canaille-globuzma/canaille/flaskutils.py

import ldap
from functools import wraps
from flask import session, abort
from canaille.models import User


def current_user():
    if "user_dn" not in session:
        return None

    user = User.get(dn=session["user_dn"])

    if not user:
        del session["user_dn"]

    return user


def user_needed():
    def wrapper(view_function):
        @wraps(view_function)
        def decorator(*args, **kwargs):
            user = current_user()
            if not user:
                abort(403)
            return view_function(*args, user=user, **kwargs)

        return decorator

    return wrapper


def moderator_needed():
    def wrapper(view_function):
        @wraps(view_function)
        def decorator(*args, **kwargs):
            user = current_user()
            if not user or not user.moderator:
                abort(403)
            return view_function(*args, user=user, **kwargs)

        return decorator

    return wrapper


def admin_needed():
    def wrapper(view_function):
        @wraps(view_function)
        def decorator(*args, **kwargs):
            user = current_user()
            if not user or not user.admin:
                abort(403)
            return view_function(*args, user=user, **kwargs)

        return decorator

    return wrapper
Can logout even if the session user does not exist 2020-09-15 07:43:36 +00:00			`import ldap`
Admin login 2020-08-19 14:20:57 +00:00			`from functools import wraps`
			`from flask import session, abort`
Renamed the project 'canaille' 2020-10-21 12:04:40 +00:00			`from canaille.models import User`
Admin login 2020-08-19 14:20:57 +00:00

			`def current_user():`
Can logout even if the session user does not exist 2020-09-15 07:43:36 +00:00			`if "user_dn" not in session:`
			`return None`

Fixed a bug happening when a user is deleted during his session 2020-11-25 16:41:03 +00:00			`user = User.get(dn=session["user_dn"])`

			`if not user:`
			`del session["user_dn"]`

			`return user`
Admin login 2020-08-19 14:20:57 +00:00

			`def user_needed():`
			`def wrapper(view_function):`
			`@wraps(view_function)`
			`def decorator(args, *kwargs):`
User token list view 2020-08-27 08:50:50 +00:00			`user = current_user()`
			`if not user:`
Admin login 2020-08-19 14:20:57 +00:00			`abort(403)`
User token list view 2020-08-27 08:50:50 +00:00			`return view_function(args, user=user, *kwargs)`
Admin login 2020-08-19 14:20:57 +00:00
			`return decorator`

			`return wrapper`


Moderators group. #12 2020-11-02 11:13:03 +00:00			`def moderator_needed():`
			`def wrapper(view_function):`
			`@wraps(view_function)`
			`def decorator(args, *kwargs):`
			`user = current_user()`
			`if not user or not user.moderator:`
			`abort(403)`
			`return view_function(args, user=user, *kwargs)`

			`return decorator`

			`return wrapper`


Admin login 2020-08-19 14:20:57 +00:00			`def admin_needed():`
			`def wrapper(view_function):`
			`@wraps(view_function)`
			`def decorator(args, *kwargs):`
			`user = current_user()`
Client unit tests 2020-08-26 13:37:15 +00:00			`if not user or not user.admin:`
Admin login 2020-08-19 14:20:57 +00:00			`abort(403)`
admin_needed passes the user 2020-10-29 10:09:31 +00:00			`return view_function(args, user=user, *kwargs)`
Admin login 2020-08-19 14:20:57 +00:00
			`return decorator`

			`return wrapper`