From 9faabea9970bdfb35f16f9dcf5086d76398c9d5f Mon Sep 17 00:00:00 2001 From: lephe <> Date: Sat, 9 Feb 2019 11:32:08 +0100 Subject: [PATCH] templates: slightly restructure and improve design --- app/models/users.py | 2 +- app/routes/admin.py | 4 +-- app/static/css/container.css | 6 ++-- app/static/css/global.css | 2 -- app/static/css/header.css | 8 +++-- app/static/css/light.css | 4 +-- app/static/css/navbar.css | 2 +- app/templates/account.html | 2 +- app/templates/admin/delete_account.html | 2 +- app/templates/admin/edit_account.html | 2 +- app/templates/admin/index.html | 2 +- app/templates/base/base.html | 12 ++++++-- app/templates/base/container.html | 11 ------- app/templates/base/header.html | 41 ++++++++++--------------- app/templates/base/navbar.html | 2 +- app/templates/delete_account.html | 2 +- app/templates/errors/403.html | 2 +- app/templates/errors/404.html | 2 +- app/templates/index.html | 6 +++- app/templates/login.html | 2 +- app/templates/register.html | 2 +- app/templates/search.html | 2 +- app/templates/user.html | 2 +- app/templates/validation.html | 2 +- app/utils/decorators.py | 17 ---------- app/utils/priv_required.py | 13 ++++---- assets/privs.txt | 5 ++- config.py | 2 +- 28 files changed, 72 insertions(+), 89 deletions(-) delete mode 100644 app/templates/base/container.html delete mode 100644 app/utils/decorators.py diff --git a/app/models/users.py b/app/models/users.py index 084bd58..a98fda3 100644 --- a/app/models/users.py +++ b/app/models/users.py @@ -127,7 +127,7 @@ class Member(User, db.Model): def priv(self, priv): """Check whether the member has the specified privilege.""" - if SpecialPrivilege.query.filter_by(mid=self.id, priv=priv): + if SpecialPrivilege.query.filter_by(mid=self.id, priv=priv).first(): return True return False # return db.session.query(User, Group, GroupPrivilege).filter( diff --git a/app/routes/admin.py b/app/routes/admin.py index eecbf9c..2ae76f7 100644 --- a/app/routes/admin.py +++ b/app/routes/admin.py @@ -10,7 +10,7 @@ from app.utils.render import render from app import app, db @app.route('/admin', methods=['GET', 'POST']) -@priv_required('panel-admin') +@priv_required('admin-panel') def admin(): class AdminForm(FlaskForm): submit = SubmitField('Régénérer groupes, privilèges, membres de test') @@ -38,7 +38,7 @@ def admin(): m = Member.query.filter_by(name=name).first() if m is not None: db.session.delete(m) - db.session.commit() + db.session.commit() # Create template members m = Member('PlanèteCasio','contact@planet-casio.com','v5-forever') diff --git a/app/static/css/container.css b/app/static/css/container.css index fd812eb..ac88958 100644 --- a/app/static/css/container.css +++ b/app/static/css/container.css @@ -9,9 +9,9 @@ section { section h1 { margin-top: 0; - border-bottom: 1px solid #a0a0a0; - font-family: Raleway; font-size: 32px; - font-weight: 300; color: #242424; + border-bottom: 1px solid #d8d8d8; + font-family: Cantarell; font-weight: bold; + font-size: 26px; color: #101010; } section h2 { diff --git a/app/static/css/global.css b/app/static/css/global.css index 5174e57..4151d54 100644 --- a/app/static/css/global.css +++ b/app/static/css/global.css @@ -6,8 +6,6 @@ @font-face { font-family: Raleway; font-weight: 200; src: url(../fonts/raleway_200.ttf); } @font-face { font-family: Raleway; font-weight: 300; src: url(../fonts/raleway_300.ttf); } - - /* ALL */ diff --git a/app/static/css/header.css b/app/static/css/header.css index 6b671ea..f38c38a 100644 --- a/app/static/css/header.css +++ b/app/static/css/header.css @@ -3,7 +3,7 @@ */ header { - height: 50px; margin: 0; padding: 0 30px; + height: 50px; margin: 0; padding: 0 16px; display: flex; align-items: center; justify-content: space-between; background: #f4f4f6; border-bottom: 1px solid #d0d0d0; } @@ -14,6 +14,10 @@ header h1 { display: inline; } +header .spacer { + flex: auto 1 0; +} + header svg { width: 24px; height: 24px; vertical-align: middle; transition: .15s ease; @@ -22,7 +26,7 @@ header a:hover > svg, header a:focus > svg { fill: black; } header a { - fill: #484848; + fill: #363636; cursor: pointer; } diff --git a/app/static/css/light.css b/app/static/css/light.css index ba80eb1..45b067d 100644 --- a/app/static/css/light.css +++ b/app/static/css/light.css @@ -72,7 +72,6 @@ nav a:focus { align-items: center; flex-grow: 1; height: 100%; text-align: center; - font-family: Raleway; font-size: 13px; color: #ffffff; } #light-menu li { @@ -82,6 +81,7 @@ nav a:focus { display: flex; flex-direction: column; align-items: center; justify-content: center; width: 100%; height: 100%; + cursor: pointer; } #light-menu li > a > div { display: none; @@ -363,4 +363,4 @@ footer { } footer p { margin: 3px 0; -} \ No newline at end of file +} diff --git a/app/static/css/navbar.css b/app/static/css/navbar.css index 5f78c8e..c072458 100644 --- a/app/static/css/navbar.css +++ b/app/static/css/navbar.css @@ -1,6 +1,6 @@ nav a { color: #ffffff; - opacity: .7; + opacity: 0.75; cursor: pointer; } nav a:hover, diff --git a/app/templates/account.html b/app/templates/account.html index dc77b6d..4e00ae3 100644 --- a/app/templates/account.html +++ b/app/templates/account.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
diff --git a/app/templates/admin/delete_account.html b/app/templates/admin/delete_account.html index 9821af1..6dfbd5f 100644 --- a/app/templates/admin/delete_account.html +++ b/app/templates/admin/delete_account.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
diff --git a/app/templates/admin/edit_account.html b/app/templates/admin/edit_account.html index 920ee69..b856662 100644 --- a/app/templates/admin/edit_account.html +++ b/app/templates/admin/edit_account.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
diff --git a/app/templates/admin/index.html b/app/templates/admin/index.html index 180266b..ba9a52d 100644 --- a/app/templates/admin/index.html +++ b/app/templates/admin/index.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block title %} Panneau d'administration »

Utilisateurs et groupes

diff --git a/app/templates/base/base.html b/app/templates/base/base.html index 6ff857a..1f50658 100644 --- a/app/templates/base/base.html +++ b/app/templates/base/base.html @@ -1,11 +1,19 @@ + {% include "base/head.html" %} {% include "base/navbar.html" %} - {% block container %} - {% endblock container %} +
+
+
{% block title %}(page title){% endblock %}
+ {% include "base/header.html" %} +
+ + {% block content %} + {% endblock %} +
{% include "base/footer.html" %} {% include "base/flash.html" %} diff --git a/app/templates/base/container.html b/app/templates/base/container.html deleted file mode 100644 index cd75025..0000000 --- a/app/templates/base/container.html +++ /dev/null @@ -1,11 +0,0 @@ -{% extends "base/base.html" %} - -{% block container %} -
- {% include "base/header.html" %} - - - {% block content %} - {% endblock %} -
-{% endblock container %} diff --git a/app/templates/base/header.html b/app/templates/base/header.html index b49d71f..7da8ce7 100644 --- a/app/templates/base/header.html +++ b/app/templates/base/header.html @@ -1,29 +1,22 @@ -
-
- {% block title %} - Test - {% endblock %} -
-
-
- - - - - - -
- -{% if current_user.is_authenticated %} - +
+
+ + - + +
+ +{% if current_user.is_authenticated %} + + + + + {% endif %} - -
+ diff --git a/app/templates/base/navbar.html b/app/templates/base/navbar.html index c526f14..a534704 100644 --- a/app/templates/base/navbar.html +++ b/app/templates/base/navbar.html @@ -59,7 +59,7 @@
  • - + diff --git a/app/templates/delete_account.html b/app/templates/delete_account.html index 447edef..b4afa7f 100644 --- a/app/templates/delete_account.html +++ b/app/templates/delete_account.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/errors/403.html b/app/templates/errors/403.html index ad49def..1555e36 100644 --- a/app/templates/errors/403.html +++ b/app/templates/errors/403.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/errors/404.html b/app/templates/errors/404.html index 6282c07..da27511 100644 --- a/app/templates/errors/404.html +++ b/app/templates/errors/404.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/index.html b/app/templates/index.html index 4905fee..2807bb7 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -1,4 +1,8 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} + +{% block title %} +

    Planète Casio

    +{% endblock %} {% block content %}
    diff --git a/app/templates/login.html b/app/templates/login.html index 4e4e4ce..e834a48 100644 --- a/app/templates/login.html +++ b/app/templates/login.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/register.html b/app/templates/register.html index fd5088f..f4689d1 100644 --- a/app/templates/register.html +++ b/app/templates/register.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/search.html b/app/templates/search.html index aefa203..e12e9a5 100644 --- a/app/templates/search.html +++ b/app/templates/search.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/user.html b/app/templates/user.html index 861dabf..8f01820 100644 --- a/app/templates/user.html +++ b/app/templates/user.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/templates/validation.html b/app/templates/validation.html index bfba28f..0fb6462 100644 --- a/app/templates/validation.html +++ b/app/templates/validation.html @@ -1,4 +1,4 @@ -{% extends "base/container.html" %} +{% extends "base/base.html" %} {% block content %}
    diff --git a/app/utils/decorators.py b/app/utils/decorators.py deleted file mode 100644 index d36344e..0000000 --- a/app/utils/decorators.py +++ /dev/null @@ -1,17 +0,0 @@ -from flask import redirect, url_for, flash -from flask import current_user -import functools - -# Use only with @login_required. -def privilege_required(priv): - def privilege_decorator(f): - @functools.wraps(f) - def wrapper(): - if not current_user.priv(priv): - flash(f'Cette page est protégée par le privilège {priv}'+ - '', 'error') - return redirect(url_for('index')) - else: - f() - return wrapper - return privilege_decorator diff --git a/app/utils/priv_required.py b/app/utils/priv_required.py index 7a5fd21..2bdd576 100644 --- a/app/utils/priv_required.py +++ b/app/utils/priv_required.py @@ -6,19 +6,19 @@ from app import app def priv_required(*perms): """ - If you decorate a view with this, it will ensure that the current user is - authenticated and has required permissions before calling the actual view. - (If they are not, it calls the :attr:`LoginManager.unauthorized` callback.) - For example:: + Requires the user to be an authenticated member with privileges [perms]. + Calls :attr:`LoginManager.unauthorized` if the user is not authenticated, + and a 403 if some of the privileges are missing. + Example: @app.route('/admin') @priv_required('access-admin-board') def admin_board(): pass It can be convenient to globally turn off authentication when unit testing. - To enable this, if the application configuration variable `LOGIN_DISABLED` - is set to `True`, this decorator will be ignored. + Setting the `LOGIN_DISABLED` configuration variable to `True` will silence + this decorator. """ def decorated_view(func): @wraps(func) @@ -32,6 +32,7 @@ def priv_required(*perms): else: for p in perms: if not current_user.priv(p): + # TODO: Add error message and privilege name abort(403) return func(*args, **kwargs) return wrapped diff --git a/assets/privs.txt b/assets/privs.txt index 6a1d5ac..9945a39 100644 --- a/assets/privs.txt +++ b/assets/privs.txt @@ -35,4 +35,7 @@ Miscellaenous: footer-statistics View performance statistics in the page footer community-login Automatically login as a community account -Administration panel... +Administration panel: + admin-panel Access administration panel (read-only as it is) + edt-account Edit details of any account + delete-account Remove member accounts diff --git a/config.py b/config.py index cf6b501..238124b 100644 --- a/config.py +++ b/config.py @@ -6,6 +6,7 @@ class Config(object): 'postgresql+psycopg2://' + os.environ.get('USER') + ':@/pcv5' SQLALCHEMY_TRACK_MODIFICATIONS = False UPLOAD_FOLDER = './app/static/avatars' + LOGIN_DISABLED=True class V5Config(object): # Length allocated to privilege names (slugs) @@ -14,4 +15,3 @@ class V5Config(object): FORBIDDEN_USERNAMES = [ "admin", "root", "webmaster", "contact" ] # Unauthorized message (@priv_required) UNAUTHORIZED_MSG = "Vous n'avez pas l'autorisation d'effectuer cette action !" -