begin admin UI
This commit is contained in:
parent
bda66fbdde
commit
52ac438fcc
|
@ -511,6 +511,7 @@ class HBSYSTEM(DatagramProtocol):
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
## # If UMS down, default to base 64 auth
|
## # If UMS down, default to base 64 auth
|
||||||
## logger.info(e)
|
## logger.info(e)
|
||||||
|
_new_peer_id = bytes_4(int(str(int_id(_peer_id))[:7]))
|
||||||
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
|
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
|
||||||
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
|
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
|
||||||
ums_down = True
|
ums_down = True
|
||||||
|
|
|
@ -174,26 +174,29 @@ def create_app():
|
||||||
@app.route('/generate_passphrase', methods = ['GET'])
|
@app.route('/generate_passphrase', methods = ['GET'])
|
||||||
@login_required
|
@login_required
|
||||||
def gen():
|
def gen():
|
||||||
#content = Markup('<strong>The HTML String</strong>')
|
try:
|
||||||
#user_id = request.args.get('user_id')
|
#content = Markup('<strong>The HTML String</strong>')
|
||||||
u = current_user
|
#user_id = request.args.get('user_id')
|
||||||
## print(u.username)
|
u = current_user
|
||||||
id_dict = ast.literal_eval(u.dmr_ids)
|
## print(u.username)
|
||||||
#u = User.query.filter_by(username=user).first()
|
id_dict = ast.literal_eval(u.dmr_ids)
|
||||||
## print(user_id)
|
#u = User.query.filter_by(username=user).first()
|
||||||
## print(request.args.get('mode'))
|
## print(user_id)
|
||||||
## if request.args.get('mode') == 'generated':
|
## print(request.args.get('mode'))
|
||||||
content = ''
|
## if request.args.get('mode') == 'generated':
|
||||||
for i in id_dict.items():
|
content = ''
|
||||||
if i[1] == '':
|
for i in id_dict.items():
|
||||||
content = content + '''\n
|
if i[1] == '':
|
||||||
<p style="text-align: center;">Your passphrase for <strong>''' + str(i[0]) + '''</strong>:</p>
|
content = content + '''\n
|
||||||
<p style="text-align: center;"><strong>''' + str(gen_passphrase(int(i[0]))) + '''</strong></p>
|
<p style="text-align: center;">Your passphrase for <strong>''' + str(i[0]) + '''</strong>:</p>
|
||||||
'''
|
<p style="text-align: center;"><strong>''' + str(gen_passphrase(int(i[0]))) + '''</strong></p>
|
||||||
elif i[1] == 0:
|
'''
|
||||||
content = content + '''\n<p style="text-align: center;">Using legacy auth</p>'''
|
elif i[1] == 0:
|
||||||
else:
|
content = content + '''\n<p style="text-align: center;">Using legacy auth</p>'''
|
||||||
content = content + '''\n<p style="text-align: center;">Using custom auth passphrase: ''' + str(i[1]) + '''</p>'''
|
else:
|
||||||
|
content = content + '''\n<p style="text-align: center;">Using custom auth passphrase: ''' + str(i[1]) + '''</p>'''
|
||||||
|
except:
|
||||||
|
content = Markup('<strong>No DMR IDs found or other error.</strong>')
|
||||||
|
|
||||||
|
|
||||||
#return str(content)
|
#return str(content)
|
||||||
|
@ -231,19 +234,22 @@ def create_app():
|
||||||
## content = u.dmr_ids
|
## content = u.dmr_ids
|
||||||
if request.method == 'POST' and request.args.get('callsign') and request.form.get('user_status'):
|
if request.method == 'POST' and request.args.get('callsign') and request.form.get('user_status'):
|
||||||
edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
|
edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
|
||||||
if request.form.get('user_status') == "True":
|
if request.form.get('user_status') != edit_user.active:
|
||||||
edit_user.active = True
|
if request.form.get('user_status') == "True":
|
||||||
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been enabled.</p>'''
|
edit_user.active = True
|
||||||
if request.form.get('user_status') == "False":
|
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been enabled.</p>'''
|
||||||
edit_user.active = False
|
if request.form.get('user_status') == "False":
|
||||||
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been disabled.</p>'''
|
edit_user.active = False
|
||||||
|
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been disabled.</p>'''
|
||||||
if request.form.get('username') != edit_user.username:
|
if request.form.get('username') != edit_user.username:
|
||||||
print(request.form.get('username'))
|
print(request.form.get('username'))
|
||||||
#print(edit_user.username)
|
#print(edit_user.username)
|
||||||
print('new uname')
|
print('new uname')
|
||||||
edit_user.username = request.form.get('username')
|
edit_user.username = request.form.get('username')
|
||||||
|
if request.form.get('dmr_ids') != edit_user.dmr_ids:
|
||||||
#db.session.commit()
|
edit_user.dmr_ids = request.form.get('dmr_ids')
|
||||||
|
content = '''<p style="text-align: center;">Changed authentication settings for user: <strong>''' + request.args.get('callsign') + '''</strong></p>'''
|
||||||
|
db.session.commit()
|
||||||
#edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
|
#edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
|
||||||
|
|
||||||
elif request.method == 'POST' and request.form.get('callsign') and not request.form.get('user_status'): # and request.form.get('user_status') :
|
elif request.method == 'POST' and request.form.get('callsign') and not request.form.get('user_status'): # and request.form.get('user_status') :
|
||||||
|
@ -262,7 +268,7 @@ def create_app():
|
||||||
|
|
||||||
<tr style="height: 51.1667px;">
|
<tr style="height: 51.1667px;">
|
||||||
<td style="height: 51.1667px; text-align: center;"><select name="user_status">
|
<td style="height: 51.1667px; text-align: center;"><select name="user_status">
|
||||||
<option selected="selected" value="''' + str(u.is_active) + '''">''' + str(u.is_active) + '''</option>
|
<option selected="selected" value="''' + str(u.is_active) + '''">Current: ''' + str(u.is_active) + '''</option>
|
||||||
<option value="True">True</option>
|
<option value="True">True</option>
|
||||||
<option value="False">False</option>
|
<option value="False">False</option>
|
||||||
</select></td></td>
|
</select></td></td>
|
||||||
|
@ -280,6 +286,12 @@ def create_app():
|
||||||
<input type="text" id="password" name="password" value="''' + u.password + '''"><br>
|
<input type="text" id="password" name="password" value="''' + u.password + '''"><br>
|
||||||
</td></tr>
|
</td></tr>
|
||||||
|
|
||||||
|
<tr style="height: 51.1667px;">
|
||||||
|
<td style="height: 51.1667px; text-align: center;">
|
||||||
|
<label for="username">RAW Python Dictionary of IDs:</label><br>
|
||||||
|
<input type="text" id="dmr_ids" name="dmr_ids" value="''' + str(u.dmr_ids) + '''"><br>
|
||||||
|
</td></tr>
|
||||||
|
|
||||||
<tr style="height: 27px;">
|
<tr style="height: 27px;">
|
||||||
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
|
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
|
@ -296,7 +308,7 @@ def create_app():
|
||||||
<table style="width: 600px; margin-left: auto; margin-right: auto;" border="3">
|
<table style="width: 600px; margin-left: auto; margin-right: auto;" border="3">
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
<td><form action="admin" method="POST">
|
<td><form action="edit_user" method="POST">
|
||||||
<table style="margin-left: auto; margin-right: auto;">
|
<table style="margin-left: auto; margin-right: auto;">
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr style="height: 62px;">
|
<tr style="height: 62px;">
|
||||||
|
@ -346,7 +358,7 @@ def create_app():
|
||||||
|
|
||||||
@app.route('/test')
|
@app.route('/test')
|
||||||
def test_peer():
|
def test_peer():
|
||||||
## #u = User.query.filter_by(username='kf7eel').first()
|
u = User.query.filter_by(username='kf7eel').first()
|
||||||
## u = User.query.filter(User.dmr_ids.contains('3153591')).first()
|
## u = User.query.filter(User.dmr_ids.contains('3153591')).first()
|
||||||
## #tu = User.query.all()
|
## #tu = User.query.all()
|
||||||
## #tu = User.query().all()
|
## #tu = User.query().all()
|
||||||
|
@ -375,12 +387,61 @@ def create_app():
|
||||||
#edit_user.active = False
|
#edit_user.active = False
|
||||||
|
|
||||||
#db.session.commit()
|
#db.session.commit()
|
||||||
print(type(current_user.has_roles))
|
print((current_user.has_roles('Admin')))
|
||||||
|
u.roles.append(Role(name='Admin'))
|
||||||
|
print((current_user.has_roles('Admin')))
|
||||||
|
#db.session.commit()
|
||||||
|
db.session.add(u)
|
||||||
|
db.session.commit()
|
||||||
return str(current_user.roles)
|
return str(current_user.roles)
|
||||||
|
|
||||||
|
@app.route('/add_admin', methods=['POST', 'GET'])
|
||||||
|
@roles_required('Admin')
|
||||||
|
def add_admin():
|
||||||
|
if request.method == 'GET':
|
||||||
|
content = '''
|
||||||
|
<td><form action="add_admin" method="POST">
|
||||||
|
<table style="margin-left: auto; margin-right: auto;">
|
||||||
|
<tbody>
|
||||||
|
<tr style="height: 51.1667px;">
|
||||||
|
<td style="height: 51.1667px; text-align: center;">
|
||||||
|
<label for="username">Username:</label><br>
|
||||||
|
<input type="text" id="username" name="username"><br>
|
||||||
|
</td></tr>
|
||||||
|
|
||||||
|
<tr style="height: 51.1667px;">
|
||||||
|
<td style="height: 51.1667px; text-align: center;">
|
||||||
|
<label for="username">Password:</label><br>
|
||||||
|
<input type="password" id="password" name="password" ><br>
|
||||||
|
</td></tr>
|
||||||
|
|
||||||
|
<tr style="height: 27px;">
|
||||||
|
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
</form></td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<p> </p>
|
||||||
|
'''
|
||||||
|
elif request.method == 'POST' and request.form.get('username'):
|
||||||
|
if not User.query.filter(User.username == request.form.get('username')).first():
|
||||||
|
user = User(
|
||||||
|
username='admin',
|
||||||
|
email_confirmed_at=datetime.datetime.utcnow(),
|
||||||
|
password=user_manager.hash_password(request.form.get('password')),
|
||||||
|
)
|
||||||
|
user.roles.append(Role(name='Admin'))
|
||||||
|
user.roles.append(Role(name='User'))
|
||||||
|
db.session.add(user)
|
||||||
|
db.session.commit()
|
||||||
|
content = 'Created user ' + str(request.form.get('username'))
|
||||||
|
else:
|
||||||
|
content = 'Created user ' + str(request.form.get('Error'))
|
||||||
|
|
||||||
|
return render_template('flask_user_layout.html', markup_content = Markup(content), logo = logo)
|
||||||
|
|
||||||
@app.route('/auth', methods=['POST'])
|
@app.route('/auth', methods=['POST'])
|
||||||
def auth():
|
def auth():
|
||||||
|
|
|
@ -44,13 +44,14 @@
|
||||||
<td style="text-align: center;"><a href={{ url_for('user.login') }}>Sign in</a></td>
|
<td style="text-align: center;"><a href={{ url_for('user.login') }}>Sign in</a></td>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if call_or_get(current_user.is_authenticated) %}
|
{% if call_or_get(current_user.is_authenticated) %}
|
||||||
|
{% if call_or_get(current_user.has_roles('Admin')) %}
|
||||||
|
<td style="text-align: center;"><a href={{url}}/edit_user>Edit a User</a></td>
|
||||||
|
<td style="text-align: center;"><a href={{url}}/add_admin>Add an Admin</a></td>
|
||||||
|
{% endif %}
|
||||||
<td style="text-align: center;"><a href={{url}}/generate_passphrase>View Passphrase(s)</a></td>
|
<td style="text-align: center;"><a href={{url}}/generate_passphrase>View Passphrase(s)</a></td>
|
||||||
<td style="text-align: center;"><a href="{{ url_for('user.edit_user_profile') }}">Edit {{ current_user.username or current_user.email }}</a></td>
|
<td style="text-align: center;"><a href="{{ url_for('user.edit_user_profile') }}">Edit {{ current_user.username or current_user.email }}</a></td>
|
||||||
<td style="text-align: center;"><a href={{ url_for('user.logout') }}>Sign out</a></td>
|
<td style="text-align: center;"><a href={{ url_for('user.logout') }}>Sign out</a></td>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</tr>
|
</tr>
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
|
Loading…
Reference in New Issue