def check_passwd_for_svcdb(user_id, password):
package_name = 'pkg_user_auth'
if StrUtil.get_safe_config(current_app,
'PROJECT_STAGE') == Const.DEVELOPMENT:
package_name = 'pkg_user_auth_debug'
current_sqlalchemy_echo = StrUtil.get_safe_config(
current_app, 'SQLALCHEMY_ECHO')
# 認証SQLのログを出力しないようにする
db.session.bind.echo = False
returnVal = db.session.execute(
'select ' + package_name +
'.check_passwd_for_svcdb(:user_id, :password) as val from dual', {
'user_id': user_id,
'password': password
}).fetchone().val
# 現状設定に戻す
db.session.bind.echo = current_sqlalchemy_echo
if returnVal == 0:
return True
return False
def get_adm_session_info(session_id):
current_time = datetime.now()
return SvcdbSessionTable.query.filter_by(cookie_name=StrUtil.get_safe_config(current_app, 'SVCDB_SYS_COOKIE'),
session_id=session_id) \
.filter(SvcdbSessionTable.login_date >= current_time - timedelta(days=7)) \
.filter(SvcdbSessionTable.login_date <= current_time).first()
def decompress_file(params):
params['df'] = None
if params['disp_mode'] == 'edit':
print(params['disp_mode'])
svcdbFileWkE = SvcdbFileWk()
attacheFile = svcdbFileWkE.getFile(params['edit_id'],
params['file_id'])
else:
svcdbFileE = SvcdbFile()
attacheFile = svcdbFileE.getFile(params['file_id'])
if attacheFile is not None:
try:
file_path = os.path.join(attacheFile.dir_name,
attacheFile.c_file_name)
unzip_dir_path = str(
StrUtil.get_safe_config(current_app, 'DOWNLOAD_DIR_PATH'))
unzip_file_path = FileUtil.unzip_file(file_path, unzip_dir_path,
attacheFile.file_id)
params['attacheFile'] = attacheFile
params['df'] = unzip_file_path
except FileNotFoundError:
print("FileNotFoundError")
return params
def wrapper(*args, **kwargs):
logout_user()
StrUtil.print_debug('adm_login_required. func=[' + func.__name__ +
']')
session_id = flaskr.lib.svcdb_lib.session.get_session_id(
StrUtil.get_safe_config(current_app, 'SVCDB_SYS_COOKIE'))
if session_id:
StrUtil.print_debug(
'login_required. session_cookie_name:{0} session_id:{1}'.
format('ADMIN_SESSION_COOKIE', session_id))
cst = SvcdbSessionTable.get_adm_session_info(session_id)
if cst is None:
flash('invalid user_id or password')
return redirect(url_for('adm_login'))
# 取得したユーザIDでユーザ情報を取得する
user = User.query.filter_by(tuid=cst.user_id).first()
if user is None:
flash('invalid user_id or password')
return redirect(url_for('adm_login'))
# 管理者権限チェック
pkgSvcdbSecurity = PkgSvcdbSecurity()
if not pkgSvcdbSecurity.isAdminUser(user.tuid):
flash('利用権限がありません')
return redirect(
UserAuth._get_redirect_url(url_for('adm_login')))
login_user(user, False)
else:
StrUtil.print_debug('login_required. no session id got.')
return redirect(
UserAuth._get_redirect_url(url_for('adm_login')))
return func(*args, **kwargs)
from flask_login import current_user
from flaskr import create_app
from flaskr.lib.conf.config import Config
from flaskr.lib.conf.const import Const
from flaskr.lib.svcdb_lib.str_util import StrUtil
app = create_app()
@app.context_processor
def svcdb_processor():
resp_dict = {
"system_name": Const.SYSTEM_NAME,
"current_user": current_user,
"user_name":
current_user.get_user_name() if current_user.is_active else "",
"appVer": Config.APP_VER
}
return resp_dict
if __name__ == '__main__':
app.run(debug=StrUtil.get_safe_config(app, 'DEBUG'))
def get_max_upload_file_size():
max_upload_file_size = StrUtil.get_safe_config(
current_app, 'MAX_UPLOAD_FILE_SIZE_MB')
if not max_upload_file_size or max_upload_file_size <= 0:
max_upload_file_size = 40
return max_upload_file_size