From bcb2b06124c639600d6bd672d7e51aadfa4d3a6b Mon Sep 17 00:00:00 2001
From: Paul Hooijenga <paul.hooijenga@sanoma.com>
Date: Fri, 30 Jun 2017 18:18:06 +0200
Subject: [PATCH 1/3] Do filtering and pagination of domains server-side.

---
 app/templates/dashboard.html | 51 ++++-----------------------
 app/views.py                 | 68 +++++++++++++++++++++++++++++++++---
 2 files changed, 69 insertions(+), 50 deletions(-)

diff --git a/app/templates/dashboard.html b/app/templates/dashboard.html
index dee30fc..f99b2dd 100644
--- a/app/templates/dashboard.html
+++ b/app/templates/dashboard.html
@@ -144,53 +144,11 @@
                   <th>Type</th>
                   <th>Serial</th>
                   <th>Master</th>
-                  <th>Action</th>
+                  <th {% if current_user.role.name !='Administrator' %}width="6%"{% else %}width="20%"{% endif %}>Action</th>
                 </tr>
                 </thead>
                 <tbody>
-                {% for domain in domains %}
-                <tr>
-                  <td>
-                    <a href="{{ url_for('domain', domain_name=domain.name) }}"><strong>{{ domain.name }}</strong></a>
-                  </td>
-                  <td>
-                    {% if domain.dnssec %}
-                    <button type="button" class="btn btn-flat dnssec btn-success button_dnssec" id="{{ domain.name }}" style="width:100%;">
-                        <i class="fa fa-lock"></i>&nbsp;Enabled
-                    </button>
-                    {% else %}
-                    <button type="button" class="btn btn-flat dnssec button_dnssec" id="{{ domain.name }}" style="width:100%;">
-                        <i class="fa fa-unlock-alt"></i>&nbsp;Disabled
-                    </button>
-                    {% endif %}
-                  </td>
-                  <td>
-                    {{ domain.type }}
-                  </td>
-                  <td>
-                  {% if domain.serial == 0 %}{{ domain.notified_serial }}{% else %}{{domain.serial}}{% endif %}
-                  </td>
-                  <td>
-                    {% if domain.master == '[]'%}N/A {% else %}{{ domain.master|display_master_name }}{% endif %}
-                  </td>
-                  {% if current_user.role.name !='Administrator' %}
-                  <td width="6%">
-                    <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain', domain_name=domain.name) }}'">
-                      Manage&nbsp;<i class="fa fa-cog"></i>
-                    </button>
-                  </td>
-                  {% else %}
-                  <td width="20%">
-                    <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain', domain_name=domain.name) }}'">
-                      Manage&nbsp;<i class="fa fa-cog"></i>
-                    </button>
-                    <button type="button" class="btn btn-flat btn-danger" onclick="window.location.href='{{ url_for('domain_management', domain_name=domain.name) }}'">
-                      Admin&nbsp;<i class="fa fa-cog"></i>
-                    </button>
-                  </td>
-                  {% endif %}
-                </tr>
-                {% endfor %}
+                  <!-- Content loaded via AJAX. -->
                 </tbody>
               </table>
             </div>
@@ -214,13 +172,16 @@
         "ordering" : false,
         "info" : false,
         "autoWidth" : false
-    });   
+    });
     // set up domain list
     $("#tbl_domain_list").DataTable({
         "paging" : true,
         "lengthChange" : true,
         "searching" : true,
         "ordering" : true,
+        "processing" : true,
+        "serverSide" : true,
+        "ajax" : "{{ url_for('dashboard_domains') }}",
         "info" : false,
         "autoWidth" : false,
 	    {% if default_domain_table_size_setting in ['10','25','50','100'] %}
diff --git a/app/views.py b/app/views.py
index 8cc8761..dfd8c4c 100644
--- a/app/views.py
+++ b/app/views.py
@@ -271,10 +271,6 @@ def logout():
 @login_required
 def dashboard():
     d = Domain().update()
-    if current_user.role.name == 'Administrator':
-        domains = Domain.query.all()
-    else:
-        domains = User(id=current_user.id).get_domain()
 
     # stats for dashboard
     domain_count = Domain.query.count()
@@ -287,7 +283,69 @@ def dashboard():
         uptime = filter(lambda uptime: uptime['name'] == 'uptime', statistics)[0]['value']
     else:
         uptime = 0
-    return render_template('dashboard.html', domains=domains, domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history)
+    return render_template('dashboard.html', domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history)
+
+
+@app.route('/dashboard-domains', methods=['GET'])
+@login_required
+def dashboard_domains():
+    if current_user.role.name == 'Administrator':
+        domains = Domain.query
+    else:
+        domains = User(id=current_user.id).get_domain()
+
+    template = app.jinja_env.get_template("dashboard_domain.html")
+    render = template.make_module(vars={"current_user": current_user})
+
+    columns = [Domain.name, Domain.dnssec, Domain.type, Domain.serial, Domain.master]
+    # History.created_on.desc()
+    order_by = []
+    for i in range(len(columns)):
+        column_index = request.args.get("order[%d][column]" % i)
+        sort_direction = request.args.get("order[%d][dir]" % i)
+        if column_index is None:
+            break
+        if sort_direction != "asc" and sort_direction != "desc":
+            sort_direction = "asc"
+
+        column = columns[int(column_index)]
+        order_by.append(getattr(column, sort_direction)())
+
+    if order_by:
+        domains = domains.order_by(*order_by)
+
+    total_count = domains.count()
+
+    search = request.args.get("search[value]")
+    if search:
+        start = "" if search.startswith("^") else "%"
+        end = "" if search.endswith("$") else "%"
+        domains = domains.filter(Domain.name.ilike(start + search.strip("^$") + end))
+
+    filtered_count = domains.count()
+
+    start = int(request.args.get("start", 0))
+    length = min(int(request.args.get("length", 0)), 100)
+    domains = domains[start:start + length]
+
+    data = []
+    for domain in domains:
+        data.append([
+            render.name(domain),
+            render.dnssec(domain),
+            render.type(domain),
+            render.serial(domain),
+            render.master(domain),
+            render.actions(domain),
+        ])
+
+    response_data = {
+        "draw": int(request.args.get("draw", 0)),
+        "recordsTotal": total_count,
+        "recordsFiltered": filtered_count,
+        "data": data,
+    }
+    return jsonify(response_data)
 
 
 @app.route('/domain/<path:domain_name>', methods=['GET', 'POST'])

From a48417ac236d54f926b71ee83a5ae81ed6ea2540 Mon Sep 17 00:00:00 2001
From: Paul Hooijenga <paul.hooijenga@sanoma.com>
Date: Mon, 4 Sep 2017 15:34:01 +0200
Subject: [PATCH 2/3] Add missing template

---
 app/templates/dashboard_domain.html | 46 +++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 app/templates/dashboard_domain.html

diff --git a/app/templates/dashboard_domain.html b/app/templates/dashboard_domain.html
new file mode 100644
index 0000000..47fe2bf
--- /dev/null
+++ b/app/templates/dashboard_domain.html
@@ -0,0 +1,46 @@
+{% macro name(domain) %}
+  <a href="{{ url_for('domain', domain_name=domain.name) }}"><strong>{{ domain.name }}</strong></a>
+{% endmacro %}
+
+{% macro dnssec(domain) %}
+  {% if domain.dnssec %}
+  <button type="button" class="btn btn-flat dnssec btn-success button_dnssec" id="{{ domain.name }}" style="width:100%;">
+      <i class="fa fa-lock"></i>&nbsp;Enabled
+  </button>
+  {% else %}
+  <button type="button" class="btn btn-flat dnssec button_dnssec" id="{{ domain.name }}" style="width:100%;">
+      <i class="fa fa-unlock-alt"></i>&nbsp;Disabled
+  </button>
+  {% endif %}
+{% endmacro %}
+
+{% macro type(domain) %}
+  {{ domain.type }}
+{% endmacro %}
+
+{% macro serial(domain) %}
+    {% if domain.serial == 0 %}{{ domain.notified_serial }}{% else %}{{domain.serial}}{% endif %}
+{% endmacro %}
+
+{% macro master(domain) %}
+    {% if domain.master == '[]'%}N/A{% else %}{{ domain.master|display_master_name }}{% endif %}
+{% endmacro %}
+
+{% macro actions(domain) %}
+  {% if current_user.role.name !='Administrator' %}
+    <td width="6%">
+      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain', domain_name=domain.name) }}'">
+        Manage&nbsp;<i class="fa fa-cog"></i>
+      </button>
+    </td>
+    {% else %}
+    <td width="20%">
+      <button type="button" class="btn btn-flat btn-success" onclick="window.location.href='{{ url_for('domain', domain_name=domain.name) }}'">
+        Manage&nbsp;<i class="fa fa-cog"></i>
+      </button>
+      <button type="button" class="btn btn-flat btn-danger" onclick="window.location.href='{{ url_for('domain_management', domain_name=domain.name) }}'">
+        Admin&nbsp;<i class="fa fa-cog"></i>
+      </button>
+    </td>
+  {% endif %}
+{% endmacro %}

From 5d09daf8ebdaf45a1ca0e132cb57842ded425514 Mon Sep 17 00:00:00 2001
From: Paul Hooijenga <paul.hooijenga@sanoma.com>
Date: Fri, 15 Sep 2017 15:14:04 +0200
Subject: [PATCH 3/3] Fix dashboard domain query for non-admin users

---
 app/models.py | 12 +++++++-----
 app/views.py  |  5 ++++-
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/app/models.py b/app/models.py
index 9aee967..71406d8 100644
--- a/app/models.py
+++ b/app/models.py
@@ -303,16 +303,18 @@ class User(db.Model):
             db.session.rollback()
             return False
 
+    def get_domain_query(self):
+        return db.session.query(User, DomainUser, Domain) \
+            .filter(User.id == self.id) \
+            .filter(User.id == DomainUser.user_id) \
+            .filter(Domain.id == DomainUser.domain_id)
+
     def get_domain(self):
         """
         Get domains which user has permission to
         access
         """
-        user_domains = []
-        query = db.session.query(User, DomainUser, Domain).filter(User.id==self.id).filter(User.id==DomainUser.user_id).filter(Domain.id==DomainUser.domain_id).all()
-        for q in query:
-            user_domains.append(q[2])
-        return user_domains
+        return [q[2] for q in self.get_domain_query()]
 
     def delete(self):
         """
diff --git a/app/views.py b/app/views.py
index dfd8c4c..2c47138 100644
--- a/app/views.py
+++ b/app/views.py
@@ -292,7 +292,7 @@ def dashboard_domains():
     if current_user.role.name == 'Administrator':
         domains = Domain.query
     else:
-        domains = User(id=current_user.id).get_domain()
+        domains = User(id=current_user.id).get_domain_query()
 
     template = app.jinja_env.get_template("dashboard_domain.html")
     render = template.make_module(vars={"current_user": current_user})
@@ -328,6 +328,9 @@ def dashboard_domains():
     length = min(int(request.args.get("length", 0)), 100)
     domains = domains[start:start + length]
 
+    if current_user.role.name != 'Administrator':
+        domains = [d[2] for d in domains]
+
     data = []
     for domain in domains:
         data.append([