class WebQuery(db.Model):
"""Represent a WebQuery record."""
__tablename__ = 'query'
id = db.Column(db.Integer(15, unsigned=True),
primary_key=True,
autoincrement=True)
type = db.Column(db.Char(1), nullable=False, server_default='r')
urlargs = db.Column(db.Text().with_variant(db.Text(100), 'mysql'),
nullable=False)
class PidLog(db.Model):
"""Audit log of actions happening to persistent identifiers.
This model is primarily used through PersistentIdentifier.log and rarely
created manually.
"""
__tablename__ = 'pidLOG'
__table_args__ = (
db.Index('idx_action', 'action'),
)
id = db.Column(db.Integer(15, unsigned=True), primary_key=True)
"""Id of persistent identifier entry."""
id_pid = db.Column(
db.Integer(15, unsigned=True), db.ForeignKey(PersistentIdentifier.id),
nullable=True,
)
"""PID."""
timestamp = db.Column(db.DateTime(), nullable=False, default=datetime.now)
"""Creation datetime of entry."""
action = db.Column(db.String(10), nullable=False)
"""Action identifier."""
message = db.Column(db.Text(), nullable=False)
"""Log message."""
# Relationship
pid = db.relationship("PersistentIdentifier", backref="logs")
def do_upgrade():
""" Implement your upgrades here """
if not op.has_table('remoteACCOUNT'):
op.create_table('remoteACCOUNT',
db.Column('id',
db.Integer(display_width=15),
nullable=False),
db.Column('user_id',
db.Integer(display_width=15),
nullable=False),
db.Column('client_id',
db.String(length=255),
nullable=False),
db.Column('extra_data', db.JSON, nullable=True),
db.ForeignKeyConstraint(
['user_id'],
['user.id'],
),
db.PrimaryKeyConstraint('id'),
db.UniqueConstraint('user_id', 'client_id'),
mysql_charset='utf8',
mysql_engine='MyISAM')
else:
warnings.warn("*** Creation of table 'remoteACCOUNT table skipped!'")
if not op.has_table('remoteTOKEN'):
op.create_table('remoteTOKEN',
db.Column('id_remote_account',
db.Integer(display_width=15),
nullable=False),
db.Column('token_type',
db.String(length=40),
nullable=False),
db.Column('access_token', db.Text(), nullable=False),
db.Column('secret', db.Text(), nullable=False),
db.ForeignKeyConstraint(
['id_remote_account'],
['remoteACCOUNT.id'],
),
db.PrimaryKeyConstraint('id_remote_account',
'token_type'),
mysql_charset='utf8',
mysql_engine='MyISAM')
else:
warnings.warn("*** Creation of table 'remoteTOKEN' skipped!'")
class WtgTAGRecord(db.Model, Serializable):
"""Connection between Tag and Record."""
__tablename__ = 'wtgTAG_bibrec'
__public__ = set(['id_tag', 'id_bibrec', 'date_added'])
# tagTAG.id
id_tag = db.Column(db.Integer(15, unsigned=True),
db.ForeignKey(WtgTAG.id),
nullable=False,
primary_key=True)
# Record.id
id_bibrec = db.Column(db.MediumInteger(8, unsigned=True),
db.ForeignKey(Record.id),
nullable=False,
primary_key=True)
# Annotation
annotation = db.Column(
db.Text(convert_unicode=True),
default='')
# Creation date
date_added = db.Column(db.DateTime,
default=datetime.now)
# Relationships
tag = db.relationship(WtgTAG,
backref=db.backref('records_association',
cascade='all'))
tag_query = db.relationship(WtgTAG,
backref=db.backref('records_association_query',
cascade='all',
lazy='dynamic'))
bibrec = db.relationship(Record,
backref=db.backref('tags_association',
cascade='all'))
bibrec_query = db.relationship(Record,
backref=db.backref('tags_association_query',
cascade='all',
lazy='dynamic'))
def __init__(self, bibrec=None, **kwargs):
"""TODO."""
super(WtgTAGRecord, self).__init__(**kwargs)
if bibrec is not None:
self.bibrec = bibrec
def do_upgrade():
"""Implement your upgrades here."""
try:
op.add_column('inspire_prod_records',
db.Column('valid',
db.Boolean,
default=None,
nullable=True,
index=True)
)
op.add_column('inspire_prod_records',
db.Column('errors',
db.Text(),
nullable=True)
)
except OperationalError as err:
# Columns exist
warnings.warn(
"*** Error adding columns 'inspire_prod_records.valid' "
"and 'inspire_prod_records.errors': {0} ***".format(
str(err)
)
)
class RemoteToken(db.Model):
"""Storage for the access tokens for linked accounts."""
__tablename__ = 'remoteTOKEN'
#
# Fields
#
id_remote_account = db.Column(db.Integer(15, unsigned=True),
db.ForeignKey(RemoteAccount.id),
nullable=False,
primary_key=True)
"""Foreign key to account."""
token_type = db.Column(db.String(40),
default='',
nullable=False,
primary_key=True)
"""Type of token."""
access_token = db.Column(TextEncryptedType(type_in=db.Text,
key=secret_key),
nullable=False)
"""Access token to remote application."""
secret = db.Column(db.Text(), default='', nullable=False)
"""Used only by OAuth 1."""
def token(self):
"""Get token as expected by Flask-OAuthlib."""
return (self.access_token, self.secret)
def update_token(self, token, secret):
"""Update token with new values."""
if self.access_token != token or self.secret != secret:
self.access_token = token
self.secret = secret
db.session.commit()
@classmethod
def get(cls, user_id, client_id, token_type='', access_token=None):
"""Get RemoteToken for user."""
args = [
RemoteAccount.id == RemoteToken.id_remote_account,
RemoteAccount.user_id == user_id,
RemoteAccount.client_id == client_id,
RemoteToken.token_type == token_type,
]
if access_token:
args.append(RemoteToken.access_token == access_token)
return cls.query.options(
db.joinedload('remote_account')).filter(*args).first()
@classmethod
def get_by_token(cls, client_id, access_token, token_type=''):
"""Get RemoteAccount object for token."""
return cls.query.options(db.joinedload('remote_account')).filter(
RemoteAccount.id == RemoteToken.id_remote_account,
RemoteAccount.client_id == client_id,
RemoteToken.token_type == token_type,
RemoteToken.access_token == access_token,
).first()
@classmethod
def create(cls,
user_id,
client_id,
token,
secret,
token_type='',
extra_data=None):
"""Create a new access token.
Creates RemoteAccount as well if it does not exists.
"""
account = RemoteAccount.get(user_id, client_id)
if account is None:
account = RemoteAccount(
user_id=user_id,
client_id=client_id,
extra_data=extra_data or dict(),
)
db.session.add(account)
token = cls(
token_type=token_type,
remote_account=account,
access_token=token,
secret=secret,
)
db.session.add(token)
db.session.commit()
return token
class KnwKBRVAL(db.Model):
"""Represent a KnwKBRVAL record."""
__tablename__ = 'knwKBRVAL'
m_key = db.Column(db.String(255),
nullable=False,
primary_key=True,
index=True)
m_value = db.Column(db.Text().with_variant(mysql.TEXT(30), 'mysql'),
nullable=False)
id_knwKB = db.Column(db.MediumInteger(8, unsigned=True),
db.ForeignKey(KnwKB.id),
nullable=False,
server_default='0',
primary_key=True)
kb = db.relationship(
KnwKB,
backref=db.backref(
'kbrvals',
cascade="all, delete-orphan",
collection_class=attribute_mapped_collection("m_key")))
@staticmethod
def query_kb_mappings(kbid, sortby="to", key="", value="", match_type="s"):
"""Return a list of all mappings from the given kb, ordered by key.
If key given, give only those with left side (mapFrom) = key.
If value given, give only those with right side (mapTo) = value.
:param kb_name: knowledge base name. if "", return all
:param sortby: the sorting criteria ('from' or 'to')
:param key: return only entries where key matches this
:param value: return only entries where value matches this
:param match_type: s=substring, e=exact, sw=startswith
"""
# query
query = KnwKBRVAL.query.filter(KnwKBRVAL.id_knwKB == kbid)
# filter
if len(key) > 0:
if match_type == "s":
key = "%" + key + "%"
elif match_type == "sw":
key = key + "%"
else:
key = '%'
if len(value) > 0:
if match_type == "s":
value = "%" + value + "%"
elif match_type == "sw":
value = value + "%"
else:
value = '%'
query = query.filter(KnwKBRVAL.m_key.like(key),
KnwKBRVAL.m_value.like(value))
# order by
if sortby == "from":
query = query.order_by(KnwKBRVAL.m_key)
else:
query = query.order_by(KnwKBRVAL.m_value)
return query
def to_dict(self):
"""Return a dict representation of KnwKBRVAL."""
# FIXME remove 'id' dependency from invenio modules
return {
'id': self.m_key + "_" + str(self.id_knwKB),
'key': self.m_key,
'value': self.m_value,
'kbid': self.kb.id if self.kb else None,
'kbname': self.kb.name if self.kb else None
}
class Client(db.Model):
"""A client is the app which want to use the resource of a user.
It is suggested that the client is registered by a user on your site, but
it is not required.
The client should contain at least these information:
client_id: A random string
client_secret: A random string
client_type: A string represents if it is confidential
redirect_uris: A list of redirect uris
default_redirect_uri: One of the redirect uris
default_scopes: Default scopes of the client
But it could be better, if you implemented:
allowed_grant_types: A list of grant types
allowed_response_types: A list of response types
validate_scopes: A function to validate scopes
"""
__tablename__ = 'oauth2CLIENT'
name = db.Column(
db.String(40),
info=dict(
label=_('Name'),
description=_('Name of application (displayed to users).'),
validators=[validators.DataRequired()]
)
)
"""Human readable name of the application."""
description = db.Column(
db.Text(),
default=u'',
info=dict(
label=_('Description'),
description=_('Optional. Description of the application'
' (displayed to users).'),
)
)
"""Human readable description."""
website = db.Column(
URLType(),
info=dict(
label=_('Website URL'),
description=_('URL of your application (displayed to users).'),
),
default=u'',
)
user_id = db.Column(db.ForeignKey('user.id'), nullable=True)
"""Creator of the client application."""
client_id = db.Column(db.String(255), primary_key=True)
"""Client application ID."""
client_secret = db.Column(
db.String(255), unique=True, index=True, nullable=False
)
"""Client application secret."""
is_confidential = db.Column(db.Boolean, default=True)
"""Determine if client application is public or not."""
is_internal = db.Column(db.Boolean, default=False)
"""Determins if client application is an internal application."""
_redirect_uris = db.Column(db.Text)
"""A newline-separated list of redirect URIs. First is the default URI."""
_default_scopes = db.Column(db.Text)
"""A space-separated list of default scopes of the client.
The value of the scope parameter is expressed as a list of space-delimited,
case-sensitive strings.
"""
user = db.relationship(
User,
backref=db.backref(
"oauth2clients",
cascade="all, delete-orphan",
)
)
"""Relationship to user."""
@property
def allowed_grant_types(self):
"""Return allowed grant types."""
return current_app.config['OAUTH2_ALLOWED_GRANT_TYPES']
@property
def allowed_response_types(self):
"""Return allowed response types."""
return current_app.config['OAUTH2_ALLOWED_RESPONSE_TYPES']
# def validate_scopes(self, scopes):
# return self._validate_scopes
@property
def client_type(self):
"""Return client type."""
if self.is_confidential:
return 'confidential'
return 'public'
@property
def redirect_uris(self):
"""Return redirect uris."""
if self._redirect_uris:
return self._redirect_uris.splitlines()
return []
@redirect_uris.setter
def redirect_uris(self, value):
"""Validate and store redirect URIs for client."""
if isinstance(value, six.text_type):
value = value.split("\n")
value = [v.strip() for v in value]
for v in value:
validate_redirect_uri(v)
self._redirect_uris = "\n".join(value) or ""
@property
def default_redirect_uri(self):
"""Return default redirect uri."""
try:
return self.redirect_uris[0]
except IndexError:
pass
@property
def default_scopes(self):
"""List of default scopes for client."""
if self._default_scopes:
return self._default_scopes.split(" ")
return []
@default_scopes.setter
def default_scopes(self, scopes):
"""Set default scopes for client."""
validate_scopes(scopes)
self._default_scopes = " ".join(set(scopes)) if scopes else ""
def validate_scopes(self, scopes):
"""Validate if client is allowed to access scopes."""
try:
validate_scopes(scopes)
return True
except ScopeDoesNotExists:
return False
def gen_salt(self):
"""Generate salt."""
self.reset_client_id()
self.reset_client_secret()
def reset_client_id(self):
"""Reset client id."""
self.client_id = gen_salt(
current_app.config.get('OAUTH2_CLIENT_ID_SALT_LEN')
)
def reset_client_secret(self):
"""Reset client secret."""
self.client_secret = gen_salt(
current_app.config.get('OAUTH2_CLIENT_SECRET_SALT_LEN')
)