def set_variable_value(self, value):
new_value = unicode(value)
if self.vardef.secure:
from wirecloud.platform.workspace.utils import encrypt_value
new_value = encrypt_value(new_value)
self.value = new_value
def handleMultiuser(self, request, secure, new_variable, old_variable):
if secure:
new_value = encrypt_value(new_variable["value"])
else:
new_value = new_variable["value"]
new_variable = deepcopy(old_variable)
new_variable["value"]["users"]["%s" % request.user.id] = new_value
return new_variable
def handleMultiuser(self, request, secure, new_variable, old_variable):
if secure:
new_value = encrypt_value(new_variable["value"])
else:
new_value = new_variable["value"]
new_variable = deepcopy(old_variable)
new_variable["value"]["users"]["%s" % request.user.id] = new_value
return new_variable
def _populate_variables_values_cache(workspace, user, key, forced_values=None):
""" populates VariableValue cached values for that user """
values_by_varid = {}
values_by_varname = {}
if forced_values == None:
user_workspace = UserWorkspace.objects.get(user=user, workspace=workspace)
context_values = get_context_values(user_workspace)
preferences = get_workspace_preference_values(workspace)
forced_values = process_forced_values(workspace, user, context_values, preferences)
var_values = VariableValue.objects.filter(user__id=user.id, variable__iwidget__tab__workspace=workspace)
for var_value in var_values.select_related('variable__vardef'):
variwidget = var_value.variable.iwidget.id
varname = var_value.variable.vardef.name
# forced_values uses string keys
svariwidget = str(variwidget)
if not variwidget in values_by_varname:
values_by_varname[variwidget] = {}
entry = {}
if svariwidget in forced_values['iwidget'] and varname in forced_values['iwidget'][svariwidget]:
fv_entry = forced_values['iwidget'][svariwidget][varname]
entry['value'] = fv_entry['value']
if var_value.variable.vardef.secure:
entry['value'] = encrypt_value(entry['value'])
entry['readonly'] = True
entry['hidden'] = fv_entry.get('hidden', False)
else:
if not var_value.variable.vardef.secure:
entry['value'] = var_value.get_variable_value()
else:
entry['value'] = var_value.value
entry['readonly'] = False
entry['hidden'] = False
entry['secure'] = var_value.variable.vardef.secure
values_by_varname[variwidget][varname] = entry
values_by_varid[var_value.variable.id] = entry
values = {
'by_varid': values_by_varid,
'by_varname': values_by_varname,
}
cache.set(key, values)
return values
def set_variable_value(self, var_name, value):
iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True)
vardef = iwidget_info['variables']['all'][var_name]
if vardef['secure']:
from wirecloud.platform.workspace.utils import encrypt_value
value = encrypt_value(value)
elif vardef['type'] == 'boolean':
value = bool(value)
elif vardef['type'] == 'number':
value = float(value)
self.variables[var_name] = value
def set_variable_value(self, var_name, value):
iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True)
vardef = iwidget_info['variables']['all'][var_name]
if vardef['secure']:
from wirecloud.platform.workspace.utils import encrypt_value
value = encrypt_value(value)
elif vardef['type'] == 'boolean':
value = bool(value)
elif vardef['type'] == 'number':
value = float(value)
self.variables[var_name] = value
def setUp(self):
super(ProxySecureDataTests, self).setUp()
user = User.objects.get(username='******')
iwidget = IWidget.objects.get(pk=3)
iwidget.set_variable_value('password', 'test_password', user)
iwidget.save()
self.assertNotEqual(iwidget.variables['password'], 'test_password')
iwidget.tab.workspace.wiringStatus['operators']["2"]['preferences'][
'pref_secure']['value']['users']['2'] = encrypt_value(
"test_password")
iwidget.tab.workspace.save()
self.client.login(username='******', password='******')
self.network._servers['http']['example.com'].add_response(
'POST', '/path', self.echo_response)
def set_variable_value(self, var_name, value, user):
iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True)
vardef = iwidget_info['variables']['all'][var_name]
if vardef['secure']:
from wirecloud.platform.workspace.utils import encrypt_value
value = encrypt_value(value)
elif vardef['type'] == 'boolean':
if isinstance(value, text_type):
value = value.strip().lower() == "true"
else:
value = bool(value)
elif vardef['type'] == 'number':
value = float(value)
if "users" in self.variables.get(var_name, ""):
self.variables[var_name]["users"] = {"%s" % user.id: value}
else:
self.variables[var_name] = {"users": {"%s" % user.id: value}}
def set_variable_value(self, var_name, value, user):
iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True)
vardef = iwidget_info['variables']['all'][var_name]
if vardef['secure']:
from wirecloud.platform.workspace.utils import encrypt_value
value = encrypt_value(value)
elif vardef['type'] == 'boolean':
if isinstance(value, str):
value = value.strip().lower() == "true"
else:
value = bool(value)
elif vardef['type'] == 'number':
value = float(value)
if "users" in self.variables.get(var_name, ""):
self.variables[var_name]["users"] = {"%s" % user.id: value}
else:
self.variables[var_name] = {"users": {"%s" % user.id: value}}
def checkWiring(self, request, new_wiring_status, old_wiring_status, can_update_secure=False):
# Check read only connections
old_read_only_connections = [connection for connection in old_wiring_status['connections'] if connection.get('readonly', False)]
new_read_only_connections = [connection for connection in new_wiring_status['connections'] if connection.get('readonly', False)]
if len(old_read_only_connections) > len(new_read_only_connections):
return build_error_response(request, 403, _('You are not allowed to remove or update read only connections'))
for connection in old_read_only_connections:
if connection not in new_read_only_connections:
return build_error_response(request, 403, _('You are not allowed to remove or update read only connections'))
# Check operator preferences and properties
for operator_id, operator in six.iteritems(new_wiring_status['operators']):
old_operator = None
if operator_id in old_wiring_status['operators']:
old_operator = old_wiring_status['operators'][operator_id]
added_preferences = set(operator['preferences'].keys()) - set(old_operator['preferences'].keys())
removed_preferences = set(old_operator['preferences'].keys()) - set(operator['preferences'].keys())
updated_preferences = set(operator['preferences'].keys()).intersection(old_operator['preferences'].keys())
added_properties = set(operator.get('properties', {}).keys()) - set(old_operator['properties'].keys())
removed_properties = set(old_operator['properties'].keys()) - set(operator.get('properties', {}).keys())
updated_properties = set(operator.get('properties', {}).keys()).intersection(old_operator['properties'].keys())
else:
# New operator
added_preferences = operator['preferences'].keys()
removed_preferences = ()
updated_preferences = ()
added_properties = operator['properties'].keys()
removed_properties = ()
updated_properties = ()
try:
vendor, name, version = operator["name"].split("/")
resource = CatalogueResource.objects.get(vendor=vendor, short_name=name, version=version).get_processed_info(process_variables=True)
operator_preferences = resource["variables"]["preferences"]
operator_properties = resource["variables"]["properties"]
except CatalogueResource.DoesNotExist:
# Missing operator variables can't be updated
operator['properties'] = old_operator["properties"]
operator['preferences'] = old_operator["preferences"]
continue
# Handle preferences
for preference_name in added_preferences:
if operator['preferences'][preference_name].get('readonly', False) or operator['preferences'][preference_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden preferences cannot be created using this API'))
# Handle multiuser
new_preference = operator['preferences'][preference_name]
preference_secure = operator_preferences.get(preference_name, {}).get("secure", False)
if preference_secure:
new_value = encrypt_value(new_preference["value"])
else:
new_value = new_preference["value"]
new_preference["value"] = {"users": {"%s" % request.user.id: new_value}}
operator['preferences'][preference_name] = new_preference
for preference_name in removed_preferences:
if old_operator['preferences'][preference_name].get('readonly', False) or old_operator['preferences'][preference_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden preferences cannot be removed'))
for preference_name in updated_preferences:
old_preference = old_operator['preferences'][preference_name]
new_preference = operator['preferences'][preference_name]
# Using patch means no change at all on non-modified preferences
if old_preference == new_preference:
continue
# Check if its multiuser
preference_secure = operator_preferences.get(preference_name, {}).get("secure", False)
if old_preference.get('readonly', False) != new_preference.get('readonly', False) or old_preference.get('hidden', False) != new_preference.get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API'))
if new_preference.get('readonly', False) and new_preference.get('value') != old_preference.get('value'):
return build_error_response(request, 403, _('Read only preferences cannot be updated'))
if preference_secure and not can_update_secure:
new_preference["value"] = old_preference["value"]
else:
# Handle multiuser
new_preference = self.handleMultiuser(request, preference_secure, new_preference, old_preference)
operator['preferences'][preference_name] = new_preference
# Handle properties
for property_name in added_properties:
if operator['properties'][property_name].get('readonly', False) or operator['properties'][property_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden properties cannot be created using this API'))
# Handle multiuser
new_property = operator['properties'][property_name]
new_property["value"] = {"users": {"%s" % request.user.id: new_property["value"]}}
operator['properties'][property_name] = new_property
for property_name in removed_properties:
if old_operator['properties'][property_name].get('readonly', False) or old_operator['properties'][property_name].get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden properties cannot be removed'))
for property_name in updated_properties:
old_property = old_operator['properties'][property_name]
new_property = operator['properties'][property_name]
# Using patch means no change at all on non-modified properties
if old_property == new_property:
continue
# Check if its multiuser
if property_name in operator_properties:
prop = operator_properties[property_name]
property_secure = prop.get("secure", False)
else:
property_secure = False
if old_property.get('readonly', False) != new_property.get('readonly', False) or old_property.get('hidden', False) != new_property.get('hidden', False):
return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API'))
if new_property.get('readonly', False) and new_property.get('value') != old_property.get('value'):
return build_error_response(request, 403, _('Read only properties cannot be updated'))
if property_secure and not can_update_secure:
new_property["value"] = old_property["value"]
else:
# Handle multiuser
new_property = self.handleMultiuser(request, property_secure, new_property, old_property)
operator['properties'][property_name] = new_property
return True
def setUp(self):
super(ProxySecureDataTests, self).setUp()
user = User.objects.get(username='******')
iwidget = IWidget.objects.get(pk=3)
iwidget.set_variable_value('password', 'test_password', user)
iwidget.save()
self.assertNotEqual(iwidget.variables['password'], 'test_password')
iwidget.tab.workspace.wiringStatus['operators']["2"]['preferences']['pref_secure']['value']['users']['2'] = encrypt_value("test_password")
iwidget.tab.workspace.save()
self.client.login(username='******', password='******')
self.network._servers['http']['example.com'].add_response('POST', '/path', self.echo_response)
def checkWiring(self,
request,
new_wiring_status,
old_wiring_status,
can_update_secure=False):
# Check read only connections
old_read_only_connections = [
connection for connection in old_wiring_status['connections']
if connection.get('readonly', False)
]
new_read_only_connections = [
connection for connection in new_wiring_status['connections']
if connection.get('readonly', False)
]
if len(old_read_only_connections) > len(new_read_only_connections):
return build_error_response(
request, 403,
_('You are not allowed to remove or update read only connections'
))
for connection in old_read_only_connections:
if connection not in new_read_only_connections:
return build_error_response(
request, 403,
_('You are not allowed to remove or update read only connections'
))
# Check operator preferences and properties
for operator_id, operator in six.iteritems(
new_wiring_status['operators']):
old_operator = None
if operator_id in old_wiring_status['operators']:
old_operator = old_wiring_status['operators'][operator_id]
added_preferences = set(operator['preferences'].keys()) - set(
old_operator['preferences'].keys())
removed_preferences = set(
old_operator['preferences'].keys()) - set(
operator['preferences'].keys())
updated_preferences = set(
operator['preferences'].keys()).intersection(
old_operator['preferences'].keys())
added_properties = set(operator.get(
'properties', {}).keys()) - set(
old_operator['properties'].keys())
removed_properties = set(
old_operator['properties'].keys()) - set(
operator.get('properties', {}).keys())
updated_properties = set(
operator.get('properties', {}).keys()).intersection(
old_operator['properties'].keys())
else:
# New operator
added_preferences = operator['preferences'].keys()
removed_preferences = ()
updated_preferences = ()
added_properties = operator['properties'].keys()
removed_properties = ()
updated_properties = ()
try:
vendor, name, version = operator["name"].split("/")
resource = CatalogueResource.objects.get(
vendor=vendor, short_name=name,
version=version).get_processed_info(process_variables=True)
operator_preferences = resource["variables"]["preferences"]
operator_properties = resource["variables"]["properties"]
except CatalogueResource.DoesNotExist:
# Missing operator variables can't be updated
operator['properties'] = old_operator["properties"]
operator['preferences'] = old_operator["preferences"]
continue
# Handle preferences
for preference_name in added_preferences:
if operator['preferences'][preference_name].get(
'readonly',
False) or operator['preferences'][preference_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden preferences cannot be created using this API'
))
# Handle multiuser
new_preference = operator['preferences'][preference_name]
preference_secure = operator_preferences.get(
preference_name, {}).get("secure", False)
if preference_secure:
new_value = encrypt_value(new_preference["value"])
else:
new_value = new_preference["value"]
new_preference["value"] = {
"users": {
"%s" % request.user.id: new_value
}
}
operator['preferences'][preference_name] = new_preference
for preference_name in removed_preferences:
if old_operator['preferences'][preference_name].get(
'readonly', False
) or old_operator['preferences'][preference_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden preferences cannot be removed')
)
for preference_name in updated_preferences:
old_preference = old_operator['preferences'][preference_name]
new_preference = operator['preferences'][preference_name]
# Using patch means no change at all on non-modified preferences
if old_preference == new_preference:
continue
# Check if its multiuser
preference_secure = operator_preferences.get(
preference_name, {}).get("secure", False)
if old_preference.get('readonly', False) != new_preference.get(
'readonly', False) or old_preference.get(
'hidden', False) != new_preference.get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden status cannot be changed using this API'
))
if new_preference.get(
'readonly', False) and new_preference.get(
'value') != old_preference.get('value'):
return build_error_response(
request, 403,
_('Read only preferences cannot be updated'))
if preference_secure and not can_update_secure:
new_preference["value"] = old_preference["value"]
else:
# Handle multiuser
new_preference = self.handleMultiuser(
request, preference_secure, new_preference,
old_preference)
operator['preferences'][preference_name] = new_preference
# Handle properties
for property_name in added_properties:
if operator['properties'][property_name].get(
'readonly',
False) or operator['properties'][property_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden properties cannot be created using this API'
))
# Handle multiuser
new_property = operator['properties'][property_name]
new_property["value"] = {
"users": {
"%s" % request.user.id: new_property["value"]
}
}
operator['properties'][property_name] = new_property
for property_name in removed_properties:
if old_operator['properties'][property_name].get(
'readonly', False
) or old_operator['properties'][property_name].get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden properties cannot be removed'))
for property_name in updated_properties:
old_property = old_operator['properties'][property_name]
new_property = operator['properties'][property_name]
# Using patch means no change at all on non-modified properties
if old_property == new_property:
continue
# Check if its multiuser
if property_name in operator_properties:
prop = operator_properties[property_name]
property_secure = prop.get("secure", False)
else:
property_secure = False
if old_property.get('readonly', False) != new_property.get(
'readonly', False) or old_property.get(
'hidden', False) != new_property.get(
'hidden', False):
return build_error_response(
request, 403,
_('Read only and hidden status cannot be changed using this API'
))
if new_property.get('readonly', False) and new_property.get(
'value') != old_property.get('value'):
return build_error_response(
request, 403,
_('Read only properties cannot be updated'))
if property_secure and not can_update_secure:
new_property["value"] = old_property["value"]
else:
# Handle multiuser
new_property = self.handleMultiuser(
request, property_secure, new_property, old_property)
operator['properties'][property_name] = new_property
return True
