Flaschengeist/flaschengeist
Flaschengeist
/
flaschengeist
7
0
Fork 0
Code Issues 20 Pull Requests Packages Projects Releases 2 Wiki Activity

add routes to valid barlock

This commit is contained in:
Tim Gröger 2020-03-17 20:37:01 +01:00 committed by Tim Gröger
parent 25059064ee
commit 987487d3c4
6 changed files with 48 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
geruecht/baruser/routes.py
View File

@ -16,7 +16,7 @@ userController = uc.UserController()
@baruser.route("/bar") @baruser.route("/bar")
@login_required(groups=[BAR]) @login_required(groups=[BAR], bar=True)
def _bar(**kwargs): def _bar(**kwargs):
""" Main function for Baruser """ Main function for Baruser
@ -55,7 +55,7 @@ def _bar(**kwargs):
@baruser.route("/baradd", methods=['POST']) @baruser.route("/baradd", methods=['POST'])
@login_required(groups=[BAR]) @login_required(groups=[BAR], bar=True)
def _baradd(**kwargs): def _baradd(**kwargs):
""" Function for Baruser to add amount """ Function for Baruser to add amount
@ -96,7 +96,7 @@ def _baradd(**kwargs):
@baruser.route("/barGetUsers") @baruser.route("/barGetUsers")
@login_required(groups=[BAR, MONEY]) @login_required(groups=[BAR, MONEY], bar=True)
def _getUsers(**kwargs): def _getUsers(**kwargs):
""" Get Users without amount """ Get Users without amount
@ -118,7 +118,7 @@ def _getUsers(**kwargs):
@baruser.route("/bar/storno", methods=['POST']) @baruser.route("/bar/storno", methods=['POST'])
@login_required(groups=[BAR]) @login_required(groups=[BAR], bar=True)
def _storno(**kwargs): def _storno(**kwargs):
""" Function for Baruser to storno amount """ Function for Baruser to storno amount
@ -159,7 +159,7 @@ def _storno(**kwargs):
@baruser.route("/barGetUser", methods=['POST']) @baruser.route("/barGetUser", methods=['POST'])
@login_required(groups=[BAR]) @login_required(groups=[BAR], bar=True)
def _getUser(**kwargs): def _getUser(**kwargs):
debug.info("/barGetUser") debug.info("/barGetUser")
try: try:
@ -197,3 +197,13 @@ def _search(**kwargs):
except Exception as err: except Exception as err:
debug.debug("exception", exc_info=True) debug.debug("exception", exc_info=True)
return jsonify({"error": str(err)}), 500 return jsonify({"error": str(err)}), 500
@baruser.route("/bar/lock", methods=['POST'])
@login_required(groups=[BAR], bar=True)
def _lockbar(**kwargs):
debug.info('/bar/lock')
data = request.get_json()
accToken = kwargs['accToken']
accToken.lock_bar = [data['value']]
debug.debug('return {{ "value": {} }}'.format(accToken.lock_bar))
return jsonify({'value': accToken.lock_bar})

3
geruecht/controller/ldapController.py
View File

@ -68,11 +68,10 @@ class LDAPController(metaclass=Singleton):
try: try:
retVal = [] retVal = []
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber']) self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber'])
response = self.ldap.connection.response
main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber'] main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber']
debug.debug("main group number is {{ {} }}".format(main_group_number)) debug.debug("main group number is {{ {} }}".format(main_group_number))
if main_group_number: if main_group_number:
group_data = self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn']) self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
group_name = self.ldap.connection.response[0]['attributes']['cn'][0] group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
debug.debug("group name is {{ {} }}".format(group_name)) debug.debug("group name is {{ {} }}".format(group_name))
if group_name == 'ldap-user': if group_name == 'ldap-user':

4
geruecht/controller/userController.py
View File

@ -505,6 +505,10 @@ class UserController(metaclass=Singleton):
except Exception as err: except Exception as err:
raise Exception(err) raise Exception(err)
def validateUser(self, username, password):
debug.info("validate user {{ {} }}".format(username))
ldap.login(username, password)
def loginUser(self, username, password): def loginUser(self, username, password):
debug.info("login user {{ {} }}".format(username)) debug.info("login user {{ {} }}".format(username))
try: try:

10
geruecht/decorator.py
View File

@ -5,12 +5,15 @@ DEBUG = getDebugLogger()
def login_required(**kwargs): def login_required(**kwargs):
import geruecht.controller.accesTokenController as ac import geruecht.controller.accesTokenController as ac
from geruecht.model import BAR, USER, MONEY, GASTRO from geruecht.model import BAR, USER, MONEY, GASTRO, VORSTAND, EXTERN
from flask import request, jsonify from flask import request, jsonify
accessController = ac.AccesTokenController() accessController = ac.AccesTokenController()
groups = [USER, BAR, GASTRO, MONEY] groups = [USER, BAR, GASTRO, MONEY, VORSTAND, EXTERN]
bar = False
if "groups" in kwargs: if "groups" in kwargs:
groups = kwargs["groups"] groups = kwargs["groups"]
if "bar" in kwargs:
bar = kwargs["bar"]
DEBUG.debug("groups are {{ {} }}".format(groups)) DEBUG.debug("groups are {{ {} }}".format(groups))
def real_decorator(func): def real_decorator(func):
@ -23,6 +26,9 @@ def login_required(**kwargs):
kwargs['accToken'] = accToken kwargs['accToken'] = accToken
if accToken: if accToken:
DEBUG.debug("token {{ {} }} is valid".format(token)) DEBUG.debug("token {{ {} }} is valid".format(token))
if accToken.lock_bar and not bar:
return jsonify({"error": "error",
"message": "permission forbidden"}), 403
return func(*args, **kwargs) return func(*args, **kwargs)
else: else:
DEBUG.warning("token {{ {} }} is not valid".format(token)) DEBUG.warning("token {{ {} }} is not valid".format(token))

1
geruecht/model/accessToken.py
View File

@ -33,6 +33,7 @@ class AccessToken():
self.lifetime = lifetime self.lifetime = lifetime
self.token = token self.token = token
self.ldap_conn = ldap_conn self.ldap_conn = ldap_conn
self.lock_bar = False
debug.debug("accesstoken is {{ {} }}".format(self)) debug.debug("accesstoken is {{ {} }}".format(self))
def updateTimestamp(self): def updateTimestamp(self):

25
geruecht/routes.py
View File

@ -12,6 +12,19 @@ userController = uc.UserController()
debug = getDebugLogger() debug = getDebugLogger()
@app.route("/valid", methods=['POST'])
@login_required(bar=True)
def _valid(**kwargs):
debug.info('/valid')
try:
accToken = kwargs['accToken']
data = request.get_json()
userController.validateUser(accToken.user.username, data['password'])
debug.debug('return {{ "ok": "ok" }}')
return jsonify({"ok": "ok"})
except Exception as err:
debug.warning("exception in valide.", exc_info=True)
return jsonify({"error": str(err)}), 500
@app.route("/pricelist", methods=['GET']) @app.route("/pricelist", methods=['GET'])
def _getPricelist(): def _getPricelist():
@ -38,7 +51,7 @@ def getTypes():
@app.route('/getAllStatus', methods=['GET']) @app.route('/getAllStatus', methods=['GET'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND]) @login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getAllStatus(**kwargs): def _getAllStatus(**kwargs):
try: try:
debug.info("get all status for users") debug.info("get all status for users")
@ -51,7 +64,7 @@ def _getAllStatus(**kwargs):
@app.route('/getStatus', methods=['POST']) @app.route('/getStatus', methods=['POST'])
@login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND]) @login_required(groups=[USER, MONEY, GASTRO, BAR, VORSTAND], bar=True)
def _getStatus(**kwargs): def _getStatus(**kwargs):
try: try:
debug.info("get status from user") debug.info("get status from user")
@ -68,7 +81,7 @@ def _getStatus(**kwargs):
@app.route('/getUsers', methods=['GET']) @app.route('/getUsers', methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND]) @login_required(groups=[MONEY, GASTRO, VORSTAND], bar=True)
def _getUsers(**kwargs): def _getUsers(**kwargs):
try: try:
debug.info("get all users from database") debug.info("get all users from database")
@ -84,7 +97,7 @@ def _getUsers(**kwargs):
@app.route("/getLifeTime", methods=['GET']) @app.route("/getLifeTime", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER]) @login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _getLifeTime(**kwargs): def _getLifeTime(**kwargs):
try: try:
debug.info("get lifetime of accesstoken") debug.info("get lifetime of accesstoken")
@ -101,7 +114,7 @@ def _getLifeTime(**kwargs):
@app.route("/saveLifeTime", methods=['POST']) @app.route("/saveLifeTime", methods=['POST'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER]) @login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _saveLifeTime(**kwargs): def _saveLifeTime(**kwargs):
try: try:
debug.info("save lifetime for accessToken") debug.info("save lifetime for accessToken")
@ -127,7 +140,7 @@ def _saveLifeTime(**kwargs):
@app.route("/logout", methods=['GET']) @app.route("/logout", methods=['GET'])
@login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER]) @login_required(groups=[MONEY, GASTRO, VORSTAND, EXTERN, USER], bar=True)
def _logout(**kwargs): def _logout(**kwargs):
try: try:
debug.info("logout user") debug.info("logout user")