def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED'] :
if not current_user.check_admin():
return jsonify({'status': 0,'msg':'Not Authorized'})
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0, 'msg': 'Not Authorized'})
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
siteid = request.view_args.get('siteid')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0, 'msg': 'Not Authorized'})
wifisite = Wifisite.query.filter_by(id=siteid).first()
if not wifisite:
current_app.logger.debug(
"Trying to acess unknown site ID:%s " % (request.url))
abort(404)
#check if File ID is belongs to the site
if id is not None:
filetocheck = Sitefile.query.filter_by(id=id).first()
if not filetocheck:
current_app.logger.debug(
"Trying to access unknown File:%s " % (request.url))
abort(404)
if filetocheck.site_id != wifisite.id:
current_app.logger.debug(
"Trying to access file which is not connected to the site ID specified URL:%s "
% (request.url))
abort(401)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
siteid = request.view_args.get('siteid')
wifisite = Wifisite.query.filter_by(id=siteid).first()
if not wifisite:
current_app.logger.debug(
"Client is trying to unknown site ID:%s " % (request.url))
abort(404)
#admin user can have full access
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0, 'msg': 'Not Authorized'})
if id:
#check if site ID is owned by the client
#check if landingpage ID is belongs to the site
landpage = Landingpage.query.filter_by(id=id).first()
if not landpage:
current_app.logger.debug(
"Trying to aceess invalid landingpage ID:%s " %
(request.url))
abort(404)
if landpage.site_id != wifisite.id:
current_app.logger.debug(
"Trying to aceess invalid landingpage ID:%s " %
(request.url))
abort(401)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED'] :
if not current_user.check_admin():
return jsonify({'status': 0,'msg':'Not Authorized'})
if id:
client = Client.query.filter_by(id=id).first()
if not client or client.account_id != current_user.account_id:
current_app.logger.error("Admin User ID:%s trying to access unauthorized client:%s URL:%s"%(current_user.id,id,request.url))
return jsonify({'status': 0,'msg':'Not Authorized'})
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
siteid = request.view_args.get('siteid')
wifisite = Wifisite.query.filter_by(id=siteid).first()
if not wifisite:
current_app.logger.debug("Client is trying to unknown site ID:%s "%(request.url))
abort(404)
#admin user can have full access
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin() and wifisite.client_id != current_user.id:
return jsonify({'status': 0,'msg':'Not Authorized'})
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0, 'msg': 'Not Authorized'})
if id:
client = Client.query.filter_by(id=id).first()
if not client or client.account_id != current_user.account_id:
current_app.logger.error(
"Admin User ID:%s trying to access unauthorized client:%s URL:%s"
% (current_user.id, id, request.url))
return jsonify({'status': 0, 'msg': 'Not Authorized'})
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
siteid = request.view_args.get('siteid')
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0,'msg':'Not Authorized'})
wifisite = Wifisite.query.filter_by(id=siteid).first()
if not wifisite:
current_app.logger.debug("Trying to acess unknown site ID:%s "%(request.url))
abort(404)
#check if File ID is belongs to the site
if id is not None:
filetocheck = Sitefile.query.filter_by(id=id).first()
if not filetocheck:
current_app.logger.debug("Trying to access unknown File:%s "%(request.url))
abort(404)
if filetocheck.site_id != wifisite.id:
current_app.logger.debug("Trying to access file which is not connected to the site ID specified URL:%s "%(request.url))
abort(401)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
id = request.view_args.get('id')
siteid = request.view_args.get('siteid')
wifisite = Wifisite.query.filter_by(id=siteid).first()
if not wifisite:
current_app.logger.debug("Client is trying to unknown site ID:%s "%(request.url))
abort(404)
#admin user can have full access
#perform additional permission checks
if not current_app.config['LOGIN_DISABLED']:
if not current_user.check_admin():
return jsonify({'status': 0,'msg':'Not Authorized'})
if id:
#check if site ID is owned by the client
#check if landingpage ID is belongs to the site
landpage = Landingpage.query.filter_by(id=id).first()
if not landpage:
current_app.logger.debug("Trying to aceess invalid landingpage ID:%s "%(request.url))
abort(404)
if landpage.site_id != wifisite.id:
current_app.logger.debug("Trying to aceess invalid landingpage ID:%s "%(request.url))
abort(401)
return f(*args, **kwargs)
