chg: [user_management] add user role_management

var/www/Flask_server.py

@@ -216,6 +216,10 @@ def login():
         print(next_page)
         return render_template("login.html", next_page=next_page)
 
+@app.route('/role', methods=['POST', 'GET'])
+def role():
+    return 'ERROR role'
+
 @app.route('/logout')
 @login_required
 def logout():

var/www/modules/Decorator.py

@@ -1,17 +0,0 @@
-#!/usr/bin/env python3
-# -*-coding:UTF-8 -*
-
-from functools import wraps
-from flask_login import LoginManager, current_user, login_user, logout_user, login_required
-
-from flask import request
-
-def login_required(role="ANY"):
-    @wraps(role)
-    def decorated_view(*args, **kwargs):
-        if not current_user.is_authenticated:
-            return current_app.login_manager.unauthorized()
-        elif (not current_user.is_in_role(role)) and (role != "ANY"):
-            return login_manager.unauthorized()
-        return func(*args, **kwargs)
-    return decorated_view

var/www/modules/Role_Manager.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+from functools import wraps
+from flask_login import LoginManager, current_user, login_user, logout_user, login_required
+
+from flask import request, current_app
+
+login_manager = LoginManager()
+login_manager.login_view = 'role'
+
+def login_admin(func):
+    @wraps(func)
+    def decorated_view(*args, **kwargs):
+        if not current_user.is_authenticated:
+            return login_manager.unauthorized()
+        elif (not current_user.is_in_role('admin')):
+            return login_manager.unauthorized()
+        return func(*args, **kwargs)
+    return decorated_view
+
+def login_analyst(func):
+    @wraps(func)
+    def decorated_view(*args, **kwargs):
+        if not current_user.is_authenticated:
+            return login_manager.unauthorized()
+        elif (not current_user.is_in_role('analyst')):
+            return login_manager.unauthorized()
+        return func(*args, **kwargs)
+    return decorated_view

var/www/modules/Tags/Flask_Tags.py

@@ -5,7 +5,9 @@
     Flask functions and routes for the trending modules page
 '''
 import redis
-from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
+from flask import Flask, render_template, jsonify, request, Blueprint, current_app, redirect, url_for
+
+from Role_Manager import login_admin, login_analyst
 from flask_login import login_required
 
 import json
@@ -220,6 +222,7 @@ def update_tag_last_seen(tag, tag_first_seen, tag_last_seen):
 
 @Tags.route("/tags/", methods=['GET'])
 @login_required
+@login_admin
 def Tags_page():
     date_from = request.args.get('date_from')
     date_to = request.args.get('date_to')
@@ -469,6 +472,7 @@ def remove_tag():
 
 @Tags.route("/Tags/confirm_tag")
 @login_required
+@login_analyst
 def confirm_tag():
 
     #TODO verify input

var/www/modules/hiddenServices/Flask_hiddenServices.py

@@ -17,8 +17,6 @@ from flask_login import login_required
 from Date import Date
 from HiddenServices import HiddenServices
 
-from Decorator import login_required
-
 # ============ VARIABLES ============
 import Flask_config
 
@@ -236,7 +234,6 @@ def delete_auto_crawler(url):
 # ============= ROUTES ==============
 
 @hiddenServices.route("/crawlers/", methods=['GET'])
-#@login_required(role="ADMIN")
 @login_required
 def dashboard():
     crawler_metadata_onion = get_crawler_splash_status('onion')