diff --git a/cps/admin.py b/cps/admin.py index 85d5eb7d..83f57765 100644 --- a/cps/admin.py +++ b/cps/admin.py @@ -470,6 +470,10 @@ def _configuration_update_helper(): _config_int("config_updatechannel") + # Reverse proxy login configuration + _config_checkbox("config_allow_reverse_proxy_header_login") + _config_string("config_reverse_proxy_login_header_name") + # GitHub OAuth configuration if config.config_login_type == constants.LOGIN_OAUTH: active_oauths = 0 diff --git a/cps/config_sql.py b/cps/config_sql.py index 404cea02..87a98cc1 100644 --- a/cps/config_sql.py +++ b/cps/config_sql.py @@ -111,6 +111,9 @@ class _Settings(_Base): config_updatechannel = Column(Integer, default=constants.UPDATE_STABLE) + config_reverse_proxy_login_header_name = Column(String) + config_allow_reverse_proxy_header_login = Column(Boolean, default=False) + def __repr__(self): return self.__class__.__name__ @@ -264,8 +267,7 @@ class _ConfigSQL(object): for k, v in self.__dict__.items(): if k[0] == '_': continue - if hasattr(s, k): # and getattr(s, k, None) != v: - # log.debug("_Settings save '%s' = %r", k, v) + if hasattr(s, k): setattr(s, k, v) log.debug("_ConfigSQL updating storage") @@ -293,7 +295,13 @@ def _migrate_table(session, orm_class): if sys.version_info < (3, 0): if isinstance(column.default.arg,unicode): column.default.arg = column.default.arg.encode('utf-8') - column_default = "" if column.default is None else ("DEFAULT %r" % column.default.arg) + if column.default is None: + column_default = "" + else: + if isinstance(column.default.arg, bool): + column_default = ("DEFAULT %r" % int(column.default.arg)) + else: + column_default = ("DEFAULT %r" % column.default.arg) alter_table = "ALTER TABLE %s ADD COLUMN `%s` %s %s" % (orm_class.__tablename__, column_name, column.type, diff --git a/cps/editbooks.py b/cps/editbooks.py index 6e06e053..de375cac 100644 --- a/cps/editbooks.py +++ b/cps/editbooks.py @@ -656,10 +656,16 @@ def upload(): db_language = db.Languages(input_language) db.session.add(db_language) + # If the language of the file is excluded from the users view, it's not imported, to allow the user to view + # the book it's language is set to the filter language + if db_language != current_user.filter_language() and current_user.filter_language() != "all": + db_language = db.session.query(db.Languages).\ + filter(db.Languages.lang_code == current_user.filter_language()).first() + # combine path and normalize path from windows systems path = os.path.join(author_dir, title_dir).replace('\\', '/') db_book = db.Books(title, "", db_author.sort, datetime.datetime.now(), datetime.datetime(101, 1, 1), - series_index, datetime.datetime.now(), path, has_cover, db_author, [], db_language) + series_index, datetime.datetime.now(), path, has_cover, db_author, [], db_language) db_book.authors.append(db_author) if db_series: db_book.series.append(db_series) @@ -688,8 +694,10 @@ def upload(): # save data to database, reread data db.session.commit() db.update_title_sort(config) - book = db.session.query(db.Books).filter(db.Books.id == book_id).filter(common_filters()).first() - # upload book to gdrive if necessary and add "(bookid)" to folder name + # Reread book. It's important not to filter the result, as it could have language which hide it from + # current users view (tags are not stored/extracted from metadata and could also be limited) + book = db.session.query(db.Books).filter(db.Books.id == book_id).first() + # upload book to gdrive if nesseccary and add "(bookid)" to folder name if config.config_use_google_drive: gdriveutils.updateGdriveCalibreFromLocal() error = helper.update_dir_stucture(book.id, config.config_calibre_dir) diff --git a/cps/shelf.py b/cps/shelf.py index 0440a87b..1d24c4f1 100644 --- a/cps/shelf.py +++ b/cps/shelf.py @@ -30,6 +30,7 @@ from sqlalchemy.sql.expression import func, or_, and_ from . import logger, ub, searched_ids, db from .web import render_title_template +from .helper import common_filters shelf = Blueprint('shelf', __name__) @@ -281,16 +282,10 @@ def show_shelf(shelf_type, shelf_id): if shelf: page = "shelf.html" if shelf_type == 1 else 'shelfdown.html' - books_in_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id).order_by( - ub.BookShelf.order.asc()).all() - for book in books_in_shelf: - cur_book = db.session.query(db.Books).filter(db.Books.id == book.book_id).first() - if cur_book: - result.append(cur_book) - else: - log.info('Not existing book %s in %s deleted', book.book_id, shelf) - ub.session.query(ub.BookShelf).filter(ub.BookShelf.book_id == book.book_id).delete() - ub.session.commit() + books_in_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id)\ + .order_by(ub.BookShelf.order.asc()).all() + books_list = [ b.book_id for b in books_in_shelf] + result = db.session.query(db.Books).filter(db.Books.id.in_(books_list)).filter(common_filters()).all() return render_title_template(page, entries=result, title=_(u"Shelf: '%(name)s'", name=shelf.name), shelf=shelf, page="shelf") else: @@ -322,9 +317,8 @@ def order_shelf(shelf_id): if shelf: books_in_shelf2 = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id) \ .order_by(ub.BookShelf.order.asc()).all() - for book in books_in_shelf2: - cur_book = db.session.query(db.Books).filter(db.Books.id == book.book_id).first() - result.append(cur_book) + books_list = [ b.book_id for b in books_in_shelf2] + result = db.session.query(db.Books).filter(db.Books.id.in_(books_list)).filter(common_filters()).all() return render_title_template('shelf_order.html', entries=result, title=_(u"Change order of Shelf: '%(name)s'", name=shelf.name), shelf=shelf, page="shelforder") diff --git a/cps/templates/admin.html b/cps/templates/admin.html index 17b84f34..a7770c59 100644 --- a/cps/templates/admin.html +++ b/cps/templates/admin.html @@ -1,4 +1,7 @@ {% extends "layout.html" %} +{% macro display_bool_setting(setting_value) -%} + {% if setting_value %}{% else %}{% endif %} +{%- endmacro %} {% block body %}
@@ -23,11 +26,11 @@ {{user.email}} {{user.kindle_mail}} {{user.downloads.count()}} - {% if user.role_admin() %}{% else %}{% endif %} - {% if user.role_download() %}{% else %}{% endif %} - {% if user.role_viewer() %}{% else %}{% endif %} - {% if user.role_upload() %}{% else %}{% endif %} - {% if user.role_edit() %}{% else %}{% endif %} + {{ display_bool_setting(user.role_admin()) }} + {{ display_bool_setting(user.role_download()) }} + {{ display_bool_setting(user.role_viewer()) }} + {{ display_bool_setting(user.role_upload()) }} + {{ display_bool_setting(user.role_edit()) }} {% endif %} {% endfor %} @@ -83,20 +86,30 @@
{{_('Uploading')}}
-
{% if config.config_uploading %}{% else %}{% endif %}
+
{{ display_bool_setting(config.config_uploading) }}
{{_('Anonymous browsing')}}
-
{% if config.config_anonbrowse %}{% else %}{% endif %}
+
{{ display_bool_setting(config.config_anonbrowse) }}
{{_('Public registration')}}
-
{% if config.config_public_reg %}{% else %}{% endif %}
+
{{ display_bool_setting(config.config_public_reg) }}
{{_('Remote login')}}
-
{% if config.config_remote_login %}{% else %}{% endif %}
+
{{ display_bool_setting(config.config_remote_login) }}
+
+
{{_('Reverse proxy login')}}
+
{{ display_bool_setting(config.config_allow_reverse_proxy_header_login) }}
+
+ {% if config.config_allow_reverse_proxy_header_login %} +
+
{{_('Reverse proxy header name')}}
+
{{ config.config_reverse_proxy_login_header_name }}
+
+ {% endif %}
{{_('Basic Configuration')}}
{{_('UI Configuration')}}
diff --git a/cps/templates/config_edit.html b/cps/templates/config_edit.html index 311d4a16..2ae56a38 100644 --- a/cps/templates/config_edit.html +++ b/cps/templates/config_edit.html @@ -204,7 +204,7 @@ {% if feature_support['ldap'] %} -
+
@@ -275,6 +275,16 @@
{% endif %} {% endif %} +
+ + +
+
+
+ + +
+
diff --git a/cps/web.py b/cps/web.py index 92e164f8..88291d30 100644 --- a/cps/web.py +++ b/cps/web.py @@ -114,14 +114,35 @@ web = Blueprint('web', __name__) log = logger.create() # ################################### Login logic and rights management ############################################### +def _fetch_user_by_name(username): + return ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == username.lower()).first() @lm.user_loader def load_user(user_id): return ub.session.query(ub.User).filter(ub.User.id == int(user_id)).first() -@lm.header_loader -def load_user_from_header(header_val): +@lm.request_loader +def load_user_from_request(request): + auth_header = request.headers.get("Authorization") + if auth_header: + user = load_user_from_auth_header(auth_header) + if user: + return user + + if config.config_allow_reverse_proxy_header_login: + rp_header_name = config.config_reverse_proxy_login_header_name + if rp_header_name: + rp_header_username = request.headers.get(rp_header_name) + if rp_header_username: + user = _fetch_user_by_name(rp_header_username) + if user: + return user + + return + + +def load_user_from_auth_header(header_val): if header_val.startswith('Basic '): header_val = header_val.replace('Basic ', '', 1) basic_username = basic_password = '' @@ -131,7 +152,7 @@ def load_user_from_header(header_val): basic_password = header_val.split(':')[1] except TypeError: pass - user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == basic_username.lower()).first() + user = _fetch_user_by_name(basic_username) if user and check_password_hash(str(user.password), basic_password): return user return @@ -789,7 +810,9 @@ def get_tasks_status(): @app.route("/reconnect") def reconnect(): - db.reconnect_db(config) + db.session.close() + db.engine.dispose() + db.setup_db(config) return json.dumps({}) @web.route("/search", methods=["GET"])