def _perform_create(self, data, workspace_name):
assert not db.session.new
workspace = self._get_workspace(workspace_name)
obj = self.model_class(**data)
obj.workspace = workspace
# assert not db.session.new
try:
db.session.add(obj)
db.session.commit()
except sqlalchemy.exc.IntegrityError as ex:
if not is_unique_constraint_violation(ex):
raise
db.session.rollback()
workspace = self._get_workspace(workspace_name)
conflict_obj = get_conflict_object(db.session, obj, data,
workspace)
if conflict_obj:
flask.abort(
409,
ValidationError({
'message':
'Existing value',
'object':
self._get_schema_class()().dump(conflict_obj).data,
}))
else:
raise
self._set_command_id(obj, True)
return obj
def _perform_update(self, object_id, obj, data, workspace_name=None):
"""Commit the SQLAlchemy session, check for updating conflicts"""
try:
db.session.add(obj)
db.session.commit()
except sqlalchemy.exc.IntegrityError as ex:
if not is_unique_constraint_violation(ex):
raise
db.session.rollback()
workspace = None
if workspace_name:
workspace = db.session.query(Workspace).filter_by(
name=workspace_name).first()
conflict_obj = get_conflict_object(db.session, obj, data,
workspace)
if conflict_obj:
flask.abort(
409,
ValidationError({
'message':
'Existing value',
'object':
self._get_schema_class()().dump(conflict_obj).data,
}))
else:
raise
return obj
def _perform_create(self, data, **kwargs):
"""Check for conflicts and create a new object
Is is passed the data parsed by the marshmallow schema (it
transform from raw post data to a JSON)
"""
obj = self.model_class(**data)
# assert not db.session.new
try:
db.session.add(obj)
db.session.commit()
except sqlalchemy.exc.IntegrityError as ex:
if not is_unique_constraint_violation(ex):
raise
db.session.rollback()
conflict_obj = get_conflict_object(db.session, obj, data)
if conflict_obj:
flask.abort(
409,
ValidationError({
'message':
'Existing value',
'object':
self._get_schema_class()().dump(conflict_obj).data,
}))
else:
raise
return obj
def _create_admin_user(self, conn_string, choose_password,
faraday_user_password):
engine = create_engine(conn_string)
# TODO change the random_password variable name, it is not always
# random anymore
if choose_password:
user_password = click.prompt(
'Enter the desired password for the "faraday" user',
confirmation_prompt=True,
hide_input=True)
else:
if faraday_user_password:
user_password = faraday_user_password
else:
user_password = self.generate_random_pw(12)
already_created = False
fs_uniquifier = str(uuid.uuid4())
try:
statement = text("""
INSERT INTO faraday_user (
username, name, password,
is_ldap, active, last_login_ip,
current_login_ip, role, state_otp, fs_uniquifier
) VALUES (
'faraday', 'Administrator', :password,
false, true, '127.0.0.1',
'127.0.0.1', 'admin', 'disabled', :fs_uniquifier
)
""")
params = {
'password': hash_password(user_password),
'fs_uniquifier': fs_uniquifier
}
connection = engine.connect()
connection.execute(statement, **params)
except sqlalchemy.exc.IntegrityError as ex:
if is_unique_constraint_violation(ex):
# when re using database user could be created previously
already_created = True
print(
"{yellow}WARNING{white}: Faraday administrator user already exists."
.format(yellow=Fore.YELLOW, white=Fore.WHITE))
else:
print(
"{yellow}WARNING{white}: Can't create administrator user.".
format(yellow=Fore.YELLOW, white=Fore.WHITE))
raise
if not already_created:
print(
"Admin user created with \n\n{red}username: {white}faraday \n"
"{red}password:{white} {"
"user_password} \n".format(user_password=user_password,
white=Fore.WHITE,
red=Fore.RED))
def _create_roles(self, conn_string):
engine = create_engine(conn_string)
try:
statement = text(
"INSERT INTO faraday_role(name) VALUES ('admin'),('pentester'),('client'),('asset_owner');"
)
connection = engine.connect()
connection.execute(statement)
except sqlalchemy.exc.IntegrityError as ex:
if is_unique_constraint_violation(ex):
# when re using database user could be created previously
print(
"{yellow}WARNING{white}: Faraday administrator user already exists.".format(
yellow=Fore.YELLOW, white=Fore.WHITE))
else:
print(
"{yellow}WARNING{white}: Can't create administrator user.".format(
yellow=Fore.YELLOW, white=Fore.WHITE))
raise
def _create_admin_user(self, conn_string, choose_password):
engine = create_engine(conn_string)
# TODO change the random_password variable name, it is not always
# random anymore
if choose_password:
random_password = click.prompt(
'Enter the desired password for the "faraday" user',
confirmation_prompt=True,
hide_input=True)
else:
random_password = self.generate_random_pw(12)
already_created = False
try:
engine.execute(
"INSERT INTO \"faraday_user\" (username, name, password, "
"is_ldap, active, last_login_ip, current_login_ip, role, state_otp) VALUES ('faraday', 'Administrator', "
"'{0}', false, true, '127.0.0.1', '127.0.0.1', 'admin', 'disabled');"
.format(random_password))
except sqlalchemy.exc.IntegrityError as ex:
if is_unique_constraint_violation(ex):
# when re using database user could be created previously
already_created = True
print(
"{yellow}WARNING{white}: Faraday administrator user already exists."
.format(yellow=Fore.YELLOW, white=Fore.WHITE))
else:
print(
"{yellow}WARNING{white}: Can't create administrator user.".
format(yellow=Fore.YELLOW, white=Fore.WHITE))
raise
if not already_created:
self._save_user_xml(random_password)
print(
"Admin user created with \n\n{red}username: {white}faraday \n"
"{red}password:{white} {"
"random_password} \n".format(random_password=random_password,
white=Fore.WHITE,
red=Fore.RED))
print(
"{yellow}WARNING{white}: If you are going to execute couchdb importer you must use the couchdb password for faraday user."
.format(white=Fore.WHITE, yellow=Fore.YELLOW))
def get_or_create(ws, model_class, data):
"""Check for conflicts and create a new object
Is is passed the data parsed by the marshmallow schema (it
transform from raw post data to a JSON)
"""
obj = model_class(**data)
obj.workspace = ws
# assert not db.session.new
try:
db.session.add(obj)
db.session.commit()
except sqlalchemy.exc.IntegrityError as ex:
if not is_unique_constraint_violation(ex):
raise
db.session.rollback()
conflict_obj = get_conflict_object(db.session, obj, data, ws)
if conflict_obj:
return (False, conflict_obj)
else:
raise
# self._set_command_id(obj, True) # TODO check this
return (True, obj)
