def store(self):
"""
stores this cssPropertySet into the database
"""
db = Database()
current_session = Session.get_current_session()
self.delete()
values_to_store = self.get_non_inherited()
stmnt = "UPDATE OR INSERT INTO CSS (CSS_SELECTOR, CSS_TAG, CSS_VALUE, CSS_MOD_ID, CSS_WGT_ID, CSS_SES_ID) \
VALUES ( ?,?,?,?,?,?) MATCHING (CSS_SELECTOR,CSS_TAG,CSS_MOD_ID,CSS_WGT_ID, CSS_SES_ID) ;"
for key, value in values_to_store.items():
selector, tag = key.split(CSSPropertySet.SPLIT)
db.query(
stmnt,
(selector, tag, value["v"], self.get_module_id(), self.get_widget_id(), self.get_session_id()),
commit=True,
)
if self._typ == CSSPropertySet.SESSION and current_session is not None:
stmnt = "UPDATE CSSSESSION SET CSE_OUTDATED = 1 WHERE CSE_SES_ID = ? ;"
db.query(stmnt, (current_session.get_id()), commit=True)
else:
stmnt = "UPDATE CSSSESSION SET CSE_OUTDATED = 1;"
db.query(stmnt, commit=True)
def deleteRole(self, params):
role_id = int(params[0])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.roles.delete'):
role = Role.get_role(role_id)
role.delete()
def getCssPropertySet(self,params):
try:
module_id = int(params[0])
except TypeError:
module_id = None
try:
widget_id = int(params[1])
except TypeError:
widget_id = None
if params[2] is not None:
session = str(params[2])
else:
session = None
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.css.edit'):
css_manager = CSSManager()
if module_id == None and widget_id == None and session == None:
css_propertyset = css_manager.get_csspropertyset()
else:
css_propertyset = css_manager.get_csspropertyset(module_id,widget_id,session)
data = css_propertyset.serialize_set()
return data
def get_grantable_roles(cls,user):
"""
Returns the Roles that can be granted to a User
Basically returns all the roles that the sessionUser Owns and the ones that can be made up by the rights of
the sessionUser as associative arrays in this style:
array('name'=>$role->getName(),'id'=>$role->getId(),'granted'=>true)
"""
#HERE BE DRAGONS! Check algorithm
session_user = Session.get_current_session_user()
session_permissions = session_user.get_permissions()
ret = []
roles = Role.get_roles()
for role in roles:
if session_user.has_role(role):
ret.append({"name":role.get_name(),
"id":role.get_id(),
"granted": user.has_role(role)})
continue
role_permissions = role.get_permissions()
for role_permission in role_permissions:
if role_permission not in session_permissions:
break
ret.append({"name":role.get_name(),
"id":role.get_id(),
"granted": user.has_role(role)})
continue
return ret
def delete(self):
"""
deletes this csspropertyset from the database
"""
db = Database()
current_session = Session.get_current_session()
if self._typ == CSSPropertySet.GENERAL:
stmnt = "DELETE FROM CSS WHERE CSS_MOD_ID IS NULL AND CSS_WGT_ID IS NULL AND CSS_SES_ID IS NULL;"
db.query(stmnt, commit=True)
elif self._typ == CSSPropertySet.MODULE:
stmnt = "DELETE FROM CSS WHERE CSS_MOD_ID = ? AND CSS_WGT_ID IS NULL AND CSS_SES_ID IS NULL;"
db.query(stmnt, (self.get_module_id(),), commit=True)
elif self._typ == CSSPropertySet.WIDGET:
stmnt = "DELETE FROM CSS WHERE CSS_MOD_ID IS NULL AND CSS_WGT_ID = ? AND CSS_SES_ID IS NULL;"
db.query(stmnt, (self.get_widget_id(),), commit=True)
elif self._typ == CSSPropertySet.SESSION:
stmnt = "DELETE FROM CSS WHERE CSS_MOD_ID IS NULL AND CSS_WGT_ID IS NULL AND CSS_SES_ID = ? ;"
db.query(stmnt, (self.get_session_id(),), commit=True)
if self._typ == CSSPropertySet.SESSION:
if current_session is not None:
stmnt = "UPDATE CSSSESSION SET CSE_OUTDATED = 1 WHERE CSE_SES_ID = ? ;"
db.query(stmnt, (current_session.get_id(),), commit=True)
else:
stmnt = "UPDATE CSSSESSION SET CSE_OUTDATED = 1 ;"
db.query(stmnt, commit=True)
def setCssPropertySet(self, params):
data = params[0]
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.css.edit'):
css_propertyset = CSSManager().create_csspropertyset_from_serial(data)
css_propertyset.store()
def assign_to(self,user):
"""
Assigns this role to a user
"""
session_user = Session.get_current_session_user()
db = Database()
#check if sessionuser has role
has_role = session_user.has_role(self)
stmnt = "SELECT COUNT(URI_RIG_ID) AS CNT FROM USERRIGHTS WHERE URI_RIG_ID IN \
(SELECT RRI_RIG_ID FROM ROLERIGHTS WHERE RRI_ROL_ID = ? ) ;"
cur = db.query(stmnt,(self._id,))
res = cur.fetchone()[0]
has_all_permissions_of_role = res == len(self.get_permissions())
if not has_role and not has_all_permissions_of_role:
raise PermissionException(PermissionException.get_msg(7))
for role in user.get_grantable_roles():
if role["name"] == self._name:
stmnt = "UPDATE OR INSERT INTO USERROLES (URO_USR_ID, URO_ROL_ID) \
VALUES (?,?) MATCHING (URO_USR_ID, URO_ROL_ID) ;";
db.query(stmnt, (user.get_id(),self._id),commit=True)
PokeManager.add_activity(ActivityType.USER)
return
raise PermissionException(PermissionException.get_msg(8))
def generate(cls):
"""
Generates an Activity Report. This report contains,
how many activities have happened since the last poke
further it contains the activity types.
"""
session = Session.get_current_session()
db = Database()
stmnt = "SELECT ATV_TYPE, MAX(ATV_ID) AS LATEST_ID, COUNT(ATV_ID) AS AMOUNT FROM ACTIVITIES WHERE ATV_SES_ID != ? OR ATV_SES_ID IS NULL AND ATV_ID >= \
COALESCE((SELECT SPO_ATV_ID FROM SESSIONPOKE WHERE SPO_SES_ID = ?),0) GROUP BY ATV_TYPE;"
cur = db.query(stmnt, (session.get_id(), session.get_id()))
activity_report = ActivityReport()
res = cur.fetchallmap()
for row in res:
activity = Activity()
activity.set_id(row["LATEST_ID"])
activity.set_activity_type(row["ATV_TYPE"])
activity_report._activities.append(activity)
if activity_report._latest_id < row["LATEST_ID"]:
activity_report._latest_id = row["LATEST_ID"]
activity_report._amount += row["AMOUNT"]
return activity_report
def createRole(self,params):
data = params[0]
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.roles.create'):
role = Role.create_role(data)
return role.get_id()
def deleteUser(self, params):
user_id = int(params[0])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.delete'):
user = User.get_user_by_id(user_id)
user.delete()
def createUser(self,params):
username = unicode(params[0])
password = unicode(params[1])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.create'):
User.create_user(username,password)
return True
def getRoles(self,params):
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.roles.view'):
ret = []
for role in Permission.get_roles():
ret.append({"id":role.get_id(), "name": role.get_name()})
return ret
return False
def restartOperationDaemon(self,params):
session_user = Session.get_current_session_user()
if not session_user.check_permission("skarphed.manageserverdata"):
return False
configuration = Configuration()
os.system("python "+configuration.get_entry("core.webpath")+\
"/operation_daemon.py restart "+ configuration.get_entry("core.instance_id"))
def getInstanceId(self, params):
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.manageserverdata'):
config = Configuration()
return config.get_entry('core.instance_id')
else:
return None
def revokeRoleFromUser(self, params):
user_name = params[0] # TODO get user by id instead of name
role_id = params[1]
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.grant_revoke'):
role = Role.get_role(role_id)
User.get_user_by_name(user_name).revoke_role(role)
def changeRendermode(self,params):
mode = str(params[0])
session_user = Session.get_current_session_user()
if not session_user.check_permission('skarphed.manageserverdata'):
return False
return Core().set_rendermode(mode)
def revokeRightFromUser(self,params):
user_id = int(params[0])
permission_name = str(params[1])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.grant_revoke'):
user = User.get_user_by_id(user_id)
user.revoke_permission(permission_name)
return True
def revoke_from(self, user):
"""
Revokes a role from a user
"""
session_user = Session.get_current_session_user()
db = Database()
stmnt = "DELETE FROM USERROLES WHERE URO_USR_ID = ? AND URO_ROL_ID = ? ;";
db.query(stmnt,(user.get_id(),self._id),commit=True)
PokeManager.add_activity(ActivityType.USER)
def authenticateUser(self,params):
username = unicode(params[0])
password = unicode(params[1])
try:
user = User.get_user_by_name(username)
except UserException , e:
session = Session.get_current_session()
if session is not None:
session.delete()
return False
def cleanup(cls):
"""
Remove activities that are no longer needed
"""
session = Session.get_current_session()
db = Database()
stmnt = "DELETE FROM SESSIONPOKE WHERE SPO_SES_ID IN (SELECT SES_ID FROM SESSIONS WHERE SES_EXPIRES < CURRENT_TIMESTAMP) ;"
db.query(stmnt, (session.get_id(),), commit=True)
stmnt = "DELETE FROM ACTIVITIES WHERE ATV_ID < COALESCE ((SELECT MIN(SPO_ATV_ID) FROM SESSIONPOKE WHERE SPO_SES_ID != ?),0) ;"
db.query(stmnt, (session.get_id(),), commit=True)
def add_activity(cls, activity_type):
"""
Registers an activity to the Pokesystem
"""
session = Session.get_current_session()
activity = Activity()
if session is not None:
activity.set_session_id(session.get_id())
activity.set_activity_type(activity_type)
activity.store()
def poke(cls):
"""
Pulls together poke-response information for the current client
"""
activity_report = ActivityReport.generate()
session = Session.get_current_session()
db = Database()
stmnt = "UPDATE OR INSERT INTO SESSIONPOKE (SPO_SES_ID, SPO_ATV_ID) VALUES (?, \
MAXVALUE(COALESCE((SELECT SPO_ATV_ID FROM SESSIONPOKE WHERE SPO_SES_ID = ?), 0) ,?)) MATCHING (SPO_SES_ID) ;"
db.query(stmnt, (session.get_id(), session.get_id(), activity_report._latest_id+1), commit=True)
cls.cleanup()
return activity_report.to_dict()
def changeMaintenanceMode(self, params):
state = bool(params[0])
session_user = Session.get_current_session_user()
if not session_user.check_permission('skarphed.manageserverdata'):
return False
if state:
Core().activate_maintenance_mode()
else:
Core().deactivate_maintenance_mode()
return True
def remove_permission(self, permission):
"""
removes a given permission from this role
"""
session_user = Session.get_current_session_user()
if not session_user.check_permission(permission):
raise PermissionException(PermissionException.get_msg(3))
db = Database()
stmnt = "DELETE FROM ROLERIGHTS WHERE RRI_ROL_ID = ? AND RRI_RIG_ID = (SELECT RIG_ID FROM RIGHTS WHERE RIG_NAME = ?); "
db.query(stmnt,(self._id,permission),commit=True)
PokeManager.add_activity(ActivityType.ROLE)
def alterPassword(self, params):
user_id = int(params[0])
new_password = unicode(params[1])
old_password = unicode(params[2])
session_user = Session.get_current_session_user()
if user_id == session_user.get_id():
session_user.alter_password(new_password,old_password)
else:
if session_user.check_permission("skarphed.users.alter_password"):
user = User.get_user_by_id(user_id)
user.alter_password(new_password,"",True)
return True
def add_permission(self, permission):
"""
adds a given permission to this role
"""
session_user = Session.get_current_session_user()
if not session_user.check_permission(permission):
raise PermissionException(PermissionException.get_msg(3))
db = Database()
stmnt = "UPDATE OR INSERT INTO ROLERIGHTS (RRI_ROL_ID, RRI_RIG_ID) \
VALUES (?, (SELECT RIG_ID FROM RIGHTS WHERE RIG_NAME= ?)) \
MATCHING (RRI_ROL_ID, RRI_RIG_ID);";
db.query(stmnt,(self._id, permission),commit=True)
PokeManager.add_activity(ActivityType.ROLE)
def store(self):
"""
Stores this binary into the database
"""
db = Database()
data_io = base64.b64encode(self._data)
md5 = md5hash(self._data).hexdigest()
sha256 = sha256hash(self._data).hexdigest()
if self._id is None:
self.set_id(db.get_seq_next("BIN_GEN"))
user_id = Session.get_current_session_user().get_id()
stmnt = "UPDATE OR INSERT INTO BINARIES (BIN_ID, BIN_FILENAME, BIN_MIME, BIN_USR_OWNER, \
BIN_USR_LASTCHANGE, \
BIN_DATE_LASTCHANGE, BIN_SHA256, BIN_MD5, BIN_DATA) \
VALUES (?, ?, ?, ?, ?, CURRENT_TIMESTAMP, ?, ?, ? ) MATCHING (BIN_ID) ;"
db.query(stmnt, (self._id, self._filename, self._mime, user_id, user_id, sha256, md5, data_io),commit=True)
def get_css_file(cls):
"""
Gets the name of the cssFile for the current user
"""
configuration = Configuration()
css_folder = "%s%s%s/" % (
configuration.get_entry("global.webpath"),
configuration.get_entry("core.instance_id"),
configuration.get_entry("core.css_folder"),
)
db = Database()
current_session = Session.get_current_session()
rerendering_necessary = False
if current_session is not None:
stmnt = "SELECT CSE_FILE FROM CSSSESSION WHERE CSE_SES_ID = ? AND CSE_OUTDATED = 0 ;"
cur = db.query(stmnt, (current_session.get_id(),))
row = cur.fetchonemap()
if row is not None:
filename = row["CSE_FILE"]
else:
filename = css_folder + current_session.get_id() + ".css"
stmnt = "UPDATE OR INSERT INTO CSSSESSION (CSE_SES_ID,CSE_FILE,CSE_OUTDATED) VALUES (?,?,0) MATCHING (CSE_SES_ID) ;"
db.query(stmnt, (current_session.get_id(), filename), commit=True)
rerendering_necessary = True
else:
stmnt = "SELECT CSE_FILE FROM CSSSESSION WHERE CSE_SES_ID = '-1' AND CSE_OUTDATED = 0 ;"
cur = db.query(stmnt)
row = cur.fetchonemap()
if row is not None:
filename = row["CSE_FILE"]
else:
filename = css_folder + "general.css"
# TODO: This was eventually fail! ↓
stmnt = "UPDATE OR INSERT INTO CSSSESSION (CSE_SES_ID,CSE_FILE,CSE_OUTDATED) VALUES ('-1',?,0) MATCHING (CSE_SES_ID) ;"
db.query(stmnt, (filename,), commit=True)
rerendering_necessary = True
if not os.path.exists(filename) or rerendering_necessary:
cls.render_to_file(filename)
cls.cleanup_css_sessiontable()
return filename
def revoke_permission(self,permission, ignore_check=False):
"""
revokes a permission from the user
"""
db = Database()
session_user = None
if self.get_id() == ROOT_USER_ID and self.get_name() == "root":
raise UserException(UserException.get_msg(16))
if not ignore_check:
session_user = Session.get_current_session_user()
permission_id = Permission.get_id_for_permission(permission)
if permission_id is None:
raise UserException(UserException.get_msg(5, permission))
if not ignore_check and not session_user.check_permission(permission):
raise UserException(UserException.get_msg(8))
stmnt = "DELETE FROM USERRIGHTS WHERE URI_USR_ID = ? AND URI_RIG_ID = ? ;"
db.query(stmnt,(self._id,permission_id),commit=True)
PokeManager().add_activity(ActivityType.USER)
def get_grantable_permissions(cls,obj):
"""
Gets the rights that are assignable to either a User or a Role
The function basically delivers all rights that are assigned to the sessionUser and whether
the user to be edited has them granted or not.
The return values are associative arrays that look like this:
array('right'=>$sessionRight,'granted'=>true)
"""
db = Database()
session_user = Session.get_current_session_user()
session_permissions = Permission.get_permissions_for_user(session_user)
result = []
result_permissions = []
skip_permissions = []
res2 = None
if obj.__class__.__name__ == "User":
stmnt1 = "SELECT RIG_NAME FROM RIGHTS INNER JOIN USERRIGHTS ON (RIG_ID = URI_RIG_ID) WHERE URI_USR_ID = ? ;"
stmnt2 = "SELECT RIG_NAME FROM RIGHTS INNER JOIN ROLERIGHTS ON (RIG_ID = RRI_RIG_ID) INNER JOIN USERROLES ON (URO_ROL_ID = RRI_ROL_ID) WHERE URO_USR_ID = ? ;"
cur = db.query(stmnt1,(obj.get_id(),))
res1 = list(set(cur.fetchallmap()))
cur = db.query(stmnt2,(obj.get_id(),))
res2 = list(set(cur.fetchallmap()))
elif obj.__class__.__name__ == "Role":
stmnt = "SELECT RIG_NAME FROM RIGHTS INNER JOIN ROLERIGHTS ON (RIG_ID = RRI_RIG_ID) WHERE RRI_ROL_ID = ? ;"
cur = db.query(stmnt,(obj.get_id(),))
res1 = list(set(cur.fetchallmap()))
result_permissions = [row['RIG_NAME'] for row in res1]
if res2 is not None:
skip_permissions = [row['RIG_NAME'] for row in res2]
for permission in session_permissions:
if permission in skip_permissions:
continue
result.append({'right':permission,'granted':permission in result_permissions})
return result
