def deploy(session, task, domain, owner_email, environment_name,
technical_contact_email, theme_name=None, default_language=u'it',
database_password=None, enabled=True):
env = Environment.get(session, environment_name)
theme = None if not theme_name else Theme.get(session, theme_name)
owner = User.get(session, owner_email)
technical_contact = User.get(session, technical_contact_email)
instance = Instance.deploy(session, domain, owner, env, technical_contact,
theme, default_language, database_password,
enabled)
return instance.id
def create_no_upload(context, request):
try:
name = request.params['name']
parent_name = request.params.get('parent', None)
version = request.params['version']
author_email = request.params['author']
owner_email = request.params['owner']
banner_width = request.params['banner_width']
banner_height = request.params['banner_height']
logo_width = request.params['logo_width']
logo_height = request.params['logo_height']
main_menu_levels = request.params['main_menu_levels']
template_levels = request.params['template_levels']
image_full_size = request.params['image_full_size']
owner = User.get(request.db_session, owner_email)
author = User.get(request.db_session, author_email)
if parent_name:
parent = Theme.get(request.db_session, parent_name)
else:
parent = None
# check if a theme exists in package aybu.themes
__import__('aybu.themes.{}'.format(name))
t = Theme(name=name, parent=parent, author=author,
version=version, owner=owner, banner_width=banner_width,
banner_height=banner_height, logo_width=logo_width,
logo_height=logo_height, main_menu_levels=main_menu_levels,
template_levels=template_levels,
image_full_size=image_full_size)
request.db_session.add(t)
request.db_session.flush()
except (KeyError, NoResultFound) as e:
raise ParamsError(e)
except ImportError as e:
error = 'Theme {} does not exists in aybu.themes package'.format(name)
raise HTTPPreconditionFailed(headers={'X-Request-Error': error})
except IntegrityError as e:
error = 'Theme with name {} already exists'.format(name)
request.db_session.rollback()
raise HTTPConflict(headers={'X-Request-Error': error})
else:
request.db_session.commit()
raise HTTPCreated()
def login(context, request):
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
# non-admin users cannot check if another user has permissions on a
# given instance
if authenticated_userid(request) != email and \
'admin' not in effective_principals(request):
return generate_empty_response(HTTPForbidden(), request, 403)
try:
# the domain could be an alias. We need the instance domain
domain = Alias.get(request.db_session,
request.params['domain'])\
.instance.domain
except NoResultFound:
domain = request.params['domain']
except KeyError:
log.error('No domain in request for users.login')
return generate_empty_response(HTTPForbidden(), request, 403)
instance = Instance.get_by_domain(request.db_session, domain)
if not user.can_access(instance):
log.error('%s cannot login on %s', email, domain)
return generate_empty_response(HTTPForbidden(), request, 403)
return user.to_dict()
def instances_allowed_for_user(context, request):
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
res = {}
for instance in Instance.all(request.db_session):
if user.can_access(instance):
res[instance.domain] = instance.to_dict()
return res
def info(context, request):
email = urllib.unquote(request.matchdict['email'])
principals = effective_principals(request)
# a "normal" user get info about itself.
if not set(('admin', email)) & set(principals):
return generate_empty_response(HTTPForbidden(), request, 403)
return User.get(request.db_session, email).to_dict()
def update(context, request):
params = dict()
theme = Theme.get(request.db_session, request.matchdict['name'])
try:
for attr in ('owner', 'author'):
value = request.params.get(attr)
if value:
params[attr] = User.get(request.db_session, value)
except NoResultFound:
raise ParamsError('No user with email {}'.format(value))
try:
attr = 'parent'
parent = request.params.get(attr)
if parent:
parent = Theme.get(request.db_session, parent)
params[attr] = parent
except NoResultFound:
raise ParamsError('No theme named {}'.format(value))
for attr in ('version', 'banner_height', 'banner_width', 'logo_height',
'logo_width', 'main_menu_levels', 'template_levels', 'name',
'image_full_size'):
value = request.params.get(attr)
if value:
params[attr] = value
if not params:
raise ParamsError('Missing update fields')
try:
if 'name' in params and params['name'] != theme.name:
raise NotImplementedError('Changing theme name is not supported')
__import__('aybu.themes.{}'.format(params['name']))
for param in params:
setattr(theme, param, params[param])
request.db_session.flush()
except ImportError as e:
error = 'Theme {} does not exists in aybu.themes package'\
.format(params['name'])
raise HTTPPreconditionFailed(headers={'X-Request-Error': error})
except IntegrityError as e:
request.db_session.rollback()
raise HTTPConflict(headers={'X-Request-Error': str(e)})
else:
request.db_session.commit()
return theme.to_dict()
def allowed_users_for_instance(context, request):
domain = request.matchdict['domain']
instance = Instance.get_by_domain(request.db_session, domain)
res = {}
for user in User.all(request.db_session):
if user.can_access(instance):
res[user.email] = user.to_dict()
return res
def check_user(self, credentials, request):
username = credentials['username']
password = credentials['password']
try:
user = User.check(request.db_session, username, password)
except:
return None
else:
groups = [group.name for group in user.groups]
return groups
def delete(context, request):
try:
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
user.delete()
request.db_session.flush()
except IntegrityError:
request.db_session.rollback()
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Cannot delete user {}. You must '\
'delete owner themes/instances first'.format(email)})
else:
request.db_session.commit()
raise HTTPNoContent()
def list(context, request):
return {u.email: u.to_dict() for u in User.all(request.db_session)}
def update(context, request):
email = urllib.unquote(request.matchdict['email'])
user = User.get(request.db_session, email)
principals = effective_principals(request)
# an "normal" user can update only itself
if not set(('admin', email)) & set(principals):
return generate_empty_response(HTTPForbidden(), request, 403)
params = {}
for attr in ('email', 'password', 'name', 'surname', 'company',
'web', 'twitter'):
value = request.params.get(attr)
if value:
params[attr] = value
# only admins can change users groups
if 'admin' in principals and 'groups' in request.params:
groups = [g for g in request.params.getall('groups') if g]
if not groups:
params['groups'] = []
else:
params['groups'] = Group.search(
request.db_session,
filters=(Group.name.in_(groups), )
)
if len(groups) != len(params['groups']):
raise HTTPPreconditionFailed(
headers={'X-Request-Error': 'Invalid groups {}'\
.format(','.join(groups))})
if not 'admin' and 'organization' in request.params:
return generate_empty_response(HTTPForbidden(), request, 403)
elif 'organization' in request.params:
organization_name = request.params['organization']
if not organization_name:
params['organization'] = None
else:
try:
params['organization'] = Group.get(request.db_session,
organization_name)
except NoResultFound:
raise HTTPPreconditionFailed(headers={
'X-Request-Error': 'Invalid group {}'\
.format(organization_name)
})
if not params:
raise ParamsError('Missing update fields')
try:
for param in params:
setattr(user, param, params[param])
request.db_session.flush()
except IntegrityError:
error = 'An user with email {} already exists'.format(params['email'])
raise HTTPPreconditionFailed(headers={'X-Request-Error': error})
else:
request.db_session.commit()
return user.to_dict()
def deploy(context, request):
try:
params = dict(
domain=request.params['domain'],
owner_email=request.params['owner_email'],
environment_name=request.params['environment_name'],
technical_contact_email=request.params.get(
'technical_contact_email',
request.params['owner_email']),
theme_name=request.params.get('theme_name'),
default_language=request.params.get('default_language', u'it'),
database_password=request.params.get('database_password'),
enabled=True if request.params.get('enabled') else False,
verbose=True if request.params.get('verbose') else False,
)
check_domain_not_used(request, params['domain'])
params['domain'] = validate_hostname(params['domain'])
# try to get the instance, as it MUST not exists
Instance.get_by_domain(request.db_session, params['domain'])
except KeyError as e:
log.exception("Error validating params")
raise ParamsError(e)
except NoResultFound:
# no instance found, validate relations.
try:
field = 'owner_email'
cls = 'user'
User.log.debug("Validating owner %s", params[field])
owner = User.get(request.db_session, params[field])
if not owner:
raise NoResultFound()
if params['technical_contact_email'] != params['owner_email']:
field = 'technical_contact_email'
User.log.debug("Validating contact %s", params[field])
ctc = User.get(request.db_session, params[field])
if not ctc:
raise NoResultFound()
field = 'environment_name'
cls = 'environment'
Environment.log.debug("validating environment %s", params[field])
env = Environment.get(request.db_session, params[field])
if not env:
raise NoResultFound()
field = 'theme_name'
cls = 'theme'
if params[field]:
Theme.log.debug("Validating theme %s", params[field])
theme = Theme.get(request.db_session, params[field])
if not theme:
raise NoResultFound()
except NoResultFound:
raise ParamsError('{} "{}" for {} not found'\
.format(cls.title(), params[field], field))
else:
log.info("Submitting task")
# relations exists, submit tasks
return request.submit_task('instance.deploy', **params)
else:
# found instance, conflict
error = 'instance for domain {} already exists'\
.format(params['domain'])
raise HTTPConflict(headers={'X-Request-Error': error})
