mailu/core/admin/audit.py

#!/usr/bin/python3

import sys
import tabulate

sys.path[0:0] = ['/app']

import mailu
app = mailu.create_app()


# Known endpoints without permissions
known_missing_permissions = [
    'index',
    'static', 'bootstrap.static',
    'admin.static', 'admin.login'
]


# Compute the permission table
missing_permissions = []
permissions = {}
for endpoint, function in app.view_functions.items():
    audit = function.__dict__.get('_audit_permissions')
    if audit:
        handler, args = audit
        if args:
            model = args[0].__name__
            key = args[1]
        else:
            model = key = None
        permissions[endpoint] = [endpoint, handler.__name__, model, key]
    elif endpoint not in known_missing_permissions:
        missing_permissions.append(endpoint)

# Display the permissions table
print(tabulate.tabulate([
    [route, *permissions[route.endpoint]]
    for route in app.url_map.iter_rules() if route.endpoint in permissions
]))

# Warn if any endpoint is missing a permission check
if missing_permissions:
    print()
    print('The following endpoints are missing permission checks:')
    print(','.join(missing_permissions))
update tabluate. fix audit.py and include in container 3 years ago			`#!/usr/bin/python3`
Add a simple permission audit script 8 years ago
			`import sys`
			`import tabulate`

duh 3 years ago			`sys.path[0:0] = ['/app']`

update tabluate. fix audit.py and include in container 3 years ago			`import mailu`
			`app = mailu.create_app()`

Add a simple permission audit script 8 years ago
			`# Known endpoints without permissions`
			`known_missing_permissions = [`
update tabluate. fix audit.py and include in container 3 years ago			`'index',`
			`'static', 'bootstrap.static',`
			`'admin.static', 'admin.login'`
Add a simple permission audit script 8 years ago			`]`


			`# Compute the permission table`
			`missing_permissions = []`
			`permissions = {}`
			`for endpoint, function in app.view_functions.items():`
update tabluate. fix audit.py and include in container 3 years ago			`audit = function.__dict__.get('_audit_permissions')`
Add a simple permission audit script 8 years ago			`if audit:`
			`handler, args = audit`
			`if args:`
			`model = args[0].__name__`
			`key = args[1]`
			`else:`
			`model = key = None`
			`permissions[endpoint] = [endpoint, handler.__name__, model, key]`
			`elif endpoint not in known_missing_permissions:`
			`missing_permissions.append(endpoint)`

			`# Display the permissions table`
			`print(tabulate.tabulate([`
			`[route, *permissions[route.endpoint]]`
			`for route in app.url_map.iter_rules() if route.endpoint in permissions`
			`]))`
update tabluate. fix audit.py and include in container 3 years ago
			`# Warn if any endpoint is missing a permission check`
			`if missing_permissions:`
			`print()`
			`print('The following endpoints are missing permission checks:')`
			`print(','.join(missing_permissions))`