cmdbox 0.5.1__py3-none-any.whl → 0.5.1.2__py3-none-any.whl

cmdbox/app/auth/signin.py

@@ -0,0 +1,631 @@
+from cmdbox.app import common, options
+from fastapi import Request, Response, HTTPException
+from fastapi.responses import RedirectResponse
+from pathlib import Path
+from typing import Dict, Any, Tuple, List, Union
+import copy
+import logging
+
+
+class Signin(object):
+
+    def __init__(self, logger:logging.Logger, signin_file:Path, signin_file_data:Dict[str, Any], appcls, ver):
+        self.logger = logger
+        self.signin_file = signin_file
+        self.signin_file_data = signin_file_data
+        self.options = options.Options.getInstance(appcls, ver)
+        self.ver = ver
+        self.appcls = appcls
+
+    def get_data(self) -> Dict[str, Any]:
+        """
+        サインインデータを返します
+
+        Returns:
+            Dict[str, Any]: サインインデータ
+        """
+        return self.signin_file_data
+
+    def jadge(self, access_token:str, email:str) -> Tuple[bool, Dict[str, Any]]:
+        """
+        サインインを成功させるかどうかを判定します。
+        返すユーザーデータには、uid, name, email, groups, hash が必要です。
+
+        Args:
+            access_token (str): アクセストークン
+            email (str): メールアドレス
+
+        Returns:
+            Tuple[bool, Dict[str, Any]]: (成功かどうか, ユーザーデータ)
+        """
+        copy_signin_data = copy.deepcopy(self.signin_file_data)
+        users = [u for u in copy_signin_data['users'] if u['email'] == email and u['hash'] == 'oauth2']
+        return len(users) > 0, users[0] if len(users) > 0 else None
+
+    def get_groups(self, access_token:str, user:Dict[str, Any]) -> Tuple[List[str], List[int]]:
+        """
+        ユーザーのグループを取得します
+
+        Args:
+            access_token (str): アクセストークン
+            user (Dict[str, Any]): ユーザーデータ
+            signin_file_data (Dict[str, Any]): サインインファイルデータ（変更不可）
+
+        Returns:
+            Tuple[List[str], List[int]]: (グループ名, グループID)
+        """
+        copy_signin_data = copy.deepcopy(self.signin_file_data)
+        group_names = list(set(self.__class__.correct_group(copy_signin_data, user['groups'], None)))
+        gids = [g['gid'] for g in copy_signin_data['groups'] if g['name'] in group_names]
+        return group_names, gids
+
+    def enable_cors(self, req:Request, res:Response) -> None:
+        """
+        CORSを有効にする
+
+        Args:
+            req (Request): リクエスト
+            res (Response): レスポンス
+        """
+        if req is None or not 'Origin' in req.headers.keys():
+            return
+        res.headers['Access-Control-Allow-Origin'] = res.headers['Origin']
+
+    def check_signin(self, req:Request, res:Response):
+        """
+        サインインをチェックする
+
+        Args:
+            req (Request): リクエスト
+            res (Response): レスポンス
+
+        Returns:
+            Response: サインインエラーの場合はリダイレクトレスポンス
+        """
+        self.enable_cors(req, res)
+        if self.signin_file_data is None:
+            return None
+        if 'signin' in req.session:
+            self.signin_file_data = self.load_signin_file(self.signin_file, self.signin_file_data) # サインインファイルの更新をチェック
+            path_jadge = self.check_path(req, req.url.path)
+            if path_jadge is not None:
+                return path_jadge
+            return None
+        self.logger.info(f"Not found siginin session. Try check_apikey. path={req.url.path}")
+        ret = self.check_apikey(req, res)
+        if ret is not None and self.logger.level == logging.DEBUG:
+            self.logger.debug(f"Not signed in.")
+        return ret
+
+    def check_apikey(self, req:Request, res:Response):
+        """
+        ApiKeyをチェックする
+
+        Args:
+            req (Request): リクエスト
+            res (Response): レスポンス
+
+        Returns:
+            Response: サインインエラーの場合はリダイレクトレスポンス
+        """
+        self.enable_cors(req, res)
+        if self.signin_file_data is None:
+            res.headers['signin'] = 'success'
+            return None
+        if 'Authorization' not in req.headers:
+            self.logger.warning(f"Authorization not found. headers={req.headers}")
+            return RedirectResponse(url=f'/signin{req.url.path}?error=noauth')
+        auth = req.headers['Authorization']
+        if not auth.startswith('Bearer '):
+            self.logger.warning(f"Bearer not found. headers={req.headers}")
+            return RedirectResponse(url=f'/signin{req.url.path}?error=apikeyfail')
+        bearer, apikey = auth.split(' ')
+        apikey = common.hash_password(apikey.strip(), 'sha1')
+        if self.logger.level == logging.DEBUG:
+            self.logger.debug(f"hashed apikey: {apikey}")
+        find_user = None
+        self.signin_file_data = self.load_signin_file(self.signin_file, self.signin_file_data) # サインインファイルの更新をチェック
+        for user in self.signin_file_data['users']:
+            if 'apikeys' not in user:
+                continue
+            for ak, key in user['apikeys'].items():
+                if apikey == key:
+                    find_user = user
+        if find_user is None:
+            self.logger.warning(f"No matching user found for apikey.")
+            return RedirectResponse(url=f'/signin{req.url.path}?error=apikeyfail')
+
+        group_names = list(set(self.__class__.correct_group(self.get_data(), find_user['groups'], None)))
+        gids = [g['gid'] for g in self.signin_file_data['groups'] if g['name'] in group_names]
+        req.session['signin'] = dict(uid=find_user['uid'], name=find_user['name'], password=find_user['password'],
+                                     gids=gids, groups=group_names)
+        if self.logger.level == logging.DEBUG:
+            self.logger.debug(f"find user: name={find_user['name']}, group_names={group_names}")
+        # パスルールチェック
+        user_groups = find_user['groups']
+        jadge = self.signin_file_data['pathrule']['policy']
+        for rule in self.signin_file_data['pathrule']['rules']:
+            if len([g for g in rule['groups'] if g in user_groups]) <= 0:
+                continue
+            if len([p for p in rule['paths'] if req.url.path.startswith(p)]) <= 0:
+                continue
+            jadge = rule['rule']
+        if self.logger.level == logging.DEBUG:
+            self.logger.debug(f"rule: {req.url.path}: {jadge}")
+        if jadge == 'allow':
+            res.headers['signin'] = 'success'
+            return None
+        self.logger.warning(f"Unauthorized site. user={find_user['name']}, path={req.url.path}")
+        return RedirectResponse(url=f'/signin{req.url.path}?error=unauthorizedsite')
+
+    @classmethod
+    def load_signin_file(cls, signin_file:Path, signin_file_data:Dict[str, Any]=None) -> Dict[str, Any]:
+        """
+        サインインファイルを読み込む
+
+        Args:
+            signin_file (Path): サインインファイル
+            signin_file_data (Dict[str, Any]): サインインファイルデータ
+
+        Raises:
+            HTTPException: サインインファイルのフォーマットエラー
+
+        Returns:
+            Dict[str, Any]: サインインファイルデータ
+        """
+        if signin_file is not None:
+            if not signin_file.is_file():
+                raise HTTPException(status_code=500, detail=f'signin_file is not found. ({signin_file})')
+            # サインインファイル読込み済みなら返すが、別プロセスがサインインファイルを更新していたら読込みを実施する。
+            if not hasattr(cls, 'signin_file_last'):
+                cls.signin_file_last = signin_file.stat().st_mtime
+            if cls.signin_file_last >= signin_file.stat().st_mtime and signin_file_data is not None:
+                return signin_file_data
+            cls.signin_file_last = signin_file.stat().st_mtime
+            yml = common.load_yml(signin_file)
+            # usersのフォーマットチェック
+            if 'users' not in yml:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "users" not found. ({signin_file})')
+            uids = set()
+            unames = set()
+            groups = [g['name'] for g in yml['groups']]
+            for user in yml['users']:
+                if 'uid' not in user or user['uid'] is None:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "uid" not found or empty. ({signin_file})')
+                if user['uid'] in uids:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Duplicate uid found. ({signin_file}). uid={user["uid"]}')
+                if 'name' not in user or user['name'] is None:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "name" not found or empty. ({signin_file})')
+                if user['name'] in unames:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Duplicate name found. ({signin_file}). name={user["name"]}')
+                if 'password' not in user:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "password" not found or empty. ({signin_file})')
+                if 'hash' not in user or user['hash'] is None:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "hash" not found or empty. ({signin_file})')
+                if user['hash'] not in ['oauth2', 'plain', 'md5', 'sha1', 'sha256']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Algorithms not supported. ({signin_file}). hash={user["hash"]} "oauth2", "plain", "md5", "sha1", "sha256" only.')
+                if 'groups' not in user or type(user['groups']) is not list:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not found or not list type. ({signin_file})')
+                if len([ug for ug in user['groups'] if ug not in groups]) > 0:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Group not found. ({signin_file}). {user["groups"]}')
+                uids.add(user['uid'])
+                unames.add(user['name'])
+            # groupsのフォーマットチェック
+            if 'groups' not in yml:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not found. ({signin_file})')
+            gids = set()
+            gnames = set()
+            for group in yml['groups']:
+                if 'gid' not in group or group['gid'] is None:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "gid" not found or empty. ({signin_file})')
+                if group['gid'] in gids:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Duplicate gid found. ({signin_file}). gid={group["gid"]}')
+                if 'name' not in group or group['name'] is None:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "name" not found or empty. ({signin_file})')
+                if group['name'] in gnames:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. Duplicate name found. ({signin_file}). name={group["name"]}')
+                if 'parent' in group:
+                    if group['parent'] not in groups:
+                        raise HTTPException(status_code=500, detail=f'signin_file format error. Parent group not found. ({signin_file}). parent={group["parent"]}')
+                gids.add(group['gid'])
+                gnames.add(group['name'])
+            # cmdruleのフォーマットチェック
+            if 'cmdrule' not in yml:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "cmdrule" not found. ({signin_file})')
+            if 'policy' not in yml['cmdrule']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "policy" not found in "cmdrule". ({signin_file})')
+            if yml['cmdrule']['policy'] not in ['allow', 'deny']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "policy" not supported in "cmdrule". ({signin_file}). "allow" or "deny" only.')
+            if 'rules' not in yml['cmdrule']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "rules" not found in "cmdrule". ({signin_file})')
+            if type(yml['cmdrule']['rules']) is not list:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "rules" not list type in "cmdrule". ({signin_file})')
+            for rule in yml['cmdrule']['rules']:
+                if 'groups' not in rule:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not found in "cmdrule.rules" ({signin_file})')
+                if type(rule['groups']) is not list:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not list type in "cmdrule.rules". ({signin_file})')
+                rule['groups'] = list(set(copy.deepcopy(cls.correct_group(yml, rule['groups'], yml['groups']))))
+                if 'rule' not in rule:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "rule" not found in "cmdrule.rules" ({signin_file})')
+                if rule['rule'] not in ['allow', 'deny']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "rule" not supported in "cmdrule.rules". ({signin_file}). "allow" or "deny" only.')
+                if 'mode' not in rule:
+                    rule['mode'] = None
+                if 'cmds' not in rule:
+                    rule['cmds'] = []
+                if rule['mode'] is not None and len(rule['cmds']) <= 0:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. When “cmds” is specified, “mode” must be specified. ({signin_file})')
+                if type(rule['cmds']) is not list:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "cmds" not list type in "cmdrule.rules". ({signin_file})')
+            # pathruleのフォーマットチェック
+            if 'pathrule' not in yml:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "pathrule" not found. ({signin_file})')
+            if 'policy' not in yml['pathrule']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "policy" not found in "pathrule". ({signin_file})')
+            if yml['pathrule']['policy'] not in ['allow', 'deny']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "policy" not supported in "pathrule". ({signin_file}). "allow" or "deny" only.')
+            if 'rules' not in yml['pathrule']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "rules" not found in "pathrule". ({signin_file})')
+            if type(yml['pathrule']['rules']) is not list:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "rules" not list type in "pathrule". ({signin_file})')
+            for rule in yml['pathrule']['rules']:
+                if 'groups' not in rule:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not found in "pathrule.rules" ({signin_file})')
+                if type(rule['groups']) is not list:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "groups" not list type in "pathrule.rules". ({signin_file})')
+                rule['groups'] = list(set(copy.deepcopy(cls.correct_group(yml, rule['groups'], yml['groups']))))
+                if 'rule' not in rule:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "rule" not found in "pathrule.rules" ({signin_file})')
+                if rule['rule'] not in ['allow', 'deny']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "rule" not supported in "pathrule.rules". ({signin_file}). "allow" or "deny" only.')
+                if 'paths' not in rule:
+                    rule['paths'] = []
+                if type(rule['paths']) is not list:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "paths" not list type in "pathrule.rules". ({signin_file})')
+            # passwordのフォーマットチェック
+            if 'password' in yml:
+                if 'policy' not in yml['password']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "policy" not found in "password". ({signin_file})')
+                if 'enabled' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['enabled']) is not bool:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['not_same_before']) is not bool:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "not_same_before" not bool type in "password.policy". ({signin_file})')
+                if 'min_length' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_length" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['min_length']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_length" not int type in "password.policy". ({signin_file})')
+                if 'max_length' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "max_length" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['max_length']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "max_length" not int type in "password.policy". ({signin_file})')
+                if 'min_lowercase' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_lowercase" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['min_lowercase']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_lowercase" not int type in "password.policy". ({signin_file})')
+                if 'min_uppercase' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_uppercase" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['min_uppercase']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_uppercase" not int type in "password.policy". ({signin_file})')
+                if 'min_digit' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_digit" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['min_digit']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_digit" not int type in "password.policy". ({signin_file})')
+                if 'min_symbol' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_symbol" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['min_symbol']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "min_symbol" not int type in "password.policy". ({signin_file})')
+                if 'not_contain_username' not in yml['password']['policy']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "not_contain_username" not found in "password.policy". ({signin_file})')
+                if type(yml['password']['policy']['not_contain_username']) is not bool:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "not_contain_username" not bool type in "password.policy". ({signin_file})')
+                if 'expiration' not in yml['password']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "expiration" not found in "password". ({signin_file})')
+                if 'enabled' not in yml['password']['expiration']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "password.expiration". ({signin_file})')
+                if type(yml['password']['expiration']['enabled']) is not bool:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "password.expiration". ({signin_file})')
+                if 'period' not in yml['password']['expiration']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "period" not found in "password.expiration". ({signin_file})')
+                if type(yml['password']['expiration']['period']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "period" not int type in "password.expiration". ({signin_file})')
+                if 'notify' not in yml['password']['expiration']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "notify" not found in "password.expiration". ({signin_file})')
+                if type(yml['password']['expiration']['notify']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "notify" not int type in "password.expiration". ({signin_file})')
+                if 'lockout' not in yml['password']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "lockout" not found in "password". ({signin_file})')
+                if 'enabled' not in yml['password']['lockout']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "password.lockout". ({signin_file})')
+                if type(yml['password']['lockout']['enabled']) is not bool:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "password.lockout". ({signin_file})')
+                if 'threshold' not in yml['password']['lockout']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "threshold" not found in "password.lockout". ({signin_file})')
+                if type(yml['password']['lockout']['threshold']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "threshold" not int type in "password.lockout". ({signin_file})')
+                if 'reset' not in yml['password']['lockout']:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "reset" not found in "password.lockout". ({signin_file})')
+                if type(yml['password']['lockout']['reset']) is not int:
+                    raise HTTPException(status_code=500, detail=f'signin_file format error. "reset" not int type in "password.lockout". ({signin_file})')
+            # oauth2のフォーマットチェック
+            if 'oauth2' not in yml:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "oauth2" not found. ({signin_file})')
+            if 'providers' not in yml['oauth2']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "providers" not found in "oauth2". ({signin_file})')
+            # google
+            if 'google' not in yml['oauth2']['providers']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "google" not found in "providers". ({signin_file})')
+            if 'enabled' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "google". ({signin_file})')
+            if type(yml['oauth2']['providers']['google']['enabled']) is not bool:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "google". ({signin_file})')
+            if 'client_id' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_id" not found in "google". ({signin_file})')
+            if 'client_secret' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_secret" not found in "google". ({signin_file})')
+            if 'redirect_uri' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "redirect_uri" not found in "google". ({signin_file})')
+            if 'scope' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not found in "google". ({signin_file})')
+            if type(yml['oauth2']['providers']['google']['scope']) is not list:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not list type in "google". ({signin_file})')
+            if 'signin_module' not in yml['oauth2']['providers']['google']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "signin_module" not found in "google". ({signin_file})')
+            # github
+            if 'github' not in yml['oauth2']['providers']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "github" not found in "providers". ({signin_file})')
+            if 'enabled' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "github". ({signin_file})')
+            if type(yml['oauth2']['providers']['github']['enabled']) is not bool:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "github". ({signin_file})')
+            if 'client_id' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_id" not found in "github". ({signin_file})')
+            if 'client_secret' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_secret" not found in "github". ({signin_file})')
+            if 'redirect_uri' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "redirect_uri" not found in "github". ({signin_file})')
+            if 'scope' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not found in "github". ({signin_file})')
+            if type(yml['oauth2']['providers']['github']['scope']) is not list:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not list type in "github". ({signin_file})')
+            if 'signin_module' not in yml['oauth2']['providers']['github']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "signin_module" not found in "github". ({signin_file})')
+            # azure
+            if 'azure' not in yml['oauth2']['providers']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "azure" not found in "providers". ({signin_file})')
+            if 'enabled' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not found in "azure". ({signin_file})')
+            if type(yml['oauth2']['providers']['azure']['enabled']) is not bool:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "enabled" not bool type in "azure". ({signin_file})')
+            if 'tenant_id' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "tenant_id" not found in "azure". ({signin_file})')
+            if 'client_id' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_id" not found in "azure". ({signin_file})')
+            if 'client_secret' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "client_secret" not found in "azure". ({signin_file})')
+            if 'redirect_uri' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "redirect_uri" not found in "azure". ({signin_file})')
+            if 'scope' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not found in "azure". ({signin_file})')
+            if type(yml['oauth2']['providers']['azure']['scope']) is not list:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "scope" not list type in "azure". ({signin_file})')
+            if 'signin_module' not in yml['oauth2']['providers']['azure']:
+                raise HTTPException(status_code=500, detail=f'signin_file format error. "signin_module" not found in "azure". ({signin_file})')
+            # フォーマットチェックOK
+            return yml
+
+    @classmethod
+    def correct_group(cls, signin_file_data:Dict[str, Any], group_names:List[str], master_groups:List[Dict[str, Any]]) -> List[str]:
+        """
+        指定されたグループ名に属する子グループ名を収集します
+
+        Args:
+            signin_file_data (Dict[str, Any]): サインインファイルデータ
+            group_names (List[str]): グループ名リスト
+            master_groups (List[Dict[str, Any]], optional): 親グループ名. Defaults to None.
+        """
+        copy_signin_data = copy.deepcopy(signin_file_data)
+        master_groups = copy_signin_data['groups'] if master_groups is None else master_groups
+        gns = []
+        for gn in group_names.copy():
+            gns = [gr['name'] for gr in master_groups if 'parent' in gr and gr['parent']==gn]
+            gns += cls.correct_group(copy_signin_data, gns, master_groups)
+        return group_names + gns
+
+    def check_path(self, req:Request, path:str) -> Union[None, RedirectResponse]:
+        """
+        パスの認可をチェックします
+
+        Args:
+            req (Request): リクエスト
+            path (str): パス
+
+        Returns:
+            Union[None, RedirectResponse]: 認可された場合はNone、認可されなかった場合はリダイレクトレスポンス
+        """
+        if self.signin_file_data is None:
+            return None
+        if 'signin' not in req.session:
+            return None
+        path = path if path.startswith('/') else f'/{path}'
+        # パスルールチェック
+        user_groups = req.session['signin']['groups']
+        jadge = self.signin_file_data['pathrule']['policy']
+        for rule in self.signin_file_data['pathrule']['rules']:
+            if len([g for g in rule['groups'] if g in user_groups]) <= 0:
+                continue
+            if len([p for p in rule['paths'] if path.startswith(p)]) <= 0:
+                continue
+            jadge = rule['rule']
+        if self.logger.level == logging.DEBUG:
+            self.logger.debug(f"rule: {path}: {jadge}")
+        if jadge == 'allow':
+            return None
+        else:
+            self.logger.warning(f"Unauthorized site. user={req.session['signin']['name']}, path={path}")
+            return RedirectResponse(url=f'/signin{path}?error=unauthorizedsite')
+
+    def check_cmd(self, req:Request, res:Response, mode:str, cmd:str):
+        """
+        コマンドの認可をチェックします
+
+        Args:
+            req (Request): リクエスト
+            res (Response): レスポンス
+            mode (str): モード
+            cmd (str): コマンド
+
+        Returns:
+            bool: 認可されたかどうか
+        """
+        if self.signin_file_data is None:
+            return True
+        if 'signin' not in req.session or 'groups' not in req.session['signin']:
+            return False
+        # コマンドチェック
+        user_groups = req.session['signin']['groups']
+        jadge = self.signin_file_data['cmdrule']['policy']
+        for rule in self.signin_file_data['cmdrule']['rules']:
+            if len([g for g in rule['groups'] if g in user_groups]) <= 0:
+                continue
+            if rule['mode'] is not None:
+                if rule['mode'] != mode:
+                    continue
+                if len([c for c in rule['cmds'] if cmd == c]) <= 0:
+                    continue
+            jadge = rule['rule']
+        if self.logger.level == logging.DEBUG:
+            self.logger.debug(f"rule: mode={mode}, cmd={cmd}: {jadge}")
+        return jadge == 'allow'
+
+    def get_enable_modes(self, req:Request, res:Response) -> List[str]:
+        """
+        認可されたモードを取得します
+
+        Args:
+            req (Request): リクエスト
+            res (Response): レスポンス
+
+        Returns:
+            List[str]: 認可されたモード
+        """
+        if self.signin_file_data is None:
+            return self.options.get_modes().copy()
+        if 'signin' not in req.session or 'groups' not in req.session['signin']:
+            return []
+        modes = self.options.get_modes().copy()
+        user_groups = req.session['signin']['groups']
+        jadge = self.signin_file_data['cmdrule']['policy']
+        jadge_modes = []
+        if jadge == 'allow':
+            for m in modes:
+                jadge_modes += list(m.keys()) if type(m) is dict else [m]
+        for rule in self.signin_file_data['cmdrule']['rules']:
+            if len([g for g in rule['groups'] if g in user_groups]) <= 0:
+                continue
+            if 'mode' not in rule:
+                continue
+            if rule['mode'] is not None:
+                if rule['rule'] == 'allow':
+                    jadge_modes.append(rule['mode'])
+                elif rule['rule'] == 'deny':
+                    jadge_modes.remove(rule['mode'])
+            elif rule['mode'] is None and len(rule['cmds']) <= 0:
+                if rule['rule'] == 'allow':
+                    for m in modes:
+                        jadge_modes += list(m.keys()) if type(m) is dict else [m]
+                elif rule['rule'] == 'deny':
+                    jadge_modes = []
+        return sorted(list(set(['']+jadge_modes)), key=lambda m: m)
+
+    def get_enable_cmds(self, mode:str, req:Request, res:Response) -> List[str]:
+        """
+        認可されたコマンドを取得します
+
+        Args:
+            mode (str): モード
+            req (Request): リクエスト
+            res (Response): レスポンス
+
+        Returns:
+            List[str]: 認可されたコマンド
+        """
+        if self.signin_file_data is None:
+            cmds = self.options.get_cmds(mode).copy()
+            return cmds
+        if 'signin' not in req.session or 'groups' not in req.session['signin']:
+            return []
+        cmds = self.options.get_cmds(mode).copy()
+        if mode == '':
+            return cmds
+        user_groups = req.session['signin']['groups']
+        jadge = self.signin_file_data['cmdrule']['policy']
+        jadge_cmds = []
+        if jadge == 'allow':
+            for c in cmds:
+                jadge_cmds += list(c.keys()) if type(c) is dict else [c]
+        for rule in self.signin_file_data['cmdrule']['rules']:
+            if len([g for g in rule['groups'] if g in user_groups]) <= 0:
+                continue
+            if 'mode' not in rule:
+                continue
+            if 'cmds' not in rule:
+                continue
+            if rule['mode'] is not None and rule['mode'] != mode:
+                continue
+            if len(rule['cmds']) > 0:
+                if rule['rule'] == 'allow':
+                    jadge_cmds += rule['cmds']
+                elif rule['rule'] == 'deny':
+                    for c in rule['cmds']:
+                        jadge_cmds.remove[c]
+            elif rule['mode'] is None and len(rule['cmds']) <= 0:
+                if rule['rule'] == 'allow':
+                    for c in cmds:
+                        jadge_cmds += list(c.keys()) if type(c) is dict else [c]
+                elif rule['rule'] == 'deny':
+                    jadge_cmds = []
+        return sorted(list(set(['']+jadge_cmds)), key=lambda c: c)
+
+    def check_password_policy(self, user_name:str, password:str, new_password:str) -> Tuple[bool, str]:
+        """
+        パスワードポリシーをチェックする
+
+        Args:
+            user_name (str): ユーザー名
+            password (str): 元パスワード
+            new_password (str): 新しいパスワード
+        Returns:
+            bool: True:ポリシーOK, False:ポリシーNG
+            str: メッセージ
+        """
+        if self.signin_file_data is None or 'password' not in self.signin_file_data:
+            return True, "There is no password policy set."
+        policy = self.signin_file_data['password']['policy']
+        if not policy['enabled']:
+            return True, "Password policy is disabled."
+        if policy['not_same_before'] and password == new_password:
+            self.logger.warning(f"Password policy error. The same password cannot be changed.")
+            return False, f"Password policy error. The same password cannot be changed."
+        if len(new_password) < policy['min_length'] or len(new_password) > policy['max_length']:
+            self.logger.warning(f"Password policy error. min_length={policy['min_length']}, max_length={policy['max_length']}")
+            return False, f"Password policy error. min_length={policy['min_length']}, max_length={policy['max_length']}"
+        if len([c for c in new_password if c.islower()]) < policy['min_lowercase']:
+            self.logger.warning(f"Password policy error. min_lowercase={policy['min_lowercase']}")
+            return False, f"Password policy error. min_lowercase={policy['min_lowercase']}"
+        if len([c for c in new_password if c.isupper()]) < policy['min_uppercase']:
+            self.logger.warning(f"Password policy error. min_uppercase={policy['min_uppercase']}")
+            return False, f"Password policy error. min_uppercase={policy['min_uppercase']}"
+        if len([c for c in new_password if c.isdigit()]) < policy['min_digit']:
+            self.logger.warning(f"Password policy error. min_digit={policy['min_digit']}")
+            return False, f"Password policy error. min_digit={policy['min_digit']}"
+        if len([c for c in new_password if c in string.punctuation]) < policy['min_symbol']:
+            self.logger.warning(f"Password policy error. min_symbol={policy['min_symbol']}")
+            return False, f"Password policy error. min_symbol={policy['min_symbol']}"
+        if policy['not_contain_username'] and (user_name is None or user_name in new_password):
+            self.logger.warning(f"Password policy error. not_contain_username=True")
+            return False, f"Password policy error. not_contain_username=True"
+        self.logger.info(f"Password policy OK.")
+        return True, "Password policy OK."

cmdbox/version.py

@@ -1,9 +1,9 @@
 import datetime
 
-dt_now = datetime.datetime(2025, 3, 26)
+dt_now = datetime.datetime(2025, 3, 27)
 __appid__ = 'cmdbox'
 __title__ = 'cmdbox (Command Development Application)'
-__version__ = '0.5.1'
+__version__ = '0.5.1.2'
 __copyright__ = f'Copyright © 2023-{dt_now.strftime("%Y")} hamacom2004jp'
 __pypiurl__ = 'https://pypi.org/project/cmdbox/'
 __srcurl__ = 'https://github.com/hamacom2004jp/cmdbox'

cmdbox/web/assets/cmdbox/list_cmd.js

@@ -15,7 +15,14 @@ const list_cmd_func = async () => {
         }
         elem.find('.cmd_title').text(row.title);
         elem.find('.cmd_mode').text(row.mode);
-        elem.find('.cmd_cmd').text(row.cmd)
+        elem.find('.cmd_cmd').text(row.cmd);
+        const tags_elem = elem.find('.cmd_tags');
+        if (row.tag && Array.isArray(row.tag)) {
+            row.tag.forEach(tag => {
+                if (tag=='') return;
+                tags_elem.append(`<span class="badge text-bg-secondary me-1"><svg class="bi bi-svg_tag" width="16" height="16" fill="currentColor"><use href="#svg_tag"></use></svg>${tag}</span>`);
+            });
+        }
         if (row.tag && Array.isArray(row.tag)) {
             const tags = new Set([...row.tag]);
             elem.find('.cmd_card').attr('data-tags', Array.from(tags).join(','));
@@ -24,49 +31,89 @@ const list_cmd_func = async () => {
     };
     py_list_cmd.forEach(row => {card_func(row, true)});
     py_list_cmd.forEach(row => {card_func(row, false)});
-    $('#cmd_item_tags').html('');
+    const cmd_item_tags = $('#cmd_item_tags').html('');
+    const tag_bot_click = (e) => {
+        const ct = $(e.currentTarget);
+        const cmd_items = $('#cmd_items').find('.cmd_card:not(.cmd_add)');
+        const andor_sw = ct.hasClass('andor_switch');
+        const and_val = $('#andor_switch').prop('checked');
+        // 選択中のボタンの場合は解除中にする
+        if (!andor_sw && ct.hasClass('btn-secondary')) {
+            ct.removeClass('btn-secondary');
+            ct.addClass('btn-outline-secondary');
+        }
+        // 解除中のボタンの場合は選択中にする
+        else if (!andor_sw && ct.hasClass('btn-outline-secondary')) {
+            ct.removeClass('btn-outline-secondary');
+            ct.addClass('btn-secondary');
+        }
+        // 選択中のタグを取得
+        const tags = new Set();
+        cmd_item_tags.find('.btn-tag').each((i, elem) => {
+            if ($(elem).hasClass('btn-secondary')) tags.add($(elem).attr('data-tag'));
+        });
+        // タグ無しボタンが選択された場合
+        if (ct.hasClass('btn_notag') && ct.hasClass('btn-secondary')) {
+            cmd_item_tags.find('.btn-tag').removeClass('btn-secondary').addClass('btn-outline-secondary');
+            cmd_items.parent().hide();
+            cmd_items.each((i, elem) => {
+                const el = $(elem);
+                const itags = el.attr('data-tags');
+                if (itags) return;
+                el.parent().show();
+            });
+            return;
+        }
+        // notagボタンの選択を解除
+        if (!andor_sw) $('#btn_notag').removeClass('btn-secondary').addClass('btn-outline-secondary');
+        // タグがない場合は全て表示
+        if (tags.size == 0) {
+            cmd_items.parent().show();
+            return;
+        }
+        // タグがある場合はタグに一致するものだけ表示
+        cmd_items.parent().hide();
+        cmd_items.each((i, elem) => {
+            const el = $(elem);
+            // andorチェックされている場合はすべてのタグを含むものを表示
+            if (and_val) {
+                const itags = el.attr('data-tags');
+                if (!itags) return;
+                const etags = itags.split(',');
+                if (etags.filter(tag => tags.has(tag)).length == tags.size) el.parent().show();
+                return;
+            }
+            // andorチェックされていない場合はいずれかのタグを含むものを表示
+            tags.forEach(tag => {
+                const itags = el.attr('data-tags');
+                if (!itags) return;
+                else if (itags.split(',').includes(tag)) el.parent().show();
+            });
+        });
+    };
+    // タグボタンを追加
     py_list_cmd.forEach(row => {
         if (!row.tag || !Array.isArray(row.tag)) return;
-        const cmd_item_tags = $('#cmd_item_tags');
         row.tag.forEach(tag => {
             if (tag=='') return;
             if (cmd_item_tags.find(`[data-tag="${tag}"]`).length > 0) return;
             const elem = $(`<button type="button" class="btn btn-outline-secondary btn-sm btn-tag me-2">${tag}</button>`);
             elem.attr('data-tag', tag);
             elem.text(tag);
-            elem.click((e) => {
-                const ct = $(e.currentTarget);
-                const cmd_items = $('#cmd_items').find('.cmd_card:not(.cmd_add)');
-                if (ct.hasClass('btn-secondary')) {
-                    ct.removeClass('btn-secondary');
-                    ct.addClass('btn-outline-secondary');
-                }
-                else if (ct.hasClass('btn-outline-secondary')) {
-                    ct.removeClass('btn-outline-secondary');
-                    ct.addClass('btn-secondary');
-                }
-                const tags = new Set();
-                cmd_item_tags.find('.btn-tag').each((i, elem) => {
-                    if ($(elem).hasClass('btn-secondary')) tags.add($(elem).attr('data-tag'));
-                });
-                if (tags.size == 0) {
-                    cmd_items.parent().show();
-                    return;
-                }
-                cmd_items.parent().hide();
-                tags.forEach(tag => {
-                    cmd_items.each((i, elem) => {
-                        const el = $(elem);
-                        const itags = el.attr('data-tags');
-                        if (!itags) return;
-                        else if (itags.split(',').includes(tag)) el.parent().show();
-                    });
-                });
-            });
+            elem.click(tag_bot_click);
             cmd_item_tags.append(elem);
         });
-        
     });
+    // タグ未選択ボタンを追加
+    const noselect_bot = $(`<button type="button" class="btn btn-outline-secondary btn-sm btn_notag me-2" id="btn_notag">no tag</button>`);
+    noselect_bot.click(tag_bot_click);
+    cmd_item_tags.append(noselect_bot);
+    // and/orスイッチを追加
+    const andor_bot = $(`<div class="form-check form-switch text-secondary d-inline-block"/>`);
+    andor_bot.append('<input class="form-check-input andor_switch" type="checkbox" id="andor_switch">');
+    andor_bot.append('<label class="form-check-label" for="andor_switch">or / and</label>');
+    andor_bot.find('#andor_switch').click(tag_bot_click);
+    cmd_item_tags.append(andor_bot);
 }
 // コマンドファイルの取得が出来た時の処理
 const list_cmd_func_then = () => {

cmdbox/web/assets/cmdbox/list_pipe.js

@@ -45,7 +45,8 @@ list_pipe_func_then = () => {
                 const option = $('<option></option>');
                 pipe_cmd_select.append(option);
                 option.attr('value', cmd['title']);
-                option.text(`${cmd['title']}(mode=${cmd['mode']}, cmd=${cmd['cmd']})`);
+                const tag = cmd['tag'] ? `, tag=${cmd['tag']}` : '';
+                option.text(`${cmd['title']}(mode=${cmd['mode']}, cmd=${cmd['cmd']}${tag})`);
             });
             cmd_select_template.find('.add_buton').click((e) => {
                 cmd_select_template_func($(e.currentTarget), py_list_cmd);

cmdbox/web/gui.html

@@ -51,6 +51,10 @@
         <symbol id="svg_magic_btn" viewBox="0 0 16 16">
             <path d="M9.5 2.672a.5.5 0 1 0 1 0V.843a.5.5 0 0 0-1 0zm4.5.035A.5.5 0 0 0 13.293 2L12 3.293a.5.5 0 1 0 .707.707zM7.293 4A.5.5 0 1 0 8 3.293L6.707 2A.5.5 0 0 0 6 2.707zm-.621 2.5a.5.5 0 1 0 0-1H4.843a.5.5 0 1 0 0 1zm8.485 0a.5.5 0 1 0 0-1h-1.829a.5.5 0 0 0 0 1zM13.293 10A.5.5 0 1 0 14 9.293L12.707 8a.5.5 0 1 0-.707.707zM9.5 11.157a.5.5 0 0 0 1 0V9.328a.5.5 0 0 0-1 0zm1.854-5.097a.5.5 0 0 0 0-.706l-.708-.708a.5.5 0 0 0-.707 0L8.646 5.94a.5.5 0 0 0 0 .707l.708.708a.5.5 0 0 0 .707 0l1.293-1.293Zm-3 3a.5.5 0 0 0 0-.706l-.708-.708a.5.5 0 0 0-.707 0L.646 13.94a.5.5 0 0 0 0 .707l.708.708a.5.5 0 0 0 .707 0z"/>
         </symbol>
+        <symbol id="svg_tag" viewBox="0 0 16 16">
+            <path d="M6 4.5a1.5 1.5 0 1 1-3 0 1.5 1.5 0 0 1 3 0m-1 0a.5.5 0 1 0-1 0 .5.5 0 0 0 1 0"/>
+            <path d="M2 1h4.586a1 1 0 0 1 .707.293l7 7a1 1 0 0 1 0 1.414l-4.586 4.586a1 1 0 0 1-1.414 0l-7-7A1 1 0 0 1 1 6.586V2a1 1 0 0 1 1-1m0 5.586 7 7L13.586 9l-7-7H2z"/>
+        </symbol>
     </svg>
     <!-- ナビゲーションバー -->
     <nav class="navbar navbar-expand-sm fixed-top p-2">
@@ -133,7 +137,8 @@
                             <div class="d-flex">
                                 <h5 class="cmd_title card-title d-inline-block">Card title</h5>
                             </div>
-                            <h6 class="card-subtitle mb-2 text-muted">mode:<span class="cmd_mode"></span>, cmd:<span class="cmd_cmd"></span></h6>
+                            <h6 class="card-subtitle mb-2">mode:<span class="cmd_mode"></span>, cmd:<span class="cmd_cmd"></span></h6>
+                            <h6 class="card-subtitle text-end"><span class="cmd_tags text-secondary"></span></h6>
                         </div>
                     </div>
                 </div>

{cmdbox-0.5.1.dist-info → cmdbox-0.5.1.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: cmdbox
-Version: 0.5.1
+Version: 0.5.1.2
 Summary: cmdbox: It is a command line application with a plugin mechanism.
 Home-page: https://github.com/hamacom2004jp/cmdbox
 Author: hamacom2004jp

{cmdbox-0.5.1.dist-info → cmdbox-0.5.1.2.dist-info}/RECORD

@@ -6,7 +6,7 @@ cmdbox/logconf_edge.yml,sha256=RkbUebCJV2z5dLnpgvf4GSFkd-Blzu4vUUDP9CQFwdM,686
 cmdbox/logconf_gui.yml,sha256=T3yhWoiyp0DW06RjiFG6kS7jScqXYs-KLfC5EYKUImk,686
 cmdbox/logconf_server.yml,sha256=tpDpKQXgTWzUnHKGU-Vvsha7n1hyIyFdLnSeCgnOgyk,701
 cmdbox/logconf_web.yml,sha256=lzr3ytjqRbQutbhEOJdHJT0hrrR_h9sPkaEQkzX02lo,686
-cmdbox/version.py,sha256=EckA3XY1hLvl-wMEVk_JMlhiz4BQICd_f8H148-jZDU,1961
+cmdbox/version.py,sha256=avcUh9fYN64SEpQ8Zte4PMgniHFaWsKlaZe8xB7iC9w,1963
 cmdbox/app/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cmdbox/app/app.py,sha256=2rQpTbezCLuy36df89EhKsAfcPjtGepGHSTQZXimcqA,8949
 cmdbox/app/client.py,sha256=SNM4xxDh5ARxV6I7cDrmbzGc7sXUUwB3tSyIksdT1RY,19562
@@ -17,6 +17,7 @@ cmdbox/app/filer.py,sha256=L_DSMTvnbN_ffr3JIt0obbOmVoTHEfVm2cAVz3rLH-Q,16059
 cmdbox/app/options.py,sha256=3vwQx5ekrwurSHJLEsd3iXC2f8QevkAiR08ZioTKYPo,30874
 cmdbox/app/server.py,sha256=rrH_a6zzrx7glp_SqRrc_2gBgRoT9FX0F1bpGxVLX1I,9467
 cmdbox/app/web.py,sha256=9Zu9z7Pkdmz1T6NbJ6cn4rSLOAflrKG8veb5b4pQOqk,45469
+cmdbox/app/auth/signin.py,sha256=5G3Wxpi0H3rlvbcVyuBzTvRnttMpJJQuq8njSorEfOI,40713
 cmdbox/app/commons/convert.py,sha256=etWeutkPyE8FMz11jw4KJ5uip7qu_CoD1yIqF5iypgg,6754
 cmdbox/app/commons/loghandler.py,sha256=HFTlsQEshFaIubCH-AjvXOE0swbYtv77kSy2pwRz_8c,3469
 cmdbox/app/commons/module.py,sha256=RsEyqP9Qty4v0qIEE6VuY4pgMlkhJKNTUhsN5p-sSoM,4880
@@ -185,7 +186,7 @@ cmdbox/licenses/LICENSE.zope.interface.7.1.1(Zope Public License).txt,sha256=bHk
 cmdbox/licenses/files.txt,sha256=E_C-9JE8iJeOs-ZY_Lg1B3Brcdqr8G-kJeFnWeSHXUk,14179
 cmdbox/web/assets_license_list.txt,sha256=TcyF-U5C8O-J3Nxfp3pxralGdazTj8BgLwwEBRn59_w,853
 cmdbox/web/filer.html,sha256=NQzwJc1k4IDpK1F99vumLC3BO7x_frO6HJcEzI9c0kw,15254
-cmdbox/web/gui.html,sha256=rwdRVQPwtDrW07f_07z6h090XwnSRDnwKxBUC-DTG4w,34688
+cmdbox/web/gui.html,sha256=Wwb70-gH66yaYTfLwFdDXXPdEyVEhllOtuKxq4VAUoE,35141
 cmdbox/web/result.html,sha256=dZcQCLSrhTr7gY50WYCfG2wEWngnV7x9xnYOVl73WSQ,14835
 cmdbox/web/signin.html,sha256=Rhqvhcq_hZ1svRkHIpy_2BVTJkmw2R4Q4lZo93eQvsE,11063
 cmdbox/web/users.html,sha256=RHslVrj8FJgV1RI6oMTRuZTu3g7YyXMKKYGeoOzgwG4,19194
@@ -195,8 +196,8 @@ cmdbox/web/assets/cmdbox/common.js,sha256=rsegebcs7QtBNi-WEy5-sev-EDIEHV9P-0HZoj
 cmdbox/web/assets/cmdbox/favicon.ico,sha256=2U4MhqzJklRksOQwnK-MZigZCubxCHqKG_AuNJnvYtA,34494
 cmdbox/web/assets/cmdbox/filer_modal.js,sha256=hCEk0UR_bjJp9X9blWfmrbZVxKkmO3GGQ44ukSDuHbg,8522
 cmdbox/web/assets/cmdbox/icon.png,sha256=xdEwDdCS8CoPQk7brW-1mV8FIGYtUeSMBRlY9Oh-3nE,296172
-cmdbox/web/assets/cmdbox/list_cmd.js,sha256=mGsN4_ZZ8Lgdt6WyZAMe-yGG5DRPc_vXy9Hen9ruKU0,32801
-cmdbox/web/assets/cmdbox/list_pipe.js,sha256=mlzISyZUG90GbE0gxMzWpwZhzhojxqvft2gne6Vajco,11218
+cmdbox/web/assets/cmdbox/list_cmd.js,sha256=SkUVr9gkakzzCZAMWGcCYPepbElHy4o1VbP-idTRSco,35334
+cmdbox/web/assets/cmdbox/list_pipe.js,sha256=1Jq9MbJDtD8tsI2HB_qFUDhJ9MY3V14-zQjPZHgbrIo,11294
 cmdbox/web/assets/cmdbox/main.js,sha256=K-tBnZlCpy__juT_HHKfvHzhNJykAjva7LUBJX45XzM,4997
 cmdbox/web/assets/cmdbox/open_capture.js,sha256=W4IQlOYLN4Y8OaS8Xc5yp-BRlm82TVjujChr3hJKS0M,709
 cmdbox/web/assets/cmdbox/open_output_json.js,sha256=4q7mCdVmSzFudlTlW9MuIJ1-f-kDvpD6rDUU01IbKi8,727
@@ -247,9 +248,9 @@ cmdbox/web/assets/tree-menu/image/file.png,sha256=Uw4zYkHyuoZ_kSVkesHAeSeA_g9_LP
 cmdbox/web/assets/tree-menu/image/folder-close.png,sha256=TcgsKTBBF2ejgzekOEDBFBxsJf-Z5u0x9IZVi4GBR-I,284
 cmdbox/web/assets/tree-menu/image/folder-open.png,sha256=DT7y1GRK4oXJkFvqTN_oSGM5ZYARzPvjoCGL6wqkoo0,301
 cmdbox/web/assets/tree-menu/js/tree-menu.js,sha256=-GkZxI7xzHuXXHYQBHAVTcuKX4TtoiMuyIms6Xc3pxk,1029
-cmdbox-0.5.1.dist-info/LICENSE,sha256=sBzzPc5v-5LBuIFi2V4olsnoVg-3EBI0zRX5r19SOxE,1117
-cmdbox-0.5.1.dist-info/METADATA,sha256=Cwr2Q21QZhC6iPg263joNQAKuANLhffiwsA0G25N_x0,24048
-cmdbox-0.5.1.dist-info/WHEEL,sha256=tZoeGjtWxWRfdplE7E3d45VPlLNQnvbKiYnx7gwAy8A,92
-cmdbox-0.5.1.dist-info/entry_points.txt,sha256=PIoRz-tr503YwdMmd6nxuSn2dDltf4cUMVs98E9WgaA,48
-cmdbox-0.5.1.dist-info/top_level.txt,sha256=eMEkD5jn8_0PkCAL8h5xJu4qAzF2O8Wf3vegFkKUXR4,7
-cmdbox-0.5.1.dist-info/RECORD,,
+cmdbox-0.5.1.2.dist-info/LICENSE,sha256=sBzzPc5v-5LBuIFi2V4olsnoVg-3EBI0zRX5r19SOxE,1117
+cmdbox-0.5.1.2.dist-info/METADATA,sha256=NhlyGdgD3Hp0HBPbEuknM_IRW4Y-uoeFkDmN6VMvmbM,24050
+cmdbox-0.5.1.2.dist-info/WHEEL,sha256=tZoeGjtWxWRfdplE7E3d45VPlLNQnvbKiYnx7gwAy8A,92
+cmdbox-0.5.1.2.dist-info/entry_points.txt,sha256=PIoRz-tr503YwdMmd6nxuSn2dDltf4cUMVs98E9WgaA,48
+cmdbox-0.5.1.2.dist-info/top_level.txt,sha256=eMEkD5jn8_0PkCAL8h5xJu4qAzF2O8Wf3vegFkKUXR4,7
+cmdbox-0.5.1.2.dist-info/RECORD,,