From eba6af3b1e63988a29dbebf955fa7e4d453b12c4 Mon Sep 17 00:00:00 2001
From: Patrick Jentsch <pjentsch@sfb1288inf-Laptop.fritz.box>
Date: Thu, 26 Mar 2020 16:14:09 +0100
Subject: [PATCH] Replace the default function decorators with new socketio
specific ones
---
app/corpora/events.py | 11 ++++++-----
app/decorators.py | 35 +++++++++++++++++++++++++----------
app/events.py | 12 +++++-------
3 files changed, 36 insertions(+), 22 deletions(-)
diff --git a/app/corpora/events.py b/app/corpora/events.py
index 0f3828ec..88af8fb7 100644
--- a/app/corpora/events.py
+++ b/app/corpora/events.py
@@ -1,9 +1,10 @@
from app import db, logger, socketio
+from app.decorators import socketio_login_required
from app.events import connected_sessions
from app.models import Corpus, User
from .cqi import CQiClient
from flask import current_app, request
-from flask_login import current_user, login_required
+from flask_login import current_user
import math
@@ -23,13 +24,13 @@ corpus_analysis_clients_status = {}
@socketio.on('send_analysis_status_cli')
-@login_required
+@socketio_login_required
def update_status(response):
update_analysis_status(response['status'])
@socketio.on('corpus_analysis_init')
-@login_required
+@socketio_login_required
def init_corpus_analysis(corpus_id):
logger.warning('Initiating corpus analysis.')
socketio.start_background_task(corpus_analysis_session_handler,
@@ -39,7 +40,7 @@ def init_corpus_analysis(corpus_id):
@socketio.on('corpus_analysis_query')
-@login_required
+@socketio_login_required
def corpus_analysis_query(query):
update_analysis_status('running')
logger.warning('Recieved a query.')
@@ -113,7 +114,7 @@ def get_analysis_status():
@socketio.on('inspect_match')
-@login_required
+@socketio_login_required
def inspect_match(message):
client = corpus_analysis_clients.get(request.sid)
if client is None:
diff --git a/app/decorators.py b/app/decorators.py
index 14ddc034..c45f6d29 100644
--- a/app/decorators.py
+++ b/app/decorators.py
@@ -1,19 +1,34 @@
from functools import wraps
from flask import abort
from flask_login import current_user
+from flask_socketio import disconnect
from .models import Permission
-def permission_required(permission):
- def decorator(f):
- @wraps(f)
- def decorated_function(*args, **kwargs):
- if not current_user.can(permission):
- abort(403)
+def admin_required(f):
+ @wraps(f)
+ def wrapped(*args, **kwargs):
+ if not current_user.can(Permission.ADMIN):
+ abort(403)
+ return f(*args, **kwargs)
+ return wrapped
+
+
+def socketio_login_required(f):
+ @wraps(f)
+ def wrapped(*args, **kwargs):
+ if not current_user.is_authenticated:
+ disconnect()
+ else:
return f(*args, **kwargs)
- return decorated_function
- return decorator
+ return wrapped
-def admin_required(f):
- return permission_required(Permission.ADMIN)(f)
+def socketio_admin_required(f):
+ @wraps(f)
+ def wrapped(*args, **kwargs):
+ if not current_user.can(Permission.ADMIN):
+ disconnect()
+ else:
+ return f(*args, **kwargs)
+ return wrapped
diff --git a/app/events.py b/app/events.py
index c292ce7a..31484705 100644
--- a/app/events.py
+++ b/app/events.py
@@ -1,7 +1,7 @@
from flask import current_app, request
-from flask_login import current_user, login_required
+from flask_login import current_user
from . import socketio
-from .decorators import admin_required
+from .decorators import socketio_admin_required, socketio_login_required
from .models import User
import json
import jsonpatch
@@ -16,7 +16,6 @@ connected_sessions = []
@socketio.on('connect')
-@login_required
def connect():
'''
' The Socket.IO module creates a session id (sid) for each request.
@@ -26,7 +25,6 @@ def connect():
@socketio.on('disconnect')
-@login_required
def disconnect():
'''
' On disconnect the session id gets removed from the connected sessions
@@ -36,7 +34,7 @@ def disconnect():
@socketio.on('user_ressources_init')
-@login_required
+@socketio_login_required
def subscribe_user_ressources():
socketio.start_background_task(user_ressource_session_handler,
current_app._get_current_object(),
@@ -44,8 +42,8 @@ def subscribe_user_ressources():
@socketio.on('foreign_user_ressources_init')
-@login_required
-@admin_required
+@socketio_login_required
+@socketio_admin_required
def subscribe_foreign_user_ressources(user_id):
socketio.start_background_task(user_ressource_session_handler,
current_app._get_current_object(),
--
GitLab