def deploy(session, task, domain, owner_email, environment_name, technical_contact_email, theme_name=None, default_language=u'it', database_password=None, enabled=True): env = Environment.get(session, environment_name) theme = None if not theme_name else Theme.get(session, theme_name) owner = User.get(session, owner_email) technical_contact = User.get(session, technical_contact_email) instance = Instance.deploy(session, domain, owner, env, technical_contact, theme, default_language, database_password, enabled) return instance.id
def create_no_upload(context, request): try: name = request.params['name'] parent_name = request.params.get('parent', None) version = request.params['version'] author_email = request.params['author'] owner_email = request.params['owner'] banner_width = request.params['banner_width'] banner_height = request.params['banner_height'] logo_width = request.params['logo_width'] logo_height = request.params['logo_height'] main_menu_levels = request.params['main_menu_levels'] template_levels = request.params['template_levels'] image_full_size = request.params['image_full_size'] owner = User.get(request.db_session, owner_email) author = User.get(request.db_session, author_email) if parent_name: parent = Theme.get(request.db_session, parent_name) else: parent = None # check if a theme exists in package aybu.themes __import__('aybu.themes.{}'.format(name)) t = Theme(name=name, parent=parent, author=author, version=version, owner=owner, banner_width=banner_width, banner_height=banner_height, logo_width=logo_width, logo_height=logo_height, main_menu_levels=main_menu_levels, template_levels=template_levels, image_full_size=image_full_size) request.db_session.add(t) request.db_session.flush() except (KeyError, NoResultFound) as e: raise ParamsError(e) except ImportError as e: error = 'Theme {} does not exists in aybu.themes package'.format(name) raise HTTPPreconditionFailed(headers={'X-Request-Error': error}) except IntegrityError as e: error = 'Theme with name {} already exists'.format(name) request.db_session.rollback() raise HTTPConflict(headers={'X-Request-Error': error}) else: request.db_session.commit() raise HTTPCreated()
def login(context, request): email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) # non-admin users cannot check if another user has permissions on a # given instance if authenticated_userid(request) != email and \ 'admin' not in effective_principals(request): return generate_empty_response(HTTPForbidden(), request, 403) try: # the domain could be an alias. We need the instance domain domain = Alias.get(request.db_session, request.params['domain'])\ .instance.domain except NoResultFound: domain = request.params['domain'] except KeyError: log.error('No domain in request for users.login') return generate_empty_response(HTTPForbidden(), request, 403) instance = Instance.get_by_domain(request.db_session, domain) if not user.can_access(instance): log.error('%s cannot login on %s', email, domain) return generate_empty_response(HTTPForbidden(), request, 403) return user.to_dict()
def instances_allowed_for_user(context, request): email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) res = {} for instance in Instance.all(request.db_session): if user.can_access(instance): res[instance.domain] = instance.to_dict() return res
def info(context, request): email = urllib.unquote(request.matchdict['email']) principals = effective_principals(request) # a "normal" user get info about itself. if not set(('admin', email)) & set(principals): return generate_empty_response(HTTPForbidden(), request, 403) return User.get(request.db_session, email).to_dict()
def update(context, request): params = dict() theme = Theme.get(request.db_session, request.matchdict['name']) try: for attr in ('owner', 'author'): value = request.params.get(attr) if value: params[attr] = User.get(request.db_session, value) except NoResultFound: raise ParamsError('No user with email {}'.format(value)) try: attr = 'parent' parent = request.params.get(attr) if parent: parent = Theme.get(request.db_session, parent) params[attr] = parent except NoResultFound: raise ParamsError('No theme named {}'.format(value)) for attr in ('version', 'banner_height', 'banner_width', 'logo_height', 'logo_width', 'main_menu_levels', 'template_levels', 'name', 'image_full_size'): value = request.params.get(attr) if value: params[attr] = value if not params: raise ParamsError('Missing update fields') try: if 'name' in params and params['name'] != theme.name: raise NotImplementedError('Changing theme name is not supported') __import__('aybu.themes.{}'.format(params['name'])) for param in params: setattr(theme, param, params[param]) request.db_session.flush() except ImportError as e: error = 'Theme {} does not exists in aybu.themes package'\ .format(params['name']) raise HTTPPreconditionFailed(headers={'X-Request-Error': error}) except IntegrityError as e: request.db_session.rollback() raise HTTPConflict(headers={'X-Request-Error': str(e)}) else: request.db_session.commit() return theme.to_dict()
def allowed_users_for_instance(context, request): domain = request.matchdict['domain'] instance = Instance.get_by_domain(request.db_session, domain) res = {} for user in User.all(request.db_session): if user.can_access(instance): res[user.email] = user.to_dict() return res
def check_user(self, credentials, request): username = credentials['username'] password = credentials['password'] try: user = User.check(request.db_session, username, password) except: return None else: groups = [group.name for group in user.groups] return groups
def delete(context, request): try: email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) user.delete() request.db_session.flush() except IntegrityError: request.db_session.rollback() raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Cannot delete user {}. You must '\ 'delete owner themes/instances first'.format(email)}) else: request.db_session.commit() raise HTTPNoContent()
def list(context, request): return {u.email: u.to_dict() for u in User.all(request.db_session)}
def update(context, request): email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) principals = effective_principals(request) # an "normal" user can update only itself if not set(('admin', email)) & set(principals): return generate_empty_response(HTTPForbidden(), request, 403) params = {} for attr in ('email', 'password', 'name', 'surname', 'company', 'web', 'twitter'): value = request.params.get(attr) if value: params[attr] = value # only admins can change users groups if 'admin' in principals and 'groups' in request.params: groups = [g for g in request.params.getall('groups') if g] if not groups: params['groups'] = [] else: params['groups'] = Group.search( request.db_session, filters=(Group.name.in_(groups), ) ) if len(groups) != len(params['groups']): raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Invalid groups {}'\ .format(','.join(groups))}) if not 'admin' and 'organization' in request.params: return generate_empty_response(HTTPForbidden(), request, 403) elif 'organization' in request.params: organization_name = request.params['organization'] if not organization_name: params['organization'] = None else: try: params['organization'] = Group.get(request.db_session, organization_name) except NoResultFound: raise HTTPPreconditionFailed(headers={ 'X-Request-Error': 'Invalid group {}'\ .format(organization_name) }) if not params: raise ParamsError('Missing update fields') try: for param in params: setattr(user, param, params[param]) request.db_session.flush() except IntegrityError: error = 'An user with email {} already exists'.format(params['email']) raise HTTPPreconditionFailed(headers={'X-Request-Error': error}) else: request.db_session.commit() return user.to_dict()
def deploy(context, request): try: params = dict( domain=request.params['domain'], owner_email=request.params['owner_email'], environment_name=request.params['environment_name'], technical_contact_email=request.params.get( 'technical_contact_email', request.params['owner_email']), theme_name=request.params.get('theme_name'), default_language=request.params.get('default_language', u'it'), database_password=request.params.get('database_password'), enabled=True if request.params.get('enabled') else False, verbose=True if request.params.get('verbose') else False, ) check_domain_not_used(request, params['domain']) params['domain'] = validate_hostname(params['domain']) # try to get the instance, as it MUST not exists Instance.get_by_domain(request.db_session, params['domain']) except KeyError as e: log.exception("Error validating params") raise ParamsError(e) except NoResultFound: # no instance found, validate relations. try: field = 'owner_email' cls = 'user' User.log.debug("Validating owner %s", params[field]) owner = User.get(request.db_session, params[field]) if not owner: raise NoResultFound() if params['technical_contact_email'] != params['owner_email']: field = 'technical_contact_email' User.log.debug("Validating contact %s", params[field]) ctc = User.get(request.db_session, params[field]) if not ctc: raise NoResultFound() field = 'environment_name' cls = 'environment' Environment.log.debug("validating environment %s", params[field]) env = Environment.get(request.db_session, params[field]) if not env: raise NoResultFound() field = 'theme_name' cls = 'theme' if params[field]: Theme.log.debug("Validating theme %s", params[field]) theme = Theme.get(request.db_session, params[field]) if not theme: raise NoResultFound() except NoResultFound: raise ParamsError('{} "{}" for {} not found'\ .format(cls.title(), params[field], field)) else: log.info("Submitting task") # relations exists, submit tasks return request.submit_task('instance.deploy', **params) else: # found instance, conflict error = 'instance for domain {} already exists'\ .format(params['domain']) raise HTTPConflict(headers={'X-Request-Error': error})