decode($output);
-                if (isset($message->message)) {
-                    $output = $message->message;
-                }
-            }
 
-            $sessions = \App\Models\TmpSession::where(
-                'session_id',
-                session()->getId()
-            )->get();
-            foreach ($sessions as $session) {
-                session()->put($session->key, $session->value);
-                $session->delete();
-            }
-
-            if (strtolower($output) != "ok" && strtolower($output) != "ok\n") {
-                return redirect(
-                    route('extension_server_settings_page', [
-                        "extension_id" => extension()->id,
-                        "server_id" => server()->id,
-                        "city" => server()->city,
-                    ])
-                )
-                    ->withInput()
-                    ->withErrors([
-                        "message" => $output,
-                    ]);
-            }
-        }
         foreach ($extension["database"] as $key) {
             $row = DB::table('user_settings')->where([
                 "user_id" => user()->id,
                 "server_id" => server()->id,
                 'name' => $key["variable"],
             ]);
-            if (request($key["variable"])) {
+            $variable = request($key["variable"]);
+            if ($variable) {
                 if ($row->exists()) {
-                    $encKey =
-                        env('APP_KEY') .
-                        user()->id .
-                        extension()->id .
-                        server()->id;
-                    $encrypted = openssl_encrypt(
-                        Str::random(16) .
-                            base64_encode(request($key["variable"])),
-                        'aes-256-cfb8',
-                        $encKey,
-                        0,
-                        Str::random(16)
-                    );
+                    $encKey = env('APP_KEY') . user()->id . server()->id;
                     $row->update([
-                        "value" => $encrypted,
+                        "value" => AES256::encrypt($variable, $encKey),
                         "updated_at" => Carbon::now(),
                     ]);
                 } else {
-                    $encKey =
-                        env('APP_KEY') .
-                        user()->id .
-                        extension()->id .
-                        server()->id;
-                    $encrypted = openssl_encrypt(
-                        Str::random(16) .
-                            base64_encode(request($key["variable"])),
-                        'aes-256-cfb8',
-                        $encKey,
-                        0,
-                        Str::random(16)
-                    );
-
+                    $encKey = env('APP_KEY') . user()->id . server()->id;
                     DB::table("user_settings")->insert([
                         "id" => Str::uuid(),
                         "server_id" => server()->id,
                         "user_id" => user()->id,
                         "name" => $key["variable"],
-                        "value" => $encrypted,
+                        "value" => AES256::encrypt($variable, $encKey),
                         "created_at" => Carbon::now(),
                         "updated_at" => Carbon::now(),
                     ]);
                 }
             }
         }
+
+        //Check Verification
+        if (
+            array_key_exists("verification", $extension) &&
+            $extension["verification"] != null &&
+            $extension["verification"] != ""
+        ) {
+            $client = new Client();
+            $result = "";
+            try {
+                $res = $client->request('POST', 'http://127.0.0.1:5454/', [
+                    'form_params' => [
+                        "lmntargetFunction" => $extension["verification"],
+                        "extension_id" => extension()->id,
+                        "server_id" => server()->id,
+                        "token" => Token::create(user()->id),
+                    ],
+                    'timeout' => 5,
+                ]);
+                $output = (string) $res->getBody();
+                if (isJson($output)) {
+                    $message = json_decode($output);
+                    if (isset($message->message)) {
+                        $result = $message->message;
+                    }
+                } else {
+                    $result = $output;
+                }
+            } catch (\Exception $e) {
+                $result = $e->getMessage();
+            }
+            if (trim($result) != "ok") {
+                return redirect(
+                    route('extension_server_settings_page', [
+                        "extension_id" => extension()->id,
+                        "server_id" => server()->id,
+                        "city" => server()->city,
+                    ])
+                )
+                    ->withInput()
+                    ->withErrors([
+                        "message" => $result,
+                    ]);
+            }
+        }
         system_log(7, "EXTENSION_SETTINGS_UPDATE", [
             "extension_id" => extension()->id,
             "server_id" => server()->id,
@@ -217,14 +173,11 @@ public function serverSettingsPage()
                 ])
                 ->first();
             if ($obj) {
-                $key =
-                    env('APP_KEY') .
-                    user()->id .
-                    extension()->id .
-                    server()->id;
-                $decrypted = openssl_decrypt($obj->value, 'aes-256-cfb8', $key);
-                $stringToDecode = substr($decrypted, 16);
-                $similar[$item["variable"]] = base64_decode($stringToDecode);
+                $key = env('APP_KEY') . user()->id . server()->id;
+                $similar[$item["variable"]] = AES256::decrypt(
+                    $obj->value,
+                    $key
+                );
             }
         }
 
@@ -251,9 +204,7 @@ public function remove()
         hook('extension_delete_attempt', extension());
         try {
             shell_exec(
-                "rm -rf " .
-                    "/liman/extensions/" .
-                    strtolower(extension()->name)
+                "rm -rf " . "/liman/extensions/" . strtolower(extension()->name)
             );
         } catch (\Exception $exception) {
         }