Example #1
0
    def read(self, request, ticket="", group="", username=""):
        """
            Promote a user as manager of a group
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name
            username (string) : the username

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    group = VPHShareSmartGroup.objects.get(name=request.GET.get("group"))
                    user_to_promote = User.objects.get(username=request.GET.get("username"))

                    if not group.is_manager(user):
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    # add user to the managers
                    group.managers.add(user_to_promote)

                    # add user to the group and all sub groups
                    while group is not None:
                        group.user_set.add(user_to_promote)
                        try:
                            group = VPHShareSmartGroup.objects.get(parent=group)
                        except ObjectDoesNotExist, e:
                            group = None

                    response = HttpResponse(status=200)
                    response._is_string = True
                    response.write("OK")
                    return response

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response
Example #2
0
    def read(self, request, ticket="", group="", name=""):
        """
            Add a user to a smart group
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name
            name (string) : the username or the group name to add

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    group = VPHShareSmartGroup.objects.get(name=request.GET.get("group"))

                    if not group.is_manager(user):
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    try:
                        user_to_add = User.objects.get(username=request.GET.get("name"))
                        # add user to all children groups
                        if request.GET.get("recursive", False):
                            add_user_to_group(user_to_add, group)
                        else:
                            group.user_set.add(user_to_add)

                    except ObjectDoesNotExist, e:
                        try:
                            group_to_add = VPHShareSmartGroup.objects.get(name=request.GET.get("name"))
                            if not can_be_child(group_to_add, group):
                                response = HttpResponse(status=500, content="constraint violation circularity")
                                response._is_string = True
                                return response
                            group_to_add.parent = group
                            group_to_add.save()
                        except ObjectDoesNotExist, e:
                            response = HttpResponse(status=403)
                            response._is_string = True
                            return response

                    response = HttpResponse(status=200)
                    response._is_string = True
                    response.write("OK")
                    return response

                else:
Example #3
0
    def read(self, request, ticket="", name=""):
        """
            Delete a smart group
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    name = request.GET.get("group")

                    group = VPHShareSmartGroup.objects.get(name=name)

                    if not user in group.managers.all():
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    group.active = False
                    group.remove_users()
                    # remove this group from children parent reference
                    for child in VPHShareSmartGroup.objects.filter(parent=group):
                        child.parent = None
                        child.save()
                    group.parent = None
                    group.save()

                    response = HttpResponse(status=200)
                    response._is_string = True
                    response.write("OK")
                    return response

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response
Example #4
0
    def read(self, request, ticket="", group=""):
        """
            Given a group name, return the list of subscribers
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    try:
                        group = VPHShareSmartGroup.objects.get(name=request.GET.get("group"))
                    except ObjectDoesNotExist, e:
                        response = HttpResponse(status=404)
                        response._is_string = True
                        return response

                    return {
                        "users": [
                            {
                                "username": user.username,
                                "fullname": "%s %s" % (user.first_name, user.last_name),
                                "email": user.email,
                            }
                            for user in group.user_set.all()
                        ],
                        "groups": [
                            {"groupname": g.name, "subscribers": len(g.user_set.all())}
                            for g in VPHShareSmartGroup.objects.filter(parent=group)
                        ],
                    }

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response
Example #5
0
 def update(self, request, global_id=None, *args, **kwargs):
     try:
         client_address = request.META['REMOTE_ADDR']
         ticket = request.META.get('HTTP_MI_TICKET', '')
         if ticket:
             try:
                 user, tkt64 = authenticate(ticket=ticket, cip=client_address)
             except Exception, e:
                 return rc.FORBIDDEN
         else:
Example #6
0
    def read(self, request, ticket="", term=""):
        """
            Process a search user request.
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            term (string) : search term

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    term = request.GET.get("term", "")

                    users = User.objects.filter(
                        Q(username__icontains=term)
                        | Q(email__icontains=term)
                        | Q(first_name__icontains=term)
                        | Q(last_name__icontains=term)
                    )

                    groups = Group.objects.filter(name__icontains=term)

                    return {
                        "users": [
                            {"username": user.username, "fullname": "%s %s" % (user.first_name, user.last_name)}
                            for user in users
                        ],
                        "groups": [{"groupname": g.name, "subscribers": len(g.user_set.all())} for g in groups],
                    }

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response
Example #7
0
    def read(self, request, ticket="", username=""):
        """
            Given a username, return the list of groups he is part of
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            username(string) : the username you want to know the groups

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    try:
                        target_user = User.objects.get(username=request.GET.get("username"))
                    except ObjectDoesNotExist, e:
                        response = HttpResponse(status=404)
                        response._is_string = True
                        return response
                    if request.GET.get("institution", None) is None:
                        res = [
                            {"groupname": g.name, "subscribers": len(g.user_set.all())}
                            for g in target_user.groups.all()
                        ]
                    else:
                        res = [
                            {"groupname": g.institution.name, "subscribers": len(g.institution.user_set.all())}
                            for g in InstitutionPortal.objects.all()
                            if target_user in g.institution.user_set.all()
                        ]
                    return res

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response
Example #8
0
    def delete(self, request, wfrun_id=None,  *args, **kwargs):
        """
        Deletes the workflow run specified in the request

        Parameters:
         - `request`: request
         - `wfrun_id`: workflow run id
        """
        try:
            client_address = request.META['REMOTE_ADDR']
            ticket = request.META.get('HTTP_MI_TICKET', '')
            if ticket:
                try:
                    user, tkt64 = authenticate(ticket=ticket, cip=client_address)
                except Exception, e:
                    pass #return rc.FORBIDDEN
            else:
Example #9
0
    def create(self, request, *args, **kwargs):
        """
        Submits the workflow with the `global_id` specified in the request, and starts its execution.

        Parameters:
         - `request`: request
         - `args`: args
         - `kwargs`: kwargs
        """
        try:
            client_address = request.META['REMOTE_ADDR']
            ticket = request.META.get('HTTP_MI_TICKET', '')
            if ticket:
                try:
                    user, tkt64 = authenticate(ticket=ticket, cip=client_address)
                except Exception, e:
                    return rc.FORBIDDEN
            else:
Example #10
0
def _check_header_ticket(req):
    """check header ticket
    """
    ticket = None

    try:
        client_address = req.META['REMOTE_ADDR']
        tkt = req.META.get('HTTP_MI_TICKET', '')
        if tkt:
            try:
                usr, tkt64 = authenticate(ticket=tkt, cip=client_address)
                ticket = (tkt,usr)

            except Exception:
                ticket = None
        else:
            ticket = None

    except Exception, e:
        logger.exception(e)
        ticket = None
Example #11
0
def _check_header_ticket(req):
    ticket = None

    try:
        client_address = req.META['REMOTE_ADDR']
        tkt = req.META.get('HTTP_MI_TICKET', '')
        if tkt:
            try:
                usr, tkt64 = authenticate(ticket=tkt, cip=client_address)
                ticket = (tkt,usr)

            except Exception:
                ticket = None
        else:
            ticket = None

    except Exception:
        client.captureException()
        ticket = None

    finally:
        return ticket
Example #12
0
    def read(self, request, global_id=None):
        """
            Process a search user request.
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            global_id (list): list of global id to check
            ticket (string) : the authentication ticket - optional

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            client_address = request.META['REMOTE_ADDR']
            ticket = request.META.get('HTTP_MI_TICKET', '')
            if ticket:
                try:
                    user, tkt64 = authenticate(ticket=ticket, cip=client_address)
                except Exception, e:
                    return rc.FORBIDDEN
            else:
Example #13
0
 def auth_complete(self, *args, **kwargs):
     """Complete auth process"""
     response = self.consumer().complete(dict(self.data.items()),
         self.build_absolute_uri())
     if not response:
         raise AuthException(self, 'OpenID relying party endpoint')
     elif response.status == SUCCESS:
         kwargs.update({
             'auth': self,
             'response': response,
             self.AUTH_BACKEND.name: True
         })
         user, tkt64 = authenticate(*args, **kwargs)
         if user:
             self.request.META['VPH_TKT_COOKIE'] = tkt64
             return user
         else:
             AuthFailed(self, 'Authentication Error')
     elif response.status == FAILURE:
         raise AuthFailed(self, response.message)
     elif response.status == CANCEL:
         raise AuthCanceled(self)
     else:
         raise AuthUnknownError(self, response.status)
Example #14
0
File: api.py Project: b3c/vphshare 
    def read(self, request, local_id='', type='', role='', ticket=''):
        """
            Process a search user request.
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            global_id (list): list of global id to check
            local_id (list) : list of local id to check
            type (string) : the type of the resource
            role (string) : the role to be checked
            ticket (string) : the authentication ticket - optional

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            client_address = request.META['REMOTE_ADDR']
            try:
                if request.GET.get('ticket'):
                    user, tkt64 = authenticate(ticket=request.GET['ticket'], cip=client_address)
                else:
                    auth = request.META['HTTP_AUTHORIZATION'].split()
                    if len(auth) == 2:
                        if auth[0].lower() == 'basic':
                            # Currently, only basic http auth is used.
                            username, ticket = base64.b64decode(auth[1]).split(':')
                            user, tkt64 = authenticate(ticket=ticket, cip=client_address)
            except Exception, e:
                response = HttpResponse(status=401)
                response._is_string = True
                return response

            if user is not None:
                if request.GET.get('role','') not in Roles:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

                role = request.GET['role']

                # if global_id is provided, look for local resources
                if 'global_id' in request.GET:
                    global_ids = request.GET.getlist('global_id', [])
                    resources = []
                    for global_id in global_ids:
                        try:
                            resource = Resource.objects.get(global_id=global_id, metadata=False)
                        except ObjectDoesNotExist, e:
                            metadata = get_resource_metadata(global_id)
                            author = User.objects.get(username=metadata['author'])
                            if metadata['type'] == "Workflow":
                                resource, created = Workflow.objects.get_or_create(global_id=global_id, metadata=metadata, owner=author, type=metadata['type'])
                                resource.save()
                                resource = resource.resource_ptr
                            else:
                                resource, created = Resource.objects.get_or_create(global_id=global_id, metadata=metadata, owner=author, type=metadata['type'])
                                resource.save()

                        if resource.can_I(role, user):
                            resources.append(resource)
                        else:
                            return False

                    if len(resources) == 0:
                        # no resources with given ids!
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    return True

                # if resource_type and local_ids are provided,
                else:
                    local_ids = request.GET.getlist('local_id', [])
                    resources = []
                    for local_id in local_ids:
                        r = filter_resources_by_facet(request.GET['type'], 'localID', local_id )
                        resources += r['resource_metadata']

                    if len(resources) == 0:
                        # no resources with given ids!
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    for resource in resources:
                        resource = resource.value
                        try:
                            if resource['localID'] not in local_ids:
                                continue
                            author = User.objects.get(username=resource['author'])
                            if resource['type'] == "Workflow":
                                resource_in_db, created = Workflow.objects.get_or_create(global_id=resource['globalID'], metadata=resource, owner=author, type=resource['type'])
                                resource_in_db.save()
                                resource_in_db = resource_in_db.resource_ptr
                            else:
                                resource_in_db, created = Resource.objects.get_or_create(global_id=resource['globalID'], metadata=resource, owner=author, type=resource['type'])
                                resource_in_db.save()

                            if not resource_in_db.can_I(role, user):
                                return False
                        except ObjectDoesNotExist, e:
                            # not in local db, no roles
                            return False

                    return True
Example #15
0
File: api.py Project: b3c/vphshare 
    def read(self, request, type='', role='', ticket=''):
        """
            Process a search user request.
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            type (string) : the type of the resource
            role (string) : the role to be checked
            ticket (string) : the authentication ticket - optional

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """

        try:
            client_address = request.META['REMOTE_ADDR']
            try:
                if request.GET.get('ticket'):
                    user, tkt64 = authenticate(ticket=request.GET['ticket'], cip=client_address)
                else:
                    auth = request.META['HTTP_AUTHORIZATION'].split()
                    if len(auth) == 2:
                        if auth[0].lower() == 'basic':
                            # Currently, only basic http auth is used.
                            username, ticket = base64.b64decode(auth[1]).split(':')
                            user, tkt64 = authenticate(ticket=ticket, cip=client_address)
            except Exception, e:
                response = HttpResponse(status=401)
                response._is_string = True
                return response

            if user is not None:
                if request.GET.get('role','') not in Roles:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

                role = request.GET['role']
                types = request.GET.get('type', None)
                user_resources = []
                if types is not None:
                    resources = Resource.objects.filter_by_roles(role=role, user=user, types=types, numResults=300 )
                    for resource in resources['data']:
                        if resource.type == 'File' and not resource.can_I(role, user):
                            continue
                        user_resources.append({"local_id": resource.metadata['localID'], "global_id": resource.global_id})
                    return user_resources
                else:
                    user_resources = []
                    roles = Roles[Roles.index(Role.objects.get(name=role).name):]
                    role_relations = PrincipalRoleRelation.objects.filter(
                        Q(user=user) | Q(group__in=user.groups.all()),
                        role__name__in=roles,
                    )
                    for role_relation in role_relations:
                            if isinstance(role_relation.content, Resource) and role_relation.content not in user_resources:
                                user_resources.append(role_relation.content.global_id)

                    return user_resources
            else:
                response = HttpResponse(status=403)
                response._is_string = True
                return response
Example #16
0
    def read(self, request, ticket="", name="", parent=""):
        """
            Create a smart group
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name
            parent (string): the parent group name (optional)

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    name = request.GET.get("group")

                    # check if a user with the group name exists
                    try:
                        User.objects.get(username__iexact=name)  # select case-insensitive
                        response = HttpResponse(status=500)
                        response._is_string = True
                        return response

                    except ObjectDoesNotExist, e:
                        pass

                    try:
                        Group.objects.get(name__iexact=name)  # select case-insensitive
                        response = HttpResponse(status=500)
                        response._is_string = True
                        return response

                    except ObjectDoesNotExist, e:
                        pass

                    parent = request.GET.get("parent", "")

                    group = VPHShareSmartGroup.objects.create(name=name)
                    group.managers.add(user)
                    group.user_set.add(user)
                    add_local_role(group, user, group_manager)

                    if parent:
                        try:
                            group.parent = Group.objects.get(name=parent)
                        except ObjectDoesNotExist, e:
                            pass

                    group.save()

                    response = HttpResponse(status=200)
                    response._is_string = True
                    response.write("OK")
                    return response
Example #17
0
    def read(self, request):
        """
            Notifycation message service.
            At the service invocation:
            - check the sender ticket validity
            - send an email to the recipient(s) from [email protected] with the given text and subject (if provided).
            - when the receiver will login into the MI, a popup message will be shown in the homepage. The user will be
            able to hide the message by clicking the "X" control on the message itself.
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : the ticket of the sender base 64 ticket.
            recipient: the username of the receiver (or the group id if you want to notify a group of users)
            message: the message body (plain text)
            subject: the message subject [optional]

            Return:

            Successes - status message 200
            Failure - 400 error with message
            Failure - 403 error when ticket is not valid.

        """
        try:
            if request.GET.get('ticket'):
                client_address = request.META['REMOTE_ADDR']
                user, tkt64 = authenticate(ticket=request.GET['ticket'], cip=client_address)

                if user is not None:
                    try:

                        if request.GET.get('recipient', None):
                            recipient = request.GET['recipient']
                        else:
                            recipient = None
                        if request.GET.get('message', None):
                            message = request.GET['message']
                        else:
                            message = None
                        if request.GET.get('subject', None):
                            subject = request.GET['subject']
                        else:
                            subject = ''

                        if recipient is None:
                            raise NotifyException('Recipient is wrong')
                        elif message is None or message == '':
                            raise NotifyException('Message is empty')

                        try:
                            user = User.objects.get(username=recipient)

                            n = Notification(recipient=user, message=message, subject=subject).save()

                        except ObjectDoesNotExist:
                            try:
                                group = Group.objects.get(name=recipient)
                                for user in group.user_set.all():
                                    Notification(recipient=user, message=message, subject=subject).save()
                                pass
                            except ObjectDoesNotExist:
                                raise NotifyException('recipient is wrong')

                        response = HttpResponse(status=200)
                        response._is_string = True
                        return response

                    except NotifyException, e:
                        response = HttpResponse(status=400, content=e)
                        response._is_string = True
                        return response
                else:
                    raise Exception

        except Exception, e:
            client.captureException()
            response = HttpResponse(status=403)
            response._is_string = True
            return response
Example #18
0
    def read(self, request, ticket="", group="", username="", recursive=False):
        """
            Remove a user from a smart group
            Arguments:

            request (HTTP request istance): HTTP request send from client.
            ticket (string) : base 64 ticket.
            group (string) : the group name
            username (string) : the username
            recursive (string) : if present the user will be removed from all the tree of group

            Return:

            Successes - Json/xml/yaml format response
            Failure - 403 error

        """
        try:
            if request.GET.get("ticket"):
                client_address = request.META["REMOTE_ADDR"]
                user, tkt64 = authenticate(ticket=request.GET["ticket"], cip=client_address)

                if user is not None:

                    group = VPHShareSmartGroup.objects.get(name=request.GET.get("group"))
                    user_to_remove = User.objects.get(username=request.GET.get("username"))

                    if not group.is_manager(user):
                        response = HttpResponse(status=403)
                        response._is_string = True
                        return response

                    if request.GET.get("recursive", False):
                        # remove user from all sub groups
                        while group is not None:
                            group.user_set.remove(user_to_remove)
                            try:
                                group = VPHShareSmartGroup.objects.get(parent=group)
                            except ObjectDoesNotExist, e:
                                group = None

                    else:
                        # remove only from this group
                        group.user_set.remove(user_to_remove)

                    response = HttpResponse(status=200)
                    response._is_string = True
                    response.write("OK")
                    return response

                else:
                    response = HttpResponse(status=403)
                    response._is_string = True
                    return response

        except Exception, e:
            from raven.contrib.django.raven_compat.models import client

            client.captureException()
            response = HttpResponse(status=500)
            response._is_string = True
            return response