Ejemplo n.º 1
0
def user_settings():
    if g.user is None or 'openid' not in session:
        return redirect(url_for('login'))
    if request.method == 'POST':
        names = request.form.getlist('script-name')
        scripts = request.form.getlist('script-content')
        data = {x[0]: {'content': x[1]} for x in zip(names, scripts)}
        u = users.get_user_by_openid(g.user.openid)
        defined = set([x for x in u.initscripts.list()])
        for remove in defined - set(names):
            u.initscripts.get(remove).delete()
        for add in set(names) - defined:
            u.initscripts.create(add, data[add])
        for update in set(names) & defined:
            u.initscripts.get(update).update(data[update])
        g.user = users.get(u.name)
        return redirect(url_for('user_settings'))

    u = [users.get(x) for x in users.list()]
    scripts = g.user.to_dict().get('initscripts', [])
    ss = [shared_storage.get(x) for x in shared_storage.list()]
    return render_template('settings.html',
                           settings=settings,
                           users=u,
                           user_scripts=scripts,
                           shared_storage=ss)
Ejemplo n.º 2
0
 def test_container_request_auth(self):
     users.create('*****@*****.**', {'openid': 'oid', 'approved': True,
                              'nickname': 'nn', 'api_key': 'blahBlah'})
     u = users.get('*****@*****.**')
     auth_headers = [('Authorization', 'Token %s:%s' % (u.name, 'bl'))]
     self.post_json('/api/v1/container_request/', {}, 401)
     self.post_json('/api/v1/container_request/', {}, 401, auth_headers)
Ejemplo n.º 3
0
def user_admin():
    if g.user is None or 'openid' not in session:
        return redirect(url_for('login'))
    if not g.user.admin:
        flash('you must be an admin to try and edit users')
        return redirect(url_for('login'))

    for u in users.list():
        u = users.get(u)
        data = {'approved': False, 'admin': False}
        data['approved'] = request.form.get('approved-' + u.openid) == 'on'
        data['admin'] = request.form.get('admin-' + u.openid) == 'on'
        u.update(data)

    return redirect(url_for('user_settings'))
Ejemplo n.º 4
0
Archivo: ui.py Proyecto: doanac/cya
def user_settings():
    if g.user is None or 'openid' not in session:
        return redirect(url_for('login'))
    if request.method == 'POST':
        names = request.form.getlist('script-name')
        scripts = request.form.getlist('script-content')
        data = {x[0]: {'content': x[1]} for x in zip(names, scripts)}
        u = users.get_user_by_openid(g.user.openid)
        defined = set([x for x in u.initscripts.list()])
        for remove in defined - set(names):
            u.initscripts.get(remove).delete()
        for add in set(names) - defined:
            u.initscripts.create(add, data[add])
        for update in set(names) & defined:
            u.initscripts.get(update).update(data[update])
        g.user = users.get(u.name)
        return redirect(url_for('user_settings'))

    u = [users.get(x) for x in users.list()]
    scripts = g.user.to_dict().get('initscripts', [])
    ss = [shared_storage.get(x) for x in shared_storage.list()]
    return render_template(
        'settings.html', settings=settings, users=u, user_scripts=scripts,
        shared_storage=ss)
Ejemplo n.º 5
0
Archivo: ui.py Proyecto: doanac/cya
def user_admin():
    if g.user is None or 'openid' not in session:
        return redirect(url_for('login'))
    if not g.user.admin:
        flash('you must be an admin to try and edit users')
        return redirect(url_for('login'))

    for u in users.list():
        u = users.get(u)
        data = {'approved': False, 'admin': False}
        data['approved'] = request.form.get('approved-' + u.openid) == 'on'
        data['admin'] = request.form.get('admin-' + u.openid) == 'on'
        u.update(data)

    return redirect(url_for('user_settings'))
Ejemplo n.º 6
0
    def test_container_request(self):
        data = {
            'name': 'container_foo',
            'template': 'ubuntu',
            'release': 'xenial',
        }
        users.create('*****@*****.**', {'openid': 'oid', 'approved': True,
                                 'nickname': 'nn', 'api_key': 'blahBlah'})
        u = users.get('*****@*****.**')
        auth_headers = [('Authorization', 'Token %s:%s' % (u.name, u.api_key))]
        self.post_json('/api/v1/container_request/', data, 202, auth_headers)

        queue = list(container_requests.list())
        self.assertEqual(['container_foo'], queue)
        c = container_requests.get('container_foo')
        self.assertEqual('nn', c.requested_by)
Ejemplo n.º 7
0
Archivo: api.py Proyecto: doanac/cya
 def wrapper(*args, **kwargs):
     key = request.headers.get("Authorization", None)
     if not key:
         resp = jsonify({"Message": "No Authorization header provided"})
         resp.status_code = 401
         return resp
     parts = key.split(" ")
     if len(parts) != 2 or parts[0] != "Token":
         resp = jsonify({"Message": "Invalid Authorization header"})
         resp.status_code = 401
         return resp
     parts = parts[1].split(":")
     if len(parts) != 2:
         resp = jsonify({"Message": "Invalid Authorization header"})
         resp.status_code = 401
         return resp
     user = users.get(parts[0].strip())
     if parts[1].strip() != user.api_key:
         resp = jsonify({"Message": "Incorrect API key for user"})
         resp.status_code = 401
         return resp
     g.user = user
     return f(*args, **kwargs)
Ejemplo n.º 8
0
Archivo: api.py Proyecto: doanac/cya
 def wrapper(*args, **kwargs):
     key = request.headers.get('Authorization', None)
     if not key:
         resp = jsonify({'Message': 'No Authorization header provided'})
         resp.status_code = 401
         return resp
     parts = key.split(' ')
     if len(parts) != 2 or parts[0] != 'Token':
         resp = jsonify({'Message': 'Invalid Authorization header'})
         resp.status_code = 401
         return resp
     parts = parts[1].split(':')
     if len(parts) != 2:
         resp = jsonify({'Message': 'Invalid Authorization header'})
         resp.status_code = 401
         return resp
     user = users.get(parts[0].strip())
     if parts[1].strip() != user.api_key:
         resp = jsonify({'Message': 'Incorrect API key for user'})
         resp.status_code = 401
         return resp
     g.user = user
     return f(*args, **kwargs)