def get_groups(self, user_id=None): def get_memberships(group, memberships, depth=0): result = [group] if depth < 100: for g, s in memberships: if group == s and g not in result: result += get_memberships(g, memberships, depth + 1) return result my_groups = [ rec[0] for rec in system.database( 'SELECT groupid FROM dz_members WHERE userid=%s', user_id or self.user_id) ] sub_groups = [(rec.GROUPID, rec.SUBGROUPID) for rec in system.database( 'SELECT subgroupid,groupid FROM dz_subgroups ORDER BY subgroupid')] memberships = [] for group in my_groups: memberships += get_memberships(group, sub_groups) groups = my_groups + memberships named_groups = [] for rec in system.database('SELECT groupid, name FROM dz_groups'): groupid = rec[0] name = rec[1].strip() if groupid in groups: named_groups += [name] return named_groups
def add_user(username, group_name): userid = get_userid(username) groupid = get_groupid(group_name) if userid and groupid: system.database( 'insert into dz_members (userid, groupid) values (%s,%s)', userid, groupid)
def initialize(self, login_id=None): if not login_id: login_id = get_current_username() select_user = "******" dataset = system.database(select_user, login_id) if not len(dataset): select_disabled_account = "SELECT * FROM dz_users WHERE loginid=%s and status<>'A'" dataset = system.database(select_disabled_account, login_id) if len(dataset) == 0: # this is a new authenticated user that has been authenticated # by the OS (Windows usually) so add to the guests group insert_user = "******" now = datetime.datetime.now() system.database(insert_user, login_id, now, now) dataset = system.database(select_user, login_id) add_user(login_id, 'guests') if len(dataset): rec = dataset[0] self.login_id = get_username( rec.USERID) # supplied login_id can be case insensitive self.username = self.login_id self.first_name = rec.firstname self.last_name = rec.lastname self.phone = rec.phone self.email = rec.EMAIL self.status = rec.STATUS self.user_id = self.id = rec.USERID else: raise Exception('Unable to initialize user.') # determine membership in groups self.groups = self.get_groups() self.apps = [item[2:] for item in self.groups if item[:2] == 'a_'] self.roles = [item for item in self.groups if item[:2] != 'a_'] self.is_admin = self.is_administrator = \ system.administrator_group in self.groups or \ self.is_member(system.administrators) self.is_manager = \ system.manager_group in self.groups or \ self.is_member(system.managers) self.is_developer = \ self.is_member(system.developers) self.is_guest = self.is_anonymous = self.login_id == system.guest self.is_authenticated = not self.is_anonymous # determine default app if self.is_anonymous: self.default_app = system.index else: self.default_app = system.home if self.default_app not in self.apps: self.default_app = system.index self.get_settings()
def initialize(self, login_id=None): if not login_id: login_id = get_current_username() select_user = "******" dataset = system.database(select_user, login_id) if not len(dataset): select_disabled_account = "SELECT * FROM dz_users WHERE loginid=%s and status<>'A'" dataset = system.database(select_disabled_account, login_id) if len(dataset) == 0: # this is a new authenticated user that has been authenticated # by the OS (Windows usually) so add to the guests group insert_user = "******" now = datetime.datetime.now() system.database(insert_user, login_id, now, now) dataset = system.database(select_user, login_id) add_user(login_id, 'guests') if len(dataset): rec = dataset[0] self.login_id = get_username(rec.USERID) # supplied login_id can be case insensitive self.username = self.login_id self.first_name = rec.firstname self.last_name = rec.lastname self.phone = rec.phone self.email = rec.EMAIL self.status = rec.STATUS self.user_id = self.id = rec.USERID else: raise Exception('Unable to initialize user.') # determine membership in groups self.groups = self.get_groups() self.apps = [item[2:] for item in self.groups if item[:2]=='a_'] self.roles = [item for item in self.groups if item[:2]!='a_'] self.is_admin = self.is_administrator = \ system.administrator_group in self.groups or \ self.is_member(system.administrators) self.is_manager = \ system.manager_group in self.groups or \ self.is_member(system.managers) self.is_developer = \ self.is_member(system.developers) self.is_guest = self.is_anonymous = self.login_id == system.guest self.is_authenticated = not self.is_anonymous # determine default app if self.is_anonymous: self.default_app = system.index else: self.default_app = system.home if self.default_app not in self.apps: self.default_app = system.index self.get_settings()
def authenticate(login_id, password): cmd = "SELECT * FROM dz_users WHERE loginid=%s and password=PASSWORD(CONCAT(dtadd,%s)) and status='A'" dataset = system.database(cmd, login_id, password) if len(dataset): return True cmd = "SELECT userid FROM dz_users WHERE loginid=%s and password=OLD_PASSWORD(%s) and status='A'" dataset = system.database(cmd,login_id,password) if len(dataset): return True
def initialize(self, login_id=None): if not login_id: login_id = get_current_username() select_user = "******" dataset = system.database(select_user,login_id) if not len(dataset): select_disabled_account = "SELECT firstname, lastname, phone, loginid, password, email, userid, status FROM dz_users WHERE loginid=%s and status<>'A'" dataset = system.database(select_disabled_account,login_id) if len(dataset) == 0: insert_user = "******" now = datetime.datetime.now() system.database(insert_user,login_id,now,now) dataset = system.database(select_user,login_id) add_user(login_id, 'guests') if len(dataset): self.login_id = login_id self.username = login_id rec = dataset[0] self.first_name = rec.firstname self.last_name = rec.lastname self.phone = rec.phone self.email = rec.EMAIL self.status = rec.STATUS self.user_id = self.id = rec.USERID else: raise Exception('Unable to intialize user.') # determine membership in groups self.groups = self.get_groups() self.apps = [item[2:] for item in self.groups if item[:2]=='a_'] self.roles = [item for item in self.groups if item[:2]!='a_'] self.is_admin = self.is_administrator = \ system.administrator_group in self.groups or \ self.is_member(system.administrators) self.is_manager = \ system.manager_group in self.groups or \ self.is_member(system.managers) self.is_developer = \ system.developer_group in self.groups or \ self.is_member(system.developers) self.is_anonymous = self.login_id == system.guest self.is_authenticated = not self.is_anonymous # determine default app if self.is_anonymous: self.default_app = system.index else: self.default_app = system.home if self.default_app not in self.apps: self.default_app = system.index
def create_user(**values): """ Create a new user and add her to the users group """ now = datetime.datetime.now() # copy some field names to be compatible with legacy table structure values['FIRSTNAME'] = values['FIRST_NAME'] values['LASTNAME'] = values['LAST_NAME'] values['LOGINID'] = values['USERNAME'].lower() values['DTUPD'] = values['DTADD'] = now values['STATUS'] = 'A' users = system.database.table('dz_users','USERID') id = users.insert(values) system.database('delete from dz_members where userid=%s',id) # make sure new users have no memberships add_user(values['LOGINID'], 'users') return id
def create_user(**values): """ Create a new user and add her to the users group """ now = datetime.datetime.now() # copy some field names to be compatible with legacy table structure values['FIRSTNAME'] = values['FIRST_NAME'] values['LASTNAME'] = values['LAST_NAME'] values['LOGINID'] = values['USERNAME'].lower() values['DTUPD'] = values['DTADD'] = now values['STATUS'] = 'A' users = system.database.table('dz_users', 'USERID') id = users.insert(values) system.database('delete from dz_members where userid=%s', id) # make sure new users have no memberships add_user(values['LOGINID'], 'users') return id
def get_groups(self,user_id=None): def get_memberships(group,memberships,depth=0): result = [group] if depth < 100: for g,s in memberships: if group == s and g not in result: result += get_memberships(g,memberships,depth+1) return result my_groups = [rec[0] for rec in system.database('SELECT groupid FROM dz_members WHERE userid=%s',user_id or self.user_id)] sub_groups = [(rec.GROUPID,rec.SUBGROUPID) for rec in system.database('SELECT subgroupid,groupid FROM dz_subgroups ORDER BY subgroupid')] memberships = [] for group in my_groups: memberships += get_memberships(group,sub_groups) groups = my_groups + memberships named_groups = [] for rec in system.database('SELECT groupid, name FROM dz_groups'): groupid = rec[0] name = rec[1].strip() if groupid in groups: named_groups += [name] return named_groups
def user_exists(username): return system.database('select * from dz_users where loginid=%s', username)
def activate_user(username): return system.database('update dz_users set status="A" where loginid=%s', username)
def __call__(self, cmd, *a, **k): return system.database(cmd, *a, **k)
def set_password(self, password): if using_old_passwords(): cmd = "UPDATE dz_users SET password=OLD_PASSWORD(%s), dtupd=now() where loginid=%s" else: cmd = "UPDATE dz_users SET password=PASSWORD(CONCAT(dtadd,%s)), dtupd=now() where loginid=%s" system.database(cmd, password, self.login_id)
def using_old_passwords(): return system.database('describe dz_users password')[0].TYPE == 'char(16)'
def get_groupname(group_id): rec = system.database('select * from dz_groups where groupid=%s', group_id) if rec: return rec[0].name
def add_user(username, group_name): userid = get_userid(username) groupid = get_groupid(group_name) if userid and groupid: system.database('insert into dz_members (userid, groupid) values (%s,%s)', userid, groupid)
def get_username(userid): rec = system.database('select * from dz_users where userid=%s', userid) if rec: return rec[0].loginid
def get_groupid(group_name): rec = system.database('select * from dz_groups where name=%s', group_name) if rec: return rec[0].groupid
def delete_user(user_id): system.database('delete from dz_members where userid=%s', user_id) system.database('delete from dz_users where userid=%s', user_id)