diff --git a/app/__init__.py b/app/__init__.py index b7478bd..9367c3f 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -38,12 +38,12 @@ moment.init_app(app) from .main import main as main_blueprint app.register_blueprint(main_blueprint) -from .news import news as news_blueprint -app.register_blueprint(news_blueprint, url_prefix='/news') - from .auth import auth as auth_blueprint app.register_blueprint(auth_blueprint, url_prefix='/auth') +from .news import news as news_blueprint +app.register_blueprint(news_blueprint, url_prefix='/news') + from .admin import admin as admin_blueprint app.register_blueprint(admin_blueprint, url_prefix='/' + app.config['ADMIN_PREFIX']) @@ -53,6 +53,12 @@ app.register_blueprint(settings_blueprint, url_prefix='/settings') from .vmanager import vmanager as vmanager_blueprint app.register_blueprint(vmanager_blueprint, url_prefix='/vmanager') +from .smanager import smanager as smanager_blueprint +app.register_blueprint(smanager_blueprint, url_prefix='/smanager') + +from .dmanager import dmanager as dmanager_blueprint +app.register_blueprint(dmanager_blueprint, url_prefix='/dmanager') + from .uinvoice import uinvoice as uinvoice_blueprint app.register_blueprint(uinvoice_blueprint, url_prefix='/uinvoice') diff --git a/app/dmanager/__init__.py b/app/dmanager/__init__.py new file mode 100644 index 0000000..f32d4a6 --- /dev/null +++ b/app/dmanager/__init__.py @@ -0,0 +1,3 @@ +from flask import Blueprint +dmanager = Blueprint('dmanager', __name__) +from . import routes diff --git a/app/dmanager/routes.py b/app/dmanager/routes.py new file mode 100644 index 0000000..fe48f51 --- /dev/null +++ b/app/dmanager/routes.py @@ -0,0 +1,44 @@ +from flask import render_template, abort, redirect, url_for, abort, flash, request, current_app, make_response, g +from flask_login import login_required, login_user, logout_user, current_user +from flask_sqlalchemy import get_debug_queries + +from . import dmanager +from .. import db +from ..email import send_email +from ..models import User, Permission, Service +from ..decorators import admin_required, permission_required + +from datetime import datetime, timedelta, date, time + +@dmanager.after_app_request +def after_request(response): + for query in get_debug_queries(): + if query.duration >= current_app.config['SLOW_DB_QUERY_TIME']: + current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context)) + return response + +@dmanager.route('/activate/', methods=['GET', 'POST']) +@login_required +def activate(itemid=0): + if current_user.wallet < 1: + flash('Insufficient Funds') + return redirect(url_for('uinvoice.addfunds')) + + #work with disabled items only + result = current_user.inv_domains.filter_by(enabled=False) + inventory = [] + for invcls in result: + inventory.extend([invcls.pid]) + #checks if current user owns this item + if not itemid in inventory: + current_app.logger.warning('[{}] Access violation with domain id: {}'.format(current_user.email, itemid)) + #TODO: log ips + abort(404) + else: + current_app.logger.info('[{}] Disabled services: {}'.format(current_user.email, inventory)) + abort(403) + + #if current_user.confirmed and form.validate_on_submit(): + # client_id = current_user.pid + return render_template('dmanager/activate.html', page=page, form=form) + diff --git a/app/smanager/__init__.py b/app/smanager/__init__.py new file mode 100644 index 0000000..e5b6732 --- /dev/null +++ b/app/smanager/__init__.py @@ -0,0 +1,3 @@ +from flask import Blueprint +smanager = Blueprint('smanager', __name__) +from . import routes diff --git a/app/smanager/routes.py b/app/smanager/routes.py new file mode 100644 index 0000000..272aeb9 --- /dev/null +++ b/app/smanager/routes.py @@ -0,0 +1,45 @@ +from flask import render_template, abort, redirect, url_for, abort, flash, request, current_app, make_response, g +from flask_login import login_required, login_user, logout_user, current_user +from flask_sqlalchemy import get_debug_queries + +from . import smanager +from .. import db +from ..email import send_email +from ..models import User, Permission, Service +from ..decorators import admin_required, permission_required + +from datetime import datetime, timedelta, date, time + +@smanager.after_app_request +def after_request(response): + for query in get_debug_queries(): + if query.duration >= current_app.config['SLOW_DB_QUERY_TIME']: + current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context)) + return response + +@smanager.route('/activate/', methods=['GET', 'POST']) +@login_required +def activate(itemid=0): + if current_user.wallet < 1: + flash('Insufficient Funds') + return redirect(url_for('uinvoice.addfunds')) + + #work with disabled items only + result = current_user.inv_services.all() + current_app.logger.info(result) + inventory = [] + for invcls in result: + inventory.extend([invcls.pid]) + #checks if current user owns this item + if not itemid in inventory: + current_app.logger.warning('[{}] Access violation with service id: {}'.format(current_user.email, itemid)) + #TODO: log ips + abort(404) + else: + current_app.logger.info('[{}] Disabled services: {}'.format(current_user.email, inventory)) + abort(403) + + #if current_user.confirmed and form.validate_on_submit(): + # client_id = current_user.pid + return render_template('smanager/activate.html', page=page, form=form) + diff --git a/app/templates/vmanager/activate.html b/app/templates/vmanager/activate.html new file mode 100644 index 0000000..cdb5a4c --- /dev/null +++ b/app/templates/vmanager/activate.html @@ -0,0 +1,30 @@ +{% extends "base.html" %} + +{% block title %}Activate{% endblock %} + +{% block page_content %} + +
+ +
+
+
Activate
+
+ +
+

{{ form.period.label }}
{{ form.period }}
+ {% for error in form.period.errors %} + {{ error }}
+ {% endfor %} +

+

+ {{ form.csrf_token() }} + {{ form.submit }} +

+ +
+
+
+ +{% endblock %} + diff --git a/app/vmanager/forms.py b/app/vmanager/forms.py index e4a92db..23cb34b 100644 --- a/app/vmanager/forms.py +++ b/app/vmanager/forms.py @@ -21,4 +21,6 @@ class DeployForm(FlaskForm): submit = SubmitField('Deploy') - +class ActivateForm(FlaskForm): + period = SelectField('Deploy Period', choices=[('1 Month', 1), ('3 Months', 3), ('6 Months', 6), ('1 Year', 12), ('2 Years', 24)]) + submit = SubmitField('Activate') diff --git a/app/vmanager/routes.py b/app/vmanager/routes.py index 0e45a07..5638331 100644 --- a/app/vmanager/routes.py +++ b/app/vmanager/routes.py @@ -3,7 +3,7 @@ from flask_login import login_required, login_user, logout_user, current_user from flask_sqlalchemy import get_debug_queries from . import vmanager -from .forms import DeployForm +from .forms import DeployForm, ActivateForm from .. import db from ..email import send_email from ..models import User, Permission, Deployment, Service, Region, Address, Domain, contact_proxmaster @@ -121,18 +121,22 @@ def deploy(product_id=None): @login_required def activate(vmid=0): #work with disabled deploys only - result = current_user.inv_deployments.filter_by(enabled=False) + result = current_user.inv_deployments.all() inventory = [] for invcls in result: inventory.extend([invcls.machine_id]) - #checks if current user owns this vmid - if not vmid in inventory: + + if current_user.is_administrator(): + current_app.logger.info('[ADMIN] Access override for cube id:{}'.format(vmid)) + elif not vmid in inventory: current_app.logger.warning('[{}] Access violation with cube id: {}'.format(current_user.email, vmid)) - #TODO: log ips abort(404) - else: - current_app.logger.info('[{}] Disabled deployments: {}'.format(current_user.email, inventory)) - abort(403) + + #current_app.logger.info('[{}] Disabled deployments: {}'.format(current_user.email, inventory)) + form = ActivateForm(period=Deployment.query.filter_by(machine_id=vmid)) + if current_user.confirmed and form.validate_on_submit(): + current_app.logger.info('meh') + return render_template('vmanager/activate.html', form=form, vmid=vmid) @vmanager.route('//') @login_required