grimhilt/signage-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

create users

Browse Source
This commit is contained in:
grimhilt 2023-08-08 14:18:18 +02:00
parent 19856a386c
commit 293fb060ed
6 changed files with 97 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/api/__init__.py
View File

@ -28,11 +28,11 @@ def create_api():
from .controllers.auth import auth
from .controllers.roles import roles
app.register_blueprint(user, url_prefix='/api/user')
app.register_blueprint(user, url_prefix='/api')
app.register_blueprint(playlist, url_prefix='/api')
app.register_blueprint(file, url_prefix='/api/file')
app.register_blueprint(auth, url_prefix='/api/auth')
app.register_blueprint(roles, url_prefix='/api/roles')
app.register_blueprint(roles, url_prefix='/api')
from .models import User, Playlist, PlaylistFile, File

21
src/api/abl/AuthAbl.py
View File

@ -13,8 +13,8 @@ class AuthAbl:
is_first_user = db.session.query(User).count() == 0
if not is_first_user and current_user is None:
return jsonify(message="You cannot create an account without being authenticated"), 401
if not is_first_user:
return jsonify(message="You cannot create an account"), 401
user = db.session.query(User).filter_by(login=login).first()
if user:
@ -39,8 +39,21 @@ class AuthAbl:
password = data['password']
user = db.session.query(User).filter_by(login=login).first()
if not user or not check_password_hash(user.password, password):
return jsonify(message="Incorrect credentials"), 401
if not user:
nb_users = db.session.query(User).count()
if nb_users == 0:
user = User(login=login, password=generate_password_hash(password, method='sha256'))
db.session.add(user)
db.session.flush()
new_role = Role(name=login, permissions=0b111, user_id=user.as_dict()['id'])
db.session.add(new_role)
db.session.flush()
user.roles.append(new_role)
db.session.commit()
login_user(user)
return jsonify(user.as_dict())
else:
return jsonify(message="Incorrect credentials"), 401
login_user(user)
return jsonify(user.as_dict())

52
src/api/abl/UserAbl.py Normal file
View File

@ -0,0 +1,52 @@
from flask import Blueprint, request, jsonify
from werkzeug.security import generate_password_hash, check_password_hash
from flask_login import current_user
from ..models import User, Role
from .. import db
class UserAbl:
@staticmethod
def create(data):
login = data['login']
password = data['password']
permissions = data['permissions']
# check if the user exists
user = db.session.query(User).filter_by(login=login).first()
if user:
return jsonify(user.as_dict()), 302
# check the user has the permissions he gives to the new user
user_perms = bin(current_user.as_dict()['roles'][0]['permissions'])
for (position, bit) in enumerate(bin(permissions)):
if bit == '1' and bit != user_perms[position]:
return jsonify(message="You don't have the permission to give permission(s) you don't have"), 403
# create the user
new_user = User( \
login=login, \
password=generate_password_hash(password, method='sha256') \
)
db.session.add(new_user)
db.session.flush()
# create the permissions for the user
new_role = Role( \
name=login, \
user_id=new_user.as_dict()['id'], \
permissions=permissions)
db.session.add(new_role)
new_user.roles.append(new_role)
db.session.flush()
db.session.commit()
return jsonify(new_user.as_dict())
@staticmethod
def list():
query = db.session.query(User).all()
return jsonify([user.as_dict() for user in query])

2
src/api/controllers/playlist.py
View File

@ -43,7 +43,7 @@ def add_file(playlist_id):
def change_order(playlist_id):
return PlaylistAbl.change_order(playlist_id, request.get_json())
@playlist.route('/playlits/<int:playlist_id>/seconds', methods=["POST"])
@playlist.route('/playlists/<int:playlist_id>/seconds', methods=["POST"])
@login_required
@permissions.require([Perm.EDIT_PLAYLIST])
def change_seconds(playlist_id):

14
src/api/controllers/roles.py
View File

@ -6,7 +6,7 @@ from .. import db
roles = Blueprint('roles', __name__)
@roles.route('/', methods=['POST'])
@roles.route('/roles', methods=['POST'])
@login_required
def create():
data = request.get_json()
@ -25,7 +25,7 @@ def create():
db.session.commit()
return jsonify(new_role.as_dict())
@roles.route('/<int:role_id>', methods=['GET'])
@roles.route('/roles/<int:role_id>', methods=["GET"])
@login_required
def get(role_id):
role = db.session.query(Role).filter_by(id=role_id).first()
@ -33,3 +33,13 @@ def get(role_id):
return jsonify(role.as_dict())
return jsonify(), 404
@roles.route('/roles', methods=["GET"])
@login_required
def list():
res = db.session.query(Role).all()
roles = []
for role in roles:
roles.append(role.as_dict())
return jsonify(roles)

23
src/api/controllers/user.py
View File

@ -1,22 +1,25 @@
from flask import Blueprint, request
from flask import Blueprint, request, jsonify
from ..models import User
from werkzeug.security import generate_password_hash, check_password_hash
from ..models import User
from .. import db
from flask_login import login_required, current_user
from ..abl.UserAbl import UserAbl
from ..permissions import Perm, permissions
user = Blueprint('user', __name__)
@user.route('create', methods=['PUT'])
@user.route('/users', methods=['POST'])
@login_required
@permissions.require([Perm.CREATE_USER])
def create():
print(request.get_json())
return "ok"
generate_password_hash("i", method='sha256')
db.session.add(new_user)
db.session.commit()
return "ok"
return UserAbl.create(request.get_json())
@user.route('delete', methods=['DELETE'])
def delete():
return "ok"
@user.route('list', methods=['GET'])
@user.route('/users', methods=['GET'])
@login_required
def list():
return "ok"
return UserAbl.list()