def kill_plugin(ccd, sock, req_t):
"""
kill a plugin. To do so, check whether plugin is associated with
project.
input:
ccd ccd instance to operate on
sock socket the request came from
req_t request tuple
"""
logger.debug("user wants to kill plugin..")
op, sid, rid, cat, plg_id, gid, mth, args = req_t
# get user and workgroup
user, wg = ccd.get_user_and_workgroup(sid)
# get project we work with
proj = ccd._get_project(sid)
if not proj:
raise NotFoundError("No such project")
# validate plugin id
if not proj.has_plugin(ccd._db.conn, plg_id):
raise NotFoundError("Plugin to kill is not in project!")
# authorise
if not (proj.creator == user.uid or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_EXEC)):
raise PermissionDenied(user.name)
# execute
plugin.kill(ccd, sid, plg_id, mth, args)
def get_string(string_id, language="de"):
""""
Returns string with of the given id and a given language (default is de).
input:
string_id id of the string. The id is used to identify the string in
corresponding language.
language language to return the string in
output:
the requested string. In case of error, raise exception.
"""
# is language supported
try:
strings_dict = c_strings[language]
if not strings_dict:
raise KeyError()
except (KeyError, TypeError):
raise NotFoundError("Language(%s) not supported." % language)
# get actual string
try:
string = strings_dict[string_id]
except (IndexError, TypeError):
raise NotFoundError("String(%s) not found." % string_id)
return string
def by_pid(cls, db, pid):
""""
get project from database and return project
input:
cls project constructor
db database connection used for db requests
pid project id of the new project
output:
project new created project instance
"""
db_entry = ccddb.getproject_bypid(db, pid)
if not db_entry:
raise NotFoundError("No project with pid %d." % pid)
project = cls(name=db_entry[1],
creator=db_entry[4],
owner=db_entry[5],
ptype=db_entry[2],
pid=db_entry[0],
created=db_entry[3],
description=db_entry[6])
return project
def remove_plugin(ccd, sid, pld):
"""
remove a user to a project
input:
ccd ccd instance
sid session id of running session
pld payload of the OP_DELPROJPLG packet
must contain the following data:
pid id of the project to del a plugin from
plg_id id of the plugin to del from project
"""
# get user and workgroup
user, wg = ccd.get_user_and_workgroup(sid)
# parse payload
try:
pid = int(pld["pid"])
plg_id = int(pld["plg_id"])
except (KeyError, ValueError):
raise InputError("Invalid payload format!")
# project we work with
proj = Project.by_pid(ccd._db.conn, pid)
if not proj:
raise NotFoundError("No such project")
# authorise
if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid
or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_DEL)):
raise PermissionDenied(user.name)
# check whether plugin is in user's workgroup
if not wg.has_plugin(ccd._db.conn, plg_id):
raise NotFoundError("Plugin is not part of workgroup!")
# remove member
proj.remove_plugin(ccd._db.conn, plg_id)
def execute_plugin(ccd, sock, req_t):
"""
execute a plugin. To do so, check whether plugin is associated with
project.
input:
ccd ccd instance to operate on
sock socket the request came from
req_t request tuple
output:
returns result of the execution
"""
op, sid, rid, cat, plg_id, gid, mth, args = req_t
# get user and workgroup
user, wg = ccd.get_user_and_workgroup(sid)
# get project we work with
proj = ccd._get_project(sid)
if not proj:
raise NotFoundError("No such project")
# validate plugin id
if not proj.has_plugin(ccd._db.conn, plg_id):
raise NotFoundError("Plugin to execute is not in project!")
# authorise
if not (proj.creator == user.uid or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_EXEC)):
raise PermissionDenied(user.name)
# execute
logger.debug("request is valid, so executing..")
result = plugin.execute(ccd, proj.pid, sock, req_t)
return result
def by_name(cls, db, name):
"""" get project from database and return project """
db_entry = ccddb.getproject_byname(db, name)
if not db_entry:
raise NotFoundError("No such project: '%s'.", name)
project = cls(name=db_entry[1],
creator=db_entry[4],
owner=db_entry[5],
ptype=db_entry[2],
pid=db_entry[0],
created=db_entry[3],
description=db_entry[6])
return project
def show_project_members(ccd, sid, pld):
"""
return a project's member
input:
ccd ccd instance
sid session id
pld payload of the packet
must contain the following data:
pid id of the project to get users from
output:
returns a project's members
"""
# get user we work with
user, _ = ccd.get_user_and_workgroup(sid)
# parse payload
try:
pid = int(pld["pid"])
except (KeyError, ValueError, TypeError):
raise InputError("Invalid payload format!")
if pid < 0:
raise InputError("Invalid pid requested:%s", pid)
# project we want to add to
proj = Project.by_pid(ccd._db.conn, pid)
if not proj:
raise NotFoundError("No such project")
# authorise
if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid
or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)):
raise PermissionDenied(user.name)
return proj.get_members(ccd._db.conn)
def select(ccd, sid, pld):
"""
Associate a project with a session. Without doing this, a user is not able
to execute any plugins.
input:
ccd ccd instance
sid session id of running session
pld payload of the OP_SETPROJ packet
must contain the following data:
pid id of the project to select
"""
# get user and workgroup
user, _ = ccd.get_user_and_workgroup(sid)
# parse payload
try:
pid = int(pld["pid"])
except (KeyError, ValueError):
raise InputError("Invalid payload format!")
# project we want to add to
proj = Project.by_pid(ccd._db.conn, pid)
if not proj:
raise NotFoundError("No such project")
# authorise
if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid
or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)):
raise PermissionDenied(user.name)
# select
ses = ccd.get_session(sid)
ses.setproject(ccd._db.conn, proj)
def remove_member(ccd, sid, pld):
"""
remove a user to a project
input:
ccd ccd instance
sid session id of running session
pld payload of the OP_DELPROJMEMBER packet
must contain the following data:
pid id of the project to del user from
uid id of the user to delete
"""
# get user and workgroup
user, _ = ccd.get_user_and_workgroup(sid)
# parse payload
try:
pid = int(pld["pid"])
uid = int(pld["uid"])
except (KeyError, ValueError):
raise InputError("Invalid payload format!")
# project we want to add to
proj = Project.by_pid(ccd._db.conn, pid)
if not proj:
raise NotFoundError("No such project")
# authorise
if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid
or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_DEL)):
raise PermissionDenied(user.name)
# remove member
proj.remove_member(ccd._db.conn, uid)
def show_projects(ccd, sid, pld):
"""
return projects the user is in
input:
ccd ccd instance
sid session id
pld payload of the OP_SHOWPROJ packet. if no payload provided, all
projects the user is member of are shown.
might contain the following data:
pid id of the project to show. this field might have
different states:
pid=<int> show project with corresponding id
pid= show all projects. only allowed for
superadmin
output:
returns selected projects
"""
response = []
# get user we work with
user, _ = ccd.get_user_and_workgroup(sid)
# get users projects
if not pld:
projs = user.get_projects(ccd._db.conn)
logger.debug("projs:%s", projs)
for proj in projs:
response.append(
dict(pid=proj[0],
name=proj[1],
ptype=proj[2],
created=proj[3].isoformat(),
creator=proj[4],
owner=proj[5]))
# get specific project
else:
try:
pid = pld["pid"]
except KeyError:
raise InputError("Invalid payload format!")
logger.debug("pid=:%s", pid)
# return project the user is interested in
if pid:
try:
pid = int(pid)
except ValueError:
raise InputError("Invalid pid!")
# project we want to add to
proj = Project.by_pid(ccd._db.conn, pid)
if not proj:
raise NotFoundError("No such project")
# authorise
if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid
or proj.owner == user.uid
or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)):
raise PermissionDenied(user.name)
response = [
dict(pid=proj.pid,
name=proj.name,
ptype=proj.ptype,
created=proj.created.isoformat(),
creator=proj.creator,
owner=proj.owner)
]
# if pid field empty, return all existing projects
else:
# authorise
if not (user.uid == ccd.superadmin.uid):
raise PermissionDenied(user.name)
all_projects = ccddb.get_all_projects(ccd._db.conn)
response = [
dict(pid=p[0],
name=p[1],
ptype=p[2],
created=p[3].isoformat(),
creator=p[4],
owner=p[5]) for p in all_projects
]
return response
def new_project(ccd, sid, pld):
"""
create new project
input:
ccd ccd instance
sid session id of running session
pld payload of the OP_NEWPROJ packet
might contain the following data:
name name of the plugin
tid type id
descrption plugin description
output:
returns project id
"""
logger.debug("creating new project..")
# get user and workgroup
user, wg = ccd.get_user_and_workgroup(sid)
# is user superadmin
if (not user.uid == ccd.superadmin.uid
and not wg.is_allowed(ccd._db.conn, user, ccddb.ACCESS_ADD)):
raise PermissionDenied(user.name)
elif not wg:
raise Exception("Failed to create project since user is not "
"assigned to any workgroup")
# parse request
try:
name = pld["name"]
if len(name) > MAX_LEN_NAME:
raise InputError("Name exceeds limit of %d characters" %
MAX_LEN_NAME)
tid = int(pld["tid"])
try:
description = pld["description"]
except KeyError:
description = ""
if len(description) > MAX_LEN_DESC:
raise InputError("Desc exceeds limit of %d characters" %
MAX_LEN_DESC)
except (KeyError, ValueError):
raise InputError("Invalid payload format!")
# set creator
creator = user
# set owner
# at the moment it's just some admin user
admins = wg.getmember_byrole(ccd._db.conn, ccddb.ROLE_ADMIN)
if not admins:
raise NotFoundError("No admin user in wgroup find!")
owner = admins[0]
# create project
proj = Project.create_fromname(ccd._db.conn, name, creator, owner, tid,
description)
return proj.pid