def get_user_from_token_and_raise(request,
secret_key=None,
redirect_on_expiration=None,
redirect_on_invalid_token=None):
"""
Deserialize the token
catch excetpion and return appropriate Response(403, 302 ...)
"""
try:
token = request.cookies["token"]
return user_from_token(token, secret_key)
except KeyError:
if redirect_on_expiration:
log_expiration_warning()
raise RequestRedirect(new_url=redirect_on_expiration)
raise Unauthorized(description='No token.')
except AccessRightsExpiredError:
if redirect_on_expiration:
log_expiration_warning()
raise RequestRedirect(new_url=redirect_on_expiration)
raise Unauthorized(description='Token expired.')
except UnreadableAccessRightsError:
if redirect_on_invalid_token:
log_expiration_warning()
raise RequestRedirect(new_url=redirect_on_invalid_token)
raise Unauthorized(description='Token corrupted.')
except Exception as e:
trap_all_exceptions = current_app.config.get("TRAP_ALL_EXCEPTIONS",
True)
if not trap_all_exceptions:
raise
log.critical(e)
raise Unauthorized(description=repr(e))
def check_access_right(forbidden, redirect_url, msg='default'):
"""
Check if access to a given page is allowed with the current role (the one
saved in session['role']).
N.B. Use werkzeug for redirect, the flask redirect function does not work here.
:param forbidden: The role that is forbidden
:param redirect_url: The URL to redirect to, e.g. 'control.choose_role'
:param msg: Message, if there is a message to be flushed. Defaults to
'default'.
:return: Redicrects to other page if access not allowed
"""
if 'role' not in session.keys():
# If the user has no role yet redirect to choose one.
raise RequestRedirect(url_for('control.choose_role'))
if session['role'] != forbidden:
# Access approved!
return None
else:
# Access denied, redirect.
if msg:
if msg == 'default':
msg = "You can't access that page with your role (current " \
"role: " + str(session['role']) + ")."
flash(msg)
raise RequestRedirect(url_for(redirect_url))
def match(self,
path_info=None,
method=None,
return_rule=False,
query_args=None,
request=None):
self.map.update()
if path_info is None:
path_info = self.path_info
else:
path_info = to_unicode(path_info, self.map.charset)
if query_args is None:
query_args = self.query_args
method = (method or self.default_method).upper()
path = u'%s|%s' % (self.map.host_matching and self.server_name
or self.subdomain, path_info
and '/%s' % path_info.lstrip('/'))
have_match_for = set()
for rule in self.map._rules:
try:
rv = rule.match(path, request)
except RequestSlash:
raise RequestRedirect(
self.make_redirect_url(
url_quote(path_info, self.map.charset, safe='/:|+') +
'/', query_args))
except RequestAliasRedirect as e:
raise RequestRedirect(
self.make_alias_redirect_url(path, rule.endpoint,
e.matched_values, method,
query_args))
if rv is None:
continue
if rule.methods is not None and method not in rule.methods:
have_match_for.update(rule.methods)
continue
if self.map.redirect_defaults:
redirect_url = self.get_default_redirect(
rule, method, rv, query_args)
if redirect_url is not None:
raise RequestRedirect(redirect_url)
if return_rule:
return rule, rv
else:
return rule.endpoint, rv
if have_match_for:
raise MethodNotAllowed(valid_methods=list(have_match_for))
raise NotFound()
def get_timepoint(study_id, timepoint_id, current_user):
timepoint = Timepoint.query.get(timepoint_id)
if timepoint is None:
flash("Timepoint {} does not exist".format(timepoint_id))
raise RequestRedirect("index")
if (not current_user.has_study_access(study_id)
or not timepoint.belongs_to(study_id)):
flash("Not authorised to view {}".format(timepoint_id))
raise RequestRedirect("index")
return timepoint
def sendRequest(method, url, auth=False, data=None):
headers = {"content-type": "application/json"}
if auth == True:
token = request.cookies['access_token']
headers["authorization"] = "Bearer " + token
if method.lower() == "get":
data = requests.get(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "post":
data = requests.post(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "put":
data = requests.put(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "delete":
data = requests.delete(current_app.config["API_URL"] + url,
headers=headers)
if data.status_code == 401 or data.status_code == 422:
flash("Authorization token not valid. Please log in again", "warning")
raise RequestRedirect(url_for("main.logout"))
return data
def get_file():
filename = get_filename()
path = Path(os.path.join(current_app.config["UPLOAD_DIR"], filename))
if not path.is_file():
flash("There was a problem reading this file.", category="danger")
raise RequestRedirect(url_for("star.upload"))
return path
def sendRequest(method, url, auth=False, data=None):
# Headers por defecto
headers = {"content-type": "application/json"}
# Verificamos si necesita autorizacion
if auth == True:
# Recolectamos el token de las cookies
token = request.cookies['access_token']
# Incorporamos el token en el headers
headers["authorization"] = "Bearer " + token
if method.lower() == "get":
r = requests.get(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "post":
r = requests.post(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "put":
r = requests.put(current_app.config["API_URL"] + url,
headers=headers,
data=data)
if method.lower() == "delete":
r = requests.delete(current_app.config["API_URL"] + url,
headers=headers)
if r.status_code == 401 or r.status_code == 422:
flash("Authorization token not valid. Please log in again", "warning")
raise RequestRedirect(url_for("login.logout"))
return r
def redirect(url):
"""Raise the :class:`~werkzeug.routing.RequestRedirect` exception to lead
the app dispatching current request to another URL.
:param url: the target URL.
"""
raise RequestRedirect(url)
def get_session(timepoint, session_num, fail_url):
try:
session = timepoint.sessions[session_num]
except KeyError:
flash("Session {} does not exist for {}.".format(
session_num, timepoint))
raise RequestRedirect(fail_url)
return session
def reg():
if request.method == 'POST':
name = request.form['user']
value = request.form['value']
rec = MyTable(name, value)
session.add(rec)
session.commit()
return RequestRedirect('/')
return render_template('reg.html')
def get_scan(scan_id, study_id, current_user, fail_url=None):
if not fail_url:
fail_url = url_for('index')
scan = Scan.query.get(scan_id)
if scan is None:
logger.error("User {} attempted to retrieve scan with ID {}. "
"Retrieval failed.".format(current_user, scan_id))
flash("Scan does not exist.".format(scan_id))
raise RequestRedirect(fail_url)
if (not current_user.has_study_access(study_id)
or not scan.session.timepoint.belongs_to(study_id)):
flash("Not authorized to view {}".format(scan.name))
raise RequestRedirect(fail_url)
return scan
def redirect_when_user_not_logged():
"""
Redirects to login page when there is no user logged.
"""
try:
if "username" not in login_session:
raise RequestRedirect("/login")
except KeyError:
pass
def success_callback(self):
""" Called on successful form validation, by default this will perform
a redirect if ``redirect_url_rule`` is defined. Override this method
to perform any custom actions on successful form validation.
Returns
-------
werkzeug.wrappers.Response
Redirects request to somewhere else
"""
raise RequestRedirect(self.redirect_url())
def check_authority(self, request, operation, obj=None):
try:
self.authorize(request, operation, obj)
except NotAuthorized, e:
from kay.conf import settings
if 'kay.auth.middleware.AuthenticationMiddleware' in \
settings.MIDDLEWARE_CLASSES and \
request.user.is_anonymous():
from kay.utils import create_login_url
raise RequestRedirect(create_login_url(request.url))
else:
raise Forbidden("Access not allowed.")
def _find_handler(self, return_rule=False):
website = request.env['website'].browse(1)
if website.maintenance_mode:
ir_model = request.env['ir.model.data'].sudo()
allowed_group = ir_model.get_object('base','group_website_designer')
group_ids = request.env['res.groups'].sudo().search([('users.id', '=', request.context.get('uid'))])
if allowed_group.id not in group_ids.ids:
map_adapter = self.routing_map().bind_to_environ(request.httprequest.environ)
if request._request_type == 'http':
redirect_url = '/website/maintenance'
else:
redirect_url = '/website/maintenance_status'
if map_adapter.path_info not in ('/website/maintenance', '/website/maintenance_status', '/logo.png'):
redirect_obj = RequestRedirect(str(url_join('%s://%s%s%s' % (
map_adapter.url_scheme,
map_adapter.subdomain and map_adapter.subdomain + '.' or '',
map_adapter.server_name,
map_adapter.script_name
), redirect_url)))
redirect_obj.code = 302
raise redirect_obj
return super(ir_http, self)._find_handler(return_rule=return_rule)
def success_callback(self):
""" Success callback called after object has been deleted.
Override this to customise what happens after an object is delted
Raises
------
werkzeug.routing.RequestRedirect
When object is deleted to force a redirect to another View
"""
self.flash()
raise RequestRedirect(self.redirect_url())
def get_redcap_record(record_id, fail_url=None):
if not fail_url:
fail_url = url_for('index')
record = RedcapRecord.query.get(record_id)
if record is None:
logger.error("Tried and failed to retrieve RedcapRecord with "
"ID {}".format(record_id))
flash("Record not found.")
raise RequestRedirect(fail_url)
return record
def __call__(self, request):
mapadapter = self.routingmap.bind_to_environ(request.environ)
try:
endpoint, args = mapadapter.match()
if endpoint == "package":
return self.show_package(args["package"])
elif endpoint == "detail":
return self.show_detail(args["package1"], args["package2"])
elif endpoint == "hash":
if args["function"] == "image_sha512":
# backwards compatibility
raise RequestRedirect(
"%s/hash/png_sha512/%s" %
(request.environ["SCRIPT_NAME"], args["hashvalue"]))
return self.show_hash(args["function"], args["hashvalue"])
elif endpoint == "index":
if not request.environ["PATH_INFO"]:
raise RequestRedirect(request.environ["SCRIPT_NAME"] + "/")
return html_response(index_template.render(dict(urlroot="")))
elif endpoint == "source":
return self.show_source(args["package"])
raise NotFound()
except HTTPException as e:
return e
def validate(self):
self._set_id()
if not self.id:
raise InvalidIdentifierException(
"Please provide a valid CVE ID or Git commit link.")
# if request.path is '/vuln':
# if self.cve_id or self.vcdb_id:
# pass
# #use_endpoint = 'vuln.vuln_view'
# Always redirect to the most simple URL.
if request.method == "GET":
if not self.suggested_id or self.suggested_id != self.id:
raise RequestRedirect("/" + str(self.id))
def makeRequest(method, url, authenticated_user=False, data="{}"):
headers = {
"content-type": "application/json",
}
if authenticated_user:
#Recolectamos el token de las cookies
token = request.cookies['access_token']
#Incorporamos el token en el headers
headers["authorization"] = "Bearer " + token
if method == "GET":
r = requests.get(
url=url,
headers=headers,
data=data)
if method == "POST":
r = requests.post(
url=url,
headers=headers,
data=data)
if r.status_code == 201:
flash("Addition succesfully completed.", 'success')
if method == "PUT":
r = requests.put(
url=url,
headers=headers,
data=data)
if r.status_code == 201:
flash("Modification succesfully completed.", 'success')
if method == "DELETE":
r = requests.delete(
url=url,
headers=headers)
if r.status_code == 204:
flash("Deletion succesfully completed.", 'success')
if r.status_code == 401 or r.status_code == 422:
flash("Authorization token not valid. Please log in again.", 'warning')
raise RequestRedirect(url_for('auth.logout'))
# RETURNS A JSON (STR TYPE)
return r
def addurl(ids=''):
db = RSS_Resource_db()
if ids:
rids = map(parse_rid, ids.split(','))
else:
rids = []
url = request.form['url']
if not url:
raise NotFound()
while url != None:
resource = RSS_Resource(url, db, generate_id)
url, seq = resource.redirect_info(db)
if resource.id() not in rids:
rids.append(resource.id())
ridlist = map(format_rid, rids)
raise RequestRedirect(url_for('page', ids=','.join(ridlist)))
def get_columns():
try:
return session["columns"]
except KeyError:
flash("Please select the columns to use for your records.")
raise RequestRedirect(url_for("star.columns"))
def _get_event_or_redirect(event_code):
event = Event.query.filter_by(event_code=event_code).first()
if event is not None:
return event
else:
raise RequestRedirect(url_for('frontend.home'))
def match(self,
path_info=None,
method=None,
return_rule=False,
query_args=None):
self.map.update()
if path_info is None:
path_info = self.path_info
else:
path_info = to_unicode(path_info, self.map.charset)
if query_args is None:
query_args = self.query_args
method = (method or self.default_method).upper()
path = u'%s|%s' % (self.map.host_matching and self.server_name
or self.subdomain, path_info
and '/%s' % path_info.lstrip('/'))
have_match_for = set()
for rule in self.map._rules:
try:
rv = rule.match(path, method)
except RequestPath:
raise RequestRedirect(
self.make_redirect_url(
url_quote(path_info, self.map.charset, safe='/:|+') +
'/', query_args))
except RequestAliasRedirect as e:
raise RequestRedirect(
self.make_alias_redirect_url(path, rule.endpoint,
e.matched_values, method,
query_args))
if rv is None:
continue
if rule.methods is not None and method not in rule.methods:
have_match_for.update(rule.methods)
continue
# 确定版本
version = get_version(self.request)
if self.request and version:
if not isinstance(rule.version, list) or not rule.version:
rule.version = list()
version_list = self.version_dict.get(rule.rule)
if len(rule.version) == 0 \
and version_list is not None \
and version in version_list:
continue
elif len(rule.version) != 0 and version not in rule.version:
continue
self.request.rule_version = rule.version
if self.map.redirect_defaults:
redirect_url = self.get_default_redirect(
rule, method, rv, query_args)
if redirect_url is not None:
raise RequestRedirect(redirect_url)
if rule.redirect_to is not None:
if isinstance(rule.redirect_to, string_types):
def _handle_match(match):
value = rv[match.group(1)]
return rule._converters[match.group(1)].to_url(value)
redirect_url = _simple_rule_re.sub(_handle_match,
rule.redirect_to)
else:
redirect_url = rule.redirect_to(self, **rv)
raise RequestRedirect(
str(
url_join(
'%s://%s%s%s' %
(self.url_scheme
or 'http', self.subdomain and self.subdomain + '.'
or '', self.server_name, self.script_name),
redirect_url)))
if return_rule:
return rule, rv
else:
return rule.endpint, rv
if have_match_for:
raise MethodNotAllowed(valid_methods=list(have_match_for))
raise NotFound()
def get_filename():
try:
return session["filename"]
except KeyError:
flash("Please upload your traffic stop records.")
raise RequestRedirect(url_for("star.upload"))
def get_location():
try:
return session["location"]
except KeyError:
flash("Please enter your location.")
raise RequestRedirect(url_for("star.location"))
async def root(ctx: HTTPRequestContext):
raise RequestRedirect("https://github.com/SunDwarf/OWAPI/blob/master/api.md")
def get_options():
try:
return session["options"]
except KeyError:
flash("Please select the options to use for your analysis.")
raise RequestRedirect(url_for("star.options"))
def check_and_mark_reboot_action(tmp_marker):
if os.path.isfile("/tmp/{}".format(tmp_marker)):
flash(u'Refresh prevented - action already triggered',
category="error")
raise RequestRedirect("/")
os.system("touch /tmp/{}".format(tmp_marker))
def email():
location = get_location()
path = get_file()
filename = session["original_filename"]
cols = get_columns()
options = get_options()
df = load_csv_as_dataframe(path, cols)
email = request.form.get("email")
if not email:
flash("Email is required.", category="danger")
raise RequestRedirect(url_for("star.analyze"))
optin = bool(request.form.get("optin", False))
title = request.form.get("title")
name = request.form.get("name")
organization = request.form.get("organization")
db = get_db()
c = db.cursor()
c.execute(
"""
INSERT INTO emails (email, optin, title, name, organization, datetime)
VALUES(?, ?, ?, ?, ?, ?)
""",
(email, optin, title, name, organization, datetime.now()),
)
db.commit()
model = VODModel(df, location=location, columns=cols, options=options)
analysis = Analysis()
results = analysis.analyze(model.data_frame)
min_twilight, max_twilight = model.find_twilight_range()
itp_range = "{} - {}".format(
min_twilight.strftime("%H:%M:%S"), max_twilight.strftime("%H:%M:%S")
)
min_date, max_date = model.find_date_range()
date_range = "{} - {}".format(min_date.strftime("%x"), max_date.strftime("%x"))
params = dict(
datetime=datetime.now().strftime("%x %X %Z"),
location=location,
original_filename=filename,
cols=cols,
options=options,
original_record_count=len(df.index),
final_record_count=len(model.data_frame.index),
date_range=date_range,
itp_range=itp_range,
light_count=model.light_count(),
dark_count=model.dark_count(),
results=results,
root_dir=current_app.config["ROOT_DIR"],
)
pdf_html = render_template("email.html", **params)
# return pdf_html
options = {
"page-size": "Letter",
"margin-top": "0.75in",
"margin-right": "0.75in",
"margin-bottom": "0.75in",
"margin-left": "0.75in",
"encoding": "UTF-8",
"enable-local-file-access": None
}
directory = tempfile.mkdtemp()
pdffile = os.path.join(directory, "out.pdf")
pdf = pdfkit.from_string(pdf_html, pdffile, options=options)
msg = Message("RTI-STAR Report for {}".format(name or email), recipients=[email])
msg.body = "Your report is attached."
with current_app.open_resource(pdffile) as fp:
msg.attach("report.pdf", "application/pdf", fp.read())
mail.send(msg)
flash("Your email has been sent.")
return redirect(url_for("star.analyze"))
