mirror of
https://github.com/Mailu/Mailu.git
synced 2024-12-14 10:53:30 +02:00
46 lines
1.1 KiB
Python
Executable File
46 lines
1.1 KiB
Python
Executable File
#!/usr/bin/python3
|
|
|
|
import sys
|
|
import tabulate
|
|
|
|
import mailu
|
|
app = mailu.create_app()
|
|
|
|
|
|
# Known endpoints without permissions
|
|
known_missing_permissions = [
|
|
'index',
|
|
'static', 'bootstrap.static',
|
|
'admin.static', 'admin.login'
|
|
]
|
|
|
|
|
|
# Compute the permission table
|
|
missing_permissions = []
|
|
permissions = {}
|
|
for endpoint, function in app.view_functions.items():
|
|
audit = function.__dict__.get('_audit_permissions')
|
|
if audit:
|
|
handler, args = audit
|
|
if args:
|
|
model = args[0].__name__
|
|
key = args[1]
|
|
else:
|
|
model = key = None
|
|
permissions[endpoint] = [endpoint, handler.__name__, model, key]
|
|
elif endpoint not in known_missing_permissions:
|
|
missing_permissions.append(endpoint)
|
|
|
|
# Display the permissions table
|
|
print(tabulate.tabulate([
|
|
[route, *permissions[route.endpoint]]
|
|
for route in app.url_map.iter_rules() if route.endpoint in permissions
|
|
]))
|
|
|
|
# Warn if any endpoint is missing a permission check
|
|
if missing_permissions:
|
|
print()
|
|
print('The following endpoints are missing permission checks:')
|
|
print(','.join(missing_permissions))
|
|
|