def referral_login(email=None, password=None, remember=None, refer=None, *args, **kwargs):
# pylint: disable=unused-argument
"""
This endpoint is the landing page for the logged-in user
"""
if email is None:
email = request.form.get('email', None)
if password is None:
password = request.form.get('password', None)
if remember is None:
remember = request.form.get('remember', None)
remember = remember in ['true', 'on']
if refer is None:
refer = flask.request.args.get('next', request.form.get('next', None))
if refer in ['origin']:
refer = request.referrer
if refer is not None:
if not _is_safe_url(refer):
log.error('User gave insecure next URL: %r' % (refer,))
refer = None
failure_refer = 'frontend.home'
user = User.find(email=email, password=password)
redirect = _url_for(failure_refer)
if user is not None:
if True not in [user.in_alpha, user.in_beta, user.is_staff, user.is_admin]:
log.warning(
'User %r had a valid login, but is not a staff or beta member.',
)
redirect = _url_for(failure_refer)
else:
status = login_user(user, remember=remember)
if status:
# User logged in organically.
log.info(
'Logged in User (remember = %s): %r'
% (
remember,
user,
)
)
create_session_oauth2_token()
if refer is not None:
log.info('Sending user to requested next: %r' % (refer,))
redirect = refer
else:
log.warning('Username or password unrecognized.')
redirect = _url_for(failure_refer)
else:
log.warning('Username or password unrecognized.')
redirect = _url_for(failure_refer)
return flask.redirect(redirect)
def create_oauth2_client(context, email, guid, secret, default_scopes=None):
"""
Create a new OAuth2 Client associated with a given user (email).
"""
from app.modules.users.models import User
from app.modules.auth.models import OAuth2Client
user = User.find(email=email)
if user is None:
raise Exception("User with email '%s' does not exist." % email)
if default_scopes is None:
from app.extensions.api import api_v1
default_scopes = list(
api_v1.authorizations['oauth2_password']['scopes'].keys())
oauth2_client = OAuth2Client(
guid=guid,
secret=secret,
user=user,
default_scopes=default_scopes,
)
from app.extensions import db
with db.session.begin():
db.session.add(oauth2_client)
def create_submission_from_path(
context,
path,
email,
description=None,
):
"""
Create a new submission via a local file or folder path.
Command Line:
> invoke app.submissions.create-submission-from-path --path tests/submissions/test-000/ --email [email protected]
"""
from app.modules.users.models import User
from app.modules.submissions.models import Submission, SubmissionMajorType
from app.extensions import db
import socket
user = User.find(email=email)
if user is None:
raise Exception("User with email '%s' does not exist." % email)
absolute_path = os.path.abspath(os.path.expanduser(path))
print('Attempting to import path: %r' % (absolute_path, ))
if not os.path.exists(path):
raise IOError('The path %r does not exist.' % (absolute_path, ))
with db.session.begin():
args = {
'owner_guid': user.guid,
'major_type': SubmissionMajorType.filesystem,
'description': description,
}
submission = Submission(**args)
db.session.add(submission)
db.session.refresh(submission)
repo, project = submission.ensure_repository()
submission.git_copy_path(absolute_path)
hostname = socket.gethostname()
submission.git_commit('Initial commit via CLI on host %r' % (hostname, ))
submission.git_push()
print('Created and pushed new submission: %r' % (submission, ))
def promote_to_admin(
context,
email,
):
"""
Promote a given user (email) to administrator permissions
"""
from app.modules.users.models import User
user = User.find(email=email)
if user is None:
print("User with email '%s' does not exist." % email)
print('\nNo updates applied.')
return
if user.is_admin:
print('The given user is already an administrator:\n\t%r' % (user, ))
print('\nNo updates applied.')
return
user.is_admin = True
print('Found user:\n\t%r' % (user, ))
answer = input(
'Are you sure you want to promote the above found user to a site administrator? [Y / N]: '
)
answer = answer.strip().lower()
if answer not in ['y', 'yes']:
print('Confirmation failed.')
print('\nNo updates applied.')
from app.extensions import db
with db.session.begin():
db.session.merge(user)
db.session.refresh(user)
assert user.is_admin
print('\nThe user was successfully promoted to an administrator.')
def post(self, args):
"""
Log-in via a new OAuth2 Session.
"""
email = args['email']
password = args['password']
user = User.find(email=email, password=password)
failure = None
if user is not None:
if True not in [
user.in_alpha, user.in_beta, user.is_staff, user.is_admin
]:
failure = 'Account Not Authorized'
else:
status = login_user(user, remember=False)
if status:
log.info('Logged in User via API: %r' % (user, ))
create_session_oauth2_token()
else:
failure = 'Account Disabled'
else:
failure = 'Account Not Found'
if failure is None:
response = {
'success': True,
'message': 'Session Created',
}
code = HTTPStatus.OK
else:
response = {
'success': False,
'message': failure,
}
code = HTTPStatus.UNAUTHORIZED
return response, code
def clone_submission_from_gitlab(
context,
guid,
email,
):
"""
Clone an existing submission from the external GitLab submission archive
Command Line:
> invoke app.submissions.clone-submission-from-gitlab --guid 290950fb-49a8-496a-adf4-e925010f79ce --email [email protected]
"""
from app.modules.users.models import User
from app.modules.submissions.models import Submission
user = User.find(email=email)
if user is None:
raise Exception("User with email '%s' does not exist." % email)
from app import create_app
app = create_app()
submission = Submission.query.get(guid)
if submission is not None:
print('Submission is already cloned locally:\n\t%s' % (submission, ))
app.sub.ensure_repository(submission)
return
submission = app.sub.ensure_submission(guid, owner=user)
if submission is None:
raise ValueError('Could not find submission in GitLab using GUID %r' %
(guid, ))
print('Cloned submission from GitLab:')
print('\tSubmission: %r' % (submission, ))
print('\tLocal Path: %r' % (submission.get_absolute_path(), ))
def user_login(email=None,
password=None,
remember=None,
refer=None,
*args,
**kwargs):
# pylint: disable=unused-argument
"""
This endpoint is the landing page for the logged-in user
"""
if email is None:
email = request.form.get('email', None)
if password is None:
password = request.form.get('password', None)
if remember is None:
remember = request.form.get('remember', None)
remember = remember in ['true', 'on']
if refer is None:
refer = flask.request.args.get('next')
if refer is not None:
if not _is_safe_url(refer):
refer = None
failure_refer = 'backend.home'
user = User.find(email=email, password=password)
redirect = _url_for(failure_refer)
if user is not None:
if True not in [
user.in_alpha, user.in_beta, user.is_staff, user.is_admin
]:
flash(
'Your login was correct, but Wildbook is in BETA at the moment and is invite-only.',
'danger',
)
redirect = _url_for(failure_refer)
else:
status = login_user(user, remember=remember)
if status:
# User logged in organically.
log.info('Logged in User (remember = %s): %r' % (
remember,
user,
))
flash('Logged in successfully.', 'success')
create_session_oauth2_token()
if refer is not None:
redirect = refer
else:
flash(
'We could not log you in, most likely due to your account being disabled. Please speak to a staff member.',
'danger',
)
redirect = _url_for(failure_refer)
else:
flash('Username or password unrecognized.', 'danger')
redirect = _url_for(failure_refer)
return flask.redirect(redirect)
def _usergetter(self, email, password, client, request):
# pylint: disable=method-hidden,unused-argument
# Avoid circular dependencies
from app.modules.users.models import User
return User.find(email=email, password=password)
