hiddifypanel 10.20.3__py3-none-any.whl → 10.30.0.dev0__py3-none-any.whl

hiddifypanel/panel/admin/SettingAdmin.py

@@ -16,6 +16,7 @@ from flask_bootstrap import SwitchField
 # from gettext import gettext as _
 from flask_classful import FlaskView
 from flask_wtf import FlaskForm
+from bleach import clean as bleach_clean
 
 
 from hiddifypanel.models import BoolConfig, StrConfig, ConfigEnum, hconfig, ConfigCategory
@@ -66,7 +67,7 @@ class SettingAdmin(FlaskView):
                                             return render_template('config.html', form=form)
                             if k == ConfigEnum.parent_panel and v != '':
                                 # v=(v+"/").replace("/admin",'')
-                                v = re.sub("(/admin/.*)", "/", v)
+                                v = re.sub("(/admin/.*)", "/", v) + ("/" if not v.endswith("/") else "")
 
                         if old_configs[k] != v:
                             changed_configs[k] = v
@@ -91,6 +92,10 @@ class SettingAdmin(FlaskView):
                     parent_apikey = uuid
 
             for k, v in changed_configs.items():
+                # html inputs santitizing
+                san_items = {ConfigEnum.branding_title, ConfigEnum.branding_site, ConfigEnum.branding_freetext}
+                if k in san_items:
+                    v = bleach_clean(v)
                 set_hconfig(k, v, commit=False)
 
             db.session.commit()
@@ -112,10 +117,7 @@ class SettingAdmin(FlaskView):
             # sync with parent if needed
             if hutils.node.is_child():
                 if hutils.node.child.is_registered():
-                    if not hutils.node.child.sync_with_parent():
-                        hutils.flask.flash(_('child.sync-failed'), 'danger')  # type: ignore
-                    else:  # TODO: it's just for debuging
-                        hutils.flask.flash(_('child.sync-success'))  # type: ignore
+                    hutils.node.run_node_op_in_bg(hutils.node.child.sync_with_parent, *[hutils.node.child.SyncFields.hconfigs])
                 else:
                     name = hconfig(ConfigEnum.unique_id)
                     parent_info = hutils.node.get_panel_info(hconfig(ConfigEnum.parent_domain), hconfig(ConfigEnum.parent_admin_proxy_path), parent_apikey)

hiddifypanel/panel/admin/Terminal.py

@@ -1,4 +1,3 @@
-# #!/usr/bin/env python3
 # from hiddifypanel.database import db
 # import uuid
 # from flask_babel import gettext as _

hiddifypanel/panel/admin/UserAdmin.py

@@ -151,7 +151,7 @@ class UserAdmin(AdminLTEModelView):
         <i class='fa-solid fa-arrow-up-right-from-square'></i> 
         {_("Current Domain")} </a>"""
 
-        domains = [d for d in get_panel_domains() if d.domain != request.host]
+        domains = [d for d in Domain.get_domains() if d.domain != request.host]
         return Markup(link + " ".join([hiddify.get_html_user_link(model, d) for d in domains]))
 
     # def _usage_formatter(view, context, model, name):
@@ -300,14 +300,15 @@ class UserAdmin(AdminLTEModelView):
         hiddify.quick_apply_users()
 
         if hutils.node.is_parent():
-            hutils.node.parent.request_childs_to_sync()
+            hutils.node.run_node_op_in_bg(hutils.node.parent.request_childs_to_sync)
+            
 
     def after_model_delete(self, model):
         user_driver.remove_client(model)
         hiddify.quick_apply_users()
 
         if hutils.node.is_parent():
-            hutils.node.parent.request_childs_to_sync()
+            hutils.node.run_node_op_in_bg(hutils.node.parent.request_childs_to_sync)
 
     def get_list(self, page, sort_column, sort_desc, search, filters, page_size=50, *args, **kwargs):
         res = None

hiddifypanel/panel/cli.py

@@ -53,7 +53,6 @@ def all_configs():
     configs = {
         "users": valid_users,
         "domains": [u.to_dict(dump_ports=True, dump_child_id=True) for u in Domain.query.filter(Domain.child_id.in_(host_child_ids)).all() if "*" not in u.domain],
-        # "parent_domains": [hiddify.parent_domain_dict(u) for u in ParentDomain.query.all()],
         # "hconfigs": get_hconfigs(json=True),
         "chconfigs": get_hconfigs_childs(host_child_ids, json=True)
     }
@@ -70,7 +69,7 @@ def all_configs():
     configs['panel_links'] = []
     configs['panel_links'].append(hiddify.get_account_panel_link(owner, server_ip, is_https=False))
     configs['panel_links'].append(hiddify.get_account_panel_link(owner, server_ip))
-    domains = get_panel_domains()
+    domains = Domain.get_domains()
 
     for d in domains:
         configs['panel_links'].append(hiddify.get_account_panel_link(owner, d.domain))
@@ -82,18 +81,13 @@ def update_usage():
     print(usage.update_local_usage())
 
 
-def test():
-    print(ConfigEnum("auto_update1"))
-
-
 def admin_links():
-
     server_ip = hutils.network.get_ip_str(4)
     owner = AdminUser.get_super_admin()
 
     admin_links = f"Not Secure (do not use it - only if others not work):\n   {hiddify.get_account_panel_link(owner, server_ip,is_https=True)}\n"
 
-    domains = get_panel_domains()
+    domains = Domain.get_domains()
     admin_links += f"Secure:\n"
     if not any([d for d in domains if 'sslip.io' not in d.domain]):
         admin_links += f"   (not signed) {hiddify.get_account_panel_link(owner, server_ip)}\n"
@@ -108,19 +102,15 @@ def admin_links():
 def admin_path():
     admin = AdminUser.get_super_admin()
     # WTF is the owner and server_id?
-    domain = get_panel_domains()[0]
+    domain = Domain.get_domains()[0]
     print(hiddify.get_account_panel_link(admin, domain, prefere_path_only=True))
 
 
-# def get_this_host_domains():
-#     current_child_ids
-
-
 def hysteria_domain_port():
     if not hconfig(ConfigEnum.hysteria_enable):
         return
     out = []
-    for i, domain in enumerate(Domain.query.filter(Domain.mode.in_([DomainType.direct, DomainType.relay, DomainType.fake])).all()):
+    for domain in Domain.query.filter(Domain.mode.in_([DomainType.direct, DomainType.relay, DomainType.fake])).all():
         out.append(f"{domain.domain}:{int(hconfig(ConfigEnum.hysteria_port))+domain.id}")
     print(";".join(out))
 
@@ -129,26 +119,25 @@ def tuic_domain_port():
     if not hconfig(ConfigEnum.tuic_enable):
         return
     out = []
-    for i, domain in enumerate(Domain.query.filter(Domain.mode.in_([DomainType.direct, DomainType.relay, DomainType.fake])).all()):
+    for domain in Domain.query.filter(Domain.mode.in_([DomainType.direct, DomainType.relay, DomainType.fake])).all():
         out.append(f"{domain}:{int(hconfig(ConfigEnum.tuic_port))+domain.id}")
     print(";".join(out))
 
 
 def init_app(app):
-    # add multiple commands in a bulk
-    # print(app.config['SQLALCHEMY_DATABASE_URI'] )
-    for command in [hysteria_domain_port, tuic_domain_port, init_db, drop_db, all_configs, update_usage, test, admin_links, admin_path, backup, downgrade]:
+    for command in [hysteria_domain_port, tuic_domain_port, init_db, drop_db, all_configs, update_usage, admin_links, admin_path, backup, downgrade]:
         app.cli.add_command(app.cli.command()(command))
 
     @ app.cli.command()
     @ click.option("--domain", "-d")
-    def add_domain(domain):
-        # TODO: Fix this
+    @ click.option("--mode", "-m")
+    def add_domain(domain, mode):
         if Domain.query.filter(Domain.domain == domain).first():
             return "Domain already exist."
-        d = Domain(domain=domain)
-        if not hutils.node.is_parent():
-            d.mode = DomainType.direct
+        d = Domain()
+        d.domain = domain
+        d.mode = mode
+        d.sub_link_only = True if mode == DomainType.sub_link_only else False
         db.session.add(d)
         db.session.commit()
         return "success"
@@ -236,3 +225,27 @@ def init_app(app):
             print('success')
         except Exception as e:
             print(f'failed to import xui data: Error: {e}')
+
+    @ app.cli.command()
+    def tgbot_info():
+        if not hconfig(ConfigEnum.telegram_bot_token):
+            print('You didn\'t specified your telegram bot token')
+            return
+
+        from hiddifypanel.panel.commercial.telegrambot import bot, register_bot
+        if not bot.token:
+            register_bot(True)
+        info = bot.get_me().to_dict()
+        hook_data = bot.get_webhook_info()
+        hook_info = {
+            'url': hook_data.url,
+            'ip': hook_data.ip_address,
+            'last_error_msg': hook_data.last_error_message if hook_data.last_error_message else '',
+            'last_error_time': datetime.datetime.fromtimestamp(int(hook_data.last_error_date)).strftime('%Y-%m-%d %H:%M:%S') if hook_data.last_error_date else ''
+        }
+
+        output = {
+            'general': info,
+            'webhook': hook_info
+        }
+        print(json.dumps(output, indent=4))

hiddifypanel/panel/commercial/ProxyDetailsAdmin.py

@@ -44,15 +44,13 @@ class ProxyDetailsAdmin(AdminLTEModelView):
 
     def after_model_change(self, form, model, is_created):
         if hutils.node.is_child():
-            if not hutils.node.child.sync_with_parent():
-                hutils.flask.flash(_('child.sync-failed'), 'danger')  # type: ignore
+            hutils.node.run_node_op_in_bg(hutils.node.child.sync_with_parent, *[hutils.node.child.SyncFields.proxies])
         hutils.proxy.get_proxies.invalidate_all()
         pass
 
     def after_model_delete(self, model):
         if hutils.node.is_child():
-            if not hutils.node.child.sync_with_parent():
-                hutils.flask.flash(_('child.sync-failed'), 'danger')  # type: ignore
+            hutils.node.run_node_op_in_bg(hutils.node.child.sync_with_parent, *[hutils.node.child.SyncFields.proxies])
         hutils.proxy.get_proxies.invalidate_all()
         pass
 

hiddifypanel/panel/commercial/restapi/v1/tgbot.py

@@ -17,7 +17,7 @@ bot = telebot.TeleBot("", parse_mode="HTML", threaded=False, exception_handler=E
 bot.username = ''
 
 
-def register_bot(set_hook=False):
+def register_bot(set_hook=False, remove_hook=False):
     try:
         global bot
         token = hconfig(ConfigEnum.telegram_bot_token)
@@ -27,9 +27,12 @@ def register_bot(set_hook=False):
                 bot.username = bot.get_me().username
             except BaseException:
                 pass
-            # bot.remove_webhook()
-            # time.sleep(0.1)
-            domain = get_panel_domains()[0].domain
+            if remove_hook:
+                bot.remove_webhook()
+            domain = Domain.get_panel_link()
+            if not domain:
+                raise Exception('Cannot get valid domain for setting telegram bot webhook')
+
             admin_proxy_path = hconfig(ConfigEnum.proxy_path_admin)
 
             user_secret = AdminUser.get_super_admin_uuid()

hiddifypanel/panel/commercial/restapi/v2/admin/__init__.py

@@ -1,7 +1,6 @@
-from apiflask import APIBlueprint, Schema
-from apiflask.fields import Integer, String
+from apiflask import APIBlueprint
 from flask import g
-from hiddifypanel.models import AdminUser
+from hiddifypanel.models import AdminUser, User
 
 bp = APIBlueprint("api_admin", __name__, url_prefix="/<proxy_path>/api/v2/admin/", enable_openapi=True)
 
@@ -14,21 +13,26 @@ def init_app(app):
         from .admin_user_api import AdminUserApi
         from .admin_users_api import AdminUsersApi
         from .admin_log_api import AdminLogApi
-        bp.add_url_rule('/me/', view_func=AdminInfoApi)
-        bp.add_url_rule('/server_status/', view_func=AdminServerStatusApi)
-        bp.add_url_rule('/admin_user/<uuid:uuid>/', view_func=AdminUserApi)
-        bp.add_url_rule('/admin_user/', view_func=AdminUsersApi)
-        bp.add_url_rule('/log/', view_func=AdminLogApi)
+        bp.add_url_rule('/me/', view_func=AdminInfoApi)  # type: ignore
+        bp.add_url_rule('/server_status/', view_func=AdminServerStatusApi)  # type: ignore
+        bp.add_url_rule('/admin_user/<uuid:uuid>/', view_func=AdminUserApi)  # type: ignore
+        bp.add_url_rule('/admin_user/', view_func=AdminUsersApi)  # type: ignore
+        bp.add_url_rule('/log/', view_func=AdminLogApi)  # type: ignore
 
         from .user_api import UserApi
         from .users_api import UsersApi
-        bp.add_url_rule('/user/<uuid:uuid>/', view_func=UserApi)
-        bp.add_url_rule('/user/', view_func=UsersApi)
+        bp.add_url_rule('/user/<uuid:uuid>/', view_func=UserApi)  # type: ignore
+        bp.add_url_rule('/user/', view_func=UsersApi)  # type: ignore
     app.register_blueprint(bp)
 
 
 def has_permission(model) -> bool:
     '''Check if the authenticated account has permission to do an action(get,insert,update,delete) on the another admin'''
-    if not g.account.uuid != AdminUser.get_super_admin_uuid() and model.added_by != g.account.id:  # type: ignore
-        return False
-    return True
+    if g.account.uuid == AdminUser.get_super_admin_uuid():
+        return True
+    if isinstance(model, AdminUser) and model.parent_admin_id == g.account.id:
+        return True
+    elif isinstance(model, User) and model.added_by == g.account.id:
+        return True
+
+    return False

hiddifypanel/panel/commercial/restapi/v2/admin/admin_info_api.py

@@ -3,7 +3,7 @@ from flask import g
 from flask.views import MethodView
 from apiflask import abort
 from hiddifypanel.auth import login_required
-from hiddifypanel.models.admin import AdminUser
+from hiddifypanel.models.admin import AdminMode, AdminUser
 from hiddifypanel.models.config_enum import ConfigEnum, Lang
 from hiddifypanel.models.config import hconfig
 from hiddifypanel.models.role import Role
@@ -15,7 +15,6 @@ class AdminInfoApi(MethodView):
 
     @app.output(AdminSchema)  # type: ignore
     def get(self):
-        # admin = AdminUser.by_uuid(g.account.uuid) or abort(404, "user not found")
         admin = g.account or abort(404, "user not found")
 
         dto = AdminSchema()
@@ -24,7 +23,9 @@ class AdminInfoApi(MethodView):
         dto.uuid = admin.uuid  # type: ignore
         dto.mode = admin.mode  # type: ignore
         dto.can_add_admin = admin.can_add_admin  # type: ignore
-        dto.parent_admin_uuid = AdminUser.query.filter(AdminUser.id == admin.parent_admin_id).first().uuid or 'None'  # type: ignore
+        if g.account.mode == AdminMode.super_admin:
+            if parent := AdminUser.by_id(admin.parent_admin_id):
+                dto.parent_admin_uuid = parent.uuid
         dto.telegram_id = admin.telegram_id or 0  # type: ignore
         dto.lang = Lang(hconfig(ConfigEnum.admin_lang))  # type: ignore
         return dto

hiddifypanel/panel/commercial/restapi/v2/admin/admin_user_api.py

@@ -6,7 +6,7 @@ from hiddifypanel.auth import login_required
 from hiddifypanel.models import *
 
 from . import has_permission
-from .schema import AdminSchema, PatchAdminSchema, SuccessfulSchema
+from .schema import AdminSchema, PutAdminSchema, PatchAdminSchema, SuccessfulSchema
 
 
 class AdminUserApi(MethodView):
@@ -14,28 +14,46 @@ class AdminUserApi(MethodView):
 
     @app.output(AdminSchema)  # type: ignore
     def get(self, uuid):
-        admin = AdminUser.by_uuid(uuid) or abort(404, "admin not found")
+        admin = AdminUser.by_uuid(uuid) or abort(404, "Admin not found")
         if not has_permission(admin):
-            abort(403, "You don't have permission to access this admin")
-        return admin.to_dict()  # type: ignore
+            abort(403, "you don't have permission to access this admin")
+        return admin.to_schema()  # type: ignore
+
+    @app.input(PutAdminSchema, arg_name='data')  # type: ignore
+    @app.output(SuccessfulSchema)  # type: ignore
+    def put(self, uuid, data):
+        if AdminUser.by_uuid(uuid):
+            abort(400, "The admin exists")
+        data['uuid'] = uuid
+
+        if not data.get('added_by_uuid'):
+            data['added_by_uuid'] = g.account.uuid
+
+        _ = AdminUser.add_or_update(**data) or abort(502, "Unknown issue: Admin is not added")
+        return {'status': 200, 'msg': 'ok'}
 
     @app.input(PatchAdminSchema, arg_name='data')  # type: ignore
     @app.output(SuccessfulSchema)  # type: ignore
     def patch(self, uuid, data):
-        admin = AdminUser.by_uuid(uuid) or abort(404, "admin not found")
+        admin = AdminUser.by_uuid(uuid) or abort(404, "Admin not found")
         if not has_permission(admin):
             abort(403, "You don't have permission to access this admin")
 
-        data['uuid'] = uuid
-        if not data.get('added_by_uuid'):
-            data['added_by_uuid'] = g.account.uuid
+        for field in AdminUser.__table__.columns.keys():  # type: ignore
+            if field in ['id', 'parent_admin_id']:
+                continue
+            if field not in data:
+                data[field] = getattr(admin, field)
 
-        AdminUser.add_or_update(**data)
+        _ = AdminUser.add_or_update(True, **data) or abort(502, "Unknown issue: Admin is not patched")
+        # the add_or_update doesn't update the uuid of AdminUser, so for now just delete old admin after adding new
+        if admin.uuid != data['uuid']:
+            admin.remove()
         return {'status': 200, 'msg': 'ok'}
 
     @app.output(SuccessfulSchema)  # type: ignore
     def delete(self, uuid):
-        admin = AdminUser.by_uuid(uuid) or abort(404, "admin not found")
+        admin = AdminUser.by_uuid(uuid) or abort(404, "Admin not found")
         if not has_permission(admin):
             abort(403, "You don't have permission to access this admin")
         admin.remove()  # type: ignore

hiddifypanel/panel/commercial/restapi/v2/admin/admin_users_api.py

@@ -4,7 +4,7 @@ from apiflask import abort
 from flask.views import MethodView
 from hiddifypanel.auth import login_required
 from hiddifypanel.models.role import Role
-from .admin_user_api import AdminSchema, has_permission
+from .admin_user_api import AdminSchema
 from hiddifypanel.models import AdminUser
 
 
@@ -14,21 +14,4 @@ class AdminUsersApi(MethodView):
     @app.output(AdminSchema(many=True))  # type: ignore
     def get(self):
         admins = AdminUser.query.filter(AdminUser.id.in_(g.account.recursive_sub_admins_ids())).all() or abort(404, "You have no admin")
-        return [admin.to_dict() for admin in admins]  # type: ignore
-
-    @app.input(AdminSchema, arg_name='data')  # type: ignore
-    @app.output(AdminSchema)  # type: ignore
-    def put(self, data):
-        uuid = data.get('uuid') or abort(422, "Parameter issue: 'uuid'")
-        admin = AdminUser.by_uuid(uuid)  # type: ignore
-
-        if not data.get('added_by_uuid'):
-            data['added_by_uuid'] = g.account.uuid
-
-        # update check permission
-        if admin:
-            if not has_permission(admin):
-                abort(403, "You don't have permission to access this admin")
-
-        dbadmin = AdminUser.add_or_update(**data) or abort(502, "Unknown issue: Admin is not added")
-        return dbadmin.to_dict()  # type: ignore
+        return [admin.to_schema() for admin in admins]  # type: ignore

hiddifypanel/panel/commercial/restapi/v2/admin/schema.py

@@ -27,7 +27,7 @@ class FriendlyUUID(fields.Field):
         if value is None:
             return None
         try:
-            return uuid.UUID(value)
+            return str(uuid.UUID(value))
         except ValueError:
             self.fail('Invalid uuid')
 
@@ -71,6 +71,11 @@ class UserSchema(Schema):
         description="The last time the user's data usage was reset, in a JSON-friendly format",
         allow_none=True
     )
+    # expiry_time = Date(
+    #     format='%Y-%m-%d',
+    #     description="The expiry time of the user's package, in a JSON-friendly format",
+    #     allow_none=True
+    # )
     comment = String(
         missing=None,
         allow_none=True,
@@ -115,13 +120,21 @@ class UserSchema(Schema):
     )
 
     lang = Enum(Lang, required=False, allow_none=True, description="The language of the user")
+    enable = Boolean(required=False, description="Whether the user is enabled or not")
+
+
+class PutUserSchema(UserSchema):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        # the uuid is sent in the url path
+        self.fields['uuid'].required = False
 
 
 class PatchUserSchema(UserSchema):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
+        self.fields['uuid'].required = False
         self.fields['name'].required = False
-    pass
 
 # endregion
 
@@ -134,21 +147,31 @@ class AdminSchema(Schema):
     uuid = FriendlyUUID(required=True, description='The unique identifier for the admin')
     mode = Enum(AdminMode, required=True, description='The mode for the admin')
     can_add_admin = Boolean(required=True, description='Whether the admin can add other admins')
-    parent_admin_uuid = FriendlyUUID(description='The unique identifier for the parent admin', allow_none=True,
+    parent_admin_uuid = FriendlyUUID(required=False, description='The unique identifier for the parent admin', allow_none=True,
                                      # validate=OneOf([p.uuid for p in AdminUser.query.all()])
                                      )
     telegram_id = Integer(required=False, description='The Telegram ID associated with the admin', allow_none=True)
     lang = Enum(Lang, required=True)
+    max_users = Integer(required=False, description='The maximum number of users allowed', allow_none=True)
+    max_active_users = Integer(required=False, description='The maximum number of active users allowed', allow_none=True)
+
+
+class PutAdminSchema(AdminSchema):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        # the uuid is sent in the url path
+        self.fields['uuid'].required = False
 
 
 class PatchAdminSchema(AdminSchema):
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
+        self.fields['uuid'].required = False
         self.fields['name'].required = False
         self.fields['mode'].required = False
         self.fields['lang'].required = False
         self.fields['can_add_admin'].required = False
-    pass
+
 # endregion
 
 

hiddifypanel/panel/commercial/restapi/v2/admin/user_api.py

@@ -9,7 +9,7 @@ from hiddifypanel.drivers import user_driver
 from hiddifypanel.panel import hiddify
 
 from . import has_permission
-from .schema import UserSchema, PatchUserSchema, SuccessfulSchema
+from .schema import UserSchema, PutUserSchema, PatchUserSchema, SuccessfulSchema
 
 
 class UserApi(MethodView):
@@ -17,11 +17,26 @@ class UserApi(MethodView):
 
     @app.output(UserSchema)  # type: ignore
     def get(self, uuid):
-        user = User.by_uuid(uuid) or abort(404, "user not found")
+        user = User.by_uuid(uuid) or abort(404, "User not found")
         if not has_permission(user):
             abort(403, "You don't have permission to access this user")
 
-        return user.to_dict(False)  # type: ignore
+        return user.to_schema()  # type: ignore
+
+    @app.input(PutUserSchema, arg_name="data")  # type: ignore
+    @app.output(SuccessfulSchema)  # type: ignore
+    def put(self, uuid, data):
+        if User.by_uuid(uuid):
+            abort(400, 'The user exists')
+        data['uuid'] = uuid
+
+        if not data.get('added_by_uuid'):
+            data['added_by_uuid'] = g.account.uuid
+
+        dbuser = User.add_or_update(**data) or abort(502, "Unknown issue: User is not added")
+        user_driver.add_client(dbuser)
+        hiddify.quick_apply_users()
+        return {'status': 200, 'msg': 'ok'}
 
     @app.input(PatchUserSchema, arg_name="data")  # type: ignore
     @app.output(SuccessfulSchema)  # type: ignore
@@ -30,13 +45,17 @@ class UserApi(MethodView):
         if not has_permission(user):
             abort(403, "You don't have permission to access this user")
 
-        data['uuid'] = uuid
-        if not data.get('added_by_uuid'):
-            data['added_by_uuid'] = g.account.uuid
+        for field in User.__table__.columns.keys():  # type: ignore
+            if field in ['id', 'expiry_time']:
+                continue
+            if field not in data:
+                data[field] = getattr(user, field)
 
-        User.add_or_update(**data)  # type: ignore
-        user = User.by_uuid(uuid) or abort(502, "unknown issue! user is not added")
-        user_driver.add_client(user)
+        dbuser = User.add_or_update(**data) or abort(502, "Unknown issue! User is not patched")
+        user_driver.add_client(dbuser)
+        # the add_or_update doesn't update the uuid of User, so for now just delete old user after adding new
+        if user.uuid != data['uuid']:
+            user.remove()
         hiddify.quick_apply_users()
         return {'status': 200, 'msg': 'ok'}
 

hiddifypanel/panel/commercial/restapi/v2/admin/users_api.py

@@ -16,24 +16,4 @@ class UsersApi(MethodView):
     @app.output(UserSchema(many=True))  # type: ignore
     def get(self):
         users = User.query.filter(User.added_by.in_(g.account.recursive_sub_admins_ids())).all() or abort(404, "You have no user")
-        return [user.to_dict(False) for user in users]  # type: ignore
-
-    @app.input(UserSchema, arg_name="data")  # type: ignore
-    @app.output(UserSchema)  # type: ignore
-    def put(self, data):
-        uuid = data.get('uuid') or abort(422, "Parameter issue: 'uuid'")
-        user = User.by_uuid(uuid)  # type: ignore
-
-        if not data.get('added_by_uuid'):
-            data['added_by_uuid'] = g.account.uuid
-
-        # update check permission
-        if user:
-            if not has_permission(user):
-                abort(403, "You don't have permission to access this user")
-        User.add_or_update(**data)  # type: ignore
-
-        dbuser = User.by_uuid(data['uuid']) or abort(502, "Unknown issue: User is not added")
-        user_driver.add_client(dbuser)
-        hiddify.quick_apply_users()
-        return dbuser.to_dict(False)  # type: ignore
+        return [user.to_schema() for user in users]  # type: ignore

hiddifypanel/panel/commercial/restapi/v2/parent/register_api.py

@@ -41,7 +41,7 @@ class RegisterApi(MethodView):
             logger.info("Adding users...")
             User.bulk_register(data['panel_data']['users'], commit=False)
             logger.info("Adding domains...")
-            bulk_register_domains(data['panel_data']['domains'], commit=False, force_child_unique_id=child.unique_id)
+            Domain.bulk_register(data['panel_data']['domains'], commit=False, force_child_unique_id=child.unique_id)
             logger.info("Adding hconfigs...")
             bulk_register_configs(data['panel_data']['hconfigs'], commit=False, froce_child_unique_id=child.unique_id)
             logger.info("Adding proxies...")

hiddifypanel/panel/commercial/restapi/v2/parent/schema.py

@@ -64,12 +64,16 @@ class UsageInputOutputSchema(Schema):
 
 # region sync
 class SyncInputSchema(Schema):
+    domains = fields.List(fields.Nested(DomainSchema), required=False, description="The list of domains")
+    proxies = fields.List(fields.Nested(ProxySchema), required=False, description="The list of proxies")
+    hconfigs = fields.List(fields.Nested(HConfigSchema), required=False, description="The list of configs")
     # users = fields.List(fields.Nested(UserSchema),required=True,description="The list of users")
-    domains = fields.List(fields.Nested(DomainSchema), required=True, description="The list of domains")
-    proxies = fields.List(fields.Nested(ProxySchema), required=True, description="The list of proxies")
-    # parent_domains = fields.List(fields.Nested(ParentDomainSchema),required=True,description="The list of parent domains")
     # admin_users = fields.List(fields.Nested(AdminSchema),required=True,description="The list of admin users")
-    hconfigs = fields.List(fields.Nested(HConfigSchema), required=True, description="The list of configs")
+
+    def validate(self, data, **kwargs):
+        if not (data.get("domains") or data.get("proxies") or data.get("hconfigs")):
+            raise ValidationError("At least one field must exist (domains, proxies, or hconfigs)")
+        return data
 
 
 class SyncOutputSchema(Schema):

hiddifypanel/panel/commercial/restapi/v2/parent/sync_api.py

@@ -34,11 +34,27 @@ class SyncApi(MethodView):
 
         try:
             logger.info("Syncing domains...")
-            bulk_register_domains(data['domains'], commit=False, force_child_unique_id=child.unique_id)
+            if data.get('domains'):
+                logger.info("Inserting domains into database")
+                Domain.bulk_register(data['domains'], commit=False, force_child_unique_id=child.unique_id)
+            else:
+                logger.info("Domains field is empty")
+
             logger.info("Syncing hconfigs...")
-            bulk_register_configs(data['hconfigs'], commit=False, froce_child_unique_id=child.unique_id)
+            if data.get('hconfigs'):
+                logger.info("Inserting hconfigs into database")
+                bulk_register_configs(data['hconfigs'], commit=False, froce_child_unique_id=child.unique_id)
+            else:
+                logger.info("Hconfigs field is empty")
+
             logger.info("Syncing proxies...")
-            Proxy.bulk_register(data['proxies'], commit=False, force_child_unique_id=child.unique_id)
+            if data.get('proxies'):
+                logger.info("Inserting proxies into database")
+                Proxy.bulk_register(data['proxies'], commit=False, force_child_unique_id=child.unique_id)
+            else:
+                logger.info("Proxies field is empty")
+
+            logger.info("Commit changes to database")
             db.session.commit()  # type: ignore
         except Exception as err:
             with logger.contextualize(error=err):