def user_add():
if app.config['LDAP_AUTH']:
abort(404)
error_fields = []
if current_user.username != 'admin':
abort(403)
if request.method == 'POST':
username = request.form['username'].strip()
if len(username) <= 2:
error_fields.append('username')
if len(username) > 8:
error_fields.append('username')
if not username.isalnum():
error_fields.append('username')
if User.query.filter_by(username=username).count() > 0:
error_fields.append('username')
name = request.form['name'].strip()
if len(name) <= 0:
error_fields.append('name')
email = request.form['email'].strip()
if len(email) <= 3:
error_fields.append('email')
password = request.form['password'].strip()
if len(password) <= 0:
error_fields.append('password')
# Create user if no errors
if len(error_fields) <= 0:
db.session.add(User(username, name, email))
db.session.commit()
user = User.query.filter_by(username=username).first()
user.set_password(password)
db.session.commit()
flash("User added.")
return redirect(url_for('admin.users'))
return render_template('admin/user_add.html', error_fields=error_fields)
def initdb(username, password):
"""Initialize the database."""
click.echo("Initialize the database...")
db.create_all()
dj = DJ(u"Automation", u"Automation", False)
db.session.add(dj)
db.session.commit()
cats = [
Category(u"Events", u"events", True),
Category(u"Music Adds", u"music-adds", True),
Category(u"Programming", u"programming", True),
Category(u"Updates", u"station-updates", True),
Category(u"Woove", u"woove", True)
]
for cat in cats:
db.session.add(cat)
# Create the first account
click.echo("Create {0} user...".format(username))
user = User(unicode(username), unicode(username),
u"{0}@localhost".format(username))
user.set_password(unicode(password))
db.session.add(user)
# The first Rotation is always the default
db.session.add(Rotation(u"None"))
map(
db.session.add,
map(Rotation,
[u"Metal", u"New Music", u"Jazz", u"Rock", u"Americana"]))
db.session.commit()
click.echo("Database initialized.")
def login():
errors = []
if 'username' in request.form:
if app.config['LDAP_AUTH']:
if len(request.form['password']) > 0:
o = orthrus.Orthrus(
ldap_uri=app.config['LDAP_URI'],
user_template_dn=app.config['LDAP_AUTH_DN'],
group_base_dn=app.config['LDAP_BASE_DN'],
role_mapping={
'admin': app.config['LDAP_GROUPS_ADMIN'],
'content': app.config['LDAP_GROUPS_CONTENT'],
'business': app.config['LDAP_GROUPS_BUSINESS'],
'library': app.config['LDAP_GROUPS_LIBRARY'],
'missioncontrol':
app.config['LDAP_GROUPS_MISSIONCONTROL'],
},
verify=app.config['LDAP_VERIFY'])
try:
r = o.authenticate(request.form['username'],
request.form['password'],
['uid', 'cn', 'mail'])
if r[0] is True:
user = User.query.filter(
User.username == r[1]['uid'][0]).first()
if user is None:
# create new user in the database, since one does
# not already exist for this orthrus user
user = User(r[1]['uid'][0], r[1]['cn'][0],
r[1]['mail'][0])
db.session.add(user)
db.session.commit()
else:
# update existing user data in database
user.name = r[1]['cn'][0]
user.email = r[1]['mail'][0]
db.session.commit()
login_user(user)
session['username'] = user.username
session['access'] = r[2]
log_auth_success("orthrus", user.username, request)
return redirect_back('admin.index')
else:
log_auth_failure("orthrus", request.form['username'],
request)
errors.append("Invalid username or password.")
except Exception as e:
app.logger.error("wuvt-site: orthrus: {}".format(e))
errors.append("Authentication backend error.")
else:
log_auth_failure("orthrus", request.form['username'], request)
errors.append("Invalid username or password.")
else:
user = User.query.filter(
User.username == request.form['username']).first()
if user and user.check_password(request.form['password']):
login_user(user)
session['username'] = user.username
session['access'] = [
'admin', 'content', 'library', 'missioncontrol', 'business'
]
log_auth_success("DB", user.username, request)
return redirect_back('admin.index')
else:
log_auth_failure("DB", request.form['username'], request)
errors.append("Invalid username or password.")
return render_template('auth/login.html',
next=request.values.get('next') or "",
errors=errors)
from wuvt.trackman.models import DJ, Rotation
from wuvt.models import User
db.create_all()
dj = DJ(u"Automation", u"Automation", False)
db.session.add(dj)
db.session.commit()
cats = [
Category(u"Events", u"events", True),
Category(u"Music Adds", u"music-adds", True),
Category(u"Programming", u"programming", True),
Category(u"Updates", u"station-updates", True),
Category(u"Woove", u"woove", True)
]
for cat in cats:
db.session.add(cat)
# There must be a user called 'admin'. This is hardcoded in everything to be the superuser.
user = User(u"admin", u"admin", u"*****@*****.**")
user.set_password(u"Password1!")
db.session.add(user)
# The first Rotation is always the default
db.session.add(Rotation(u"None"))
map(db.session.add,
map(Rotation, [u"Metal", u"New Music", u"Jazz", u"Rock", u"Americana"]))
db.session.commit()
def login():
errors = []
if 'username' in request.form:
if app.config['LDAP_AUTH']:
if len(request.form['password']) > 0:
dn = build_dn(request.form['username'])
try:
client = ldap.initialize(app.config['LDAP_URI'])
client.set_option(ldap.OPT_REFERRALS, 0)
if app.config['LDAP_STARTTLS']:
client.start_tls_s()
client.simple_bind_s(dn, request.form['password'])
except ldap.INVALID_CREDENTIALS:
client.unbind()
errors.append("Invalid username or password.")
except ldap.SERVER_DOWN as e:
errors.append("Could not contact the LDAP server.")
app.logger.error("Could not contact the LDAP server: "
"{}".format(e))
else:
result = client.search_s(dn, ldap.SCOPE_SUBTREE)
user = User.query.filter(
User.username == result[0][1]['uid'][0]).first()
if user is None:
# create new user in the database, since one does not
# already exist for this LDAP user
user = User(result[0][1]['uid'][0],
result[0][1]['cn'][0],
result[0][1]['mail'][0])
db.session.add(user)
db.session.commit()
else:
# update existing user data in database
user.name = result[0][1]['cn'][0]
user.email = result[0][1]['mail'][0]
db.session.commit()
login_user(user)
session['username'] = user.username
session['access'] = []
if ldap_group_test(client, app.config['LDAP_GROUPS_ADMIN'],
user.username):
session['access'].append('admin')
if ldap_group_test(client,
app.config['LDAP_GROUPS_LIBRARY'],
user.username):
session['access'].append('library')
if ldap_group_test(client,
app.config['LDAP_GROUPS_RADIOTHON'],
user.username):
session['access'].append('missioncontrol')
if ldap_group_test(client,
app.config['LDAP_GROUPS_BUSINESS'],
user.username):
session['access'].append('business')
app.logger.warning("LDAP user {} logged in.".format(
user.username))
client.unbind()
return redirect_back('admin.index')
else:
errors.append("Invalid username or password.")
else:
user = User.query.filter(
User.username == request.form['username']).first()
if user and user.check_password(request.form['password']):
login_user(user)
session['username'] = user.username
session['access'] = ['admin', 'library', 'missioncontrol', 'business']
app.logger.warning("Database user {} logged in.".format(
user.username))
return redirect_back('admin.index')
else:
errors.append("Invalid username or password.")
return render_template('auth/login.html',
next=request.values.get('next') or "",
errors=errors)
db.create_all()
dj = DJ("Automation", "Automation", False)
db.session.add(dj)
db.session.commit()
cats = [Category("News", "news", True), Category("Sports", "sports", True),
Category("Weather", "weather", True),
Category("Woove", "woove", True)]
for cat in cats:
db.session.add(cat)
# There must be a user called 'admin'. This is hardcoded in everything to be the superuser.
user = User("admin", "admin", "*****@*****.**")
user.set_password("Password1!")
db.session.add(user)
# The first Rotation must be the default
db.session.add(Rotation("None"));
# Test data
db.session.add(Track('The Divine Conspiracy', 'Epica', 'The Divine Conspiracy', 'Avalon'))
db.session.add(Track('Second Stone', 'Epica', 'The Quantum Enigma', 'Nuclear Blast'))
map(db.session.add, map(Rotation, ["Metal", "New Music", "Jazz", "Rock", "Americana"]))
db.session.commit()
