Spaces:
Sleeping
Sleeping
Update main.py
Browse files
main.py
CHANGED
|
@@ -14,6 +14,7 @@ import pandas as pd
|
|
| 14 |
import requests
|
| 15 |
from urllib.parse import urlparse, unquote
|
| 16 |
import datetime
|
|
|
|
| 17 |
|
| 18 |
|
| 19 |
app = Flask(__name__)
|
|
@@ -256,17 +257,27 @@ def get_spending_overview():
|
|
| 256 |
def verify_admin(auth_header):
|
| 257 |
if not auth_header or not auth_header.startswith('Bearer '):
|
| 258 |
raise ValueError('Invalid token')
|
| 259 |
-
|
| 260 |
token = auth_header.split(' ')[1]
|
| 261 |
uid = verify_token(token)
|
| 262 |
if not uid:
|
| 263 |
raise PermissionError('Invalid user')
|
| 264 |
-
|
| 265 |
user_ref = db.reference(f'users/{uid}')
|
| 266 |
user_data = user_ref.get()
|
| 267 |
if not user_data or not user_data.get('is_admin', False):
|
| 268 |
raise PermissionError('Admin access required')
|
| 269 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 270 |
# ========================================
|
| 271 |
# New Admin Endpoints
|
| 272 |
# ========================================
|
|
@@ -428,10 +439,17 @@ def view_receipt(transaction_id):
|
|
| 428 |
if not blob_path:
|
| 429 |
return jsonify({'error': 'Could not determine blob path from URL'}), 500
|
| 430 |
|
|
|
|
|
|
|
| 431 |
blob = bucket.blob(blob_path)
|
| 432 |
-
|
| 433 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 434 |
r = requests.get(signed_url)
|
|
|
|
| 435 |
if r.status_code != 200:
|
| 436 |
return jsonify({'error': 'Unable to fetch image from storage'}), 500
|
| 437 |
|
|
@@ -457,13 +475,20 @@ def download_receipt(transaction_id):
|
|
| 457 |
if not blob_path:
|
| 458 |
return jsonify({'error': 'Could not determine blob path from URL'}), 500
|
| 459 |
|
|
|
|
|
|
|
| 460 |
blob = bucket.blob(blob_path)
|
| 461 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 462 |
r = requests.get(signed_url)
|
|
|
|
| 463 |
if r.status_code != 200:
|
| 464 |
return jsonify({'error': 'Unable to fetch image from storage'}), 500
|
| 465 |
|
| 466 |
-
# Use attachment_filename if you're on Flask 1.x; if using Flask 2.x, you can replace it with download_name.
|
| 467 |
return send_file(
|
| 468 |
io.BytesIO(r.content),
|
| 469 |
mimetype='image/jpeg',
|
|
@@ -509,7 +534,6 @@ def delete_user(uid):
|
|
| 509 |
except Exception as e:
|
| 510 |
return jsonify({'error': str(e)}), 500
|
| 511 |
|
| 512 |
-
# ... (rest of the code remains the same)
|
| 513 |
|
| 514 |
if __name__ == '__main__':
|
| 515 |
app.run(debug=True, host="0.0.0.0", port=7860)
|
|
|
|
| 14 |
import requests
|
| 15 |
from urllib.parse import urlparse, unquote
|
| 16 |
import datetime
|
| 17 |
+
from datetime import timedelta
|
| 18 |
|
| 19 |
|
| 20 |
app = Flask(__name__)
|
|
|
|
| 257 |
def verify_admin(auth_header):
|
| 258 |
if not auth_header or not auth_header.startswith('Bearer '):
|
| 259 |
raise ValueError('Invalid token')
|
| 260 |
+
|
| 261 |
token = auth_header.split(' ')[1]
|
| 262 |
uid = verify_token(token)
|
| 263 |
if not uid:
|
| 264 |
raise PermissionError('Invalid user')
|
| 265 |
+
|
| 266 |
user_ref = db.reference(f'users/{uid}')
|
| 267 |
user_data = user_ref.get()
|
| 268 |
if not user_data or not user_data.get('is_admin', False):
|
| 269 |
raise PermissionError('Admin access required')
|
| 270 |
|
| 271 |
+
# **Set custom claim here AFTER admin verification is successful:**
|
| 272 |
+
try:
|
| 273 |
+
auth.set_custom_user_claims(uid, {"admin": True})
|
| 274 |
+
print(f"Custom admin claim set for user {uid}") # Optional log
|
| 275 |
+
except Exception as e:
|
| 276 |
+
print(f"Error setting custom admin claim: {e}") # Log any errors
|
| 277 |
+
raise PermissionError('Error setting admin claim, but admin verified') # Or handle error as needed
|
| 278 |
+
|
| 279 |
+
return uid # Return uid as before
|
| 280 |
+
|
| 281 |
# ========================================
|
| 282 |
# New Admin Endpoints
|
| 283 |
# ========================================
|
|
|
|
| 439 |
if not blob_path:
|
| 440 |
return jsonify({'error': 'Could not determine blob path from URL'}), 500
|
| 441 |
|
| 442 |
+
print(f"Blob path for view: {blob_path}") # Debug log
|
| 443 |
+
|
| 444 |
blob = bucket.blob(blob_path)
|
| 445 |
+
if not blob.exists():
|
| 446 |
+
print("Blob does not exist at path:", blob_path)
|
| 447 |
+
return jsonify({'error': 'Blob not found'}), 404
|
| 448 |
+
|
| 449 |
+
signed_url = blob.generate_signed_url(expiration=timedelta(minutes=10))
|
| 450 |
+
print(f"Signed URL for view: {signed_url}") # Debug log
|
| 451 |
r = requests.get(signed_url)
|
| 452 |
+
print(f"View endpoint response status: {r.status_code}") # Debug log
|
| 453 |
if r.status_code != 200:
|
| 454 |
return jsonify({'error': 'Unable to fetch image from storage'}), 500
|
| 455 |
|
|
|
|
| 475 |
if not blob_path:
|
| 476 |
return jsonify({'error': 'Could not determine blob path from URL'}), 500
|
| 477 |
|
| 478 |
+
print(f"Blob path for download: {blob_path}") # Debug log
|
| 479 |
+
|
| 480 |
blob = bucket.blob(blob_path)
|
| 481 |
+
if not blob.exists():
|
| 482 |
+
print("Blob does not exist at path:", blob_path)
|
| 483 |
+
return jsonify({'error': 'Blob not found'}), 404
|
| 484 |
+
|
| 485 |
+
signed_url = blob.generate_signed_url(expiration=timedelta(minutes=10))
|
| 486 |
+
print(f"Signed URL for download: {signed_url}") # Debug log
|
| 487 |
r = requests.get(signed_url)
|
| 488 |
+
print(f"Download endpoint response status: {r.status_code}") # Debug log
|
| 489 |
if r.status_code != 200:
|
| 490 |
return jsonify({'error': 'Unable to fetch image from storage'}), 500
|
| 491 |
|
|
|
|
| 492 |
return send_file(
|
| 493 |
io.BytesIO(r.content),
|
| 494 |
mimetype='image/jpeg',
|
|
|
|
| 534 |
except Exception as e:
|
| 535 |
return jsonify({'error': str(e)}), 500
|
| 536 |
|
|
|
|
| 537 |
|
| 538 |
if __name__ == '__main__':
|
| 539 |
app.run(debug=True, host="0.0.0.0", port=7860)
|