def __init__(self):
from cpc.server.state.database import DBHandler, DataBaseError
self.dbHandler = DBHandler()
def __init__(self):
from cpc.server.state.database import DBHandler, DataBaseError
self.dbHandler = DBHandler()
class UserHandler(object):
def __init__(self):
from cpc.server.state.database import DBHandler, DataBaseError
self.dbHandler = DBHandler()
def validateUser(self, user, password):
"""
Returns the user if the user exist, otherwise None.
User is passed as string
"""
hashed_pass = hashed_pass = hashlib.sha256(password).hexdigest()
query = "select id,user,level from users where user=? and password=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (
user,
hashed_pass,
))
res = c.fetchone()
if res is None:
return None
else:
user = User(res[0], res[1], res[2])
return user
def addUser(self, user, password, userlevel):
"""
Creates a new user in the database with the given level.
User is passed a string.
"""
query = "select user from users where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user, ))
if c.fetchone() is not None:
raise UserError("User already exists: %s" % user)
query = "insert into users (user, password, level) values(?, ?, ?)"
hashed_pass = hashlib.sha256(password).hexdigest()
with self.dbHandler.getCursor() as c:
c.execute(query, (user, hashed_pass, userlevel))
def deleteUser(self, user):
"""
Deletes a user from the system, including its access rights
User is passed a User object.
"""
self._ensureType(user)
query_users = "delete from users where id=?"
query_users_projects = "delete from users_project where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query_users, (user.getUserid(), ))
c.execute(query_users_projects, (user.getUserid(), ))
def userAccessToProject(self, user, project):
"""
Returns True if a user has permission to read/write the given project.
A True return value does NOT guarantee that the project actually exist.
"""
self._ensureType(user)
#super users have all access
if user.isSuperuser():
return True
query = "select user from users_project where user=? and project=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (
user.getUserid(),
project,
))
return c.fetchone() is not None
def getUserFromString(self, user):
"""
Returns the user object if given user string exist, None otherwise
"""
query = "select id,user,level from users where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user, ))
res = c.fetchone()
if res is None:
return None
else:
user = User(res[0], res[1], res[2])
return user
def wipeAccessToProject(self, project):
"""
Wipes access to everyone for a given project
"""
query = "delete from users_project where project=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (project, ))
def getProjectListForUser(self, user):
"""
Returns a list of projects a user has access to. Empty list if no access
"""
self._ensureType(user)
query = "select project from users_project where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user.getUserid(), ))
return [el[0] for el in c.fetchall()]
def addUserToProject(self, user, project):
"""
Grants access to a user to a project. OK to run multiple times
"""
self._ensureType(user)
query = "select user from users_project where user=? and project=?"
insertquery = "insert into users_project values(?, ?)"
with self.dbHandler.getCursor() as c:
c.execute(query, (
user.getUserid(),
project,
))
if c.fetchone() is None:
c.execute(insertquery, (
user.getUserid(),
project,
))
def syncUser(self, user):
"""
Updates the database to match the values in the user (name, level)
"""
self._ensureType(user)
query = "update users set user=?, level=? where id = ?"
with self.dbHandler.getCursor() as c:
c.execute(
query,
(user.getUsername(), user.getUserlevel(), user.getUserid()))
def getUsersAsList(self):
query = "select user, level from users"
with self.dbHandler.getCursor() as c:
c.execute(query)
return [{
"user": el[0],
"level": str(UserLevel(el[1]))
} for el in c.fetchall()]
def _ensureType(self, user):
if not isinstance(user, User):
raise RuntimeError("Internal error: passed wrong type database")
class UserHandler(object):
def __init__(self):
from cpc.server.state.database import DBHandler, DataBaseError
self.dbHandler = DBHandler()
def validateUser(self, user, password):
"""
Returns the user if the user exist, otherwise None.
User is passed as string
"""
hashed_pass = hashed_pass = hashlib.sha256(password).hexdigest()
query = "select id,user,level from users where user=? and password=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user,hashed_pass,))
res = c.fetchone()
if res is None:
return None
else:
user = User(res[0], res[1], res[2])
return user
def addUser(self, user, password, userlevel):
"""
Creates a new user in the database with the given level.
User is passed a string.
"""
query = "select user from users where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user,))
if c.fetchone() is not None:
raise UserError("User already exists: %s"%user)
query = "insert into users (user, password, level) values(?, ?, ?)"
hashed_pass = hashlib.sha256(password).hexdigest()
with self.dbHandler.getCursor() as c:
c.execute(query, (user,hashed_pass,userlevel))
def deleteUser(self, user):
"""
Deletes a user from the system, including its access rights
User is passed a User object.
"""
self._ensureType(user)
query_users = "delete from users where id=?"
query_users_projects = "delete from users_project where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query_users, (user.getUserid(),))
c.execute(query_users_projects, (user.getUserid(),))
def userAccessToProject(self, user, project):
"""
Returns True if a user has permission to read/write the given project.
A True return value does NOT guarantee that the project actually exist.
"""
self._ensureType(user)
#super users have all access
if user.isSuperuser():
return True
query = "select user from users_project where user=? and project=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user.getUserid(), project,))
return c.fetchone() is not None
def getUserFromString(self, user):
"""
Returns the user object if given user string exist, None otherwise
"""
query = "select id,user,level from users where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user,))
res = c.fetchone()
if res is None:
return None
else:
user = User(res[0], res[1], res[2])
return user
def wipeAccessToProject(self,project):
"""
Wipes access to everyone for a given project
"""
query = "delete from users_project where project=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (project,))
def getProjectListForUser(self,user):
"""
Returns a list of projects a user has access to. Empty list if no access
"""
self._ensureType(user)
query = "select project from users_project where user=?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user.getUserid(),))
return [el[0] for el in c.fetchall()]
def addUserToProject(self, user, project):
"""
Grants access to a user to a project. OK to run multiple times
"""
self._ensureType(user)
query = "select user from users_project where user=? and project=?"
insertquery = "insert into users_project values(?, ?)"
with self.dbHandler.getCursor() as c:
c.execute(query, (user.getUserid(), project,))
if c.fetchone() is None:
c.execute(insertquery, (user.getUserid(), project,))
def syncUser(self, user):
"""
Updates the database to match the values in the user (name, level)
"""
self._ensureType(user)
query = "update users set user=?, level=? where id = ?"
with self.dbHandler.getCursor() as c:
c.execute(query, (user.getUsername(),user.getUserlevel(),
user.getUserid()))
def getUsersAsList(self):
query = "select user, level from users"
with self.dbHandler.getCursor() as c:
c.execute(query)
return [{"user" : el[0], "level" : str(UserLevel(el[1]))}
for el in c.fetchall()]
def _ensureType(self, user):
if not isinstance(user, User):
raise RuntimeError("Internal error: passed wrong type database")