def _process(self):
config = Config.getInstance()
# QRCode (Version 6 with error correction L can contain up to 106 bytes)
qr = qrcode.QRCode(version=6,
error_correction=qrcode.constants.ERROR_CORRECT_M,
box_size=4,
border=1)
checkin_app_client_id = config.getCheckinAppClientId()
checkin_app = OAuthApplication.find_first(
client_id=checkin_app_client_id)
qr_data = {
"event_id": self.event_new.id,
"title": self.event_new.title,
"date": format_date(self.event_new.start_dt_local
), # XXX: switch to utc+isoformat?
"server": {
"baseUrl": config.getBaseURL(),
"consumerKey": checkin_app.client_id,
"auth_url": url_for('oauth.oauth_authorize', _external=True),
"token_url": url_for('oauth.oauth_token', _external=True)
}
}
json_qr_data = json.dumps(qr_data)
qr.add_data(json_qr_data)
qr.make(fit=True)
qr_img = qr.make_image()
output = BytesIO()
qr_img.save(output)
output.seek(0)
return send_file('config.png', output, 'image/png')
def load_client(client_id):
try:
UUID(hex=client_id)
except ValueError:
raise InvalidClientIdError
app = OAuthApplication.find_first(client_id=client_id)
if not app.is_enabled:
raise DisabledClientIdError
return app
def load_client(client_id):
try:
UUID(hex=client_id)
except ValueError:
raise InvalidClientIdError
app = OAuthApplication.find_first(client_id=client_id)
if not app.is_enabled:
raise DisabledClientIdError
return app
def _check_ticket_app_enabled(self):
config = Config.getInstance()
checkin_app_client_id = config.getCheckinAppClientId()
if checkin_app_client_id is None:
flash(_("indico-checkin client_id is not defined in the Indico configuration"), 'warning')
return False
checkin_app = OAuthApplication.find_first(client_id=checkin_app_client_id)
if checkin_app is None:
flash(_("indico-checkin is not registered as an OAuth application with client_id {}")
.format(checkin_app_client_id), 'warning')
return False
return True
def _check_ticket_app_enabled(self):
config = Config.getInstance()
checkin_app_client_id = config.getCheckinAppClientId()
if checkin_app_client_id is None:
flash(_("indico-checkin client_id is not defined in the Indico configuration"), 'warning')
return False
checkin_app = OAuthApplication.find_first(client_id=checkin_app_client_id)
if checkin_app is None:
flash(_("indico-checkin is not registered as an OAuth application with client_id {}")
.format(checkin_app_client_id), 'warning')
return False
return True
def run(self, args):
# disable the zodb commit hook
update_session_options(db)
# remove the celery shell command
next(funcs for group, funcs, _ in command_classes if group == 'Main').remove('shell')
del CeleryCommand.commands['shell']
if args and args[0] == 'flower':
# Somehow flower hangs when executing it using CeleryCommand() so we simply exec it directly.
# It doesn't really need the celery config anyway (besides the broker url)
try:
import flower
except ImportError:
print cformat('%{red!}Flower is not installed')
sys.exit(1)
client_id = Config.getInstance().getFlowerClientId()
if client_id:
app = OAuthApplication.find_first(client_id=client_id)
if app is None:
print cformat('%{red!}There is no OAuth application with the client id {}.').format(client_id)
sys.exit(1)
elif 'read:user' not in app.default_scopes:
print cformat('%{red!}The {} application needs the read:user scope.').format(app.name)
sys.exit(1)
print cformat('%{green!}Only Indico admins will have access to flower.')
print cformat('%{yellow}Note that revoking admin privileges will not revoke Flower access.')
print cformat('%{yellow}To force re-authentication, restart Flower.')
auth_args = ['--auth=^Indico Admin$', '--auth_provider=indico.core.celery.flower.FlowerAuthHandler']
auth_env = {'INDICO_FLOWER_CLIENT_ID': app.client_id,
'INDICO_FLOWER_CLIENT_SECRET': app.client_secret,
'INDICO_FLOWER_AUTHORIZE_URL': url_for('oauth.oauth_authorize', _external=True),
'INDICO_FLOWER_TOKEN_URL': url_for('oauth.oauth_token', _external=True),
'INDICO_FLOWER_USER_URL': url_for('users.authenticated_user', _external=True)}
else:
print cformat('%{red!}WARNING: %{yellow!}Flower authentication is disabled.')
print cformat('%{yellow!}Having access to Flower allows one to shutdown Celery workers.')
print
auth_args = []
auth_env = {}
args = ['celery', '-b', Config.getInstance().getCeleryBroker()] + args + auth_args
env = dict(os.environ, **auth_env)
os.execvpe('celery', args, env)
elif args and args[0] == 'shell':
print cformat('%{red!}Please use `indico shell`.')
sys.exit(1)
else:
CeleryCommand(celery).execute_from_commandline(['indico celery'] + args)
def run(self, args):
# disable the zodb commit hook
update_session_options(db)
# remove the celery shell command
next(funcs for group, funcs, _ in command_classes if group == 'Main').remove('shell')
del CeleryCommand.commands['shell']
if args and args[0] == 'flower':
# Somehow flower hangs when executing it using CeleryCommand() so we simply exec it directly.
# It doesn't really need the celery config anyway (besides the broker url)
try:
import flower
except ImportError:
print cformat('%{red!}Flower is not installed')
sys.exit(1)
client_id = Config.getInstance().getFlowerClientId()
if client_id:
app = OAuthApplication.find_first(client_id=client_id)
if app is None:
print cformat('%{red!}There is no OAuth application with the client id {}.').format(client_id)
sys.exit(1)
elif 'read:user' not in app.default_scopes:
print cformat('%{red!}The {} application needs the read:user scope.').format(app.name)
sys.exit(1)
print cformat('%{green!}Only Indico admins will have access to flower.')
print cformat('%{yellow}Note that revoking admin privileges will not revoke Flower access.')
print cformat('%{yellow}To force re-authentication, restart Flower.')
auth_args = ['--auth=^Indico Admin$', '--auth_provider=indico.core.celery.flower.FlowerAuthHandler']
auth_env = {'INDICO_FLOWER_CLIENT_ID': app.client_id,
'INDICO_FLOWER_CLIENT_SECRET': app.client_secret,
'INDICO_FLOWER_AUTHORIZE_URL': url_for('oauth.oauth_authorize', _external=True),
'INDICO_FLOWER_TOKEN_URL': url_for('oauth.oauth_token', _external=True),
'INDICO_FLOWER_USER_URL': url_for('users.authenticated_user', _external=True)}
else:
print cformat('%{red!}WARNING: %{yellow!}Flower authentication is disabled.')
print cformat('%{yellow!}Having access to Flower allows one to shutdown Celery workers.')
print
auth_args = []
auth_env = {}
args = ['celery', '-b', Config.getInstance().getCeleryBroker()] + args + auth_args
env = dict(os.environ, **auth_env)
os.execvpe('celery', args, env)
elif args and args[0] == 'shell':
print cformat('%{red!}Please use `indico shell`.')
sys.exit(1)
else:
CeleryCommand(celery).execute_from_commandline(['indico celery'] + args)
def _getAnswer(self):
config = Config.getInstance()
checkin_app_client_id = config.getCheckinAppClientId()
if checkin_app_client_id is None:
raise NoReportError(_("indico-checkin client_id is not defined in the Indico configuration"))
checkin_app = OAuthApplication.find_first(client_id=checkin_app_client_id)
if checkin_app is None:
raise NoReportError(
_("indico-checkin is not registered as an OAuth application with client_id {}").format(
checkin_app_client_id
)
)
# QRCode (Version 6 with error correction L can contain up to 106 bytes)
qr = QRCode(version=6, error_correction=constants.ERROR_CORRECT_M, box_size=4, border=1)
baseURL = config.getBaseSecureURL() if config.getBaseSecureURL() else config.getBaseURL()
qr_data = {
"event_id": self._conf.getId(),
"title": self._conf.getTitle(),
"date": format_date(self._conf.getAdjustedStartDate()),
"server": {
"baseUrl": baseURL,
"consumerKey": checkin_app.client_id,
"auth_url": url_for("oauth.oauth_authorize", _external=True),
"token_url": url_for("oauth.oauth_token", _external=True),
},
}
json_qr_data = json.dumps(qr_data)
qr.add_data(json_qr_data)
qr.make(fit=True)
qr_img = qr.make_image()
output = StringIO()
qr_img._img.save(output, format="png")
im_data = output.getvalue()
return "data:image/png;base64,{0}".format(base64.b64encode(im_data))
def _process(self):
config = Config.getInstance()
# QRCode (Version 6 with error correction L can contain up to 106 bytes)
qr = qrcode.QRCode(
version=6,
error_correction=qrcode.constants.ERROR_CORRECT_M,
box_size=4,
border=1
)
checkin_app_client_id = config.getCheckinAppClientId()
checkin_app = OAuthApplication.find_first(client_id=checkin_app_client_id)
base_url = config.getBaseSecureURL() if config.getBaseSecureURL() else config.getBaseURL()
qr_data = {
"event_id": self._conf.getId(),
"title": self._conf.getTitle(),
"date": format_date(self._conf.getAdjustedStartDate()),
"server": {
"baseUrl": base_url,
"consumerKey": checkin_app.client_id,
"auth_url": url_for('oauth.oauth_authorize', _external=True),
"token_url": url_for('oauth.oauth_token', _external=True)
}
}
json_qr_data = json.dumps(qr_data)
qr.add_data(json_qr_data)
qr.make(fit=True)
qr_img = qr.make_image()
output = BytesIO()
qr_img.save(output)
output.seek(0)
return send_file('config.png', output, 'image/png')
