dhsdZddlZddlZddlZddlZddlZddlmZmZm Z m Z m Z m Z m Z mZddlmZddlmZddlmZmZddlmZmZdd lmZmZdd lmZmZmZm Z m!Z!ed e"Z#e#jId ed Z%e#jIddgedZ&e#jIddgede'fdZ(e#jIddgede'fdZ)e#jIdedZ*e#jIdede'fdZ+e#jIdede'fdZ,e#jIddgedZ-e#jIdede'd e.fd!Z/e#jId"dgede'fd#Z0e#jId$dgede'fd%Z1e#jId&dgede'fd'Z2e#jId(dged)Z3e#jId*ed+Z4e#jId,ed-Z5e#jId.ede'fd/Z6y)0a admin_routes.py Purpose: Admin panel HTML and actions for managing users. Includes add, remove, and change-password endpoints, protected by the admin_required decorator. Also exposes admin-only JSON APIs to view and manage any user's cameras and images, and to read audit logs. All routes are CSRF-protected globally. Routes: - GET /admin - POST /admin/add_user - POST /admin/remove_user/ - POST /admin/change_password/ - GET /admin/users.json - GET /admin/user//cameras.json - GET /admin/user//images.json - POST /admin/user//cameras/rename - POST /admin/user//cameras/delete - POST /admin/image/delete - GET /admin/logs.json N) Blueprintrender_templaterequestredirecturl_forflashsessionjsonify)get_db)admin_required)log_admin_actionget_request_ip) STATIC_PATHUSER_PHOTOS_REAL)latest_from_db_or_fscollect_user_images)parse_ts_from_any format_dtnormalize_to_static_user_photosbuild_media_urlbuild_share_url admin_routesz/admincnt}|jdj}td|S)Nz_SELECT id, username, IFNULL(is_admin,0) AS is_admin FROM users ORDER BY username COLLATE NOCASEz admin.html)users)r executefetchallr)dbrs KC:\Users\algun\Documents\ceba web\Ceba - Github\app_modules\admin_routes.py admin_panelr )s9 B JJx y C C EE >;KLSST[\ X NQY[cPde  +  Zw{{97M^bguv}g~JST\S]H^ _ G67 88      ! !8 -w7 ==( ow'(s7>BF?3F FFFFG6GGz /admin/remove_user/r-c t}|jd|f|jd|f|jtdd t dt j d|ttttd S#t$rYwxYw#tj$rtdd YDwxYw) Nz%DELETE FROM cameras WHERE user_id = ?zDELETE FROM users WHERE id = ?zKorisnik i kamere obrisani.r+ remove_userr-r0r1r2r4r(r))r rr@rrr r6rrrArBrDrr)r-rs radmin_remove_userrJNs ( X :WJG 3gZ@  +Y7  ]'++i:Pahm{}DnE F G67 88     ==( ow'(s0A B!/B BB!BB!!CCz$/admin/change_password/cNtjxsGtjjdxsdj dddj dk(}|r>tj dxsi}|jd xsdj }n1tjjd xsdj }t|d kr2|rtd d d dfStd dttdS tj|jdtj j#d}t%}|j'd||f|j) t+dt-jd|t/t|r tddiStddttdS#t0$rY:wxYw#t2j4$r#|rtd dd dfcYStddYXwxYw)zChange a user's password. - Supports form POST (HTML) and JSON (AJAX) with CSRF protection. - Enforces minimal password policy server-side. z Content-Typer&;r rapplication/jsonTsilent new_passwordFz&Lozinka mora imati najmanje 8 znakova.r+messager(r)r*z/UPDATE users SET password_hash = ? WHERE id = ?change_passwordr-rIr+zLozinka promijenjena.r4)ris_jsonheadersr6splitr7get_jsonr5lenr rrrr;r<r=r>r?r rr@rr rrArBrD)r-rWdatarPnew_hashrs radmin_change_passwordr^`soo   ^ , 299#qA!DJJLPbb t,206B==?  ((8>BEEG  <1 u9abcehh h 6@ :;<<(==!4!4W!=v~~?OPWWX_` X DxQXFYZ   .gkk)>TelqAHrI J It,- - %y1 G67 88    ==( uIJCO O ow'(sC A4G./G0G.? G. G+(G.*G++G..%H$ H$#H$z/admin/users.jsonc t}|jdj}g}|D]A}|j|d|dt |dxsddk(t |dxsddCt d |iS) Na SELECT u.id, u.username, IFNULL(u.is_admin,0) AS is_admin, COUNT(c.camera_id) AS camera_count FROM users u LEFT JOIN cameras c ON c.user_id = u.id GROUP BY u.id ORDER BY u.username COLLATE NOCASE idr%is_adminrr camera_count)r`r%rarbr)r rrappendintr )rrowsrrs radmin_users_jsonrgs B ::    E  D'* AjM.Q/14. 1 6Q7    GU# $$r!z&/admin/user//cameras.jsonc t}|jdjDcgc]}|d }}dt|v}d|rdndz}|jd|d|f}g}|jD]}}t |d } t | |d xsdt \} } d } |r|dndxsd } |j| |d | r t| nd| rt| jnd| | dtd|iScc}w)NzPRAGMA table_info(cameras)r modelz"camera_id, camera_name, file_pathsz, modelr&zSELECT zC FROM cameras WHERE user_id = ? ORDER BY camera_name COLLATE NOCASE camera_id file_pathsz/static/camera_render.pngz Vision mini camera_namezNema aktivnosti)rjrl last_activelatest_image_ts thumbnail_urlricameras) r rrsetstrrrrcrrd timestampr )r-rrowcols has_model select_fieldscurrerfcam_id latest_dt_ thumb_urlris radmin_user_cameras_jsonr}s$ B jj)EFOOQ RQsCFQD R3t9$I8IXZ[M **w}o-pqt{s} ~C D \\^Q{^$+FAlO4Ir;W 1/ (7dD} ]+3<9Y/BS=Fs9#6#6#89D&    It$ %%% Ss Dz%/admin/user//images.jsonc t}t||t}|jd|fj }|Dcic]}t |d|d}}i}|D]}|j d}|s||vr||j |d|gd||<||dj|d|d||j d rt|j d nd d td ttjj d d } tdtttjj ddd} g} |jD]H\}} t| d} | d| | | z}| | z| k}| j|| d|| ||r| | znddJ| j!dt#| t| dScc}w)NzQSELECT camera_id, camera_name FROM cameras WHERE user_id = ? ORDER BY camera_namerjrlzCamera )rjrlimagesrurlreltsr&rrrjrroffsetr limitd)rjrlr total_counthas_more next_offsetc |dS)Nrlxs rz(admin_user_images_json..s a &6r!)key)rp total_cameras)r rrrrrrr6rcrmaxrdrargsminitemsr[sortr )r-r all_imagescam_rowsrf camera_namesrpimgryrrresult_camerascam_data total_images images_slicers radmin_user_images_jsonrs  B$Wb+>JzzmpwoyzDDFHCKL8aC+'=)998LLG%   #+//'&8JKGFO !((u:u:.1ggdm)CGGDM* *  $C ((156 7F 3s7<<++GR893? @EN#MMO8H-. )&%@ UNl2#M2"' -56E>4   ,67 !^, WMsGz/admin/share_linkcrtjdxsi}tt|j dxsd}t |j dxsd}t dt|d}|std d d d fSt|\}}|std d d d fStjjt|}tjj|std dd dfSt tj|dzz}t!||}td||dS)zGenerate a short-lived public share URL for an image. Admin-only endpoint to prevent user-level mass sharing without oversight. Body: { rel: 'User-photos/PICT_...', ttl_minutes: 30 } TrNrr& ttl_minutesiNr iFzNedostaje slika.rRrTNeispravno ime datoteke.zDatoteka ne postoji.<)r+r expires_at)rrZrrrr6rdrrr rospathjoinrexiststimer)r\rrrcamabs_pathexprs radmin_generate_share_linkrs   4 ( .BD )#dhhuo.C*D ECdhh}-9:Ka[%01K 55GHI3NN$GB 55OPQSVVVww||K-H 77>>( #55KLMsRR diik [2- -C #s #C tCsC DDr!z8/admin/user//camera//images.jsonrjc :|jrt|dk(stddidfSt}|j d||fj }|stddidfSt ||t}|Dcgc]}|jd|k(s|}}td ttjjd d }td tttjjd d d}t|} ||||z} ||z| k} g} | D]I}| j|d|d||jdrt|jdnddKt||d| | | | r||znd|dScc}w)N r(zInvalid camera IDrTzCSELECT camera_name FROM cameras WHERE user_id = ? AND camera_id = ?zCamera not foundrrjrrr rrrrrrr&rrl)rjrlrrrrcurrent_offset)isdigitr[r r rfetchonerrr6rrdrrrrcr) r-rjr cam_checkrr camera_imagesrrrrr result_imagess radmin_user_camera_images_jsonrs    C Nb$8!456;; B `cjlubvwAACI !345s::$Wb+>J%/TJS#''+2F)2SSJMTC ((156 7F 3s7<<++GR893? @E}%L 7L,.HMu:u:".1ggdm)CGGDM*     /#)1v~t  )Us FFz%/admin/user//cameras/addc tjdxsi}t|jddj }|jdxsdj }|j rt |dk(stddd d fS|r$t |d kDstjd |stdd d d fSt} |jd|fj}|rtddd d fS|jd|fj}|stddd dfS|jd|||f|j tdtjd|t!td|d|tddd S#t"$rYwxYw#t$j&$r}tddd dfcYd}~Sd}~wwxYw)NTrNrjr&rlrFzID kamere mora biti 12 brojeva.rRrTr[\w\s\-.]{1,60}Neispravan naziv kamere.z-SELECT user_id FROM cameras WHERE camera_id=?uKamera s tim ID već postoji.zSELECT id FROM users WHERE id=?zKorisnik ne postoji.rzi INSERT INTO cameras (user_id, camera_id, camera_name) VALUES (?, ?, ?) add_camerar- camera_id=z, name=r/uKamera je uspješno dodana.uGreška baze podataka.rV)rrZrrr6r7rr[r r9r:r rrr@rr rrArBrD)r-r\rjrlrexisting user_existses radmin_user_camera_addr@s   4 ( .BDDHH["-.446I88M*0b779K    C Nb$855VWXZ]]] #k*R/r||DVXc7d55OPQSVVV BU::MPY|\eeg u9XYZ\__ _jj!BWJOXXZ u9OPQSVV V  y+ . 0   \Y9O`glz|CmDOYZcYddklwkxMy z44QRSS    ==U55MNOQTTTUsN2F5 2F5<%F5"6F& F5& F2/F51F22F55G"GG"G"z(/admin/user//cameras/renamec&tjdxsi}t|jddj }|jdxsdj }|j rt |dk(stddd d fS|r$t |d kDstjd |stdd d d fSt} |jd|||f}|j|jdk(rtddd dfS tdtjd|t!td|tddiS#t"$rYwxYw#t$j&$rtddd dfcYSwxYw)NTrNrjr&rlrFzNeispravni podaci.rRrTrrrz@UPDATE cameras SET camera_name=? WHERE user_id=? AND camera_id=?rKamera nije pronađena.r rename_camerar-rr/r+r4rV)rrZrrr6r7rr[r r9r:r rr@rowcountrr rrArBrD)r-r\rjnew_namerrxs radmin_user_camera_renameris   4 ( .BDDHH["-.446I'-2446H    C Nb$855IJKSPP s8}r)>PRZ1[55OPQSVVV B Ljj[^fhoqz]{| <<1 u9RSTVYY Y  _GKK /cameras/deletecrtjdxsi}t|jddj }|j rt |dk(stdddd fSt} |jd ||f}|j|jd k(rtdd dd fS tdtjd|ttd|tddiS#t$rYwxYw#t j"$rtddddfcYSwxYw)NTrNrjr&rFzNeispravan ID kamere.rRrTz3DELETE FROM cameras WHERE user_id=? AND camera_id=?rrr delete_camerar-rr/r+r4rV)rrZrrr6r7rr[r r rr@rrr rrArBrD)r-r\rjrrxs radmin_user_camera_deletersR   4 ( .BDDHH["-.446I    C Nb$855LMNPSSS B LjjNQXZcPde <<1 u9RSTVYY Y  _GKK SELECT file_paths FROM cameras WHERE user_id=? AND camera_id=?rk,z?UPDATE cameras SET file_paths=? WHERE user_id=? AND camera_id=? delete_imagezrel=r/r+)"rrZrr6rdr rr rrrrrr startswithrrealpathrdirnameaccessW_OKremovePermissionErrorOSErrorrYr7basenamer@rBrDrr rrA)r\rr-r{rrownerr real_staticreal_abs parent_dirrtpfps name_onlykepts radmin_delete_imagersO   4 ( .BD )$((5"*= >C$((9%*+G g55HIJCOO s #FAs 55OPQSVVV B JJNQXZ]P^ _ h h jE 5_EFKKww||K-H&)nn^&D""''JZJZ[fJgKww)H   { +55OPQSVVV ww~~hWW__X. yyRWW-u9defhkk k ] IIh   jjY\ceh[ijssu 3|$&),&7&=&=c&BP&Baggi1779&BCP((-I"ys!rww'7'7':i'GNmnoNptwNwAsDy JJX[^[c[cdh[ikrtwZx y IIK w{{97M^ejxzAkBMQRUQVKW X It$ %%' lu9defhkk k ]u9UVWY\\ \ ] Qy ==       slL+-?M.,M$M$%M.9'M)!M)0M)46M.+3N+M!M! M!$ M..NN NNz/admin/logs.jsonc |tdtttjj ddd}t }|jd|fj}|jd|fj}g}|D]l}|j|dd|d xsd |d xs d |d xsd|d|dxsdd|djvsd|djvrdnddn|D]}|dxsd|d}|dxs|drd |dnd}|d}|r |dd|}|j|dd|d xsd |||dxsdd|djvsd |djvrd!ndd|jd"d#$t|d|t|d%S)&Nr rrrV SELECT ts, ip, user_id, username, event, detail, 'auth' as log_type FROM auth_log ORDER BY ts DESC LIMIT ? n SELECT aa.ts, aa.ip, aa.admin_user_id, aa.target_user_id, aa.action, aa.detail, 'admin' as log_type, au.username as admin_username, tu.username as target_username FROM admin_audit aa LEFT JOIN users au ON au.id = aa.admin_user_id LEFT JOIN users tu ON tu.id = aa.target_user_id ORDER BY aa.ts DESC LIMIT ? rAUTHr2Unknownr%User#r-?eventr3r&faillockr(info)rtyper2r%actionr3severityadmin_usernameAdmin#r0target_usernamer1ru → ADMINdeleterwarningc |dS)Nrrrs rrz!admin_logs_json..s$r!Trreverse)logsr)rrrdrrr6r rrrcr8rr r[) rr auth_logs admin_logsall_logslog admin_name target_name action_descs radmin_logs_jsonrs0 3s7<<++GS9:C@ AE B   8:   8:Hd)d)(yJJU3y>3HS2I+J'l(m)r#)S\-?-?-A#AVsSZ|OaOaOcEcio  )*Ms?7K6L.M +,rTWXhTi5=M9N8O1Poq (m  ]O5 >Kd)d)(y"!(m)r%-X1D1D1F%F(VYZbVcViViVkJk qw  & MM'M6 % 8} r!z/admin/logs/exportc ttjjddj}t dt t tjjddd}t}|jd|fj}|jd|fj}g}|D]}|j|d |d rt|d nd d |d xsd |dxs d|dxsd|d|dxsd d|djvsd|djvrdndd|D]}|dxsd|d}|dxs|drd|dnd }|d} |r |dd|} |j|d |d rt|d nd d |d xsd || |dxsd d!|djvsd"|djvrd#ndd|jd$d%&|d'k(r}d(d)l m} d(dl} tt t!j t#||d*} | | j%| d+d,-d.d/d0t t!j d1i2} | Sd(d)l m} d(dl}d(d3lm}|}|j-|}|j/gd4|D]3}|j/|d5|d6|d7|d |d|d|d|d8g5|j1d(| |j3d9d/d0t t!j d:i2S);Nformatcsvr riirrrr&rr2rr%rr-rrr3rrr(r)rsdatetimerr2r%rr3rrrr0rr1rz -> rrrrc |dS)Nrsrrs rrz#admin_logs_export..Gs+r!Trjsonr)Response)export_timestamp total_logsrF)indent ensure_asciirMzContent-Dispositionz attachment; filename=audit_logs_z.json)mimetyperX)StringIO) TimestampDateTimeTypeIPUsernameActionDetailSeverityrsrrrztext/csvz.csv)rrr6r8rrrdr rrrcrrflaskrrrr[dumpsrior writerwriterowseekgetvalue) format_typerrrrrrrrrrr response_dataresponserr outputrs radmin_logs_exportr  s,,""8U399;K 3s7<<++GT:;TB CE B   8:   8:HT03D #d),rd)(yJJU3y>3HS2I+J'l(m)r#)S\-?-?-A#AVsSZ|OaOaOcEcio  )*Ms?7K6L.M +,rTWXhTi5=M9N8O1Poq (m  ]O4 }=KT03D #d),rd)(y"!(m)r%-X1D1D1F%F(VYZbVcViViVkJk qw  ( MM.M=f" )#diik*: ;h-  JJ}QUJ C'*.NsSWS\S\S^O_N``e,fg   #F# klC OOK JF D JH H J    A OO *.NsSWS\S\S^O_N``d,ef  r!z$/admin/user//stats.jsonc t}|jd|fj}|stddidfS|jd|fj }|Dchc]}t |d}}t |}d}d}d} tjjtd} ddl } | jd } tj| D]7\} }}|D]*}|j}|jd sE|jd s4|jd s#|jd s|jdsjt!|\}}|s(| j#|}|r|dddD] }||vs|}n|s||vstjj| |} tj$|}|t)|j*z }|dz }|!ddlm}|j/|j0}| || ks)|} -:|jdd||dfj}|jd||dfj}|jdd|dfj}ddlm}|rt)|dn| rt)| j3nd}|rt)|dnd}|r|dndxsd}d}d} |r|dxsd|d}t)|d} t|d|dt)|dxsddk(d |||||||| d! Scc}w#t&$rY[wxYw)"NzKSELECT id, username, IFNULL(is_admin,0) AS is_admin FROM users WHERE id = ?r(z not foundrz/SELECT camera_id FROM cameras WHERE user_id = ?rjrz User-photosz[A-Za-z0-9]{12}z.jpgz.jpegz.pngz.gifz.webpr )rzfSELECT ts, ip FROM auth_log WHERE event = ? AND (user_id = ? OR username = ?) ORDER BY ts DESC LIMIT 1 login_successr%zSSELECT ts FROM auth_log WHERE (user_id = ? OR username = ?) ORDER BY ts ASC LIMIT 1z SELECT aa.ts, aa.admin_user_id, au.username as admin_username FROM admin_audit aa LEFT JOIN users au ON au.id = aa.admin_user_id WHERE aa.action = 'add_user' AND aa.detail LIKE ? ORDER BY aa.ts ASC LIMIT 1 r.rr2r&rzAdmin #r0r`ra)r`r%ra) userrb image_count total_bytes first_seen_ts last_login_ts last_login_ipcreated_by_username created_at_ts)r rrr rrrr[rrrrr9compilewalkr8endswithrfindallstatrrdst_sizer fromtimestampst_mtimers)!r-rurrfcam_idsrbr%r& earliest_tsrootr9 cam_any_redirpathr{filesnamenlrrmtokenrstrlast first_auth creation_infor'r(r)r*r+s! radmin_user_stats_jsonrCxs B `cjblmvvxA -.33zzKgZXaacH,45Hqs1[>"HG5wZopM'+CT OM#'T$ZR6BMM+,<=k7=YhKiJjAkM$/0 wAjMs1Z=K]\]G^bcGcd$""&&&2&   }66s"L-.L22 L?>L?)7__doc__rr9rBr;rrrrrrrrr r rr securityr auditrrpathsrrimages_servicerrhelpersrrrrr__name__bprouter rFrdrJr^rgr}rrrrrrrrrrr rCrr!rrMs9.  aaa$30Ett~x((66  fX.9/96 ,vh? 9s 9@ 9  06(C&93&9D&9V %%* 23&S&4&. 125C535p x0E1E0 DE*3*3*F*Z 1F8D$U3$UE$UN 4vhGLcLHL. 4vhGLcLHL( &2,&3,&^ <<~ i  i X 01O3O2Or!