��JFIF�����������$
�������������������������������������� ��� ������
�����
�
�����������
���
����d�d�����������7������������������������ ��
Viewing File: /opt/imunify360/venv/lib/python3.11/site-packages/imav/wordpress/cli.py
"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Copyright © 2019 Cloud Linux Software Inc.
This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import logging
import pwd
import re
from pathlib import Path
from distutils.version import StrictVersion
from defence360agent.utils import (
check_run,
CheckRunError,
async_lru_cache,
)
from imav.wordpress import PLUGIN_PATH, PLUGIN_SLUG
from imav.wordpress.utils import (
build_command_for_user,
get_php_binary_path,
wp_wrapper,
)
from defence360agent.sentry import log_message
from imav.model.wordpress import WPSite
logger = logging.getLogger(__name__)
def _validate_semver(version_str: str) -> bool:
"""Validate if a string is a valid semantic version."""
# Handle None and non-string inputs
if not isinstance(version_str, str):
return False
# Trim the string and return False if empty
trimmed_str = version_str.strip()
if not trimmed_str:
return False
try:
StrictVersion(trimmed_str)
return True
except ValueError:
return False
def _extract_version_from_output(output: str) -> str:
"""
Extract version from WP CLI output, trying both first and last parts.
Args:
output: The raw output from WP CLI
Returns:
The extracted version string or None if no valid version found
"""
if not output:
return None
# Split the output into parts
parts = output.split()
if not parts:
return None
# Try the first part
if len(parts) > 0:
first_part = parts[0].strip()
if _validate_semver(first_part):
return first_part
# Try the last part
if len(parts) > 1:
last_part = parts[-1].strip()
if _validate_semver(last_part):
return last_part
# If neither first nor last part is valid semver, log to sentry
log_message(
"Failed to extract valid semver version from WP CLI output. Output:"
" '{output}'",
format_args={"output": output},
level="warning",
component="wordpress",
fingerprint="wp-plugin-version-extraction-failed",
)
# Return None when no valid semver is found
return None
async def _parse_version_from_plugin_file(site: WPSite) -> str:
"""
Parse the version of imunify-security plugin by reading the main plugin file.
Args:
site: WordPress site object containing docroot path
Returns:
str: Plugin version or None if not found or invalid
"""
content_dir = await get_content_dir(site)
plugin_file = (
content_dir / "plugins" / "imunify-security" / "imunify-security.php"
)
if not plugin_file.exists():
return None
version_pattern = re.compile(r"\* Version:\s*([0-9.]+)")
try:
with open(plugin_file) as f:
for line in f:
match = version_pattern.search(line)
if match:
version = match.group(1)
if _validate_semver(version):
return version
else:
return None
except Exception as e:
logger.error(
"Failed to read plugin file to determine version number %s: %s",
plugin_file,
e,
)
return None
return None
async def plugin_install(site: WPSite):
"""Install the Imunify Security WordPress plugin on given WordPress site."""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"plugin",
"install",
str(PLUGIN_PATH),
"--activate",
"--force",
]
command = build_command_for_user(username, args)
logger.info(f"Installing wp plugin {command}")
await check_run(command)
async def plugin_update(site: WPSite):
"""
Update the Imunify Security WordPress plugin on given WordPress site.
Currently, this is the same as install, but in the future it may differ.
"""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"plugin",
"install",
str(PLUGIN_PATH),
"--activate",
"--force",
]
command = build_command_for_user(username, args)
logger.info(f"Updating wp plugin {command}")
await check_run(command)
async def plugin_uninstall(site: WPSite):
"""Uninstall the imunify-security wp plugin from given wp site."""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"plugin",
"uninstall",
PLUGIN_SLUG,
"--deactivate",
]
command = build_command_for_user(username, args)
logger.info(f"Uninstalling wp plugin {command}")
await check_run(command)
async def _get_plugin_version(site: WPSite):
"""
Get the version of the imunify-security wp plugin installed on given WordPress site.
Uses WP CLI to get the version.
"""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"plugin",
"get",
PLUGIN_SLUG,
"--field=version",
]
command = build_command_for_user(username, args)
logger.info(f"Getting wp plugin version {command}")
try:
result = await check_run(command)
output = result.decode("utf-8").strip()
return _extract_version_from_output(output)
except CheckRunError as e:
logger.error(
"Failed to get wp plugin version. Return code: %s",
e.returncode,
)
return None
except UnicodeDecodeError as e:
logger.error("Failed to decode wp plugin version output: %s", e)
return None
async def get_plugin_version(site: WPSite):
"""
Get the version of the imunify-security wp plugin installed on given WordPress site.
First tries to parse the version from the plugin file, then falls back to WP CLI.
"""
# First try to parse version from plugin file
try:
version = await _parse_version_from_plugin_file(site)
if version:
return version
except Exception as e:
logger.warning("Failed to parse version from plugin file: %s", e)
# Fall back to WP CLI if file parsing fails
logger.info("Plugin version not found in file, trying WP CLI")
return await _get_plugin_version(site)
async def is_plugin_installed(site: WPSite):
"""Check if the imunify-security wp plugin is installed on given WordPress site."""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"plugin",
"is-installed",
PLUGIN_SLUG,
]
command = build_command_for_user(username, args)
logger.info(f"Checking if wp plugin is installed {command}")
try:
await check_run(command)
except CheckRunError:
# exit code other than 0 means plugin is not installed or there is an error
return False
# exit code 0 means plugin is installed
return True
async def is_wordpress_installed(site: WPSite):
"""Check if WordPress is installed and given site is accessible using WP CLI."""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"core",
"is-installed",
]
command = build_command_for_user(username, args)
logger.info(f"Checking if WordPress is installed {command}")
try:
# exit code other than 0 means WordPress is not installed or there is an error
await check_run(command)
except CheckRunError:
return False
# exit code 0 means WordPress is installed
return True
async def _get_content_directory(site: WPSite):
"""
Get the content directory of the WordPress site using WP CLI.
This should only be used if the default wp-content directory does not exist.
"""
username = pwd.getpwuid(site.uid).pw_name
php_path = await get_php_binary_path(site, username)
args = [
*wp_wrapper(php_path, site.docroot),
"eval",
"echo WP_CONTENT_DIR;",
]
command = build_command_for_user(username, args)
logger.info(f"Getting content directory {command}")
try:
result = await check_run(command)
return result.decode("utf-8").strip()
except CheckRunError as e:
logger.error(
"Failed to get content directory. Return code: %s",
e.returncode,
)
return None
except UnicodeDecodeError as e:
logger.error("Failed to decode content directory output: %s", e)
return None
@async_lru_cache(maxsize=100)
async def get_content_dir(site: WPSite):
"""
Get the WordPress content directory for the given WordPress site.
This function first checks if the default wp-content directory exists at the site's docroot.
If the default path doesn't exist or isn't a directory, it attempts to get the actual
content directory using WordPress CLI's WP_CONTENT_DIR constant.
Returns:
Path: The WordPress content directory path
"""
content_dir = Path(site.docroot) / "wp-content"
# First check if content_dir exists and is a folder
if not content_dir.exists() or not content_dir.is_dir():
# If not, try to get the content directory using WP CLI
wp_content_dir = await _get_content_directory(site)
if wp_content_dir:
content_dir = Path(wp_content_dir)
return content_dir
def clear_get_content_dir_cache():
"""Clear the async LRU cache for get_content_dir."""
get_content_dir.cache_clear()
async def get_data_dir(site: WPSite):
"""
Get the Imunify Security data directory for the given WordPress site.
"""
content_dir = await get_content_dir(site)
if not content_dir:
content_dir = Path(site.docroot) / "wp-content"
return Path(content_dir) / "imunify-security"
Back to Directory
�������������������������������������nL+D�550�H�?Mx� ,D"v]qv;6*Zqn�)�ZP��0������������������������������!1 ��A� "#a$2Qr��������D8�a�Ri�[f�\mIykIw0�cu�FcRı?lO7к_f˓[C$殷WF<_W ԣs�KcëIzyQy���/_LK�ℂ;C�",pFA:�/]=H�� �~,ls/9�ć:[=/#f;�)x�{�ٛ�EQ )~� ���=𘙲r*2~ ��a��_V='��kumF��D}KYYC)({�*g&f�`툪r�y�`=^cJ.I]�(*`�wq���1�dđ#̩�͑0�;H]u搂@:~וKL� Ns��h�}OIR*8:2��!lDJVo(��3=M(z�Ȱ+i*NA�r6K�n�Sl�)!JJӁ* %�݉�?|D}d5:eP0R;{$X'xF@.ÊB {,W�J�uQ�ɲRI;9�QE�琯62fT.D�UJ���;*c��P��A\ILNj!J۱+�O\�͔]ޒ�SJȧc%AN��ol�ՎprULZԛe�r�E2=XDXg�VQe�ӓk��y�P�7U*omQIs,K`)6\�G3t?pgj�r�mۛجwluG��tf��h9uyP0D;Uڽ"OXlif$)&|ML0Zrm1[HXPlPR0���'G=i2N�+0e2�]]�9VT�P��O7h(F*�癈�'�=Q��V�ZDF,d߬~�TX
G[�`l�e69CR(!S2!P�
<0x�<������������������������!1��AQ "Raq�02Br���#S�CTb�����
?�Ζ"]mH�5WR7k.ۛ!}Q~+yԏz|@T20S~Kek�*zFf^2X*(@8�r?��CIuI|�֓>^ExLgN�UY+{.RѪ
τVYTD�I62'8Y2�7'\T�P�.6�d&˦@�Vqi�|8-�OΕ�]ʔ� U=��TL8=;6c�|���!qfF3a�ů�&~$l}'NWUs$Uk^SV��:U#�6w+�+s&r+nڐ��{@�29�g�L�
u"TÙ�M=6�(^"7r}�=6YݾlCuhquympǦ
�G�jhsǜNl�ɻ}o7�#S6aw�4!OS�rD�57�%|?x>L
|�/�nD6?/8w#[�)L7��+6〼T�ATg�!��%5�MmZ/c-{�1_Je"|�^$'O���&�ޱմ�Trb�$�w)R�$�&�
N1EtdU�3Uȉ1p�M"�N*(DN�y�d96.(jQ)X
5cQɎMyW�?��Q�*!R>6=7)Xj5`J]�e�8%t!+'!1Q�5���������� �������������!1��� AQ�aqё#2�"0BRb������?�G�t^�## .llQT $�v,,m��㵜5�ubV �=sY+@d�{N!�dnO<���.-B;�_wJt6�;Q�Jd.Qc%p{ 1,sND�dFH�I0Гo�Xш�e黅XۢF:)[�FGXƹ/w�_cMeD���,ʡcc.���WD�tA$�j@�:) -#�u
c1<@ۗ9F�)KJ-hpP]�_��x[qBlbp�ʖw� q"�L�FGd�ƶ*���s+�ډ_Zc"?�%�t[IP���6J]#=ɺVvv�CGsGh1� >)6�|ey?Lӣm,4GWUi`�]uJVoV�D�G�< SB�6ϏQ@ TiUly�OU0kfV~�~}�SZ@*WUU�i##;�s/[�=!�7}"��WN]'(L!��~y�5g9T̅JkbM'�+s:S� ��+�B)v@M��j
���e Cf�jE�0��Y\QnzG�1д~Wo{T�9?`�Rmyh�sy�3!HA�D]m�c1~2L���Su7xT;j$`}4->L#�vzŏ��ILS���֭��T��{�r��jGKC;��b�pU=�-`BsK.SFw4�Mq]ZdH�S0)tLg