hide not accessable items from navbar

3ee20cbb · nd · 90913400 · 3ee20cbb · 3ee20cbb · 3ee20cbb
Verified Commit 3ee20cbb authored 4 years ago by nd
--- a/uffd/group/views.py
+++ b/uffd/group/views.py
@@ -2,7 +2,7 @@ from flask import Blueprint, current_app, render_template
 from uffd.navbar import register_navbar
 from uffd.ldap import get_conn, escape_filter_chars
-from uffd.session import login_required
+from uffd.session import login_required, is_valid_session
 from .models import Group
@@ -14,7 +14,7 @@ def group_acl():
 	pass
 @bp.route("/")
-@register_navbar('Groups', icon='layer-group', blueprint=bp)
+@register_navbar('Groups', icon='layer-group', blueprint=bp, visible=is_valid_session)
 def group_list():
 	conn = get_conn()
 	conn.search(current_app.config["LDAP_BASE_GROUPS"], '(objectclass=groupOfUniqueNames)')

--- a/uffd/navbar.py
+++ b/uffd/navbar.py
@@ -9,7 +9,7 @@ def setup_navbar(app):
 # ( see: http://getbootstrap.com/components/#glyphicons )
 # or 'fa'
 # ( see: http://fontawesome.io/icons/ )
-def register_navbar(name, iconlib='fa', icon=None, group=None, endpoint=None, blueprint=None):
+def register_navbar(name, iconlib='fa', icon=None, group=None, endpoint=None, blueprint=None, visible=None):
 	def wrapper(func):
 		urlendpoint = endpoint
 		if not endpoint:
@@ -26,6 +26,7 @@ def register_navbar(name, iconlib='fa', icon=None, group=None, endpoint=None, bl
 		item['endpoint'] = urlendpoint
 		item['name'] = name
 		item['blueprint'] = blueprint
+		item['visible'] = visible
 		navbarList.append(item)
 		return func
 	return wrapper
--- a/uffd/selfservice/views.py
+++ b/uffd/selfservice/views.py
@@ -5,7 +5,7 @@ from uffd.csrf import csrf_protect
 from uffd.user.models import User
 from uffd.group.models import Group
-from uffd.session import get_current_user, login_required
+from uffd.session import get_current_user, login_required, is_valid_session
 from uffd.ldap import get_conn, escape_filter_chars
 bp = Blueprint("selfservice", __name__, template_folder='templates', url_prefix='/self/')
@@ -16,7 +16,7 @@ def self_acl():
 	pass
 @bp.route("/")
-@register_navbar('Selfservice', icon='portrait', blueprint=bp)
+@register_navbar('Selfservice', icon='portrait', blueprint=bp, visible=is_valid_session)
 def self_index():
 	return render_template('self.html', user=get_current_user())

--- a/uffd/session/__init__.py
+++ b/uffd/session/__init__.py
-from .views import bp as bp_ui, get_current_user, login_required, is_user_in_group
+from .views import bp as bp_ui, get_current_user, login_required, is_user_in_group, is_valid_session
 bp = [bp_ui]
--- a/uffd/session/views.py
+++ b/uffd/session/views.py
@@ -10,7 +10,6 @@ from uffd.ldap import get_conn, user_conn, uid_to_dn
 bp = Blueprint("session", __name__, template_folder='templates', url_prefix='/')
-@register_navbar('Logout', icon='sign-out-alt', blueprint=bp)
 @bp.route("/logout")
 def logout():
 	session.clear()
@@ -34,7 +33,7 @@ def login():
 	user = User.from_ldap(conn.entries[0])
 	session['user_uid'] = user.uid
 	session['logintime'] = datetime.datetime.now().timestamp()
-	return redirect(url_for('index'))
+	return redirect(request.values.get('ref', url_for('index')))
 def get_current_user():
 	if not session.get('user_uid'):
@@ -49,16 +48,18 @@ def is_valid_session():
 		flash('Session timed out')
 		return False
 	return True
+bp.add_app_template_global(is_valid_session)
 def is_user_in_group(user, group):
 	return True
+bp.add_app_template_global(is_user_in_group)
 def login_required(view, group=None):
 	@functools.wraps(view)
 	def wrapped_view(**kwargs):
 		if not is_valid_session():
 			flash('You need to login first')
-			return redirect(url_for('session.login'))
+			return redirect(url_for('session.login', ref=request.url))
 		if not is_user_in_group(get_current_user, group):
 			flash('Access denied')
 			return redirect(url_for('index'))

--- a/uffd/templates/base.html
+++ b/uffd/templates/base.html
@@ -42,7 +42,7 @@
 			<div class="collapse navbar-collapse" id="baseNavbar">
 				<ul class="navbar-nav mr-auto">
-					{% for n in navbar if (not n.group) %}
+					{% for n in navbar if (not n.group) and (not n.visible or n.visible()) %}
 					{{ navbaricon(n) }}
 					{% endfor %}
@@ -66,6 +66,16 @@
 					</li>
 					{% endfor %}
 				</ul>
+				{% if is_valid_session() %}
+				<ul class="navbar-nav ml-auto">
+					<li class="nav-item">
+						<a class="nav-link" href="{{ url_for("session.logout") }}">
+							<span aria-hidden="true" class="fa fa-sign-out-alt"></span>
+							Logout
+						</a>
+					</li>
+				</ul>
+				{% endif %}
 			</div>

--- a/uffd/user/views.py
+++ b/uffd/user/views.py
@@ -3,7 +3,7 @@ from flask import Blueprint, render_template, request, url_for, redirect, flash,
 from uffd.navbar import register_navbar
 from uffd.csrf import csrf_protect
 from uffd.ldap import get_conn, escape_filter_chars
-from uffd.session import login_required
+from uffd.session import login_required, is_valid_session
 from .models import User
@@ -15,7 +15,7 @@ def user_acl():
 	pass
 @bp.route("/")
-@register_navbar('Users', icon='users', blueprint=bp)
+@register_navbar('Users', icon='users', blueprint=bp, visible=is_valid_session)
 def user_list():
 	conn = get_conn()
 	conn.search(current_app.config["LDAP_BASE_USER"], '(objectclass=person)')