def unShare(self, **kwargs):
"""Server Side Unshare
Remove user AccessFile to the File by its ID and update Database
AccessManagement Table
Security: Authenticate User Message
Concurrency control"""
username = kwargs['username']
sessionKey = um.getSessionKey(username)
if sessionKey != -1:
try:
data = json.loads(
security.decryptS_AES(kwargs['data'].decode('hex'),
sessionKey.decode('hex')))
filename = data['filename']
user_id = DBmodule.db_getUserID(username)
# Concurrent Access
file_id = DBmodule.db_getFileId(user_id, filename)
while (DBmodule.db_fileStatus(file_id) is True):
time.sleep(2)
status = DBmodule.db_fileInUse(file_id)
# Verify if the user is valid and have access to the file
if status and um.validUser(
kwargs['username']) and DBmodule.db_filePermission(
user_id, file_id):
unsharename = data['unshare']
unshareid = DBmodule.db_getUserID(unsharename)
userlist = [unshareid
] + DBmodule.db_getAllShareDependencies(
unshareid, file_id)
# Remove access permission from the database
DBmodule.db_removeShare(user_id, file_id, unshareid)
# Remoce user access file from the server
for usr in userlist:
os.remove('storage/' + str(file_id) + '.file.key' +
str(usr))
statusF = DBmodule.db_fileNotInUse(file_id)
if statusF is True:
return 'Okay'
else:
raise cherrypy.HTTPError(
408,
'Request Timeout! Please Try Again\nSafeBox Team')
else:
raise cherrypy.HTTPError(
401,
'Currently, you are not a valid user!\nSafeBox Team')
except:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
else:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
def removeFile(self):
"""Server Side Remove
Remove ciphertext of the file and all user AccessFiles to it
by its ID and update Database AccessManagement Table
Security: Authenticate User Message
Concurrency control"""
lcHDRS = {}
for key, val in cherrypy.request.headers.iteritems():
lcHDRS[key.lower()] = val
username = lcHDRS['username']
sessionKey = um.getSessionKey(username)
if sessionKey != -1:
try:
data = json.loads(
security.decryptS_AES(lcHDRS['data'].decode('hex'),
sessionKey.decode('hex')))
filename = data['filename']
user_id = DBmodule.db_getUserID(username)
file_id = DBmodule.db_getFileId(user_id, filename)
# Concurrent Access
while (DBmodule.db_fileStatus(file_id) is True):
time.sleep(2)
status = DBmodule.db_fileInUse(file_id)
# Verify if the user is valid and has access to the file
if status and um.validUser(
username) and DBmodule.db_filePermission(
user_id, file_id):
# If the user is the owner of the file, all the users loose the file
if DBmodule.db_isOwner(user_id, file_id) == 1:
DBmodule.db_removeFile(file_id)
pattern = '^' + str(file_id) + '.file'
mypath = 'storage'
for root, dirs, files in os.walk(mypath):
for fileFound in filter(
lambda x: re.match(pattern, x), files):
os.remove(os.path.join(root, fileFound))
# If the user is not the owner, only removes it's access to the file
else:
userlist = [user_id
] + DBmodule.db_getAllShareDependencies(
user_id, file_id)
for usr in userlist:
DBmodule.db_removeAccess(file_id, usr)
os.remove('storage/' + str(file_id) + '.file.key' +
str(usr))
statusF = DBmodule.db_fileNotInUse(file_id)
if statusF is True:
return 'Okay'
else:
raise cherrypy.HTTPError(
408,
'Request Timeout! Please Try Again\nSafeBox Team'
)
else:
raise cherrypy.HTTPError(
401,
'Currently, you are not a valid user!\nSafeBox Team')
except:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
else:
raise cherrypy.HTTPError(
401, 'Currently, you are not a valid user!\nSafeBox Team')
