def initialize_sql(engine, create=False):
"""Moved from init to avoid circular imports"""
real_meta = MetaData(engine, reflect=True)
apex_tables = ['auth_users', 'auth_groups']
tables = ['users',
'projects',
'authentication_backend',
'authentication_acl',
'authentication_role',
'authentication_grouprole',
'authentication_userrole',
'authentication_permission',
'jobs']
apex_create = False
DBSession.configure(bind=engine)
Base.metadata.bind = engine
apexmodels.Base.metadata.bind = engine
def reflect():
Base.metadata.reflect(engine)
apexmodels.Base.metadata.reflect()
for t in apex_tables:
if not t in real_meta.tables:
apex_create = True
for t in tables:
if not t in real_meta.tables:
create = True
if apex_create:
user.GroupRole.__table__.create(engine)
apexmodels.Base.metadata.create_all(engine)
reflect()
if create:
Base.metadata.create_all(engine)
reflect()
if apex_create:
apexmodels.initialize_sql(engine)
reflect()
reflect()
registry.register_default_keys(DBSession)
auth.register_default_permissions(DBSession)
auth.register_default_roles(DBSession)
auth.register_default_acls(DBSession)
def includeme(config):
settings = config.registry.settings
initialize_sql(engine_from_config(settings, 'sqlalchemy.'), settings)
config.registry.registerUtility(ApexImplementation, IApex)
config.add_translation_dirs('apex:locale/')
if not config.registry.queryUtility(ISessionFactory):
if not settings.has_key('apex.session_secret'):
raise ApexSessionSecret()
config.set_session_factory( \
UnencryptedCookieSessionFactoryConfig( \
settings.get('apex.session_secret')))
if not config.registry.queryUtility(IAuthorizationPolicy):
authz_policy = ACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
if not config.registry.queryUtility(IAuthenticationPolicy):
if not settings.has_key('apex.auth_secret'):
raise ApexAuthSecret()
authn_policy = AuthTktAuthenticationPolicy( \
settings.get('apex.auth_secret'), \
callback=groupfinder)
config.set_authentication_policy(authn_policy)
cache = RootFactory.__acl__
config.set_root_factory(RootFactory)
use_request_factory = asbool(settings.get('apex.use_request_factory',
True))
if use_request_factory:
config.set_request_factory(RequestFactory)
if not config.registry.queryUtility(IMailer):
config.include('pyramid_mailer')
if not settings.get('mako.directories'):
config.add_settings({'mako.directories': ['apex:templates']})
config.add_subscriber('apex.lib.subscribers.csrf_validation',
'pyramid.events.ContextFound')
config.add_subscriber('apex.lib.subscribers.add_renderer_globals',
'pyramid.events.BeforeRender')
config.add_static_view('apex/static', 'apex:static')
config.add_view(forbidden, context=Forbidden)
render_template = settings['apex.apex_render_template'] = settings.get(
'apex.apex_template', 'apex:templates/apex_template.mako')
config.add_route('apex_login', '/login')
config.add_view(login,
route_name='apex_login',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_logout', '/logout')
config.add_view(logout,
route_name='apex_logout',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_register', '/register')
config.add_view(register,
route_name='apex_register',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_password', '/password')
config.add_view(change_password,
route_name='apex_password',
renderer=render_template,
permission='authenticated')
config.add_route('apex_forgot', '/forgot')
config.add_view(forgot_password,
route_name='apex_forgot',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_reset', '/reset/:user_id/:hmac')
config.add_view(reset_password,
route_name='apex_reset',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_activate', '/activate/:user_id/:hmac')
config.add_view(activate,
route_name='apex_activate',
renderer=render_template,
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_callback', '/apex_callback')
config.add_view(apex_callback,
route_name='apex_callback',
permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_openid_required', '/openid_required')
config.add_view(openid_required, route_name= \
'apex_openid_required', \
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
if settings.has_key('apex.auth_profile'):
use_edit = asbool(settings.get('apex.use_apex_edit', False))
if use_edit:
config.add_route('apex_edit', '/edit')
config.add_view(edit, route_name='apex_edit', \
renderer=render_template, \
permission='authenticated')
def includeme(config):
settings = config.registry.settings
initialize_sql(engine_from_config(settings, 'sqlalchemy.'), settings)
config.registry.registerUtility(ApexImplementation, IApex)
config.add_translation_dirs('apex:locale/')
if not config.registry.queryUtility(ISessionFactory):
if not settings.has_key('apex.session_secret'):
raise ApexSessionSecret()
config.set_session_factory( \
UnencryptedCookieSessionFactoryConfig( \
settings.get('apex.session_secret')))
if not config.registry.queryUtility(IAuthorizationPolicy):
authz_policy = ACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
if not config.registry.queryUtility(IAuthenticationPolicy):
if not settings.has_key('apex.auth_secret'):
raise ApexAuthSecret()
authn_policy = AuthTktAuthenticationPolicy( \
settings.get('apex.auth_secret'), \
callback=groupfinder)
config.set_authentication_policy(authn_policy)
cache = RootFactory.__acl__
config.set_root_factory(RootFactory)
use_request_factory = asbool(settings.get('apex.use_request_factory', True))
if use_request_factory:
config.set_request_factory(RequestFactory)
if not config.registry.queryUtility(IMailer):
config.include('pyramid_mailer')
if not settings.get('mako.directories'):
config.add_settings({'mako.directories': ['apex:templates']})
config.add_subscriber('apex.lib.subscribers.csrf_validation',
'pyramid.events.ContextFound')
config.add_subscriber('apex.lib.subscribers.add_renderer_globals',
'pyramid.events.BeforeRender')
config.add_static_view('apex/static', 'apex:static')
config.add_view(forbidden, context=Forbidden, permission=NO_PERMISSION_REQUIRED)
render_template = settings['apex.apex_render_template'
] = settings.get('apex.apex_template',
'apex:templates/apex_template.mako')
config.add_route('apex_login', '/login')
config.add_view(login, route_name='apex_login',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_logout', '/logout')
config.add_view(logout, route_name='apex_logout',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_register', '/register')
config.add_view(register, route_name='apex_register',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_password', '/password')
config.add_view(change_password, route_name='apex_password',
renderer=render_template, permission='authenticated')
config.add_route('apex_forgot', '/forgot')
config.add_view(forgot_password, route_name='apex_forgot',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_reset', '/reset/:user_id/:hmac')
config.add_view(reset_password, route_name='apex_reset',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_activate', '/activate/:user_id/:hmac')
config.add_view(activate, route_name='apex_activate',
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_callback', '/apex_callback')
config.add_view(apex_callback, route_name='apex_callback', permission=NO_PERMISSION_REQUIRED)
config.add_route('apex_openid_required', '/openid_required')
config.add_view(openid_required, route_name= \
'apex_openid_required', \
renderer=render_template, permission=NO_PERMISSION_REQUIRED)
if settings.has_key('apex.auth_profile'):
use_edit = asbool(settings.get('apex.use_apex_edit', False))
if use_edit:
config.add_route('apex_edit', '/edit')
config.add_view(edit, route_name='apex_edit', \
renderer=render_template, \
permission='authenticated')
def includeme(config):
settings = config.registry.settings
initialize_sql(engine_from_config(settings, "sqlalchemy."), settings)
config.registry.registerUtility(ApexImplementation, IApex)
config.add_translation_dirs("apex:locale/")
if not config.registry.queryUtility(ISessionFactory):
if "apex.session_secret" not in settings:
raise ApexSessionSecret()
config.set_session_factory(UnencryptedCookieSessionFactoryConfig(settings.get("apex.session_secret")))
if not config.registry.queryUtility(IAuthorizationPolicy):
authz_policy = ACLAuthorizationPolicy()
config.set_authorization_policy(authz_policy)
if not config.registry.queryUtility(IAuthenticationPolicy):
if "apex.auth_secret" not in settings:
raise ApexAuthSecret()
authn_policy = AuthTktAuthenticationPolicy(
settings.get("apex.auth_secret"), hashalg="sha512", callback=groupfinder
)
config.set_authentication_policy(authn_policy)
cache = RootFactory.__acl__
config.set_root_factory(RootFactory)
use_request_factory = asbool(settings.get("apex.use_request_factory", True))
if use_request_factory:
config.set_request_factory(RequestFactory)
if not config.registry.queryUtility(IMailer):
config.include("pyramid_mailer")
if not settings.get("mako.directories"):
config.add_settings({"mako.directories": ["apex:templates"]})
config.add_subscriber("apex.lib.subscribers.csrf_validation", "pyramid.events.ContextFound")
config.add_subscriber("apex.lib.subscribers.add_renderer_globals", "pyramid.events.BeforeRender")
config.add_static_view("apex/static", "apex:static")
config.add_forbidden_view(forbidden)
render_template = settings["apex.apex_render_template"] = settings.get(
"apex.apex_template", "apex:templates/apex_template.mako"
)
config.add_route("apex_login", "/login")
config.add_view(login, route_name="apex_login", renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route("apex_logout", "/logout")
config.add_view(logout, route_name="apex_logout", renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route("apex_register", "/register")
config.add_view(register, route_name="apex_register", renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route("apex_password", "/password")
config.add_view(change_password, route_name="apex_password", renderer=render_template, permission="authenticated")
config.add_route("apex_forgot", "/forgot")
config.add_view(
forgot_password, route_name="apex_forgot", renderer=render_template, permission=NO_PERMISSION_REQUIRED
)
config.add_route("apex_reset", "/reset/:user_id/:hmac")
config.add_view(
reset_password, route_name="apex_reset", renderer=render_template, permission=NO_PERMISSION_REQUIRED
)
config.add_route("apex_activate", "/activate/:user_id/:hmac")
config.add_view(activate, route_name="apex_activate", renderer=render_template, permission=NO_PERMISSION_REQUIRED)
config.add_route("apex_add_auth", "/add_auth")
config.add_view(add_auth, route_name="apex_add_auth", renderer=render_template, permission="authenticated")
config.add_route("apex_callback", "/apex_callback")
config.add_view(apex_callback, route_name="apex_callback", permission=NO_PERMISSION_REQUIRED)
config.add_route("apex_openid_required", "/openid_required")
config.add_view(
openid_required, route_name="apex_openid_required", renderer=render_template, permission=NO_PERMISSION_REQUIRED
)
if "apex.auth_profile" in settings:
use_edit = asbool(settings.get("apex.use_apex_edit", False))
if use_edit:
config.add_route("apex_edit", "/edit")
config.add_view(edit, route_name="apex_edit", renderer=render_template, permission="authenticated")
def upgrade(migrate_engine):
initialize_sql(migrate_engine, {})
