simon987/Simple-Incremental-Search-Tool
1
0
Fork 0
mirror of https://github.com/simon987/Simple-Incremental-Search-Tool.git synced 2025-04-19 18:16:45 +00:00
Code Issues Projects Releases Wiki Activity

Unauthorised pages are blocked

Browse Source
This commit is contained in:
simon 2018-04-25 13:30:54 -04:00
parent c1a59b7e9b
commit f06cc9e4a4
4 changed files with 161 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crawler.py
View File

@ -12,7 +12,6 @@ from thumbnail import ThumbnailGenerator
from storage import Directory from storage import Directory
import shutil import shutil
import config import config
from ctypes import c_char_p
class RunningTask: class RunningTask:

262
run.py
View File

@ -57,7 +57,6 @@ def login():
session["username"] = username session["username"] = username
session["admin"] = storage.users()[username].admin session["admin"] = storage.users()[username].admin
print(session["admin"])
flash("Successfully logged in", "success") flash("Successfully logged in", "success")
else: else:
flash("Invalid username or password", "danger") flash("Invalid username or password", "danger")
@ -68,23 +67,31 @@ def login():
@app.route("/user") @app.route("/user")
def user_page(): def user_page():
return render_template("user.html", users=storage.users()) if "admin" in session and session["admin"]:
return render_template("user.html", users=storage.users())
else:
flash("You are not authorized to access this page")
return redirect("/")
@app.route("/user/add", methods=['POST']) @app.route("/user/add", methods=['POST'])
def user_add(): def user_add():
username = request.form["username"] if "admin" in session and session["admin"]:
password = bcrypt.hashpw(request.form["password"].encode("utf-8"), bcrypt.gensalt(config.bcrypt_rounds)) username = request.form["username"]
is_admin = True if "is_admin" in request.form else False password = bcrypt.hashpw(request.form["password"].encode("utf-8"), bcrypt.gensalt(config.bcrypt_rounds))
is_admin = True if "is_admin" in request.form else False
try: try:
storage.save_user(User(username, password, is_admin)) storage.save_user(User(username, password, is_admin))
flash("Created new user", "success") flash("Created new user", "success")
except DuplicateUserException: except DuplicateUserException:
flash("<strong>Couldn't create user</strong> Make sure that the username is unique", "danger") flash("<strong>Couldn't create user</strong> Make sure that the username is unique", "danger")
return redirect("/user") return redirect("/user")
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/suggest") @app.route("/suggest")
@ -220,183 +227,232 @@ def scroll_route():
@app.route("/directory") @app.route("/directory")
def dir_list(): def dir_list():
return render_template("directory.html", directories=storage.dirs()) if "admin" in session and session["admin"]:
return render_template("directory.html", directories=storage.dirs())
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/directory/add") @app.route("/directory/add")
def directory_add(): def directory_add():
path = request.args.get("path") if "admin" in session and session["admin"]:
name = request.args.get("name") path = request.args.get("path")
name = request.args.get("name")
if path is not None and name is not None: if path is not None and name is not None:
d = Directory(path, True, [], name) d = Directory(path, True, [], name)
try: try:
d.set_default_options() d.set_default_options()
storage.save_directory(d) storage.save_directory(d)
flash("<strong>Created directory</strong>", "success") flash("<strong>Created directory</strong>", "success")
except DuplicateDirectoryException: except DuplicateDirectoryException:
flash("<strong>Couldn't create directory</strong> Make sure that the path is unique", "danger") flash("<strong>Couldn't create directory</strong> Make sure that the path is unique", "danger")
return redirect("/directory") return redirect("/directory")
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/directory/<int:dir_id>") @app.route("/directory/<int:dir_id>")
def directory_manage(dir_id): def directory_manage(dir_id):
directory = storage.dirs()[dir_id] if "admin" in session and session["admin"]:
tn_size = get_dir_size("static/thumbnails/" + str(dir_id)) directory = storage.dirs()[dir_id]
tn_size_formatted = humanfriendly.format_size(tn_size) tn_size = get_dir_size("static/thumbnails/" + str(dir_id))
tn_size_formatted = humanfriendly.format_size(tn_size)
return render_template("directory_manage.html", directory=directory, tn_size=tn_size, return render_template("directory_manage.html", directory=directory, tn_size=tn_size,
tn_size_formatted=tn_size_formatted) tn_size_formatted=tn_size_formatted)
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/directory/<int:dir_id>/update") @app.route("/directory/<int:dir_id>/update")
def directory_update(dir_id): def directory_update(dir_id):
directory = storage.dirs()[dir_id] if "admin" in session and session["admin"]:
directory = storage.dirs()[dir_id]
name = request.args.get("name") name = request.args.get("name")
name = directory.name if name is None else name name = directory.name if name is None else name
enabled = request.args.get("enabled") enabled = request.args.get("enabled")
enabled = directory.enabled if enabled is None else int(enabled) enabled = directory.enabled if enabled is None else int(enabled)
path = request.args.get("path") path = request.args.get("path")
path = directory.path if path is None else path path = directory.path if path is None else path
# Only name and enabled status can be updated # Only name and enabled status can be updated
updated_dir = Directory(path, enabled, directory.options, name) updated_dir = Directory(path, enabled, directory.options, name)
updated_dir.id = dir_id updated_dir.id = dir_id
try: try:
storage.update_directory(updated_dir) storage.update_directory(updated_dir)
flash("<strong>Updated directory</strong>", "success") flash("<strong>Updated directory</strong>", "success")
except DuplicateDirectoryException: except DuplicateDirectoryException:
flash("<strong>Couldn't update directory</strong> Make sure that the path is unique", "danger") flash("<strong>Couldn't update directory</strong> Make sure that the path is unique", "danger")
return redirect("/directory/" + str(dir_id)) return redirect("/directory/" + str(dir_id))
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/directory/<int:dir_id>/update_opt") @app.route("/directory/<int:dir_id>/update_opt")
def directory_update_opt(dir_id): def directory_update_opt(dir_id):
opt_id = request.args.get("id") if "admin" in session and session["admin"]:
opt_key = request.args.get("key") opt_id = request.args.get("id")
opt_value = request.args.get("value") opt_key = request.args.get("key")
opt_value = request.args.get("value")
storage.update_option(Option(opt_key, opt_value, dir_id, opt_id)) storage.update_option(Option(opt_key, opt_value, dir_id, opt_id))
return redirect("/directory/" + str(dir_id)) return redirect("/directory/" + str(dir_id))
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/directory/<int:dir_id>/del") @app.route("/directory/<int:dir_id>/del")
def directory_del(dir_id): def directory_del(dir_id):
if "admin" in session and session["admin"]:
search.delete_directory(dir_id)
if os.path.exists("static/thumbnails/" + str(dir_id)):
shutil.rmtree("static/thumbnails/" + str(dir_id))
search.delete_directory(dir_id) storage.remove_directory(dir_id)
if os.path.exists("static/thumbnails/" + str(dir_id)): flash("<strong>Deleted directory</strong>", "success")
shutil.rmtree("static/thumbnails/" + str(dir_id))
storage.remove_directory(dir_id) return redirect("/directory")
flash("<strong>Deleted directory</strong>", "success") else:
flash("You are not authorized to access this page", "warning")
return redirect("/directory") return redirect("/")
@app.route("/directory/<int:dir_id>/reset") @app.route("/directory/<int:dir_id>/reset")
def directory_reset(dir_id): def directory_reset(dir_id):
directory = storage.dirs()[dir_id]
for opt in directory.options: if "admin" in session and session["admin"]:
storage.del_option(opt.id) directory = storage.dirs()[dir_id]
directory.set_default_options() for opt in directory.options:
storage.del_option(opt.id)
for opt in directory.options: directory.set_default_options()
opt.dir_id = dir_id
storage.save_option(opt)
storage.dir_cache_outdated = True for opt in directory.options:
opt.dir_id = dir_id
storage.save_option(opt)
search.delete_directory(dir_id) storage.dir_cache_outdated = True
flash("<strong>Reset directory options to default settings</strong>", "success") search.delete_directory(dir_id)
return redirect("directory/" + str(dir_id))
flash("<strong>Reset directory options to default settings</strong>", "success")
return redirect("directory/" + str(dir_id))
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/task") @app.route("/task")
def task(): def task():
if "admin" in session and session["admin"]:
return render_template("task.html", tasks=storage.tasks(), directories=storage.dirs(), return render_template("task.html", tasks=storage.tasks(), directories=storage.dirs(),
task_list=json.dumps(list(storage.tasks().keys()))) task_list=json.dumps(list(storage.tasks().keys())))
# return render_template("task.html", tasks=storage.tasks(), directories=storage.dirs()) else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/task/current") @app.route("/task/current")
def get_current_task(): def get_current_task():
if "admin" in session and session["admin"]:
if tm and tm.current_task: if tm and tm.current_task:
return tm.current_task.to_json() return tm.current_task.to_json()
else:
return ""
else: else:
return "" flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/task/add") @app.route("/task/add")
def task_add(): def task_add():
type = request.args.get("type") if "admin" in session and session["admin"]:
directory = request.args.get("directory") task_type = request.args.get("type")
directory = request.args.get("directory")
storage.save_task(Task(type, directory)) storage.save_task(Task(task_type, directory))
return redirect("/task") return redirect("/task")
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/task/<int:task_id>/del") @app.route("/task/<int:task_id>/del")
def task_del(task_id): def task_del(task_id):
storage.del_task(task_id) if "admin" in session and session["admin"]:
storage.del_task(task_id)
if tm.current_task is not None and task_id == tm.current_task.task.id: if tm.current_task is not None and task_id == tm.current_task.task.id:
tm.cancel_task() tm.cancel_task()
return redirect("/task") return redirect("/task")
else:
flash("You are not authorized to access this page", "warning")
return redirect("/")
@app.route("/reset_es") @app.route("/reset_es")
def reset_es(): def reset_es():
if "admin" in session and session["admin"]:
flash("Elasticsearch index has been reset. Modifications made in <b>config.py</b> have been applied.", "success")
flash("Elasticsearch index has been reset. Modifications made in <b>config.py</b> have been applied.", "success") tm.indexer.init()
if os.path.exists("static/thumbnails"):
shutil.rmtree("static/thumbnails")
tm.indexer.init() return redirect("/dashboard")
if os.path.exists("static/thumbnails"): else:
shutil.rmtree("static/thumbnails") flash("You are not authorized to access this page", "warning")
return redirect("/")
return redirect("/dashboard")
@app.route("/dashboard") @app.route("/dashboard")
def dashboard(): def dashboard():
if "admin" in session and session["admin"]:
tn_sizes = {}
tn_size_total = 0
for directory in storage.dirs():
tn_size = get_dir_size("static/thumbnails/" + str(directory))
tn_size_formatted = humanfriendly.format_size(tn_size)
tn_sizes = {} tn_sizes[directory] = tn_size_formatted
tn_size_total = 0 tn_size_total += tn_size
for directory in storage.dirs():
tn_size = get_dir_size("static/thumbnails/" + str(directory))
tn_size_formatted = humanfriendly.format_size(tn_size)
tn_sizes[directory] = tn_size_formatted tn_size_total_formatted = humanfriendly.format_size(tn_size_total)
tn_size_total += tn_size
tn_size_total_formatted = humanfriendly.format_size(tn_size_total) return render_template("dashboard.html", version=config.VERSION, tn_sizes=tn_sizes,
tn_size_total=tn_size_total_formatted,
doc_size=humanfriendly.format_size(search.get_doc_size()),
doc_count=search.get_doc_count(),
db_path=config.db_path,
elasticsearch_url=config.elasticsearch_url,
index_size=humanfriendly.format_size(search.get_index_size()))
return render_template("dashboard.html", version=config.VERSION, tn_sizes=tn_sizes, else:
tn_size_total=tn_size_total_formatted, flash("You are not authorized to access this page", "warning")
doc_size=humanfriendly.format_size(search.get_doc_size()), return redirect("/")
doc_count=search.get_doc_count(),
db_path=config.db_path,
elasticsearch_url=config.elasticsearch_url,
index_size=humanfriendly.format_size(search.get_index_size()))
if __name__ == "__main__": if __name__ == "__main__":

2
templates/dashboard.html
View File

@ -5,7 +5,7 @@
<div class="container"> <div class="container">
<div class="card"> <div class="card">
<div class="card-header">FSE Information</div> <div class="card-header">Global Information</div>
<div class="card-body"> <div class="card-body">
<table class="info-table table-hover table-striped"> <table class="info-table table-hover table-striped">
<tbody> <tbody>

2
templates/user.html
View File

@ -44,7 +44,7 @@
<tbody> <tbody>
{% for user in users %} {% for user in users %}
<tr> <tr>
<td>{{ user }}</td> <td style="width: 80%;">{{ user }}</td>
<td><i class="far {{ "fa-check-square" if users[user].admin else "fa-square" }}"></i></td> <td><i class="far {{ "fa-check-square" if users[user].admin else "fa-square" }}"></i></td>
<td><a href="/user/{{ user }}" class="btn btn-primary">Manage</a></td> <td><a href="/user/{{ user }}" class="btn btn-primary">Manage</a></td>
</tr> </tr>