def post(self, login):
schema = UserProfileManageInfoSchema()
obj = schema.loads(request.get_data(as_text=True))
if obj.errors:
return {"errors": obj.errors}, 400
user_login_obj = UserLoginSchemaBase().load({"login": login})
if user_login_obj.errors:
return {"errors": user_login_obj.errors}, 400
if db.session.query(exists().where(User.login == login)).scalar():
raise Conflict("User exists yet")
if db.session.query(exists().where(Group.name == login)).scalar():
raise Conflict("Group exists yet")
user = User()
user.login = login
user.email = obj.data.get("email")
user.additional_info = obj.data.get("additional_info")
user.feed_quality = obj.data.get("feed_quality")
user.disabled = False
user.pending = False
user.registered_by = g.auth_user.id
user.registered_on = datetime.datetime.now()
user.groups.append(Group.public_group())
user.reset_sessions()
db.session.add(user)
group = Group()
group.name = login
group.private = True
group.users.append(user)
db.session.add(group)
if obj.data.get("send_email", False):
try:
send_email_notification("register",
"New account registered in Malwarecage",
user.email,
base_url=app_config.malwarecage.base_url,
login=user.login,
set_password_token=user.generate_set_password_token().decode("utf-8"))
except MailError:
logger.exception("Can't send e-mail notification")
raise InternalServerError("SMTP server needed to fulfill this request is"
" not configured or unavailable.")
db.session.commit()
logger.info('User created', extra={'user': user.login})
schema = UserSuccessSchema()
return schema.dump({"login": user.login})
def create_admin(name, email, password, require_empty):
logger = log.getLogger()
g.request_id = "cli"
g.request_start_time = datetime.utcnow()
if require_empty:
if Group.query.count() > 0 and User.query.count() > 0:
logger.info(
'Some users and groups already exist in the database. No changes were made.'
)
return
try:
group = Group(name='public', capabilities=[])
db.session.add(group)
db.session.commit()
except sqlalchemy.exc.IntegrityError:
db.session.rollback()
logger.exception('Group public already exists, no changes were made.')
else:
logger.info('Succesfully added group public"')
try:
group = Group(name=name, capabilities=Capabilities.all(), private=True)
db.session.add(group)
db.session.commit()
except sqlalchemy.exc.IntegrityError:
db.session.rollback()
logger.exception('Group already exists, no changes were made.')
else:
logger.info('Succesfully added group %s', name)
group = db.session.query(Group).filter(Group.name == name).first()
try:
user = User(login=name, email=email)
user.set_password(password)
user.version_uid = '0' * 16
user.identity_ver = '0' * 16
user.password_ver = '0' * 16
user.groups.append(group)
user.groups.append(Group.public_group())
db.session.add(user)
db.session.commit()
except sqlalchemy.exc.IntegrityError:
db.session.rollback()
logger.exception('User already exists, no changes were made.')
else:
logger.info('Succesfully added admin user %s', name)
def post(self):
"""
---
description: Request new user account
tags:
- auth
requestBody:
description: User basic information
content:
application/json:
schema: UserRegisterSchema
responses:
200:
description: User login on successful registration
content:
application/json:
schema: UserSuccessSchema
"""
if not app_config.malwarecage.enable_registration:
raise Forbidden("User registration is not enabled.")
schema = UserRegisterSchema()
obj = schema.loads(request.get_data(as_text=True))
if obj.errors:
return {"errors": obj.errors}, 400
login = obj.data.get("login")
if db.session.query(exists().where(User.login == login)).scalar():
raise Conflict("Name already exists")
if db.session.query(exists().where(Group.name == login)).scalar():
raise Conflict("Name already exists")
recaptcha_secret = app_config.malwarecage.recaptcha_secret
if recaptcha_secret:
try:
recaptcha_token = obj.data.get("recaptcha")
recaptcha_response = requests.post(
'https://www.google.com/recaptcha/api/siteverify',
data={
'secret': recaptcha_secret,
'response': recaptcha_token
})
recaptcha_response.raise_for_status()
except Exception as e:
logger.exception("Temporary problem with ReCAPTCHA.")
raise InternalServerError(
"Temporary problem with ReCAPTCHA.") from e
if not recaptcha_response.json().get('success'):
raise Forbidden("Wrong ReCAPTCHA, please try again.")
user = User()
user.login = login
user.email = obj.data.get("email")
user.additional_info = obj.data.get("additional_info")
user.pending = True
user.disabled = False
user.requested_on = datetime.datetime.now()
user.groups.append(Group.public_group())
user.reset_sessions()
db.session.add(user)
group = Group()
group.name = login
group.private = True
group.users.append(user)
db.session.add(group)
db.session.commit()
try:
send_email_notification("pending",
"Pending registration in Malwarecage",
user.email,
base_url=app_config.malwarecage.base_url,
login=user.login)
except MailError:
logger.exception("Can't send e-mail notification")
logger.info('User registered', extra={'user': user.login})
schema = UserSuccessSchema()
return schema.dump({"login": user.login})
def post(self, login):
"""
---
summary: Create a new user
description: |
Creates new user account
Requires `manage_users` capability.
security:
- bearerAuth: []
tags:
- user
parameters:
- in: path
name: login
schema:
type: string
description: New user login
requestBody:
description: User information
content:
application/json:
schema: UserProfileManageInfoSchema
responses:
200:
description: When user was created successfully
content:
application/json:
schema: UserSuccessSchema
400:
description: When request body is invalid
403:
description: When user doesn't have `manage_users` capability.
409:
description: When user or group with provided name already exists.
500:
description: When SMTP server is unavailable or not properly configured on the server.
"""
schema = UserProfileManageInfoSchema()
obj = schema.loads(request.get_data(as_text=True))
if obj.errors:
return {"errors": obj.errors}, 400
user_login_obj = UserLoginSchemaBase().load({"login": login})
if user_login_obj.errors:
return {"errors": user_login_obj.errors}, 400
if db.session.query(exists().where(User.login == login)).scalar():
raise Conflict("User exists yet")
if db.session.query(exists().where(Group.name == login)).scalar():
raise Conflict("Group exists yet")
user = User()
user.login = login
user.email = obj.data.get("email")
user.additional_info = obj.data.get("additional_info")
user.feed_quality = obj.data.get("feed_quality")
user.disabled = False
user.pending = False
user.registered_by = g.auth_user.id
user.registered_on = datetime.datetime.now()
user.groups.append(Group.public_group())
user.reset_sessions()
db.session.add(user)
group = Group()
group.name = login
group.private = True
group.users.append(user)
db.session.add(group)
if obj.data.get("send_email", False):
try:
send_email_notification(
"register",
"New account registered in Malwarecage",
user.email,
base_url=app_config.malwarecage.base_url,
login=user.login,
set_password_token=user.generate_set_password_token(
).decode("utf-8"))
except MailError:
logger.exception("Can't send e-mail notification")
raise InternalServerError(
"SMTP server needed to fulfill this request is"
" not configured or unavailable.")
db.session.commit()
logger.info('User created', extra={'user': user.login})
schema = UserSuccessSchema()
return schema.dump({"login": user.login})
