def create_test_user(self, email, password):
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
user = user_datastore.create_user(email=email, password=encrypt_password(password), confirmed_at=datetime.now())
user.role = 'Admin'
user.active = True
db.session.add(user)
db.session.commit()
db.session.refresh(user)
def create_user(email, role):
from flask_security import SQLAlchemyUserDatastore
from security_monkey.datastore import User
from security_monkey.datastore import Role
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
ROLES = ['View', 'Comment', 'Justify', 'Admin']
if role not in ROLES:
sys.stderr.write('[!] Role must be one of [{0}].\n'.format(' '.join(ROLES)))
sys.exit(1)
users = User.query.filter(User.email == email)
if users.count() == 0:
password1 = prompt_pass("Password")
password2 = prompt_pass("Confirm Password")
if password1 != password2:
sys.stderr.write("[!] Passwords do not match\n")
sys.exit(1)
user = user_datastore.create_user(email=email, password=password1, confirmed_at=datetime.now())
else:
sys.stdout.write("[+] Updating existing user\n")
user = users.first()
user.role = role
db.session.add(user)
db.session.commit()
def api_server(custom_settings=None):
# init server
server = Flask(__name__)
# init settings
server.config.from_object("settings.default")
server.config.from_envvar("SETTINGS", silent=True)
server.config.from_object(custom_settings)
# init db
db.init_app(server)
# init user
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security.init_app(server, user_datastore)
# import features
server.register_blueprint(index)
server.register_blueprint(dreams)
# render context
with server.app_context():
db.create_all()
if not User.query.first():
user_datastore.create_user(email="*****@*****.**", password=encrypt_password("user"))
db.session.commit()
return server
def seed_user(email, role, dept, password):
"""
Creates a new user in the database.
"""
from beacon.models.users import User, Role, Department
from flask_security import SQLAlchemyUserDatastore
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
seed_email = email if email else app.config.get("SEED_EMAIL")
user_exists = User.query.filter(User.email == seed_email).first()
department = Department.query.filter(Department.name == db.func.lower(dept)).first()
if user_exists:
print "User {email} already exists".format(email=seed_email)
else:
try:
user_datastore.create_user(
email=seed_email,
created_at=datetime.datetime.utcnow(),
department=department if department else None,
password=password,
roles=[Role.query.get(int(role))],
confirmed_at=datetime.datetime.now(),
)
db.session.commit()
print "User {email} successfully created!".format(email=seed_email)
except Exception, e:
print "Something went wrong: {exception}".format(exception=e.message)
def build_sample_db():
"""
Populate a small db with some example entries.
"""
import string
import random
db.drop_all()
db.create_all()
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
with app.app_context():
user_role = Role(name='user')
super_user_role = Role(name='superuser')
db.session.add(user_role)
db.session.add(super_user_role)
db.session.commit()
test_user = user_datastore.create_user(
first_name='Admin',
email='admin',
password=encrypt_password('admin'),
roles=[user_role, super_user_role]
)
first_names = [
'Harry', 'Amelia', 'Oliver', 'Jack', 'Isabella', 'Charlie', 'Sophie', 'Mia',
'Jacob', 'Thomas', 'Emily', 'Lily', 'Ava', 'Isla', 'Alfie', 'Olivia', 'Jessica',
'Riley', 'William', 'James', 'Geoffrey', 'Lisa', 'Benjamin', 'Stacey', 'Lucy'
]
last_names = [
'Brown', 'Smith', 'Patel', 'Jones', 'Williams', 'Johnson', 'Taylor', 'Thomas',
'Roberts', 'Khan', 'Lewis', 'Jackson', 'Clarke', 'James', 'Phillips', 'Wilson',
'Ali', 'Mason', 'Mitchell', 'Rose', 'Davis', 'Davies', 'Rodriguez', 'Cox', 'Alexander'
]
for i in range(len(first_names)):
tmp_email = first_names[i].lower() + "." + last_names[i].lower() + "@example.com"
tmp_pass = ''.join(random.choice(string.ascii_lowercase + string.digits) for i in range(10))
user_datastore.create_user(
first_name=first_names[i],
last_name=last_names[i],
email=tmp_email,
password=encrypt_password(tmp_pass),
roles=[user_role, ]
)
db.session.commit()
return
def create_app(priority_settings=None):
app = Flask(__name__, static_url_path='')
app.config.from_object(settings)
app.config.from_envvar('TODO_SETTINGS', silent=True)
app.config.from_object(priority_settings)
db.init_app(app)
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security.init_app(app, user_datastore)
app.register_blueprint(index)
app.register_blueprint(todos)
with app.app_context():
db.create_all()
if not User.query.first():
user_datastore.create_user(
email='*****@*****.**',
password=encrypt_password('password'))
db.session.commit()
return app
def create_app():
import os
from os import environ
import psycopg2
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate
from flask_heroku import Heroku
from flask_admin.contrib.sqla import ModelView
from flask_wtf.csrf import CSRFProtect
from flask import render_template, request, redirect, jsonify, url_for, flash, session
from sqlalchemy.orm import relationship, sessionmaker
from models import User, Order, Customer, Role, OrderDetails, Product, Supplier, Payment, Shipper, users_schema, orders_schema, products_schema, customers_schema, order_details_schema, suppliers_schema, payments_schema, shippers_schema, MyAdminIndexView, UserAdmin, RoleAdmin
from flask_admin import Admin
from flask_login import UserMixin, LoginManager, current_user, login_user, logout_user
from flask_security import SQLAlchemyUserDatastore, Security, utils, login_required
from wtforms.fields import PasswordField
from passlib.hash import pbkdf2_sha256
from flask_marshmallow import Marshmallow
import stripe
import datetime
from flask_mail import Mail, Message
from decimal import Decimal
from flask_caching import Cache
from flask_assets import Environment, Bundle
from PIL import Image
APPLICATION_NAME = "Kokeshi"
app = Flask(__name__)
csrf.init_app(app)
app.config.from_pyfile('config_default.cfg')
assets = Environment(app)
try:
app.config.from_envvar('KOKESHI_SETTINGS')
except:
pass
# Flask Security Config
app.config['SECURITY_REGISTERABLE'] = True
# Flask-Mail Config
app.config.update(dict(
MAIL_SERVER=os.environ['MAIL_SERVER'],
MAIL_PORT=465,
MAIL_USERNAME=os.environ['MAIL_USERNAME'],
MAIL_USE_TLS=False,
MAIL_USE_SSL=True,
MAIL_PASSWORD=os.environ['MAIL_PASSWORD'],
SECURITY_PASSWORD_HASH='pbkdf2_sha512',
SECURITY_PASSWORD_SALT=os.environ['SECURITY_PASSWORD_SALT']
))
cache = Cache(app, config={'CACHE_TYPE': 'simple'})
# Flask-Assets config
scss_bundle = Bundle('scss/*.scss',
filters='pyscss, cssmin',
output='css/styles.css',
extra={'rel': 'stylesheet/scss'},
)
js_bundle = Bundle('js/*.js',
filters='jsmin',
output='js/main.min.js',
)
assets.register('scss_all', scss_bundle)
assets.register('js_all', js_bundle)
scss_bundle.build()
js_bundle.build()
imagePath = "static/img/artisan-placeholder.jpg"
outputPath = "static/img/artisan-placeholder.webp"
quality = "80"
im = Image.open(imagePath)
im.save(outputPath, 'webp', quality=quality)
app.url_map.strict_slashes = False
# Initialize the SQLAlchemy data store and Flask-Security.
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
# Create admin views.
admin = Admin(app, index_view=MyAdminIndexView())
admin.add_view(UserAdmin(User, db.session))
admin.add_view(RoleAdmin(Role, db.session))
# Stripe payments implementation.
STRIPE_PUBLISHABLE_KEY = 'pk_test_GM1d2F2DgrIl6jnkIwSaZ8Dd'
stripe_keys = {
'secret_key': os.environ['STRIPE_SECRET_KEY'],
'publishable_key': STRIPE_PUBLISHABLE_KEY
}
stripe.api_key = stripe_keys['secret_key']
#################
# App functions #
#################
#######################
# User administration #
#######################
# Populate the db with products and placeholder data
"""@app.before_first_request
def before_first_request():
db.create_all()
user_datastore.find_or_create_role(
name='super', description='Super User')
user_datastore.find_or_create_role(
name='admin', description='Administrator')
user_datastore.find_or_create_role(
name='artisan', description='Artisan')
encrypted_password = utils.encrypt_password('password')
if not user_datastore.get_user('*****@*****.**'):
user_datastore.create_user(
email='*****@*****.**',
password=encrypted_password
)
if not user_datastore.get_user('*****@*****.**'):
user_datastore.create_user(
email='*****@*****.**',
password=encrypted_password
)
if not user_datastore.get_user('*****@*****.**'):
user_datastore.create_user(
email='*****@*****.**',
password=encrypted_password
)
db.session.commit()
user_datastore.add_role_to_user('*****@*****.**', 'super')
user_datastore.add_role_to_user('*****@*****.**', 'admin')
user_datastore.add_role_to_user('*****@*****.**', 'artisan')
db.session.commit()
db_items = [
Product(
name="Zao Kokeshi",
description="A traditional handcrafted Japanese Kokeshi doll, made with care to the height of the newborn child",
price=200,
is_available=True
),
Product(
name="Yonezawa Kokeshi",
description="A traditional handcrafted Japanese Kokeshi doll, made with care to the height of the newborn child",
price=200,
is_available=True
),
Product(
name="Sagae Kokeshi",
description="A traditional handcrafted Japanese Kokeshi doll, made with care to the height of the newborn child",
price=200,
is_available=True
),
Product(
name="Tendo Kokeshi",
description="A traditional handcrafted Japanese Kokeshi doll, made with care to the height of the newborn child",
price=200,
is_available=True
),
Product(
name="Message",
description="A handwritten message on the back of the kokeshi doll",
price=50,
is_available=True
),
Supplier(
name="Sato",
phone="08011112222",
email="*****@*****.**"
),
Supplier(
name="Suzuki",
phone="08011199002",
email="*****@*****.**"
),
Supplier(
name="Miyagi",
phone="090000009999",
email="*****@*****.**"
),
Shipper(
companyName="Kuro Neko",
phone="08051516161",
email="*****@*****.**",
contactName="Kurosawa"
)
]
for item in db_items:
db.session.add(item)
db.session.commit()"""
@app.route('/login', methods=['GET', 'POST'])
def showLogin():
"""
Use a custom LoginForm to validate with WTForms
"""
form = LoginForm()
if form.validate_on_submit():
# Login and validate the user.
# user should be an instance of the `User` class
login_user(user)
flask.flash('Logged in successfully.')
next = flask.request.args.get('next')
# is_safe_url should check if the url is safe for redirects.
# See http://flask.pocoo.org/snippets/62/ for an example.
if not is_safe_url(next):
return flask.abort(400)
return flask.redirect(next or flask.url_for('index'))
return flask.render_template('login.html', form=form)
@app.route('/logout')
def showLogout():
logout_user()
flask.flash('Logged out successfully.')
return 'Logged out'
##########################
# General Administration #
##########################
@app.before_request
def force_https():
"""
Redirect from http to https
"""
if os.environ.get('DATABASE_URL') is not None:
if not request.is_secure:
url = request.url.replace('http://', 'https://', 1)
code = 301
return redirect(url, code=code)
##################
# JSON API calls #
##################
@app.route('/suppliers/JSON')
@login_required
def showSuppliersJSON():
"""
Return order data in JSON
"""
suppliers = Supplier.query.all()
return jsonify(suppliers_schema.dump(suppliers).data)
@app.route('/shippers/JSON')
@login_required
def showShippersJSON():
"""
Return order data in JSON
"""
shippers = Shipper.query.all()
return jsonify(shippers_schema.dump(shippers).data)
@app.route('/products/JSON')
@login_required
def showProductsJSON():
"""
Return order data in JSON
"""
products = Product.query.all()
return jsonify(products_schema.dump(products).data)
@app.route('/orders/JSON')
@login_required
def showOrdersJSON():
"""
Return order data in JSON
"""
orders = Order.query.all()
return jsonify(orders_schema.dump(orders).data)
@app.route('/orders/unfulfilled/JSON')
@login_required
def showUnfulfilledOrdersJSON():
"""
Return unfulfilled order data in JSON
"""
unful_orders = Order.query.filter_by(wasOrdered=False).all()
return jsonify(orders_schema.dump(unful_orders).data)
@app.route('/customers/JSON')
@login_required
def showCustomersJSON():
"""
Return customer data in JSON
"""
customers = Customer.query.all()
return jsonify(customers_schema.dump(customers).data)
#######################
# Client facing pages #
#######################
@app.route('/orders')
@login_required
def showOrders():
"""
Display the supplier - facing orders page. The supplier can accept
the job, then is directed to the showAcceptOrder
"""
unaccepted_orders = Order.query.filter_by(wasAccepted=False).all()
session['supplier'] = current_user.email
return render_template('auth/unassigned_orders.html', orders=unaccepted_orders)
@app.route('/orders/<int:order_id>/accepted', methods=['GET', 'POST'])
@login_required
def showAcceptOrder(order_id):
"""
Display the supplier-facing order accepted page.
"""
order = Order.query.filter_by(orderID=order_id).first()
supplier = Supplier.query.filter_by(
email=session['supplier']).first()
selected_order = Order.query.filter_by(orderID=order_id).first()
selected_order_details = OrderDetails.query.filter_by(
order_ID=order_id).first()
supplier_id = supplier.supplierID
order.wasAccepted = True
selected_order.supplier_ID = supplier_id
db.session.add(selected_order)
db.session.commit()
return render_template('auth/selected_order.html', order=selected_order_details)
@app.route('/', methods=["GET", "POST"])
@app.route('/home')
@cache.cached(timeout=86400)
def showHome():
"""
Display the landing page.
"""
return render_template('home.html')
@app.route('/about')
@cache.cached(timeout=86400)
def showAbout():
"""
Display the About Us page.
"""
return render_template('about.html')
@app.route('/design', methods=['GET', 'POST'])
@cache.cached(timeout=86400)
def showDesign():
"""
Display a kokeshi designing page that, when submitted, updates the shopping cart with the order and redirects to the order page.
"""
# Create a new cart list.
if 'cart' not in session:
session['cart'] = []
if request.method == 'POST':
# Create a customer object without an email, to attach to the cart
# items in the session.
customer = Customer(email="")
db.session.add(customer)
db.session.commit()
# Create an order object and tie it to the customer.
order = Order(customer_ID=customer.customerID)
db.session.add(order)
db.session.commit()
product = Product.query.filter_by(
name=request.form['item']).one()
# Assign the order to the customer using the orderID
customer.order_ID = order.orderID
if request.form.get('is-message', False) == 'on':
order_details = OrderDetails(
item=request.form['item'],
name=request.form['name'],
dob=request.form['dob'],
height=request.form['height'],
weight=request.form['weight'],
is_message=True,
message=request.form['message'],
order_ID=order.orderID,
customer_ID=customer.customerID,
product_ID=product.productID
)
else:
order_details = OrderDetails(
item=request.form['item'],
name=request.form['name'],
dob=request.form['dob'],
height=request.form['height'],
weight=request.form['weight'],
is_message=False,
order_ID=order.orderID,
customer_ID=customer.customerID,
product_ID=product.productID
)
# Set the price of the item, dependent on the presence or absence of a message.
if request.form.get('is-message', False) == 'on':
price = 250
else:
price = 200
order.price = price
db.session.add(customer)
db.session.add(order)
db.session.add(order_details)
db.session.commit()
# Append the item to the cart.
session['cart'].append(
{
'itemID': order_details.orderDetailsID,
'item': order_details.item,
'name': order_details.name,
'dob': order_details.dob,
'height': order_details.height,
'weight': order_details.weight,
'isMessage': order_details.is_message,
'message': order_details.message,
'product': product.name,
'price': price,
'orderID': order_details.order_ID
}
)
# Create a session variable to select the customer in order to append information.
session['customer_ID'] = customer.customerID
flash("Success! Your order for '%s kokeshi' has been added to your cart." %
order_details.name)
return redirect(url_for('showOrder'))
else:
return render_template('design.html')
@app.route('/setCart')
def setCart():
cartObj = session['cart']
cartJSON = jsonify(cartObj)
return cartJSON
@app.route('/removeItem/<int:item_id>', methods=["GET", "POST"])
def removeItem(item_id):
"""
Remove the selected item from the cart.
"""
# Check for the existence of an item, then convert it to an int
if item_id is not None:
item_id = int(item_id)
try:
session['cart'][:] = [d for d in session['cart']
if d.get('itemID') != item_id]
except:
msg = "There were no items to remove"
print(msg)
return redirect(url_for('showOrder'))
@app.route('/order', methods=["GET", "POST"])
def showOrder():
"""
Display the order page - - a list of all the items in the cart.
"""
return render_template('order.html')
@app.route('/checkout', methods=['GET', 'POST'])
def showCheckout():
"""
Display the checkout page, which displays the total and a Stripe payments button.
"""
amount_usd = 0
# Add up the total of all the items in the cart
for item in session['cart']:
amount_usd += item['price']
# Calculate the amount in US cents for Stripe
amount_cents = amount_usd * 100
return render_template(
'auth/index.html',
key=stripe_keys['publishable_key'],
amount_usd=amount_usd,
amount_cents=amount_cents,
cart=session['cart']
)
@app.route('/charge', methods=['GET', 'POST'])
def charge():
db_customer = Customer.query.filter_by(
customerID=session['customer_ID']).one()
# Amount in cents
amount = 0
items = []
for item in session['cart']:
# Add the item prices in cents.
amount += item['price'] * 100
items.append(item['item'])
customer = stripe.Customer.create(
email=request.form['stripeEmail'],
source=request.form['stripeToken']
)
# Create a session variable with the customer's email for sending a
# confirmation email.
session['customer_email'] = request.form['stripeEmail']
# Create a Stripe charge object which sends a confirmation email.
charge = stripe.Charge.create(
customer=customer.id,
amount=amount,
currency='usd',
description='KokeMama Charge',
receipt_email=session['customer_email']
)
# Attempt to add customer data from the stripe input to the customer
# object
try:
db_customer.email = request.form['stripeEmail']
except:
print("There is no 'stripeEmail' key")
try:
db_customer.name = charge.source.name
except:
print("There is no 'stripeName' key")
try:
db_customer.address1 = charge.source.address_line1
except:
print("There is no 'stripeShippingAddressLine1' key")
try:
db_customer.zipCode = charge.source.address_zip
except:
print("There is no 'stripeShippingAddressZip' key")
try:
db_customer.state = charge.source.address_state
except:
print("There is no 'stripeShippingAddressState' key")
try:
db_customer.city = charge.source.address_city
except:
print("There is no 'stripeShippingAddressCity' key")
try:
db_customer.country = charge.source.address_country
except:
print("There is no 'stripeShippingAddressCountry' key")
db.session.add(db_customer)
db.session.commit()
return redirect(url_for('showConfirm'))
@app.route('/confirmation')
def showConfirm():
"""
Display the order confirmation page after an order is submitted.
"""
# Get the customer from the db using the 'customer_ID' session variable
db_customer = Customer.query.filter_by(
customerID=session['customer_ID']).one()
# Create a list of the cart items for use in the email's message body
items = [dic['item'] for dic in session['cart'] if 'item' in dic]
# Use the first item in the cart to obtain the 'orderID'. If None,
# display 'design' link
try:
firstItem = session['cart'][0]
orderID = firstItem['orderID']
msg = Message(
'Confirmation', sender='*****@*****.**', recipients=[session['customer_email']])
msg.body = "Thank you for your order of: %s. Your order number is: %d." % (
items, orderID)
mail.send(msg)
# Clear the cart after payment is received and confirmation is sent.
session['cart'] = []
return render_template('auth/confirmation.html')
except:
return redirect(url_for('showHome'))
@app.route('/contact', methods=['GET', 'POST'])
@cache.cached(timeout=86400)
def showContact():
"""
Display the contact information page.
"""
if request.method == 'POST':
msg = Message(
'Contact', sender='*****@*****.**', recipients=['*****@*****.**'])
msg.body = "Customer name: %s\n" % (
request.form['customer-name'])
msg.body += "Customer email: %s\n" % (
request.form['customer-email'])
msg.body += "Message: %s" % (request.form['customer-message'])
mail.send(msg)
customer = Customer(
name=request.form['customer-name'],
email=request.form['customer-email']
)
db.session.add(customer)
db.session.commit()
return redirect(url_for('showContactComplete'))
else:
return render_template('contact.html')
@app.route('/contact/complete')
def showContactComplete():
"""
Show a success message for the contact form.
"""
return render_template('auth/contact_complete.html')
db.init_app(app)
login_manager.init_app(app)
migrate.init_app(app, db)
ma.init_app(app)
heroku.init_app(app)
mail.init_app(app)
# Load the current logged in user.
@login_manager.user_loader
def load_user(user_id):
return User.query.get(user_id)
return app
team = db.relationship('Team', backref=db.backref('team_member_team', order_by=id))
userId = db.Column(db.Integer, db.ForeignKey('user.id'))
user = db.relationship('User', backref=db.backref('team_member_user', order_by=id))
class User_Payment(db.Model):
__tablename__ = 'user_payment'
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(255))
createDate = db.Column(db.DateTime)
seasonId = db.Column(db.Integer, db.ForeignKey('season.id'))
season = db.relationship('Season', backref=db.backref('user_payment_season', order_by=id))
userId = db.Column(db.Integer, db.ForeignKey('user.id'))
User = db.relationship('User', backref=db.backref('user_payment_user', order_by=id))
# Setup Flask-Security
userDatastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, userDatastore)
login_manager = LoginManager()
login_manager.setup_app(app)
login_manager.login_view = "login.html"
# Set up the DB
db.create_all()
teamMemberRole = userDatastore.create_role()
adminRole = userDatastore.create_role()
teamManagerRole = userDatastore.create_role()
@login_manager.user_loader
def load_user(userid):
return User.query.filter_by(id=userid).first()
def create_app():
app = Flask(__name__)
app.config.from_pyfile('settings.py')
db.init_app(app)
url_index = 'http://localhost:8716/'
bootstrap = Bootstrap(app)
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login'
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
admin = flask_admin.Admin(
app,
'Superuser',
base_template='my_master.html',
template_mode='bootstrap3',
)
admin.add_view(ContentView(Content, db.session))
admin.add_view(dataCatinView(DataCatin, db.session))
admin.add_view(MyModelView(Role, db.session))
admin.add_view(MyModelView(User, db.session))
@security.context_processor
def security_context_processor():
return dict(admin_base_template=admin.base_template,
admin_view=admin.index_view,
h=admin_helpers,
get_url=url_for)
@app.route('/', methods=['GET', 'POST'])
def index():
return render_template('index_page.html')
@app.route('/register', methods=['GET', 'POST'])
def register():
form = RegisterFormView()
try:
if form.validate_on_submit():
hashed_password = form.password.data
new_user = User(name=form.name.data,
email=form.email.data,
password=hashed_password)
db.session.add(new_user)
db.session.commit()
return redirect(url_for('login'))
except:
return "<h2> Data yang di inputkan harus unique, sepertinya salah satu data yang Anda Masukan sudah terdaftar, " \
"Mohon ulangi input data dengan teliti...!!! <br> <a href=" + url_index + "signup>Ulangi Input Data</a></h2>"
return render_template('register.html', form=form)
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginFormView(request.form)
if request.method == 'POST':
if form.validate_on_submit():
session['email'] = request.form['email']
takeEmail = session['email'] = request.form['email']
try:
takeRoles = User.query.filter_by(email=takeEmail).first()
takeRoles = takeRoles.roles
# takeRoles = ''.join(takeRoles)
print('testing', takeRoles)
user = User.query.filter_by(email=form.email.data).first()
if verify_password(user.password, form.password.data):
user.authenticated = True
db.session.add(user)
db.session.commit()
login_user(user)
login_user(user, remember=form.remember.data)
if takeRoles == ['user']:
return redirect(url_for('operator'))
elif takeRoles == []:
return redirect(url_for('society'))
else:
pass
else:
return '<h1>Invalid username or password</h1>'
except:
return 'Sepertinya user yang Anda masukan belum terdaftar, mohon diperiksa lagi'
return render_template('login.html', form=form)
@app.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('index'))
@app.route('/society')
@login_required
def society():
dataUser = User('', '', '')
id_user = current_user.id
try:
result, nik_catin_laki_laki = db.session.query(User, DataCatin.NIK_catin_laki_laki).join(DataCatin).\
filter(DataCatin.user_id == current_user.id).first()
result, nama_catin_laki_laki = db.session.query(User, DataCatin.nama_catin_laki_laki).join(DataCatin).\
filter(DataCatin.user_id == current_user.id).first()
result, nik_catin_perempuan = db.session.query(User, DataCatin.NIK_catin_perempuan).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, nama_catin_perempuan = db.session.query(User, DataCatin.nama_catin_perempuan).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, tanggal_daftar = db.session.query(User, DataCatin.tanggal_daftar).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, jadwal_nikah = db.session.query(User, DataCatin.jadwal_nikah).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, jam = db.session.query(User, DataCatin.jam).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, tempat_pelaksaan_nikah = db.session.query(User, DataCatin.tempat_pelaksaan_nikah).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
result, status_pendaftaran = db.session.query(User, DataCatin.status_pendaftaran).join(DataCatin). \
filter(DataCatin.user_id == current_user.id).first()
except:
nik_catin_laki_laki = '-'
nama_catin_laki_laki = '-'
nik_catin_perempuan = '-'
nama_catin_perempuan = '-'
tanggal_daftar = '-'
jadwal_nikah = '-'
jam = '-'
tempat_pelaksaan_nikah = '-'
status_pendaftaran = '-'
# return render_template('society_dashboard.html', WELCOME=current_user.name)
return render_template('society_dashboard.html',
WELCOME=current_user.name,
NIK_LAKI_LAKI=nik_catin_laki_laki,
NAMA_CATIN_LAKI_LAKI=nama_catin_laki_laki,
NIK_CATIN_PEREMPUAN=nik_catin_perempuan,
NAMA_CATIN_PEREMPUAN=nama_catin_perempuan,
TANGGAL_DAFTAR=tanggal_daftar,
JAM=jam,
JADWAL_NIKAH=jadwal_nikah,
TEMPAT_PELAKSAAN_NIKAH=tempat_pelaksaan_nikah,
STATUS_PENDAFTARAN=status_pendaftaran)
@app.route('/societyinputdata', methods=['GET', 'POST'])
@login_required
def societyInputData():
form = SocietyInputDataView(request.form)
if request.method == 'POST':
if form.validate_on_submit():
tanggal_daftar = time.strftime("%Y-%m-%d %H:%M:%S")
add_jam = request.form['jam']
new_data = DataCatin(form.NIK_catin_laki_laki.data,
form.nama_catin_laki_laki.data,
form.NIK_catin_perempuan.data,
form.nama_catin_perempuan.data,
tanggal_daftar, form.jadwal_nikah.data,
add_jam, form.tempat_pelaksaan_nikah.data,
current_user.id)
db.session.add(new_data)
db.session.commit()
return redirect(url_for('society'))
return render_template('society_input_data.html', form=form)
@app.route('/operator', methods=['GET', 'POST'])
@login_required
def operator():
if 'email' in session:
name = current_user.name
all_user_data = DataCatin.query.all()
if request.method == 'POST':
all_data_CSV = []
for i in all_user_data:
# nik_CL_to_CSV.append({'NIK Catin Laki-laki': i.NIK_catin_laki_laki})
all_data_CSV.append({
'NIK Catin Laki-laki':
i.NIK_catin_laki_laki,
'Nama Catin Laki-laki':
i.nama_catin_laki_laki,
'NIK Catin Perempuan':
i.NIK_catin_perempuan,
'Nama Catin Perempuan':
i.nama_catin_perempuan,
'Tanggal Daftar':
i.tanggal_daftar,
'Jadwal Nikah':
i.jadwal_nikah,
'Jam':
i.jam,
'Tempat Pelaksanaan Nikah':
i.tempat_pelaksaan_nikah,
'Status Pendaftaran':
i.status_pendaftaran
})
return send_csv(
all_data_CSV,
"laporan pendaftaran.csv", [
'NIK Catin Laki-laki', 'Nama Catin Laki-laki',
'NIK Catin Perempuan', 'Nama Catin Perempuan',
'Tanggal Daftar', 'Jadwal Nikah', 'Jam',
'Tempat Pelaksanaan Nikah', 'Status Pendaftaran'
],
cache_timeout=1,
delimiter=';')
return render_template('operator_dashboard.html',
WELCOME=name,
catin=all_user_data,
DOWNLOAD_CSV='')
else:
return redirect(url_for('index'))
@app.route('/csv')
def csv():
all_user_data = DataCatin.query.all()
# nik_CL_to_CSV = []
all_data_CSV = []
for i in all_user_data:
# nik_CL_to_CSV.append({'NIK Catin Laki-laki': i.NIK_catin_laki_laki})
all_data_CSV.append({
'NIK Catin Laki-laki': i.NIK_catin_laki_laki,
'Nama Catin Laki-laki': i.nama_catin_laki_laki,
'NIK Catin Perempuan': i.NIK_catin_perempuan,
'Nama Catin Perempuan': i.nama_catin_perempuan,
'Tanggal Daftar': i.tanggal_daftar,
'Jadwal Nikah': i.jadwal_nikah,
'Jam': i.jam,
'Tempat Pelaksanaan Nikah': i.tempat_pelaksaan_nikah,
'Status Pendaftaran': i.status_pendaftaran
})
return send_csv(
all_data_CSV,
"testing.csv", [
'<b>NIK Catin Laki-laki</b>', 'Nama Catin Laki-laki',
'NIK Catin Perempuan', 'Nama Catin Perempuan',
'Tanggal Daftar', 'Jadwal Nikah', 'Jam',
'Tempat Pelaksanaan Nikah', 'Status Pendaftaran'
],
cache_timeout=1,
delimiter=';')
@app.route('/operatorAddData', methods=['GET', 'POST'])
@login_required
def operatorAddData():
dataUser = User('', '', '')
form = OperatorAddDataView(request.form)
operator_name = current_user.name
if request.method == 'POST':
if form.validate_on_submit():
add_jam = request.form['jam']
new_data = DataCatin(form.NIK_catin_laki_laki.data,
form.nama_catin_laki_laki.data,
form.NIK_catin_perempuan.data,
form.nama_catin_perempuan.data,
form.tanggal_daftar.data,
form.jadwal_nikah.data, add_jam,
form.tempat_pelaksaan_nikah.data,
current_user.id, False,
form.status_pendaftaran.data)
db.session.add(new_data)
# db.session.commit()
try:
db.session.commit()
except:
return 'Data yang dimasukan sudah ada, mohon diulangi!!!'
return redirect(url_for('operator'))
return render_template('operatorAddData.html',
form=form,
OPERATOR_NAME=operator_name)
@app.route('/delete_data/<id>')
def delete_data(id):
data = db.session.query(
DataCatin, User).join(User).filter(DataCatin.id == id).first()
if data.DataCatin.is_public:
return render_template('catin_detail.html', catin=data)
else:
# if current_user.is_authenticated and data.DataCatin.user_id == current_user.id:
if current_user.is_authenticated:
data = DataCatin.query.filter_by(id=id).first()
db.session.delete(data)
db.session.commit()
return redirect(url_for('operator'))
@app.route('/catin_edit/<id>', methods=['GET', 'POST'])
def catin_edit(id):
data = db.session.query(
DataCatin, User).join(User).filter(DataCatin.id == id).first()
form = EditCatin(request.form)
if request.method == 'POST':
if form.validate_on_submit():
# if current_user.is_authenticated and data.DataCatin.user_id == current_user.id:
if current_user.is_authenticated:
data = DataCatin.query.filter_by(id=id).first()
new_nik_L = form.NIK_catin_laki_laki.data
new_name_L = form.nama_catin_laki_laki.data
new_nik_P = form.NIK_catin_perempuan.data
new_name_P = form.nama_catin_perempuan.data
new_tanggal_daftar = form.tanggal_daftar.data
new_jadwal = form.jadwal_nikah.data
new_jam = request.form['jam']
new_tempat_pelaksaan_nikah = form.tempat_pelaksaan_nikah.data
new_status_pendaftaran = form.status_pendaftaran.data
try:
data.NIK_catin_laki_laki = new_nik_L
data.nama_catin_laki_laki = new_name_L
data.NIK_catin_perempuan = new_nik_P
data.nama_catin_perempuan = new_name_P
data.jadwal_nikah = new_jadwal
data.tanggal_daftar = new_tanggal_daftar
data.jam = new_jam
data.tempat_pelaksaan_nikah = new_tempat_pelaksaan_nikah
data.status_pendaftaran = new_status_pendaftaran
db.session.commit()
except Exception as e:
return {'error': str(e)}
return redirect(url_for('operator'))
return render_template('edit_catin.html', form=form, catin=data)
return app
def create_app():
app = Flask(__name__)
app.config.from_pyfile('settings.py')
db.init_app(app)
admin = Admin(app,
name='Flask01',
template_mode='bootstrap3',
index_view=SecuredAdminIndexView())
admin.add_view(PageModelView(Page, db.session))
admin.add_view(MenuModelView(Menu, db.session))
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
@app.route('/')
@app.route('/<url>')
def index(url=None):
print('here', url)
if url is not None:
# contoh /about
page = Page.query.filter_by(url=url).first()
else:
# contoh /
page = Page.query.filter_by(is_homepage=True).first()
if page is None:
# TODO cute 404
return 'Page not found for {} or homepage not set'.format(url)
contents = 'empty'
if page is not None:
contents = page.contents
menu = Menu.query.order_by('order')
return render_template('index.html',
TITLE='Flask-01',
CONTENT=contents,
menu=menu)
@app.route('/rahasia')
@login_required
def rahasia():
return '<h1>Luke dies!<h1>'
@app.route('/testdb')
def testdb():
import psycopg2
con = psycopg2.connect(
'dbname=flask01 user=devuser password=devpassword host=postgres')
cur = con.cursor()
cur.execute('select * from page;')
id, title = cur.fetchone()
con.close()
return 'Output table page: {} - {}'.format(id, title)
return app
index_view=HomeAdminView(name='Главная'))
admin.add_view(PostAdminView(Post, db.session, name='Посты'))
admin.add_view(TagAdminView(Tag, db.session, name='Теги'))
admin.add_view(UserAdminView(User, db.session, name='Пользователи'))
admin.add_view(AdminView(Role, db.session, name='Роли'))
admin.add_view(FeedBackAdminView(Feedback, db.session, name='Отзывы'))
admin.add_view(AllAdminView(Tablenso, db.session, name='НСО'))
admin.add_view(AllAdminView(Aggregates, db.session, name='Структурность'))
admin.add_view(
AllAdminView(Bulkweight, db.session, name='Равновесная плотность'))
admin.add_view(AllAdminView(Deflation, db.session, name='Дефляция'))
admin.add_view(AllAdminView(Erosion, db.session, name='Эрозия'))
admin.add_view(
AllAdminView(Granulometry, db.session, name='Гранулометрический состав'))
admin.add_view(AllAdminView(Humus, db.session, name='Содержание гумуса'))
admin.add_view(AllAdminView(Moisture, db.session, name='Продуктивная влага'))
admin.add_view(AllAdminView(Ph, db.session, name='Кислотность'))
admin.add_view(AllAdminView(Phosphorus, db.session, name='Подвижный фосфор'))
admin.add_view(AllAdminView(Potassium, db.session, name='Подвижный калий'))
admin.add_view(
AllAdminView(Power, db.session, name='Мощность гумусового горизонта'))
admin.add_view(AllAdminView(Salinization, db.session, name='Засоление почв'))
admin.add_view(AllAdminView(Solonetzes, db.session, name='Виды солонцов'))
admin.add_view(
AllAdminView(Water_resistant, db.session, name='Водопрочные агрегаты'))
admin.add_view(AllAdminView(Xoz, db.session, name='Хозяйства'))
# Flask-security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
def create_app(config_name):
""" Application factory """
# Flask init
app = Flask(__name__) # most of the work done right here. Thanks, Flask!
app.config.from_object('settings') # load my settings which pull from .env
'''
FLASK EXTENTIONS
'''
db.init_app(app) # load my database extension
from .models import User, Role
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
# load my security extension
security.init_app(app,
user_datastore,
confirm_register_form=ExtendedRegisterForm)
mail.init_app(app) # load my mail extensioin
# load my writing tool extension
md = Markdown(app, extensions=['fenced_code', 'tables'])
migrate.init_app(app, db) # load my database updater tool
moment.init_app(app) # time formatting
jwt.init_app(app)
####
# ASSETS
###
assets.init_app(app)
js = Bundle('vendor/bootstrap/js/bootstrap.bundle.min.js',
'vendor/jquery-easing/jquery.easing.min.js',
'js/sb-admin-2.min.js',
filters='jsmin',
output='js/packed.js')
sass = Bundle('scss/custom.scss', filters='scss', output='css/custom.css')
all_css = Bundle(
sass, # add more CSS files here
filters='cssmin',
output="css/packed.css")
# EXTENSIONS THAT SOMETIMES CRASH
# TODO: don't be lazy, Mr. A, get rid of this try-except
try:
assets.register('js_all', js)
assets.register('all_css', all_css)
admin.init_app(app)
ckeditor.init_app(app)
from .models import Post, Buzz # importing models carefully as needed to avoid circular import issues
from .models.main import UserAdmin, RoleAdmin # not db tables
admin.add_view(UserAdmin(User, db.session))
admin.add_view(RoleAdmin(Role, db.session))
admin.add_view(RoleAdmin(Post, db.session))
admin.add_view(RoleAdmin(Buzz, db.session))
# Add new models here so you can manage data from Flask-Admin's convenient tools
except Exception as e:
app.logger.error(f'Failed activating extensions: {e}')
# TODO: Setup sentry.io!
# sentry_sdk.init(dsn="", integrations=[FlaskIntegration()])
# activate the flaskinni blueprint (blog, user settings, and other basic routes)
from .main import main as main_blueprint
app.register_blueprint(main_blueprint)
# activate API blueprint: https://stackoverflow.com/questions/38448618/using-flask-restful-as-a-blueprint-in-large-application
jwt.init_app(app) # bolt on our Javascript Web Token tool
from .api import api_blueprint
restful = Api(api_blueprint, prefix="/api/v1")
from .api import add_resources
add_resources(restful)
app.register_blueprint(
api_blueprint
) # registering the blueprint effectively runs init_app on the restful extension
# Callback function to check if a JWT exists in the redis blocklist
@jwt.token_in_blocklist_loader
def check_if_token_is_revoked(jwt_header, jwt_payload):
jti = jwt_payload["jti"]
return models.RevokedTokenModel.is_jti_blocklisted(jti)
# --- NEW BLUEPRINTS GO BELOW THIS LINE ---
# custom error handlers, these call the functions at the top of the file
app.register_error_handler(500, crash_page)
app.register_error_handler(404, page_not_found)
app.register_error_handler(403, page_forbidden)
# Executes before the first request is processed.
@app.before_first_request
def before_first_request():
""" What do we do before we respond to the first request """
# Create any database tables that don't exist yet.
db.create_all()
# Create the Roles "admin" and "end-user" -- unless they already exist
user_datastore.find_or_create_role(name='admin',
description='Administrator')
user_datastore.find_or_create_role(name='end-user',
description='End user')
# Create two Users for testing purposes -- unless they already exists.
# In each case, use Flask-Security utility function to encrypt the password.
encrypted_password = utils.encrypt_password(
app.config['STARTING_ADMIN_PASS'])
for email in app.config['STARTING_ADMINS']:
if not user_datastore.get_user(email):
user_datastore.create_user(email=email,
password=encrypted_password)
# Commit any database changes; the User and Roles must exist before we can add a Role to the User
db.session.commit()
for email in app.config['STARTING_ADMINS']:
user_datastore.add_role_to_user(email, 'admin')
confirmed_admin = user_datastore.get_user(email)
confirmed_admin.confirmed_at = datetime.utcnow()
db.session.commit()
@app.before_request
def before_request():
""" What we do before every single handled request """
if current_user.is_authenticated:
first_time = True if not current_user.last_seen else False
current_user.last_seen = datetime.utcnow()
db.session.commit()
return app
# !/usr/bin/env python
# coding=utf8
# Author: quheng
import sys
sys.path.append("..")
from manager import db, app
from admin.admin_models import Role
from admin.admin_models import Manager
from flask_security import SQLAlchemyUserDatastore
from flask_security.utils import encrypt_password
import key
with app.app_context():
user_role = Role(name='user')
super_user_role = Role(name='superuser')
db.session.add(user_role)
db.session.add(super_user_role)
db.session.commit()
user_datastore = SQLAlchemyUserDatastore(db, Manager, Role)
test_user = user_datastore.create_user(\
first_name=key.MANAGER_NAME,\
email=key.MAIL_USERNAME,\
password=encrypt_password(key.MANAGER_PASSWORD),\
roles=[user_role, super_user_role])
db.session.commit()
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from models import User, Role
from config import app, db
from flask_security.utils import encrypt_password
from flask_security import Security, SQLAlchemyUserDatastore, \
UserMixin, RoleMixin, login_required, current_user
db.drop_all()
db.create_all()
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
with app.app_context():
user_role = Role(name='user')
super_user_role = Role(name='superuser')
db.session.add(user_role)
db.session.add(super_user_role)
db.session.commit()
test_user = user_datastore.create_user(
username='******',
password=encrypt_password('admin'),
active=True,
roles=[user_role, super_user_role],
)
def test_no_sms(app, get_message):
# Make sure that don't require tf_phone_number if SMS isn't an option.
from sqlalchemy import (
Boolean,
Column,
Integer,
String,
)
from sqlalchemy.orm import relationship, backref
from flask_sqlalchemy import SQLAlchemy
from flask_security.models import fsqla_v2 as fsqla
from flask_security import Security, UserMixin, hash_password
app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
db = SQLAlchemy(app)
fsqla.FsModels.set_db_info(db)
class Role(db.Model, fsqla.FsRoleMixin):
pass
class User(db.Model, UserMixin):
id = Column(Integer, primary_key=True)
email = Column(String(255), unique=True, nullable=False)
password = Column(String(255), nullable=False)
active = Column(Boolean(), nullable=False)
# Faster token checking
fs_uniquifier = Column(String(64), unique=True, nullable=False)
# 2FA
tf_primary_method = Column(String(64), nullable=True)
tf_totp_secret = Column(String(255), nullable=True)
roles = relationship("Role",
secondary="roles_users",
backref=backref("users", lazy="dynamic"))
with app.app_context():
db.create_all()
ds = SQLAlchemyUserDatastore(db, User, Role)
app.security = Security(app, datastore=ds)
with app.app_context():
client = app.test_client()
ds.create_user(
email="*****@*****.**",
password=hash_password("password"),
)
ds.commit()
data = dict(email="*****@*****.**", password="******")
client.post("/login", data=data, follow_redirects=True)
with app.mail.record_messages() as outbox:
response = client.post("/tf-setup",
data=dict(setup="email"),
follow_redirects=True)
msg = b"To complete logging in, please enter the code sent to your mail"
assert msg in response.data
code = outbox[0].body.split()[-1]
# sumbit right token and show appropriate response
response = client.post("/tf-validate",
data=dict(code=code),
follow_redirects=True)
assert b"You successfully changed your two-factor method" in response.data
def __init__(self, db, user_moel):
SQLAlchemyUserDatastore.__init__(self, db, user_moel, None)
def create_app(config_cls):
"""
创建 Flask 实例
:param config_cls: 配置类
:return:
"""
app = Flask(__name__)
app.config.from_object(config_cls)
db.init_app(app)
migrate.init_app(app, db)
babel.init_app(app)
# Excel 操作库
excel.init_excel(app)
# 创建后台管理模块
from app.models import Game, Hero, Quotation, User, Role
_admin = Admin(
app,
name=u'后台管理系统',
base_template='admin/my_master.html',
index_view=MyHomeView(),
template_mode='bootstrap3'
)
_admin.add_view(DataManageView(name=u'导入导出管理', endpoint='manage'))
_admin.add_view(MySuperUserModelView(Game, db.session, name=u'游戏'))
_admin.add_view(MySuperUserModelView(Hero, db.session, name=u'英雄角色'))
_admin.add_view(MySuperUserModelView(Quotation, db.session, name=u'语录'))
_admin.add_view(UserModelView(User, db.session, name=u'用户管理'))
_admin.add_view(MySuperUserModelView(Role, db.session, name=u'用户角色管理'))
# 创建权限控制实例
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
# 定义一个上下文处理器,用于将 flask-admin 的模板上下文合并到 flask-security 视图。
@security.context_processor
def security_context_processor():
return dict(
admin_base_template=_admin.base_template,
admin_view=_admin.index_view,
h=admin_helpers,
get_url=url_for
)
# 注册错误处理模块蓝图
from app.errors import bp as errors_bp
app.register_blueprint(errors_bp)
# 注册主模块蓝图
from app.main import bp as main_bp
app.register_blueprint(main_bp)
# 注册 api 接口模块蓝图
from app.api import bp as api_bp
app.register_blueprint(api_bp, url_prefix='/api')
return app
def create_app():
myapp = Flask(__name__)
myapp.config['DEBUG'] = True
myapp.config['SECRET_KEY'] = 'super-secret'
myapp.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://'
# As of Flask-SQLAlchemy 2.4.0 it is easy to pass in options directly to the
# underlying engine. This option makes sure that DB connections from the
# pool are still valid. Important for entire application since
# many DBaaS options automatically close idle connections.
myapp.config["SQLALCHEMY_ENGINE_OPTIONS"] = {
"pool_pre_ping": True,
}
myapp.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
myapp.config['SECURITY_PASSWORD_SALT'] = 'onetwothreefourfive'
myapp.config['SECURITY_REGISTERABLE'] = True
myapp.config['SECURITY_CONFIRMABLE'] = False
myapp.config['SECURITY_RECOVERABLE'] = True
myapp.config['SECURITY_TRACKABLE'] = True
myapp.config['SECURITY_CHANGEABLE'] = True
myapp.config['MAIL_SERVER']='localhost'
myapp.config['MAIL_PORT']=8025
db.init_app(myapp)
mail.init_app(myapp)
db_admin.init_app(myapp)
from app.models import User, Role
from app.forms import ExtendedRegisterForm
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security.init_app(myapp, datastore=user_datastore,
register_form=ExtendedRegisterForm, confirm_register_form=ExtendedRegisterForm)
from app.main import bp as main_bp
myapp.register_blueprint(main_bp)
from app.db_admin import bp as db_admin_bp
myapp.register_blueprint(db_admin_bp)
# This is junk. This should be in the security blueprint, but the "myapp" variable is not
# available there, so I had to register it here.
# I thought I could put connect_via(bp), but that didn't work
# Here are some hints for fixing this
# https://stackoverflow.com/questions/16163139/catch-signals-in-flask-blueprint
# https://stackoverflow.com/questions/57866541/how-to-get-user-registered-signal-in-flask-user
# https://stackoverflow.com/questions/17146724/setting-a-default-role-in-flask-security?rq=1
@user_registered.connect_via(myapp)
def user_registered_sighandler(app, user, confirm_token):
default_role = user_datastore.find_role("user")
user_datastore.add_role_to_user(user, default_role)
db.session.commit()
# debug only for testing.
app_context = myapp.app_context()
app_context.push()
db.create_all()
# Create the Roles "admin" and "end-user" -- unless they already exist
user_datastore.find_or_create_role(name='admin', description='Administrator')
user_datastore.find_or_create_role(name='user', description='End user')
user_datastore.create_user(email='*****@*****.**', password='******')
user_datastore.create_user(email='*****@*****.**', password='******')
db.session.commit()
# Give one User has the "end-user" role, while the other has the "admin" role. (This will have no effect if the
# Users already have these Roles.) Again, commit any database changes.
user_datastore.add_role_to_user('*****@*****.**', 'user')
user_datastore.add_role_to_user('*****@*****.**', 'admin')
db.session.commit()
return myapp
def create_app(db_connection_string=None, testing=None):
app = Flask(__name__)
try:
secret_key = faraday.server.config.faraday_server.secret_key
except Exception:
# Now when the config file does not exist it doesn't enter in this
# condition, but it could happen in the future. TODO check
save_new_secret_key(app)
else:
if secret_key is None:
# This is what happens now when the config file doesn't exist.
# TODO check
save_new_secret_key(app)
else:
app.config['SECRET_KEY'] = secret_key
if faraday.server.config.faraday_server.agent_token is None:
save_new_agent_creation_token()
login_failed_message = ("Invalid username or password", 'error')
app.config.update({
'SECURITY_PASSWORD_SINGLE_HASH':
True,
'WTF_CSRF_ENABLED':
False,
'SECURITY_USER_IDENTITY_ATTRIBUTES': ['username'],
'SECURITY_POST_LOGIN_VIEW':
'/_api/session',
'SECURITY_POST_LOGOUT_VIEW':
'/_api/login',
'SECURITY_POST_CHANGE_VIEW':
'/_api/change',
'SECURITY_CHANGEABLE':
True,
'SECURITY_SEND_PASSWORD_CHANGE_EMAIL':
False,
'SECURITY_MSG_USER_DOES_NOT_EXIST':
login_failed_message,
'SECURITY_TOKEN_AUTHENTICATION_HEADER':
'Authorization',
# The line bellow should not be necessary because of the
# CustomLoginForm, but i'll include it anyway.
'SECURITY_MSG_INVALID_PASSWORD':
login_failed_message,
'SESSION_TYPE':
'filesystem',
'SESSION_FILE_DIR':
faraday.server.config.FARADAY_SERVER_SESSIONS_DIR,
'SQLALCHEMY_TRACK_MODIFICATIONS':
False,
'SQLALCHEMY_RECORD_QUERIES':
True,
# app.config['SQLALCHEMY_ECHO'] = True
'SECURITY_PASSWORD_SCHEMES': [
'bcrypt', # This should be the default value
# 'des_crypt',
'pbkdf2_sha1', # Used by CouchDB passwords
# 'pbkdf2_sha256',
# 'pbkdf2_sha512',
# 'sha256_crypt',
# 'sha512_crypt',
'plaintext', # TODO: remove it
],
'PERMANENT_SESSION_LIFETIME':
datetime.timedelta(hours=12),
'SESSION_COOKIE_NAME':
'faraday_session_2',
'SESSION_COOKIE_SAMESITE':
'Lax',
})
store = FilesystemStore(app.config['SESSION_FILE_DIR'])
prefixed_store = PrefixDecorator('sessions_', store)
KVSessionExtension(prefixed_store, app)
user_logged_in.connect(user_logged_in_succesfull, app)
user_logged_out.connect(expire_session, app)
storage_path = faraday.server.config.storage.path
if not storage_path:
logger.warn(
'No storage section or path in the .faraday/config/server.ini. Setting the default value to .faraday/storage'
)
storage_path = setup_storage_path()
if not DepotManager.get('default'):
if testing:
DepotManager.configure('default', {'depot.storage_path': '/tmp'})
else:
DepotManager.configure('default',
{'depot.storage_path': storage_path})
check_testing_configuration(testing, app)
try:
app.config[
'SQLALCHEMY_DATABASE_URI'] = db_connection_string or faraday.server.config.database.connection_string.strip(
"'")
except AttributeError:
logger.info(
'Missing [database] section on server.ini. Please configure the database before running the server.'
)
except NoOptionError:
logger.info(
'Missing connection_string on [database] section on server.ini. Please configure the database before running the server.'
)
from faraday.server.models import db # pylint:disable=import-outside-toplevel
db.init_app(app)
#Session(app)
# Setup Flask-Security
app.user_datastore = SQLAlchemyUserDatastore(
db, user_model=User,
role_model=None) # We won't use flask security roles feature
Security(app, app.user_datastore, login_form=CustomLoginForm)
# Make API endpoints require a login user by default. Based on
# https://stackoverflow.com/questions/13428708/best-way-to-make-flask-logins-login-required-the-default
app.view_functions['security.login'].is_public = True
app.view_functions['security.logout'].is_public = True
app.debug = faraday.server.config.is_debug_mode()
minify_json_output(app)
for handler in LOGGING_HANDLERS:
app.logger.addHandler(handler)
app.logger.propagate = False
register_blueprints(app)
register_handlers(app)
app.view_functions['agent_api.AgentCreationView:post'].is_public = True
return app
model.generate_slug()
return super(BaseModelView, self).on_model_change(form, model, is_created)
class AdminView(AdminMixin, ModelView):
pass
class HomeAdminView(AdminMixin, AdminIndexView):
pass
class PostAdminView(AdminMixin, BaseModelView):
form_columns = ['title', 'body', 'tags']
class TagAdminView(AdminMixin, BaseModelView):
form_columns = ['name', 'posts']
admin = Admin(app, 'FlaskApp', url='/', index_view=HomeAdminView('Home'))
admin.add_view(PostAdminView(Post, database.session))
admin.add_view(TagAdminView(Tag, database.session))
# Flask security
user_datastore = SQLAlchemyUserDatastore(database, User, Role)
security = Security(app, user_datastore)
import views
def test_uuid(app, request, tmpdir, realdburl):
""" Test that UUID extension of postgresql works as a primary id for users """
import uuid
from flask_sqlalchemy import SQLAlchemy
from sqlalchemy import Boolean, Column, DateTime, Integer, ForeignKey, String
from sqlalchemy.dialects.postgresql import UUID
from sqlalchemy.orm import relationship, backref
from flask_security import SQLAlchemyUserDatastore
from conftest import _setup_realdb, _teardown_realdb
# UUID type only supported by postgres - not sqlite.
if not realdburl or "postgres" not in realdburl:
skip("This test only works on postgres")
db_url, db_info = _setup_realdb(realdburl)
app.config["SQLALCHEMY_DATABASE_URI"] = db_url
db = SQLAlchemy(app)
class RolesUsers(db.Model):
__tablename__ = "roles_users"
id = Column(Integer(), primary_key=True)
user_id = Column("user_id", UUID(as_uuid=True), ForeignKey("user.id"))
role_id = Column("role_id", UUID(as_uuid=True), ForeignKey("role.id"))
class User(db.Model, UserMixin):
__tablename__ = "user"
id = Column(UUID(as_uuid=True),
primary_key=True,
default=uuid.uuid4,
index=True)
email = Column(String(255), unique=True)
first_name = Column(String(255), index=True)
last_name = Column(String(255), index=True)
username = Column(String(255), unique=True)
password = Column(String(255))
active = Column(Boolean())
created_at = Column(DateTime, default=datetime.datetime.utcnow)
confirmed_at = Column(DateTime())
roles = relationship("Role",
secondary="roles_users",
backref=backref("users", lazy="dynamic"))
class Role(db.Model, RoleMixin):
__tablename__ = "role"
id = Column(UUID(as_uuid=True),
primary_key=True,
default=uuid.uuid4,
index=True)
name = Column(String(80), unique=True)
description = Column(String(255))
# __hash__ is required to avoid the exception
# TypeError: unhashable type: 'Role' when saving a User
def __hash__(self):
return hash(self.name)
with app.app_context():
db.create_all()
def tear_down():
db.drop_all()
_teardown_realdb(db_info)
request.addfinalizer(tear_down)
ds = SQLAlchemyUserDatastore(db, User, Role)
app.security = Security(app, datastore=ds)
with app.app_context():
user = ds.get_user("*****@*****.**")
assert not user
import app
from flask_security import Security, SQLAlchemyUserDatastore
user_datastore = SQLAlchemyUserDatastore(app.db, app.models.User,
app.models.Role)
security = Security(app, user_datastore)
# security/__init__.py
from flask import url_for
from flask_admin import helpers
from flask_security import Security, SQLAlchemyUserDatastore
from flask_security.utils import hash_password
from backend import server
from backend.extensions import admin, db
from .models import UserModel, RolesModel
from .utilities import ExtendedLoginForm
user_datastore = SQLAlchemyUserDatastore(db, UserModel, RolesModel)
security = Security(server, user_datastore, login_form=ExtendedLoginForm)
# Create a user to test with
@server.before_first_request
def create_user():
if not UserModel.find(1):
user_datastore.create_role(name="user")
user_datastore.create_role(name="superuser")
user_datastore.create_user(username='******',
password=hash_password(
server.config['DEFAULT_PASSWORD']),
roles=["superuser"])
db.session.commit()
@security.context_processor
return True
def is_admin(self):
if db.session.query(Profile).filter_by(
username=self.username).join(Role).filter(
self.fk_roles == Role.id).first():
return True
else:
return False
def get_id(self):
return self.id
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, Profile, Role)
security = Security(app, user_datastore)
def createResponse(status):
response = jsonify({
'status': status,
})
return response
def polygonCoords(coords):
coordsList = list(coords)
previousCommaRemoved = False
for index, char in enumerate(coordsList):
from datetime import date
from flask_security.utils import hash_password
from flask_security import AnonymousUser, SQLAlchemyUserDatastore
from meltano.api.models.security import db, User, Role, RolePermissions
users = SQLAlchemyUserDatastore(db, User, Role)
SEED_USERS = [
{
"username": "******",
"email": "*****@*****.**",
"password": "******",
"confirmed_at": date(2000, 1, 1),
"_roles": {"regular"},
},
{
"username": "******",
"email": "*****@*****.**",
"password": "******",
"confirmed_at": date(2000, 1, 1),
"_roles": {"admin"},
},
]
class FreeUser:
"""
FreeUser is free to do everything and has no limits.
def create_app(script_info=None):
from logging.config import dictConfig
# Set up logging at DEBUG level ...
# From here: http://flask.pocoo.org/docs/dev/logging/
dictConfig({
'version': 1,
'formatters': {'default': {
'format': '[%(asctime)s] %(levelname)s in %(module)s: %(message)s',
}},
'handlers': {'wsgi': {
'class': 'logging.StreamHandler',
'stream': 'ext://flask.logging.wsgi_errors_stream',
'formatter': 'default'
}},
'root': {
'level': 'DEBUG',
'handlers': ['wsgi']
}
})
# instantiate the app
app = Flask(
__name__,
template_folder="../client/templates",
static_folder="../client/static",
)
# set config
app_settings = os.getenv(
"APP_SETTINGS", "coffeeshop.server.config.DevelopmentConfig"
)
app.config.from_object(app_settings)
# set up extensions
bcrypt.init_app(app)
toolbar.init_app(app)
bootstrap.init_app(app)
db.init_app(app)
migrate.init_app(app, db)
# register blueprints
from coffeeshop.server.user.views import user_blueprint
from coffeeshop.server.main.views import main_blueprint
from coffeeshop.server.shop.views import coffee_blueprint
app.register_blueprint(user_blueprint)
app.register_blueprint(main_blueprint)
app.register_blueprint(coffee_blueprint)
# flask security
from coffeeshop.server.models import User, Role
from coffeeshop.server.user.forms import ExtendedRegisterForm
datastore = SQLAlchemyUserDatastore(db, User, Role)
security_ctx = security.init_app(
app,
datastore,
register_form=ExtendedRegisterForm # extend the register
)
# jinja2 filters
from .filters import env_override
app.jinja_env.filters['env_override'] = env_override
# error handlers
@app.errorhandler(401)
def unauthorized_page(error):
return render_template("errors/401.html"), 401
@app.errorhandler(403)
def forbidden_page(error):
return render_template("errors/403.html"), 403
@app.errorhandler(404)
def page_not_found(error):
return render_template("errors/404.html"), 404
@app.errorhandler(500)
def server_error_page(error):
return render_template("errors/500.html"), 500
# shell context for flask cli
@app.shell_context_processor
def ctx():
return {"app": app, "db": db}
# flask-uploads
configure_uploads(app, (photos, ))
patch_request_class(app, None)
# GNU Terry Pratchett
@app.after_request
def gnu_terry_pratchett(resp):
resp.headers.add("X-Clacks-Overhead", "GNU Terry Pratchett")
return resp
return app
def create_app(config_name):
"""An application factory, as explained here:
http://flask.pocoo.org/docs/patterns/appfactories/
@param config_name: The configuration object to use.
"""
app = Flask(__name__)
app.config.from_object(config[config_name]
or config[os.getenv('BG_CONFIG')])
app.config.from_envvar('BG_SETTINGS', silent=True)
config[config_name].init_app(app)
db.init_app(app)
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
from app.users.forms import ExtendedRegisterForm
security.init_app(app, user_datastore, register_form=ExtendedRegisterForm)
bootstrap.init_app(app)
mail.init_app(app)
moment.init_app(app)
migrate.init_app(app, db)
md = Markdown(app,
output_format='html5',
extensions=['fenced_code', 'tables', 'abbr', 'footnotes'])
pages.init_app(app)
csrf.init_app(app)
register_adminviews(app)
app.jinja_env.filters['alert_class'] = alert_class_filter
# WTForms helpers
from .utils import add_helpers
add_helpers(app)
if not app.debug:
import logging
from logging.handlers import SMTPHandler
mail_handler = SMTPHandler(mailhost=app.config['MAIL_SERVER'],
fromaddr=app.config['ADMINS_FROM_EMAIL'],
toaddrs=app.config['ADMINS_EMAIL'],
subject='Application Error Occurred')
mail_handler.setLevel(logging.ERROR)
app.logger.addHandler(mail_handler)
register_blueprints(app)
register_commands(app)
# Create the bg_interface directory if it does not exist
directory = os.path.join(os.path.dirname(BASE_DIR), 'bg_interface')
if not os.path.exists(directory):
os.makedirs(directory)
with app.app_context():
db.create_all()
if not User.query.first():
# Create a default admin user if there is no user in the database
user_datastore.create_role(name='admin')
user_datastore.create_user(name='Administration Account',
email='*****@*****.**',
password=encrypt_password('password'),
roles=['admin'])
db.session.commit()
app.logger.info('Created admin user [email protected]')
return app
def upgrade():
# ### commands auto generated by Alembic - please adjust! ###
if get_version() != -1:
return
email, password = user_info()
op.create_table('version',
sa.Column('name', sa.String(length=32), nullable=False),
sa.Column('value', sa.Integer(), nullable=False),
sa.PrimaryKeyConstraint('name'))
op.create_table(
'user', sa.Column('id', sa.Integer(), nullable=False),
sa.Column('email', sa.String(length=256), nullable=False),
sa.Column('password', sa.String(length=256), nullable=True),
sa.Column('active', sa.Boolean(), nullable=False),
sa.Column('confirmed_at', sa.DateTime(), nullable=True),
sa.PrimaryKeyConstraint('id'), sa.UniqueConstraint('email'))
op.create_table(
'role', sa.Column('id', sa.Integer(), nullable=False),
sa.Column('name', sa.String(length=128), nullable=False),
sa.Column('description', sa.String(length=256), nullable=False),
sa.PrimaryKeyConstraint('id'), sa.UniqueConstraint('name'))
op.create_table(
'setting', sa.Column('user_id', sa.Integer(), nullable=False),
sa.Column('setting', sa.String(length=256), nullable=False),
sa.Column('value', sa.String(length=1024), nullable=True),
sa.ForeignKeyConstraint(
['user_id'],
['user.id'],
), sa.PrimaryKeyConstraint('user_id', 'setting'))
op.create_table('roles_users',
sa.Column('user_id', sa.Integer(), nullable=True),
sa.Column('role_id', sa.Integer(), nullable=True),
sa.ForeignKeyConstraint(
['role_id'],
['role.id'],
), sa.ForeignKeyConstraint(
['user_id'],
['user.id'],
))
op.create_table('servergroup', sa.Column('id',
sa.Integer(),
nullable=False),
sa.Column('user_id', sa.Integer(), nullable=False),
sa.Column('name', sa.String(length=128), nullable=False),
sa.ForeignKeyConstraint(
['user_id'],
['user.id'],
), sa.PrimaryKeyConstraint('id'),
sa.UniqueConstraint('user_id', 'name'))
op.create_table(
'server', sa.Column('id', sa.Integer(), nullable=False),
sa.Column('user_id', sa.Integer(), nullable=False),
sa.Column('servergroup_id', sa.Integer(), nullable=False),
sa.Column('name', sa.String(length=128), nullable=False),
sa.Column('host', sa.String(length=128), nullable=False),
sa.Column('port', sa.Integer(), nullable=False),
sa.Column('maintenance_db', sa.String(length=64), nullable=False),
sa.Column('username', sa.String(length=64), nullable=False),
sa.Column('ssl_mode', sa.String(length=16), nullable=False),
sa.ForeignKeyConstraint(
['servergroup_id'],
['servergroup.id'],
), sa.ForeignKeyConstraint(
['user_id'],
['user.id'],
), sa.PrimaryKeyConstraint('id'))
db.engine.execute("""
INSERT INTO "role"
VALUES(1, 'Administrators', 'pgAdmin Administrators Role')
""")
db.engine.execute("""
INSERT INTO "roles_users"
VALUES(1, 1);
""")
db.engine.execute("""
INSERT INTO "servergroup"
VALUES(1, 1, 'Servers')
""")
current_salt = getattr(config, 'SECURITY_PASSWORD_SALT',
base64.urlsafe_b64encode(os.urandom(32)).decode())
if current_app.extensions.get('security') is None:
current_app.config['SECURITY_PASSWORD_SALT'] = current_salt
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
Security(current_app, user_datastore, register_blueprint=False)
else:
current_app.config['SECURITY_PASSWORD_SALT'] = current_salt
setattr(config, 'SECURITY_PASSWORD_SALT', current_salt)
password = encrypt_password(password)
db.engine.execute("""
INSERT INTO "user"
VALUES(1, '%s',
'%s',
1, NULL)
""" % (email, password))
db.engine.execute("""
INSERT INTO "version"
VALUES('ConfigDB', 2);
""")
def create_app():
app = Flask(__name__,
instance_relative_config=True,
template_folder="templates",
static_url_path="")
app.config.from_pyfile("default.py")
app.config.from_envvar("APP_CONFIG_FILE", silent=True)
heroku = Heroku()
heroku.init_app(app)
db.init_app(app)
migrate = Migrate(compare_type=True)
migrate.init_app(app, db)
admin = Admin(app)
admin.add_view(AdminModelView(Event, db.session))
admin.add_link(MenuLink(name="Website", endpoint="index"))
admin.add_link(MenuLink(name="Login", url="/login"))
admin.add_link(MenuLink(name="Logout", url='/logout'))
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
@app.context_processor
def inject_now():
return {'now': datetime.utcnow()}
@security.context_processor
def security_context_processor():
return dict(admin_base_template=admin.base_template,
admin_view=admin.index_view,
get_url=url_for,
h=helpers)
@app.before_first_request
def create_user():
role = user_datastore.find_or_create_role("admin")
# password = os.environ.get('ADMIN_PASSWORD')
if not User.query.filter_by(email=ADMIN_EMAIL).first():
user = user_datastore.create_user(email=ADMIN_EMAIL,
password=ADMIN_PASSWORD)
user_datastore.add_role_to_user(user, role)
db.session.commit()
@app.route('/')
@app.route('/index')
def index():
events = Event.query.filter(Event.date > datetime.utcnow()).order_by(
Event.date)
return render_template('index.html', events=events)
@app.route('/our_work')
def our_work():
current = "our_work"
return render_template('our_work.html', current=current)
@app.route('/signup', methods=['POST'])
def signup():
email = request.form.get('email')
api_key = os.environ.get('MAILCHIMP_API_KEY')
if not api_key or not email:
flash(
'Sorry, there was an error during signup. Please come back later and try again!'
)
return redirect(url_for('index'))
server_number = api_key[-4:]
url = f"https://{server_number}.api.mailchimp.com/3.0/lists/{LIST_ID}/members"
headers = {
'content-type': 'application/json',
'Authorization': f"Basic {api_key}"
}
data = {'email_address': email, 'status': 'subscribed'}
response = requests.post(url, headers=headers, data=json.dumps(data))
if response.ok or response.json().get('title') == 'Member Exists':
flash('Thanks for signing up to our newsletter!')
else:
flash(
'Sorry, there was an error during signup. Please come back later and try again!'
)
return redirect(url_for('index'))
return app
email = DB.Column(DB.String(255), unique=True)
password = DB.Column(DB.String(255))
name = DB.Column(DB.String(255))
age = DB.Column(DB.Integer)
active = DB.Column(DB.Boolean())
confirmed_at = DB.Column(DB.DateTime())
roles = DB.relationship('Role', secondary=roles_users,
backref=DB.backref('users', lazy='dynamic'))
class ExtendedConfirmRegisterForm(ConfirmRegisterForm):
name = StringField('Name')
age = IntegerField('Age')
USER_DATASTORE = SQLAlchemyUserDatastore(DB, User, Role)
SECURITY = Security(APP, USER_DATASTORE, confirm_register_form=ExtendedConfirmRegisterForm)
@APP.route('/')
def index():
return 'This is an unprotected page'
@APP.route('/protected')
@login_required
def protected():
return f'This is a <b>protected</b> page and your email is {current_user.email}'
@APP.route('/roleprotected')
# Create an admin profile. Useful for setting up the first admin when deployed
# on Heroku.
from flask_security.utils import encrypt_password
from flask_security import SQLAlchemyUserDatastore
from app import app
from app import db
from app.models import Role, User
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
with app.app_context():
super_user_role = Role(name='superuser')
user_role = Role(name='user')
db.session.add(super_user_role)
db.session.add(user_role)
db.session.commit()
first_admin = user_datastore.create_user(
email='admin',
password=encrypt_password('admin'),
roles=[user_role, super_user_role]
)
db.session.add(first_admin)
db.session.commit()
def create_app(app_name=None):
# Configuration settings
import config
if not app_name:
app_name = config.APP_NAME
# Check if app is created for CLI operations or Web
cli_mode = False
if app_name.endswith('-cli'):
cli_mode = True
# Only enable password related functionality in server mode.
if config.SERVER_MODE is True:
# Some times we need to access these config params where application
# context is not available (we can't use current_app.config in those
# cases even with current_app.app_context())
# So update these params in config itself.
# And also these updated config values will picked up by application
# since we are updating config before the application instance is
# created.
config.SECURITY_RECOVERABLE = True
config.SECURITY_CHANGEABLE = True
# Now we'll open change password page in alertify dialog
# we don't want it to redirect to main page after password
# change operation so we will open the same password change page again.
config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password'
"""Create the Flask application, startup logging and dynamically load
additional modules (blueprints) that are found in this directory."""
app = PgAdmin(__name__, static_url_path='/static')
# Removes unwanted whitespace from render_template function
app.jinja_env.trim_blocks = True
app.config.from_object(config)
app.config.update(dict(PROPAGATE_EXCEPTIONS=True))
##########################################################################
# Setup logging and log the application startup
##########################################################################
# We won't care about errors in the logging system, we are more
# interested in application errors.
logging.raiseExceptions = False
# Add SQL level logging, and set the base logging level
logging.addLevelName(25, 'SQL')
app.logger.setLevel(logging.DEBUG)
app.logger.handlers = []
# We also need to update the handler on the webserver in order to see
# request. Setting the level prevents werkzeug from setting up it's own
# stream handler thus ensuring all the logging goes through the pgAdmin
# logger.
logger = logging.getLogger('werkzeug')
logger.setLevel(config.CONSOLE_LOG_LEVEL)
# Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases
if (
'PGADMIN_TESTING_MODE' in os.environ and
os.environ['PGADMIN_TESTING_MODE'] == '1'
):
config.SQLITE_PATH = config.TEST_SQLITE_PATH
config.MASTER_PASSWORD_REQUIRED = False
config.UPGRADE_CHECK_ENABLED = False
if not cli_mode:
# Ensure the various working directories exist
from pgadmin.setup import create_app_data_directory
create_app_data_directory(config)
# File logging
fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8')
fh.setLevel(config.FILE_LOG_LEVEL)
fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT))
app.logger.addHandler(fh)
logger.addHandler(fh)
# Console logging
ch = logging.StreamHandler()
ch.setLevel(config.CONSOLE_LOG_LEVEL)
ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT))
app.logger.addHandler(ch)
logger.addHandler(ch)
# Log the startup
app.logger.info('########################################################')
app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION)
app.logger.info('########################################################')
app.logger.debug("Python syspath: %s", sys.path)
##########################################################################
# Setup i18n
##########################################################################
# Initialise i18n
babel = Babel(app)
app.logger.debug('Available translations: %s' % babel.list_translations())
@babel.localeselector
def get_locale():
"""Get the language for the user."""
language = 'en'
if config.SERVER_MODE is False:
# Get the user language preference from the miscellaneous module
if current_user.is_authenticated:
user_id = current_user.id
else:
user = user_datastore.get_user(config.DESKTOP_USER)
if user is not None:
user_id = user.id
user_language = Preferences.raw_value(
'misc', 'user_language', 'user_language', user_id
)
if user_language is not None:
language = user_language
else:
# If language is available in get request then return the same
# otherwise check the session or cookie
data = request.form
if 'language' in data:
language = data['language'] or language
setattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(session, 'PGADMIN_LANGUAGE'):
language = getattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'):
language = getattr(
request.cookies, 'PGADMIN_LANGUAGE', language
)
return language
##########################################################################
# Setup authentication
##########################################################################
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///{0}?timeout={1}' \
.format(config.SQLITE_PATH.replace('\\', '/'),
getattr(config, 'SQLITE_TIMEOUT', 500)
)
# Override USER_DOES_NOT_EXIST and INVALID_PASSWORD messages from flask.
app.config['SECURITY_MSG_USER_DOES_NOT_EXIST'] = \
app.config['SECURITY_MSG_INVALID_PASSWORD'] = \
(gettext("Incorrect username or password."), "error")
# Create database connection object and mailer
db.init_app(app)
##########################################################################
# Upgrade the schema (if required)
##########################################################################
with app.app_context():
# Run migration for the first time i.e. create database
from config import SQLITE_PATH
from pgadmin.setup import db_upgrade
# If version not available, user must have aborted. Tables are not
# created and so its an empty db
if not os.path.exists(SQLITE_PATH) or get_version() == -1:
# If running in cli mode then don't try to upgrade, just raise
# the exception
if not cli_mode:
db_upgrade(app)
else:
if not os.path.exists(SQLITE_PATH):
raise FileNotFoundError(
'SQLite database file "' + SQLITE_PATH +
'" does not exists.')
raise RuntimeError('Specified SQLite database file '
'is not valid.')
else:
schema_version = get_version()
# Run migration if current schema version is greater than the
# schema version stored in version table
if CURRENT_SCHEMA_VERSION >= schema_version:
db_upgrade(app)
# Update schema version to the latest
if CURRENT_SCHEMA_VERSION > schema_version:
set_version(CURRENT_SCHEMA_VERSION)
db.session.commit()
if os.name != 'nt':
os.chmod(config.SQLITE_PATH, 0o600)
Mail(app)
# Don't bother paths when running in cli mode
if not cli_mode:
import pgadmin.utils.paths as paths
paths.init_app(app)
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(None, user_datastore)
##########################################################################
# Setup security
##########################################################################
with app.app_context():
config.CSRF_SESSION_KEY = Keys.query.filter_by(
name='CSRF_SESSION_KEY').first().value
config.SECRET_KEY = Keys.query.filter_by(
name='SECRET_KEY').first().value
config.SECURITY_PASSWORD_SALT = Keys.query.filter_by(
name='SECURITY_PASSWORD_SALT').first().value
# Update the app.config with proper security keyes for signing CSRF data,
# signing cookies, and the SALT for hashing the passwords.
app.config.update(dict({
'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY,
'SECRET_KEY': config.SECRET_KEY,
'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT,
'SESSION_COOKIE_DOMAIN': config.SESSION_COOKIE_DOMAIN,
# CSRF Token expiration till session expires
'WTF_CSRF_TIME_LIMIT': getattr(config, 'CSRF_TIME_LIMIT', None),
'WTF_CSRF_METHODS': ['GET', 'POST', 'PUT', 'DELETE'],
}))
security.init_app(app, user_datastore)
# register custom unauthorised handler.
app.login_manager.unauthorized_handler(pga_unauthorised)
# Set the permanent session lifetime to the specified value in config file.
app.permanent_session_lifetime = timedelta(
days=config.SESSION_EXPIRATION_TIME)
if not cli_mode:
app.session_interface = create_session_interface(
app, config.SESSION_SKIP_PATHS
)
# Make the Session more secure against XSS & CSRF when running in web mode
if config.SERVER_MODE and config.ENHANCED_COOKIE_PROTECTION:
paranoid = Paranoid(app)
paranoid.redirect_view = 'browser.index'
##########################################################################
# Load all available server drivers
##########################################################################
driver.init_app(app)
authenticate.init_app(app)
##########################################################################
# Register language to the preferences after login
##########################################################################
@user_logged_in.connect_via(app)
def register_language(sender, user):
# After logged in, set the language in the preferences if we get from
# the login page
data = request.form
if 'language' in data:
language = data['language']
# Set the user language preference
misc_preference = Preferences.module('misc')
user_languages = misc_preference.preference(
'user_language'
)
if user_languages and language:
language = user_languages.set(language)
##########################################################################
# Register any local servers we can discover
##########################################################################
@user_logged_in.connect_via(app)
def on_user_logged_in(sender, user):
# Keep hold of the user ID
user_id = user.id
# Get the first server group for the user
servergroup_id = 1
servergroups = ServerGroup.query.filter_by(
user_id=user_id
).order_by("id")
if servergroups.count() > 0:
servergroup = servergroups.first()
servergroup_id = servergroup.id
'''Add a server to the config database'''
def add_server(user_id, servergroup_id, name, superuser, port,
discovery_id, comment):
# Create a server object if needed, and store it.
servers = Server.query.filter_by(
user_id=user_id,
discovery_id=svr_discovery_id
).order_by("id")
if servers.count() > 0:
return
svr = Server(user_id=user_id,
servergroup_id=servergroup_id,
name=name,
host='localhost',
port=port,
maintenance_db='postgres',
username=superuser,
ssl_mode='prefer',
comment=svr_comment,
discovery_id=discovery_id)
db.session.add(svr)
db.session.commit()
# Figure out what servers are present
if winreg is not None:
arch_keys = set()
proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower()
try:
proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower()
except Exception:
proc_arch64 = None
if proc_arch == 'x86' and not proc_arch64:
arch_keys.add(0)
elif proc_arch == 'x86' or proc_arch == 'amd64':
arch_keys.add(winreg.KEY_WOW64_32KEY)
arch_keys.add(winreg.KEY_WOW64_64KEY)
for arch_key in arch_keys:
for server_type in ('PostgreSQL', 'EnterpriseDB'):
try:
root_key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
"SOFTWARE\\" + server_type + "\\Services", 0,
winreg.KEY_READ | arch_key
)
for i in range(0, winreg.QueryInfoKey(root_key)[0]):
inst_id = winreg.EnumKey(root_key, i)
inst_key = winreg.OpenKey(root_key, inst_id)
svr_name = winreg.QueryValueEx(
inst_key, 'Display Name'
)[0]
svr_superuser = winreg.QueryValueEx(
inst_key, 'Database Superuser'
)[0]
svr_port = winreg.QueryValueEx(inst_key, 'Port')[0]
svr_discovery_id = inst_id
svr_comment = gettext(
"Auto-detected {0} installation with the data "
"directory at {1}").format(
winreg.QueryValueEx(
inst_key, 'Display Name'
)[0],
winreg.QueryValueEx(
inst_key, 'Data Directory'
)[0])
add_server(
user_id, servergroup_id, svr_name,
svr_superuser, svr_port,
svr_discovery_id, svr_comment
)
inst_key.Close()
except Exception:
pass
else:
# We use the postgres-winreg.ini file on non-Windows
from configparser import ConfigParser
registry = ConfigParser()
try:
registry.read('/etc/postgres-reg.ini')
sections = registry.sections()
# Loop the sections, and get the data from any that are PG or PPAS
for section in sections:
if (
section.startswith('PostgreSQL/') or
section.startswith('EnterpriseDB/')
):
svr_name = registry.get(section, 'Description')
svr_superuser = registry.get(section, 'Superuser')
# getint function throws exception if value is blank.
# Ex: Port=
# In such case we should handle the exception and continue
# to read the next section of the config file.
try:
svr_port = registry.getint(section, 'Port')
except ValueError:
continue
svr_discovery_id = section
description = registry.get(section, 'Description')
data_directory = registry.get(section, 'DataDirectory')
svr_comment = gettext("Auto-detected {0} installation "
"with the data directory at {1}"
).format(description, data_directory)
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port, svr_discovery_id,
svr_comment)
except Exception:
pass
@user_logged_in.connect_via(app)
@user_logged_out.connect_via(app)
def force_session_write(app, user):
session.force_write = True
@user_logged_in.connect_via(app)
def store_crypt_key(app, user):
# in desktop mode, master password is used to encrypt/decrypt
# and is stored in the keyManager memory
if config.SERVER_MODE and 'password' in request.form:
current_app.keyManager.set(request.form['password'])
@user_logged_out.connect_via(app)
def current_user_cleanup(app, user):
from config import PG_DEFAULT_DRIVER
from pgadmin.utils.driver import get_driver
from flask import current_app
# remove key
current_app.keyManager.reset()
for mdl in current_app.logout_hooks:
try:
mdl.on_logout(user)
except Exception as e:
current_app.logger.exception(e)
_driver = get_driver(PG_DEFAULT_DRIVER)
_driver.gc_own()
##########################################################################
# Load plugin modules
##########################################################################
for module in app.find_submodules('pgadmin'):
app.logger.info('Registering blueprint module: %s' % module)
app.register_blueprint(module)
app.register_logout_hook(module)
@app.before_request
def limit_host_addr():
"""
This function validate the hosts from ALLOWED_HOSTS before allowing
HTTP request to avoid Host Header Injection attack
:return: None/JSON response with 403 HTTP status code
"""
client_host = str(request.host).split(':')[0]
valid = True
allowed_hosts = config.ALLOWED_HOSTS
if len(allowed_hosts) != 0:
regex = re.compile(
r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(?:/\d{1,2}|)')
# Create separate list for ip addresses and host names
ip_set = list(filter(lambda ip: regex.match(ip), allowed_hosts))
host_set = list(filter(lambda ip: not regex.match(ip),
allowed_hosts))
is_ip = regex.match(client_host)
if is_ip:
ip_address = []
for ip in ip_set:
ip_address.extend(list(ipaddress.ip_network(ip)))
valid = ip_address.__contains__(
ipaddress.ip_address(client_host)
)
else:
valid = host_set.__contains__(client_host)
if not valid:
return make_json_response(
status=403, success=0,
errormsg=_("403 FORBIDDEN")
)
##########################################################################
# Handle the desktop login
##########################################################################
@app.before_request
def before_request():
"""Login the default user if running in desktop mode"""
# Check the auth key is valid, if it's set, and we're not in server
# mode, and it's not a help file request.
if not config.SERVER_MODE and app.PGADMIN_INT_KEY != '' and ((
'key' not in request.args or
request.args['key'] != app.PGADMIN_INT_KEY) and
request.cookies.get('PGADMIN_INT_KEY') != app.PGADMIN_INT_KEY and
request.endpoint != 'help.static'
):
abort(401)
if not config.SERVER_MODE and not current_user.is_authenticated:
user = user_datastore.get_user(config.DESKTOP_USER)
# Throw an error if we failed to find the desktop user, to give
# the sysadmin a hint. We'll continue to try to login anyway as
# that'll through a nice 500 error for us.
if user is None:
app.logger.error(
'The desktop user %s was not found in the configuration '
'database.'
% config.DESKTOP_USER
)
abort(401)
login_user(user)
elif config.SERVER_MODE and\
app.PGADMIN_EXTERNAL_AUTH_SOURCE ==\
KERBEROS and \
not current_user.is_authenticated and \
request.endpoint in ('redirects.index', 'security.login'):
return authenticate.login()
# if the server is restarted the in memory key will be lost
# but the user session may still be active. Logout the user
# to get the key again when login
if config.SERVER_MODE and current_user.is_authenticated and \
app.PGADMIN_EXTERNAL_AUTH_SOURCE != \
KERBEROS and \
current_app.keyManager.get() is None and \
request.endpoint not in ('security.login', 'security.logout'):
logout_user()
@app.after_request
def after_request(response):
if 'key' in request.args:
domain = dict()
if config.COOKIE_DEFAULT_DOMAIN and \
config.COOKIE_DEFAULT_DOMAIN != 'localhost':
domain['domain'] = config.COOKIE_DEFAULT_DOMAIN
response.set_cookie('PGADMIN_INT_KEY', value=request.args['key'],
path=config.COOKIE_DEFAULT_PATH,
secure=config.SESSION_COOKIE_SECURE,
httponly=config.SESSION_COOKIE_HTTPONLY,
samesite=config.SESSION_COOKIE_SAMESITE,
**domain)
SecurityHeaders.set_response_headers(response)
return response
##########################################################################
# Cache busting
##########################################################################
# Version number to be added to all static file url requests
# This is used by url_for function when generating urls
# This will solve caching issues when application is upgrading
# This is called - Cache Busting
@app.url_defaults
def add_internal_version(endpoint, values):
extensions = config.APP_VERSION_EXTN
# Add the internal version only if it is set
if config.APP_VERSION_PARAM is not None and \
config.APP_VERSION_PARAM != '':
# If there is a filename, add the version
if 'filename' in values \
and values['filename'].endswith(extensions):
values[config.APP_VERSION_PARAM] = config.APP_VERSION_INT
else:
# Sometimes there may be direct endpoint for some files
# There will be only one rule for such endpoints
urls = [url for url in app.url_map.iter_rules(endpoint)]
if len(urls) == 1 and urls[0].rule.endswith(extensions):
values[config.APP_VERSION_PARAM] = \
config.APP_VERSION_INT
# Strip away internal version param before sending further to app as it was
# required for cache busting only
@app.url_value_preprocessor
def strip_version_number(endpoint, values):
if values and config.APP_VERSION_PARAM in values:
values.pop(config.APP_VERSION_PARAM)
##########################################################################
# Minify output. Not required in desktop mode
##########################################################################
if not config.DEBUG and config.SERVER_MODE:
from flask_compress import Compress
Compress(app)
from pgadmin.misc.themes import themes
themes(app)
@app.context_processor
def inject_blueprint():
"""
Inject a reference to the current blueprint, if any.
"""
return {
'current_app': current_app,
'current_blueprint': current_blueprint,
}
@app.errorhandler(Exception)
def all_exception_handler(e):
current_app.logger.error(e, exc_info=True)
return internal_server_error(errormsg=str(e))
# Exclude HTTPexception from above handler (all_exception_handler)
# HTTPException are user defined exceptions and those should be returned
# as is
@app.errorhandler(HTTPException)
def http_exception_handler(e):
current_app.logger.error(e, exc_info=True)
return e
# Intialize the key manager
app.keyManager = KeyManager()
##########################################################################
# Protection against CSRF attacks
##########################################################################
with app.app_context():
pgCSRFProtect.init_app(app)
##########################################################################
# All done!
##########################################################################
return app
default='retro',
force_default=False,
force_lower=False,
use_ssl=False,
base_url=None)
# SQLAlchemy, searchable and migration setup
db = SQLAlchemy(app)
make_searchable()
configure_mappers()
migrate = Migrate(app, db)
# imported after app and db creation because of dependencies
from app import database, forms
# Security setup
user_datastore = SQLAlchemyUserDatastore(db, database.User, database.Role)
sec_options = {
'login_form': forms.CustomLoginForm,
'confirm_register_form': forms.CustomRegisterForm,
'forgot_password_form': forms.CustomForgotPasswordForm,
'reset_password_form': forms.CustomResetPasswordForm,
'send_confirmation_form': forms.CustomSendConfirmationForm
}
security = Security(app, user_datastore, **sec_options)
# imported after app, db and user_datastore creation because of dependencies
from app import views
# Admin setup
admin = Admin(app, name='Tingsmen', template_mode='bootstrap3')
admin.add_view(views.AdminModelView(database.Globals, db.session))
def create_app(db_connection_string=None, testing=None):
app = Flask(__name__)
try:
app.config['SECRET_KEY'] = server.config.faraday_server.secret_key
except Exception:
save_new_secret_key(app)
app.config['SECURITY_PASSWORD_SINGLE_HASH'] = True
app.config['WTF_CSRF_ENABLED'] = False
app.config['SECURITY_USER_IDENTITY_ATTRIBUTES'] = ['username']
app.config['SECURITY_POST_LOGIN_VIEW'] = '/_api/session'
app.config['SECURITY_POST_LOGOUT_VIEW'] = '/_api/login'
app.config['SECURITY_POST_CHANGE_VIEW'] = '/_api/change'
app.config['SECURITY_CHANGEABLE'] = True
app.config['SECURITY_SEND_PASSWORD_CHANGE_EMAIL'] = False
app.config['SESSION_TYPE'] = 'filesystem'
app.config['SESSION_FILE_DIR'] = server.config.FARADAY_SERVER_SESSIONS_DIR
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SQLALCHEMY_RECORD_QUERIES'] = True
# app.config['SQLALCHEMY_ECHO'] = True
app.config['SECURITY_PASSWORD_SCHEMES'] = [
'bcrypt', # This should be the default value
# 'des_crypt',
'pbkdf2_sha1', # Used by CouchDB passwords
# 'pbkdf2_sha256',
# 'pbkdf2_sha512',
# 'sha256_crypt',
# 'sha512_crypt',
'plaintext', # TODO: remove it
]
app.config['PERMANENT_SESSION_LIFETIME'] = datetime.timedelta(hours=12)
try:
storage_path = server.config.storage.path
except AttributeError:
logger.warn(
'No storage section or path in the .faraday/server.ini. Setting the default value to .faraday/storage'
)
storage_path = setup_storage_path()
if not DepotManager.get('default'):
if testing:
DepotManager.configure('default', {'depot.storage_path': '/tmp'})
else:
DepotManager.configure('default',
{'depot.storage_path': storage_path})
check_testing_configuration(testing, app)
try:
app.config[
'SQLALCHEMY_DATABASE_URI'] = db_connection_string or server.config.database.connection_string.strip(
"'")
except AttributeError:
logger.info(
'Missing [database] section on server.ini. Please configure the database before running the server.'
)
except NoOptionError:
logger.info(
'Missing connection_string on [database] section on server.ini. Please configure the database before running the server.'
)
from server.models import db
db.init_app(app)
#Session(app)
# Setup Flask-Security
app.user_datastore = SQLAlchemyUserDatastore(
db, user_model=server.models.User,
role_model=None) # We won't use flask security roles feature
Security(app, app.user_datastore)
# Make API endpoints require a login user by default. Based on
# https://stackoverflow.com/questions/13428708/best-way-to-make-flask-logins-login-required-the-default
app.view_functions['security.login'].is_public = True
app.view_functions['security.logout'].is_public = True
app.debug = server.config.is_debug_mode()
minify_json_output(app)
for handler in LOGGING_HANDLERS:
app.logger.addHandler(handler)
register_blueprints(app)
register_handlers(app)
return app
forbidden_account_validator = NoneOf(
AppConfig.FORBIDDEN_ACCOUNTS, message=i8n.FORBIDDEN_ACCOUNT)
# noinspection PyClassHasNoInit
class RegisterForm(_RegisterForm):
email = SuffixedStringField(
suffix='@{}'.format(AppConfig.CLIENT_EMAIL_HOST),
validators=[email_character_validator, forbidden_account_validator,
email_required, email_validator, unique_user_email])
timezone_offset_minutes = IntegerField(default=0)
user_datastore = SQLAlchemyUserDatastore(_db, User, Role)
try:
_db.create_all()
except OperationalError:
pass
Migrate(app, _db)
Security(app, user_datastore, register_form=RegisterForm, login_form=LoginForm)
admin_role = 'admin'
user_datastore.find_or_create_role(name=admin_role)
try:
user_datastore.commit()
except IntegrityError:
app.config.from_object(Config)
db = SQLAlchemy(app)
migrate = Migrate(app, db)
login = LoginManager(app)
login.login_view = 'login'
bootstrap = Bootstrap(app)
from app import routers, models
user_datastore = SQLAlchemyUserDatastore(db, models.User, models.Role)
security = Security(app, user_datastore)
admin = Admin(app, index_view=models.MyAdminIndexView())
admin.add_view(models.MyModelView(models.User, db.session))
admin.add_view(models.MyModelView(models.Role, db.session))
admin.add_view(models.MyModelView(models.Post, db.session))
@app.before_first_request
def create_user():
admin_user = models.User.query.filter_by(email='*****@*****.**').first()
from flask_admin import Admin
from flask_admin.base import MenuLink
# initialize the application, import config, setup database, setup CSRF protection
app = Flask(__name__)
app.config.from_object('config')
db = SQLAlchemy(app)
CSRFProtect(app)
# set up the database model if not already set up
from app import models
db.create_all()
db.session.commit()
# setup the User/Role tables with flask-security, create base users/groups if neccessary
userstore = SQLAlchemyUserDatastore(db, models.User, models.Role)
sec = Security(app, userstore)
try:
with app.app_context():
userstore.find_or_create_role(name='admin', description='Administrator')
userstore.find_or_create_role(name='user', description='General user')
userstore.create_user(email=FIRST_USER_NAME,
password=utils.encrypt_password(FIRST_USER_PASS))
userstore.add_role_to_user(FIRST_USER_NAME, 'admin')
db.session.commit()
except: db.session.rollback()
# get the view controllers for the app
from app.views import main, admin, common
# set up main as a blueprint, add as many blueprints as necessary
def create_app(config_object=ProductionConfig):
app = Flask(__name__)
# Sentry(app, dsn='https://*****:*****@sentry.io/300199') # noqa
# CORS(app)
app.config.from_object(config_object)
db.init_app(app)
migrate.init_app(app, db)
csrf.init_app(app)
from Mandark.project import models
userstore = SQLAlchemyUserDatastore(db, models.User, models.Role)
Security(app, userstore)
@app.before_request
def before_request():
g.user = current_user
@app.errorhandler(404)
def not_found_error(e):
print(e)
return render_template('404.html', title='FourOhFour')
@app.errorhandler(500)
def internal_error():
return render_template('500.html', title='A server oops happened')
try:
with app.app_context():
userstore.find_or_create_role(name='admin',
description='Administrator')
userstore.find_or_create_role(name='moderator',
description='Moderator')
userstore.find_or_create_role(name='projectmgr',
description='Project Manager')
userstore.find_or_create_role(name='user',
description='General User')
userstore.create_user(email='*****@*****.**',
password=hash_password('admin'))
userstore.create_user(email='*****@*****.**',
password=hash_password('user'))
userstore.create_user(email='*****@*****.**',
password=hash_password('Allanice-001'))
userstore.add_role_to_user('*****@*****.**', 'admin')
userstore.add_role_to_user('*****@*****.**', 'user')
userstore.add_role_to_user('*****@*****.**', 'admin')
db.session.commit()
print('IGETHEE')
except OperationalError:
if app.debug:
print(OperationalError)
else:
pass
except Exception as e:
with app.app_context():
print(e)
db.session.rollback()
from Mandark.project.views import main, admin
app.register_blueprint(main.main)
app_admin = Admin(app,
'Administration Section',
template_mode='bootstrap3',
index_view=admin.MyAdminIndexView())
app_admin.add_view(admin.UserModelView(models.User, db.session))
app_admin.add_view(admin.RoleModelView(models.Role, db.session))
app_admin.add_view(admin.ProjectModelView(models.Project, db.session))
app_admin.add_view(admin.ProjectMgrModelView(models.Projectmgr,
db.session))
app_admin.add_view(
admin.OrganisationModelView(models.Organisation, db.session))
app_admin.add_view(
admin.ChangeRequestTypeView(models.ChangeRequestType, db.session))
app_admin.add_view(
admin.ChangeRequestSubmitterView(models.ChangeRequestSubmitter,
db.session))
app_admin.add_link(MenuLink(name='Back to Site', url='/'))
return app
id = db.Column(db.Integer)
amount = db.Column(db.Numeric())
ticker = db.Column(db.String(255))
market = db.Column(db.String(255))
priceInBTC = db.Column(db.Numeric())
priceInUSD = db.Column(db.Numeric())
priceInEUR = db.Column(db.Numeric())
priceInCHY = db.Column(db.Numeric())
last = db.Column(db.String(255))
timestamp = db.Column(db.DateTime())
index = index_property('id', 'index')
# Setup user_datastore and sqlalchemy for flask_security to use
user_datastore = SQLAlchemyUserDatastore(db, User, Currency)
security = Security(app, user_datastore)
# Create a user to test with
@app.before_first_request
def create_user():
# Possible implementation
# Query db for users by email
# if dummy user does not exist, create him and attempt to fill the database
# if not perhaps check the db and if no currencies are there fill that up too.
if db is None or User.query.first() is None:
print("No Users found, creating test user")
db.create_all()
user_datastore.create_user(email='*****@*****.**',
password='******',
def create_app(config_object):
from application.static_site import static_site_blueprint
from application.cms import cms_blueprint
from application.admin import admin_blueprint
from application.register import register_blueprint
from application.auth import auth_blueprint
from application.dashboard import dashboard_blueprint
from application.review import review_blueprint
from application.redirects import redirects_blueprint
if isinstance(config_object, str):
from application.config import DevConfig, Config, TestConfig
if config_object.lower().startswith("production"):
config_object = Config
elif config_object.lower().startswith("dev"):
config_object = DevConfig
elif config_object.lower().startswith("test"):
config_object = TestConfig
else:
raise ValueError(f"Invalid config name passed into create_app: {config_object}")
app = Flask(__name__)
app.config.from_object(config_object)
app.file_service = FileService()
app.file_service.init_app(app)
csrf.init_app(app)
page_service.init_app(app)
upload_service.init_app(app)
scanner_service.init_app(app)
dimension_service.init_app(app)
trello_service.init_app(app)
trello_service.set_credentials(config_object.TRELLO_API_KEY, config_object.TRELLO_API_TOKEN)
db.init_app(app)
app.url_map.strict_slashes = False
app.classification_finder = ethnicity_classification_finder_from_file(
config_object.ETHNICITY_CLASSIFICATION_FINDER_LOOKUP,
config_object.ETHNICITY_CLASSIFICATION_FINDER_CLASSIFICATIONS,
)
# Note not using Flask-Security role model
user_datastore = SQLAlchemyUserDatastore(db, User, None)
Security(app, user_datastore, login_form=LoginForm)
if os.environ.get("SENTRY_DSN") is not None:
Sentry(app, dsn=os.environ["SENTRY_DSN"])
app.register_blueprint(cms_blueprint)
app.register_blueprint(static_site_blueprint)
app.register_blueprint(admin_blueprint)
app.register_blueprint(register_blueprint)
app.register_blueprint(auth_blueprint)
app.register_blueprint(dashboard_blueprint)
app.register_blueprint(review_blueprint)
app.register_blueprint(redirects_blueprint)
# To stop url clash between this and the measure page url (which is made of four variables.
# See: https://stackoverflow.com/questions/17135006/url-routing-conflicts-for-static-files-in-flask-dev-server
@app.route("/static/<path:subdir1>/<subdir2>/<file_name>")
def static_subdir(subdir1, subdir2, file_name):
file_path = "%s/%s/%s" % (subdir1, subdir2, file_name)
return send_from_directory("static", file_path)
register_errorhandlers(app)
app.after_request(harden_app)
# Make sure all variables referenced in templates are explicitly defined
app.jinja_env.undefined = StrictUndefined
# Render jinja templates with less whitespace; applies to both CMS and static build
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
app.jinja_env.add_extension(jinja_do)
app.add_template_filter(format_approve_button)
app.add_template_filter(render_markdown)
app.add_template_filter(filesize)
app.add_template_filter(format_friendly_date)
app.add_template_filter(format_friendly_short_date)
app.add_template_filter(format_friendly_short_date_with_year)
app.add_template_filter(format_status)
app.add_template_filter(value_filter)
app.add_template_filter(flatten)
app.add_template_filter(flatten_chart)
app.add_template_filter(version_filter)
app.add_template_filter(strip_trailing_slash)
app.add_template_filter(join_enum_display_names)
app.add_template_filter(slugify_value)
app.add_template_filter(format_iso8601_date)
app.add_template_filter(index_of_last_initial_zero)
app.add_template_filter(html_params)
app.add_template_filter(yesno)
app.add_template_filter(models_to_dicts)
app.add_template_filter(html_line_breaks)
app.add_template_filter(url_with_line_breaks)
# There is a CSS caching problem in chrome
app.config["SEND_FILE_MAX_AGE_DEFAULT"] = 10
setup_app_logging(app, config_object)
if os.environ.get("SQREEN_TOKEN") is not None:
setup_sqreen_audit(app)
from werkzeug.contrib.fixers import ProxyFix
app.wsgi_app = ProxyFix(app.wsgi_app)
from flask_sslify import SSLify
SSLify(app)
mail.init_app(app)
def jinja_raise_exception(message):
raise RuntimeError(message)
@app.context_processor
def inject_globals():
from application.auth.models import (
COPY_MEASURE,
CREATE_MEASURE,
CREATE_VERSION,
DELETE_MEASURE,
MANAGE_SYSTEM,
MANAGE_USERS,
MANAGE_DATA_SOURCES,
ORDER_MEASURES,
PUBLISH,
READ,
UPDATE_MEASURE,
VIEW_DASHBOARDS,
)
return dict(
COPY_MEASURE=COPY_MEASURE,
CREATE_MEASURE=CREATE_MEASURE,
CREATE_VERSION=CREATE_VERSION,
DELETE_MEASURE=DELETE_MEASURE,
MANAGE_SYSTEM=MANAGE_SYSTEM,
MANAGE_USERS=MANAGE_USERS,
MANAGE_DATA_SOURCES=MANAGE_DATA_SOURCES,
ORDER_MEASURES=ORDER_MEASURES,
PUBLISH=PUBLISH,
READ=READ,
UPDATE_MEASURE=UPDATE_MEASURE,
VIEW_DASHBOARDS=VIEW_DASHBOARDS,
TESTING_SPACE_SLUG=TESTING_SPACE_SLUG,
get_content_security_policy=get_content_security_policy,
current_timestamp=datetime.datetime.now().isoformat(),
get_form_errors=get_form_errors,
static_mode=get_bool(request.args.get("static_mode", app.config["STATIC_MODE"])),
raise_exception=jinja_raise_exception,
)
return app
api.create(SQLALCHEMY_MIGRATE_REPO, 'database repository')
api.version_control(SQLALCHEMY_DATABASE_URI, SQLALCHEMY_MIGRATE_REPO)
else:
# print api
api.version_control(SQLALCHEMY_DATABASE_URI, SQLALCHEMY_MIGRATE_REPO, api.version(SQLALCHEMY_MIGRATE_REPO))
db.create_all()
import sys
sys.path.append("..")
from manager import db, app
from admin.admin_models import Role
from admin.admin_models import Manager
from flask_security import SQLAlchemyUserDatastore
from flask_security.utils import encrypt_password
import key
with app.app_context():
user_role = Role(name='user')
super_user_role = Role(name='superuser')
db.session.add(user_role)
db.session.add(super_user_role)
db.session.commit()
user_datastore = SQLAlchemyUserDatastore(db, Manager, Role)
test_user = user_datastore.create_user(\
first_name=key.MANAGER_NAME,\
email=key.MAIL_USERNAME,\
password=encrypt_password(key.MANAGER_PASSWORD),\
roles=[user_role, super_user_role])
db.session.commit()
def create_app(app_name=None):
# Configuration settings
import config
if not app_name:
app_name = config.APP_NAME
# Only enable password related functionality in server mode.
if config.SERVER_MODE is True:
# Some times we need to access these config params where application
# context is not available (we can't use current_app.config in those
# cases even with current_app.app_context())
# So update these params in config itself.
# And also these updated config values will picked up by application
# since we are updating config before the application instance is
# created.
config.SECURITY_RECOVERABLE = True
config.SECURITY_CHANGEABLE = True
# Now we'll open change password page in alertify dialog
# we don't want it to redirect to main page after password
# change operation so we will open the same password change page again.
config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password'
"""Create the Flask application, startup logging and dynamically load
additional modules (blueprints) that are found in this directory."""
app = PgAdmin(__name__, static_url_path='/static')
# Removes unwanted whitespace from render_template function
app.jinja_env.trim_blocks = True
app.config.from_object(config)
app.config.update(dict(PROPAGATE_EXCEPTIONS=True))
##########################################################################
# Setup logging and log the application startup
##########################################################################
# Add SQL level logging, and set the base logging level
logging.addLevelName(25, 'SQL')
app.logger.setLevel(logging.DEBUG)
app.logger.handlers = []
# We also need to update the handler on the webserver in order to see
# request. Setting the level prevents werkzeug from setting up it's own
# stream handler thus ensuring all the logging goes through the pgAdmin
# logger.
logger = logging.getLogger('werkzeug')
logger.setLevel(logging.INFO)
# Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases
if ('PGADMIN_TESTING_MODE' in os.environ
and os.environ['PGADMIN_TESTING_MODE'] == '1'):
config.SQLITE_PATH = config.TEST_SQLITE_PATH
# Ensure the various working directories exist
from pgadmin.setup import create_app_data_directory, db_upgrade
create_app_data_directory(config)
# File logging
fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8')
fh.setLevel(config.FILE_LOG_LEVEL)
fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT))
app.logger.addHandler(fh)
logger.addHandler(fh)
# Console logging
ch = logging.StreamHandler()
ch.setLevel(config.CONSOLE_LOG_LEVEL)
ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT))
app.logger.addHandler(ch)
logger.addHandler(ch)
# Log the startup
app.logger.info('########################################################')
app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION)
app.logger.info('########################################################')
app.logger.debug("Python syspath: %s", sys.path)
##########################################################################
# Setup i18n
##########################################################################
# Initialise i18n
babel = Babel(app)
app.logger.debug('Available translations: %s' % babel.list_translations())
@babel.localeselector
def get_locale():
"""Get the language for the user."""
language = 'en'
if config.SERVER_MODE is False:
# Get the user language preference from the miscellaneous module
if current_user.is_authenticated:
user_id = current_user.id
else:
user = user_datastore.get_user(config.DESKTOP_USER)
if user is not None:
user_id = user.id
user_language = Preferences.raw_value('miscellaneous',
'user_language', None,
user_id)
if user_language is not None:
language = user_language
else:
# If language is available in get request then return the same
# otherwise check the session or cookie
data = request.form
if 'language' in data:
language = data['language'] or language
setattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(session, 'PGADMIN_LANGUAGE'):
language = getattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'):
language = getattr(request.cookies, 'PGADMIN_LANGUAGE',
language)
return language
##########################################################################
# Setup authentication
##########################################################################
app.config['SQLALCHEMY_DATABASE_URI'] = u'sqlite:///{0}?timeout={1}' \
.format(config.SQLITE_PATH.replace(u'\\', u'/'),
getattr(config, 'SQLITE_TIMEOUT', 500)
)
# Create database connection object and mailer
db.init_app(app)
##########################################################################
# Upgrade the schema (if required)
##########################################################################
with app.app_context():
# Run migration for the first time i.e. create database
from config import SQLITE_PATH
if not os.path.exists(SQLITE_PATH):
db_upgrade(app)
else:
version = Version.query.filter_by(name='ConfigDB').first()
schema_version = version.value
# Run migration if current schema version is greater than the
# schema version stored in version table
if CURRENT_SCHEMA_VERSION >= schema_version:
db_upgrade(app)
# Update schema version to the latest
if CURRENT_SCHEMA_VERSION > schema_version:
version = Version.query.filter_by(name='ConfigDB').first()
version.value = CURRENT_SCHEMA_VERSION
db.session.commit()
Mail(app)
import pgadmin.utils.paths as paths
paths.init_app(app)
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(None, user_datastore)
##########################################################################
# Setup security
##########################################################################
with app.app_context():
config.CSRF_SESSION_KEY = Keys.query.filter_by(
name='CSRF_SESSION_KEY').first().value
config.SECRET_KEY = Keys.query.filter_by(
name='SECRET_KEY').first().value
config.SECURITY_PASSWORD_SALT = Keys.query.filter_by(
name='SECURITY_PASSWORD_SALT').first().value
# Update the app.config with proper security keyes for signing CSRF data,
# signing cookies, and the SALT for hashing the passwords.
app.config.update(
dict({
'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY,
'SECRET_KEY': config.SECRET_KEY,
'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT
}))
security.init_app(app, user_datastore)
# register custom unauthorised handler.
app.login_manager.unauthorized_handler(pga_unauthorised)
app.session_interface = create_session_interface(app)
# Make the Session more secure against XSS & CSRF when running in web mode
if config.SERVER_MODE:
paranoid = Paranoid(app)
paranoid.redirect_view = 'browser.index'
##########################################################################
# Load all available server drivers
##########################################################################
driver.init_app(app)
##########################################################################
# Register language to the preferences after login
##########################################################################
@user_logged_in.connect_via(app)
def register_language(sender, user):
# After logged in, set the language in the preferences if we get from
# the login page
data = request.form
if 'language' in data:
language = data['language']
# Set the user language preference
misc_preference = Preferences.module('miscellaneous')
user_languages = misc_preference.preference('user_language')
if user_languages and language:
language = user_languages.set(language)
##########################################################################
# Register any local servers we can discover
##########################################################################
@user_logged_in.connect_via(app)
def on_user_logged_in(sender, user):
# Keep hold of the user ID
user_id = user.id
# Get the first server group for the user
servergroup_id = 1
servergroups = ServerGroup.query.filter_by(
user_id=user_id).order_by("id")
if servergroups.count() > 0:
servergroup = servergroups.first()
servergroup_id = servergroup.id
'''Add a server to the config database'''
def add_server(user_id, servergroup_id, name, superuser, port,
discovery_id, comment):
# Create a server object if needed, and store it.
servers = Server.query.filter_by(
user_id=user_id, discovery_id=svr_discovery_id).order_by("id")
if servers.count() > 0:
return
svr = Server(user_id=user_id,
servergroup_id=servergroup_id,
name=name,
host='localhost',
port=port,
maintenance_db='postgres',
username=superuser,
ssl_mode='prefer',
comment=svr_comment,
discovery_id=discovery_id)
db.session.add(svr)
db.session.commit()
# Figure out what servers are present
if winreg is not None:
arch_keys = set()
proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower()
try:
proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower()
except Exception as e:
proc_arch64 = None
if proc_arch == 'x86' and not proc_arch64:
arch_keys.add(0)
elif proc_arch == 'x86' or proc_arch == 'amd64':
arch_keys.add(winreg.KEY_WOW64_32KEY)
arch_keys.add(winreg.KEY_WOW64_64KEY)
for arch_key in arch_keys:
for server_type in ('PostgreSQL', 'EnterpriseDB'):
try:
root_key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
"SOFTWARE\\" + server_type + "\Services", 0,
winreg.KEY_READ | arch_key)
for i in xrange(0, winreg.QueryInfoKey(root_key)[0]):
inst_id = winreg.EnumKey(root_key, i)
inst_key = winreg.OpenKey(root_key, inst_id)
svr_name = winreg.QueryValueEx(
inst_key, 'Display Name')[0]
svr_superuser = winreg.QueryValueEx(
inst_key, 'Database Superuser')[0]
svr_port = winreg.QueryValueEx(inst_key, 'Port')[0]
svr_discovery_id = inst_id
svr_comment = gettext(
"Auto-detected %s installation with the data "
"directory at %s" %
(winreg.QueryValueEx(inst_key,
'Display Name')[0],
winreg.QueryValueEx(inst_key,
'Data Directory')[0]))
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port,
svr_discovery_id, svr_comment)
inst_key.Close()
except Exception as e:
pass
else:
# We use the postgres-winreg.ini file on non-Windows
try:
from configparser import ConfigParser
except ImportError:
from ConfigParser import ConfigParser # Python 2
registry = ConfigParser()
try:
registry.read('/etc/postgres-reg.ini')
sections = registry.sections()
# Loop the sections, and get the data from any that are PG or PPAS
for section in sections:
if (section.startswith('PostgreSQL/')
or section.startswith('EnterpriseDB/')):
svr_name = registry.get(section, 'Description')
svr_superuser = registry.get(section, 'Superuser')
svr_port = registry.getint(section, 'Port')
svr_discovery_id = section
description = registry.get(section, 'Description')
data_directory = registry.get(section, 'DataDirectory')
if hasattr(str, 'decode'):
description = description.decode('utf-8')
data_directory = data_directory.decode('utf-8')
svr_comment = gettext(u"Auto-detected %s installation "
u"with the data directory at %s" %
(description, data_directory))
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port, svr_discovery_id,
svr_comment)
except Exception as e:
pass
@user_logged_in.connect_via(app)
@user_logged_out.connect_via(app)
def force_session_write(app, user):
session.force_write = True
##########################################################################
# Load plugin modules
##########################################################################
for module in app.find_submodules('pgadmin'):
app.logger.info('Registering blueprint module: %s' % module)
app.register_blueprint(module)
##########################################################################
# Handle the desktop login
##########################################################################
@app.before_request
def before_request():
"""Login the default user if running in desktop mode"""
# Check the auth key is valid, if it's set, and we're not in server
# mode, and it's not a help file request.
if not config.SERVER_MODE and app.PGADMIN_KEY != '':
if (('key' not in request.args
or request.args['key'] != app.PGADMIN_KEY)
and request.cookies.get('PGADMIN_KEY') != app.PGADMIN_KEY
and request.endpoint != 'help.static'):
abort(401)
if not config.SERVER_MODE and not current_user.is_authenticated:
user = user_datastore.get_user(config.DESKTOP_USER)
# Throw an error if we failed to find the desktop user, to give
# the sysadmin a hint. We'll continue to try to login anyway as
# that'll through a nice 500 error for us.
if user is None:
app.logger.error(
'The desktop user %s was not found in the configuration '
'database.' % config.DESKTOP_USER)
abort(401)
login_user(user)
@app.after_request
def after_request(response):
if 'key' in request.args:
response.set_cookie('PGADMIN_KEY', value=request.args['key'])
return response
##########################################################################
# Minify output
##########################################################################
# HTMLMIN doesn't work with Python 2.6.
if not config.DEBUG and sys.version_info >= (2, 7):
from flask_htmlmin import HTMLMIN
HTMLMIN(app)
@app.context_processor
def inject_blueprint():
"""Inject a reference to the current blueprint, if any."""
return {
'current_app': current_app,
'current_blueprint': current_blueprint
}
##########################################################################
# All done!
##########################################################################
return app
