def pwrecover(self, authtoken=None, skey=None, *args, **kwargs):
if authtoken:
data = securitykey.validate(authtoken, useSessionKey=False)
if data and isinstance(
data, dict) and "userKey" in data and "password" in data:
skel = self.userModule.editSkel()
assert skel.fromDB(data["userKey"])
skel["password"] = data["password"]
skel.toDB()
return self.userModule.render.view(
skel, self.passwordRecoverySuccessTemplate)
else:
return self.userModule.render.view(
None, self.passwordRecoveryInvalidTokenTemplate)
else:
skel = self.lostPasswordSkel()
if len(kwargs) == 0 or not skel.fromClient(
kwargs) or not securitykey.validate(skey,
useSessionKey=True):
return self.userModule.render.passwdRecover(
skel, tpl=self.passwordRecoveryTemplate)
user = self.userModule.viewSkel().all().filter(
"name.idx =", skel["name"].lower()).get()
if not user or user[
"status"] < 10: # Unknown user or locked account
skel.errors["name"] = str("Unknown user")
return self.userModule.render.passwdRecover(
skel, tpl=self.passwordRecoveryTemplate)
try:
if user["changedate"] > (datetime.datetime.now() -
datetime.timedelta(days=1)):
# This user probably has already requested a password reset
# within the last 24 hrss
return self.userModule.render.view(
skel, self.passwordRecoveryAlreadySendTemplate)
except AttributeError: # Some newly generated user-objects dont have such a changedate yet
pass
user["changedate"] = datetime.datetime.now()
db.Put(user)
userSkel = self.userModule.viewSkel().ensureIsCloned()
assert userSkel.fromDB(user.key())
userSkel.skey = baseBone(descr="Skey")
userSkel["skey"] = securitykey.create(60 * 60 * 24,
userKey=str(user.key()),
password=skel["password"])
utils.sendEMail([userSkel["name"]],
self.userModule.passwordRecoveryMail, userSkel)
return self.userModule.render.view(
{}, self.passwordRecoveryInstuctionsSendTemplate)
def logout(self, skey="", *args, **kwargs):
"""
Implements the logout action. It also terminates the current session (all keys not listed
in viur.session.persistentFieldsOnLogout will be lost).
"""
user = session.current.get("user")
if not user:
raise errors.Unauthorized()
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
self.onLogout(user)
oldSession = {k: v
for k, v in session.current.items()
} # Store all items in the current session
session.current.reset()
# Copy the persistent fields over
for k in conf["viur.session.persistentFieldsOnLogout"]:
if k in oldSession:
session.current[k] = oldSession[k]
del oldSession
return self.render.logoutSuccess()
def delete(self, key, skey, *args, **kwargs):
"""
Delete an entry.
The function runs several access control checks on the data before it is deleted.
.. seealso:: :func:`canDelete`, :func:`editSkel`, :func:`onDeleted`
:returns: The rendered, deleted object of the entry.
:raises: :exc:`viur.core.errors.NotFound`, when no entry with the given *key* was found.
:raises: :exc:`viur.core.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`viur.core.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
skel = self.editSkel()
if not skel.fromDB(key):
raise errors.NotFound()
if not self.canDelete(skel):
raise errors.Unauthorized()
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
self.onDelete(skel)
skel.delete()
self.onDeleted(skel)
return self.render.deleteSuccess(skel)
def setIndex(self, item, index, skey, *args, **kwargs):
"""
Changes the order of the elements in the current level by changing the index of *item*.
.. seealso:: :func:`canSetIndex`
:param item: URL-safe key of the item which index should be changed.
:type item: str
:param index: New index for this item. This value must be cast-able to float.
:type index: str
:returns: A rendered success result generated by the default renderer.
:raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
if not self.canSetIndex(item, index):
raise errors.Unauthorized()
fromItem = db.Get(item)
fromItem["sortindex"] = float(index)
db.Put(fromItem)
skel = self.editSkel()
assert skel.fromDB(item)
self.onItemSetIndex(skel)
self.onItemChanged(skel)
return self.render.setIndexSuccess(obj=fromItem)
def index(self, *args, **kwargs):
if not self.canUse():
raise errors.Forbidden() # Unauthorized
skel = self.mailSkel()
if len(kwargs) == 0:
return self.render.add(skel=skel, failed=False)
if not skel.fromClient(kwargs) or not "skey" in kwargs:
return self.render.add(skel=skel, failed=True)
if not securitykey.validate(kwargs["skey"], useSessionKey=True):
raise errors.PreconditionFailed()
# Allow bones to perform outstanding "magic" operations before sending the mail
for key, _bone in skel.items():
if isinstance(_bone, baseBone):
_bone.performMagic(skel.valuesCache, key, isAdd=True)
# Get recipients
rcpts = self.getRcpts(skel)
# Get additional options for sendEMail
opts = self.getOptions(skel)
if not isinstance(opts, dict):
opts = {}
# Send the email!
utils.sendEMail(rcpts, self.mailTemplate, skel, **opts)
self.onAdded(skel)
return self.render.addSuccess(skel)
def add(self, skelType, node, *args, **kwargs):
"""
Add a new entry with the given parent *node*, and render the entry, eventually with error notes
on incorrect data. Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
.. seealso:: :func:`onItemAdded`, :func:`canAdd`
:param skelType: Defines the type of the new entry and may either be "node" or "leaf".
:type skelType: str
:param node: URL-safe key of the parent.
:type node: str
:returns: The rendered, added object of the entry, eventually with error hints.
:raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided.
:raises: :exc:`server.errors.NotFound`, when no valid *node* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if skelType == "node":
skel = self.viewSkel(TreeType.Node)
elif skelType == "leaf" and self.hasDistinctLeafs:
skel = self.viewSkel(TreeType.Leaf)
else:
raise errors.NotAcceptable()
# FIXME: IsValidParent?
#parentNodeSkel = self.editNodeSkel()
#if not parentNodeSkel.fromDB(node):
# raise errors.NotFound()
if not self.canAdd(skelType, node):
raise errors.Unauthorized()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no security key
# or not request.current.get().isPostRequest fixme: POST-method check missing? # failure if not using POST-method
or not skel.fromClient(kwargs) # failure on reading into the bones
or ("bounce" in kwargs and kwargs["bounce"] == "1") # review before adding
):
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel["parentdir"] = str(node)
skel["parentrepo"] = parentNodeSkel["parentrepo"] or str(node)
skel.toDB()
self.onItemAdded(skel)
return self.render.addItemSuccess(skel)
def login(self, name=None, password=None, skey="", *args, **kwargs):
if self.userModule.getCurrentUser(): # Were already logged in
return self.userModule.render.loginSucceeded()
if not name or not password or not securitykey.validate(
skey, useSessionKey=True):
return self.userModule.render.login(self.loginSkel())
query = db.Query(self.userModule.viewSkel().kindName)
res = query.filter("name_idx >=", name.lower()).get()
if res is None:
res = {
"password": {
"pwhash": "-invalid-",
"salt": "-invalid"
},
"status": 0,
"name": "",
"name.idx": ""
}
passwd = pbkdf2(password[:conf["viur.maxPasswordLength"]],
(res.get("password", None) or {}).get("salt", ""))
isOkay = True
# We do this exactly that way to avoid timing attacks
# Check if the username matches
storedUserName = res.get("name_idx", "")
if len(storedUserName) != len(name.lower()):
isOkay = False
else:
for x, y in zip(storedUserName, name.lower()):
if x != y:
isOkay = False
# Check if the password matches
storedPasswordHash = (res.get("password", None)
or {}).get("pwhash", "-invalid-")
if len(storedPasswordHash) != len(passwd):
isOkay = False
else:
for x, y in zip(storedPasswordHash, passwd):
if x != y:
isOkay = False
# Verify that this account isn't blocked
if res["status"] < 10:
isOkay = False
if not isOkay:
skel = self.loginSkel()
skel.fromClient({"name": name, "nomissing": "1"})
return self.userModule.render.login(skel, loginFailed=True)
else:
return self.userModule.continueAuthenticationFlow(self, res.key)
def edit(self, *args, **kwargs):
"""
Modify an existing entry, and render the entry, eventually with error notes on incorrect data.
Data is taken by any other arguments in *kwargs*.
The entry is fetched by its entity key, which either is provided via *kwargs["key"]*,
or as the first parameter in *args*. The function performs several access control checks
on the requested entity before it is modified.
.. seealso:: :func:`editSkel`, :func:`onItemEdited`, :func:`canEdit`
:returns: The rendered, edited object of the entry, eventually with error hints.
:raises: :exc:`server.errors.NotAcceptable`, when no *key* is provided.
:raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if len(args) == 1:
key = args[0]
elif "key" in kwargs:
key = kwargs["key"]
else:
raise errors.NotAcceptable()
skel = self.editSkel()
if not skel.fromDB(key):
raise errors.NotAcceptable()
if not self.canEdit(skel):
raise errors.Unauthorized()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no security key
or not request.current.get().
isPostRequest # failure if not using POST-method
or not skel.fromClient(
kwargs) # failure on reading into the bones
or ("bounce" in kwargs and kwargs["bounce"] == "1"
) # review before changing
):
return self.render.edit(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel.toDB() # write it!
self.onItemEdited(skel)
self.onItemChanged(skel)
return self.render.editItemSuccess(skel)
def reparent(self, item, dest, skey, *args, **kwargs):
"""
Moves an entry *item* (and everything beneath it) to another parent-node *dest*.
.. seealso:: :func:`canReparent`
:param item: URL-safe key of the item which will be moved.
:type item: str
:param dest: URL-safe key of the new parent for this item.
:type dest: str
:returns: A rendered success result generated by the default renderer.
:raises: :exc:`server.errors.NotFound`, when no entry with the given *id* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
if not self.canReparent(item, dest):
raise errors.Unauthorized()
if not self.isValidParent(dest) or item == dest:
raise errors.NotAcceptable()
## Test for recursion
isValid = False
currLevel = db.Get(dest)
for x in range(0, 99):
if str(currLevel.key()) == item:
break
if currLevel.key().kind(
) == self.viewSkel().kindName + "_rootNode":
# We reached a rootNode
isValid = True
break
currLevel = db.Get(currLevel["parententry"])
if not isValid:
raise errors.NotAcceptable()
## Update entry
fromItem = db.Get(item)
fromItem["parententry"] = dest
fromItem["parentrepo"] = str(self.getRootNode(dest).key())
db.Put(fromItem)
skel = self.editSkel()
assert skel.fromDB(item)
self.onItemReparent(skel)
self.onItemChanged(skel)
return self.render.reparentSuccess(obj=fromItem)
def verify(self, skey, *args, **kwargs): data = securitykey.validate(skey, useSessionKey=False) skel = self.userModule.baseSkel() if not data or not isinstance(data, dict) or not "userKey" in data or not skel.fromDB(data["userKey"]): return self.userModule.render.view(None, self.verifyFailedTemplate) if self.registrationAdminVerificationRequired: skel["status"] = 2 else: skel["status"] = 10 skel.toDB() return self.userModule.render.view(skel, self.verifySuccessTemplate)
def add(self, skelType, node, *args, **kwargs):
"""
Add a new entry with the given parent *node*, and render the entry, eventually with error notes
on incorrect data. Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
.. seealso:: :func:`canAdd`, :func:`onAdd`, , :func:`onAdded`
:param skelType: Defines the type of the new entry and may either be "node" or "leaf".
:type skelType: str
:param node: URL-safe key of the parent.
:type node: str
:returns: The rendered, added object of the entry, eventually with error hints.
:raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided.
:raises: :exc:`server.errors.NotFound`, when no valid *node* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if not self._checkSkelType(skelType):
raise errors.NotAcceptable()
skel = self.addSkel(skelType)
parentNodeSkel = self.editSkel("node")
if not parentNodeSkel.fromDB(node):
raise errors.NotFound()
if not self.canAdd(skelType, parentNodeSkel):
raise errors.Unauthorized()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no security key
or not skel.fromClient(
kwargs) # failure on reading into the bones
or not currentRequest.get().isPostRequest
or ("bounce" in kwargs and kwargs["bounce"] == "1"
) # review before adding
):
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel["parententry"] = parentNodeSkel["key"]
# parentrepo may not exist of parentNodeSkel as it may be an rootNode
skel["parentrepo"] = parentNodeSkel["parentrepo"] or parentNodeSkel[
"key"]
self.onAdd(skel)
skel.toDB()
self.onAdded(skel)
return self.render.addSuccess(skel)
def clone(self,
fromRepo,
toRepo,
fromParent=None,
toParent=None,
*args,
**kwargs):
"""
Clones a hierarchy recursively.
This function only initiates the cloning process, which is performed in the background.
It states only a successful result when the clone action has been correctly initiated.
:param fromRepo: URL-safe key of the key to the repository (=root-node Key) to clone from.
:type fromRepo: str
:param toRepo: URL-safe key of the key to the repository (=root-node Key) to clone to.
:type toRepo: str
:param fromParent: URL-safe key of the parent to clone from; for root nodes, this is equal \
to fromRepo, and can be omitted.
:type fromParent: str
:param toParent: URL-safe key of the parent to clone to; for root nodes, this is equal to \
toRepo, and can be omitted.
:type toParent: str
:returns: A rendered success result generated by the default renderer.
:raises: :exc:`server.errors.NotAcceptable`, when no valid *parent* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if fromParent is None:
fromParent = fromRepo
if toParent is None:
toParent = toRepo
if not (self.isValidParent(fromParent)
and self.isValidParent(toParent)): # Ensure the parents exists
raise errors.NotAcceptable()
if not self.canAdd(toParent):
raise errors.Unauthorized()
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
self._clone(fromRepo, toRepo, fromParent, toParent)
return self.render.cloneSuccess()
def getUploadURL(self, fileName, mimeType, size=None, skey=None, *args, **kwargs):
node = kwargs.get("node")
authData = kwargs.get("authData")
authSig = kwargs.get("authSig")
# Validate the the contentType from the client seems legit
mimeType = mimeType.lower()
assert len(mimeType.split("/")) == 2, "Invalid Mime-Type"
assert all([x in string.ascii_letters + string.digits + "/-.+" for x in mimeType]), "Invalid Mime-Type"
if authData and authSig:
# First, validate the signature, otherwise we don't need to proceed any further
if not utils.hmacVerify(authData.encode("ASCII"), authSig):
raise errors.Forbidden()
authData = json.loads(base64.b64decode(authData.encode("ASCII")).decode("UTF-8"))
if datetime.strptime(authData["validUntil"], "%Y%m%d%H%M") < datetime.now():
raise errors.Gone()
if authData["validMimeTypes"]:
for validMimeType in authData["validMimeTypes"]:
if validMimeType == mimeType or (
validMimeType.endswith("*") and mimeType.startswith(validMimeType[:-1])):
break
else:
raise errors.NotAcceptable()
node = authData["node"]
maxSize = authData["maxSize"]
else:
if node:
rootNode = self.getRootNode(node)
if not self.canAdd("leaf", rootNode):
raise errors.Forbidden()
else:
if not self.canAdd("leaf", None):
raise errors.Forbidden()
maxSize = None # The user has some file/add permissions, don't restrict fileSize
if maxSize:
try:
size = int(size)
assert size <= maxSize
except: # We have a size-limit set - but no size supplied
raise errors.PreconditionFailed()
else:
size = None
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
targetKey, uploadUrl = self.initializeUpload(fileName, mimeType.lower(), node, size)
resDict = {
"uploadUrl": uploadUrl,
"uploadKey": targetKey,
}
return self.render.view(resDict)
def login(self, skey="", token="", *args, **kwargs):
# FIXME: Check if already logged in
if not conf.get("viur.user.google.clientID"):
raise errors.PreconditionFailed("Please configure 'viur.user.google.clientID' in your conf!")
if not skey or not token:
currentRequest.get().response.headers["Content-Type"] = "text/html"
# Fixme: Render with Jinja2?
tplStr = open("viur/core/template/vi_user_google_login.html", "r").read()
tplStr = tplStr.replace("{{ clientID }}", conf["viur.user.google.clientID"])
return tplStr
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
userInfo = id_token.verify_oauth2_token(token, requests.Request(), conf["viur.user.google.clientID"])
if userInfo['iss'] not in {'accounts.google.com', 'https://accounts.google.com'}:
raise ValueError('Wrong issuer.')
# Token looks valid :)
uid = userInfo['sub']
email = userInfo['email']
addSkel = skeletonByKind(self.userModule.addSkel().kindName) # Ensure that we have the full skeleton
userSkel = addSkel().all().filter("uid =", uid).getSkel()
if not userSkel:
# We'll try again - checking if there's already an user with that email
userSkel = addSkel().all().filter("name.idx =", email.lower()).getSkel()
if not userSkel: # Still no luck - it's a completely new user
if not self.registrationEnabled:
if userInfo.get("hd") and userInfo["hd"] in conf["viur.user.google.gsuiteDomains"]:
print("User is from domain - adding account")
else:
logging.warning("Denying registration of %s", email)
raise errors.Forbidden("Registration for new users is disabled")
userSkel = addSkel() # We'll add a new user
userSkel["uid"] = uid
userSkel["name"] = email
isAdd = True
else:
isAdd = False
now = datetime.datetime.now()
if isAdd or (now - userSkel["lastlogin"]) > datetime.timedelta(minutes=30):
# Conserve DB-Writes: Update the user max once in 30 Minutes
userSkel["lastlogin"] = now
#if users.is_current_user_admin():
# if not userSkel["access"]:
# userSkel["access"] = []
# if not "root" in userSkel["access"]:
# userSkel["access"].append("root")
# userSkel["gaeadmin"] = True
#else:
# userSkel["gaeadmin"] = False
assert userSkel.toDB()
return self.userModule.continueAuthenticationFlow(self, userSkel["key"])
def edit(self, skelType, key, *args, **kwargs):
"""
Modify an existing entry, and render the entry, eventually with error notes on incorrect data.
Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
.. seealso:: :func:`onAdded`, :func:`canEdit`
:param skelType: Defines the type of the entry that should be modified and may either be "node" or "leaf".
:type skelType: str
:param key: URL-safe key of the item to be edited.
:type key: str
:returns: The rendered, modified object of the entry, eventually with error hints.
:raises: :exc:`server.errors.NotAcceptable`, when no valid *skelType* was provided.
:raises: :exc:`server.errors.NotFound`, when no valid *node* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if skelType == "node":
skelType = TreeType.Node
elif skelType == "leaf" and self.leafSkelCls:
skelType = TreeType.Leaf
else:
raise errors.NotAcceptable()
skel = self.addSkel(skelType)
if not skel.fromDB(key):
raise errors.NotFound()
if not self.canEdit(skelType, skel):
raise errors.Unauthorized()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no security key
or not skel.fromClient(
kwargs) # failure on reading into the bones
or not currentRequest.get().isPostRequest
or ("bounce" in kwargs and kwargs["bounce"] == "1"
) # review before adding
):
return self.render.edit(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel.toDB()
self.onEdited(skel)
return self.render.editSuccess(skel)
def markCanceled(self, key, skey, *args, **kwargs):
"""
Exposed function for marking an order as cancelled.
:param key: The key of the order to be marked.
:type key: str
"""
if not self.canEdit(key):
raise errors.Unauthorized()
if not securitykey.validate(skey):
raise errors.PreconditionFailed()
self.setCanceled(key)
return "OKAY"
def edit(self, *args, **kwargs):
"""
Modify the existing entry, and render the entry, eventually with error notes on incorrect data.
The entry is fetched by its entity key, which either is provided via *kwargs["key"]*,
or as the first parameter in *args*. The function performs several access control checks
on the singleton's entity before it is modified.
.. seealso:: :func:`editSkel`, :func:`onItemEdited`, :func:`canEdit`
:returns: The rendered, edited object of the entry, eventually with error hints.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
skel = self.editSkel()
if not self.canEdit():
raise errors.Unauthorized()
key = db.Key.from_path(self.editSkel().kindName, self.getKey())
if not skel.fromDB(
str(key)): # Its not there yet; we need to set the key again
skel["key"] = str(key)
if (len(kwargs) == 0 # no data supplied
or skey == "" # no skey provided
or not skel.fromClient(
kwargs) # failure on reading into the bones
or ("bounce" in kwargs
and kwargs["bounce"] == "1")): # review before changing
return self.render.edit(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel.toDB()
self.onItemEdited(skel)
return self.render.editItemSuccess(skel)
def add(self, parent, *args, **kwargs):
"""
Add a new entry with the given parent, and render the entry, eventually with error notes on incorrect data.
Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
.. seealso:: :func:`addSkel`, :func:`onItemAdded`, :func:`canAdd`
:param parent: URL-safe key of the parent.
:type parent: str
:returns: The rendered, added object of the entry, eventually with error hints.
:raises: :exc:`server.errors.NotAcceptable`, when no valid *parent* was found.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if not self.isValidParent(parent): # Ensure the parent exists
raise errors.NotAcceptable()
if not self.canAdd(parent):
raise errors.Unauthorized()
skel = self.addSkel()
if (len(kwargs) == 0 or skey == ""
or not request.current.get().isPostRequest
or not skel.fromClient(kwargs)
or ("bounce" in kwargs and kwargs["bounce"] == "1")):
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel["parententry"] = str(parent)
skel["parentrepo"] = str(self.getRootNode(parent).key())
key = skel.toDB()
self.onItemAdded(skel)
self.onItemChanged(skel)
return self.render.addItemSuccess(skel)
def delete(self, skelType, key, *args, **kwargs): """ Deletes an entry or an directory (including its contents). The function runs several access control checks on the data before it is deleted. .. seealso:: :func:`canDelete`, :func:`onItemDeleted` :param skelType: Defines the type of the entry that should be deleted and may either be "node" or "leaf". :type skelType: str :param key: URL-safe key of the item to be deleted. :type key: str :returns: The rendered, deleted object of the entry. :raises: :exc:`server.errors.NotFound`, when no entry with the given *key* was found. :raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions. :raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified. """ if skelType == "node": skel = self.viewSkel(TreeType.Node) elif skelType == "leaf" and self.hasDistinctLeafs: skel = self.viewSkel(TreeType.Leaf) else: raise errors.NotAcceptable() if "skey" in kwargs: skey = kwargs["skey"] else: skey = "" if not skel.fromDB(key): raise errors.NotFound() if not self.canDelete(skelType, skel): raise errors.Unauthorized() if not securitykey.validate(skey, useSessionKey=True): raise errors.PreconditionFailed() if skelType == "node": self.deleteRecursive(key) skel.delete() self.onItemDeleted(skel) return self.render.deleteSuccess(skel, skelType=skelType)
def otp(self, otptoken=None, skey=None, *args, **kwargs):
currSess = currentSession.get()
token = currSess.get("_otp_user")
if not token:
raise errors.Forbidden()
if otptoken is None:
self.userModule.render.edit(self.otpSkel())
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
if token["failures"] > 3:
raise errors.Forbidden(
"Maximum amount of authentication retries exceeded")
if len(token["otpkey"]) % 2 == 1:
raise errors.PreconditionFailed(
"The otp secret stored for this user is invalid (uneven length)"
)
validTokens = self.generateOtps(token["otpkey"], token["otptimedrift"])
try:
otptoken = int(otptoken)
except:
# We got a non-numeric token - this cant be correct
self.userModule.render.edit(self.otpSkel(), tpl=self.otpTemplate)
if otptoken in validTokens:
userKey = currSess["_otp_user"]["uid"]
del currSess["_otp_user"]
currSess.markChanged()
idx = validTokens.index(int(otptoken))
if abs(idx - self.windowSize) > 2:
# The time-drift accumulates to more than 2 minutes, update our
# clock-drift value accordingly
self.updateTimeDrift(userKey, idx - self.windowSize)
return self.userModule.secondFactorSucceeded(self, userKey)
else:
token["failures"] += 1
currSess["_otp_user"] = token
currSess.markChanged()
return self.userModule.render.edit(self.otpSkel(),
loginFailed=True,
tpl=self.otpTemplate)
def add(self, *args, **kwargs):
"""
Allows guests to register a new account if self.registrationEnabled is set to true
.. seealso:: :func:`addSkel`, :func:`onAdded`, :func:`canAdd`
:returns: The rendered, added object of the entry, eventually with error hints.
:raises: :exc:`server.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`server.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if not self.canAdd():
raise errors.Unauthorized()
skel = self.addSkel()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no skey supplied
or not currentRequest.get().
isPostRequest # bail out if not using POST-method
or not skel.fromClient(
kwargs) # failure on reading into the bones
or ("bounce" in kwargs
and kwargs["bounce"] == "1")): # review before adding
# render the skeleton in the version it could as far as it could be read.
return self.userModule.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel.toDB()
if self.registrationEmailVerificationRequired and str(
skel["status"]) == "1":
# The user will have to verify his email-address. Create an skey and send it to his address
skey = securitykey.create(duration=60 * 60 * 24 * 7,
userKey=utils.normalizeKey(skel["key"]),
name=skel["name"])
skel.skey = baseBone(descr="Skey")
skel["skey"] = skey
email.sendEMail(dests=[skel["name"]],
tpl=self.userModule.verifyEmailAddressMail,
skel=skel)
self.userModule.onAdded(skel) # Call onAdded on our parent user module
return self.userModule.render.addSuccess(skel)
def add(self, skelType, node=None, *args, **kwargs):
## We can't add files directly (they need to be uploaded
# if skelType != "node":
# raise errors.NotAcceptable()
if skelType == "leaf": # We need to handle leafs separately here
skey = kwargs.get("skey")
targetKey = kwargs.get("key")
if not skey or not securitykey.validate(
skey, useSessionKey=True) or not targetKey:
raise errors.PreconditionFailed()
skel = self.addSkel("leaf")
if not skel.fromDB(targetKey):
raise errors.NotFound()
if not skel["pending"]:
raise errors.PreconditionFailed()
skel["pending"] = False
skel["parententry"] = skel["pendingparententry"]
if skel["parententry"]:
rootNode = self.getRootNode(skel["parententry"])
else:
rootNode = None
if not self.canAdd("leaf", rootNode):
raise errors.Forbidden()
blobs = list(bucket.list_blobs(prefix="%s/" % skel["dlkey"]))
if len(blobs) != 1:
logging.error("Invalid number of blobs in folder")
logging.error(targetKey)
raise errors.PreconditionFailed()
blob = blobs[0]
skel["mimetype"] = utils.escapeString(blob.content_type)
skel["name"] = utils.escapeString(
blob.name.replace("%s/source/" % skel["dlkey"], ""))
skel["size"] = blob.size
skel["parentrepo"] = rootNode["key"] if rootNode else None
skel["weak"] = rootNode is None
skel.toDB()
# Add updated download-URL as the auto-generated isn't valid yet
skel["downloadUrl"] = utils.downloadUrlFor(skel["dlkey"],
skel["name"],
derived=False)
return self.render.addSuccess(skel)
return super(File, self).add(skelType, node, *args, **kwargs)
def preview(self, skey, *args, **kwargs):
"""
Renders data for the entry, without reading it from the database.
This function allows to preview the entry without writing it to the database.
Any entity values are provided via *kwargs*.
The function uses the viewTemplate of the application.
:returns: The rendered representation of the supplied data.
"""
if not self.canPreview():
raise errors.Unauthorized()
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
skel = self.viewSkel()
skel.fromClient(kwargs)
return self.render.view(skel)
def add(self, *args, **kwargs):
"""
Add a new entry, and render the entry, eventually with error notes on incorrect data.
Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
.. seealso:: :func:`addSkel`, :func:`onAdd`, :func:`onAdded`, :func:`canAdd`
:returns: The rendered, added object of the entry, eventually with error hints.
:raises: :exc:`viur.core.errors.Unauthorized`, if the current user does not have the required permissions.
:raises: :exc:`viur.core.errors.PreconditionFailed`, if the *skey* could not be verified.
"""
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if not self.canAdd():
raise errors.Unauthorized()
skel = self.addSkel()
if (len(kwargs) == 0 # no data supplied
or skey == "" # no skey supplied
or not currentRequest.get().
isPostRequest # failure if not using POST-method
or not skel.fromClient(
kwargs) # failure on reading into the bones
or ("bounce" in kwargs and kwargs["bounce"] == "1"
) # review before adding
):
# render the skeleton in the version it could as far as it could be read.
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
self.onAdd(skel)
skel.toDB()
self.onAdded(skel)
return self.render.addSuccess(skel)
def execute(self, taskID, *args, **kwargs):
"""Queues a specific task for the next maintenance run"""
global _callableTasks
from viur.core import securitykey
if taskID in _callableTasks:
task = _callableTasks[taskID]()
else:
return
if not task.canCall():
raise errors.Unauthorized()
skel = task.dataSkel()
if "skey" in kwargs:
skey = kwargs["skey"]
else:
skey = ""
if len(kwargs) == 0 or skey == "" or not skel.fromClient(kwargs) or (
"bounce" in kwargs and kwargs["bounce"] == "1"):
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
task.execute(**skel.accessedValues)
return self.render.addSuccess(skel)
def getUploadURL(self, *args, **kwargs):
skey = kwargs.get("skey", "")
node = kwargs.get("node")
if node:
rootNode = self.getRootNode(node)
if not self.canAdd(TreeType.Leaf, rootNode):
raise errors.Forbidden()
else:
if not self.canAdd(TreeType.Leaf, None):
raise errors.Forbidden()
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
targetKey, uploadUrl, policy = self.createUploadURL(node)
resDict = {
"url": uploadUrl,
"params": {
"key": "%s/source/file.dat" % targetKey,
}
}
for key, value in policy.items():
resDict["params"][key] = value
return self.render.view(resDict)
def setLanguage(lang, skey):
if not securitykey.validate(skey):
return
if lang in conf["viur.availableLanguages"]:
currentLanguage.set(lang)
def checkout(self, step=None, key=None, skey=None, *args, **kwargs):
"""
Performs the checkout process trough the state machine provided by self.steps.
:param step: The current step index, None for beginning a new checkout
:param key: Key of the current checkout
:param skey: Server security key
:return: Returns the rendered template or throws redirection exceptions.
"""
myKindName = self.viewSkel().kindName
if step is None:
logging.info("Starting new checkout process")
billObj = db.Entity(myKindName)
billObj["idx"] = "0000000"
for state in self.states:
billObj["state_%s" % state] = "0"
db.Put(billObj)
key = str(billObj.key())
# Copy the Cart
if "amountSkel" in dir(self):
cart = session.current.get("cart_products") or {}
s = self.amountSkel()
products = []
for prod, atts in cart.items():
for i in range(0, atts["amount"]):
products.append(str(prod))
s.fromClient({"product": products})
s.toDB()
session.current["order_" + myKindName] = {
"key": str(key),
"completedSteps": []
}
session.current.markChanged()
raise errors.Redirect("?step=0&key=%s" % str(key))
elif key:
try:
orderKey = db.Key(key)
step = int(step)
assert (step >= 0)
assert (step < len(self.steps))
except:
raise errors.NotAcceptable()
sessionInfo = session.current.get("order_" + myKindName)
if not sessionInfo or not sessionInfo.get("key") == str(orderKey):
raise errors.Unauthorized()
if step in sessionInfo["completedSteps"]:
session.current["order_" + myKindName]["completedSteps"] = [
x for x in sessionInfo["completedSteps"] if x < step
]
session.current.markChanged()
# Make sure that no steps can be skipped
if step != 0 and not step - 1 in sessionInfo["completedSteps"]:
raise errors.Redirect("?step=0&key=%s" % str(str(orderKey)))
currentStep = self.steps[step]
if "preHandler" in currentStep.keys():
try:
if isinstance(currentStep["preHandler"], list):
for handler in currentStep["preHandler"]:
handler(self, step, str(orderKey), *args, **kwargs)
else:
currentStep["preHandler"](self,
step,
str(orderKey),
refkwargs=kwargs,
*args,
**kwargs)
except SkipStepException:
session.current["order_" +
myKindName]["completedSteps"].append(step)
session.current.markChanged()
raise errors.Redirect("?step=%s&key=%s" %
(str(step + 1), str(orderKey)))
except ReturnHtmlException as e:
return (e.html)
if "requiresSecurityKey" in currentStep and currentStep[
"requiresSecurityKey"]:
if not securitykey.validate(skey):
raise errors.PreconditionFailed()
pass
if "mainHandler" in currentStep:
if currentStep["mainHandler"]["action"] == "edit":
skel = self.getSkelByName(
currentStep["mainHandler"]["skeleton"], str(orderKey))
skel.fromDB(str(orderKey))
if not len(kwargs.keys()) or not skel.fromClient(kwargs):
return (self.render.edit(
skel,
tpl=currentStep["mainHandler"]["template"],
step=step))
skel.toDB()
if currentStep["mainHandler"]["action"] == "view":
if not "complete" in kwargs or not kwargs[
"complete"] == u"1":
skel = self.getSkelByName(
currentStep["mainHandler"]["skeleton"],
str(orderKey))
skel.fromDB(str(orderKey))
return (self.render.view(
skel,
tpl=currentStep["mainHandler"]["template"],
step=step))
elif currentStep["mainHandler"]["action"] == "function":
res = currentStep["mainHandler"]["function"](self, step,
str(orderKey),
*args,
**kwargs)
if res:
return res
if "postHandler" in currentStep:
currentStep["postHandler"](self, step, str(orderKey), *args,
**kwargs)
session.current["order_" +
myKindName]["completedSteps"].append(step)
session.current.markChanged()
logging.info("next ?step=%s&key=%s" %
(str(step + 1), str(orderKey)))
raise errors.Redirect("?step=%s&key=%s" %
(str(step + 1), str(orderKey)))
skel["parententry"] = parentNodeSkel["key"]
# parentrepo may not exist in parentNodeSkel as it may be an rootNode
skel["parentrepo"] = parentNodeSkel["parentrepo"] or parentNodeSkel[
"key"]
if (len(kwargs) == 0 # no data supplied
or skey == "" # no security key
or not skel.fromClient(
kwargs) # failure on reading into the bones
or not currentRequest.get().isPostRequest
or ("bounce" in kwargs and kwargs["bounce"] == "1"
) # review before adding
):
return self.render.add(skel)
if not securitykey.validate(skey, useSessionKey=True):
raise errors.PreconditionFailed()
self.onAdd(skelType, skel)
skel.toDB()
self.onAdded(skelType, skel)
return self.render.addSuccess(skel)
@exposed
@forceSSL
def edit(self, skelType, key, *args, **kwargs):
"""
Modify an existing entry, and render the entry, eventually with error notes on incorrect data.
Data is taken by any other arguments in *kwargs*.
The function performs several access control checks on the requested entity before it is added.
def pwrecover(self, *args, **kwargs):
"""
This implements the password recovery process which let them set a new password for their account
after validating a code send to them by email. The process is as following:
- The user enters his email adress
- We'll generate a random code, store it in his session and call sendUserPasswordRecoveryCode
- sendUserPasswordRecoveryCode will run in the background, check if we have a user with that name
and send the code. It runs as a deferredTask so we don't leak the information if a user account exists.
- If the user received his code, he can paste the code and set a new password for his account.
To prevent automated attacks, the fist step is guarded by a captcha and we limited calls to this function
to 10 actions per 15 minutes. (One complete recovery process consists of two calls).
"""
if not self.passwordRecoveryRateLimit.isQuotaAvailable():
raise errors.Forbidden() # Quota exhausted, bail out
session = currentSession.get()
request = currentRequest.get()
recoverStep = session.get("user.auth_userpassword.pwrecover")
if not recoverStep:
# This is the first step, where we ask for the username of the account we'll going to reset the password on
skel = self.lostPasswordStep1Skel()
if not request.isPostRequest or not skel.fromClient(kwargs):
return self.userModule.render.edit(
skel, self.passwordRecoveryStep1Template)
if not securitykey.validate(kwargs.get("skey"),
useSessionKey=True):
raise errors.PreconditionFailed()
self.passwordRecoveryRateLimit.decrementQuota()
recoveryKey = utils.generateRandomString(
13) # This is the key the user will have to Copy&Paste
self.sendUserPasswordRecoveryCode(
skel["name"].lower(),
recoveryKey) # Send the code in the background
session["user.auth_userpassword.pwrecover"] = {
"name": skel["name"].lower(),
"recoveryKey": recoveryKey,
"creationdate": utcNow(),
"errorCount": 0
}
del recoveryKey
return self.pwrecover(
) # Fall through to the second step as that key in the session is now set
else:
if request.isPostRequest and kwargs.get("abort") == "1" \
and securitykey.validate(kwargs.get("skey"), useSessionKey=True):
# Allow a user to abort the process if a wrong email has been used
session["user.auth_userpassword.pwrecover"] = None
return self.pwrecover()
# We're in the second step - the code has been send and is waiting for confirmation from the user
if utcNow() - session["user.auth_userpassword.pwrecover"][
"creationdate"] > datetime.timedelta(minutes=15):
# This recovery-process is expired; reset the session and start over
session["user.auth_userpassword.pwrecover"] = None
return self.userModule.render.view(
skel=None,
tpl=self.passwordRecoveryFailedTemplate,
reason=self.passwordRecoveryKeyExpired)
skel = self.lostPasswordStep2Skel()
if not skel.fromClient(kwargs) or not request.isPostRequest:
return self.userModule.render.edit(
skel, self.passwordRecoveryStep2Template)
if not securitykey.validate(kwargs.get("skey"),
useSessionKey=True):
raise errors.PreconditionFailed()
self.passwordRecoveryRateLimit.decrementQuota()
if not hmac.compare_digest(
session["user.auth_userpassword.pwrecover"]["recoveryKey"],
skel["recoveryKey"]):
# The key was invalid, increase error-count or abort this recovery process altogether
session["user.auth_userpassword.pwrecover"]["errorCount"] += 1
if session["user.auth_userpassword.pwrecover"][
"errorCount"] > 3:
session["user.auth_userpassword.pwrecover"] = None
return self.userModule.render.view(
skel=None,
tpl=self.passwordRecoveryFailedTemplate,
reason=self.passwordRecoveryKeyInvalid)
return self.userModule.render.edit(
skel,
self.passwordRecoveryStep2Template) # Let's try again
# If we made it here, the key was correct, so we'd hopefully have a valid user for this
uSkel = userSkel().all().filter(
"name.idx =",
session["user.auth_userpassword.pwrecover"]["name"]).getSkel()
if not uSkel: # This *should* never happen - if we don't have a matching account we'll not send the key.
session["user.auth_userpassword.pwrecover"] = None
return self.userModule.render.view(
skel=None,
tpl=self.passwordRecoveryFailedTemplate,
reason=self.passwordRecoveryUserNotFound)
if uSkel["status"] != 10: # The account is locked or not yet validated. Abort the process
session["user.auth_userpassword.pwrecover"] = None
return self.userModule.render.view(
skel=None,
tpl=self.passwordRecoveryFailedTemplate,
reason=self.passwordRecoveryAccountLocked)
# Update the password, save the user, reset his session and show the success-template
uSkel["password"] = skel["password"]
uSkel.toDB()
session["user.auth_userpassword.pwrecover"] = None
return self.userModule.render.view(
None, self.passwordRecoverySuccessTemplate)
