def post(self, username):
active_user = self.get_current_user()
active_customer = (get_user_property(username,
UserKeys.CurrentCustomer))
uri = self.request.uri
method = self.request.method
results = None
try:
customer_context = (self.arguments.get(
ApiArguments.CUSTOMER_CONTEXT, active_customer))
action = self.arguments.get(ApiArguments.ACTION, ApiValues.ADD)
###Update Groups###
group_ids = self.arguments.get(ApiArguments.GROUP_IDS, None)
if group_ids and isinstance(group_ids, list):
if action == ApiValues.ADD:
results = (add_user_to_groups(username, customer_context,
group_ids, username, uri,
method))
if action == ApiValues.DELETE:
results = (remove_groups_from_user(username, group_ids,
username, uri, method))
###Update Customers###
customer_names = self.arguments.get('customer_names')
if customer_names and isinstance(customer_names, list):
if action == 'add':
results = (add_user_to_customers(username, customer_names,
username, uri, method))
elif action == 'delete':
results = (remove_customers_from_user(
username, customer_names, username, uri, method))
if results:
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
else:
results = (GenericResults(active_user, uri,
method).incorrect_arguments())
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
except Exception as e:
results = (GenericResults(active_user, uri,
method).something_broke(
active_user, 'User', e))
logger.exception(e)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
def post(self, username):
active_user = self.get_current_user()
active_customer = (
get_user_property(username, UserKeys.CurrentCustomer)
)
uri = self.request.uri
method = self.request.method
results = None
try:
customer_context = (
self.arguments.get(ApiArguments.CUSTOMER_CONTEXT, active_customer)
)
action = self.arguments.get(ApiArguments.ACTION, ApiValues.ADD)
###Update Groups###
group_ids = self.arguments.get(ApiArguments.GROUP_IDS, None)
if group_ids and isinstance(group_ids, list):
if action == ApiValues.ADD:
results = (
add_user_to_groups(
username, customer_context, group_ids,
username, uri, method
)
)
if action == ApiValues.DELETE:
results = (
remove_groups_from_user(
username, group_ids,
username, uri, method
)
)
###Update Customers###
customer_names = self.arguments.get('customer_names')
if customer_names and isinstance(customer_names, list):
if action == 'add':
results = (
add_user_to_customers(
username, customer_names,
username, uri, method
)
)
elif action == 'delete':
results = (
remove_customers_from_user(
username, customer_names,
username, uri, method
)
)
if results:
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
else:
results = (
GenericResults(
active_user, uri, method
).incorrect_arguments()
)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
except Exception as e:
results = (
GenericResults(
active_user, uri, method
).something_broke(active_user, 'User', e)
)
logger.exception(e)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
def remove_user(username, user_name=None, uri=None, method=None):
"""Remove a user from vFense
Args:
username (str): The name of the user you are deleteing.
Kwargs:
user_name (str): The name of the user who called this function.
uri (str): The uri that was used to call this function.
method (str): The HTTP methos that was used to call this function.
Return:
Dictionary of the status of the operation.
"""
user_exist = get_user(username)
status = remove_user.func_name + ' - '
usernames_not_to_delete = []
usernames_to_delete = []
try:
if user_exist and username != DefaultUsers.ADMIN:
remove_groups_from_user(username)
remove_customers_from_user(username)
usernames_to_delete.append(username)
object_status, _, _, _ = (
delete_user(username)
)
if object_status == DbCodes.Deleted:
generic_status_code = GenericCodes.ObjectDeleted
vfense_status_code = UserCodes.UserDeleted
msg = 'User removed %s' % (username)
elif username == DefaultUsers.ADMIN:
msg = 'Can not delete the %s user' % (username)
usernames_not_to_delete.append(username)
object_status = DbCodes.Skipped
generic_status_code = GenericCodes.CouldNotBeDeleted
vfense_status_code = UserFailureCodes.AdminUserCanNotBeDeleted
else:
msg = 'User does not exist %s' % (username)
usernames_not_to_delete.append(username)
object_status = DbCodes.Skipped
generic_status_code = GenericCodes.InvalidId
vfense_status_code = UserFailureCodes.UserNameDoesNotExist
results = {
ApiResultKeys.DB_STATUS_CODE: object_status,
ApiResultKeys.GENERIC_STATUS_CODE: generic_status_code,
ApiResultKeys.VFENSE_STATUS_CODE: vfense_status_code,
ApiResultKeys.MESSAGE: status + msg,
ApiResultKeys.UNCHANGED_IDS: usernames_not_to_delete,
ApiResultKeys.DELETED_IDS: usernames_to_delete,
ApiResultKeys.DATA: [],
ApiResultKeys.USERNAME: user_name,
ApiResultKeys.URI: uri,
ApiResultKeys.HTTP_METHOD: method
}
except Exception as e:
logger.exception(e)
msg = 'Failed to remove user %s: %s' % (username, str(e))
status_code = DbCodes.Errors
generic_status_code = GenericFailureCodes.FailedToDeleteObject
vfense_status_code = UserFailureCodes.FailedToRemoveUser
results = {
ApiResultKeys.DB_STATUS_CODE: status_code,
ApiResultKeys.GENERIC_STATUS_CODE: generic_status_code,
ApiResultKeys.VFENSE_STATUS_CODE: vfense_status_code,
ApiResultKeys.MESSAGE: status + msg,
ApiResultKeys.UNCHANGED_IDS: usernames_not_to_delete,
ApiResultKeys.DELETED_IDS: usernames_to_delete,
ApiResultKeys.DATA: [],
ApiResultKeys.USERNAME: user_name,
ApiResultKeys.URI: uri,
ApiResultKeys.HTTP_METHOD: method
}
return(results)
def remove_users(usernames, user_name=None, uri=None, method=None):
"""Remove a user from vFense
Args:
usernames (list): List of usernames that will be deleted.
Kwargs:
user_name (str): The name of the user who called this function.
uri (str): The uri that was used to call this function.
method (str): The HTTP methos that was used to call this function.
Return:
Dictionary of the status of the operation.
"""
status = change_password.func_name + ' - '
usernames_not_to_delete = []
usernames_to_delete = []
generic_status_code = 0
vfense_status_code = 0
msg = ''
try:
if not isinstance(usernames, list):
usernames = usernames.split(',')
for username in usernames:
user_exist = get_user(username)
status = remove_users.func_name + ' - '
if user_exist and username != DefaultUsers.ADMIN:
remove_groups_from_user(username)
remove_customers_from_user(username)
usernames_to_delete.append(username)
elif username == DefaultUsers.ADMIN:
msg = 'Can not delete the %s user' % (username)
usernames_not_to_delete.append(username)
generic_status_code = GenericCodes.CouldNotBeDeleted
vfense_status_code = UserFailureCodes.AdminUserCanNotBeDeleted
object_status = DbCodes.Skipped
else:
msg = 'User does not exist %s' % (username)
usernames_not_to_delete.append(username)
generic_status_code = GenericCodes.InvalidId
vfense_status_code = UserFailureCodes.UserNameDoesNotExist
object_status = DbCodes.Skipped
if len(usernames_to_delete) > 0:
object_status, _, _, _ = (
delete_users(usernames_to_delete)
)
if object_status == DbCodes.Deleted:
generic_status_code = GenericCodes.ObjectDeleted
vfense_status_code = UserCodes.UserDeleted
msg = 'Users removed %s' % (' and '.join(usernames_to_delete))
if object_status == DbCodes.DoesNotExist:
generic_status_code = GenericCodes.DoesNotExist
vfense_status_code = UserFailureCodes.UserNameDoesNotExist
msg = 'Users %s do not exist' % (' and '.join(usernames_to_delete))
else:
object_status = DbCodes.Unchanged
generic_status_code = GenericFailureCodes.FailedToDeleteObject
vfense_status_code = UserFailureCodes.FailedToRemoveUser
msg = 'Users can not be removed %s' % (
' and '.join(usernames_not_to_delete))
results = {
ApiResultKeys.DB_STATUS_CODE: object_status,
ApiResultKeys.GENERIC_STATUS_CODE: generic_status_code,
ApiResultKeys.VFENSE_STATUS_CODE: vfense_status_code,
ApiResultKeys.MESSAGE: status + msg,
ApiResultKeys.UNCHANGED_IDS: usernames_not_to_delete,
ApiResultKeys.DELETED_IDS: usernames_to_delete,
ApiResultKeys.DATA: [],
ApiResultKeys.USERNAME: user_name,
ApiResultKeys.URI: uri,
ApiResultKeys.HTTP_METHOD: method
}
except Exception as e:
logger.exception(e)
msg = 'Failed to remove user %s: %s' % (username, str(e))
generic_status_code = GenericFailureCodes.FailedToDeleteObject
vfense_status_code = UserFailureCodes.FailedToRemoveUser
results = {
ApiResultKeys.DB_STATUS_CODE: DbCodes.Errors,
ApiResultKeys.GENERIC_STATUS_CODE: generic_status_code,
ApiResultKeys.VFENSE_STATUS_CODE: vfense_status_code,
ApiResultKeys.MESSAGE: status + msg,
ApiResultKeys.UNCHANGED_IDS: usernames_not_to_delete,
ApiResultKeys.DELETED_IDS: usernames_to_delete,
ApiResultKeys.DATA: [],
ApiResultKeys.USERNAME: user_name,
ApiResultKeys.URI: uri,
ApiResultKeys.HTTP_METHOD: method
}
return(results)
