def referral_login(email=None, password=None, remember=None, refer=None, *args, **kwargs): # pylint: disable=unused-argument """ This endpoint is the landing page for the logged-in user """ if email is None: email = request.form.get('email', None) if password is None: password = request.form.get('password', None) if remember is None: remember = request.form.get('remember', None) remember = remember in ['true', 'on'] if refer is None: refer = flask.request.args.get('next', request.form.get('next', None)) if refer in ['origin']: refer = request.referrer if refer is not None: if not _is_safe_url(refer): log.error('User gave insecure next URL: %r' % (refer,)) refer = None failure_refer = 'frontend.home' user = User.find(email=email, password=password) redirect = _url_for(failure_refer) if user is not None: if True not in [user.in_alpha, user.in_beta, user.is_staff, user.is_admin]: log.warning( 'User %r had a valid login, but is not a staff or beta member.', ) redirect = _url_for(failure_refer) else: status = login_user(user, remember=remember) if status: # User logged in organically. log.info( 'Logged in User (remember = %s): %r' % ( remember, user, ) ) create_session_oauth2_token() if refer is not None: log.info('Sending user to requested next: %r' % (refer,)) redirect = refer else: log.warning('Username or password unrecognized.') redirect = _url_for(failure_refer) else: log.warning('Username or password unrecognized.') redirect = _url_for(failure_refer) return flask.redirect(redirect)
def create_oauth2_client(context, email, guid, secret, default_scopes=None): """ Create a new OAuth2 Client associated with a given user (email). """ from app.modules.users.models import User from app.modules.auth.models import OAuth2Client user = User.find(email=email) if user is None: raise Exception("User with email '%s' does not exist." % email) if default_scopes is None: from app.extensions.api import api_v1 default_scopes = list( api_v1.authorizations['oauth2_password']['scopes'].keys()) oauth2_client = OAuth2Client( guid=guid, secret=secret, user=user, default_scopes=default_scopes, ) from app.extensions import db with db.session.begin(): db.session.add(oauth2_client)
def create_submission_from_path( context, path, email, description=None, ): """ Create a new submission via a local file or folder path. Command Line: > invoke app.submissions.create-submission-from-path --path tests/submissions/test-000/ --email [email protected] """ from app.modules.users.models import User from app.modules.submissions.models import Submission, SubmissionMajorType from app.extensions import db import socket user = User.find(email=email) if user is None: raise Exception("User with email '%s' does not exist." % email) absolute_path = os.path.abspath(os.path.expanduser(path)) print('Attempting to import path: %r' % (absolute_path, )) if not os.path.exists(path): raise IOError('The path %r does not exist.' % (absolute_path, )) with db.session.begin(): args = { 'owner_guid': user.guid, 'major_type': SubmissionMajorType.filesystem, 'description': description, } submission = Submission(**args) db.session.add(submission) db.session.refresh(submission) repo, project = submission.ensure_repository() submission.git_copy_path(absolute_path) hostname = socket.gethostname() submission.git_commit('Initial commit via CLI on host %r' % (hostname, )) submission.git_push() print('Created and pushed new submission: %r' % (submission, ))
def promote_to_admin( context, email, ): """ Promote a given user (email) to administrator permissions """ from app.modules.users.models import User user = User.find(email=email) if user is None: print("User with email '%s' does not exist." % email) print('\nNo updates applied.') return if user.is_admin: print('The given user is already an administrator:\n\t%r' % (user, )) print('\nNo updates applied.') return user.is_admin = True print('Found user:\n\t%r' % (user, )) answer = input( 'Are you sure you want to promote the above found user to a site administrator? [Y / N]: ' ) answer = answer.strip().lower() if answer not in ['y', 'yes']: print('Confirmation failed.') print('\nNo updates applied.') from app.extensions import db with db.session.begin(): db.session.merge(user) db.session.refresh(user) assert user.is_admin print('\nThe user was successfully promoted to an administrator.')
def post(self, args): """ Log-in via a new OAuth2 Session. """ email = args['email'] password = args['password'] user = User.find(email=email, password=password) failure = None if user is not None: if True not in [ user.in_alpha, user.in_beta, user.is_staff, user.is_admin ]: failure = 'Account Not Authorized' else: status = login_user(user, remember=False) if status: log.info('Logged in User via API: %r' % (user, )) create_session_oauth2_token() else: failure = 'Account Disabled' else: failure = 'Account Not Found' if failure is None: response = { 'success': True, 'message': 'Session Created', } code = HTTPStatus.OK else: response = { 'success': False, 'message': failure, } code = HTTPStatus.UNAUTHORIZED return response, code
def clone_submission_from_gitlab( context, guid, email, ): """ Clone an existing submission from the external GitLab submission archive Command Line: > invoke app.submissions.clone-submission-from-gitlab --guid 290950fb-49a8-496a-adf4-e925010f79ce --email [email protected] """ from app.modules.users.models import User from app.modules.submissions.models import Submission user = User.find(email=email) if user is None: raise Exception("User with email '%s' does not exist." % email) from app import create_app app = create_app() submission = Submission.query.get(guid) if submission is not None: print('Submission is already cloned locally:\n\t%s' % (submission, )) app.sub.ensure_repository(submission) return submission = app.sub.ensure_submission(guid, owner=user) if submission is None: raise ValueError('Could not find submission in GitLab using GUID %r' % (guid, )) print('Cloned submission from GitLab:') print('\tSubmission: %r' % (submission, )) print('\tLocal Path: %r' % (submission.get_absolute_path(), ))
def user_login(email=None, password=None, remember=None, refer=None, *args, **kwargs): # pylint: disable=unused-argument """ This endpoint is the landing page for the logged-in user """ if email is None: email = request.form.get('email', None) if password is None: password = request.form.get('password', None) if remember is None: remember = request.form.get('remember', None) remember = remember in ['true', 'on'] if refer is None: refer = flask.request.args.get('next') if refer is not None: if not _is_safe_url(refer): refer = None failure_refer = 'backend.home' user = User.find(email=email, password=password) redirect = _url_for(failure_refer) if user is not None: if True not in [ user.in_alpha, user.in_beta, user.is_staff, user.is_admin ]: flash( 'Your login was correct, but Wildbook is in BETA at the moment and is invite-only.', 'danger', ) redirect = _url_for(failure_refer) else: status = login_user(user, remember=remember) if status: # User logged in organically. log.info('Logged in User (remember = %s): %r' % ( remember, user, )) flash('Logged in successfully.', 'success') create_session_oauth2_token() if refer is not None: redirect = refer else: flash( 'We could not log you in, most likely due to your account being disabled. Please speak to a staff member.', 'danger', ) redirect = _url_for(failure_refer) else: flash('Username or password unrecognized.', 'danger') redirect = _url_for(failure_refer) return flask.redirect(redirect)
def _usergetter(self, email, password, client, request): # pylint: disable=method-hidden,unused-argument # Avoid circular dependencies from app.modules.users.models import User return User.find(email=email, password=password)