xevion/v1.xevion.dev
1
0
Fork 0
mirror of https://github.com/Xevion/v1.xevion.dev.git synced 2025-12-10 06:09:04 -06:00
Code Issues Packages Projects Releases Wiki Activity

dashboard intit. addition, rbac modifications

Browse Source
This commit is contained in:
Xevion
2019-07-04 04:11:15 -05:00
parent fb8ba3b79e
commit 92a6f8ad49
8 changed files with 72 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/models.py
View File

@@ -3,6 +3,16 @@ from datetime import datetime
from app import db, login from app import db, login
from werkzeug.security import generate_password_hash, check_password_hash from werkzeug.security import generate_password_hash, check_password_hash
def require_role(roles=["User"]):
def wrap(func):
@wraps(func)
def decorated_view(*args, **kwargs):
if current_user.is_authenticated:
if current_user.has_roles(roles):
return func(*args, **kwargs)
return abort(401)
return decorated_view
return wrap
@login.user_loader @login.user_loader
class User(UserMixin, db.Model): class User(UserMixin, db.Model):
id = db.Column(db.Integer, primary_key=True) id = db.Column(db.Integer, primary_key=True)

22
app/routes.py
View File

@@ -1,9 +1,10 @@
from app import app, db, login from app import app, db, login
from app.models import User, Search from app.models import User, Search, require_role
from app.forms import LoginForm, RegistrationForm from app.forms import LoginForm, RegistrationForm
from werkzeug.urls import url_parse from werkzeug.urls import url_parse
from flask import render_template, redirect, url_for, flash, request, jsonify, abort from flask import render_template, redirect, url_for, flash, request, jsonify, abort
from flask_login import current_user, login_user, logout_user, login_required from flask_login import current_user, login_user, logout_user, login_required
from functools import wraps
import requests import requests
import xmltodict import xmltodict
import base64 import base64
@@ -16,16 +17,6 @@ fake = faker.Faker()
def strgen(length): return ''.join(random.choices(list(string.ascii_letters), k=length)) def strgen(length): return ''.join(random.choices(list(string.ascii_letters), k=length))
def require_role(roles=["User"]):
def wrap(func):
def run(*args, **kwargs):
if current_user.is_authenticated:
if current_user.has_roles(roles):
return func(*args, **kwargs)
return abort(401)
return run
return wrap
@app.errorhandler(401) @app.errorhandler(401)
def unauthorized(e): def unauthorized(e):
return redirect(url_for('login')) return redirect(url_for('login'))
@@ -33,7 +24,7 @@ def unauthorized(e):
@app.route('/dashboard') @app.route('/dashboard')
@login_required @login_required
def dashboard(): def dashboard():
return render_template('dashboard.html') return render_template('/dashboard/dashboard.html')
@app.route('/profile/') @app.route('/profile/')
@login_required @login_required
@@ -68,7 +59,7 @@ def index():
@app.route('/register/', methods=['GET', 'POST']) @app.route('/register/', methods=['GET', 'POST'])
def register(): def register():
if current_user.is_authenticated: if current_user.is_authenticated:
return redirect(url_for('index')) return redirect(url_for('dashboard'))
form = RegistrationForm() form = RegistrationForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data) user = User(username=form.username.data, email=form.email.data)
@@ -82,7 +73,7 @@ def register():
@app.route('/login/', methods=['GET', 'POST']) @app.route('/login/', methods=['GET', 'POST'])
def login(): def login():
if current_user.is_authenticated: if current_user.is_authenticated:
return redirect(url_for('index')) return redirect(url_for('dashboard'))
form = LoginForm() form = LoginForm()
if form.validate_on_submit(): if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first() user = User.query.filter_by(username=form.username.data).first()
@@ -124,6 +115,7 @@ def get_hidden():
@app.route('/hidden<id>/history') @app.route('/hidden<id>/history')
@login_required @login_required
@require_role(roles=['Hidden', 'Admin'])
def hidden_history(id): def hidden_history(id):
if not validate_id(id): if not validate_id(id):
return '<span style="color: red;">error:</span> bad id' return '<span style="color: red;">error:</span> bad id'
@@ -132,6 +124,7 @@ def hidden_history(id):
@app.route('/hidden<id>/help') @app.route('/hidden<id>/help')
@login_required @login_required
@require_role(roles=['Hidden'])
def hidden_help(id): def hidden_help(id):
if not validate_id(id): if not validate_id(id):
return '<span style="color: red;">error:</span> bad id' return '<span style="color: red;">error:</span> bad id'
@@ -139,6 +132,7 @@ def hidden_help(id):
@app.route('/hidden<id>/') @app.route('/hidden<id>/')
@login_required @login_required
# @require_role(roles=['Hidden'])
def hidden(id): def hidden(id):
if not validate_id(id): if not validate_id(id):
return '<span style="color: red;">error:</span> bad id' return '<span style="color: red;">error:</span> bad id'

4
app/templates/base.html
View File

@@ -65,7 +65,7 @@ Color = Bulma Color Type of the Message Box
<body> <body>
<nav class="navbar" role="navigation" aria-label="main navigation"> <nav class="navbar" role="navigation" aria-label="main navigation">
<div class="navbar-brand"> <div class="navbar-brand">
<a class="navbar-item raleway-font" href="{{ url_for('index') }}"> <a style="margin-left: 0.5rem;" class="navbar-item raleway-font" href="{{ url_for('index') }}">
Xevion Xevion
</a> </a>
@@ -106,7 +106,7 @@ Color = Bulma Color Type of the Message Box
<div class="navbar-text">Profile</div> <div class="navbar-text">Profile</div>
</a> </a>
<a class="navbar-item" href="{{ url_for('dashboard') }}"> <a class="navbar-item" href="{{ url_for('dashboard') }}">
<span class="navbar-fa-icon fas fa-user-cog"></span> <span class="navbar-fa-icon fas fa-chart-line"></span>
<div class="navbar-text">Dashboard</div> <div class="navbar-text">Dashboard</div>
</a> </a>
<hr class="navbar-divider"> <hr class="navbar-divider">

1
app/templates/dashboard.html
View File

@@ -1 +0,0 @@
{% extends 'base.html' %}

5
app/templates/dashboard/constants.html Normal file
View File

@@ -0,0 +1,5 @@
{% extends 'dashboard_base' %}
{% set constants_active = True %}
{% block dashboard_body %}
constants
{% endblock dashboard_body %}

5
app/templates/dashboard/dashboard.html Normal file
View File

@@ -0,0 +1,5 @@
{% extends 'dashboard/dashboard_base.html' %}
{% set dashboard_home_active = True %}
{% block dashboard_body %}
<section></section>
{% endblock dashboard_body %}

37
app/templates/dashboard/dashboard_base.html Normal file
View File

@@ -0,0 +1,37 @@
{% extends 'base.html' %}
{% block body %}
<div style="margin-left: 1rem; margin-top: 1rem;" class="columns">
<div class="column is-2">
<aside class="menu">
<p class="menu-label">
Dashboard
</p>
<ul class="menu-list">
<li><a href="{{ url_for('dashboard') }}" {% if dashboard_home_active %}class="is-active"{% endif %}>Home</a></li>
<li><a href="{{ url_for('profile_settings') }}" {% if dashboard_profile_settings_active %}class="is-active"{% endif %}>Profile Settings</a></li>
</ul>
<ul class="menu-list">
</ul>
<p class="menu-label">
Administration
</p>
<ul class="menu-list">
<li><a href="{{ url_for('constants') }}" {% if constants_active %}class="is-active"{% endif %}>Constants</a></li>
<li>
<a {% if role_settings_active %}class="is-active"{% endif %}><abbr title="Role Based Access Control">RBAC</abbr> Settings</a>
<ul>
<li><a href="{{ url_for('rbac') + '#apply-user-roles' }}">Apply Roles to User(s)</a></li>
<li><a href="{{ url_for('rbac') + '#view-user-roles' }}">View all Roles</a></li>
</ul>
</li>
</ul>
</aside>
</div>
<div class="column">
{% block dashboard_body %}
{% endblock dashboard_body %}
</div>
</div>
{% endblock body %}

5
app/templates/dashboard/rbac.html Normal file
View File

@@ -0,0 +1,5 @@
{% extends 'dashboard_base.html' %}
{% set role_settings_active = True %}
{% block dashboard_body %}
{% endblock dashboard_body %}