ail-framework/var/www/modules/Role_Manager.py

#!/usr/bin/env python3
# -*-coding:UTF-8 -*

import os
import sys

from functools import wraps
from flask_login import LoginManager, current_user, logout_user, login_required

from flask import make_response, current_app

login_manager = LoginManager()
login_manager.login_view = 'root.role'

###############################################################
###############          FLASK CACHE         ##################
###############################################################
def no_cache(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        resp = make_response(func(*args, **kwargs))
        resp.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'
        resp.headers['Pragma'] = 'no-cache'
        return resp
    return decorated_view
###############################################################
###############################################################
###############################################################

###############################################################
###############       CHECK ROLE ACCESS      ##################
###############################################################

def login_admin(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        if not current_user.is_authenticated:
            return login_manager.unauthorized()
        elif not current_user.is_in_role('admin'):
            return login_manager.unauthorized()
        return func(*args, **kwargs)
    return decorated_view

def login_coordinator(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        if not current_user.is_authenticated:
            return login_manager.unauthorized()
        elif not current_user.is_in_role('coordinator'):
            return login_manager.unauthorized()
        return func(*args, **kwargs)
    return decorated_view

def login_user(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        if not current_user.is_authenticated:
            return login_manager.unauthorized()
        elif not current_user.is_in_role('user'):
            return login_manager.unauthorized()
        return func(*args, **kwargs)
    return decorated_view

def login_user_no_api(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        if not current_user.is_authenticated:
            return login_manager.unauthorized()
        elif not current_user.is_in_role('user_no_api'):
            return login_manager.unauthorized()
        return func(*args, **kwargs)
    return decorated_view

def login_read_only(func):
    @wraps(func)
    def decorated_view(*args, **kwargs):
        if not current_user.is_authenticated:
            return login_manager.unauthorized()
        elif not current_user.is_in_role('read_only'):
            return login_manager.unauthorized()
        return func(*args, **kwargs)
    return decorated_view

###############################################################
###############################################################
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`#!/usr/bin/env python3`
			`# --coding:UTF-8 -`

chg: [user_management UI] add admin section: edit + create users 2019-06-11 15:37:20 +00:00			`import os`
chg: [core] mv bin/packages/config.cfg configs/core.cfg + use ConfigLoader 2019-11-05 14:18:03 +00:00			`import sys`

chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`from functools import wraps`
chg: [ail users] cleanup Role_Manager 2024-08-13 12:59:30 +00:00			`from flask_login import LoginManager, current_user, logout_user, login_required`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00
chg: [ail users] cleanup Role_Manager 2024-08-13 12:59:30 +00:00			`from flask import make_response, current_app`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00
			`login_manager = LoginManager()`
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`login_manager.login_view = 'root.role'`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00
fix: [UI caching] fix: #373 avoid screenshot caching 2019-09-03 09:58:34 +00:00			`###############################################################`
fix: typo 2019-09-03 10:00:24 +00:00			`############### FLASK CACHE ##################`
fix: [UI caching] fix: #373 avoid screenshot caching 2019-09-03 09:58:34 +00:00			`###############################################################`
			`def no_cache(func):`
			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`resp = make_response(func(args, *kwargs))`
			`resp.headers['Cache-Control'] = 'no-cache, no-store, must-revalidate'`
			`resp.headers['Pragma'] = 'no-cache'`
			`return resp`
			`return decorated_view`
			`###############################################################`
			`###############################################################`
			`###############################################################`

chg: [user_managemant] clean code + check password and email length 2019-06-19 13:00:25 +00:00			`###############################################################`
			`############### CHECK ROLE ACCESS ##################`
			`###############################################################`

chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`def login_admin(func):`
			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated:`
			`return login_manager.unauthorized()`
chg: [user session] refactor login + AIL users, use alternative IDs, kill user(s) session 2024-05-06 14:21:00 +00:00			`elif not current_user.is_in_role('admin'):`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`return login_manager.unauthorized()`
			`return func(args, *kwargs)`
			`return decorated_view`

chg: [UI + API] update endpoints ACL 2024-09-05 14:40:24 +00:00			`def login_coordinator(func):`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated:`
			`return login_manager.unauthorized()`
chg: [UI + API] update endpoints ACL 2024-09-05 14:40:24 +00:00			`elif not current_user.is_in_role('coordinator'):`
chg: [user_management] add user role_management 2019-05-06 14:58:36 +00:00			`return login_manager.unauthorized()`
			`return func(args, *kwargs)`
			`return decorated_view`
chg: [user_management UI] add admin section: edit + create users 2019-06-11 15:37:20 +00:00
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`def login_user(func):`
			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated:`
			`return login_manager.unauthorized()`
chg: [user session] refactor login + AIL users, use alternative IDs, kill user(s) session 2024-05-06 14:21:00 +00:00			`elif not current_user.is_in_role('user'):`
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`return login_manager.unauthorized()`
			`return func(args, *kwargs)`
			`return decorated_view`
chg: [user_management UI] add admin section: edit + create users 2019-06-11 15:37:20 +00:00
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`def login_user_no_api(func):`
			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated:`
			`return login_manager.unauthorized()`
chg: [user session] refactor login + AIL users, use alternative IDs, kill user(s) session 2024-05-06 14:21:00 +00:00			`elif not current_user.is_in_role('user_no_api'):`
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`return login_manager.unauthorized()`
			`return func(args, *kwargs)`
			`return decorated_view`

			`def login_read_only(func):`
			`@wraps(func)`
			`def decorated_view(args, *kwargs):`
			`if not current_user.is_authenticated:`
			`return login_manager.unauthorized()`
chg: [user session] refactor login + AIL users, use alternative IDs, kill user(s) session 2024-05-06 14:21:00 +00:00			`elif not current_user.is_in_role('read_only'):`
chg; [User role] add roles: user + user_no_api + read_only 2019-11-20 15:15:08 +00:00			`return login_manager.unauthorized()`
			`return func(args, *kwargs)`
			`return decorated_view`
chg: [user_management UI] add admin section: edit + create users 2019-06-11 15:37:20 +00:00
			`###############################################################`
			`###############################################################`