mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Development

Browse source
This commit is contained in:
Matthew Grotke 2026-05-27 22:04:04 -04:00
parent eed1d295dc
commit d9f3bd8289
45 changed files with 635 additions and 666 deletions
Download patch file Download diff file Expand all files Collapse all files

97
docker/routlin-dash/app/pages/accountmanage/action.py Normal file
View file

@ -0,0 +1,97 @@
from pathlib import Path
from flask import Blueprint, request, session, redirect, flash
import json, re
from datetime import datetime, timezone
from auth import require_level
from config_utils import ACCOUNTS_FILE
import sanitize
_PAGE = Path(__file__).parent.name
bp = Blueprint(_PAGE, __name__)
VALID_LEVELS = {'viewer', 'administrator', 'manager'}
def _load_accounts():
try:
with open(ACCOUNTS_FILE) as f:
return json.load(f)
except Exception:
return {'accounts': []}
def _save_accounts(data):
with open(ACCOUNTS_FILE, 'w') as f:
json.dump(data, f, indent=2)
@bp.route('/action/accountmanage/accounts_add', methods=['POST'])
@require_level('manager')
def accounts_add():
email = sanitize.email(request.form.get('email_address', ''))
access_level = request.form.get('access_level', '').strip()
if not email:
flash('Email address is required.', 'error')
return redirect(f'/{_PAGE}')
if not re.match(r'^[^@\s]+@[^@\s]+\.[^@\s]+$', email):
flash('Email address does not appear to be valid.', 'error')
return redirect(f'/{_PAGE}')
if access_level not in VALID_LEVELS:
flash('Invalid access level.', 'error')
return redirect(f'/{_PAGE}')
data = _load_accounts()
accounts = data.get('accounts', [])
if any(a.get('email_address', '').lower() == email for a in accounts):
flash('An account with that email address already exists.', 'error')
return redirect(f'/{_PAGE}')
now = datetime.now(tz=timezone.utc).strftime('%Y-%m-%dT%H:%M:%SZ')
accounts.append({
'email_address': email,
'access_level': access_level,
'account_created_utc': now,
'account_created_by': session.get('email_address', ''),
'hashed_password': '',
'timezone': '',
})
data['accounts'] = accounts
_save_accounts(data)
flash(f'Authorization added for {email}. User must complete account setup via the Create Account page.', 'success')
return redirect(f'/{_PAGE}')
@bp.route('/action/accountmanage/accounts_delete', methods=['POST'])
@require_level('manager')
def accounts_delete():
try:
row_index = int(request.form.get('row_index', ''))
except (ValueError, TypeError):
flash('Invalid request.', 'error')
return redirect(f'/{_PAGE}')
data = _load_accounts()
accounts = data.get('accounts', [])
if row_index < 0 or row_index >= len(accounts):
flash('Account not found.', 'error')
return redirect(f'/{_PAGE}')
target = accounts[row_index]
if target.get('email_address', '').lower() == session.get('email_address', '').lower():
flash('You cannot remove your own account.', 'error')
return redirect(f'/{_PAGE}')
removed_email = target.get('email_address', '')
accounts.pop(row_index)
data['accounts'] = accounts
_save_accounts(data)
flash(f'Account for {removed_email} has been removed.', 'success')
return redirect(f'/{_PAGE}')

7
docker/routlin-dash/app/pages/accountmanage/content.json
View file

@ -1,5 +1,4 @@
{
"id": "view_manageaccounts",
"client_requirement": "client_is_manager+",
"items": [
{
@ -40,7 +39,7 @@
],
"row_actions": [
{
"action": "/action/delete_account",
"action": "/action/accountmanage/accounts_delete",
"method": "post",
"text": "Remove",
"class": "btn-danger btn-sm"
@ -53,7 +52,7 @@
"items": [
{
"type": "form",
"action": "/action/add_account",
"action": "/action/accountmanage/accounts_add",
"method": "post",
"items": [
{
@ -76,7 +75,7 @@
"items": [
{
"type": "button_primary",
"action": "/action/add_account",
"action": "/action/accountmanage/accounts_add",
"method": "post",
"text": "Authorize"
}