def add_user_auth(self, node_addon, user, external_account_id): external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) node = node_addon.owner node.add_log( action='dataverse_node_authorized', params={ 'project': node.parent_id, 'node': node._id, }, auth=Auth(user=user), ) result = self.serializer( node_settings=node_addon, user_settings=user.get_addon('dataverse'), ).serialized_node_settings return {'result': result}
def get_account_or_error(self, addon_name, external_account_id, auth): external_account = ExternalAccount.load(external_account_id) if not external_account: raise exceptions.NotFound('Unable to find requested account.') if external_account not in auth.user.external_accounts: raise exceptions.PermissionDenied('Requested action requires account ownership.') if external_account.provider != addon_name: raise Conflict('Cannot authorize the {} addon with an account for {}'.format(addon_name, external_account.provider)) return external_account
def add_user_auth(self, node_addon, user, external_account_id): external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) result = self.serialize_settings(node_addon, user) return {'result': result}
def add_user_auth(self, node_addon, user, external_account_id): external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) result = self.serializer( node_settings=node_addon, user_settings=user.get_addon(self.provider_name), ).serialized_node_settings return {'result': result}
def add_user_auth(self, node_addon, user, external_account_id): external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) result = self.serializer( node_settings=node_addon, user_settings=user.get_addon(self.provider_name), ).serialized_node_settings result['validCredentials'] = self.check_credentials(node_addon) return {'result': result}
def oauth_disconnect(external_account_id, auth): account = ExternalAccount.load(external_account_id) user = auth.user if account is None: HTTPError(http.NOT_FOUND) if account not in user.external_accounts: HTTPError(http.FORBIDDEN) # iterate AddonUserSettings for addons for user_settings in user.get_oauth_addons(): user_settings.revoke_oauth_access(account) user_settings.save() # ExternalAccount.remove_one(account) # # only after all addons have been dealt with can we remove it from the user user.external_accounts.remove(account) user.save()
def add_user_auth(self, node_addon, user, external_account_id): """Adds authorization to a node if the user has authorization to grant""" external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) result = self.serializer( node_settings=node_addon, user_settings=user.get_addon(self.provider_name), ).serialized_node_settings result['validCredentials'] = self.check_credentials(node_addon) return {'result': result}
def creds_are_valid(ea_id): logger.warn('Validating credentials for externalaccount {}'.format(ea_id)) ea = ExternalAccount.load(ea_id) if ea.provider == 'github': try: GitHubClient(external_account=ea).user() except (GitHubError, IndexError): logger.info('Invalid creds: {}'.format(ea_id)) return False elif ea.provider == 'dropbox': try: DropboxClient(ea.oauth_key).account_info() except (ValueError, IndexError, ErrorResponse): logger.info('Invalid creds: {}'.format(ea_id)) return False else: raise Exception('Unexpected provider: {}'.format(ea.provider)) logger.info('Valid creds: {}'.format(ea_id)) return True
def googledrive_import_user_auth(auth, node_addon, **kwargs): """ Import googledrive credentials from the currently logged-in user to a node. """ user = auth.user external_account_id = request.get_json().get('external_account_id') external_account = ExternalAccount.load(external_account_id) if external_account not in user.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user) except PermissionsError: raise HTTPError(http.FORBIDDEN) result = GoogleDriveSerializer( node_settings=node_addon, user_settings=user.get_addon('googledrive'), ).serialize_settings(node_addon, user) return result
def _import_auth(auth, node_addon, user_addon, **kwargs): """Import add-on credentials from the currently logged-in user to a node. """ external_account = ExternalAccount.load( request.json['external_account_id']) if external_account not in user_addon.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user_addon.owner) except PermissionsError: raise HTTPError(http.FORBIDDEN) node_addon.save() return { 'result': Serializer().serialize_settings(node_addon, auth.user), 'message': 'Successfully imported access token from profile.', }
def oauth_disconnect(external_account_id, auth): account = ExternalAccount.load(external_account_id) user = auth.user if account is None: raise HTTPError(http.NOT_FOUND) if not user.external_accounts.filter(id=account.id).exists(): raise HTTPError(http.FORBIDDEN) # iterate AddonUserSettings for addons for user_settings in user.get_oauth_addons(): if user_settings.oauth_provider.short_name == account.provider: user_settings.revoke_oauth_access(account) user_settings.save() # ExternalAccount.remove_one(account) # # only after all addons have been dealt with can we remove it from the user user.external_accounts.remove(account) user.save()
def _import_auth(auth, node_addon, user_addon, **kwargs): """Import add-on credentials from the currently logged-in user to a node. """ external_account = ExternalAccount.load( request.json['external_account_id'] ) if external_account not in user_addon.external_accounts: raise HTTPError(http.FORBIDDEN) try: node_addon.set_auth(external_account, user_addon.owner) except PermissionsError: raise HTTPError(http.FORBIDDEN) node_addon.save() return { 'result': Serializer().serialize_settings(node_addon, auth.user), 'message': 'Successfully imported access token from profile.', }