flaschengeist/app.py

@@ -54,8 +54,6 @@ def __load_plugins(app):
                 logger.error(
                     f"Plugin {entry_point.name} was enabled, but could not be loaded due to an error.", exc_info=True
                 )
-                del plugin
-                continue
         if isinstance(plugin, AuthPlugin):
             logger.debug(f"Found authentication plugin: {entry_point.name}")
             if entry_point.name == config["FLASCHENGEIST"]["auth"]:
@@ -67,7 +65,6 @@ def __load_plugins(app):
             app.config["FG_PLUGINS"][entry_point.name] = plugin
     if "FG_AUTH_BACKEND" not in app.config:
         logger.error("No authentication plugin configured or authentication plugin not found")
-        raise RuntimeError("No authentication plugin configured or authentication plugin not found")
 
 
 def install_all():

flaschengeist/config.py

@@ -9,7 +9,7 @@ from flaschengeist import _module_path, logger
 
 
 # Default config:
-config = {"DATABASE": {"engine": "mysql", "port": 3306}}
+config = {"DATABASE": {"port": 3306}}
 
 
 def update_dict(d, u):
@@ -65,35 +65,17 @@ def configure_app(app, test_config=None):
     else:
         app.config["SECRET_KEY"] = config["FLASCHENGEIST"]["secret_key"]
 
-    if test_config is not None:
+    if test_config is None:
-        config["DATABASE"]["engine"] = "sqlite"
+        app.config["SQLALCHEMY_DATABASE_URI"] = "mysql{driver}://{user}:{passwd}@{host}:{port}/{database}".format(
-
+            driver="+pymysql" if os.name == "nt" else "",
-    if config["DATABASE"]["engine"] == "mysql":
-        engine = "mysql"
-        try:
-            # Try mysqlclient first
-            from MySQLdb import _mysql
-        except ModuleNotFoundError:
-            engine += "+pymysql"
-        options = "?charset=utf8mb4"
-    elif config["DATABASE"]["engine"] == "postgres":
-        engine = "postgresql+psycopg2"
-        options = "?client_encoding=utf8"
-    elif config["DATABASE"]["engine"] == "sqlite":
-        engine = "sqlite"
-        options = ""
-        host = ""
-    else:
-        logger.error(f"Invalid database engine configured. >{config['DATABASE']['engine']}< is unknown")
-        raise Exception
-    if config["DATABASE"]["engine"] in ["mysql", "postgresql"]:
-        host = "{user}:{password}@{host}:{port}".format(
             user=config["DATABASE"]["user"],
-            password=config["DATABASE"]["password"],
+            passwd=config["DATABASE"]["password"],
             host=config["DATABASE"]["host"],
+            database=config["DATABASE"]["database"],
             port=config["DATABASE"]["port"],
         )
-    app.config["SQLALCHEMY_DATABASE_URI"] = f"{engine}://{host}/{config['DATABASE']['database']}{options}"
+    else:
+        app.config["SQLALCHEMY_DATABASE_URI"] = f"sqlite+pysqlite://{config['DATABASE']['file_path']}"
     app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
 
     if "root" in config["FLASCHENGEIST"]:

flaschengeist/controller/roleController.py

@@ -2,7 +2,7 @@ from sqlalchemy.exc import IntegrityError
 from werkzeug.exceptions import BadRequest, NotFound
 
 from flaschengeist.models.user import Role, Permission
-from flaschengeist.database import db, case_sensitive
+from flaschengeist.database import db
 from flaschengeist import logger
 from flaschengeist.utils.hook import Hook
 
@@ -36,8 +36,8 @@ def update_role(role, new_name):
         except IntegrityError:
             logger.debug("IntegrityError: Role might still be in use", exc_info=True)
             raise BadRequest("Role still in use")
-    else:
+    elif role.name != new_name:
-        if role.name == new_name or db.session.query(db.exists().where(Role.name == case_sensitive(new_name))).scalar():
+        if db.session.query(db.exists().where(Role.name == new_name)).scalar():
             raise BadRequest("Name already used")
         role.name = new_name
         db.session.commit()

flaschengeist/database.py

@@ -1,10 +1,3 @@
 from flask_sqlalchemy import SQLAlchemy
 
 db = SQLAlchemy()
-
-
-def case_sensitive(s):
-    if db.session.bind.dialect.name == "mysql":
-        from sqlalchemy import func
-        return func.binary(s)
-    return s

flaschengeist/flaschengeist.toml

@@ -20,7 +20,6 @@ secret_key = "V3ryS3cr3t"
 level = "WARNING"
 
 [DATABASE]
-# engine = "mysql" (default)
 # user = "user"
 # host = "127.0.0.1"
 # password = "password"
@@ -29,16 +28,17 @@ level = "WARNING"
 [auth_plain]
 enabled = true
 
-[auth_ldap]
+#[auth_ldap]
-# Full documentation https://flaschengeist.dev/Flaschengeist/flaschengeist/wiki/plugins_auth_ldap
+# enabled = true
-enabled = false
+# host =
-# host = "localhost"
+# port =
-# port = 389
+# bind_dn =
-# base_dn = "dc=example,dc=com"
+# base_dn =
-# root_dn = "cn=Manager,dc=example,dc=com"
+# secret =
-# root_secret = "SuperS3cret"
+# use_ssl =
-# Uncomment to use secured LDAP (ldaps)
+# admin_dn =
-# use_ssl = true
+# admin_dn =
+# default_gid =
 
 [MESSAGES]
 welcome_subject = "Welcome to Flaschengeist {name}"

flaschengeist/models/__init__.py

@@ -2,7 +2,7 @@ import sys
 import datetime
 
 from sqlalchemy import BigInteger
-from sqlalchemy.dialects import mysql, sqlite
+from sqlalchemy.dialects import mysql
 from sqlalchemy.types import DateTime, TypeDecorator
 
 
@@ -44,7 +44,7 @@ class ModelSerializeMixin:
 class Serial(TypeDecorator):
     """Same as MariaDB Serial used for IDs"""
 
-    impl = BigInteger().with_variant(mysql.BIGINT(unsigned=True), "mysql").with_variant(sqlite.INTEGER, "sqlite")
+    impl = BigInteger().with_variant(mysql.BIGINT(unsigned=True), "mysql")
 
 
 class UtcDateTime(TypeDecorator):

flaschengeist/models/user.py

@@ -56,7 +56,7 @@ class User(db.Model, ModelSerializeMixin):
     display_name: str = db.Column(db.String(30))
     firstname: str = db.Column(db.String(50), nullable=False)
     lastname: str = db.Column(db.String(50), nullable=False)
-    mail: str = db.Column(db.String(60))
+    mail: str = db.Column(db.String(60), nullable=False)
     birthday: Optional[date] = db.Column(db.Date)
     roles: list[str] = []
     permissions: Optional[list[str]] = None

flaschengeist/plugins/__init__.py

@@ -33,7 +33,6 @@ class Plugin:
 
     blueprint = None  # You have to override
     permissions = []  # You have to override
-    id = "dev.flaschengeist.plugin" # You have to override
     name = "plugin"  # You have to override
     models = None  # You have to override
 
@@ -95,7 +94,7 @@ class Plugin:
         db.session.commit()
 
     def notify(self, user, text: str, data=None):
-        n = Notification(text=text, data=data, plugin=self.id, user_=user)
+        n = Notification(text=text, data=data, plugin=self.name, user_=user)
         db.session.add(n)
         db.session.commit()
 

flaschengeist/plugins/auth_ldap/__init__.py

@@ -1,61 +1,56 @@
 """LDAP Authentication Provider Plugin"""
 import io
-import os
 import ssl
 from typing import Optional
 from flask_ldapconn import LDAPConn
 from flask import current_app as app
+from ldap3.utils.hashed import hashed
 from ldap3.core.exceptions import LDAPPasswordIsMandatoryError, LDAPBindError
-from ldap3 import SUBTREE, MODIFY_REPLACE, MODIFY_ADD, MODIFY_DELETE
+from ldap3 import SUBTREE, MODIFY_REPLACE, MODIFY_ADD, MODIFY_DELETE, HASHED_SALTED_MD5
 from werkzeug.exceptions import BadRequest, InternalServerError, NotFound
 
 from flaschengeist import logger
-from flaschengeist.plugins import AuthPlugin, before_role_updated
+from flaschengeist.plugins import AuthPlugin, after_role_updated
 from flaschengeist.models.user import User, Role, _Avatar
 import flaschengeist.controller.userController as userController
 
 
 class AuthLDAP(AuthPlugin):
-    def __init__(self, config):
+    def __init__(self, cfg):
         super().__init__()
+        config = {"port": 389, "use_ssl": False}
+        config.update(cfg)
         app.config.update(
-            LDAP_SERVER=config.get("host", "localhost"),
+            LDAP_SERVER=config["host"],
-            LDAP_PORT=config.get("port", 389),
+            LDAP_PORT=config["port"],
-            LDAP_BINDDN=config.get("bind_dn", None),
+            LDAP_BINDDN=config["bind_dn"],
-            LDAP_SECRET=config.get("secret", None),
-            LDAP_USE_SSL=config.get("use_ssl", False),
-            # That's not TLS, its dirty StartTLS on unencrypted LDAP
             LDAP_USE_TLS=False,
-            LDAP_TLS_VERSION=ssl.PROTOCOL_TLS,
+            LDAP_USE_SSL=config["use_ssl"],
+            LDAP_TLS_VERSION=ssl.PROTOCOL_TLSv1_2,
+            LDAP_REQUIRE_CERT=ssl.CERT_NONE,
             FORCE_ATTRIBUTE_VALUE_AS_LIST=True,
         )
-        logger.warning(app.config.get("LDAP_USE_SSL"))
+        if "secret" in config:
-        if "ca_cert" in config:
+            app.config["LDAP_SECRET"] = config["secret"]
-            app.config["LDAP_CA_CERTS_FILE"] = config["ca_cert"]
-        else:
-            # Default is CERT_REQUIRED
-            app.config["LDAP_REQUIRE_CERT"] = ssl.CERT_OPTIONAL
         self.ldap = LDAPConn(app)
-        self.base_dn = config["base_dn"]
+        self.dn = config["base_dn"]
-        self.search_dn = config.get("search_dn", "ou=people,{base_dn}").format(base_dn=self.base_dn)
+        self.default_gid = config["default_gid"]
-        self.group_dn = config.get("group_dn", "ou=group,{base_dn}").format(base_dn=self.base_dn)
-        self.password_hash = config.get("password_hash", "SSHA").upper()
-        self.object_classes = config.get("object_classes", ["inetOrgPerson"])
-        self.user_attributes: dict = config.get("user_attributes", {})
 
         # TODO: might not be set if modify is called
-        self.root_dn = config.get("root_dn", None)
+        if "admin_dn" in config:
-        self.root_secret = config.get("root_secret", None)
+            self.admin_dn = config["admin_dn"]
+            self.admin_secret = config["admin_secret"]
+        else:
+            self.admin_dn = None
 
-        @before_role_updated
+        @after_role_updated
         def _role_updated(role, new_name):
-            logger.debug(f"LDAP: before_role_updated called with ({role}, {new_name})")
             self.__modify_role(role, new_name)
 
     def login(self, user, password):
         if not user:
             return False
-        return self.ldap.authenticate(user.userid, password, "uid", self.base_dn)
+        return self.ldap.authenticate(user.userid, password, "uid", self.dn)
 
     def find_user(self, userid, mail=None):
         attr = self.__find(userid, mail)
@@ -69,41 +64,42 @@ class AuthLDAP(AuthPlugin):
         self.__update(user, attr)
 
     def create_user(self, user, password):
-        if self.root_dn is None:
+        if self.admin_dn is None:
-            logger.error("root_dn missing in ldap config!")
+            logger.error("admin_dn missing in ldap config!")
             raise InternalServerError
 
         try:
-            ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+            ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
-            attributes = self.user_attributes.copy()
-            if "uidNumber" in attributes:
             self.ldap.connection.search(
-                    self.search_dn,
+                "ou=user,{}".format(self.dn),
                 "(uidNumber=*)",
                 SUBTREE,
                 attributes=["uidNumber"],
             )
-                resp = sorted(
+            uid_number = (
-                    self.ldap.response(),
+                sorted(self.ldap.response(), key=lambda i: i["attributes"]["uidNumber"], reverse=True,)[0][
-                    key=lambda i: i["attributes"]["uidNumber"],
+                    "attributes"
-                    reverse=True,
+                ]["uidNumber"]
+                + 1
             )
-                attributes = resp[0]["attributes"]["uidNumber"] + 1 if resp else attributes["uidNumber"]
+            dn = f"cn={user.firstname} {user.lastname},ou=user,{self.dn}"
-            dn = self.dn_template.format(
+            object_class = [
-                firstname=user.firstname,
+                "inetOrgPerson",
-                lastname=user.lastname,
+                "posixAccount",
-                userid=user.userid,
+                "person",
-                mail=user.mail,
+                "organizationalPerson",
-                display_name=user.display_name,
+            ]
-                base_dn=self.base_dn,
+            attributes = {
-            )
+                "sn": user.firstname,
-            attributes.update({
+                "givenName": user.lastname,
-                "sn": user.lastname,
+                "gidNumber": self.default_gid,
-                "givenName": user.firstname,
+                "homeDirectory": f"/home/{user.userid}",
+                "loginShell": "/bin/bash",
                 "uid": user.userid,
-                "userPassword": self.__hash(password),
+                "userPassword": hashed(HASHED_SALTED_MD5, password),
-            })
+                "uidNumber": uid_number,
-            ldap_conn.add(dn, self.object_classes, attributes)
+            }
+            ldap_conn.add(dn, object_class, attributes)
             self._set_roles(user)
         except (LDAPPasswordIsMandatoryError, LDAPBindError):
             raise BadRequest
@@ -114,10 +110,10 @@ class AuthLDAP(AuthPlugin):
             if password:
                 ldap_conn = self.ldap.connect(dn, password)
             else:
-                if self.root_dn is None:
+                if self.admin_dn is None:
-                    logger.error("root_dn missing in ldap config!")
+                    logger.error("admin_dn missing in ldap config!")
                     raise InternalServerError
-                ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+                ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
             modifier = {}
             for name, ldap_name in [
                 ("firstname", "givenName"),
@@ -128,7 +124,9 @@ class AuthLDAP(AuthPlugin):
                 if hasattr(user, name):
                     modifier[ldap_name] = [(MODIFY_REPLACE, [getattr(user, name)])]
             if new_password:
-                modifier["userPassword"] = [(MODIFY_REPLACE, [self.__hash(new_password)])]
+                # TODO: Use secure hash!
+                salted_password = hashed(HASHED_SALTED_MD5, new_password)
+                modifier["userPassword"] = [(MODIFY_REPLACE, [salted_password])]
             ldap_conn.modify(dn, modifier)
             self._set_roles(user)
         except (LDAPPasswordIsMandatoryError, LDAPBindError):
@@ -136,7 +134,7 @@ class AuthLDAP(AuthPlugin):
 
     def get_avatar(self, user):
         self.ldap.connection.search(
-            self.search_dn,
+            "ou=user,{}".format(self.dn),
             "(uid={})".format(user.userid),
             SUBTREE,
             attributes=["jpegPhoto"],
@@ -152,8 +150,8 @@ class AuthLDAP(AuthPlugin):
             raise NotFound
 
     def set_avatar(self, user, avatar: _Avatar):
-        if self.root_dn is None:
+        if self.admin_dn is None:
-            logger.error("root_dn missing in ldap config!")
+            logger.error("admin_dn missing in ldap config!")
             raise InternalServerError
 
         if avatar.mimetype != "image/jpeg":
@@ -174,16 +172,16 @@ class AuthLDAP(AuthPlugin):
                 raise BadRequest("Unsupported image format")
 
         dn = user.get_attribute("DN")
-        ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+        ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
         ldap_conn.modify(dn, {"jpegPhoto": [(MODIFY_REPLACE, [avatar.binary])]})
 
     def __find(self, userid, mail=None):
         """Find attributes of an user by uid or mail in LDAP"""
         con = self.ldap.connection
         if not con:
-            con = self.ldap.connect(self.root_dn, self.root_secret)
+            con = self.ldap.connect(self.admin_dn, self.admin_secret)
         con.search(
-            self.search_dn,
+            f"ou=user,{self.dn}",
             f"(| (uid={userid})(mail={mail}))" if mail else f"(uid={userid})",
             SUBTREE,
             attributes=["uid", "givenName", "sn", "mail"],
@@ -207,12 +205,12 @@ class AuthLDAP(AuthPlugin):
         role: Role,
         new_name: Optional[str],
     ):
-        if self.root_dn is None:
+        if self.admin_dn is None:
-            logger.error("root_dn missing in ldap config!")
+            logger.error("admin_dn missing in ldap config!")
             raise InternalServerError
         try:
-            ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+            ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
-            ldap_conn.search(self.group_dn, f"(cn={role.name})", SUBTREE, attributes=["cn"])
+            ldap_conn.search(f"ou=group,{self.dn}", f"(cn={role.name})", SUBTREE, attributes=["cn"])
             if len(ldap_conn.response) > 0:
                 dn = ldap_conn.response[0]["dn"]
                 if new_name:
@@ -220,33 +218,13 @@ class AuthLDAP(AuthPlugin):
                 else:
                     ldap_conn.delete(dn)
 
-        except LDAPPasswordIsMandatoryError:
+        except (LDAPPasswordIsMandatoryError, LDAPBindError):
             raise BadRequest
-        except LDAPBindError:
-            logger.debug(f"Could not bind to LDAP server", exc_info=True)
-            raise InternalServerError
-
-    def __hash(self, password):
-        if self.password_hash == "ARGON2":
-            from argon2 import PasswordHasher
-
-            return f"{{ARGON2}}{PasswordHasher().hash(password)}"
-        else:
-            from hashlib import pbkdf2_hmac, sha1
-            import base64
-
-            salt = os.urandom(16)
-            if self.password_hash == "PBKDF2":
-                rounds = 200000
-                password_hash = base64.b64encode(pbkdf2_hmac("sha512", password.encode("utf-8"), salt, rounds)).decode()
-                return f"{{PBKDF2-SHA512}}{rounds}${base64.b64encode(salt).decode()}${password_hash}"
-            else:
-                return f"{{SSHA}}{base64.b64encode(sha1(password + salt) + salt)}"
 
     def _get_groups(self, uid):
         groups = []
         self.ldap.connection.search(
-            self.group_dn,
+            "ou=group,{}".format(self.dn),
             "(memberUID={})".format(uid),
             SUBTREE,
             attributes=["cn"],
@@ -258,7 +236,7 @@ class AuthLDAP(AuthPlugin):
 
     def _get_all_roles(self):
         self.ldap.connection.search(
-            self.group_dn,
+            f"ou=group,{self.dn}",
             "(cn=*)",
             SUBTREE,
             attributes=["cn", "gidNumber", "memberUid"],
@@ -267,7 +245,8 @@ class AuthLDAP(AuthPlugin):
 
     def _set_roles(self, user: User):
         try:
-            ldap_conn = self.ldap.connect(self.root_dn, self.root_secret)
+            ldap_conn = self.ldap.connect(self.admin_dn, self.admin_secret)
+
             ldap_roles = self._get_all_roles()
 
             gid_numbers = sorted(ldap_roles, key=lambda i: i["attributes"]["gidNumber"], reverse=True)
@@ -276,7 +255,7 @@ class AuthLDAP(AuthPlugin):
             for user_role in user.roles:
                 if user_role not in [role["attributes"]["cn"][0] for role in ldap_roles]:
                     ldap_conn.add(
-                        f"cn={user_role},{self.group_dn}",
+                        f"cn={user_role},ou=group,{self.dn}",
                         ["posixGroup"],
                         attributes={"gidNumber": gid_number},
                     )

flaschengeist/plugins/balance/balance_controller.py

@@ -113,9 +113,7 @@ def get_transaction(transaction_id) -> Transaction:
     return transaction
 
 
-def get_transactions(
+def get_transactions(user, start=None, end=None, limit=None, offset=None, show_reversal=False, show_cancelled=True):
-    user, start=None, end=None, limit=None, offset=None, show_reversal=False, show_cancelled=True, descending=False
-):
     count = None
     query = Transaction.query.filter((Transaction.sender_ == user) | (Transaction.receiver_ == user))
     if start:
@@ -127,9 +125,6 @@ def get_transactions(
         query = query.filter(Transaction.original_ == None)
     if not show_cancelled:
         query = query.filter(Transaction.reversal_id.is_(None))
-    if descending:
-        query = query.order_by(Transaction.time.desc())
-    else:
     query = query.order_by(Transaction.time)
     if limit is not None:
         count = query.count()

flaschengeist/plugins/balance/routes.py

@@ -99,32 +99,6 @@ def set_limit(userid, current_session: Session):
     return HTTP.no_content()
 
 
-@BalancePlugin.blueprint.route("/users/balance/limit", methods=["GET", "PUT"])
-@login_required(permission=permissions.SET_LIMIT)
-def limits(current_session: Session):
-    """Get, Modify limit of all users
-
-    Args:
-        current_ession: Session sent with Authorization Header
-
-    Returns:
-        JSON encoded array of userid with limit or HTTP-error
-    """
-
-    users = userController.get_users()
-    if request.method == "GET":
-        return jsonify([{"userid": user.userid, "limit": user.get_attribute("balance_limit")} for user in users])
-
-    data = request.get_json()
-    try:
-        limit = data["limit"]
-    except (TypeError, KeyError):
-        raise BadRequest
-    for user in users:
-        balance_controller.set_limit(user, limit)
-    return HTTP.no_content()
-
-
 @BalancePlugin.blueprint.route("/users/<userid>/balance", methods=["GET"])
 @login_required(permission=permissions.SHOW)
 def get_balance(userid, current_session: Session):
@@ -196,7 +170,6 @@ def get_transactions(userid, current_session: Session):
     show_cancelled = request.args.get("showCancelled", True)
     limit = request.args.get("limit")
     offset = request.args.get("offset")
-    descending = request.args.get("descending", False)
     try:
         if limit is not None:
             limit = int(limit)
@@ -206,20 +179,11 @@ def get_transactions(userid, current_session: Session):
             show_reversals = str2bool(show_reversals)
         if not isinstance(show_cancelled, bool):
             show_cancelled = str2bool(show_cancelled)
-        if not isinstance(descending, bool):
-            descending = str2bool(descending)
     except ValueError:
         raise BadRequest
 
     transactions, count = balance_controller.get_transactions(
-        user,
+        user, start, end, limit, offset, show_reversal=show_reversals, show_cancelled=show_cancelled
-        start,
-        end,
-        limit,
-        offset,
-        show_reversal=show_reversals,
-        show_cancelled=show_cancelled,
-        descending=descending,
     )
     return {"transactions": transactions, "count": count}
 

flaschengeist/plugins/events/__init__.py

@@ -11,7 +11,6 @@ from . import permissions, models
 
 class EventPlugin(Plugin):
     name = "events"
-    id = "dev.flaschengeist.events"
     plugin = LocalProxy(lambda: current_app.config["FG_PLUGINS"][EventPlugin.name])
     permissions = permissions.permissions
     blueprint = Blueprint(name, __name__)

flaschengeist/plugins/events/event_controller.py

@@ -116,7 +116,7 @@ def get_event(event_id, with_backup=False) -> Event:
     if event is None:
         raise NotFound
     if not with_backup:
-        clear_backup(event)
+        return clear_backup(event)
     return event
 
 
@@ -153,9 +153,7 @@ def delete_event(event_id):
     Raises:
         NotFound if not found
     """
-    event = get_event(event_id, True)
+    event = get_event(event_id)
-    for job in event.jobs:
-        delete_job(job)
     db.session.delete(event)
     db.session.commit()
 
@@ -203,15 +201,17 @@ def update():
 
 
 def delete_job(job: Job):
-    for service in job.services:
-        unassign_job(service=service, notify=True)
     db.session.delete(job)
     db.session.commit()
 
 
-def assign_job(job: Job, user, value):
+def assign_to_job(job: Job, user, value):
-    assert value > 0
     service = Service.query.get((job.id, user.id_))
+    if value < 0:
+        if not service:
+            raise BadRequest
+        db.session.delete(service)
+    else:
         if service:
             service.value = value
         else:
@@ -220,25 +220,6 @@ def assign_job(job: Job, user, value):
     db.session.commit()
 
 
-def unassign_job(job: Job = None, user=None, service=None, notify=False):
-    if service is None:
-        assert(job is not None and user is not None)
-        service = Service.query.get((job.id, user.id_))
-    else:
-        user = service.user_
-    if not service:
-        raise BadRequest
-    
-    event_id = service.job_.event_id_
-    
-    db.session.delete(service)
-    db.session.commit()
-    if notify:
-        EventPlugin.plugin.notify(
-            user, "Your assignmet was cancelled", {"event_id": event_id}
-        )
-
-
 @scheduled
 def assign_backups():
     logger.debug("Notifications")

flaschengeist/plugins/events/routes.py

@@ -415,10 +415,7 @@ def update_job(event_id, job_id, current_session: Session):
                 user != current_session.user_ and not current_session.user_.has_permission(permissions.ASSIGN_OTHER)
             ):
                 raise Forbidden
-            if value > 0:
+            event_controller.assign_to_job(job, user, value)
-                event_controller.assign_job(job, user, value)
-            else:
-                event_controller.unassign_job(job, user, notify=user != current_session.user_)
         except (KeyError, ValueError):
             raise BadRequest
 

flaschengeist/plugins/pricelist/__init__.py

@@ -214,37 +214,10 @@ def get_drinks(identifier=None):
 
     if identifier:
         result = pricelist_controller.get_drink(identifier, public=public)
-        return jsonify(result)
     else:
-        limit = request.args.get("limit")
+        result = pricelist_controller.get_drinks(public=public)
-        offset = request.args.get("offset")
+    logger.debug(f"GET drink {result}")
-        search_name = request.args.get("search_name")
+    return jsonify(result)
-        search_key = request.args.get("search_key")
-        ingredient = request.args.get("ingredient", type=bool)
-        receipt = request.args.get("receipt", type=bool)
-        try:
-            if limit is not None:
-                limit = int(limit)
-            if offset is not None:
-                offset = int(offset)
-            if ingredient is not None:
-                ingredient = bool(ingredient)
-            if receipt is not None:
-                receipt = bool(receipt)
-        except ValueError:
-            raise BadRequest
-        drinks, count = pricelist_controller.get_drinks(
-            public=public,
-            limit=limit,
-            offset=offset,
-            search_name=search_name,
-            search_key=search_key,
-            ingredient=ingredient,
-            receipt=receipt,
-        )
-    logger.debug(f"GET drink {drinks}, {count}")
-    # return jsonify({"drinks": drinks, "count": count})
-    return jsonify({"drinks": drinks, "count": count})
 
 
 @PriceListPlugin.blueprint.route("/drinks/search/<string:name>", methods=["GET"])
@@ -594,7 +567,6 @@ def get_columns(userid, current_session):
         userController.persist()
         return no_content()
 
-
 @PriceListPlugin.blueprint.route("/users/<userid>/pricecalc_columns_order", methods=["GET", "PUT"])
 @login_required()
 def get_columns_order(userid, current_session):

flaschengeist/plugins/pricelist/models.py

@@ -76,17 +76,16 @@ class DrinkIngredient(db.Model, ModelSerializeMixin):
     id: int = db.Column("id", db.Integer, primary_key=True)
     volume: float = db.Column(db.Numeric(precision=5, scale=2, asdecimal=False), nullable=False)
     ingredient_id: int = db.Column(db.Integer, db.ForeignKey("drink.id"))
-    cost_per_volume: float
+    #    drink_ingredient: Drink = db.relationship("Drink")
-    name: str
+    # price: float = 0
-    _drink_ingredient: Drink = db.relationship("Drink")
 
-    @property
-    def cost_per_volume(self):
-        return self._drink_ingredient.cost_per_volume if self._drink_ingredient else None
 
-    @property
+#    @property
-    def name(self):
+#    def price(self):
-        return self._drink_ingredient.name if self._drink_ingredient else None
+#        try:
+#            return self.drink_ingredient.cost_price_pro_volume * self.volume
+#        except AttributeError:
+#            pass
 
 
 class Ingredient(db.Model, ModelSerializeMixin):

flaschengeist/plugins/pricelist/pricelist_controller.py

@@ -131,44 +131,13 @@ def _create_public_drink(drink):
     return None
 
 
-def get_drinks(
+def get_drinks(name=None, public=False):
-    name=None, public=False, limit=None, offset=None, search_name=None, search_key=None, ingredient=False, receipt=None
-):
-    count = None
     if name:
-        query = Drink.query.filter(Drink.name.contains(name))
+        drinks = Drink.query.filter(Drink.name.contains(name)).all()
-    else:
+    drinks = Drink.query.all()
-        query = Drink.query
-    if ingredient:
-        query = query.filter(Drink.cost_per_volume >= 0)
-    if receipt:
-        query = query.filter(Drink.volumes.any(DrinkPriceVolume.ingredients != None))
-    if search_name:
-        if search_key == "name":
-            query = query.filter(Drink.name.contains(search_name))
-        elif search_key == "article_id":
-            query = query.filter(Drink.article_id.contains(search_name))
-        elif search_key == "drink_type":
-            query = query.filter(Drink.type.has(DrinkType.name.contains(search_name)))
-        elif search_key == "tags":
-            query = query.filter(Drink.tags.any(Tag.name.contains(search_name)))
-        else:
-            query = query.filter(
-                (Drink.name.contains(search_name))
-                | (Drink.article_id.contains(search_name))
-                | (Drink.type.has(DrinkType.name.contains(search_name)))
-                | (Drink.tags.any(Tag.name.contains(search_name)))
-            )
-
-    if limit is not None:
-        count = query.count()
-        query = query.limit(limit)
-    if offset is not None:
-        query = query.offset(offset)
-    drinks = query.all()
     if public:
-        return [_create_public_drink(drink) for drink in drinks if _create_public_drink(drink)], count
+        return [_create_public_drink(drink) for drink in drinks if _create_public_drink(drink)]
-    return drinks, count
+    return drinks
 
 
 def get_drink(identifier, public=False):
@@ -240,9 +209,6 @@ def set_volumes(volumes):
 
 def delete_drink(identifier):
     drink = get_drink(identifier)
-    if drink.uuid:
-        path = config["pricelist"]["path"]
-        delete_picture(f"{path}/{drink.uuid}")
     db.session.delete(drink)
     db.session.commit()
 
@@ -349,10 +315,6 @@ def delete_price(identifier):
 def set_drink_ingredient(data):
     allowed_keys = DrinkIngredient().serialize().keys()
     values = {key: value for key, value in data.items() if key in allowed_keys}
-    if "cost_per_volume" in values:
-        values.pop("cost_per_volume")
-    if "name" in values:
-        values.pop("name")
     ingredient_id = values.pop("id", -1)
     if ingredient_id < 0:
         drink_ingredient = DrinkIngredient(**values)

flaschengeist/plugins/users/__init__.py

@@ -231,21 +231,3 @@ def notifications(current_session):
 def remove_notifications(nid, current_session):
     userController.delete_notification(nid, current_session.user_)
     return no_content()
-
-
-@UsersPlugin.blueprint.route("/users/<userid>/shortcuts", methods=["GET", "PUT"])
-@login_required()
-def shortcuts(userid, current_session):
-    if userid != current_session.user_.userid:
-        raise Forbidden
-
-    user = userController.get_user(userid)
-    if request.method == "GET":
-        return jsonify(user.get_attribute("users_link_shortcuts", []))
-    else:
-        data = request.get_json()
-        if not isinstance(data, list) or not all(isinstance(n, dict) for n in data):
-            raise BadRequest
-        user.set_attribute("users_link_shortcuts", data)
-        userController.persist()
-        return no_content()

readme.md

@@ -1,16 +1,9 @@
 # Flaschengeist
-This is the backend of the Flaschengeist.
 
 ## Installation
 ### Requirements
-- `mysql` or `mariadb`
+- mysql or mariadb
-    - maybe `libmariadb` development files[1]
+- python 3.6+
-- python 3.7+
-
-[1] By default Flaschengeist uses mysql as database backend, if you are on Windows Flaschengeist uses `PyMySQL`, but on
-Linux / Mac the faster `mysqlclient` is used, if it is not already installed installing from pypi requires the
-development files for `libmariadb` to be present on your system.
-
 ### Install python files
     pip3 install --user .
 or with ldap support
@@ -37,21 +30,9 @@ Configuration is done within the a `flaschengeist.toml`file, you can copy the on
 1. `~/.config/`
 2. A custom path and set environment variable `FLASCHENGEIST_CONF`
 
-Uncomment and change at least all the database parameters!
+Change at least the database parameters!
 
 ### Database installation
-The user needs to have full permissions to the database.
-If not you need to create user and database manually do (or similar on Windows):
-
-    (
-        echo "CREATE DATABASE flaschengeist;"
-        echo "CREATE USER 'flaschengeist'@'localhost' IDENTIFIED BY 'flaschengeist';"
-        echo "GRANT ALL PRIVILEGES ON 'flaschengeist'.* TO 'flaschengeist'@'localhost';"
-        echo "FLUSH PRIVILEGES;"
-    ) | sudo mysql
-
-Then you can install the database tables and initial entries:
-
     run_flaschengeist install
 
 ### Run
@@ -60,8 +41,6 @@ or with debug messages:
 
     run_flaschengeist run --debug
 
-This will run the backend on http://localhost:5000
-
 ## Tests
     $ pip install '.[test]'
     $ pytest
@@ -74,4 +53,89 @@ Or with html output (open `htmlcov/index.html` in a browser):
     $ coverage html
 
 ## Development
-Please refer to our [development wiki](https://flaschengeist.dev/Flaschengeist/flaschengeist/wiki/Development).
+### Code Style
+We enforce you to use PEP 8 code style with a line length of 120 as used by Black.
+See also [Black Code Style](https://github.com/psf/black/blob/master/docs/the_black_code_style.md).
+
+#### Code formatting
+We use [Black](https://github.com/psf/black) as the code formatter.
+
+Installation:
+
+    pip install black
+Usage:
+
+    black -l 120 DIRECTORY_OR_FILE
+
+### Misc
+#### Git blame
+When using `git blame` use this to ignore the code formatting commits:
+
+    $ git blame FILE.py --ignore-revs-file .git-blame-ignore-revs
+Or if you just want to use `git blame`, configure git like this:
+
+    $ git config blame.ignoreRevsFile .git-blame-ignore-revs
+
+#### Ignore changes on config
+    git update-index --assume-unchanged flaschengeist/flaschengeist.toml
+
+## Plugin Development
+### File Structure
+    flaschengeist-example-plugin
+     |> __init__.py
+     |> model.py
+     |> setup.py
+
+### Files
+#### \_\_init\_\_.py
+    from flask import Blueprint
+    from flaschengeist.modules import Plugin
+    
+        
+    example_bp = Blueprint("example", __name__, url_prefix="/example")
+    permissions = ["example_hello"]
+    
+    class PluginExample(Plugin):
+        def __init__(self, conf):
+            super().__init__(blueprint=example_bp, permissions=permissions)
+
+        def install(self):
+            from flaschengeist.system.database import db
+            import .model
+            db.create_all()
+            db.session.commit()
+
+
+    @example_bp.route("/hello", methods=['GET'])
+    @login_required(roles=['example_hello'])
+    def __hello(id, **kwargs):
+        return "Hello"
+
+#### model.py
+Optional, only needed if you need your own models (database)
+
+    from flaschengeist.system.database import db
+    
+    
+    class ExampleModel(db.Model):
+        """Example Model"""
+        __tablename__ = 'example'
+        id = db.Column(db.Integer, primary_key=True)
+        description = db.Column(db.String(240))
+
+#### setup.py
+    from setuptools import setup, find_packages
+    
+    setup(
+        name="flaschengeist-example-plugin",
+        version="0.0.0-dev",
+        packages=find_packages(),
+        install_requires=[
+            "flaschengeist >= 2",
+        ],
+        entry_points={
+            "flaschengeist.plugin": [
+                "example = flaschengeist-example-plugin:ExampleModel"
+            ]
+        },
+    )

run_flaschengeist

@@ -156,11 +156,9 @@ def export(arguments):
     app = create_app()
     with app.app_context():
         gen = InterfaceGenerator(arguments.namespace, arguments.file)
-        if not arguments.no_core:
         gen.run(models)
-        if arguments.plugins is not None:
+        if arguments.plugins:
             for entry_point in pkg_resources.iter_entry_points("flaschengeist.plugin"):
-                if len(arguments.plugins) == 0 or entry_point.name in arguments.plugins:
                 plg = entry_point.load()
                 if hasattr(plg, "models") and plg.models is not None:
                     gen.run(plg.models)
@@ -185,12 +183,7 @@ if __name__ == "__main__":
     parser_export.set_defaults(func=export)
     parser_export.add_argument("--file", help="Filename where to save", default="flaschengeist.d.ts")
     parser_export.add_argument("--namespace", help="Namespace of declarations", default="FG")
-    parser_export.add_argument(
+    parser_export.add_argument("--plugins", help="Also export plugins", action="store_true")
-        "--no-core",
-        help="Do not export core declarations (only useful in conjunction with --plugins)",
-        action="store_true",
-    )
-    parser_export.add_argument("--plugins", help="Also export plugins (none means all)", nargs="*")
 
     args = parser.parse_args()
     args.func(args)

setup.py

@@ -41,12 +41,7 @@ setup(
         "werkzeug",
         mysql_driver,
     ],
-    extras_require={
+    extras_require={"ldap": ["flask_ldapconn", "ldap3"], "pricelist": ["pillow"], "test": ["pytest", "coverage"]},
-        "ldap": ["flask_ldapconn", "ldap3"],
-        "argon": ["argon2-cffi"],
-        "pricelist": ["pillow"],
-        "test": ["pytest", "coverage"],
-    },
     entry_points={
         "flaschengeist.plugin": [
             # Authentication providers