Ejemplo n.º 1
0
    def _users_handle_action(self, action, username, email, password,
                             user_root, is_admin):

        success = ""

        # We need to change values. Change them, then give back that main
        # page again, with a message
        if username == self.app.currentuser.username:
            # Don't allow the user to changes it's "admin" state.
            is_admin = self.app.currentuser.is_admin

        is_admin = str(is_admin).lower() in ['on', 'true', '1']

        # Fork the behaviour according to the action.
        if action == "edit":
            user = self.app.store.get_user(username)
            logger.info("updating user [%s] info", user)
            if password:
                user.set_password(password, old_password=None)
            user.user_root = user_root
            user.is_admin = is_admin
            # Avoid updating the email fields is it didn'T changed. see pdsl/minarca#187
            if email != user.email:
                user.email = email
            success = _("User information modified successfully.")

            # Check and update user directory
            if user.user_root:
                self._check_user_root_dir(user.user_root)
                rdw_spider_repos.find_repos_for_user(user)

        elif action == "add":

            if username == "":
                raise RdiffWarning(_("The username is invalid."))
            logger.info("adding user [%s]", username)

            user = self.app.store.add_user(username, password)
            if user_root:
                user.user_root = user_root
            user.is_admin = is_admin
            user.email = email

            # Check and update user directory
            if user.user_root:
                self._check_user_root_dir(user.user_root)
                rdw_spider_repos.find_repos_for_user(user)
            success = _("User added successfully.")

        if action == "delete":
            if username == self.app.currentuser.username:
                raise RdiffWarning(_("You cannot remove your own account!"))
            user = self.app.store.get_user(username)
            if not user:
                raise RdiffWarning(_("User doesn't exists!"))
            user.delete()
            success = _("User account removed.")

        # Return messages
        return {'success': success}
Ejemplo n.º 2
0
    def _handle_set_password(self, **kwargs):
        """
        Called when changing user password.
        """
        if 'current' not in kwargs or not kwargs['current']:
            raise RdiffWarning(_("Current password is missing."))
        if 'new' not in kwargs or not kwargs['new']:
            raise RdiffWarning(_("New password is missing."))
        if 'confirm' not in kwargs or not kwargs['confirm']:
            raise RdiffWarning(_("Confirmation password is missing."))

        # Check if confirmation is valid.
        if kwargs['new'] != kwargs['confirm']:
            return {
                'error':
                _("The new password and its confirmation do not match.")
            }

        # Update user password
        user = self.app.currentuser.username
        _logger.info("updating user [%s] password", user)
        self.app.userdb.set_password(user,
                                     kwargs['new'],
                                     old_password=kwargs['current'])
        return {'success': _("Password updated successfully.")}
Ejemplo n.º 3
0
    def _handle_set_profile_info(self, **kwargs):
        """
        Called when changing user profile.
        """
        # Check data.
        if 'email' not in kwargs:
            raise RdiffWarning(_("Email is undefined."))

        # Check if email update is supported
        if not self.app.userdb.supports('set_email'):
            return {'error': _("Email update is not supported.")}

        # Parse the email value to extract a valid email. The following method
        # return an empty string if the email is not valid. This RFC also accept
        # local email address without '@'. So we add verification for '@'
        if not PATTERN_EMAIL.match(kwargs['email'].lower()):
            raise RdiffWarning(_("Invalid email."))

        # Update the user's email
        assert self.app.currentuser
        username = self.app.currentuser.username
        email = kwargs['email']
        _logger.info("updating user [%s] email [%s]", username, email)
        self.app.currentuser.email = kwargs['email']

        return {'success': _("Profile updated successfully.")}
Ejemplo n.º 4
0
    def _handle_set_password(self, **kwargs):
        """
        Called when changing user password.
        """
        if 'current' not in kwargs or not kwargs['current']:
            raise RdiffWarning(_("Current password is missing."))
        if 'new' not in kwargs or not kwargs['new']:
            raise RdiffWarning(_("New password is missing."))
        if 'confirm' not in kwargs or not kwargs['confirm']:
            raise RdiffWarning(_("Confirmation password is missing."))

        # Check if confirmation is valid.
        if kwargs['new'] != kwargs['confirm']:
            return {
                'error':
                _("The new password and its confirmation do not match.")
            }

        # Update user password
        try:
            self.app.currentuser.set_password(kwargs['new'],
                                              old_password=kwargs['current'])
            return {'success': _("Password updated successfully.")}
        except ValueError as e:
            return {'warning': str(e)}
Ejemplo n.º 5
0
    def _handle_add(self, filename, **kwargs):
        """
        Called to add a new key to an authorized_keys file.
        """
        assert 'key' in kwargs, "key is missing"

        # Validate the content of the key.
        try:
            key = authorizedkeys.check_publickey(kwargs['key'])
        except:
            raise RdiffWarning(_("Invalid SSH key."))

        # Check if already exists
        if authorizedkeys.exists(filename, key):
            raise RdiffWarning(_("SSH key already exists."))

        # Check size.
        if key.size and key.size < 2048:
            raise RdiffWarning(_("SSH key is too short. RSA key of at least 2048 bits is required."))

        # Add comment to the key.
        comment = key.comment
        if 'title' in kwargs:
            comment = kwargs['title'].strip()

        key = authorizedkeys.KeySplit(
            lineno=key.lineno,
            options=key.options,
            keytype=key.keytype,
            key=key.key,
            comment=comment)

        # Add key to file
        _logger.info("add key [%s] to [%s]", key, filename)
        authorizedkeys.add(filename, key)
Ejemplo n.º 6
0
 def check_username_and_password(self, username, password):
     """Validate user credentials."""
     logger.info("check credentials for [%s]", username)
     try:
         userobj = cherrypy.request.app.userdb.login(
             username, password)  # @UndefinedVariable
     except:
         logger.exception("fail to validate user credential")
         raise RdiffWarning(_("Fail to validate user credential."))
     if not userobj:
         logger.warning("invalid username [%s] or password", username)
         raise RdiffWarning(_("Invalid username or password."))
     return userobj
Ejemplo n.º 7
0
    def _handle_add(self, **kwargs):
        """
        Called to add a new key to an authorized_keys file.
        """
        assert 'key' in kwargs, "key is missing"

        # Add the key to the current user.
        try:
            self.app.currentuser.add_authorizedkey(key=kwargs['key'], comment=kwargs.get('title', None))
        except ValueError as e:
            _logger.warn("error adding ssh key", exc_info=1)
            raise RdiffWarning(str(e))
        except:
            _logger.error("error adding ssh key", exc_info=1)
            raise RdiffWarning(_("Unknown error while adding the SSH Key"))
Ejemplo n.º 8
0
 def _handle_delete(self, **kwargs):
     """
     Called for delete a key from an authorized_keys file.
     """
     assert kwargs.get('key') , "key is missing"
     try:
         self.app.currentuser.remove_authorizedkey(kwargs['key'])
     except:
         _logger.warn("error removing ssh key", exc_info=1)
         raise RdiffWarning(_("Unknown error while removing the SSH Key"))
Ejemplo n.º 9
0
 def _check_user_root_dir(self, directory):
     """Raised an exception if the directory is not valid."""
     if not os.access(directory, os.F_OK) or not os.path.isdir(directory):
         raise RdiffWarning(
             _("User root directory %s is not accessible!") % directory)
Ejemplo n.º 10
0
    def _users_handle_action(self, action, username, email, password,
                             user_root, role):

        success = ""

        # We need to change values. Change them, then give back that main
        # page again, with a message
        if username == self.app.currentuser.username:
            # Don't allow the user to changes it's "role" state.
            role = self.app.currentuser.role

        # Fork the behaviour according to the action.
        if action == "edit":
            # Validation
            validate_int(role, 'role should be an integer')
            validate(int(role) in ROLES, 'invalid role')

            user = self.app.store.get_user(username)
            logger.info("updating user [%s] info", user)
            if password:
                user.set_password(password, old_password=None)
            user.user_root = user_root
            user.role = role
            # Avoid updating the email fields is it didn'T changed. see pdsl/minarca#187
            if email != user.email:
                user.email = email
            success = _("User information modified successfully.")

            # Check and update user directory
            if user.user_root:
                self._check_user_root_dir(user.user_root)
                user.update_repos()

        elif action == "add":
            # Validation
            validate_int(role, 'role should be an integer')
            validate(int(role) in ROLES, 'invalid role')

            if username == "":
                raise RdiffWarning(_("The username is invalid."))
            logger.info("adding user [%s]", username)

            user = self.app.store.add_user(username, password)
            if user_root:
                user.user_root = user_root
            user.role = role
            user.email = email

            # Check and update user directory
            if user.user_root:
                self._check_user_root_dir(user.user_root)
                user.update_repos()
            success = _("User added successfully.")

        if action == "delete":
            if username == self.app.currentuser.username:
                raise RdiffWarning(_("You cannot remove your own account!"))
            user = self.app.store.get_user(username)
            if not user:
                raise RdiffWarning(_("User doesn't exists!"))
            try:
                user.delete()
            except ValueError as e:
                raise RdiffWarning(e)
            success = _("User account removed.")

        # Return messages
        return {'success': success}