def auth_session():
if 'auth_token' not in session:
return jsonify({
'token': 'err', 'username': '', 'message': 'not authenticated yet'
}), 401
return jsonify({
'token': session['auth_token'], 'username': session.get('username')
})
def plugin_report(uuid):
if request.method == "POST":
if "description" in request.form:
kelp_plugin_repo.create_plugin_report(
uuid, session.get("username"), request.form.get("description"),
request.form.get("type"))
return render_template("plugins/plugins_report.html", success=True)
return render_template("plugins/plugins_report.html",
plugin=kelp_plugin_repo.get_plugin_by_uuid(uuid))
def auth():
if 'auth_token' not in session:
return jsonify({
'auth': False, 'message': 'not authenticated yet'
})
if secrets.compare_digest(session['auth_token'], request.json.get('auth_token')):
return jsonify({
'auth': True, 'username': session.get('username')
})
return jsonify({
'auth': False, 'message': 'authentication timed out'
})
def plugins_new():
if request.method == "POST" and "plugin_create" in request.form:
return api_utils.craft_response(
kelp_plugin_repo.create_plugin(
request.form.get("plugin_name"),
session.get("username"),
request.form.get("plugin_short_description"),
request.form.get("plugin_description"),
request.files.get("plugin_icon"),
request.files.get("plugin_banner"),
(request.form.get("plugin_tags") or "").split(","),
), StopCodes.Success.OK)
return render_template("plugins/plugins_new.html",
tags=kelp_plugin_repo.get_all_tags())
def plugin_manage():
if not manage_permissions(session.get("username"), request.form[list(
request.form.keys())[0]]):
return abort(StopCodes.ClientError.Unauthorized)
if "upload_plugin_file" in request.form:
file = request.files.get("file")
kelp_plugin_repo.upload_to_plugin(
request.form.get("upload_plugin_file"), file, file.filename)
if "add_plugin_link" in request.form:
kelp_plugin_repo.add_link_to_plugin(
request.form.get("add_plugin_link"), request.form.get("link"),
request.form.get("name"))
if "manage_files" in request.form:
if "delete_file" in request.form:
kelp_plugin_repo.remove_from_plugin(
request.form.get("manage_files"),
request.form.get("delete_file"))
return api_utils.empty_success()
return api_utils.craft_response(
kelp_plugin_repo.get_plugin_file_list(
request.form.get("manage_files")), StopCodes.Success.OK)
if "change_plugin_icon" in request.form:
kelp_plugin_repo.change_plugin_icon(
request.form.get("change_plugin_icon"),
request.files.get("picture"))
if "change_plugin_banner" in request.form:
kelp_plugin_repo.change_plugin_banner(
request.form.get("change_plugin_banner"),
request.files.get("picture"))
if "edit_plugin_name" in request.form:
kelp_plugin_repo.change_plugin_name(
request.form.get("edit_plugin_name"),
request.form.get("plugin_name"))
if "edit_plugin_short_description" in request.form:
kelp_plugin_repo.change_plugin_short_description(
request.form.get("edit_plugin_short_description"),
request.form.get("plugin_short_description"))
if "edit_plugin_tags" in request.form:
kelp_plugin_repo.set_plugin_tags(request.form.get("edit_plugin_tags"),
request.form.get("plugin_tags"))
if "edit_plugin_description" in request.form:
kelp_plugin_repo.change_plugin_description(
request.form.get("edit_plugin_description"),
request.form.get("plugin_description"))
if "remove_plugin" in request.form:
kelp_plugin_repo.remove_plugin(request.form.get("remove_plugin"))
return api_utils.empty_success()
def wrapper(*args, **kwargs):
category = db_session.query(Category).filter_by(id=kwargs['category_id']).first()
if category and session.get('user_id') == category.user_id:
return func(*args, **kwargs)
else:
abort(403)
def wrapper(*args, **kwargs):
item = db_session.query(Item).filter_by(id=kwargs['item_id'], category_id=kwargs['category_id']).first()
if item and session.get('user_id') == item.user_id:
return func(*args, **kwargs)
else:
abort(403)
def wrapper(*args, **kwargs):
if session.get('username'):
return func(*args, **kwargs)
else:
flash('You should be logged in to perform this operation')
return redirect(url_for('showLogin'))
