aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2013-06-05 16:40:06 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2013-06-05 16:40:06 +0200
commit588c250513632d0e752b271e559fb34ee35f2989 (patch)
treed9927f59fbb123d560d956c011a059e65ec77fde
parentBe more quiet. (diff)
downloadzmusic-ng-588c250513632d0e752b271e559fb34ee35f2989.tar.xz
zmusic-ng-588c250513632d0e752b271e559fb34ee35f2989.zip
Allow folks to see their own statistics.
-rw-r--r--backend/zmusic/endpoints/stats.py27
-rw-r--r--backend/zmusic/login.py5
-rw-r--r--frontend/css/page.css15
-rw-r--r--frontend/index.html2
-rw-r--r--frontend/stats.html4
5 files changed, 41 insertions, 12 deletions
diff --git a/backend/zmusic/endpoints/stats.py b/backend/zmusic/endpoints/stats.py
index 13149ca..3ae4ca9 100644
--- a/backend/zmusic/endpoints/stats.py
+++ b/backend/zmusic/endpoints/stats.py
@@ -1,29 +1,42 @@
from zmusic import app, db
from zmusic.database import Download
-from zmusic.login import admin_required
-from flask import jsonify
+from zmusic.login import login_required, is_admin
+from flask import jsonify, request, abort
import socket
+def clean_ip():
+ ip = request.remote_addr
+ if (ip.find('::ffff:') == 0 and len(ip) > len('::ffff:')):
+ ip = ip[len('::ffff:'):]
+ return ip
+
@app.route('/stats')
@app.route('/stats/')
-@admin_required
+@login_required
def stats_all_ips():
ips = []
socket.setdefaulttimeout(2)
- for ip in db.session.query(Download.ip).group_by(Download.ip).order_by(db.desc(db.func.max(Download.time))):
+ if is_admin():
+ iterations = [a.ip for a in db.session.query(Download.ip).group_by(Download.ip).order_by(db.desc(db.func.max(Download.time)))]
+ else:
+ iterations = [clean_ip()]
+
+ for ip in iterations:
try:
- host = socket.gethostbyaddr(ip.ip)[0]
+ host = socket.gethostbyaddr(ip)[0]
except:
host = None
- ips.append({ "ip": ip.ip, "host": host })
+ ips.append({ "ip": ip, "host": host })
response = jsonify(downloaders=ips)
response.cache_control.no_cache = True
return response
@app.route('/stats/<ip>')
-@admin_required
+@login_required
def stats_for_ip(ip):
+ if not is_admin() and ip != clean_ip():
+ return abort(403)
songlist = []
for song in Download.query.filter((Download.ip == ip) & (Download.leader_id == None)).order_by(Download.leader_id).order_by(db.desc(Download.time)):
if song.is_zip:
diff --git a/backend/zmusic/login.py b/backend/zmusic/login.py
index e625736..6e7b270 100644
--- a/backend/zmusic/login.py
+++ b/backend/zmusic/login.py
@@ -34,11 +34,14 @@ def login_required(fn):
def admin_required(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
- if query_is_admin_user(request.args) or (current_user.is_authenticated() and current_user.admin):
+ if is_admin():
return fn(*args, **kwargs)
return app.login_manager.unauthorized()
return decorated_view
+def is_admin():
+ return query_is_admin_user(request.args) or (current_user.is_authenticated() and current_user.admin)
+
def query_is_music_user(query):
username = query.get("username", None)
password = query.get("password", None)
diff --git a/frontend/css/page.css b/frontend/css/page.css
index f1c22d6..514f358 100644
--- a/frontend/css/page.css
+++ b/frontend/css/page.css
@@ -12,7 +12,20 @@
overflow: auto;
-webkit-overflow-scrolling: touch;
}
-
+#stats {
+ position: absolute;
+ bottom: 1px;
+ right: 1px;
+ font-size: 9px;
+ line-height: 9px;
+}
+#stats a {
+ color: #bbbbbb;
+}
+#stats a:hover {
+ color: #dddddd;
+ text-decoration: none;
+}
#controls {
position: absolute;
bottom: 60px;
diff --git a/frontend/index.html b/frontend/index.html
index 8de380b..54f602a 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -72,6 +72,6 @@
</div>
<div id="loading"><i class="icon-cog icon-spin"></i></div>
<i title="Show entire query" class="icon-double-angle-down" id="loadall"></i>
-
+<div id="stats"><a target="_blank" href="stats.html">stats</a></div>
</body>
</html>
diff --git a/frontend/stats.html b/frontend/stats.html
index 7113e86..e15e278 100644
--- a/frontend/stats.html
+++ b/frontend/stats.html
@@ -70,8 +70,8 @@ function loadIps() {
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (xhr.readyState == 2 && xhr.status == 403) {
- alert("You must be logged in as an administrative user to view this page.\n\nAfter you're logged out, go to the main music page, and login with the admin creds.");
- window.location = "logout";
+ alert("You must be logged in to view this page.");
+ window.location = "/";
return;
}
if (xhr.readyState != 4)