def getGroup(self, group_id):
try:
group_id = int(group_id)
except ValueError:
group = groups.get_by_name(group_id)
else:
group = groups.get(group_id)
auditlog.log(auditlog.CODE_CONTENT_VIEW, target=group)
return group.to_dict(include_resources=True)
def view(self, group_id):
try:
group_id = int(group_id)
except ValueError:
group = groups.get_by_name(group_id)
else:
group = groups.get(group_id)
auditlog.log(auditlog.CODE_CONTENT_VIEW, target=group)
return render("group/view.html", {'group': group})
def check_duplicate_name(form, field):
name = field.data
for group_id in form.group_ids.data:
group = groups.get(group_id)
q = group.resources.filter_by(name=name)
if hasattr(form, 'resource_id'):
q = q.filter(Resource.id != form.resource_id.data) # @UndefinedVariable
existing = q.all()
if existing:
raise ValidationError("Resource \"{0}\" already exists in group \"{1}\".".format(name, group.name))
def delete(self, group_id):
"""
Deletes a group.
"""
group = groups.get(group_id)
all_resources = group.resources.all()
# This is very lazy (could be done in SQL), but simple/easy-to-debug.
resources_only_in_this_group = []
resources_in_other_groups_too = []
for r in all_resources:
if r.groups.all() == [group]:
resources_only_in_this_group.append(r)
else:
resources_in_other_groups_too.append(r)
if cherrypy.request.method == 'POST':
# First remove any resources that are only owned by this group.
for r in resources_only_in_this_group:
# Remove any passwords in this resource
for pw in r.passwords:
del_pw = passwords.delete(pw.id)
auditlog.log(auditlog.CODE_CONTENT_DEL, target=del_pw)
del_r = resources.delete(r.id)
auditlog.log(auditlog.CODE_CONTENT_DEL, target=del_r)
# Next we manually remove the group from any other resources that were associated
# with this group.
for r in resources_in_other_groups_too:
group_ids = set([g.id for g in r.groups.all()])
group_ids.remove(group.id)
(mod_r, modified) = resources.modify(r.id, group_ids=group_ids)
if modified:
auditlog.log(auditlog.CODE_CONTENT_MOD, target=mod_r, attributes_modified=modified)
# And finally we can delete the group itself.
group = groups.delete(group.id)
auditlog.log(auditlog.CODE_CONTENT_DEL, target=group)
notify_entity_activity(group, 'deleted')
raise cherrypy.HTTPRedirect('/group/list')
else:
return render('group/delete.html', {'group_id': group_id,
'del_resources': resources_only_in_this_group,
'mod_resources': resources_in_other_groups_too})
def export(self, group_id=None, **kwargs):
form = ExportForm(request_params(), group_id=group_id)
form.group_id.choices = [(g.id, g.name) for g in groups.list()]
exporter_choices = [('yaml', 'YAML (GPG/PGP-encrypted)')]
if config['export.keepass.enabled']:
if not os.path.exists(config['export.keepass.exe_path']):
log.error("KeePass export enabled, but specified converter script does not exist: {0}".format(config.get('export.keepass.exe_path')))
else:
exporter_choices.append(('kdb', 'KeePass 1.x'))
form.format.choices = exporter_choices
if cherrypy.request.method == 'POST':
if form.validate():
group = groups.get(form.group_id.data)
if form.format.data == 'yaml':
exporter = GpgYamlExporter(use_tags=False,
passphrase=form.passphrase.data,
resource_filters=[model.GroupResource.group_id==group.id]) # @UndefinedVariable
encrypted_stream = BytesIO()
exporter.export(stream=encrypted_stream)
encrypted_stream.seek(0) # Just to ensure it's rewound
return serve_fileobj(encrypted_stream, content_type='application/pgp-encrypted', disposition='attachment',
name='group-{0}-export.pgp'.format(re.sub('[^\w\-\.]', '_', group.name)))
elif form.format.data == 'kdb':
exporter = KeepassExporter(passphrase=form.passphrase.data,
resource_filters=[model.GroupResource.group_id==group.id]) # @UndefinedVariable
encrypted_stream = BytesIO()
exporter.export(stream=encrypted_stream)
encrypted_stream.seek(0) # Just to ensure it's rewound
return serve_fileobj(encrypted_stream, content_type='application/x-keepass-database', disposition='attachment',
name='group-{0}-export.kdb'.format(re.sub('[^\w\-\.]', '_', group.name)))
else:
# I don't think we can get here in normal business.
raise RuntimeError("Unhandled format specified: {0}".format(form.format.data))
else: # does not validate
return render("group/export.html", {'form': form})
else: # request method is GET
return render("group/export.html", {'form': form})
def test_get(self):
random_group = random.choice(self.data.groups.values())
match = groups.get(random_group.id)
self.assertIs(random_group, match)
with self.assertRaises(TypeError):
groups.get(None)
with self.assertRaisesRegexp(exc.NoSuchEntity, r'Group'):
groups.get(0)
no_match = groups.get(0, assert_exists=False)
self.assertIs(None, no_match)
def edit(self, group_id):
group = groups.get(group_id)
form = GroupEditForm(request_params(), group, group_id=group.id)
return render('group/edit.html', {'form': form})
