add routes to valid barlock
This commit is contained in:
Tim Gröger
parent
25059064ee
commit
987487d3c4
|
|
@ -16,7 +16,7 @@ userController = uc.UserController()
|
|||
|
||||
|
||||
@baruser.route("/bar")
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _bar(**kwargs):
|
||||
""" Main function for Baruser
|
||||
|
||||
|
|
@ -55,7 +55,7 @@ def _bar(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/baradd", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _baradd(**kwargs):
|
||||
""" Function for Baruser to add amount
|
||||
|
||||
|
|
@ -96,7 +96,7 @@ def _baradd(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/barGetUsers")
|
||||
@login_required(groups=[BAR, MONEY])
|
||||
@login_required(groups=[BAR, MONEY], bar=True)
|
||||
def _getUsers(**kwargs):
|
||||
""" Get Users without amount
|
||||
|
||||
|
|
@ -118,7 +118,7 @@ def _getUsers(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/bar/storno", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _storno(**kwargs):
|
||||
""" Function for Baruser to storno amount
|
||||
|
||||
|
|
@ -159,7 +159,7 @@ def _storno(**kwargs):
|
|||
|
||||
|
||||
@baruser.route("/barGetUser", methods=['POST'])
|
||||
@login_required(groups=[BAR])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _getUser(**kwargs):
|
||||
debug.info("/barGetUser")
|
||||
try:
|
||||
|
|
@ -197,3 +197,13 @@ def _search(**kwargs):
|
|||
except Exception as err:
|
||||
debug.debug("exception", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
@baruser.route("/bar/lock", methods=['POST'])
|
||||
@login_required(groups=[BAR], bar=True)
|
||||
def _lockbar(**kwargs):
|
||||
debug.info('/bar/lock')
|
||||
data = request.get_json()
|
||||
accToken = kwargs['accToken']
|
||||
accToken.lock_bar = [data['value']]
|
||||
debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar))
|
||||
return jsonify({'value': accToken.lock_bar})
|
||||
|
|
|
|||
|
|
@ -68,11 +68,10 @@ class LDAPController(metaclass=Singleton):
|
|||
try:
|
||||
retVal = []
|
||||
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber'])
|
||||
response = self.ldap.connection.response
|
||||
main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber']
|
||||
debug.debug("main group number is {{ {} }}".format(main_group_number))
|
||||
if main_group_number:
|
||||
group_data = self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
|
||||
self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
|
||||
group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
|
||||
debug.debug("group name is {{ {} }}".format(group_name))
|
||||
if group_name == 'ldap-user':
|
||||
|
|
|
|||
|
|
@ -505,6 +505,10 @@ class UserController(metaclass=Singleton):
|
|||
except Exception as err:
|
||||
raise Exception(err)
|
||||
|
||||
def validateUser(self, username, password):
|
||||
debug.info("validate user {{ {} }}".format(username))
|
||||
ldap.login(username, password)
|
||||
|
||||
def loginUser(self, username, password):
|
||||
debug.info("login user {{ {} }}".format(username))
|
||||
try:
|
||||
|
|
|
|||
|
|
@ -5,12 +5,15 @@ DEBUG = getDebugLogger()
|
|||
|
||||
def login_required(**kwargs):
|
||||
import geruecht.controller.accesTokenController as ac
|
||||
from geruecht.model import BAR, USER, MONEY, GASTRO
|
||||
from geruecht.model import BAR, USER, MONEY, GASTRO, VORSTAND, EXTERN
|
||||
from flask import request, jsonify
|
||||
accessController = ac.AccesTokenController()
|
||||
groups = [USER, BAR, GASTRO, MONEY]
|
||||
groups = [USER, BAR, GASTRO, MONEY, VORSTAND, EXTERN]
|
||||
bar = False
|
||||
if "groups" in kwargs:
|
||||
groups = kwargs["groups"]
|
||||
if "bar" in kwargs:
|
||||
bar = kwargs["bar"]
|
||||
DEBUG.debug("groups are {{ {} }}".format(groups))
|
||||
|
||||
def real_decorator(func):
|
||||
|
|
@ -23,6 +26,9 @@ def login_required(**kwargs):
|
|||
kwargs['accToken'] = accToken
|
||||
if accToken:
|
||||
DEBUG.debug("token {{ {} }} is valid".format(token))
|
||||
if accToken.lock_bar and not bar:
|
||||
return jsonify({"error": "error",
|
||||
"message": "permission forbidden"}), 403
|
||||
return func(*args, **kwargs)
|
||||
else:
|
||||
DEBUG.warning("token {{ {} }} is not valid".format(token))
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ class AccessToken():
|
|||
self.lifetime = lifetime
|
||||
self.token = token
|
||||
self.ldap_conn = ldap_conn
|
||||
self.lock_bar = False
|
||||
debug.debug("accesstoken is {{ {} }}".format(self))
|
||||
|
||||
def updateTimestamp(self):
|
||||
|
|
|
|||
|
|
@ -12,6 +12,19 @@ userController = uc.UserController()
|
|||
|
||||
debug = getDebugLogger()
|
||||
|
||||
@app.route("/valid", methods=['POST'])
|
||||
@login_required(bar=True)
|
||||
def _valid(**kwargs):
|
||||
debug.info('/valid')
|
||||
try:
|
||||
accToken = kwargs['accToken']
|
||||
data = request.get_json()
|
||||
userController.validateUser(accToken.user.username, data['password'])
|
||||
debug.debug('return {{ "ok": "ok" }}')
|
||||
return jsonify({"ok": "ok"})
|
||||
except Exception as err:
|
||||
debug.warning("exception in valide.", exc_info=True)
|
||||
return jsonify({"error": str(err)}), 500
|
||||
|
||||
@app.route("/pricelist", methods=['GET'])
|
||||
def _getPricelist():
|
||||
|
|
@ -38,7 +51,7 @@ def getTypes():
|
|||
|
||||
|
||||
@app.route('/getAllStatus', methods=['GET'])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
||||
def _getAllStatus(**kwargs):
|
||||
try:
|
||||
debug.info("get all status for users")
|
||||
|
|
@ -51,7 +64,7 @@ def _getAllStatus(**kwargs):
|
|||
|
||||
|
||||
@app.route('/getStatus', methods=['POST'])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND])
|
||||
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
|
||||
def _getStatus(**kwargs):
|
||||
try:
|
||||
debug.info("get status from user")
|
||||
|
|
@ -68,7 +81,7 @@ def _getStatus(**kwargs):
|
|||
|
||||
|
||||
@app.route('/getUsers', methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND], bar=True)
|
||||
def _getUsers(**kwargs):
|
||||
try:
|
||||
debug.info("get all users from database")
|
||||
|
|
@ -84,7 +97,7 @@ def _getUsers(**kwargs):
|
|||
|
||||
|
||||
@app.route("/getLifeTime", methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _getLifeTime(**kwargs):
|
||||
try:
|
||||
debug.info("get lifetime of accesstoken")
|
||||
|
|
@ -101,7 +114,7 @@ def _getLifeTime(**kwargs):
|
|||
|
||||
|
||||
@app.route("/saveLifeTime", methods=['POST'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _saveLifeTime(**kwargs):
|
||||
try:
|
||||
debug.info("save lifetime for accessToken")
|
||||
|
|
@ -127,7 +140,7 @@ def _saveLifeTime(**kwargs):
|
|||
|
||||
|
||||
@app.route("/logout", methods=['GET'])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER])
|
||||
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
|
||||
def _logout(**kwargs):
|
||||
try:
|
||||
debug.info("logout user")
|
||||
|
|
|
|||
Loading…
Reference in New Issue