chg: [user_management] add user role_management

2024-11-10 08:38:28 +00:00 · 2019-05-06 16:58:36 +02:00 · 2019-05-06 16:58:36 +02:00 · 1dac8177fe
commit 1dac8177fe
parent 64ff94ce5f
5 changed files with 39 additions and 21 deletions
--- a/var/www/Flask_server.py
+++ b/var/www/Flask_server.py
@ -216,6 +216,10 @@ def login():
        print(next_page)
        return render_template("login.html", next_page=next_page)

+@app.route('/role', methods=['POST', 'GET'])
+def role():
+    return 'ERROR role'
+
@app.route('/logout')
@login_required
 def logout():
--- a/var/www/modules/Decorator.py
+++ b/var/www/modules/Decorator.py
@ -1,17 +0,0 @@
-#!/usr/bin/env python3
-# -*-coding:UTF-8 -*
-
-from functools import wraps
-from flask_login import LoginManager, current_user, login_user, logout_user, login_required
-
-from flask import request
-
-def login_required(role="ANY"):
-    @wraps(role)
-    def decorated_view(*args, **kwargs):
-        if not current_user.is_authenticated:
-            return current_app.login_manager.unauthorized()
-        elif (not current_user.is_in_role(role)) and (role != "ANY"):
-            return login_manager.unauthorized()
-        return func(*args, **kwargs)
-    return decorated_view
--- a/var/www/modules/Role_Manager.py
+++ b/var/www/modules/Role_Manager.py
@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+from functools import wraps
+from flask_login import LoginManager, current_user, login_user, logout_user, login_required
+
+from flask import request, current_app
+
+login_manager = LoginManager()
+login_manager.login_view = 'role'
+
+def login_admin(func):
+    @wraps(func)
+    def decorated_view(*args, **kwargs):
+        if not current_user.is_authenticated:
+            return login_manager.unauthorized()
+        elif (not current_user.is_in_role('admin')):
+            return login_manager.unauthorized()
+        return func(*args, **kwargs)
+    return decorated_view
+
+def login_analyst(func):
+    @wraps(func)
+    def decorated_view(*args, **kwargs):
+        if not current_user.is_authenticated:
+            return login_manager.unauthorized()
+        elif (not current_user.is_in_role('analyst')):
+            return login_manager.unauthorized()
+        return func(*args, **kwargs)
+    return decorated_view
--- a/var/www/modules/Tags/Flask_Tags.py
+++ b/var/www/modules/Tags/Flask_Tags.py
@ -5,7 +5,9 @@
    Flask functions and routes for the trending modules page
 '''
 import redis
-from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
+from flask import Flask, render_template, jsonify, request, Blueprint, current_app, redirect, url_for
+
+from Role_Manager import login_admin, login_analyst
 from flask_login import login_required

 import json
@ -220,6 +222,7 @@ def update_tag_last_seen(tag, tag_first_seen, tag_last_seen):

@Tags.route("/tags/", methods=['GET'])
@login_required
+@login_admin
 def Tags_page():
    date_from = request.args.get('date_from')
    date_to = request.args.get('date_to')
@ -469,6 +472,7 @@ def remove_tag():

@Tags.route("/Tags/confirm_tag")
@login_required
+@login_analyst
 def confirm_tag():

    #TODO verify input
--- a/var/www/modules/hiddenServices/Flask_hiddenServices.py
+++ b/var/www/modules/hiddenServices/Flask_hiddenServices.py
@ -17,8 +17,6 @@ from flask_login import login_required
 from Date import Date
 from HiddenServices import HiddenServices

-from Decorator import login_required
-
 # ============ VARIABLES ============
 import Flask_config

@ -236,7 +234,6 @@ def delete_auto_crawler(url):
 # ============= ROUTES ==============

@hiddenServices.route("/crawlers/", methods=['GET'])
-#@login_required(role="ADMIN")
@login_required
 def dashboard():
    crawler_metadata_onion = get_crawler_splash_status('onion')