add pibooth extension

.gitignore

@@ -3,6 +3,7 @@ html/static/uploads/*
 html/static/queue/*
 Extension - Mastodon/toots/*
 *.db
+config.json
 
 # Byte-compiled / optimized / DLL files
 __pycache__/

html/app.py

@@ -379,4 +379,4 @@ def req_entity_to_large(e):
     return error_page(f"413 - File is larger than '{app.config['MAX_CONTENT_LENGTH']}'"), 413
 
 if __name__ == '__main__':
-    app.run(debug=False, host="0.0.0.0")
+    app.run(debug=True, host="0.0.0.0")

html/extensions/pibooth/routes.py

@@ -0,0 +1,70 @@
+
+import os
+import json
+import secrets
+
+from flask import Blueprint, session, render_template, request, redirect, url_for
+
+from helper import sanitize_string
+from role_based_access import check_access
+from filehandler import sanitize_filename
+
+
+blueprint = Blueprint('pibooth', __name__, template_folder='extensions/pibooth/templates')
+
+def load_config():
+    # In case the config file do not exist, create it
+    if not os.path.exists("extensions/pibooth/config.json"):
+        with open("extensions/pibooth/config.json", "+w") as f:
+            f.write('{"token": "' + secrets.token_urlsafe(64) + '"}')
+
+    with open('extensions/pibooth/config.json', 'r') as config_file:
+        return json.load(config_file)
+
+def save_config(config:json):
+    with open('extensions/pibooth/config.json', 'w') as config_file:
+        json.dump(config, config_file)
+
+def get_token():
+    config = load_config()
+    return config.get("token")
+
+def renew_token():
+    config = load_config()
+    config['token'] = secrets.token_urlsafe(64)
+    save_config(config)
+
+@blueprint.route('/',  methods=['GET','POST'])
+#@login_required
+def index():
+    user_name = session.get("user_name")
+    if not check_access(user_name, 9):
+        return error_page("You are not allowed to access this page")
+
+    if request.method == "POST":
+        renew_token()
+        return redirect(url_for("pibooth.index"))
+    else:
+        token = get_token()
+        url = request.host_url + url_for("pibooth.upload_extension_pibooth")[1:]
+    return render_template('pibooth.html', url=url, token=token)
+
+
+@blueprint.route('/upload', methods=['POST'])
+#@login_required
+def upload_extension_pibooth():
+    req_pibooth_token = request.headers.get('token')
+    req_pibooth_file = request.files.get('file')
+    if not req_pibooth_token == get_token():
+        return "Token not valid"
+    elif not req_pibooth_file:
+        return "No file received"
+
+    file_name = sanitize_filename(req_pibooth_file.filename)
+    file_path = os.path.join("static/uploads/", file_name)
+    req_pibooth_file.save(file_path)
+    return "success"
+
+def error_page(error_message: str):
+    error_message = sanitize_string(error_message, extend_allowed_chars=True)
+    return render_template('errors/error.html', error_message=error_message)

html/extensions/pibooth/templates/pibooth.html

@@ -0,0 +1,45 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Management Users</title>
+    <link rel="stylesheet" type="text/css" href="{{ url_for('static', filename='css/style.css') }}">
+</head>
+<body>
+    <header>
+        <div class="menu-container">
+            <nav class="menu">
+                <a href="{{ url_for('index') }}" {% if request.path == url_for('index') %}class="selected"{% endif %}>Home</a>
+                <a href="{{ url_for('dashboard') }}" {% if request.path == url_for('dashboard') %}class="selected"{% endif %}>Dashboard</a>
+                {% if session['user_role'] >= 6 %}
+                <a href="{{ url_for('management_approve') }}" {% if request.path == url_for('management_approve') %}class="selected"{% endif %}>Approve</a>
+                <a href="{{ url_for('management_delete') }}" {% if request.path == url_for('management_delete') %}class="selected"{% endif %}>Delete files</a>
+                {% endif %}
+                {% if session['user_role'] >= 9 %}
+                <a href="{{ url_for('management_users') }}" {% if request.path == url_for('management_users') %}class="selected"{% endif %}>Users</a>
+                <a href="{{ url_for('management_extensions') }}" {% if request.path == url_for('management_extensions') %}class="selected"{% endif %}>Extensions</a>
+                {% endif %}
+                <a class="logout-button" href="{{ url_for('logout') }}">Logout</a>
+            </nav>
+        </div>
+    </header>
+    <div class="head-container">
+    </div>
+
+    <h1>Pibooth configuration</h1>
+    <div class="extension-container">
+        <div class="extension-management">
+            <p>Endpoint URL: <p><pre>{{ url }}</pre>
+            <p>Token: </p><pre>{{ token }}</pre>
+            <form action="/management/extensions/pibooth" method="post">
+                <button type="submit" class="green-button">Renew Token</button>
+            </form>
+        </div>
+    </div>
+</body>
+<footer>
+    <a href="{{ url_for('index') }}">Home</a> | <a href="{{ url_for('faq') }}">FAQ</a>
+    <p>Nextride2-infobeamer by Inflac | Hackerspace-Bielefeld e.V.</p>
+</footer>
+</html>

html/static/css/style.css

@@ -47,6 +47,19 @@ th, td {
     text-align: left;
 }
 
+pre {
+    background-color: #1e1e1e;
+    color: #dcdcdc;
+    padding: 10px;
+    border-radius: 5px;
+    max-width: 50%;
+    overflow-x: scroll;
+    margin-left: 25%;
+    text-align: center;
+    font-family: 'Courier New', Courier, monospace;
+}
+
+
 
 .menu-container {
     width: 100%;
@@ -256,6 +269,11 @@ th, td {
 
 
 @media (max-width: 600px) {
+    pre {
+        max-width: 80%;
+        margin-left: 10%;
+    }
+
     .menu {
         display: block;
     }