Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bugfix/autoescape #35

Merged
merged 2 commits into from
Jan 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions config.example.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ class Config():
# Flask testing
TESTING = False
# SSO auth enabled
SSO_AUTH = False
SSO_AUTH = True
# Authentication is done outside the app, use HTTP header to get the user uuid.
# If SSO_AUTH is set to True, this option is ignored and SSO auth is used.
HEADER_AUTH = True
HEADER_AUTH = False
# Name of HTTP header containing the UUID of authenticated user.
# Only used when HEADER_AUTH is set to True
AUTH_HEADER_NAME = 'X-Authenticated-User'
Expand Down
8 changes: 4 additions & 4 deletions flowapp/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -87,13 +87,13 @@ def logout():
def ext_login():
header_name = app.config.get("AUTH_HEADER_NAME", 'X-Authenticated-User')
if header_name not in request.headers:
return render_template("errors/401.j2")
return render_template("errors/401.html")
uuid = request.headers.get(header_name)
if uuid:
try:
_register_user_to_session(uuid)
except AttributeError:
return render_template("errors/401.j2")
return render_template("errors/401.html")
return redirect("/")

@app.route("/")
Expand Down Expand Up @@ -136,12 +136,12 @@ def shutdown_session(exception=None):
# HTTP error handling
@app.errorhandler(404)
def not_found(error):
return render_template("errors/404.j2"), 404
return render_template("errors/404.html"), 404

@app.errorhandler(500)
def internal_error(exception):
app.logger.error(exception)
return render_template("errors/500.j2"), 500
return render_template("errors/500.html"), 500

@app.context_processor
def utility_processor():
Expand Down
6 changes: 3 additions & 3 deletions flowapp/instance_config.py
Original file line number Diff line number Diff line change
Expand Up @@ -99,23 +99,23 @@ class InstanceConfig:
DASHBOARD = {
"ipv4": {
"name": "IPv4",
"macro_file": "macros.j2",
"macro_file": "macros.html",
"macro_tbody": "build_ip_tbody",
"macro_thead": "build_rules_thead",
"table_colspan": 10,
"table_columns": RULES_COLUMNS_V6,
},
"ipv6": {
"name": "IPv6",
"macro_file": "macros.j2",
"macro_file": "macros.html",
"macro_tbody": "build_ip_tbody",
"macro_thead": "build_rules_thead",
"table_colspan": 10,
"table_columns": RULES_COLUMNS_V6,
},
"rtbh": {
"name": "RTBH",
"macro_file": "macros.j2",
"macro_file": "macros.html",
"macro_tbody": "build_rtbh_tbody",
"macro_thead": "build_rules_thead",
"table_colspan": 5,
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block content %}
<h1>Could not log you in.</h1>
<p class="form-text">401: Unauthorized</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block content %}
<h1>Sorry ...</h1>
<p>There's nothing here!</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block content %}
<h1>Error ...</h1>
<p>Sorry ;-)</p>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends 'layouts/default.j2' %}
{% from 'forms/macros.j2' import render_field %}
{% extends 'layouts/default.html' %}
{% from 'forms/macros.html' import render_field %}
{% block title %}Add New Machine with ApiKey{% endblock %}
{% block content %}
<h2>Add new ApiKey for your machine</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends 'layouts/default.j2' %}
{% from 'forms/macros.j2' import render_field %}
{% extends 'layouts/default.html' %}
{% from 'forms/macros.html' import render_field %}
{% block title %}Add IPv4 rule{% endblock %}
{% block content %}
<h2>{{ title or 'New'}} IPv4 rule</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends 'layouts/default.j2' %}
{% from 'forms/macros.j2' import render_field %}
{% extends 'layouts/default.html' %}
{% from 'forms/macros.html' import render_field %}
{% block title %}Add IPv6 rule{% endblock %}
{% block content %}
<h2>{{ title or 'New'}} IPv6 rule</h2>
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends 'layouts/default.j2' %}
{% from 'forms/macros.j2' import render_field %}
{% extends 'layouts/default.html' %}
{% from 'forms/macros.html' import render_field %}
{% block title %}Add RTBH rule{% endblock %}
{% block content %}
<h2>{{ title or 'New'}} RTBH rule</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Add IPv4 rule{% endblock %}
{% block content %}
<form action="/addrule" method="post">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{% extends 'layouts/default.j2' %}
{% from 'forms/macros.j2' import render_form %}
{% extends 'layouts/default.html' %}
{% from 'forms/macros.html' import render_form %}

{% block title %}
{{ title }}
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec Actions{% endblock %}
{% block content %}
<table class="table table-hover">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}ExaFS - ApiKeys{% endblock %}
{% block content %}
<h1>Your machines and ApiKeys</h1>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}AS Paths{% endblock %}
{% block content %}
<table class="table table-hover">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec RTBH communities{% endblock %}
{% block content %}
<table class="table table-hover">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}


{% block title %}Flowspec{% endblock %}
{% block content %}

{% include 'pages/submenu_dashboard.j2' %}
{% include 'pages/submenu_dashboard.html' %}
{% if display_rules %}
<div class="row">
<form action="{{ url_for('rules.group_operation') }}" method="post">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{% extends 'layouts/default.j2' %}
{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}
{% extends 'layouts/default.html' %}
{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}

{% block title %}Flowspec{% endblock %}
{% block content %}

{% include 'pages/submenu_dashboard.j2' %}
{% include 'pages/submenu_dashboard.html' %}

<div class="row">
<table class="table table-hover ip-table">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
{% extends 'layouts/default.j2' %}
{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}
{% extends 'layouts/default.html' %}
{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}


{% block title %}Flowspec{% endblock %}
{% block content %}

{% include 'pages/submenu_dashboard.j2' %}
{% include 'pages/submenu_dashboard.html' %}



Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
{% extends 'layouts/default.j2' %}
{% from 'macros.j2' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}
{% extends 'layouts/default.html' %}
{% from 'macros.html' import build_ip_tbody, build_rtbh_tbody, build_rules_thead %}


{% block title %}Flowspec{% endblock %}
{% block content %}

{% include 'pages/submenu_dashboard_view.j2' %}
{% include 'pages/submenu_dashboard_view.html' %}

{% if display_rules %}
<h2>{{ rstate|capitalize }} {{ table_title }}</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}

{% block title %}Flowspec{% endblock %}
{% block content %}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec - logout{% endblock %}
{% block content %}
<h1>Good Bye</h1>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec Users{% endblock %}
{% block content %}
<h2>Commands log / latest on top</h2>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec Organziations{% endblock %}
{% block content %}
<table class="table table-hover">
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{% extends 'layouts/default.j2' %}
{% extends 'layouts/default.html' %}
{% block title %}Flowspec Users{% endblock %}
{% block content %}
<table class="table table-hover">
Expand Down
32 changes: 16 additions & 16 deletions flowapp/views/admin.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ def log(page):
.filter(Log.time > week_ago)
.paginate(page=page, per_page=per_page, max_per_page=None, error_out=False)
)
return render_template("pages/logs.j2", logs=logs)
return render_template("pages/logs.html", logs=logs)


@admin.route("/user", methods=["GET", "POST"])
Expand Down Expand Up @@ -74,7 +74,7 @@ def user():

action_url = url_for("admin.user")
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Add new user to Flowspec",
form=form,
action_url=action_url,
Expand Down Expand Up @@ -103,7 +103,7 @@ def edit_user(user_id):
action_url = url_for("admin.edit_user", user_id=user_id)

return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Editing {}".format(user.email),
form=form,
action_url=action_url,
Expand Down Expand Up @@ -136,15 +136,15 @@ def delete_user(user_id):
@admin_required
def users():
users = User.query.all()
return render_template("pages/users.j2", users=users)
return render_template("pages/users.html", users=users)


@admin.route("/organizations")
@auth_required
@admin_required
def organizations():
orgs = db.session.query(Organization).all()
return render_template("pages/orgs.j2", orgs=orgs)
return render_template("pages/orgs.html", orgs=orgs)


@admin.route("/organization", methods=["GET", "POST"])
Expand All @@ -169,7 +169,7 @@ def organization():

action_url = url_for("admin.organization")
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Add new organization to Flowspec",
form=form,
action_url=action_url,
Expand All @@ -191,7 +191,7 @@ def edit_organization(org_id):

action_url = url_for("admin.edit_organization", org_id=org.id)
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Editing {}".format(org.name),
form=form,
action_url=action_url,
Expand Down Expand Up @@ -224,7 +224,7 @@ def delete_organization(org_id):
@admin_required
def as_paths():
mpaths = db.session.query(ASPath).all()
return render_template("pages/as_paths.j2", paths=mpaths)
return render_template("pages/as_paths.html", paths=mpaths)


@admin.route("/as-path", methods=["GET", "POST"])
Expand All @@ -247,7 +247,7 @@ def as_path():

action_url = url_for("admin.as_path")
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Add new AS-path to Flowspec",
form=form,
action_url=action_url,
Expand All @@ -269,7 +269,7 @@ def edit_as_path(path_id):

action_url = url_for("admin.edit_as_path", path_id=pth.id)
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Editing {}".format(pth.prefix),
form=form,
action_url=action_url,
Expand All @@ -296,7 +296,7 @@ def delete_as_path(path_id):
@admin_required
def actions():
actions = db.session.query(Action).all()
return render_template("pages/actions.j2", actions=actions)
return render_template("pages/actions.html", actions=actions)


@admin.route("/action", methods=["GET", "POST"])
Expand Down Expand Up @@ -329,7 +329,7 @@ def action():

action_url = url_for("admin.action")
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Add new action to Flowspec",
form=form,
action_url=action_url,
Expand All @@ -351,7 +351,7 @@ def edit_action(action_id):

action_url = url_for("admin.edit_action", action_id=action.id)
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Editing {}".format(action.name),
form=form,
action_url=action_url,
Expand Down Expand Up @@ -383,7 +383,7 @@ def delete_action(action_id):
@admin_required
def communities():
communities = db.session.query(Community).all()
return render_template("pages/communities.j2", communities=communities)
return render_template("pages/communities.html", communities=communities)


@admin.route("/community", methods=["GET", "POST"])
Expand Down Expand Up @@ -416,7 +416,7 @@ def community():

community_url = url_for("admin.community")
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Add new community to Flowspec",
form=form,
community_url=community_url,
Expand All @@ -438,7 +438,7 @@ def edit_community(community_id):

community_url = url_for("admin.edit_community", community_id=community.id)
return render_template(
"forms/simple_form.j2",
"forms/simple_form.html",
title="Editing {}".format(community.name),
form=form,
community_url=community_url,
Expand Down
Loading