def script_xml(scrname):
global dir_scripts
acl = get_ACL(scrname)
if acl == None:
return ("NOT FOUND", 404, {})
else:
log(4, "running script_json() ...")
if current_user.has_groups(acl):
try:
args = decode_xml(request.data)
(code, out, err) = run_script(dir_scripts, scrname, args)
res = {"response": {"code": code, "out": out, "err": err}}
log(4, "result = " + dict2str(res))
if code == 0:
log(4, out)
return make_response(encode_xml(res), 200)
else:
log(3, err)
return make_response(encode_xml(res), 200)
except Exception as err:
log(1, str(err))
return ("Internal Server Error", 500, {})
else:
return ("FORBIDDEN", 403, {})
def render_page(htmlfile):
log(4, "template page: %s" % htmlfile)
page = get_page(htmlfile)
if page == None:
return ("NOT FOUND", 404, {})
else:
if current_user.has_groups(page.ACL):
return render_template(htmlfile, title=cfg_get("AppTitle"))
else:
return ("FORBIDDEN", 403, {})
def wrapper(*args, **kwargs):
# If authentication stuff is disabled, do nothing.
if current_app.login_manager._login_disabled:
return func(*args, **kwargs)
# If the user is NOT authenticated, this user is unauthorized.
elif not current_user.is_authenticated:
return current_app.login_manager.unauthorized()
# If the user authenticated, and the all flag is set, we need to
# see if the user is a member of *ALL* groups.
if all and not current_user.has_groups(groups):
return current_app.login_manager.unauthorized()
# If the all flag is NOT set, we need to make sure the user is a
# member of at least one group.
elif not current_user.has_groups(groups, all=False):
return current_app.login_manager.unauthorized()
# Lastly, if the user has successfully passsed all authentication /
# authorization challenges, we'll allow them in.
return func(*args, **kwargs)
def wrapper(*args, **kwargs):
# If authentication stuff is disabled, do nothing.
if current_app.login_manager._login_disabled:
return func(*args, **kwargs)
# If the user is NOT authenticated, this user is unauthorized.
elif not current_user.is_authenticated:
return current_app.login_manager.unauthorized()
# If the user authenticated, and the all flag is set, we need to
# see if the user is a member of *ALL* groups.
if all and not current_user.has_groups(groups):
return current_app.login_manager.unauthorized()
# If the all flag is NOT set, we need to make sure the user is a
# member of at least one group.
elif not current_user.has_groups(groups, all=False):
return current_app.login_manager.unauthorized()
# Lastly, if the user has successfully passsed all authentication /
# authorization challenges, we'll allow them in.
return func(*args, **kwargs)
def home():
title = cfg_get("AppTitle")
pages = []
is_admin = current_user.has_group("admins")
if is_admin:
pages.append((url_for('handle_users'), "Manage Users"))
pg = get_pages()
for p in pg:
page = get_page(p)
if current_user.has_groups(page.ACL):
pages.append((url_for('render_page', htmlfile=page.template), page.description))
return render_template('home.html', title=title, pages=pages)
def script_form(scrname):
global dir_scripts
acl = get_ACL(scrname)
if acl == None:
return ("NOT FOUND", 404, {})
else:
log(4, "running script_form() ...")
if current_user.has_groups(acl):
log(4, request.args)
(code, out, err) = run_script(dir_scripts, scrname, request.args)
if code == 0:
log(1, out)
return make_response(str(code) + '\n' + out, 200)
else:
return make_response(str(code) + '\n' + err, 200)
log(3, err)
else:
return ("FORBIDDEN", 403, {})