def decode(self, node, cstruct):
if isinstance(cstruct, Account):
return cstruct
if isinstance(cstruct, basestring):
return Account.by_login(cstruct)
if isinstance(cstruct, dict):
if cstruct.get('login'):
return Account.by_login(cstruct.get('login'))
return None
def decode(self, node, cstruct):
if isinstance(cstruct, Account):
return cstruct
if isinstance(cstruct, int):
return Account.by_id(cstruct)
if isinstance(cstruct, dict):
if cstruct.get('id'):
return Account.by_id(cstruct.get('id'))
return None
def decode(self, node, cstruct):
if isinstance(cstruct, Account):
return cstruct
if isinstance(cstruct, int):
return Account.by_id(cstruct)
if isinstance(cstruct, dict):
if cstruct.get('id'):
return Account.by_id(cstruct.get('id'))
return None
def check_auth():
api_key = request.headers.get('Authorization') \
or request.args.get('api_key')
if session.get('id'):
request.account = Account.by_id(session.get('id'))
if request.account is None:
del session['id']
raise Unauthorized()
elif api_key is not None:
request.account = Account.by_api_key(api_key)
if request.account is None:
raise Unauthorized()
else:
request.account = None
def update(id):
account = object_or_404(Account.by_id(id))
authz.require(account.id==request.account.id)
data = request_data()
entity = accounts.save(data, account=account)
db.session.commit()
return jsonify(accounts.to_rest(account))
def check_auth():
api_key = request.headers.get('X-Grano-API-Key') \
or request.args.get('api_key')
if session.get('id'):
request.account = Account.by_id(session.get('id'))
if request.account is None:
del session['id']
raise Unauthorized()
elif api_key is not None:
request.account = Account.by_api_key(api_key)
if request.account is None:
raise Unauthorized()
if arg_bool('api_key_cookie'):
session['id'] = request.account.id
else:
request.account = None
def update(id):
account = object_or_404(Account.by_id(id))
authz.require(account.id == request.account.id)
data = request_data()
account = accounts.save(data, account=account)
db.session.commit()
return jsonify(account)
def console_account(login='******'):
account = Account.by_login(login)
if account is None:
account = save({
'login': login,
'email': None,
'full_name': 'System Operations'
})
return account
def basic_authentication():
""" Attempt HTTP basic authentication on a per-request basis. """
if "Authorization" in request.headers:
authorization = request.headers.get("Authorization")
authorization = authorization.split(" ", 1)[-1]
name, password = authorization.decode("base64").split(":", 1)
account = Account.by_name(name)
if account is None or not account.validate_password(password) or not login_user(account):
raise Unauthorized("Invalid username or password.")
def make_test_app(use_cookies=False):
app.config['TESTING'] = True
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///:memory:'
#import ipdb; ipdb.set_trace()
from grano.model import Account
db.create_all()
client = app.test_client(use_cookies=use_cookies)
app.test_user = Account.create(TEST_USER)
db.session.commit()
return client
def console_account(login='******'):
""" Create the default system account. """
account = Account.by_login(login)
if account is None:
account = save({
'login': login,
'email': None,
'full_name': 'System Operations'
})
return account
def make_test_app(use_cookies=False):
app.config['TESTING'] = True
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///:memory:'
#import ipdb; ipdb.set_trace()
from grano.model import Account
db.create_all()
client = app.test_client(use_cookies=use_cookies)
app.test_user = Account.create(TEST_USER)
db.session.commit()
return client
def basic_authentication():
""" Attempt HTTP basic authentication on a per-request basis. """
if 'Authorization' in request.headers:
authorization = request.headers.get('Authorization')
authorization = authorization.split(' ', 1)[-1]
name, password = authorization.decode('base64').split(':', 1)
account = Account.by_name(name)
if account is None \
or not account.validate_password(password) \
or not login_user(account):
raise Unauthorized('Invalid username or password.')
def login_save():
""" Create an account based on the sign-up form. """
data = request_content(request)
account = Account.by_name(data.get('name'))
if not account \
or not account.validate_password(data.get('password')) \
or not login_user(account):
return error_fill(login_form(), data,
{'name': 'Invalid username or password!'})
flash("Welcome back, %s!" % account.display_name, 'success')
return redirect(url_for('home.index'))
def basic_authentication():
""" Attempt HTTP basic authentication on a per-request basis. """
if 'Authorization' in request.headers:
authorization = request.headers.get('Authorization')
authorization = authorization.split(' ', 1)[-1]
name, password = authorization.decode('base64').split(':', 1)
account = Account.by_name(name)
if account is None \
or not account.validate_password(password) \
or not login_user(account):
raise Unauthorized('Invalid username or password.')
def login_save():
""" Create an account based on the sign-up form. """
data = request_content(request)
account = Account.by_name(data.get('name'))
if not account \
or not account.validate_password(data.get('password')) \
or not login_user(account):
return error_fill(login_form(), data,
{'name': 'Invalid username or password!'})
flash("Welcome back, %s!" % account.display_name, 'success')
return redirect(url_for('home.index'))
def register_save():
""" Create an account based on the sign-up form. """
require.account.create()
data = request_content(request)
context = ValidationContext()
try:
data = validate_account(dict(data.items()), context)
account = Account.create(data)
db.session.commit()
flash("Welcome, %s!" % account.display_name, 'success')
return redirect(url_for('home.index'))
except Invalid as inv:
return error_fill(register_form(), data, invalid_dict(inv))
def save(data, account=None):
if account is None:
account = Account()
account.github_id = data.get('github_id')
account.twitter_id = data.get('twitter_id')
account.facebook_id = data.get('facebook_id')
account.login = data.get('login')
if data.get('full_name'):
account.full_name = data.get('full_name')
if data.get('email'):
account.email = data.get('email')
db.session.add(account)
db.session.flush()
return account
def register_save():
""" Create an account based on the sign-up form. """
require.account.create()
data = request_content(request)
context = ValidationContext()
try:
data = validate_account(dict(data.items()), context)
account = Account.create(data)
db.session.commit()
flash("Welcome, %s!" % account.display_name, 'success')
return redirect(url_for('home.index'))
except Invalid as inv:
return error_fill(register_form(),
data,
invalid_dict(inv))
def facebook_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or not 'access_token' in resp:
return redirect(next_url)
session['facebook_token'] = (resp.get('access_token'), '')
data = facebook.get('/me').data
account = Account.by_facebook_id(data.get('id'))
data_ = {
'full_name': data.get('name'),
'login': data.get('username'),
'email': data.get('email'),
'facebook_id': data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def facebook_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or 'access_token' not in resp:
return redirect(next_url)
session['facebook_token'] = (resp.get('access_token'), '')
data = PROVIDERS.get('facebook').get('/me').data
account = Account.by_facebook_id(data.get('id'))
data_ = {
'full_name': data.get('name'),
'login': data.get('username'),
'email': data.get('email'),
'facebook_id': data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def twitter_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or 'oauth_token' not in resp:
return redirect(next_url)
session['twitter_token'] = (resp['oauth_token'],
resp['oauth_token_secret'])
provider = PROVIDERS.get('twitter')
res = provider.get('users/show.json?user_id=%s' % resp.get('user_id'))
account = Account.by_twitter_id(res.data.get('id'))
data_ = {
'full_name': res.data.get('name'),
'login': res.data.get('screen_name'),
'twitter_id': res.data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def twitter_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or not 'oauth_token' in resp:
return redirect(next_url)
session['twitter_token'] = (resp['oauth_token'],
resp['oauth_token_secret'])
res = twitter.get('users/show.json?user_id=%s' % resp.get('user_id'))
account = Account.by_twitter_id(res.data.get('id'))
data_ = {
'full_name': res.data.get('name'),
'login': res.data.get('screen_name'),
'twitter_id': res.data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def save(data, account=None):
if account is None:
account = Account()
account.github_id = data.get('github_id')
account.twitter_id = data.get('twitter_id')
account.facebook_id = data.get('facebook_id')
account.login = data.get('login')
if data.get('full_name'):
account.full_name = data.get('full_name')
if data.get('email'):
account.email = data.get('email')
db.session.add(account)
db.session.flush()
return account
def save(data, account=None):
if account is None:
account = Account()
account.github_id = data.get("github_id")
account.twitter_id = data.get("twitter_id")
account.facebook_id = data.get("facebook_id")
account.login = data.get("login")
if data.get("full_name"):
account.full_name = data.get("full_name")
if data.get("email"):
account.email = data.get("email")
db.session.add(account)
db.session.flush()
return account
def github_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or 'access_token' not in resp:
return redirect(next_url)
access_token = resp['access_token']
session['access_token'] = access_token, ''
url = 'https://api.github.com/user?access_token=%s'
res = requests.get(url % access_token, verify=False)
data = res.json()
account = Account.by_github_id(data.get('id'))
data_ = {
'full_name': data.get('name'),
'login': data.get('login'),
'email': data.get('email'),
'github_id': data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def github_authorized(resp):
next_url = session.get('next_url', '/')
if resp is None or 'access_token' not in resp:
return redirect(next_url)
access_token = resp['access_token']
session['access_token'] = access_token, ''
url = 'https://api.github.com/user?access_token=%s'
res = requests.get(url % access_token, verify=False)
data = res.json()
account = Account.by_github_id(data.get('id'))
data_ = {
'full_name': data.get('name'),
'login': data.get('login'),
'email': data.get('email'),
'github_id': data.get('id')
}
account = accounts.save(data_, account=account)
db.session.commit()
session['id'] = account.id
return redirect(next_url)
def console_account(login="******"):
""" Create the default system account. """
account = Account.by_login(login)
if account is None:
account = save({"login": login, "email": None, "full_name": "System Operations"})
return account
def view(id):
account = object_or_404(Account.by_id(id))
return jsonify(account)
def _check(value):
if context.account and context.account.name == value:
return True
if Account.by_name(value) is not None:
return "This account name is already in use, please choose another."
return True
def console_account(login='******'):
account = Account.by_login(login)
if account is None:
account = save({'login': login, 'id': None, 'email': None})
return account
def _check(value):
if context.account and context.account.name == value:
return True
if Account.by_name(value) is not None:
return "This account name is already in use, please choose another."
return True
def load_account(name):
return Account.by_name(name)
def view(id):
account = object_or_404(Account.by_id(id))
return jsonify(accounts.to_rest(account))
def load_account(name):
return Account.by_name(name)
