def kill_plugin(ccd, sock, req_t): """ kill a plugin. To do so, check whether plugin is associated with project. input: ccd ccd instance to operate on sock socket the request came from req_t request tuple """ logger.debug("user wants to kill plugin..") op, sid, rid, cat, plg_id, gid, mth, args = req_t # get user and workgroup user, wg = ccd.get_user_and_workgroup(sid) # get project we work with proj = ccd._get_project(sid) if not proj: raise NotFoundError("No such project") # validate plugin id if not proj.has_plugin(ccd._db.conn, plg_id): raise NotFoundError("Plugin to kill is not in project!") # authorise if not (proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_EXEC)): raise PermissionDenied(user.name) # execute plugin.kill(ccd, sid, plg_id, mth, args)
def get_string(string_id, language="de"): """" Returns string with of the given id and a given language (default is de). input: string_id id of the string. The id is used to identify the string in corresponding language. language language to return the string in output: the requested string. In case of error, raise exception. """ # is language supported try: strings_dict = c_strings[language] if not strings_dict: raise KeyError() except (KeyError, TypeError): raise NotFoundError("Language(%s) not supported." % language) # get actual string try: string = strings_dict[string_id] except (IndexError, TypeError): raise NotFoundError("String(%s) not found." % string_id) return string
def by_pid(cls, db, pid): """" get project from database and return project input: cls project constructor db database connection used for db requests pid project id of the new project output: project new created project instance """ db_entry = ccddb.getproject_bypid(db, pid) if not db_entry: raise NotFoundError("No project with pid %d." % pid) project = cls(name=db_entry[1], creator=db_entry[4], owner=db_entry[5], ptype=db_entry[2], pid=db_entry[0], created=db_entry[3], description=db_entry[6]) return project
def remove_plugin(ccd, sid, pld): """ remove a user to a project input: ccd ccd instance sid session id of running session pld payload of the OP_DELPROJPLG packet must contain the following data: pid id of the project to del a plugin from plg_id id of the plugin to del from project """ # get user and workgroup user, wg = ccd.get_user_and_workgroup(sid) # parse payload try: pid = int(pld["pid"]) plg_id = int(pld["plg_id"]) except (KeyError, ValueError): raise InputError("Invalid payload format!") # project we work with proj = Project.by_pid(ccd._db.conn, pid) if not proj: raise NotFoundError("No such project") # authorise if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_DEL)): raise PermissionDenied(user.name) # check whether plugin is in user's workgroup if not wg.has_plugin(ccd._db.conn, plg_id): raise NotFoundError("Plugin is not part of workgroup!") # remove member proj.remove_plugin(ccd._db.conn, plg_id)
def execute_plugin(ccd, sock, req_t): """ execute a plugin. To do so, check whether plugin is associated with project. input: ccd ccd instance to operate on sock socket the request came from req_t request tuple output: returns result of the execution """ op, sid, rid, cat, plg_id, gid, mth, args = req_t # get user and workgroup user, wg = ccd.get_user_and_workgroup(sid) # get project we work with proj = ccd._get_project(sid) if not proj: raise NotFoundError("No such project") # validate plugin id if not proj.has_plugin(ccd._db.conn, plg_id): raise NotFoundError("Plugin to execute is not in project!") # authorise if not (proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_EXEC)): raise PermissionDenied(user.name) # execute logger.debug("request is valid, so executing..") result = plugin.execute(ccd, proj.pid, sock, req_t) return result
def by_name(cls, db, name): """" get project from database and return project """ db_entry = ccddb.getproject_byname(db, name) if not db_entry: raise NotFoundError("No such project: '%s'.", name) project = cls(name=db_entry[1], creator=db_entry[4], owner=db_entry[5], ptype=db_entry[2], pid=db_entry[0], created=db_entry[3], description=db_entry[6]) return project
def show_project_members(ccd, sid, pld): """ return a project's member input: ccd ccd instance sid session id pld payload of the packet must contain the following data: pid id of the project to get users from output: returns a project's members """ # get user we work with user, _ = ccd.get_user_and_workgroup(sid) # parse payload try: pid = int(pld["pid"]) except (KeyError, ValueError, TypeError): raise InputError("Invalid payload format!") if pid < 0: raise InputError("Invalid pid requested:%s", pid) # project we want to add to proj = Project.by_pid(ccd._db.conn, pid) if not proj: raise NotFoundError("No such project") # authorise if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)): raise PermissionDenied(user.name) return proj.get_members(ccd._db.conn)
def select(ccd, sid, pld): """ Associate a project with a session. Without doing this, a user is not able to execute any plugins. input: ccd ccd instance sid session id of running session pld payload of the OP_SETPROJ packet must contain the following data: pid id of the project to select """ # get user and workgroup user, _ = ccd.get_user_and_workgroup(sid) # parse payload try: pid = int(pld["pid"]) except (KeyError, ValueError): raise InputError("Invalid payload format!") # project we want to add to proj = Project.by_pid(ccd._db.conn, pid) if not proj: raise NotFoundError("No such project") # authorise if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)): raise PermissionDenied(user.name) # select ses = ccd.get_session(sid) ses.setproject(ccd._db.conn, proj)
def remove_member(ccd, sid, pld): """ remove a user to a project input: ccd ccd instance sid session id of running session pld payload of the OP_DELPROJMEMBER packet must contain the following data: pid id of the project to del user from uid id of the user to delete """ # get user and workgroup user, _ = ccd.get_user_and_workgroup(sid) # parse payload try: pid = int(pld["pid"]) uid = int(pld["uid"]) except (KeyError, ValueError): raise InputError("Invalid payload format!") # project we want to add to proj = Project.by_pid(ccd._db.conn, pid) if not proj: raise NotFoundError("No such project") # authorise if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_DEL)): raise PermissionDenied(user.name) # remove member proj.remove_member(ccd._db.conn, uid)
def show_projects(ccd, sid, pld): """ return projects the user is in input: ccd ccd instance sid session id pld payload of the OP_SHOWPROJ packet. if no payload provided, all projects the user is member of are shown. might contain the following data: pid id of the project to show. this field might have different states: pid=<int> show project with corresponding id pid= show all projects. only allowed for superadmin output: returns selected projects """ response = [] # get user we work with user, _ = ccd.get_user_and_workgroup(sid) # get users projects if not pld: projs = user.get_projects(ccd._db.conn) logger.debug("projs:%s", projs) for proj in projs: response.append( dict(pid=proj[0], name=proj[1], ptype=proj[2], created=proj[3].isoformat(), creator=proj[4], owner=proj[5])) # get specific project else: try: pid = pld["pid"] except KeyError: raise InputError("Invalid payload format!") logger.debug("pid=:%s", pid) # return project the user is interested in if pid: try: pid = int(pid) except ValueError: raise InputError("Invalid pid!") # project we want to add to proj = Project.by_pid(ccd._db.conn, pid) if not proj: raise NotFoundError("No such project") # authorise if not (user.uid == ccd.superadmin.uid or proj.creator == user.uid or proj.owner == user.uid or proj.is_allowed(ccd._db.conn, user, ccddb.ACCESS_READ)): raise PermissionDenied(user.name) response = [ dict(pid=proj.pid, name=proj.name, ptype=proj.ptype, created=proj.created.isoformat(), creator=proj.creator, owner=proj.owner) ] # if pid field empty, return all existing projects else: # authorise if not (user.uid == ccd.superadmin.uid): raise PermissionDenied(user.name) all_projects = ccddb.get_all_projects(ccd._db.conn) response = [ dict(pid=p[0], name=p[1], ptype=p[2], created=p[3].isoformat(), creator=p[4], owner=p[5]) for p in all_projects ] return response
def new_project(ccd, sid, pld): """ create new project input: ccd ccd instance sid session id of running session pld payload of the OP_NEWPROJ packet might contain the following data: name name of the plugin tid type id descrption plugin description output: returns project id """ logger.debug("creating new project..") # get user and workgroup user, wg = ccd.get_user_and_workgroup(sid) # is user superadmin if (not user.uid == ccd.superadmin.uid and not wg.is_allowed(ccd._db.conn, user, ccddb.ACCESS_ADD)): raise PermissionDenied(user.name) elif not wg: raise Exception("Failed to create project since user is not " "assigned to any workgroup") # parse request try: name = pld["name"] if len(name) > MAX_LEN_NAME: raise InputError("Name exceeds limit of %d characters" % MAX_LEN_NAME) tid = int(pld["tid"]) try: description = pld["description"] except KeyError: description = "" if len(description) > MAX_LEN_DESC: raise InputError("Desc exceeds limit of %d characters" % MAX_LEN_DESC) except (KeyError, ValueError): raise InputError("Invalid payload format!") # set creator creator = user # set owner # at the moment it's just some admin user admins = wg.getmember_byrole(ccd._db.conn, ccddb.ROLE_ADMIN) if not admins: raise NotFoundError("No admin user in wgroup find!") owner = admins[0] # create project proj = Project.create_fromname(ccd._db.conn, name, creator, owner, tid, description) return proj.pid