def delete_group(group):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
crud.delete_group(db.session, group, requester)
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def authenticate():
try:
auth_data = load_json_from_request(request)
jwt = auth.authenticate(db.session, auth_data)
return make_response(json.dumps({'jwt': jwt}), 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def remove_user(user):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
crud.delete_user(db.session, user, requester)
return format_response(200, "User removed")
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def delete_permission(perm_id):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
crud.delete_perm(db.session, perm_id, requester)
return format_response(200)
except HTTPRequestError as err:
publish_alarm(err)
return format_response(err.errorCode, err.message)
def update_group(group):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
group_data = load_json_from_request(request)
crud.update_group(db.session, group, group_data, requester)
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def deleteGroup(group):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
crud.deleteGroup(db.session, group, requester)
MVGroupPermission.refresh()
db.session.commit()
return formatResponse(200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def updateGroup(group):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
groupData = loadJsonFromRequest(request)
crud.updateGroup(db.session, group, groupData, requester)
db.session.commit()
return formatResponse(200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def update_user(user_id):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
user = load_json_from_request(request)
crud.update_user(db.session, user_id, user, requester)
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def update_permission(permid):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
perm_data = load_json_from_request(request)
crud.update_perm(db.session, permid, perm_data, requester)
db.session.commit()
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def add_user_to_group(user, group):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
if request.method == 'POST':
rship.add_user_group(db.session, user, group, requester)
else:
rship.remove_user_group(db.session, user, group, requester)
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def update_password():
try:
user_id = auth.user_id_from_jwt(request.headers.get('Authorization'))
update_data = load_json_from_request(request)
pwdc.update_endpoint(db.session, user_id, update_data)
db.session.commit()
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
else:
return format_response(200)
def create_user():
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
user = load_json_from_request(request)
result = crud.create_user(db.session, user, requester)
return jsonify(result, 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def updatePasswd():
try:
userId = auth.userIdFromJWT(request.headers.get('Authorization'))
updateData = loadJsonFromRequest(request)
pwdc.updateEndpoint(db.session, userId, updateData)
db.session.commit()
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
else:
return formatResponse(200)
def addUserToGroup(user, group):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
if request.method == 'POST':
rship.addUserGroup(db.session, user, group, requester)
else:
rship.removeUserGroup(db.session, user, group, requester)
db.session.commit()
return formatResponse(200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def create_permission():
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
perm_data = load_json_from_request(request)
new_perm = crud.create_perm(db.session, perm_data, requester)
return make_response(json.dumps({
"status": 200,
"id": new_perm.id
}), 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def delete_permission(permid):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
crud.get_perm(db.session, permid)
crud.delete_perm(db.session, permid, requester)
db.session.commit()
MVUserPermission.refresh()
MVGroupPermission.refresh()
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def removeUser(user):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
oldUsername = crud.getUser(db.session, user).username
crud.deleteUser(db.session, user, requester)
kong.removeFromKong(oldUsername)
MVUserPermission.refresh()
MVGroupPermission.refresh()
db.session.commit()
return formatResponse(200, "User removed")
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def create_group():
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
group_data = load_json_from_request(request)
new_group = crud.create_group(db.session, group_data, requester)
return make_response(json.dumps({
"status": 200,
"id": new_group.id
}, default=json_serial), 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def add_user_permission(user, permission):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
if request.method == 'POST':
rship.add_user_permission(db.session, user, permission, requester)
else:
rship.remove_user_permission(db.session, user, permission,
requester)
return format_response(200)
except HTTPRequestError as err:
publish_alarm(err)
return format_response(err.errorCode, err.message)
def createGroup():
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
groupData = loadJsonFromRequest(request)
newGroup = crud.createGroup(db.session, groupData, requester)
db.session.add(newGroup)
db.session.commit()
return make_response(json.dumps({
"status": 200,
"id": newGroup.id
}), 200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def addGroupPermission(group, permission):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
if request.method == 'POST':
rship.addGroupPermission(db.session, group, permission, requester)
else:
rship.removeGroupPermission(db.session, group,
permission, requester)
MVGroupPermission.refresh()
db.session.commit()
return formatResponse(200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def create_user():
try:
LOGGER.debug("Creating new user...")
LOGGER.debug("Reading request...")
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
user = load_json_from_request(request)
LOGGER.debug("... request is:")
LOGGER.debug(user)
LOGGER.debug("Inserting user into database...")
result = crud.create_user(db.session, user, requester)
LOGGER.debug("... user data was inserted into the database.")
LOGGER.debug("... new user was created.")
return jsonify(result, 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def create_user():
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
auth_data = load_json_from_request(request)
# Create user
new_user = crud.create_user(db.session, auth_data, requester)
# If no problems occur to create user (no exceptions), configure kong
kong_data = kong.configure_kong(new_user.username)
if kong_data is None:
return format_response(
500, 'failed to configure verification subsystem')
new_user.secret = kong_data['secret']
new_user.key = kong_data['key']
new_user.kongId = kong_data['kongid']
db.session.add(new_user)
db.session.commit()
group_success = []
group_failed = []
if 'profile' in auth_data.keys():
group_success, group_failed = rship. \
add_user_many_groups(db.session, new_user.id,
auth_data['profile'], requester)
db.session.commit()
if conf.emailHost != 'NOEMAIL':
pwdc.create_password_set_request(db.session, new_user)
db.session.commit()
if crud.count_tenant_users(db.session, new_user.service) == 1:
log().info("will emit tenant lifecycle event {} - CREATE".format(
new_user.service))
send_notification({"type": 'CREATE', 'tenant': new_user.service})
return make_response(
json.dumps(
{
"user": new_user.safeDict(),
"groups": group_success,
"could not add": group_failed,
"message": "user created"
},
default=json_serial), 200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def remove_user(user):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
old_username = crud.get_user(db.session, user).username
old_user = crud.delete_user(db.session, user, requester)
kong.remove_from_kong(old_username)
MVUserPermission.refresh()
MVGroupPermission.refresh()
db.session.commit()
if crud.count_tenant_users(db.session, old_user.service) == 0:
log().info("will emit tenant lifecycle event {} - DELETE".format(
old_user.service))
send_notification({"type": 'DELETE', 'tenant': old_user.service})
return format_response(200, "User removed")
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
def updateUser(user):
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
authData = loadJsonFromRequest(request)
oldUser = crud.updateUser(db.session, user, authData, requester)
# Create a new kong secret and delete the old one
kongData = kong.configureKong(oldUser.username)
if kongData is None:
return formatResponse(500,
'failed to configure verification subsystem')
kong.revokeKongSecret(oldUser.username, oldUser.kongId)
oldUser.secret = kongData['secret']
oldUser.key = kongData['key']
oldUser.kongid = kongData['kongid']
db.session.add(oldUser)
db.session.commit()
return formatResponse(200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def createUser():
try:
requester = auth.getJwtPayload(request.headers.get('Authorization'))
authData = loadJsonFromRequest(request)
# Create user
newUser = crud.createUser(db.session, authData, requester)
# If no problems occur to create user (no exceptions), configure kong
kongData = kong.configureKong(newUser.username)
if kongData is None:
return formatResponse(500,
'failed to configure verification subsystem')
newUser.secret = kongData['secret']
newUser.key = kongData['key']
newUser.kongId = kongData['kongid']
db.session.add(newUser)
db.session.commit()
groupSuccess = []
groupFailed = []
if 'profile' in authData.keys():
groupSuccess, groupFailed = rship. \
addUserManyGroups(db.session, newUser.id,
authData['profile'], requester)
db.session.commit()
if conf.emailHost != 'NOEMAIL':
pwdc.createPasswordSetRequest(db.session, newUser)
db.session.commit()
return make_response(json.dumps({
"user": newUser.safeDict(),
"groups": groupSuccess,
"could not add": groupFailed,
"message": "user created"
}), 200)
except HTTPRequestError as err:
return formatResponse(err.errorCode, err.message)
def update_user(user):
try:
requester = auth.get_jwt_payload(request.headers.get('Authorization'))
auth_data = load_json_from_request(request)
updated_user, old_service = crud.update_user(db.session, user,
auth_data, requester)
# Create a new kong secret and delete the old one
kong_data = kong.configure_kong(updated_user.username)
if kong_data is None:
return format_response(
500, 'failed to configure verification subsystem')
kong.revoke_kong_secret(updated_user.username, updated_user.kongId)
updated_user.secret = kong_data['secret']
updated_user.key = kong_data['key']
updated_user.kongid = kong_data['kongid']
db.session.add(updated_user)
db.session.commit()
if crud.count_tenant_users(db.session, old_service) == 0:
log().info("will emit tenant lifecycle event {} - DELETE".format(
old_service))
send_notification({"type": 'DELETE', 'tenant': old_service})
if crud.count_tenant_users(db.session, updated_user.service) == 1:
log().info("will emit tenant lifecycle event {} - CREATE".format(
updated_user.service))
send_notification({
"type": 'CREATE',
'tenant': updated_user.service
})
return format_response(200)
except HTTPRequestError as err:
return format_response(err.errorCode, err.message)
