diff --git a/.gitignore b/.gitignore index 72364f9..b41a9ae 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,11 @@ +# editor +.vscode/ + # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class - +.mypy_cache/ # C extensions *.so diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 2408413..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "python.pythonPath": "/home/theo/.local/share/virtualenvs/GeoNature-86au33ta/bin/python" -} \ No newline at end of file diff --git a/VERSION b/VERSION index 524cb55..26aaba0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.1.1 +1.2.0 diff --git a/__init__.py b/__init__.py index 5e82326..4a2bfa8 100644 --- a/__init__.py +++ b/__init__.py @@ -1,2 +1 @@ - -__version__ = "1.0.2" +__version__ = "1.2.0" \ No newline at end of file diff --git a/docs/changelog.rst b/docs/changelog.rst index f6ff63a..57d5c57 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -1,9 +1,18 @@ CHANGELOG ********* -1.1.2 (unreleased) +1.2.0 (2018-09-19) ------------------ +* Modification de la route de login pour se connecter sans passer par la table ``cor_role_droit_application`` lorsqu'on fonctionne avec le CRUVED +* Mise à jour des dépendances (``requirements.txt``) +* Mise à jour de Flask (0.12.2 à 1.0.2) + +**Corrections** + +* Correction des droits des applications filles retournées lors du login +* Correction de la redirection après logout + 1.1.1 (2018-06-18) ------------------ diff --git a/requirements.txt b/requirements.txt index 04ec5c9..81c686e 100755 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ -Flask -SQLAlchemy -Flask-SQLAlchemy -psycopg2 +flask==1.0.2 +sqlalchemy==1.1.13 +flask-sqlalchemy==2.3.2 +psycopg2==2.7.5 bcrypt \ No newline at end of file diff --git a/routes.py b/routes.py index e729937..1713cc9 100644 --- a/routes.py +++ b/routes.py @@ -23,4 +23,4 @@ sys.path.append(SRCDIR) -from pypnusershub.routes import * # noqa +from pypnusershub.routes import * # noqa \ No newline at end of file diff --git a/src/pypnusershub/__init__.py b/src/pypnusershub/__init__.py index e62b38a..e35258f 100644 --- a/src/pypnusershub/__init__.py +++ b/src/pypnusershub/__init__.py @@ -1,2 +1,2 @@ -__version__ = "0.0.2" +__version__ = "1.1.2" diff --git a/src/pypnusershub/db/models.py b/src/pypnusershub/db/models.py index 4cf20c1..6f7f4cd 100644 --- a/src/pypnusershub/db/models.py +++ b/src/pypnusershub/db/models.py @@ -19,6 +19,14 @@ db = SQLAlchemy() +def fn_check_password(self, pwd): + if (current_app.config['PASS_METHOD'] == 'md5'): + return self._password == hashlib.md5(pwd.encode('utf8')).hexdigest() + elif (current_app.config['PASS_METHOD'] == 'hash'): + return checkpw(pwd.encode('utf8'), self._password_plus.encode('utf8')) + else: + raise + class User(db.Model): __tablename__ = 't_roles' __table_args__ = {'schema': 'utilisateurs'} @@ -68,14 +76,8 @@ def password(self): @password.setter def password(self, pwd): self._password = hashlib.md5(pwd.encode('utf8')).hexdigest() - - def check_password(self, pwd): - if (current_app.config['PASS_METHOD'] == 'md5'): - return self._password == hashlib.md5(pwd.encode('utf8')).hexdigest() - elif (current_app.config['PASS_METHOD'] == 'hash'): - return checkpw(pwd.encode('utf8'), self._password_plus.encode('utf8')) - else: - raise + + check_password = fn_check_password def to_json(self): out = { @@ -189,13 +191,8 @@ class AppUser(db.Model): def password(self): return self._password - def check_password(self, pwd): - if (current_app.config['PASS_METHOD'] == 'md5'): - return self._password == hashlib.md5(pwd.encode('utf8')).hexdigest() - elif (current_app.config['PASS_METHOD'] == 'hash'): - return checkpw(pwd.encode('utf8'), self._password_plus.encode('utf8')) - else: - raise + check_password = fn_check_password + def as_dict(self): cols = (c for c in self.__table__.columns if (c.name != 'pass_plus') and (c.name != 'pass')) @@ -216,12 +213,23 @@ class VUsersactionForallGnModules(db.Model): __tablename__ = 'v_usersaction_forall_gn_modules' __table_args__ = {'schema': 'utilisateurs'} id_role = db.Column(db.Integer, primary_key=True) + nom_role = db.Column(db.Unicode) + prenom_role = db.Column(db.Unicode) id_application = db.Column(db.Integer, primary_key=True) id_organisme = db.Column(db.Integer) id_tag_action = db.Column(db.Integer, primary_key=True) tag_action_code = db.Column(db.Unicode) id_tag_object = db.Column(db.Integer, primary_key=True) tag_object_code = db.Column(db.Unicode) + identifiant = db.Column(db.Unicode) + _password = db.Column('pass', db.Unicode) + _password_plus = db.Column('pass_plus', db.Unicode) + + check_password = fn_check_password + + def as_dict(self): + cols = (c for c in self.__table__.columns if (c.name != 'pass_plus') and (c.name != 'pass')) + return {c.name: getattr(self, c.name) for c in cols} def __repr__(self): return """VUsersactionForallGnModules @@ -247,4 +255,7 @@ class TTags(db.Model): def __repr__(self): return """TTags id='{}' code='{}' name='{}'>""".format( self.id_tag, self.tag_code, self.tag_name - ) \ No newline at end of file + ) + + + \ No newline at end of file diff --git a/src/pypnusershub/routes.py b/src/pypnusershub/routes.py index 5779c04..b28609d 100755 --- a/src/pypnusershub/routes.py +++ b/src/pypnusershub/routes.py @@ -240,15 +240,15 @@ def login(): try: id_app = user_data['id_application'] login = user_data['login'] - user = (models.AppUser - .query - .filter(models.AppUser.identifiant == login) - .filter(models.AppUser.id_application == id_app) - .one()) - - user_dict = user.as_dict() if user_data.get('with_cruved', False) is True: + user = (models.VUsersactionForallGnModules + .query + .filter(models.VUsersactionForallGnModules.identifiant == login) + .filter(models.VUsersactionForallGnModules.id_application == id_app) + .first()) + assert user is not None + user_dict = user.as_dict() cruved = ( models.VUsersactionForallGnModules.query.join( models.TTags, models.TTags.id_tag == models.VUsersactionForallGnModules.id_tag_action @@ -262,7 +262,6 @@ def login(): ) ).all() ) - user_dict['rights'] = {} for c in cruved: if (c.id_application in user_dict['rights']): @@ -270,16 +269,24 @@ def login(): else: user_dict['rights'][c.id_application] = {c.tag_action_code: c.tag_object_code} else: + user = (models.AppUser + .query + .filter(models.AppUser.identifiant == login) + .filter(models.AppUser.id_application == id_app) + .one()) # Return child application sub_app = models.AppUser.query.join( models.Application, models.Application.id_application == models.AppUser.id_application ).filter( models.Application.id_parent == id_app + ).filter( + models.AppUser.id_role == user.id_role ).all() + user_dict = user.as_dict() user_dict['apps'] = {s.id_application: s.id_droit_max for s in sub_app} - + except KeyError as e: parameters = ", ".join(e.args) msg = json.dumps({ @@ -293,7 +300,7 @@ def login(): status_code = current_app.config.get('BAD_LOGIN_STATUS_CODE', 490) return Response(msg, status=status_code) - except exc.NoResultFound as e: + except (exc.NoResultFound, AssertionError) as e: msg = json.dumps({ 'type': 'login', 'msg': ( @@ -301,6 +308,7 @@ def login(): 'the application with id "{id_app}"' ).format(login=login, id_app=id_app) }) + log.info(msg) status_code = current_app.config.get('BAD_LOGIN_STATUS_CODE', 490) return Response(msg, status=status_code) @@ -338,7 +346,7 @@ def login(): @routes.route('/logout', methods=['GET', 'POST']) def logout(): - resp = redirect("/", code=302) + resp = redirect("", code=302) resp.delete_cookie('token') return resp