def CLI_login(self, CLIkey, userId, format="cli", **kwargs):
rootURL, local, sMessages, fMessages = cherrypy.request.app.config['filelocker']['root_url'], False, [], []
if session.query(ConfigParameter).filter(ConfigParameter.name == "cli_feature").one().value == 'Yes':
userId = strip_tags(userId)
CLIkey = strip_tags(CLIkey)
hostIP = Filelocker.get_client_address()
if(self.validIPv4.match(hostIP)):
hostIPv4 = hostIP
hostIPv6 = ""
elif(self.validIPv6.match(hostIP)):
hostIPv4 = ""
hostIPv6 = hostIP
self.directory = CLIDirectory.CLIDirectory()
if self.directory.authenticate(userId, CLIkey, hostIPv4, hostIPv6):
currentUser = AccountService.get_user(userId, True)
cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32]
if currentUser is not None:
session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address())))
session.commit()
sMessages.append(cherrypy.session['request-origin'])
else:
fMessages.append("Failure: Not Authorized!")
else:
fMessages.append("Failure: Not Authorized!")
else:
fMessages.append("Failure: CLI not supported by server!")
return fl_response(sMessages, fMessages, format)
def process_login(self, username, password, **kwargs):
rootURL, local = cherrypy.request.app.config['filelocker'][
'root_url'], False
if kwargs.has_key("local") and kwargs['local'] == str(True):
local = True
username = strip_tags(username)
if password is None or password == "":
raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" %
(rootURL, str(local)))
else:
directory = AccountService.ExternalDirectory(local)
if directory.authenticate(username, password):
cherrypy.session['request-origin'] = str(
os.urandom(32).encode('hex'))[0:32]
currentUser = AccountService.get_user(
username, True
) #if they are authenticated and local, this MUST return a user object
if currentUser is not None:
if not currentUser.authorized:
raise cherrypy.HTTPError(
403,
"You do not have permission to access this system")
session.add(
AuditLog(
cherrypy.session.get("user").id, "Login",
"User %s logged in successfully from IP %s" %
(currentUser.id, Filelocker.get_client_address())))
session.commit()
raise cherrypy.HTTPRedirect(rootURL)
else: #This should only happen in the case of a user existing in the external directory, but having never logged in before
try:
newUser = directory.lookup_user(username)
AccountService.install_user(newUser)
currentUser = AccountService.get_user(username, True)
if currentUser is not None and currentUser.authorized != False:
raise cherrypy.HTTPRedirect(rootURL)
else:
raise cherrypy.HTTPError(
403,
"You do not have permission to access this system"
)
except Exception, e:
return "Unable to install user: %s" % str(e)
else:
#Set status to scanning
if cherrypy.file_uploads.has_key(uploadKey):
for fileTransfer in cherrypy.file_uploads[uploadKey]:
if fileTransfer.file_object.name == upFile.file_object.name:
fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting"
#Check in the file
try:
FileService.check_in_file(tempFileName, newFile)
### Moved to check_in_file so the record can be trashed if virus scan fails
#session.add(newFile)
#session.commit()
#If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded
if uploadRequest is not None:
if uploadRequest.type == "single":
session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id))
attachedUploadRequest = session.query(UploadRequest).filter(UploadRequest.id == uploadRequest.id).one()
session.delete(attachedUploadRequest)
cherrypy.session['uploadRequest'].expired = True
else:
session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id))
checkInLog = AuditLog(user.id, Actions.UPLOAD, "File %s (%s) checked in to Filelocker: MD5 %s " % (newFile.name, newFile.id, newFile.md5))
if role is not None:
checkInLog.affected_role_id = role.id
session.add(checkInLog)
sMessages.append("File %s uploaded successfully." % str(fileName))
session.commit()
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find upload request with ID: %s" % str(uploadRequest.id))
except Exception, e:
cherrypy.log.error("[%s] [upload] [Couldn't check in file: %s]" % (user.id, str(e)))
def process_login(self, username, password, **kwargs):
rootURL, local = cherrypy.request.app.config['filelocker']['root_url'], False
if kwargs.has_key("local") and kwargs['local'] == str(True):
local = True
username = strip_tags(username)
if password is None or password == "":
raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local)))
else:
directory = AccountService.ExternalDirectory(local)
if directory.authenticate(username, password):
cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32]
currentUser = AccountService.get_user(username, True) #if they are authenticated and local, this MUST return a user object
if currentUser is not None:
if not currentUser.authorized:
raise cherrypy.HTTPError(403, "You do not have permission to access this system")
session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address())))
session.commit()
raise cherrypy.HTTPRedirect(rootURL)
else: #This should only happen in the case of a user existing in the external directory, but having never logged in before
try:
newUser = directory.lookup_user(username)
AccountService.install_user(newUser)
currentUser = AccountService.get_user(username, True)
if currentUser is not None and currentUser.authorized != False:
raise cherrypy.HTTPRedirect(rootURL)
else:
raise cherrypy.HTTPError(403, "You do not have permission to access this system")
except Exception, e:
return "Unable to install user: %s" % str(e)
else:
if cherrypy.file_uploads.has_key(uploadKey):
for fileTransfer in cherrypy.file_uploads[uploadKey]:
if fileTransfer.file_object.name == upFile.file_object.name:
fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting"
#Check in the file
try:
FileService.check_in_file(tempFileName, newFile)
### Moved to check_in_file so the record can be trashed if virus scan fails
#session.add(newFile)
#session.commit()
#If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded
if uploadRequest is not None:
if uploadRequest.type == "single":
session.add(
AuditLog(
Filelocker.get_client_address(),
Actions.UPLOAD_REQUEST_FULFILLED,
"File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired."
% (newFile.name), uploadRequest.owner_id))
attachedUploadRequest = session.query(
UploadRequest).filter(
UploadRequest.id == uploadRequest.id).one()
session.delete(attachedUploadRequest)
cherrypy.session['uploadRequest'].expired = True
else:
session.add(
AuditLog(
Filelocker.get_client_address(),
Actions.UPLOAD_REQUEST_FULFILLED,
"File %s has been uploaded by an external user to your Filelocker account."
% (newFile.name), uploadRequest.owner_id))
