From 7f1c2a61135a2e21e960fa5801f3ae852bfb24ad Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Mon, 12 Sep 2022 13:55:35 +0200 Subject: [proxy] Add support for script blocking/allowing rules --- src/hydrilla/proxy/policies/rule.py | 2 +- src/hydrilla/proxy/state.py | 47 +++++- src/hydrilla/proxy/state_impl/base.py | 3 +- src/hydrilla/proxy/state_impl/concrete_state.py | 45 ++++-- src/hydrilla/proxy/state_impl/repos.py | 2 +- src/hydrilla/proxy/state_impl/rules.py | 180 +++++++++++++++++++++ src/hydrilla/proxy/web_ui/root.py | 3 +- src/hydrilla/proxy/web_ui/rules.py | 111 +++++++++++++ .../proxy/web_ui/templates/base.html.jinja | 1 + .../proxy/web_ui/templates/rules/add.html.jinja | 64 ++++++++ .../proxy/web_ui/templates/rules/index.html.jinja | 61 +++++++ .../web_ui/templates/rules/show_single.html.jinja | 106 ++++++++++++ 12 files changed, 609 insertions(+), 16 deletions(-) create mode 100644 src/hydrilla/proxy/state_impl/rules.py create mode 100644 src/hydrilla/proxy/web_ui/rules.py create mode 100644 src/hydrilla/proxy/web_ui/templates/rules/add.html.jinja create mode 100644 src/hydrilla/proxy/web_ui/templates/rules/index.html.jinja create mode 100644 src/hydrilla/proxy/web_ui/templates/rules/show_single.html.jinja (limited to 'src/hydrilla/proxy') diff --git a/src/hydrilla/proxy/policies/rule.py b/src/hydrilla/proxy/policies/rule.py index bcb110e..84b750b 100644 --- a/src/hydrilla/proxy/policies/rule.py +++ b/src/hydrilla/proxy/policies/rule.py @@ -109,7 +109,7 @@ class RulePolicyFactory(base.PolicyFactory): def __lt__(self, other: base.PolicyFactory) -> bool: """....""" - if type(other) is type(self): + if type(other) is not type(self): return super().__lt__(other) assert isinstance(other, RulePolicyFactory) diff --git a/src/hydrilla/proxy/state.py b/src/hydrilla/proxy/state.py index abea7a7..1ba87b4 100644 --- a/src/hydrilla/proxy/state.py +++ b/src/hydrilla/proxy/state.py @@ -133,6 +133,47 @@ class Store(ABC, t.Generic[RefType]): ... +class RulePatternInvalid(HaketiloException): + pass + +@dc.dataclass(frozen=True) +class RuleDisplayInfo: + ref: 'RuleRef' + pattern: str + allow_scripts: bool + +# mypy needs to be corrected: +# https://stackoverflow.com/questions/70999513/conflict-between-mix-ins-for-abstract-dataclasses/70999704#70999704 +@dc.dataclass(frozen=True, unsafe_hash=True) # type: ignore[misc] +class RuleRef(Ref): + @abstractmethod + def remove(self) -> None: + ... + + @abstractmethod + def update( + self, + *, + pattern: t.Optional[str] = None, + allow: t.Optional[bool] = None + ) -> None: + ... + + @abstractmethod + def get_display_info(self) -> RuleDisplayInfo: + ... + +class RuleStore(Store[RuleRef]): + @abstractmethod + def get_display_infos(self, allow: t.Optional[bool] = None) \ + -> t.Sequence[RuleDisplayInfo]: + ... + + @abstractmethod + def add(self, pattern: str, allow: bool) -> RuleRef: + ... + + class RepoNameInvalid(HaketiloException): pass @@ -161,8 +202,6 @@ class FileMissingError(FileInstallationError): class RepoApiVersionUnsupported(HaketiloException): pass -# mypy needs to be corrected: -# https://stackoverflow.com/questions/70999513/conflict-between-mix-ins-for-abstract-dataclasses/70999704#70999704 @dc.dataclass(frozen=True, unsafe_hash=True) # type: ignore[misc] class RepoRef(Ref): """....""" @@ -442,6 +481,10 @@ class HaketiloState(ABC): def import_items(self, malcontent_path: Path) -> None: ... + @abstractmethod + def rule_store(self) -> RuleStore: + ... + @abstractmethod def repo_store(self) -> RepoStore: """....""" diff --git a/src/hydrilla/proxy/state_impl/base.py b/src/hydrilla/proxy/state_impl/base.py index f969b19..a8800cb 100644 --- a/src/hydrilla/proxy/state_impl/base.py +++ b/src/hydrilla/proxy/state_impl/base.py @@ -246,7 +246,8 @@ class HaketiloStateWithFields(st.HaketiloState): ... @abstractmethod - def rebuild_structures(self) -> None: + def rebuild_structures(self, *, payloads: bool = True, rules: bool = True) \ + -> None: """ Recreation of data structures as done after every recomputation of dependencies as well as at startup. diff --git a/src/hydrilla/proxy/state_impl/concrete_state.py b/src/hydrilla/proxy/state_impl/concrete_state.py index cd32e83..a6d32f1 100644 --- a/src/hydrilla/proxy/state_impl/concrete_state.py +++ b/src/hydrilla/proxy/state_impl/concrete_state.py @@ -47,6 +47,7 @@ from .. import state as st from .. import policies from .. import simple_dependency_satisfying as sds from . import base +from . import rules from . import items from . import repos from . import payloads @@ -143,7 +144,7 @@ class ConcreteHaketiloState(base.HaketiloStateWithFields): repo_id = repo_id ) - self.rebuild_structures() + self.rebuild_structures(rules=False) def prune_orphans(self) -> None: with self.cursor() as cursor: @@ -163,7 +164,7 @@ class ConcreteHaketiloState(base.HaketiloStateWithFields): unlocked_required_mappings = unlocked_required_mappings ) - self.rebuild_structures() + self.rebuild_structures(rules=False) def pull_missing_files(self) -> None: with self.cursor() as cursor: @@ -182,6 +183,29 @@ class ConcreteHaketiloState(base.HaketiloStateWithFields): ui_factory ) + # Put script blocking/allowing rules in policy tree. + cursor.execute('SELECT pattern, allow_scripts FROM rules;') + + for pattern, allow_scripts in cursor.fetchall(): + for parsed_pattern in url_patterns.parse_pattern(pattern): + factory: policies.PolicyFactory + if allow_scripts: + factory = policies.RuleAllowPolicyFactory( + builtin = False, + pattern = parsed_pattern + ) + else: + factory = policies.RuleBlockPolicyFactory( + builtin = False, + pattern = parsed_pattern + ) + + new_policy_tree = new_policy_tree.register( + parsed_pattern = parsed_pattern, + item = factory + ) + + # Put script payload rules in policy tree. cursor.execute( ''' SELECT @@ -202,15 +226,10 @@ class ConcreteHaketiloState(base.HaketiloStateWithFields): ''' ) - rows = cursor.fetchall() - new_payloads_data: dict[st.PayloadRef, st.PayloadData] = {} - for row in rows: - (payload_id_int, pattern, eval_allowed, cors_bypass_allowed, - enabled_status, - identifier) = row - + for (payload_id_int, pattern, eval_allowed, cors_bypass_allowed, + enabled_status, identifier) in cursor.fetchall(): payload_ref = payloads.ConcretePayloadRef(str(payload_id_int), self) previous_data = self.payloads_data.get(payload_ref) @@ -245,10 +264,16 @@ class ConcreteHaketiloState(base.HaketiloStateWithFields): self.policy_tree = new_policy_tree self.payloads_data = new_payloads_data - def rebuild_structures(self) -> None: + def rebuild_structures(self, *, payloads: bool = True, rules: bool = True) \ + -> None: + # The `payloads` and `rules` args will be useful for optimization but + # for now we're not yet using them. with self.cursor() as cursor: self._rebuild_structures(cursor) + def rule_store(self) -> st.RuleStore: + return rules.ConcreteRuleStore(self) + def repo_store(self) -> st.RepoStore: return repos.ConcreteRepoStore(self) diff --git a/src/hydrilla/proxy/state_impl/repos.py b/src/hydrilla/proxy/state_impl/repos.py index 383d147..4afd86f 100644 --- a/src/hydrilla/proxy/state_impl/repos.py +++ b/src/hydrilla/proxy/state_impl/repos.py @@ -235,7 +235,7 @@ class ConcreteRepoRef(st.RepoRef): except sqlite3.IntegrityError: raise st.RepoNameTaken() - self.state.rebuild_structures() + self.state.rebuild_structures(rules=False) def refresh(self) -> None: with self.state.cursor(transaction=True) as cursor: diff --git a/src/hydrilla/proxy/state_impl/rules.py b/src/hydrilla/proxy/state_impl/rules.py new file mode 100644 index 0000000..bd9480d --- /dev/null +++ b/src/hydrilla/proxy/state_impl/rules.py @@ -0,0 +1,180 @@ +# SPDX-License-Identifier: GPL-3.0-or-later + +# Haketilo proxy data and configuration (RuleRef and RuleStore subtypes). +# +# This file is part of Hydrilla&Haketilo. +# +# Copyright (C) 2022 Wojtek Kosior +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# +# +# I, Wojtek Kosior, thereby promise not to sue for violation of this +# file's license. Although I request that you do not make use this code +# in a proprietary program, I am not going to enforce this in court. + +""" +This module provides an interface to interact with script allowing/blocking +rules configured inside Haketilo. +""" + +# Enable using with Python 3.7. +from __future__ import annotations + +import sqlite3 +import typing as t +import dataclasses as dc + +from ... import url_patterns +from .. import state as st +from . import base + + +def ensure_rule_not_deleted(cursor: sqlite3.Cursor, rule_id: str) -> None: + cursor.execute('SELECT COUNT(*) from rules where rule_id = ?;', (rule_id,)) + + (rule_present,), = cursor.fetchall() + + if not rule_present: + raise st.MissingItemError() + +def sanitize_rule_pattern(pattern: str) -> str: + pattern = pattern.strip() + + try: + assert pattern + return url_patterns.normalize_pattern(pattern) + except: + raise st.RulePatternInvalid() + + +@dc.dataclass(frozen=True, unsafe_hash=True) +class ConcreteRuleRef(st.RuleRef): + state: base.HaketiloStateWithFields = dc.field(hash=False, compare=False) + + def remove(self) -> None: + with self.state.cursor(transaction=True) as cursor: + ensure_rule_not_deleted(cursor, self.id) + + cursor.execute('DELETE FROM rules WHERE rule_id = ?;', self.id) + + self.state.rebuild_structures(payloads=False) + + def update( + self, + *, + pattern: t.Optional[str] = None, + allow: t.Optional[bool] = None + ) -> None: + if pattern is not None: + pattern = sanitize_rule_pattern(pattern) + + if pattern is None and allow is None: + return + + with self.state.cursor(transaction=True) as cursor: + ensure_rule_not_deleted(cursor, self.id) + + if allow is not None: + cursor.execute( + 'UPDATE rules SET allow_scripts = ? WHERE rule_id = ?;', + (allow, self.id) + ) + + if pattern is not None: + cursor.execute( + 'DELETE FROM rules WHERE pattern = ? AND rule_id != ?;', + (pattern, self.id) + ) + + cursor.execute( + 'UPDATE rules SET pattern = ? WHERE rule_id = ?;', + (pattern, self.id) + ) + + self.state.rebuild_structures(payloads=False) + + def get_display_info(self) -> st.RuleDisplayInfo: + with self.state.cursor() as cursor: + cursor.execute( + 'SELECT pattern, allow_scripts FROM rules WHERE rule_id = ?;', + (self.id,) + ) + + rows = cursor.fetchall() + + if rows == []: + raise st.MissingItemError() + + (pattern, allow), = rows + + return st.RuleDisplayInfo(self, pattern, allow) + + +@dc.dataclass(frozen=True) +class ConcreteRuleStore(st.RuleStore): + state: base.HaketiloStateWithFields + + def get(self, id: str) -> st.RuleRef: + return ConcreteRuleRef(str(int(id)), self.state) + + def add(self, pattern: str, allow: bool) -> st.RuleRef: + pattern = sanitize_rule_pattern(pattern) + + with self.state.cursor(transaction=True) as cursor: + cursor.execute( + ''' + INSERT INTO rules(pattern, allow_scripts) + VALUES (?, ?) + ON CONFLICT (pattern) + DO UPDATE SET allow_scripts = excluded.allow_scripts; + ''', + (pattern, allow) + ) + + cursor.execute( + 'SELECT rule_id FROM rules WHERE pattern = ?;', + (pattern,) + ) + + (rule_id,), = cursor.fetchall() + + return ConcreteRuleRef(str(rule_id), self.state) + + def get_display_infos(self, allow: t.Optional[bool] = None) \ + -> t.Sequence[st.RuleDisplayInfo]: + with self.state.cursor() as cursor: + cursor.execute( + ''' + SELECT + rule_id, pattern, allow_scripts + FROM + rules + WHERE + COALESCE(allow_scripts = ?, TRUE) + ORDER BY + pattern; + ''', + (allow,) + ) + + rows = cursor.fetchall() + + result = [] + for rule_id, pattern, allow_scripts in rows: + ref = ConcreteRuleRef(str(rule_id), self.state) + + result.append(st.RuleDisplayInfo(ref, pattern, allow_scripts)) + + return result diff --git a/src/hydrilla/proxy/web_ui/root.py b/src/hydrilla/proxy/web_ui/root.py index 855345e..763abab 100644 --- a/src/hydrilla/proxy/web_ui/root.py +++ b/src/hydrilla/proxy/web_ui/root.py @@ -45,6 +45,7 @@ from ... import item_infos from .. import state as st from .. import http_messages from . import options +from . import rules from . import repos from . import items from . import prompts @@ -94,7 +95,7 @@ class WebUIAppImpl(_app.WebUIApp): self.before_request(authenticate_by_referrer) - for blueprint in [repos.bp, items.bp, prompts.bp, options.bp]: + for blueprint in [rules.bp, repos.bp, items.bp, prompts.bp, options.bp]: self.register_blueprint(blueprint) # Flask app is not thread-safe and has to be accompanied by an ugly lock. This diff --git a/src/hydrilla/proxy/web_ui/rules.py b/src/hydrilla/proxy/web_ui/rules.py new file mode 100644 index 0000000..79d0b99 --- /dev/null +++ b/src/hydrilla/proxy/web_ui/rules.py @@ -0,0 +1,111 @@ +# SPDX-License-Identifier: GPL-3.0-or-later + +# Proxy web UI script blocking rule management. +# +# This file is part of Hydrilla&Haketilo. +# +# Copyright (C) 2022 Wojtek Kosior +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# +# +# I, Wojtek Kosior, thereby promise not to sue for violation of this +# file's license. Although I request that you do not make use this code +# in a proprietary program, I am not going to enforce this in court. + +# Enable using with Python 3.7. +from __future__ import annotations + +import typing as t + +import flask +import werkzeug + +from .. import state as st +from . import _app + + +bp = flask.Blueprint('rules', __package__) + +@bp.route('/rules/add', methods=['GET']) +def add_rule(errors: t.Mapping[str, bool] = {}) -> werkzeug.Response: + html = flask.render_template('rules/add.html.jinja', **errors) + return flask.make_response(html, 200) + +@bp.route('/rules/add', methods=['POST']) +def add_rule_post() -> werkzeug.Response: + form_data = flask.request.form + + try: + new_rule_ref = _app.get_haketilo_state().rule_store().add( + pattern = form_data['pattern'], + allow = form_data['allow'] == 'true' + ) + except st.RulePatternInvalid: + return add_rule({'rule_pattern_invalid': True}) + + return flask.redirect(flask.url_for('.show_rule', rule_id=new_rule_ref.id)) + +@bp.route('/rules', methods=['GET']) +def rules(errors: t.Mapping[str, bool] = {}) -> werkzeug.Response: + store = _app.get_haketilo_state().rule_store() + + html = flask.render_template( + 'rules/index.html.jinja', + display_infos = store.get_display_infos(), + **errors + ) + return flask.make_response(html, 200) + +@bp.route('/rules/view/') +def show_rule(rule_id: str, errors: t.Mapping[str, bool] = {}) \ + -> werkzeug.Response: + try: + store = _app.get_haketilo_state().rule_store() + display_info = store.get(rule_id).get_display_info() + + html = flask.render_template( + 'rules/show_single.html.jinja', + display_info = display_info, + **errors + ) + return flask.make_response(html, 200) + except st.MissingItemError: + flask.abort(404) + +@bp.route('/rules/view/', methods=['POST']) +def alter_rule(rule_id: str) -> werkzeug.Response: + form_data = flask.request.form + action = form_data['action'] + + try: + rule_ref = _app.get_haketilo_state().rule_store().get(rule_id) + + if action == 'remove_rule': + rule_ref.remove() + return flask.redirect(flask.url_for('.rules')) + elif action == 'update_rule_data': + allow_param = form_data.get('allow') + rule_ref.update( + pattern = form_data.get('pattern'), + allow = None if allow_param is None else allow_param == 'true' + ) + else: + raise ValueError() + except st.RulePatternInvalid: + return show_rule(rule_id, {'rule_pattern_invalid': True}) + except st.MissingItemError: + flask.abort(404) + + return flask.redirect(flask.url_for('.show_rule', rule_id=rule_id)) diff --git a/src/hydrilla/proxy/web_ui/templates/base.html.jinja b/src/hydrilla/proxy/web_ui/templates/base.html.jinja index fcd65c2..376f6b3 100644 --- a/src/hydrilla/proxy/web_ui/templates/base.html.jinja +++ b/src/hydrilla/proxy/web_ui/templates/base.html.jinja @@ -238,6 +238,7 @@ in a proprietary work, I am not going to enforce this in court. set navigation_bar = [ ('home', _('web_ui.base.nav.home')), ('options.options', _('web_ui.base.nav.options')), + ('rules.rules', _('web_ui.base.nav.rules')), ('items.packages', _('web_ui.base.nav.packages')), ('items.libraries', _('web_ui.base.nav.libraries')), ('repos.repos', _('web_ui.base.nav.repos')), diff --git a/src/hydrilla/proxy/web_ui/templates/rules/add.html.jinja b/src/hydrilla/proxy/web_ui/templates/rules/add.html.jinja new file mode 100644 index 0000000..ab21834 --- /dev/null +++ b/src/hydrilla/proxy/web_ui/templates/rules/add.html.jinja @@ -0,0 +1,64 @@ +{# +SPDX-License-Identifier: GPL-3.0-or-later OR CC-BY-SA-4.0 + +Proxy web UI script blocking/allowing rule creation page. + +This file is part of Hydrilla&Haketilo. + +Copyright (C) 2022 Wojtek Kosior + +Dual licensed under +* GNU General Public License v3.0 or later and +* Creative Commons Attribution Share Alike 4.0 International. + +You can choose to use either of these licenses or both. + + +I, Wojtek Kosior, thereby promise not to sue for violation of this +file's licenses. Although I request that you do not make use this code +in a proprietary work, I am not going to enforce this in court. +#} +{% extends "base.html.jinja" %} + +{% block title %} {{ _('web_ui.rules.add.title') }} {% endblock %} + +{% block main %} +

{{ _('web_ui.rules.add.heading') }}

+
+ {% if rule_pattern_invalid is defined %} + {{ error_note(_('web_ui.err.rule_pattern_invalid')) }} + {% endif %} + + + +
+ +
+ +
+ + + +
+ + +
+ +
+ + +
+ +
+ +
+ +
+
+{% endblock %} diff --git a/src/hydrilla/proxy/web_ui/templates/rules/index.html.jinja b/src/hydrilla/proxy/web_ui/templates/rules/index.html.jinja new file mode 100644 index 0000000..5f290e0 --- /dev/null +++ b/src/hydrilla/proxy/web_ui/templates/rules/index.html.jinja @@ -0,0 +1,61 @@ +{# +SPDX-License-Identifier: GPL-3.0-or-later OR CC-BY-SA-4.0 + +Proxy web UI script allowing/blocking rule list page. + +This file is part of Hydrilla&Haketilo. + +Copyright (C) 2022 Wojtek Kosior + +Dual licensed under +* GNU General Public License v3.0 or later and +* Creative Commons Attribution Share Alike 4.0 International. + +You can choose to use either of these licenses or both. + + +I, Wojtek Kosior, thereby promise not to sue for violation of this +file's licenses. Although I request that you do not make use this code +in a proprietary work, I am not going to enforce this in court. +#} +{% extends "base.html.jinja" %} + +{% block title %}{{ _('web_ui.rules.title') }}{% endblock %} + +{% block style %} + {{ super() }} + + {% include 'include/item_list_style.css.jinja' %} +{% endblock %} + +{% block main %} +

{{ _('web_ui.rules.heading') }}

+ + + {{ _('web_ui.rules.add_rule_button') }} + + +
+ +

{{ _('web_ui.rules.rule_list_heading') }}

+ +
    + {% for info in display_infos %} + + {% if info.allow_scripts %} + {% set entry_classes = ['entry-line-red'] %} + {% else %} + {% set entry_classes = ['entry-line-blue'] %} + {% endif %} + +
  • + +
    + {{ info.pattern }} +
    +     +
    • + {% endfor %} +
+{% endblock %} diff --git a/src/hydrilla/proxy/web_ui/templates/rules/show_single.html.jinja b/src/hydrilla/proxy/web_ui/templates/rules/show_single.html.jinja new file mode 100644 index 0000000..ad0c19c --- /dev/null +++ b/src/hydrilla/proxy/web_ui/templates/rules/show_single.html.jinja @@ -0,0 +1,106 @@ +{# +SPDX-License-Identifier: GPL-3.0-or-later OR CC-BY-SA-4.0 + +Proxy web UI script allowing/blocking rule modification page. + +This file is part of Hydrilla&Haketilo. + +Copyright (C) 2022 Wojtek Kosior + +Dual licensed under +* GNU General Public License v3.0 or later and +* Creative Commons Attribution Share Alike 4.0 International. + +You can choose to use either of these licenses or both. + + +I, Wojtek Kosior, thereby promise not to sue for violation of this +file's licenses. Although I request that you do not make use this code +in a proprietary work, I am not going to enforce this in court. +#} +{% extends "base.html.jinja" %} + +{% block title %} {{ _('web_ui.rules.single.title') }} {% endblock %} + +{% block style %} + {{ super() }} + + {% include 'include/checkbox_tricks_style.css.jinja' %} +{% endblock %} + +{% block main %} +

+ {% if display_info.allow_scripts %} + {{ _('web_ui.rules.single.heading.allow') }} + {% else %} + {{ _('web_ui.rules.single.heading.block') }} + {% endif %} +

+ +

+ {{ _('web_ui.rules.single.pattern_is_{}').format(display_info.pattern) }} +

+ + {% if rule_pattern_invalid is defined %} + {% set checked_attr = '' %} + {% else %} + {% set checked_attr = 'checked=""' %} + {% endif %} + + + +
+ + + {% if rule_pattern_invalid is defined %} + {{ error_note(_('web_ui.err.rule_pattern_invalid')) }} + {% endif %} + +
+ +
+ +
+ +
+ +
+
+ +
+ + {% set allow_but_classes = ['red-button'] %} + {% set block_but_classes = ['blue-button'] %} + + {% set allow_text = _('web_ui.rules.single.allow_button') %} + {% set block_text = _('web_ui.rules.single.block_button') %} + + {% if display_info.allow_scripts %} + {% do allow_but_classes.append('disabled-button') %} + {% else %} + {% do block_but_classes.append('disabled-button') %} + {% endif %} + + {{ + button_row([ + (allow_but_classes, allow_text, {'allow': 'true'}), + (block_but_classes, block_text, {'allow': 'false'}) + ], {'action': 'update_rule_data'} + ) + }} + +
+ + {% set button_text = _('web_ui.rules.single.remove_button') %} + {% set extra_fields = {'action': 'remove_rule'} %} + {{ button_row([(['green-button'], button_text, extra_fields)]) }} +{% endblock %} -- cgit v1.2.3