We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
lxconsole
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 287d28fb10
Branches Tags
lxconsole
/
lxconsole
/
routes.py

routes.py 11 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253 
  1. from flask import render_template, send_file, url_for, flash, redirect, request, session
    2. 

  2. from lxconsole import app, db, bcrypt
    3. 

  3. from lxconsole.forms import RegistrationForm, LoginForm
    4. 

  4. from lxconsole.models import User, Server, Simplestream, Group, AccessControl, UserGroup
    5. 

  5. from flask_login import login_user, current_user, logout_user, login_required
    6. 

  6. from lxconsole.api import api
    7. 

  7. 

  8. app.register_blueprint(api)
    9. 

  9. 

  10. @app.route("/")
    11. 

  11. def home():
    12. 

  12.   if current_user.is_authenticated:
    13. 

  13.     return redirect(url_for('servers'))
    14. 

  14.   else:
    15. 

  15.     if User.query.first():
    16. 

  16.       return redirect(url_for('login'))
    17. 

  17.     if not Simplestream.query.first():
    18. 

  18.       images_simplestream = Simplestream(url='https://images.linuxcontainers.org', alias='images')
    19. 

  19.       ubuntu_simplestream = Simplestream(url='https://cloud-images.ubuntu.com/releases', alias='ubuntu')
    20. 

  20.       ubuntu_daily_simplestream = Simplestream(url='https://cloud-images.ubuntu.com/daily', alias='ubuntu-daily')
    21. 

  21.       db.session.add(images_simplestream)
    22. 

  22.       db.session.add(ubuntu_simplestream)
    23. 

  23.       db.session.add(ubuntu_daily_simplestream)
    24. 

  24.       db.session.commit()
    25. 

  25.     if not Group.query.first():
    26. 

  26.       administrators_group = Group(name='Administrators', description='Default administrators group')
    27. 

  27.       operators_group = Group(name='Operators', description='Default operators')
    28. 

  28.       users_group = Group(name='Users', description='Default users group')
    29. 

  29.       auditors_group = Group(name='Auditors', description='Default auditors group')
    30. 

  30.       db.session.add(administrators_group)
    31. 

  31.       db.session.add(operators_group)
    32. 

  32.       db.session.add(users_group)
    33. 

  33.       db.session.add(auditors_group)
    34. 

  34.       db.session.commit()
    35. 

  35.     if not AccessControl.query.first():
    36. 

  36.       administrators_access_control = AccessControl(group_id=1, role_id=1, server_id=0, scope='global', description='Default access control for Administrators')
    37. 

  37.       operators_access_control = AccessControl(group_id=2, role_id=2, server_id=0, scope='global', description='Default access control for Operators')
    38. 

  38.       users_access_control = AccessControl(group_id=3, role_id=3, server_id=0, scope='global', description='Default access control for Users')
    39. 

  39.       auditors_access_control = AccessControl(group_id=4, role_id=4, server_id=0, scope='global', description='Default access control for Auditors')
    40. 

  40.       db.session.add(administrators_access_control)
    41. 

  41.       db.session.add(operators_access_control)
    42. 

  42.       db.session.add(users_access_control)
    43. 

  43.       db.session.add(auditors_access_control)
    44. 

  44.       db.session.commit()
    45. 

  45.   return redirect(url_for('register'))
    46. 

  46.     
    47. 

  47. @app.route("/certificates")
    48. 

  48. @login_required
    49. 

  49. def certificates():
    50. 

  50.   return render_template('certificates.html', page_title='Certificates', page_user_id=current_user.id, page_username=current_user.username,)
    51. 

  51. 

  52. @app.route("/cluster-groups")
    53. 

  53. @login_required
    54. 

  54. def cluster_groups():
    55. 

  55.   return render_template('cluster-groups.html', page_title='Cluster Groups', page_user_id=current_user.id, page_username=current_user.username,)
    56. 

  56. 

  57. @app.route("/cluster-members")
    58. 

  58. @login_required
    59. 

  59. def cluster_members():
    60. 

  60.   return render_template('cluster-members.html', page_title='Cluster Members', page_user_id=current_user.id, page_username=current_user.username,)
    61. 

  61. 

  62. @app.route("/images")
    63. 

  63. @login_required
    64. 

  64. def images():
    65. 

  65.   return render_template('images.html', page_title='Images', page_user_id=current_user.id, page_username=current_user.username,)
    66. 

  66. 

  67. @app.route("/instance")
    68. 

  68. @login_required
    69. 

  69. def instance():
    70. 

  70.   return render_template('instance.html', page_title='Instance', page_user_id=current_user.id, page_username=current_user.username,)
    71. 

  71. 

  72. @app.route("/instances")
    73. 

  73. @login_required
    74. 

  74. def instances():
    75. 

  75.   return render_template('instances.html', page_title='Instances', page_user_id=current_user.id, page_username=current_user.username,)
    76. 

  76. 

  77. @app.route("/network-acl")
    78. 

  78. @login_required
    79. 

  79. def network_acl():
    80. 

  80.   return render_template('network-acl.html', page_title='Network ACL', page_user_id=current_user.id, page_username=current_user.username,)
    81. 

  81. 

  82. @app.route("/network-acls")
    83. 

  83. @login_required
    84. 

  84. def network_acls():
    85. 

  85.   return render_template('network-acls.html', page_title='Network ACLs', page_user_id=current_user.id, page_username=current_user.username,)
    86. 

  86. 

  87. @app.route("/network-zones")
    88. 

  88. @login_required
    89. 

  89. def network_zones():
    90. 

  90.   return render_template('network-zones.html', page_title='Network Zones', page_user_id=current_user.id, page_username=current_user.username,)
    91. 

  91. 

  92. @app.route("/network")
    93. 

  93. @login_required
    94. 

  94. def network():
    95. 

  95.   return render_template('network.html', page_title='Network', page_user_id=current_user.id, page_username=current_user.username,)
    96. 

  96. 

  97. @app.route("/networks")
    98. 

  98. @login_required
    99. 

  99. def networks():
    100. 

  100.   return render_template('networks.html', page_title='Networks', page_user_id=current_user.id, page_username=current_user.username,)
    101. 

  101. 

  102. @app.route("/operations")
    103. 

  103. @login_required
    104. 

  104. def operations():
    105. 

  105.   return render_template('operations.html', page_title='Operations', page_user_id=current_user.id, page_username=current_user.username,)
    106. 

  106. 

  107. @app.route("/profiles")
    108. 

  108. @login_required
    109. 

  109. def profiles():
    110. 

  110.   return render_template('profiles.html', page_title='Profiles', page_user_id=current_user.id, page_username=current_user.username,)
    111. 

  111. 

  112. @app.route("/projects")
    113. 

  113. @login_required
    114. 

  114. def projects():
    115. 

  115.   return render_template('projects.html', page_title='Projects', page_user_id=current_user.id, page_username=current_user.username,)
    116. 

  116. 

  117. @app.route("/server")
    118. 

  118. @login_required
    119. 

  119. def server():
    120. 

  120.   return render_template('server.html', page_title='Server', page_user_id=current_user.id, page_username=current_user.username,)
    121. 

  121. 

  122. @app.route("/servers")
    123. 

  123. @login_required
    124. 

  124. def servers():
    125. 

  125.   return render_template('servers.html', page_title='Servers', page_user_id=current_user.id, page_username=current_user.username, client_crt=session['client_crt'])
    126. 

  126. 

  127. @app.route("/simplestreams")
    128. 

  128. @login_required
    129. 

  129. def simplestreams():
    130. 

  130.   return render_template('simplestreams.html', page_title='Simplestreams', page_user_id=current_user.id, page_username=current_user.username,)
    131. 

  131. 

  132. @app.route("/storage-pools")
    133. 

  133. @login_required
    134. 

  134. def storage_pools():
    135. 

  135.   return render_template('storage-pools.html', page_title='Storage Pools', page_user_id=current_user.id, page_username=current_user.username,)
    136. 

  136. 

  137. @app.route("/storage-volumes")
    138. 

  138. @login_required
    139. 

  139. def storage_volumes():
    140. 

  140.   return render_template('storage-volumes.html', page_title='Storage Volumes', page_user_id=current_user.id, page_username=current_user.username,)
    141. 

  141. 

  142. @app.route("/backups/<serverId>/<project>/<instance>/<filename>")
    143. 

  143. @login_required
    144. 

  144. def backups(serverId, project, instance, filename):
    145. 

  145.   return send_file('../backups/' + serverId + '/' + project + '/' + instance + '/' + filename )
    146. 

  146. 

  147. 

  148. @app.route("/register", methods=['GET', 'POST'])
    149. 

  149. def register():
    150. 

  150.   if current_user.is_authenticated:
    151. 

  151.     return redirect(url_for('servers'))
    152. 

  152.   if User.query.first():
    153. 

  153.     return redirect(url_for('login'))
    154. 

  154.   else:
    155. 

  155.     form = RegistrationForm()
    156. 

  156.     if form.validate_on_submit():
    157. 

  157.       hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
    158. 

  158.       user = User(username=form.username.data, email=form.email.data, password=hashed_password)
    159. 

  159.       db.session.add(user)
    160. 

  160.       db.session.commit()
    161. 

  161.       user_group = UserGroup(user_id=1, group_id=1)
    162. 

  162.       db.session.add(user_group)
    163. 

  163.       db.session.commit()
    164. 

  164.       flash('Your account has been created! You are now able to log in', 'success')
    165. 

  165.       return redirect(url_for('login'))
    166. 

  166.     return render_template('register.html', title='Register', form=form)
    167. 

  167. 

  168. 

  169. @app.route("/login", methods=['GET', 'POST'])
    170. 

  170. def login():
    171. 

  171.   if current_user.is_authenticated:
    172. 

  172.     return redirect(url_for('servers'))
    173. 

  173.   form = LoginForm()
    174. 

  174.   if form.validate_on_submit():
    175. 

  175.     user = User.query.filter_by(username=form.username.data).first()
    176. 

  176.     if user and bcrypt.check_password_hash(user.password, form.password.data):
    177. 

  177.       login_user(user, remember=form.remember.data)
    178. 

  178.       next_page = request.args.get('next')
    179. 

  179. 

  180.       with open('certs/client.crt', 'r') as file:
    181. 

  181.         session['client_crt'] = file.read()
    182. 

  182. 

  183.       session['roles'] = [
    184. 

  184.         {'id': 1, 'name': 'Administrator', 'description': 'Default role with full privileges'},
    185. 

  185.         {'id': 2, 'name': 'Operator', 'description': 'Default role granting all LXD-based privileges'},
    186. 

  186.         {'id': 3, 'name': 'User', 'description': 'Default role with limited privileges'},
    187. 

  187.         {'id': 4, 'name': 'Auditor', 'description': 'Default role with read-only privileges'},
    188. 

  188.       ]
    189. 

  189.       session['global_roles'] = []
    190. 

  190.       session['host_roles'] = []
    191. 

  191.       groups = UserGroup.query.filter_by(user_id=current_user.id).all()
    192. 

  192.       print(groups)
    193. 

  193.       for group in groups:
    194. 

  194.         print(group)
    195. 

  195.         print(group.group_id)
    196. 

  196.         access_controls = AccessControl.query.filter_by(group_id=group.group_id).all()
    197. 

  197.         print(access_controls)
    198. 

  198.         for access_control in access_controls:
    199. 

  199.           print(access_control)
    200. 

  200.           if access_control.scope == 'global':
    201. 

  201.             print(access_control.scope)
    202. 

  202.             for role in session['roles']:
    203. 

  203.               print(role['id'])
    204. 

  204.               print(access_control.role_id)
    205. 

  205.               if role['id'] == access_control.role_id:
    206. 

  206.                 session['global_roles'].append(str(role['name']))
    207. 

  207.                 print(role['name'])
    208. 

  208.           if access_control.scope == 'host':
    209. 

  209.             for role in session['roles']:
    210. 

  210.               if role['id'] == access_control.role_id:
    211. 

  211.                 session['host_roles'][access_control.server_id].append(str(role['name']))
    212. 

  212. 

  213.       return redirect(next_page) if next_page else redirect(url_for('servers'))
    214. 

  214.     else:
    215. 

  215.       flash('Login Unsuccessful. Please check username and password', 'danger')
    216. 

  216.   return render_template('login.html', title='Login', form=form)
    217. 

  217. 

  218. 

  219. @app.route("/logout")
    220. 

  220. def logout():
    221. 

  221.   logout_user()
    222. 

  222.   return redirect(url_for('home'))
    223. 

  223. 

  224. 

  225. @app.route("/account")
    226. 

  226. @login_required
    227. 

  227. def account():
    228. 

  228.   return render_template('account.html', title='Account')
    229. 

  229. 

  230. @app.route("/users")
    231. 

  231. @login_required
    232. 

  232. def users():
    233. 

  233.   return render_template('users.html', page_title='Users', page_user_id=current_user.id, page_username=current_user.username,)
    234. 

  234. 

  235. @app.route("/groups")
    236. 

  236. @login_required
    237. 

  237. def groups():
    238. 

  238.   return render_template('groups.html', page_title='Groups', page_user_id=current_user.id, page_username=current_user.username,)
    239. 

  239. 

  240. @app.route("/roles")
    241. 

  241. @login_required
    242. 

  242. def roles():
    243. 

  243.   return render_template('roles.html', page_title='Roles', page_user_id=current_user.id, page_username=current_user.username,)
    244. 

  244. 

  245. @app.route("/access-controls")
    246. 

  246. @login_required
    247. 

  247. def access_controls():
    248. 

  248.   return render_template('access-controls.html', page_title='Access Controls', page_user_id=current_user.id, page_username=current_user.username,)
    249. 

  249. 

  250. @app.route("/logs")
    251. 

  251. @login_required
    252. 

  252. def logs():
    253. 

  253.   return render_template('logs.html', page_title='Logs', page_user_id=current_user.id, page_username=current_user.username,)
    254.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5