linuxrouter/docker/routlin-dash/app/pages/bannedips/action.py

from pathlib import Path
import copy

from flask import Blueprint, request, redirect, flash
import auth
import config_utils
import sanitize
import mod_validation as validate

_PAGE = Path(__file__).parent.name

bp = Blueprint(_PAGE, __name__)

def _row_index():
    try:
        return int(request.form.get('row_index', ''))
    except (ValueError, TypeError):
        return None


def _hash_ok():
    if not config_utils.verify_config_hash(request.form.get('config_hash', '')):
        flash('Configuration was modified by another session. Please refresh and try again.', 'error')
        return False
    return True


def _parse_ip():
    raw = request.form.get('ip', '').strip()
    if not raw:
        flash('The configuration has not been saved because an IP address, CIDR, or wildcard pattern is required.', 'error')
        return None
    ip = validate.banned_ip(raw)
    if not ip:
        flash(f'The configuration has not been saved because "{raw}" is not a valid IP address, CIDR, or wildcard pattern.', 'error')
        return None
    return ip


@bp.route('/action/bannedips/addip_add', methods=['POST'])
@auth.require_level('administrator')
def addip_add():
    description = sanitize.text(request.form.get('description', ''))
    ip          = _parse_ip()
    if ip is None:
        return redirect(f'/{_PAGE}')
    if not _hash_ok():
        return redirect(f'/{_PAGE}')

    cfg  = config_utils.load_config()
    entry = {'description': description, 'ip': ip, 'enabled': True}
    cfg.setdefault('banned_ips', []).append(entry)
    errors = validate.validate_config(cfg)
    if errors:
        for msg in errors:
            flash(msg, 'error')
        return redirect(f'/{_PAGE}')

    changes = config_utils.diff_fields(None, entry)
    flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')
    return redirect(f'/{_PAGE}')


@bp.route('/action/bannedips/table_toggle', methods=['POST'])
@auth.require_level('administrator')
def table_toggle():
    idx = _row_index()
    if idx is None:
        flash('Invalid request.', 'error')
        return redirect(f'/{_PAGE}')
    if not _hash_ok():
        return redirect(f'/{_PAGE}')

    cfg  = config_utils.load_config()
    items = cfg.get('banned_ips', [])
    if idx < 0 or idx >= len(items):
        flash('Entry not found.', 'error')
        return redirect(f'/{_PAGE}')

    old_enabled        = items[idx].get('enabled', True)
    before             = copy.deepcopy(items[idx])
    items[idx]['enabled'] = not old_enabled
    errors = validate.validate_config(cfg)
    if errors:
        for msg in errors:
            flash(msg, 'error')
        return redirect(f'/{_PAGE}')

    ip = items[idx]['ip']
    changes = config_utils.diff_fields(before, items[idx])
    flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')
    return redirect(f'/{_PAGE}')


@bp.route('/action/bannedips/table_edit', methods=['POST'])
@auth.require_level('administrator')
def table_edit():
    idx = _row_index()
    if idx is None:
        flash('Invalid request.', 'error')
        return redirect(f'/{_PAGE}')

    description = sanitize.text(request.form.get('description', ''))
    ip          = _parse_ip()
    if ip is None:
        return redirect(f'/{_PAGE}')
    enabled = request.form.get('enabled') == 'on'

    if not _hash_ok():
        return redirect(f'/{_PAGE}')

    cfg  = config_utils.load_config()
    items = cfg.get('banned_ips', [])
    if idx < 0 or idx >= len(items):
        flash('Entry not found.', 'error')
        return redirect(f'/{_PAGE}')

    before = copy.deepcopy(items[idx])
    items[idx].update({'description': description, 'ip': ip, 'enabled': enabled})
    errors = validate.validate_config(cfg)
    if errors:
        for msg in errors:
            flash(msg, 'error')
        return redirect(f'/{_PAGE}')

    changes = config_utils.diff_fields(before, items[idx])
    flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')
    return redirect(f'/{_PAGE}')


@bp.route('/action/bannedips/table_delete', methods=['POST'])
@auth.require_level('administrator')
def table_delete():
    idx = _row_index()
    if idx is None:
        flash('Invalid request.', 'error')
        return redirect(f'/{_PAGE}')
    if not _hash_ok():
        return redirect(f'/{_PAGE}')

    cfg  = config_utils.load_config()
    items = cfg.get('banned_ips', [])
    if idx < 0 or idx >= len(items):
        flash('Entry not found.', 'error')
        return redirect(f'/{_PAGE}')

    removed = items.pop(idx)
    errors = validate.validate_config(cfg)
    if errors:
        for msg in errors:
            flash(msg, 'error')
        return redirect(f'/{_PAGE}')

    changes = config_utils.diff_fields(removed, None)
    flash(config_utils.record_group(cfg, 'banned_ips', 'ip', removed['ip'], changes, 'core apply'), 'success')
    return redirect(f'/{_PAGE}')
Development 2026-05-27 22:04:04 -04:00			`from pathlib import Path`
Development 2026-05-25 16:07:21 -04:00			`import copy`

Flask app progress 2026-05-17 03:26:01 -04:00			`from flask import Blueprint, request, redirect, flash`
Development 2026-06-07 00:21:08 -04:00			`import auth`
			`import config_utils`
Flask app progress 2026-05-17 03:26:01 -04:00			`import sanitize`
Development 2026-06-05 01:48:27 -04:00			`import mod_validation as validate`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-27 22:04:04 -04:00			`_PAGE = Path(__file__).parent.name`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-27 22:04:04 -04:00			`bp = Blueprint(_PAGE, __name__)`
Flask app progress 2026-05-17 03:26:01 -04:00
			`def _row_index():`
			`try:`
			`return int(request.form.get('row_index', ''))`
			`except (ValueError, TypeError):`
			`return None`


			`def _hash_ok():`
Development 2026-06-07 00:21:08 -04:00			`if not config_utils.verify_config_hash(request.form.get('config_hash', '')):`
Flask app progress 2026-05-17 03:26:01 -04:00			`flash('Configuration was modified by another session. Please refresh and try again.', 'error')`
			`return False`
			`return True`


			`def _parse_ip():`
			`raw = request.form.get('ip', '').strip()`
			`if not raw:`
			`flash('The configuration has not been saved because an IP address, CIDR, or wildcard pattern is required.', 'error')`
			`return None`
			`ip = validate.banned_ip(raw)`
			`if not ip:`
			`flash(f'The configuration has not been saved because "{raw}" is not a valid IP address, CIDR, or wildcard pattern.', 'error')`
			`return None`
			`return ip`


Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/bannedips/addip_add', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def addip_add():`
Flask app progress 2026-05-17 03:26:01 -04:00			`description = sanitize.text(request.form.get('description', ''))`
			`ip = _parse_ip()`
			`if ip is None:`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00			`if not _hash_ok():`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`cfg = config_utils.load_config()`
Development 2026-05-25 16:07:21 -04:00			`entry = {'description': description, 'ip': ip, 'enabled': True}`
Development 2026-05-25 19:59:42 -04:00			`cfg.setdefault('banned_ips', []).append(entry)`
			`errors = validate.validate_config(cfg)`
Development 2026-05-20 17:10:18 -04:00			`if errors:`
			`for msg in errors:`
			`flash(msg, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`changes = config_utils.diff_fields(None, entry)`
			`flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/bannedips/table_toggle', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def table_toggle():`
Flask app progress 2026-05-17 03:26:01 -04:00			`idx = _row_index()`
			`if idx is None:`
			`flash('Invalid request.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00			`if not _hash_ok():`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`cfg = config_utils.load_config()`
Development 2026-05-25 19:59:42 -04:00			`items = cfg.get('banned_ips', [])`
Flask app progress 2026-05-17 03:26:01 -04:00			`if idx < 0 or idx >= len(items):`
			`flash('Entry not found.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-25 16:07:21 -04:00			`old_enabled = items[idx].get('enabled', True)`
Development 2026-05-30 14:57:33 -04:00			`before = copy.deepcopy(items[idx])`
Development 2026-05-25 16:07:21 -04:00			`items[idx]['enabled'] = not old_enabled`
Development 2026-05-25 19:59:42 -04:00			`errors = validate.validate_config(cfg)`
Development 2026-05-20 17:10:18 -04:00			`if errors:`
			`for msg in errors:`
			`flash(msg, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-30 14:57:33 -04:00			`ip = items[idx]['ip']`
Development 2026-06-07 00:21:08 -04:00			`changes = config_utils.diff_fields(before, items[idx])`
			`flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/bannedips/table_edit', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def table_edit():`
Flask app progress 2026-05-17 03:26:01 -04:00			`idx = _row_index()`
			`if idx is None:`
			`flash('Invalid request.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`description = sanitize.text(request.form.get('description', ''))`
			`ip = _parse_ip()`
			`if ip is None:`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00			`enabled = request.form.get('enabled') == 'on'`

			`if not _hash_ok():`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`cfg = config_utils.load_config()`
Development 2026-05-25 19:59:42 -04:00			`items = cfg.get('banned_ips', [])`
Flask app progress 2026-05-17 03:26:01 -04:00			`if idx < 0 or idx >= len(items):`
			`flash('Entry not found.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-05-25 16:07:21 -04:00			`before = copy.deepcopy(items[idx])`
Flask app progress 2026-05-17 03:26:01 -04:00			`items[idx].update({'description': description, 'ip': ip, 'enabled': enabled})`
Development 2026-05-25 19:59:42 -04:00			`errors = validate.validate_config(cfg)`
Development 2026-05-20 17:10:18 -04:00			`if errors:`
			`for msg in errors:`
			`flash(msg, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`changes = config_utils.diff_fields(before, items[idx])`
			`flash(config_utils.record_group(cfg, 'banned_ips', 'ip', ip, changes, 'core apply'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00

Development 2026-05-27 22:04:04 -04:00			`@bp.route('/action/bannedips/table_delete', methods=['POST'])`
Development 2026-06-07 00:21:08 -04:00			`@auth.require_level('administrator')`
Development 2026-05-27 22:04:04 -04:00			`def table_delete():`
Flask app progress 2026-05-17 03:26:01 -04:00			`idx = _row_index()`
			`if idx is None:`
			`flash('Invalid request.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00			`if not _hash_ok():`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`cfg = config_utils.load_config()`
Development 2026-05-25 19:59:42 -04:00			`items = cfg.get('banned_ips', [])`
Flask app progress 2026-05-17 03:26:01 -04:00			`if idx < 0 or idx >= len(items):`
			`flash('Entry not found.', 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
			`removed = items.pop(idx)`
Development 2026-05-25 19:59:42 -04:00			`errors = validate.validate_config(cfg)`
Development 2026-05-20 17:10:18 -04:00			`if errors:`
			`for msg in errors:`
			`flash(msg, 'error')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`
Flask app progress 2026-05-17 03:26:01 -04:00
Development 2026-06-07 00:21:08 -04:00			`changes = config_utils.diff_fields(removed, None)`
			`flash(config_utils.record_group(cfg, 'banned_ips', 'ip', removed['ip'], changes, 'core apply'), 'success')`
Development 2026-05-27 22:04:04 -04:00			`return redirect(f'/{_PAGE}')`