def auth_session(): if 'auth_token' not in session: return jsonify({ 'token': 'err', 'username': '', 'message': 'not authenticated yet' }), 401 return jsonify({ 'token': session['auth_token'], 'username': session.get('username') })
def plugin_report(uuid): if request.method == "POST": if "description" in request.form: kelp_plugin_repo.create_plugin_report( uuid, session.get("username"), request.form.get("description"), request.form.get("type")) return render_template("plugins/plugins_report.html", success=True) return render_template("plugins/plugins_report.html", plugin=kelp_plugin_repo.get_plugin_by_uuid(uuid))
def auth(): if 'auth_token' not in session: return jsonify({ 'auth': False, 'message': 'not authenticated yet' }) if secrets.compare_digest(session['auth_token'], request.json.get('auth_token')): return jsonify({ 'auth': True, 'username': session.get('username') }) return jsonify({ 'auth': False, 'message': 'authentication timed out' })
def plugins_new(): if request.method == "POST" and "plugin_create" in request.form: return api_utils.craft_response( kelp_plugin_repo.create_plugin( request.form.get("plugin_name"), session.get("username"), request.form.get("plugin_short_description"), request.form.get("plugin_description"), request.files.get("plugin_icon"), request.files.get("plugin_banner"), (request.form.get("plugin_tags") or "").split(","), ), StopCodes.Success.OK) return render_template("plugins/plugins_new.html", tags=kelp_plugin_repo.get_all_tags())
def plugin_manage(): if not manage_permissions(session.get("username"), request.form[list( request.form.keys())[0]]): return abort(StopCodes.ClientError.Unauthorized) if "upload_plugin_file" in request.form: file = request.files.get("file") kelp_plugin_repo.upload_to_plugin( request.form.get("upload_plugin_file"), file, file.filename) if "add_plugin_link" in request.form: kelp_plugin_repo.add_link_to_plugin( request.form.get("add_plugin_link"), request.form.get("link"), request.form.get("name")) if "manage_files" in request.form: if "delete_file" in request.form: kelp_plugin_repo.remove_from_plugin( request.form.get("manage_files"), request.form.get("delete_file")) return api_utils.empty_success() return api_utils.craft_response( kelp_plugin_repo.get_plugin_file_list( request.form.get("manage_files")), StopCodes.Success.OK) if "change_plugin_icon" in request.form: kelp_plugin_repo.change_plugin_icon( request.form.get("change_plugin_icon"), request.files.get("picture")) if "change_plugin_banner" in request.form: kelp_plugin_repo.change_plugin_banner( request.form.get("change_plugin_banner"), request.files.get("picture")) if "edit_plugin_name" in request.form: kelp_plugin_repo.change_plugin_name( request.form.get("edit_plugin_name"), request.form.get("plugin_name")) if "edit_plugin_short_description" in request.form: kelp_plugin_repo.change_plugin_short_description( request.form.get("edit_plugin_short_description"), request.form.get("plugin_short_description")) if "edit_plugin_tags" in request.form: kelp_plugin_repo.set_plugin_tags(request.form.get("edit_plugin_tags"), request.form.get("plugin_tags")) if "edit_plugin_description" in request.form: kelp_plugin_repo.change_plugin_description( request.form.get("edit_plugin_description"), request.form.get("plugin_description")) if "remove_plugin" in request.form: kelp_plugin_repo.remove_plugin(request.form.get("remove_plugin")) return api_utils.empty_success()
def wrapper(*args, **kwargs): category = db_session.query(Category).filter_by(id=kwargs['category_id']).first() if category and session.get('user_id') == category.user_id: return func(*args, **kwargs) else: abort(403)
def wrapper(*args, **kwargs): item = db_session.query(Item).filter_by(id=kwargs['item_id'], category_id=kwargs['category_id']).first() if item and session.get('user_id') == item.user_id: return func(*args, **kwargs) else: abort(403)
def wrapper(*args, **kwargs): if session.get('username'): return func(*args, **kwargs) else: flash('You should be logged in to perform this operation') return redirect(url_for('showLogin'))