def download_certificate(certificate):
if not flask.g.user.application:
flask.g.user.application = Application()
current_session.merge(flask.g.user)
cert = (current_session.query(Certificate).filter(
Certificate.name == certificate).filter(
Certificate.application_id == flask.g.user.application.id).first())
if cert:
resp = flask.make_response(cert.data)
resp.headers['Content-Type'] = 'application/octet-stream'
resp.headers['Content-Disposition'] =\
'attachment; filename={}.{}'.format(cert.name, cert.extension)
return resp
else:
raise NotFound('No certificate with name {} found'.format(certificate))
def any_access():
"""
Check if the user is in our database
:note if a user is specified with empty access it still counts
:query project: (optional) Check for read access to a specific program/project
"""
project = flask.request.args.get("project")
projects = None
if flask.g.token is None:
flask.g.user = current_session.merge(flask.g.user)
projects = flask.g.user.project_access
else:
projects = flask.g.token["context"]["user"]["projects"]
success = False
if not project and len(projects) > 0:
success = True
elif project and project in projects:
access = projects[project]
if "read" in access:
success = True
if success:
resp = flask.make_response(flask.jsonify({"result": "success"}), 200)
resp.headers["REMOTE_USER"] = flask.g.user.username
return resp
raise Unauthorized("Please login")
def missing_certificate():
flask.g.user = current_session.merge(flask.g.user)
if not flask.g.user.application:
return flask.jsonify(REQUIRED_CERTIFICATES)
certificates = [
c.name for c in flask.g.user.application.certificates_uploaded
]
missing = set(REQUIRED_CERTIFICATES.keys()).difference(certificates)
return flask.jsonify({k: REQUIRED_CERTIFICATES[k] for k in missing})
def upload_certificate(certificate):
extension = flask.request.args.get("extension")
allowed_extension = ["pdf", "png", "jpg", "jpeg", "txt"]
if not extension or extension not in allowed_extension:
raise UserError(
"Invalid extension in parameter, acceptable extensions are {}".
format(", ".join(allowed_extension)))
if not flask.g.user.application:
flask.g.user.application = Application()
current_session.merge(flask.g.user)
cert = (current_session.query(Certificate).filter(
Certificate.name == certificate).filter(
Certificate.application_id == flask.g.user.application.id).first())
if not cert:
cert = Certificate(name=certificate)
cert.application_id = flask.g.user.application.id
cert.extension = extension
cert.data = flask.request.data
current_session.merge(cert)
certificates = flask.g.user.application.certificates_uploaded
if set(REQUIRED_CERTIFICATES.keys()).issubset(
set(c.name for c in certificates)):
title = "User application for {}".format(flask.g.user.username)
if getattr(flask.g, "client"):
title += " from {}".format(flask.g.client)
if "EMAIL_SERVER" in config:
content = "Application for user: {}\n" "email: {}".format(
flask.g.user.username, flask.g.user.email)
send_mail(
config["SEND_FROM"],
config["SEND_TO"],
title,
text=content,
server=config["EMAIL_SERVER"],
certificates=certificates,
)
return "", 201
def upload_certificate(certificate):
extension = flask.request.args.get('extension')
allowed_extension = ['pdf', 'png', 'jpg', 'jpeg', 'txt']
if not extension or extension not in allowed_extension:
raise UserError(
"Invalid extension in parameter, acceptable extensions are {}".
format(", ".join(allowed_extension)))
if not flask.g.user.application:
flask.g.user.application = Application()
current_session.merge(flask.g.user)
cert = (current_session.query(Certificate).filter(
Certificate.name == certificate).filter(
Certificate.application_id == flask.g.user.application.id).first())
if not cert:
cert = Certificate(name=certificate)
cert.application_id = flask.g.user.application.id
cert.extension = extension
cert.data = flask.request.data
current_session.merge(cert)
certificates = flask.g.user.application.certificates_uploaded
if set(REQUIRED_CERTIFICATES.keys()).issubset(
set(c.name for c in certificates)):
title = 'User application for {}'.format(flask.g.user.username)
if getattr(flask.g, 'client'):
title += ' from {}'.format(flask.g.client)
if 'EMAIL_SERVER' in flask.current_app.config:
content = ("Application for user: {}\n"
"email: {}".format(flask.g.user.username,
flask.g.user.email))
send_mail(flask.current_app.config['SEND_FROM'],
flask.current_app.config['SEND_TO'],
title,
text=content,
server=flask.current_app.config['EMAIL_SERVER'],
certificates=certificates)
return "", 201
def save_session(self, app, session, response):
domain = self.get_cookie_domain(app)
if session._session.updated_datetime or session.modified:
session._session = current_session.merge(session._session)
session._session.updated_datetime = datetime.utcnow()
current_session.commit()
# if the session has updated datetime then it's a session from db
cookie_exp = self.get_expiration_time(app, session)
if cookie_exp < datetime.utcnow(): # delete expired session
current_session.delete(session._session)
response.set_cookie(app.session_cookie_name,
session.sid,
expires=cookie_exp,
httponly=True,
domain=domain)
