Merge branch 'develop'

fix some func to get balance
remove links
2024-01-18 16:00:11 +01:00 · 2024-01-17 13:04:29 +01:00 · 2024-01-17 00:20:40 +01:00 · 2024-01-16 22:43:49 +01:00 · 2024-01-16 22:34:35 +01:00 · 2024-01-16 19:49:56 +01:00
68 changed files with 2409 additions and 975 deletions
--- a/.gitignore
+++ b/.gitignore
@ -67,7 +67,8 @@ instance/
 # Sphinx documentation
 docs/_build/
-docs/
+# pdoc
 docs/html
 # PyBuilder
 target/
@ -121,6 +122,7 @@ dmypy.json
 *.swo
 .vscode/
 *.log
 .fleet/
 data/
--- a/.woodpecker/lint.yml
+++ b/.woodpecker/lint.yml
@ -1,6 +1,6 @@
 pipeline:
  lint:
-    image: python:alpine
+    image: python:slim
    commands:
      - pip install black
-      - black --check --line-length 120 --target-version=py37 .
+      - black --check --line-length 120 --target-version=py39 .
--- a/.woodpecker/test.yml
+++ b/.woodpecker/test.yml
@ -0,0 +1,19 @@
 pipeline:
  install:
    image: python:${PYTHON}-slim
    commands:
      - python -m venv --clear venv
      - export PATH=venv/bin:$PATH
      - python -m pip install --upgrade pip
      - pip install -v ".[tests]"
  test:
    image: python:${PYTHON}-slim
    commands:
      - export PATH=venv/bin:$PATH
      - python -m pytest
 matrix:
  PYTHON:
    - 3.10
    - 3.9
--- a/README.md
+++ b/README.md
@ -7,33 +7,65 @@ This is the backend of the Flaschengeist.
 ### Requirements
 - `mysql` or `mariadb`
    - maybe `libmariadb` development files[1]
- python 3.7+
+- python 3.9+
 - pip 21.0+
-[1] By default Flaschengeist uses mysql as database backend, if you are on Windows Flaschengeist uses `PyMySQL`, but on
+*[1] By default Flaschengeist uses mysql as database backend, if you are on Windows Flaschengeist uses `PyMySQL`, but on
 Linux / Mac the faster `mysqlclient` is used, if it is not already installed installing from pypi requires the
-development files for `libmariadb` to be present on your system.
+development files for `libmariadb` to be present on your system.*
 ### Install python files
-    pip3 install --user .
+It is recommended to upgrade pip to the latest version before installing:
    python -m pip install --upgrade pip
 Default installation with *mariadb*/*mysql* support:
    pip3 install --user ".[mysql]"
 or with ldap support
    pip3 install --user ".[ldap]"
 or if you want to also run the tests:
-    pip3 install --user ".[ldap,test]"
+    pip3 install --user ".[ldap,tests]"
-You will also need a MySQL driver, recommended drivers are
+You will also need a MySQL driver, by default one of this is installed:
- `mysqlclient`
+- `mysqlclient` (non Windows)
- `PyMySQL`
+- `PyMySQL` (on Windows)
-`setup.py` will try to install a matching driver.
+#### Hint on MySQL driver on Windows:
 If you want to use `mysqlclient` instead of `PyMySQL` (performance?) you have to follow [this guide](https://www.radishlogic.com/coding/python-3/installing-mysqldb-for-python-3-in-windows/)
-#### Windows
+### Install database
-Same as above, but if you want to use `mysqlclient` instead of `PyMySQL` (performance?) you have to follow this guide:
+The user needs to have full permissions to the database.
 If not you need to create user and database manually do (or similar on Windows):
-https://www.radishlogic.com/coding/python-3/installing-mysqldb-for-python-3-in-windows/
+    (
        echo "CREATE DATABASE flaschengeist;"
        echo "CREATE USER 'flaschengeist'@'localhost' IDENTIFIED BY 'flaschengeist';"
        echo "GRANT ALL PRIVILEGES ON flaschengeist.* TO 'flaschengeist'@'localhost';"
        echo "FLUSH PRIVILEGES;"
    ) | sudo mysql
-### Configuration
+Then you can install the database tables, this will update all tables from core + all enabled plugins.
 And also install all enabled plugins:
    $ flaschengeist install
 *Hint:* To only install the database tables, or upgrade the database after plugins or core are updated later
 you can use this command:
    $ flaschengeist db upgrade heads
 ## Plugins
 To only upgrade one plugin (for example the `events` plugin):
    $ flaschengeist db upgrade events@head
 ## Configuration
 Configuration is done within the a `flaschengeist.toml`file, you can copy the one located inside the module path
 (where flaschegeist is installed) or create an empty one and place it inside either:
 1. `~/.config/`
@ -54,23 +86,15 @@ So you have to configure one of the following options to call flaschengeists CRO
  - Pros: Guaranteed execution interval, no impact on user experience (at least if you do not limit wsgi worker threads)
  - Cons: Uses one of the webserver threads while executing
 ### Database installation
 The user needs to have full permissions to the database.
 If not you need to create user and database manually do (or similar on Windows):
    (
        echo "CREATE DATABASE flaschengeist;"
        echo "CREATE USER 'flaschengeist'@'localhost' IDENTIFIED BY 'flaschengeist';"
        echo "GRANT ALL PRIVILEGES ON flaschengeist.* TO 'flaschengeist'@'localhost';"
        echo "FLUSH PRIVILEGES;"
    ) | sudo mysql
 Then you can install the database tables and initial entries:
    $ flaschengeist install
 ### Run
 Flaschengeist provides a CLI, based on the flask CLI, respectivly called `flaschengeist`.
 ⚠️ When using the CLI for running Flaschengeist, please note that logging will happen as configured,
 with the difference of the main logger will be forced to output to `stderr` and the logging level
 of the CLI will override the logging level you have configured for the main logger.
    $ flaschengeist run
 or with debug messages:
    $ flaschengeist run --debug
--- a/docs/plugin_development.md
+++ b/docs/plugin_development.md
@ -0,0 +1,57 @@
 # Plugin Development
 ## File Structure
    - your_plugin/
        - __init__.py
        - ...
        - migrations/ (optional)
            - ...
    - setup.cfg
 The basic layout of a plugin is quite simple, you will only need the `setup.cfg` or `setup.py` and
 the package containing your plugin code, at lease a `__init__.py` file with your `Plugin` class.
 If you use custom database tables you need to provide a `migrations` directory within your package,
 see next section.
 ## Database Tables / Migrations
 To allow upgrades of installed plugins, the database is versioned and handled
 through [Alembic](https://alembic.sqlalchemy.org/en/latest/index.html) migrations.
 Each plugin, which uses custom database tables, is represented as an other base.
 So you could simply follow the Alembic tutorial on [how to work with multiple bases](https://alembic.sqlalchemy.org/en/latest/branches.html#creating-a-labeled-base-revision).
 A quick overview on how to work with migrations for your plugin:
    $ flaschengeist db revision -m "Create my super plugin" \
      --head=base --branch-label=myplugin_name --version-path=your/plugin/migrations
 This would add a new base named `myplugin_name`, which should be the same as the pypi name of you plugin.
 If your tables depend on an other plugin or a specific base version you could of cause add
    --depends-on=VERSION
 or
    --depends-on=other_plugin
 ### Plugin Removal and Database Tables
 As generic downgrades are most often hard to write, your plugin is not required to provide such functionallity.
 For Flaschengeist only instable versions provide meaningful downgrade migrations down to the latest stable version.
 So this means if you do not provide downgrades you must at lease provide a series of migrations toward removal of
 the database tables in case the users wants to delete the plugin.
    (base) ----> 1.0 <----> 1.1 <----> 1.2
                  |         
                  --> removal
 After the removal step the database is stamped to to "remove" your
 ## Useful Hooks
 There are some predefined hooks, which might get handy for you.
 For more information, please refer to
 - `flaschengeist.utils.hook.HookBefore` and
 - `flaschengeist.utils.hook.HookAfter`
--- a/flaschengeist/init.py
+++ b/flaschengeist/init.py
@ -1,12 +1,9 @@
 """Flaschengeist"""
 import logging
-import pkg_resources
+from importlib.metadata import version
 from pathlib import Path
 from werkzeug.local import LocalProxy
-__version__ = pkg_resources.get_distribution("flaschengeist").version
+__version__ = version("flaschengeist")
 _module_path = Path(__file__).parent
 __pdoc__ = {}
-logger: logging.Logger = LocalProxy(lambda: logging.getLogger(__name__))
+logger = logging.getLogger(__name__)
 __pdoc__["logger"] = "Flaschengeist's logger instance (`werkzeug.local.LocalProxy`)"
--- a/flaschengeist/alembic/init.py
+++ b/flaschengeist/alembic/init.py
@ -0,0 +1,5 @@
 from pathlib import Path
 alembic_migrations_path = str(Path(__file__).resolve().parent / "migrations")
 alembic_script_path = str(Path(__file__).resolve().parent)
--- a/flaschengeist/alembic/alembic.ini
+++ b/flaschengeist/alembic/alembic.ini
@ -0,0 +1,53 @@
 # A generic, single database configuration.
 # No used by flaschengeist
 [alembic]
 # template used to generate migration files
 # file_template = %%(rev)s_%%(slug)s
 # set to 'true' to run the environment during
 # the 'revision' command, regardless of autogenerate
 # revision_environment = false
 version_path_separator = os
 version_locations = %(here)s/migrations
 # Logging configuration
 [loggers]
 keys = root,sqlalchemy,alembic,flask_migrate
 [handlers]
 keys = console
 [formatters]
 keys = generic
 [logger_root]
 level = WARN
 handlers = console
 qualname =
 [logger_sqlalchemy]
 level = WARN
 handlers =
 qualname = sqlalchemy.engine
 [logger_alembic]
 level = INFO
 handlers =
 qualname = alembic
 [logger_flask_migrate]
 level = INFO
 handlers =
 qualname = flask_migrate
 [handler_console]
 class = StreamHandler
 args = (sys.stderr,)
 level = NOTSET
 formatter = generic
 [formatter_generic]
 format = %(levelname)-5.5s [%(name)s] %(message)s
 datefmt = %H:%M:%S
--- a/flaschengeist/alembic/env.py
+++ b/flaschengeist/alembic/env.py
@ -0,0 +1,74 @@
 import logging
 from logging.config import fileConfig
 from pathlib import Path
 from flask import current_app
 from alembic import context
 # this is the Alembic Config object, which provides
 # access to the values within the .ini file in use.
 config = context.config
 # Interpret the config file for Python logging.
 # This line sets up loggers basically.
 fileConfig(Path(config.get_main_option("script_location")) / config.config_file_name.split("/")[-1])
 logger = logging.getLogger("alembic.env")
 config.set_main_option("sqlalchemy.url", str(current_app.extensions["migrate"].db.get_engine().url).replace("%", "%%"))
 target_metadata = current_app.extensions["migrate"].db.metadata
 def run_migrations_offline():
    """Run migrations in 'offline' mode.
    This configures the context with just a URL
    and not an Engine, though an Engine is acceptable
    here as well.  By skipping the Engine creation
    we don't even need a DBAPI to be available.
    Calls to context.execute() here emit the given string to the
    script output.
    """
    url = config.get_main_option("sqlalchemy.url")
    context.configure(url=url, target_metadata=target_metadata, literal_binds=True)
    with context.begin_transaction():
        context.run_migrations()
 def run_migrations_online():
    """Run migrations in 'online' mode.
    In this scenario we need to create an Engine
    and associate a connection with the context.
    """
    # this callback is used to prevent an auto-migration from being generated
    # when there are no changes to the schema
    # reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
    def process_revision_directives(context, revision, directives):
        if getattr(config.cmd_opts, "autogenerate", False):
            script = directives[0]
            if script.upgrade_ops.is_empty():
                directives[:] = []
                logger.info("No changes in schema detected.")
    connectable = current_app.extensions["migrate"].db.get_engine()
    with connectable.connect() as connection:
        context.configure(
            connection=connection,
            target_metadata=target_metadata,
            process_revision_directives=process_revision_directives,
            **current_app.extensions["migrate"].configure_args,
        )
        with context.begin_transaction():
            context.run_migrations()
 if context.is_offline_mode():
    run_migrations_offline()
 else:
    run_migrations_online()
--- a/flaschengeist/alembic/migrations/20482a003db8_initial_core_db.py
+++ b/flaschengeist/alembic/migrations/20482a003db8_initial_core_db.py
@ -0,0 +1,154 @@
 """Initial core db
 Revision ID: 20482a003db8
 Revises: 
 Create Date: 2022-08-25 15:13:34.900996
 """
 from alembic import op
 import sqlalchemy as sa
 import flaschengeist
 # revision identifiers, used by Alembic.
 revision = "20482a003db8"
 down_revision = None
 branch_labels = ("flaschengeist",)
 depends_on = None
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.create_table(
        "image",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("filename", sa.String(length=255), nullable=False),
        sa.Column("mimetype", sa.String(length=127), nullable=False),
        sa.Column("thumbnail", sa.String(length=255), nullable=True),
        sa.Column("path", sa.String(length=255), nullable=True),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_image")),
    )
    op.create_table(
        "plugin",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("name", sa.String(length=127), nullable=False),
        sa.Column("version", sa.String(length=30), nullable=False),
        sa.Column("enabled", sa.Boolean(), nullable=True),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_plugin")),
    )
    op.create_table(
        "role",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("name", sa.String(length=30), nullable=True),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_role")),
        sa.UniqueConstraint("name", name=op.f("uq_role_name")),
    )
    op.create_table(
        "permission",
        sa.Column("name", sa.String(length=30), nullable=True),
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("plugin", flaschengeist.database.types.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["plugin"], ["plugin.id"], name=op.f("fk_permission_plugin_plugin")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_permission")),
        sa.UniqueConstraint("name", name=op.f("uq_permission_name")),
    )
    op.create_table(
        "plugin_setting",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("plugin", flaschengeist.database.types.Serial(), nullable=True),
        sa.Column("name", sa.String(length=127), nullable=False),
        sa.Column("value", sa.PickleType(), nullable=True),
        sa.ForeignKeyConstraint(["plugin"], ["plugin.id"], name=op.f("fk_plugin_setting_plugin_plugin")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_plugin_setting")),
    )
    op.create_table(
        "user",
        sa.Column("userid", sa.String(length=30), nullable=False),
        sa.Column("display_name", sa.String(length=30), nullable=True),
        sa.Column("firstname", sa.String(length=50), nullable=False),
        sa.Column("lastname", sa.String(length=50), nullable=False),
        sa.Column("deleted", sa.Boolean(), nullable=True),
        sa.Column("birthday", sa.Date(), nullable=True),
        sa.Column("mail", sa.String(length=60), nullable=True),
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("avatar", flaschengeist.database.types.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["avatar"], ["image.id"], name=op.f("fk_user_avatar_image")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_user")),
        sa.UniqueConstraint("userid", name=op.f("uq_user_userid")),
    )
    op.create_table(
        "notification",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("text", sa.Text(), nullable=True),
        sa.Column("data", sa.PickleType(), nullable=True),
        sa.Column("time", flaschengeist.database.types.UtcDateTime(), nullable=False),
        sa.Column("user", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("plugin", flaschengeist.database.types.Serial(), nullable=False),
        sa.ForeignKeyConstraint(["plugin"], ["plugin.id"], name=op.f("fk_notification_plugin_plugin")),
        sa.ForeignKeyConstraint(["user"], ["user.id"], name=op.f("fk_notification_user_user")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_notification")),
    )
    op.create_table(
        "password_reset",
        sa.Column("user", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("token", sa.String(length=32), nullable=True),
        sa.Column("expires", flaschengeist.database.types.UtcDateTime(), nullable=True),
        sa.ForeignKeyConstraint(["user"], ["user.id"], name=op.f("fk_password_reset_user_user")),
        sa.PrimaryKeyConstraint("user", name=op.f("pk_password_reset")),
    )
    op.create_table(
        "role_x_permission",
        sa.Column("role_id", flaschengeist.database.types.Serial(), nullable=True),
        sa.Column("permission_id", flaschengeist.database.types.Serial(), nullable=True),
        sa.ForeignKeyConstraint(
            ["permission_id"], ["permission.id"], name=op.f("fk_role_x_permission_permission_id_permission")
        ),
        sa.ForeignKeyConstraint(["role_id"], ["role.id"], name=op.f("fk_role_x_permission_role_id_role")),
    )
    op.create_table(
        "session",
        sa.Column("expires", flaschengeist.database.types.UtcDateTime(), nullable=True),
        sa.Column("token", sa.String(length=32), nullable=True),
        sa.Column("lifetime", sa.Integer(), nullable=True),
        sa.Column("browser", sa.String(length=127), nullable=True),
        sa.Column("platform", sa.String(length=64), nullable=True),
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("user_id", flaschengeist.database.types.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["user_id"], ["user.id"], name=op.f("fk_session_user_id_user")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_session")),
        sa.UniqueConstraint("token", name=op.f("uq_session_token")),
    )
    op.create_table(
        "user_attribute",
        sa.Column("id", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("user", flaschengeist.database.types.Serial(), nullable=False),
        sa.Column("name", sa.String(length=30), nullable=True),
        sa.Column("value", sa.PickleType(), nullable=True),
        sa.ForeignKeyConstraint(["user"], ["user.id"], name=op.f("fk_user_attribute_user_user")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_user_attribute")),
    )
    op.create_table(
        "user_x_role",
        sa.Column("user_id", flaschengeist.database.types.Serial(), nullable=True),
        sa.Column("role_id", flaschengeist.database.types.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["role_id"], ["role.id"], name=op.f("fk_user_x_role_role_id_role")),
        sa.ForeignKeyConstraint(["user_id"], ["user.id"], name=op.f("fk_user_x_role_user_id_user")),
    )
    # ### end Alembic commands ###
 def downgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.drop_table("user_x_role")
    op.drop_table("user_attribute")
    op.drop_table("session")
    op.drop_table("role_x_permission")
    op.drop_table("password_reset")
    op.drop_table("notification")
    op.drop_table("user")
    op.drop_table("plugin_setting")
    op.drop_table("permission")
    op.drop_table("role")
    op.drop_table("plugin")
    op.drop_table("image")
    # ### end Alembic commands ###
--- a/flaschengeist/alembic/migrations/init.py
+++ b/flaschengeist/alembic/migrations/init.py
--- a/flaschengeist/alembic/script.py.mako
+++ b/flaschengeist/alembic/script.py.mako
@ -0,0 +1,25 @@
 """${message}
 Revision ID: ${up_revision}
 Revises: ${down_revision | comma,n}
 Create Date: ${create_date}
 """
 from alembic import op
 import sqlalchemy as sa
 import flaschengeist
 ${imports if imports else ""}
 # revision identifiers, used by Alembic.
 revision = ${repr(up_revision)}
 down_revision = ${repr(down_revision)}
 branch_labels = ${repr(branch_labels)}
 depends_on = ${repr(depends_on)}
 def upgrade():
    ${upgrades if upgrades else "pass"}
 def downgrade():
    ${downgrades if downgrades else "pass"}
--- a/flaschengeist/app.py
+++ b/flaschengeist/app.py
@ -1,18 +1,21 @@
 import enum
 import json
-import pkg_resources
+from flask import Flask
 from flask import Flask, current_app
 from flask_cors import CORS
 from datetime import datetime, date
-from flask.json import JSONEncoder, jsonify
+from flask.json import jsonify
 from json import JSONEncoder
 from flask.json.provider import JSONProvider
 from sqlalchemy.exc import OperationalError
 from werkzeug.exceptions import HTTPException
-from . import logger
+from flaschengeist import logger
-from .plugins import AuthPlugin
+from flaschengeist.controller import pluginController
 from flaschengeist.config import config, configure_app
 from flaschengeist.controller import roleController
 from flaschengeist.utils.hook import Hook
 from flaschengeist.config import configure_app
 from flaschengeist.database import db
 class CustomJSONEncoder(JSONEncoder):
@ -36,82 +39,65 @@ class CustomJSONEncoder(JSONEncoder):
        return JSONEncoder.default(self, o)
 class CustomJSONProvider(JSONProvider):
    ensure_ascii: bool = True
    sort_keys: bool = True
    def dumps(self, obj, **kwargs):
        kwargs.setdefault("ensure_ascii", self.ensure_ascii)
        kwargs.setdefault("sort_keys", self.sort_keys)
        return json.dumps(obj, **kwargs, cls=CustomJSONEncoder)
    def loads(self, s: str | bytes, **kwargs):
        return json.loads(s, **kwargs)
@Hook("plugins.loaded")
-def __load_plugins(app):
+def load_plugins(app: Flask):
    logger.debug("Search for plugins")
    app.config["FG_PLUGINS"] = {}
    for entry_point in pkg_resources.iter_entry_points("flaschengeist.plugins"):
        logger.debug(f"Found plugin: >{entry_point.name}<")
-        if entry_point.name == config["FLASCHENGEIST"]["auth"] or (
+    for plugin in pluginController.get_enabled_plugins():
-            entry_point.name in config and config[entry_point.name].get("enabled", False)
+        logger.debug(f"Searching for enabled plugin {plugin.name}")
-        ):
+        try:
-            logger.debug(f"Load plugin {entry_point.name}")
+            # Load class
-            try:
+            cls = plugin.entry_point.load()
-                plugin = entry_point.load()
+            # plugin = cls.query.get(plugin.id) if plugin.id is not None else plugin
-                if not hasattr(plugin, "name"):
+            # plugin = db.session.query(cls).get(plugin.id) if plugin.id is not None else plugin
-                    setattr(plugin, "name", entry_point.name)
+            plugin = db.session.get(cls, plugin.id) if plugin.id is not None else plugin
-                plugin = plugin(config.get(entry_point.name, {}))
+            # Custom loading tasks
-                if hasattr(plugin, "blueprint") and plugin.blueprint is not None:
+            plugin.load()
-                    app.register_blueprint(plugin.blueprint)
+            # Register blueprint
-            except:
+            if hasattr(plugin, "blueprint") and plugin.blueprint is not None:
-                logger.error(
+                app.register_blueprint(plugin.blueprint)
-                    f"Plugin {entry_point.name} was enabled, but could not be loaded due to an error.",
+        except:
-                    exc_info=True,
+            logger.error(
-                )
+                f"Plugin {plugin.name} was enabled, but could not be loaded due to an error.",
-                continue
+                exc_info=True,
-            if isinstance(plugin, AuthPlugin):
+            )
                if entry_point.name != config["FLASCHENGEIST"]["auth"]:
                    logger.debug(f"Unload not configured AuthPlugin {entry_point.name}")
                    del plugin
                    continue
                else:
                    logger.info(f"Using authentication plugin: {entry_point.name}")
                    app.config["FG_AUTH_BACKEND"] = plugin
            else:
                logger.info(f"Using plugin: {entry_point.name}")
            app.config["FG_PLUGINS"][entry_point.name] = plugin
        else:
            logger.debug(f"Skip disabled plugin {entry_point.name}")
    if "FG_AUTH_BACKEND" not in app.config:
        logger.error("No authentication plugin configured or authentication plugin not found")
        raise RuntimeError("No authentication plugin configured or authentication plugin not found")
@Hook("plugins.installed")
 def install_all():
    from flaschengeist.database import db
    db.create_all()
    db.session.commit()
    for name, plugin in current_app.config["FG_PLUGINS"].items():
        if not plugin:
            logger.debug(f"Skip disabled plugin: {name}")
            continue
-        logger.info(f"Install plugin {name}")
+        logger.info(f"Loaded plugin: {plugin.name}")
-        plugin.install()
+        app.config["FG_PLUGINS"][plugin.name] = plugin
        if plugin.permissions:
            roleController.create_permissions(plugin.permissions)
 def create_app(test_config=None, cli=False):
-    app = Flask(__name__)
+    app = Flask("flaschengeist")
-    app.json_encoder = CustomJSONEncoder
+    app.json_provider_class = CustomJSONProvider
    app.json = CustomJSONProvider(app)
    CORS(app)
    with app.app_context():
-        from flaschengeist.database import db
+        from flaschengeist.database import db, migrate
-        configure_app(app, test_config, cli)
+        configure_app(app, test_config)
        db.init_app(app)
-        __load_plugins(app)
+        migrate.init_app(app, db, compare_type=True)
        load_plugins(app)
    @app.route("/", methods=["GET"])
    def __get_state():
        from . import __version__ as version
-        return jsonify({"plugins": app.config["FG_PLUGINS"], "version": version})
+        return jsonify({"plugins": pluginController.get_loaded_plugins(), "version": version})
    @app.errorhandler(Exception)
    def handle_exception(e):
--- a/flaschengeist/cli/InterfaceGenerator.py
+++ b/flaschengeist/cli/InterfaceGenerator.py
@ -1,3 +1,4 @@
 import io
 import sys
 import inspect
 import logging
@ -36,7 +37,6 @@ class InterfaceGenerator:
        if origin is typing.ForwardRef:  # isinstance(cls, typing.ForwardRef):
            return "", "this" if cls.__forward_arg__ == self.this_type else cls.__forward_arg__
        if origin is typing.Union:
            if len(arguments) == 2 and arguments[1] is type(None):
                return "?", self.pytype(arguments[0])[1]
            else:
@ -80,7 +80,6 @@ class InterfaceGenerator:
            d = {}
            for param, ptype in typing.get_type_hints(module[1], globalns=None, localns=None).items():
                if not param.startswith("_") and not param.endswith("_"):
                    d[param] = self.pytype(ptype)
            if len(d) == 1:
@ -93,15 +92,32 @@ class InterfaceGenerator:
        self.basename = models.__name__
        self.walker(("models", models))
    def _write_types(self):
        TYPE = "type {name} = {alias};\n"
        INTERFACE = "interface {name} {{\n{properties}}}\n"
        PROPERTY = "\t{name}{modifier}: {type};\n"
        buffer = io.StringIO()
        for cls, props in self.classes.items():
            if isinstance(props, str):
                buffer.write(TYPE.format(name=cls, alias=props))
            else:
                buffer.write(
                    INTERFACE.format(
                        name=cls,
                        properties="".join(
                            [PROPERTY.format(name=name, modifier=props[name][0], type=props[name][1]) for name in props]
                        ),
                    )
                )
        return buffer
    def write(self):
-        with (open(self.filename, "w") if self.filename else sys.stdout) as file:
+        with open(self.filename, "w") if self.filename else sys.stdout as file:
-            file.write("declare namespace {} {{\n".format(self.namespace))
+            if self.namespace:
-            for cls, params in self.classes.items():
+                file.write(f"declare namespace {self.namespace} {{\n")
-                if isinstance(params, str):
+                for line in self._write_types().getvalue().split("\n"):
-                    file.write("\ttype {} = {};\n".format(cls, params))
+                    file.write(f"\t{line}\n")
-                else:
+                file.write("}\n")
-                    file.write("\tinterface {} {{\n".format(cls))
+            else:
-                    for name in params:
+                file.write(self._write_types().getvalue())
                        file.write("\t\t{}{}: {};\n".format(name, *params[name]))
                    file.write("\t}\n")
            file.write("}\n")
--- a/flaschengeist/cli/init.py
+++ b/flaschengeist/cli/init.py
@ -1,12 +1,14 @@
 import pathlib
 import subprocess
 import click
 from os import environ
-from flask import current_app
+import sys
-from flask.cli import FlaskGroup, run_command, with_appcontext
+import click
-import pkg_resources
+import logging
 from flask.cli import FlaskGroup, with_appcontext
 from flaschengeist import logger
 from flaschengeist.app import create_app
-from flaschengeist.config import configure_logger
+
 LOGGING_MIN = 5  # TRACE (custom)
 LOGGING_MAX = logging.ERROR
 def get_version(ctx, param, value):
@ -28,19 +30,37 @@ def get_version(ctx, param, value):
    ctx.exit()
 def configure_logger(level):
    """Reconfigure main logger"""
    global logger
    # Handle TRACE -> meaning enable debug even for werkzeug
    if level == 5:
        level = 10
        logging.getLogger("werkzeug").setLevel(level)
    logger.setLevel(level)
    environ["FG_LOGGING"] = logging.getLevelName(level)
    for h in logger.handlers:
        if isinstance(h, logging.StreamHandler) and h.name == "wsgi":
            h.setLevel(level)
            h.setStream(sys.stderr)
@with_appcontext
 def verbosity(ctx, param, value):
-    """Toggle verbosity between WARNING <-> DEBUG"""
+    """Callback: Toggle verbosity between ERROR <-> TRACE"""
    if not value or ctx.resilient_parsing:
        return
-    configure_logger(cli=30 - max(0, min(value * 10, 20)))
+    configure_logger(LOGGING_MAX - max(LOGGING_MIN, min(value * 10, LOGGING_MAX - LOGGING_MIN)))
@click.group(
    cls=FlaskGroup,
    add_version_option=False,
    add_default_commands=False,
-    create_app=lambda: create_app(cli=30),
+    create_app=create_app,
 )
@click.option(
    "--version",
@ -63,98 +83,21 @@ def cli():
    pass
-@cli.command()
+def main(*args, **kwargs):
-@with_appcontext
+    from .plugin_cmd import plugin
-def install():
+    from .export_cmd import export
-    """Install and initialize enabled plugins.
+    from .docs_cmd import docs
    from .run_cmd import run
    from .install_cmd import install
    from .docker_cmd import docker
-    Most plugins need to install custom tables into the database
+    # Override logging level
-    running this command will lookup all enabled plugins and run
+    environ.setdefault("FG_LOGGING", logging.getLevelName(LOGGING_MAX))
    their database initalization routines.
    """
    from flaschengeist.app import install_all
-    install_all()
+    cli.add_command(export)
-
+    cli.add_command(docs)
-
+    cli.add_command(install)
-@cli.command()
+    cli.add_command(plugin)
-@click.option("--output", "-o", help="Output file, default is stdout", type=click.Path())
+    cli.add_command(run)
-@click.option("--namespace", "-n", help="TS namespace for the interfaces", type=str, show_default=True)
+    cli.add_command(docker)
-@click.option("--plugin", "-p", help="Also export types for a plugin (even if disabled)", multiple=True, type=str)
+    cli(*args, **kwargs)
@click.option("--no-core", help="Skip models / types from flaschengeist core", is_flag=True)
 def export(namespace, output, no_core, plugin):
    from flaschengeist import models
    from flaschengeist import logger
    from .InterfaceGenerator import InterfaceGenerator
    gen = InterfaceGenerator(namespace, output, logger)
    if not no_core:
        gen.run(models)
    if plugin:
        for entry_point in pkg_resources.iter_entry_points("flaschengeist.plugins"):
            if len(plugin) == 0 or entry_point.name in plugin:
                plg = entry_point.load()
                if hasattr(plg, "models") and plg.models is not None:
                    gen.run(plg.models)
    gen.write()
@cli.command()
@click.option("--host", help="set hostname to listen on", default="127.0.0.1", show_default=True)
@click.option("--port", help="set port to listen on", type=int, default=5000, show_default=True)
@click.option("--debug", help="run in debug mode", is_flag=True)
@with_appcontext
@click.pass_context
 def run(ctx, host, port, debug):
    """Run Flaschengeist using a development server."""
    class PrefixMiddleware(object):
        def __init__(self, app, prefix=""):
            self.app = app
            self.prefix = prefix
        def __call__(self, environ, start_response):
            if environ["PATH_INFO"].startswith(self.prefix):
                environ["PATH_INFO"] = environ["PATH_INFO"][len(self.prefix) :]
                environ["SCRIPT_NAME"] = self.prefix
                return self.app(environ, start_response)
            else:
                start_response("404", [("Content-Type", "text/plain")])
                return ["This url does not belong to the app.".encode()]
    from flaschengeist.config import config
    # re configure logger, as we are no logger in CLI mode
    configure_logger()
    current_app.wsgi_app = PrefixMiddleware(current_app.wsgi_app, prefix=config["FLASCHENGEIST"].get("root", ""))
    if debug:
        environ["FLASK_DEBUG"] = "1"
        environ["FLASK_ENV"] = "development"
    ctx.invoke(run_command, host=host, port=port, debugger=debug)
@cli.command()
@click.option(
    "--output",
    "-o",
    help="Documentation output path",
    default="./docs",
    type=click.Path(file_okay=False, path_type=pathlib.Path),
 )
 def docs(output: pathlib.Path):
    """Generate and export API documentation using pdoc3"""
    output.mkdir(parents=True, exist_ok=True)
    command = [
        "python",
        "-m",
        "pdoc",
        "--skip-errors",
        "--html",
        "--output-dir",
        str(output),
        "flaschengeist",
    ]
    click.echo(f"Running command: {command}")
    subprocess.check_call(command)
--- a/flaschengeist/cli/docker_cmd.py
+++ b/flaschengeist/cli/docker_cmd.py
@ -0,0 +1,54 @@
 import click
 from click.decorators import pass_context
 from flask.cli import with_appcontext
 from os import environ
 from flaschengeist import logger
 from flaschengeist.controller import pluginController
 from werkzeug.exceptions import NotFound
 import traceback
@click.group()
 def docker():
    pass
@docker.command()
@with_appcontext
@pass_context
 def setup(ctx):
    """Setup flaschengesit in docker container"""
    click.echo("Setup docker")
    plugins = environ.get("FG_ENABLE_PLUGINS")
    if not plugins:
        click.secho("no evironment variable is set for 'FG_ENABLE_PLUGINS'", fg="yellow")
        click.secho("set 'FG_ENABLE_PLUGINS' to 'auth_ldap', 'mail', 'balance', 'pricelist_old', 'events'")
        plugins = ("auth_ldap", "mail", "pricelist_old", "events", "balance")
    else:
        plugins = plugins.split(" ")
    print(plugins)
    for name in plugins:
        click.echo(f"Installing {name}{'.'*(20-len(name))}", nl=False)
        try:
            pluginController.install_plugin(name)
        except Exception as e:
            click.secho(" failed", fg="red")
            if logger.getEffectiveLevel() > 10:
                ctx.fail(f"[{e.__class__.__name__}] {e}")
            else:
                ctx.fail(traceback.format_exc())
        else:
            click.secho(" ok", fg="green")
    for name in plugins:
        click.echo(f"Enabling {name}{'.'*(20-len(name))}", nl=False)
        try:
            pluginController.enable_plugin(name)
            click.secho(" ok", fg="green")
        except NotFound:
            click.secho(" not installed / not found", fg="red")
--- a/flaschengeist/cli/docs_cmd.py
+++ b/flaschengeist/cli/docs_cmd.py
@ -0,0 +1,38 @@
 import click
 import pathlib
 import subprocess
@click.command()
@click.option(
    "--output",
    "-o",
    help="Documentation output path",
    default="./docs/html",
    type=click.Path(file_okay=False, path_type=pathlib.Path),
 )
@click.pass_context
 def docs(ctx: click.Context, output: pathlib.Path):
    """Generate and export API documentation using pdoc"""
    import pkg_resources
    try:
        pkg_resources.get_distribution("pdoc>=8.0.1")
    except pkg_resources.DistributionNotFound:
        click.echo(
            f"Error: pdoc was not found, maybe you need to install it. Try:\n" "\n" '$ pip install "pdoc>=8.0.1"\n'
        )
        ctx.exit(1)
    output.mkdir(parents=True, exist_ok=True)
    command = [
        "python",
        "-m",
        "pdoc",
        "--docformat",
        "google",
        "--output-directory",
        str(output),
        "flaschengeist",
    ]
    click.echo(f"Running command: {command}")
    subprocess.check_call(command)
--- a/flaschengeist/cli/export_cmd.py
+++ b/flaschengeist/cli/export_cmd.py
@ -0,0 +1,29 @@
 import click
 from importlib.metadata import entry_points
@click.command()
@click.option("--output", "-o", help="Output file, default is stdout", type=click.Path())
@click.option("--namespace", "-n", help="TS namespace for the interfaces", type=str, show_default=True)
@click.option("--plugin", "-p", help="Also export types for a plugin (even if disabled)", multiple=True, type=str)
@click.option("--no-core", help="Skip models / types from flaschengeist core", is_flag=True)
 def export(namespace, output, no_core, plugin):
    from flaschengeist import logger, models
    from flaschengeist.cli.InterfaceGenerator import InterfaceGenerator
    gen = InterfaceGenerator(namespace, output, logger)
    if not no_core:
        gen.run(models)
    if plugin:
        for entry_point in entry_points(group="flaschengeist.plugins"):
            if len(plugin) == 0 or entry_point.name in plugin:
                try:
                    plugin = entry_point.load()
                    gen.run(plugin.models)
                except:
                    logger.error(
                        f"Plugin {entry_point.name} could not be loaded due to an error.",
                        exc_info=True,
                    )
                    continue
    gen.write()
--- a/flaschengeist/cli/install_cmd.py
+++ b/flaschengeist/cli/install_cmd.py
@ -0,0 +1,23 @@
 import click
 from click.decorators import pass_context
 from flask.cli import with_appcontext
 from flask_migrate import upgrade
 from flaschengeist.controller import pluginController
 from flaschengeist.utils.hook import Hook
@click.command()
@with_appcontext
@pass_context
@Hook("plugins.installed")
 def install(ctx: click.Context):
    plugins = pluginController.get_enabled_plugins()
    # Install database
    upgrade(revision="flaschengeist@head")
    # Install plugins
    for plugin in plugins:
        plugin = pluginController.install_plugin(plugin.name)
        pluginController.enable_plugin(plugin.id)
--- a/flaschengeist/cli/plugin_cmd.py
+++ b/flaschengeist/cli/plugin_cmd.py
@ -0,0 +1,144 @@
 import traceback
 import click
 from click.decorators import pass_context
 from flask import current_app
 from flask.cli import with_appcontext
 from importlib.metadata import EntryPoint, entry_points
 from flaschengeist import logger
 from flaschengeist.controller import pluginController
 from werkzeug.exceptions import NotFound
@click.group()
 def plugin():
    pass
@plugin.command()
@click.argument("plugin", nargs=-1, required=True, type=str)
@with_appcontext
@pass_context
 def enable(ctx, plugin):
    """Enable one or more plugins"""
    for name in plugin:
        click.echo(f"Enabling {name}{'.'*(20-len(name))}", nl=False)
        try:
            pluginController.enable_plugin(name)
            click.secho(" ok", fg="green")
        except NotFound:
            click.secho(" not installed / not found", fg="red")
@plugin.command()
@click.argument("plugin", nargs=-1, required=True, type=str)
@with_appcontext
@pass_context
 def disable(ctx, plugin):
    """Disable one or more plugins"""
    for name in plugin:
        click.echo(f"Disabling {name}{'.'*(20-len(name))}", nl=False)
        try:
            pluginController.disable_plugin(name)
            click.secho(" ok", fg="green")
        except NotFound:
            click.secho(" not installed / not found", fg="red")
@plugin.command()
@click.argument("plugin", nargs=-1, type=str)
@click.option("--all", help="Install all enabled plugins", is_flag=True)
@with_appcontext
@pass_context
 def install(ctx: click.Context, plugin, all):
    """Install one or more plugins"""
    all_plugins = entry_points(group="flaschengeist.plugins")
    if all:
        plugins = [ep.name for ep in all_plugins]
    elif len(plugin) > 0:
        plugins = plugin
        for name in plugin:
            if not all_plugins.select(name=name):
                ctx.fail(f"Invalid plugin name, could not find >{name}<")
    else:
        ctx.fail("At least one plugin must be specified, or use `--all` flag.")
    for name in plugins:
        click.echo(f"Installing {name}{'.'*(20-len(name))}", nl=False)
        try:
            pluginController.install_plugin(name)
        except Exception as e:
            click.secho(" failed", fg="red")
            if logger.getEffectiveLevel() > 10:
                ctx.fail(f"[{e.__class__.__name__}] {e}")
            else:
                ctx.fail(traceback.format_exc())
        else:
            click.secho(" ok", fg="green")
@plugin.command()
@click.argument("plugin", nargs=-1, required=True, type=str)
@with_appcontext
@pass_context
 def uninstall(ctx: click.Context, plugin):
    """Uninstall one or more plugins"""
    plugins = {plg.name: plg for plg in pluginController.get_installed_plugins() if plg.name in plugin}
    try:
        for name in plugin:
            pluginController.disable_plugin(plugins[name])
            if (
                click.prompt(
                    "You are going to uninstall:\n\n"
                    f"\t{', '.join([plugin_name for plugin_name in plugins.keys()])}\n\n"
                    "Are you sure?",
                    default="n",
                    show_choices=True,
                    type=click.Choice(["y", "N"], False),
                ).lower()
                != "y"
            ):
                ctx.exit()
            click.echo(f"Uninstalling {name}{'.'*(20-len(name))}", nl=False)
            pluginController.uninstall_plugin(plugins[name])
            click.secho(" ok", fg="green")
    except KeyError:
        ctx.fail(f"Invalid plugin ID, could not find >{name}<")
@plugin.command()
@click.option("--enabled", "-e", help="List only enabled plugins", is_flag=True)
@click.option("--no-header", "-n", help="Do not show header", is_flag=True)
@with_appcontext
 def ls(enabled, no_header):
    def plugin_version(p):
        if isinstance(p, EntryPoint):
            return p.dist.version
        return p.version
    plugins = entry_points(group="flaschengeist.plugins")
    installed_plugins = {plg.name: plg for plg in pluginController.get_installed_plugins()}
    loaded_plugins = current_app.config["FG_PLUGINS"].keys()
    if not no_header:
        print(f"{' '*13}{'name': <20}|   version   | {' ' * 8} state")
        print("-" * 63)
    for plugin in plugins:
        is_installed = plugin.name in installed_plugins.keys()
        is_enabled = is_installed and installed_plugins[plugin.name].enabled
        if enabled and is_enabled:
            continue
        print(f"{plugin.name: <33}|{plugin_version(plugin): >12} |  ", end="")
        if is_enabled:
            if plugin.name in loaded_plugins:
                print(click.style("      enabled", fg="green"))
            else:
                print(click.style("(failed to load)", fg="red"))
        elif is_installed:
            print(click.style("     disabled", fg="yellow"))
        else:
            print("not installed")
    for name, plugin in installed_plugins.items():
        if plugin.enabled and name not in loaded_plugins:
            print(f"{name: <33}|{'': >12} |" f"{click.style(' failed to load', fg='red')}")
--- a/flaschengeist/cli/run_cmd.py
+++ b/flaschengeist/cli/run_cmd.py
@ -0,0 +1,37 @@
 import click
 from os import environ
 from flask import current_app
 from flask.cli import with_appcontext, run_command
 class PrefixMiddleware(object):
    def __init__(self, app, prefix=""):
        self.app = app
        self.prefix = prefix
    def __call__(self, environ, start_response):
        if environ["PATH_INFO"].startswith(self.prefix):
            environ["PATH_INFO"] = environ["PATH_INFO"][len(self.prefix) :]
            environ["SCRIPT_NAME"] = self.prefix
            return self.app(environ, start_response)
        else:
            start_response("404", [("Content-Type", "text/plain")])
            return ["This url does not belong to the app.".encode()]
@click.command()
@click.option("--host", help="set hostname to listen on", default="127.0.0.1", show_default=True)
@click.option("--port", help="set port to listen on", type=int, default=5000, show_default=True)
@click.option("--debug", help="run in debug mode", is_flag=True)
@with_appcontext
@click.pass_context
 def run(ctx, host, port, debug):
    """Run Flaschengeist using a development server."""
    from flaschengeist.config import config
    current_app.wsgi_app = PrefixMiddleware(current_app.wsgi_app, prefix=config["FLASCHENGEIST"].get("root", ""))
    if debug:
        environ["FLASK_DEBUG"] = "1"
        environ["FLASK_ENV"] = "development"
    ctx.invoke(run_command, reload=True, host=host, port=port, debugger=debug)
--- a/flaschengeist/config.py
+++ b/flaschengeist/config.py
@ -1,12 +1,12 @@
 import os
 import toml
 import logging.config
 import collections.abc
 from pathlib import Path
 from logging.config import dictConfig
 from werkzeug.middleware.proxy_fix import ProxyFix
 from flaschengeist import _module_path, logger
 from flaschengeist import logger
 # Default config:
 config = {"DATABASE": {"engine": "mysql", "port": 3306}}
@ -23,12 +23,12 @@ def update_dict(d, u):
 def read_configuration(test_config):
    global config
-    paths = [_module_path]
+    paths = [Path(__file__).parent]
    if not test_config:
        paths.append(Path.home() / ".config")
        if "FLASCHENGEIST_CONF" in os.environ:
-            paths.append(Path(os.environ.get("FLASCHENGEIST_CONF")))
+            paths.append(Path(str(os.environ.get("FLASCHENGEIST_CONF"))))
    for loc in paths:
        try:
@ -41,53 +41,47 @@ def read_configuration(test_config):
        update_dict(config, test_config)
-def configure_logger(cli=False):
+def configure_logger():
-    global config
+    """Configure the logger
    # Read default config
    logger_config = toml.load(_module_path / "logging.toml")
    force_console: Force a console handler
    """
    def set_level(level):
        # TRACE means even with werkzeug's request traces
        if isinstance(level, str) and level.lower() == "trace":
            level = "DEBUG"
            logger_config["loggers"]["werkzeug"] = {"level": level}
        logger_config["loggers"]["flaschengeist"] = {"level": level}
        logger_config["handlers"]["wsgi"]["level"] = level
    # Read default config
    logger_config = toml.load(Path(__file__).parent / "logging.toml")
    if "LOGGING" in config:
        # Override with user config
        update_dict(logger_config, config.get("LOGGING"))
        # Check for shortcuts
-        if "level" in config["LOGGING"] or isinstance(cli, int):
+        if "level" in config["LOGGING"]:
-            level = cli if cli and isinstance(cli, int) else config["LOGGING"]["level"]
+            set_level(config["LOGGING"]["level"])
-            logger_config["loggers"]["flaschengeist"] = {"level": level}
+
-            logger_config["handlers"]["console"]["level"] = level
+    # Override logging, used e.g. by CLI
-            logger_config["handlers"]["file"]["level"] = level
+    if "FG_LOGGING" in os.environ:
-        if cli is True or not config["LOGGING"].get("console", True):
+        set_level(os.environ.get("FG_LOGGING", "CRITICAL"))
-            logger_config["handlers"]["console"]["level"] = "CRITICAL"
+
-        if not cli and isinstance(config["LOGGING"].get("file", False), str):
+    dictConfig(logger_config)
            logger_config["root"]["handlers"].append("file")
            logger_config["handlers"]["file"]["filename"] = config["LOGGING"]["file"]
            Path(config["LOGGING"]["file"]).parent.mkdir(parents=True, exist_ok=True)
        else:
            del logger_config["handlers"]["file"]
    logging.config.dictConfig(logger_config)
-def configure_app(app, test_config=None, cli=False):
+def configure_app(app, test_config=None):
    global config
    read_configuration(test_config)
-    configure_logger(cli)
+    configure_logger()
    # Always enable this builtin plugins!
    update_dict(
        config,
        {
            "auth": {"enabled": True},
            "roles": {"enabled": True},
            "users": {"enabled": True},
            "scheduler": {"enabled": True},
        },
    )
    if "secret_key" not in config["FLASCHENGEIST"]:
-        logger.warning("No secret key was configured, please configure one for production systems!")
+        logger.critical("No secret key was configured, please configure one for production systems!")
-        app.config["SECRET_KEY"] = "0a657b97ef546da90b2db91862ad4e29"
+        raise RuntimeError("No secret key was configured")
-    else:
+
-        app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"]
+    app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"]
    if test_config is not None:
        config["DATABASE"]["engine"] = "sqlite"
--- a/flaschengeist/controller/imageController.py
+++ b/flaschengeist/controller/imageController.py
@ -1,15 +1,14 @@
 from datetime import date
 from flask import send_file
 from pathlib import Path
 from flask import send_file
 from PIL import Image as PImage
 from werkzeug.exceptions import NotFound, UnprocessableEntity
 from werkzeug.datastructures import FileStorage
 from werkzeug.utils import secure_filename
 from werkzeug.datastructures import FileStorage
 from werkzeug.exceptions import NotFound, UnprocessableEntity
-from flaschengeist.models.image import Image
+from ..models import Image
-from flaschengeist.database import db
+from ..database import db
-from flaschengeist.config import config
+from ..config import config
 def check_mimetype(mime: str):
--- a/flaschengeist/controller/messageController.py
+++ b/flaschengeist/controller/messageController.py
@ -1,5 +1,5 @@
-from flaschengeist.utils.hook import Hook
+from ..utils.hook import Hook
-from flaschengeist.models.user import User, Role
+from ..models import User, Role
 class Message:
--- a/flaschengeist/controller/pluginController.py
+++ b/flaschengeist/controller/pluginController.py
@ -0,0 +1,172 @@
 """Controller for Plugin logic
 Used by plugins for setting and notification functionality.
 """
 from typing import Union, List
 from flask import current_app
 from werkzeug.exceptions import NotFound, BadRequest
 from sqlalchemy.exc import OperationalError, ProgrammingError
 from flask_migrate import upgrade as database_upgrade
 from importlib.metadata import entry_points
 from flaschengeist import version as flaschengeist_version
 from .. import logger
 from ..database import db
 from ..utils.hook import Hook
 from ..plugins import Plugin, AuthPlugin
 from ..models import Notification
 __required_plugins = ["users", "roles", "scheduler", "auth"]
 def get_authentication_provider():
    return [
        current_app.config["FG_PLUGINS"][plugin.name]
        for plugin in get_loaded_plugins().values()
        if isinstance(plugin, AuthPlugin)
    ]
 def get_loaded_plugins(plugin_name: str = None):
    """Get loaded plugin(s)"""
    plugins = current_app.config["FG_PLUGINS"]
    if plugin_name is not None:
        plugins = [plugins[plugin_name]]
    return {name: db.session.merge(plugins[name], load=False) for name in plugins}
 def get_installed_plugins() -> list[Plugin]:
    """Get all installed plugins"""
    return Plugin.query.all()
 def get_enabled_plugins() -> list[Plugin]:
    """Get all installed and enabled plugins"""
    try:
        enabled_plugins = Plugin.query.filter(Plugin.enabled == True).all()
    except (OperationalError, ProgrammingError) as e:
        logger.error("Could not connect to database or database not initialized! No plugins enabled!")
        logger.debug("Can not query enabled plugins", exc_info=True)
        # Fake load required plugins so the database can at least be installed
        enabled_plugins = [
            entry_points(group="flaschengeist.plugins", name=name)[0].load()(
                name=name, enabled=True, installed_version=flaschengeist_version
            )
            for name in __required_plugins
        ]
    return enabled_plugins
 def notify(plugin_id: int, user, text: str, data=None):
    """Create a new notification for an user
    Args:
        plugin_id: ID of the plugin
        user: `flaschengeist.models.user.User` to notify
        text: Visibile notification text
        data: Optional data passed to the notificaton
    Returns:
        ID of the created `flaschengeist.models.notification.Notification`
    Hint: use the data for frontend actions.
    """
    if not user.deleted:
        n = Notification(text=text, data=data, plugin_id_=plugin_id, user_=user)
        db.session.add(n)
        db.session.commit()
        return n.id
 def get_notifications(plugin_id) -> List[Notification]:
    """Get all notifications for a plugin
    Args:
        plugin_id: ID of the plugin
    Returns:
        List of `flaschengeist.models.notification.Notification`
    """
    return db.session.execute(db.select(Notification).where(Notification.plugin_id_ == plugin_id)).scalars().all()
@Hook("plugins.installed")
 def install_plugin(plugin_name: str):
    logger.debug(f"Installing plugin {plugin_name}")
    entry_point = entry_points(group="flaschengeist.plugins", name=plugin_name)
    if not entry_point:
        raise NotFound
    cls = entry_point[0].load()
    plugin: Plugin = cls.query.filter(Plugin.name == plugin_name).one_or_none()
    if plugin is None:
        plugin = cls(name=plugin_name, installed_version=entry_point[0].dist.version)
        db.session.add(plugin)
    db.session.commit()
    # Custom installation steps
    plugin.install()
    # Check migrations
    directory = entry_point[0].dist.locate_file("")
    logger.debug(f"Checking for migrations in {directory}")
    for loc in entry_point[0].module.split(".") + ["migrations"]:
        directory /= loc
        logger.debug(f"Checking for migrations with loc in {directory}")
    if directory.exists():
        logger.debug(f"Found migrations in {directory}")
        database_upgrade(revision=f"{plugin_name}@head")
    db.session.commit()
    return plugin
@Hook("plugin.uninstalled")
 def uninstall_plugin(plugin_id: Union[str, int, Plugin]):
    plugin = disable_plugin(plugin_id)
    logger.debug(f"Uninstall plugin {plugin.name}")
    plugin.uninstall()
    db.session.delete(plugin)
    db.session.commit()
@Hook("plugins.enabled")
 def enable_plugin(plugin_id: Union[str, int]) -> Plugin:
    logger.debug(f"Enabling plugin {plugin_id}")
    plugin = Plugin.query
    if isinstance(plugin_id, str):
        plugin = plugin.filter(Plugin.name == plugin_id).one_or_none()
    elif isinstance(plugin_id, int):
        plugin = plugin.get(plugin_id)
    else:
        raise TypeError
    if plugin is None:
        raise NotFound
    plugin.enabled = True
    db.session.commit()
    plugin = plugin.entry_point.load().query.get(plugin.id)
    current_app.config["FG_PLUGINS"][plugin.name] = plugin
    return plugin
@Hook("plugins.disabled")
 def disable_plugin(plugin_id: Union[str, int, Plugin]):
    logger.debug(f"Disabling plugin {plugin_id}")
    plugin: Plugin = Plugin.query
    if isinstance(plugin_id, str):
        plugin = plugin.filter(Plugin.name == plugin_id).one_or_none()
    elif isinstance(plugin_id, int):
        plugin = plugin.get(plugin_id)
    elif isinstance(plugin_id, Plugin):
        plugin = plugin_id
    else:
        raise TypeError
    if plugin is None:
        raise NotFound
    if plugin.name in __required_plugins:
        raise BadRequest
    plugin.enabled = False
    db.session.commit()
    if plugin.name in current_app.config["FG_PLUGINS"].keys():
        del current_app.config["FG_PLUGINS"][plugin.name]
    return plugin
--- a/flaschengeist/controller/roleController.py
+++ b/flaschengeist/controller/roleController.py
@ -2,10 +2,10 @@ from typing import Union
 from sqlalchemy.exc import IntegrityError
 from werkzeug.exceptions import BadRequest, Conflict, NotFound
-from flaschengeist import logger
+from .. import logger
-from flaschengeist.models.user import Role, Permission
+from ..models import Role, Permission
-from flaschengeist.database import db, case_sensitive
+from ..database import db, case_sensitive
-from flaschengeist.utils.hook import Hook
+from ..utils.hook import Hook
 def get_all():
--- a/flaschengeist/controller/sessionController.py
+++ b/flaschengeist/controller/sessionController.py
@ -1,14 +1,22 @@
 import secrets
-from flaschengeist.models.session import Session
+
 from flaschengeist.database import db
 from flaschengeist import logger
 from werkzeug.exceptions import Forbidden, Unauthorized
 from datetime import datetime, timezone
 from werkzeug.exceptions import Forbidden, Unauthorized
 from ua_parser import user_agent_parser
 from .. import logger
 from ..models import Session
 from ..database import db
 lifetime = 1800
-def validate_token(token, user_agent, permission):
+def get_user_agent(request_headers):
    return user_agent_parser.Parse(request_headers.get("User-Agent", "") if request_headers else "")
 def validate_token(token, request_headers, permission):
    """Verify session
    Verify a Session and Roles so if the User has permission or not.
@ -16,7 +24,7 @@ def validate_token(token, user_agent, permission):
    Args:
        token: Token to verify.
-        user_agent: User agent of browser to check
+        request_headers: Headers to validate user agent of browser
        permission: Permission needed to access restricted routes
    Returns:
        A Session for this given Token
@ -28,8 +36,12 @@ def validate_token(token, user_agent, permission):
    session = Session.query.filter_by(token=token).one_or_none()
    if session:
        logger.debug("token found, check if expired or invalid user agent differs")
        user_agent = get_user_agent(request_headers)
        platform = user_agent["os"]["family"]
        browser = user_agent["user_agent"]["family"]
        if session.expires >= datetime.now(timezone.utc) and (
-            session.browser == user_agent.browser and session.platform == user_agent.platform
+            session.browser == browser and session.platform == platform
        ):
            if not permission or session.user_.has_permission(permission):
                session.refresh()
@ -44,24 +56,26 @@ def validate_token(token, user_agent, permission):
    raise Unauthorized
-def create(user, user_agent=None) -> Session:
+def create(user, request_headers=None) -> Session:
    """Create a Session
    Args:
        user: For which User is to create a Session
-        user_agent: User agent to identify session
+        request_headers: Headers to validate user agent of browser
    Returns:
            Session: A created Token for User
    """
    logger.debug("create access token")
    token_str = secrets.token_hex(16)
    user_agent = get_user_agent(request_headers)
    logger.debug(f"platform: {user_agent['os']['family']}, browser: {user_agent['user_agent']['family']}")
    session = Session(
        token=token_str,
        user_=user,
        lifetime=lifetime,
-        browser=user_agent.browser,
+        platform=user_agent["os"]["family"],
-        platform=user_agent.platform,
+        browser=user_agent["user_agent"]["family"],
    )
    session.refresh()
    db.session.add(session)
--- a/flaschengeist/controller/userController.py
+++ b/flaschengeist/controller/userController.py
@ -1,21 +1,31 @@
 import secrets
 import re
 import secrets
 import hashlib
 from io import BytesIO
 from typing import Optional, Union
 from flask import make_response
 from flask.json import provider
 from sqlalchemy import exc
-from flask import current_app
+from sqlalchemy_utils import merge_references
-from datetime import datetime, timedelta, timezone
+from datetime import datetime, timedelta, timezone, date
 from flask.helpers import send_file
 from werkzeug.exceptions import NotFound, BadRequest, Forbidden
-from flaschengeist import logger
+from .. import logger
-from flaschengeist.config import config
+from ..config import config
-from flaschengeist.database import db
+from ..database import db
-from flaschengeist.models.notification import Notification
+from ..models import Notification, User, Role
-from flaschengeist.utils.hook import Hook
+from ..models.user import _PasswordReset
-from flaschengeist.utils.datetime import from_iso_format
+from ..utils.hook import Hook
-from flaschengeist.utils.foreign_keys import merge_references
+from ..utils.datetime import from_iso_format
-from flaschengeist.models.user import User, Role, _PasswordReset
+from ..controller import (
-from flaschengeist.controller import imageController, messageController, sessionController
+    imageController,
    messageController,
    pluginController,
    sessionController,
 )
 from ..plugins import AuthPlugin
 def __active_users():
@ -40,17 +50,35 @@ def _generate_password_reset(user):
    return reset
 def get_provider(userid: str) -> AuthPlugin:
    return [p for p in pluginController.get_authentication_provider() if p.user_exists(userid)][0]
@Hook
 def update_user(user: User, backend: Optional[AuthPlugin] = None):
    """Update user data from backend
    This is seperate function to provide a hook"""
    if not backend:
        backend = get_provider(user.userid)
    backend.update_user(user)
    if not user.display_name:
        user.display_name = "{} {}.".format(user.firstname, user.lastname[0])
    db.session.commit()
 def login_user(username, password):
    logger.info("login user {{ {} }}".format(username))
-
+    for provider in pluginController.get_authentication_provider():
-    user = find_user(username)
+        uid = provider.login(username, password)
-    if not user:
+        if isinstance(uid, str):
-        logger.debug("User not found in Database.")
+            user = get_user(uid)
-        user = User(userid=username)
+            if not user:
-        db.session.add(user)
+                logger.debug("User not found in Database.")
-    if current_app.config["FG_AUTH_BACKEND"].login(user, password):
+                user = User(userid=uid)
-        update_user(user)
+                db.session.add(user)
-        return user
+            update_user(user, provider)
            return user
    return None
@ -83,14 +111,6 @@ def reset_password(token: str, password: str):
    db.session.commit()
@Hook
 def update_user(user):
    current_app.config["FG_AUTH_BACKEND"].update_user(user)
    if not user.display_name:
        user.display_name = "{} {}.".format(user.firstname, user.lastname[0])
    db.session.commit()
 def set_roles(user: User, roles: list[str], create=False):
    """Set roles of user
@ -101,7 +121,7 @@ def set_roles(user: User, roles: list[str], create=False):
    Raises:
        BadRequest if invalid arguments given or not all roles found while *create* is set to false
    """
-    from roleController import create_role
+    from .roleController import create_role
    if not isinstance(roles, list) and any([not isinstance(r, str) for r in roles]):
        raise BadRequest("Invalid role name")
@ -114,7 +134,7 @@ def set_roles(user: User, roles: list[str], create=False):
    user.roles_ = fetched
-def modify_user(user, password, new_password=None):
+def modify_user(user: User, password: str, new_password: str = None):
    """Modify given user on the backend
    Args:
@ -126,7 +146,8 @@ def modify_user(user, password, new_password=None):
        NotImplemented: If backend is not capable of this operation
        BadRequest: Password is wrong or other logic issues
    """
-    current_app.config["FG_AUTH_BACKEND"].modify_user(user, password, new_password)
+    provider = get_provider(user.userid)
    provider.modify_user(user, password, new_password)
    if new_password:
        logger.debug(f"Password changed for user {user.userid}")
@ -149,7 +170,7 @@ def get_user_by_role(role: Role):
    return User.query.join(User.roles_).filter_by(role_id=role.id).all()
-def get_user(uid, deleted=False):
+def get_user(uid, deleted=False) -> User:
    """Get an user by userid from database
    Args:
        uid: Userid to search for
@ -164,37 +185,13 @@ def get_user(uid, deleted=False):
    return user
 def find_user(uid_mail):
    """Finding an user by userid or mail in database or auth-backend
    Args:
        uid_mail: userid and or mail to search for
    Returns:
        User if found or None
    """
    mail = uid_mail.split("@")
    mail = len(mail) == 2 and len(mail[0]) > 0 and len(mail[1]) > 0
    query = User.userid == uid_mail
    if mail:
        query |= User.mail == uid_mail
    user = User.query.filter(query).one_or_none()
    if user:
        update_user(user)
    else:
        user = current_app.config["FG_AUTH_BACKEND"].find_user(uid_mail, uid_mail if mail else None)
        if user:
            if not user.display_name:
                user.display_name = "{} {}.".format(user.firstname, user.lastname[0])
            db.session.add(user)
            db.session.commit()
    return user
@Hook
 def delete_user(user: User):
    """Delete given user"""
    # First let the backend delete the user, as this might fail
-    current_app.config["FG_AUTH_BACKEND"].delete_user(user)
+    provider = get_provider(user.userid)
    provider.delete_user(user)
    # Clear all easy relationships
    user.avatar_ = None
    user._attributes.clear()
@ -206,7 +203,11 @@ def delete_user(user: User):
        deleted_user = get_user("__deleted_user__", True)
    except NotFound:
        deleted_user = User(
-            userid="__deleted_user__", firstname="USER", lastname="DELETED", display_name="DELETED USER", deleted=True
+            userid="__deleted_user__",
            firstname="USER",
            lastname="DELETED",
            display_name="DELETED USER",
            deleted=True,
        )
        db.session.add(user)
        db.session.flush()
@ -217,7 +218,10 @@ def delete_user(user: User):
        db.session.delete(user)
        db.session.commit()
    except exc.IntegrityError:
-        logger.error("Delete of user failed, there might be ForeignKey contraits from disabled plugins", exec_info=True)
+        logger.error(
            "Delete of user failed, there might be ForeignKey contraits from disabled plugins",
            exec_info=True,
        )
        # Remove at least all personal data
        user.userid = f"__deleted_user__{user.id_}"
        user.display_name = "DELETED USER"
@ -239,17 +243,24 @@ def register(data, passwd=None):
    values = {key: value for key, value in data.items() if key in allowed_keys}
    roles = values.pop("roles", [])
    if "birthday" in data:
-        values["birthday"] = from_iso_format(data["birthday"]).date()
+        if isinstance(data["birthday"], date):
            values["birthday"] = data["birthday"]
        else:
            values["birthday"] = from_iso_format(data["birthday"]).date()
    if "mail" in data and not re.match(r"[^@]+@[^@]+\.[^@]+", data["mail"]):
        raise BadRequest("Invalid mail given")
    user = User(**values)
    set_roles(user, roles)
    password = passwd if passwd else secrets.token_urlsafe(16)
    current_app.config["FG_AUTH_BACKEND"].create_user(user, password)
    try:
        provider = [p for p in pluginController.get_authentication_provider() if p.can_register()][0]
        provider.create_user(user, password)
        db.session.add(user)
        db.session.commit()
    except IndexError as e:
        logger.error("No authentication backend, allowing registering new users, found.")
        raise e
    except exc.IntegrityError:
        raise BadRequest("userid already in use")
@ -264,28 +275,37 @@ def register(data, passwd=None):
        )
        messageController.send_message(messageController.Message(user, text, subject))
-    find_user(user.userid)
+    provider.update_user(user)
    return user
-def load_avatar(user: User):
+def get_last_modified(user: User):
    """Get the last modification date of the user"""
    return get_provider(user.userid).get_last_modified(user)
 def load_avatar(user: User, etag: Union[str, None] = None):
    if user.avatar_ is not None:
        return imageController.send_image(image=user.avatar_)
    else:
-        avatar = current_app.config["FG_AUTH_BACKEND"].get_avatar(user)
+        provider = get_provider(user.userid)
        avatar = provider.get_avatar(user)
        new_etag = hashlib.md5(avatar.binary).hexdigest()
        if new_etag == etag:
            return make_response("", 304)
        if len(avatar.binary) > 0:
-            return send_file(BytesIO(avatar.binary), avatar.mimetype)
+            return send_file(BytesIO(avatar.binary), avatar.mimetype, etag=new_etag)
    raise NotFound
 def save_avatar(user, file):
-    current_app.config["FG_AUTH_BACKEND"].set_avatar(user, file)
+    get_provider(user.userid).set_avatar(user, file)
    db.session.commit()
 def delete_avatar(user):
-    current_app.config["FG_AUTH_BACKEND"].delete_avatar(user)
+    get_provider(user.userid).delete_avatar(user)
    db.session.commit()
--- a/flaschengeist/database.py
+++ b/flaschengeist/database.py
@ -1,33 +0,0 @@
 from flask_sqlalchemy import SQLAlchemy
 from sqlalchemy import MetaData
 # https://alembic.sqlalchemy.org/en/latest/naming.html
 metadata = MetaData(
    naming_convention={
        "pk": "pk_%(table_name)s",
        "ix": "ix_%(table_name)s_%(column_0_name)s",
        "uq": "uq_%(table_name)s_%(column_0_name)s",
        "ck": "ck_%(table_name)s_%(constraint_name)s",
        "fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
    }
 )
 db = SQLAlchemy(metadata=metadata)
 def case_sensitive(s):
    """
        Compare string as case sensitive on the database
    Args:
        s: string to compare
    Example:
        User.query.filter(User.name == case_sensitive(some_string))
    """
    if db.session.bind.dialect.name == "mysql":
        from sqlalchemy import func
        return func.binary(s)
    return s
--- a/flaschengeist/database/init.py
+++ b/flaschengeist/database/init.py
@ -0,0 +1,75 @@
 import os
 from flask_migrate import Migrate, Config
 from flask_sqlalchemy import SQLAlchemy
 from importlib.metadata import EntryPoint, entry_points, distribution
 from sqlalchemy import MetaData
 from flaschengeist.alembic import alembic_script_path
 from flaschengeist import logger
 # from flaschengeist.controller import pluginController
 # https://alembic.sqlalchemy.org/en/latest/naming.html
 metadata = MetaData(
    naming_convention={
        "pk": "pk_%(table_name)s",
        "ix": "ix_%(table_name)s_%(column_0_name)s",
        "uq": "uq_%(table_name)s_%(column_0_name)s",
        "ck": "ck_%(table_name)s_%(constraint_name)s",
        "fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
    }
 )
 db = SQLAlchemy(metadata=metadata, session_options={"expire_on_commit": False})
 migrate = Migrate()
@migrate.configure
 def configure_alembic(config: Config):
    """Alembic configuration hook
    Inject all migrations paths into the ``version_locations`` config option.
    This includes even disabled plugins, as simply disabling a plugin without
    uninstall can break the alembic version management.
    """
    # Set main script location
    config.set_main_option("script_location", alembic_script_path)
    # Set Flaschengeist's migrations
    migrations = [config.get_main_option("script_location") + "/migrations"]
    # Gather all migration paths
    for entry_point in entry_points(group="flaschengeist.plugins"):
        try:
            directory = entry_point.dist.locate_file("")
            for loc in entry_point.module.split(".") + ["migrations"]:
                directory /= loc
            if directory.exists():
                logger.debug(f"Adding migration version path {directory}")
                migrations.append(str(directory.resolve()))
        except:
            logger.warning(f"Could not load migrations of plugin {entry_point.name} for database migration.")
            logger.debug("Plugin loading failed", exc_info=True)
    # write back seperator (we changed it if neither seperator nor locations were specified)
    config.set_main_option("version_path_separator", os.pathsep)
    config.set_main_option("version_locations", os.pathsep.join(set(migrations)))
    return config
 def case_sensitive(s):
    """
        Compare string as case sensitive on the database
    Args:
        s: string to compare
    Example:
        User.query.filter(User.name == case_sensitive(some_string))
    """
    if db.session.bind.dialect.name == "mysql":
        from sqlalchemy import func
        return func.binary(s)
    return s
--- a/flaschengeist/database/types.py
+++ b/flaschengeist/database/types.py
@ -0,0 +1,97 @@
 from importlib import import_module
 import datetime
 from sqlalchemy import BigInteger, util
 from sqlalchemy.dialects import mysql, sqlite
 from sqlalchemy.types import DateTime, TypeDecorator
 class ModelSerializeMixin:
    """Mixin class used for models to serialize them automatically
    Ignores private and protected members as well as members marked as not to publish (name ends with _)
    """
    def __is_optional(self, param):
        import typing
        module = import_module("flaschengeist.models").__dict__
        try:
            hint = typing.get_type_hints(self.__class__, globalns=module, locals=locals())[param]
            if (
                typing.get_origin(hint) is typing.Union
                and len(typing.get_args(hint)) == 2
                and typing.get_args(hint)[1] is type(None)
            ):
                return getattr(self, param) is None
        except:
            pass
    def serialize(self):
        """Serialize class to dict
        Returns:
            Dict of all not private or protected annotated member variables.
        """
        d = {
            param: getattr(self, param)
            for param in self.__class__.__annotations__
            if not param.startswith("_") and not param.endswith("_") and not self.__is_optional(param)
        }
        if len(d) == 1:
            _, value = d.popitem()
            return value
        return d
    def __str__(self) -> str:
        return self.serialize().__str__()
 class Serial(TypeDecorator):
    """Same as MariaDB Serial used for IDs"""
    cache_ok = True
    impl = BigInteger().with_variant(mysql.BIGINT(unsigned=True), "mysql").with_variant(sqlite.INTEGER(), "sqlite")
    # https://alembic.sqlalchemy.org/en/latest/autogenerate.html?highlight=custom%20column#affecting-the-rendering-of-types-themselves
    def __repr__(self) -> str:
        return util.generic_repr(self)
 class UtcDateTime(TypeDecorator):
    """Almost equivalent to `sqlalchemy.types.DateTime` with
    ``timezone=True`` option, but it differs from that by:
    - Never silently take naive :class:`datetime.datetime`, instead it
      always raise :exc:`ValueError` unless time zone aware value.
    - :class:`datetime.datetime` value's :attr:`datetime.datetime.tzinfo`
      is always converted to UTC.
    - Unlike SQLAlchemy's built-in :class:`sqlalchemy.types.DateTime`,
      it never return naive :class:`datetime.datetime`, but time zone
      aware value, even with SQLite or MySQL.
    """
    cache_ok = True
    impl = DateTime(timezone=True)
    @staticmethod
    def current_utc():
        return datetime.datetime.now(tz=datetime.timezone.utc)
    def process_bind_param(self, value, dialect):
        if value is not None:
            if not isinstance(value, datetime.datetime):
                raise TypeError("expected datetime.datetime, not " + repr(value))
            elif value.tzinfo is None:
                raise ValueError("naive datetime is disallowed")
            return value.astimezone(datetime.timezone.utc)
    def process_result_value(self, value, dialect):
        if value is not None:
            if value.tzinfo is not None:
                value = value.astimezone(datetime.timezone.utc)
            value = value.replace(tzinfo=datetime.timezone.utc)
        return value
    # https://alembic.sqlalchemy.org/en/latest/autogenerate.html?highlight=custom%20column#affecting-the-rendering-of-types-themselves
    def __repr__(self) -> str:
        return util.generic_repr(self)
--- a/flaschengeist/flaschengeist.toml
+++ b/flaschengeist/flaschengeist.toml
@ -12,23 +12,6 @@ root = "/api"
 secret_key = "V3ryS3cr3t"
 # Domain used by frontend
 [scheduler]
 # Possible values are: "passive_web" (default), "active_web" and "system"
 # See documentation
 # cron = "passive_web"
 [LOGGING]
 # You can override all settings from the logging.toml here
 # E.g. override the formatters etc
 #
 # Logging level, possible: DEBUG INFO WARNING ERROR
 level = "DEBUG"
 # Logging to a file is simple, just add the path
 # file = "/tmp/flaschengeist-debug.log"
 file = false
 # Uncomment to disable console logging
 # console = false
 [DATABASE]
 # engine = "mysql" (default)
 host = "localhost"
@ -36,6 +19,22 @@ user = "flaschengeist"
 password = "flaschengeist"
 database = "flaschengeist"
 [LOGGING]
 # You can override all settings from the logging.toml here
 # Default: Logging to WSGI stream (commonly stderr)
 # Logging level, possible: TRACE DEBUG INFO WARNING ERROR CRITICAL
 # On TRACE level additionally every request will get logged
 level = "DEBUG"
 # If you want the logger to log to a file, you could use:
 #[LOGGING.handlers.file]
 #    class = "logging.handlers.WatchedFileHandler"
 #    level = "WARNING"
 #    formatter = "extended"
 #    encoding = "utf8"
 #    filename = "flaschengeist.log"
 [FILES]
 # Path for file / image uploads
 data_path = "./data"
@ -49,6 +48,11 @@ allowed_mimetypes = [
    "image/webp"
 ]
 [scheduler]
 # Possible values are: "passive_web" (default), "active_web" and "system"
 # See documentation
 # cron = "passive_web"
 [auth_ldap]
 # Full documentation https://flaschengeist.dev/Flaschengeist/flaschengeist/wiki/plugins_auth_ldap
 # host = "localhost"
--- a/flaschengeist/logging.toml
+++ b/flaschengeist/logging.toml
@ -6,22 +6,16 @@ disable_existing_loggers = false
 [formatters]
  [formatters.simple]
-    format = "%(asctime)s - %(levelname)s - %(message)s"
+    format = "[%(asctime)s] %(levelname)s - %(message)s"
  [formatters.extended]
-    format = "%(asctime)s — %(filename)s - %(funcName)s - %(lineno)d - %(threadName)s - %(name)s — %(levelname)s — %(message)s"
+    format = "[%(asctime)s] %(levelname)s %(filename)s - %(funcName)s - %(lineno)d - %(threadName)s - %(name)s — %(message)s"
 [handlers]
-  [handlers.console]
+  [handlers.wsgi]
    stream = "ext://flask.logging.wsgi_errors_stream"
    class = "logging.StreamHandler"
    level = "DEBUG"
    formatter = "simple"
-    stream = "ext://sys.stderr"
+    level = "DEBUG"
  [handlers.file]
    class = "logging.handlers.WatchedFileHandler"
    level = "WARNING"
    formatter = "extended"
    encoding = "utf8"
    filename = "flaschengeist.log"
 [loggers]
  [loggers.werkzeug]
@ -29,4 +23,4 @@ disable_existing_loggers = false
 [root]
  level = "WARNING"
-  handlers = ["console"]
+  handlers = ["wsgi"]
--- a/flaschengeist/models/init.py
+++ b/flaschengeist/models/init.py
@ -1,87 +1,5 @@
-import sys
+from .session import *
-import datetime
+from .user import *
-
+from .plugin import *
-from sqlalchemy import BigInteger
+from .notification import *
-from sqlalchemy.dialects import mysql, sqlite
+from .image import *
 from sqlalchemy.types import DateTime, TypeDecorator
 class ModelSerializeMixin:
    """Mixin class used for models to serialize them automatically
    Ignores private and protected members as well as members marked as not to publish (name ends with _)
    """
    def __is_optional(self, param):
        if sys.version_info < (3, 8):
            return False
        import typing
        hint = typing.get_type_hints(self.__class__)[param]
        if (
            typing.get_origin(hint) is typing.Union
            and len(typing.get_args(hint)) == 2
            and typing.get_args(hint)[1] is type(None)
        ):
            return getattr(self, param) is None
    def serialize(self):
        """Serialize class to dict
        Returns:
            Dict of all not private or protected annotated member variables.
        """
        d = {
            param: getattr(self, param)
            for param in self.__class__.__annotations__
            if not param.startswith("_") and not param.endswith("_") and not self.__is_optional(param)
        }
        if len(d) == 1:
            key, value = d.popitem()
            return value
        return d
    def __str__(self) -> str:
        return self.serialize().__str__()
 class Serial(TypeDecorator):
    """Same as MariaDB Serial used for IDs"""
    cache_ok = True
    impl = BigInteger().with_variant(mysql.BIGINT(unsigned=True), "mysql").with_variant(sqlite.INTEGER, "sqlite")
 class UtcDateTime(TypeDecorator):
    """Almost equivalent to `sqlalchemy.types.DateTime` with
    ``timezone=True`` option, but it differs from that by:
    - Never silently take naive :class:`datetime.datetime`, instead it
      always raise :exc:`ValueError` unless time zone aware value.
    - :class:`datetime.datetime` value's :attr:`datetime.datetime.tzinfo`
      is always converted to UTC.
    - Unlike SQLAlchemy's built-in :class:`sqlalchemy.types.DateTime`,
      it never return naive :class:`datetime.datetime`, but time zone
      aware value, even with SQLite or MySQL.
    """
    cache_ok = True
    impl = DateTime(timezone=True)
    @staticmethod
    def current_utc():
        return datetime.datetime.now(tz=datetime.timezone.utc)
    def process_bind_param(self, value, dialect):
        if value is not None:
            if not isinstance(value, datetime.datetime):
                raise TypeError("expected datetime.datetime, not " + repr(value))
            elif value.tzinfo is None:
                raise ValueError("naive datetime is disallowed")
            return value.astimezone(datetime.timezone.utc)
    def process_result_value(self, value, dialect):
        if value is not None:
            if value.tzinfo is not None:
                value = value.astimezone(datetime.timezone.utc)
            value = value.replace(tzinfo=datetime.timezone.utc)
        return value
--- a/flaschengeist/models/image.py
+++ b/flaschengeist/models/image.py
@ -1,19 +1,20 @@
-from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
+from __future__ import annotations  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
 from sqlalchemy import event
 from pathlib import Path
 from . import ModelSerializeMixin, Serial
 from ..database import db
 from ..database.types import ModelSerializeMixin, Serial
 class Image(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "image"
-    id: int = db.Column("id", Serial, primary_key=True)
+    id: int = db.Column(Serial, primary_key=True)
-    filename_: str = db.Column(db.String(127), nullable=False)
+    filename_: str = db.Column("filename", db.String(255), nullable=False)
-    mimetype_: str = db.Column(db.String(30), nullable=False)
+    mimetype_: str = db.Column("mimetype", db.String(127), nullable=False)
-    thumbnail_: str = db.Column(db.String(127))
+    thumbnail_: str = db.Column("thumbnail", db.String(255))
-    path_: str = db.Column(db.String(127))
+    path_: str = db.Column("path", db.String(255))
    def open(self):
        return open(self.path_, "rb")
--- a/flaschengeist/models/notification.py
+++ b/flaschengeist/models/notification.py
@ -1,19 +1,28 @@
-from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
+from __future__ import annotations  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
 from datetime import datetime
 from typing import Any
 from . import Serial, UtcDateTime, ModelSerializeMixin
 from ..database import db
-from .user import User
+from ..database.types import Serial, UtcDateTime, ModelSerializeMixin
 class Notification(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "notification"
    id: int = db.Column("id", Serial, primary_key=True)
    plugin: str = db.Column(db.String(127), nullable=False)
    text: str = db.Column(db.Text)
    data: Any = db.Column(db.PickleType(protocol=4))
    time: datetime = db.Column(UtcDateTime, nullable=False, default=UtcDateTime.current_utc)
-    user_id_: int = db.Column("user_id", Serial, db.ForeignKey("user.id"), nullable=False)
+    user_id_: int = db.Column("user", Serial, db.ForeignKey("user.id"), nullable=False)
    plugin_id_: int = db.Column("plugin", Serial, db.ForeignKey("plugin.id"), nullable=False)
    user_: User = db.relationship("User")
    plugin_: Plugin = db.relationship(
        "Plugin", backref=db.backref("notifications_", cascade="all, delete, delete-orphan")
    )
    plugin: str
    @property
    def plugin(self) -> str:
        return self.plugin_.name
--- a/flaschengeist/models/plugin.py
+++ b/flaschengeist/models/plugin.py
@ -0,0 +1,74 @@
 from __future__ import annotations  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
 from typing import Any, List, Dict
 from sqlalchemy.orm.collections import attribute_mapped_collection
 from ..database import db
 from ..database.types import Serial
 class PluginSetting(db.Model):
    __allow_unmapped__ = True
    __tablename__ = "plugin_setting"
    id = db.Column("id", Serial, primary_key=True)
    plugin_id: int = db.Column("plugin", Serial, db.ForeignKey("plugin.id"))
    name: str = db.Column(db.String(127), nullable=False)
    value: Any = db.Column(db.PickleType(protocol=4))
 class BasePlugin(db.Model):
    __allow_unmapped__ = True
    __tablename__ = "plugin"
    id: int = db.Column("id", Serial, primary_key=True)
    name: str = db.Column(db.String(127), nullable=False)
    """Name of the plugin, loaded from distribution"""
    installed_version: str = db.Column("version", db.String(30), nullable=False)
    """The latest installed version"""
    enabled: bool = db.Column(db.Boolean, default=False)
    """Enabled state of the plugin"""
    permissions: List["Permission"] = db.relationship(
        "Permission", cascade="all, delete, delete-orphan", back_populates="plugin_", lazy="select"
    )
    """Optional list of custom permissions used by the plugin
    A good style is to name the permissions with a prefix related to the plugin name,
    to prevent clashes with other plugins. E. g. instead of *delete* use *plugin_delete*.
    """
    __settings: Dict[str, "PluginSetting"] = db.relationship(
        "PluginSetting",
        collection_class=attribute_mapped_collection("name"),
        cascade="all, delete, delete-orphan",
        lazy="subquery",
    )
    def get_setting(self, name: str, **kwargs):
        """Get plugin setting
        Args:
            name: string identifying the setting
            default: Default value
        Returns:
            Value stored in database (native python)
        Raises:
            `KeyError` if no such setting exists in the database
        """
        try:
            return self.__settings[name].value
        except KeyError as e:
            if "default" in kwargs:
                return kwargs["default"]
            raise e
    def set_setting(self, name: str, value):
        """Save setting in database
        Args:
            name: String identifying the setting
            value: Value to be stored
        """
        if value is None and name in self.__settings.keys():
            del self.__settings[name]
        else:
            setting = self.__settings.setdefault(name, PluginSetting(plugin_id=self.id, name=name, value=None))
            setting.value = value
--- a/flaschengeist/models/session.py
+++ b/flaschengeist/models/session.py
@ -1,12 +1,11 @@
-from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
+from __future__ import annotations  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
 from datetime import datetime, timedelta, timezone
 from . import ModelSerializeMixin, UtcDateTime, Serial
 from .user import User
 from flaschengeist.database import db
 from secrets import compare_digest
-from flaschengeist import logger
+
 from .. import logger
 from ..database import db
 from ..database.types import ModelSerializeMixin, UtcDateTime, Serial
 class Session(db.Model, ModelSerializeMixin):
@ -18,12 +17,13 @@ class Session(db.Model, ModelSerializeMixin):
        token:  String to verify access later.
    """
    __allow_unmapped__ = True
    __tablename__ = "session"
    expires: datetime = db.Column(UtcDateTime)
    token: str = db.Column(db.String(32), unique=True)
    lifetime: int = db.Column(db.Integer)
-    browser: str = db.Column(db.String(30))
+    browser: str = db.Column(db.String(127))
-    platform: str = db.Column(db.String(30))
+    platform: str = db.Column(db.String(64))
    userid: str = ""
    _id = db.Column("id", Serial, primary_key=True)
--- a/flaschengeist/models/setting.py
+++ b/flaschengeist/models/setting.py
@ -1,13 +0,0 @@
 from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
 from typing import Any
 from . import Serial
 from ..database import db
 class _PluginSetting(db.Model):
    __tablename__ = "plugin_setting"
    id = db.Column("id", Serial, primary_key=True)
    plugin: str = db.Column(db.String(30))
    name: str = db.Column(db.String(30), nullable=False)
    value: Any = db.Column(db.PickleType(protocol=4))
--- a/flaschengeist/models/user.py
+++ b/flaschengeist/models/user.py
@ -1,14 +1,13 @@
-from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
+from __future__ import (
    annotations,
 )  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
-from flask import url_for
+from typing import Optional, Union, List
 from typing import Optional
 from datetime import date, datetime
 from sqlalchemy.orm.collections import attribute_mapped_collection
 from ..database import db
-from . import ModelSerializeMixin, UtcDateTime, Serial
+from ..database.types import ModelSerializeMixin, UtcDateTime, Serial
 from .image import Image
 association_table = db.Table(
    "user_x_role",
@ -24,17 +23,21 @@ role_permission_association_table = db.Table(
 class Permission(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "permission"
    name: str = db.Column(db.String(30), unique=True)
-    _id = db.Column("id", Serial, primary_key=True)
+    id_ = db.Column("id", Serial, primary_key=True)
    plugin_id_: int = db.Column("plugin", Serial, db.ForeignKey("plugin.id"))
    plugin_ = db.relationship("Plugin", lazy="subquery", back_populates="permissions", enable_typechecks=False)
 class Role(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "role"
    id: int = db.Column(Serial, primary_key=True)
    name: str = db.Column(db.String(30), unique=True)
-    permissions: list[Permission] = db.relationship("Permission", secondary=role_permission_association_table)
+    permissions: List[Permission] = db.relationship("Permission", secondary=role_permission_association_table)
 class User(db.Model, ModelSerializeMixin):
@ -44,7 +47,7 @@ class User(db.Model, ModelSerializeMixin):
    Attributes:
        id: Id in Database as Primary Key.
-        uid: User ID used by authentication provider
+        userid: User ID used by authentication provider
        display_name: Name to show
        firstname: Firstname of the User
        lastname: Lastname of the User
@ -52,6 +55,7 @@ class User(db.Model, ModelSerializeMixin):
        birthday: Birthday of the user
    """
    __allow_unmapped__ = True
    __tablename__ = "user"
    userid: str = db.Column(db.String(30), unique=True, nullable=False)
    display_name: str = db.Column(db.String(30))
@ -60,17 +64,15 @@ class User(db.Model, ModelSerializeMixin):
    deleted: bool = db.Column(db.Boolean(), default=False)
    birthday: Optional[date] = db.Column(db.Date)
    mail: str = db.Column(db.String(60))
-    roles: list[str] = []
+    roles: List[str] = []
-    permissions: Optional[list[str]] = None
+    permissions: Optional[list[str]] = []
    # Protected stuff for backend use only
    id_ = db.Column("id", Serial, primary_key=True)
-    roles_: list[Role] = db.relationship("Role", secondary=association_table, cascade="save-update, merge")
+    roles_: List[Role] = db.relationship("Role", secondary=association_table, cascade="save-update, merge")
-    sessions_: list["Session"] = db.relationship(
+    sessions_: List[Session] = db.relationship("Session", back_populates="user_", cascade="all, delete, delete-orphan")
        "Session", back_populates="user_", cascade="all, delete, delete-orphan"
    )
    avatar_: Optional[Image] = db.relationship("Image", cascade="all, delete, delete-orphan", single_parent=True)
-    reset_requests_: list["_PasswordReset"] = db.relationship("_PasswordReset", cascade="all, delete, delete-orphan")
+    reset_requests_: List["_PasswordReset"] = db.relationship("_PasswordReset", cascade="all, delete, delete-orphan")
    # Private stuff for internal use
    _avatar_id = db.Column("avatar", Serial, db.ForeignKey("image.id"))
@ -81,7 +83,7 @@ class User(db.Model, ModelSerializeMixin):
    )
    @property
-    def roles(self):
+    def roles(self) -> List[str]:
        return [role.name for role in self.roles_]
    def set_attribute(self, name, value):
@ -110,6 +112,7 @@ class User(db.Model, ModelSerializeMixin):
 class _UserAttribute(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "user_attribute"
    id = db.Column("id", Serial, primary_key=True)
    user: User = db.Column("user", Serial, db.ForeignKey("user.id"), nullable=False)
@ -120,6 +123,7 @@ class _UserAttribute(db.Model, ModelSerializeMixin):
 class _PasswordReset(db.Model):
    """Table containing password reset requests"""
    __allow_unmapped__ = True
    __tablename__ = "password_reset"
    _user_id: User = db.Column("user", Serial, db.ForeignKey("user.id"), primary_key=True)
    user: User = db.relationship("User", back_populates="reset_requests_", foreign_keys=[_user_id])
--- a/flaschengeist/plugins/init.py
+++ b/flaschengeist/plugins/init.py
@ -1,137 +1,136 @@
-import sqlalchemy
+"""Flaschengeist Plugins
 import pkg_resources
 from werkzeug.datastructures import FileStorage
 from werkzeug.exceptions import MethodNotAllowed, NotFound
 from flaschengeist.controller import imageController
-from flaschengeist.database import db
+.. include:: docs/plugin_development.md
-from flaschengeist.models.notification import Notification
+
-from flaschengeist.models.user import _Avatar, User
+"""
-from flaschengeist.models.setting import _PluginSetting
+
 from typing import Union, List
 from importlib.metadata import entry_points
 from werkzeug.exceptions import NotFound
 from werkzeug.datastructures import FileStorage
 from flaschengeist.models.plugin import BasePlugin
 from flaschengeist.models.user import _Avatar, Permission
 from flaschengeist.utils.hook import HookBefore, HookAfter
 __all__ = [
    "plugins_installed",
    "plugins_loaded",
    "before_delete_user",
    "before_role_updated",
    "before_update_user",
    "after_role_updated",
    "Plugin",
    "AuthPlugin",
 ]
 # Documentation hacks, see https://github.com/mitmproxy/pdoc/issues/320
 plugins_installed = HookAfter("plugins.installed")
-"""Hook decorator for when all plugins are installed
+plugins_installed.__doc__ = """Hook decorator for when all plugins are installed
    Possible use case would be to populate the database with some presets.
-    Args:
+Possible use case would be to populate the database with some presets.
        hook_result: void (kwargs)
 """
 plugins_loaded = HookAfter("plugins.loaded")
-"""Hook decorator for when all plugins are loaded
+plugins_loaded.__doc__ = """Hook decorator for when all plugins are loaded
    Possible use case would be to check if a specific other plugin is loaded and change own behavior
-    Args:
+Possible use case would be to check if a specific other plugin is loaded and change own behavior
-        app: Current flask app instance (args)
+
-        hook_result: void (kwargs)
+Passed args:
    - *app:* Current flask app instance (args)
 """
 before_role_updated = HookBefore("update_role")
-"""Hook decorator for when roles are modified
+before_role_updated.__doc__ = """Hook decorator for when roles are modified
 Args:
    role: Role object to modify
    new_name: New name if the name was changed (None if delete)
 """
 after_role_updated = HookAfter("update_role")
 """Hook decorator for when roles are modified
 Args:
    role: Role object containing the modified role
    new_name: New name if the name was changed (None if deleted)
 """
 before_update_user = HookBefore("update_user")
 """Hook decorator, when ever an user update is done, this is called before.
 Args:
    user: User object
 """
 before_delete_user = HookBefore("delete_user")
 """Hook decorator,this is called before an user gets deleted.
 Args:
    user: User object
 """
 class Plugin:
    """Base class for all Plugins
    If your class uses custom models add a static property called ``models``"""
    blueprint = None  # You have to override
    """Override with a `flask.blueprint` if the plugin uses custom routes"""
    permissions = []  # You have to override
    """Override to add custom permissions used by the plugin
-    A good style is to name the permissions with a prefix related to the plugin name,
+Passed args:
-    to prevent clashes with other plugins. E. g. instead of *delete* use *plugin_delete*.
+    - *role:* `flaschengeist.models.user.Role` to modify
-    """
+    - *new_name:* New name if the name was changed (*None* if delete)
-    id = "dev.flaschengeist.plugin"  # You have to override
+"""
    """Override with the unique ID of the plugin (Hint: FQN)"""
    name = "plugin"  # You have to override
    """Override with human readable name of the plugin"""
    models = None  # You have to override
    """Override with models module"""
    migrations_path = None  # Override this with the location of your db migrations directory
    """Override with path to migration files, if custome db tables are used"""
-    def __init__(self, config=None):
+after_role_updated = HookAfter("update_role")
-        """Constructor called by create_app
+after_role_updated.__doc__ = """Hook decorator for when roles are modified
-        Args:
+
-            config: Dict configuration containing the plugin section
+Passed args:
-        """
+    - *role:* modified `flaschengeist.models.user.Role`
-        self.version = pkg_resources.get_distribution(self.__module__.split(".")[0]).version
+    - *new_name:* New name if the name was changed (*None* if deleted)
 """
 before_update_user = HookBefore("update_user")
 before_update_user.__doc__ = """Hook decorator, when ever an user update is done, this is called before.
 Passed args:
    - *user:* `flaschengeist.models.user.User` object
 """
 before_delete_user = HookBefore("delete_user")
 before_delete_user.__doc__ = """Hook decorator,this is called before an user gets deleted.
 Passed args:
    - *user:* `flaschengeist.models.user.User` object
 """
 class Plugin(BasePlugin):
    """Base class for all Plugins
    All plugins must derived from this class.
    Optional:
        - *blueprint*: `flask.Blueprint` providing your routes
        - *permissions*: List of your custom permissions
        - *models*: Your models, used for API export
    """
    blueprint = None
    """Optional `flask.blueprint` if the plugin uses custom routes"""
    models = None
    """Optional module containing the SQLAlchemy models used by the plugin"""
    @property
    def version(self) -> str:
        """Version of the plugin, loaded from Distribution"""
        return self.dist.version
    @property
    def dist(self):
        """Distribution of this plugin"""
        return self.entry_point.dist
    @property
    def entry_point(self):
        ep = tuple(entry_points(group="flaschengeist.plugins", name=self.name))
        return ep[0]
    def load(self):
        """__init__ like function that is called when the plugin is initially loaded"""
        pass
    def install(self):
        """Installation routine
-        Is always called with Flask application context
+        Also called when updating the plugin, compare `version` and `installed_version`.
        Is always called with Flask application context,
        it is called after the plugin permissions are installed.
        """
        pass
-    def get_setting(self, name: str, **kwargs):
+    def uninstall(self):
-        """Get plugin setting from database
+        """Uninstall routine
-        Args:
+        If the plugin has custom database tables, make sure to remove them.
-            name: string identifying the setting
+        This can be either done by downgrading the plugin *head* to the *base*.
-            default: Default value
+        Or use custom migrations for the uninstall and *stamp* some version.
-        Returns:
+
-            Value stored in database (native python)
+        Is always called with Flask application context.
        Raises:
            `KeyError` if no such setting exists in the database
        """
-        try:
+        pass
            setting = (
                _PluginSetting.query.filter(_PluginSetting.plugin == self.name)
                .filter(_PluginSetting.name == name)
                .one()
            )
            return setting.value
        except sqlalchemy.orm.exc.NoResultFound:
            if "default" in kwargs:
                return kwargs["default"]
            else:
                raise KeyError
    def set_setting(self, name: str, value):
        """Save setting in database
        Args:
            name: String identifying the setting
            value: Value to be stored
        """
        setting = (
            _PluginSetting.query.filter(_PluginSetting.plugin == self.name)
            .filter(_PluginSetting.name == name)
            .one_or_none()
        )
        if setting is not None:
            if value is None:
                db.session.delete(setting)
            else:
                setting.value = value
        else:
            db.session.add(_PluginSetting(plugin=self.name, name=name, value=value))
        db.session.commit()
    def notify(self, user, text: str, data=None):
        """Create a new notification for an user
-        
+
        Args:
            user: `flaschengeist.models.user.User` to notify
            text: Visibile notification text
@ -141,11 +140,20 @@ class Plugin:
        Hint: use the data for frontend actions.
        """
-        if not user.deleted:
+        from ..controller import pluginController
-            n = Notification(text=text, data=data, plugin=self.id, user_=user)
+
-            db.session.add(n)
+        return pluginController.notify(self.id, user, text, data)
-            db.session.commit()
+
-            return n.id
+    @property
    def notifications(self) -> List["Notification"]:
        """Get all notifications for this plugin
        Returns:
            List of `flaschengeist.models.notification.Notification`
        """
        from ..controller import pluginController
        return pluginController.get_notifications(self.id)
    def serialize(self):
        """Serialize a plugin into a dict
@ -155,35 +163,53 @@ class Plugin:
        """
        return {"version": self.version, "permissions": self.permissions}
    def install_permissions(self, permissions: list[str]):
        """Helper for installing a list of strings as permissions
        Args:
            permissions: List of permissions to install
        """
        cur_perm = set(x for x in self.permissions or [])
        all_perm = set(permissions)
        new_perms = all_perm - cur_perm
        _perms = [Permission(name=x, plugin_=self) for x in new_perms]
        # self.permissions = list(filter(lambda x: x.name in permissions, self.permissions and isinstance(self.permissions, list) or []))
        self.permissions.extend(_perms)
 class AuthPlugin(Plugin):
-    def login(self, user, pw):
+    """Base class for all authentification plugins
    See also `Plugin`
    """
    def login(self, login_name, password) -> Union[bool, str]:
        """Login routine, MUST BE IMPLEMENTED!
        Args:
-            user: User class containing at least the uid
+            login_name: The name the user entered
-            pw: given password
+            password: The password the user used to log in
        Returns:
-            Must return False if not found or invalid credentials, True if success
+            Must return False if not found or invalid credentials, otherwise the UID is returned
        """
        raise NotImplemented
-    def update_user(self, user):
+    def update_user(self, user: "User"):
        """If backend is using external data, then update this user instance with external data
        Args:
            user: User object
        """
        pass
-    def find_user(self, userid, mail=None):
+    def user_exists(self, userid) -> bool:
-        """Find an user by userid or mail
+        """Check if user exists on this backend
        Args:
            userid: Userid to search
            mail: If set, mail to search
        Returns:
-            None or User
+            True or False
        """
-        return None
+        raise NotImplemented
    def modify_user(self, user, password, new_password=None):
        """If backend is using (writeable) external data, then update the external database with the user provided.
@ -194,11 +220,14 @@ class AuthPlugin(Plugin):
            password: Password (some backends need the current password for changes) if None force edit (admin)
            new_password: If set a password change is requested
        Raises:
            NotImplemented: If backend does not support this feature (or no password change)
            BadRequest: Logic error, e.g. password is wrong.
            Error: Other errors if backend went mad (are not handled and will result in a 500 error)
        """
-        raise NotImplemented
+        pass
    def can_register(self):
        """Check if this backend allows to register new users"""
        return False
    def create_user(self, user, password):
        """If backend is using (writeable) external data, then create a new user on the external database.
@ -208,7 +237,7 @@ class AuthPlugin(Plugin):
            password: string
        """
-        raise MethodNotAllowed
+        raise NotImplementedError
    def delete_user(self, user):
        """If backend is using (writeable) external data, then delete the user from external database.
@ -217,9 +246,19 @@ class AuthPlugin(Plugin):
            user: User object
        """
-        raise MethodNotAllowed
+        raise NotImplementedError
-    def get_avatar(self, user: User) -> _Avatar:
+    def get_modified_time(self, user):
        """If backend is using external data, then return the timestamp of the last modification
        Args:
            user: User object
        Returns:
            Timestamp of last modification
        """
        pass
    def get_avatar(self, user) -> _Avatar:
        """Retrieve avatar for given user (if supported by auth backend)
        Default behavior is to use native Image objects,
@ -233,21 +272,25 @@ class AuthPlugin(Plugin):
        """
        raise NotFound
-    def set_avatar(self, user: User, file: FileStorage):
+    def set_avatar(self, user, file: FileStorage):
        """Set the avatar for given user (if supported by auth backend)
        Default behavior is to use native Image objects stored on the Flaschengeist server
        Args:
            user: User to set the avatar for
-            file: FileStorage object uploaded by the user
+            file: `werkzeug.datastructures.FileStorage` uploaded by the user
        Raises:
            MethodNotAllowed: If not supported by Backend
            Any valid HTTP exception
        """
        # By default save the image to the avatar,
        # deleting would happen by unsetting it
        from ..controller import imageController
        user.avatar_ = imageController.upload_image(file)
-    def delete_avatar(self, user: User):
+    def delete_avatar(self, user):
        """Delete the avatar for given user (if supported by auth backend)
        Default behavior is to use the imageController and native Image objects.
--- a/flaschengeist/plugins/auth/init.py
+++ b/flaschengeist/plugins/auth/init.py
@ -13,8 +13,7 @@ from flaschengeist.controller import sessionController, userController
 class AuthRoutePlugin(Plugin):
-    name = "auth"
+    blueprint = Blueprint("auth", __name__)
    blueprint = Blueprint(name, __name__)
@AuthRoutePlugin.blueprint.route("/auth", methods=["POST"])
@ -41,7 +40,7 @@ def login():
    user = userController.login_user(userid, password)
    if not user:
        raise Unauthorized
-    session = sessionController.create(user, user_agent=request.user_agent)
+    session = sessionController.create(user, request_headers=request.headers)
    logger.debug(f"token is {session.token}")
    logger.info(f"User {userid} logged in.")
@ -166,7 +165,7 @@ def get_assocd_user(token, current_session, **kwargs):
 def reset_password():
    data = request.get_json()
    if "userid" in data:
-        user = userController.find_user(data["userid"])
+        user = userController.get_user(data["userid"])
        if user:
            userController.request_reset(user)
    elif "password" in data and "token" in data:
--- a/flaschengeist/plugins/auth_ldap/init.py
+++ b/flaschengeist/plugins/auth_ldap/init.py
@ -10,70 +10,73 @@ from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
 from werkzeug.exceptions import BadRequest, InternalServerError, NotFound
 from werkzeug.datastructures import FileStorage
 from datetime import datetime
 from flaschengeist import logger
 from flaschengeist.config import config
 from flaschengeist.controller import userController
-from flaschengeist.models.user import User, Role, _Avatar
+from flaschengeist.models import User, Role
 from flaschengeist.models.user import _Avatar
 from flaschengeist.plugins import AuthPlugin, before_role_updated
 class AuthLDAP(AuthPlugin):
-    def __init__(self, config):
+    def load(self):
-        super().__init__()
+        self.config = config.get("auth_ldap", None)
        if self.config is None:
            logger.error("auth_ldap was not configured in flaschengeist.toml", exc_info=True)
            raise InternalServerError
        app.config.update(
-            LDAP_SERVER=config.get("host", "localhost"),
+            LDAP_SERVER=self.config.get("host", "localhost"),
-            LDAP_PORT=config.get("port", 389),
+            LDAP_PORT=self.config.get("port", 389),
-            LDAP_BINDDN=config.get("bind_dn", None),
+            LDAP_BINDDN=self.config.get("bind_dn", None),
-            LDAP_SECRET=config.get("secret", None),
+            LDAP_SECRET=self.config.get("secret", None),
-            LDAP_USE_SSL=config.get("use_ssl", False),
+            LDAP_USE_SSL=self.config.get("use_ssl", False),
            # That's not TLS, its dirty StartTLS on unencrypted LDAP
            LDAP_USE_TLS=False,
            LDAP_TLS_VERSION=ssl.PROTOCOL_TLS,
            FORCE_ATTRIBUTE_VALUE_AS_LIST=True,
        )
        if "ca_cert" in config:
-            app.config["LDAP_CA_CERTS_FILE"] = config["ca_cert"]
+            app.config["LDAP_CA_CERTS_FILE"] = self.config["ca_cert"]
        else:
            # Default is CERT_REQUIRED
            app.config["LDAP_REQUIRE_CERT"] = ssl.CERT_OPTIONAL
        self.ldap = LDAPConn(app)
-        self.base_dn = config["base_dn"]
+        self.base_dn = self.config["base_dn"]
-        self.search_dn = config.get("search_dn", "ou=people,{base_dn}").format(base_dn=self.base_dn)
+        self.search_dn = self.config.get("search_dn", "ou=people,{base_dn}").format(base_dn=self.base_dn)
-        self.group_dn = config.get("group_dn", "ou=group,{base_dn}").format(base_dn=self.base_dn)
+        self.group_dn = self.config.get("group_dn", "ou=group,{base_dn}").format(base_dn=self.base_dn)
-        self.password_hash = config.get("password_hash", "SSHA").upper()
+        self.password_hash = self.config.get("password_hash", "SSHA").upper()
-        self.object_classes = config.get("object_classes", ["inetOrgPerson"])
+        self.object_classes = self.config.get("object_classes", ["inetOrgPerson"])
-        self.user_attributes: dict = config.get("user_attributes", {})
+        self.user_attributes: dict = self.config.get("user_attributes", {})
-        self.dn_template = config.get("dn_template")
+        self.dn_template = self.config.get("dn_template")
        # TODO: might not be set if modify is called
-        self.root_dn = config.get("root_dn", None)
+        self.root_dn = self.config.get("root_dn", None)
-        self.root_secret = config.get("root_secret", None)
+        self.root_secret = self.config.get("root_secret", None)
        @before_role_updated
        def _role_updated(role, new_name):
            logger.debug(f"LDAP: before_role_updated called with ({role}, {new_name})")
            self.__modify_role(role, new_name)
-    def login(self, user, password):
+    def login(self, login_name, password):
-        if not user:
+        if not login_name:
            return False
-        return self.ldap.authenticate(user.userid, password, "uid", self.base_dn)
+        return login_name if self.ldap.authenticate(login_name, password, "uid", self.base_dn) else False
-    def find_user(self, userid, mail=None):
+    def user_exists(self, userid) -> bool:
-        attr = self.__find(userid, mail)
+        attr = self.__find(userid, None)
-        if attr is not None:
+        return attr is not None
            user = User(userid=attr["uid"][0])
            self.__update(user, attr)
            return user
    def update_user(self, user):
        attr = self.__find(user.userid)
        self.__update(user, attr)
-    def create_user(self, user, password):
+    def can_register(self):
-        if self.root_dn is None:
+        return self.root_dn is not None
            logger.error("root_dn missing in ldap config!")
            raise InternalServerError
    def create_user(self, user, password):
        try:
            ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
            attributes = self.user_attributes.copy()
@ -125,9 +128,12 @@ class AuthLDAP(AuthPlugin):
    def modify_user(self, user: User, password=None, new_password=None):
        try:
            dn = user.get_attribute("DN")
            logger.debug(f"LDAP: modify_user for user {user.userid} with dn {dn}")
            if password:
                logger.debug(f"LDAP: modify_user for user {user.userid} with password")
                ldap_conn = self.ldap.connect(dn, password)
            else:
                logger.debug(f"LDAP: modify_user for user {user.userid} with root_dn")
                if self.root_dn is None:
                    logger.error("root_dn missing in ldap config!")
                    raise InternalServerError
@ -140,14 +146,31 @@ class AuthLDAP(AuthPlugin):
                ("display_name", "displayName"),
            ]:
                if hasattr(user, name):
-                    modifier[ldap_name] = [(MODIFY_REPLACE, [getattr(user, name)])]
+                    attribute = getattr(user, name)
                    if attribute:
                        modifier[ldap_name] = [(MODIFY_REPLACE, [getattr(user, name)])]
            if new_password:
                modifier["userPassword"] = [(MODIFY_REPLACE, [self.__hash(new_password)])]
            if "userPassword" in modifier:
                logger.debug(f"LDAP: modify_user for user {user.userid} with password change (can't show >modifier<)")
            else:
                logger.debug(f"LDAP: modify_user for user {user.userid} with modifier {modifier}")
            ldap_conn.modify(dn, modifier)
            self._set_roles(user)
        except (LDAPPasswordIsMandatoryError, LDAPBindError):
            raise BadRequest
    def get_modified_time(self, user):
        self.ldap.connection.search(
            self.search_dn,
            "(uid={})".format(user.userid),
            SUBTREE,
            attributes=["modifyTimestamp"],
        )
        r = self.ldap.connection.response[0]["attributes"]
        modified_time = r["modifyTimestamp"][0]
        return datetime.strptime(modified_time, "%Y%m%d%H%M%SZ")
    def get_avatar(self, user):
        self.ldap.connection.search(
            self.search_dn,
@ -305,3 +328,5 @@ class AuthLDAP(AuthPlugin):
        except (LDAPPasswordIsMandatoryError, LDAPBindError):
            raise BadRequest
        except IndexError as e:
            logger.error("Roles in LDAP", exc_info=True)
--- a/flaschengeist/plugins/auth_ldap/cli.py
+++ b/flaschengeist/plugins/auth_ldap/cli.py
@ -1,20 +1,25 @@
 import click
 from flask import current_app
 from flask.cli import with_appcontext
 from werkzeug.exceptions import NotFound
@click.command(no_args_is_help=True)
@click.option("--sync", is_flag=True, default=False, help="Synchronize users from LDAP -> database")
@click.option("--sync-ldap", is_flag=True, default=False, help="Synchronize users from database -> LDAP")
@with_appcontext
@click.pass_context
-def ldap(ctx, sync):
+def ldap(ctx, sync, sync_ldap):
    """Tools for the LDAP authentification"""
    from flaschengeist.controller import userController
    from flaschengeist.plugins.auth_ldap import AuthLDAP
    if sync:
-        from flaschengeist.controller import userController
+        click.echo("Synchronizing users from LDAP -> database")
        from flaschengeist.plugins.auth_ldap import AuthLDAP
        from ldap3 import SUBTREE
        from flaschengeist.models import User
        from flaschengeist.database import db
-        auth_ldap: AuthLDAP = current_app.config.get("FG_AUTH_BACKEND")
+        auth_ldap: AuthLDAP = current_app.config.get("FG_PLUGINS").get("auth_ldap")
        if auth_ldap is None or not isinstance(auth_ldap, AuthLDAP):
            ctx.fail("auth_ldap plugin not found or not enabled!")
        conn = auth_ldap.ldap.connection
@ -24,4 +29,19 @@ def ldap(ctx, sync):
        ldap_users_response = conn.response
        for ldap_user in ldap_users_response:
            uid = ldap_user["attributes"]["uid"][0]
-            userController.find_user(uid)
+            try:
                user = userController.get_user(uid)
            except NotFound:
                user = User(userid=uid)
                db.session.add(user)
            userController.update_user(user, auth_ldap)
    if sync_ldap:
        click.echo("Synchronizing users from database -> LDAP")
        auth_ldap: AuthLDAP = current_app.config.get("FG_PLUGINS").get("auth_ldap")
        if auth_ldap is None or not isinstance(auth_ldap, AuthLDAP):
            ctx.fail("auth_ldap plugin not found or not enabled!")
        users = userController.get_users()
        for user in users:
            userController.update_user(user, auth_ldap)
--- a/flaschengeist/plugins/auth_plain/init.py
+++ b/flaschengeist/plugins/auth_plain/init.py
@ -7,42 +7,25 @@ import os
 import hashlib
 import binascii
 from werkzeug.exceptions import BadRequest
-from flaschengeist.plugins import AuthPlugin, plugins_installed
+from flaschengeist.plugins import AuthPlugin
-from flaschengeist.models.user import User, Role, Permission
+from flaschengeist.models import User, Role, Permission
 from flaschengeist.database import db
 from flaschengeist import logger
 class AuthPlain(AuthPlugin):
-    def install(self):
+    def can_register(self):
-        plugins_installed(self.post_install)
+        return True
-    def post_install(self, **kwargs):
+    def login(self, login_name, password):
-        if User.query.filter(User.deleted == False).count() == 0:
+        users: list[User] = (
-            logger.info("Installing admin user")
+            User.query.filter((User.userid == login_name) | (User.mail == login_name))
-            role = Role.query.filter(Role.name == "Superuser").first()
+            .filter(User._attributes.any(name="password"))
-            if role is None:
+            .all()
-                role = Role(name="Superuser", permissions=Permission.query.all())
+        )
-            admin = User(
+        for user in users:
-                userid="admin",
+            if AuthPlain._verify_password(user.get_attribute("password"), password):
-                firstname="Admin",
+                return user.userid
                lastname="Admin",
                mail="",
                roles_=[role],
            )
            self.modify_user(admin, None, "admin")
            db.session.add(admin)
            db.session.commit()
            logger.warning(
                "New administrator user was added, please change the password or remove it before going into"
                "production mode. Initial credentials:\n"
                "name: admin\n"
                "password: admin"
            )
    def login(self, user: User, password: str):
        if user.has_attribute("password"):
            return AuthPlain._verify_password(user.get_attribute("password"), password)
        return False
    def modify_user(self, user, password, new_password=None):
@ -51,6 +34,12 @@ class AuthPlain(AuthPlugin):
        if new_password:
            user.set_attribute("password", AuthPlain._hash_password(new_password))
    def user_exists(self, userid) -> bool:
        return (
            db.session.query(User.id_).filter(User.userid == userid, User._attributes.any(name="password")).first()
            is not None
        )
    def create_user(self, user, password):
        if not user.userid:
            raise BadRequest("userid is missing for new user")
@ -68,7 +57,7 @@ class AuthPlain(AuthPlugin):
        return (salt + pass_hash).decode("ascii")
    @staticmethod
-    def _verify_password(stored_password, provided_password):
+    def _verify_password(stored_password: str, provided_password: str):
        salt = stored_password[:64]
        stored_password = stored_password[64:]
        pass_hash = hashlib.pbkdf2_hmac("sha3-512", provided_password.encode("utf-8"), salt.encode("ascii"), 100000)
--- a/flaschengeist/plugins/balance/init.py
+++ b/flaschengeist/plugins/balance/init.py
@ -3,11 +3,12 @@
 Extends users plugin with balance functions
 """
-from flask import Blueprint, current_app
+from flask import current_app
 from werkzeug.local import LocalProxy
 from werkzeug.exceptions import NotFound
 from werkzeug.local import LocalProxy
 from flaschengeist import logger
 from flaschengeist.config import config
 from flaschengeist.plugins import Plugin, plugins_loaded, before_update_user
 from flaschengeist.plugins.scheduler import add_scheduled
@ -56,16 +57,16 @@ def service_debit():
 class BalancePlugin(Plugin):
-    name = "balance"
+    # id = "dev.flaschengeist.balance"
    id = "dev.flaschengeist.balance"
    blueprint = Blueprint(name, __name__)
    permissions = permissions.permissions
    plugin: "BalancePlugin" = LocalProxy(lambda: current_app.config["FG_PLUGINS"][BalancePlugin.name])
    models = models
-    def __init__(self, config):
+    def install(self):
-        super(BalancePlugin, self).__init__(config)
+        self.install_permissions(permissions.permissions)
-        from . import routes
+
    def load(self):
        from .routes import blueprint
        self.blueprint = blueprint
        @plugins_loaded
        def post_loaded(*args, **kwargs):
@ -73,7 +74,7 @@ class BalancePlugin(Plugin):
                add_scheduled(f"{id}.service_debit", service_debit, minutes=1)
        @before_update_user
-        def set_default_limit(user):
+        def set_default_limit(user, *args):
            from . import balance_controller
            try:
@ -82,3 +83,7 @@ class BalancePlugin(Plugin):
                balance_controller.set_limit(user, limit, override=False)
            except KeyError:
                pass
    @staticmethod
    def getPlugin() -> LocalProxy["BalancePlugin"]:
        return LocalProxy(lambda: current_app.config["FG_PLUGINS"]["balance"])
--- a/flaschengeist/plugins/balance/balance_controller.py
+++ b/flaschengeist/plugins/balance/balance_controller.py
@ -3,13 +3,14 @@
 # English: Debit -> from account
 #         Credit -> to account
 from enum import IntEnum
-from sqlalchemy import func, case, and_
+from sqlalchemy import func, case, and_, or_
 from sqlalchemy.ext.hybrid import hybrid_property
 from datetime import datetime
 from werkzeug.exceptions import BadRequest, NotFound, Conflict
 from flaschengeist.database import db
 from flaschengeist.models.user import User, _UserAttribute
 from flaschengeist.app import logger
 from .models import Transaction
 from . import permissions, BalancePlugin
@ -20,6 +21,8 @@ __attribute_limit = "balance_limit"
 class NotifyType(IntEnum):
    SEND_TO = 0x01
    SEND_FROM = 0x02
    ADD_FROM = 0x03
    SUB_FROM = 0x04
 def set_limit(user: User, limit: float, override=True):
@ -33,7 +36,7 @@ def get_limit(user: User) -> float:
 def get_balance(user, start: datetime = None, end: datetime = None):
-    query = db.session.query(func.sum(Transaction.amount))
+    query = db.session.query(func.sum(Transaction._amount))
    if start:
        query = query.filter(start <= Transaction.time)
    if end:
@ -44,10 +47,26 @@ def get_balance(user, start: datetime = None, end: datetime = None):
    return credit, debit, credit - debit
-def get_balances(start: datetime = None, end: datetime = None, limit=None, offset=None, descending=None, sortBy=None):
+def get_balances(
    start: datetime = None,
    end: datetime = None,
    limit=None,
    offset=None,
    descending=None,
    sortBy=None,
    _filter=None,
 ):
    logger.debug(
        f"get_balances(start={start}, end={end}, limit={limit}, offset={offset}, descending={descending}, sortBy={sortBy}, _filter={_filter})"
    )
    class _User(User):
        _debit = db.relationship(Transaction, back_populates="sender_", foreign_keys=[Transaction._sender_id])
-        _credit = db.relationship(Transaction, back_populates="receiver_", foreign_keys=[Transaction._receiver_id])
+        _credit = db.relationship(
            Transaction,
            back_populates="receiver_",
            foreign_keys=[Transaction._receiver_id],
        )
        @hybrid_property
        def debit(self):
@ -56,8 +75,8 @@ def get_balances(start: datetime = None, end: datetime = None, limit=None, offse
        @debit.expression
        def debit(cls):
            a = (
-                db.select(func.sum(Transaction.amount))
+                db.select(func.sum(Transaction._amount))
-                .where(cls.id_ == Transaction._sender_id, Transaction.amount)
+                .where(cls.id_ == Transaction._sender_id, Transaction._amount)
                .scalar_subquery()
            )
            return case([(a, a)], else_=0)
@ -69,8 +88,8 @@ def get_balances(start: datetime = None, end: datetime = None, limit=None, offse
        @credit.expression
        def credit(cls):
            b = (
-                db.select(func.sum(Transaction.amount))
+                db.select(func.sum(Transaction._amount))
-                .where(cls.id_ == Transaction._receiver_id, Transaction.amount)
+                .where(cls.id_ == Transaction._receiver_id, Transaction._amount)
                .scalar_subquery()
            )
            return case([(b, b)], else_=0)
@ -83,7 +102,12 @@ def get_balances(start: datetime = None, end: datetime = None, limit=None, offse
        def limit(cls):
            return (
                db.select(_UserAttribute.value)
-                .where(and_(cls.id_ == _UserAttribute.user, _UserAttribute.name == "balance_limit"))
+                .where(
                    and_(
                        cls.id_ == _UserAttribute.user,
                        _UserAttribute.name == "balance_limit",
                    )
                )
                .scalar_subquery()
            )
@ -116,11 +140,27 @@ def get_balances(start: datetime = None, end: datetime = None, limit=None, offse
        q2 = query.join(_User._debit).filter(Transaction.time <= end)
        query = q1.union(q2)
    if _filter:
        query = query.filter(
            or_(
                _User.firstname.ilike(f"%{_filter.lower()}%"),
                _User.lastname.ilike(f"%{_filter.lower()}%"),
            )
        )
    if sortBy == "balance":
        if descending:
-            query = query.order_by((_User.credit - _User.debit).desc(), _User.lastname.asc(), _User.firstname.asc())
+            query = query.order_by(
                (_User.credit - _User.debit).desc(),
                _User.lastname.asc(),
                _User.firstname.asc(),
            )
        else:
-            query = query.order_by((_User.credit - _User.debit).asc(), _User.lastname.asc(), _User.firstname.asc())
+            query = query.order_by(
                (_User.credit - _User.debit).asc(),
                _User.lastname.asc(),
                _User.firstname.asc(),
            )
    elif sortBy == "limit":
        if descending:
            query = query.order_by(_User.limit.desc(), User.lastname.asc(), User.firstname.asc())
@ -147,7 +187,6 @@ def get_balances(start: datetime = None, end: datetime = None, limit=None, offse
    all = {}
    for user in users:
        all[user.userid] = [user.get_credit(start, end), 0]
        all[user.userid][1] = user.get_debit(start, end)
@ -167,6 +206,7 @@ def send(sender: User, receiver, amount: float, author: User):
    Raises:
        BadRequest if amount <= 0
    """
    logger.debug(f"send(sender={sender}, receiver={receiver}, amount={amount}, author={author})")
    if amount <= 0:
        raise BadRequest
@ -180,20 +220,48 @@ def send(sender: User, receiver, amount: float, author: User):
    db.session.add(transaction)
    db.session.commit()
    if sender is not None and sender.id_ != author.id_:
-        BalancePlugin.plugin.notify(
+        if receiver is not None:
-            sender,
+            BalancePlugin.getPlugin().notify(
-            "Neue Transaktion",
+                sender,
-            {
+                "Neue Transaktion",
-                "type": NotifyType.SEND_FROM,
+                {
-                "receiver_id": receiver.userid,
+                    "type": NotifyType.SEND_FROM,
-                "author_id": author.userid,
+                    "receiver_id": receiver.userid,
-                "amount": amount,
+                    "author_id": author.userid,
-            },
+                    "amount": amount,
-        )
+                },
            )
        else:
            BalancePlugin.getPlugin().notify(
                sender,
                "Neue Transaktion",
                {
                    "type": NotifyType.SUB_FROM,
                    "author_id": author.userid,
                    "amount": amount,
                },
            )
    if receiver is not None and receiver.id_ != author.id_:
-        BalancePlugin.plugin.notify(
+        if sender is not None:
-            receiver, "Neue Transaktion", {"type": NotifyType.SEND_TO, "sender_id": sender.userid, "amount": amount}
+            BalancePlugin.getPlugin().notify(
-        )
+                receiver,
                "Neue Transaktion",
                {
                    "type": NotifyType.SEND_TO,
                    "sender_id": sender.userid,
                    "amount": amount,
                },
            )
        else:
            BalancePlugin.getPlugin().notify(
                receiver,
                "Neue Transaktion",
                {
                    "type": NotifyType.ADD_FROM,
                    "author_id": author.userid,
                    "amount": amount,
                },
            )
    return transaction
--- a/flaschengeist/plugins/balance/migrations/98f2733bbe45_balance_initial.py
+++ b/flaschengeist/plugins/balance/migrations/98f2733bbe45_balance_initial.py
@ -0,0 +1,47 @@
 """balance: initial
 Revision ID: 98f2733bbe45
 Revises: 
 Create Date: 2022-02-23 14:41:03.089145
 """
 from alembic import op
 import sqlalchemy as sa
 import flaschengeist
 # revision identifiers, used by Alembic.
 revision = "98f2733bbe45"
 down_revision = None
 branch_labels = ("balance",)
 depends_on = "flaschengeist"
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.create_table(
        "balance_transaction",
        sa.Column("receiver_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("sender_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("author_id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("time", flaschengeist.models.UtcDateTime(), nullable=False),
        sa.Column("amount", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=False),
        sa.Column("reversal_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["author_id"], ["user.id"], name=op.f("fk_balance_transaction_author_id_user")),
        sa.ForeignKeyConstraint(["receiver_id"], ["user.id"], name=op.f("fk_balance_transaction_receiver_id_user")),
        sa.ForeignKeyConstraint(
            ["reversal_id"],
            ["balance_transaction.id"],
            name=op.f("fk_balance_transaction_reversal_id_balance_transaction"),
        ),
        sa.ForeignKeyConstraint(["sender_id"], ["user.id"], name=op.f("fk_balance_transaction_sender_id_user")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_balance_transaction")),
    )
    # ### end Alembic commands ###
 def downgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.drop_table("balance_transaction")
    # ### end Alembic commands ###
--- a/flaschengeist/plugins/balance/models.py
+++ b/flaschengeist/plugins/balance/models.py
@ -1,15 +1,16 @@
 from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
 from datetime import datetime
 from typing import Optional
 from sqlalchemy.ext.hybrid import hybrid_property
 from math import floor
 from flaschengeist import logger
 from flaschengeist.database import db
 from flaschengeist.models.user import User
 from flaschengeist.models import ModelSerializeMixin, UtcDateTime, Serial
 class Transaction(db.Model, ModelSerializeMixin):
    __allow_unmapped__ = True
    __tablename__ = "balance_transaction"
    # Protected foreign key properties
    _receiver_id = db.Column("receiver_id", Serial, db.ForeignKey("user.id"))
@ -19,8 +20,9 @@ class Transaction(db.Model, ModelSerializeMixin):
    # Public and exported member
    id: int = db.Column("id", Serial, primary_key=True)
    time: datetime = db.Column(UtcDateTime, nullable=False, default=UtcDateTime.current_utc)
-    amount: float = db.Column(db.Numeric(precision=5, scale=2, asdecimal=False), nullable=False)
+    _amount: float = db.Column("amount", db.Numeric(precision=5, scale=2, asdecimal=False), nullable=False)
    reversal_id: Optional[int] = db.Column(Serial, db.ForeignKey("balance_transaction.id"))
    amount: float
    # Dummy properties used for JSON serialization (userid instead of full user)
    author_id: Optional[str] = None
@ -57,3 +59,14 @@ class Transaction(db.Model, ModelSerializeMixin):
    @property
    def original_id(self):
        return self.original_.id if self.original_ else None
    @property
    def amount(self):
        return self._amount
    @amount.setter
    def amount(self, value):
        self._amount = floor(value * 100) / 100
    def __repr__(self):
        return f"<Transaction {self.id} {self.amount} {self.time} {self.sender_id} {self.receiver_id} {self.author_id}>"
--- a/flaschengeist/plugins/balance/routes.py
+++ b/flaschengeist/plugins/balance/routes.py
@ -1,12 +1,14 @@
 from datetime import datetime, timezone
 from logging import log
 from werkzeug.exceptions import Forbidden, BadRequest
-from flask import request, jsonify
+from flask import Blueprint, request, jsonify
 from flaschengeist.utils import HTTP
 from flaschengeist.models.session import Session
 from flaschengeist.utils.datetime import from_iso_format
 from flaschengeist.utils.decorators import login_required
 from flaschengeist.controller import userController
 from flaschengeist.app import logger
 from . import BalancePlugin, balance_controller, permissions
@ -18,7 +20,10 @@ def str2bool(string: str):
    raise ValueError
-@BalancePlugin.blueprint.route("/users/<userid>/balance/shortcuts", methods=["GET", "PUT"])
+blueprint = Blueprint("balance", __package__)
@blueprint.route("/users/<userid>/balance/shortcuts", methods=["GET", "PUT"])
@login_required()
 def get_shortcuts(userid, current_session: Session):
    """Get balance shortcuts of an user
@ -50,7 +55,7 @@ def get_shortcuts(userid, current_session: Session):
        return HTTP.no_content()
-@BalancePlugin.blueprint.route("/users/<userid>/balance/limit", methods=["GET"])
+@blueprint.route("/users/<userid>/balance/limit", methods=["GET"])
@login_required()
 def get_limit(userid, current_session: Session):
    """Get limit of an user
@ -73,7 +78,7 @@ def get_limit(userid, current_session: Session):
    return {"limit": balance_controller.get_limit(user)}
-@BalancePlugin.blueprint.route("/users/<userid>/balance/limit", methods=["PUT"])
+@blueprint.route("/users/<userid>/balance/limit", methods=["PUT"])
@login_required(permissions.SET_LIMIT)
 def set_limit(userid, current_session: Session):
    """Set the limit of an user
@ -99,7 +104,7 @@ def set_limit(userid, current_session: Session):
    return HTTP.no_content()
-@BalancePlugin.blueprint.route("/users/balance/limit", methods=["GET", "PUT"])
+@blueprint.route("/users/balance/limit", methods=["GET", "PUT"])
@login_required(permission=permissions.SET_LIMIT)
 def limits(current_session: Session):
    """Get, Modify limit of all users
@ -124,14 +129,14 @@ def limits(current_session: Session):
    return HTTP.no_content()
-@BalancePlugin.blueprint.route("/users/<userid>/balance", methods=["GET"])
+@blueprint.route("/users/<userid>/balance", methods=["GET"])
@login_required(permission=permissions.SHOW)
 def get_balance(userid, current_session: Session):
    """Get balance of user, optionally filtered
    Route: ``/users/<userid>/balance`` | Method: ``GET``
-    GET-parameters: ```{from?: string, to?: string}```
+    GET-parameters: ``{from?: string, to?: string}``
    Args:
        userid: Userid of user to get balance from
@ -159,10 +164,11 @@ def get_balance(userid, current_session: Session):
        end = datetime.now(tz=timezone.utc)
    balance = balance_controller.get_balance(user, start, end)
    logger.debug(f"Balance of {user.userid} from {start} to {end}: {balance}")
    return {"credit": balance[0], "debit": balance[1], "balance": balance[2]}
-@BalancePlugin.blueprint.route("/users/<userid>/balance/transactions", methods=["GET"])
+@blueprint.route("/users/<userid>/balance/transactions", methods=["GET"])
@login_required(permission=permissions.SHOW)
 def get_transactions(userid, current_session: Session):
    """Get transactions of user, optionally filtered
@ -170,7 +176,7 @@ def get_transactions(userid, current_session: Session):
    Route: ``/users/<userid>/balance/transactions`` | Method: ``GET``
-    GET-parameters: ```{from?: string, to?: string, limit?: int, offset?: int}```
+    GET-parameters: ``{from?: string, to?: string, limit?: int, offset?: int}``
    Args:
        userid: Userid of user to get transactions from
@ -220,10 +226,11 @@ def get_transactions(userid, current_session: Session):
        show_cancelled=show_cancelled,
        descending=descending,
    )
    logger.debug(f"transactions: {transactions}")
    return {"transactions": transactions, "count": count}
-@BalancePlugin.blueprint.route("/users/<userid>/balance", methods=["PUT"])
+@blueprint.route("/users/<userid>/balance", methods=["PUT"])
@login_required()
 def change_balance(userid, current_session: Session):
    """Change balance of an user
@ -272,7 +279,7 @@ def change_balance(userid, current_session: Session):
    raise Forbidden
-@BalancePlugin.blueprint.route("/balance/<int:transaction_id>", methods=["DELETE"])
+@blueprint.route("/balance/<int:transaction_id>", methods=["DELETE"])
@login_required()
 def reverse_transaction(transaction_id, current_session: Session):
    """Reverse a transaction
@ -297,7 +304,7 @@ def reverse_transaction(transaction_id, current_session: Session):
    raise Forbidden
-@BalancePlugin.blueprint.route("/balance", methods=["GET"])
+@blueprint.route("/balance", methods=["GET"])
@login_required(permission=permissions.SHOW_OTHER)
 def get_balances(current_session: Session):
    """Get all balances
@ -314,7 +321,15 @@ def get_balances(current_session: Session):
    offset = request.args.get("offset", type=int)
    descending = request.args.get("descending", False, type=bool)
    sortBy = request.args.get("sortBy", type=str)
-    balances, count = balance_controller.get_balances(limit=limit, offset=offset, descending=descending, sortBy=sortBy)
+    _filter = request.args.get("filter", None, type=str)
    logger.debug(f"request.args: {request.args}")
    balances, count = balance_controller.get_balances(
        limit=limit,
        offset=offset,
        descending=descending,
        sortBy=sortBy,
        _filter=_filter,
    )
    return jsonify(
        {
            "balances": [{"userid": u, "credit": v[0], "debit": v[1]} for u, v in balances.items()],
--- a/flaschengeist/plugins/message_mail.py
+++ b/flaschengeist/plugins/message_mail.py
@ -1,31 +1,37 @@
 import smtplib
 from email.mime.text import MIMEText
 from email.mime.multipart import MIMEMultipart
 from werkzeug.exceptions import InternalServerError
 from flaschengeist import logger
-from flaschengeist.models.user import User
+from flaschengeist.models import User
 from flaschengeist.plugins import Plugin
 from flaschengeist.utils.hook import HookAfter
 from flaschengeist.controller import userController
 from flaschengeist.controller.messageController import Message
-
+from flaschengeist.config import config
 from . import Plugin
 class MailMessagePlugin(Plugin):
-    def __init__(self, config):
+    def load(self):
-        super().__init__()
+        self.config = config.get("mail", None)
-        self.server = config["SERVER"]
+        if self.config is None:
-        self.port = config["PORT"]
+            logger.error("mail was not configured in flaschengeist.toml")
-        self.user = config["USER"]
+            raise InternalServerError
-        self.password = config["PASSWORD"]
+        self.server = self.config["SERVER"]
-        self.crypt = config["CRYPT"]
+        self.port = self.config["PORT"]
-        self.mail = config["MAIL"]
+        self.user = self.config["USER"]
        self.password = self.config["PASSWORD"]
        self.crypt = self.config["CRYPT"]
        self.mail = self.config["MAIL"]
        @HookAfter("send_message")
-        def dummy_send(msg):
+        def dummy_send(msg, *args, **kwargs):
            logger.info(f"(dummy_send) Sending message to {msg.receiver}")
            self.send_mail(msg)
    def send_mail(self, msg: Message):
        logger.debug(f"Sending mail to {msg.receiver} with subject {msg.subject}")
        if isinstance(msg.receiver, User):
            if not msg.receiver.mail:
                logger.warning("Could not send Mail, mail missing: {}".format(msg.receiver))
@ -39,9 +45,8 @@ class MailMessagePlugin(Plugin):
        mail["To"] = ", ".join(recipients)
        mail["Subject"] = msg.subject
        mail.attach(MIMEText(msg.message))
-        if not hasattr(self, "smtp"):
+        with self.__connect() as smtp:
-            self.__connect()
+            smtp.sendmail(self.mail, recipients, mail.as_string())
        self.smtp.sendmail(self.mail, recipients, mail.as_string())
    def __connect(self):
        if self.crypt == "SSL":
@ -52,3 +57,4 @@ class MailMessagePlugin(Plugin):
        else:
            raise ValueError("Invalid CRYPT given")
        self.smtp.login(self.user, self.password)
        return self.smtp
--- a/flaschengeist/plugins/pricelist/init.py
+++ b/flaschengeist/plugins/pricelist/init.py
@ -1,14 +1,12 @@
 """Pricelist plugin"""
-
+from flask import Blueprint, jsonify, request
 from flask import Blueprint, jsonify, request, current_app
 from werkzeug.local import LocalProxy
 from werkzeug.exceptions import BadRequest, Forbidden, NotFound, Unauthorized
 from flaschengeist import logger
 from flaschengeist.controller import userController
 from flaschengeist.controller.imageController import send_image, send_thumbnail
 from flaschengeist.plugins import Plugin
-from flaschengeist.utils.decorators import login_required, extract_session, headers
+from flaschengeist.utils.decorators import login_required, extract_session
 from flaschengeist.utils.HTTP import no_content
 from . import models
@ -16,16 +14,15 @@ from . import pricelist_controller, permissions
 class PriceListPlugin(Plugin):
    name = "pricelist"
    permissions = permissions.permissions
    blueprint = Blueprint(name, __name__, url_prefix="/pricelist")
    plugin = LocalProxy(lambda: current_app.config["FG_PLUGINS"][PriceListPlugin.name])
    models = models
    blueprint = Blueprint("pricelist", __name__, url_prefix="/pricelist")
-    def __init__(self, cfg):
+    def install(self):
-        super().__init__(cfg)
+        self.install_permissions(permissions.permissions)
    def load(self):
        config = {"discount": 0}
-        config.update(cfg)
+        config.update(config)
@PriceListPlugin.blueprint.route("/drink-types", methods=["GET"])
--- a/flaschengeist/plugins/pricelist/migrations/58ab9b6a8839_pricelist_initial.py
+++ b/flaschengeist/plugins/pricelist/migrations/58ab9b6a8839_pricelist_initial.py
@ -0,0 +1,141 @@
 """pricelist: initial
 Revision ID: 58ab9b6a8839
 Revises: 
 Create Date: 2022-02-23 14:45:30.563647
 """
 from alembic import op
 import sqlalchemy as sa
 import flaschengeist
 # revision identifiers, used by Alembic.
 revision = "58ab9b6a8839"
 down_revision = None
 branch_labels = ("pricelist",)
 depends_on = "flaschengeist"
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.create_table(
        "drink_extra_ingredient",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("name", sa.String(length=30), nullable=False),
        sa.Column("price", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=True),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_extra_ingredient")),
        sa.UniqueConstraint("name", name=op.f("uq_drink_extra_ingredient_name")),
    )
    op.create_table(
        "drink_tag",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("name", sa.String(length=30), nullable=False),
        sa.Column("color", sa.String(length=7), nullable=False),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_tag")),
        sa.UniqueConstraint("name", name=op.f("uq_drink_tag_name")),
    )
    op.create_table(
        "drink_type",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("name", sa.String(length=30), nullable=False),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_type")),
        sa.UniqueConstraint("name", name=op.f("uq_drink_type_name")),
    )
    op.create_table(
        "drink",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("article_id", sa.String(length=64), nullable=True),
        sa.Column("package_size", sa.Integer(), nullable=True),
        sa.Column("name", sa.String(length=60), nullable=False),
        sa.Column("volume", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=True),
        sa.Column("cost_per_volume", sa.Numeric(precision=5, scale=3, asdecimal=False), nullable=True),
        sa.Column("cost_per_package", sa.Numeric(precision=5, scale=3, asdecimal=False), nullable=True),
        sa.Column("receipt", sa.PickleType(), nullable=True),
        sa.Column("type_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("image_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["image_id"], ["image.id"], name=op.f("fk_drink_image_id_image")),
        sa.ForeignKeyConstraint(["type_id"], ["drink_type.id"], name=op.f("fk_drink_type_id_drink_type")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink")),
    )
    op.create_table(
        "drink_ingredient",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("volume", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=False),
        sa.Column("ingredient_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["ingredient_id"], ["drink.id"], name=op.f("fk_drink_ingredient_ingredient_id_drink")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_ingredient")),
    )
    op.create_table(
        "drink_price_volume",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("drink_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("volume", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=True),
        sa.ForeignKeyConstraint(["drink_id"], ["drink.id"], name=op.f("fk_drink_price_volume_drink_id_drink")),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_price_volume")),
    )
    op.create_table(
        "drink_x_tag",
        sa.Column("drink_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("tag_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["drink_id"], ["drink.id"], name=op.f("fk_drink_x_tag_drink_id_drink")),
        sa.ForeignKeyConstraint(["tag_id"], ["drink_tag.id"], name=op.f("fk_drink_x_tag_tag_id_drink_tag")),
    )
    op.create_table(
        "drink_x_type",
        sa.Column("drink_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("type_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(["drink_id"], ["drink.id"], name=op.f("fk_drink_x_type_drink_id_drink")),
        sa.ForeignKeyConstraint(["type_id"], ["drink_type.id"], name=op.f("fk_drink_x_type_type_id_drink_type")),
    )
    op.create_table(
        "drink_ingredient_association",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("volume_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("_drink_ingredient_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("_extra_ingredient_id", flaschengeist.models.Serial(), nullable=True),
        sa.ForeignKeyConstraint(
            ["_drink_ingredient_id"],
            ["drink_ingredient.id"],
            name=op.f("fk_drink_ingredient_association__drink_ingredient_id_drink_ingredient"),
        ),
        sa.ForeignKeyConstraint(
            ["_extra_ingredient_id"],
            ["drink_extra_ingredient.id"],
            name=op.f("fk_drink_ingredient_association__extra_ingredient_id_drink_extra_ingredient"),
        ),
        sa.ForeignKeyConstraint(
            ["volume_id"],
            ["drink_price_volume.id"],
            name=op.f("fk_drink_ingredient_association_volume_id_drink_price_volume"),
        ),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_ingredient_association")),
    )
    op.create_table(
        "drink_price",
        sa.Column("id", flaschengeist.models.Serial(), nullable=False),
        sa.Column("price", sa.Numeric(precision=5, scale=2, asdecimal=False), nullable=True),
        sa.Column("volume_id", flaschengeist.models.Serial(), nullable=True),
        sa.Column("public", sa.Boolean(), nullable=True),
        sa.Column("description", sa.String(length=30), nullable=True),
        sa.ForeignKeyConstraint(
            ["volume_id"], ["drink_price_volume.id"], name=op.f("fk_drink_price_volume_id_drink_price_volume")
        ),
        sa.PrimaryKeyConstraint("id", name=op.f("pk_drink_price")),
    )
    # ### end Alembic commands ###
 def downgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.drop_table("drink_price")
    op.drop_table("drink_ingredient_association")
    op.drop_table("drink_x_type")
    op.drop_table("drink_x_tag")
    op.drop_table("drink_price_volume")
    op.drop_table("drink_ingredient")
    op.drop_table("drink")
    op.drop_table("drink_type")
    op.drop_table("drink_tag")
    op.drop_table("drink_extra_ingredient")
    # ### end Alembic commands ###
--- a/flaschengeist/plugins/pricelist/models.py
+++ b/flaschengeist/plugins/pricelist/models.py
@ -1,11 +1,12 @@
-from __future__ import annotations  # TODO: Remove if python requirement is >= 3.10
+from __future__ import annotations  # TODO: Remove if python requirement is >= 3.12 (? PEP 563 is defered)
 from flaschengeist.database import db
 from flaschengeist.models import ModelSerializeMixin, Serial
 from flaschengeist.models.image import Image
 from typing import Optional
 from flaschengeist.database import db
 from flaschengeist.database.types import ModelSerializeMixin, Serial
 from flaschengeist.models import Image
 drink_tag_association = db.Table(
    "drink_x_tag",
    db.Column("drink_id", Serial, db.ForeignKey("drink.id")),
--- a/flaschengeist/plugins/roles/init.py
+++ b/flaschengeist/plugins/roles/init.py
@ -5,20 +5,20 @@ Provides routes used to configure roles and permissions of users / roles.
 from werkzeug.exceptions import BadRequest
 from flask import Blueprint, request, jsonify
 from http.client import NO_CONTENT
 from flaschengeist.plugins import Plugin
 from flaschengeist.utils.decorators import login_required
 from flaschengeist.controller import roleController
 from flaschengeist.utils.HTTP import created, no_content
 from flaschengeist.utils.decorators import login_required
 from . import permissions
 class RolesPlugin(Plugin):
-    name = "roles"
+    blueprint = Blueprint("roles", __name__)
-    blueprint = Blueprint(name, __name__)
+
-    permissions = permissions.permissions
+    def install(self):
        self.install_permissions(permissions.permissions)
@RolesPlugin.blueprint.route("/roles", methods=["GET"])
--- a/flaschengeist/plugins/scheduler.py
+++ b/flaschengeist/plugins/scheduler.py
@ -1,12 +1,11 @@
 import pkg_resources
 from datetime import datetime, timedelta
 from flask import Blueprint
 from datetime import datetime, timedelta
 from flaschengeist import logger
 from flaschengeist.config import config
 from flaschengeist.plugins import Plugin
 from flaschengeist.utils.HTTP import no_content
 from . import Plugin
 class __Task:
    def __init__(self, function, **kwags):
@ -40,16 +39,9 @@ def scheduled(id: str, replace=False, **kwargs):
 class SchedulerPlugin(Plugin):
-    id = "dev.flaschengeist.scheduler"
+    blueprint = Blueprint("scheduler", __name__)
    name = "scheduler"
    blueprint = Blueprint(name, __name__)
    def __init__(self, config=None):
        """Constructor called by create_app
        Args:
            config: Dict configuration containing the plugin section
        """
    def load(self):
        def __view_func():
            self.run_tasks()
            return no_content()
@ -60,15 +52,18 @@ class SchedulerPlugin(Plugin):
            except:
                logger.error("Error while executing scheduled tasks!", exc_info=True)
-        self.version = pkg_resources.get_distribution(self.__module__.split(".")[0]).version
+        cron = config.get("scheduler", {}).get("cron", "passive_web").lower()
        cron = None if config is None else config.get("cron", "passive_web").lower()
-        if cron is None or cron == "passive_web":
+        if cron == "passive_web":
            self.blueprint.teardown_app_request(__passiv_func)
        elif cron == "active_web":
            self.blueprint.add_url_rule("/cron", view_func=__view_func)
    def run_tasks(self):
        from ..database import db
        self = db.session.merge(self)
        changed = False
        now = datetime.now()
        status = self.get_setting("status", default=dict())
--- a/flaschengeist/plugins/users/init.py
+++ b/flaschengeist/plugins/users/init.py
@ -2,15 +2,16 @@
 Provides routes used to manage users
 """
-from http.client import NO_CONTENT, CREATED
+from http.client import CREATED
-from flask import Blueprint, request, jsonify, make_response
+from flask import Blueprint, request, jsonify, make_response, after_this_request, Response
-from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed, NotFound
+from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed
 from datetime import datetime
 from . import permissions
 from flaschengeist import logger
 from flaschengeist.config import config
 from flaschengeist.plugins import Plugin
-from flaschengeist.models.user import User
+from flaschengeist.models import User
 from flaschengeist.utils.decorators import login_required, extract_session, headers
 from flaschengeist.controller import userController
 from flaschengeist.utils.HTTP import created, no_content
@ -18,9 +19,10 @@ from flaschengeist.utils.datetime import from_iso_format
 class UsersPlugin(Plugin):
-    name = "users"
+    blueprint = Blueprint("users", __name__)
-    blueprint = Blueprint(name, __name__)
+
-    permissions = permissions.permissions
+    def install(self):
        self.install_permissions(permissions.permissions)
@UsersPlugin.blueprint.route("/users", methods=["POST"])
@ -105,7 +107,7 @@ def frontend(userid, current_session):
        raise Forbidden
    if request.method == "POST":
-        if request.content_length > 1024 ** 2:
+        if request.content_length > 1024**2:
            raise BadRequest
        current_session.user_.set_attribute("frontend", request.get_json())
        return no_content()
@ -117,10 +119,13 @@ def frontend(userid, current_session):
@UsersPlugin.blueprint.route("/users/<userid>/avatar", methods=["GET"])
-@headers({"Cache-Control": "public, max-age=604800"})
+@headers({"Cache-Control": "public, must-revalidate, max-age=10"})
 def get_avatar(userid):
    etag = None
    if "If-None-Match" in request.headers:
        etag = request.headers["If-None-Match"]
    user = userController.get_user(userid)
-    return userController.load_avatar(user)
+    return userController.load_avatar(user, etag)
@UsersPlugin.blueprint.route("/users/<userid>/avatar", methods=["POST"])
@ -217,7 +222,9 @@ def edit_user(userid, current_session):
            userController.set_roles(user, roles)
    userController.modify_user(user, password, new_password)
-    userController.update_user(user)
+    userController.update_user(
        user,
    )
    return no_content()
--- a/flaschengeist/plugins/users/cli.py
+++ b/flaschengeist/plugins/users/cli.py
@ -1,6 +1,10 @@
 import click
 import sqlalchemy.exc
 from flask.cli import with_appcontext
-from werkzeug.exceptions import BadRequest, Conflict, NotFound
+from werkzeug.exceptions import NotFound
 from flaschengeist import logger
 from flaschengeist.database import db
 from flaschengeist.controller import roleController, userController
@ -28,23 +32,60 @@ def user(ctx, param, value):
@click.command()
-@click.option("--add-role", help="Add new role", type=str)
+@click.option("--create", help="Add new role", is_flag=True)
-@click.option("--set-admin", help="Make a role an admin role, adding all permissions", type=str)
+@click.option("--delete", help="Delete role", is_flag=True)
-@click.option("--add-user", help="Add new user interactivly", callback=user, is_flag=True, expose_value=False)
+@click.option("--set-admin", is_flag=True, help="Make a role an admin role, adding all permissions", type=str)
@click.argument("role", nargs=-1, required=True, type=str)
 def role(create, delete, set_admin, role):
    """Manage roles"""
    ctx = click.get_current_context()
    if (create and delete) or (set_admin and delete):
        ctx.fail("Do not mix --delete with --create or --set-admin")
    for role_name in role:
        if create:
            r = roleController.create_role(role_name)
        else:
            r = roleController.get(role_name)
        if delete:
            roleController.delete(r)
        if set_admin:
            r.permissions = roleController.get_permissions()
            db.session.commit()
@click.command()
@click.option("--add-role", help="Add a role to an user", type=str)
@click.option("--create", help="Create new user interactivly", callback=user, is_flag=True, expose_value=False)
@click.option("--delete", help="Delete a user", is_flag=True)
@click.argument("user", nargs=-1, type=str)
@with_appcontext
-def users(add_role, set_admin):
+def user(add_role, delete, user):
    """Manage users"""
    from flaschengeist.database import db
    ctx = click.get_current_context()
    try:
        if add_role:
            roleController.create_role(add_role)
        if set_admin:
            role = roleController.get(set_admin)
            role.permissions = roleController.get_permissions()
            db.session.commit()
        if USER_KEY in ctx.meta:
            userController.register(ctx.meta[USER_KEY], ctx.meta[USER_KEY]["password"])
-    except (BadRequest, NotFound) as e:
+        else:
-        ctx.fail(e.description)
+            if not isinstance(user, list) or not isinstance(user, tuple):
                user = [user]
            for uid in user:
                logger.debug(f"Userid: {uid}")
                user = userController.get_user(uid)
                logger.debug(f"User: {user}")
                if delete:
                    logger.debug(f"Deleting user {user}")
                    userController.delete_user(user)
                elif add_role:
                    logger.debug(f"Adding role {add_role} to user {user}")
                    role = roleController.get(add_role)
                    logger.debug(f"Role: {role}")
                    user.roles_.append(role)
                    userController.modify_user(user, None)
                    db.session.commit()
    except NotFound:
        ctx.fail(f"User not found {uid}")
--- a/flaschengeist/utils/decorators.py
+++ b/flaschengeist/utils/decorators.py
@ -14,7 +14,7 @@ def extract_session(permission=None):
        logger.debug("Missing Authorization header or ill-formed")
        raise Unauthorized
-    session = sessionController.validate_token(token, request.user_agent, permission)
+    session = sessionController.validate_token(token, request.headers, permission)
    return session
--- a/flaschengeist/utils/foreign_keys.py
+++ b/flaschengeist/utils/foreign_keys.py
@ -1,51 +0,0 @@
 # Borrowed from https://github.com/kvesteri/sqlalchemy-utils
 # Modifications see: https://github.com/kvesteri/sqlalchemy-utils/issues/561
 # LICENSED under the BSD license, see upstream https://github.com/kvesteri/sqlalchemy-utils/blob/master/LICENSE
 import sqlalchemy as sa
 from sqlalchemy.orm import object_session
 def get_foreign_key_values(fk, obj):
    mapper = sa.inspect(obj.__class__)
    return dict(
        (
            fk.constraint.columns.values()[index],
            getattr(obj, element.column.key)
            if hasattr(obj, element.column.key)
            else getattr(obj, mapper.get_property_by_column(element.column).key),
        )
        for index, element in enumerate(fk.constraint.elements)
    )
 def get_referencing_foreign_keys(mixed):
    tables = [mixed]
    referencing_foreign_keys = set()
    for table in mixed.metadata.tables.values():
        if table not in tables:
            for constraint in table.constraints:
                if isinstance(constraint, sa.sql.schema.ForeignKeyConstraint):
                    for fk in constraint.elements:
                        if any(fk.references(t) for t in tables):
                            referencing_foreign_keys.add(fk)
    return referencing_foreign_keys
 def merge_references(from_, to, foreign_keys=None):
    """
    Merge the references of an entity into another entity.
    """
    if from_.__tablename__ != to.__tablename__:
        raise TypeError("The tables of given arguments do not match.")
    session = object_session(from_)
    foreign_keys = get_referencing_foreign_keys(from_.__table__)
    for fk in foreign_keys:
        old_values = get_foreign_key_values(fk, from_)
        new_values = get_foreign_key_values(fk, to)
        session.query(from_.__mapper__).filter(*[k == old_values[k] for k in old_values]).update(
            new_values, synchronize_session=False
        )
--- a/flaschengeist/utils/hook.py
+++ b/flaschengeist/utils/hook.py
@ -7,6 +7,7 @@ _hooks_after = {}
 def Hook(function=None, id=None):
    """Hook decorator
    Use to decorate functions as hooks, so plugins can hook up their custom functions.
    """
    # `id` passed as `arg` not `kwarg`
@ -38,8 +39,10 @@ def Hook(function=None, id=None):
 def HookBefore(id: str):
    """Decorator for functions to be called before a Hook-Function is called
    The hooked up function must accept the same arguments as the function hooked onto,
    as the functions are called with the same arguments.
    Hint: This enables you to modify the arguments!
    """
    if not id or not isinstance(id, str):
@ -54,9 +57,18 @@ def HookBefore(id: str):
 def HookAfter(id: str):
    """Decorator for functions to be called after a Hook-Function is called
    As with the HookBefore, the hooked up function must accept the same
    arguments as the function hooked onto, but also receives a
    `hook_result` kwarg containing the result of the function.
    Example:
        ```py
        @HookAfter("some.id")
        def my_func(hook_result):
            # This function is executed after the function registered with "some.id"
            print(hook_result)  # This is the result of the function
        ```
    """
    if not id or not isinstance(id, str):
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,3 +1,6 @@
 [build-system]
 requires = ["setuptools", "wheel"]
 build-backend = "setuptools.build_meta"
 [tool.black]
 line-length = 120
--- a/setup.cfg
+++ b/setup.cfg
@ -1,6 +1,6 @@
 [metadata]
 license = MIT
-version = 2.0.0.dev0
+version = 2.0.0
 name = flaschengeist
 author = Tim Gröger
 author_email = flaschengeist@wu5.de
@ -19,33 +19,42 @@ classifiers =
 [options]
 include_package_data = True
-python_requires = >=3.7
+python_requires = >=3.10
 packages = find:
 install_requires =
-    Flask >= 2.0
+    #Flask>=2.2.2, <2.3
-    Pillow>=8.4.0
+    Flask>=2.2.2, <2.9
    Pillow>=9.2
    flask_cors
-    flask_sqlalchemy>=2.5
+    flask_migrate>=3.1.0
-    sqlalchemy>=1.4.26
+    flask_sqlalchemy>=2.5.1
    sqlalchemy_utils>=0.38.3
    # Importlib requirement can be dropped when python requirement is >= 3.10
    importlib_metadata>=4.3
    #sqlalchemy>=1.4.40, <2.0
    sqlalchemy >= 2.0
    toml
-    werkzeug
+    werkzeug>=2.2.2
-    PyMySQL;platform_system=='Windows'
+    ua-parser>=0.16.1
    mysqlclient;platform_system!='Windows'
 [options.extras_require]
 argon = argon2-cffi
 ldap = flask_ldapconn; ldap3
-test = pytest; coverage
+tests = pytest; pytest-depends; coverage
 mysql =
    PyMySQL;platform_system=='Windows'
    mysqlclient;platform_system!='Windows'
 [options.package_data]
-* = *.toml
+* = *.toml, script.py.mako, *.ini, */migrations/*, migrations/versions/*
 [options.entry_points]
 console_scripts =
-    flaschengeist = flaschengeist.cli:cli
+    flaschengeist = flaschengeist.cli:main
 flask.commands =
    ldap = flaschengeist.plugins.auth_ldap.cli:ldap
-    users = flaschengeist.plugins.users.cli:users
+    user = flaschengeist.plugins.users.cli:user
    role = flaschengeist.plugins.users.cli:role
 flaschengeist.plugins =
    # Authentication providers
    auth_plain = flaschengeist.plugins.auth_plain:AuthPlain
@ -67,4 +76,4 @@ testpaths = tests
 [coverage:run]
 branch = True
-source = flaschengeist
+source = flaschengeist
--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -3,8 +3,7 @@ import tempfile
 import pytest
 from flaschengeist import database
-from flaschengeist.app import create_app, install_all
+from flaschengeist.app import create_app
 # read in SQL for populating test data
 with open(os.path.join(os.path.dirname(__file__), "data.sql"), "r") as f:
@ -25,12 +24,14 @@ def app():
    app = create_app(
        {
            "TESTING": True,
-            "DATABASE": {"file_path": f"/{db_path}"},
+            "DATABASE": {"engine": "sqlite", "database": f"/{db_path}"},
            "LOGGING": {"level": "DEBUG"},
        }
    )
    with app.app_context():
-        install_all()
+        database.db.create_all()
        database.db.session.commit()
        engine = database.db.engine
        with engine.connect() as connection:
            for statement in _data_sql:
--- a/tests/data.sql
+++ b/tests/data.sql
@ -1,4 +1,8 @@
-INSERT INTO user ('userid', 'firstname', 'lastname', 'mail', 'id') VALUES ('user', 'Max', 'Mustermann', 'abc@def.gh', 1);
+INSERT INTO "user" ('userid', 'firstname', 'lastname', 'mail', 'deleted', 'id') VALUES ('user', 'Max', 'Mustermann', 'abc@def.gh', 0, 1);
 INSERT INTO "user" ('userid', 'firstname', 'lastname', 'mail', 'deleted', 'id') VALUES ('deleted_user', 'John', 'Doe', 'doe@example.com', 1, 2);
 -- Password = 1234
 INSERT INTO user_attribute VALUES(1,1,'password',X'800495c4000000000000008cc0373731346161336536623932613830366664353038656631323932623134393936393561386463353536623037363761323037623238346264623833313265323333373066376233663462643332666332653766303537333564366335393133366463366234356539633865613835643661643435343931376636626663343163653333643635646530386634396231323061316236386162613164373663663333306564306463303737303733336136353363393538396536343266393865942e');
-INSERT INTO session ('expires', 'token', 'lifetime', 'id', 'user_id') VALUES ('2999-01-01 00:00:00', 'f4ecbe14be3527ca998143a49200e294', 600, 1, 1);
+INSERT INTO session ('expires', 'token', 'lifetime', 'id', 'user_id') VALUES ('2999-01-01 00:00:00', 'f4ecbe14be3527ca998143a49200e294', 600, 1, 1);
 -- ROLES
 INSERT INTO role ('name', 'id') VALUES ('role_1', 1);
 INSERT INTO permission ('name', 'id') VALUES ('permission_1', 1);
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@ -15,9 +15,9 @@ def test_login(client):
    # Login successful
    assert result.status_code == 201
    # User set correctly
-    assert json["user"]["userid"] == USERID
+    assert json["userid"] == USERID
    # Token works
-    assert client.get("/auth", headers={"Authorization": f"Bearer {json['session']['token']}"}).status_code == 200
+    assert client.get("/auth", headers={"Authorization": f"Bearer {json['token']}"}).status_code == 200
 def test_login_decorator(client):
--- a/tests/test_events.py
+++ b/tests/test_events.py
@ -1,17 +0,0 @@
 import pytest
 from werkzeug.exceptions import BadRequest
 import flaschengeist.plugins.events.event_controller as event_controller
 from flaschengeist.plugins.events.models import EventType
 VALID_TOKEN = "f4ecbe14be3527ca998143a49200e294"
 EVENT_TYPE_NAME = "Test Type"
 def test_create_event_type(app):
    with app.app_context():
        type = event_controller.create_event_type(EVENT_TYPE_NAME)
        assert isinstance(type, EventType)
        with pytest.raises(BadRequest):
            event_controller.create_event_type(EVENT_TYPE_NAME)
--- a/tests/test_users.py
+++ b/tests/test_users.py
@ -0,0 +1,52 @@
 import pytest
 from werkzeug.exceptions import BadRequest, NotFound
 from flaschengeist.controller import roleController, userController
 from flaschengeist.models.user import User
 VALID_TOKEN = "f4ecbe14be3527ca998143a49200e294"
 def test_get_user(app):
    with app.app_context():
        user = userController.get_user("user")
        assert user is not None and isinstance(user, User)
        assert user.userid == "user"
        user = userController.get_user("deleted_user", deleted=True)
        assert user is not None and isinstance(user, User)
        assert user.userid == "deleted_user"
        with pytest.raises(NotFound):
            user = userController.get_user("__does_not_exist__")
        with pytest.raises(NotFound):
            user = userController.get_user("__does_not_exist__", deleted=True)
        with pytest.raises(NotFound):
            user = userController.get_user("deleted_user")
 def test_set_roles(app):
    with app.app_context():
        user = userController.get_user("user")
        userController.set_roles(user, [])
        assert user.roles_ == []
        userController.set_roles(user, ["role_1"])
        assert len(user.roles_) == 1 and user.roles_[0].id == 1
        # Test unknown role + no create flag -> raise no changes
        with pytest.raises(BadRequest):
            userController.set_roles(user, ["__custom__"])
        assert len(user.roles_) == 1
        userController.set_roles(user, ["__custom__"], create=True)
        assert len(user.roles_) == 1 and user.roles_[0].name == "__custom__"
        assert roleController.get("__custom__").id == user.roles_[0].id
        userController.set_roles(user, ["__custom__"], create=True)
        assert len(user.roles_) == 1
        userController.set_roles(user, ["__custom__", "role_1"])
        assert len(user.roles_) == 2
        userController.set_roles(user, [])
        assert len(user.roles_) == 0
Author	SHA1	Message	Date
Tim Gröger	957796e90e	Merge branch 'develop'	2024-01-18 16:00:11 +01:00
Tim Gröger	4f20a94f60	fix some func to get balance	2024-01-17 13:04:29 +01:00
Tim Gröger	001ef13014	remove links	2024-01-17 00:20:40 +01:00
Tim Gröger	0ae334620b	update dependencies	2024-01-16 22:43:49 +01:00
Tim Gröger	645e2865a6	update dependencies	2024-01-16 22:34:35 +01:00
Tim Gröger	bddb11d1b4	update version to 2.0.0	2024-01-16 19:49:56 +01:00
Tim Gröger	cab172dc65	fix floor transaction with value which has more ziffers than scale #33	2023-05-17 14:47:40 +02:00
Tim Gröger	b40d40644d	if birthday is date then take it otherwise parse from string; prettier	2023-05-15 23:52:49 +02:00
Tim Gröger	319889ee43	(user) better avatar cache-control etag is added to header, If etag is the same a not modified will be respond	2023-05-12 17:12:36 +02:00
Tim Gröger	4be7cccadb	(auth_ldap) add get_last_modified from provider	2023-05-12 17:11:18 +02:00
Tim Gröger	9077c9fd11	(balance) fix notifications if only author and sender oder receiver exists, create special notifications	2023-05-10 01:12:41 +02:00
Tim Gröger	d7428b2ed1	fix add role to user	2023-05-09 21:59:15 +02:00
Tim Gröger	5bab4a7cde	fix update ldap, no none types pushed, add more debugging	2023-05-09 21:59:00 +02:00
Tim Gröger	d8028c4681	fixed timeout in mailing #30	2023-05-09 21:25:19 +02:00
Tim Gröger	8b15a45902	add docker cmd, more debug, add migrations to package	2023-05-09 21:23:47 +02:00
Tim Gröger	ae583a6d18	add black to pyproject.toml	2023-05-09 21:16:17 +02:00
Tim Gröger	193ffeff9d	fix reset password wrong method in userController was executed to get user	2023-05-05 10:00:49 +02:00
Tim Gröger	7eb30b662f	fix mail-plugin this fix load config the right way. now you can install mail-plugin with ```flaschengeist plugin install mail && flaschengeist plugin enable mail```	2023-05-05 10:00:08 +02:00
Tim Gröger	11204662be	(balance) add filter to search user	2023-05-03 14:03:59 +02:00
Tim Gröger	cb0795a6ac	add ua-parser to pares user-agent	2023-05-03 07:46:50 +02:00
Tim Gröger	f7c8ae1037	blacked and add some typings	2023-05-03 06:30:42 +02:00
Tim Gröger	e6c143ad92	fix json_encoder for flask 2.x	2023-05-03 06:29:55 +02:00
Tim Gröger	59f5d4529d	add ide to gitignore	2023-05-03 06:29:28 +02:00
Tim Gröger	f38fb334f1	add get notifications of plugin	2023-05-01 21:53:48 +02:00
Tim Gröger	47442fe211	fix Flask dependencie for #28	2023-04-09 21:15:07 +02:00
Tim Gröger	af2c674ce4	fixed most deprecations from flask and sqlalchemy	2023-04-09 20:57:15 +02:00
Tim Gröger	cfbb557539	Merge pull request 'feature/migrations, closes #19' (#20 ) from feature/migrations into develop Reviewed-on: #20	2023-03-02 05:37:09 +00:00
Tim Gröger	ba93345a09	feat(users) fix cli if user get role, that provider is updatet too	2023-02-18 15:48:53 +01:00
Tim Gröger	d475f3f8e2	feat(ldap) fix login on ldap	2023-02-18 15:11:42 +01:00
Tim Gröger	a50ba403fc	feat(ldap) fix sync from ldap	2023-02-17 20:40:27 +01:00
Tim Gröger	e0acb80f5d	feat(plugin) fix get right instance auf auth_provider	2023-02-17 17:52:20 +01:00
Tim Gröger	c5436f22fa	feat(ldap) fix get right config	2023-02-17 16:40:54 +01:00
Tim Gröger	7796f45097	feat(db) fix get plugins if no database exists	2023-02-17 15:30:05 +01:00
Tim Gröger	8a656c3c89	Merge branch 'develop' into feature/migrations	2023-02-17 13:15:32 +01:00
Tim Gröger	8a5380d888	update sqlalchmy version. not higher than 2.0	2023-02-17 12:46:27 +01:00
Ferdinand Thiessen	9f729bda6c	[plugins] Fix `auth_ldap`, `balance`, and `pricelist` compatibility Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-26 17:05:03 +02:00
Ferdinand Thiessen	9e8117e554	[plugins] Fix scheduler accessing database while unbound from session Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 18:45:01 +02:00
Ferdinand Thiessen	88a4dc24f2	[db] Fix automatic migration upgrade for plugins and core Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 18:44:21 +02:00
Ferdinand Thiessen	0698327ef5	[core][deps] Use sqlalchemy_utils instead of copy-paste code for merging references This fixes issues when using SQLite Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 17:07:12 +02:00
Ferdinand Thiessen	aa8f8f6e64	[core][plugin] Allow blueprints to be set on instance level This ensures blueprints are read from the plugin instance instead of the class, allowing custom routes to be added within the `load()` function. Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 17:05:04 +02:00
Ferdinand Thiessen	6ad8cd1728	[cli] Users and roles can be now managed using the cli Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 17:04:22 +02:00
Ferdinand Thiessen	e2254b71b0	[core][plugin] Unify plugin model and real plugins Plugins are now extensions of the database model, allowing plugins to access all their properties. Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 15:39:05 +02:00
Ferdinand Thiessen	973b4527df	[core] UA parsing: Add backwards compatibility for platform names Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 14:55:49 +02:00
Ferdinand Thiessen	4248825af0	Revert future imports for annotations, PEP563 is still defered Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-25 12:06:59 +02:00
Ferdinand Thiessen	e22e38b304	Implement custom UA parsing, allowing to update Flask and Werkzeug Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-22 17:18:03 +02:00
Ferdinand Thiessen	ee38e46c12	[core] Cleanup + Fix loading migrations of (dis)abled plugins Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-18 22:59:19 +02:00
Ferdinand Thiessen	d3530cc15f	The enabled state of plugins is now loaded from database rather than config file Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-18 21:22:47 +02:00
Ferdinand Thiessen	e41be21c47	Restructure models and database import paths Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-18 19:53:58 +02:00
Ferdinand Thiessen	7f8aa80b0e	Update dependencies and increase python version to 3.10 Drop future imports, not needed with python 3.10 Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-08-18 19:45:54 +02:00
Ferdinand Thiessen	dc2b949225	[cli] Fix exporting of plugin interfaces Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-07-31 19:28:11 +02:00
Ferdinand Thiessen	fa503fe142	[cli] Added install command to install the database and all plugins Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-07-31 19:07:40 +02:00
Ferdinand Thiessen	f1d6b6a2f2	[plugins][cli] Fix initial migration file + Make sure plugin permissions are installed Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>	2022-07-31 19:07:32 +02:00
Ferdinand Thiessen	573bea2da0	feat(cli): Added CLI command for handling plugins ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details ci/woodpecker/pr/lint Pipeline was successful Details ci/woodpecker/pr/test Pipeline was successful Details * Install / Uninstall plugins * List plugins	2022-03-08 17:22:55 +01:00
Ferdinand Thiessen	4fbd20f78e	feat(docs): Add documentation on how to install tables Also various documentation fixed and improvments	2022-03-08 17:22:55 +01:00
Ferdinand Thiessen	6a35137a27	feat(db): Add database migration support, implements #19 Migrations allow us to keep track of database changes and upgrading databases if needed. * Add initial migrations for core Flaschengeist * Add migrations to balance * Add migrations to pricelist * Skip plugins with not satisfied dependencies.	2022-03-08 17:22:55 +01:00
Ferdinand Thiessen	bf02c0e21f	fix(db): Add __repr__ to custom column types, same as done by SQLAlchemy	2022-03-08 17:22:55 +01:00
Tim Gröger	e09d563e93	Merge pull request 'feat(plugins): Load metadata from entry points / distribution' (#24 ) from proposal/metadata2 into develop ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details Reviewed-on: #24	2022-03-08 08:13:52 +00:00
Ferdinand Thiessen	2d4c8ebfd9	fix(plugins): Fix functions using id instead of name property ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details ci/woodpecker/pr/lint Pipeline was successful Details ci/woodpecker/pr/test Pipeline was successful Details	2022-03-07 14:36:31 +01:00
Ferdinand Thiessen	6f35e17fba	feat(plugins): Load metadata from entry points / distribution ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details ci/woodpecker/pr/lint Pipeline was successful Details ci/woodpecker/pr/test Pipeline was successful Details	2022-02-23 15:20:31 +01:00
Ferdinand Thiessen	2f4472e708	feat(docs): Added more documentation on plugins ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details	2022-02-23 15:19:45 +01:00
Ferdinand Thiessen	e510c54bd8	chore(clean): Fix codestyle of config.py ci/woodpecker/push/lint Pipeline was successful Details ci/woodpecker/push/test Pipeline was successful Details	2022-02-22 11:11:23 +01:00
Ferdinand Thiessen	c5db932065	chore(clean): Drop `_module_path` from flaschengeist	2022-02-21 22:24:33 +01:00
Ferdinand Thiessen	1484d678ce	feat(security): Enforce secret key for flask application.	2022-02-21 21:03:15 +01:00
Ferdinand Thiessen	e82d830410	fix(app): Fix import_name for flask application	2022-02-21 21:02:45 +01:00
Ferdinand Thiessen	760ee9fe36	fix(cli): Fix logging when setting verbosity on the cli	2022-02-21 21:02:15 +01:00
Ferdinand Thiessen	90999bbefb	chore(core): Seperated logic from the plugin code, reduces imports	2022-02-13 14:31:55 +01:00
Ferdinand Thiessen	fb50ed05be	deps: Require at lease python 3.9, fixes #22 continuous-integration/woodpecker the build was successful Details	2021-12-26 15:44:04 +01:00
Ferdinand Thiessen	54a789b772	fix(docs): PIP 21.0+ is required, some minor improvements	2021-12-26 15:42:31 +01:00
Ferdinand Thiessen	a6cbc002f6	fix(cli): InterfaceGenerator now works even without a namespace defined continuous-integration/woodpecker the build failed Details	2021-12-23 02:48:28 +01:00
Ferdinand Thiessen	34ee95c66a	feat(cli): Split CLI commands into seperate files	2021-12-23 02:48:02 +01:00
Ferdinand Thiessen	9bcba9c7f9	fix(users): Fix import error inside `set_roles` continuous-integration/woodpecker the build failed Details	2021-12-22 00:37:52 +01:00
Ferdinand Thiessen	016ed7739a	fix(db): Fix Serial column type for SQLite continuous-integration/woodpecker the build failed Details	2021-12-22 00:36:41 +01:00
Ferdinand Thiessen	702b894f75	feat(tests): Added first unit test for the user controller continuous-integration/woodpecker the build failed Details	2021-12-22 00:34:32 +01:00
Ferdinand Thiessen	519eac8f25	feat(ci): Added pipeline for tests continuous-integration/woodpecker the build failed Details Add all supported, meaning by flaschengeist, python versions. Use slim image of python instead of alpine, because Pillow does not provide any wheels for musllibc	2021-12-22 00:29:33 +01:00
Ferdinand Thiessen	aaec6b43ae	tests: Fix tests for current backend	2021-12-21 22:56:03 +01:00
Ferdinand Thiessen	9b42d2b5b7	fix(docs): Rename README continuous-integration/woodpecker the build failed Details	2021-12-20 00:56:16 +01:00
Tim Gröger	29630387a5	Merge branch 'release/1.0'	2020-08-06 22:31:33 +02:00