diff --git a/collectoss/api/routes/config.py b/collectoss/api/routes/config.py index 8c66d8b22..55c2b02fa 100644 --- a/collectoss/api/routes/config.py +++ b/collectoss/api/routes/config.py @@ -9,13 +9,13 @@ # Disable the requirement for SSL by setting env["AUGUR_DEV"] = True from collectoss.application.config import get_development_flag from collectoss.application.db.lib import get_session +from collectoss.api.util import ssl_required, admin_required from collectoss.application.db.models import Config from collectoss.application.config import SystemConfig from collectoss.application.db.session import DatabaseSession from ..server import app logger = logging.getLogger(__name__) -development = get_development_flag() from collectoss.api.routes import API_VERSION @@ -28,22 +28,40 @@ def generate_upgrade_request(): return response, 426 @app.route(f"/{API_VERSION}/config/get", methods=['GET', 'POST']) +@ssl_required def get_config(): - if not development and not request.is_secure: - return generate_upgrade_request() - with DatabaseSession(logger, engine=current_app.engine) as session: config_dict = SystemConfig(logger, session).config.load_config() return jsonify(config_dict), 200 +@app.route(f"/{AUGUR_API_VERSION}/config/set", methods=['GET', 'POST']) +@ssl_required +@admin_required +def set_config_item(): + setting = request.args.get("setting") + section = request.args.get("section") + value = request.values.get("value") + + result = { + "section_name": section, + "setting_name": setting, + "value": value + } + + if not setting or not section or not value: + return jsonify({"status": "Missing argument"}), 400 + + with get_session() as session: + config = SystemConfig(logger, session) + config.add_or_update_settings([result]) + + return jsonify({"status": "success"}) @app.route(f"/{API_VERSION}/config/update", methods=['POST']) +@ssl_required def update_config(): - if not development and not request.is_secure: - return generate_upgrade_request() - update_dict = request.get_json() with get_session() as session: @@ -64,5 +82,3 @@ def update_config(): session.commit() return jsonify({"status": "success"}), 200 - - diff --git a/collectoss/api/util.py b/collectoss/api/util.py index f2dea539b..44aaadf3d 100644 --- a/collectoss/api/util.py +++ b/collectoss/api/util.py @@ -6,7 +6,7 @@ import re import beaker -from flask import request, jsonify, current_app +from flask import request, jsonify, current_app, abort from collectoss.application.db import get_session from functools import wraps @@ -14,6 +14,8 @@ from collectoss.application.config import get_development_flag from collectoss.application.db.models import ClientApplication +from flask_login import login_required, current_user + development = get_development_flag() __ROOT = os.path.abspath(os.path.dirname(__file__)) @@ -112,7 +114,6 @@ def get_client_token(): return token - # usage: """ @app.route("/path") @@ -155,4 +156,22 @@ def wrapper(*args, **kwargs): return generate_upgrade_request() return fun(*args, **kwargs) - return wrapper \ No newline at end of file + return wrapper + +def admin_required(func): + @login_required + @wraps(func) + def inner_function(*args, **kwargs): + if current_user.admin: + return func(*args, **kwargs) + else: + abort(403) + return inner_function + +def development_required(func): + @wraps(func) + def inner_function(*args, **kwargs): + if not development: + abort(403) + return func(*args, **kwargs) + return inner_function \ No newline at end of file diff --git a/collectoss/api/view/api_view.py b/collectoss/api/view/api_view.py index b2f5a2925..f0fd57cce 100644 --- a/collectoss/api/view/api_view.py +++ b/collectoss/api/view/api_view.py @@ -1,10 +1,12 @@ from flask import render_template, redirect, url_for, session, request, jsonify -from flask_login import LoginManager +from flask_login import LoginManager, current_user, login_required from io import StringIO from .utils import * from .init import logger from .url_converters import * +from functools import wraps + # from .server import User from ..server import app, db_session from collectoss.application.db.models import User, UserSessionToken @@ -38,6 +40,13 @@ def unsupported_method(error): return render_message("405 - Method not supported", "The resource you are trying to access does not support the request method used"), 405 +@app.errorhandler(403) +def forbidden(error): + if AUGUR_API_VERSION in str(request.url_rule): + return jsonify({"status": "Forbidden"}), 403 + + return render_message("403 - Forbidden", "You do not have permission to view this page"), 403 + @app.errorhandler(500) def internal_server_error(error): if API_VERSION in str(request.path): @@ -52,8 +61,21 @@ def internal_server_error(error): errout.close() except Exception as e: logger.error(e) + raise e - return render_message("500 - Internal Server Error", "An error occurred while trying to service your request. Please try again, and if the issue persists, please file a GitHub issue with the below error message:", error=stacktrace), 500 + return render_message("500 - Internal Server Error", """An error occurred while trying to service your request. + Please try again, and if the error persists, please file a GitHub issue with a description + of what you were doing before this error occurred accompanied by the below error message:""", error=stacktrace), 500 + +@app.template_filter("escape_ID") +def escape_HTML_ID(data: str) -> str: + # Done this way in case we want to add more replacements in the future + data = data.replace(".", "\\.") + return data + +@app.template_filter("quoted") +def quote_surrounded(data: str) -> str: + return '"' + data + '"' @login_manager.unauthorized_handler def unauthorized(): @@ -98,19 +120,16 @@ def load_user(user_id): @login_manager.request_loader def load_user_request(request): token = get_bearer_token() - current_time = int(time.time()) - token = db_session.query(UserSessionToken).filter(UserSessionToken.token == token, UserSessionToken.expiration >= current_time).first() - if token: - print("Valid user") + token = db_session.query(UserSessionToken).filter(UserSessionToken.token == token, UserSessionToken.expiration >= current_time).first() + if token: user = token.user user._is_authenticated = True user._is_active = True - return user - + return None @app.template_filter('as_datetime') diff --git a/collectoss/api/view/routes.py b/collectoss/api/view/routes.py index 15ab991b3..a017e5f73 100644 --- a/collectoss/api/view/routes.py +++ b/collectoss/api/view/routes.py @@ -3,16 +3,23 @@ """ import logging import math +import os +import signal from flask import render_template, request, redirect, url_for, session, flash from .utils import * +from augur.api.util import admin_required, development_required from flask_login import login_user, logout_user, current_user, login_required +from sqlalchemy.exc import OperationalError from collectoss.application.db.models import User, Repo, ClientApplication from .server import LoginException from collectoss.application.util import * from collectoss.application.db.lib import get_value +from collectoss.application.config import SystemConfig from ..server import app, db_session +from augur.application.db.lib import get_session + logger = logging.getLogger(__name__) @@ -318,6 +325,7 @@ def user_group_view(group = None): return render_module("user-group-repos-table", title="Repos", repos=data, query_key=query, activePage=params["page"], pages=page_count, offset=pagination_offset, PS="user_group_view", reverse = rev, sorting = params.get("sort"), group=group) @app.route('/error') +@development_required def throw_exception(): raise Exception("This Exception intentionally raised") @@ -326,6 +334,7 @@ def throw_exception(): View the admin dashboard. """ @app.route('/dashboard') +@admin_required def dashboard_view(): empty = [ { "title": "Placeholder", "settings": [ @@ -337,6 +346,14 @@ def dashboard_view(): ]} ] - backend_config = requestJson("config/get", False) + backend_config = SystemConfig(logger, db_session).load_config() + + with get_session() as session: + try: + users = session.query(User).all() + except OperationalError as e: + # Instruct Gunicorn to reboot workers to resolve database connection instability + os.kill(os.getpid(), signal.SIGTERM) + return "reloading" - return render_template('admin-dashboard.j2', sections = empty, config = backend_config) + return render_template('admin-dashboard.j2', sections = empty, config = backend_config, users = users) diff --git a/collectoss/application/db/lib.py b/collectoss/application/db/lib.py index c5394365d..a459c7a64 100644 --- a/collectoss/application/db/lib.py +++ b/collectoss/application/db/lib.py @@ -20,7 +20,7 @@ logger = logging.getLogger("db_lib") -@deprecated("This is a legacy method. Use AugurConfig.get_value instead") +@deprecated("This is a legacy method. Use SystemConfig.get_value instead") def get_value(section_name: str, setting_name: str) -> Optional[Any]: """Get the value of a setting from the config. diff --git a/collectoss/static/css/dashboard.css b/collectoss/static/css/dashboard.css index ef111c32a..c89815488 100644 --- a/collectoss/static/css/dashboard.css +++ b/collectoss/static/css/dashboard.css @@ -1,7 +1,9 @@ :root { --color-bg: #1A233A; --color-bg-light: #272E48; + --color-bg-contrast: #646683; --color-fg: white; + --color-fg-dark: #b0bdd6; --color-fg-contrast: black; --color-accent: #6f42c1; --color-accent-dark: #6134b3; @@ -25,7 +27,35 @@ body { margin-bottom: 10px; } -.nav-pills .nav-link.active, .nav-pills .show > .nav-link { +.input-textbox { + color: var(--color-fg); + background-color: var(--color-bg); + border-color: var(--color-accent-dark); +} + +.input-group-text { + color: var(--color-fg); + background-color: var(--color-bg-light); + border-color: var(--color-accent-dark); + border-right: none; +} + +.input-textbox::placeholder { + color: var(--color-fg-dark); +} + +.input-textbox:focus { + color: var(--color-fg); + background-color: var(--color-bg); + border-color: var(--color-accent-dark); +} + +.input-textbox:focus::placeholder { + color: var(--color-fg-dark); +} + +.nav-pills .nav-link.active, +.nav-pills .show>.nav-link { background-color: var(--color-accent) } @@ -52,6 +82,10 @@ body { padding-right: 10px !important; } +.modal-dialog { + color: var(--color-fg-contrast); +} + .dashboard-form-control { border: 1px solid #596280; -webkit-border-radius: 2px; @@ -62,17 +96,59 @@ body { color: #bcd0f7; } +.contrast-card { + background-color: var(--color-bg); +} + +.card:has(.contrast-card) { + border: none; +} + +.accordion-item { + background-color: var(--color-bg-light); + color: var(--color-fg); +} + +.accordion-button { + background-color: var(--color-accent-dark); + color: var(--color-fg); +} + +.accordion-button:not(.collapsed) { + background-color: var(--color-accent); + color: var(--color-fg); +} + +.accordion-button::after { + filter: saturate(0%) brightness(10); +} + +.accordion-button:not(.collapsed)::after { + filter: saturate(0%) brightness(10); +} + +.accordion-button:focus { + box-shadow: none; + border-color: var(--color-accent-dark); +} + .circle-opaque { - border-radius: 50%; /* Make it a circle */ - display: inline-block; - position: absolute; /* Able to position it, overlaying the other image */ - left:0px; /* Customise the position, but make sure it */ - top:0px; /* is the same as .circle-transparent */ - z-index: -1; /* Makes the image sit *behind* .circle-transparent */ + border-radius: 50%; + /* Make it a circle */ + display: inline-block; + position: absolute; + /* Able to position it, overlaying the other image */ + left: 0px; + /* Customise the position, but make sure it */ + top: 0px; + /* is the same as .circle-transparent */ + z-index: -1; + /* Makes the image sit *behind* .circle-transparent */ } .circle-opaque img { - border-radius: 50%; /* Make it a circle */ + border-radius: 50%; + /* Make it a circle */ z-index: -1; } @@ -95,4 +171,47 @@ table { #toast-placeholder { display: none; z-index: 100; +} + +@-webkit-keyframes rotating + +/* Safari and Chrome */ + { + from { + -webkit-transform: rotate(0deg); + -o-transform: rotate(0deg); + transform: rotate(0deg); + } + + to { + -webkit-transform: rotate(360deg); + -o-transform: rotate(360deg); + transform: rotate(360deg); + } +} + +@keyframes rotating { + from { + -ms-transform: rotate(0deg); + -moz-transform: rotate(0deg); + -webkit-transform: rotate(0deg); + -o-transform: rotate(0deg); + transform: rotate(0deg); + } + + to { + -ms-transform: rotate(360deg); + -moz-transform: rotate(360deg); + -webkit-transform: rotate(360deg); + -o-transform: rotate(360deg); + transform: rotate(360deg); + } +} + +.rotating { + -webkit-animation: rotating 1s linear infinite; + -moz-animation: rotating 1s linear infinite; + -ms-animation: rotating 1s linear infinite; + -o-animation: rotating 1s linear infinite; + animation: rotating 1s linear infinite; } \ No newline at end of file diff --git a/collectoss/templates/admin-dashboard.j2 b/collectoss/templates/admin-dashboard.j2 index ee547b46d..c5f14c44b 100644 --- a/collectoss/templates/admin-dashboard.j2 +++ b/collectoss/templates/admin-dashboard.j2 @@ -1,5 +1,6 @@ + @@ -16,14 +17,16 @@ + Dasboard - CollectOSS View - + + {% include 'notifications.j2' %}
@@ -33,8 +36,10 @@
#} + + Augur logo +
- {# Start dashboard content #} -
-

Stats

- {# Start content card #} -
-
- {# Start form body #} -
- {% for section in sections %} -
-
-
{{ section.title }}
-
- {% for setting in section.settings %} -
-
- - -
{{ setting.description or "No description available" }}
+
+ {# Start dashboard content #} +
+
+

Stats

+ {# Start content card #} +
+
+
+

TODO

+ {#
+
+
+ +
#}
- {% endfor %} -
- {% endfor %} - {#
-
- -
-
#} - -
-
-

User Accounts

- {# Start content card #} -
-
-
- {% for section in sections %} -
-
-
{{ section.title }}
-
- {% for setting in section.settings %} -
-
- - -
{{ setting.description or "No description available" }}
+ + + + {%- for header in tableHeaders -%} + {{ header.title }} + {%- endfor -%} + + + + + {% for user in users %} + + {{ user.user_id }} + {{ user.login_name }} + {{ user.first_name }} + {{ user.last_name }} + {{ user.email }} + {% if user.admin %} {% endif %} + + {% endfor %} + + +
+ {% else %} + {# Theoretically, unreachable #} +

What!?

+ {% endif %} +
+
@@ -156,23 +200,162 @@ + + diff --git a/collectoss/templates/navbar.j2 b/collectoss/templates/navbar.j2 index 8250ea634..c5c636829 100644 --- a/collectoss/templates/navbar.j2 +++ b/collectoss/templates/navbar.j2 @@ -22,7 +22,9 @@ diff --git a/collectoss/templates/settings.j2 b/collectoss/templates/settings.j2 index cdedd6b8c..267c7f2f1 100644 --- a/collectoss/templates/settings.j2 +++ b/collectoss/templates/settings.j2 @@ -414,8 +414,6 @@
-
-
{#
#} - +