# -*- coding: utf-8 -*-
"""
(c) 2014 - Copyright Red Hat Inc
Authors:
Pierre-Yves Chibon <pingou@pingoured.fr>
"""
from functools import wraps
import flask
import progit.forms
from progit import (APP, SESSION, LOG, cla_required, authenticated,
generate_gitolite_acls, generate_authorized_key_file,
is_admin)
def admin_required(function):
""" Flask decorator to retrict access to admins of progit.
"""
@wraps(function)
def decorated_function(*args, **kwargs):
""" Decorated function, actually does the work. """
if not authenticated():
return flask.redirect(
flask.url_for('auth_login', next=flask.request.url))
elif not is_admin():
flask.flash('Access restricted', 'error')
return flask.redirect(flask.url_for('.index'))
return function(*args, **kwargs)
return decorated_function
# Application
@APP.route('/admin')
@admin_required
def admin_index():
""" Front page of the admin section of the application.
"""
form = progit.forms.ConfirmationForm()
return flask.render_template(
'admin_index.html', form=form,
)
@APP.route('/admin/gitolite', methods=['POST'])
@admin_required
def admin_generate_acl():
""" Regenerate the gitolite ACL file. """
form = progit.forms.ConfirmationForm()
if form.validate_on_submit():
generate_gitolite_acls()
flask.flash('Gitolite ACLs updated')
return flask.redirect(flask.url_for('admin_index'))
@APP.route('/admin/ssh', methods=['POST'])
@admin_required
def admin_refresh_ssh():
""" Regenerate the gitolite ACL file. """
form = progit.forms.ConfirmationForm()
if form.validate_on_submit():
generate_authorized_key_file()
flask.flash('Authorized file updated')
return flask.redirect(flask.url_for('admin_index'))