def pwrecover(self, authtoken=None, skey=None, *args, **kwargs): if authtoken: data = securitykey.validate(authtoken, useSessionKey=False) if data and isinstance( data, dict) and "userKey" in data and "password" in data: skel = self.userModule.editSkel() assert skel.fromDB(data["userKey"]) skel["password"] = data["password"] skel.toDB() return self.userModule.render.view( skel, self.passwordRecoverySuccessTemplate) else: return self.userModule.render.view( None, self.passwordRecoveryInvalidTokenTemplate) else: skel = self.lostPasswordSkel() if len(kwargs) == 0 or not skel.fromClient( kwargs) or not securitykey.validate(skey, useSessionKey=True): return self.userModule.render.passwdRecover( skel, tpl=self.passwordRecoveryTemplate) user = self.userModule.viewSkel().all().filter( "name.idx =", skel["name"].lower()).get() if not user or user[ "status"] < 10: # Unknown user or locked account skel.errors["name"] = str("Unknown user") return self.userModule.render.passwdRecover( skel, tpl=self.passwordRecoveryTemplate) try: if user["changedate"] > (datetime.datetime.now() - datetime.timedelta(days=1)): # This user probably has already requested a password reset # within the last 24 hrss return self.userModule.render.view( skel, self.passwordRecoveryAlreadySendTemplate) except AttributeError: # Some newly generated user-objects dont have such a changedate yet pass user["changedate"] = datetime.datetime.now() db.Put(user) userSkel = self.userModule.viewSkel().ensureIsCloned() assert userSkel.fromDB(user.key()) userSkel.skey = baseBone(descr="Skey") userSkel["skey"] = securitykey.create(60 * 60 * 24, userKey=str(user.key()), password=skel["password"]) utils.sendEMail([userSkel["name"]], self.userModule.passwordRecoveryMail, userSkel) return self.userModule.render.view( {}, self.passwordRecoveryInstuctionsSendTemplate)
def logout(self, skey="", *args, **kwargs): """ Implements the logout action. It also terminates the current session (all keys not listed in viur.session.persistentFieldsOnLogout will be lost). """ user = session.current.get("user") if not user: raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() self.onLogout(user) oldSession = {k: v for k, v in session.current.items() } # Store all items in the current session session.current.reset() # Copy the persistent fields over for k in conf["viur.session.persistentFieldsOnLogout"]: if k in oldSession: session.current[k] = oldSession[k] del oldSession return self.render.logoutSuccess()
def delete(self, key, skey, *args, **kwargs): """ Delete an entry. The function runs several access control checks on the data before it is deleted. .. seealso:: :func:`canDelete`, :func:`editSkel`, :func:`onDeleted` :returns: The rendered, deleted object of the entry. :raises: :exc:`viur.core.errors.NotFound`, when no entry with the given *key* was found. :raises: :exc:`viur.core.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`viur.core.errors.PreconditionFailed`, if the *skey* could not be verified. """ skel = self.editSkel() if not skel.fromDB(key): raise errors.NotFound() if not self.canDelete(skel): raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() self.onDelete(skel) skel.delete() self.onDeleted(skel) return self.render.deleteSuccess(skel)
def setIndex(self, item, index, skey, *args, **kwargs): """ Changes the order of the elements in the current level by changing the index of *item*. .. seealso:: :func:`canSetIndex` :param item: URL-safe key of the item which index should be changed. :type item: str :param index: New index for this item. This value must be cast-able to float. :type index: str :returns: A rendered success result generated by the default renderer. :raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() if not self.canSetIndex(item, index): raise errors.Unauthorized() fromItem = db.Get(item) fromItem["sortindex"] = float(index) db.Put(fromItem) skel = self.editSkel() assert skel.fromDB(item) self.onItemSetIndex(skel) self.onItemChanged(skel) return self.render.setIndexSuccess(obj=fromItem)
def index(self, *args, **kwargs): if not self.canUse(): raise errors.Forbidden() # Unauthorized skel = self.mailSkel() if len(kwargs) == 0: return self.render.add(skel=skel, failed=False) if not skel.fromClient(kwargs) or not "skey" in kwargs: return self.render.add(skel=skel, failed=True) if not securitykey.validate(kwargs["skey"], useSessionKey=True): raise errors.PreconditionFailed() # Allow bones to perform outstanding "magic" operations before sending the mail for key, _bone in skel.items(): if isinstance(_bone, baseBone): _bone.performMagic(skel.valuesCache, key, isAdd=True) # Get recipients rcpts = self.getRcpts(skel) # Get additional options for sendEMail opts = self.getOptions(skel) if not isinstance(opts, dict): opts = {} # Send the email! utils.sendEMail(rcpts, self.mailTemplate, skel, **opts) self.onAdded(skel) return self.render.addSuccess(skel)
def add(self, skelType, node, *args, **kwargs): """ Add a new entry with the given parent *node*, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added. .. seealso:: :func:`onItemAdded`, :func:`canAdd` :param skelType: Defines the type of the new entry and may either be "node" or "leaf". :type skelType: str :param node: URL-safe key of the parent. :type node: str :returns: The rendered, added object of the entry, eventually with error hints. :raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided. :raises: :exc:`server.errors.NotFound`, when no valid *node* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if skelType == "node": skel = self.viewSkel(TreeType.Node) elif skelType == "leaf" and self.hasDistinctLeafs: skel = self.viewSkel(TreeType.Leaf) else: raise errors.NotAcceptable() # FIXME: IsValidParent? #parentNodeSkel = self.editNodeSkel() #if not parentNodeSkel.fromDB(node): # raise errors.NotFound() if not self.canAdd(skelType, node): raise errors.Unauthorized() if (len(kwargs) == 0 # no data supplied or skey == "" # no security key # or not request.current.get().isPostRequest fixme: POST-method check missing? # failure if not using POST-method or not skel.fromClient(kwargs) # failure on reading into the bones or ("bounce" in kwargs and kwargs["bounce"] == "1") # review before adding ): return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel["parentdir"] = str(node) skel["parentrepo"] = parentNodeSkel["parentrepo"] or str(node) skel.toDB() self.onItemAdded(skel) return self.render.addItemSuccess(skel)
def login(self, name=None, password=None, skey="", *args, **kwargs): if self.userModule.getCurrentUser(): # Were already logged in return self.userModule.render.loginSucceeded() if not name or not password or not securitykey.validate( skey, useSessionKey=True): return self.userModule.render.login(self.loginSkel()) query = db.Query(self.userModule.viewSkel().kindName) res = query.filter("name_idx >=", name.lower()).get() if res is None: res = { "password": { "pwhash": "-invalid-", "salt": "-invalid" }, "status": 0, "name": "", "name.idx": "" } passwd = pbkdf2(password[:conf["viur.maxPasswordLength"]], (res.get("password", None) or {}).get("salt", "")) isOkay = True # We do this exactly that way to avoid timing attacks # Check if the username matches storedUserName = res.get("name_idx", "") if len(storedUserName) != len(name.lower()): isOkay = False else: for x, y in zip(storedUserName, name.lower()): if x != y: isOkay = False # Check if the password matches storedPasswordHash = (res.get("password", None) or {}).get("pwhash", "-invalid-") if len(storedPasswordHash) != len(passwd): isOkay = False else: for x, y in zip(storedPasswordHash, passwd): if x != y: isOkay = False # Verify that this account isn't blocked if res["status"] < 10: isOkay = False if not isOkay: skel = self.loginSkel() skel.fromClient({"name": name, "nomissing": "1"}) return self.userModule.render.login(skel, loginFailed=True) else: return self.userModule.continueAuthenticationFlow(self, res.key)
def edit(self, *args, **kwargs): """ Modify an existing entry, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The entry is fetched by its entity key, which either is provided via *kwargs["key"]*, or as the first parameter in *args*. The function performs several access control checks on the requested entity before it is modified. .. seealso:: :func:`editSkel`, :func:`onItemEdited`, :func:`canEdit` :returns: The rendered, edited object of the entry, eventually with error hints. :raises: :exc:`server.errors.NotAcceptable`, when no *key* is provided. :raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if len(args) == 1: key = args[0] elif "key" in kwargs: key = kwargs["key"] else: raise errors.NotAcceptable() skel = self.editSkel() if not skel.fromDB(key): raise errors.NotAcceptable() if not self.canEdit(skel): raise errors.Unauthorized() if (len(kwargs) == 0 # no data supplied or skey == "" # no security key or not request.current.get(). isPostRequest # failure if not using POST-method or not skel.fromClient( kwargs) # failure on reading into the bones or ("bounce" in kwargs and kwargs["bounce"] == "1" ) # review before changing ): return self.render.edit(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel.toDB() # write it! self.onItemEdited(skel) self.onItemChanged(skel) return self.render.editItemSuccess(skel)
def reparent(self, item, dest, skey, *args, **kwargs): """ Moves an entry *item* (and everything beneath it) to another parent-node *dest*. .. seealso:: :func:`canReparent` :param item: URL-safe key of the item which will be moved. :type item: str :param dest: URL-safe key of the new parent for this item. :type dest: str :returns: A rendered success result generated by the default renderer. :raises: :exc:`server.errors.NotFound`, when no entry with the given *id* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() if not self.canReparent(item, dest): raise errors.Unauthorized() if not self.isValidParent(dest) or item == dest: raise errors.NotAcceptable() ## Test for recursion isValid = False currLevel = db.Get(dest) for x in range(0, 99): if str(currLevel.key()) == item: break if currLevel.key().kind( ) == self.viewSkel().kindName + "_rootNode": # We reached a rootNode isValid = True break currLevel = db.Get(currLevel["parententry"]) if not isValid: raise errors.NotAcceptable() ## Update entry fromItem = db.Get(item) fromItem["parententry"] = dest fromItem["parentrepo"] = str(self.getRootNode(dest).key()) db.Put(fromItem) skel = self.editSkel() assert skel.fromDB(item) self.onItemReparent(skel) self.onItemChanged(skel) return self.render.reparentSuccess(obj=fromItem)
def verify(self, skey, *args, **kwargs): data = securitykey.validate(skey, useSessionKey=False) skel = self.userModule.baseSkel() if not data or not isinstance(data, dict) or not "userKey" in data or not skel.fromDB(data["userKey"]): return self.userModule.render.view(None, self.verifyFailedTemplate) if self.registrationAdminVerificationRequired: skel["status"] = 2 else: skel["status"] = 10 skel.toDB() return self.userModule.render.view(skel, self.verifySuccessTemplate)
def add(self, skelType, node, *args, **kwargs): """ Add a new entry with the given parent *node*, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added. .. seealso:: :func:`canAdd`, :func:`onAdd`, , :func:`onAdded` :param skelType: Defines the type of the new entry and may either be "node" or "leaf". :type skelType: str :param node: URL-safe key of the parent. :type node: str :returns: The rendered, added object of the entry, eventually with error hints. :raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided. :raises: :exc:`server.errors.NotFound`, when no valid *node* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not self._checkSkelType(skelType): raise errors.NotAcceptable() skel = self.addSkel(skelType) parentNodeSkel = self.editSkel("node") if not parentNodeSkel.fromDB(node): raise errors.NotFound() if not self.canAdd(skelType, parentNodeSkel): raise errors.Unauthorized() if (len(kwargs) == 0 # no data supplied or skey == "" # no security key or not skel.fromClient( kwargs) # failure on reading into the bones or not currentRequest.get().isPostRequest or ("bounce" in kwargs and kwargs["bounce"] == "1" ) # review before adding ): return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel["parententry"] = parentNodeSkel["key"] # parentrepo may not exist of parentNodeSkel as it may be an rootNode skel["parentrepo"] = parentNodeSkel["parentrepo"] or parentNodeSkel[ "key"] self.onAdd(skel) skel.toDB() self.onAdded(skel) return self.render.addSuccess(skel)
def clone(self, fromRepo, toRepo, fromParent=None, toParent=None, *args, **kwargs): """ Clones a hierarchy recursively. This function only initiates the cloning process, which is performed in the background. It states only a successful result when the clone action has been correctly initiated. :param fromRepo: URL-safe key of the key to the repository (=root-node Key) to clone from. :type fromRepo: str :param toRepo: URL-safe key of the key to the repository (=root-node Key) to clone to. :type toRepo: str :param fromParent: URL-safe key of the parent to clone from; for root nodes, this is equal \ to fromRepo, and can be omitted. :type fromParent: str :param toParent: URL-safe key of the parent to clone to; for root nodes, this is equal to \ toRepo, and can be omitted. :type toParent: str :returns: A rendered success result generated by the default renderer. :raises: :exc:`server.errors.NotAcceptable`, when no valid *parent* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if fromParent is None: fromParent = fromRepo if toParent is None: toParent = toRepo if not (self.isValidParent(fromParent) and self.isValidParent(toParent)): # Ensure the parents exists raise errors.NotAcceptable() if not self.canAdd(toParent): raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() self._clone(fromRepo, toRepo, fromParent, toParent) return self.render.cloneSuccess()
def getUploadURL(self, fileName, mimeType, size=None, skey=None, *args, **kwargs): node = kwargs.get("node") authData = kwargs.get("authData") authSig = kwargs.get("authSig") # Validate the the contentType from the client seems legit mimeType = mimeType.lower() assert len(mimeType.split("/")) == 2, "Invalid Mime-Type" assert all([x in string.ascii_letters + string.digits + "/-.+" for x in mimeType]), "Invalid Mime-Type" if authData and authSig: # First, validate the signature, otherwise we don't need to proceed any further if not utils.hmacVerify(authData.encode("ASCII"), authSig): raise errors.Forbidden() authData = json.loads(base64.b64decode(authData.encode("ASCII")).decode("UTF-8")) if datetime.strptime(authData["validUntil"], "%Y%m%d%H%M") < datetime.now(): raise errors.Gone() if authData["validMimeTypes"]: for validMimeType in authData["validMimeTypes"]: if validMimeType == mimeType or ( validMimeType.endswith("*") and mimeType.startswith(validMimeType[:-1])): break else: raise errors.NotAcceptable() node = authData["node"] maxSize = authData["maxSize"] else: if node: rootNode = self.getRootNode(node) if not self.canAdd("leaf", rootNode): raise errors.Forbidden() else: if not self.canAdd("leaf", None): raise errors.Forbidden() maxSize = None # The user has some file/add permissions, don't restrict fileSize if maxSize: try: size = int(size) assert size <= maxSize except: # We have a size-limit set - but no size supplied raise errors.PreconditionFailed() else: size = None if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() targetKey, uploadUrl = self.initializeUpload(fileName, mimeType.lower(), node, size) resDict = { "uploadUrl": uploadUrl, "uploadKey": targetKey, } return self.render.view(resDict)
def login(self, skey="", token="", *args, **kwargs): # FIXME: Check if already logged in if not conf.get("viur.user.google.clientID"): raise errors.PreconditionFailed("Please configure 'viur.user.google.clientID' in your conf!") if not skey or not token: currentRequest.get().response.headers["Content-Type"] = "text/html" # Fixme: Render with Jinja2? tplStr = open("viur/core/template/vi_user_google_login.html", "r").read() tplStr = tplStr.replace("{{ clientID }}", conf["viur.user.google.clientID"]) return tplStr if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() userInfo = id_token.verify_oauth2_token(token, requests.Request(), conf["viur.user.google.clientID"]) if userInfo['iss'] not in {'accounts.google.com', 'https://accounts.google.com'}: raise ValueError('Wrong issuer.') # Token looks valid :) uid = userInfo['sub'] email = userInfo['email'] addSkel = skeletonByKind(self.userModule.addSkel().kindName) # Ensure that we have the full skeleton userSkel = addSkel().all().filter("uid =", uid).getSkel() if not userSkel: # We'll try again - checking if there's already an user with that email userSkel = addSkel().all().filter("name.idx =", email.lower()).getSkel() if not userSkel: # Still no luck - it's a completely new user if not self.registrationEnabled: if userInfo.get("hd") and userInfo["hd"] in conf["viur.user.google.gsuiteDomains"]: print("User is from domain - adding account") else: logging.warning("Denying registration of %s", email) raise errors.Forbidden("Registration for new users is disabled") userSkel = addSkel() # We'll add a new user userSkel["uid"] = uid userSkel["name"] = email isAdd = True else: isAdd = False now = datetime.datetime.now() if isAdd or (now - userSkel["lastlogin"]) > datetime.timedelta(minutes=30): # Conserve DB-Writes: Update the user max once in 30 Minutes userSkel["lastlogin"] = now #if users.is_current_user_admin(): # if not userSkel["access"]: # userSkel["access"] = [] # if not "root" in userSkel["access"]: # userSkel["access"].append("root") # userSkel["gaeadmin"] = True #else: # userSkel["gaeadmin"] = False assert userSkel.toDB() return self.userModule.continueAuthenticationFlow(self, userSkel["key"])
def edit(self, skelType, key, *args, **kwargs): """ Modify an existing entry, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added. .. seealso:: :func:`onAdded`, :func:`canEdit` :param skelType: Defines the type of the entry that should be modified and may either be "node" or "leaf". :type skelType: str :param key: URL-safe key of the item to be edited. :type key: str :returns: The rendered, modified object of the entry, eventually with error hints. :raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided. :raises: :exc:`server.errors.NotFound`, when no valid *node* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if skelType == "node": skelType = TreeType.Node elif skelType == "leaf" and self.leafSkelCls: skelType = TreeType.Leaf else: raise errors.NotAcceptable() skel = self.addSkel(skelType) if not skel.fromDB(key): raise errors.NotFound() if not self.canEdit(skelType, skel): raise errors.Unauthorized() if (len(kwargs) == 0 # no data supplied or skey == "" # no security key or not skel.fromClient( kwargs) # failure on reading into the bones or not currentRequest.get().isPostRequest or ("bounce" in kwargs and kwargs["bounce"] == "1" ) # review before adding ): return self.render.edit(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel.toDB() self.onEdited(skel) return self.render.editSuccess(skel)
def markCanceled(self, key, skey, *args, **kwargs): """ Exposed function for marking an order as cancelled. :param key: The key of the order to be marked. :type key: str """ if not self.canEdit(key): raise errors.Unauthorized() if not securitykey.validate(skey): raise errors.PreconditionFailed() self.setCanceled(key) return "OKAY"
def edit(self, *args, **kwargs): """ Modify the existing entry, and render the entry, eventually with error notes on incorrect data. The entry is fetched by its entity key, which either is provided via *kwargs["key"]*, or as the first parameter in *args*. The function performs several access control checks on the singleton's entity before it is modified. .. seealso:: :func:`editSkel`, :func:`onItemEdited`, :func:`canEdit` :returns: The rendered, edited object of the entry, eventually with error hints. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" skel = self.editSkel() if not self.canEdit(): raise errors.Unauthorized() key = db.Key.from_path(self.editSkel().kindName, self.getKey()) if not skel.fromDB( str(key)): # Its not there yet; we need to set the key again skel["key"] = str(key) if (len(kwargs) == 0 # no data supplied or skey == "" # no skey provided or not skel.fromClient( kwargs) # failure on reading into the bones or ("bounce" in kwargs and kwargs["bounce"] == "1")): # review before changing return self.render.edit(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel.toDB() self.onItemEdited(skel) return self.render.editItemSuccess(skel)
def add(self, parent, *args, **kwargs): """ Add a new entry with the given parent, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added. .. seealso:: :func:`addSkel`, :func:`onItemAdded`, :func:`canAdd` :param parent: URL-safe key of the parent. :type parent: str :returns: The rendered, added object of the entry, eventually with error hints. :raises: :exc:`server.errors.NotAcceptable`, when no valid *parent* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not self.isValidParent(parent): # Ensure the parent exists raise errors.NotAcceptable() if not self.canAdd(parent): raise errors.Unauthorized() skel = self.addSkel() if (len(kwargs) == 0 or skey == "" or not request.current.get().isPostRequest or not skel.fromClient(kwargs) or ("bounce" in kwargs and kwargs["bounce"] == "1")): return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel["parententry"] = str(parent) skel["parentrepo"] = str(self.getRootNode(parent).key()) key = skel.toDB() self.onItemAdded(skel) self.onItemChanged(skel) return self.render.addItemSuccess(skel)
def delete(self, skelType, key, *args, **kwargs): """ Deletes an entry or an directory (including its contents). The function runs several access control checks on the data before it is deleted. .. seealso:: :func:`canDelete`, :func:`onItemDeleted` :param skelType: Defines the type of the entry that should be deleted and may either be "node" or "leaf". :type skelType: str :param key: URL-safe key of the item to be deleted. :type key: str :returns: The rendered, deleted object of the entry. :raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if skelType == "node": skel = self.viewSkel(TreeType.Node) elif skelType == "leaf" and self.hasDistinctLeafs: skel = self.viewSkel(TreeType.Leaf) else: raise errors.NotAcceptable() if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not skel.fromDB(key): raise errors.NotFound() if not self.canDelete(skelType, skel): raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() if skelType == "node": self.deleteRecursive(key) skel.delete() self.onItemDeleted(skel) return self.render.deleteSuccess(skel, skelType=skelType)
def otp(self, otptoken=None, skey=None, *args, **kwargs): currSess = currentSession.get() token = currSess.get("_otp_user") if not token: raise errors.Forbidden() if otptoken is None: self.userModule.render.edit(self.otpSkel()) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() if token["failures"] > 3: raise errors.Forbidden( "Maximum amount of authentication retries exceeded") if len(token["otpkey"]) % 2 == 1: raise errors.PreconditionFailed( "The otp secret stored for this user is invalid (uneven length)" ) validTokens = self.generateOtps(token["otpkey"], token["otptimedrift"]) try: otptoken = int(otptoken) except: # We got a non-numeric token - this cant be correct self.userModule.render.edit(self.otpSkel(), tpl=self.otpTemplate) if otptoken in validTokens: userKey = currSess["_otp_user"]["uid"] del currSess["_otp_user"] currSess.markChanged() idx = validTokens.index(int(otptoken)) if abs(idx - self.windowSize) > 2: # The time-drift accumulates to more than 2 minutes, update our # clock-drift value accordingly self.updateTimeDrift(userKey, idx - self.windowSize) return self.userModule.secondFactorSucceeded(self, userKey) else: token["failures"] += 1 currSess["_otp_user"] = token currSess.markChanged() return self.userModule.render.edit(self.otpSkel(), loginFailed=True, tpl=self.otpTemplate)
def add(self, *args, **kwargs): """ Allows guests to register a new account if self.registrationEnabled is set to true .. seealso:: :func:`addSkel`, :func:`onAdded`, :func:`canAdd` :returns: The rendered, added object of the entry, eventually with error hints. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not self.canAdd(): raise errors.Unauthorized() skel = self.addSkel() if (len(kwargs) == 0 # no data supplied or skey == "" # no skey supplied or not currentRequest.get(). isPostRequest # bail out if not using POST-method or not skel.fromClient( kwargs) # failure on reading into the bones or ("bounce" in kwargs and kwargs["bounce"] == "1")): # review before adding # render the skeleton in the version it could as far as it could be read. return self.userModule.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel.toDB() if self.registrationEmailVerificationRequired and str( skel["status"]) == "1": # The user will have to verify his email-address. Create an skey and send it to his address skey = securitykey.create(duration=60 * 60 * 24 * 7, userKey=utils.normalizeKey(skel["key"]), name=skel["name"]) skel.skey = baseBone(descr="Skey") skel["skey"] = skey email.sendEMail(dests=[skel["name"]], tpl=self.userModule.verifyEmailAddressMail, skel=skel) self.userModule.onAdded(skel) # Call onAdded on our parent user module return self.userModule.render.addSuccess(skel)
def add(self, skelType, node=None, *args, **kwargs): ## We can't add files directly (they need to be uploaded # if skelType != "node": # raise errors.NotAcceptable() if skelType == "leaf": # We need to handle leafs separately here skey = kwargs.get("skey") targetKey = kwargs.get("key") if not skey or not securitykey.validate( skey, useSessionKey=True) or not targetKey: raise errors.PreconditionFailed() skel = self.addSkel("leaf") if not skel.fromDB(targetKey): raise errors.NotFound() if not skel["pending"]: raise errors.PreconditionFailed() skel["pending"] = False skel["parententry"] = skel["pendingparententry"] if skel["parententry"]: rootNode = self.getRootNode(skel["parententry"]) else: rootNode = None if not self.canAdd("leaf", rootNode): raise errors.Forbidden() blobs = list(bucket.list_blobs(prefix="%s/" % skel["dlkey"])) if len(blobs) != 1: logging.error("Invalid number of blobs in folder") logging.error(targetKey) raise errors.PreconditionFailed() blob = blobs[0] skel["mimetype"] = utils.escapeString(blob.content_type) skel["name"] = utils.escapeString( blob.name.replace("%s/source/" % skel["dlkey"], "")) skel["size"] = blob.size skel["parentrepo"] = rootNode["key"] if rootNode else None skel["weak"] = rootNode is None skel.toDB() # Add updated download-URL as the auto-generated isn't valid yet skel["downloadUrl"] = utils.downloadUrlFor(skel["dlkey"], skel["name"], derived=False) return self.render.addSuccess(skel) return super(File, self).add(skelType, node, *args, **kwargs)
def preview(self, skey, *args, **kwargs): """ Renders data for the entry, without reading it from the database. This function allows to preview the entry without writing it to the database. Any entity values are provided via *kwargs*. The function uses the viewTemplate of the application. :returns: The rendered representation of the supplied data. """ if not self.canPreview(): raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() skel = self.viewSkel() skel.fromClient(kwargs) return self.render.view(skel)
def add(self, *args, **kwargs): """ Add a new entry, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added. .. seealso:: :func:`addSkel`, :func:`onAdd`, :func:`onAdded`, :func:`canAdd` :returns: The rendered, added object of the entry, eventually with error hints. :raises: :exc:`viur.core.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`viur.core.errors.PreconditionFailed`, if the *skey* could not be verified. """ if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not self.canAdd(): raise errors.Unauthorized() skel = self.addSkel() if (len(kwargs) == 0 # no data supplied or skey == "" # no skey supplied or not currentRequest.get(). isPostRequest # failure if not using POST-method or not skel.fromClient( kwargs) # failure on reading into the bones or ("bounce" in kwargs and kwargs["bounce"] == "1" ) # review before adding ): # render the skeleton in the version it could as far as it could be read. return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() self.onAdd(skel) skel.toDB() self.onAdded(skel) return self.render.addSuccess(skel)
def execute(self, taskID, *args, **kwargs): """Queues a specific task for the next maintenance run""" global _callableTasks from viur.core import securitykey if taskID in _callableTasks: task = _callableTasks[taskID]() else: return if not task.canCall(): raise errors.Unauthorized() skel = task.dataSkel() if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if len(kwargs) == 0 or skey == "" or not skel.fromClient(kwargs) or ( "bounce" in kwargs and kwargs["bounce"] == "1"): return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() task.execute(**skel.accessedValues) return self.render.addSuccess(skel)
def getUploadURL(self, *args, **kwargs): skey = kwargs.get("skey", "") node = kwargs.get("node") if node: rootNode = self.getRootNode(node) if not self.canAdd(TreeType.Leaf, rootNode): raise errors.Forbidden() else: if not self.canAdd(TreeType.Leaf, None): raise errors.Forbidden() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() targetKey, uploadUrl, policy = self.createUploadURL(node) resDict = { "url": uploadUrl, "params": { "key": "%s/source/file.dat" % targetKey, } } for key, value in policy.items(): resDict["params"][key] = value return self.render.view(resDict)
def setLanguage(lang, skey): if not securitykey.validate(skey): return if lang in conf["viur.availableLanguages"]: currentLanguage.set(lang)
def checkout(self, step=None, key=None, skey=None, *args, **kwargs): """ Performs the checkout process trough the state machine provided by self.steps. :param step: The current step index, None for beginning a new checkout :param key: Key of the current checkout :param skey: Server security key :return: Returns the rendered template or throws redirection exceptions. """ myKindName = self.viewSkel().kindName if step is None: logging.info("Starting new checkout process") billObj = db.Entity(myKindName) billObj["idx"] = "0000000" for state in self.states: billObj["state_%s" % state] = "0" db.Put(billObj) key = str(billObj.key()) # Copy the Cart if "amountSkel" in dir(self): cart = session.current.get("cart_products") or {} s = self.amountSkel() products = [] for prod, atts in cart.items(): for i in range(0, atts["amount"]): products.append(str(prod)) s.fromClient({"product": products}) s.toDB() session.current["order_" + myKindName] = { "key": str(key), "completedSteps": [] } session.current.markChanged() raise errors.Redirect("?step=0&key=%s" % str(key)) elif key: try: orderKey = db.Key(key) step = int(step) assert (step >= 0) assert (step < len(self.steps)) except: raise errors.NotAcceptable() sessionInfo = session.current.get("order_" + myKindName) if not sessionInfo or not sessionInfo.get("key") == str(orderKey): raise errors.Unauthorized() if step in sessionInfo["completedSteps"]: session.current["order_" + myKindName]["completedSteps"] = [ x for x in sessionInfo["completedSteps"] if x < step ] session.current.markChanged() # Make sure that no steps can be skipped if step != 0 and not step - 1 in sessionInfo["completedSteps"]: raise errors.Redirect("?step=0&key=%s" % str(str(orderKey))) currentStep = self.steps[step] if "preHandler" in currentStep.keys(): try: if isinstance(currentStep["preHandler"], list): for handler in currentStep["preHandler"]: handler(self, step, str(orderKey), *args, **kwargs) else: currentStep["preHandler"](self, step, str(orderKey), refkwargs=kwargs, *args, **kwargs) except SkipStepException: session.current["order_" + myKindName]["completedSteps"].append(step) session.current.markChanged() raise errors.Redirect("?step=%s&key=%s" % (str(step + 1), str(orderKey))) except ReturnHtmlException as e: return (e.html) if "requiresSecurityKey" in currentStep and currentStep[ "requiresSecurityKey"]: if not securitykey.validate(skey): raise errors.PreconditionFailed() pass if "mainHandler" in currentStep: if currentStep["mainHandler"]["action"] == "edit": skel = self.getSkelByName( currentStep["mainHandler"]["skeleton"], str(orderKey)) skel.fromDB(str(orderKey)) if not len(kwargs.keys()) or not skel.fromClient(kwargs): return (self.render.edit( skel, tpl=currentStep["mainHandler"]["template"], step=step)) skel.toDB() if currentStep["mainHandler"]["action"] == "view": if not "complete" in kwargs or not kwargs[ "complete"] == u"1": skel = self.getSkelByName( currentStep["mainHandler"]["skeleton"], str(orderKey)) skel.fromDB(str(orderKey)) return (self.render.view( skel, tpl=currentStep["mainHandler"]["template"], step=step)) elif currentStep["mainHandler"]["action"] == "function": res = currentStep["mainHandler"]["function"](self, step, str(orderKey), *args, **kwargs) if res: return res if "postHandler" in currentStep: currentStep["postHandler"](self, step, str(orderKey), *args, **kwargs) session.current["order_" + myKindName]["completedSteps"].append(step) session.current.markChanged() logging.info("next ?step=%s&key=%s" % (str(step + 1), str(orderKey))) raise errors.Redirect("?step=%s&key=%s" % (str(step + 1), str(orderKey)))
skel["parententry"] = parentNodeSkel["key"] # parentrepo may not exist in parentNodeSkel as it may be an rootNode skel["parentrepo"] = parentNodeSkel["parentrepo"] or parentNodeSkel[ "key"] if (len(kwargs) == 0 # no data supplied or skey == "" # no security key or not skel.fromClient( kwargs) # failure on reading into the bones or not currentRequest.get().isPostRequest or ("bounce" in kwargs and kwargs["bounce"] == "1" ) # review before adding ): return self.render.add(skel) if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() self.onAdd(skelType, skel) skel.toDB() self.onAdded(skelType, skel) return self.render.addSuccess(skel) @exposed @forceSSL def edit(self, skelType, key, *args, **kwargs): """ Modify an existing entry, and render the entry, eventually with error notes on incorrect data. Data is taken by any other arguments in *kwargs*. The function performs several access control checks on the requested entity before it is added.
def pwrecover(self, *args, **kwargs): """ This implements the password recovery process which let them set a new password for their account after validating a code send to them by email. The process is as following: - The user enters his email adress - We'll generate a random code, store it in his session and call sendUserPasswordRecoveryCode - sendUserPasswordRecoveryCode will run in the background, check if we have a user with that name and send the code. It runs as a deferredTask so we don't leak the information if a user account exists. - If the user received his code, he can paste the code and set a new password for his account. To prevent automated attacks, the fist step is guarded by a captcha and we limited calls to this function to 10 actions per 15 minutes. (One complete recovery process consists of two calls). """ if not self.passwordRecoveryRateLimit.isQuotaAvailable(): raise errors.Forbidden() # Quota exhausted, bail out session = currentSession.get() request = currentRequest.get() recoverStep = session.get("user.auth_userpassword.pwrecover") if not recoverStep: # This is the first step, where we ask for the username of the account we'll going to reset the password on skel = self.lostPasswordStep1Skel() if not request.isPostRequest or not skel.fromClient(kwargs): return self.userModule.render.edit( skel, self.passwordRecoveryStep1Template) if not securitykey.validate(kwargs.get("skey"), useSessionKey=True): raise errors.PreconditionFailed() self.passwordRecoveryRateLimit.decrementQuota() recoveryKey = utils.generateRandomString( 13) # This is the key the user will have to Copy&Paste self.sendUserPasswordRecoveryCode( skel["name"].lower(), recoveryKey) # Send the code in the background session["user.auth_userpassword.pwrecover"] = { "name": skel["name"].lower(), "recoveryKey": recoveryKey, "creationdate": utcNow(), "errorCount": 0 } del recoveryKey return self.pwrecover( ) # Fall through to the second step as that key in the session is now set else: if request.isPostRequest and kwargs.get("abort") == "1" \ and securitykey.validate(kwargs.get("skey"), useSessionKey=True): # Allow a user to abort the process if a wrong email has been used session["user.auth_userpassword.pwrecover"] = None return self.pwrecover() # We're in the second step - the code has been send and is waiting for confirmation from the user if utcNow() - session["user.auth_userpassword.pwrecover"][ "creationdate"] > datetime.timedelta(minutes=15): # This recovery-process is expired; reset the session and start over session["user.auth_userpassword.pwrecover"] = None return self.userModule.render.view( skel=None, tpl=self.passwordRecoveryFailedTemplate, reason=self.passwordRecoveryKeyExpired) skel = self.lostPasswordStep2Skel() if not skel.fromClient(kwargs) or not request.isPostRequest: return self.userModule.render.edit( skel, self.passwordRecoveryStep2Template) if not securitykey.validate(kwargs.get("skey"), useSessionKey=True): raise errors.PreconditionFailed() self.passwordRecoveryRateLimit.decrementQuota() if not hmac.compare_digest( session["user.auth_userpassword.pwrecover"]["recoveryKey"], skel["recoveryKey"]): # The key was invalid, increase error-count or abort this recovery process altogether session["user.auth_userpassword.pwrecover"]["errorCount"] += 1 if session["user.auth_userpassword.pwrecover"][ "errorCount"] > 3: session["user.auth_userpassword.pwrecover"] = None return self.userModule.render.view( skel=None, tpl=self.passwordRecoveryFailedTemplate, reason=self.passwordRecoveryKeyInvalid) return self.userModule.render.edit( skel, self.passwordRecoveryStep2Template) # Let's try again # If we made it here, the key was correct, so we'd hopefully have a valid user for this uSkel = userSkel().all().filter( "name.idx =", session["user.auth_userpassword.pwrecover"]["name"]).getSkel() if not uSkel: # This *should* never happen - if we don't have a matching account we'll not send the key. session["user.auth_userpassword.pwrecover"] = None return self.userModule.render.view( skel=None, tpl=self.passwordRecoveryFailedTemplate, reason=self.passwordRecoveryUserNotFound) if uSkel["status"] != 10: # The account is locked or not yet validated. Abort the process session["user.auth_userpassword.pwrecover"] = None return self.userModule.render.view( skel=None, tpl=self.passwordRecoveryFailedTemplate, reason=self.passwordRecoveryAccountLocked) # Update the password, save the user, reset his session and show the success-template uSkel["password"] = skel["password"] uSkel.toDB() session["user.auth_userpassword.pwrecover"] = None return self.userModule.render.view( None, self.passwordRecoverySuccessTemplate)