From e86ac0f94cb85eacc85efdbf32b4d76b6022b4b5 Mon Sep 17 00:00:00 2001 From: Jiri Vrany Date: Thu, 18 Jan 2024 13:01:38 +0100 Subject: [PATCH] Bugfix/autoescape (#35) * rename all j2 files back to html * add Markup to dashboard to render tables from macros --- config.example.py | 4 +- flowapp/__init__.py | 8 ++-- flowapp/instance_config.py | 6 +-- flowapp/templates/errors/{401.j2 => 401.html} | 2 +- flowapp/templates/errors/{404.j2 => 404.html} | 2 +- flowapp/templates/errors/{500.j2 => 500.html} | 2 +- .../forms/{api_key.j2 => api_key.html} | 4 +- .../forms/{ipv4_rule.j2 => ipv4_rule.html} | 4 +- .../forms/{ipv6_rule.j2 => ipv6_rule.html} | 4 +- .../forms/{macros.j2 => macros.html} | 0 .../forms/{rtbh_rule.j2 => rtbh_rule.html} | 4 +- .../templates/forms/{rule.j2 => rule.html} | 2 +- .../{simple_form.j2 => simple_form.html} | 4 +- .../layouts/{default.j2 => default.html} | 0 flowapp/templates/{macros.j2 => macros.html} | 0 .../pages/{actions.j2 => actions.html} | 2 +- .../pages/{api_key.j2 => api_key.html} | 2 +- .../pages/{as_paths.j2 => as_paths.html} | 2 +- .../{communities.j2 => communities.html} | 2 +- ...ashboard_admin.j2 => dashboard_admin.html} | 4 +- ...hboard_search.j2 => dashboard_search.html} | 6 +-- ...{dashboard_user.j2 => dashboard_user.html} | 6 +-- ...{dashboard_view.j2 => dashboard_view.html} | 6 +-- ...ashboard_whois.j2 => dashboard_whois.html} | 2 +- .../pages/{logout.j2 => logout.html} | 2 +- .../templates/pages/{logs.j2 => logs.html} | 2 +- .../templates/pages/{orgs.j2 => orgs.html} | 2 +- ...nu_dashboard.j2 => submenu_dashboard.html} | 0 ...rd_view.j2 => submenu_dashboard_view.html} | 0 .../templates/pages/{users.j2 => users.html} | 2 +- flowapp/views/admin.py | 32 ++++++------- flowapp/views/api_keys.py | 4 +- flowapp/views/dashboard.py | 45 ++++++++++--------- flowapp/views/rules.py | 14 +++--- 34 files changed, 91 insertions(+), 90 deletions(-) rename flowapp/templates/errors/{401.j2 => 401.html} (83%) rename flowapp/templates/errors/{404.j2 => 404.html} (78%) rename flowapp/templates/errors/{500.j2 => 500.html} (76%) rename flowapp/templates/forms/{api_key.j2 => api_key.html} (88%) rename flowapp/templates/forms/{ipv4_rule.j2 => ipv4_rule.html} (96%) rename flowapp/templates/forms/{ipv6_rule.j2 => ipv6_rule.html} (96%) rename flowapp/templates/forms/{macros.j2 => macros.html} (100%) rename flowapp/templates/forms/{rtbh_rule.j2 => rtbh_rule.html} (95%) rename flowapp/templates/forms/{rule.j2 => rule.html} (98%) rename flowapp/templates/forms/{simple_form.j2 => simple_form.html} (70%) rename flowapp/templates/layouts/{default.j2 => default.html} (100%) rename flowapp/templates/{macros.j2 => macros.html} (100%) rename flowapp/templates/pages/{actions.j2 => actions.html} (96%) rename flowapp/templates/pages/{api_key.j2 => api_key.html} (95%) rename flowapp/templates/pages/{as_paths.j2 => as_paths.html} (95%) rename flowapp/templates/pages/{communities.j2 => communities.html} (97%) rename flowapp/templates/pages/{dashboard_admin.j2 => dashboard_admin.html} (89%) rename flowapp/templates/pages/{dashboard_search.j2 => dashboard_search.html} (73%) rename flowapp/templates/pages/{dashboard_user.j2 => dashboard_user.html} (88%) rename flowapp/templates/pages/{dashboard_view.j2 => dashboard_view.html} (75%) rename flowapp/templates/pages/{dashboard_whois.j2 => dashboard_whois.html} (83%) rename flowapp/templates/pages/{logout.j2 => logout.html} (79%) rename flowapp/templates/pages/{logs.j2 => logs.html} (97%) rename flowapp/templates/pages/{orgs.j2 => orgs.html} (95%) rename flowapp/templates/pages/{submenu_dashboard.j2 => submenu_dashboard.html} (100%) rename flowapp/templates/pages/{submenu_dashboard_view.j2 => submenu_dashboard_view.html} (100%) rename flowapp/templates/pages/{users.j2 => users.html} (96%) diff --git a/config.example.py b/config.example.py index 956ba963..08c53ba7 100644 --- a/config.example.py +++ b/config.example.py @@ -8,10 +8,10 @@ class Config(): # Flask testing TESTING = False # SSO auth enabled - SSO_AUTH = False + SSO_AUTH = True # Authentication is done outside the app, use HTTP header to get the user uuid. # If SSO_AUTH is set to True, this option is ignored and SSO auth is used. - HEADER_AUTH = True + HEADER_AUTH = False # Name of HTTP header containing the UUID of authenticated user. # Only used when HEADER_AUTH is set to True AUTH_HEADER_NAME = 'X-Authenticated-User' diff --git a/flowapp/__init__.py b/flowapp/__init__.py index 536ac51f..95b8afdc 100644 --- a/flowapp/__init__.py +++ b/flowapp/__init__.py @@ -87,13 +87,13 @@ def logout(): def ext_login(): header_name = app.config.get("AUTH_HEADER_NAME", 'X-Authenticated-User') if header_name not in request.headers: - return render_template("errors/401.j2") + return render_template("errors/401.html") uuid = request.headers.get(header_name) if uuid: try: _register_user_to_session(uuid) except AttributeError: - return render_template("errors/401.j2") + return render_template("errors/401.html") return redirect("/") @app.route("/") @@ -136,12 +136,12 @@ def shutdown_session(exception=None): # HTTP error handling @app.errorhandler(404) def not_found(error): - return render_template("errors/404.j2"), 404 + return render_template("errors/404.html"), 404 @app.errorhandler(500) def internal_error(exception): app.logger.error(exception) - return render_template("errors/500.j2"), 500 + return render_template("errors/500.html"), 500 @app.context_processor def utility_processor(): diff --git a/flowapp/instance_config.py b/flowapp/instance_config.py index d2ae8743..548261be 100644 --- a/flowapp/instance_config.py +++ b/flowapp/instance_config.py @@ -99,7 +99,7 @@ class InstanceConfig: DASHBOARD = { "ipv4": { "name": "IPv4", - "macro_file": "macros.j2", + "macro_file": "macros.html", "macro_tbody": "build_ip_tbody", "macro_thead": "build_rules_thead", "table_colspan": 10, @@ -107,7 +107,7 @@ class InstanceConfig: }, "ipv6": { "name": "IPv6", - "macro_file": "macros.j2", + "macro_file": "macros.html", "macro_tbody": "build_ip_tbody", "macro_thead": "build_rules_thead", "table_colspan": 10, @@ -115,7 +115,7 @@ class InstanceConfig: }, "rtbh": { "name": "RTBH", - "macro_file": "macros.j2", + "macro_file": "macros.html", "macro_tbody": "build_rtbh_tbody", "macro_thead": "build_rules_thead", "table_colspan": 5, diff --git a/flowapp/templates/errors/401.j2 b/flowapp/templates/errors/401.html similarity index 83% rename from flowapp/templates/errors/401.j2 rename to flowapp/templates/errors/401.html index 6fea372d..6da05328 100755 --- a/flowapp/templates/errors/401.j2 +++ b/flowapp/templates/errors/401.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block content %}

Could not log you in.

401: Unauthorized

diff --git a/flowapp/templates/errors/404.j2 b/flowapp/templates/errors/404.html similarity index 78% rename from flowapp/templates/errors/404.j2 rename to flowapp/templates/errors/404.html index 0bd068c0..8bccd1d7 100644 --- a/flowapp/templates/errors/404.j2 +++ b/flowapp/templates/errors/404.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block content %}

Sorry ...

There's nothing here!

diff --git a/flowapp/templates/errors/500.j2 b/flowapp/templates/errors/500.html similarity index 76% rename from flowapp/templates/errors/500.j2 rename to flowapp/templates/errors/500.html index ff0a04be..e6aa9ebf 100644 --- a/flowapp/templates/errors/500.j2 +++ b/flowapp/templates/errors/500.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block content %}

Error ...

Sorry ;-)

diff --git a/flowapp/templates/forms/api_key.j2 b/flowapp/templates/forms/api_key.html similarity index 88% rename from flowapp/templates/forms/api_key.j2 rename to flowapp/templates/forms/api_key.html index d1128583..9d8901cb 100644 --- a/flowapp/templates/forms/api_key.j2 +++ b/flowapp/templates/forms/api_key.html @@ -1,5 +1,5 @@ -{% extends 'layouts/default.j2' %} -{% from 'forms/macros.j2' import render_field %} +{% extends 'layouts/default.html' %} +{% from 'forms/macros.html' import render_field %} {% block title %}Add New Machine with ApiKey{% endblock %} {% block content %}

Add new ApiKey for your machine

diff --git a/flowapp/templates/forms/ipv4_rule.j2 b/flowapp/templates/forms/ipv4_rule.html similarity index 96% rename from flowapp/templates/forms/ipv4_rule.j2 rename to flowapp/templates/forms/ipv4_rule.html index 38427809..c1c7d233 100644 --- a/flowapp/templates/forms/ipv4_rule.j2 +++ b/flowapp/templates/forms/ipv4_rule.html @@ -1,5 +1,5 @@ -{% extends 'layouts/default.j2' %} -{% from 'forms/macros.j2' import render_field %} +{% extends 'layouts/default.html' %} +{% from 'forms/macros.html' import render_field %} {% block title %}Add IPv4 rule{% endblock %} {% block content %}

{{ title or 'New'}} IPv4 rule

diff --git a/flowapp/templates/forms/ipv6_rule.j2 b/flowapp/templates/forms/ipv6_rule.html similarity index 96% rename from flowapp/templates/forms/ipv6_rule.j2 rename to flowapp/templates/forms/ipv6_rule.html index 2732ee7e..8929c99e 100644 --- a/flowapp/templates/forms/ipv6_rule.j2 +++ b/flowapp/templates/forms/ipv6_rule.html @@ -1,5 +1,5 @@ -{% extends 'layouts/default.j2' %} -{% from 'forms/macros.j2' import render_field %} +{% extends 'layouts/default.html' %} +{% from 'forms/macros.html' import render_field %} {% block title %}Add IPv6 rule{% endblock %} {% block content %}

{{ title or 'New'}} IPv6 rule

diff --git a/flowapp/templates/forms/macros.j2 b/flowapp/templates/forms/macros.html similarity index 100% rename from flowapp/templates/forms/macros.j2 rename to flowapp/templates/forms/macros.html diff --git a/flowapp/templates/forms/rtbh_rule.j2 b/flowapp/templates/forms/rtbh_rule.html similarity index 95% rename from flowapp/templates/forms/rtbh_rule.j2 rename to flowapp/templates/forms/rtbh_rule.html index ebb0e8b1..986c081b 100644 --- a/flowapp/templates/forms/rtbh_rule.j2 +++ b/flowapp/templates/forms/rtbh_rule.html @@ -1,5 +1,5 @@ -{% extends 'layouts/default.j2' %} -{% from 'forms/macros.j2' import render_field %} +{% extends 'layouts/default.html' %} +{% from 'forms/macros.html' import render_field %} {% block title %}Add RTBH rule{% endblock %} {% block content %}

{{ title or 'New'}} RTBH rule

diff --git a/flowapp/templates/forms/rule.j2 b/flowapp/templates/forms/rule.html similarity index 98% rename from flowapp/templates/forms/rule.j2 rename to flowapp/templates/forms/rule.html index 5d03bc4d..1a1c94bb 100644 --- a/flowapp/templates/forms/rule.j2 +++ b/flowapp/templates/forms/rule.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Add IPv4 rule{% endblock %} {% block content %}
diff --git a/flowapp/templates/forms/simple_form.j2 b/flowapp/templates/forms/simple_form.html similarity index 70% rename from flowapp/templates/forms/simple_form.j2 rename to flowapp/templates/forms/simple_form.html index 4e91260d..170c74a9 100644 --- a/flowapp/templates/forms/simple_form.j2 +++ b/flowapp/templates/forms/simple_form.html @@ -1,5 +1,5 @@ -{% extends 'layouts/default.j2' %} -{% from 'forms/macros.j2' import render_form %} +{% extends 'layouts/default.html' %} +{% from 'forms/macros.html' import render_form %} {% block title %} {{ title }} diff --git a/flowapp/templates/layouts/default.j2 b/flowapp/templates/layouts/default.html similarity index 100% rename from flowapp/templates/layouts/default.j2 rename to flowapp/templates/layouts/default.html diff --git a/flowapp/templates/macros.j2 b/flowapp/templates/macros.html similarity index 100% rename from flowapp/templates/macros.j2 rename to flowapp/templates/macros.html diff --git a/flowapp/templates/pages/actions.j2 b/flowapp/templates/pages/actions.html similarity index 96% rename from flowapp/templates/pages/actions.j2 rename to flowapp/templates/pages/actions.html index cdf73e15..44b904b4 100644 --- a/flowapp/templates/pages/actions.j2 +++ b/flowapp/templates/pages/actions.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec Actions{% endblock %} {% block content %} diff --git a/flowapp/templates/pages/api_key.j2 b/flowapp/templates/pages/api_key.html similarity index 95% rename from flowapp/templates/pages/api_key.j2 rename to flowapp/templates/pages/api_key.html index dabba735..0b3ee32b 100644 --- a/flowapp/templates/pages/api_key.j2 +++ b/flowapp/templates/pages/api_key.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}ExaFS - ApiKeys{% endblock %} {% block content %}

Your machines and ApiKeys

diff --git a/flowapp/templates/pages/as_paths.j2 b/flowapp/templates/pages/as_paths.html similarity index 95% rename from flowapp/templates/pages/as_paths.j2 rename to flowapp/templates/pages/as_paths.html index 97cf0134..369fda03 100644 --- a/flowapp/templates/pages/as_paths.j2 +++ b/flowapp/templates/pages/as_paths.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}AS Paths{% endblock %} {% block content %}
diff --git a/flowapp/templates/pages/communities.j2 b/flowapp/templates/pages/communities.html similarity index 97% rename from flowapp/templates/pages/communities.j2 rename to flowapp/templates/pages/communities.html index ce39b54c..b0005bbc 100644 --- a/flowapp/templates/pages/communities.j2 +++ b/flowapp/templates/pages/communities.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec RTBH communities{% endblock %} {% block content %}
diff --git a/flowapp/templates/pages/dashboard_admin.j2 b/flowapp/templates/pages/dashboard_admin.html similarity index 89% rename from flowapp/templates/pages/dashboard_admin.j2 rename to flowapp/templates/pages/dashboard_admin.html index 00d6caff..df140526 100644 --- a/flowapp/templates/pages/dashboard_admin.j2 +++ b/flowapp/templates/pages/dashboard_admin.html @@ -1,10 +1,10 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec{% endblock %} {% block content %} - {% include 'pages/submenu_dashboard.j2' %} + {% include 'pages/submenu_dashboard.html' %} {% if display_rules %}
diff --git a/flowapp/templates/pages/dashboard_search.j2 b/flowapp/templates/pages/dashboard_search.html similarity index 73% rename from flowapp/templates/pages/dashboard_search.j2 rename to flowapp/templates/pages/dashboard_search.html index 12405d4b..c56442f1 100644 --- a/flowapp/templates/pages/dashboard_search.j2 +++ b/flowapp/templates/pages/dashboard_search.html @@ -1,10 +1,10 @@ -{% extends 'layouts/default.j2' %} -{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} +{% extends 'layouts/default.html' %} +{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} {% block title %}Flowspec{% endblock %} {% block content %} - {% include 'pages/submenu_dashboard.j2' %} + {% include 'pages/submenu_dashboard.html' %}
diff --git a/flowapp/templates/pages/dashboard_user.j2 b/flowapp/templates/pages/dashboard_user.html similarity index 88% rename from flowapp/templates/pages/dashboard_user.j2 rename to flowapp/templates/pages/dashboard_user.html index dd68f295..683f5436 100644 --- a/flowapp/templates/pages/dashboard_user.j2 +++ b/flowapp/templates/pages/dashboard_user.html @@ -1,11 +1,11 @@ -{% extends 'layouts/default.j2' %} -{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} +{% extends 'layouts/default.html' %} +{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} {% block title %}Flowspec{% endblock %} {% block content %} - {% include 'pages/submenu_dashboard.j2' %} + {% include 'pages/submenu_dashboard.html' %} diff --git a/flowapp/templates/pages/dashboard_view.j2 b/flowapp/templates/pages/dashboard_view.html similarity index 75% rename from flowapp/templates/pages/dashboard_view.j2 rename to flowapp/templates/pages/dashboard_view.html index ee36d2d6..ae14146c 100644 --- a/flowapp/templates/pages/dashboard_view.j2 +++ b/flowapp/templates/pages/dashboard_view.html @@ -1,11 +1,11 @@ -{% extends 'layouts/default.j2' %} -{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} +{% extends 'layouts/default.html' %} +{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %} {% block title %}Flowspec{% endblock %} {% block content %} - {% include 'pages/submenu_dashboard_view.j2' %} + {% include 'pages/submenu_dashboard_view.html' %} {% if display_rules %}

{{ rstate|capitalize }} {{ table_title }}

diff --git a/flowapp/templates/pages/dashboard_whois.j2 b/flowapp/templates/pages/dashboard_whois.html similarity index 83% rename from flowapp/templates/pages/dashboard_whois.j2 rename to flowapp/templates/pages/dashboard_whois.html index 6d7162aa..d8a75c8d 100644 --- a/flowapp/templates/pages/dashboard_whois.j2 +++ b/flowapp/templates/pages/dashboard_whois.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec{% endblock %} {% block content %} diff --git a/flowapp/templates/pages/logout.j2 b/flowapp/templates/pages/logout.html similarity index 79% rename from flowapp/templates/pages/logout.j2 rename to flowapp/templates/pages/logout.html index 88bb23ea..58a18020 100644 --- a/flowapp/templates/pages/logout.j2 +++ b/flowapp/templates/pages/logout.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec - logout{% endblock %} {% block content %}

Good Bye

diff --git a/flowapp/templates/pages/logs.j2 b/flowapp/templates/pages/logs.html similarity index 97% rename from flowapp/templates/pages/logs.j2 rename to flowapp/templates/pages/logs.html index 8176e96a..7816677e 100644 --- a/flowapp/templates/pages/logs.j2 +++ b/flowapp/templates/pages/logs.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec Users{% endblock %} {% block content %}

Commands log / latest on top

diff --git a/flowapp/templates/pages/orgs.j2 b/flowapp/templates/pages/orgs.html similarity index 95% rename from flowapp/templates/pages/orgs.j2 rename to flowapp/templates/pages/orgs.html index d9af2f6b..3184160a 100644 --- a/flowapp/templates/pages/orgs.j2 +++ b/flowapp/templates/pages/orgs.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec Organziations{% endblock %} {% block content %}
diff --git a/flowapp/templates/pages/submenu_dashboard.j2 b/flowapp/templates/pages/submenu_dashboard.html similarity index 100% rename from flowapp/templates/pages/submenu_dashboard.j2 rename to flowapp/templates/pages/submenu_dashboard.html diff --git a/flowapp/templates/pages/submenu_dashboard_view.j2 b/flowapp/templates/pages/submenu_dashboard_view.html similarity index 100% rename from flowapp/templates/pages/submenu_dashboard_view.j2 rename to flowapp/templates/pages/submenu_dashboard_view.html diff --git a/flowapp/templates/pages/users.j2 b/flowapp/templates/pages/users.html similarity index 96% rename from flowapp/templates/pages/users.j2 rename to flowapp/templates/pages/users.html index 46e2ae40..f230abdb 100644 --- a/flowapp/templates/pages/users.j2 +++ b/flowapp/templates/pages/users.html @@ -1,4 +1,4 @@ -{% extends 'layouts/default.j2' %} +{% extends 'layouts/default.html' %} {% block title %}Flowspec Users{% endblock %} {% block content %}
diff --git a/flowapp/views/admin.py b/flowapp/views/admin.py index 8c996b51..4b8cc66b 100644 --- a/flowapp/views/admin.py +++ b/flowapp/views/admin.py @@ -39,7 +39,7 @@ def log(page): .filter(Log.time > week_ago) .paginate(page=page, per_page=per_page, max_per_page=None, error_out=False) ) - return render_template("pages/logs.j2", logs=logs) + return render_template("pages/logs.html", logs=logs) @admin.route("/user", methods=["GET", "POST"]) @@ -74,7 +74,7 @@ def user(): action_url = url_for("admin.user") return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Add new user to Flowspec", form=form, action_url=action_url, @@ -103,7 +103,7 @@ def edit_user(user_id): action_url = url_for("admin.edit_user", user_id=user_id) return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Editing {}".format(user.email), form=form, action_url=action_url, @@ -136,7 +136,7 @@ def delete_user(user_id): @admin_required def users(): users = User.query.all() - return render_template("pages/users.j2", users=users) + return render_template("pages/users.html", users=users) @admin.route("/organizations") @@ -144,7 +144,7 @@ def users(): @admin_required def organizations(): orgs = db.session.query(Organization).all() - return render_template("pages/orgs.j2", orgs=orgs) + return render_template("pages/orgs.html", orgs=orgs) @admin.route("/organization", methods=["GET", "POST"]) @@ -169,7 +169,7 @@ def organization(): action_url = url_for("admin.organization") return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Add new organization to Flowspec", form=form, action_url=action_url, @@ -191,7 +191,7 @@ def edit_organization(org_id): action_url = url_for("admin.edit_organization", org_id=org.id) return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Editing {}".format(org.name), form=form, action_url=action_url, @@ -224,7 +224,7 @@ def delete_organization(org_id): @admin_required def as_paths(): mpaths = db.session.query(ASPath).all() - return render_template("pages/as_paths.j2", paths=mpaths) + return render_template("pages/as_paths.html", paths=mpaths) @admin.route("/as-path", methods=["GET", "POST"]) @@ -247,7 +247,7 @@ def as_path(): action_url = url_for("admin.as_path") return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Add new AS-path to Flowspec", form=form, action_url=action_url, @@ -269,7 +269,7 @@ def edit_as_path(path_id): action_url = url_for("admin.edit_as_path", path_id=pth.id) return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Editing {}".format(pth.prefix), form=form, action_url=action_url, @@ -296,7 +296,7 @@ def delete_as_path(path_id): @admin_required def actions(): actions = db.session.query(Action).all() - return render_template("pages/actions.j2", actions=actions) + return render_template("pages/actions.html", actions=actions) @admin.route("/action", methods=["GET", "POST"]) @@ -329,7 +329,7 @@ def action(): action_url = url_for("admin.action") return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Add new action to Flowspec", form=form, action_url=action_url, @@ -351,7 +351,7 @@ def edit_action(action_id): action_url = url_for("admin.edit_action", action_id=action.id) return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Editing {}".format(action.name), form=form, action_url=action_url, @@ -383,7 +383,7 @@ def delete_action(action_id): @admin_required def communities(): communities = db.session.query(Community).all() - return render_template("pages/communities.j2", communities=communities) + return render_template("pages/communities.html", communities=communities) @admin.route("/community", methods=["GET", "POST"]) @@ -416,7 +416,7 @@ def community(): community_url = url_for("admin.community") return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Add new community to Flowspec", form=form, community_url=community_url, @@ -438,7 +438,7 @@ def edit_community(community_id): community_url = url_for("admin.edit_community", community_id=community.id) return render_template( - "forms/simple_form.j2", + "forms/simple_form.html", title="Editing {}".format(community.name), form=form, community_url=community_url, diff --git a/flowapp/views/api_keys.py b/flowapp/views/api_keys.py index cf909b01..a40c1ec5 100644 --- a/flowapp/views/api_keys.py +++ b/flowapp/views/api_keys.py @@ -35,7 +35,7 @@ def all(): payload = {"keys": [key.id for key in keys]} encoded = jwt.encode(payload, jwt_key, algorithm="HS256") - resp = make_response(render_template("pages/api_key.j2", keys=keys)) + resp = make_response(render_template("pages/api_key.html", keys=keys)) if current_app.config.get("DEVEL"): resp.set_cookie(COOKIE_KEY, encoded, httponly=True, samesite="Lax") @@ -73,7 +73,7 @@ def add(): % (getattr(form, field).label.text, error) ) - return render_template("forms/api_key.j2", form=form, generated_key=generated) + return render_template("forms/api_key.html", form=form, generated_key=generated) @api_keys.route("/delete/", methods=["GET"]) diff --git a/flowapp/views/dashboard.py b/flowapp/views/dashboard.py index 6c179d94..1f63159c 100644 --- a/flowapp/views/dashboard.py +++ b/flowapp/views/dashboard.py @@ -11,6 +11,7 @@ make_response, abort, ) +from markupsafe import Markup from flowapp import models, validators, flowspec from flowapp.auth import auth_required from flowapp.constants import ( @@ -36,7 +37,7 @@ def whois(ip_address): result = subprocess.run(["whois", ip_address], stdout=subprocess.PIPE) return render_template( - "pages/dashboard_whois.j2", + "pages/dashboard_whois.html", result=result.stdout.decode("utf-8"), ip_address=ip_address, ) @@ -74,7 +75,7 @@ def index(rtype=None, rstate="active"): # get the macros for the current rule type from config # warning no checks here, if the config is set to non existing macro the app will crash macro_file = ( - current_app.config["DASHBOARD"].get(rtype).get("macro_file", "macros.j2") + current_app.config["DASHBOARD"].get(rtype).get("macro_file", "macros.html") ) macro_tbody = ( current_app.config["DASHBOARD"].get(rtype).get("macro_tbody", "build_ip_tbody") @@ -160,7 +161,7 @@ def create_dashboard_table_body( rtype, editable=True, group_op=True, - macro_file="macros.j2", + macro_file="macros.html", macro_name="build_ip_tbody", ): """ @@ -193,7 +194,7 @@ def create_dashboard_table_head( sort_order, search_query="", group_op=True, - macro_file="macros.j2", + macro_file="macros.html", macro_name="build_rules_thead", ): """ @@ -232,7 +233,7 @@ def create_dashboard_table_head( def create_dashboard_table_foot( - colspan=10, macro_file="macros.j2", macro_name="build_group_buttons_tfoot" + colspan=10, macro_file="macros.html", macro_name="build_group_buttons_tfoot" ): """ create the table foot for the dashboard using a jinja2 macro @@ -260,7 +261,7 @@ def create_admin_response( table_title, search_query="", count_match=DEFAULT_COUNT_MATCH, - macro_file="macros.j2", + macro_file="macros.html", macro_tbody="build_ip_tbody", macro_thead="build_rules_thead", macro_tfoot="build_group_buttons_tfoot", @@ -298,14 +299,14 @@ def create_admin_response( res = make_response( render_template( - "pages/dashboard_admin.j2", + "pages/dashboard_admin.html", display_rules=len(rules), table_title=table_title, css_classes=active_css_rstate(rtype, rstate), count_match=count_match, - dashboard_table_body=dashboard_table_body, - dashboard_table_head=dashboard_table_head, - dashboard_table_foot=dashboard_table_foot, + dashboard_table_body=Markup(dashboard_table_body), + dashboard_table_head=Markup(dashboard_table_head), + dashboard_table_foot=Markup(dashboard_table_foot), rules_columns=table_columns, rtype=rtype, rstate=rstate, @@ -329,7 +330,7 @@ def create_user_response( table_title, search_query="", count_match=DEFAULT_COUNT_MATCH, - macro_file="macros.j2", + macro_file="macros.html", macro_tbody="build_ip_tbody", macro_thead="build_rules_thead", macro_tfoot="build_rules_tfoot", @@ -405,17 +406,17 @@ def create_user_response( res = make_response( render_template( - "pages/dashboard_user.j2", + "pages/dashboard_user.html", table_title=table_title, rules_columns=table_columns, - dashboard_table_editable=dashboard_table_editable, - dashboard_table_readonly=dashboard_table_readonly, + dashboard_table_editable=Markup(dashboard_table_editable), + dashboard_table_readonly=Markup(dashboard_table_readonly), display_editable=display_editable, display_readonly=display_readonly, css_classes=active_css_rstate(rtype, rstate), - dashboard_table_editable_head=dashboard_table_editable_head, - dashboard_table_readonly_head=dashboard_table_readonly_head, - dashboard_table_foot=dashboard_table_foot, + dashboard_table_editable_head=Markup(dashboard_table_editable_head), + dashboard_table_readonly_head=Markup(dashboard_table_readonly_head), + dashboard_table_foot=Markup(dashboard_table_foot), rtype=rtype, rstate=rstate, sort_key=sort_key, @@ -439,7 +440,7 @@ def create_view_response( table_title, search_query="", count_match=DEFAULT_COUNT_MATCH, - macro_file="macros.j2", + macro_file="macros.html", macro_tbody="build_ip_tbody", macro_thead="build_rules_thead", macro_tfoot="build_rules_tfoot", @@ -479,7 +480,7 @@ def create_view_response( res = make_response( render_template( - "pages/dashboard_view.j2", + "pages/dashboard_view.html", table_title=table_title, rules_columns=table_columns, display_rules=len(rules), @@ -488,9 +489,9 @@ def create_view_response( count_match=count_match, rstate=rstate, rtype=rtype, - dashboard_table_body=dashboard_table_body, - dashboard_table_head=dashboard_table_head, - dashboard_table_foot=dashboard_table_foot, + dashboard_table_body=Markup(dashboard_table_body), + dashboard_table_head=Markup(dashboard_table_head), + dashboard_table_foot=Markup(dashboard_table_foot), ) ) diff --git a/flowapp/views/rules.py b/flowapp/views/rules.py index 6b30b2e2..b2e29565 100644 --- a/flowapp/views/rules.py +++ b/flowapp/views/rules.py @@ -48,9 +48,9 @@ DATA_FORMS = {1: RTBHForm, 4: IPv4Form, 6: IPv6Form} DATA_FORMS_NAMED = {"rtbh": RTBHForm, "ipv4": IPv4Form, "ipv6": IPv6Form} DATA_TEMPLATES = { - 1: "forms/rtbh_rule.j2", - 4: "forms/ipv4_rule.j2", - 6: "forms/ipv6_rule.j2", + 1: "forms/rtbh_rule.html", + 4: "forms/ipv4_rule.html", + 6: "forms/ipv6_rule.html", } DATA_TABLES = {1: "RTBH", 4: "flowspec4", 6: "flowspec6"} DEFAULT_SORT = {1: "ivp4", 4: "source", 6: "source"} @@ -482,7 +482,7 @@ def ipv4_rule(): form.expires.data = default_expires return render_template( - "forms/ipv4_rule.j2", form=form, action_url=url_for("rules.ipv4_rule") + "forms/ipv4_rule.html", form=form, action_url=url_for("rules.ipv4_rule") ) @@ -559,7 +559,7 @@ def ipv6_rule(): form.expires.data = default_expires return render_template( - "forms/ipv6_rule.j2", form=form, action_url=url_for("rules.ipv6_rule") + "forms/ipv6_rule.html", form=form, action_url=url_for("rules.ipv6_rule") ) @@ -631,7 +631,7 @@ def rtbh_rule(): form.expires.data = default_expires return render_template( - "forms/rtbh_rule.j2", form=form, action_url=url_for("rules.rtbh_rule") + "forms/rtbh_rule.html", form=form, action_url=url_for("rules.rtbh_rule") ) @@ -651,7 +651,7 @@ def export(): announce_all_routes() return render_template( - "pages/dashboard_admin.j2", + "pages/dashboard_admin.html", rules=rules, actions=actions, rules_rtbh=rules_rtbh,