def authenticate(self,password):
"""
checks if the given password fits to this user
"""
if sha512(password+self._salt).hexdigest() == self._password:
return True
else:
raise UserException(UserException.get_msg(2))
def delete(self):
"""
deletes this user from database
"""
if self.get_id() == ROOT_USER_ID:
raise UserException(UserException.get_msg(14))
db = self._core.get_db()
stmnt_uri="DELETE FROM USERRIGHTS WHERE URI_USR_ID = ? ;"
stmnt_uro="DELETE FROM USERROLES WHERE URO_USR_ID = ? ;"
stmnt_usr="******"
res = db.query(self._core, stmnt_uri, (self._id,),commit=True)
res = db.query(self._core, stmnt_uro, (self._id,),commit=True)
res = db.query(self._core, stmnt_usr, (self._id,),commit=True)
self._core.get_poke_manager().add_activity(ActivityType.USER)
def grant_permission(self, permission, ignore_check=False):
"""
grants a permission to the user
"""
db = Database()
session_user = None
if not ignore_check:
session_user = self._core.get_session_manager().get_current_session_user()
permission_id = Permission.get_id_for_permission(permission)
if permission_id is None:
raise UserException(UserException.get_msg(5, permission))
if not ignore_check and not session_user.check_permission(permission):
raise UserException(UserException.get_msg(6))
stmnt = "UPDATE OR INSERT INTO USERRIGHTS VALUES (?,?) MATCHING (URI_USR_ID,URI_RIG_ID) ;"
db.query(stmnt,(self._id,permission_id),commit=True)
PokeManager().add_activity(ActivityType.USER)
def get_user_by_id(cls,nr):
"""
returns the user with the given id or raises exception
"""
db = cls._core.get_db()
stmnt = "SELECT USR_ID, USR_NAME, USR_PASSWORD, USR_SALT FROM USERS WHERE USR_ID= ? ;"
cur = db.query(cls._core, stmnt, (nr,))
res = cur.fetchonemap()
if res is None:
raise UserException(UserException.get_msg(11,nr))
user = User(cls._core)
user.set_id(res['USR_ID'])
user.set_name(res['USR_NAME'])
user.set_password(res['USR_PASSWORD'])
user.set_salt(res['USR_SALT'])
return user
def grant_permission(self, permission, ignore_check=False):
"""
grants a permission to the user
"""
db = self._core.get_db()
permissionmanager = self._core.get_permission_manager()
session_user = None
if not ignore_check:
session_user = self._core.get_session_manager().get_current_session_user()
permission_id = permissionmanager.get_id_for_permission(permission)
if permission_id is None:
raise UserException(UserException.get_msg(5, permission))
if not ignore_check and not session_user.check_permission(permission):
raise UserException(UserException.get_msg(6))
stmnt = "UPDATE OR INSERT INTO USERRIGHTS VALUES (?,?) MATCHING (URI_USR_ID,URI_RIG_ID) ;"
db.query(self._core,stmnt,(self._id,permission_id),commit=True)
self._core.get_poke_manager().add_activity(ActivityType.USER)
def alter_password(self,new_password,old_password,new_user=False):
"""
Changes the password of a User
"""
db = self._core.get_db()
if (sha512(old_password+self._salt).hexdigest() == self._password ) \
!= new_user: # != substituts xor
pw, salt = self._generateSaltedPassword(new_password)
self.set_password(pw)
self.set_salt(salt)
self.store()
stmnt = "SELECT USR_PASSWORD FROM USERS WHERE USR_ID = ?";
cur = db.query(self._core,stmnt,(self._id,))
res = cur.fetchone()
if res[0] != self._password:
raise UserException(UserException.get_msg(0))
else:
raise UserException(UserException.get_msg(1))
def create_user(cls, username, password):
"""
creates a new user
"""
if username == "":
raise UserException(UserException.get_msg(12))
try:
cls.get_user_by_name(username)
except UserException:
pass
else:
raise UserException(UserException.get_msg(15, username))
cls._check_password(password)
user = User(cls._core)
user.set_name(username)
user.set_password("")
user.set_salt("")
user.store()
user.alter_password(password, "", True)
return user
def revoke_permission(self,permission, ignore_check=False):
"""
revokes a permission from the user
"""
db = Database()
session_user = None
if self.get_id() == ROOT_USER_ID and self.get_name() == "root":
raise UserException(UserException.get_msg(16))
if not ignore_check:
session_user = Session.get_current_session_user()
permission_id = Permission.get_id_for_permission(permission)
if permission_id is None:
raise UserException(UserException.get_msg(5, permission))
if not ignore_check and not session_user.check_permission(permission):
raise UserException(UserException.get_msg(8))
stmnt = "DELETE FROM USERRIGHTS WHERE URI_USR_ID = ? AND URI_RIG_ID = ? ;"
db.query(stmnt,(self._id,permission_id),commit=True)
PokeManager().add_activity(ActivityType.USER)
def get_user_by_name(cls,username):
"""
returns the user with the given name or raises exception
"""
db = Database()
stmnt = "SELECT USR_ID, USR_NAME, USR_PASSWORD, USR_SALT FROM USERS WHERE USR_NAME= ? ;"
cur = db.query(stmnt, (username,))
res = cur.fetchonemap()
if res is None:
raise UserException(UserException.get_msg(9,username))
user = User()
user.set_id(res['USR_ID'])
user.set_name(res['USR_NAME'])
user.set_password(res['USR_PASSWORD'])
user.set_salt(res['USR_SALT'])
return user
def revoke_permission(self,permission, ignore_check=False):
"""
revokes a permission from the user
"""
db = self._core.get_db()
permissionmanager = self._core.get_permission_manager()
session_user = None
if self.get_id() == ROOT_USER_ID and self.get_name() == "root":
raise UserException(UserException.get_msg(16))
if not ignore_check:
session_user = self._core.get_session_manager().get_current_session_user()
permission_id = permissionmanager.get_id_for_permission(permission)
if permission_id is None:
raise UserException(UserException.get_msg(5, permission))
if not ignore_check and not session_user.check_permission(permission):
raise UserException(UserException.get_msg(8))
stmnt = "DELETE FROM USERRIGHTS WHERE URI_USR_ID = ? AND URI_RIG_ID = ? ;"
db.query(self._core,stmnt,(self._id,permission_id),commit=True)
self._core.get_poke_manager().add_activity(ActivityType.USER)
def _check_password(cls, password):
if password == "":
raise UserException(UserException.get_msg(13))
return True
