wradmin/__init__.py

   1 from flask import Flask, send_from_directory, abort, g, render_template, request, redirect, url_for, flash, \
   2     session, current_app
   3 from sqlalchemy.engine import create_engine
   4 import wradmin.model
   5 import wradmin.template_helper
   6 from wradmin.controllers.rodelbahn import RodelbahnController
   7 from wradmin.controllers.gasthaus import GasthausController
   8 from wradmin.controllers.bericht import BerichtController
   9 from wradmin.controllers.coordtool import CoordtoolController
  10 from wradmin.auth import password_is_correct
  11 from wradmin.auth.forms import LoginForm
  12 from flask_login import LoginManager, current_user, login_required, login_user, logout_user
  13 from flask_principal import Principal, Permission, RoleNeed, identity_changed, identity_loaded, Identity, \
  14     AnonymousIdentity, UserNeed
  15
  16
  17 app = Flask(__name__)
  18 app.config.from_envvar('WRADMIN_SETTINGS')
  19 wradmin.model.init_model(create_engine(app.config['DATABASE_URI']))
  20 app.jinja_env.globals.update(h=wradmin.template_helper.PylonsHelper())
  21 login_manager = LoginManager(app)
  22 login_manager.login_view = "login"
  23 principals = Principal(app)
  24 admin_permission = Permission(RoleNeed('admin'))
  25
  26
  27 @app.before_request
  28 def _before_request():
  29     g.user = current_user
  30
  31
  32 @app.teardown_appcontext
  33 def remove_db_session(error):
  34     """Removes the database session at the end of the request."""
  35     wradmin.model.meta.Session.remove()
  36
  37
  38 @app.route("/")
  39 def index():
  40     return render_template('index.html')
  41
  42
  43 @app.route("/rodelbahn/list")
  44 @login_required
  45 def rodelbahn_list():
  46     return RodelbahnController().list()
  47
  48
  49 @app.route("/rodelbahn/view/<int:id>")
  50 @login_required
  51 @admin_permission.require(403)
  52 def rodelbahn_view(id):
  53     return RodelbahnController().view(id)
  54
  55
  56 @app.route("/rodelbahn/update")
  57 @login_required
  58 @admin_permission.require(403)
  59 def rodelbahn_update():
  60     return RodelbahnController().update()
  61
  62
  63 @app.route("/rodelbahn/update_regioncache")
  64 @login_required
  65 def rodelbahn_update_regioncache():
  66     return RodelbahnController().update_regioncache()
  67
  68
  69 @app.route("/rodelbahn/update_mapcache")
  70 @login_required
  71 def rodelbahn_update_mapcache():
  72     return RodelbahnController().update_mapcache()
  73
  74
  75 @app.route("/bericht/list")
  76 @login_required
  77 @admin_permission.require(403)
  78 def bericht_list():
  79     return BerichtController().list()
  80
  81
  82 @app.route("/bericht/view/<int:id>")
  83 @login_required
  84 @admin_permission.require(403)
  85 def bericht_view(id):
  86     return BerichtController().view(id)
  87
  88
  89 @app.route("/bericht/change_date_invalid/<int:id>", methods=['POST'])
  90 @login_required
  91 @admin_permission.require(403)
  92 def bericht_change_date_invalid(id):
  93     return BerichtController().change_date_invalid(id)
  94
  95
  96 @app.route("/bericht/update_reportcache")
  97 @login_required
  98 def bericht_update_reportcache():
  99     return BerichtController().update_reportcache()
 100
 101
 102 @app.route("/gasthaus/list")
 103 @login_required
 104 def gasthaus_list():
 105     return GasthausController().list()
 106
 107
 108 @app.route("/gasthaus/view/<int:id>")
 109 @login_required
 110 def gasthaus_view(id):
 111     return GasthausController().view(id)
 112
 113
 114 @app.route("/gasthaus/update")
 115 @login_required
 116 def gasthaus_update():
 117     return GasthausController().update()
 118
 119
 120 @app.route("/coordtool/index")
 121 @login_required
 122 def coordtool_index():
 123     return CoordtoolController().index()
 124
 125
 126 @app.route("/coordtool/convert", methods=['POST'])
 127 @login_required
 128 def coordtool_convert():
 129     return CoordtoolController().convert()
 130
 131
 132 @app.route("/login", methods=['GET', 'POST'])
 133 def login():
 134     form = LoginForm()
 135     if form.validate_on_submit():
 136         user = wradmin.model.meta.Session.query(wradmin.model.MwUser).filter_by(user_name=form.user_name.data).first()
 137         if user is not None and password_is_correct(form.password.data, user.user_password.decode()):
 138             login_user(user, form.remember_me.data)
 139             identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
 140             next = request.args.get('next')
 141             if next is None or not next.startswith('/'):
 142                 next = url_for('index')
 143             flash('Sie sind nun angemeldet.')
 144             return redirect(next)
 145         flash('Ungülter Benutzername oder ungültiges Passwort.')
 146     return render_template('auth/login.html', form=form)
 147
 148
 149 @app.route("/logout")
 150 def logout():
 151     logout_user()
 152     for key in ('identity.name', 'identity.auth_type'):
 153         session.pop(key, None)
 154     identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
 155     flash('Sie wurden ausgeloggt.')
 156     return redirect(url_for('index'))
 157
 158
 159 @login_manager.user_loader
 160 def user_loader(user_id):
 161     return wradmin.model.meta.Session.query(wradmin.model.MwUser).get(user_id)
 162
 163
 164 @identity_loaded.connect_via(app)
 165 def on_identity_loaded(sender, identity):
 166     identity.user = current_user
 167     user_id = current_user.get_id()
 168     if user_id is not None:
 169         identity.provides.add(UserNeed(user_id))
 170         if current_user.user_name in ['Philipp', 'Johndoe']:  # TODO: replace with MediaWiki user groups
 171             identity.provides.add(RoleNeed('admin'))