def s3_add_user_account(auth, **kwargs): """Verifies new external account credentials and adds to user's list""" try: access_key = request.json['access_key'] secret_key = request.json['secret_key'] except KeyError: raise HTTPError(httplib.BAD_REQUEST) if not (access_key and secret_key): return { 'message': 'All the fields above are required.' }, httplib.BAD_REQUEST user_info = utils.get_user_info(access_key, secret_key) if not user_info: return { 'message': ('Unable to access account.\n' 'Check to make sure that the above credentials are valid, ' 'and that they have permission to list buckets.') }, httplib.BAD_REQUEST if not utils.can_list(access_key, secret_key): return { 'message': ('Unable to list buckets.\n' 'Listing buckets is required permission that can be changed via IAM' ) }, httplib.BAD_REQUEST account = None try: account = ExternalAccount( provider=SHORT_NAME, provider_name=FULL_NAME, oauth_key=access_key, oauth_secret=secret_key, provider_id=user_info.id, display_name=user_info.display_name, ) account.save() except ValidationError: # ... or get the old one account = ExternalAccount.objects.get(provider=SHORT_NAME, provider_id=user_info.id) if account.oauth_key != access_key or account.oauth_secret != secret_key: account.oauth_key = access_key account.oauth_secret = secret_key account.save() assert account is not None if not auth.user.external_accounts.filter(id=account.id).exists(): auth.user.external_accounts.add(account) # Ensure S3 is enabled. auth.user.get_or_add_addon('s3', auth=auth) auth.user.save() return {}
def s3_add_user_account(auth, **kwargs): """Verifies new external account credentials and adds to user's list""" try: access_key = request.json['access_key'] secret_key = request.json['secret_key'] except KeyError: raise HTTPError(httplib.BAD_REQUEST) if not (access_key and secret_key): return { 'message': 'All the fields above are required.' }, httplib.BAD_REQUEST user_info = utils.get_user_info(access_key, secret_key) if not user_info: return { 'message': ('Unable to access account.\n' 'Check to make sure that the above credentials are valid, ' 'and that they have permission to list buckets.') }, httplib.BAD_REQUEST if not utils.can_list(access_key, secret_key): return { 'message': ('Unable to list buckets.\n' 'Listing buckets is required permission that can be changed via IAM') }, httplib.BAD_REQUEST account = None try: account = ExternalAccount( provider=SHORT_NAME, provider_name=FULL_NAME, oauth_key=access_key, oauth_secret=secret_key, provider_id=user_info.id, display_name=user_info.display_name, ) account.save() except ValidationError: # ... or get the old one account = ExternalAccount.objects.get( provider=SHORT_NAME, provider_id=user_info.id ) if account.oauth_key != access_key or account.oauth_secret != secret_key: account.oauth_key = access_key account.oauth_secret = secret_key account.save() assert account is not None if not auth.user.external_accounts.filter(id=account.id).exists(): auth.user.external_accounts.add(account) # Ensure S3 is enabled. auth.user.get_or_add_addon('s3', auth=auth) auth.user.save() return {}
def add_account(json_request, institution_id, addon_name): try: access_key = json_request['access_key'] secret_key = json_request['secret_key'] except KeyError: raise HTTPError(httplib.BAD_REQUEST) if not (access_key and secret_key): return { 'message': 'All the fields above are required.' }, httplib.BAD_REQUEST user_info = get_user_info(access_key, secret_key) if not user_info: return { 'message': ('Unable to access account.\n' 'Check to make sure that the above credentials are valid, ' 'and that they have permission to list buckets.') }, httplib.BAD_REQUEST if not can_list(access_key, secret_key): return { 'message': ('Unable to list buckets.\n' 'Listing buckets is required permission that can be changed via IAM') }, httplib.BAD_REQUEST account = None try: account = ExternalAccount( provider=SHORT_NAME, provider_name=FULL_NAME, oauth_key=access_key, oauth_secret=secret_key, provider_id=user_info.id, display_name=user_info.display_name, ) account.save() except ValidationError: # ... or get the old one account = ExternalAccount.objects.get( provider=SHORT_NAME, provider_id=user_info.id ) if account.oauth_key != access_key or account.oauth_secret != secret_key: account.oauth_key = access_key account.oauth_secret = secret_key account.save() assert account is not None rdm_addon_option = get_rdm_addon_option(institution_id, addon_name) if not rdm_addon_option.external_accounts.filter(id=account.id).exists(): rdm_addon_option.external_accounts.add(account) return {}, httplib.OK
def credentials_are_valid(self, user_settings, client=None): if user_settings: for account in user_settings.external_accounts.all(): if utils.can_list(account.oauth_key, account.oauth_secret): return True return False