def auth(is_user, is_clm_superuser, data):
if is_user:
login = data.pop('login')
password = data.get('password')
if password:
del data['password']
try:
user = User.objects.get(login=login)
except User.DoesNotExist:
raise CLMException('user_get')
if 'Signature' in data.keys():
if not Signature.checkSignature(user.password, data.pop('Signature'), data['parameters']):
raise CLMException('user_get')
del data['parameters']
elif user.password != password:
raise CLMException('user_get')
data['caller_id'] = user.id
if user.is_active != user_active_states['ok']:
raise CLMException('user_inactive')
if is_clm_superuser and not user.is_superuser:
raise CLMException('user_permission')
data['cm_id'] = data.pop('cm_id', None)
if not data['cm_id']:
if user.default_cluster_id is not None:
data['cm_id'] = user.default_cluster_id
return user.id
else:
return 0
auth_header = parameters['authorization']
space = auth_header.index(' ')
auth_header = auth_header[space + 1:]
login_and_signature = auth_header.split(':')
login = login_and_signature[0]
user_signature = login_and_signature[1]
user = User.objects.get(login=login)
except User.DoesNotExist, error:
print 'ERROR', error
raise CLMException('user_get')
except KeyError:
raise CLMException('user_parameter')
if not Signature.checkSignature(user.password, user_signature, parameters):
raise CLMException('user_get')
return True
@guest_log(log=True)
def register(first, last, login, email, new_password, organization, wi_data):
"""
Registers new user.
@clmview_guest
@param_post{first,string} firstname to set
@param_post{last,string} lastname to set
@param_post{login,string} login to set
@param_post{email,string} email to set
@param_post{new_password,string} password to set