if provide_automatic_options is None:
if 'OPTIONS' not in methods:
provide_automatic_options = True
required_methods.add('OPTIONS')
else:
provide_automatic_options = False
# Add the required methods now.
methods |= required_methods
if not isinstance(rule, Rule):
rule = self.url_rule_class(rule, methods=methods, **options)
rule.provide_automatic_options = provide_automatic_options
self.url_map.add(rule)
if view_func is not None:
old_func = self.view_functions.get(endpoint)
if old_func is not None and old_func != view_func:
raise AssertionError('View function mapping is overwriting an '
'existing endpoint function: %s' % endpoint)
self.view_functions[endpoint] = view_func
app = ServerFlask('server')
CORS(app, resources=r'/*')
app.url_map.converters['regex'] = RegexConverter
Babel(app, 'zh_CN')
Compress(app)
from babel.messages.pofile import read_po
from babel.support import NullTranslations, Translations
from flask import current_app, g, has_app_context, has_request_context, request, session
from flask_babelex import Babel, Domain, get_domain
from flask_pluginengine import current_plugin
from speaklater import is_lazy_string, make_lazy_string
from werkzeug.utils import cached_property
from fossir.util.caching import memoize_request
from fossir.util.string import trim_inner_whitespace
LOCALE_ALIASES = dict(LOCALE_ALIASES, en='en_GB')
RE_TR_FUNCTION = re.compile(r'''_\("([^"]*)"\)|_\('([^']*)'\)''',
re.DOTALL | re.MULTILINE)
babel = Babel()
_use_context = object()
def get_translation_domain(plugin_name=_use_context):
"""Get the translation domain for the given plugin
If `plugin_name` is omitted, the plugin will be taken from current_plugin.
If `plugin_name` is None, the core translation domain ('fossir') will be used.
"""
if plugin_name is None:
return get_domain()
else:
plugin = None
if has_app_context():
from fossir.core.plugins import plugin_engine
app.config.update(
SQLALCHEMY_DATABASE_URI=os.environ.get('SQLALCHEMY_DATABASE_URI',
'sqlite:///github_app.db'),
OAUTHCLIENT_REMOTE_APPS=dict(github=github.REMOTE_APP, ),
GITHUB_APP_CREDENTIALS=GITHUB_APP_CREDENTIALS,
DEBUG=True,
SECRET_KEY='TEST',
SQLALCHEMY_ECHO=False,
SECURITY_PASSWORD_SALT='security-password-salt',
MAIL_SUPPRESS_SEND=True,
TESTING=True,
USERPROFILES_EXTEND_SECURITY_FORMS=True,
)
Babel(app)
FlaskMenu(app)
InvenioDB(app)
InvenioAccounts(app)
InvenioUserProfiles(app)
FlaskOAuth(app)
InvenioOAuthClient(app)
InvenioMail(app)
app.register_blueprint(blueprint_user)
app.register_blueprint(blueprint_client)
app.register_blueprint(blueprint_settings)
app.register_blueprint(blueprint_userprofile_init)
@app.route('/')
def app(request):
app = Flask(__name__)
app.response_class = Response
app.debug = True
app.config['SECRET_KEY'] = 'secret'
app.config['TESTING'] = True
app.config['LOGIN_DISABLED'] = False
app.config['WTF_CSRF_ENABLED'] = False
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SECURITY_PASSWORD_SALT'] = 'salty'
for opt in [
'changeable', 'recoverable', 'registerable', 'trackable',
'passwordless', 'confirmable'
]:
app.config['SECURITY_' + opt.upper()] = opt in request.keywords
if 'settings' in request.keywords:
for key, value in request.keywords['settings'].kwargs.items():
app.config['SECURITY_' + key.upper()] = value
mail = Mail(app)
if 'babel' not in request.keywords or \
request.keywords['babel'].args[0]:
babel = Babel(app)
app.babel = babel
app.json_encoder = JSONEncoder
app.mail = mail
@app.route('/')
def index():
return render_template('index.html', content='Home Page')
@app.route('/profile')
@login_required
def profile():
return render_template('index.html', content='Profile Page')
@app.route('/post_login')
@login_required
def post_login():
return render_template('index.html', content='Post Login')
@app.route('/http')
@http_auth_required
def http():
return 'HTTP Authentication'
@app.route('/http_custom_realm')
@http_auth_required('My Realm')
def http_custom_realm():
return render_template('index.html', content='HTTP Authentication')
@app.route('/token', methods=['GET', 'POST'])
@auth_token_required
def token():
return render_template('index.html', content='Token Authentication')
@app.route('/multi_auth')
@auth_required('session', 'token', 'basic')
def multi_auth():
return render_template('index.html',
content='Session, Token, Basic auth')
@app.route('/post_logout')
def post_logout():
return render_template('index.html', content='Post Logout')
@app.route('/post_register')
def post_register():
return render_template('index.html', content='Post Register')
@app.route('/admin')
@roles_required('admin')
def admin():
return render_template('index.html', content='Admin Page')
@app.route('/admin_and_editor')
@roles_required('admin', 'editor')
def admin_and_editor():
return render_template('index.html', content='Admin and Editor Page')
@app.route('/admin_or_editor')
@roles_accepted('admin', 'editor')
def admin_or_editor():
return render_template('index.html', content='Admin or Editor Page')
@app.route('/unauthorized')
def unauthorized():
return render_template('unauthorized.html')
@app.route('/page1')
def page_1():
return 'Page 1'
return app
def base_app(request):
"""Flask application fixture without OAuthClient initialized."""
instance_path = tempfile.mkdtemp()
base_app = Flask('testapp')
base_app.config.update(
TESTING=True,
WTF_CSRF_ENABLED=False,
LOGIN_DISABLED=False,
CACHE_TYPE='simple',
OAUTHCLIENT_REMOTE_APPS=dict(
cern=CERN_REMOTE_APP,
orcid=ORCID_REMOTE_APP,
github=GITHUB_REMOTE_APP,
),
GITHUB_APP_CREDENTIALS=dict(
consumer_key='github_key_changeme',
consumer_secret='github_secret_changeme',
),
ORCID_APP_CREDENTIALS=dict(
consumer_key='orcid_key_changeme',
consumer_secret='orcid_secret_changeme',
),
CERN_APP_CREDENTIALS=dict(
consumer_key='cern_key_changeme',
consumer_secret='cern_secret_changeme',
),
# use local memory mailbox
EMAIL_BACKEND='flask_email.backends.locmem.Mail',
SQLALCHEMY_DATABASE_URI=os.getenv('SQLALCHEMY_DATABASE_URI',
'sqlite://'),
SERVER_NAME='localhost',
DEBUG=False,
SECRET_KEY='TEST',
SECURITY_DEPRECATED_PASSWORD_SCHEMES=[],
SECURITY_PASSWORD_HASH='plaintext',
SECURITY_PASSWORD_SCHEMES=['plaintext'],
)
FlaskMenu(base_app)
Babel(base_app)
Mail(base_app)
InvenioDB(base_app)
InvenioAccounts(base_app)
with base_app.app_context():
if str(db.engine.url) != 'sqlite://' and \
not database_exists(str(db.engine.url)):
create_database(str(db.engine.url))
db.create_all()
def teardown():
with base_app.app_context():
db.session.close()
if str(db.engine.url) != 'sqlite://':
drop_database(str(db.engine.url))
shutil.rmtree(instance_path)
request.addfinalizer(teardown)
base_app.test_request_context().push()
return base_app
def base_app(request):
"""Flask application fixture without OAuthClient initialized."""
# allow HTTP for keycloak tests, and create the KEYCLOAK_REMOTE_APP
os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"
base_url, realm = "http://localhost:8080", "test"
helper = KeycloakSettingsHelper(title="Keycloak",
description="",
base_url=base_url,
realm=realm)
KEYCLOAK_REMOTE_APP = helper.remote_app
instance_path = tempfile.mkdtemp()
base_app = Flask('testapp')
base_app.config.update(
ACCOUNTS_LOCAL_LOGIN_ENABLED=True,
TESTING=True,
WTF_CSRF_ENABLED=False,
LOGIN_DISABLED=False,
CACHE_TYPE='simple',
OAUTHCLIENT_SIGNUP_FORM=_create_registrationform,
OAUTHCLIENT_REMOTE_APPS=dict(
cern=CERN_REMOTE_APP,
cern_openid=CERN_OPENID_REMOTE_APP,
orcid=ORCID_REMOTE_APP,
github=GITHUB_REMOTE_APP,
globus=GLOBUS_REMOTE_APP,
keycloak=KEYCLOAK_REMOTE_APP,
),
OAUTHCLIENT_REST_REMOTE_APPS=dict(
cern=CERN_REMOTE_REST_APP,
cern_openid=CERN_OPENID_REMOTE_REST_APP,
orcid=ORCID_REMOTE_REST_APP,
github=GITHUB_REMOTE_REST_APP,
globus=GLOBUS_REMOTE_REST_APP,
),
OAUTHCLIENT_STATE_EXPIRES=300,
GITHUB_APP_CREDENTIALS=dict(
consumer_key='github_key_changeme',
consumer_secret='github_secret_changeme',
),
ORCID_APP_CREDENTIALS=dict(
consumer_key='orcid_key_changeme',
consumer_secret='orcid_secret_changeme',
),
CERN_APP_CREDENTIALS=dict(
consumer_key='cern_key_changeme',
consumer_secret='cern_secret_changeme',
),
CERN_APP_OPENID_CREDENTIALS=dict(
consumer_key='cern_key_changeme',
consumer_secret='cern_secret_changeme',
),
GLOBUS_APP_CREDENTIALS=dict(
consumer_key='globus_key_changeme',
consumer_secret='globus_secret_changeme',
),
TEST_APP_CREDENTIALS=dict(
consumer_key='test_key_changeme',
consumer_secret='test_secret_changeme',
),
OAUTHCLIENT_KEYCLOAK_USER_INFO_URL=helper.user_info_url,
OAUTHCLIENT_KEYCLOAK_REALM_URL=helper.realm_url,
OAUTHCLIENT_KEYCLOAK_VERIFY_AUD=True,
OAUTHCLIENT_KEYCLOAK_VERIFY_EXP=False,
OAUTHCLIENT_KEYCLOAK_AUD="invenio",
KEYCLOAK_APP_CREDENTIALS=dict(
consumer_key="keycloak_key_changeme",
consumer_secret="keycloak_secret_changeme",
),
# use local memory mailbox
EMAIL_BACKEND='flask_email.backends.locmem.Mail',
SQLALCHEMY_DATABASE_URI=os.getenv('SQLALCHEMY_DATABASE_URI',
'sqlite://'),
# Alembic runs all migrations in a single transaction, and in
# oauthclient the useridentity table can be in state where it's created
# and then deleted in the same transaction. On PostgreSQL which
# supports transactional DDL therefore fails if we don't run each
# migration in its own migration.
ALEMBIC_CONTEXT={
'transaction_per_migration': True,
},
SERVER_NAME='localhost',
DEBUG=False,
SECRET_KEY='TEST',
SECURITY_DEPRECATED_PASSWORD_SCHEMES=[],
SQLALCHEMY_TRACK_MODIFICATIONS=False,
SECURITY_PASSWORD_HASH='plaintext',
SECURITY_PASSWORD_SCHEMES=['plaintext'],
APP_ALLOWED_HOSTS=['localhost'],
APP_THEME=['semantic-ui'],
THEME_ICONS={'semantic-ui': dict(link='linkify icon')})
FlaskMenu(base_app)
Babel(base_app)
Mail(base_app)
InvenioDB(base_app)
InvenioAccounts(base_app)
with base_app.app_context():
if str(db.engine.url) != 'sqlite://' and \
not database_exists(str(db.engine.url)):
create_database(str(db.engine.url))
db.create_all()
def teardown():
with base_app.app_context():
db.session.close()
if str(db.engine.url) != 'sqlite://':
drop_database(str(db.engine.url))
shutil.rmtree(instance_path)
db.engine.dispose()
request.addfinalizer(teardown)
base_app.test_request_context().push()
return base_app
# -*- encoding=UTF-8 -*-
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_login import LoginManager
import pymysql
from flask_admin import Admin, BaseView, expose
from flask_login import current_user
from flask_babelex import Babel
app = Flask(__name__)
admin = Admin(app, name='后台管理')
babel = Babel(app)
app.config['BABEL_DEFAULT_LOCALE'] = 'zh_CN'
app.jinja_env.add_extension('jinja2.ext.loopcontrols')
app.config.from_pyfile('app.conf')
app.secret_key = 'nowcoder'
db = SQLAlchemy(app)
login_manager = LoginManager(app)
login_manager.login_view = '/regloginpage/'
pymysql.install_as_MySQLdb()
class MyView(BaseView):
def is_accessible(self):
return current_user.is_authenticated
@expose('/')
def index1(self):
return self.render('index1.html')
def create_app():
app = Flask(__name__)
app.config["DEBUG"] = True
app.config["SECRET_KEY"] = "super-secret"
app.config["LOGIN_DISABLED"] = False
app.config["WTF_CSRF_ENABLED"] = False
# Don't actually send any email - instead we subscribe to signals
# and print out required info.
app.config["MAIL_SUPPRESS_SEND"] = True
app.config["SECURITY_TWO_FACTOR_SECRET"] = {
"1": "TjQ9Qa31VOrfEzuPy4VHQWPCTmRzCnFzMKLxXYiZu9B"
}
app.config["SECURITY_PASSWORD_SALT"] = "salty"
# Make this plaintext for most tests - reduces unit test time by 50%
app.config["SECURITY_PASSWORD_HASH"] = "plaintext"
# Make this hex_md5 for token tests
app.config["SECURITY_HASHING_SCHEMES"] = ["hex_md5"]
app.config["SECURITY_DEPRECATED_HASHING_SCHEMES"] = []
for opt in [
"changeable",
"recoverable",
"registerable",
"trackable",
"NOTpasswordless",
"confirmable",
"two_factor",
]:
app.config["SECURITY_" + opt.upper()] = True
if os.environ.get("SETTINGS"):
app.config.from_envvar("SETTINGS")
mail = Mail(app)
babel = Babel(app)
app.babel = babel
app.json_encoder = JSONEncoder
app.mail = mail
# Setup Flask-Security
user_datastore = SQLAlchemySessionUserDatastore(db_session, User, Role)
Security(app, user_datastore)
# Create a user to test with
@app.before_first_request
def create_user():
init_db()
db_session.commit()
@user_registered.connect_via(app)
def on_user_registerd(myapp, user, confirm_token):
print("User {} registered with token {}".format(user.email, confirm_token))
@reset_password_instructions_sent.connect_via(app)
def on_reset(myapp, user, token):
print("User {} started password reset with token {}".format(user.email, token))
@tf_security_token_sent.connect_via(app)
def on_token_sent(myapp, user, token, method):
print(
"User {} was sent two factor token {} via {}".format(
user.email, token, method
)
)
# Views
@app.route("/")
@login_required
def home():
return render_template_string("Hello {{email}} !", email=current_user.email)
return app
def create_app():
app = Flask(__name__,
static_url_path='/static',
static_folder='static',
template_folder='templates',
instance_relative_config=True)
app.config.from_object(config.Config)
db.init_app(app)
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore, login_form=LoginForm)
babel = Babel(app, default_locale='ru')
with app.test_request_context():
if not os.path.isfile(
app.config.get('SQLALCHEMY_DATABASE_URI').replace(
'sqlite:///', '')):
db.create_all()
admin_role = Role('admin')
db.session.add(admin_role)
db.session.commit()
linux = OperationSystemType('Linux')
windows = OperationSystemType('Windows')
db.session.add_all([linux, windows])
db.session.commit()
ct_agent = Agent('CerediraTess', windows)
ct_agent.add_role(admin_role)
db.session.add(ct_agent)
db.session.commit()
user_datastore.create_user(email='*****@*****.**',
password=hash_password("admin"),
roles=[admin_role],
username='******')
db.session.commit()
with app.app_context():
import flask_admin as admin
# Create admin
admin = admin.Admin(app,
'CerediraTess',
template_mode='bootstrap4',
index_view=MyAdminIndexView(),
base_template='my_master.html',
static_url_path='../static')
admin.add_link(
MenuLink(name='Выполнение запросов',
category='',
url='/CerediraTess.html'))
admin.add_link(
MenuLink(name='Блокировка агентов',
category='',
url='/AgentLocker.html'))
admin.add_view(
UserModelView(User,
db.session,
endpoint='User',
name='Пользователи'))
admin.add_view(
RoleModelView(Role, db.session, endpoint='Role', name='Роли'))
admin.add_view(
OperationSystemTypeModelView(OperationSystemType,
db.session,
endpoint='OperationSystemType',
name='Типы ОС'))
admin.add_view(
AgentModelView(Agent, db.session, endpoint='Agent', name='Агенты'))
admin.add_view(
ScriptModelView(Script,
db.session,
endpoint='Script',
name='Скрипты'))
from ceredira_tess.commons import app as app2
app.register_blueprint(app2)
@babel.localeselector
def get_locale():
# Put your logic here. Application can store locale in
# user profile, cookie, session, etc.
return 'ru'
@app.context_processor
def inject_url():
return dict(admin_view=admin.index_view, get_url=url_for, role=Role)
@security.context_processor
def security_context_processor():
return dict(admin_base_template=admin.base_template,
admin_view=admin.index_view,
h=helpers,
get_url=url_for,
role=Role)
return app
def create_app(config=None):
app = Flask('app')
app.config.update(
dict(
DEBUG=True,
SECRET_KEY=b'baetorkploggdhrykdorngvhdkdofgndhdfduhfkjg',
# USERNAME='******',
# PASSWORD='******',
SQLALCHEMY_DATABASE_URI='sqlite:///' +
os.path.join(app.root_path, 'app.db'),
# DEFAULT_MAIL_SENDER='*****@*****.**',
SECURITY_REGISTERABLE=True,
SECURITY_CONFIRMABLE=False,
SECURITY_RECOVERABLE=True,
SQLALCHEMY_TRACK_MODIFICATIONS=False,
SECURITY_PASSWORD_SALT=b'xxx',
SECURITY_SEND_REGISTER_EMAIL=False,
SECURITY_USER_IDENTITY_ATTRIBUTES='email'
# SECURITY_POST_LOGIN_VIEW='/'
))
# Setup babel
babel = Babel(app)
@babel.localeselector
def get_locale():
override = request.args.get('lang')
if override:
session['lang'] = override
rv = session.get('lang', 'en')
return rv
db, user_datastore, profile_datastore, admin_datastore = database.setup(
app)
app.context_processor(lambda: dict(params=params))
# Views
@app.route('/')
@login_required
def home():
user_id = current_user.get_id()
user = user_datastore.get_user(user_id)
# This one is a list of Role names
print(int(str(user.roles[0])[5:-1]))
if int(str(user.roles[0])[5:-1]) == 1:
return redirect(url_for('home_user'))
elif int(str(user.roles[0])[5:-1]) == 2:
return redirect(url_for('admin'))
# Views
@app.route('/home_user', methods=['GET', 'POST'])
@roles_accepted('user')
def home_user():
user_id = current_user.get_id()
if request.method == 'POST':
profile_datastore.send_answer(user_id,
answer=request.form.get('rsvp'))
return render_template('home_user.html',
user=user_datastore.get_user(user_id))
@app.route('/prepare_info')
@login_required
def prepare_info():
user_id = current_user.get_id()
return render_template('prepare_info.html',
user=user_datastore.get_user(user_id))
# Views
@app.route('/privacy')
def privacy():
return render_template('privacy.html')
@app.route('/terms')
def terms():
return render_template('terms.html')
# Views
@app.route('/admin', methods='GET POST'.split())
@roles_accepted('admin')
def admin():
if request.method == 'POST':
if request.form.get('email') and request.form.get(
'email') != 'Enter donors email':
if admin_datastore.increase_donations(
email=request.form.get('email')):
flash('donation added')
return render_template('admin.html')
@app.route('/admin_donors', methods='GET POST'.split())
@roles_accepted('admin')
def admin_donors():
if request.form.get('invite'):
admin_datastore.send_invite(user_id=request.form.get('id'))
return render_template('admin_donors.html',
admins=admin_datastore.get_all_admins(),
donors=admin_datastore.get_all_donors())
@app.route('/find_donors', methods='GET POST'.split())
@roles_accepted('admin')
def find_donors():
return render_template('find_donors.html')
# Views
@app.route('/profile', methods='POST GET'.split())
@login_required
def profile():
user_id = current_user.get_id()
if request.method == 'POST':
if request.form.get('blood'):
profile_datastore.change_user_info(
user_id, blood=request.form.get('blood'))
if request.form.get('age') and request.form.get(
'age') != 'Enter your age here':
print(request.form.get('age'))
profile_datastore.change_user_info(user_id,
age=request.form.get('age'))
if request.form.get('address') and request.form.get(
'address') != 'Enter your address here':
print(request.form.get('address'))
profile_datastore.change_user_info(
user_id, address=request.form.get('address'))
if request.form.get('postcode_num') and request.form.get(
'postcode_num') != 'Enter your postcode here':
print(request.form['postcode_num'])
profile_datastore.change_user_info(
user_id, postcode_num=request.form.get('postcode_num'))
if request.form.get('email_job') and request.form.get(
'email_job') != 'Enter email here':
print(request.form['email_job'])
profile_datastore.change_user_info(
user_id, email_job=request.form.get('email_job'))
# print({info: request.form[info] for info in 'blood age address postcode_num email_job'.split()},
# user_id)
# profile_datastore.change_user_info(
# **{info: request.form[info] for info in 'blood age address postcode_num email_job'.split()},
# user_id=user_id
# )
return render_template('profile.html',
user=user_datastore.get_user(user_id))
return app
theme_translations_dir = join(theme.current.path,
'translations')
if exists(theme_translations_dir):
domain = theme.current.identifier
theme_translations = Translations.load(
theme_translations_dir, locale, domain=domain)
translations.merge(theme_translations)
cache[str(locale)] = translations
return translations
domain = PluggableDomain(domain='udata')
babel = Babel(default_domain=domain)
# Create shortcuts for the default Flask domain
def gettext(*args, **kwargs):
return domain.gettext(*args, **kwargs)
_ = gettext
def ngettext(*args, **kwargs):
return domain.ngettext(*args, **kwargs)
N_ = ngettext
def create_app(config_name):
from config import config, logger
app.config.from_object(config[config_name])
# 中文化
Babel(app)
# 注册flask-login
login.init_app(app)
# bootstrap
bootstrap.init_app(app)
@login.user_loader
def load_user(user_id):
return User.query.get(user_id)
# 注册蓝图
from app.main.views import bp as main_bp
app.register_blueprint(main_bp)
# 注册数据库
db.init_app(app)
# 注册flask-admin
admin.init_app(
app, index_view=AdminIndexView(template='admin/index.html', url='/'))
# 注册APScheduler
scheduler.init_app(app)
scheduler.start()
# 视图
from app.models.task import Task
from app.models.rss_task import RSSTask
from app.models.mail_setting import MailSetting
from app.models.notification import Notification
from app.models.task_status import TaskStatus
from app.models.user import User
admin.add_view(TaskStatusView(TaskStatus, db.session, name='任务状态'))
admin.add_view(TaskView(Task, db.session, name='网页监控任务管理'))
admin.add_view(RSSTaskView(RSSTask, db.session, name='RSS监控任务管理'))
admin.add_view(NotificationView(Notification, db.session, name='通知方式管理'))
admin.add_view(MailSettingView(MailSetting, db.session, name='系统邮箱设置'))
admin.add_view(UserView(User, db.session, name='账号密码管理'))
with app.test_request_context():
db.create_all()
mail_setting = MailSetting.query.first()
# 插入默认邮箱配置
if mail_setting is None:
mail_setting = MailSetting()
db.session.add(mail_setting)
db.session.commit()
# 初始化账号密码
user = User.query.first()
if user is None:
import random
import string
random_password = ''.join(
random.sample(string.ascii_letters + string.digits, 10))
logger.info('数据库初始化成功,初始密码为' + random_password)
user = User('admin', random_password)
db.session.add(user)
db.session.commit()
# 插入默认通知方式
notis = Notification.query.all()
mail_exist = False
wechat_exist = False
if len(notis) != 0:
for noti in notis:
if noti.type == 'mail':
mail_exist = True
if noti.type == 'wechat':
wechat_exist = True
if not mail_exist:
mail_noti = Notification('mail')
db.session.add(mail_noti)
db.session.commit()
if not wechat_exist:
wechat_noti = Notification('wechat')
db.session.add(wechat_noti)
db.session.commit()
ppid = psutil.Process(os.getppid())
ppid_name = ppid.name()
# 加这一步判断主要是因为,
# 在debug模式下,会启动另外一个线程来自动重载,
# 这样会导致在两个线程中都启动任务,造成重复
if ('python' in ppid_name and
config_name == 'development') or config_name != 'development':
# 在系统重启时重启任务
from app.main.scheduler import add_job
task_statuss = TaskStatus.query.all()
count = 0
for task_status in task_statuss:
if task_status.task_status == 'run':
count += 1
task_id = task_status.task_id
if task_status.task_type == 'html':
task = Task.query.filter_by(id=task_id).first()
add_job(task.id, task.frequency)
logger.info('重启task_' + str(task_id))
elif task_status.task_type == 'rss':
task = RSSTask.query.filter_by(id=task_id).first()
add_job(task_id, task.frequency, 'rss')
logger.info('重启task_rss' + str(task_id))
logger.info('重启{}个任务'.format(count))
return app
fh = logging.FileHandler(logdir + '/' + logfile)
fh.setLevel(loglevel) # use same logging level for handler ...
fh.setFormatter(formatter)
logger.setLevel(loglevel) # ... and logger
logger.addFilter(ContextFilter())
logger.addHandler(fh)
logger.info(f"Starting with {logger}")
print(f'app.init.setup_logging: {app} with {logger} file {fh.stream.name}')
return
setup_logging()
shareds.babel = Babel(shareds.app)
#-----------------------------------------------------------------------------
# KEEP THIS AS THE FIRST REGISTERING BECAUSE OF FLASK TEMPLATE HANDLIND LOGIC
from bp.stk_security import bp as stk_security_bp
shareds.app.register_blueprint(stk_security_bp)
#-----------------------------------------------------------------------------
from bp.start import bp as start_bp
shareds.app.register_blueprint(start_bp)
from bp.gedcom import bp as gedcom_bp
shareds.app.register_blueprint(gedcom_bp)
from bp.scene import bp as scene_bp
shareds.app.register_blueprint(scene_bp)
def create_app(ENV_SETTING):
app = Flask(__name__, instance_relative_config=True)
#configuration
app.config.from_object(app_config[ENV_SETTING])
# Logging configuration
logging.config.dictConfig(yaml.load(open(app.config['LOGGING_FILEPATH'])))
# Yaml Loader to load css and js
assets = Environment(app)
loader = YAMLLoader(app.config['ASSETS_FILEPATH']).load_bundles()
load_assets(assets, loader)
#database init
db.init_app(app)
# with app.app_context():
# create_user(app,db)
#flask_admin
admin = Admin(app, index_view=AdminIndexCustomView(url=None,endpoint=None) , name='Admin Panel', base_template='admin/my_master.html', template_mode='bootstrap3')
# Mail
mail.init_app(app)
# csrf
csrf.init_app(app)
#SSL
sslify = SSLify(app)
#setting babelex
babel = Babel(app)
@babel.localeselector
def get_locale():
# if the user has set up the language manually it will be stored in the session,
# so we use the locale from the user settings
try:
language = session['language']
except KeyError:
language = None
if language is not None:
return language
return request.accept_languages.best_match(app.config['LANGUAGES'].keys())
# Inject to JINJA Template
app.context_processor(inject_current_language)
app.context_processor(inject_all_languages)
app.context_processor(inject_google_token)
app.context_processor(inject_total_notification)
app.context_processor(inject_tasks)
# Template Filter
app.jinja_env.globals['momentjs'] = momentjs
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
# Integrate Flask Security with Flask Admin
@security.context_processor
def security_context_processor():
return dict(
admin_base_template=admin.base_template,
admin_view=admin.index_view,
h=admin_helpers,
get_url=url_for
)
# Admin Views
load_admin_views(admin, db)
# Blueprint Views
load_blueprints(app)
# Register Error Handling
app.register_error_handler(400, bad_request)
app.register_error_handler(404, page_not_found)
app.register_error_handler(403, page_forbidden)
app.register_error_handler(500, page_server_error)
app.logger.info('app started')
return app
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
@babel.localeselector
def get_locale():
translations = [
str(translation) for translation in babel.list_translations()
]
# return request.accept_languages.best_match(translations)
# @babel.localeselector
#def get_locale():
# if request.args.get('lang'):
# session['lang'] = request.args.get('lang')
# return session.get('lang', 'tr')
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# The Home page is accessible to anyone
@app.route('/')
def home():
return render_template('/index.html')
@app.route('/üye')
def uye():
veriler = User.query.all()
return render_template('/üye.html', veriler=veriler)
@app.route('/add', methods=["POST"])
def adduser():
email = request.form.get("e-mail")
sifre = request.form.get("sifre")
email_confirmed_at = datetime.datetime.utcnow()
newuser = User(email=email,
password=sifre,
email_confirmed_at=email_confirmed_at)
db.session.add(newuser)
db.session.commit()
return redirect(url_for("uye"))
return app
def create_app(debug=True, test=False):
'''creates app instance, db instance, and apimanager instance'''
app.config['DEBUG'] = debug
# Generate DB URI
if settings.SQL_ADAPTER == 'sqlite':
db_uri = settings.SQLALCHEMY_SQLITE_URI
elif settings.SQL_ADAPTER.startswith('post'):
if test:
db_to_use = settings.SQL_TEST_DB
elif settings.DEBUG:
db_to_use = settings.SQL_DEVELOPMENT_DB
else:
db_to_use = settings.SQL_PRODUCTION_DB
# db_uri = 'postgres://postgres@%s:5432/%s' % (
db_uri = 'postgres://%s:%s@%s:5432/%s' % (settings.SQL_USER,
settings.SQL_PASSWORD,
settings.SQL_HOST, db_to_use)
else:
raise ValueError("Value of SQL_ADAPTER in settings must be either"
"'sqlite' or 'postgres'")
app.config['SQLALCHEMY_DATABASE_URI'] = db_uri
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.secret_key = "very_sekret" # move this out of here eventually
# Initialize assets
init_assets(app)
# Initialize caching
db.init_app(app)
cache.init_app(app)
# i18n support
Babel(app)
# API
marshmallow.init_app(app)
# Set up mail stuff
params = ['USER_EMAIL_SENDER_NAME', 'USER_EMAIL_SENDER_EMAIL']
if settings.MAIL_ENABLE:
params += [
'MAIL_USERNAME', 'MAIL_PASSWORD', 'MAIL_SERVER', 'MAIL_PORT',
'MAIL_USE_SSL', 'MAIL_DEBUG'
]
app.config['USER_ENABLE_FORGOT_PASSWORD'] = True
app.config.update({(p, getattr(settings, p)) for p in params})
mail.init_app(app)
# Set up user management
app.config['CSRF_ENABLED'] = True
UserManager(app, db, User)
# load blueprints
register_blueprints()
# set up logging
setup_logging(logging_path=settings.LOGGING_PATH,
level=settings.LOGGING_LEVEL)
def app(request):
"""Flask application fixture."""
# Set temporary instance path for sqlite
instance_path = tempfile.mkdtemp()
app = Flask('testapp', instance_path=instance_path)
app.config.update(SQLALCHEMY_DATABASE_URI=os.environ.get(
'SQLALCHEMY_DATABASE_URI', 'sqlite:///test.db'),
TESTING=True,
SECRET_KEY='SECRET_KEY',
SQLALCHEMY_TRACK_MODIFICATIONS=False,
JSONSCHEMAS_ENDPOINT='/schema',
JSONSCHEMAS_HOST='ils.test.rero.ch',
RECORDS_UI_ENDPOINTS={
"doc": {
"pid_type":
"doc",
"route":
"/documents/<pid_value>",
"template":
"reroils_data/detailed_view_documents_items.html"
}
})
InvenioDB(app)
InvenioPIDStore(app)
InvenioRecords(app)
InvenioAccounts(app)
REROILSDATA(app)
InvenioAccess(app)
InvenioJSONSchemas(app)
InvenioRecordsUI(app)
Menu(app)
Babel(app)
app.register_blueprint(item_blueprint)
@app.route('/test/login')
def login():
from flask_security import login_user
from flask import request as flask_request
role = flask_request.args.get('role')
if role:
datastore.create_role(name=role)
datastore.add_role_to_user(user, role)
datastore.commit()
login_user(user)
return "Logged In"
@app.route('/test/login')
def logout():
from flask_security import logout_user
logout_user()
return "Logged Out"
from invenio_db import db as db_
with app.app_context():
if not database_exists(str(db_.engine.url)):
create_database(str(db_.engine.url))
db_.create_all()
security = LocalProxy(lambda: app.extensions['security'])
datastore = LocalProxy(lambda: security.datastore)
user = datastore.create_user(email='*****@*****.**',
active=True,
password=hash_password('aafaf4as5fa'))
yield app
# Teardown instance path.
db_.session.remove()
db_.drop_all()
shutil.rmtree(instance_path)
def create_app(config_name):
from config import config, logger
app.config.from_object(config[config_name])
# 中文化
Babel(app)
# 注册flask-login
login.init_app(app)
# bootstrap
bootstrap.init_app(app)
@login.user_loader
def load_user(user_id):
return User.query.get(user_id)
# 注册蓝图
from app.main.views import bp as main_bp
app.register_blueprint(main_bp)
# 注册数据库
db.init_app(app)
# 注册flask-admin
admin.init_app(app,
index_view=AdminIndexView(template='admin/index.html',
url='/'))
# 注册APScheduler
scheduler.init_app(app)
scheduler.start()
# 视图
from app.models.task import Task
from app.models.rss_task import RSSTask
from app.models.mail_setting import MailSetting
from app.models.notification import Notification
from app.models.task_status import TaskStatus
from app.models.user import User
admin.add_view(TaskStatusView(TaskStatus, db.session, name='任务状态'))
admin.add_view(TaskView(Task, db.session, name='网页监控任务管理'))
admin.add_view(RSSTaskView(RSSTask, db.session, name='RSS监控任务管理'))
admin.add_view(NotificationView(Notification, db.session, name='通知方式管理'))
admin.add_view(MailSettingView(MailSetting, db.session, name='系统邮箱设置'))
admin.add_view(UserView(User, db.session, name='账号密码管理'))
with app.test_request_context():
db.create_all()
mail_setting = MailSetting.query.first()
# 插入默认邮箱配置
if mail_setting is None:
mail_setting = MailSetting()
db.session.add(mail_setting)
db.session.commit()
# 初始化账号密码
user = User.query.first()
if user is None:
user = User('admin', 'admin')
db.session.add(user)
db.session.commit()
# 插入默认通知方式
notis = Notification.query.all()
mail_exist = False
wechat_exist = False
if len(notis) != 0:
for noti in notis:
if noti.type == 'mail':
mail_exist = True
if noti.type == 'wechat':
wechat_exist = True
if not mail_exist:
mail_noti = Notification('mail')
db.session.add(mail_noti)
db.session.commit()
if not wechat_exist:
wechat_noti = Notification('wechat')
db.session.add(wechat_noti)
db.session.commit()
# 在系统重启时重启任务
from app.main.scheduler import add_job
task_statuss = TaskStatus.query.all()
count = 0
for task_status in task_statuss:
if task_status.task_status == 'run':
count += 1
task_id = task_status.task_id
if task_status.task_type == 'html':
task = Task.query.filter_by(id=task_id).first()
add_job(task.id, task.frequency)
logger.info('重启task_' + str(task_id))
elif task_status.task_type == 'rss':
task = RSSTask.query.filter_by(id=task_id).first()
add_job(task_id, task.frequency, 'rss')
logger.info('重启task_rss' + str(task_id))
logger.info('重启{}个任务'.format(count))
return app
def app(request):
app = Flask(__name__)
app.response_class = Response
app.debug = True
app.config["SECRET_KEY"] = "secret"
app.config["TESTING"] = True
app.config["LOGIN_DISABLED"] = False
app.config["WTF_CSRF_ENABLED"] = False
app.config["SECURITY_TWO_FACTOR_SECRET"] = {
"1": "TjQ9Qa31VOrfEzuPy4VHQWPCTmRzCnFzMKLxXYiZu9B"
}
app.config["SECURITY_TWO_FACTOR_SMS_SERVICE"] = "test"
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
app.config["SECURITY_PASSWORD_SALT"] = "salty"
# Make this plaintext for most tests - reduces unit test time by 50%
app.config["SECURITY_PASSWORD_HASH"] = "plaintext"
# Make this hex_md5 for token tests
app.config["SECURITY_HASHING_SCHEMES"] = ["hex_md5"]
app.config["SECURITY_DEPRECATED_HASHING_SCHEMES"] = []
for opt in [
"changeable",
"recoverable",
"registerable",
"trackable",
"passwordless",
"confirmable",
"two_factor",
]:
app.config["SECURITY_" + opt.upper()] = opt in request.keywords
pytest_major = int(pytest.__version__.split(".")[0])
if pytest_major >= 4:
marker_getter = request.node.get_closest_marker
else:
marker_getter = request.keywords.get
settings = marker_getter("settings")
babel = marker_getter("babel")
if settings is not None:
for key, value in settings.kwargs.items():
app.config["SECURITY_" + key.upper()] = value
mail = Mail(app)
if babel is None or babel.args[0]:
Babel(app)
app.json_encoder = JSONEncoder
app.mail = mail
@app.route("/")
def index():
return render_template("index.html", content="Home Page")
@app.route("/profile")
@login_required
def profile():
return render_template("index.html", content="Profile Page")
@app.route("/post_login")
@login_required
def post_login():
return render_template("index.html", content="Post Login")
@app.route("/http")
@http_auth_required
def http():
return "HTTP Authentication"
@app.route("/http_admin_required")
@http_auth_required
@permissions_required("admin")
def http_admin_required():
return "HTTP Authentication"
@app.route("/http_custom_realm")
@http_auth_required("My Realm")
def http_custom_realm():
return render_template("index.html", content="HTTP Authentication")
@app.route("/token", methods=["GET", "POST"])
@auth_token_required
def token():
return render_template("index.html", content="Token Authentication")
@app.route("/multi_auth")
@auth_required("session", "token", "basic")
def multi_auth():
return render_template("index.html",
content="Session, Token, Basic auth")
@app.route("/post_logout")
def post_logout():
return render_template("index.html", content="Post Logout")
@app.route("/post_register")
def post_register():
return render_template("index.html", content="Post Register")
@app.route("/post_confirm")
def post_confirm():
return render_template("index.html", content="Post Confirm")
@app.route("/admin")
@roles_required("admin")
def admin():
return render_template("index.html", content="Admin Page")
@app.route("/admin_and_editor")
@roles_required("admin", "editor")
def admin_and_editor():
return render_template("index.html", content="Admin and Editor Page")
@app.route("/admin_or_editor")
@roles_accepted("admin", "editor")
def admin_or_editor():
return render_template("index.html", content="Admin or Editor Page")
@app.route("/simple")
@roles_accepted("simple")
def simple():
return render_template("index.html", content="SimplePage")
@app.route("/admin_perm")
@permissions_accepted("full-write", "super")
def admin_perm():
return render_template("index.html",
content="Admin Page with full-write or super")
@app.route("/admin_perm_required")
@permissions_required("full-write", "super")
def admin_perm_required():
return render_template("index.html", content="Admin Page required")
@app.route("/unauthorized")
def unauthorized():
return render_template("unauthorized.html")
@app.route("/page1")
def page_1():
return "Page 1"
@app.route("/json", methods=["GET", "POST"])
def echo_json():
return jsonify(flask_request.get_json())
@app.route("/unauthz", methods=["GET", "POST"])
def unauthz():
return render_template("index.html", content="Unauthorized")
return app
webapp.config['MAIL_USE_SSL'] = app.smtp['use_ssl']
webapp.config['MAIL_USE_TLS'] = app.smtp['use_tls']
webapp.config['MAIL_PORT'] = app.smtp['port']
###############################################################################
# Initialize standard Flask extensions
db.init_app(webapp)
csrf = CSRFProtect(webapp)
security = Security(webapp, user_datastore,
login_form=CustomLoginForm,
register_form=CustomRegisterForm)
mail = Mail(webapp)
migrate = Migrate(webapp, db)
babel = Babel(webapp)
###############################################################################
# Hooks
@webapp.before_first_request
def init_database():
"""Initiate database and create admin user"""
db.create_all()
for role_definition in app.role_definitions:
name = role_definition['name']
description = role_definition['description']
permissions = role_definition['permissions']
level = role_definition['level']
user_datastore.find_or_create_role(
def factory(**config):
app = Flask('testapp', instance_path=instance_path)
app.config.update(**config)
Babel(app)
invenioconfigtugraz(app)
return app
def create_app(config_filename="config.py",
app_name=None,
register_blueprints=True):
# App configuration
app = Flask(app_name or __name__)
app.config.from_pyfile(config_filename)
socketio.init_app(app, message_queue=app.config["SOCKETIO_MESSAGE_QUEUE"])
app.jinja_env.add_extension("jinja2.ext.with_")
app.jinja_env.add_extension("jinja2.ext.do")
if HAS_SENTRY:
app.config["SENTRY_RELEASE"] = raven.fetch_git_sha(
os.path.dirname(__file__))
sentry = Sentry(app, dsn=app.config["SENTRY_DSN"]) # noqa: F841
print("Sentry support activated")
print("Sentry DSN: %s" % app.config["SENTRY_DSN"])
if app.config["DEBUG"] is True:
app.jinja_env.auto_reload = True
app.logger.setLevel(logging.DEBUG)
# Logging
if not app.debug:
formatter = logging.Formatter("%(asctime)s %(levelname)s: %(message)s "
"[in %(pathname)s:%(lineno)d]")
file_handler = RotatingFileHandler("%s/errors_app.log" % os.getcwd(),
"a", 1000000, 1)
file_handler.setLevel(logging.DEBUG)
file_handler.setFormatter(formatter)
app.logger.addHandler(file_handler)
mail.init_app(app)
migrate = Migrate(app, db) # noqa: F841
babel = Babel(app) # noqa: F841
toolbar = DebugToolbarExtension(app) # noqa: F841
db.init_app(app)
git_version = ""
gitpath = os.path.join(os.getcwd(), ".git")
if os.path.isdir(gitpath):
git_version = subprocess.check_output(
["git", "rev-parse", "--short", "HEAD"])
if git_version:
git_version = git_version.strip().decode("UTF-8")
@babel.localeselector
def get_locale():
# if a user is logged in, use the locale from the user settings
identity = getattr(g, "identity", None)
if identity is not None and identity.id:
return identity.user.locale
# otherwise try to guess the language from the user accept
# header the browser transmits. We support fr/en in this
# example. The best match wins.
return request.accept_languages.best_match(["fr", "en"])
@babel.timezoneselector
def get_timezone():
identity = getattr(g, "identity", None)
if identity is not None and identity.id:
return identity.user.timezone
@app.before_request
def before_request():
cfg = {
"PYAIRWAVES_VERSION_VER": VERSION,
"PYAIRWAVES_VERSION_GIT": git_version,
"PYAIRWAVES_VERSION": "{0} ({1})".format(VERSION, git_version),
}
g.cfg = cfg
@app.errorhandler(InvalidUsage)
def handle_invalid_usage(error):
response = jsonify(error.to_dict())
response.status_code = error.status_code
return response
if register_blueprints:
from controllers.main import bp_main
app.register_blueprint(bp_main)
@app.errorhandler(404)
def page_not_found(msg):
pcfg = {
"title": gettext("Whoops, something failed."),
"error": 404,
"message": gettext("Page not found"),
"e": msg,
}
return render_template("error_page.jinja2", pcfg=pcfg), 404
@app.errorhandler(403)
def err_forbidden(msg):
pcfg = {
"title": gettext("Whoops, something failed."),
"error": 403,
"message": gettext("Access forbidden"),
"e": msg,
}
return render_template("error_page.jinja2", pcfg=pcfg), 403
@app.errorhandler(410)
def err_gone(msg):
pcfg = {
"title": gettext("Whoops, something failed."),
"error": 410,
"message": gettext("Gone"),
"e": msg
}
return render_template("error_page.jinja2", pcfg=pcfg), 410
if not app.debug:
@app.errorhandler(500)
def err_failed(msg):
pcfg = {
"title": gettext("Whoops, something failed."),
"error": 500,
"message": gettext("Something is broken"),
"e": msg,
}
return render_template("error_page.jinja2", pcfg=pcfg), 500
@app.after_request
def set_x_powered_by(response):
response.headers["X-Powered-By"] = "pyAirwaves"
return response
# Other commands
@app.cli.command()
def routes():
"""Dump all routes of defined app"""
table = texttable.Texttable()
table.set_deco(texttable.Texttable().HEADER)
table.set_cols_dtype(["t", "t", "t"])
table.set_cols_align(["l", "l", "l"])
table.set_cols_width([50, 30, 80])
table.add_rows([["Prefix", "Verb", "URI Pattern"]])
for rule in sorted(app.url_map.iter_rules(), key=lambda x: str(x)):
methods = ",".join(rule.methods)
table.add_row([rule.endpoint, methods, rule])
print(table.draw())
@app.cli.command()
def config():
"""Dump config"""
pp(app.config)
@app.cli.command()
def seed():
"""Seed database with default content"""
# make_db_seed(db)
pass
@app.cli.command()
def download_and_ingest_faa():
"""Downloads and ingest FAA datas"""
utils_download_and_ingest_faa()
@app.cli.command()
def update_db():
"""Downloads and ingest various datas"""
update_all_db()
@app.cli.command()
def import_aircrafts():
"""Ingest aircrafts"""
update_aircrafts()
@app.cli.command()
def import_registrations():
"""Ingest registrations"""
update_registrations()
return app
def create_app(app_name=None):
# Configuration settings
import config
if not app_name:
app_name = config.APP_NAME
# Only enable password related functionality in server mode.
if config.SERVER_MODE is True:
# Some times we need to access these config params where application
# context is not available (we can't use current_app.config in those
# cases even with current_app.app_context())
# So update these params in config itself.
# And also these updated config values will picked up by application
# since we are updating config before the application instance is
# created.
config.SECURITY_RECOVERABLE = True
config.SECURITY_CHANGEABLE = True
# Now we'll open change password page in alertify dialog
# we don't want it to redirect to main page after password
# change operation so we will open the same password change page again.
config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password'
"""Create the Flask application, startup logging and dynamically load
additional modules (blueprints) that are found in this directory."""
app = PgAdmin(__name__, static_url_path='/static')
# Removes unwanted whitespace from render_template function
app.jinja_env.trim_blocks = True
app.config.from_object(config)
app.config.update(dict(PROPAGATE_EXCEPTIONS=True))
##########################################################################
# Setup logging and log the application startup
##########################################################################
# Add SQL level logging, and set the base logging level
logging.addLevelName(25, 'SQL')
app.logger.setLevel(logging.DEBUG)
app.logger.handlers = []
# We also need to update the handler on the webserver in order to see
# request. Setting the level prevents werkzeug from setting up it's own
# stream handler thus ensuring all the logging goes through the pgAdmin
# logger.
logger = logging.getLogger('werkzeug')
logger.setLevel(logging.INFO)
# Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases
if (
'PGADMIN_TESTING_MODE' in os.environ and
os.environ['PGADMIN_TESTING_MODE'] == '1'
):
config.SQLITE_PATH = config.TEST_SQLITE_PATH
# Ensure the various working directories exist
from pgadmin.setup import create_app_data_directory, db_upgrade
create_app_data_directory(config)
# File logging
fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8')
fh.setLevel(config.FILE_LOG_LEVEL)
fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT))
app.logger.addHandler(fh)
logger.addHandler(fh)
# Console logging
ch = logging.StreamHandler()
ch.setLevel(config.CONSOLE_LOG_LEVEL)
ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT))
app.logger.addHandler(ch)
logger.addHandler(ch)
# Log the startup
app.logger.info('########################################################')
app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION)
app.logger.info('########################################################')
app.logger.debug("Python syspath: %s", sys.path)
##########################################################################
# Setup i18n
##########################################################################
# Initialise i18n
babel = Babel(app)
app.logger.debug('Available translations: %s' % babel.list_translations())
@babel.localeselector
def get_locale():
"""Get the language for the user."""
language = 'en'
if config.SERVER_MODE is False:
# Get the user language preference from the miscellaneous module
if current_user.is_authenticated:
user_id = current_user.id
else:
user = user_datastore.get_user(config.DESKTOP_USER)
if user is not None:
user_id = user.id
user_language = Preferences.raw_value(
'miscellaneous', 'user_language', None, user_id
)
if user_language is not None:
language = user_language
else:
# If language is available in get request then return the same
# otherwise check the session or cookie
data = request.form
if 'language' in data:
language = data['language'] or language
setattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(session, 'PGADMIN_LANGUAGE'):
language = getattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'):
language = getattr(
request.cookies, 'PGADMIN_LANGUAGE', language
)
return language
##########################################################################
# Setup authentication
##########################################################################
app.config['SQLALCHEMY_DATABASE_URI'] = u'sqlite:///{0}?timeout={1}' \
.format(config.SQLITE_PATH.replace(u'\\', u'/'),
getattr(config, 'SQLITE_TIMEOUT', 500)
)
# Create database connection object and mailer
db.init_app(app)
##########################################################################
# Upgrade the schema (if required)
##########################################################################
with app.app_context():
# Run migration for the first time i.e. create database
from config import SQLITE_PATH
if not os.path.exists(SQLITE_PATH):
db_upgrade(app)
else:
version = Version.query.filter_by(name='ConfigDB').first()
schema_version = version.value
# Run migration if current schema version is greater than the
# schema version stored in version table
if CURRENT_SCHEMA_VERSION >= schema_version:
db_upgrade(app)
# Update schema version to the latest
if CURRENT_SCHEMA_VERSION > schema_version:
version = Version.query.filter_by(name='ConfigDB').first()
version.value = CURRENT_SCHEMA_VERSION
db.session.commit()
Mail(app)
import pgadmin.utils.paths as paths
paths.init_app(app)
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(None, user_datastore)
##########################################################################
# Setup security
##########################################################################
with app.app_context():
config.CSRF_SESSION_KEY = Keys.query.filter_by(
name='CSRF_SESSION_KEY').first().value
config.SECRET_KEY = Keys.query.filter_by(
name='SECRET_KEY').first().value
config.SECURITY_PASSWORD_SALT = Keys.query.filter_by(
name='SECURITY_PASSWORD_SALT').first().value
# Update the app.config with proper security keyes for signing CSRF data,
# signing cookies, and the SALT for hashing the passwords.
app.config.update(dict({
'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY,
'SECRET_KEY': config.SECRET_KEY,
'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT,
'SESSION_COOKIE_DOMAIN': config.SESSION_COOKIE_DOMAIN
}))
security.init_app(app, user_datastore)
# register custom unauthorised handler.
app.login_manager.unauthorized_handler(pga_unauthorised)
app.session_interface = create_session_interface(app)
# Make the Session more secure against XSS & CSRF when running in web mode
if config.SERVER_MODE:
paranoid = Paranoid(app)
paranoid.redirect_view = 'browser.index'
##########################################################################
# Load all available server drivers
##########################################################################
driver.init_app(app)
##########################################################################
# Register language to the preferences after login
##########################################################################
@user_logged_in.connect_via(app)
def register_language(sender, user):
# After logged in, set the language in the preferences if we get from
# the login page
data = request.form
if 'language' in data:
language = data['language']
# Set the user language preference
misc_preference = Preferences.module('miscellaneous')
user_languages = misc_preference.preference(
'user_language'
)
if user_languages and language:
language = user_languages.set(language)
##########################################################################
# Register any local servers we can discover
##########################################################################
@user_logged_in.connect_via(app)
def on_user_logged_in(sender, user):
# Keep hold of the user ID
user_id = user.id
# Get the first server group for the user
servergroup_id = 1
servergroups = ServerGroup.query.filter_by(
user_id=user_id
).order_by("id")
if servergroups.count() > 0:
servergroup = servergroups.first()
servergroup_id = servergroup.id
'''Add a server to the config database'''
def add_server(user_id, servergroup_id, name, superuser, port,
discovery_id, comment):
# Create a server object if needed, and store it.
servers = Server.query.filter_by(
user_id=user_id,
discovery_id=svr_discovery_id
).order_by("id")
if servers.count() > 0:
return
svr = Server(user_id=user_id,
servergroup_id=servergroup_id,
name=name,
host='localhost',
port=port,
maintenance_db='postgres',
username=superuser,
ssl_mode='prefer',
comment=svr_comment,
discovery_id=discovery_id)
db.session.add(svr)
db.session.commit()
# Figure out what servers are present
if winreg is not None:
arch_keys = set()
proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower()
try:
proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower()
except Exception as e:
proc_arch64 = None
if proc_arch == 'x86' and not proc_arch64:
arch_keys.add(0)
elif proc_arch == 'x86' or proc_arch == 'amd64':
arch_keys.add(winreg.KEY_WOW64_32KEY)
arch_keys.add(winreg.KEY_WOW64_64KEY)
for arch_key in arch_keys:
for server_type in ('PostgreSQL', 'EnterpriseDB'):
try:
root_key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
"SOFTWARE\\" + server_type + "\Services", 0,
winreg.KEY_READ | arch_key
)
for i in xrange(0, winreg.QueryInfoKey(root_key)[0]):
inst_id = winreg.EnumKey(root_key, i)
inst_key = winreg.OpenKey(root_key, inst_id)
svr_name = winreg.QueryValueEx(
inst_key, 'Display Name'
)[0]
svr_superuser = winreg.QueryValueEx(
inst_key, 'Database Superuser'
)[0]
svr_port = winreg.QueryValueEx(inst_key, 'Port')[0]
svr_discovery_id = inst_id
svr_comment = gettext(
"Auto-detected %s installation with the data "
"directory at %s" % (
winreg.QueryValueEx(
inst_key, 'Display Name'
)[0],
winreg.QueryValueEx(
inst_key, 'Data Directory'
)[0]
)
)
add_server(
user_id, servergroup_id, svr_name,
svr_superuser, svr_port,
svr_discovery_id, svr_comment
)
inst_key.Close()
except Exception as e:
pass
else:
# We use the postgres-winreg.ini file on non-Windows
try:
from configparser import ConfigParser
except ImportError:
from ConfigParser import ConfigParser # Python 2
registry = ConfigParser()
try:
registry.read('/etc/postgres-reg.ini')
sections = registry.sections()
# Loop the sections, and get the data from any that are PG or PPAS
for section in sections:
if (
section.startswith('PostgreSQL/') or
section.startswith('EnterpriseDB/')
):
svr_name = registry.get(section, 'Description')
svr_superuser = registry.get(section, 'Superuser')
svr_port = registry.getint(section, 'Port')
svr_discovery_id = section
description = registry.get(section, 'Description')
data_directory = registry.get(section, 'DataDirectory')
if hasattr(str, 'decode'):
description = description.decode('utf-8')
data_directory = data_directory.decode('utf-8')
svr_comment = gettext(u"Auto-detected %s installation "
u"with the data directory at %s" % (
description,
data_directory
)
)
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port, svr_discovery_id,
svr_comment)
except Exception as e:
pass
@user_logged_in.connect_via(app)
@user_logged_out.connect_via(app)
def force_session_write(app, user):
session.force_write = True
##########################################################################
# Load plugin modules
##########################################################################
for module in app.find_submodules('pgadmin'):
app.logger.info('Registering blueprint module: %s' % module)
app.register_blueprint(module)
##########################################################################
# Handle the desktop login
##########################################################################
@app.before_request
def before_request():
"""Login the default user if running in desktop mode"""
# Check the auth key is valid, if it's set, and we're not in server
# mode, and it's not a help file request.
if not config.SERVER_MODE and app.PGADMIN_KEY != '':
if (
('key' not in request.args or
request.args['key'] != app.PGADMIN_KEY) and
request.cookies.get('PGADMIN_KEY') != app.PGADMIN_KEY and
request.endpoint != 'help.static'
):
abort(401)
if not config.SERVER_MODE and not current_user.is_authenticated:
user = user_datastore.get_user(config.DESKTOP_USER)
# Throw an error if we failed to find the desktop user, to give
# the sysadmin a hint. We'll continue to try to login anyway as
# that'll through a nice 500 error for us.
if user is None:
app.logger.error(
'The desktop user %s was not found in the configuration '
'database.'
% config.DESKTOP_USER
)
abort(401)
login_user(user)
@app.after_request
def after_request(response):
if 'key' in request.args:
domain = dict()
if config.COOKIE_DEFAULT_DOMAIN and \
config.COOKIE_DEFAULT_DOMAIN != 'localhost':
domain['domain'] = config.COOKIE_DEFAULT_DOMAIN
response.set_cookie('PGADMIN_KEY', value=request.args['key'],
path=config.COOKIE_DEFAULT_PATH,
**domain)
return response
##########################################################################
# Minify output
##########################################################################
# HTMLMIN doesn't work with Python 2.6.
if not config.DEBUG and sys.version_info >= (2, 7):
from flask_htmlmin import HTMLMIN
HTMLMIN(app)
@app.context_processor
def inject_blueprint():
"""Inject a reference to the current blueprint, if any."""
return {
'current_app': current_app,
'current_blueprint': current_blueprint
}
##########################################################################
# All done!
##########################################################################
return app
import sys
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_babelex import Babel
app = Flask(__name__)
babel = Babel(app) # 国际化
app.config.from_object('config')
db = SQLAlchemy(app)
from app import routers
def create_app(app_name=None):
# Configuration settings
import config
if not app_name:
app_name = config.APP_NAME
# Check if app is created for CLI operations or Web
cli_mode = False
if app_name.endswith('-cli'):
cli_mode = True
# Only enable password related functionality in server mode.
if config.SERVER_MODE is True:
# Some times we need to access these config params where application
# context is not available (we can't use current_app.config in those
# cases even with current_app.app_context())
# So update these params in config itself.
# And also these updated config values will picked up by application
# since we are updating config before the application instance is
# created.
config.SECURITY_RECOVERABLE = True
config.SECURITY_CHANGEABLE = True
# Now we'll open change password page in alertify dialog
# we don't want it to redirect to main page after password
# change operation so we will open the same password change page again.
config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password'
"""Create the Flask application, startup logging and dynamically load
additional modules (blueprints) that are found in this directory."""
app = PgAdmin(__name__, static_url_path='/static')
# Removes unwanted whitespace from render_template function
app.jinja_env.trim_blocks = True
app.config.from_object(config)
app.config.update(dict(PROPAGATE_EXCEPTIONS=True))
##########################################################################
# Setup logging and log the application startup
##########################################################################
# We won't care about errors in the logging system, we are more
# interested in application errors.
logging.raiseExceptions = False
# Add SQL level logging, and set the base logging level
logging.addLevelName(25, 'SQL')
app.logger.setLevel(logging.DEBUG)
app.logger.handlers = []
# We also need to update the handler on the webserver in order to see
# request. Setting the level prevents werkzeug from setting up it's own
# stream handler thus ensuring all the logging goes through the pgAdmin
# logger.
logger = logging.getLogger('werkzeug')
logger.setLevel(config.CONSOLE_LOG_LEVEL)
# Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases
if ('PGADMIN_TESTING_MODE' in os.environ
and os.environ['PGADMIN_TESTING_MODE'] == '1'):
config.SQLITE_PATH = config.TEST_SQLITE_PATH
config.MASTER_PASSWORD_REQUIRED = False
config.UPGRADE_CHECK_ENABLED = False
if not cli_mode:
# Ensure the various working directories exist
from pgadmin.setup import create_app_data_directory
create_app_data_directory(config)
# File logging
fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8')
fh.setLevel(config.FILE_LOG_LEVEL)
fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT))
app.logger.addHandler(fh)
logger.addHandler(fh)
# Console logging
ch = logging.StreamHandler()
ch.setLevel(config.CONSOLE_LOG_LEVEL)
ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT))
app.logger.addHandler(ch)
logger.addHandler(ch)
# Log the startup
app.logger.info('########################################################')
app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION)
app.logger.info('########################################################')
app.logger.debug("Python syspath: %s", sys.path)
##########################################################################
# Setup i18n
##########################################################################
# Initialise i18n
babel = Babel(app)
app.logger.debug('Available translations: %s' % babel.list_translations())
@babel.localeselector
def get_locale():
"""Get the language for the user."""
language = 'en'
if config.SERVER_MODE is False:
# Get the user language preference from the miscellaneous module
if current_user.is_authenticated:
user_id = current_user.id
else:
user = user_datastore.get_user(config.DESKTOP_USER)
if user is not None:
user_id = user.id
user_language = Preferences.raw_value('misc', 'user_language',
'user_language', user_id)
if user_language is not None:
language = user_language
else:
# If language is available in get request then return the same
# otherwise check the session or cookie
data = request.form
if 'language' in data:
language = data['language'] or language
setattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(session, 'PGADMIN_LANGUAGE'):
language = getattr(session, 'PGADMIN_LANGUAGE', language)
elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'):
language = getattr(request.cookies, 'PGADMIN_LANGUAGE',
language)
return language
##########################################################################
# Setup authentication
##########################################################################
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///{0}?timeout={1}' \
.format(config.SQLITE_PATH.replace('\\', '/'),
getattr(config, 'SQLITE_TIMEOUT', 500)
)
# Override USER_DOES_NOT_EXIST and INVALID_PASSWORD messages from flask.
app.config['SECURITY_MSG_USER_DOES_NOT_EXIST'] = \
app.config['SECURITY_MSG_INVALID_PASSWORD'] = \
(gettext("Incorrect username or password."), "error")
# Create database connection object and mailer
db.init_app(app)
##########################################################################
# Upgrade the schema (if required)
##########################################################################
with app.app_context():
# Run migration for the first time i.e. create database
from config import SQLITE_PATH
from pgadmin.setup import db_upgrade
# If version not available, user must have aborted. Tables are not
# created and so its an empty db
if not os.path.exists(SQLITE_PATH) or get_version() == -1:
# If running in cli mode then don't try to upgrade, just raise
# the exception
if not cli_mode:
db_upgrade(app)
else:
if not os.path.exists(SQLITE_PATH):
raise FileNotFoundError('SQLite database file "' +
SQLITE_PATH + '" does not exists.')
raise RuntimeError('Specified SQLite database file '
'is not valid.')
else:
schema_version = get_version()
# Run migration if current schema version is greater than the
# schema version stored in version table
if CURRENT_SCHEMA_VERSION >= schema_version:
db_upgrade(app)
# Update schema version to the latest
if CURRENT_SCHEMA_VERSION > schema_version:
set_version(CURRENT_SCHEMA_VERSION)
db.session.commit()
if os.name != 'nt':
os.chmod(config.SQLITE_PATH, 0o600)
Mail(app)
# Don't bother paths when running in cli mode
if not cli_mode:
import pgadmin.utils.paths as paths
paths.init_app(app)
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(None, user_datastore)
##########################################################################
# Setup security
##########################################################################
with app.app_context():
config.CSRF_SESSION_KEY = Keys.query.filter_by(
name='CSRF_SESSION_KEY').first().value
config.SECRET_KEY = Keys.query.filter_by(
name='SECRET_KEY').first().value
config.SECURITY_PASSWORD_SALT = Keys.query.filter_by(
name='SECURITY_PASSWORD_SALT').first().value
# Update the app.config with proper security keyes for signing CSRF data,
# signing cookies, and the SALT for hashing the passwords.
app.config.update(
dict({
'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY,
'SECRET_KEY': config.SECRET_KEY,
'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT,
'SESSION_COOKIE_DOMAIN': config.SESSION_COOKIE_DOMAIN,
# CSRF Token expiration till session expires
'WTF_CSRF_TIME_LIMIT': getattr(config, 'CSRF_TIME_LIMIT', None),
'WTF_CSRF_METHODS': ['GET', 'POST', 'PUT', 'DELETE'],
}))
security.init_app(app, user_datastore)
# register custom unauthorised handler.
app.login_manager.unauthorized_handler(pga_unauthorised)
# Set the permanent session lifetime to the specified value in config file.
app.permanent_session_lifetime = timedelta(
days=config.SESSION_EXPIRATION_TIME)
if not cli_mode:
app.session_interface = create_session_interface(
app, config.SESSION_SKIP_PATHS)
# Make the Session more secure against XSS & CSRF when running in web mode
if config.SERVER_MODE and config.ENHANCED_COOKIE_PROTECTION:
paranoid = Paranoid(app)
paranoid.redirect_view = 'browser.index'
##########################################################################
# Load all available server drivers
##########################################################################
driver.init_app(app)
authenticate.init_app(app)
##########################################################################
# Register language to the preferences after login
##########################################################################
@user_logged_in.connect_via(app)
def register_language(sender, user):
# After logged in, set the language in the preferences if we get from
# the login page
data = request.form
if 'language' in data:
language = data['language']
# Set the user language preference
misc_preference = Preferences.module('misc')
user_languages = misc_preference.preference('user_language')
if user_languages and language:
language = user_languages.set(language)
##########################################################################
# Register any local servers we can discover
##########################################################################
@user_logged_in.connect_via(app)
def on_user_logged_in(sender, user):
# Keep hold of the user ID
user_id = user.id
# Get the first server group for the user
servergroup_id = 1
servergroups = ServerGroup.query.filter_by(
user_id=user_id).order_by("id")
if servergroups.count() > 0:
servergroup = servergroups.first()
servergroup_id = servergroup.id
'''Add a server to the config database'''
def add_server(user_id, servergroup_id, name, superuser, port,
discovery_id, comment):
# Create a server object if needed, and store it.
servers = Server.query.filter_by(
user_id=user_id, discovery_id=svr_discovery_id).order_by("id")
if servers.count() > 0:
return
svr = Server(user_id=user_id,
servergroup_id=servergroup_id,
name=name,
host='localhost',
port=port,
maintenance_db='postgres',
username=superuser,
ssl_mode='prefer',
comment=svr_comment,
discovery_id=discovery_id)
db.session.add(svr)
db.session.commit()
# Figure out what servers are present
if winreg is not None:
arch_keys = set()
proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower()
try:
proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower()
except Exception:
proc_arch64 = None
if proc_arch == 'x86' and not proc_arch64:
arch_keys.add(0)
elif proc_arch == 'x86' or proc_arch == 'amd64':
arch_keys.add(winreg.KEY_WOW64_32KEY)
arch_keys.add(winreg.KEY_WOW64_64KEY)
for arch_key in arch_keys:
for server_type in ('PostgreSQL', 'EnterpriseDB'):
try:
root_key = winreg.OpenKey(
winreg.HKEY_LOCAL_MACHINE,
"SOFTWARE\\" + server_type + "\\Services", 0,
winreg.KEY_READ | arch_key)
for i in range(0, winreg.QueryInfoKey(root_key)[0]):
inst_id = winreg.EnumKey(root_key, i)
inst_key = winreg.OpenKey(root_key, inst_id)
svr_name = winreg.QueryValueEx(
inst_key, 'Display Name')[0]
svr_superuser = winreg.QueryValueEx(
inst_key, 'Database Superuser')[0]
svr_port = winreg.QueryValueEx(inst_key, 'Port')[0]
svr_discovery_id = inst_id
svr_comment = gettext(
"Auto-detected {0} installation with the data "
"directory at {1}").format(
winreg.QueryValueEx(
inst_key, 'Display Name')[0],
winreg.QueryValueEx(
inst_key, 'Data Directory')[0])
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port,
svr_discovery_id, svr_comment)
inst_key.Close()
except Exception:
pass
else:
# We use the postgres-winreg.ini file on non-Windows
from configparser import ConfigParser
registry = ConfigParser()
try:
registry.read('/etc/postgres-reg.ini')
sections = registry.sections()
# Loop the sections, and get the data from any that are PG or PPAS
for section in sections:
if (section.startswith('PostgreSQL/')
or section.startswith('EnterpriseDB/')):
svr_name = registry.get(section, 'Description')
svr_superuser = registry.get(section, 'Superuser')
# getint function throws exception if value is blank.
# Ex: Port=
# In such case we should handle the exception and continue
# to read the next section of the config file.
try:
svr_port = registry.getint(section, 'Port')
except ValueError:
continue
svr_discovery_id = section
description = registry.get(section, 'Description')
data_directory = registry.get(section, 'DataDirectory')
svr_comment = gettext(
"Auto-detected {0} installation "
"with the data directory at {1}").format(
description, data_directory)
add_server(user_id, servergroup_id, svr_name,
svr_superuser, svr_port, svr_discovery_id,
svr_comment)
except Exception:
pass
@user_logged_in.connect_via(app)
@user_logged_out.connect_via(app)
def force_session_write(app, user):
session.force_write = True
@user_logged_in.connect_via(app)
def store_crypt_key(app, user):
# in desktop mode, master password is used to encrypt/decrypt
# and is stored in the keyManager memory
if config.SERVER_MODE and 'password' in request.form:
current_app.keyManager.set(request.form['password'])
@user_logged_out.connect_via(app)
def current_user_cleanup(app, user):
from config import PG_DEFAULT_DRIVER
from pgadmin.utils.driver import get_driver
from flask import current_app
# remove key
current_app.keyManager.reset()
for mdl in current_app.logout_hooks:
try:
mdl.on_logout(user)
except Exception as e:
current_app.logger.exception(e)
_driver = get_driver(PG_DEFAULT_DRIVER)
_driver.gc_own()
##########################################################################
# Load plugin modules
##########################################################################
for module in app.find_submodules('pgadmin'):
app.logger.info('Registering blueprint module: %s' % module)
app.register_blueprint(module)
app.register_logout_hook(module)
##########################################################################
# Handle the desktop login
##########################################################################
@app.before_request
def before_request():
"""Login the default user if running in desktop mode"""
# Check the auth key is valid, if it's set, and we're not in server
# mode, and it's not a help file request.
if not config.SERVER_MODE and app.PGADMIN_INT_KEY != '' and (
('key' not in request.args
or request.args['key'] != app.PGADMIN_INT_KEY) and
request.cookies.get('PGADMIN_INT_KEY') != app.PGADMIN_INT_KEY
and request.endpoint != 'help.static'):
abort(401)
if not config.SERVER_MODE and not current_user.is_authenticated:
user = user_datastore.get_user(config.DESKTOP_USER)
# Throw an error if we failed to find the desktop user, to give
# the sysadmin a hint. We'll continue to try to login anyway as
# that'll through a nice 500 error for us.
if user is None:
app.logger.error(
'The desktop user %s was not found in the configuration '
'database.' % config.DESKTOP_USER)
abort(401)
login_user(user)
# if the server is restarted the in memory key will be lost
# but the user session may still be active. Logout the user
# to get the key again when login
if config.SERVER_MODE and current_user.is_authenticated and \
current_app.keyManager.get() is None and \
request.endpoint not in ('security.login', 'security.logout'):
logout_user()
@app.after_request
def after_request(response):
if 'key' in request.args:
domain = dict()
if config.COOKIE_DEFAULT_DOMAIN and \
config.COOKIE_DEFAULT_DOMAIN != 'localhost':
domain['domain'] = config.COOKIE_DEFAULT_DOMAIN
response.set_cookie('PGADMIN_INT_KEY',
value=request.args['key'],
path=config.COOKIE_DEFAULT_PATH,
**domain)
# X-Frame-Options for security
if config.X_FRAME_OPTIONS != "" and \
config.X_FRAME_OPTIONS.lower() != "deny":
response.headers["X-Frame-Options"] = config.X_FRAME_OPTIONS
return response
##########################################################################
# Cache busting
##########################################################################
# Version number to be added to all static file url requests
# This is used by url_for function when generating urls
# This will solve caching issues when application is upgrading
# This is called - Cache Busting
@app.url_defaults
def add_internal_version(endpoint, values):
extensions = config.APP_VERSION_EXTN
# Add the internal version only if it is set
if config.APP_VERSION_PARAM is not None and \
config.APP_VERSION_PARAM != '':
# If there is a filename, add the version
if 'filename' in values \
and values['filename'].endswith(extensions):
values[config.APP_VERSION_PARAM] = config.APP_VERSION_INT
else:
# Sometimes there may be direct endpoint for some files
# There will be only one rule for such endpoints
urls = [url for url in app.url_map.iter_rules(endpoint)]
if len(urls) == 1 and urls[0].rule.endswith(extensions):
values[config.APP_VERSION_PARAM] = \
config.APP_VERSION_INT
# Strip away internal version param before sending further to app as it was
# required for cache busting only
@app.url_value_preprocessor
def strip_version_number(endpoint, values):
if values and config.APP_VERSION_PARAM in values:
values.pop(config.APP_VERSION_PARAM)
##########################################################################
# Minify output. Not required in desktop mode
##########################################################################
if not config.DEBUG and config.SERVER_MODE:
from flask_compress import Compress
Compress(app)
from pgadmin.misc.themes import themes
themes(app)
@app.context_processor
def inject_blueprint():
"""
Inject a reference to the current blueprint, if any.
"""
return {
'current_app': current_app,
'current_blueprint': current_blueprint,
}
@app.errorhandler(Exception)
def all_exception_handler(e):
current_app.logger.error(e, exc_info=True)
return internal_server_error(errormsg=str(e))
# Exclude HTTPexception from above handler (all_exception_handler)
# HTTPException are user defined exceptions and those should be returned
# as is
@app.errorhandler(HTTPException)
def http_exception_handler(e):
current_app.logger.error(e, exc_info=True)
return e
# Intialize the key manager
app.keyManager = KeyManager()
##########################################################################
# Protection against CSRF attacks
##########################################################################
with app.app_context():
pgCSRFProtect.init_app(app)
##########################################################################
# All done!
##########################################################################
return app
# -*- coding: utf-8 -*-
from flask import Flask, request, session
from flask_sqlalchemy import SQLAlchemy
from flask_babelex import Babel, Domain, lazy_gettext
from wtforms import validators
from plumbum import Plumbum, ModelView
sqla_domain = Domain(domain='sqla-babel', dirname='locales')
# Create application
app = Flask(__name__)
babel = Babel(app, default_domain=sqla_domain)
app.config['SECRET_KEY'] = '1234'
app.config['DEBUG'] = True
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///sample_data.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['PLUMBUM_DEBUG_TEMPLATE'] = False
db = SQLAlchemy(app)
@babel.localeselector
def get_locale():
override = request.args.get('lang')
if override:
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Home page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Members page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Admin page requires an 'Admin' role.
@app.route('/admin')
@roles_required('Admin') # Use of @roles_required decorator
def admin_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Admin Page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
return app
"ck": "ck_%(table_name)s_%(constraint_name)s",
"fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
"pk": "pk_%(table_name)s"
}
metadata = MetaData(naming_convention=convention)
else:
metadata = MetaData()
basedir = os.path.abspath(os.path.dirname(__file__))
load_dotenv(os.path.join(basedir, '.env'))
db = SQLAlchemy(metadata=metadata)
migrate = Migrate()
mail = Mail()
security = Security()
socketio = SocketIO()
babelobject = Babel()
moment = Moment()
avatars = UploadSet('avatars', IMAGES)
# Fixes bug: url_for generates http endpoints instead of https which causes mixed-content-errors
class ReverseProxied(object):
def __init__(self, app):
self.app = app
def __call__(self, environ, start_response):
scheme = environ.get('HTTP_X_FORWARDED_PROTO')
if scheme:
environ['wsgi.url_scheme'] = scheme
return self.app(environ, start_response)
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
@babel.localeselector
def get_locale():
translations = [
str(translation) for translation in babel.list_translations()
]
# return request.accept_languages.best_match(translations)
# @babel.localeselector
#def get_locale():
# if request.args.get('lang'):
# session['lang'] = request.args.get('lang')
# return session.get('lang', 'tr')
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home():
return render_template('/index.html')
@app.route('/üye')
def uye():
return render_template('/üye.html')
@app.route('/add')
def adduser():
email = request.form.get("e-mail")
sifre = request.form.get("sifre")
newuser = User(email=email, password=sifre)
db.session.add(newuser)
db.session.comit()
return redirect(url_for("adduser"))
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Üyeler sayfası {%endtrans%}</h2>
<h1>{%trans%}Sisteme giriş yapanlar bu sayfayı görüntüleyebilir{%endtrans%}</h1>
<p><a href={{ url_for('user.register') }}>{%trans%}Kayıt ol{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Giriş Yap{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Ana sayfa{%endtrans%}</a> (Herkes erişebilir)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Üye sayfası{%endtrans%}</a> (Giriş gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin sayfası{%endtrans%}</a> (Rol gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Çıkış{%endtrans%}</a></p>
{% endblock %}
""")
# The Admin page requires an 'Admin' role.
@app.route('/admin')
@roles_required('Admin') #Use of @roles_required decorator
def admin_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Admin Sayfası{%endtrans%}</h2>
<h1>{%trans%}Bu yalnızca adminlerin giriş yapabildiği bir sayfadır{%endtrans%}</h1>
<p><a href={{ url_for('user.register') }}>{%trans%}Kayıt ol{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Giriş Yap{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Ana sayfa{%endtrans%}</a> (Herkes erişebilir)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Üye sayfası{%endtrans%}</a> (Giriş gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin sayfası{%endtrans%}</a> (Rol gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Çıkış{%endtrans%}</a></p>
{% endblock %}
""")
return app
def app(request, accounts_rest_permission_factory):
"""Flask application fixture."""
instance_path = tempfile.mkdtemp()
app = Flask(__name__, instance_path=instance_path)
InvenioAccess(app)
InvenioAccounts(app)
InvenioAccountsREST(app)
InvenioOAuth2Server(app)
InvenioOAuth2ServerREST(app)
InvenioDB(app)
Babel(app)
Mail(app)
Menu(app)
Breadcrumbs(app)
# this is done mainly for coverage so that tests are run with and without
# userprofiles being loaded in the app
if not hasattr(request, 'param') or \
'with_profiles' not in request.param or \
request.param['with_profiles']:
# tests without invenio-userprofiles being installed at all
try:
from invenio_userprofiles import InvenioUserProfiles
InvenioUserProfiles(app)
except ImportError:
pass
read_role = accounts_rest_permission_factory['read_role']
update_role = accounts_rest_permission_factory['update_role']
delete_role = accounts_rest_permission_factory['delete_role']
read_roles = accounts_rest_permission_factory['read_roles_list']
create_role = accounts_rest_permission_factory['create_role']
assign_role = accounts_rest_permission_factory['assign_role']
unassign_role = accounts_rest_permission_factory['unassign_role']
role_users = accounts_rest_permission_factory['read_role_users_list']
user_roles = accounts_rest_permission_factory['read_user_roles_list']
read_user_prop = accounts_rest_permission_factory['read_user_properties']
mod_user_prop = accounts_rest_permission_factory['update_user_properties']
read_users = accounts_rest_permission_factory['read_users_list']
app.config.update(
ACCOUNTS_REST_READ_ROLE_PERMISSION_FACTORY=read_role,
ACCOUNTS_REST_UPDATE_ROLE_PERMISSION_FACTORY=update_role,
ACCOUNTS_REST_DELETE_ROLE_PERMISSION_FACTORY=delete_role,
ACCOUNTS_REST_READ_ROLES_LIST_PERMISSION_FACTORY=read_roles,
ACCOUNTS_REST_CREATE_ROLE_PERMISSION_FACTORY=create_role,
ACCOUNTS_REST_ASSIGN_ROLE_PERMISSION_FACTORY=assign_role,
ACCOUNTS_REST_UNASSIGN_ROLE_PERMISSION_FACTORY=unassign_role,
ACCOUNTS_REST_READ_ROLE_USERS_LIST_PERMISSION_FACTORY=role_users,
ACCOUNTS_REST_READ_USER_ROLES_LIST_PERMISSION_FACTORY=user_roles,
ACCOUNTS_REST_READ_USER_PROPERTIES_PERMISSION_FACTORY=read_user_prop,
ACCOUNTS_REST_UPDATE_USER_PROPERTIES_PERMISSION_FACTORY=mod_user_prop,
ACCOUNTS_REST_READ_USERS_LIST_PERMISSION_FACTORY=read_users,
OAUTH2SERVER_CLIENT_ID_SALT_LEN=40,
OAUTH2SERVER_CLIENT_SECRET_SALT_LEN=60,
OAUTH2SERVER_TOKEN_PERSONAL_SALT_LEN=60,
SECRET_KEY='changeme',
TESTING=True,
SERVER_NAME='localhost',
SQLALCHEMY_DATABASE_URI=os.environ.get('SQLALCHEMY_DATABASE_URI',
'sqlite:///test.db'),
SECURITY_SEND_PASSWORD_CHANGE_EMAIL=False)
from invenio_oauth2server.views.server import blueprint
with app.app_context():
db_.create_all()
yield app
with app.app_context():
db_.drop_all()
