def decorated(*args, **kwargs): app_id = kwargs.get('app_id') try: request.app = Application.objects(id=app_id).get() except Application.DoesNotExist: return abort(404) if not is_super_user() and session.get_admin_account() not in request.app.admins: return abort(403) return f(*args, **kwargs)
def app_search(): query = request.args.get('q', '') page = int(request.args.get('page', 1)) - 1 size = 20 results = [] if query == '': results = [Application.objects(id=embedded.application_id).get() for embedded in ApplicationEmbedded.objects( campus_ids__in=[request.campus.id]).skip(page*size).limit(size)] else: es = Elasticsearch(hosts=app.config.get('ELASTICSEARCH_HOSTS')) search_body = { 'from': page*size, 'size': size, 'sort': ['_score'], 'query': { 'bool': { 'must': [ { 'term': { 'embedded_app.campus_ids': str(request.campus.id) } }, { 'query_string': { "default_field": "_all", "query": query } } ] } } } res = es.search(index='embedded_app_list', body=search_body) for result_app in res.get('hits').get('hits'): results.append({ 'id': result_app.get('_source').get('app_id'), 'name': result_app.get('_source').get('name'), 'description': result_app.get('_source').get('description'), }) if page > 1 and len(results) < 1: return abort(404) return render_template('module/app/search.html', results=results, next_page=page+2, query=query)
def create_app(): if not session.get_admin_account(): return abort(403) if request.method == 'POST': application = Application() application.name = request.form.get('app_name') application.created_at = datetime.utcnow() application.admins = [session.get_admin_account()] application.save() return redirect(url_for('console.app_state', app_id=application.id)) return render_template('developer/console/app/create.html', is_super_user=is_super_user())
def app_list(): page = int(request.args.get('page', 1)) projects = [] if is_super_user(): objects = Application.objects.skip((page-1)*10).limit(10) else: objects = Application.objects(admins__in=[session.get_admin_account()]).skip((page-1)*10).limit(10) for app in objects: projects.append({ 'project_id': str(app.id), 'project_type': 'app', 'project_name': '%s' % app.name }) if page != 1 and len(projects) < 1: return abort(404) return render_template('developer/console/main.html', projects=projects, view_create=True, next_page=page+1)
def oauth2_authorize(): client_id = request.args.get('client_id') redirect_uri = request.args.get('redirect_uri') response_type = request.args.get('response_type') scope = [scope.strip() for scope in request.args.get('scope', '').split(',')] if not (client_id and redirect_uri and response_type): return jsonify({'error': 'invalid_request'}), 400 try: client = ApplicationOAuth2Client.objects(id=client_id).get() except ApplicationOAuth2Client.DoesNotExist: return jsonify({'error': 'unauthorized_client'}), 400 check_redirect_uri = False for accept_redirect_uri in client.redirect_uris: if redirect_uri.startswith(accept_redirect_uri): check_redirect_uri = True if not check_redirect_uri: return 'redirect_uri error', 400 if not session.get_account(): if request.method == 'GET': return render_template('api/oauth2/login.html') else: account_id = request.form.get('account_id') account_pw = request.form.get('account_pw') from opencampus.module.account.models import Account try: Account.login(account_id, account_pw) except: return render_template('api/oauth2/login.html') check_accept = True try: accept = OAuth2AccountAccept.objects(client_id=client_id, account_id=session.get_account().id).get() for s in scope: if accept and s not in accept.scope: check_accept = False except OAuth2AccountAccept.DoesNotExist: check_accept = False accept = None if not check_accept: if request.method == 'GET': return render_template('api/oauth2/permission.html', app=Application.objects(id=client.application_id).get(), scope=scope, scope_name=SCOPE) elif request.method == 'POST': token = session.get('csrf_token') if not token or token != request.form.get('csrf_token'): return abort(403) if not accept: accept = OAuth2AccountAccept() accept.client_id = client_id accept.account_id = session.get_account().id accept.created_at = datetime.utcnow() accept.scope = scope accept.save() if response_type == 'token': token = OAuth2AccessToken.create_token('account', session.get_account().id, client_id=client.id, scope=accept.scope) token.save() return redirect(redirect_uri + '?access_token=' + token.access_token) elif response_type == 'code': code = OAuth2AuthorizationCode.create_code(client.id, session.get_account().id, scope=accept.scope) return redirect(redirect_uri + '?code=' + code.code) else: return jsonify({'error': 'unsupported_response_type'}), 400