summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2020-04-20 00:52:33 +0200
committerDirk Engling <erdgeist@erdgeist.org>2020-04-20 00:52:33 +0200
commit2460ef593a17eecad863e8702904292cc9706d9e (patch)
treee872cee22c8f77b1f25976d794d48564723627dd
Kickoff
-rwxr-xr-xFiler.py164
-rw-r--r--Makefile11
-rw-r--r--requirements.txt8
-rw-r--r--static/style.css86
-rw-r--r--templates/admin.html67
-rw-r--r--templates/mandant.html37
6 files changed, 373 insertions, 0 deletions
diff --git a/Filer.py b/Filer.py
new file mode 100755
index 0000000..b7defd8
--- /dev/null
+++ b/Filer.py
@@ -0,0 +1,164 @@
1#!venv/bin/python
2
3import os
4import hashlib
5import base64
6import time
7from shutil import rmtree
8
9from flask import Flask, render_template, jsonify, request, redirect, send_from_directory
10from flask_dropzone import Dropzone
11from argparse import ArgumentParser
12from werkzeug.utils import secure_filename
13
14app = Flask(__name__)
15app.config['SECRET_KEY'] = 'Silence is golden. Gerd Eist.'
16#app.jinja_env.trim_blocks = True
17#app.jinja_env.lstrip_blocks = True
18
19app.config['PREFERRED_URL_SCHEME'] = 'https'
20app.config['DROPZONE_SERVE_LOCAL'] = True
21app.config['DROPZONE_MAX_FILE_SIZE'] = 128
22app.config['DROPZONE_UPLOAD_MULTIPLE'] = True
23app.config['DROPZONE_PARALLEL_UPLOADS'] = 10
24
25app.config['DROPZONE_ALLOWED_FILE_CUSTOM'] = True
26app.config['DROPZONE_ALLOWED_FILE_TYPE'] = ''
27
28app.config['DROPZONE_DEFAULT_MESSAGE'] = 'Ziehe die Dateien hier hin, um sie hochzuladen oder klicken Sie zur Auswahl.'
29
30dropzone = Dropzone(app)
31
32basedir = 'Daten'
33
34#### ADMIN FACING DIRECTORY LISTS ####
35####
36####
37@app.route("/admin", methods=['GET'])
38def admin():
39 url_root = request.url_root.replace('http://', 'https://', 1)
40 users = os.listdir(os.path.join(basedir, 'Mandanten'))
41 return render_template('admin.html', users = users, tree = make_tree(basedir, 'Public'), url_root = url_root)
42
43@app.route("/admin/Dokumente/<user>", methods=['GET'])
44def admin_dokumente(user):
45 return render_template('mandant.html', admin = 'admin/', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
46
47@app.route("/admin/del-user/<user>", methods=['POST'])
48def admin_deluser(user):
49 method = request.form.get('_method', 'POST')
50 if method == 'DELETE':
51 rmtree(os.path.join(basedir, 'Dokumente', secure_filename(user)))
52 os.unlink(os.path.join(basedir, 'Mandanten', secure_filename(user)))
53 return redirect('/admin')
54
55@app.route("/admin/new-user", methods=['POST'])
56def admin_newuser():
57 password = request.form.get('password', '')
58 user = request.form.get('user', '')
59 if not password or not user:
60 return "Username or password missing", 400
61 directory = secure_filename(user)
62
63 salt = os.urandom(4)
64 sha = hashlib.sha1(password.encode('utf-8'))
65 sha.update(salt)
66
67 digest_salt_b64 = base64.b64encode(sha.digest()+ salt)
68 tagged_digest_salt = '{{SSHA}}{}'.format(digest_salt_b64.decode('ascii'))
69
70 try:
71 if not os.path.exists(os.path.join(basedir, 'Dokumente', directory)):
72 os.mkdir(os.path.join(basedir, 'Dokumente', directory))
73 with open(os.path.join(basedir, 'Mandanten', directory), 'w+', encoding='utf-8') as htpasswd:
74 htpasswd.write("{}:{}\n".format(user, tagged_digest_salt))
75 except OSError as error:
76 return "Couldn't create user scope", 500
77 return redirect('/admin')
78
79#### USER FACING DIRECTORY LIST ####
80####
81####
82@app.route("/Dokumente/<user>", methods=['GET'])
83def mandant(user):
84 return render_template('mandant.html', admin = '', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
85
86#### UPLOAD FILE ROUTES ####
87####
88####
89@app.route('/Dokumente/<user>', methods=['POST'])
90@app.route('/admin/Dokumente/<user>', methods=['POST'])
91def upload_mandant(user):
92 for key, f in request.files.items():
93 if key.startswith('file'):
94 username = secure_filename(user)
95 filename = secure_filename(f.filename)
96 f.save(os.path.join(basedir, 'Dokumente', username, filename))
97 return 'upload template'
98
99@app.route('/admin', methods=['POST'])
100def upload_admin():
101 for key, f in request.files.items():
102 if key.startswith('file'):
103 filename = secure_filename(f.filename)
104 f.save(os.path.join(basedir, 'Public', filename))
105 return 'upload template'
106
107#### DELETE FILE ROUTES ####
108####
109####
110@app.route('/Dokumente/<user>/<path:filename>', methods=['POST'])
111def delete_file_mandant(user, filename):
112 method = request.form.get('_method', 'POST')
113 if method == 'DELETE':
114 os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
115 return redirect('/Dokumente/'+user)
116
117@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['POST'])
118def delete_file_mandant_admin(user, filename):
119 method = request.form.get('_method', 'POST')
120 if method == 'DELETE':
121 os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
122 return redirect('/admin/Dokumente/'+user)
123
124@app.route('/admin/Public/<path:filename>', methods=['POST'])
125def delete_file_admin(filename):
126 method = request.form.get('_method', 'POST')
127 if method == 'DELETE':
128 os.unlink(os.path.join(basedir, 'Public', secure_filename(filename)))
129 return redirect('/admin')
130
131#### SERVE FILES RULES ####
132####
133####
134@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['GET'])
135@app.route('/Dokumente/<user>/<path:filename>', methods=['GET'])
136def custom_static(user, filename):
137 return send_from_directory(os.path.join(basedir, 'Dokumente'), os.path.join(user, filename))
138
139@app.route('/Public/<path:filename>')
140def custom_static_public(filename):
141 return send_from_directory(os.path.join(basedir, 'Public'), filename)
142
143def make_tree(rel, path):
144 tree = dict(name=path, download=os.path.basename(path), children=[])
145 try: lst = os.listdir(os.path.join(rel,path))
146 except OSError:
147 pass #ignore errors
148 else:
149 for name in lst:
150 fn = os.path.join(path, name)
151 if os.path.isdir(os.path.join(rel,fn)):
152 tree['children'].append(make_tree(rel, fn))
153 else:
154 ttl = 10 - int((time.time() - os.path.getmtime(os.path.join(rel,fn))) / (24*3600))
155 tree['children'].append(dict(name=fn, download=name, ttl = ttl))
156 return tree
157
158if __name__ == "__main__":
159 parser = ArgumentParser(description="Filer")
160 parser.add_argument("-H", "--host", help="Hostname of the Flask app " + "[default %s]" % "127.0.0.1", default="127.0.0.1")
161 parser.add_argument("-P", "--port", help="Port for the Flask app " + "[default %s]" % "5000", default="5000")
162 args = parser.parse_args()
163
164 app.run(host=args.host, port=int(args.port))
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..eae1e68
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,11 @@
1all: install
2
3run:
4 ./venv/bin/python Filer.py -P 5000 &
5
6venv:
7 python3 -m venv ./venv
8
9install: venv
10 ./venv/bin/pip install --upgrade pip
11 ./venv/bin/pip install -r requirements.txt
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..277407d
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,8 @@
1click
2Flask
3Flask-Dropzone
4itsdangerous
5Jinja2
6MarkupSafe
7sqlite3
8Werkzeug
diff --git a/static/style.css b/static/style.css
new file mode 100644
index 0000000..3845959
--- /dev/null
+++ b/static/style.css
@@ -0,0 +1,86 @@
1body {
2 font-family: "HelveticaNeueLight", "HelveticaNeue-Light", "Helvetica Neue Light", "HelveticaNeue", "Helvetica Neue", 'TeXGyreHerosRegular', "Helvetica", "Tahoma", "Geneva", "Arial", sans-serif; font-weight:400; font-size:15pt; font-stretch:normal;
3 margin: 1em 0;
4 padding: 0 5%;
5}
6
7ul {
8 list-style-type: none;
9}
10
11li {
12 margin: 0 0 0.5em 0;
13}
14
15button {
16 margin: 0 0.5em 0 0;
17 min-width: 5.5em;
18}
19
20button.add,
21button.edit {
22 box-shadow:inset 0px 1px 0px 0px #bee2f9;
23 background:linear-gradient(to bottom, #63b8ee 5%, #468ccf 100%);
24 background-color:#63b8ee;
25 border-radius:9px;
26 border:1px solid #3866a3;
27 display:inline-block;
28 cursor:pointer;
29 color:#ffffff;
30 padding:5px 6px;
31 text-decoration:none;
32 text-shadow:0px 1px 0px #7cacde;
33}
34button.delete {
35 box-shadow:inset 0px 1px 0px 0px #cf866c;
36 background:linear-gradient(to bottom, #d0451b 5%, #bc3315 100%);
37 background-color:#d0451b;
38 border-radius:9px;
39 border:1px solid #942911;
40 display:inline-block;
41 cursor:pointer;
42 color:#ffffff;
43 padding:5px 6px;
44 text-decoration:none;
45 text-shadow:0px 1px 0px #854629;
46}
47button.add:hover,
48button.edit:hover {
49 background:linear-gradient(to bottom, #468ccf 5%, #63b8ee 100%);
50 background-color:#468ccf;
51}
52button.delete:hover {
53 background:linear-gradient(to bottom, #bc3315 5%, #d0451b 100%);
54 background-color:#bc3315;
55}
56
57button.add:active,
58button.edit:active,
59button.delete:active {
60 position:relative;
61 top:1px;
62}
63
64input[type="text"] {
65 padding: 0.3em 0.4em;
66
67 border: 1px solid grey;
68 border-radius: 6px;
69
70 font-weight: bold;
71 font-size: 13pt;
72 transition: background-color 1s;
73 color: #444;
74 min-width: 35%;
75}
76
77.age {
78 display: inline-block;
79 text-align: right;
80 border-radius: 4px;
81 border: solid 1px black;
82 background-color: grey;
83 padding: 0 0.2em;
84 margin-right: 0.5em;
85 width: 4em;
86}
diff --git a/templates/admin.html b/templates/admin.html
new file mode 100644
index 0000000..e62979e
--- /dev/null
+++ b/templates/admin.html
@@ -0,0 +1,67 @@
1<!DOCTYPE html>
2<html>
3<head>
4<title>Filer Admin</title>
5<meta charset="UTF-8">
6{{ dropzone.load_css() }}
7{{ dropzone.style('border: 2px dashed #0087F7; min-height: 3em;') }}
8<link rel="stylesheet" href="/static/style.css">
9<script>
10function generatePassword() {
11 var chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!#$%&'()*+,-./:;<=>?@_{|}~";
12 var randarray = new Uint16Array(32);
13 var retval = "";
14 window.crypto.getRandomValues(randarray);
15 for (var i = 0, n = chars.length; i < randarray.length; ++i)
16 retval += chars.charAt(Math.floor(randarray[i] * n / 65336));
17 console.log(retval);
18 document.getElementById("password").value = retval;
19}
20</script>
21</head>
22<body>
23{{ dropzone.load_js() }}
24<h1>Kanzlei Hubrig – Administration</h1>
25<h2>Mandanten</h2>
26<ul>
27{%- for item in users %}
28 <li>
29 <form action="/admin/del-user/{{item}}" method="post" style="display: inline;" onsubmit="return confirm('Sind Sie sicher?');">
30 <input type="hidden" name="_method" value="DELETE">
31 <button class="delete">löschen</button>
32 </form>
33 <button class="edit" onclick="document.getElementById('user').value='{{item}}'">edit</button>
34 <a href="/admin/Dokumente/{{item}}">{{item}}</a> <small>Mandanten-URL: {{url_root}}Dokumente/{{item}}</small>
35 </li>
36{%- endfor %}
37<li>
38 <form action="/admin/new-user" method="post">
39 <input id="user" name="user" type="text" placeholder="Name" required></input>
40 <input id="password" name="password" type="text" placeholder="Passwort" autocomplete="off" required></input>
41 <script>generatePassword()</script>
42 <button class="add" type="button" onclick="generatePassword()">Zufall</button>
43 <button class="add">Hinzufügen</button>
44 </form>
45</li>
46</ul>
47
48<h2>Öffentliche Dokumente</h2>
49<ul>
50{%- for item in tree.children recursive %}
51 <li><form action="/admin/{{ item.name }}" method="post" style="display: inline;" onsubmit="return confirm('Are you sure?');">
52 <input type="hidden" name="_method" value="DELETE">
53 <button class="delete">löschen</button>
54 </form>
55 <a href="{{ item.name }}" download="{{item.download}}">{{ item.download }}</a>
56 {%- if item.children -%}
57 <ul>{{ loop(item.children) }}</ul>
58 {%- endif %}</li>
59{%- endfor %}
60</ul>
61
62<h2>Öffentliches Dokument hochladen</h2>
63<div class="droppy">{{ dropzone.create(action='/admin') }}</div>
64
65{{ dropzone.config() }}
66</body>
67</html>
diff --git a/templates/mandant.html b/templates/mandant.html
new file mode 100644
index 0000000..16c07ab
--- /dev/null
+++ b/templates/mandant.html
@@ -0,0 +1,37 @@
1<!DOCTYPE html>
2<html>
3<head>
4<title>Filer</title>
5<meta charset="UTF-8">
6{{ dropzone.load_css() }}
7{{ dropzone.style('border: 2px dashed #0087F7; min-height: 10px;') }}
8<link rel="stylesheet" href="/static/style.css">
9</head>
10<body>
11{{ dropzone.load_js() }}
12<h1>Kanzlei Hubrig – Dokumenten-Austausch</h1>
13{%- if admin %}
14<a href="/admin">Zurück zur Übersicht</a>
15{% endif -%}
16<h2>Dokumente</h2>
17<ul>
18{%- for item in tree.children recursive %}
19 <li><form action="/{{admin}}{{ item.name }}" method="post" style="display: inline;" onsubmit="return confirm('Sind Sie sicher?');">
20 <input type="hidden" name="_method" value="DELETE">
21 <button class="delete" type="submit">löschen</button>
22 </form>
23 <div class="age">{{item.ttl}} Tag{%- if not item.ttl == 1 -%}e{%- endif -%}</div>
24 {%- if 'children' in item -%}
25 {{item.download}}<br/>
26 <ul>{{ loop(item.children) }}</ul>
27 {%- else -%}
28 <a href="/{{admin}}{{item.name}}" download="{{item.download}}">{{ item.download }}</a>
29 {%- endif %}</li>
30{%- endfor %}
31</ul>
32
33<div class="droppy">{{ dropzone.create(action="/"+admin+"Dokumente/"+user) }}</div>
34
35{{ dropzone.config() }}
36</body>
37</html>