def add():
    if isinstance(request.json, dict):
        path = request.json.get('path', None)
        filename = request.json.get('filename', None)
        write_log = request.json.get('write_log', None)
        send_mail = request.json.get('send_mail', None)
        comment = request.json.get('comment', None)

        if isinstance(path, str) and isinstance(filename, str) and isinstance(
                write_log, bool) and isinstance(
                    send_mail, bool) and isinstance(comment, str):
            rule = Rule.query.filter_by(path=path).first()
            if rule is None:
                rule = Rule(path=path,
                            filename=filename,
                            write_log=write_log,
                            send_mail=send_mail,
                            comment=comment)
                db.session.add(rule)
                db.session.commit()
                return jsonify(Response.success('添加成功'))
            else:
                return jsonify(Response.failed('已经存在此规则'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def modify():
    if isinstance(request.json, dict):
        rule_id = request.json.get('rule_id', None)
        path = request.json.get('path', None)
        filename = request.json.get('filename', None)
        write_log = request.json.get('write_log', None)
        send_mail = request.json.get('send_mail', None)
        comment = request.json.get('comment', None)

        if isinstance(rule_id, int):
            rule = Rule.query.filter_by(rule_id=rule_id).first()
            if rule is not None:
                if isinstance(path, str):
                    rule.path = path
                if isinstance(filename, str):
                    rule.filename = filename
                if isinstance(write_log, bool):
                    rule.write_log = write_log
                if isinstance(send_mail, bool):
                    rule.send_mail = send_mail
                if isinstance(comment, str):
                    rule.comment = comment

                db.session.add(rule)
                db.session.commit()
                return jsonify(Response.success('修改成功'))
            else:
                return jsonify(Response.failed('规则不存在'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def modify():
    if isinstance(request.json, dict):
        filename = request.json.get('filename', None)
        new_filename = request.json.get('new_filename', None)
        content = request.json.get('content', None)
        if isinstance(filename, str):
            filename = secure_filename(filename)
            path = join(UPLOAD_PATH, filename)
            if exists(path):
                if isinstance(content, str):
                    file = open(path, 'w')
                    file.write(content)
                    file.close()

                if isinstance(new_filename, str):
                    new_filename = secure_filename(new_filename)
                    rename(path, join(UPLOAD_PATH, new_filename))

                return jsonify(Response.success('修改成功'))
            else:
                return jsonify(Response.failed('文件不存在'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def modify():
    if isinstance(request.json, dict):
        TEMP_FILE_SAVE = request.json.get('TEMP_FILE_SAVE', None)
        RECV_MAIL_ADDR = request.json.get('RECV_MAIL_ADDR', None)
        ADMIN_PASSWORD = request.json.get('ADMIN_PASSWORD', None)
        ORIGINAL_ADMIN_PASSWORD = request.json.get('ORIGINAL_ADMIN_PASSWORD',
                                                   None)

        if isinstance(TEMP_FILE_SAVE, bool):
            cached_config.TEMP_FILE_SAVE = TEMP_FILE_SAVE
        if isinstance(RECV_MAIL_ADDR, str):
            cached_config.RECV_MAIL_ADDR = RECV_MAIL_ADDR
        if isinstance(ADMIN_PASSWORD, str) and isinstance(
                ORIGINAL_ADMIN_PASSWORD, str):
            if compare_digest(cached_config.ADMIN_PASSWORD,
                              passwd_hash(ORIGINAL_ADMIN_PASSWORD,
                                          LOGIN_SALT)):
                cached_config.ADMIN_PASSWORD = passwd_hash(
                    ADMIN_PASSWORD, LOGIN_SALT)
                return jsonify(Response.success('修改成功'))
            else:
                return jsonify(Response.failed('原密码错误'))
        return jsonify(Response.success('修改成功'))
    else:
        return jsonify(Response.invalid('参数无效'))
def delete_all():
    if isinstance(request.json, dict):
        delete = request.json.get('delete', None)
        if isinstance(delete, bool) and delete:
            AccessLog.query.delete()
            db.session.commit()
            return jsonify(Response.success('清空成功'))
        else:
            return jsonify(Response.invalid('无效请求'))
    else:
        return jsonify(Response.invalid('无效请求'))
def add():
    file = request.files.get('file', None)
    if file:
        filename = secure_filename(file.filename)
        path = join(UPLOAD_PATH, filename)
        if not exists(path):
            file.save(path)
            return jsonify(Response.success('上传成功'))
        else:
            return jsonify(Response.failed('已存在同名文件'))
    else:
        return jsonify(Response.invalid('无效参数'))
def delete_all():
    if isinstance(request.json, dict):
        delete = request.json.get('delete', None)
        if isinstance(delete, bool) and delete:
            temp_files = listdir(TEMP_FILE_PATH)
            for filename in temp_files:
                path = join(TEMP_FILE_PATH, filename)
                unlink(path)
            return jsonify(Response.success("清空成功"))
        else:
            return jsonify(Response.invalid('无效请求'))
    else:
        return jsonify(Response.invalid('无效请求'))
def delete():
    if isinstance(request.json, dict):
        filename = request.json.get('filename', None)
        if isinstance(filename, str):
            filename = secure_filename(filename)
            path = join(UPLOAD_PATH, filename)
            if exists(path):
                unlink(path)
                return jsonify(Response.success('删除成功'))
            else:
                return jsonify(Response.failed('删除的文件不存在'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def delete():
    if isinstance(request.json, dict):
        rule_id = request.json.get('rule_id', None)

        if isinstance(rule_id, int):
            rule = Rule.query.filter_by(rule_id=rule_id).first()
            if rule is not None:
                db.session.delete(rule)
                db.session.commit()
                return jsonify(Response.success('删除成功'))
            else:
                return jsonify(Response.failed('规则不存在'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def download():
    if isinstance(request.json, dict):
        filename = request.json.get('filename', None)
        if isinstance(filename, str):
            filename = secure_filename(filename)
            path = join(TEMP_FILE_PATH, filename)
            if exists(path):
                return send_file(path,
                                 as_attachment=True,
                                 attachment_filename=filename)
            else:
                return jsonify(Response.failed('文件不存在')), 400
        else:
            return jsonify(Response.invalid('参数无效')), 400
    else:
        return jsonify(Response.invalid('参数无效')), 400
def list():
    if isinstance(request.json, dict):
        page = request.json.get('page', None)
        page_size = request.json.get('page_size', None)
        filter = request.json.get('filter', None)

        if page is None:
            page = 0
        if page_size is None:
            page_size = 35
        if filter is None:
            filter = {}

        if isinstance(page, int) and isinstance(page_size, int) and isinstance(
                filter, dict):
            query = db.session.query(AccessLog)

            available_filter = {
                'client_ip': AccessLog.client_ip.__eq__,
                'path': AccessLog.path.__eq__,
                'method': AccessLog.method.__eq__,
                'time_before': AccessLog.log_time.__le__,
                'time_after': AccessLog.log_time.__ge__
            }

            for key in filter:
                if isinstance(filter[key], str) and key in available_filter:
                    query = query.filter(available_filter[key](filter[key]))

            access_logs = query.order_by(db.text('-log_id')).offset(
                page * page_size).limit(page_size).all()
            count = query.count()

            for i in access_logs:
                i.region = get_region_from_ip(i.client_ip, ip2Region)
                i.log_time = i.log_time.strftime('%Y-%m-%d %H:%M:%S')

            paged = PagedResponse(payload=access_logs,
                                  total_page=ceil(count / page_size),
                                  curr_page=page)
            return jsonify(Response.success('', paged))
        else:
            return jsonify(Response.invalid('无效请求'))
    else:
        return jsonify(Response.invalid('无效请求'))
def login():
    if isinstance(request.json, dict):
        password = request.json.get('password', None)
        username = request.json.get('username', None)

        if isinstance(username, str) and isinstance(
                password, str) and compare_digest(
                    cached_config.ADMIN_PASSWORD,
                    passwd_hash(password, LOGIN_SALT)):
            token = sign_token().decode()
            system_log = SystemLog(
                log_content=f'Admin login with username [{username}]')
            db.session.add(system_log)
            db.session.commit()
            return jsonify(Response.success('登录成功', token))
        else:
            return jsonify(Response.failed('用户名或密码错误'))
    else:
        return jsonify(Response.invalid('无效请求'))
def preview():
    if isinstance(request.json, dict):
        filename = request.json.get('filename', None)
        if isinstance(filename, str):
            filename = secure_filename(filename)
            path = join(TEMP_FILE_PATH, filename)
            if exists(path) and getsize(path) < MAX_PREVIEW_SIZE:
                file = open(path, 'rb')
                content = file.read()
                try:
                    content = content.decode('utf-8')
                    return jsonify(Response.success('', content))
                except Exception:
                    return jsonify(Response.failed('文件过大或者文件不是纯文本, 无法预览'))
            else:
                return jsonify(Response.failed('文件不存在'))
        else:
            return jsonify(Response.invalid('参数无效'))
    else:
        return jsonify(Response.invalid('参数无效'))
def list():
    file_list = listdir(UPLOAD_PATH)
    payload = []

    for file in file_list:
        path = join(UPLOAD_PATH, file)
        size = getsize(path)
        mttime = getmtime(path)
        _isdir = isdir(path)
        payload.append({
            'filename': file,
            'size': size,
            'mttime': mttime,
            'dir': _isdir
        })
    return jsonify(Response.success('', payload))
def list():
    system_logs = SystemLog.query.order_by(db.text('-log_id')).all()
    for log in system_logs:
        log.log_time = log.log_time.strftime('%Y-%m-%d %H:%M:%S')
    return jsonify(Response.success('', system_logs))
Beispiel #16
0
 def decorator(*args, **kwargs):
     if JWT_HEADER in request.headers and verify_token(
             request.headers[JWT_HEADER]):
         return func(*args, **kwargs)
     else:
         return make_response(jsonify(Response(403, 'Forbidden')), 403)
def list():
    rule_list = Rule.query.all()
    for rule in rule_list:
        rule.create_time = rule.create_time.strftime('%Y-%m-%d %H:%M:%S')
    return jsonify(Response.success('', rule_list))
def get_salt():
    return jsonify(Response.success("", LOGIN_SALT))
def status():
    if jwt_auth:
        return jsonify(Response.success())
    else:
        return jsonify(Response.failed())
def list():
    configs = {
        'TEMP_FILE_SAVE': cached_config.TEMP_FILE_SAVE,
        'RECV_MAIL_ADDR': cached_config.RECV_MAIL_ADDR
    }
    return jsonify(Response.success("", configs))
def get_last_id():
    log = db.session.query(AccessLog).order_by(db.text('-log_id')).first()
    if log:
        return jsonify(Response.success('', log.log_id))
    else:
        return jsonify(Response.success('', 0))