def admin_post():
if settings.app.demo_mode:
return utils.demo_blocked()
if not flask.g.administrator.super_user:
return utils.jsonify({"error": REQUIRES_SUPER_USER, "error_msg": REQUIRES_SUPER_USER_MSG}, 400)
username = utils.filter_str(flask.request.json["username"])
password = flask.request.json["password"]
otp_auth = flask.request.json.get("otp_auth", False)
auth_api = flask.request.json.get("auth_api", False)
disabled = flask.request.json.get("disabled", False)
super_user = flask.request.json.get("super_user", False)
try:
admin = auth.new_admin(
username=username,
password=password,
default=True,
otp_auth=otp_auth,
auth_api=auth_api,
disabled=disabled,
super_user=super_user,
)
except pymongo.errors.DuplicateKeyError:
return utils.jsonify({"error": ADMIN_USERNAME_EXISTS, "error_msg": ADMIN_USERNAME_EXISTS_MSG}, 400)
admin.audit_event("admin_created", "Administrator created", remote_addr=utils.get_remote_addr())
event.Event(type=ADMINS_UPDATED)
return utils.jsonify(admin.dict())
def admin_post():
if settings.app.demo_mode:
return utils.demo_blocked()
if not flask.g.administrator.super_user:
return utils.jsonify(
{
'error': REQUIRES_SUPER_USER,
'error_msg': REQUIRES_SUPER_USER_MSG,
}, 400)
username = utils.filter_str(flask.request.json['username']).lower()
password = flask.request.json['password']
yubikey_id = flask.request.json.get('yubikey_id') or None
yubikey_id = yubikey_id[:12] if yubikey_id else None
otp_auth = flask.request.json.get('otp_auth', False)
auth_api = flask.request.json.get('auth_api', False)
disabled = flask.request.json.get('disabled', False)
super_user = flask.request.json.get('super_user', False)
remote_addr = utils.get_remote_addr()
try:
admin = auth.new_admin(
username=username,
password=password,
yubikey_id=yubikey_id,
default=True,
otp_auth=otp_auth,
auth_api=auth_api,
disabled=disabled,
super_user=super_user,
)
except pymongo.errors.DuplicateKeyError:
return utils.jsonify(
{
'error': ADMIN_USERNAME_EXISTS,
'error_msg': ADMIN_USERNAME_EXISTS_MSG,
}, 400)
admin.audit_event(
'admin_created',
'Administrator created',
remote_addr=remote_addr,
)
journal.entry(
journal.ADMIN_CREATE,
admin.journal_data,
event_long='Administrator created',
remote_addr=remote_addr,
)
event.Event(type=ADMINS_UPDATED)
return utils.jsonify(admin.dict())
def admin_post():
if settings.app.demo_mode:
return utils.demo_blocked()
if not flask.g.administrator.super_user:
return utils.jsonify({
'error': REQUIRES_SUPER_USER,
'error_msg': REQUIRES_SUPER_USER_MSG,
}, 400)
username = utils.filter_str(flask.request.json['username']).lower()
password = flask.request.json['password']
yubikey_id = flask.request.json.get('yubikey_id') or None
yubikey_id = yubikey_id[:12] if yubikey_id else None
otp_auth = flask.request.json.get('otp_auth', False)
auth_api = flask.request.json.get('auth_api', False)
disabled = flask.request.json.get('disabled', False)
super_user = flask.request.json.get('super_user', False)
remote_addr = utils.get_remote_addr()
try:
admin = auth.new_admin(
username=username,
password=password,
yubikey_id=yubikey_id,
default=True,
otp_auth=otp_auth,
auth_api=auth_api,
disabled=disabled,
super_user=super_user,
)
except pymongo.errors.DuplicateKeyError:
return utils.jsonify({
'error': ADMIN_USERNAME_EXISTS,
'error_msg': ADMIN_USERNAME_EXISTS_MSG,
}, 400)
admin.audit_event('admin_created',
'Administrator created',
remote_addr=remote_addr,
)
journal.entry(
journal.ADMIN_CREATE,
admin.journal_data,
event_long='Administrator created',
remote_addr=remote_addr,
)
event.Event(type=ADMINS_UPDATED)
return utils.jsonify(admin.dict())