def delete(self, login): user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 user = db.session.query(User).filter(User.login == login, User.pending == true()).first() if not user: raise NotFound("User doesn't exist or is already rejected") group = db.session.query(Group).filter(Group.name == login).first() user.groups.remove(group) db.session.delete(group) db.session.delete(user) db.session.commit() try: send_email_notification("rejection", "Malwarecage account request has been rejected", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError("SMTP server needed to fulfill this request is not configured or unavailable.") logger.info('User rejected', extra={'user': login}) schema = UserSuccessSchema() return schema.dump({"login": login})
def post(self, login): user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 user = db.session.query(User).filter(User.login == login, User.pending == true()).first() user.pending = False user.registered_on = datetime.datetime.now() user.registered_by = g.auth_user.id db.session.add(user) try: send_email_notification("register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError("SMTP server needed to fulfill this request is not configured or unavailable.") db.session.commit() logger.info('User accepted', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self, login): schema = UserProfileManageInfoSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("User exists yet") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Group exists yet") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.feed_quality = obj.data.get("feed_quality") user.disabled = False user.pending = False user.registered_by = g.auth_user.id user.registered_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) if obj.data.get("send_email", False): try: send_email_notification("register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError("SMTP server needed to fulfill this request is" " not configured or unavailable.") db.session.commit() logger.info('User created', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self): """ --- summary: Get password change link for the current user description: | Requests password change link for currently authenticated user. Link expires after setting a new password or after 14 days. Link is sent to the e-mail address set in user's profile. security: - bearerAuth: [] tags: - auth responses: 200: description: When password change link was successfully sent to the user's e-mail content: application/json: schema: UserSuccessSchema 500: description: When SMTP server is unavailable or not properly configured on the server. """ login = g.auth_user.login email = g.auth_user.email try: send_email_notification( "recover", "Change password in Malwarecage", email, base_url=app_config.malwarecage.base_url, login=login, set_password_token=g.auth_user.generate_set_password_token( ).decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is" " not configured or unavailable.") schema = UserSuccessSchema() logger.info('request change password', extra={'user': login}) return schema.dump({"login": login})
def post(self): """ --- description: Generates new token for session continuation security: - bearerAuth: [] tags: - auth responses: 200: description: Regenerated authorization token with information about user capabilities content: application/json: schema: UserLoginSuccessSchema """ login = g.auth_user.login email = g.auth_user.email try: send_email_notification( "recover", "Change password in Malwarecage", email, base_url=app_config.malwarecage.base_url, login=login, set_password_token=g.auth_user.generate_set_password_token( ).decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is" " not configured or unavailable.") schema = UserSuccessSchema() logger.info('request change password', extra={'user': login}) return schema.dump({"login": login})
def post(self): """ --- description: Request new user account tags: - auth requestBody: description: User basic information content: application/json: schema: UserRegisterSchema responses: 200: description: User login on successful registration content: application/json: schema: UserSuccessSchema """ if not app_config.malwarecage.enable_registration: raise Forbidden("User registration is not enabled.") schema = UserRegisterSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 login = obj.data.get("login") if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("Name already exists") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Name already exists") recaptcha_secret = app_config.malwarecage.recaptcha_secret if recaptcha_secret: try: recaptcha_token = obj.data.get("recaptcha") recaptcha_response = requests.post( 'https://www.google.com/recaptcha/api/siteverify', data={ 'secret': recaptcha_secret, 'response': recaptcha_token }) recaptcha_response.raise_for_status() except Exception as e: logger.exception("Temporary problem with ReCAPTCHA.") raise InternalServerError( "Temporary problem with ReCAPTCHA.") from e if not recaptcha_response.json().get('success'): raise Forbidden("Wrong ReCAPTCHA, please try again.") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.pending = True user.disabled = False user.requested_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) db.session.commit() try: send_email_notification("pending", "Pending registration in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login) except MailError: logger.exception("Can't send e-mail notification") logger.info('User registered', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self): """ --- description: Request a recover password link tags: - auth responses: 200: description: Get the password reset link by providing login and email content: application/json: schema: UserRecoverPasswordSchema """ schema = UserRecoverPasswordSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 try: user = User.query.filter(User.login == obj.data.get('login'), User.email == obj.data.get('email'), User.pending == false()).one() except NoResultFound: raise Forbidden('Invalid login or email address.') recaptcha_secret = app_config.malwarecage.recaptcha_secret if recaptcha_secret: try: recaptcha_token = obj.data.get("recaptcha") recaptcha_response = requests.post( 'https://www.google.com/recaptcha/api/siteverify', data={ 'secret': recaptcha_secret, 'response': recaptcha_token }) recaptcha_response.raise_for_status() except Exception as e: logger.exception("Temporary problem with ReCAPTCHA.") raise InternalServerError( "Temporary problem with ReCAPTCHA.") from e if not recaptcha_response.json().get('success'): raise Forbidden("Wrong ReCAPTCHA, please try again.") try: send_email_notification( "recover", "Recover password in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode( "utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is" " not configured or unavailable.") logger.info('User password recovered', extra={'user': user.login}) return schema.dump({"login": user.login, "email": user.email})
def post(self, login): """ --- summary: Accept a pending registration description: | Accepts pending user registration. Requires `manage_users` capability. security: - bearerAuth: [] tags: - user parameters: - in: path name: login schema: type: string description: Login of pending account responses: 200: description: When user is successfully accepted content: application/json: schema: UserSuccessSchema 400: description: When invalid login is provided. 403: description: When user doesn't have `manage_users` capability. 500: description: When SMTP server is unavailable or not properly configured on the server. """ user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 user = db.session.query(User).filter(User.login == login, User.pending == true()).first() user.pending = False user.registered_on = datetime.datetime.now() user.registered_by = g.auth_user.id db.session.add(user) try: send_email_notification( "register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode( "utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is not configured or unavailable." ) db.session.commit() logger.info('User accepted', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def post(self, login): """ --- summary: Create a new user description: | Creates new user account Requires `manage_users` capability. security: - bearerAuth: [] tags: - user parameters: - in: path name: login schema: type: string description: New user login requestBody: description: User information content: application/json: schema: UserProfileManageInfoSchema responses: 200: description: When user was created successfully content: application/json: schema: UserSuccessSchema 400: description: When request body is invalid 403: description: When user doesn't have `manage_users` capability. 409: description: When user or group with provided name already exists. 500: description: When SMTP server is unavailable or not properly configured on the server. """ schema = UserProfileManageInfoSchema() obj = schema.loads(request.get_data(as_text=True)) if obj.errors: return {"errors": obj.errors}, 400 user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 if db.session.query(exists().where(User.login == login)).scalar(): raise Conflict("User exists yet") if db.session.query(exists().where(Group.name == login)).scalar(): raise Conflict("Group exists yet") user = User() user.login = login user.email = obj.data.get("email") user.additional_info = obj.data.get("additional_info") user.feed_quality = obj.data.get("feed_quality") user.disabled = False user.pending = False user.registered_by = g.auth_user.id user.registered_on = datetime.datetime.now() user.groups.append(Group.public_group()) user.reset_sessions() db.session.add(user) group = Group() group.name = login group.private = True group.users.append(user) db.session.add(group) if obj.data.get("send_email", False): try: send_email_notification( "register", "New account registered in Malwarecage", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token( ).decode("utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is" " not configured or unavailable.") db.session.commit() logger.info('User created', extra={'user': user.login}) schema = UserSuccessSchema() return schema.dump({"login": user.login})
def delete(self, login): """ --- summary: Reject a pending registration description: | Rejects pending user registration. Requires `manage_users` capability. security: - bearerAuth: [] tags: - user parameters: - in: path name: login schema: type: string description: Login of pending account responses: 200: description: When user is successfully rejected content: application/json: schema: UserSuccessSchema 400: description: When invalid login is provided. 403: description: When user doesn't have `manage_users` capability. 404: description: When user doesn't exist or is already accepted/rejected. 500: description: When SMTP server is unavailable or not properly configured on the server. """ user_login_obj = UserLoginSchemaBase().load({"login": login}) if user_login_obj.errors: return {"errors": user_login_obj.errors}, 400 user = db.session.query(User).filter(User.login == login, User.pending == true()).first() if not user: raise NotFound("User doesn't exist or is already rejected") group = db.session.query(Group).filter(Group.name == login).first() user.groups.remove(group) db.session.delete(group) db.session.delete(user) db.session.commit() try: send_email_notification( "rejection", "Malwarecage account request has been rejected", user.email, base_url=app_config.malwarecage.base_url, login=user.login, set_password_token=user.generate_set_password_token().decode( "utf-8")) except MailError: logger.exception("Can't send e-mail notification") raise InternalServerError( "SMTP server needed to fulfill this request is not configured or unavailable." ) logger.info('User rejected', extra={'user': login}) schema = UserSuccessSchema() return schema.dump({"login": login})