notid/rothbard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

much better

Browse Source
This commit is contained in:
Bryce
2025-11-09 20:44:26 -08:00
parent b3a96cab1e
commit bafa9190e2
7 changed files with 362 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

231
app.py
View File

@@ -83,19 +83,46 @@ def login_required(view):
def get_user_profile(uid: str):
"""Fetch user's Firestore profile: users/{uid} => { enabled, caseEmail, is_admin }"""
"""Fetch user's Firestore profile: users/{uid} => { enabled, case_email, is_admin, user_email }"""
doc_ref = db.collection("users").document(uid)
snap = doc_ref.get()
if not snap.exists:
# bootstrap a placeholder doc so admins can fill it in
doc_ref.set({"enabled": False}, merge=True)
return {"enabled": False, "caseEmail": None, "is_admin": False}
# Get user email from Firebase Auth
try:
user = fb_auth.get_user(uid)
user_email = user.email
except Exception:
user_email = None
doc_ref.set({
"enabled": False,
"is_admin": False,
"user_email": user_email,
"case_email": user_email
}, merge=True)
return {
"enabled": False,
"is_admin": False,
"user_email": user_email,
"case_email": user_email
}
data = snap.to_dict() or {}
return {
"enabled": bool(data.get("enabled", False)),
"caseEmail": data.get("caseEmail"),
"is_admin": bool(data.get("is_admin", False))
"is_admin": bool(data.get("is_admin", False)),
"user_email": data.get("user_email"),
"case_email": data.get("case_email")
}
@app.context_processor
def inject_user_profile():
"""Make user profile available in all templates"""
if 'uid' in session:
profile = get_user_profile(session['uid'])
return {'get_user_profile': lambda uid: profile if uid == session['uid'] else get_user_profile(uid)}
return {'get_user_profile': lambda uid: {}}
def get_firestore_document(collection_name: str, document_id: str):
"""
Retrieve a specific document from Firestore.
@@ -114,66 +141,13 @@ def get_firestore_document(collection_name: str, document_id: str):
else:
return None
def convert_to_pacific_time(date_str):
"""Convert UTC date string to Pacific Time and format as YYYY-MM-DD.
Args:
date_str (str): UTC date string in ISO 8601 format (e.g., "2025-10-24T19:20:22.377Z")
Returns:
str: Date formatted as YYYY-MM-DD in Pacific Time, or empty string if input is empty
"""
if not date_str:
return ''
try:
# Parse the UTC datetime
utc_time = datetime.fromisoformat(date_str.replace('Z', '+00:00'))
# Set timezone to UTC
utc_time = utc_time.replace(tzinfo=pytz.UTC)
# Convert to Pacific Time
pacific_time = utc_time.astimezone(pytz.timezone('America/Los_Angeles'))
# Format as YYYY-MM-DD
return pacific_time.strftime('%Y-%m-%d')
except (ValueError, AttributeError) as e:
print(f"[WARN] Date conversion failed for '{date_str}': {e}")
return ''
def fetch_all_projects():
"""Fetch all projects for a user and store them in Firestore"""
# This function is now only used by sync.py
# In production, this should be removed or marked as deprecated
print("Fetching projects....")
# Initialize Filevine client
client = FilevineClient()
bearer = client.get_bearer_token()
# List projects (all pages)
projects = client.list_all_projects()
projects = projects[:]
# Fetch details for each
detailed_rows = []
# This functionality has been moved to sync.py
# The worker_pool module has been removed
# This function is kept for backward compatibility but should not be used in production
print("[DEPRECATED] fetch_all_projects() is deprecated. Use sync.py instead.")
return []
@app.route("/")
def index():
uid = session.get("uid")
if not uid:
return redirect(url_for("login"))
profile = get_user_profile(uid)
if profile.get("enabled") and profile.get("caseEmail"):
if profile.get("enabled") and profile.get("case_email"):
return redirect(url_for("dashboard"))
return redirect(url_for("welcome"))
@@ -236,20 +210,22 @@ def dashboard(page=1):
if not profile.get("enabled"):
return redirect(url_for("welcome"))
# If user is admin and caseEmail query parameter is provided, use that instead
case_email = profile.get("caseEmail")
if profile.get("is_admin") and request.args.get('case_email'):
is_admin = profile.get("is_admin")
case_email = None
if not is_admin:
case_email = profile.get("case_email")
if not case_email:
return redirect(url_for("welcome"))
if is_admin and request.args.get('case_email'):
case_email = request.args.get('case_email').lower()
# Validate email format
if '@' not in case_email:
return abort(400, "Invalid email format")
if not case_email:
return redirect(url_for("welcome"))
# Pagination settings
per_page = 25
offset = (page - 1) * per_page
query = None
# Get total count efficiently using a count aggregation query
try:
@@ -258,7 +234,11 @@ def dashboard(page=1):
start_time = time.time()
projects_ref = db.collection("projects")
# Filter projects where case_email is in viewing_emails array
query = projects_ref.where("viewing_emails", "array_contains", case_email.lower())
if case_email:
query = projects_ref.where("viewing_emails", "array_contains", case_email.lower())
else:
query = projects_ref
total_projects = int(query.count().get()[0][0].value)
end_time = time.time()
print(f"Filtered projects count: {total_projects} (took {end_time - start_time:.2f}s)")
@@ -273,7 +253,11 @@ def dashboard(page=1):
import time
start_time = time.time()
# Filter projects where case_email is in viewing_emails array
projects_ref = db.collection("projects").where("viewing_emails", "array_contains", case_email.lower()).order_by("matter_description").limit(per_page).offset(offset)
if case_email:
projects_ref = db.collection("projects").where("viewing_emails", "array_contains", case_email.lower()).order_by("matter_description").limit(per_page).offset(offset)
else:
projects_ref = db.collection("projects").order_by("matter_description").limit(per_page).offset(offset)
docs = projects_ref.stream()
paginated_rows = []
@@ -295,6 +279,119 @@ def dashboard(page=1):
per_page=per_page)
@app.route("/admin/users")
@app.route("/admin/users/<int:page>")
@login_required
def admin_users(page=1):
"""Admin page to manage all users"""
uid = session.get("uid")
profile = get_user_profile(uid)
# Only admins can access this page
if not profile.get("is_admin"):
abort(403, "Access denied. Admin privileges required.")
# Pagination settings
per_page = 25
offset = (page - 1) * per_page
# Get all users from Firestore
try:
# Get total count of users
users_ref = db.collection("users")
total_users = int(users_ref.count().get()[0][0].value)
# Get users for current page
users_query = users_ref.order_by("user_email").limit(per_page).offset(offset)
docs = users_query.stream()
users = []
for doc in docs:
user_data = doc.to_dict()
users.append({
"uid": doc.id,
"user_email": user_data.get("user_email", ""),
"case_email": user_data.get("case_email", ""),
"enabled": bool(user_data.get("enabled", False)),
"is_admin": bool(user_data.get("is_admin", False))
})
except Exception as e:
print(f"[ERR] Failed to fetch users: {e}")
users = []
total_users = 0
# Calculate pagination
total_pages = (total_users + per_page - 1) // per_page # Ceiling division
return render_template("admin_users.html",
users=users,
current_page=page,
total_pages=total_pages,
total_users=total_users,
per_page=per_page)
@app.route("/admin/users/<uid>")
@login_required
def admin_user_detail(uid):
"""Show user details for admin"""
uid = session.get("uid")
profile = get_user_profile(uid)
# Only admins can access this page
if not profile.get("is_admin"):
abort(403, "Access denied. Admin privileges required.")
# Get user data
user_doc = db.collection("users").document(uid).get()
if not user_doc.exists:
abort(404, "User not found")
user_data = user_doc.to_dict()
user = {
"uid": uid,
"user_email": user_data.get("user_email", ""),
"case_email": user_data.get("case_email", ""),
"enabled": bool(user_data.get("enabled", False)),
"is_admin": bool(user_data.get("is_admin", False))
}
return render_template("admin_user_edit.html", user=user)
@app.route("/admin/users/update", methods=["POST"])
@login_required
def update_user():
"""Update user information"""
uid = session.get("uid")
profile = get_user_profile(uid)
# Only admins can update users
if not profile.get("is_admin"):
abort(403, "Access denied. Admin privileges required.")
try:
data = request.get_json()
if not data:
abort(400, "Invalid JSON data")
target_uid = data.get("uid")
if not target_uid:
abort(400, "User ID is required")
# Update user in Firestore
user_ref = db.collection("users").document(target_uid)
user_ref.update({
"enabled": data.get("enabled", False),
"is_admin": data.get("is_admin", False),
"case_email": data.get("case_email", "")
})
return jsonify({"success": True})
except Exception as e:
print(f"[ERR] Failed to update user: {e}")
abort(500, "Failed to update user")
# GAE compatibility
if __name__ == "__main__":
app.run(debug=True, host="0.0.0.0", port=int(os.environ.get("PORT", "5004")))

29
sync.py
View File

@@ -15,7 +15,34 @@ import pytz
# Add the current directory to the Python path so we can import app and models
sys.path.append(os.path.dirname(os.path.abspath(__file__)))
from app import fetch_all_projects, convert_to_pacific_time
def convert_to_pacific_time(date_str):
"""Convert UTC date string to Pacific Time and format as YYYY-MM-DD.
Args:
date_str (str): UTC date string in ISO 8601 format (e.g., "2025-10-24T19:20:22.377Z")
Returns:
str: Date formatted as YYYY-MM-DD in Pacific Time, or empty string if input is empty
"""
if not date_str:
return ''
try:
# Parse the UTC datetime
utc_time = datetime.fromisoformat(date_str.replace('Z', '+00:00'))
# Set timezone to UTC
utc_time = utc_time.replace(tzinfo=pytz.UTC)
# Convert to Pacific Time
pacific_time = utc_time.astimezone(pytz.timezone('America/Los_Angeles'))
# Format as YYYY-MM-DD
return pacific_time.strftime('%Y-%m-%d')
except (ValueError, AttributeError) as e:
print(f"[WARN] Date conversion failed for '{date_str}': {e}")
return ''
from models.project_model import ProjectModel
from filevine_client import FilevineClient

101
templates/_pagination.html
View File

@@ -1,74 +1,31 @@
<div class="flex justify-between items-center mt-4 px-2">
<div class="text-sm text-gray-700">
Showing {{ ((current_page - 1) * per_page) + 1 }} to
{% if current_page * per_page < total_projects %}
{{ current_page * per_page }}
{% else %}
{{ total_projects }}
{% endif %}
of {{ total_projects }} projects
</div>
{% if total_pages > 1 %}
<div class="flex justify-center items-center mt-6 space-x-2">
{% if current_page > 1 %}
<a href="{{ url_for(request.endpoint, page=current_page - 1) }}" class="px-3 py-2 text-sm text-slate-600 bg-white border border-slate-300 rounded-md hover:bg-slate-50">
Previous
</a>
{% else %}
<span class="px-3 py-2 text-sm text-slate-400 bg-white border border-slate-300 rounded-md cursor-not-allowed">Previous</span>
{% endif %}
<div class="flex space-x-2">
<!-- Previous Button -->
{% if current_page > 1 %}
<a href="{{ url_for('dashboard', page=current_page - 1) }}"
class="px-3 py-1 text-sm bg-gray-100 text-gray-700 rounded hover:bg-gray-200 transition-colors">
Previous
</a>
{% else %}
<span class="px-3 py-1 text-sm text-gray-400 bg-gray-50 rounded cursor-not-allowed">
Previous
</span>
{% for page in range(1, total_pages + 1) %}
{% if page == current_page %}
<span class="px-3 py-2 text-sm font-medium text-white bg-blue-600 border border-blue-600 rounded-md">{{ page }}</span>
{% elif page == 1 or page == total_pages or (page >= current_page - 2 and page <= current_page + 2) %}
<a href="{{ url_for(request.endpoint, page=page) }}" class="px-3 py-2 text-sm text-slate-600 bg-white border border-slate-300 rounded-md hover:bg-slate-50">
{{ page }}
</a>
{% elif page == current_page - 3 or page == current_page + 3 %}
<span class="px-3 py-2 text-sm text-slate-400">...</span>
{% endif %}
<!-- Page Numbers -->
{% set start_page = [1, current_page - 2]|max %}
{% set end_page = [total_pages, current_page + 2]|min %}
{% if start_page > 1 %}
<a href="{{ url_for('dashboard', page=1) }}"
class="px-3 py-1 text-sm bg-gray-100 text-gray-700 rounded hover:bg-gray-200 transition-colors">
1
</a>
{% if start_page > 2 %}
<span class="px-3 py-1 text-sm text-gray-400">...</span>
{% endif %}
{% endif %}
{% for page_num in range(start_page, end_page + 1) %}
{% if page_num == current_page %}
<span class="px-3 py-1 text-sm bg-blue-600 text-white rounded">
{{ page_num }}
</span>
{% else %}
<a href="{{ url_for('dashboard', page=page_num) }}"
class="px-3 py-1 text-sm bg-gray-100 text-gray-700 rounded hover:bg-gray-200 transition-colors">
{{ page_num }}
</a>
{% endif %}
{% endfor %}
{% if end_page < total_pages %}
{% if end_page < total_pages - 1 %}
<span class="px-3 py-1 text-sm text-gray-400">...</span>
{% endif %}
<a href="{{ url_for('dashboard', page=total_pages) }}"
class="px-3 py-1 text-sm bg-gray-100 text-gray-700 rounded hover:bg-gray-200 transition-colors">
{{ total_pages }}
</a>
{% endif %}
<!-- Next Button -->
{% if current_page < total_pages %}
<a href="{{ url_for('dashboard', page=current_page + 1) }}"
class="px-3 py-1 text-sm bg-gray-100 text-gray-700 rounded hover:bg-gray-200 transition-colors">
Next
</a>
{% else %}
<span class="px-3 py-1 text-sm text-gray-400 bg-gray-50 rounded cursor-not-allowed">
Next
</span>
{% endif %}
</div>
</div>
{% endfor %}
{% if current_page < total_pages %}
<a href="{{ url_for(request.endpoint, page=current_page + 1) }}" class="px-3 py-2 text-sm text-slate-600 bg-white border border-slate-300 rounded-md hover:bg-slate-50">
Next
</a>
{% else %}
<span class="px-3 py-2 text-sm text-slate-400 bg-white border border-slate-300 rounded-md cursor-not-allowed">Next</span>
{% endif %}
</div>
{% endif %}

88
templates/admin_user_edit.html Normal file
View File

@@ -0,0 +1,88 @@
{% extends 'base.html' %}
{% block content %}
<div class="h-full flex flex-col max-w-2xl mx-auto">
<h1 class="text-xl font-semibold mb-6">Edit User: {{ user.user_email }}</h1>
<form id="userForm" class="space-y-6">
<div>
<label for="user_email" class="block text-sm font-medium text-slate-700">User Email</label>
<input type="email" id="user_email" name="user_email"
value="{{ user.user_email }}"
disabled
class="mt-1 block w-full px-3 py-2 border border-slate-300 rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500">
<p class="mt-1 text-sm text-slate-500">This field cannot be changed as it's tied to Firebase authentication.</p>
</div>
<div>
<label for="enabled" class="block text-sm font-medium text-slate-700">Enabled</label>
<div class="mt-1 flex items-center">
<input type="checkbox" id="enabled" name="enabled"
{% if user.enabled %}checked{% endif %}
class="h-4 w-4 text-blue-600 focus:ring-blue-500 border-slate-300 rounded">
<label for="enabled" class="ml-2 block text-sm text-slate-700">Check to enable this user</label>
</div>
</div>
<div>
<label for="is_admin" class="block text-sm font-medium text-slate-700">Admin</label>
<div class="mt-1 flex items-center">
<input type="checkbox" id="is_admin" name="is_admin"
{% if user.is_admin %}checked{% endif %}
class="h-4 w-4 text-blue-600 focus:ring-blue-500 border-slate-300 rounded">
<label for="is_admin" class="ml-2 block text-sm text-slate-700">Check to make this user an admin</label>
</div>
</div>
<div>
<label for="case_email" class="block text-sm font-medium text-slate-700">Case Email</label>
<input type="email" id="case_email" name="case_email"
value="{{ user.case_email }}"
class="mt-1 block w-full px-3 py-2 border border-slate-300 rounded-md shadow-sm focus:outline-none focus:ring-blue-500 focus:border-blue-500">
<p class="mt-1 text-sm text-slate-500">The email address used for project access.</p>
</div>
<div class="flex justify-end space-x-3 pt-4">
<button type="button" onclick="window.location.href='/admin/users'"
class="px-4 py-2 text-sm font-medium text-slate-700 bg-gray-100 hover:bg-gray-200 rounded-md transition-colors">
Cancel
</button>
<button type="submit"
class="px-4 py-2 text-sm font-medium text-white bg-blue-600 hover:bg-blue-700 rounded-md transition-colors">
Save Changes
</button>
</div>
</form>
</div>
<script>
document.getElementById('userForm').addEventListener('submit', function(e) {
e.preventDefault();
const formData = new FormData(this);
const userData = {
uid: '{{ user.uid }}',
enabled: formData.get('enabled') === 'on',
is_admin: formData.get('is_admin') === 'on',
case_email: formData.get('case_email')
};
fetch('/admin/users/update', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(userData)
})
.then(response => {
if (response.ok) {
window.location.href = '/admin/users';
} else {
alert('Failed to update user: ' + response.statusText);
}
})
.catch(error => {
alert('Error updating user: ' + error.message);
});
});
</script>
{% endblock %}

48
templates/admin_users.html Normal file
View File

@@ -0,0 +1,48 @@
{% extends 'base.html' %}
{% block content %}
<div class="h-full flex flex-col">
<h1 class="text-xl font-semibold mb-4">Admin: User Management</h1>
<div class="overflow-scroll">
<table class="w-full whitespace-nowrap shadow-md border border-slate-200">
<thead class="text-left text-sm sticky top-0 z-10 border-b border-blue-800 text-white font-medium" style="background-color: rgb(89, 121, 142);">
<tr>
<th class="px-4 py-3">User Email</th>
<th class="px-4 py-3">Enabled</th>
<th class="px-4 py-3">Admin</th>
<th class="px-4 py-3">Case Email</th>
</tr>
</thead>
<tbody class="bg-slate-100 divide-y divide-slate-300">
{% for user in users %}
<tr class="hover:bg-slate-200 transition-colors duration-150 ease-in-out cursor-pointer" onclick="window.location.href='/admin/users/{{ user.uid }}'">
<td class="px-4 py-3 text-sm text-slate-800">{{ user.user_email }}</td>
<td class="px-4 py-3 text-sm text-slate-800">
{% if user.enabled %}
<span class="bg-green-100 text-green-800 px-2 py-1 rounded text-xs">Yes</span>
{% else %}
<span class="bg-red-100 text-red-800 px-2 py-1 rounded text-xs">No</span>
{% endif %}
</td>
<td class="px-4 py-3 text-sm text-slate-800">
{% if user.is_admin %}
<span class="bg-blue-100 text-blue-800 px-2 py-1 rounded text-xs">Yes</span>
{% else %}
<span class="bg-gray-100 text-gray-800 px-2 py-1 rounded text-xs">No</span>
{% endif %}
</td>
<td class="px-4 py-3 text-sm text-slate-800">{{ user.case_email }}</td>
</tr>
{% else %}
<tr>
<td colspan="4" class="px-4 py-6 text-center text-slate-500">No users found.</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
<!-- Pagination -->
{% include '_pagination.html' %}
</div>
{% endblock %}

4
templates/base.html
View File

@@ -19,6 +19,10 @@
<nav class="space-x-4">
{% if session.uid %}
<a href="/dashboard" class="text-sm text-slate-600 hover:text-slate-900">Dashboard</a>
{% set profile = get_user_profile(session.uid) %}
{% if profile.is_admin %}
<a href="/admin/users" class="text-sm text-slate-600 hover:text-slate-900">Admin Users</a>
{% endif %}
<a href="/logout" class="text-sm text-slate-600 hover:text-slate-900">Logout</a>
{% else %}
<a href="/login" class="text-sm text-slate-600 hover:text-slate-900">Login</a>

1
templates/welcome.html
View File

@@ -6,6 +6,7 @@
<ul class="mt-4 list-disc pl-6 text-sm text-slate-700">
<li><strong>enabled</strong>: {{ 'true' if profile.enabled else 'false' }}</li>
<li><strong>caseEmail</strong>: {{ profile.caseEmail or '—' }}</li>
<li><strong>user_email</strong>: {{ profile.user_email or '—' }}</li>
</ul>
</div>
{% endblock %}