def user_exists(self, username): # FIXME: this isn't supported in SQLite, for example # need better abstraction? username = validate_username(username, self.RESERVED_USERNAMES) # usename, not username! sql = ("SELECT usename FROM pg_catalog.pg_user " "WHERE usename = '%s'" % username) result = self.session_auto.execute(sql).scalar() or False return bool(result)
def test_validate_username(): from metrique.utils import validate_username restricted = ['admin'] ok = 'helloworld' OK = 'HELLOWORLD' BAD1 = '1' BAD2 = None BAD3 = 'admin' assert validate_username(ok) == ok assert validate_username(OK) == ok for bad in (BAD1, BAD2, BAD3): try: validate_username(bad, restricted_names=restricted) except (ValueError, TypeError): pass else: assert False, "Validated invalid username"
def share(self, with_user, roles=None, table=None): ''' Give cube access rights to another user Not, this method is NOT supported by SQLite3! ''' table = self.get_table(table) is_true(table is not None, 'invalid table: %s' % table) with_user = validate_username(with_user) roles = roles or ['SELECT'] roles = validate_roles(roles, self.VALID_SHARE_ROLES) roles = list2str(roles) logger.info('Sharing cube %s with %s (%s)' % (table, with_user, roles)) sql = 'GRANT %s ON %s TO %s' % (roles, table, with_user) return self.session_auto.execute(sql)
def user_register(self, username, password): # FIXME: enable setting roles at creation time... is_true(bool(username and password), 'username and password required!') u = validate_username(username, self.RESERVED_USERNAMES) p = validate_password(password) logger.info('Registering new user %s' % u) # FIXME: make a generic method which runs list of sql statements s_u = "CREATE USER %s WITH PASSWORD '%s';" % (u, p) s_db = "CREATE DATABASE %s WITH OWNER %s;" % (u, u) cnx = self.engine.connect() # can't run in a transaction... cnx.connection.set_isolation_level(0) if not self.user_exists(username): cnx.execute(s_u) logger.info('User created: %s' % u) else: logger.info('User exists: %s' % u) if not self.db_exists(u): cnx.execute(s_db) logger.info('DB created: %s' % u) else: logger.info('DB exists: %s' % u)