def delProvider(provider_type, provider_name):
"""
delete a provider
:param provider_type: the type of Provider: sms or email
:param provider_name: the name of the provider
:return: the number of deleted entries
"""
detail = {}
prefix = Provider_types.get(provider_type, {}).get('prefix')
if not prefix:
raise Exception('unknown provider type %r' % provider_type)
# find out, which providers we have
config = getLinotpConfig()
# if the provider is the default one, we don't delete this one
default_provider_key = Default_Provider_Key[provider_type]
if default_provider_key in config:
default_provider = config[default_provider_key]
if provider_name == default_provider:
detail = {'message': _('Default provider could not be deleted!')}
ret = 0
return ret, detail
# check that there are no references left
provider_policies = _lookup_provider_policies(provider_type)
if provider_name in provider_policies:
detail = {
'message': (_('Unable to delete - provider used in policies!\n[%s]')
% ','.join(provider_policies[provider_name]))
}
ret = 0
return ret, detail
del_entries = set()
provider = prefix + provider_name
# first delete the provider root entry
if provider in config:
del_entries.add(provider)
# now lookup the all decent entries
provider_prefix = provider + '.'
for key in config.keys():
if key[:len(provider_prefix)] == provider_prefix:
del_entries.add(key)
# when all entries are gathered, we can now delete them all
for del_entry in del_entries:
removeFromConfig(del_entry)
ret = len(del_entries)
return ret, detail
def setProvider(params):
"""
save the provider info in linotp config
:param params: generic parameter dictionary to support later more complex
provider definitions
in the dictionary currently required keys are
:param type: sms or email
:param name: the provider name
:param config: the provider config
:param timeout: the provider timeout
:param: default: boolean
:return: success - boolean
"""
provider_type = params['type']
provider_name = params['name']
prefix = Provider_types.get(provider_type, {}).get('prefix')
if not prefix:
raise Exception('unknown provider type %r' % provider_type)
provider_prefix = prefix + provider_name
storeConfig(key=provider_prefix, val=params['class'])
storeConfig(key=provider_prefix + '.Timeout', val=params['timeout'])
# alternative to storing the whole config in encrypted way, we
# might look if it's a json and store the next Config. level
# and look for the reserved additional appended type: password
storeConfig(key=provider_prefix + '.Config', val=params['config'],
typ='password')
# finally we handle the default setting and the
# ability to delete legacy entries
drop_legacy = False
config = getLinotpConfig()
default_provider_key = Default_Provider_Key[provider_type]
if 'default' in params:
if params['default'] == True or params['default'].lower() == 'true':
storeConfig(key=default_provider_key, val=provider_name)
drop_legacy = True
elif provider_name == config.get(default_provider_key, ''):
drop_legacy = True
if drop_legacy:
# at this point we can drop the legacy definition
entries = Legacy_Provider[provider_type]
for entry in entries.keys():
if entry in config:
removeFromConfig(entry)
return True, {}
def _delete_realm_config(realmname):
#
# we test if before delete there has been a default
# if yes - check after delete, if still one there
# and set the last available to default
#
defRealm = getDefaultRealm()
hadDefRealmBefore = False
if defRealm != "":
hadDefRealmBefore = True
# now test if realm is defined
if isRealmDefined(realmname) is True:
if realmname.lower() == defRealm.lower():
setDefaultRealm("")
if realmname == "_default_":
realmConfig = "useridresolver"
else:
realmConfig = "useridresolver.group." + realmname
return removeFromConfig(realmConfig, iCase=True)
if hadDefRealmBefore is True:
defRealm = getDefaultRealm()
if defRealm == "":
realms = getRealms()
if len(realms) == 2:
for k in realms:
if k != realm:
setDefaultRealm(k)
def deleteResolver(resolvername):
'''
delete a resolver and all related config entries
:paramm resolvername: the name of the to be deleted resolver
:type resolvername: string
:return: sucess or fail
:rtype: boelean
'''
res = False
resolvertypes = get_resolver_types()
conf = context.get('Config')
# conf = getLinotpConfig()
delEntries = []
resolver_specs = set()
for entry in conf:
rest = entry.split(".", 3)
lSplit = len(rest)
if lSplit > 3:
rConf = rest[lSplit - 1]
if rConf == resolvername:
if rest[0] == "linotp" or rest[0] == "enclinotp":
typ = rest[1]
if typ in resolvertypes:
delEntries.append(entry)
resolver_conf = get_resolver_class_config(typ)
resolver_class = resolver_conf.get(typ,
{}).get('clazz')
fqn = ".".join([resolver_class, resolvername])
resolver_specs.add(fqn)
if len(delEntries) > 0:
try:
for entry in delEntries:
res = removeFromConfig(entry)
res = True
except Exception as e:
log.exception("Deleting resolver %s failed. Exception was %r" %
(resolvername, e))
res = False
if res:
# on success we can flush the caches
for resolver_spec in resolver_specs:
_flush_user_resolver_cache(resolver_spec)
_delete_from_resolver_config_cache(resolver_spec)
return res
def deleteResolver(resolvername):
'''
delete a resolver and all related config entries
:paramm resolvername: the name of the to be deleted resolver
:type resolvername: string
:return: sucess or fail
:rtype: boelean
'''
res = False
resolvertypes = get_resolver_types()
conf = context.get('Config')
# conf = getLinotpConfig()
delEntries = []
resolver_specs = set()
for entry in conf:
rest = entry.split(".", 3)
lSplit = len(rest)
if lSplit > 3:
rConf = rest[lSplit - 1]
if rConf == resolvername:
if rest[0] == "linotp" or rest[0] == "enclinotp":
typ = rest[1]
if typ in resolvertypes:
delEntries.append(entry)
resolver_conf = get_resolver_class_config(typ)
resolver_class = resolver_conf.get(typ, {}).get('clazz')
fqn = ".".join([resolver_class, resolvername])
resolver_specs.add(fqn)
if len(delEntries) > 0:
try:
for entry in delEntries:
res = removeFromConfig(entry)
res = True
except Exception as e:
log.exception("Deleting resolver %s failed. Exception was %r"
% (resolvername, e))
res = False
if res:
# on success we can flush the caches
for resolver_spec in resolver_specs:
_flush_user_resolver_cache(resolver_spec)
_delete_from_resolver_config_cache(resolver_spec)
return res
def deletePolicy(name, enforce=False):
'''
Function to delete one named policy
attributes:
name: (required) will only return the policy with the name
'''
res = {}
if not re.match('^[a-zA-Z0-9_]*$', name):
raise ServerError(
"policy name may only contain the "
"characters a-zA-Z0-9_",
id=8888)
if context and 'Config' in context:
Config = context['Config']
else:
Config = getLinotpConfig()
if context and 'Policies' in context:
policies = context['Policies']
else:
policies = getPolicies()
# check if due to delete of the policy a lockout could happen
param = policies.get(name)
# delete is same as inactive ;-)
if param:
param['active'] = "False"
param['name'] = name
param['enforce'] = enforce
_check_policy_impact(**param)
delEntries = []
for entry in Config:
if entry.startswith("linotp.Policy.%s." % name):
delEntries.append(entry)
for entry in delEntries:
# delete this entry.
log.debug("[deletePolicy] removing key: %s" % entry)
ret = removeFromConfig(entry)
res[entry] = ret
return res
def deletePolicy(name, enforce=False):
"""
Function to delete one named policy
attributes:
name: (required) will only return the policy with the name
"""
res = {}
if not re.match("^[a-zA-Z0-9_]*$", name):
raise ServerError(
"policy name may only contain the " "characters a-zA-Z0-9_",
id=8888,
)
if context and context.get("Config"):
Config = context["Config"]
else:
Config = getLinotpConfig()
#
# we need the policies for a name lookup only
policies = get_policies()
# check if due to delete of the policy a lockout could happen
param = policies.get(name)
# delete is same as inactive ;-)
if param:
param["active"] = "False"
param["name"] = name
param["enforce"] = enforce
_check_policy_impact(**param)
delEntries = []
for entry in Config:
if entry.startswith("linotp.Policy.%s." % name):
delEntries.append(entry)
for entry in delEntries:
# delete this entry.
log.debug("[deletePolicy] removing key: %r", entry)
ret = removeFromConfig(entry)
res[entry] = ret
return res
def deletePolicy(name, enforce=False):
'''
Function to delete one named policy
attributes:
name: (required) will only return the policy with the name
'''
res = {}
if not re.match('^[a-zA-Z0-9_]*$', name):
raise ServerError("policy name may only contain the "
"characters a-zA-Z0-9_", id=8888)
if context and 'Config' in context:
Config = context['Config']
else:
Config = getLinotpConfig()
#
# we need the policies for a name lookup only
policies = get_policies()
# check if due to delete of the policy a lockout could happen
param = policies.get(name)
# delete is same as inactive ;-)
if param:
param['active'] = "False"
param['name'] = name
param['enforce'] = enforce
_check_policy_impact(**param)
delEntries = []
for entry in Config:
if entry.startswith("linotp.Policy.%s." % name):
delEntries.append(entry)
for entry in delEntries:
# delete this entry.
log.debug("[deletePolicy] removing key: %s" % entry)
ret = removeFromConfig(entry)
res[entry] = ret
return res
def deleteResolver(resolvername):
'''
delete a resolver and all related config entries
:paramm resolvername: the name of the to be deleted resolver
:type resolvername: string
:return: sucess or fail
:rtype: boelean
'''
res = False
resolvertypes = get_resolver_types()
conf = context.get('Config')
# conf = getLinotpConfig()
delEntries = []
for entry in conf:
rest = entry.split(".", 3)
lSplit = len(rest)
if lSplit > 3:
rConf = rest[lSplit - 1]
if rConf == resolvername:
if rest[0] == "linotp" or rest[0] == "enclinotp" :
typ = rest[1]
if typ in resolvertypes:
delEntries.append(entry)
if len(delEntries) > 0:
try:
for entry in delEntries:
res = removeFromConfig(entry)
log.debug("[deleteResolver] removing key: %s" % entry)
res = True
except Exception as e:
log.exception("deleteResolver: %r" % e)
res = False
return res
def deleteResolver(resolvername):
'''
delete a resolver and all related config entries
:paramm resolvername: the name of the to be deleted resolver
:type resolvername: string
:return: sucess or fail
:rtype: boelean
'''
res = False
resolvertypes = get_resolver_types()
conf = context.get('Config')
# conf = getLinotpConfig()
delEntries = []
for entry in conf:
rest = entry.split(".", 3)
lSplit = len(rest)
if lSplit > 3:
rConf = rest[lSplit - 1]
if rConf == resolvername:
if rest[0] == "linotp" or rest[0] == "enclinotp":
typ = rest[1]
if typ in resolvertypes:
delEntries.append(entry)
if len(delEntries) > 0:
try:
for entry in delEntries:
res = removeFromConfig(entry)
log.debug("[deleteResolver] removing key: %s" % entry)
res = True
except Exception as e:
log.exception("deleteResolver: %r" % e)
res = False
return res
def removeSupportLicenseInfo():
removeFromConfig('license')
def removeSupportLicenseInfo():
removeFromConfig('license')
def delProvider(provider_type, provider_name):
"""
delete a provider
:param provider_type: the type of Provider: push, sms or email
:param provider_name: the name of the provider
:return: the number of deleted entries
"""
detail = {}
prefix = Provider_types.get(provider_type, {}).get('prefix')
if not prefix:
raise Exception('unknown provider type %r' % provider_type)
# find out, which providers we have
config = getLinotpConfig()
# if the provider is the default one, we don't delete this one
default_provider_key = Default_Provider_Key[provider_type]
if default_provider_key in config:
default_provider = config[default_provider_key]
if provider_name == default_provider:
detail = {'message': _('Default provider could not be deleted!')}
ret = 0
return ret, detail
# check that there are no references left
provider_policies = _lookup_provider_policies(provider_type)
if provider_name in provider_policies:
detail = {
'message':
(_('Unable to delete - provider used in '
'policies!\n[%s]') % ','.join(provider_policies[provider_name]))
}
ret = 0
return ret, detail
del_entries = set()
provider = prefix + provider_name
# treat backward default legacy case
if provider_name == Legacy_Provider_Name:
entries = Legacy_Provider.get(provider_type, {})
for entry in entries.keys():
if entry in config:
del_entries.add(entry)
if not del_entries:
# first delete the provider root entry
if provider in config:
del_entries.add(provider)
# now lookup the all decent entries
provider_prefix = provider + '.'
for key in config.keys():
if key[:len(provider_prefix)] == provider_prefix:
del_entries.add(key)
# when all entries are gathered, we can now delete them all
for del_entry in del_entries:
removeFromConfig(del_entry)
ret = len(del_entries)
return ret, detail
def deleteResolver(resolvername):
"""
delete a resolver and all related config entries
:paramm resolvername: the name of the to be deleted resolver
:type resolvername: string
:return: sucess or fail
:rtype: boolean
"""
if resolvername == current_app.config["ADMIN_RESOLVER_NAME"]:
raise DeleteForbiddenError(
f"default admin resolver {resolvername} is not allowed to be removed!"
)
res = False
resolvertypes = get_resolver_types()
conf = context.get("Config")
delEntries = []
resolver_specs = set()
for entry in conf:
rest = entry.split(".", 3)
lSplit = len(rest)
if lSplit > 3:
rConf = rest[lSplit - 1]
if rConf == resolvername:
if rest[0] == "linotp" or rest[0] == "enclinotp":
typ = rest[1]
if typ in resolvertypes:
delEntries.append(entry)
resolver_conf = get_resolver_class_config(typ)
resolver_class = resolver_conf.get(typ, {}).get(
"clazz"
)
fqn = ".".join([resolver_class, resolvername])
resolver_specs.add(fqn)
if len(delEntries) > 0:
try:
for entry in delEntries:
res = removeFromConfig(entry)
res = True
except Exception as exx:
log.error(
"Deleting resolver %s failed. Exception was %r",
resolvername,
exx,
)
res = False
if res:
# on success we can flush the caches
for resolver_spec in resolver_specs:
_flush_user_resolver_cache(resolver_spec)
_delete_from_resolver_config_cache(resolver_spec)
return res
