From e649d65b5d727a36df5b8cfe5a34a1a379ceff1a Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Wed, 26 Apr 2023 12:24:38 +0200 Subject: [PATCH] add validations in public page of device --- .../device/templates/devices/layout.html | 84 +++++++++++++++++++ ereuse_devicehub/resources/device/views.py | 38 ++++++++- 2 files changed, 121 insertions(+), 1 deletion(-) diff --git a/ereuse_devicehub/resources/device/templates/devices/layout.html b/ereuse_devicehub/resources/device/templates/devices/layout.html index f71806c0..661d3c37 100644 --- a/ereuse_devicehub/resources/device/templates/devices/layout.html +++ b/ereuse_devicehub/resources/device/templates/devices/layout.html @@ -19,6 +19,7 @@ + @@ -40,8 +41,27 @@
+
+
+
+ {% if not rol and rols %} + + {% endif %} +
+
@@ -215,6 +235,70 @@
+ +{% if user.is_anonymous %} + +{% else %} + +{% endif %} + +{% if not user.is_anonymous and not rol %} + +{% endif %} + diff --git a/ereuse_devicehub/resources/device/views.py b/ereuse_devicehub/resources/device/views.py index 59beffd9..15a68655 100644 --- a/ereuse_devicehub/resources/device/views.py +++ b/ereuse_devicehub/resources/device/views.py @@ -4,9 +4,10 @@ from itertools import filterfalse import flask import marshmallow +from ereuseapi.methods import API from flask import Response from flask import current_app as app -from flask import g, render_template, request +from flask import g, render_template, request, session from flask.json import jsonify from flask_sqlalchemy import Pagination from marshmallow import Schema as MarshmallowSchema @@ -136,7 +137,39 @@ class DeviceView(View): else: return self.one_private(id) + def get_rols(self): + if not g.user.is_authenticated: + return [] + + if 'trublo' not in app.blueprints.keys(): + return [] + + if not session.get('token_dlt'): + return [] + + token_dlt = session.get('token_dlt') + api_dlt = app.config.get('API_DLT') + if not token_dlt or not api_dlt: + return [] + + api = API(api_dlt, token_dlt, "ethereum") + + result = api.check_user_roles() + if result.get('Status') != 200: + return [] + + if 'Success' not in result.get('Data', {}).get('status'): + return [] + + rols = result.get('Data', {}).get('data', {}) + return [(k, k) for k, v in rols.items() if v] + def one_public(self, id: int): + rols = self.get_rols() + # rols = [("isOperator", "isOperator"), ("Inspector", "Inspector"), ("Recicler", "Recicler")] + rol = len(rols) == 1 and rols[0][0] or None + if 'rol' in request.args: + rol = dict(rols).get(request.args.get('rol')) devices = Device.query.filter_by(devicehub_id=id, active=True).all() if not devices: devices = [Device.query.filter_by(dhid_bk=id, active=True).one()] @@ -159,6 +192,9 @@ class DeviceView(View): device_real=device_real, states=states, abstract=abstract, + rols=rols, + rol=rol, + user=g.user, ) @auth.Auth.requires_auth