def s3_authorize_node(auth, node_addon, **kwargs):
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message': ('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM')
}, httplib.BAD_REQUEST
user_addon = auth.user.get_or_add_addon('s3')
user_addon.access_key = access_key
user_addon.secret_key = secret_key
user_addon.save()
node_addon.authorize(user_addon, save=True)
return node_addon.to_json(auth.user)
def s3_authorize_node(auth, node_addon, **kwargs):
try:
access_key = request.json["access_key"]
secret_key = request.json["secret_key"]
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not utils.can_list(access_key, secret_key):
return (
{
"message": (
"Unable to list buckets.\n" "Listing buckets is required permission that can be changed via IAM"
)
},
httplib.BAD_REQUEST,
)
user_addon = auth.user.get_or_add_addon("s3")
user_addon.access_key = access_key
user_addon.secret_key = secret_key
user_addon.save()
node_addon.authorize(user_addon, save=True)
return node_addon.to_json(auth.user)
def s3_authorize_node(auth, node_addon, **kwargs):
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message':
('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM'
)
}, httplib.BAD_REQUEST
user_addon = auth.user.get_or_add_addon('s3')
user_addon.access_key = access_key
user_addon.secret_key = secret_key
user_addon.save()
node_addon.authorize(user_addon, save=True)
return node_addon.to_json(auth.user)
def s3_add_user_account(auth, **kwargs):
"""Verifies new external account credentials and adds to user's list"""
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
user_info = utils.get_user_info(access_key, secret_key)
if not user_info:
return {
'message':
('Unable to access account.\n'
'Check to make sure that the above credentials are valid, '
'and that they have permission to list buckets.')
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message':
('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM'
)
}, httplib.BAD_REQUEST
account = None
try:
account = ExternalAccount(
provider=SHORT_NAME,
provider_name=FULL_NAME,
oauth_key=access_key,
oauth_secret=secret_key,
provider_id=user_info.id,
display_name=user_info.display_name,
)
account.save()
except KeyExistsException:
# ... or get the old one
account = ExternalAccount.find_one(
Q('oauth_key', 'eq', access_key)
& Q('oauth_secret', 'eq', secret_key))
assert account is not None
if account not in auth.user.external_accounts:
auth.user.external_accounts.append(account)
# Ensure S3 is enabled.
auth.user.get_or_add_addon('s3', auth=auth)
auth.user.save()
return {}
def s3_add_user_account(auth, **kwargs):
"""Verifies new external account credentials and adds to user's list"""
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not (access_key and secret_key):
return {
'message': 'All the fields above are required.'
}, httplib.BAD_REQUEST
user_info = utils.get_user_info(access_key, secret_key)
if not user_info:
return {
'message': ('Unable to access account.\n'
'Check to make sure that the above credentials are valid, '
'and that they have permission to list buckets.')
}, httplib.BAD_REQUEST
if not utils.can_list(access_key, secret_key):
return {
'message': ('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM')
}, httplib.BAD_REQUEST
account = None
try:
account = ExternalAccount(
provider=SHORT_NAME,
provider_name=FULL_NAME,
oauth_key=access_key,
oauth_secret=secret_key,
provider_id=user_info.id,
display_name=user_info.display_name,
)
account.save()
except KeyExistsException:
# ... or get the old one
account = ExternalAccount.find_one(
Q('provider', 'eq', SHORT_NAME) &
Q('provider_id', 'eq', user_info.id)
)
assert account is not None
if account not in auth.user.external_accounts:
auth.user.external_accounts.append(account)
# Ensure S3 is enabled.
auth.user.get_or_add_addon('s3', auth=auth)
auth.user.save()
return {}
def s3_post_user_settings(auth, **kwargs):
user_addon = auth.user.get_or_add_addon('s3')
try:
access_key = request.json['access_key']
secret_key = request.json['secret_key']
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not utils.can_list(access_key, secret_key):
return {
'message': ('Unable to list buckets.\n'
'Listing buckets is required permission that can be changed via IAM')
}, httplib.BAD_REQUEST
user_addon.access_key = access_key
user_addon.secret_key = secret_key
user_addon.save()
def s3_post_user_settings(user_addon, **kwargs):
try:
access_key = request.json["access_key"]
secret_key = request.json["secret_key"]
except KeyError:
raise HTTPError(httplib.BAD_REQUEST)
if not utils.can_list(access_key, secret_key):
return (
{
"message": (
"Unable to list buckets.\n" "Listing buckets is required permission that can be changed via IAM"
)
},
httplib.BAD_REQUEST,
)
user_addon.access_key = access_key
user_addon.secret_key = secret_key
user_addon.save()
def is_valid(self):
return utils.can_list(self.access_key, self.secret_key)
def credentials_are_valid(self, user_settings):
if user_settings:
for account in user_settings.external_accounts:
if utils.can_list(account.oauth_key, account.oauth_secret):
return True
return False
def is_valid(self):
return utils.can_list(self.access_key, self.secret_key)
def credentials_are_valid(self, user_settings):
if user_settings:
for account in user_settings.external_accounts:
if utils.can_list(account.oauth_key, account.oauth_secret):
return True
return False
