Blame progit/admin.py

Pierre-Yves Chibon 5c8cc5
#-*- coding: utf-8 -*-
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
"""
Pierre-Yves Chibon 5c8cc5
 (c) 2014 - Copyright Red Hat Inc
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
 Authors:
Pierre-Yves Chibon 5c8cc5
   Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
"""
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 4351ee
from functools import wraps
Pierre-Yves Chibon 4351ee
Pierre-Yves Chibon 5c8cc5
import flask
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 4351ee
from progit import (APP, SESSION, LOG, cla_required, authenticated,
Pierre-Yves Chibon f9f284
                    generate_gitolite_acls, generate_authorized_key_file,
Pierre-Yves Chibon f9f284
                    is_admin)
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 4351ee
def admin_required(function):
Pierre-Yves Chibon 4351ee
    """ Flask decorator to retrict access to admins of progit.
Pierre-Yves Chibon 4351ee
    """
Pierre-Yves Chibon 4351ee
    @wraps(function)
Pierre-Yves Chibon 4351ee
    def decorated_function(*args, **kwargs):
Pierre-Yves Chibon 4351ee
        """ Decorated function, actually does the work. """
Pierre-Yves Chibon 4351ee
        if not authenticated():
Pierre-Yves Chibon 4351ee
            return flask.redirect(
Pierre-Yves Chibon 4351ee
                flask.url_for('auth_login', next=flask.request.url))
Pierre-Yves Chibon 4351ee
        elif not is_admin():
Pierre-Yves Chibon 4351ee
            flask.flash('Access restricted', 'error')
Pierre-Yves Chibon 4351ee
            return flask.redirect(flask.url_for('.index'))
Pierre-Yves Chibon 4351ee
        return function(*args, **kwargs)
Pierre-Yves Chibon 4351ee
    return decorated_function
Pierre-Yves Chibon 4351ee
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
### Application
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
@APP.route('/admin')
Pierre-Yves Chibon 8c19ac
@admin_required
Pierre-Yves Chibon 5c8cc5
def admin_index():
Pierre-Yves Chibon 5c8cc5
    """ Front page of the admin section of the application.
Pierre-Yves Chibon 5c8cc5
    """
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
    return flask.render_template(
Pierre-Yves Chibon 5c8cc5
        'admin_index.html',
Pierre-Yves Chibon 5c8cc5
    )
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
@APP.route('/admin/gitolite')
Pierre-Yves Chibon 8c19ac
@admin_required
Pierre-Yves Chibon 5c8cc5
def admin_generate_acl():
Pierre-Yves Chibon 5c8cc5
    """ Regenerate the gitolite ACL file. """
Pierre-Yves Chibon 5c8cc5
    generate_gitolite_acls()
Pierre-Yves Chibon 5c8cc5
    flask.flash('Gitolite ACLs updated')
Pierre-Yves Chibon 5c8cc5
    return flask.redirect(flask.url_for('admin_index'))
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
Pierre-Yves Chibon 5c8cc5
@APP.route('/admin/ssh')
Pierre-Yves Chibon 8c19ac
@admin_required
Pierre-Yves Chibon 5c8cc5
def admin_refresh_ssh():
Pierre-Yves Chibon 5c8cc5
    """ Regenerate the gitolite ACL file. """
Pierre-Yves Chibon 5c8cc5
    generate_authorized_key_file()
Pierre-Yves Chibon 5c8cc5
    flask.flash('Authorized file updated')
Pierre-Yves Chibon 5c8cc5
    return flask.redirect(flask.url_for('admin_index'))