def create_app():
app = Flask(__name__)
app.config.from_envvar('CALAPHIO_CONFIG')
# Register Blueprints
app.register_blueprint(core)
# Register Jinja Filters
app.jinja_env.filters['sanitize_html'] = sanitize_html
# Extensions
db.init_app(app)
login_manager.init_app(app)
csrf.init_app(app)
bootstrap.init_app(app)
nav.init_app(app)
principal.init_app(app)
register_renderer(app, "renderer", BetterBootstrapRenderer)
# Method Rewriter
app.wsgi_app = MethodRewriteMiddleware(app.wsgi_app)
# Identity Loader
identity_loaded.connect(on_identity_loaded, app, False)
return app
def setUp(self):
"""se llama al metodo antes de iniciar el test"""
self.client = app.test_client()
self.acceso = login(self.client, TEST_USER_LIDER, TEST_PASS_LIDER)
identity_loaded.connect(_on_principal_initL)
self.proyse= seleccionar_proyecto(self.client, PROYECTOID)
with app.test_client() as c:
with c.session_transaction() as sess:
sess['pry'] = PROYECTOID
def register(self, app, *args, **kwargs):
" Activate loginmanager and principal. "
if not self._login_manager or self.app != app:
self._login_manager = LoginManager()
self._login_manager.user_callback = self.user_loader
self._login_manager.setup_app(app)
self._login_manager.login_view = 'urls.index'
self._login_manager.login_message = u'You need to be signed in for this page.'
self.app = app
if not self._principal:
self._principal = Principal(app)
identity_loaded.connect(self.identity_loaded)
super(UserManager, self).register(app, *args, **kwargs)
def register(self, app, *args, **kwargs):
" Activate loginmanager and principal. "
if not self._login_manager or self.app != app:
self._login_manager = LoginManager()
self._login_manager.user_callback = self.user_loader
self._login_manager.init_app(app)
self._login_manager.login_view = app.config.get('AUTH_LOGIN_VIEW', 'code.index')
self._login_manager.login_message = u'You need to be signed in for this page.'
self.app = app
if not self._principal:
self._principal = Principal(app)
identity_loaded.connect(self.identity_loaded)
super(UserManager, self).register(app, *args, **kwargs)
def create_app(extra_config=None):
"""Create Flask app for Flaskapp
"""
app = Flask('flaskapp',
template_folder='templates',
static_folder='static')
app.config.from_object('config')
app.config.update(**(extra_config or {}))
app.before_request(before_request)
# import static file manifest
js = pkg_resources.resource_string('flaskapp', '/static/rev-manifest.json')
app.config['static_manifest'] = json.loads(js)
# configure jinja2
app.jinja_env.globals.update({'h': template_helpers})
# add Flask-WTForms CSRF Protection
CsrfProtect(app)
# init Flask-SQLAlchemy
db.init_app(app)
# init Flask-Principal
Principal(app)
identity_loaded.connect(on_identity_loaded, app)
# init Flask-Login
lm.init_app(app)
lm.login_view = 'auth.login'
lm.user_loader(load_user)
# init Flask-Mail
mail.init_app(app)
# register blueprints
app.register_blueprint(content.bp)
app.register_blueprint(auth.bp, url_prefix='/auth')
return app
def create_app(extra_config=None):
"""Create Flask app for Flaskapp
"""
app = Flask('flaskapp',
template_folder='templates',
static_folder='static')
app.config.from_object('config')
app.config.update(**(extra_config or {}))
app.before_request(before_request)
# import static file manifest
js = pkg_resources.resource_string('flaskapp', '/static/rev-manifest.json')
app.config['static_manifest'] = json.loads(js.decode('utf-8'))
# configure jinja2
app.jinja_env.globals.update({'h': template_helpers})
# add Flask-WTForms CSRF Protection
CSRFProtect(app)
# init Flask-SQLAlchemy
db.init_app(app)
# init Flask-Principal
Principal(app)
identity_loaded.connect(on_identity_loaded, app)
# init Flask-Login
lm.init_app(app)
lm.login_view = 'auth.login'
lm.user_loader(load_user)
# init Flask-Mail
mail.init_app(app)
# register blueprints
app.register_blueprint(content.bp)
app.register_blueprint(auth.bp, url_prefix='/auth')
return app
def mkapp(with_factory=False):
app = Flask(__name__)
app.secret_key = 'notverysecret'
app.debug = True
if with_factory:
p = Principal()
p.init_app(app)
else:
p = Principal(app)
identity_loaded.connect(_on_principal_init)
@app.route('/')
def index():
with admin_permission.require():
pass
return Response('hello')
@app.route('/a')
@admin_permission.require()
def a():
return Response('hello')
@app.route('/b')
@anon_permission.require()
def b():
return Response('hello')
@app.route('/c')
def c():
with anon_permission.require():
raise ReraiseException
@app.route('/d')
@anon_permission.require()
def d():
raise ReraiseException
@app.route('/e')
def e():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_permission.require():
return Response('hello')
@app.route('/f')
def f():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_or_editor.require():
return Response('hello')
@app.route('/g')
@admin_permission.require()
@editor_permission.require()
def g():
return Response('hello')
@app.route('/h')
def h():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require():
with editor_permission.require():
pass
@app.route('/j')
def j():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require(403):
with editor_permission.require(403):
pass
@app.route('/k')
@admin_permission.require(403)
def k():
return Response('hello')
@app.route('/l')
def l():
s = []
if not admin_or_editor:
s.append("not admin")
i = Identity('ali')
identity_changed.send(app, identity=i)
if admin_or_editor:
s.append("now admin")
return Response('\n'.join(s))
@app.route("/m")
def m():
with admin_denied.require():
pass
return Response("OK")
@app.route("/n")
def n():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_denied.require():
pass
return Response("OK")
@app.route("/o")
def o():
admin_or_editor.test()
return Response("OK")
@app.route("/p")
def p():
admin_or_editor.test(404)
return Response("OK")
return app
def setUp(self):
"""se llama al metodo antes de iniciar el test"""
self.client = app.test_client()
self.acceso = login(self.client)
identity_loaded.connect(_on_principal_init)
def mkapp(with_factory=False):
app = Flask(__name__)
app.secret_key = 'notverysecret'
app.debug = True
if with_factory:
p = Principal()
p.init_app(app)
else:
p = Principal(app)
identity_loaded.connect(_on_principal_init)
@app.route('/')
def index():
with admin_permission.require():
pass
return Response('hello')
@app.route('/a')
@admin_permission.require()
def a():
return Response('hello')
@app.route('/b')
@anon_permission.require()
def b():
return Response('hello')
@app.route('/c')
def c():
with anon_permission.require():
raise ReraiseException
@app.route('/d')
@anon_permission.require()
def d():
raise ReraiseException
@app.route('/e')
def e():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_permission.require():
return Response('hello')
@app.route('/f')
def f():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_or_editor.require():
return Response('hello')
@app.route('/g')
@admin_permission.require()
@editor_permission.require()
def g():
return Response('hello')
@app.route('/h')
def h():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require():
with editor_permission.require():
pass
@app.route('/j')
def j():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require(403):
with editor_permission.require(403):
pass
@app.route('/k')
@admin_permission.require(403)
def k():
return Response('hello')
@app.route('/l')
def l():
s = []
if not admin_or_editor:
s.append("not admin")
i = Identity('ali')
identity_changed.send(app, identity=i)
if admin_or_editor:
s.append("now admin")
return Response('\n'.join(s))
@app.route("/m")
def m():
with admin_denied.require():
pass
return Response("OK")
@app.route("/n")
def n():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_denied.require():
pass
return Response("OK")
@app.route("/o")
def o():
admin_or_editor.test()
return Response("OK")
@app.route("/p")
def p():
admin_or_editor.test(404)
return Response("OK")
return app
def mkapp(with_factory=False):
app = Flask(__name__)
app.secret_key = 'notverysecret'
app.debug = True
if with_factory:
p = Principal()
p.init_app(app)
else:
p = Principal(app)
identity_loaded.connect(_on_principal_init)
@app.route('/')
def index():
with admin_permission.require():
pass
return Response('hello')
@app.route('/a')
@admin_permission.require()
def a():
return Response('hello')
@app.route('/b')
@anon_permission.require()
def b():
return Response('hello')
@app.route('/c')
def c():
with anon_permission.require():
raise ReraiseException
@app.route('/d')
@anon_permission.require()
def d():
raise ReraiseException
@app.route('/e')
def e():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_permission.require():
return Response('hello')
@app.route('/f')
def f():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_or_editor.require():
return Response('hello')
@app.route('/and_base_fail')
def and_base_fail():
i = mkadmin()
admin_and_editor_rp = (admin_role_permission & editor_role_permission)
identity_changed.send(app, identity=i)
with admin_and_editor_rp.require():
return Response('fail')
@app.route('/and_base_success')
def and_base_success():
i = Identity('admin_editor')
identity_changed.send(app, identity=i)
# using both formerly default, calling parent __and__
admin_and_editor_rp = (admin_permission & editor_permission)
with admin_and_editor_rp.require():
return Response('good')
@app.route('/and_bunch')
def and_bunch():
result = []
bunch = AndPermission(
admin_role_permission,
editor_role_permission,
manager_role_permission,
)
identity_changed.send(app, identity=Identity('admin'))
if bunch.can():
result.append('bad')
identity_changed.send(app, identity=Identity('manager'))
if bunch.can():
result.append('bad')
identity_changed.send(app, identity=Identity('reviewer'))
if bunch.can():
result.append('bad')
identity_changed.send(app, identity=Identity('admin_editor_manager'))
if bunch.can():
result.append('good')
return ''.join(result)
@app.route('/and_mixed1')
def and_mixed1():
admin_and_editor_mixed = (admin_role_permission & editor_permission)
i = Identity('editor')
identity_changed.send(app, identity=i)
with admin_and_editor_mixed.require():
return Response('fail')
@app.route('/and_mixed2') # reversed type of the above.
def and_mixed2():
admin_and_editor_mixed = (admin_permission & editor_role_permission)
i = Identity('admin_editor')
identity_changed.send(app, identity=i)
with admin_and_editor_mixed.require():
return Response('good')
@app.route('/or_base')
def or_base():
i = mkadmin()
admin_or_editor_rp = (admin_role_permission | editor_role_permission)
identity_changed.send(app, identity=i)
with admin_or_editor_rp.require():
return Response('hello')
@app.route('/or_bunch')
def or_bunch():
result = []
bunch = OrPermission(
admin_role_permission,
editor_role_permission,
manager_role_permission,
reviewer_role_permission,
)
identity_changed.send(app, identity=Identity('admin'))
if bunch.can():
result.append('good')
identity_changed.send(app, identity=Identity('manager'))
if bunch.can():
result.append('good')
identity_changed.send(app, identity=Identity('reviewer'))
if bunch.can():
result.append('good')
return ''.join(result)
@app.route('/or_mixed1')
def or_mixed1():
result = []
admin_or_editor_mixed = (admin_role_permission | editor_permission)
i = Identity('admin')
identity_changed.send(app, identity=i)
with admin_or_editor_mixed.require():
result.append('good')
i = Identity('editor')
identity_changed.send(app, identity=i)
with admin_or_editor_mixed.require():
result.append('good')
return Response(''.join(result))
@app.route('/or_mixed2') # reversed type of the above.
def or_mixed2():
result = []
admin_or_editor_mixed = (admin_permission | editor_role_permission)
i = Identity('admin')
identity_changed.send(app, identity=i)
with admin_or_editor_mixed.require():
result.append('good')
i = Identity('editor')
identity_changed.send(app, identity=i)
with admin_or_editor_mixed.require():
result.append('good')
return Response(''.join(result))
@app.route('/not_base')
def not_base():
result = []
not_admin_perm = ~admin_role_permission
identity_changed.send(app, identity=Identity('admin'))
if not_admin_perm.can():
result.append('admin')
identity_changed.send(app, identity=Identity('editor'))
if not_admin_perm.can():
result.append('editor')
identity_changed.send(app, identity=Identity('admin_manager'))
if not_admin_perm.can():
result.append('admin_manager')
return Response(''.join(result))
@app.route('/mixed_ops_fail')
def mixed_ops_fail():
mixed_perms = (admin_permission | manager_permission |
(reviewer_role_permission & editor_role_permission))
i = Identity('editor')
identity_changed.send(app, identity=i)
with mixed_perms.require():
return Response('fail')
@app.route('/mixed_ops1')
def mixed_ops1():
result = []
mixed_perms = (admin_permission | manager_permission |
(reviewer_role_permission & editor_role_permission))
i = Identity('reviewer_editor')
identity_changed.send(app, identity=i)
with mixed_perms.require():
result.append('good')
i = Identity('manager')
identity_changed.send(app, identity=i)
with mixed_perms.require():
result.append('good')
i = Identity('admin')
identity_changed.send(app, identity=i)
with mixed_perms.require():
result.append('good')
return Response(''.join(result))
@app.route('/mixed_ops2')
def mixed_ops2():
result = []
mixed_perms = ((admin_permission & editor_permission) |
(manager_role_permission & editor_role_permission))
i = Identity('manager_editor')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('good')
i = Identity('manager')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
i = Identity('editor')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
i = Identity('admin_editor')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('good')
i = Identity('admin')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
return Response(''.join(result))
@app.route('/mixed_ops3')
def mixed_ops3():
result = []
mixed_perms = (((admin_permission & editor_permission) |
(manager_role_permission & editor_role_permission))
& ~(manager_role_permission & admin_permission)
& ~reviewer_role_permission)
i = Identity('manager_editor')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('good')
i = Identity('admin_editor')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('good')
i = Identity('admin_manager')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
i = Identity('manager_editor_admin')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
i = Identity('reviewer')
identity_changed.send(app, identity=i)
if mixed_perms.can():
result.append('bad')
return Response(''.join(result))
@app.route('/g')
@admin_permission.require()
@editor_permission.require()
def g():
return Response('hello')
@app.route('/h')
def h():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require():
with editor_permission.require():
pass
@app.route('/j')
def j():
i = Identity('james')
identity_changed.send(app, identity=i)
with admin_permission.require(403):
with editor_permission.require(403):
pass
@app.route('/k')
@admin_permission.require(403)
def k():
return Response('hello')
@app.route('/l')
def l():
s = []
if not admin_or_editor:
s.append("not admin_or_editor")
if not (admin_permission or editor_permission):
s.append("not (admin or editor)")
i = Identity('ali')
identity_changed.send(app, identity=i)
if admin_or_editor:
s.append("now admin_or_editor")
if admin_permission or editor_permission:
s.append("now admin or editor")
return Response('\n'.join(s))
@app.route("/m")
def m():
with admin_denied.require():
pass
return Response("OK")
@app.route("/n")
def n():
i = mkadmin()
identity_changed.send(app, identity=i)
with admin_denied.require():
pass
return Response("OK")
@app.route("/o")
def o():
admin_or_editor.test()
return Response("OK")
@app.route("/o2")
def o2():
(admin_permission | editor_permission).test()
return Response("OK")
@app.route("/o3")
def o3():
i = mkadmin()
identity_changed.send(app, identity=i)
(admin_permission | editor_permission).test()
return Response("OK")
@app.route("/p")
def p():
admin_or_editor.test(404)
return Response("OK")
return app
def create_app(extra_config=None):
"""Create Flask app for Flaskapp
"""
app = Flask('daspanel_web',
template_folder='templates/default',
static_folder='templates/default/static')
app.config.from_object('config')
app.config.update(**(extra_config or {}))
app.before_request(before_request)
# the toolbar is only enabled in debug mode:
#app.debug = True
#app.config['SECRET_KEY'] = os.environ.get('DASPANEL_SYS_UUID', os.urandom(25).encode('hex'))
#app.config['DEBUG_TB_INTERCEPT_REDIRECTS'] = False
#app.config['DEBUG_TB_PROFILER_ENABLED'] = True
if app.config['DEBUG'] == True:
print(" * [DASPANEL] Debug Toolbar enabled")
toolbar = DebugToolbarExtension()
toolbar.init_app(app)
else:
print(" * [DASPANEL] Debug Toolbar disabled")
# import static file manifest
js = pkg_resources.resource_string(
__name__, '/templates/default/static/rev-manifest.json')
app.config['static_manifest'] = json.loads(js)
# configure jinja2
app.jinja_env.globals.update({'h': template_helpers})
# add Flask-WTForms CSRF Protection
CSRFProtect(app)
# init Flask-SQLAlchemy
db.init_app(app)
if not os.path.exists(
os.path.join(app.config['DASPANEL_DATADIR'], 'db',
app.config['APP_DATABASE'])):
print("Creating database file: " + os.path.join(
app.config['DASPANEL_DATADIR'], 'db', app.config['APP_DATABASE']))
with app.app_context():
db.create_all()
with app.app_context():
update_or_create_admin(app.config['DASPANEL']["sys"]["admin"],
app.config['DASPANEL']["sys"]["password"])
# init Flask-Principal
Principal(app)
identity_loaded.connect(on_identity_loaded, app)
# init Flask-Login
lm.init_app(app)
lm.login_view = 'auth.login'
lm.user_loader(load_user)
# init Flask-Mail
mail.init_app(app)
# register blueprints
app.register_blueprint(content.bp)
app.register_blueprint(auth.bp, url_prefix='/auth')
app.register_blueprint(sites.bp, url_prefix='/sites')
app.register_blueprint(module1.bp, url_prefix='/module1')
app.register_blueprint(services.bp, url_prefix='/services')
app.register_blueprint(system.bp, url_prefix='/system')
return app
return User.from_user_data(user_data)
else:
session.pop("identity.name", None)
session.pop("identity.auth_type", None)
identity_changed.send(current_app._get_current_object(),
identity=AnonymousIdentity())
return None
def on_identity_loaded(sender, identity):
if identity.id:
identity.provides.add(UserNeed(identity.id))
identity_loaded.connect(on_identity_loaded)
def login_dangerous(user, remember=False):
if flask_login.login_user(user, remember=remember):
identity_changed.send(current_app._get_current_object(),
identity=Identity(user.user_data.fixed_id))
return True
else:
return False
def logout_dangerous():
session.pop("identity.name", None)
session.pop("identity.auth_type", None)
flask_login.logout_user()
