def register_users_from_manifest(user_datastore: SQLAlchemyUserDatastore, manifest: Dict) -> None:
"""Register the users and roles in a manifest.
:param user_datastore: A user data store
:param dict manifest: A manifest dictionary, which contains two keys: ``roles`` and ``users``. The ``roles``
key corresponds to a list of dictionaries containing ``name`` and ``description`` entries. The ``users`` key
corresponds to a list of dictionaries containing ``email``, ``password``, and ``name`` entries
as well as a optional ``roles`` entry with a corresponding list relational to the names in the ``roles``
entry in the manifest.
"""
for role in manifest['roles']:
user_datastore.find_or_create_role(**role)
for user_manifest in manifest['users']:
email = user_manifest['email']
user = user_datastore.find_user(email=email)
if user is None:
logger.info(f'creating user: {email}')
user = user_datastore.create_user(
confirmed_at=datetime.datetime.now(),
email=email,
password=user_manifest['password'],
name=user_manifest['name'],
)
for role_name in user_manifest.get('roles', []):
if user_datastore.add_role_to_user(user, role_name):
logger.info(f'registered {user} as {role_name}')
user_datastore.commit()
def create_app(config=Config):
app = Flask(__name__,
template_folder='../templates',
static_folder='../static')
app.config.from_object(config)
config.init_app(app)
mail.init_app(app)
db.init_app(app)
admin.init_app(app)
pagedown.init_app(app)
migrate.init_app(app, db)
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
Security(app, datastore=user_datastore, login_form=ExtendedLoginForm)
with app.test_request_context():
db.create_all()
user_datastore.find_or_create_role(name='admin',
description='Administrator')
if not user_datastore.get_user(app.config['ADMIN_EMAIL']):
user_datastore.create_user(email=app.config['ADMIN_EMAIL'],
password=app.config['ADMIN_PASSWORD'])
db.session.commit()
user_datastore.add_role_to_user(app.config['ADMIN_EMAIL'], 'admin')
db.session.commit()
return app
def create_roles_users():
log.info('Insert Role data in database')
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
admin = user_datastore.find_or_create_role(name='Admin',
description='Administrator')
user_datastore.find_or_create_role(name='api', description='API user')
user = user_datastore.create_user(email=app.config['ADMIN_EMAIL'],
password=app.config['ADMIN_PASSWORD'])
user_datastore.add_role_to_user(user, admin)
db.session.commit()
def testCreate(self):
init_db()
user_datastore = SQLAlchemyUserDatastore(db_session, User, Role)
security = Security(app, user_datastore)
user_datastore.find_or_create_role(name='admin',
description='Administrator')
user_datastore.find_or_create_role(name='end-user',
description='End user')
db_session.commit()
def create_admin_user(db, survey, email, password):
user_datastore = SQLAlchemyUserDatastore(db, WebUser, WebUserRole)
admin_role = user_datastore.find_or_create_role(name='admin')
user = user_datastore.create_user(email=email,
password=hash_password(password),
survey_id=survey.id)
user_datastore.add_role_to_user(user, admin_role)
def create_init_user(user_datastore: SQLAlchemyUserDatastore) -> None:
"""
TODO in doc:
在这里创建初始的角色和管理用户。
"""
user_datastore.find_or_create_role(name='root', description='系统管理员')
user_datastore.find_or_create_role(name='admin', description='管理员')
user_datastore.find_or_create_role(name='user', description='用户')
if not user_datastore.get_user('*****@*****.**'):
user_datastore.create_user(
email='*****@*****.**',
password=security_utils.encrypt_password('default_password'))
# TODO in doc:
# 如果还需要更多的初始用户,在这里创建
db.session.commit() # 在给用户分配角色前,必须commit这个User对象
user_datastore.add_role_to_user('*****@*****.**', 'root')
# TODO in doc:
# 在这里分配其他角色给初始用户
db.session.commit()
def create_user():
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
# db.drop_all()
# db.create_all()
# user_datastore.create_user(username='******', password='******')
# db.session.commit()
# print user_datastore.find_user(username='******')
for permissions, (name, desc) in Permission.PERMISSION_MAP.items():
user_datastore.find_or_create_role(name=name,
description=desc,
permissions=permissions)
for username, passwd, permissions in (('xjd', '123', (Permission.LOGIN,
Permission.EDITOR)),
('xilixjd', '123',
(Permission.ADMINISTER, ))):
user = user_datastore.create_user(username=username, password=passwd)
db.session.commit()
for permission in permissions:
user_datastore.add_role_to_user(
user,
user_datastore.find_role(
role=Permission.PERMISSION_MAP[permission][0]))
db.session.commit()
def make_admin(manager, email):
"""Make a pre-existing user an admin."""
# Example: python3 -m compath make_admin [email protected]
ds = SQLAlchemyUserDatastore(manager, User, Role)
user = ds.find_user(email=email)
if user is None:
click.echo('User not found')
sys.exit(0)
admin = ds.find_or_create_role('admin')
ds.add_role_to_user(user, admin)
ds.commit()
click.echo('User {} is now admin'.format(email))
def leave_book(self,book):
self.book.remove(book)
class Role(RoleMixin, db.Model):
id = db.Column(db.Integer,primary_key=True)
name = db.Column(db.String(200),index = True)
description = db.Column(db.String(250), index = True)
class Book(db.Model):
id = db.Column(db.Integer,primary_key=True)
name = db.Column(db.String(200),index = True)
author = db.Column(db.String(200),index = True)
genre = db.Column(db.String(200),index = True)
synopsis = db.Column(db.String(20000), index = True)
userNumber = db.Column(db.Integer, index = True)
user = db.relationship('User', secondary = book_user, lazy = 'select')
date_borrowed = db.Column(db.DateTime, default = datetime.utcnow)
def __init__(self,name,author,genre):
self.name = name
self.author = author
self.genre = genre
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore, register_form = RegisterUser)
user_datastore.find_or_create_role(name='end-user', description='End user')
user_datastore.find_or_create_role(name='admin', description='Administrator')
db.create_all()
def create_app(config_object=ProductionConfig):
app = Flask(__name__)
# Sentry(app, dsn='https://*****:*****@sentry.io/300199') # noqa
# CORS(app)
app.config.from_object(config_object)
db.init_app(app)
migrate.init_app(app, db)
csrf.init_app(app)
from Mandark.project import models
userstore = SQLAlchemyUserDatastore(db, models.User, models.Role)
Security(app, userstore)
@app.before_request
def before_request():
g.user = current_user
@app.errorhandler(404)
def not_found_error(e):
print(e)
return render_template('404.html', title='FourOhFour')
@app.errorhandler(500)
def internal_error():
return render_template('500.html', title='A server oops happened')
try:
with app.app_context():
userstore.find_or_create_role(name='admin',
description='Administrator')
userstore.find_or_create_role(name='moderator',
description='Moderator')
userstore.find_or_create_role(name='projectmgr',
description='Project Manager')
userstore.find_or_create_role(name='user',
description='General User')
userstore.create_user(email='*****@*****.**',
password=hash_password('admin'))
userstore.create_user(email='*****@*****.**',
password=hash_password('user'))
userstore.create_user(email='*****@*****.**',
password=hash_password('Allanice-001'))
userstore.add_role_to_user('*****@*****.**', 'admin')
userstore.add_role_to_user('*****@*****.**', 'user')
userstore.add_role_to_user('*****@*****.**', 'admin')
db.session.commit()
print('IGETHEE')
except OperationalError:
if app.debug:
print(OperationalError)
else:
pass
except Exception as e:
with app.app_context():
print(e)
db.session.rollback()
from Mandark.project.views import main, admin
app.register_blueprint(main.main)
app_admin = Admin(app,
'Administration Section',
template_mode='bootstrap3',
index_view=admin.MyAdminIndexView())
app_admin.add_view(admin.UserModelView(models.User, db.session))
app_admin.add_view(admin.RoleModelView(models.Role, db.session))
app_admin.add_view(admin.ProjectModelView(models.Project, db.session))
app_admin.add_view(admin.ProjectMgrModelView(models.Projectmgr,
db.session))
app_admin.add_view(
admin.OrganisationModelView(models.Organisation, db.session))
app_admin.add_view(
admin.ChangeRequestTypeView(models.ChangeRequestType, db.session))
app_admin.add_view(
admin.ChangeRequestSubmitterView(models.ChangeRequestSubmitter,
db.session))
app_admin.add_link(MenuLink(name='Back to Site', url='/'))
return app
def init_db(app):
"""
# import all modules here that might define models so that
# they will be registered properly on the metadata. Otherwise
# you will have to import them first before calling init_db()
Initializes database and creates the tables
"""
from app.models import db, Role, AdminLogin, Project
from flask_security import Security, SQLAlchemyUserDatastore
from flask_migrate import Migrate
db.init_app(app)
app.app_context().push()
# Initialize the SQLAlchemy data store and Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, AdminLogin, Role)
security_bp = Security(app, user_datastore)
# Initialize Flask-Migrate
migrate = Migrate(app, db)
# db.drop_all() # drops tables, won't drop functions or anything else
# db.create_all()
"""
only run configure_mappers() and create_all() once, because
create_all() will throw an error that the tsvector functions
already exist. With tables, create_all() can recognize they already
exist and then not create them again, but with functions it struggles
and will try to create the functions that already exist in the database.
"""
# db.configure_mappers() # need this to enable TsVector triggers
# db.create_all()
# # insert dummy data
# from app.dummy_data import insert_dummy_data
# insert_dummy_data(db)
# Create a default superuser that has all permissions
user_datastore.find_or_create_role(name="superuser_admins",
table_name='admins',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_roles",
table_name='roles',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_advisorapplicants",
table_name='advisorapplicants',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_advisors",
table_name='advisors',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_projects",
table_name='projects',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_specialties",
table_name='specialties',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_subspecialties",
table_name='subspecialties',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_bigfirms",
table_name='bigfirms',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_occupations",
table_name='occupations',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="superuser_occupationtypes",
table_name='occupationtypes',
can_read=True,
can_edit=True,
can_create=True,
can_delete=True)
user_datastore.find_or_create_role(name="can_edit_advisorapplicants")
user_datastore.find_or_create_role(name="can_create_advisors", )
if not user_datastore.get_user(app.config['SUPERUSER_ADMIN_EMAIL']):
user_datastore.create_user(email=app.config['SUPERUSER_ADMIN_EMAIL'],
password=app.config['SUPERUSER_ADMIN_PASSWORD'],
active=True,
analytics_access=True,
database_access=True)
db.session.commit()
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_admins")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_roles")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_advisorapplicants")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_advisors")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_projects")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_specialties")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_subspecialties")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_bigfirms")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_occupations")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "superuser_occupationtypes")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "can_edit_advisorapplicants")
user_datastore.add_role_to_user(app.config['SUPERUSER_ADMIN_EMAIL'], "can_create_advisors")
db.session.commit()
db.session.close()
return security_bp
timezone_offset_minutes = IntegerField(default=0)
user_datastore = SQLAlchemyUserDatastore(_db, User, Role)
try:
_db.create_all()
except OperationalError:
pass
Migrate(app, _db)
Security(app, user_datastore, register_form=RegisterForm, login_form=LoginForm)
admin_role = 'admin'
user_datastore.find_or_create_role(name=admin_role)
try:
user_datastore.commit()
except IntegrityError:
user_datastore.db.session.rollback()
def login_required(func):
if AppConfig.TESTING:
return func
return _login_required(func)
def admin_required(func):
def create_app():
myapp = Flask(__name__)
myapp.config['DEBUG'] = True
myapp.config['SECRET_KEY'] = 'super-secret'
myapp.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://'
# As of Flask-SQLAlchemy 2.4.0 it is easy to pass in options directly to the
# underlying engine. This option makes sure that DB connections from the
# pool are still valid. Important for entire application since
# many DBaaS options automatically close idle connections.
myapp.config["SQLALCHEMY_ENGINE_OPTIONS"] = {
"pool_pre_ping": True,
}
myapp.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
myapp.config['SECURITY_PASSWORD_SALT'] = 'onetwothreefourfive'
myapp.config['SECURITY_REGISTERABLE'] = True
myapp.config['SECURITY_CONFIRMABLE'] = False
myapp.config['SECURITY_RECOVERABLE'] = True
myapp.config['SECURITY_TRACKABLE'] = True
myapp.config['SECURITY_CHANGEABLE'] = True
myapp.config['MAIL_SERVER']='localhost'
myapp.config['MAIL_PORT']=8025
db.init_app(myapp)
mail.init_app(myapp)
db_admin.init_app(myapp)
from app.models import User, Role
from app.forms import ExtendedRegisterForm
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security.init_app(myapp, datastore=user_datastore,
register_form=ExtendedRegisterForm, confirm_register_form=ExtendedRegisterForm)
from app.main import bp as main_bp
myapp.register_blueprint(main_bp)
from app.db_admin import bp as db_admin_bp
myapp.register_blueprint(db_admin_bp)
# This is junk. This should be in the security blueprint, but the "myapp" variable is not
# available there, so I had to register it here.
# I thought I could put connect_via(bp), but that didn't work
# Here are some hints for fixing this
# https://stackoverflow.com/questions/16163139/catch-signals-in-flask-blueprint
# https://stackoverflow.com/questions/57866541/how-to-get-user-registered-signal-in-flask-user
# https://stackoverflow.com/questions/17146724/setting-a-default-role-in-flask-security?rq=1
@user_registered.connect_via(myapp)
def user_registered_sighandler(app, user, confirm_token):
default_role = user_datastore.find_role("user")
user_datastore.add_role_to_user(user, default_role)
db.session.commit()
# debug only for testing.
app_context = myapp.app_context()
app_context.push()
db.create_all()
# Create the Roles "admin" and "end-user" -- unless they already exist
user_datastore.find_or_create_role(name='admin', description='Administrator')
user_datastore.find_or_create_role(name='user', description='End user')
user_datastore.create_user(email='*****@*****.**', password='******')
user_datastore.create_user(email='*****@*****.**', password='******')
db.session.commit()
# Give one User has the "end-user" role, while the other has the "admin" role. (This will have no effect if the
# Users already have these Roles.) Again, commit any database changes.
user_datastore.add_role_to_user('*****@*****.**', 'user')
user_datastore.add_role_to_user('*****@*****.**', 'admin')
db.session.commit()
return myapp
app = Flask(__name__)
app.config.from_object('config')
db = SQLAlchemy(app)
CSRFProtect(app)
# set up the database model if not already set up
from app import models
db.create_all()
db.session.commit()
# setup the User/Role tables with flask-security, create base users/groups if neccessary
userstore = SQLAlchemyUserDatastore(db, models.User, models.Role)
sec = Security(app, userstore)
try:
with app.app_context():
userstore.find_or_create_role(name='admin', description='Administrator')
userstore.find_or_create_role(name='user', description='General user')
userstore.create_user(email=FIRST_USER_NAME,
password=utils.encrypt_password(FIRST_USER_PASS))
userstore.add_role_to_user(FIRST_USER_NAME, 'admin')
db.session.commit()
except: db.session.rollback()
# get the view controllers for the app
from app.views import main, admin, common
# set up main as a blueprint, add as many blueprints as necessary
app.register_blueprint(main.main)
# configure the admin interface, populate it with pages and links
app_admin = Admin(app, 'Flask Skeleton Admin', template_mode='bootstrap3', index_view=admin.AdminIndexView())
app = Flask(__name__)
app.config.from_object('config')
db = SQLAlchemy(app)
CsrfProtect(app)
# set up the database model if not already set up
from app import models
db.create_all()
db.session.commit()
# setup the User/Role tables with flask-security, create base users/groups if neccessary
userstore = SQLAlchemyUserDatastore(db, models.User, models.Role)
sec = Security(app, userstore)
try:
with app.app_context():
userstore.find_or_create_role(name='admin', description='Administrator')
userstore.find_or_create_role(name='user', description='General user')
userstore.create_user(email=FIRST_USER_NAME,
password=utils.encrypt_password(FIRST_USER_PASS))
userstore.add_role_to_user('admin', 'admin')
db.session.commit()
except: db.session.rollback()
# get the view controllers for the app
from app.views import main, admin, common
# set up main as a blueprint, add as many blueprints as necessary
app.register_blueprint(main.main)
# configure the admin interface, populate it with pages and links
app_admin = Admin(app, 'Flask Skeleton Admin', template_mode='bootstrap3', index_view=admin.AdminIndexView())
def create_app(test_config=None):
# create and configure the app
app = Flask(__name__, instance_relative_config=True)
app.config.from_object(os.environ['APP_SETTINGS'])
db.init_app(app)
db.app = app
# hook up mail
mail = Mail(app)
try:
# initialize data store and setup roles, security
# this will fail if the db does not exist ...
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
user_datastore.find_or_create_role(name='admin',
description='Administrator')
user_datastore.find_or_create_role(name='client', description='Client')
user_datastore.commit()
security = Security(app, user_datastore)
except:
pass
with app.app_context():
# Create admin
if admin.app is None:
admin.init_app(app)
app.config['FLASK_ADMIN_SWATCH'] = 'cosmo'
admin.add_view(UserAdmin(User, db.session))
admin.add_view(RoleAdmin(Role, db.session))
admin.add_view(BaseAdmin(Company, db.session))
admin.add_view(BaseAdmin(UserRequest, db.session))
admin.add_view(BaseAdmin(Project, db.session))
admin.add_view(BaseAdmin(ServiceAgreement, db.session))
# Initialize the plugin manager
plugin_manager = PluginManager(app)
plugins = get_enabled_plugins()
if test_config is None:
# load the instance config, if it exists, when not testing
app.config.from_pyfile('config.py', silent=True)
else:
# load the test config if passed in
app.config.from_mapping(test_config)
# ensure the instance folder exists
try:
os.makedirs(app.instance_path)
except OSError:
pass
app.register_blueprint(user_bp)
app.register_blueprint(company_bp)
app.register_blueprint(request_bp)
app.register_blueprint(project_bp)
# internal version
@app.route('/version')
def version():
return app_version
# index
@app.route("/")
def index():
return render_template("index.html")
@app.route("/plugins")
@login_required
def plugins():
return render_template("plugins.html",
plugins=get_enabled_plugins())
@app.route("/disable/<plugin>")
def disable(plugin):
plugin = get_plugin(plugin)
plugin_manager.disable_plugins([plugin])
return redirect(url_for("index"))
@app.route("/enable/<plugin>")
def enable(plugin):
plugin = get_plugin(plugin)
plugin_manager.enable_plugins([plugin])
return redirect(url_for("index"))
return app
def before_first_request():
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
user_datastore.find_or_create_role(name='admin',
description='Administrator')
user_datastore.find_or_create_role(name='end-user', description='End user')
db.session.commit()
timezone_offset_minutes = IntegerField(default=0)
user_datastore = SQLAlchemyUserDatastore(_db, User, Role)
try:
_db.create_all()
except OperationalError:
pass
Migrate(app, _db)
Security(app, user_datastore, register_form=RegisterForm, login_form=LoginForm)
admin_role = 'admin'
user_datastore.find_or_create_role(name=admin_role)
try:
user_datastore.commit()
except IntegrityError:
user_datastore.db.session.rollback()
def login_required(func):
if AppConfig.TESTING:
return func
return _login_required(func)
def admin_required(func):
