Beispiel #1
0
def delete_group(group):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        crud.delete_group(db.session, group, requester)
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #2
0
def remove_user(user):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        crud.delete_user(db.session, user, requester)
        return format_response(200, "User removed")
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #3
0
def delete_permission(perm_id):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        crud.delete_perm(db.session, perm_id, requester)
        return format_response(200)
    except HTTPRequestError as err:
        publish_alarm(err)
        return format_response(err.errorCode, err.message)
Beispiel #4
0
def update_group(group):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        group_data = load_json_from_request(request)
        crud.update_group(db.session, group, group_data, requester)
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #5
0
def update_permission(permid):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        perm_data = load_json_from_request(request)
        crud.update_perm(db.session, permid, perm_data, requester)
        db.session.commit()
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #6
0
def update_user(user_id):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        user = load_json_from_request(request)
        crud.update_user(db.session, user_id, user, requester)
        return format_response(200)

    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #7
0
def add_user_to_group(user, group):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        if request.method == 'POST':
            rship.add_user_group(db.session, user, group, requester)
        else:
            rship.remove_user_group(db.session, user, group, requester)
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #8
0
def passwd_reset_request(username):
    if conf.emailHost == 'NOEMAIL':
        return format_response(501, "Feature not configured")
    try:
        pwdc.create_password_reset_request(db.session, username)
        db.session.commit()
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        return format_response(200)
Beispiel #9
0
def update_password():
    try:
        user_id = auth.user_id_from_jwt(request.headers.get('Authorization'))
        update_data = load_json_from_request(request)
        pwdc.update_endpoint(db.session, user_id, update_data)
        db.session.commit()
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        return format_response(200)
Beispiel #10
0
def delete_permission(permid):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        crud.get_perm(db.session, permid)
        crud.delete_perm(db.session, permid, requester)
        db.session.commit()
        MVUserPermission.refresh()
        MVGroupPermission.refresh()
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #11
0
def add_user_permission(user, permission):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        if request.method == 'POST':
            rship.add_user_permission(db.session, user, permission, requester)
        else:
            rship.remove_user_permission(db.session, user, permission,
                                         requester)
        return format_response(200)
    except HTTPRequestError as err:
        publish_alarm(err)
        return format_response(err.errorCode, err.message)
Beispiel #12
0
def add_group_permission(group, permission):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        if request.method == 'POST':
            rship.add_group_permission(db.session, group, permission,
                                       requester)
        else:
            rship.remove_group_permission(db.session, group, permission,
                                          requester)
        MVGroupPermission.refresh()
        db.session.commit()
        return format_response(200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #13
0
def authenticate():
    try:
        auth_data = load_json_from_request(request)
        jwt = auth.authenticate(db.session, auth_data)
        return make_response(json.dumps({'jwt': jwt}), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #14
0
def get_user(user):
    try:
        user = crud.get_user(db.session, user)
        return make_response(
            json.dumps({"user": user.safe_dict()}, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #15
0
def get_permission(perm_id):
    try:
        perm = crud.get_perm(db.session, perm_id)
        return make_response(json.dumps(perm.safe_dict(), default=json_serial),
                             200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #16
0
def get_group(group):
    try:
        group = crud.get_group(db.session, group)
        group = group.safe_dict()
        group['created_date'] = group['created_date'].isoformat()
        return make_response(json.dumps(group, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #17
0
def get_all_user_permissions(user):
    try:
        permissions = reports.get_all_user_permissions(db.session, user)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        permissions_safe = list(map(lambda p: p.safe_dict(), permissions))
        return make_response(json.dumps({"permissions": permissions_safe}, default=json_serial), 200)
Beispiel #18
0
def list_tenants():
    """Returns a list containing all existing tenants in the system"""

    try:
        tenants = crud.list_tenants(db.session)
        return make_response(json.dumps({"tenants": tenants}), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #19
0
def get_group_users(group):
    try:
        users = reports.get_group_users(db.session, group)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        users_safe = list(map(lambda p: p.safe_dict(), users))
        return make_response(json.dumps({"users": users_safe}, default=json_serial), 200)
Beispiel #20
0
def create_user():
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        auth_data = load_json_from_request(request)

        # Create user
        new_user = crud.create_user(db.session, auth_data, requester)

        # If no problems occur to create user (no exceptions), configure kong
        kong_data = kong.configure_kong(new_user.username)
        if kong_data is None:
            return format_response(
                500, 'failed to configure verification subsystem')
        new_user.secret = kong_data['secret']
        new_user.key = kong_data['key']
        new_user.kongId = kong_data['kongid']

        db.session.add(new_user)
        db.session.commit()
        group_success = []
        group_failed = []
        if 'profile' in auth_data.keys():
            group_success, group_failed = rship. \
                add_user_many_groups(db.session, new_user.id,
                                     auth_data['profile'], requester)
        db.session.commit()
        if conf.emailHost != 'NOEMAIL':
            pwdc.create_password_set_request(db.session, new_user)
            db.session.commit()

        if crud.count_tenant_users(db.session, new_user.service) == 1:
            log().info("will emit tenant lifecycle event {} - CREATE".format(
                new_user.service))
            send_notification({"type": 'CREATE', 'tenant': new_user.service})

        return make_response(
            json.dumps(
                {
                    "user": new_user.safeDict(),
                    "groups": group_success,
                    "could not add": group_failed,
                    "message": "user created"
                },
                default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #21
0
def remove_user(user):
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        old_username = crud.get_user(db.session, user).username
        old_user = crud.delete_user(db.session, user, requester)
        kong.remove_from_kong(old_username)
        MVUserPermission.refresh()
        MVGroupPermission.refresh()
        db.session.commit()

        if crud.count_tenant_users(db.session, old_user.service) == 0:
            log().info("will emit tenant lifecycle event {} - DELETE".format(
                old_user.service))
            send_notification({"type": 'DELETE', 'tenant': old_user.service})

        return format_response(200, "User removed")
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #22
0
def get_user_grups(user):
    try:
        groups = reports.get_user_groups(db.session, user)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        groups_safe = list(map(lambda p: p.safeDict(), groups))
        return make_response(
            json.dumps({"groups": groups_safe}, default=json_serial), 200)
Beispiel #23
0
def create_user():
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        user = load_json_from_request(request)

        result = crud.create_user(db.session, user, requester)
        return jsonify(result, 200)

    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #24
0
def list_users():
    try:
        users = crud.search_user(
            db.session,
            # Optional search filters
            request.args['username'] if 'username' in request.args else None
        )
        users_safe = list(map(lambda u: u.safe_dict(), users))
        return make_response(json.dumps({"users": users_safe}, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #25
0
def create_permission():
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        perm_data = load_json_from_request(request)
        new_perm = crud.create_perm(db.session, perm_data, requester)
        return make_response(json.dumps({
            "status": 200,
            "id": new_perm.id
        }), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #26
0
def pdp_request():
    try:
        pdp_data = load_json_from_request(request)
        veredict = pdpc.pdp_main(db.session, pdp_data)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        return make_response(json.dumps({
            "decision": veredict,
            "status": "ok"
        }, default=json_serial), 200)
Beispiel #27
0
def create_group():
    try:
        requester = auth.get_jwt_payload(request.headers.get('Authorization'))
        group_data = load_json_from_request(request)
        new_group = crud.create_group(db.session, group_data, requester)

        return make_response(json.dumps({
            "status": 200,
            "id": new_group.id
        }, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #28
0
def list_group():
    try:
        groups = crud.search_group(
            db.session,
            # search filters
            request.args['name'] if 'name' in request.args else None
        )
        groups_safe = list(map(lambda p: p.safe_dict(), groups))
        for g in groups_safe:
            g['created_date'] = g['created_date'].isoformat()
        return make_response(json.dumps({"groups": groups_safe}, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
Beispiel #29
0
def password_reset():
    try:
        link = request.args.get('link')
        reset_data = load_json_from_request(request)
        updating_user = pwdc.reset_password(db.session, link, reset_data)

        # password updated. Should reconfigure kong and Invalidate
        # all previous logins
        kong_data = kong.configure_kong(updating_user.username)
        if kong_data is None:
            return format_response(500,
                                   'failed to configure verification subsystem')

        kong.revoke_kong_secret(updating_user.username, updating_user.kongId)
        updating_user.secret = kong_data['secret']
        updating_user.key = kong_data['key']
        updating_user.kongid = kong_data['kongid']
        db.session.add(updating_user)
        db.session.commit()
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)
    else:
        return format_response(200)
Beispiel #30
0
def list_permissions():
    try:
        perms = crud.search_perm(
            db.session,
            # search filters
            request.args['path'] if 'path' in request.args else None,
            request.args['method'] if 'method' in request.args else None,
            request.args['permission'] if 'permission' in request.args else None,
            request.args['type'] if 'type' in request.args else None
        )
        permissions_safe = list(map(lambda p: p.safe_dict(), perms))
        return make_response(json.dumps({"permissions": permissions_safe}, default=json_serial), 200)
    except HTTPRequestError as err:
        return format_response(err.errorCode, err.message)