def migrate_to_external_account(user_settings_document):
user_info = utils.get_user_info(
access_key=user_settings_document['access_key'],
secret_key=user_settings_document['secret_key'])
user = User.load(user_settings_document['owner'])
if not user_info:
return (None, None, None)
new = False
try:
external_account = ExternalAccount.find_one(
Q('provider_id', 'eq', user_info.id))
logger.info(
'Duplicate account use found: s3usersettings {0} with id {1}'.
format(user_settings_document['_id'], user._id))
except NoResultsFound:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_info.id,
oauth_key=user_settings_document['access_key'],
oauth_secret=user_settings_document['secret_key'],
display_name=user_info.display_name,
)
external_account.save()
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def migrate_to_external_account(user_settings_document):
user_info = utils.get_user_info(access_key=user_settings_document['access_key'], secret_key=user_settings_document['secret_key'])
user = User.load(user_settings_document['owner'])
if not user_info:
return (None, None, None)
new = False
try:
external_account = ExternalAccount.find_one(Q('provider_id', 'eq', user_info.id))
logger.info('Duplicate account use found: s3usersettings {0} with id {1}'.format(user_settings_document['_id'], user._id))
except NoResultsFound:
new = True
external_account = ExternalAccount(
provider=PROVIDER,
provider_name=PROVIDER_NAME,
provider_id=user_info.id,
oauth_key=user_settings_document['access_key'],
oauth_secret=user_settings_document['secret_key'],
display_name=user_info.display_name,
)
external_account.save()
user.external_accounts.append(external_account)
user.save()
return external_account, user, new
def s3_add_user_account(auth, **kwargs):
"""Verifies new external account credentials and adds to user's list"""
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
user_info = utils.get_user_info(access_key, secret_key)
if not user_info:
return {
'message':
('Unable to access account.\n'
'Check to make sure that the above credentials are valid, '
'and that they have permission to list buckets.')
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message':
('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM'
)
}, httplib.BAD_REQUEST
account = None
try:
account = ExternalAccount(
provider=SHORT_NAME,
provider_name=FULL_NAME,
oauth_key=access_key,
oauth_secret=secret_key,
provider_id=user_info.id,
display_name=user_info.display_name,
)
account.save()
except ValidationError:
# ... or get the old one
account = ExternalAccount.objects.get(provider=SHORT_NAME,
provider_id=user_info.id)
if account.oauth_key != access_key or account.oauth_secret != secret_key:
account.oauth_key = access_key
account.oauth_secret = secret_key
account.save()
assert account is not None
if not auth.user.external_accounts.filter(id=account.id).exists():
auth.user.external_accounts.add(account)
# Ensure S3 is enabled.
auth.user.get_or_add_addon('s3', auth=auth)
auth.user.save()
return {}
def s3_add_user_account(auth, **kwargs):
"""Verifies new external account credentials and adds to user's list"""
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
user_info = utils.get_user_info(access_key, secret_key)
if not user_info:
return {
'message': ('Unable to access account.\n'
'Check to make sure that the above credentials are valid, '
'and that they have permission to list buckets.')
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message': ('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM')
}, httplib.BAD_REQUEST
account = None
try:
account = ExternalAccount(
provider=SHORT_NAME,
provider_name=FULL_NAME,
oauth_key=access_key,
oauth_secret=secret_key,
provider_id=user_info.id,
display_name=user_info.display_name,
)
account.save()
except ValidationError:
# ... or get the old one
account = ExternalAccount.objects.get(
provider=SHORT_NAME,
provider_id=user_info.id
)
if account.oauth_key != access_key or account.oauth_secret != secret_key:
account.oauth_key = access_key
account.oauth_secret = secret_key
account.save()
assert account is not None
if not auth.user.external_accounts.filter(id=account.id).exists():
auth.user.external_accounts.add(account)
# Ensure S3 is enabled.
auth.user.get_or_add_addon('s3', auth=auth)
auth.user.save()
return {}
def add_account(json_request, institution_id, addon_name):
try:
access_key = json_request['access_key']
secret_key = json_request['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
user_info = get_user_info(access_key, secret_key)
if not user_info:
return {
'message': ('Unable to access account.\n'
'Check to make sure that the above credentials are valid, '
'and that they have permission to list buckets.')
}, httplib.BAD_REQUEST
if not can_list(access_key, secret_key):
return {
'message': ('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM')
}, httplib.BAD_REQUEST
account = None
try:
account = ExternalAccount(
provider=SHORT_NAME,
provider_name=FULL_NAME,
oauth_key=access_key,
oauth_secret=secret_key,
provider_id=user_info.id,
display_name=user_info.display_name,
)
account.save()
except ValidationError:
# ... or get the old one
account = ExternalAccount.objects.get(
provider=SHORT_NAME,
provider_id=user_info.id
)
if account.oauth_key != access_key or account.oauth_secret != secret_key:
account.oauth_key = access_key
account.oauth_secret = secret_key
account.save()
assert account is not None
rdm_addon_option = get_rdm_addon_option(institution_id, addon_name)
if not rdm_addon_option.external_accounts.filter(id=account.id).exists():
rdm_addon_option.external_accounts.add(account)
return {}, httplib.OK