Support for policy upload/download

Plus a small bugfix for groups
2024-12-17 12:10:40 +01:00
parent 7fa17adfb1
commit 31910dc034
10 changed files with 646 additions and 508 deletions
--- a/app/views/main.py
+++ b/app/views/main.py
@ -8,7 +8,7 @@ from app import auth

 # from ..lib import username

-from flask import jsonify
+from flask import jsonify, make_response
 from flask_pyoidc.user_session import UserSession

 from hsapi_client import Node, User, Route, PreAuthKey, Policy
@ -132,9 +132,24 @@ def routes():
                           routes=final)


-@main_blueprint.route('/policy', methods=['GET'])
+@main_blueprint.route('/policy', defaults={'action': None}, methods=['GET'])
+@main_blueprint.route('/policy/<action>', methods=['GET'])
@auth.authorize_admins('default')
-def policy():
+def policy(action):
+    log.debug(f"action: {action}")
    policy = Policy().get()
-    return render_template("policy.html",
-                           policy=policy)
+    if action == "view":
+        return policy.json
+
+    elif action == "download":
+        updateStr = policy.updatedAt.strftime(format='%Y%m%d-%H%M')
+        log.debug(updateStr)
+        filename = f"acl-{updateStr}.json"
+        response = make_response(policy.json)
+        response.headers['Content-Disposition'] = f'attachment; filename={
+            filename}'
+
+        return response
+    else:
+        return render_template("policy.html",
+                               policy=policy)
--- a/app/views/rest.py
+++ b/app/views/rest.py
@ -4,11 +4,14 @@ from flask import Blueprint, request
 from flask import redirect, url_for
 from app import auth

-from flask import jsonify
+from flask import jsonify, make_response

-from hsapi_client import Node, User, Route, PreAuthKey
+from hsapi_client import Node, User, Route, PreAuthKey, Policy
 from hsapi_client.preauthkeys import (v1CreatePreAuthKeyRequest,
                                      v1ExpirePreAuthKeyRequest)
+from hsapi_client.policies import v1Policy
+
+from hsapi_client.config import HTTPException

 from app.lib import remote_ip

@ -111,3 +114,21 @@ def expirePKA(userName: str, key: str):
 def backfillips():
    response = Node().backfillips()
    return jsonify(response.changes)
+
+
+@rest_blueprint.route('/policy/upload', methods=['POST'])
+@auth.authorize_admins('default')
+def policyUpload():
+    file = request.files['file']
+    try:
+        acl = ''.join(map(bytes.decode, file.readlines()))
+    except UnicodeDecodeError as e:
+        log.debug(e)
+        return jsonify(message=str(e)), 422
+
+    policy = Policy()
+    try:
+        policy.put(acl)
+    except HTTPException as e:
+        return jsonify(message=str(e.message)), 422
+    return jsonify(message="acl updated"), 200