|
|
|
@ -1,14 +1,17 @@
|
|
|
|
|
from mailu import app
|
|
|
|
|
#!/usr/bin/python3
|
|
|
|
|
|
|
|
|
|
import sys
|
|
|
|
|
import tabulate
|
|
|
|
|
|
|
|
|
|
import mailu
|
|
|
|
|
app = mailu.create_app()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Known endpoints without permissions
|
|
|
|
|
known_missing_permissions = [
|
|
|
|
|
"index",
|
|
|
|
|
"static", "bootstrap.static",
|
|
|
|
|
"admin.static", "admin.login"
|
|
|
|
|
'index',
|
|
|
|
|
'static', 'bootstrap.static',
|
|
|
|
|
'admin.static', 'admin.login'
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -16,7 +19,7 @@ known_missing_permissions = [
|
|
|
|
|
missing_permissions = []
|
|
|
|
|
permissions = {}
|
|
|
|
|
for endpoint, function in app.view_functions.items():
|
|
|
|
|
audit = function.__dict__.get("_audit_permissions")
|
|
|
|
|
audit = function.__dict__.get('_audit_permissions')
|
|
|
|
|
if audit:
|
|
|
|
|
handler, args = audit
|
|
|
|
|
if args:
|
|
|
|
@ -28,16 +31,15 @@ for endpoint, function in app.view_functions.items():
|
|
|
|
|
elif endpoint not in known_missing_permissions:
|
|
|
|
|
missing_permissions.append(endpoint)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Fail if any endpoint is missing a permission check
|
|
|
|
|
if missing_permissions:
|
|
|
|
|
print("The following endpoints are missing permission checks:")
|
|
|
|
|
print(missing_permissions.join(","))
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Display the permissions table
|
|
|
|
|
print(tabulate.tabulate([
|
|
|
|
|
[route, *permissions[route.endpoint]]
|
|
|
|
|
for route in app.url_map.iter_rules() if route.endpoint in permissions
|
|
|
|
|
]))
|
|
|
|
|
|
|
|
|
|
# Warn if any endpoint is missing a permission check
|
|
|
|
|
if missing_permissions:
|
|
|
|
|
print()
|
|
|
|
|
print('The following endpoints are missing permission checks:')
|
|
|
|
|
print(','.join(missing_permissions))
|
|
|
|
|
|
|
|
|
|