def remove_user(user): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) crud.delete_user(db.session, user, requester) return format_response(200, "User removed") except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_sample_group_perm(transaction): global GROUP_PERMS perm_id = crud.create_sample_perms(transaction) group_id = crud.create_sample_groups(transaction) transaction['fullPath'] = transaction['fullPath'].replace("/users/", f"/{group_id[0]}/") rship.add_group_permission(db.session, group_id[0], perm_id, REQUESTER) GROUP_PERMS.append((group_id[0], perm_id))
def delete_group(group): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) crud.delete_group(db.session, group, requester) return format_response(200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_sample_perms(transaction): permission = { "path": "/devices/info/\\*", "method": "POST", "permission": "permit", "name": "sample_permission" } requester = {"userid": 0, "username": "******"} perm_id = 0 try: results = crud.create_perm(db.session, permission, requester) perm_id = results.id print(f"Results: {results.safe_dict()}") except HTTPRequestError as e: print(f"Error: {e.message}") permission = { "path": "/auth/user", "method": "\\*", "permission": "deny", "name": "deny_user_access" } try: results = crud.create_perm(db.session, permission, requester) print(f"Results: {results.safe_dict()}") except HTTPRequestError as e: print(f"Error: {e.message}") return perm_id
def create_sample_groups(transaction): requester = {"userid": 0, "username": "******"} group = {"name": "admin", "description": "admin"} group_id = [] try: results = crud.create_group(db.session, group, requester) group_id.append(results.id) print(f"Results are: {results.safe_dict()}") except HTTPRequestError as e: print(f"Error: {e.message}") group = {"name": "common", "description": "Group for common users"} try: results = crud.create_group(db.session, group, requester) group_id.append(results.id) print(f"Results are: {results.safe_dict()}") except HTTPRequestError as e: print(f"Error: {e.message}") group = {"name": "user", "description": "Group for common users"} try: results = crud.create_group(db.session, group, requester) group_id.append(results.id) print(f"Results are: {results.safe_dict()}") except HTTPRequestError as e: print(f"Error: {e.message}") return group_id
def delete_permission(perm_id): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) crud.delete_perm(db.session, perm_id, requester) return format_response(200) except HTTPRequestError as err: publish_alarm(err) return format_response(err.errorCode, err.message)
def update_group(group): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) group_data = load_json_from_request(request) crud.update_group(db.session, group, group_data, requester) return format_response(200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_sample_group_perm(transaction): global GROUP_PERMS perm_id = crud.create_sample_perms(transaction) group_id = crud.create_sample_groups(transaction) transaction['fullPath'] = transaction['fullPath'].replace( "/101/", f"/{group_id[0]}/") transaction['fullPath'] = transaction['fullPath'].replace( "/201", f"/{perm_id}") GROUP_PERMS.append((group_id[0], perm_id))
def update_permission(permid): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) perm_data = load_json_from_request(request) crud.update_perm(db.session, permid, perm_data, requester) db.session.commit() return format_response(200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def deleteGroup(group): try: requester = auth.getJwtPayload(request.headers.get('Authorization')) crud.deleteGroup(db.session, group, requester) MVGroupPermission.refresh() db.session.commit() return formatResponse(200) except HTTPRequestError as err: return formatResponse(err.errorCode, err.message)
def updateGroup(group): try: requester = auth.getJwtPayload(request.headers.get('Authorization')) groupData = loadJsonFromRequest(request) crud.updateGroup(db.session, group, groupData, requester) db.session.commit() return formatResponse(200) except HTTPRequestError as err: return formatResponse(err.errorCode, err.message)
def update_user(user_id): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) user = load_json_from_request(request) crud.update_user(db.session, user_id, user, requester) return format_response(200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def auth_clear_permissions_and_groups(transaction): requester = { "userid": 0, "username": "******" } try: users = crud.search_user(db.session, None) # Delete all users for user in users: if user.username != 'admin': crud.delete_user(db.session, user.username, requester) except HTTPRequestError: pass try: permissions = crud.search_perm(db.session) for permission in permissions: if permission.type != PermissionTypeEnum.system: crud.delete_perm(db.session, permission.name, requester) except HTTPRequestError as e: pass try: groups = crud.search_group(db.session) for group in groups: if group.name != 'admin': crud.delete_group(db.session, group.name, requester) except HTTPRequestError as e: pass
def delete_permission(permid): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) crud.get_perm(db.session, permid) crud.delete_perm(db.session, permid, requester) db.session.commit() MVUserPermission.refresh() MVGroupPermission.refresh() return format_response(200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def removeUser(user): try: requester = auth.getJwtPayload(request.headers.get('Authorization')) oldUsername = crud.getUser(db.session, user).username crud.deleteUser(db.session, user, requester) kong.removeFromKong(oldUsername) MVUserPermission.refresh() MVGroupPermission.refresh() db.session.commit() return formatResponse(200, "User removed") except HTTPRequestError as err: return formatResponse(err.errorCode, err.message)
def get_permission(perm_id): try: perm = crud.get_perm(db.session, perm_id) return make_response(json.dumps(perm.safe_dict(), default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_sample_user_perm(transaction): global USER_PERMS user_id, group_id = auth.create_sample_users(transaction) perm_id = crud.create_sample_perms(transaction) transaction['fullPath'] = transaction['fullPath'].replace("/admin/", f"/{user_id[0]}/") rship.add_user_permission(db.session, user_id[0], perm_id, REQUESTER) USER_PERMS.append((user_id[0], perm_id))
def get_user(user): try: user = crud.get_user(db.session, user) return make_response( json.dumps({"user": user.safe_dict()}, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def list_tenants(): """Returns a list containing all existing tenants in the system""" try: tenants = crud.list_tenants(db.session) return make_response(json.dumps({"tenants": tenants}), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_user(): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) auth_data = load_json_from_request(request) # Create user new_user = crud.create_user(db.session, auth_data, requester) # If no problems occur to create user (no exceptions), configure kong kong_data = kong.configure_kong(new_user.username) if kong_data is None: return format_response( 500, 'failed to configure verification subsystem') new_user.secret = kong_data['secret'] new_user.key = kong_data['key'] new_user.kongId = kong_data['kongid'] db.session.add(new_user) db.session.commit() group_success = [] group_failed = [] if 'profile' in auth_data.keys(): group_success, group_failed = rship. \ add_user_many_groups(db.session, new_user.id, auth_data['profile'], requester) db.session.commit() if conf.emailHost != 'NOEMAIL': pwdc.create_password_set_request(db.session, new_user) db.session.commit() if crud.count_tenant_users(db.session, new_user.service) == 1: log().info("will emit tenant lifecycle event {} - CREATE".format( new_user.service)) send_notification({"type": 'CREATE', 'tenant': new_user.service}) return make_response( json.dumps( { "user": new_user.safeDict(), "groups": group_success, "could not add": group_failed, "message": "user created" }, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def get_group(group): try: group = crud.get_group(db.session, group) group = group.safe_dict() group['created_date'] = group['created_date'].isoformat() return make_response(json.dumps(group, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_sample_user_perm(transaction): global USER_PERMS user_id, group_id = auth.create_sample_users(transaction) perm_id = crud.create_sample_perms(transaction) transaction['fullPath'] = transaction['fullPath'].replace( "/1/", f"/{user_id[0]}/") transaction['fullPath'] = transaction['fullPath'].replace( "/201", f"/{perm_id}") USER_PERMS.append((user_id[0], perm_id))
def remove_user(user): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) old_username = crud.get_user(db.session, user).username old_user = crud.delete_user(db.session, user, requester) kong.remove_from_kong(old_username) MVUserPermission.refresh() MVGroupPermission.refresh() db.session.commit() if crud.count_tenant_users(db.session, old_user.service) == 0: log().info("will emit tenant lifecycle event {} - DELETE".format( old_user.service)) send_notification({"type": 'DELETE', 'tenant': old_user.service}) return format_response(200, "User removed") except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_user(): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) user = load_json_from_request(request) result = crud.create_user(db.session, user, requester) return jsonify(result, 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_permission(): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) perm_data = load_json_from_request(request) new_perm = crud.create_perm(db.session, perm_data, requester) return make_response(json.dumps({ "status": 200, "id": new_perm.id }), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def list_users(): try: users = crud.search_user( db.session, # Optional search filters request.args['username'] if 'username' in request.args else None ) users_safe = list(map(lambda u: u.safe_dict(), users)) return make_response(json.dumps({"users": users_safe}, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def create_group(): try: requester = auth.get_jwt_payload(request.headers.get('Authorization')) group_data = load_json_from_request(request) new_group = crud.create_group(db.session, group_data, requester) return make_response(json.dumps({ "status": 200, "id": new_group.id }, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def createGroup(): try: requester = auth.getJwtPayload(request.headers.get('Authorization')) groupData = loadJsonFromRequest(request) newGroup = crud.createGroup(db.session, groupData, requester) db.session.add(newGroup) db.session.commit() return make_response(json.dumps({ "status": 200, "id": newGroup.id }), 200) except HTTPRequestError as err: return formatResponse(err.errorCode, err.message)
def list_group(): try: groups = crud.search_group( db.session, # search filters request.args['name'] if 'name' in request.args else None ) groups_safe = list(map(lambda p: p.safe_dict(), groups)) for g in groups_safe: g['created_date'] = g['created_date'].isoformat() return make_response(json.dumps({"groups": groups_safe}, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)
def list_permissions(): try: perms = crud.search_perm( db.session, # search filters request.args['path'] if 'path' in request.args else None, request.args['method'] if 'method' in request.args else None, request.args['permission'] if 'permission' in request.args else None, request.args['type'] if 'type' in request.args else None ) permissions_safe = list(map(lambda p: p.safe_dict(), perms)) return make_response(json.dumps({"permissions": permissions_safe}, default=json_serial), 200) except HTTPRequestError as err: return format_response(err.errorCode, err.message)