Example #1
0
 def save(query_fields_row):
     rows = dbselect(spec_name, condition=condition)
     assert len(rows) in (0, 1)
     if len(rows) == 1:
         row = rows[0]
         row[column] = pytis.data.Value(row[column].type(), query_fields_row[field].value())
         data = data_object(spec_name)
         data.update_many(condition, row)
Example #2
0
def dbupdate_many(spec, condition=None, update_row=None,
                  transaction=None):
    """Provede update nad tabulkou danou specifikací.

    Argumenty:

      spec -- specifikace datového objektu nad kterým má být proveden
        select; string'
      condition -- podmínka updatovaní.
      update_row -- řádek kterým se provede update,
      transaction -- instance pytis.data.DBTransactionDefault

    Vrací počet updatovaných řádků.

    """
    if not isinstance(condition, pytis.data.Operator):
        errmsg = "Nebyla předána podmínka pro update_many."
        raise pytis.util.ProgramError(errmsg)
    if not isinstance(update_row, pytis.data.Row):
        errmsg = "Nebyl předán řádek pro update_many."
        raise pytis.util.ProgramError(errmsg)
    data = data_object(spec)
    return data.update_many(condition, update_row, transaction=transaction)
Example #3
0
def add_crypto_user(area,
                    user,
                    admin_user,
                    admin_password,
                    admin_address,
                    connection_data,
                    transaction=None,
                    user_password=None):
    """Add new crypto user for the given area.

    If the action succeeds, return 'None'.  Otherwise return an error
    description (basestring).

    Arguments:

      area -- name of the crypto area; basestring
      user -- login name of the user to get the access to the area; basestring
      admin_user -- login name of the crypto area administrator; basestring
      admin_password -- password to the admin key; basestring
      admin_address -- e-mail address of the admin user, to be used as the
        sender of the notification e-mail; basestring
      connection_data -- database connection data; 'pytis.data.DBConnection'
        instance
      transaction -- transaction to use
      user_password -- string to use as the password for given login name; in such a case
        password will not be sent by email.

    """
    key_id, key = crypto_admin_key(area, admin_user, connection_data)
    if key_id is None:
        return "admin key not found for the area: %s" % (area, )
    try:
        transaction_ = transaction
        if transaction_ is None:
            transaction_ = pytis.data.DBTransactionDefault(connection_data)
        condition = pytis.data.AND(
            pytis.data.EQ('name', pytis.data.sval(area)),
            pytis.data.EQ('username', pytis.data.sval(user)))
        data = pytis.data.dbtable('e_pytis_crypto_keys', (
            'name',
            'username',
        ), connection_data)
        if data.select(condition) > 0:
            return "key already exists for the given user and area: %s %s" % (
                user,
                area,
            )
        data.close()
        if user_password is None:
            function = pytis.data.DBFunctionDefault(
                'pytis_crypto_user_contact', connection_data)
            row = pytis.data.Row(((
                'username',
                pytis.data.sval(user),
            ), ))
            result = function.call(row, transaction=transaction_)[0]
            email, gpg_key = [v.value() for v in result]
            if gpg_key is None:
                return "crypto contact not found for user: %s" % (user, )
            characters = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789_-=$#%!'
            user_password = ''.join(
                [characters[ord(c) % 64] for c in os.urandom(32)])
            send_password = True
        else:
            send_password = False
        if not check_crypto_password(key, admin_password, connection_data):
            return "invalid password"
        function = pytis.data.DBFunctionDefault('pytis_crypto_copy_key',
                                                connection_data)
        row = pytis.data.Row((
            (
                'name_',
                pytis.data.sval(area),
            ),
            (
                'from_user',
                pytis.data.sval(admin_user),
            ),
            (
                'to_user',
                pytis.data.sval(user),
            ),
            (
                'from_psw',
                pytis.data.sval(admin_password),
            ),
            (
                'to_psw',
                pytis.data.sval(user_password),
            ),
        ))
        if not function.call(row, transaction=transaction_)[0][0]:
            return "user key installation failed"
        if send_password:
            subject = u"Vaše heslo pro šifrovanou oblast %s" % (area, )
            text = u"Vaše heslo pro šifrovanou aplikační oblast %s je:\n%s\n" % (
                area, user_password)
            error = send_mail(email, admin_address, subject, text, key=gpg_key)
            if error:
                return "failure when sending mail to the user: %s" % (error, )
        else:
            data = pytis.data.dbtable('e_pytis_crypto_keys',
                                      ('key_id', 'name', 'username', 'fresh'),
                                      connection_data)
            row = pytis.data.Row(((
                'fresh',
                pytis.data.bval(True),
            ), ))
            condition = pytis.data.AND(
                pytis.data.EQ('name', pytis.data.sval(area)),
                pytis.data.EQ('username', pytis.data.sval(user)))
            result = data.update_many(condition, row, transaction=transaction_)
            if result != 1:
                return "couldn't update fresh column for the new user key"
            data.close()
        if transaction is None:
            transaction_.commit()
        transaction_ = None
    finally:
        if transaction is None and transaction_ is not None:
            transaction_.rollback()