-# http://flask.pocoo.org/
-# FLASK_APP=wradmin FLASK_DEBUG=1 WRADMIN_SETTINGS=development.cfg python3 -m flask run
-# FLASK_APP=wradmin WRADMIN_SETTINGS=production.cfg python3 -m flask run
-from flask import Flask, send_from_directory, abort, g
+from flask import Flask, send_from_directory, abort, g, render_template, request, redirect, url_for, flash, \
+ session, current_app
from sqlalchemy.engine import create_engine
import wradmin.model
-from wradmin.genshi import render_genshi_template
+import wradmin.template_helper
from wradmin.controllers.rodelbahn import RodelbahnController
+from wradmin.controllers.gasthaus import GasthausController
+from wradmin.controllers.bericht import BerichtController
+from wradmin.controllers.coordtool import CoordtoolController
+from wradmin.auth import password_is_correct
+from wradmin.auth.forms import LoginForm
+from flask_login import LoginManager, current_user, login_required, login_user, logout_user
+from flask_principal import Principal, Permission, RoleNeed, identity_changed, identity_loaded, Identity, \
+ AnonymousIdentity, UserNeed
app = Flask(__name__)
app.config.from_envvar('WRADMIN_SETTINGS')
+wradmin.model.init_model(create_engine(app.config['DATABASE_URI']))
+app.jinja_env.globals.update(h=wradmin.template_helper.PylonsHelper())
+login_manager = LoginManager(app)
+login_manager.login_view = "login"
+principals = Principal(app)
+admin_permission = Permission(RoleNeed('admin'))
-def get_db():
- """Opens a new database connection if there is none yet for the
- current application context.
- """
- if not hasattr(g, 'db'):
- g.db_engine = create_engine(app.config['DATABASE_URI'])
- wradmin.model.init_model(g.db_engine)
- g.db = g.db_engine.connect()
- return g.db
+@app.before_request
+def _before_request():
+ g.user = current_user
@app.teardown_appcontext
-def close_db(error):
- """Closes the database again at the end of the request."""
- if hasattr(g, 'db'):
- g.db.close()
+def remove_db_session(error):
+ """Removes the database session at the end of the request."""
+ wradmin.model.meta.Session.remove()
@app.route("/")
def index():
- return render_genshi_template('index.html')
+ return render_template('index.html')
@app.route("/rodelbahn/list")
+@login_required
def rodelbahn_list():
- get_db()
return RodelbahnController().list()
-@app.route("/rodelbahn/update")
-def rodelbahn_update():
- pass
-
-
@app.route("/rodelbahn/view/<int:id>")
+@login_required
+@admin_permission.require(403)
def rodelbahn_view(id):
- pass
+ return RodelbahnController().view(id)
+
+
+@app.route("/rodelbahn/update")
+@login_required
+@admin_permission.require(403)
+def rodelbahn_update():
+ return RodelbahnController().update()
@app.route("/rodelbahn/update_regioncache")
+@login_required
def rodelbahn_update_regioncache():
- pass
+ return RodelbahnController().update_regioncache()
+
+
+@app.route("/rodelbahn/update_mapcache")
+@login_required
+def rodelbahn_update_mapcache():
+ return RodelbahnController().update_mapcache()
@app.route("/bericht/list")
+@login_required
+@admin_permission.require(403)
def bericht_list():
- pass
+ return BerichtController().list()
+
+
+@app.route("/bericht/view/<int:id>")
+@login_required
+@admin_permission.require(403)
+def bericht_view(id):
+ return BerichtController().view(id)
+
+
+@app.route("/bericht/change_date_invalid/<int:id>", methods=['POST'])
+@login_required
+@admin_permission.require(403)
+def bericht_change_date_invalid(id):
+ return BerichtController().change_date_invalid(id)
+
+
+@app.route("/bericht/update_reportcache")
+@login_required
+def bericht_update_reportcache():
+ return BerichtController().update_reportcache()
@app.route("/gasthaus/list")
+@login_required
def gasthaus_list():
- pass
+ return GasthausController().list()
+
+
+@app.route("/gasthaus/view/<int:id>")
+@login_required
+def gasthaus_view(id):
+ return GasthausController().view(id)
+
+
+@app.route("/gasthaus/update")
+@login_required
+def gasthaus_update():
+ return GasthausController().update()
@app.route("/coordtool/index")
+@login_required
def coordtool_index():
- pass
+ return CoordtoolController().index()
+
+
+@app.route("/coordtool/convert", methods=['POST'])
+@login_required
+def coordtool_convert():
+ return CoordtoolController().convert()
+
+
+@app.route("/login", methods=['GET', 'POST'])
+def login():
+ form = LoginForm()
+ if form.validate_on_submit():
+ user = wradmin.model.meta.Session.query(wradmin.model.MwUser).filter_by(user_name=form.user_name.data).first()
+ if user is not None and password_is_correct(form.password.data, user.user_password.decode()):
+ login_user(user, form.remember_me.data)
+ identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
+ next = request.args.get('next')
+ if next is None or not next.startswith('/'):
+ next = url_for('index')
+ flash('Sie sind nun angemeldet.')
+ return redirect(next)
+ flash('Ungülter Benutzername oder ungültiges Passwort.')
+ return render_template('auth/login.html', form=form)
+
+
+@app.route("/logout")
+def logout():
+ logout_user()
+ for key in ('identity.name', 'identity.auth_type'):
+ session.pop(key, None)
+ identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
+ flash('Sie wurden ausgeloggt.')
+ return redirect(url_for('index'))
+
+
+@login_manager.user_loader
+def user_loader(user_id):
+ return wradmin.model.meta.Session.query(wradmin.model.MwUser).get(user_id)
+
+
+@identity_loaded.connect_via(app)
+def on_identity_loaded(sender, identity):
+ identity.user = current_user
+ user_id = current_user.get_id()
+ if user_id is not None:
+ identity.provides.add(UserNeed(user_id))
+ if wradmin.model.meta.Session.query(wradmin.model.MwUserGroups).get((user_id, 'sysop')) is not None:
+ identity.provides.add(RoleNeed('admin'))
ToastFreeware / philipp / winterrodeln / wradmin.git / blobdiff