53c393b49b
- Permissions 100% depuis user_permissions (plus de hardcode) - Middleware injecte perms dans chaque requête - Créneaux auto: 09h-12h30 / 14h-16h45, pas 15min, hprod lun-mar, prod mer-jeu - Assignations par défaut: par domaine, app_type, zone, serveur (table default_assignments) - Auto-liaison app_group: même intervenant recette+prod - Audit Splunk: /var/log/patchcenter_audit.json (JSON one-line par event) - Login/logout/campagnes/prereqs loggés en base + fichier - Page erreur maintenance (500/404) avec contact SecOps - Accents français dans toute lUI - Operator affiché comme Intervenant - Session 1h, redirect / vers dashboard si connecté - Demo mode prereqs (DEMO_MODE=True) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
86 lines
2.9 KiB
Python
86 lines
2.9 KiB
Python
"""PatchCenter v2 — Entry point FastAPI"""
|
|
from fastapi import FastAPI, Request
|
|
from fastapi.responses import RedirectResponse
|
|
from fastapi.staticfiles import StaticFiles
|
|
from starlette.middleware.base import BaseHTTPMiddleware
|
|
from .config import APP_NAME, APP_VERSION
|
|
from .dependencies import get_current_user, get_user_perms
|
|
from .database import SessionLocal
|
|
from .routers import auth, dashboard, servers, settings, users, campaigns, planning, specifics, audit
|
|
|
|
|
|
class PermissionsMiddleware(BaseHTTPMiddleware):
|
|
"""Injecte user + perms dans request.state pour tous les templates"""
|
|
async def dispatch(self, request: Request, call_next):
|
|
user = get_current_user(request)
|
|
perms = {}
|
|
if user:
|
|
db = SessionLocal()
|
|
try:
|
|
perms = get_user_perms(db, user)
|
|
finally:
|
|
db.close()
|
|
request.state.user = user
|
|
request.state.perms = perms
|
|
response = await call_next(request)
|
|
return response
|
|
|
|
|
|
app = FastAPI(title=APP_NAME, version=APP_VERSION)
|
|
app.add_middleware(PermissionsMiddleware)
|
|
app.mount("/static", StaticFiles(directory="app/static"), name="static")
|
|
|
|
app.include_router(auth.router)
|
|
app.include_router(dashboard.router)
|
|
app.include_router(servers.router)
|
|
app.include_router(settings.router)
|
|
app.include_router(users.router)
|
|
app.include_router(campaigns.router)
|
|
app.include_router(planning.router)
|
|
app.include_router(specifics.router)
|
|
app.include_router(audit.router)
|
|
|
|
|
|
@app.get("/")
|
|
async def root(request: Request):
|
|
user = get_current_user(request)
|
|
if user:
|
|
return RedirectResponse(url="/dashboard")
|
|
return RedirectResponse(url="/login")
|
|
|
|
|
|
@app.get("/health")
|
|
async def health():
|
|
return {"status": "ok", "app": APP_NAME, "version": APP_VERSION}
|
|
|
|
|
|
# --- Error handlers ---
|
|
from fastapi.templating import Jinja2Templates
|
|
_error_templates = Jinja2Templates(directory="app/templates")
|
|
|
|
@app.exception_handler(500)
|
|
async def internal_error(request: Request, exc):
|
|
return _error_templates.TemplateResponse("error.html", {
|
|
"request": request, "code": 500,
|
|
"title": "Application en maintenance",
|
|
"message": "Une erreur interne est survenue. L'équipe technique a été notifiée.",
|
|
}, status_code=500)
|
|
|
|
@app.exception_handler(404)
|
|
async def not_found(request: Request, exc):
|
|
return _error_templates.TemplateResponse("error.html", {
|
|
"request": request, "code": 404,
|
|
"title": "Page introuvable",
|
|
"message": "La page demandée n'existe pas.",
|
|
}, status_code=404)
|
|
|
|
@app.exception_handler(Exception)
|
|
async def generic_error(request: Request, exc):
|
|
import traceback
|
|
traceback.print_exc()
|
|
return _error_templates.TemplateResponse("error.html", {
|
|
"request": request, "code": 500,
|
|
"title": "Application en maintenance",
|
|
"message": "Une erreur interne est survenue. L'équipe technique a été notifiée.",
|
|
}, status_code=500)
|