def __savePermsOfAdminToTemplateCheckInput(self,admin_username,template_name):
admin_main.getLoader().checkAdminName(admin_username)
if not len(template_name) or not template_name.isalnum():
raise GeneralException(errorText("PERMISSION","INVALID_PERM_TEMPLATE_NAME")%template_name)
self.__checkDuplicateTemplateName(template_name)
def applyConditions(self):
"""
Apply conditions on tables, should check conditions here
"""
deposit_change_table = self.search_helper.getTable(
"admin_deposit_change")
deposit_change_table.exactSearch(
self.search_helper,
"from_admin", "admin_id", lambda owner_name: admin_main.getLoader(
).getAdminByName(owner_name).getAdminID())
deposit_change_table.exactSearch(
self.search_helper,
"to_admin", "to_admin_id", lambda owner_name: admin_main.getLoader(
).getAdminByName(owner_name).getAdminID())
self.search_helper.setCondValue("change_time_from_op", ">=")
deposit_change_table.dateSearch(self.search_helper, "change_time_from",
"change_time_from_unit",
"change_time_from_op", "change_time")
self.search_helper.setCondValue("change_time_to_op", "<")
deposit_change_table.dateSearch(self.search_helper, "change_time_to",
"change_time_to_unit",
"change_time_to_op", "change_time")
def __addNewUsersCheckInput(self, _count, credit, owner_name, creator_name,
group_name, remote_address,
credit_change_comment, user_ids):
if not isInt(_count) or _count <= 0:
raise GeneralException(
errorText("USER_ACTIONS", "INVALID_USER_COUNT") % _count)
if not isFloat(credit):
raise GeneralException(
errorText("USER_ACTIONS", "CREDIT_NOT_FLOAT"))
if credit < 0:
raise GeneralException(
errorText("USER_ACTIONS", "CREDIT_MUST_BE_POSITIVE"))
admin_main.getLoader().checkAdminName(owner_name)
admin_main.getLoader().checkAdminName(creator_name)
group_main.getLoader().checkGroupName(group_name)
if user_ids:
if len(user_ids) != _count:
raise GeneralException(
errorText("USER_ACTIONS", "USER_IDS_COUNT_NOT_MATCH"))
for user_id in user_ids:
if not isInt(user_id):
raise GeneralException(
errorText("USER", "INVALID_USER_ID") % user_id)
def __addGroupCheckInput(self,group_name,comment,owner_id):
if not isValidName(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name)
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name)
admin_main.getLoader().checkAdminID(owner_id)
def deleteFromPermValues(self,admin_username,perm_name,perm_value): self.__deleteFromPermValuesCheckInput(admin_username,perm_name,perm_value) admin_obj=admin_main.getLoader().getAdminByName(admin_username) admin_perm_obj=admin_obj.getPerms()[perm_name] self.__checkDeleteValue(admin_obj,admin_perm_obj,perm_value) new_value=admin_perm_obj.multi_value.delValue(perm_value) self.__updatePermValueDB(admin_obj,perm_name,new_value) admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def getOwnerObj(self):
try:
return admin_main.getLoader().getAdminByID(self.owner_id)
except GeneralException:
toLog(
"Can't load owner object with id %s, using system..." %
self.owner_id, LOG_ERROR)
return admin_main.getLoader().getAdminByID(0)
def __delUserCheckInput(self, user_ids, comment, del_connections,
del_audit_logs, admin_name, remote_address):
admin_main.getLoader().checkAdminName(admin_name)
if not iplib.checkIPAddr(remote_address):
raise GeneralException(
errorText("GENERAL", "INVALID_IP_ADDRESS") % remote_address)
if len(user_ids) == 0:
raise GeneralException(
errorText("USER_ACTIONS", "INVALID_USER_COUNT") % 0)
def checkInput(self, src, action, arg_dic):
admin_obj = arg_dic["admin_obj"]
def checkChangeOwnerPerms(loaded_user):
if admin_obj.getUsername() != self.admin_name:
admin_obj.canDo("CHANGE USERS OWNER")
map(checkChangeOwnerPerms, arg_dic["users"])
admin_main.getLoader().checkAdminName(self.admin_name)
def deleteFromPermValues(self, admin_username, perm_name, perm_value):
self.__deleteFromPermValuesCheckInput(admin_username, perm_name,
perm_value)
admin_obj = admin_main.getLoader().getAdminByName(admin_username)
admin_perm_obj = admin_obj.getPerms()[perm_name]
self.__checkDeleteValue(admin_obj, admin_perm_obj, perm_value)
new_value = admin_perm_obj.multi_value.delValue(perm_value)
self.__updatePermValueDB(admin_obj, perm_name, new_value)
admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def deletePermission(self, admin_username, perm_name):
"""
delete permission "perm_name" from admin "admin_username"
"""
self.__deletePermissionCheckInput(admin_username, perm_name)
admin_obj = admin_main.getLoader().getAdminByName(admin_username)
self.__checkDependenciesOfPerm(admin_obj, perm_name)
self.__deletePermissionDB(admin_obj, perm_name)
admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def loadPermTemplateToAdmin(self,template_name,admin_username): """ load permissions in template into admin permissions. WARNING: This will delete all of admin permissions """ self.__loadPermTemplateToAdminCheckInput(template_name,admin_username) admin_obj=admin_main.getLoader().getAdminByName(admin_username) self.__loadPermTemplateToAdminDB(template_name,admin_obj) admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def checkInput(self, src, action, arg_dic):
admin_obj = arg_dic["admin_obj"]
def checkChangeOwnerPerms(loaded_user):
if admin_obj.getUsername() != self.admin_name:
admin_obj.canDo("CHANGE USERS OWNER")
map(checkChangeOwnerPerms, arg_dic["users"])
admin_main.getLoader().checkAdminName(self.admin_name)
def loadPermTemplateToAdmin(self, template_name, admin_username):
"""
load permissions in template into admin permissions.
WARNING: This will delete all of admin permissions
"""
self.__loadPermTemplateToAdminCheckInput(template_name, admin_username)
admin_obj = admin_main.getLoader().getAdminByName(admin_username)
self.__loadPermTemplateToAdminDB(template_name, admin_obj)
admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def deletePermission(self,admin_username,perm_name): """ delete permission "perm_name" from admin "admin_username" """ self.__deletePermissionCheckInput(admin_username,perm_name) admin_obj=admin_main.getLoader().getAdminByName(admin_username) self.__checkDependenciesOfPerm(admin_obj,perm_name) self.__deletePermissionDB(admin_obj,perm_name) admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def __updateGroupCheckInput(self,group_id,group_name,comment,owner_name):
group_obj=group_main.getLoader().getGroupByID(group_id)
if group_obj.getGroupName()!=group_name:
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name)
if not isValidName(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name)
admin_main.getLoader().checkAdminName(owner_name)
def __savePermsOfAdminToTemplateCheckInput(self, admin_username,
template_name):
admin_main.getLoader().checkAdminName(admin_username)
if not len(template_name) or not template_name.isalnum():
raise GeneralException(
errorText("PERMISSION", "INVALID_PERM_TEMPLATE_NAME") %
template_name)
self.__checkDuplicateTemplateName(template_name)
def __createReportResult(self, result, date_type):
for row in result:
row["change_time_formatted"] = AbsDate(
row["change_time"], "gregorian").getDate(date_type)
row["from_admin_name"] = admin_main.getLoader().getAdminByID(
row["admin_id"]).getUsername()
row["to_admin_name"] = admin_main.getLoader().getAdminByID(
row["to_admin_id"]).getUsername()
return result
def __addGroupCheckInput(self, group_name, comment, owner_id):
if not isValidName(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_INVALID") % group_name)
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name)
admin_main.getLoader().checkAdminID(owner_id)
def __addChargeCheckInput(self,name,comment,charge_type,admin_id,visible_to_all):
"""
check addCharge inputs validity
raise exception on bad input
"""
admin_main.getLoader().checkAdminID(admin_id)
checkDBBool(visible_to_all,"Visible to all")
self.__checkChargeType(charge_type)
if charge_main.getLoader().chargeNameExists(name):
raise GeneralException(errorText("CHARGES","CHARGE_NAME_EXISTS") % name)
if not isValidName(name):
raise GeneralException(errorText("CHARGES","INVALID_CHARGE_NAME") % name)
def __addNewUsersCheckInput(self,_count,credit,owner_name,creator_name,group_name,remote_address,credit_change_comment):
if not isInt(_count) or _count<=0:
raise GeneralException(errorText("USER_ACTIONS","INVALID_USER_COUNT")%_count)
if not isFloat(credit):
raise GeneralException(errorText("USER_ACTIONS","CREDIT_NOT_FLOAT"))
if credit<0:
raise GeneralException(errorText("USER_ACTIONS","CREDIT_MUST_BE_POSITIVE"))
admin_main.getLoader().checkAdminName(owner_name)
admin_main.getLoader().checkAdminName(creator_name)
group_main.getLoader().checkGroupName(group_name)
def changePermission(self,admin_username,perm_name,perm_value): """ change permission of "admin_username" by setting "perm_name" value to "perm_value" if admin has this already this permission, value changes to "perm_value" or "perm_value" adds to other values regarding permission value type. """ self.__changePermissionCheckInput(admin_username,perm_name,perm_value) admin_obj=admin_main.getLoader().getAdminByName(admin_username) if not admin_obj.hasPerm(perm_name): self.__addNewPerm(admin_obj,perm_name,perm_value) else: self.__changePermValue(admin_obj,perm_name,perm_value) admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def __updateGroupCheckInput(self, group_id, group_name, comment,
owner_name):
group_obj = group_main.getLoader().getGroupByID(group_id)
if group_obj.getGroupName() != group_name:
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name)
if not isValidName(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_INVALID") % group_name)
admin_main.getLoader().checkAdminName(owner_name)
def changePermission(self, admin_username, perm_name, perm_value):
"""
change permission of "admin_username" by setting "perm_name" value to "perm_value"
if admin has this already this permission, value changes to "perm_value" or "perm_value"
adds to other values regarding permission value type.
"""
self.__changePermissionCheckInput(admin_username, perm_name,
perm_value)
admin_obj = admin_main.getLoader().getAdminByName(admin_username)
if not admin_obj.hasPerm(perm_name):
self.__addNewPerm(admin_obj, perm_name, perm_value)
else:
self.__changePermValue(admin_obj, perm_name, perm_value)
admin_main.getLoader().loadAdmin(admin_obj.getAdminID())
def __changeCreditCheckInput(self,user_ids,credit,changer_admin_name,remote_address,credit_change_comment,loaded_users):
if not isFloat(credit):
raise GeneralException(errorText("USER_ACTIONS","CREDIT_NOT_FLOAT"))
admin_main.getLoader().checkAdminName(changer_admin_name)
if not iplib.checkIPAddr(remote_address):
raise GeneralException(errorText("GENERAL","INVALID_IP_ADDRESS")%remote_address)
if len(user_ids)==0:
raise GeneralException(errorText("USER_ACTIONS","INVALID_USER_COUNT")%0)
for loaded_user in loaded_users:
if credit<0 and loaded_user.getBasicUser().getCredit()+credit<0:
raise GeneralException(errorText("USER_ACTIONS","CAN_NOT_NEGATE_CREDIT")%(loaded_user.getUserID(),loaded_user.getBasicUser().getCredit()))
def delUser(self,user_ids,comment,del_connections,admin_name,remote_address):
"""
delete users with ids in user_ids
comment: comment when deleting users
del_connection tells if we should delete user(s) connection logs too
"""
self.__delUserCheckInput(user_ids,comment,del_connections,admin_name,remote_address)
admin_obj=admin_main.getLoader().getAdminByName(admin_name)
map(lambda user_id:user_main.getUserPool().addToBlackList,user_ids)
try:
loaded_users=self.getLoadedUsersByUserID(user_ids)
total_credit=self.__delUserCheckUsers(loaded_users)
admin_deposit=total_credit*-1
ibs_query=IBSQuery()
ibs_query+=user_main.getCreditChangeLogActions().logCreditChangeQuery("DEL_USER",
admin_obj.getAdminID(),
user_ids,
0,
admin_deposit,
remote_address,
comment)
ibs_query+=admin_main.getActionManager().consumeDepositQuery(admin_obj.getAdminID(),admin_deposit)
self.__delUserQuery(ibs_query,user_ids,del_connections)
ibs_query.runQuery()
admin_obj.consumeDeposit(admin_deposit)
map(user_main.getUserPool().userChanged,user_ids)
finally:
map(lambda user_id:user_main.getUserPool().removeFromBlackList,user_ids)
def __checkAdminAuth(self):
"""
check authentication for admins
"""
admin_obj=admin_main.getLoader().getAdminByName(self.auth_name)
admin_obj.checkServerAuth(self.auth_pass,self.getRemoteAddr())
self.auth_name_obj=admin_obj
def delUser(self, user_ids, comment, del_connections, del_audit_logs,
admin_name, remote_address):
"""
delete users with ids in user_ids
comment: comment when deleting users
del_connection tells if we should delete user(s) connection logs too
"""
self.__delUserCheckInput(user_ids, comment, del_connections,
del_audit_logs, admin_name, remote_address)
admin_obj = admin_main.getLoader().getAdminByName(admin_name)
map(lambda user_id: user_main.getUserPool().addToBlackList, user_ids)
try:
loaded_users = self.getLoadedUsersByUserID(user_ids)
total_credit = self.__delUserCheckUsers(loaded_users)
admin_deposit = total_credit * -1
ibs_query = IBSQuery()
ibs_query += user_main.getCreditChangeLogActions(
).logCreditChangeQuery("DEL_USER", admin_obj.getAdminID(),
user_ids, 0, admin_deposit, remote_address,
comment)
ibs_query += admin_main.getActionManager().consumeDepositQuery(
admin_obj.getAdminID(), admin_deposit)
ibs_query += ias_main.getActionsManager().logEvent(
"DELETE_USER", admin_name, 0, ",".join(user_ids))
self.__delUserQuery(ibs_query, user_ids, del_connections,
del_audit_logs)
ibs_query.runQuery()
admin_obj.consumeDeposit(admin_deposit)
map(user_main.getUserPool().userChanged, user_ids)
finally:
map(lambda user_id: user_main.getUserPool().removeFromBlackList,
user_ids)
self.__postDelUser(loaded_users)
def __addChargeCheckInput(self, name, comment, charge_type, admin_id,
visible_to_all):
"""
check addCharge inputs validity
raise exception on bad input
"""
admin_main.getLoader().checkAdminID(admin_id)
checkDBBool(visible_to_all, "Visible to all")
self.__checkChargeType(charge_type)
if charge_main.getLoader().chargeNameExists(name):
raise GeneralException(
errorText("CHARGES", "CHARGE_NAME_EXISTS") % name)
if not isValidName(name):
raise GeneralException(
errorText("CHARGES", "INVALID_CHARGE_NAME") % name)
def getAdminInfo(self, date_type):
"""
return a dictionary of admin properties
normally contains username,name,comment,admin_id,deposit,creator_id
"""
return {
"username":
self.username,
"name":
self.name,
"comment":
self.comment,
"admin_id":
self.admin_id,
"deposit":
self.deposit,
"creator_id":
self.creator_id,
"creator":
admin_main.getLoader().getAdminByID(self.creator_id).getUsername(),
"locks":
map(lambda lock_obj: lock_obj.getLockInfo(), self.locks),
"last_request_ip":
self.activity_status["last_request_ip"],
"last_activity":
self.__getAdminLastActivity(date_type),
"online_status":
self.__getOnlineStatus()
}
def addNewUsersQuery(self,
_count,
credit,
owner_name,
group_name,
ibs_query,
user_ids=None):
"""
_count(integer): count of users
owner_name(string): name of owner admin
credit(float): amount of credit users will have,
group_name(string): name of group string
ibs_query(IBSQuery instance): IBSQuery instance we'll add query to
user_ids(None or list of int): user_ids to use for created users.
if set to None generate new ids
XXX: add this: if credit is an empty string, group initial_credit
is used, or an exception is raised if there's no initial_credit for user
return a list of user ids of newly added users
"""
owner_admin_obj = admin_main.getLoader().getAdminByName(owner_name)
group_obj = group_main.getLoader().getGroupByName(group_name)
if not user_ids:
user_ids = self.__generateUserIDs(_count)
self.__insertBasicUsersQueries(_count, user_ids, credit,
owner_admin_obj.getAdminID(),
group_obj.getGroupID(), ibs_query)
return user_ids
def __fixAdminNames(self, db_usages):
admin_usages = []
for row in db_usages:
admin_name = admin_main.getLoader().getAdminByID(
row["owner_id"]).getUsername()
admin_usages.append((admin_name, row["duration"]))
return admin_usages
def getChargeInfo(self):
return {"charge_id":self.getChargeID(),
"charge_name":self.getChargeName(),
"comment":self.comment,
"creator":admin_main.getLoader()[self.admin_id].getUsername(),
"charge_type":self._type,
"visible_to_all":self.visible_to_all
}
def run(self):
users_table = self.getSearchHelper().getTable("users")
users_table.exactSearch(
self.getSearchHelper(),
"owner_name",
"owner_id",
lambda x: admin_main.getLoader().getAdminByName(x).getAdminID(),
)
def getChargeInfo(self):
return {"charge_id":self.getChargeID(),
"charge_name":self.getChargeName(),
"comment":self.comment,
"creator":admin_main.getLoader()[self.admin_id].getUsername(),
"charge_type":self._type,
"visible_to_all":self.visible_to_all
}
def __checkAdminPerm(self,admin_username,perm_name):
"""
check if admin_username and perm_name is valid and also
admin_usernams has permission perm_name
"""
self.__checkAdminUsernameAndPerm(admin_username,perm_name)
if admin_main.getLoader().getAdminByName(admin_username).hasPerm(perm_name)!=1:
raise GeneralException(errorText("PERMISSION","DON_HAVE_PERMISSION"))
def __checkAdminAuth(self): """ check authentication for admins """ from core.admin import admin_main admin_obj=admin_main.getLoader().getAdminByName(self.auth_name) admin_obj.checkAuth(self.auth_pass,self.getRemoteAddr()) self.auth_name_obj=admin_obj
def login(self, request):
request.checkArgs("login_auth_name", "login_auth_type", "login_auth_pass")
if request["login_auth_type"] == request.ADMIN:
admin_main.getLoader().getAdminByName(request["login_auth_name"]).checkAuth(
Password(request["login_auth_pass"]), request.getRemoteAddr()
)
elif request["login_auth_type"] == request.NORMAL_USER:
pass
elif request["login_auth_type"] == request.VOIP_USER:
pass
elif request["login_auth_type"] == request.MAIL:
pass
elif request["login_auth_type"] == request.ANONYMOUS:
pass
else:
return request.returnErrorResponse(errorText("GENERAL", "ACCESS_DENIED"))
return 1
def savePermsOfAdminToTemplate(self,admin_username,template_name): """ save permissions of "admin_username" to template with name "template_name" """ self.__savePermsOfAdminToTemplateCheckInput(admin_username,template_name) admin_obj=admin_main.getLoader().getAdminByName(admin_username) template_id=self.__getNewTemplateID() self.__savePermsToTemplateDB(admin_obj,template_name,template_id)
def hasPerm(self,request):
"""
return True if admin has permission and else False
"""
request.needAuthType(request.ADMIN)
request.checkArgs("perm_name","admin_username")
if request.auth_name!=request["admin_username"]:
request.getAuthNameObj().canDo("SEE ADMIN PERMISSIONS")
return admin_main.getLoader().getAdminByName(request["admin_username"]).hasPerm(request["perm_name"])
def __repairAddUserSaves(self,add_user_saves,details_dic,date_type): for add_user_save in add_user_saves: add_user_save["add_date_formatted"]=AbsDate(add_user_save["add_date"],"gregorian").getDate(date_type) add_user_save["admin_name"]=admin_main.getLoader().getAdminByID(add_user_save["admin_id"]).getUsername() add_user_save["type_str"]=user_main.getAddUserSaveActions().getIDTypeStr(add_user_save["type"]) try: add_user_save["details"]=details_dic[add_user_save["add_user_save_id"]] except KeyError: add_user_save["details"]=((),(),())
def savePermsOfAdminToTemplate(self, admin_username, template_name):
"""
save permissions of "admin_username" to template with name "template_name"
"""
self.__savePermsOfAdminToTemplateCheckInput(admin_username,
template_name)
admin_obj = admin_main.getLoader().getAdminByName(admin_username)
template_id = self.__getNewTemplateID()
self.__savePermsToTemplateDB(admin_obj, template_name, template_id)
def __checkAdminPerm(self, admin_username, perm_name):
"""
check if admin_username and perm_name is valid and also
admin_usernams has permission perm_name
"""
self.__checkAdminUsernameAndPerm(admin_username, perm_name)
if admin_main.getLoader().getAdminByName(admin_username).hasPerm(
perm_name) != 1:
raise GeneralException(
errorText("PERMISSION", "DON_HAVE_PERMISSION"))
def getLockInfo(self):
return {
"lock_id":
self.lock_id,
"locker_admin":
admin_main.getLoader().getAdminByID(
self.locker_admin_id).getUsername(),
"reason":
self.reason
}
def getAllAdminUsernames(self, request):
request.needAuthType(request.ADMIN)
try:
request.getAuthNameObj().canDo("SEE ADMIN INFO")
except PermissionException:
return [request.getAuthNameObj().getUsername()]
usernames = admin_main.getLoader().getAllUsernames()
sorted = SortedList(usernames)
sorted.sort(0)
return sorted.getList()
def hasPerm(self, request):
"""
return True if admin has permission and else False
"""
request.needAuthType(request.ADMIN)
request.checkArgs("perm_name", "admin_username")
if request.auth_name != request["admin_username"]:
request.getAuthNameObj().canDo("SEE ADMIN PERMISSIONS")
return admin_main.getLoader().getAdminByName(
request["admin_username"]).hasPerm(request["perm_name"])
def updateGroup(self,group_id,group_name,comment,owner_name): """ update group information with id "group_id" notice that group_name is changable """ self.__updateGroupCheckInput(group_id,group_name,comment,owner_name) admin_obj=admin_main.getLoader().getAdminByName(owner_name) self.__updateGroupDB(group_id,group_name,comment,admin_obj.getAdminID()) group_main.getLoader().unloadGroup(group_id) group_main.getLoader().loadGroup(group_id)
def __repairCreditChangeDic(self, credit_changes, user_ids, date_type):
for change in credit_changes:
change["change_time_formatted"] = AbsDate(change["change_time"], "gregorian").getDate(date_type)
change["admin_name"] = admin_main.getLoader().getAdminByID(change["admin_id"]).getUsername()
change["action_text"] = user_main.getCreditChangeLogActions().getIDActionText(change["action"])
try:
change["user_ids"] = user_ids[change["credit_change_id"]]
except KeyError:
change["user_ids"] = []
return credit_changes
def updateGroup(self, group_id, group_name, comment, owner_name):
"""
update group information with id "group_id"
notice that group_name is changable
"""
self.__updateGroupCheckInput(group_id, group_name, comment, owner_name)
admin_obj = admin_main.getLoader().getAdminByName(owner_name)
self.__updateGroupDB(group_id, group_name, comment,
admin_obj.getAdminID())
group_main.getLoader().unloadGroup(group_id)
group_main.getLoader().loadGroup(group_id)
def getPermsOfAdmin(self,request):
"""
return a list of dics containing admin permission and sorted by permission name
each dic has "name, value, description, value_type, category" keys
"""
request.needAuthType(request.ADMIN)
request.checkArgs("admin_username")
admin_perms=admin_main.getLoader().getAdminByName(request["admin_username"]).getPerms()
perms_list=self.__getPermsListFromAdminPerms(admin_perms)
sorted=SortedList(perms_list)
sorted.sortByPostText('["name"]',0)
return sorted.getList()
def getAdminPermVal(self,request):
"""
return value of perm_name for admin_username
"""
request.needAuthType(request.ADMIN)
request.checkArgs("perm_name","admin_username")
if request.auth_name!=request["admin_username"]:
request.getAuthNameObj().canDo("SEE ADMIN PERMISSIONS")
perms=admin_main.getLoader().getAdminByName(request["admin_username"]).getPerms()
if not perms.has_key(request["perm_name"]):
return request.getErrorResponse(errorText("PERMISSION","DONT_HAVE_PERMISSION"))
return perms[request["perm_name"]].getValue()
def getAdminInfo(self):
"""
return a dictionary of admin properties
normally contains username,name,comment,admin_id,deposit,creator_id
"""
return {"username":self.username,
"name":self.name,
"comment":self.comment,
"admin_id":self.admin_id,
"deposit":self.deposit,
"creator_id":self.creator_id,
"creator":admin_main.getLoader().getAdminByID(self.creator_id).getUsername()
}
def __addAdminCondition(self, add_user_save_table):
admin_restricted = not self.search_helper.getRequesterObj().isGod(
) and self.search_helper.getRequesterObj().getPerms(
)["SEE SAVED USERNAME PASSWORDS"].isRestricted()
if admin_restricted:
add_user_save_table.getRootGroup().addGroup(
"admin_id=%s" %
self.search_helper.getRequesterObj().getAdminID())
else:
add_user_save_table.exactSearch(
self.search_helper, "admin", "admin_id",
lambda admin_username: admin_main.getLoader().getAdminByName(
admin_username).getAdminID())
def getPermsOfAdmin(self, request):
"""
return a list of dics containing admin permission and sorted by permission name
each dic has "name, value, description, value_type, category" keys
"""
request.needAuthType(request.ADMIN)
request.checkArgs("admin_username")
admin_perms = admin_main.getLoader().getAdminByName(
request["admin_username"]).getPerms()
perms_list = self.__getPermsListFromAdminPerms(admin_perms)
sorted = SortedList(perms_list)
sorted.sortByPostText('["name"]', 0)
return sorted.getList()
def login(self,request):
request.checkArgs("login_auth_name","login_auth_type","login_auth_pass")
if request["login_auth_type"]==request.ADMIN:
admin_main.getLoader().getAdminByName(request["login_auth_name"]).checkAuth(Password(request["login_auth_pass"]),\
request.getRemoteAddr())
elif request["login_auth_type"]==request.NORMAL_USER:
user_main.getServerAuth().checkAuth(request["login_auth_name"],Password(request["login_auth_pass"]),request["login_auth_type"])
elif request["login_auth_type"]==request.VOIP_USER:
user_main.getServerAuth().checkAuth(request["login_auth_name"],Password(request["login_auth_pass"]),request["login_auth_type"])
elif request["login_auth_type"]==request.MAIL:
pass
elif request["login_auth_type"]==request.ANONYMOUS:
pass
else:
raise GeneralException(errorText("GENERAL","ACCESS_DENIED"))
return True
def __repairCreditChangeDic(self, credit_changes, user_ids, date_type):
for change in credit_changes:
change["change_time_formatted"] = AbsDate(
change["change_time"], "gregorian").getDate(date_type)
change["admin_name"] = admin_main.getLoader().getAdminByID(
change["admin_id"]).getUsername()
change["action_text"] = user_main.getCreditChangeLogActions(
).getIDActionText(change["action"])
try:
change["user_ids"] = user_ids[change["credit_change_id"]]
except KeyError:
change["user_ids"] = []
return credit_changes
def addNewUsers(self,_count,credit,owner_name,creator_name,group_name,remote_address,credit_change_comment):
self.__addNewUsersCheckInput(_count,credit,owner_name,creator_name,group_name,remote_address,credit_change_comment)
admin_consumed_credit=credit*_count
ibs_query=IBSQuery()
ibs_query+=admin_main.getActionManager().consumeDeposit(creator_name,admin_consumed_credit)
try:
user_ids=self.addNewUsersQuery(_count,credit,owner_name,group_name,ibs_query)
creator_admin_obj=admin_main.getLoader().getAdminByName(creator_name)
ibs_query+=user_main.getCreditChangeLogActions().logCreditChangeQuery("ADD_USER",creator_admin_obj.getAdminID(),user_ids,credit,\
admin_consumed_credit,remote_address,credit_change_comment)
ibs_query.runQuery()
return user_ids
except:
admin_main.getActionManager().consumeDeposit(creator_name,-1*admin_consumed_credit,False) #re-add deposit to admin
raise
def __addUserIDCondition(self,con_table):
admin_restricted=not self.search_helper.getAdminObj().isGod() and self.search_helper.getAdminObj().getPerms()["SEE CONNECTION LOGS"].isRestricted()
if admin_restricted or self.search_helper.hasCondFor("owner"):
if admin_restricted:
owner_ids=(self.search_helper.getAdminObj().getAdminID(),)
else:
owner_name=self.search_helper.getCondValue("owner")
if type(owner_name)==types.StringType:
owner_name=(owner_name,)
owner_ids=map(lambda owner_name:admin_main.getLoader().getAdminByName(owner_name).getAdminID(),owner_name)
sub_query=self.__userOwnersConditionQuery(owner_ids)
self.search_helper.getTable("connection_log").getRootGroup().addGroup(sub_query)
con_table.exactSearch(self.search_helper,"user_ids","user_id",MultiStr)
def canDo(self,request):
"""
return True if "admin_username" canDo "perm_name" with params
"""
request.needAuthType(request.ADMIN)
request.checkArgs("perm_name","admin_username","params")
if request.auth_name!=request["admin_username"]:
request.getAuthNameObj().canDo("SEE ADMIN PERMISSIONS")
args=[request["perm_name"]]
args.extend(request["params"])
try:
apply(admin_main.getLoader().getAdminByName(request["admin_username"]).canDo,args)
return True
except PermissionException:
return False
def addNewUsersQuery(self,_count,credit,owner_name,group_name,ibs_query): """ _count(integer): count of users owner_name(string): name of owner admin credit(float): amount of credit users will have, group_name(string): name of group string ibs_query(IBSQuery instance): IBSQuery instance we'll add query to XXX: add this: if credit is an empty string, group initial_credit is used, or an exception is raised if there's no initial_credit for user return a list of user ids of newly added users """ owner_admin_obj=admin_main.getLoader().getAdminByName(owner_name) group_obj=group_main.getLoader().getGroupByName(group_name) user_ids=self.__generateUserIDs(_count) self.__insertBasicUsersQueries(_count,user_ids,credit,owner_admin_obj.getAdminID(),group_obj.getGroupID(),ibs_query) return user_ids
def getGroupInfo(self,request):
"""
group_name(string): group name to return info for
"""
request.needAuthType(request.ADMIN)
request.checkArgs("group_name")
requester=request.getAuthNameObj()
if not requester.canUseGroup(request["group_name"]):
raise GeneralException(errorText("GROUPS","ACCESS_TO_GROUP_DENIED"))
group_obj=group_main.getLoader().getGroupByName(request["group_name"])
return {"group_id":group_obj.getGroupID(),
"group_name":group_obj.getGroupName(),
"comment":group_obj.getComment(),
"owner_id":group_obj.getOwnerID(),
"owner_name":admin_main.getLoader().getAdminByID(group_obj.getOwnerID()).getUsername(),
"raw_attrs":group_obj.getAttrs(),
"attrs":user_main.getAttributeManager().parseAttrs(group_obj.getAttrs(),request.getDateType())
}
