proxadmin/app/smanager/routes.py

from flask import render_template, abort, redirect, url_for, abort, flash, request, current_app, make_response, g
from flask_login import login_required, login_user, logout_user, current_user
from flask_sqlalchemy import get_debug_queries

from . import smanager
from .. import db
from ..email import send_email
from ..models import User, Permission, Service
from ..decorators import admin_required, permission_required

from datetime import datetime, timedelta, date, time

@smanager.after_app_request
def after_request(response):
    for query in get_debug_queries():
        if query.duration >= current_app.config['SLOW_DB_QUERY_TIME']:
            current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context))
    return response

@smanager.route('/activate/<int:itemid>', methods=['GET', 'POST'])
@login_required
def activate(itemid=0):
    if current_user.wallet < 1:
        flash('Insufficient Funds')
        return redirect(url_for('uinvoice.addfunds'))

    #work with disabled items only
    result = current_user.inv_services.all()
    current_app.logger.info(result)
    inventory = []
    for invcls in result:
        inventory.extend([invcls.pid])
    #checks if current user owns this item
    if not itemid in inventory:
        current_app.logger.warning('[{}] Access violation with service id: {}'.format(current_user.email, itemid))
        #TODO: log ips
        abort(404)
    else:
        current_app.logger.info('[{}] Disabled services: {}'.format(current_user.email, inventory))
    abort(403)

    #if current_user.confirmed and form.validate_on_submit():
    #    client_id = current_user.pid
    return render_template('smanager/activate.html', page=page, form=form)
split item managers and prepare for activate function 2017-07-13 19:46:51 -04:00			`from flask import render_template, abort, redirect, url_for, abort, flash, request, current_app, make_response, g`
			`from flask_login import login_required, login_user, logout_user, current_user`
			`from flask_sqlalchemy import get_debug_queries`

			`from . import smanager`
			`from .. import db`
			`from ..email import send_email`
			`from ..models import User, Permission, Service`
			`from ..decorators import admin_required, permission_required`

			`from datetime import datetime, timedelta, date, time`

			`@smanager.after_app_request`
			`def after_request(response):`
			`for query in get_debug_queries():`
			`if query.duration >= current_app.config['SLOW_DB_QUERY_TIME']:`
			`current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context))`
			`return response`

			`@smanager.route('/activate/<int:itemid>', methods=['GET', 'POST'])`
			`@login_required`
			`def activate(itemid=0):`
			`if current_user.wallet < 1:`
			`flash('Insufficient Funds')`
			`return redirect(url_for('uinvoice.addfunds'))`

			`#work with disabled items only`
			`result = current_user.inv_services.all()`
			`current_app.logger.info(result)`
			`inventory = []`
			`for invcls in result:`
			`inventory.extend([invcls.pid])`
			`#checks if current user owns this item`
			`if not itemid in inventory:`
			`current_app.logger.warning('[{}] Access violation with service id: {}'.format(current_user.email, itemid))`
			`#TODO: log ips`
			`abort(404)`
			`else:`
			`current_app.logger.info('[{}] Disabled services: {}'.format(current_user.email, inventory))`
			`abort(403)`

			`#if current_user.confirmed and form.validate_on_submit():`
			`# client_id = current_user.pid`
			`return render_template('smanager/activate.html', page=page, form=form)`