示例#1
0
def set_cookie(session_cookie_name, tuid, redirectUrl):
    random_str = '{0}{1}'.format(StrUtil.make_random_str(25),
                                 str(CreateSeq.getSessionIdSeq()).zfill(9))

    StrUtil.print_debug('##########random_str:' + random_str)
    cst = SvcdbSessionTable(session_cookie_name, random_str, tuid)
    db.session.add(cst)
    db.session.commit()

    if request.method == 'GET':
        next_url = request.args.get('next_url')
    else:
        next_url = request.form['next_url']

    if not next_url:
        next_url = url_for(redirectUrl)
    else:
        next_url = urllib.parse.unquote(next_url)

    StrUtil.print_debug('next_url:' + next_url)
    response = make_response(redirect(next_url))
    response.set_cookie(session_cookie_name, random_str)
    response.set_cookie("session_id",
                        random_str,
                        path=cookie_path(tuid, random_str))
    return response
示例#2
0
    def _get_ymd(date_str, fmt, date_hash):
        if fmt == 'YYYY-MM-DD' or fmt == 'YYYY/MM/DD':
            match = re.search('^(\d+)[\-\/](\d+)[\-\/](\d+)$', date_str)
            if not match:
                return 1
            date_hash['yyyy'] = match.group(1)
            date_hash['mm'] = match.group(2)
            date_hash['dd'] = match.group(3)
        elif fmt == 'YY/MM/DD':
            match = re.search('^(\d{1,2})[\-\/](\d{1,2})[\-\/](\d{1,2})$',
                              date_str)
            if not match:
                return 1
            if int(match.group(3)) > 50:
                date_hash['yyyy'] = 1900 + int(match.group(1))
            else:
                date_hash['yyyy'] = 2000 + int(match.group(1))
            date_hash['mm'] = match.group(2)
            date_hash['dd'] = match.group(3)
        elif fmt == 'DD/Mon/YY' or fmt == 'DD-Mon-YY':
            match = re.search('^(\d+)[\-\/](\w+)[\-\/](\d+)$', date_str)
            if not match:
                return 1
            if int(match.group(3)) > 50:
                date_hash['yyyy'] = 1900 + int(match.group(3))
            else:
                date_hash['yyyy'] = 2000 + int(match.group(3))
            date_hash['mm'] = ArrUtil.search_array(DateUtil.MoYs,
                                                   match.group(2)) + 1
            date_hash['dd'] = match.group(1)

            if int(date_hash['mm']) <= 0:
                return 1
        elif fmt == 'DD/Mon/YYYY' or fmt == 'DD-Mon-YYYY':
            match = re.search('^(\d+)[\-\/](\w+)[\-\/](\d+)$', date_str)
            if not match:
                return 1
            date_hash['yyyy'] = int(match.group(3))
            date_hash['mm'] = ArrUtil.search_array(DateUtil.MoYs,
                                                   match.group(2)) + 1
            date_hash['dd'] = match.group(1)

            if int(date_hash['mm']) <= 0:
                return 1
        else:
            StrUtil.print_debug("Invalid date format({})".format(fmt))
            sys.exit(1)

        return 0
示例#3
0
        def wrapper(*args, **kwargs):
            logout_user()
            StrUtil.print_debug('adm_login_required. func=[' + func.__name__ +
                                ']')

            session_id = flaskr.lib.svcdb_lib.session.get_session_id(
                StrUtil.get_safe_config(current_app, 'SVCDB_SYS_COOKIE'))
            if session_id:
                StrUtil.print_debug(
                    'login_required. session_cookie_name:{0}  session_id:{1}'.
                    format('ADMIN_SESSION_COOKIE', session_id))

                cst = SvcdbSessionTable.get_adm_session_info(session_id)
                if cst is None:
                    flash('invalid user_id or password')
                    return redirect(url_for('adm_login'))

                # 取得したユーザIDでユーザ情報を取得する
                user = User.query.filter_by(tuid=cst.user_id).first()
                if user is None:
                    flash('invalid user_id or password')
                    return redirect(url_for('adm_login'))

                # 管理者権限チェック
                pkgSvcdbSecurity = PkgSvcdbSecurity()
                if not pkgSvcdbSecurity.isAdminUser(user.tuid):
                    flash('利用権限がありません')
                    return redirect(
                        UserAuth._get_redirect_url(url_for('adm_login')))

                login_user(user, False)
            else:
                StrUtil.print_debug('login_required. no session id got.')
                return redirect(
                    UserAuth._get_redirect_url(url_for('adm_login')))

            return func(*args, **kwargs)
示例#4
0
 def sqlExcuter(sqlstr: str, *args, **kwargs):
     sqlstr = sqlstr.format(*args, **kwargs)
     StrUtil.print_debug(sqlstr)
     return db.session.execute(text(sqlstr))
示例#5
0
        def wrapper(*args, **kwargs):
            logout_user()
            StrUtil.print_debug('login_required. func=[' + func.__name__ + ']')
            """
            db_id = flaskr.lib.svcdb_lib.session.get_db_id()
            if not db_id:
                flash('[db_id]パラメータが必要です')
                return redirect(url_for('login'))

            # データベースオブジェクトを取得する
            current_db = flaskr.lib.svcdb_lib.session.get_current_db(db_id)

            # グローバル変数に設定する
            flaskr.lib.svcdb_lib.session.current_db = current_db

            if not current_db:
                flash('[db_id:{}]情報を取得できません'.format(db_id))
                return redirect(url_for('login', db_id=db_id))
            StrUtil.print_debug('login_required. cur_db.db_id=[' + str(current_db.db_id) + ']')

            # アクセス権限チェック
            pkgIpAddrUtil = PkgIpAddrUtil()
            id_addr = StrUtil.get_ip_addr()
            if not id_addr or not pkgIpAddrUtil.isDbIpAddrVisible(db_id, id_addr):
                flash('利用権限がありません')
                return redirect(url_for('login', db_id=db_id))
            session_id = flaskr.lib.svcdb_lib.session.get_session_id(current_db.session_cookie_name)
            """
            session_id = flaskr.lib.svcdb_lib.session.get_session_id(
                Const.SESSION_COOKIE_NAME)
            if session_id:
                StrUtil.print_debug(
                    'login_required. session_cookie_name:{0}  session_id:{1}'.
                    format(Const.SESSION_COOKIE_NAME, session_id))

                # セッションテーブルからユーザIDを取得する(有効期限:一週間)
                cst = SvcdbSessionTable.get_session_info(
                    Const.SESSION_COOKIE_NAME, session_id)
                if cst is None:
                    flash('invalid user_id or password')
                    return redirect(url_for('login'))

                # 取得したユーザIDでユーザ情報を取得する
                user = User.query.filter_by(tuid=cst.user_id).first()
                if user is None:
                    flash('invalid user_id or password')
                    return redirect(url_for('login'))
                """
                # 参照権限チェック
                pkgSvcdbSecurity = PkgSvcdbSecurity()
                if not pkgSvcdbSecurity.isDbVisible(db_id, user.tuid):
                    flash('このDBを参照する権限がありません')
                    return redirect(url_for('login', db_id=db_id))
                """

                StrUtil.print_debug('login_required. user_id=[' +
                                    str(cst.user_id) + ']')
                login_user(user, False)
            else:
                StrUtil.print_debug('login_required. no session id got.')
                return redirect(UserAuth._get_redirect_url(url_for('login')))

            return func(*args, **kwargs)