45 lines
1.7 KiB
Python
45 lines
1.7 KiB
Python
from flask import render_template, abort, redirect, url_for, abort, flash, request, current_app, make_response, g
|
|
from flask_login import login_required, login_user, logout_user, current_user
|
|
from flask_sqlalchemy import get_debug_queries
|
|
|
|
from . import dmanager
|
|
from .. import db
|
|
from ..email import send_email
|
|
from ..models import User, Permission, Service
|
|
from ..decorators import admin_required, permission_required
|
|
|
|
from datetime import datetime, timedelta, date, time
|
|
|
|
@dmanager.after_app_request
|
|
def after_request(response):
|
|
for query in get_debug_queries():
|
|
if query.duration >= current_app.config['SLOW_DB_QUERY_TIME']:
|
|
current_app.logger.warning('Slow query: %s\nParameters: %s\nDuration: %fs\nContext: %s\n' % (query.statement, query.parameters, query.duration, query.context))
|
|
return response
|
|
|
|
@dmanager.route('/activate/<int:itemid>', methods=['GET', 'POST'])
|
|
@login_required
|
|
def activate(itemid=0):
|
|
if current_user.wallet < 1:
|
|
flash('Insufficient Funds')
|
|
return redirect(url_for('uinvoice.addfunds'))
|
|
|
|
#work with disabled items only
|
|
result = current_user.inv_domains.filter_by(enabled=False)
|
|
inventory = []
|
|
for invcls in result:
|
|
inventory.extend([invcls.pid])
|
|
#checks if current user owns this item
|
|
if not itemid in inventory:
|
|
current_app.logger.warning('[{}] Access violation with domain id: {}'.format(current_user.email, itemid))
|
|
#TODO: log ips
|
|
abort(404)
|
|
else:
|
|
current_app.logger.info('[{}] Disabled services: {}'.format(current_user.email, inventory))
|
|
abort(403)
|
|
|
|
#if current_user.confirmed and form.validate_on_submit():
|
|
# client_id = current_user.pid
|
|
return render_template('dmanager/activate.html', page=page, form=form)
|
|
|