def save_uploaded_file():
    """ Receives files on the server side """
    fchunk = FileChunk.init_from_request()
    logger.info("User uploaded chunk: {}".format(fchunk))
    file_name = fchunk.file_name

    if not fchunk.afile:
        err = utils.pack_error("No file specified.")
        logger.error(err)
        return err

    chunk_path = get_chunk_path(file_name, fchunk.number)

    try:
        # For every request recived we store the chunk to a temp folder
        fchunk.afile.save(chunk_path)
    except Exception as exc:
        logger.error("Problem saving: {} due: {}".format(fchunk, exc))
        return utils.pack_error("Unable to save file chunk: {}"
                                .format(fchunk.number))

    # When all chunks are recived we merge them
    if not all_chunks_received(fchunk):
        return utils.jsonify_success('Request completed successfully.')

    # When all chunks are received we merge them
    subject_file = merge_files(fchunk)

    if subject_file is not None:
        prefix = app.config['REDIDROPPER_UPLOAD_SAVED_DIR']
        file_path = subject_file.get_full_path(prefix)
        delete_temp_files(fchunk)
        hash_matches = verify_file_integrity(fchunk)

        if hash_matches:
            LogEntity.file_uploaded(session['uuid'],
                                    file_path)
            return utils.jsonify_success('File {} uploaded successfully.'
                                         .format(file_name))
        else:
            logger.error("md5 sum does not match for: {}".format(fchunk))
            LogEntity.file_uploaded(session['uuid'],
                                    'Checksum mismatch for file: {}'
                                    .format(file_path))
            return utils.jsonify_error('Checksum mismatch for file: {}'
                                       .format(file_name))
    else:
        LogEntity.file_uploaded(session['uuid'],
                                'Unable to merge chunks for file: {}'
                                .format(file_path))
        return utils.jsonify_error('Unable to merge chunks for file: {}'
                                   .format(file_name))
def save_uploaded_file():
    """ Receives files on the server side """
    fchunk = FileChunk.init_from_request()
    logger.info("User uploaded chunk: {}".format(fchunk))
    file_name = fchunk.file_name

    if not fchunk.afile:
        err = utils.pack_error("No file specified.")
        logger.error(err)
        return err

    chunk_path = get_chunk_path(file_name, fchunk.number)

    try:
        # For every request recived we store the chunk to a temp folder
        fchunk.afile.save(chunk_path)
    except Exception as exc:
        logger.error("Problem saving: {} due: {}".format(fchunk, exc))
        return utils.pack_error("Unable to save file chunk: {}".format(
            fchunk.number))

    # When all chunks are recived we merge them
    if not all_chunks_received(fchunk):
        return utils.jsonify_success('Request completed successfully.')

    # When all chunks are received we merge them
    subject_file = merge_files(fchunk)

    if subject_file is not None:
        prefix = app.config['REDIDROPPER_UPLOAD_SAVED_DIR']
        file_path = subject_file.get_full_path(prefix)
        delete_temp_files(fchunk)
        hash_matches = verify_file_integrity(fchunk)

        if hash_matches:
            LogEntity.file_uploaded(session['uuid'], file_path)
            return utils.jsonify_success(
                'File {} uploaded successfully.'.format(file_name))
        else:
            logger.error("md5 sum does not match for: {}".format(fchunk))
            LogEntity.file_uploaded(
                session['uuid'],
                'Checksum mismatch for file: {}'.format(file_path))
            return utils.jsonify_error(
                'Checksum mismatch for file: {}'.format(file_name))
    else:
        LogEntity.file_uploaded(
            session['uuid'],
            'Unable to merge chunks for file: {}'.format(file_path))
        return utils.jsonify_error(
            'Unable to merge chunks for file: {}'.format(file_name))
Beispiel #3
0
def api_send_verification_email():
    """
    @TODO: allow POST only
    @TODO: Send Verification Email to user_id

    :rtype: Response
    :return the success or failed in json format
    """
    user_id = get_safe_int(request.form.get('user_id'))
    user = UserEntity.get_by_id(user_id)
    user = UserEntity.get_by_id(1)
    user.email = app.config['MAIL_SENDER_SUPPORT']

    try:
        emails.send_verification_email(user)
        return jsonify_success({"message": "Verification email was sent."})
    except Exception as exc:
        details = "Connection config: {}/{}:{}".format(
            app.config['MAIL_USERNAME'], app.config['MAIL_SERVER'],
            app.config['MAIL_PORT'])
        app.logger.debug(details)
        return jsonify_error({
            "message":
            "Unable to send email due: {} {}".format(exc, details)
        })
Beispiel #4
0
def api_save_user():
    """ Save a new user to the database
    TODO: Add support for reading a password field
    """
    request_data = __extract_user_information(request)
    credentials = __generate_credentials(request_data["email"])
    date_data = __get_date_information()

    if __check_is_existing_user(request_data["email"]):
        return utils.jsonify_error(
            {'message': 'Sorry. This email is already taken.'})

    user = UserEntity.create(email=request_data["email"],
                             first=request_data["first"],
                             last=request_data["last"],
                             minitial=request_data["minitial"],
                             added_at=date_data["added_at"],
                             modified_at=date_data["added_at"],
                             access_expires_at=date_data["access_expires_at"],
                             password_hash="{}:{}"
                             .format(credentials["salt"],
                                     credentials["password_hash"]))

    __assign_roles(request_data["roles"], user)

    app.logger.debug("saved user: {}".format(user))
    LogEntity.account_created(session['uuid'], user)
    return utils.jsonify_success({'user': user.serialize()})
Beispiel #5
0
def api_verify_email():
    """
    @TODO: add counter/log to track failed attempts

    :rtype: Response
    :return the success or failed in json format
    """
    if 'POST' == request.method:
        token = utils.clean_str(request.form.get('tok'))
    else:
        token = utils.clean_str(request.args.get('tok'))

    if not token:
        return utils.jsonify_error({'message': 'No token specified.'})

    try:
        email = utils.get_email_from_token(token,
                                           app.config["SECRET_KEY"],
                                           app.config["SECRET_KEY"])
    except Exception as exc:
        # @TODO: add dedicated log type
        app.logger.error("api_verify_email: {}".format(exc.message))
        return utils.jsonify_error({'message': exc.message})

    app.logger.debug("Decoded email from token: {}".format(email))
    user = UserEntity.query.filter_by(email=email).first()

    if user is None:
        app.logger.error("Attempt to verify email with incorrect token: {}"
                         .format(token))
        return utils.jsonify_error({'message': 'Sorry.'})

    user = UserEntity.update(user, email_confirmed_at=datetime.today())
    app.logger.debug("Verified token {} for user {}".format(token, user.email))

    # @TODO: add dedicated log type
    LogEntity.account_modified(session['uuid'],
                               "Verified token {} for user {}".format(
                                   token, user.email))
    return utils.jsonify_success(
        {"message": "Email was verified for {}.".format(email)})
Beispiel #6
0
def api_verify_email():
    """
    @TODO: add counter/log to track failed attempts

    :rtype: Response
    :return the success or failed in json format
    """
    if 'POST' == request.method:
        token = utils.clean_str(request.form.get('tok'))
    else:
        token = utils.clean_str(request.args.get('tok'))

    if not token:
        return utils.jsonify_error({'message': 'No token specified.'})

    try:
        email = utils.get_email_from_token(token,
                                           app.config["SECRET_KEY"],
                                           app.config["SECRET_KEY"])
    except Exception as exc:
        # @TODO: add dedicated log type
        app.logger.error("api_verify_email: {}".format(exc.message))
        return utils.jsonify_error({'message': exc.message})

    app.logger.debug("Decoded email from token: {}".format(email))
    user = UserEntity.query.filter_by(email=email).first()

    if user is None:
        app.logger.error("Attempt to verify email with incorrect token: {}"
                         .format(token))
        return utils.jsonify_error({'message': 'Sorry.'})

    user = UserEntity.update(user, email_confirmed_at=datetime.today())
    app.logger.debug("Verified token {} for user {}".format(token, user.email))

    # @TODO: add dedicated log type
    LogEntity.account_modified(session['uuid'],
                               "Verified token {} for user {}".format(
                                   token, user.email))
    return utils.jsonify_success(
        {"message": "Email was verified for {}.".format(email)})
Beispiel #7
0
def api_save_user():
    """ Save a new user to the database
    TODO: Add support for reading a password field
    """
    email = request.form['email']
    first = request.form['first']
    last = request.form['last']
    minitial = request.form['minitial']
    roles = request.form.getlist('roles[]')

    email_exists = False
    try:
        existing_user = UserEntity.query.filter_by(email=email).one()
        email_exists = existing_user is not None
    except:
        pass

    if email_exists:
        return utils.jsonify_error(
            {'message': 'Sorry. This email is already taken.'})

    # @TODO: use a non-gatorlink password here
    password = email
    salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'],
                                              password)
    added_date = datetime.today()
    access_end_date = utils.get_expiration_date(180)

    # Note: we store the salt as a prefix
    user = UserEntity.create(email=email,
                             first=first,
                             last=last,
                             minitial=minitial,
                             added_at=added_date,
                             modified_at=added_date,
                             access_expires_at=access_end_date,
                             password_hash="{}:{}".format(salt, password_hash))

    user_roles = []
    try:
        for role_name in roles:
            role_entity = RoleEntity.query.filter_by(name=role_name).one()
            user_roles.append(role_entity)
    except Exception as exc:
        app.logger.debug("Problem saving user: {}".format(exc))

    [user.roles.append(rol) for rol in user_roles]
    user = UserEntity.save(user)
    app.logger.debug("saved user: {}".format(user))
    LogEntity.account_created(session['uuid'], user)
    return utils.jsonify_success({'user': user.serialize()})
Beispiel #8
0
def api_save_user():
    """ Save a new user to the database
    TODO: Add support for reading a password field
    """
    email = request.form['email']
    first = request.form['first']
    last = request.form['last']
    minitial = request.form['minitial']
    roles = request.form.getlist('roles[]')

    email_exists = False
    try:
        existing_user = UserEntity.query.filter_by(email=email).one()
        email_exists = existing_user is not None
    except:
        pass

    if email_exists:
        return utils.jsonify_error(
            {'message': 'Sorry. This email is already taken.'})

    # @TODO: use a non-gatorlink password here
    password = email
    salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'],
                                              password)
    added_date = datetime.today()
    access_end_date = utils.get_expiration_date(180)

    # Note: we store the salt as a prefix
    user = UserEntity.create(email=email,
                             first=first,
                             last=last,
                             minitial=minitial,
                             added_at=added_date,
                             modified_at=added_date,
                             access_expires_at=access_end_date,
                             password_hash="{}:{}".format(salt, password_hash))

    user_roles = []
    try:
        for role_name in roles:
            role_entity = RoleEntity.query.filter_by(name=role_name).one()
            user_roles.append(role_entity)
    except Exception as exc:
        app.logger.debug("Problem saving user: {}".format(exc))

    [user.roles.append(rol) for rol in user_roles]
    user = UserEntity.save(user)
    app.logger.debug("saved user: {}".format(user))
    LogEntity.account_created(session['uuid'], user)
    return utils.jsonify_success({'user': user.serialize()})
Beispiel #9
0
def api_save_user():
    """ Add New User to the database """
    email = request.form['email']
    first = request.form['first']
    last = request.form['last']
    minitial = request.form['minitial']
    roles = request.form.getlist('roles[]')

    app.logger.debug("roles: {}".format(roles))

    email_exists = False
    try:
        existing_user = UserEntity.query.filter_by(email=email).one()
        email_exists = existing_user is not None
    except:
        pass

    if email_exists:
        return jsonify_error(
            {'message': 'Sorry. This email is already taken.'})

    # @TODO: fix hardcoded values
    # password = '******'
    # salt, hashed_pass = generate_auth(app.config['SECRET_KEY'], password)
    added_date = datetime.today()
    access_end_date = get_expiration_date(180)

    user = UserEntity.create(email=email,
                             first=first,
                             last=last,
                             minitial=minitial,
                             added_at=added_date,
                             modified_at=added_date,
                             access_expires_at=access_end_date,
                             password_hash="")
    # roles=user_roles)
    user_roles = []
    try:
        for role_name in roles:
            role_entity = RoleEntity.query.filter_by(name=role_name).one()
            user_roles.append(role_entity)
    except Exception as exc:
        app.logger.debug("Problem saving user: {}".format(exc))

    [user.roles.append(rol) for rol in user_roles]
    user = UserEntity.save(user)
    app.logger.debug("saved user: {}".format(user))
    return jsonify_success({'user': user.serialize()})
Beispiel #10
0
def api_save_user():
    """ Add New User to the database """
    email = request.form['email']
    first = request.form['first']
    last = request.form['last']
    minitial = request.form['minitial']
    roles = request.form.getlist('roles[]')

    app.logger.debug("roles: {}".format(roles))

    email_exists = False
    try:
        existing_user = UserEntity.query.filter_by(email=email).one()
        email_exists = existing_user is not None
    except:
        pass

    if email_exists:
        return jsonify_error({'message': 'Sorry. This email is already taken.'})

    # @TODO: fix hardcoded values
    # password = '******'
    # salt, hashed_pass = generate_auth(app.config['SECRET_KEY'], password)
    added_date = datetime.today()
    access_end_date = get_expiration_date(180)

    user = UserEntity.create(email=email,
                             first=first,
                             last=last,
                             minitial=minitial,
                             added_at=added_date,
                             modified_at=added_date,
                             access_expires_at=access_end_date,
                             password_hash="")
    # roles=user_roles)
    user_roles = []
    try:
        for role_name in roles:
            role_entity = RoleEntity.query.filter_by(name=role_name).one()
            user_roles.append(role_entity)
    except Exception as exc:
        app.logger.debug("Problem saving user: {}".format(exc))

    [user.roles.append(rol) for rol in user_roles]
    user = UserEntity.save(user)
    app.logger.debug("saved user: {}".format(user))
    return jsonify_success({'user': user.serialize()})
Beispiel #11
0
def api_delete_file():
    """ Deletes the passed file    """
    #get the file from the response
    subject_file_id = request.form.get('file_id')

    try:
        ret_value = file_manager.delete_file(subject_file_id)
        deleted_id = ret_value[0]
        deleted_path = ret_value[1]
        app.logger.debug("deleted file id: {}".format(subject_file_id))
        LogEntity.file_deleted(session['uuid'], deleted_path)
        response = utils.jsonify_success({"file_id": deleted_id})

    except:
        response = utils.jsonify_error({"exception": ret_value})

    return response
Beispiel #12
0
def api_verify_email():
    """
    @TODO: add column for verification hash
    @TODO: add counter/log to track failed attempts

    :rtype: Response
    :return the success or failed in json format
    """
    token = request.form.get('tok')

    # user = UserEntity.query.filter_by(email_token=token).first()
    user = UserEntity.get_by_id(1)

    if user is None:
        app.logger.error(
            "Attempt to verify email with incorrect token: {}".format(token))
        return jsonify_error({'message': 'Sorry.'})

    app.logger.debug("Verified token {} for user {}".format(token, user.email))
    # implement update User set usrEmailConfirmedAt = NOW()
    return jsonify_success({"message": "Verification email was sent."})
Beispiel #13
0
def api_verify_email():
    """
    @TODO: add column for verification hash
    @TODO: add counter/log to track failed attempts

    :rtype: Response
    :return the success or failed in json format
    """
    token = request.form.get('tok')

    # user = UserEntity.query.filter_by(email_token=token).first()
    user = UserEntity.get_by_id(1)

    if user is None:
        app.logger.error("Attempt to verify email with incorrect token: {}"
                         .format(token))
        return jsonify_error({'message': 'Sorry.'})

    app.logger.debug("Verified token {} for user {}".format(token, user.email))
    # implement update User set usrEmailConfirmedAt = NOW()
    return jsonify_success({"message": "Verification email was sent."})
Beispiel #14
0
def api_send_verification_email():
    """
    @TODO: Send Verification Email to user_id

    :rtype: Response
    :return the success or failed in json format
    """
    user_id = utils.get_safe_int(request.form.get('user_id'))
    user = UserEntity.get_by_id(user_id)

    try:
        emails.send_verification_email(user)
        return utils.jsonify_success(
            {"message": "Verification email was sent."})
    except Exception as exc:
        details = "Connection config: {}/{}:{}".format(
            app.config['MAIL_USERNAME'],
            app.config['MAIL_SERVER'],
            app.config['MAIL_PORT'])
        app.logger.debug(details)
        return utils.jsonify_error(
            {"message": "Unable to send email due: {} {}".format(exc, details)})