Esempio n. 1
0
from Framework import Context
from Framework.Logger import Logger

from Tools.SiteDBCore import SiteDBApi

context = Context()
context.addService(Logger("sitedbtest"))
api = SiteDBApi(context)

api.connect()
print api.getTierList()
Esempio n. 2
0
from Framework import Context
from Framework.Logger import Logger

from Tools.SiteDBCore import SiteDBApi

context = Context ()
context.addService (Logger ("sitedbtest"))
api = SiteDBApi (context)

api.connect ()
print api.getTierList ()
Esempio n. 3
0
class SecurityDBApi(object):
    
  def __init__(self, context):
    """The constructor of the SecurityDBApi creates a SiteDBApi, connects to the sitedb instance
        and puts it on the context so that it is available for others to use
    """
    self.api = SiteDBApi (context)
    self.api.connect ()
    context.addService (self.api)
    
  def _first(self, cur):
    row = cur.fetchone()
    if row: return row[0]
    else: return None

  def getDNFromUsername(self, username):
    fields = ("dn")    
    return self.api.getDataObject (fields, 
      '''select dn from contact where username = :username''',
      { 'username' : username })

  def getPasswordFromUsername(self, username):
    fields = ("passwd")
    return self.api.getDataObject (fields,
      '''select passwd from user_passwd where username = :username''',
      { 'username' : username })
  
  def getUsernameFromDN(self, dn):
    fields = ("username")
    return self.api.getDataObject (fields, '''select username from contact where dn = :dn''',
                            { 'dn' : dn })
  
  def getAllFromID(self, id):
    fields = ("dn", "username", "passwd")
    return self.api.getDataObject (fields, 
        '''select c.dn, c.username, p.passwd
           from contact c left join user_passwd p on p.username = c.username
           where c.id = :id''',
           { 'id' : id })

  def getUsernameFromID(self, id):
    fields = ("username")
    return self.api.getDataObject (fields, 
        '''select username from contact where id = :id''',
           { 'id' : id })[0]["username"]
    
  def getDNFromID(self, id):
    fields = ("dn")
    return self.api.getDataObject (fields, 
        '''select dn from contact where id = :id''',
           { 'id' : id })[0]["dn"]

  def getIDFromUsername(self, username):
    fields = ("id")
    return self.api.getDataObject (fields, 
        '''select id from contact where username = :username''',
           { 'username' : username })[0]["id"]
    
  def getIDFromDN(self, dn):
    fields = ("id")
    return self.api.getDataObject (fields, 
        '''select id from contact where dn = :dn''',
           { 'dn' : dn })[0]["id"]           
    
  def getCryptoKey(self, id): #id comes from cookie
      fields = ("timestamp", "key")
      keyinfo = self.api.getDataObject(fields, 
        '''select time, cryptkey
        from crypt_key
        where id = :id''', {"id": id})
      return keyinfo[0]
  
  def addCryptoKey(self, key): 
      #store key to database, return the key id:
      if self.api.connectionType() == "sqlite":
          self.api.editDataObject("""insert into crypt_key (cryptkey) values (:key)""", 
                                  {"key":key})
      elif self.api.connectionType() == "oracle" or self.api.connectionType() == "SQLAlchemy":
          self.api.editDataObject("""insert into crypt_key (cryptkey, time, id) values (:key, systimestamp, crypt_key_sq.nextval)""", 
                                  {"key":key})
      fields = ("id")
      keyinfo = self.api.getDataObject(fields, 
        '''select id from crypt_key where cryptkey = :key''', {"key": key})
      return keyinfo[0]['id']
  
  def hasGroupResponsibility (self, username, group, role):
    self.api.context.Logger().debug( "Does %s have %s for group %s" % (username, role, group) ) 
    fields = ("count")
    try:
        self.api.context.Logger().debug ( "Connection type = %s" % self.api.connectionType() )
        data = ''
        if self.api.connectionType() == "sqlite":
            self.api.context.Logger().debug( "Has group responsibility" )
            groupsplit = group.replace("|", "', '")
            self.api.context.Logger().debug( groupsplit )
            rolesplit = role.replace("|", "', '")
            self.api.context.Logger().debug( rolesplit )
            sql = """SELECT count (contact.id)
      FROM group_responsibility
      JOIN contact on contact.id = group_responsibility.contact
      JOIN role on role.id = group_responsibility.role
      JOIN user_group on user_group.id = group_responsibility.user_group
      WHERE contact.username = :sdb_username
      AND role.title in ('%s')
      AND user_group.name in ('%s')"""% (rolesplit, groupsplit)
            data = self.api.getDataObject (fields, sql, {"sdb_username": username})    
            self.api.context.Logger().debug( "count = %s" % data )   
        elif self.api.connectionType() == "oracle":
            data = self.api.getDataObject (fields,
    """SELECT count (contact.id)
      FROM group_responsibility
      JOIN contact on contact.id = group_responsibility.contact
      JOIN role on role.id = group_responsibility.role
      JOIN user_group on user_group.id = group_responsibility.user_group
      WHERE contact.username = :sdb_username
      AND REGEXP_LIKE(role.title, :sdb_role) 
      AND REGEXP_LIKE(user_group.name, :sdb_group)""", {"sdb_username": username,
                                        "sdb_group": group,
                                        "sdb_role": role})
        if data[0]["count"]:
            return True
    except:
        return False
    return False
  
  # site can be either the site name or the site id
  def hasSiteResponsibility (self, username, site, role):
    self.api.context.Logger().debug( "Does %s have %s for site %s" % (username, role, site) )
    fields = ("count")
    try:
        data = {} 
        if site:
            if not site.isdigit():       
                if self.api.connectionType() == "sqlite":
                    sitesplit = site.replace("|", "', '")
                    self.api.context.Logger().debug( sitesplit )
                    rolesplit = role.replace("|", "', '")
                    self.api.context.Logger().debug( rolesplit )
                    sql = """SELECT count (contact.id)
              FROM site_responsibility
              join contact on contact.id = site_responsibility.contact
              join role on role.id = site_responsibility.role
              join site on site.id = site_responsibility.site
              WHERE contact.username = :sdb_username
              AND role.title in ('%s')
              AND site.name in ('%s')""" % (rolesplit, sitesplit)
                  
                    data = self.api.getDataObject (fields, sql, {"sdb_username": username})            
                elif self.api.connectionType() == "oracle":
                    data = self.api.getDataObject (fields,
            """SELECT count (contact.id)
              FROM site_responsibility
              join contact on contact.id = site_responsibility.contact
              join role on role.id = site_responsibility.role
              join site on site.id = site_responsibility.site
              WHERE contact.username = :sdb_username
              AND REGEXP_LIKE(role.title, :sdb_role) 
              AND REGEXP_LIKE(site.name, :sdb_site)""", {"sdb_username": username,
                                                "sdb_site": site,
                                                "sdb_role": role})
            else:
                if self.api.connectionType() == "sqlite":
                    sitesplit = site.replace("|", "', '")
                    self.api.context.Logger().debug( sitesplit )
                    rolesplit = role.replace("|", "', '")
                    self.api.context.Logger().debug( rolesplit )
                    sql = """SELECT count (contact.id)
              FROM site_responsibility
              join contact on contact.id = site_responsibility.contact
              join role on role.id = site_responsibility.role
              join site on site.id = site_responsibility.site
              WHERE contact.username = :sdb_username
              AND role.title in ('%s')
              AND site.id in ('%s')""" % (rolesplit, sitesplit)
                    data = self.api.getDataObject (fields, sql, {"sdb_username": username})            
                elif self.api.connectionType() == "oracle":
                    data = self.api.getDataObject (fields,            
            """SELECT count (contact.id)
              FROM site_responsibility
              join contact on contact.id = site_responsibility.contact
              join role on role.id = site_responsibility.role
              join site on site.id = site_responsibility.site
              WHERE contact.username = :sdb_username
              AND REGEXP_LIKE(role.title, :sdb_role)
              AND REGEXP_LIKE(site.id, :sdb_site)""", {"sdb_username": username,
                                                "sdb_site": site,
                                                "sdb_role": role})
            if data[0]["count"]:
                self.api.context.Logger().debug( "%s has role %s for site %s" % (username, role, site) )
                return True
    except Exception, e:
      self.api.context.Logger().debug( e )
      return False
    return False