sporada/nopaque
1
0
Fork 0
mirror of https://gitlab.ub.uni-bielefeld.de/sfb1288inf/nopaque.git synced 2024-11-15 01:05:42 +00:00
Code Issues Projects Releases Wiki Activity
678ac670ea
nopaque/app/models.py

154 lines
4.8 KiB
Python
Raw Normal View History

Add reset token generation functionality in User class.
2019-07-08 11:55:56 +00:00
from flask import current_app
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
from flask_login import UserMixin, AnonymousUserMixin
Add reset token generation functionality in User class.
2019-07-08 11:55:56 +00:00
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
from werkzeug.security import generate_password_hash, check_password_hash
from . import db
from . import login_manager
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
class Permission:
CREATE_JOB = 1
DELETE_JOB = 2
# WRITE = 4
# MODERATE = 8
ADMIN = 16
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(64), unique=True)
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
default = db.Column(db.Boolean, default=False, index=True)
permissions = db.Column(db.Integer)
users = db.relationship('User', backref='role', lazy='dynamic')
def __init__(self, **kwargs):
super(Role, self).__init__(**kwargs)
if self.permissions is None:
self.permissions = 0
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
def __repr__(self):
return '<Role %r>' % self.name
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
def add_permission(self, perm):
if not self.has_permission(perm):
self.permissions += perm
def remove_permission(self, perm):
if self.has_permission(perm):
self.permissions -= perm
def reset_permissions(self):
self.permissions = 0
def has_permission(self, perm):
return self.permissions & perm == perm
@staticmethod
def insert_roles():
roles = {
'User': [Permission.CREATE_JOB],
'Administrator': [Permission.ADMIN,
Permission.CREATE_JOB,
Permission.DELETE_JOB]
}
default_role = 'User'
for r in roles:
role = Role.query.filter_by(name=r).first()
if role is None:
role = Role(name=r)
role.reset_permissions()
for perm in roles[r]:
role.add_permission(perm)
role.default = (role.name == default_role)
db.session.add(role)
db.session.commit()
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
class User(UserMixin, db.Model):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(64), unique=True, index=True)
username = db.Column(db.String(64), unique=True, index=True)
password_hash = db.Column(db.String(128))
role_id = db.Column(db.Integer, db.ForeignKey('roles.id'))
Add email confirmation
2019-07-08 13:59:15 +00:00
confirmed = db.Column(db.Boolean, default=False)
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
def __repr__(self):
return '<User %r>' % self.username
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
def __init__(self, **kwargs):
super(User, self).__init__(**kwargs)
if self.role is None:
if self.email == current_app.config['OPAQUE_ADMIN']:
self.role = Role.query.filter_by(name='Administrator').first()
if self.role is None:
self.role = Role.query.filter_by(default=True).first()
Add email confirmation
2019-07-08 13:59:15 +00:00
def generate_confirmation_token(self, expiration=3600):
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'confirm': self.id}).decode('utf-8')
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
Add reset token generation functionality in User class.
2019-07-08 11:55:56 +00:00
def generate_reset_token(self, expiration=3600):
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'reset': self.id}).decode('utf-8')
Add email confirmation
2019-07-08 13:59:15 +00:00
def confirm(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token.encode('utf-8'))
except:
return False
if data.get('confirm') != self.id:
return False
self.confirmed = True
db.session.add(self)
return True
Add password reset functionality.
2019-07-08 13:13:32 +00:00
@staticmethod
def reset_password(token, new_password):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token.encode('utf-8'))
except:
return False
user = User.query.get(data.get('reset'))
if user is None:
return False
user.password = new_password
db.session.add(user)
return True
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
@property
def password(self):
raise AttributeError('password is not a readable attribute')
@password.setter
def password(self, password):
self.password_hash = generate_password_hash(password)
def verify_password(self, password):
return check_password_hash(self.password_hash, password)
Add Roles and Permission models so that only admins can access /admin
2019-07-09 13:41:16 +00:00
def can(self, perm):
return self.role is not None and self.role.has_permission(perm)
def is_administrator(self):
return self.can(Permission.ADMIN)
class AnonymousUser(AnonymousUserMixin):
def can(self, permissions):
return False
def is_administrator(self):
return False
login_manager.anonymous_user = AnonymousUser # Flask-Login is told to use the applications custom anonymous user by setting its class in the login_manager.anonymous_user attribute.
Merge base templates. Add database support. Add blueprint for main.
2019-07-05 12:47:35 +00:00
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
Reference in New Issue Copy Permalink