From 2bc6555ee211111da6ea610419e76de1fd3ab379 Mon Sep 17 00:00:00 2001 From: terrtia Date: Fri, 10 May 2024 11:33:27 +0200 Subject: [PATCH] chg: [settings] refactor old settings blueprint module --- bin/lib/ail_users.py | 23 +- var/www/blueprints/settings_b.py | 122 ++++++++++- var/www/modules/settings/Flask_settings.py | 172 --------------- .../settings/templates/create_user.html | 153 ------------- .../settings/templates/edit_profile.html | 111 ---------- .../settings/templates/header_settings.html | 1 - .../settings/templates/settings_index.html | 202 ------------------ .../settings}/ail_configs.html | 0 .../settings/block_password_requirements.html | 29 +++ var/www/templates/settings/create_user.html | 136 ++++++++++++ var/www/templates/settings/menu_sidebar.html | 36 ++-- .../settings}/passive_dns.html | 4 +- var/www/templates/settings/user_profile.html | 107 ++++++++++ var/www/templates/settings/users_list.html | 28 +-- 14 files changed, 432 insertions(+), 692 deletions(-) delete mode 100644 var/www/modules/settings/Flask_settings.py delete mode 100644 var/www/modules/settings/templates/create_user.html delete mode 100644 var/www/modules/settings/templates/edit_profile.html delete mode 100644 var/www/modules/settings/templates/header_settings.html delete mode 100644 var/www/modules/settings/templates/settings_index.html rename var/www/{modules/settings/templates => templates/settings}/ail_configs.html (100%) create mode 100644 var/www/templates/settings/block_password_requirements.html create mode 100644 var/www/templates/settings/create_user.html rename var/www/{modules/settings/templates => templates/settings}/passive_dns.html (94%) create mode 100644 var/www/templates/settings/user_profile.html diff --git a/bin/lib/ail_users.py b/bin/lib/ail_users.py index 1cec0f9c..f7f3ffe0 100755 --- a/bin/lib/ail_users.py +++ b/bin/lib/ail_users.py @@ -85,6 +85,13 @@ def hashing_password(password): ## --PASSWORDS-- ## +def check_email(email): + email_regex = re.compile(r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}') + result = email_regex.match(email) + if result: + return True + else: + return False #### TOKENS #### @@ -315,6 +322,20 @@ def api_get_users_meta(): meta['users'].append(user.get_meta(options=options)) return meta +def api_get_user_profile(user_id): + options = {'api_key', 'role'} + user = AILUser(user_id) + if not user.exists(): + return {'status': 'error', 'reason': 'User not found'}, 404 + meta = user.get_meta(options=options) + return meta, 200 + +def api_create_user_api_key_self(user_id): # TODO LOG USER ID + user = AILUser(user_id) + if not user.exists(): + return {'status': 'error', 'reason': 'User not found'}, 404 + return user.new_api_key(), 200 + def api_create_user_api_key(user_id, admin_id): # TODO LOG ADMIN ID user = AILUser(user_id) if not user.exists(): @@ -348,7 +369,7 @@ def get_users_metadata(list_users): users.append(get_user_metadata(user)) return users -def create_user(user_id, password=None, chg_passwd=True, role=None): +def create_user(user_id, password=None, chg_passwd=True, role=None): # TODO ############################################################### # # TODO: check password strength if password: new_password = password diff --git a/var/www/blueprints/settings_b.py b/var/www/blueprints/settings_b.py index 31d8b9e9..dc94a1e2 100644 --- a/var/www/blueprints/settings_b.py +++ b/var/www/blueprints/settings_b.py @@ -21,6 +21,7 @@ sys.path.append(os.environ['AIL_BIN']) ################################## from lib import ail_updates from lib import ail_users +from lib import d4 from packages import git_status # ============ BLUEPRINT ============ @@ -30,6 +31,7 @@ settings_b = Blueprint('settings_b', __name__, template_folder=os.path.join(os.e # bootstrap_label = Flask_config.bootstrap_label # ============ FUNCTIONS ============ + def create_json_response(data, status_code): return Response(json.dumps(data, indent=2, sort_keys=True), mimetype='application/json'), status_code @@ -62,7 +64,24 @@ def settings_modules(): @login_required @login_read_only def user_profile(): + user_id = current_user.get_user_id() acl_admin = current_user.is_in_role('admin') + r = ail_users.api_get_user_profile(user_id) + if r[1] != 200: + return create_json_response(r[0], r[1]) + meta = r[0] + return render_template("user_profile.html", meta=meta, acl_admin=acl_admin) + +@settings_b.route("/settings/user/api_key/new", methods=['GET']) +@login_required +@login_read_only +def new_token_user_self(): + user_id = current_user.get_user_id() + r = ail_users.api_create_user_api_key_self(user_id) + if r[1] != 200: + return create_json_response(r[0], r[1]) + else: + return redirect(url_for('settings_b.user_profile')) @settings_b.route("/settings/new_user_api_key", methods=['GET']) @login_required @@ -76,6 +95,78 @@ def new_token_user(): else: return redirect(url_for('settings_b.users_list')) +@settings_b.route("/settings/create_user", methods=['GET']) +@login_required +@login_admin +def create_user(): + user_id = request.args.get('user_id') + error = request.args.get('error') + error_mail = request.args.get('error_mail') + meta = {} + if user_id: + r = ail_users.api_get_user_profile(user_id) + if r[1] != 200: + return create_json_response(r[0], r[1]) + meta = r[0] + all_roles = ail_users.get_all_roles() + return render_template("create_user.html", all_roles=all_roles, meta=meta, + error=error, error_mail=error_mail, + acl_admin=True) + +@settings_b.route("/settings/edit_user", methods=['GET']) +@login_required +@login_admin +def edit_user(): + user_id = request.args.get('user_id') + return redirect(url_for('settings_b.create_user', user_id=user_id)) + + +@settings_b.route("/settings/create_user_post", methods=['POST']) +@login_required +@login_admin +def create_user_post(): + # Admin ID + admin_id = current_user.get_user_id() + + email = request.form.get('username') + role = request.form.get('user_role') + password1 = request.form.get('password1') + password2 = request.form.get('password2') + + all_roles = ail_users.get_all_roles() + + if email and len(email) < 300 and ail_users.check_email(email) and role: + if role in all_roles: + # password set + if password1 and password2: + if password1 == password2: + if ail_users.check_password_strength(password1): + password = password1 + else: + return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password", acl_admin=True) + else: + return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match", acl_admin=True) + # generate password + else: + password = ail_users.gen_password() + + if current_user.is_in_role('admin'): + str_password = password + if ail_users.exists_user(email): + if not password1 and not password2: + password = None + str_password = 'Password not changed' + ail_users.create_user(email, password=password, role=role) + new_user = {'email': email, 'password': str_password} + return render_template("create_user.html", new_user=new_user, meta={}, all_roles=all_roles, acl_admin=True) + + else: + return render_template("create_user.html", all_roles=all_roles, acl_admin=True) + else: + return render_template("create_user.html", all_roles=all_roles, error_mail=True, acl_admin=True) + + + @settings_b.route("/settings/delete_user", methods=['GET']) @login_required @login_admin @@ -93,12 +184,29 @@ def delete_user(): @login_admin def users_list(): meta = ail_users.api_get_users_meta() - new_user = {} - return render_template("users_list.html", meta=meta, new_user=new_user, acl_admin=True) - - - - - + return render_template("users_list.html", meta=meta, acl_admin=True) ############################################# + +@settings_b.route("/settings/passivedns", methods=['GET']) +@login_required +@login_read_only +def passive_dns(): + passivedns_enabled = d4.is_passive_dns_enabled() + return render_template("passive_dns.html", passivedns_enabled=passivedns_enabled) + + +@settings_b.route("/settings/passivedns/change_state", methods=['GET']) +@login_required +@login_admin +def passive_dns_change_state(): + new_state = request.args.get('state') == 'enable' + passivedns_enabled = d4.change_passive_dns_state(new_state) + return redirect(url_for('settings_b.passive_dns')) + +# @settings.route("/settings/ail", methods=['GET']) +# @login_required +# @login_admin +# def ail_configs(): +# return render_template("ail_configs.html", passivedns_enabled=None) + diff --git a/var/www/modules/settings/Flask_settings.py b/var/www/modules/settings/Flask_settings.py deleted file mode 100644 index 35075ce9..00000000 --- a/var/www/modules/settings/Flask_settings.py +++ /dev/null @@ -1,172 +0,0 @@ -#!/usr/bin/env python3 -# -*-coding:UTF-8 -* - -''' - Flask functions and routes for the settings modules page -''' -import os -import sys - -from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for -from flask_login import login_required, current_user - -from Role_Manager import login_admin, login_analyst, login_user, login_read_only - -sys.path.append(os.environ['AIL_BIN']) -################################## -# Import Project packages -################################## -from lib import d4 -from lib import Users - -# ============ VARIABLES ============ -import Flask_config - -app = Flask_config.app -baseUrl = Flask_config.baseUrl -r_serv_db = Flask_config.r_serv_db -REPO_ORIGIN = Flask_config.REPO_ORIGIN -dict_update_description = Flask_config.dict_update_description -email_regex = Flask_config.email_regex - -settings = Blueprint('settings', __name__, template_folder='templates') - - -# ============ FUNCTIONS ============ - -def check_email(email): - result = email_regex.match(email) - if result: - return True - else: - return False - - -# ============= ROUTES ============== - -@settings.route("/settings/edit_profile", methods=['GET']) -@login_required -@login_read_only -def edit_profile(): - user_metadata = Users.get_user_metadata(current_user.get_id()) - admin_level = current_user.is_in_role('admin') - return render_template("edit_profile.html", user_metadata=user_metadata, - admin_level=admin_level) - - -@settings.route("/settings/new_token", methods=['GET']) -@login_required -@login_user -def new_token(): - Users.generate_new_token(current_user.get_id()) - return redirect(url_for('settings.edit_profile')) - -@settings.route("/settings/create_user", methods=['GET']) -@login_required -@login_admin -def create_user(): - user_id = request.args.get('user_id') - error = request.args.get('error') - error_mail = request.args.get('error_mail') - role = None - if user_id: - user = Users.User(user_id) - if user.exists(): - role = user.get_role() - all_roles = Users.get_all_roles() - return render_template("create_user.html", all_roles=all_roles, user_id=user_id, user_role=role, - error=error, error_mail=error_mail, - admin_level=True) - - -@settings.route("/settings/create_user_post", methods=['POST']) -@login_required -@login_admin -def create_user_post(): - email = request.form.get('username') - role = request.form.get('user_role') - password1 = request.form.get('password1') - password2 = request.form.get('password2') - - all_roles = Users.get_all_roles() - - if email and len(email) < 300 and check_email(email) and role: - if role in all_roles: - # password set - if password1 and password2: - if password1 == password2: - if Users.check_password_strength(password1): - password = password1 - else: - return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password", - admin_level=True) - else: - return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match", - admin_level=True) - # generate password - else: - password = Users.gen_password() - - if current_user.is_in_role('admin'): - str_password = password - if Users.exists_user(email): - if not password1 and not password2: - password = None - str_password = 'Password not changed' - Users.create_user(email, password=password, role=role) - return redirect(url_for('settings.users_list', new_user=email, new_user_password=str_password)) - - else: - return render_template("create_user.html", all_roles=all_roles, admin_level=True) - else: - return render_template("create_user.html", all_roles=all_roles, error_mail=True, admin_level=True) - - -# @settings.route("/settings/users_list", methods=['GET']) -# @login_required -# @login_admin -# def users_list(): -# all_users = Users.get_users_metadata(Users.get_all_users()) -# new_user = request.args.get('new_user') -# new_user_dict = {} -# if new_user: -# new_user_dict['email'] = new_user -# new_user_dict['edited'] = request.args.get('new_user_edited') -# new_user_dict['password'] = request.args.get('new_user_password') -# return render_template("users_list.html", all_users=all_users, new_user=new_user_dict, admin_level=True) - - -@settings.route("/settings/edit_user", methods=['POST']) -@login_required -@login_admin -def edit_user(): - user_id = request.form.get('user_id') - return redirect(url_for('settings.create_user', user_id=user_id)) - - -@settings.route("/settings/passivedns", methods=['GET']) -@login_required -@login_read_only -def passive_dns(): - passivedns_enabled = d4.is_passive_dns_enabled() - return render_template("passive_dns.html", passivedns_enabled=passivedns_enabled) - - -@settings.route("/settings/passivedns/change_state", methods=['GET']) -@login_required -@login_admin -def passive_dns_change_state(): - new_state = request.args.get('state') == 'enable' - passivedns_enabled = d4.change_passive_dns_state(new_state) - return redirect(url_for('settings.passive_dns')) - - -@settings.route("/settings/ail", methods=['GET']) -@login_required -@login_admin -def ail_configs(): - return render_template("ail_configs.html", passivedns_enabled=None) - - -# ========= REGISTRATION ========= -app.register_blueprint(settings, url_prefix=baseUrl) diff --git a/var/www/modules/settings/templates/create_user.html b/var/www/modules/settings/templates/create_user.html deleted file mode 100644 index 5ab809ed..00000000 --- a/var/www/modules/settings/templates/create_user.html +++ /dev/null @@ -1,153 +0,0 @@ - - - - - Server Management - AIL - - - - - - - - - - - - - - - - - - {% include 'nav_bar.html' %} - -
-
- - {% include 'settings/menu_sidebar.html' %} - -
- - - -
-
-
- - - - - - diff --git a/var/www/modules/settings/templates/edit_profile.html b/var/www/modules/settings/templates/edit_profile.html deleted file mode 100644 index 9a095f7c..00000000 --- a/var/www/modules/settings/templates/edit_profile.html +++ /dev/null @@ -1,111 +0,0 @@ - - - - - Server Management - AIL - - - - - - - - - - - - - - - - - - {% include 'nav_bar.html' %} - -
-
- - {% include 'settings/menu_sidebar.html' %} - -
- -
-
-
My Profile :
-
-
- -
-
-
-
- - - - - - - - - - - - - - - -
Email{{user_metadata['email']}}
Role{{user_metadata['role']}}
API Key - - {{user_metadata['api_key'][:4]}}*********************************{{user_metadata['api_key'][-4:]}} - - - - - - -
-
-
-
-
- -
-
- -
-
-
- - - - - - diff --git a/var/www/modules/settings/templates/header_settings.html b/var/www/modules/settings/templates/header_settings.html deleted file mode 100644 index 971eeded..00000000 --- a/var/www/modules/settings/templates/header_settings.html +++ /dev/null @@ -1 +0,0 @@ -
  • Server Management
  • diff --git a/var/www/modules/settings/templates/settings_index.html b/var/www/modules/settings/templates/settings_index.html deleted file mode 100644 index af3d74c2..00000000 --- a/var/www/modules/settings/templates/settings_index.html +++ /dev/null @@ -1,202 +0,0 @@ - - - - - Server Management - AIL - - - - - - - - - - - - - - - - - - {% include 'nav_bar.html' %} - -
    -
    - - {% include 'settings/menu_sidebar.html' %} - -
    - -
    -
    -
    AIL-framework Status :
    -
    -
    - -
    -
    -
    -
    - - - - - {%if ail_version is not none %} - - {%else%} - - {%endif%} - - - - - - - - - - - - - - -
    AIL Version{{current_version}} (release note){{git_metadata['current_branch']}}
    Current Branch - {%if git_metadata['current_branch'] != 'master'%} -   - {%endif%} - {{git_metadata['current_branch']}} -
    Current Commit ID - {%if git_metadata['new_git_update_available']%} -   - {%endif%} - {{git_metadata['current_commit']}} -
    Current Tag - {%if git_metadata['new_git_version_available']%} -    - {%endif%} - {{git_metadata['last_local_tag']}} -
    -
    -
    -
    - -
    -
    -
    -
    Backgroud Update:
    -
    -
    -
    -
    - Updating: ... -
    -
    -
    -
    -
    -
    Update Error:
    -

    -
    -
    -
    -
    - -
    - -
    -
    - - {%if git_metadata['new_git_version_available']%} - - {%endif%} - - {%if git_metadata['new_git_update_available']%} - - {%endif%} - -
    -
    -
    - - - - - - diff --git a/var/www/modules/settings/templates/ail_configs.html b/var/www/templates/settings/ail_configs.html similarity index 100% rename from var/www/modules/settings/templates/ail_configs.html rename to var/www/templates/settings/ail_configs.html diff --git a/var/www/templates/settings/block_password_requirements.html b/var/www/templates/settings/block_password_requirements.html new file mode 100644 index 00000000..446b556d --- /dev/null +++ b/var/www/templates/settings/block_password_requirements.html @@ -0,0 +1,29 @@ +
    +
    +
    +
    +
    Password Requirements
    + +
    + diff --git a/var/www/templates/settings/create_user.html b/var/www/templates/settings/create_user.html new file mode 100644 index 00000000..b1e1daaa --- /dev/null +++ b/var/www/templates/settings/create_user.html @@ -0,0 +1,136 @@ + + + + + Create User - AIL + + + + + + + + + + + + + + + + + +{% include 'nav_bar.html' %} +
    +
    + {% include 'settings/menu_sidebar.html' %} +
    + + {% if new_user %} +
    +
    +
    + {% if new_user['edited']=='True' %} +
    User Edited
    + {% else %} +
    User Created
    + {% endif %} +
    +
    +

    User: {{new_user['email']}}

    +

    Password: {{new_user['password']}}

    + Hide +
    +
    +
    + {% endif %} + + + + {% include 'settings/block_password_requirements.html' %} + +
    +
    +
    + + + + + diff --git a/var/www/templates/settings/menu_sidebar.html b/var/www/templates/settings/menu_sidebar.html index 1ec58516..c342ba14 100644 --- a/var/www/templates/settings/menu_sidebar.html +++ b/var/www/templates/settings/menu_sidebar.html @@ -44,23 +44,23 @@ Settings