django-cfg 1.4.86__py3-none-any.whl → 1.4.88__py3-none-any.whl

django_cfg/__init__.py

@@ -32,7 +32,7 @@ Example:
 default_app_config = "django_cfg.apps.DjangoCfgConfig"
 
 # Version information
-__version__ = "1.4.86"
+__version__ = "1.4.88"
 __license__ = "MIT"
 
 # Import registry for organized lazy loading

django_cfg/apps/dashboard/permissions.py

@@ -0,0 +1,48 @@
+"""
+Dashboard Permissions
+
+Custom permission classes for dashboard API endpoints.
+"""
+
+from rest_framework.permissions import BasePermission
+
+
+class IsSuperAdmin(BasePermission):
+    """
+    Permission that allows access only to superusers.
+
+    More restrictive than IsAdminUser - requires is_superuser flag.
+    Use for sensitive operations like command execution.
+    """
+
+    def has_permission(self, request, view):
+        """Check if user is authenticated and is a superuser."""
+        return bool(
+            request.user and
+            request.user.is_authenticated and
+            request.user.is_superuser
+        )
+
+
+class IsStaffOrReadOnly(BasePermission):
+    """
+    Permission that allows read access to staff,
+    but write access only to superusers.
+    """
+
+    def has_permission(self, request, view):
+        """Check permissions based on request method."""
+        # Read permissions are allowed to any staff user
+        if request.method in ['GET', 'HEAD', 'OPTIONS']:
+            return bool(
+                request.user and
+                request.user.is_authenticated and
+                request.user.is_staff
+            )
+
+        # Write permissions are only allowed to superusers
+        return bool(
+            request.user and
+            request.user.is_authenticated and
+            request.user.is_superuser
+        )

django_cfg/apps/dashboard/serializers/__init__.py

@@ -15,7 +15,12 @@ from .charts import (
     ActivityTrackerDaySerializer,
     RecentUserSerializer,
 )
-from .commands import CommandSerializer, CommandsSummarySerializer
+from .commands import (
+    CommandSerializer,
+    CommandsSummarySerializer,
+    CommandExecuteRequestSerializer,
+    CommandHelpResponseSerializer,
+)
 from .apizones import APIZoneSerializer, APIZonesSummarySerializer
 
 __all__ = [
@@ -48,6 +53,8 @@ __all__ = [
     # Commands
     'CommandSerializer',
     'CommandsSummarySerializer',
+    'CommandExecuteRequestSerializer',
+    'CommandHelpResponseSerializer',
 
     # API Zones
     'APIZoneSerializer',

django_cfg/apps/dashboard/serializers/commands.py

@@ -14,6 +14,8 @@ class CommandSerializer(serializers.Serializer):
     help = serializers.CharField()
     is_core = serializers.BooleanField()
     is_custom = serializers.BooleanField()
+    is_allowed = serializers.BooleanField(required=False)
+    risk_level = serializers.CharField(required=False)
 
 
 class CommandsSummarySerializer(serializers.Serializer):
@@ -24,3 +26,30 @@ class CommandsSummarySerializer(serializers.Serializer):
     categories = serializers.ListField(child=serializers.CharField())
     commands = CommandSerializer(many=True)
     categorized = serializers.DictField()
+
+
+class CommandExecuteRequestSerializer(serializers.Serializer):
+    """Request serializer for command execution."""
+    command = serializers.CharField(help_text="Name of the Django management command")
+    args = serializers.ListField(
+        child=serializers.CharField(),
+        required=False,
+        default=list,
+        help_text="Positional arguments for the command"
+    )
+    options = serializers.DictField(
+        required=False,
+        default=dict,
+        help_text="Named options for the command (e.g., {'verbosity': '2'})"
+    )
+
+
+class CommandHelpResponseSerializer(serializers.Serializer):
+    """Response serializer for command help."""
+    status = serializers.CharField()
+    command = serializers.CharField()
+    app = serializers.CharField(required=False)
+    help_text = serializers.CharField(required=False)
+    is_allowed = serializers.BooleanField(required=False)
+    risk_level = serializers.CharField(required=False)
+    error = serializers.CharField(required=False)

django_cfg/apps/dashboard/services/commands_security.py

@@ -0,0 +1,228 @@
+"""
+Commands Security Module
+
+Self-contained security logic for Django management commands execution.
+Determines which commands are safe to execute via web interface.
+
+TAGS: commands, security, validation, safety
+"""
+
+import importlib
+import inspect
+import logging
+from typing import Any, Dict, Set
+
+from django.core.management.base import BaseCommand
+
+logger = logging.getLogger(__name__)
+
+
+# Keywords in docstring/code that indicate command should not be in web UI
+DANGEROUS_KEYWORDS: Set[str] = {
+    'questionary', 'input(', 'stdin', 'interactive',  # Requires user input
+    'destructive', 'dangerous', 'irreversible',  # Explicitly marked as dangerous
+    'runserver', 'testserver',  # Dev servers
+}
+
+# Commands that should NEVER appear (absolute blacklist)
+ABSOLUTE_BLACKLIST: Set[str] = {
+    # Destructive database commands
+    'flush', 'sqlflush', 'dbshell',
+
+    # Shell access (security risk)
+    'shell', 'shell_plus',
+
+    # Development server (not for web execution)
+    'runserver', 'testserver', 'runserver_ngrok',
+
+    # Project generation (not applicable in running app)
+    'startapp', 'startproject',
+
+    # SQL commands (direct SQL, potentially dangerous)
+    'sqlmigrate', 'sqlsequencereset',
+}
+
+
+def analyze_command_safety(command_class: BaseCommand, command_name: str) -> Dict[str, Any]:
+    """
+    Analyze command to determine if it's safe for web execution.
+
+    Checks:
+    1. Explicit metadata (web_executable, requires_input, is_destructive)
+    2. Docstring analysis for dangerous keywords
+    3. Source code analysis for interactive input
+    4. Required arguments analysis
+
+    Returns:
+        Dict with safety analysis results
+    """
+    analysis = {
+        'is_safe': True,
+        'reasons': [],
+        'requires_input': False,
+        'is_destructive': False,
+        'web_executable': None,
+    }
+
+    # Check explicit metadata (highest priority)
+    if hasattr(command_class, 'web_executable'):
+        analysis['web_executable'] = command_class.web_executable
+        if not command_class.web_executable:
+            analysis['is_safe'] = False
+            analysis['reasons'].append('Command explicitly marked as not web-executable')
+            return analysis
+
+    if hasattr(command_class, 'requires_input'):
+        analysis['requires_input'] = command_class.requires_input
+        if command_class.requires_input:
+            analysis['is_safe'] = False
+            analysis['reasons'].append('Command requires interactive input')
+            return analysis
+
+    if hasattr(command_class, 'is_destructive'):
+        analysis['is_destructive'] = command_class.is_destructive
+        if command_class.is_destructive:
+            analysis['is_safe'] = False
+            analysis['reasons'].append('Command is marked as destructive')
+            return analysis
+
+    # Analyze docstring for dangerous keywords
+    docstring = (inspect.getdoc(command_class) or '').lower()
+    for keyword in DANGEROUS_KEYWORDS:
+        if keyword in docstring:
+            analysis['is_safe'] = False
+            analysis['reasons'].append(f'Docstring contains dangerous keyword: {keyword}')
+            return analysis
+
+    # Analyze source code for interactive input
+    try:
+        source = inspect.getsource(command_class)
+        if 'questionary' in source or 'input(' in source:
+            analysis['is_safe'] = False
+            analysis['requires_input'] = True
+            analysis['reasons'].append('Command requires interactive user input')
+            return analysis
+    except Exception:
+        # Can't analyze source, be safe
+        pass
+
+    return analysis
+
+
+def is_command_allowed(command_name: str, app_name: str) -> bool:
+    """
+    Check if command should be allowed for web execution.
+
+    Priority:
+    1. Custom blacklist from settings (DJANGO_CFG_COMMANDS_BLACKLIST)
+    2. Absolute blacklist - always exclude
+    3. Custom whitelist from settings (DJANGO_CFG_COMMANDS_WHITELIST)
+    4. Command metadata analysis (web_executable, requires_input, etc.)
+    5. django_cfg apps - analyze each command
+    6. Django core - be selective (only safe utility commands)
+    7. Third party - only if explicitly whitelisted
+
+    You can customize filtering in settings.py:
+
+        DJANGO_CFG_COMMANDS_BLACKLIST = {'my_dangerous_command'}
+        DJANGO_CFG_COMMANDS_WHITELIST = {'my_safe_command'}
+
+    Or add metadata to your Command class:
+
+        class Command(BaseCommand):
+            web_executable = True  # Allow in web UI
+            requires_input = False  # Doesn't need interactive input
+            is_destructive = False  # Not destructive
+    """
+    from django.conf import settings
+
+    # Custom blacklist from settings (highest priority)
+    custom_blacklist = getattr(settings, 'DJANGO_CFG_COMMANDS_BLACKLIST', set())
+    if command_name in custom_blacklist:
+        logger.info(f"Command {command_name} blocked by custom blacklist")
+        return False
+
+    # Absolute blacklist
+    if command_name in ABSOLUTE_BLACKLIST:
+        logger.info(f"Command {command_name} blocked by absolute blacklist")
+        return False
+
+    # Custom whitelist from settings
+    custom_whitelist = getattr(settings, 'DJANGO_CFG_COMMANDS_WHITELIST', set())
+    if command_name in custom_whitelist:
+        logger.info(f"Command {command_name} allowed by custom whitelist")
+        return True
+
+    # Load and analyze command
+    try:
+        # Determine module path
+        if app_name == 'django_cfg':
+            module_path = f'django_cfg.management.commands.{command_name}'
+        elif app_name.startswith('django.'):
+            module_path = f'{app_name}.management.commands.{command_name}'
+        else:
+            module_path = f'{app_name}.management.commands.{command_name}'
+
+        command_module = importlib.import_module(module_path)
+        if hasattr(command_module, 'Command'):
+            command_class = command_module.Command
+
+            # Analyze command safety
+            analysis = analyze_command_safety(command_class, command_name)
+
+            # If command has explicit web_executable metadata, use it
+            if analysis['web_executable'] is not None:
+                return analysis['web_executable']
+
+            # If analysis says it's unsafe, exclude
+            if not analysis['is_safe']:
+                logger.debug(f"Command {command_name} excluded: {', '.join(analysis['reasons'])}")
+                return False
+    except Exception as e:
+        # Can't load/analyze command
+        logger.debug(f"Could not analyze command {command_name}: {e}")
+        # Be conservative - if we can't analyze, exclude unless from trusted source
+        pass
+
+    # Django CFG commands - include if analysis passed
+    if app_name == 'django_cfg':
+        return True
+
+    # Safe Django core commands (utility/read-only)
+    safe_django_core = {
+        'check', 'diffsettings', 'showmigrations',
+        'createcachetable', 'sendtestemail',
+    }
+    if app_name.startswith('django.') and command_name in safe_django_core:
+        return True
+
+    # Exclude other Django core by default
+    if app_name.startswith('django.'):
+        logger.debug(f"Command {command_name} excluded (Django core, not in safe list)")
+        return False
+
+    # Third-party apps - only whitelisted
+    logger.debug(f"Command {command_name} excluded (third-party, not whitelisted)")
+    return False
+
+
+def get_command_risk_level(command_name: str, app_name: str) -> str:
+    """
+    Get risk level for a command.
+
+    Returns:
+        'safe', 'caution', or 'dangerous'
+    """
+    if command_name in ABSOLUTE_BLACKLIST:
+        return 'dangerous'
+
+    if app_name == 'django_cfg':
+        return 'safe'
+
+    if app_name.startswith('django.'):
+        safe_commands = {'check', 'diffsettings', 'showmigrations'}
+        if command_name in safe_commands:
+            return 'safe'
+        return 'caution'
+
+    return 'caution'

django_cfg/apps/dashboard/services/commands_service.py

@@ -1,13 +1,18 @@
 """
 Commands Service
 
-Django management commands discovery and documentation.
+Django management commands discovery, documentation, and execution.
 """
 
 import logging
-from typing import Any, Dict, List
+import sys
+import time
+from io import StringIO
+from typing import Any, Dict, Generator, List
 
-from django.core.management import get_commands, load_command_class
+from django.core.management import call_command, get_commands, load_command_class
+
+from .commands_security import is_command_allowed, get_command_risk_level
 
 logger = logging.getLogger(__name__)
 
@@ -26,20 +31,29 @@ class CommandsService:
         """Initialize commands service."""
         self.logger = logger
 
-    def get_all_commands(self) -> List[Dict[str, Any]]:
+    def get_all_commands(self, include_unsafe: bool = False) -> List[Dict[str, Any]]:
         """
-        Get all available Django management commands.
+        Get all available Django management commands (filtered for safety by default).
+
+        Args:
+            include_unsafe: If True, include all commands. If False, only safe commands.
 
         Returns:
-            List of command dictionaries with name, app, help text
+            List of command dictionaries with name, app, help text, safety info
 
-        %%AI_HINT: Uses Django's get_commands() for command discovery%%
+        %%AI_HINT: Uses Django's get_commands() for command discovery with security filtering%%
         """
         try:
             commands_dict = get_commands()
             commands_list = []
 
             for command_name, app_name in commands_dict.items():
+                # Check if command is allowed (unless explicitly including unsafe)
+                is_allowed = is_command_allowed(command_name, app_name)
+
+                if not include_unsafe and not is_allowed:
+                    continue
+
                 try:
                     # Try to load command to get help text
                     command = load_command_class(app_name, command_name)
@@ -47,7 +61,10 @@ class CommandsService:
 
                     # Determine if it's a core Django command or custom
                     is_core = app_name.startswith('django.')
-                    is_custom = not is_core
+                    is_custom = app_name == 'django_cfg'
+
+                    # Get risk level
+                    risk_level = get_command_risk_level(command_name, app_name)
 
                     commands_list.append({
                         'name': command_name,
@@ -55,6 +72,8 @@ class CommandsService:
                         'help': help_text,
                         'is_core': is_core,
                         'is_custom': is_custom,
+                        'is_allowed': is_allowed,
+                        'risk_level': risk_level,
                     })
                 except Exception as e:
                     # If we can't load the command, still include basic info
@@ -64,7 +83,9 @@ class CommandsService:
                         'app': app_name,
                         'help': 'Description unavailable',
                         'is_core': app_name.startswith('django.'),
-                        'is_custom': not app_name.startswith('django.'),
+                        'is_custom': app_name == 'django_cfg',
+                        'is_allowed': is_allowed,
+                        'risk_level': get_command_risk_level(command_name, app_name),
                     })
 
             # Sort by name
@@ -140,3 +161,181 @@ class CommandsService:
                 'commands': [],
                 'categorized': {},
             }
+
+    def get_command_help(self, command_name: str) -> Dict[str, Any]:
+        """
+        Get detailed help text for a specific command.
+
+        Args:
+            command_name: Name of the Django management command
+
+        Returns:
+            Dictionary with help text and command info
+        """
+        try:
+            commands_dict = get_commands()
+
+            if command_name not in commands_dict:
+                return {
+                    'status': 'error',
+                    'error': f"Command '{command_name}' not found",
+                }
+
+            app_name = commands_dict[command_name]
+
+            # Load command class
+            command_class = load_command_class(app_name, command_name)
+            command_instance = command_class()
+
+            # Get parser to extract help
+            parser = command_instance.create_parser('manage.py', command_name)
+            help_text = parser.format_help()
+
+            return {
+                'status': 'success',
+                'command': command_name,
+                'app': app_name,
+                'help_text': help_text,
+                'is_allowed': is_command_allowed(command_name, app_name),
+                'risk_level': get_command_risk_level(command_name, app_name),
+            }
+
+        except Exception as e:
+            self.logger.error(f"Error getting help for command {command_name}: {e}")
+            return {
+                'status': 'error',
+                'error': str(e),
+                'command': command_name,
+            }
+
+    def execute_command(
+        self,
+        command_name: str,
+        args: List[str] = None,
+        options: Dict[str, Any] = None,
+        user=None
+    ) -> Generator[Dict[str, Any], None, None]:
+        """
+        Execute a Django management command and stream output.
+
+        Args:
+            command_name: Name of the command to execute
+            args: List of positional arguments
+            options: Dictionary of command options
+            user: User executing the command (for logging)
+
+        Yields:
+            Dict with execution events (start, output, complete, error)
+
+        Security:
+            - Validates command is allowed via is_command_allowed()
+            - Logs all execution attempts
+            - Captures and streams output safely
+        """
+        args = args or []
+        options = options or {}
+        start_time = time.time()
+
+        try:
+            # Validate command exists
+            commands_dict = get_commands()
+            if command_name not in commands_dict:
+                yield {
+                    'type': 'error',
+                    'error': f"Command '{command_name}' not found",
+                    'available_commands': list(commands_dict.keys())[:20],  # First 20 for reference
+                }
+                return
+
+            app_name = commands_dict[command_name]
+
+            # Security check - validate command is allowed
+            if not is_command_allowed(command_name, app_name):
+                self.logger.warning(
+                    f"Attempted execution of forbidden command '{command_name}' by user {user}"
+                )
+                yield {
+                    'type': 'error',
+                    'error': f"Command '{command_name}' is not allowed via web interface for security reasons",
+                    'suggestion': 'Only safe django_cfg commands and whitelisted utilities can be executed via web.',
+                    'risk_level': get_command_risk_level(command_name, app_name),
+                }
+                return
+
+            # Send start event
+            yield {
+                'type': 'start',
+                'command': command_name,
+                'args': args,
+                'options': options,
+            }
+
+            # Capture command output
+            output_buffer = StringIO()
+            old_stdout = sys.stdout
+            old_stderr = sys.stderr
+
+            try:
+                # Redirect stdout/stderr to buffer
+                sys.stdout = output_buffer
+                sys.stderr = output_buffer
+
+                # Execute command
+                call_command(command_name, *args, **options)
+                return_code = 0
+
+            except Exception as e:
+                # Command execution failed
+                output_buffer.write(f"\nError: {str(e)}\n")
+                return_code = 1
+
+            finally:
+                # Restore stdout/stderr
+                sys.stdout = old_stdout
+                sys.stderr = old_stderr
+
+            # Get all output
+            output = output_buffer.getvalue()
+
+            # Stream output line by line
+            if output:
+                for line in output.split('\n'):
+                    if line.strip():
+                        yield {
+                            'type': 'output',
+                            'line': line,
+                        }
+
+            execution_time = time.time() - start_time
+
+            # Send completion event
+            yield {
+                'type': 'complete',
+                'return_code': return_code,
+                'execution_time': round(execution_time, 2),
+            }
+
+            # Log command execution
+            if return_code == 0:
+                self.logger.info(
+                    f"Command executed: {command_name} {' '.join(args)} "
+                    f"by user {user} in {execution_time:.2f}s"
+                )
+            else:
+                self.logger.error(
+                    f"Command failed: {command_name} {' '.join(args)} "
+                    f"by user {user} in {execution_time:.2f}s"
+                )
+
+        except Exception as e:
+            execution_time = time.time() - start_time
+
+            self.logger.error(
+                f"Command execution error: {command_name} by user {user}: {e}"
+            )
+
+            yield {
+                'type': 'error',
+                'error': str(e),
+                'execution_time': round(execution_time, 2),
+            }