D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
opt
/
cloudlinux
/
venv
/
lib
/
python3.11
/
site-packages
/
clcagefslib
/
webisolation
/
Filename :
config.py
back
Copy
# -*- coding: utf-8 -*- # # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENCE.TXT # import dataclasses import json import os import pathlib from pathlib import Path from clcommon import ClPwd from clcagefslib.fs import get_user_prefix from clcagefslib.io import write_via_tmp DOCROOTS_ISOLATED_BASE = Path("/var/clwebisolate/users") @dataclasses.dataclass class UserConfig: enabled_websites: list[str] = dataclasses.field(default_factory=list) def load_user_config(user: str) -> UserConfig | None: path = _get_user_config_path(user) if not path.exists(): return UserConfig() try: return UserConfig(**json.loads(path.read_text())) except json.JSONDecodeError: return UserConfig() def save_user_config(user: str, config: UserConfig | None) -> None: path = _get_user_config_path(user) if not config or not config.enabled_websites: path.unlink(missing_ok=True) return path.parent.mkdir(parents=True, exist_ok=True) write_via_tmp(str(path.parent), str(path), json.dumps(dataclasses.asdict(config), indent=4)) # Set ownership and permissions so user can read their config (but not write) # root:user_group with 0o640 = owner (root) can read/write, group (user_group) can read only # User can read via group membership but cannot write because group has no write permission pw = ClPwd().get_pw_by_name(user) os.chown(path, os.getuid(), pw.pw_gid) # root:user_group os.chmod(path, 0o640) # rw-r----- def _get_user_config_path(user: str) -> pathlib.Path: pw = ClPwd().get_pw_by_name(user) prefix = get_user_prefix(user) directory = DOCROOTS_ISOLATED_BASE / prefix return Path(directory / f"{pw.pw_uid}.json")