Bump version

Fixed view for non admin users
Bump version
2024-09-05 11:13:16 +02:00 · 2024-09-05 11:12:55 +02:00 · 2024-09-03 11:41:45 +02:00 · 2024-09-03 11:40:53 +02:00 · 2024-09-03 08:48:58 +02:00 · 2024-08-07 10:16:37 +02:00
13 changed files with 57 additions and 36 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -1,9 +1,7 @@
-from flask import Flask, render_template
+from flask import Flask, render_template, g
 from werkzeug.exceptions import HTTPException
 from flask_mobility import Mobility
 from flask_pyoidc.provider_configuration import ProviderConfiguration, ClientMetadata
 from . import filters
 from .lib import OIDCAuthentication
@@ -53,9 +51,12 @@ def create_app(environment='development'):
    filters.init_app(app)
    # Error handlers.
    @app.errorhandler(HTTPException)
    def handle_http_error(exc):
        return render_template('error.html', error=exc), exc.code
    @app.context_processor
    def inject_auth():
        return dict(auth=auth)
    return app
--- a/app/lib.py
+++ b/app/lib.py
@@ -56,11 +56,26 @@ class OIDCAuthentication(_OIDCAuth):
        userinfo = flask_session['userinfo']
        return userinfo['email'].split('@')[0]
    @property
    def email(self) -> str:
        userinfo = flask_session['userinfo']
        return userinfo['email']
    @property
    def login_name(self) -> str:
        userinfo = flask_session['userinfo']
        return userinfo.get('preferred_username', self.username)
    @property
    def full_name(self) -> str:
        userinfo = flask_session['userinfo']
        return userinfo.get('name')
    @property
    def groups(self) -> list:
        userinfo = flask_session['userinfo']
        return userinfo.get('groups')
    @property
    def isAdmin(self) -> bool:
        userinfo = flask_session['userinfo']
@@ -73,7 +88,7 @@ class OIDCAuthentication(_OIDCAuth):
            if len(authorized_groups):
                log.debug(f"'{self.username}' is a member of {
-                          authorized_groups}")
+                          authorized_groups}. isAdmin == True")
                return True
            if self.username in admin_users:
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -50,6 +50,7 @@
        <div class="collapse navbar-collapse" id="navbarNav">
          <ul class="navbar-nav mr-auto">
          {% if auth.isAdmin %}
            <li class="nav-item">
              <a class="nav-link" href="{{ url_for('main.nodes') }}">nodes</a>
            </li>
@@ -59,6 +60,7 @@
            <li class="nav-item">
              <a class="nav-link" href="{{ url_for('main.routes') }}">routes</a>
            </li>
          {% endif %}
          </ul>
          <ul class="navbar-nav">
            <li class="nav-item me-right">
--- a/app/templates/error.html
+++ b/app/templates/error.html
@@ -1,9 +1,10 @@
 {% extends "base.html" %}
 {% block content %}
-<div class="jumbotron my-4">
+<div class="jumbotron jumbotron-fluid my-4">
  <div class="text-center">
-    <h1>{{ '%s - %s' % (error.code, error.name) }}</h1>
+    <h1>Oops, something went wrong</h1>
    <h1>{{ '%s - %s' % (error.code, error.name) }}</h2>
    <p>{{ error.description }}.</p>
  </div>
 </div>
--- a/app/templates/index.html
+++ b/app/templates/index.html
@@ -2,25 +2,26 @@
 {% block content %}
 <h3>
-    Welcome, {{ session.userinfo.name }}
+    Welcome, {{ auth.full_name }}
 </h3>
 <hr>
 <h4>authentication info</h4>
 <div class="row data">
    <div class="col col-2">
-        <strong>email</strong>
+        <strong>username</strong>
    </div>
    <div class="col col-6">
-        {{ session.userinfo.email }}
+        <span data-toggle="tooltip" data-placement="right" title="OIDC username: {{ auth.login_name }}">
-        <!-- {{ session.userinfo.email_verified | fancyBool | safe }} -->
+        {{ auth.username }}
        </span>
    </div>
 </div>
 <div class="row data">
    <div class="col col-2">
-        <strong>username</strong>
+        <strong>email</strong>
    </div>
    <div class="col col-6">
-        {{ session.userinfo.preferred_username }}
+        {{ auth.email }}
    </div>
 </div>
 <div class="row data">
@@ -29,16 +30,16 @@
    </div>
    <div class="col col-6">
        <i class="fas fa-angle-right"></i>
-       {% if session.userinfo.groups[0] in config['ADMIN_GROUPS'] %}
+        {% if auth.groups[0] in config['ADMIN_GROUPS'] %}
        <span class="badge badge-pill badge-warning">
        {% else %}
        <span class="badge badge-pill badge-dark">
        {% endif %}
-        {{ session.userinfo.groups[0]}}
+        {{ auth.groups[0]}}
        </span>
    </div>
 </div>
-        {% for group in session.userinfo.groups[1:] |sort %}
+        {% for group in auth.groups[1:] |sort %}
 <div class="row data">
    <div class="col col-2">
        &nbsp;
--- a/app/templates/node.html
+++ b/app/templates/node.html
@@ -36,6 +36,9 @@
    <div class="col col-8 float-left">
        <span data-toggle="tooltip" data-placement="right" title="{{ node.createdAt | fmt_datetime }}">
            {{ node.createdAt | htime_dt }}
            <span class="badge badge-pill badge-warning">
            {{ node.registerMethod.name }}
            </span>
        </span>
    </div>
 </div>
--- a/app/templates/users.html
+++ b/app/templates/users.html
@@ -31,7 +31,7 @@
            </td>
            <td class="no-sort">
                <span data-toggle="tooltip" data-placement="right" title="delete">
-                    <a class="nodeco" href="/user/{{user.name}}/delete">
+                    <a class="nodeco" href="{{ url_for('rest.deleteUser', userName=user.name) }}">
                        <i class="fas fa-trash"></i>
                    </a>
                </span>
--- a/app/views/main.py
+++ b/app/views/main.py
@@ -2,7 +2,7 @@ import logging
 import datetime
 import os
 from flask import current_app
-from flask import render_template, Blueprint, request
+from flask import render_template, Blueprint
 from flask import redirect, session, url_for
 from app import auth
@@ -38,13 +38,10 @@ def token():
@main_blueprint.route('/', methods=['GET', 'POST'])
@auth.access_control('default')
 def index():
-    user_session = UserSession(session)
+    hs_user = auth.username
    hs_user = user_session.userinfo['email'].split('@')[0]
    userNodeList = [n for n in Node().list().nodes if n.user.name == hs_user]
    return render_template('index.html',
-                           userNodeList=userNodeList,
+                           userNodeList=userNodeList)
                           session=user_session,
                           auth=auth)
@main_blueprint.route('/logout')
--- a/app/views/rest.py
+++ b/app/views/rest.py
@@ -4,8 +4,6 @@ from flask import Blueprint, request
 from flask import redirect, url_for
 from app import auth
 # from ..lib import login_name, username
 from flask import jsonify
 from hsapi_client import Node, User, Route, PreAuthKey
@@ -14,8 +12,8 @@ from hsapi_client.preauthkeys import (v1CreatePreAuthKeyRequest,
 log = logging.getLogger()
 # REST calls
 # REST calls
 rest_blueprint = Blueprint(
    'rest', __name__, url_prefix=os.getenv('APPLICATION_ROOT', '/'))
@@ -64,8 +62,11 @@ def deleteNode(nodeId: int):
@rest_blueprint.route('/node/<int:nodeId>/rename/<newName>', methods=['GET'])
-@auth.authorize_admins('default')
+@auth.access_control('default')
 def renameNode(nodeId: int, newName: str):
    node = Node().get(nodeId)
    if not auth.userOrAdmin(node.user.name):
        return auth.unathorized
    Node().rename(nodeId, newName)
    return jsonify(dict(newName=newName))
--- a/gunicorn.conf.py
+++ b/gunicorn.conf.py
@@ -11,7 +11,7 @@ preload_app = True
 #  logconfig = "app/logging/production.ini"
 logconfig = "app/logging/production.ini"
-access_log_format = "%(h)s %(l)s %(t)s  %(r)s %(s)s %(b)s %(f)s %(a)s"
+access_log_format = "%(h)s %({x-forwarded-for}i)s %(t)s  %(r)s %(s)s %(b)s %(L)s"
 # Log to stdout.
 accesslog = "-"
 errorlog = "-"
--- a/poetry.lock
+++ b/poetry.lock
@@ -452,13 +452,13 @@ files = [
 [[package]]
 name = "hsapi-client"
-version = "0.9.5"
+version = "0.9.6"
 description = "Headscale API client"
 optional = false
 python-versions = "<4.0,>=3.11"
 files = [
-    {file = "hsapi_client-0.9.5-py3-none-any.whl", hash = "sha256:a2ef7a62fba6f31ad08d6c04db95306c1da10c255383c699d04aa2dbd293f743"},
+    {file = "hsapi_client-0.9.6-py3-none-any.whl", hash = "sha256:441cd219a2384f66511b8cca21224171b4e6753d16d364d984eb9887aa686a6c"},
-    {file = "hsapi_client-0.9.5.tar.gz", hash = "sha256:aa8bf51a960c8e472b8a423bd7de5f7d9514ca5706e2b98ac473d57d158767f6"},
+    {file = "hsapi_client-0.9.6.tar.gz", hash = "sha256:b6a4183fb9cdf95b0e864eec5b79ea18843e25379f928c4770b68e4f1ce8334b"},
 ]
 [package.dependencies]
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "hsman"
-version = "0.9.9"
+version = "0.9.15"
 description = "Flask Admin webui for Headscale"
 authors = ["Andrea Mistrali <andrea@mistrali.pw>"]
 license = "BSD"
--- a/wsgi.py
+++ b/wsgi.py
@@ -19,7 +19,7 @@ log.debug(f"Running in web mode: {lib.webMode()}")
 def get_context():
    # flask cli context setup
    """Objects exposed here will be automatically available from the shell."""
-    return dict(app=app, models=models)
+    return dict(app=app)
 if __name__ == '__main__':
Author	SHA1	Message	Date
Andrea Mistrali	4fb45c41bd	Bump version	2024-09-05 11:13:16 +02:00
Andrea Mistrali	a1c66152ae	Fixed view for non admin users	2024-09-05 11:12:55 +02:00
Andrea Mistrali	2a38fb14dd	Bump version	2024-09-03 11:41:45 +02:00
Andrea Mistrali	d86b2b58c2	Add register method info	2024-09-03 11:40:53 +02:00
Andrea Mistrali	b91e73f3a5	Bump hsapi-client version	2024-09-03 08:48:58 +02:00
Andrea Mistrali	71a3413cbe	Fix delete user URL	2024-08-07 10:16:37 +02:00
Andrea Mistrali	a1dadcd709	Allow users to rename their devices	2024-08-07 09:07:36 +02:00
Andrea Mistrali	b9fd722016	Better logging of remote IP address	2024-08-07 08:38:05 +02:00