Merge pull request #40 from flask-dashboard/development

mircealungu · web-flow · commit 13c343c8f916 · 2017-09-26T13:06:21.000+02:00
Multiple guest passwords, plot updates, improved security against guests downloading data
diff --git a/README.md b/README.md
@@ -47,7 +47,7 @@ The following things can be configured:
     USERNAME=admin
     PASSWORD=admin
     GUEST_USERNAME=guest
-    GUEST_PASSWORD=dashboardguest!
+    GUEST_PASSWORD=['dashboardguest!', 'second_pw!']
     DATABASE=sqlite:////<path to your project>/dashboard.db
     GIT=/<path to your project>/dashboard/.git/
     TEST_DIR=/<path to your project>/dashboard/tests/
diff --git a/dashboard/config.py b/dashboard/config.py
@@ -20,7 +20,7 @@ def __init__(self):
         self.username = 'admin'
         self.password = 'admin'
         self.guest_username = 'guest'
-        self.guest_password = 'guest_password'
+        self.guest_password = ['guest_password']
         self.outlier_detection_constant = 2.5
         self.colors = {}
 
@@ -97,7 +97,7 @@ def from_file(self, config_file):
             if parser.has_option('dashboard', 'GUEST_USERNAME'):
                 self.guest_username = parser.get('dashboard', 'GUEST_USERNAME')
             if parser.has_option('dashboard', 'GUEST_PASSWORD'):
-                self.guest_password = parser.get('dashboard', 'GUEST_PASSWORD')
+                self.guest_password = ast.literal_eval(parser.get('dashboard', 'GUEST_PASSWORD'))
 
             # when an outlier detection constant has been set up:
             if parser.has_option('dashboard', 'OUTLIER_DETECTION_CONSTANT'):
diff --git a/dashboard/routings/measurements.py b/dashboard/routings/measurements.py
@@ -8,7 +8,7 @@
 from dashboard.database.endpoint import get_last_accessed_times, get_num_requests
 from dashboard.database.function_calls import get_times, get_reqs_endpoint_day, get_versions, get_data_per_version, \
     get_endpoints, get_data_per_endpoint
-from dashboard.security import secure
+from dashboard.security import secure, is_admin
 from dashboard.colors import get_color
 
 
@@ -18,8 +18,9 @@ def overview():
     colors = {}
     for result in get_times():
         colors[result.endpoint] = get_color(result.endpoint)
-    return render_template('dashboard/measurement-overview.html', link=config.link, curr=2, times=get_times(), colors=colors,
-                           access=get_last_accessed_times(), session=session, index=0)
+    return render_template('dashboard/measurement-overview.html', link=config.link, curr=2, times=get_times(),
+                           colors=colors, access=get_last_accessed_times(), session=session, index=0,
+                           is_admin=is_admin())
 
 
 @blueprint.route('/measurements/heatmap')
diff --git a/dashboard/routings/result.py b/dashboard/routings/result.py
@@ -1,4 +1,5 @@
 import datetime
+import math
 import plotly
 import plotly.graph_objs as go
 
@@ -18,6 +19,10 @@
 from dashboard.colors import get_color
 
 
+# Constants
+BUBBLE_SIZE_RATIO = 1250
+
+
 @blueprint.route('/result/<end>/heatmap')
 @secure
 def result_heatmap(end):
@@ -197,7 +202,8 @@ def get_hits_per_hour(end):
 def get_time_per_version_per_user(end, versions):
     user_data = {}
     data = [t.execution_time for t in get_all_measurement(end)]
-    average = sum(data) / len(data)
+    # compute the average for determining the size of the bubbles in the plot
+    average = math.sqrt(sum(data) / len(data)) / BUBBLE_SIZE_RATIO
 
     for d in [str(c.group_by) for c in get_endpoint_column(end, FunctionCall.group_by)]:
         user_data[d] = {}
@@ -228,9 +234,9 @@ def get_time_per_version_per_user(end, versions):
                 name=d,
                 mode='markers',
                 marker=dict(
-                    color=[get_color(h) for h in versions],
-                    size=data,
-                    sizeref=average/1250,  # larger sizeref decreases size of the dot
+                    color=[get_color(d)] * len(versions),
+                    size=[math.sqrt(d) for d in data],
+                    sizeref=average,
                     sizemode='area'
                 )
             ))
@@ -283,7 +289,8 @@ class SelectionForm(FlaskForm):
 def get_time_per_version_per_ip(end, versions):
     ip_data = {}
     data = [t.execution_time for t in get_all_measurement(end)]
-    average = sum(data) / len(data)
+    # compute the average for determining the default size
+    average = math.sqrt(sum(data) / len(data)) / 1250
     for d in [str(c.ip) for c in get_endpoint_column(end, FunctionCall.ip)]:
         ip_data[d] = {}
         for v in versions:
@@ -314,9 +321,9 @@ def get_time_per_version_per_ip(end, versions):
                 name=d,
                 mode='markers',
                 marker=dict(
-                    color=[get_color(h) for h in versions],
-                    size=data,
-                    sizeref=average / 1250,  # larger sizeref decreases size of the dot
+                    color=[get_color(d)] * len(versions),
+                    size=[math.sqrt(d) for d in data],
+                    sizeref=average,
                     sizemode='area'
                 )
             ))
@@ -354,7 +361,7 @@ def get_time_per_version(end, versions):
         data.append(go.Box(
             x=values,
             marker=dict(
-                color=get_color(v.version)
+                color=get_color(end)
             ),
             name="{0} {1}".format(v.version, v.startedUsingOn.strftime("%b %d %H:%M"))))
 
diff --git a/dashboard/security.py b/dashboard/security.py
@@ -36,18 +36,15 @@ def wrapper(*args, **kwargs):
     return wrapper
 
 
-def security(admin_only=False):
-    def decorator(f):
-        print(admin_only)
-        return f
-    return decorator
+def is_admin():
+    return session and session.get(config.link + '_admin')
 
 
 def check_login(name, password):
     if name == config.username and password == config.password:
         on_login(admin=True)
         return True
-    elif name == config.guest_username and password == config.guest_password:
+    elif name == config.guest_username and password in config.guest_password:
         on_login(admin=False)
         return True
     return False
diff --git a/dashboard/templates/dashboard/measurement-overview.html b/dashboard/templates/dashboard/measurement-overview.html
@@ -17,13 +17,16 @@
                             href="{{ url_for('dashboard.page_boxplot_per_endpoint') }}">Time per endpoint</a></li>
                 </ul>
 
-                <div class="panel-heading">
-                    Overview
-                    <a href="{{ url_for('dashboard.download_csv') }}" class="btn btn-primary btn-sm right-align-custom">Download
-                        CSV</a>
-                    <a href="{{ url_for('dashboard.export_data') }}" class="btn btn-primary btn-sm right-align-custom">View
-                        CSV</a>
-                </div>
+                {%  if is_admin %}
+                    <div class="panel-heading">
+                        Overview
+                        <a href="{{ url_for('dashboard.download_csv') }}" class="btn btn-primary btn-sm right-align-custom">Download
+                            CSV</a>
+                        <a href="{{ url_for('dashboard.export_data') }}" class="btn btn-primary btn-sm right-align-custom">View
+                            CSV</a>
+                    </div>
+                {% endif %}
+
                 <br/>
                 <div class="panel-body">
                     <div class="table-responsive">
