From f8fbc807f1770cd78dc75effb66a3fa2ddbd443d Mon Sep 17 00:00:00 2001 From: Ozzie Isaacs Date: Sat, 4 Feb 2023 14:51:41 +0100 Subject: [PATCH] further refactored user login --- cps/MyLoginManager.py | 22 ++++++-- cps/admin.py | 2 +- cps/opds.py | 16 +++--- cps/render_template.py | 7 ++- cps/services/simpleldap.py | 1 + cps/templates/book_edit.html | 2 +- cps/templates/book_table.html | 2 +- cps/templates/modal_dialogs.html | 4 +- cps/templates/tasks.html | 2 +- cps/usermanagement.py | 86 +++++++++++--------------------- cps/web.py | 9 ++-- 11 files changed, 71 insertions(+), 82 deletions(-) diff --git a/cps/MyLoginManager.py b/cps/MyLoginManager.py index 2f06be94..aa03ca52 100644 --- a/cps/MyLoginManager.py +++ b/cps/MyLoginManager.py @@ -21,9 +21,10 @@ # along with this program. If not, see . -from flask_login import LoginManager -from flask import session - +from flask_login import LoginManager, confirm_login +from flask import session, current_app +from flask_login.utils import decode_cookie +from flask_login.signals import user_loaded_from_cookie class MyLoginManager(LoginManager): def _session_protection_failed(self): @@ -33,3 +34,18 @@ class MyLoginManager(LoginManager): and _session.get('csrf_token', None))) and ident != _session.get('_id', None): return super(). _session_protection_failed() return False + + def _load_user_from_remember_cookie(self, cookie): + user_id = decode_cookie(cookie) + if user_id is not None: + session["_user_id"] = user_id + session["_fresh"] = False + user = None + if self._user_callback: + user = self._user_callback(user_id) + if user is not None: + app = current_app._get_current_object() + user_loaded_from_cookie.send(app, user=user) + confirm_login() + return user + return None diff --git a/cps/admin.py b/cps/admin.py index b3af0f8a..b0ac0fac 100644 --- a/cps/admin.py +++ b/cps/admin.py @@ -33,7 +33,7 @@ from datetime import time as datetime_time from functools import wraps from flask import Blueprint, flash, redirect, url_for, abort, request, make_response, send_from_directory, g, Response -from flask_login import login_required, current_user, logout_user, confirm_login +from flask_login import login_required, current_user, logout_user from flask_babel import gettext as _ from flask_babel import get_locale, format_time, format_datetime, format_timedelta from flask import session as flask_session diff --git a/cps/opds.py b/cps/opds.py index bf50691a..6b09a84d 100644 --- a/cps/opds.py +++ b/cps/opds.py @@ -23,10 +23,10 @@ import datetime from urllib.parse import unquote_plus - -from flask import Blueprint, request, render_template, g, make_response, abort +from flask import Blueprint, request, render_template, make_response, abort from flask_login import current_user from flask_babel import get_locale +from flask_babel import gettext as _ from sqlalchemy.sql.expression import func, text, or_, and_, true from sqlalchemy.exc import InvalidRequestError, OperationalError @@ -35,8 +35,7 @@ from .usermanagement import requires_basic_auth_if_no_ano from .helper import get_download_link, get_book_cover from .pagination import Pagination from .web import render_read_books -from .usermanagement import load_user_from_request -from flask_babel import gettext as _ + opds = Blueprint('opds', __name__) @@ -342,7 +341,8 @@ def feed_languages(book_id): @requires_basic_auth_if_no_ano def feed_shelfindex(): off = request.args.get("offset") or 0 - shelf = g.shelves_access + shelf = ub.session.query(ub.Shelf).filter( + or_(ub.Shelf.is_public == 1, ub.Shelf.user_id == current_user.id)).order_by(ub.Shelf.name).all() number = len(shelf) pagination = Pagination((int(off) / (int(config.config_books_per_page)) + 1), config.config_books_per_page, number) @@ -389,11 +389,7 @@ def feed_shelf(book_id): @opds.route("/opds/download///") @requires_basic_auth_if_no_ano def opds_download_link(book_id, book_format): - # I gave up with this: With enabled ldap login, the user doesn't get logged in, therefore it's always guest - # workaround, loading the user from the request and checking its download rights here - # in case of anonymous browsing user is None - user = load_user_from_request(request) or current_user - if not user.role_download(): + if not current_user.role_download(): return abort(403) if "Kobo" in request.headers.get('User-Agent'): client = "kobo" diff --git a/cps/render_template.py b/cps/render_template.py index 70faaa13..68b46459 100644 --- a/cps/render_template.py +++ b/cps/render_template.py @@ -20,11 +20,13 @@ from flask import render_template, g, abort, request from flask_babel import gettext as _ from werkzeug.local import LocalProxy from flask_login import current_user +from sqlalchemy.sql.expression import or_ -from . import config, constants, logger +from . import config, constants, logger, ub from .ub import User + log = logger.create() def get_sidebar_config(kwargs=None): @@ -99,6 +101,9 @@ def get_sidebar_config(kwargs=None): {"glyph": "glyphicon-th-list", "text": _('Books List'), "link": 'web.books_table', "id": "list", "visibility": constants.SIDEBAR_LIST, 'public': (not current_user.is_anonymous), "page": "list", "show_text": _('Show Books List'), "config_show": content}) + g.shelves_access = ub.session.query(ub.Shelf).filter( + or_(ub.Shelf.is_public == 1, ub.Shelf.user_id == current_user.id)).order_by(ub.Shelf.name).all() + return sidebar, simple diff --git a/cps/services/simpleldap.py b/cps/services/simpleldap.py index 1ca7e5bf..8f1606fc 100644 --- a/cps/services/simpleldap.py +++ b/cps/services/simpleldap.py @@ -89,6 +89,7 @@ def get_object_details(user=None,query_filter=None): def bind(): + print("bind") return _ldap.bind() diff --git a/cps/templates/book_edit.html b/cps/templates/book_edit.html index bfb8efdd..6552cd26 100644 --- a/cps/templates/book_edit.html +++ b/cps/templates/book_edit.html @@ -219,7 +219,7 @@ {% endblock %} {% block modal %} -{{ delete_book() }} +{{ delete_book(current_user.role_delete_books()) }} {{ delete_confirm_modal() }}