def validate_authentication(self, username, apikey, handler):
"""Raises AuthenticationFailed if supplied username and
password don't match the stored credentials, else return
None.
"""
msg = "Authentication failed."
if apikey == 'anonymous':
return
if apikey != 'anonymous':
user = None
if self.cfg['web']['local_endpoint']:
user_req = requests.get(self.cfg['web']['local_endpoint'] +
'/api/info/apikey/' + apikey)
if not user_req.status_code == 200:
raise AuthenticationFailed(
'Wrong or failed authentication')
user = user_req.json()
else:
user = BmajUser.get_user_by_apikey(apikey)
bank = self.db.banks.find_one({'name': username})
if not bank:
logging.error('Bank not found: ' + username)
raise AuthenticationFailed('Bank does not exists')
if bank['properties']['visibility'] != 'public':
if user['id'] != bank['properties']['owner']:
if 'members' not in bank['properties'] or user[
'id'] not in bank['properties']['members']:
raise AuthenticationFailed(
'Not allowed to access to this bank')
if len(bank['production']) == 0:
raise AuthenticationFailed('No production release available')
self.bank = bank
def get_user_by_apikey(apikey):
'''
Get a user from his api key
'''
user = BmajUser.get_user_by_apikey(apikey)
if user:
del user['_id']
if 'hashed_password' in user:
del user['hashed_password']
return jsonify({'user': user})
def validate_authentication(self, username, apikey, handler):
"""Raises AuthenticationFailed if supplied username and
password don't match the stored credentials, else return
None.
"""
# msg = "Authentication failed."
#anonymous user : we defined the user as anonymous
proxy = Utils.get_service_endpoint(self.cfg, 'user')
if username == "biomaj_default":
user = {}
user['id'] = "BMJ_default"
elif proxy:
user_req = requests.get(proxy + '/api/user/info/apikey/' + apikey)
if not user_req.status_code == 200:
raise AuthenticationFailed('Wrong or failed authentication')
user = user_req.json()
else:
user = BmajUser.get_user_by_apikey(apikey)
if not user:
self.logger.error('User not found: ' + username)
raise AuthenticationFailed('User does not exists')
#Determining the authorized path
dict_bank = {}
for db_entry in self.db.banks.find():
home_dir = self.get_home_dir(username, db_entry)
dict_bank[home_dir] = [
db_entry['properties']['visibility'],
db_entry['properties']['owner']
]
self.bank = dict_bank
#Create a new user for biomaj server with specific permission
if not self.has_user(username):
self.add_user(username, apikey, self.get_home_dir(username))
for directory in dict_bank:
if dict_bank[directory][0] == "public":
perm = "elr"
self.override_perm(username, directory, perm, recursive=True)
elif dict_bank[directory][
1] == username and dict_bank[directory][0] != "public":
perm = "elr"
self.override_perm(username, directory, perm, recursive=True)
elif username == "biomaj_default" or dict_bank[directory][
0] != "public": #biomaj_default user and private bank
perm = ""
self.override_perm(username, directory, perm, recursive=True)
return
def get_user_by_apikey(apikey):
user = BmajUser.get_user_by_apikey(apikey)
del user['_id']
del user['hashed_password']
return jsonify({'user': user})