def __chat(self, cmd, args):
""" A wrapper around chat.chat to comunicate directly with the
console.
"""
try:
response = chat.chat(self.host, self.port,
{'cmd': cmd, 'text': args}, self.magic)
except socket.error, (enumber, estring):
if enumber == errno.ECONNREFUSED:
# Timeout
raise ConsoleError(
"Could not establish a connection to the python console")
else:
# Some other error - probably serious
raise socket.error, (enumber, estring)
def handle_unassign_group(req, fields):
"""Remove a user from a project group.
The user is removed from the group in the database, and access to the
group Subversion repository is revoked.
Note that any checkouts will remain, although they will be unusable.
"""
# Get required fields
login = fields.getfirst('login')
groupid = fields.getfirst('groupid')
if login is None or groupid is None:
raise BadRequest("Required: login, groupid")
group = req.store.get(ivle.database.ProjectGroup, int(groupid))
user = ivle.database.User.get_by_login(req.store, login)
if 'admin_groups' not in group.project_set.offering.get_permissions(
req.user, req.config):
raise Unauthorized()
# Remove membership from the database
# We can't keep a transaction open until the end here, as usrmgt-server
# needs to see the changes!
group.members.remove(user)
req.store.commit()
# Rebuild the svn config file
# Contact the usrmgt server
msg = {'rebuild_svn_group_config': {}}
try:
usrmgt = chat.chat(req.config['usrmgt']['host'],
req.config['usrmgt']['port'],
msg,
req.config['usrmgt']['magic'],
)
except ValueError, e:
raise Exception("Could not understand usrmgt server response: %s" +
e.message)
if 'response' not in usrmgt or usrmgt['response']=='failure':
raise Exception("Failure creating repository: " + str(usrmgt))
def handle_assign_group(req, fields):
""" Required cap: CAP_MANAGEGROUPS
Assigns a user to a project group
Required:
login, groupid
"""
# Get required fields
login = fields.getfirst('login')
groupid = fields.getfirst('groupid')
if login is None or groupid is None:
raise BadRequest("Required: login, groupid")
group = req.store.get(ivle.database.ProjectGroup, int(groupid))
user = ivle.database.User.get_by_login(req.store, login)
if 'admin_groups' not in group.project_set.offering.get_permissions(
req.user, req.config):
raise Unauthorized()
# Add membership to database
# We can't keep a transaction open until the end here, as usrmgt-server
# needs to see the changes!
group.members.add(user)
req.store.commit()
# Rebuild the svn config file
# Contact the usrmgt server
msg = {'rebuild_svn_group_config': {}}
try:
usrmgt = chat.chat(req.config['usrmgt']['host'],
req.config['usrmgt']['port'],
msg,
req.config['usrmgt']['magic'],
)
except ValueError, e:
raise Exception("Could not understand usrmgt server response: %s" +
e.message)
if 'response' not in usrmgt or usrmgt['response']=='failure':
raise Exception("Failure creating repository: " + str(usrmgt))
def handle_create_group(req, fields):
"""Required cap: CAP_MANAGEGROUPS
Creates a project group in a specific project set
Required:
projectsetid, groupnm
Optional:
nick
Returns:
groupid
"""
# Get required fields
projectsetid = fields.getfirst('projectsetid').value
groupnm = fields.getfirst('groupnm').value
if projectsetid is None or groupnm is None:
raise BadRequest("Required: projectsetid, groupnm")
groupnm = unicode(groupnm)
try:
projectsetid = int(projectsetid)
except:
raise BadRequest("projectsetid must be an integer")
if not VALID_URL_NAME.match(groupnm):
raise BadRequest(
"Group names must consist of a lowercase alphanumeric character "
"followed by any number of lowercase alphanumerics, ., +, - or _.")
projectset = req.store.get(ivle.database.ProjectSet, projectsetid)
if projectset is None:
raise BadRequest("Invalid projectsetid")
if not projectset.is_group:
raise BadRequest("Not a group project set")
if 'admin_groups' not in projectset.offering.get_permissions(
req.user, req.config):
raise Unauthorized()
# Get optional fields
nick = fields.getfirst('nick').value
if nick is not None:
nick = unicode(nick)
group = ivle.database.ProjectGroup(name=groupnm,
project_set=projectset,
nick=nick,
created_by=req.user,
epoch=datetime.datetime.now())
req.store.add(group)
# Create the group repository
# Yes, this is ugly, and it would be nice to just pass in the groupid,
# but the object isn't visible to the extra transaction in
# usrmgt-server until we commit, which we only do once the repo is
# created.
offering = group.project_set.offering
args = {
"subj_short_name": offering.subject.short_name,
"year": offering.semester.year,
"semester": offering.semester.url_name,
"groupnm": group.name,
}
msg = {'create_group_repository': args}
# Contact the usrmgt server
try:
usrmgt = chat.chat(req.config['usrmgt']['host'],
req.config['usrmgt']['port'],
msg,
req.config['usrmgt']['magic'],
)
except ValueError, e:
raise Exception("Could not understand usrmgt server response:" +
e.message)
def handle_activate_me(req, fields):
"""Create the jail, svn, etc, for the currently logged in user (this is
put in the queue for usermgt to do).
This will block until usermgt returns, which could take seconds to minutes
in the extreme. Therefore, it is designed to be called by Ajax, with a
nice "Please wait" message on the frontend.
This will signal that the user has accepted the terms of the license
agreement, and will result in the user's database status being set to
"enabled". (Note that it will be set to "pending" for the duration of the
handling).
As such, it takes a single POST field, "declaration", which
must have the value, "I accept the IVLE Terms of Service".
(Otherwise users could navigate to /userservice/createme without
"accepting" the terms - at least this way requires them to acknowledge
their acceptance). It must only be called through a POST request.
"""
user = get_user_details(req)
try:
declaration = fields.getfirst('declaration')
except AttributeError:
declaration = None # Will fail next test
if declaration != USER_DECLARATION:
raise BadRequest()
# Make sure the user's status is "no_agreement", and set status to
# pending, within the one transaction. This ensures we only do this
# one time.
try:
# Check that the user's status is "no_agreement".
# (Both to avoid redundant calls, and to stop disabled users from
# re-enabling their accounts).
if user.state != "no_agreement":
raise BadRequest("You have already agreed to the terms.")
# Write state "pending" to ensure we don't try this again
user.state = u"pending"
except:
req.store.rollback()
raise
req.store.commit()
# Get the arguments for usermgt.activate_user from the session
# (The user must have already logged in to use this app)
args = {
"login": user.login,
}
msg = {'activate_user': args}
# Release our lock on the db so usrmgt can write
req.store.rollback()
# Try and contact the usrmgt server
try:
response = chat.chat(req.config['usrmgt']['host'],
req.config['usrmgt']['port'],
msg,
req.config['usrmgt']['magic'],
)
except ValueError:
# Gave back rubbish - set the response to failure
response = {'response': 'usrmgt-failure'}
# Get the staus of the users request
try:
status = response['response']
except KeyError:
status = 'failure'
if status == 'okay':
user.state = u"enabled"
else:
# Reset the user back to no agreement
user.state = u"no_agreement"
# Write the response
req.content_type = "text/plain"
req.write(json.dumps(response))
