def start_app(with_factory=False, use_white=True):
global current_user
app = Flask(__name__)
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
def has_permissions(*permission):
def deco(f):
@wraps(f)
def wrap(*args, **kwargs):
if not current_user:
return 'not current user'
for role in current_user.roles:
for roles_perms in role.get_permission():
for value in permission:
if value == roles_perms:
return f(*args, **kwargs)
else:
return 'Not Authorized'
return wrap
return deco
@app.url_value_preprocessor
def br(endpoint, values):
for id in user_dict.keys():
if id == values['user_id']:
global current_user
current_user = user_dict[id]
break
else:
raise Exception('User not registered')
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/create/<string:user_id>')
@rbac.allow(roles=['Employee', 'Manager'], methods=['GET'])
@has_permissions('read', 'write')
def create_user(user_id):
return Response('Company Portal: \nUserName:{} {}'.format(
user_id, current_user))
app.run(port=9888, debug=True)
return app
def makeapp(with_factory, use_white, before_decorator, after_decorator):
global current_user
app = Flask(__name__)
app.debug = True
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/')
@after_decorator
@rbac.allow(roles=['everyone'], methods=['GET'])
@before_decorator
def index():
return Response('index')
@app.route('/a')
@after_decorator
@rbac.allow(roles=['special'], methods=['GET'])
@before_decorator
def a():
return Response('Hello')
@app.route('/b', methods=['GET', 'POST'])
@after_decorator
@rbac.allow(roles=['logged_role'], methods=['GET'])
@rbac.allow(roles=['staff_role', 'special'], methods=['POST'])
@before_decorator
def b():
return Response('Hello from /b')
@app.route('/c')
@after_decorator
@rbac.allow(roles=['everyone'], methods=['GET'])
@rbac.deny(roles=['logged_role'], methods=['GET'], with_children=False)
@rbac.allow(roles=['staff_role'], methods=['GET'])
@before_decorator
def c():
return Response('Hello from /c')
@app.route('/d')
@after_decorator
@rbac.deny(roles=['everyone'], methods=['GET'])
@before_decorator
def d():
return Response('Hello from /d')
@app.route('/e')
@after_decorator
@rbac.deny(roles=['everyone'], methods=['GET'], with_children=True)
@before_decorator
def e():
return Response('Hello from /e')
@app.route('/f', methods=['POST'])
@after_decorator
@rbac.deny(roles=['logged_role'], methods=['POST'])
@before_decorator
def f():
return Response('Hello from /f')
@app.route('/g', methods=['GET'])
@after_decorator
@rbac.exempt
@before_decorator
def g():
return Response('Hello from /g')
@app.route('/h', methods=['GET'])
@after_decorator
@rbac.allow(['anonymous'], methods=['GET'], with_children=False)
@before_decorator
def h():
return Response('Hello from /h')
@app.route('/i', methods=['GET'])
@after_decorator
@rbac.allow(['nonexistent'], methods=['GET'], with_children=False)
@before_decorator
def i():
return Response('Hello from /i')
@app.route('/j', methods=['GET'])
@after_decorator
@rbac.deny(['nonexistent'], methods=['GET'], with_children=False)
@before_decorator
def j():
return Response('Hello from /j')
return app
def makeapp(with_factory, use_white, before_decorator, after_decorator):
global current_user
app = Flask(__name__)
app.debug = True
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/')
@after_decorator
@rbac.allow(roles=['everyone'], methods=['GET'])
@before_decorator
def index():
return Response('index')
@app.route('/a')
@after_decorator
@rbac.allow(roles=['special'], methods=['GET'])
@before_decorator
def a():
return Response('Hello')
@app.route('/b', methods=['GET', 'POST'])
@after_decorator
@rbac.allow(roles=['logged_role'], methods=['GET'])
@rbac.allow(roles=['staff_role', 'special'], methods=['POST'])
@before_decorator
def b():
return Response('Hello from /b')
@app.route('/c')
@after_decorator
@rbac.allow(roles=['everyone'], methods=['GET'])
@rbac.deny(roles=['logged_role'], methods=['GET'], with_children=False)
@rbac.allow(roles=['staff_role'], methods=['GET'])
@before_decorator
def c():
return Response('Hello from /c')
@app.route('/d')
@after_decorator
@rbac.deny(roles=['everyone'], methods=['GET'])
@before_decorator
def d():
return Response('Hello from /d')
@app.route('/e')
@after_decorator
@rbac.deny(roles=['everyone'], methods=['GET'], with_children=True)
@before_decorator
def e():
return Response('Hello from /e')
@app.route('/f', methods=['POST'])
@after_decorator
@rbac.deny(roles=['logged_role'], methods=['POST'])
@before_decorator
def f():
return Response('Hello from /f')
@app.route('/g', methods=['GET'])
@after_decorator
@rbac.exempt
@before_decorator
def g():
return Response('Hello from /g')
@app.route('/h', methods=['GET'])
@after_decorator
@rbac.allow(['anonymous'], methods=['GET'], with_children=False)
@before_decorator
def h():
return Response('Hello from /h')
return app
def createapp(with_factory=False, use_white=True):
global current_user
app = Flask(__name__)
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/')
@rbac.allow(roles=['everyone'], methods=['GET'])
def index():
return Response('index')
@app.route('/a')
@rbac.allow(roles=['special'], methods=['GET'])
def a():
return Response('Hello')
@app.route('/b', methods=['GET', 'POST'])
@rbac.allow(roles=['logged_role'], methods=['GET'])
@rbac.allow(roles=['staff_role', 'special'], methods=['POST'])
def b():
return Response('Hello from /b')
@app.route('/c')
@rbac.allow(roles=['everyone'], methods=['GET'])
@rbac.deny(roles=['logged_role'], methods=['GET'], with_children=False)
@rbac.allow(roles=['staff_role'], methods=['GET'])
def c():
return Response('Hello from /c')
@app.route('/d')
@rbac.deny(roles=['everyone'], methods=['GET'])
def d():
return Response('Hello from /d')
@app.route('/e')
@rbac.deny(roles=['everyone'], methods=['GET'], with_children=True)
def e():
return Response('Hello from /e')
@app.route('/f', methods=['POST'])
@rbac.deny(roles=['logged_role'], methods=['POST'])
def f():
return Response('Hello from /f')
@app.route('/g', methods=['GET'])
@rbac.exempt
def g():
return Response('Hello from /g')
@app.route('/h', methods=['GET'])
@rbac.allow(['anonymous'], methods=['GET'], with_children=False)
def h():
return Response('Hello from /h')
app.run(port=9999, debug=True)
return app
#Session = sessionmaker(bind=engine) COMMENTED THIS ON MARCH 24 !!!!!!!!!!!!!!!!!!!!!!
#Session.configure(bind=engine)
#session = Session()
# If this imports are done before a circle dependency is created and the app will not run.
from RumboEx.model.role import Role
from RumboEx.model.user import User
# NPI
# jwt = JWTManager(app)
# Starting RBAC
rbac = RBAC()
rbac.init_app(app)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = '/login'
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
# Initial role for RBAC to work
start = Role('DUMMY')
rbacDummy = User(roles=[start])
def start_app(with_factory=False, use_white=True):
global current_user
app = Flask(__name__)
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
@app.route('/login/<string:name>', methods=['GET', 'POST'])
@rbac.allow(['start'], methods=['GET', 'POST'])
def login(name):
try:
for i in user_dict.keys():
if i == name:
global current_user
current_user = user_dict[i]
return 'signed-in'
else:
return 'Not defined'
except Exception as ex:
print(ex)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/teacher')
@rbac.allow(roles=['teacher'], methods=['GET', 'POST'])
def teachers_portal():
return Response('Teacher Portal: \n{}'.format(current_user))
@app.route('/student')
@rbac.allow(roles=['student'], methods=['GET', 'POST'])
def student_portal():
return Response('Student Portal:\n{}'.format(current_user.name))
@app.route('/accounts', methods=['GET', 'POST'])
@rbac.allow(roles=['accounts'], methods=['GET'])
def accounts_portal():
return Response('Accounts Department Portal:\n{}'.format(
current_user.name))
@app.route('/acc', methods=['GET', 'POST'])
@rbac.allow(roles=['accounts'], methods=['GET'], with_children=False)
@rbac.deny(roles=['hr'], methods=['POST'])
def accounts_user_portal():
return Response('Accounts Department Personal Portal:\n{}'.format(
current_user.name))
@app.route('/hr')
@rbac.allow(roles=['hr'], methods=['GET', 'PUT'])
@rbac.deny(roles=['teacher', 'student'],
methods=['GET'],
with_children=False)
def hr_portal():
return Response('HR Portal:\n{}'.format(current_user.name))
@app.route('/maintain')
@rbac.allow(roles=['maintenance'], methods=['GET', 'PUT', 'POST'])
def maintenance_portal():
return Response('Maintenance Portal:\n{}'.format(current_user.name))
@app.route('/dean', methods=['POST'])
@rbac.allow(roles=['dean'], methods=['GET', 'POST', 'PUT', 'DELETE'])
@rbac.deny(roles=['teacher', 'accounts', 'hr'],
methods=['POST', 'DELETE', 'PUT'])
def dean_portal():
return Response('Dean Portal:\n{}'.format(current_user.name))
@app.route('/common', methods=['GET'])
@rbac.exempt
def commom_portal():
return Response('Common Portal:\n{}'.format(current_user.name))
@app.route('/IT', methods=['GET'])
@rbac.allow(['IT', 'dean'],
methods=['GET', 'ACCESS_H'],
with_children=False)
def it_portal():
print(rbac.has_permission('ACCESS_H', 'it_portal'))
return Response('IT Portal:\n{}'.format(current_user.name))
@app.route('/exam', methods=['GET'])
@rbac.allow(['teacher'], methods=['ACCESS_H'], with_children=False)
def exam():
return Response('EXAM Portal:\n{}'.format(current_user.name))
app.run(port=9999, debug=True)
return app
def add_role(self, role):
self.roles.append(role)
def add_roles(self, roles):
for role in roles:
self.add_role(role)
def get_roles(self):
for role in self.roles:
yield role
def to_json(self):
return dict(id=self.id, email=self.email, displayName=self.display_name)
rbac.set_user_model(User)
def create_token(user):
payload = {
'sub': user.id,
'iat': datetime.utcnow(),
'exp': datetime.utcnow() + timedelta(days=1)
}
token = jwt.encode(payload, app.config['TOKEN_SECRET'])
return token.decode('unicode_escape')
def parse_token(req):
token = req.headers.get('Authorization')
return jwt.decode(token, app.config['TOKEN_SECRET'], 'unicode_escape')
def start_app(with_factory=False, use_white=True):
global current_user
app = Flask(__name__)
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
@app.route('/login/<string:name>', methods=['GET', 'POST'])
@rbac.allow(['Q'], methods=['GET', 'POST'])
def login(name):
try:
for i in user_dict.keys():
if i == name:
global current_user
current_user = user_dict[i]
return 'signed-in'
else:
return 'Not defined'
except Exception as ex:
print(ex)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
def has_permissions(*permission):
def deco(f):
@wraps(f)
def wrap(*args, **kwargs):
if not current_user:
return 'not current user'
print(permission)
for i in current_user.user_permission:
for j in permission:
if i == j:
return f(*args, **kwargs)
else:
return 'Not Authorized'
return wrap
return deco
@app.route('/create')
@rbac.allow(roles=['P', 'Q'], methods=['GET'])
@has_permissions('read', 'access')
def create_user():
return Response('Teacher Portal: \n{}'.format(current_user))
app.run(port=9988, debug=True)
return app
def createapp(with_factory=False, use_white=True):
global current_user
app = Flask(__name__)
if use_white:
app.config['RBAC_USE_WHITE'] = True
else:
app.config['RBAC_USE_WHITE'] = False
if with_factory:
rbac = RBAC()
rbac.init_app(app)
else:
rbac = RBAC(app)
@app.route('/signin/<string:name>', methods=['GET', 'POST'])
@rbac.allow(['start'], methods=['GET', 'POST'])
def signin(name):
try:
for i in user_dict.keys():
if i == name:
global current_user
current_user = user_dict[i]
return 'signed-in'
else:
return 'Not defined'
except Exception as ex:
print(ex)
rbac.set_user_loader(lambda: current_user)
rbac.set_user_model(User)
rbac.set_role_model(Role)
@app.route('/')
@rbac.allow(roles=['everyone'], methods=['GET'])
def index():
return Response('index {}'.format(current_user.name))
@app.route('/a')
@rbac.allow(roles=['special'], methods=['GET'])
def a():
return Response('Hello from {} in /a'.format(current_user.name))
@app.route('/b', methods=['GET', 'POST'])
@rbac.allow(roles=['admin'], methods=['GET'])
@rbac.allow(roles=['staff_role', 'special'], methods=['POST'])
def b():
return Response('Hello from {} in /b'.format(current_user.name))
@app.route('/c')
@rbac.allow(roles=['everyone'], methods=['GET'])
@rbac.deny(roles=['admin'], methods=['GET'], with_children=False)
@rbac.allow(roles=['staff_role'], methods=['GET'])
def c():
return Response('Hello from {} in /c'.format(current_user.name))
@app.route('/d')
@rbac.deny(roles=['everyone'], methods=['GET'])
def d():
return Response('Hello from {} in /d'.format(current_user.name))
@app.route('/e')
@rbac.deny(roles=['everyone'], methods=['GET'], with_children=True)
def e():
return Response('Hello from {} in /e'.format(current_user.name))
@app.route('/f', methods=['POST'])
@rbac.deny(roles=['admin'], methods=['POST'])
def f():
return Response('Hello from {} in /f'.format(current_user.name))
@app.route('/g', methods=['GET'])
@rbac.exempt
def g():
return Response('Hello from {} in /g'.format(current_user.name))
@app.route('/h', methods=['GET'])
@rbac.allow(['everyone'], methods=['GET'], with_children=False)
def h():
return Response('Hello from {} in /h'.format(current_user.name))
app.run(port=9999, debug=True)
return app
