Viewing file:  clwpos_lib.py (7.54 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
# -*- coding: utf-8 -*-
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2018 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
#
from __future__ import print_function
from __future__ import absolute_import
from __future__ import division
import json
import re
import os
from pathlib import Path
from typing import Union, Iterable, Optional, Tuple, List
from enum import Enum
from clcommon.clpwd import ClPwd
class PluginType(Enum):
"""
Plugin types that are currently detected
"""
OBJECT_CACHE = 'object-cache'
ADVANCED_CACHE = 'advanced-cache'
class WpPlugins(Enum):
"""
Static WP plugin names, that are not detected
dynamically from drop-in files, dir names, etc
"""
UNKNOWN = 'Unknown'
WP_ROCKET = 'WP Rocket'
def clean_comment(line: str, is_multiline_comment: bool) -> Tuple[str, bool]:
"""
Yep, this bicycle is needed to handle different comment types in .php file
https://www.php.net/manual/en/language.basic-syntax.comments.php
and ensure that needed line is not under comment
"""
if is_multiline_comment:
if '*/' not in line:
return '', True
else:
pos = line.find('*/')
part1, _ = clean_comment(line[:pos], True)
part2, is_multiline_comment = clean_comment(line[pos + 2:], False)
return part1 + part2, is_multiline_comment
if '//' in line:
pos = line.find('//')
return line[:pos], False
if '#' in line:
pos = line.find('#')
return line[:pos], False
if '/*' in line:
pos = line.find('/*')
part1, _ = clean_comment(line[:pos], False)
part2, is_multiline_comment = clean_comment(line[pos + 2:], True)
return part1 + part2, is_multiline_comment
return line, False
def is_wp_path(abs_path: Union[str, Path]) -> bool:
"""
Checks whether passed directory is a wordpress directory
by checking presence of wp-admin folder
"""
try:
if not os.path.exists(abs_path):
return False
paths = os.listdir(abs_path)
# skip paths that can't be read (wrong permissions etc)
except OSError:
return False
for path in paths:
try:
real_path = os.path.realpath(os.path.join(abs_path, path))
if path == 'wp-admin' and os.path.isdir(real_path):
return True
except OSError:
continue
return False
def find_wp_paths(doc_root: str, excludes: Optional[List[str]] = None) -> Iterable[str]:
"""
Returns folder with wordpress
Empty string is wp is in docroot dir
:param doc_root:
root path to start search from
:param excludes:
list of paths that must be excluded from search, e.g. subdomains
"""
if not os.path.exists(doc_root):
return
if is_wp_path(doc_root):
yield ''
for path in Path(doc_root).iterdir():
if not path.is_dir():
continue
if excludes and str(path) in excludes:
continue
if is_wp_path(path):
yield path.name
def _is_php_define_var_found(var, path):
"""
Looks for defined php variable with true value
"""
r = re.compile(fr'^\s*define\s*\(\s*((\'{var}\')|(\"{var}\"))\s*,\s*true\s*\)\s*;')
# let`s find needed setting by reading line by line
with open(path, errors='ignore') as f:
is_multiline_comment = False
while True:
line = f.readline()
if not line:
break
cleaned_line, is_multiline_comment = clean_comment(line, is_multiline_comment)
if r.match(cleaned_line):
return True
return False
def is_advanced_cache_enabled(wordpress_path: Path):
"""
Detects whether plugin is really enabled,
cause not all plugins are enabled 'on load'
# https://kevdees.com/what-are-wordpress-drop-in-plugins/
"""
wp_config = wordpress_path.joinpath('wp-config.php')
# really strange when main wordpress config is absent
if not os.path.exists(wp_config):
return False
return _is_php_define_var_found('WP_CACHE', wp_config)
def wp_rocket_plugin(drop_in_path):
"""
They are advising to check whether WP_ROCKET_ADVANCED_CACHE is defined
to ensure plugin is working
https://docs.wp-rocket.me/article/134-advanced-cache-error-message
"""
if _is_php_define_var_found('WP_ROCKET_ADVANCED_CACHE', drop_in_path):
return WpPlugins.WP_ROCKET.value
return None
def get_wp_cache_plugin(wordpress_path: Path, plugin_type: str):
"""
Looking for object-cache.php or advanced-cache.php in wordpress folder
If found - tries to find 'plugin-owner' of <-cache>.php by
content comparison
If cannot be found -> tries to read <-cache>.php headers looking for Plugin name: <Plugin>
"""
wp_content_dir = wordpress_path.joinpath("wp-content")
activated_cache = wp_content_dir.joinpath(f'{plugin_type}.php')
if not os.path.exists(activated_cache):
return None
if plugin_type == PluginType.ADVANCED_CACHE.value and not is_advanced_cache_enabled(wordpress_path):
return None
plugins_dir = wp_content_dir.joinpath("plugins")
plugin_name = get_wp_cache_plugin_by_scanning_dirs(activated_cache, plugins_dir) \
or get_wp_cache_plugin_by_header(activated_cache) \
or wp_rocket_plugin(activated_cache) \
or WpPlugins.UNKNOWN.value
return plugin_name
def get_wp_cache_plugin_by_scanning_dirs(activated_plugin: Path, plugins_dir: Path) -> Optional[str]:
"""
Scanning plugins/* dir and looking for similar <object/advanced_cache>.php
"""
if not os.path.exists(plugins_dir):
return None
for plugin in plugins_dir.iterdir():
plugin_object_cache = list(plugin.glob(f"**/{activated_plugin.name}"))
if plugin_object_cache:
plugin_object_cache = plugin_object_cache[0]
if plugin_object_cache.read_bytes() == activated_plugin.read_bytes():
return plugin.name
return None
def get_wp_cache_plugin_by_header(activated_plugin: Path) -> Optional[str]:
"""
Looking for Plugin name: <Some name> in <object/advanced.php>
headers
"""
if not os.path.exists(activated_plugin):
return None
# must be enough to loop through headers
max_top_lines_count = 30
r = re.compile(r'^.*plugin name:\s*(?P<plugin_name>[\w ]+)\s*$', re.IGNORECASE)
with open(activated_plugin, errors='ignore') as f:
for _ in range(max_top_lines_count):
line = f.readline()
match = r.search(line)
if match is not None:
return match.group('plugin_name')
return None
def get_wp_paths_with_enabled_module(user, user_wp_paths, plugin='object_cache'):
"""
Filter user`s wp paths with paths with enabled module
"""
paths_with_enabled_module = []
try:
home = ClPwd().get_homedir(user)
except ClPwd.NoSuchUserException:
return []
config = os.path.join(home, '.clwpos', 'clwpos_config.json')
if not os.path.exists(config):
return []
try:
with open(config, errors='ignore') as f:
conf = f.read()
data = json.loads(conf)
except Exception:
return []
modules_data = data.get('docroots', {}).get('public_html', {})
for wp_path in user_wp_paths:
if wp_path in modules_data and plugin in modules_data[wp_path]:
paths_with_enabled_module.append(wp_path)
return paths_with_enabled_module
|