diff --git a/app/lib.py b/app/lib.py index f65551b..84364f2 100644 --- a/app/lib.py +++ b/app/lib.py @@ -22,10 +22,16 @@ def remote_ip() -> str: def username() -> str: + userinfo = flask_session['userinfo'] + return userinfo['email'].split('@')[0] + + +def login_name() -> str: userinfo = flask_session['userinfo'] if 'preferred_username' in userinfo: return userinfo['preferred_username'] - return userinfo['email'] + else: + return username() def webMode() -> bool: @@ -56,6 +62,7 @@ class OIDCAuthentication(_OIDCAuth): session_refresh_interval_seconds=1800) super().__init__({'default': provider_config}) super().init_app(app) + app.auth = self def authorize(self, provider_name: str, authz_fn: Callable, **kwargs): if provider_name not in self._provider_configurations: diff --git a/app/templates/index.html b/app/templates/index.html index 294ab23..009ca23 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -47,6 +47,7 @@
registered
last event
online
+
 
{% for node in userNodeList %}
@@ -66,6 +67,13 @@
{{node.online | fancyBool | safe }}
+
+ + + + + +
{% endfor %} {% endblock %} diff --git a/app/templates/node.html b/app/templates/node.html index 980de65..c3a1e94 100644 --- a/app/templates/node.html +++ b/app/templates/node.html @@ -24,6 +24,9 @@ {% else %} offline {% endif %} + ( + {{ node.lastSeen | htime_dt }} + )
diff --git a/app/templates/nodes.html b/app/templates/nodes.html index c66996b..37c35c6 100644 --- a/app/templates/nodes.html +++ b/app/templates/nodes.html @@ -10,7 +10,7 @@ name user expire - last event + last activity addresses online   diff --git a/app/templates/user.html b/app/templates/user.html index 72fa989..41e6a90 100644 --- a/app/templates/user.html +++ b/app/templates/user.html @@ -23,8 +23,9 @@   - last connect + last activity online +   @@ -45,6 +46,22 @@ {{node.online | fancyBool | safe}} + + {% if node.expireDate and not node.expired %} + + + + + + {% else %} + + {% endif %} + + + + + + {% endfor %} diff --git a/app/views/main.py b/app/views/main.py index 6c24737..3cff275 100644 --- a/app/views/main.py +++ b/app/views/main.py @@ -1,4 +1,3 @@ -#SUKA import logging import datetime import os @@ -41,8 +40,12 @@ def index(): @main_blueprint.route('/token', methods=['GET', 'POST']) @auth.access_control('default') def token(): + print(auth.valid_access_token()) user_session = UserSession(session) - return jsonify(user_session.userinfo) + # return jsonify(user_session.userinfo) + return jsonify(access_token=user_session.access_token, + id_token=user_session.id_token, + userinfo=user_session.userinfo) @main_blueprint.route('/logout') diff --git a/app/views/rest.py b/app/views/rest.py index d79f8fd..7b59624 100644 --- a/app/views/rest.py +++ b/app/views/rest.py @@ -4,7 +4,7 @@ from flask import Blueprint, request from flask import redirect, url_for from app import auth -from ..lib import username +from ..lib import login_name, username from flask import jsonify @@ -51,6 +51,20 @@ def expireNode(nodeId: int): return redirect(url_for("main.node", nodeId=nodeId)) +@rest_blueprint.route('/node//user-expire', methods=['GET']) +@auth.authorize_admins('default') +def expireNodeUser(nodeId: int): + """ + This expires a node from the node page. + The difference from above is that it returns to the /node/nodeId page + """ + node = Node().get(nodeId) + userName = node.user.name + Node().expire(nodeId) + log.info(f"node '{nodeId}' expired by '{username()}'") + return redirect(url_for("main.user", userName=userName)) + + @rest_blueprint.route('/node//list-expire', methods=['GET']) @auth.authorize_admins('default') def expireNodeList(nodeId: int): @@ -63,22 +77,44 @@ def expireNodeList(nodeId: int): return redirect(url_for("main.nodes")) -@rest_blueprint.route('/node//delete', methods=['GET']) -@auth.authorize_admins('default') +@ rest_blueprint.route('/node//delete', methods=['GET']) +@ auth.authorize_admins('default') def deleteNode(nodeId: int): Node().delete(nodeId) + log.info(f"node '{nodeId}' deleted by '{username()}'") return redirect(url_for("main.nodes")) -@rest_blueprint.route('/node//rename/', methods=['GET']) -@auth.authorize_admins('default') +@rest_blueprint.route('/node//delete-own', methods=['GET']) +@auth.access_control('default') +def deleteOwnNode(nodeId: int): + node = Node().get(nodeId) + if node.user.name != username(): + response = jsonify({'message': 'not authorized'}) + return response, 401 + Node().delete(nodeId) + log.info(f"'{username()}' delete their own node '{nodeId}'") + return redirect(url_for("main.index")) + + +@rest_blueprint.route('/node//delete-user', methods=['GET']) +@auth.access_control('default') +def deleteNodeUser(nodeId: int): + node = Node().get(nodeId) + Node().delete(nodeId) + log.info(f"'{username()}' delete their own node '{nodeId}'") + return redirect(url_for("main.user", userName=node.user.name)) + + +@ rest_blueprint.route('/node//rename/', methods=['GET']) +@ auth.authorize_admins('default') def renameNode(nodeId: int, newName: str): Node().rename(nodeId, newName) return jsonify(dict(newName=newName)) -@rest_blueprint.route('/user//delete', methods=['GET']) -@auth.authorize_admins('default') +@ rest_blueprint.route('/user//delete', methods=['GET']) +@ auth.authorize_admins('default') def deleteUser(userName: str): nodes = Node().byUser(userName) for node in nodes.nodes: @@ -88,8 +124,8 @@ def deleteUser(userName: str): return redirect(url_for("main.users")) -@rest_blueprint.route('/user//pakcreate', methods=['POST']) -@auth.authorize_admins('default') +@ rest_blueprint.route('/user//pakcreate', methods=['POST']) +@ auth.authorize_admins('default') def createPKA(userName: str): data = request.json log.debug(data) @@ -102,8 +138,8 @@ def createPKA(userName: str): return jsonify(dict(key=pak.preAuthKey.key)) -@rest_blueprint.route('/user//expire/', methods=['GET']) -@auth.authorize_admins('default') +@ rest_blueprint.route('/user//expire/', methods=['GET']) +@ auth.authorize_admins('default') def expirePKA(userName: str, key: str): log.debug(key) req = v1ExpirePreAuthKeyRequest(user=userName, key=key)