headscale/hsman
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

User can control their own nodes: delete/expire

Browse Source
This commit is contained in:
Andrea Mistrali
2024-07-26 12:03:15 +02:00
parent facaaed9eb
commit 426c01ba6b
7 changed files with 90 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/views/main.py
View File

@ -1,4 +1,3 @@
#SUKA
import logging
import datetime
import os
@ -41,8 +40,12 @@ def index():
@main_blueprint.route('/token', methods=['GET', 'POST'])
@auth.access_control('default')
def token():
print(auth.valid_access_token())
user_session = UserSession(session)
return jsonify(user_session.userinfo)
# return jsonify(user_session.userinfo)
return jsonify(access_token=user_session.access_token,
id_token=user_session.id_token,
userinfo=user_session.userinfo)
@main_blueprint.route('/logout')

58
app/views/rest.py
View File

@ -4,7 +4,7 @@ from flask import Blueprint, request
from flask import redirect, url_for
from app import auth
from ..lib import username
from ..lib import login_name, username
from flask import jsonify
@ -51,6 +51,20 @@ def expireNode(nodeId: int):
return redirect(url_for("main.node", nodeId=nodeId))
@rest_blueprint.route('/node/<int:nodeId>/user-expire', methods=['GET'])
@auth.authorize_admins('default')
def expireNodeUser(nodeId: int):
"""
This expires a node from the node page.
The difference from above is that it returns to the /node/nodeId page
"""
node = Node().get(nodeId)
userName = node.user.name
Node().expire(nodeId)
log.info(f"node '{nodeId}' expired by '{username()}'")
return redirect(url_for("main.user", userName=userName))
@rest_blueprint.route('/node/<int:nodeId>/list-expire', methods=['GET'])
@auth.authorize_admins('default')
def expireNodeList(nodeId: int):
@ -63,22 +77,44 @@ def expireNodeList(nodeId: int):
return redirect(url_for("main.nodes"))
@rest_blueprint.route('/node/<int:nodeId>/delete', methods=['GET'])
@auth.authorize_admins('default')
@ rest_blueprint.route('/node/<int:nodeId>/delete', methods=['GET'])
@ auth.authorize_admins('default')
def deleteNode(nodeId: int):
Node().delete(nodeId)
log.info(f"node '{nodeId}' deleted by '{username()}'")
return redirect(url_for("main.nodes"))
@rest_blueprint.route('/node/<int:nodeId>/rename/<newName>', methods=['GET'])
@auth.authorize_admins('default')
@rest_blueprint.route('/node/<int:nodeId>/delete-own', methods=['GET'])
@auth.access_control('default')
def deleteOwnNode(nodeId: int):
node = Node().get(nodeId)
if node.user.name != username():
response = jsonify({'message': 'not authorized'})
return response, 401
Node().delete(nodeId)
log.info(f"'{username()}' delete their own node '{nodeId}'")
return redirect(url_for("main.index"))
@rest_blueprint.route('/node/<int:nodeId>/delete-user', methods=['GET'])
@auth.access_control('default')
def deleteNodeUser(nodeId: int):
node = Node().get(nodeId)
Node().delete(nodeId)
log.info(f"'{username()}' delete their own node '{nodeId}'")
return redirect(url_for("main.user", userName=node.user.name))
@ rest_blueprint.route('/node/<int:nodeId>/rename/<newName>', methods=['GET'])
@ auth.authorize_admins('default')
def renameNode(nodeId: int, newName: str):
Node().rename(nodeId, newName)
return jsonify(dict(newName=newName))
@rest_blueprint.route('/user/<userName>/delete', methods=['GET'])
@auth.authorize_admins('default')
@ rest_blueprint.route('/user/<userName>/delete', methods=['GET'])
@ auth.authorize_admins('default')
def deleteUser(userName: str):
nodes = Node().byUser(userName)
for node in nodes.nodes:
@ -88,8 +124,8 @@ def deleteUser(userName: str):
return redirect(url_for("main.users"))
@rest_blueprint.route('/user/<userName>/pakcreate', methods=['POST'])
@auth.authorize_admins('default')
@ rest_blueprint.route('/user/<userName>/pakcreate', methods=['POST'])
@ auth.authorize_admins('default')
def createPKA(userName: str):
data = request.json
log.debug(data)
@ -102,8 +138,8 @@ def createPKA(userName: str):
return jsonify(dict(key=pak.preAuthKey.key))
@rest_blueprint.route('/user/<userName>/expire/<key>', methods=['GET'])
@auth.authorize_admins('default')
@ rest_blueprint.route('/user/<userName>/expire/<key>', methods=['GET'])
@ auth.authorize_admins('default')
def expirePKA(userName: str, key: str):
log.debug(key)
req = v1ExpirePreAuthKeyRequest(user=userName, key=key)