def create_achievements(): user_type = DBSession.query(SubjectType).filter_by(name="User").first() team_type = DBSession.query(SubjectType).filter_by(name="Team").first() country_type = DBSession.query(SubjectType).filter_by( name="Country").first() invite_users = Achievement( name="invite_users", maxlevel=100, hidden=False, evaluation="immediately", comparison_type="none", player_subjecttype_id=user_type["id"], view_permission="own", condition= """{"term": {"type": "literal", "variable": "invite_users"}}""", goal="3*level", operator="geq") DBSession.add(invite_users) DBSession.flush() cyclist_of_the_month = Achievement( name="cyclist_of_the_month", hidden=False, evaluation="monthly", comparison_type="context_subject", player_subjecttype_id=user_type["id"], view_permission="everyone", condition="""{"term": {"type": "literal", "variable": "cycling"}}""", context_subjecttype_id=country_type.id, operator="geq") cyclist_of_the_month.compared_subjecttypes.append(user_type, team_type) DBSession.add(cyclist_of_the_month) DBSession.flush()
def create_user(DBSession, user, password): from gengine.app.model import ( AuthUser, User, AuthRole, AuthRolePermission ) with transaction.manager: existing = DBSession.query(AuthUser).filter_by(email=user).first() if not existing: try: user1 = User(id=1, lat=10, lng=50, timezone="Europe/Berlin") DBSession.add(user1) DBSession.flush() auth_user = AuthUser(user_id=user1.id, email=user, password=password, active=True) DBSession.add(auth_user) auth_role = AuthRole(name="Global Admin") DBSession.add(auth_role) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_access_admin_ui)) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_delete_user)) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_increase_value)) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_update_user_infos)) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_read_messages)) DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_register_device)) auth_user.roles.append(auth_role) DBSession.add(auth_user) except: pass
def get_or_create_role(DBSession, name): from gengine.app.model import AuthRole auth_role = DBSession.query(AuthRole).filter_by(name=name).first() if not auth_role: auth_role = AuthRole(name=name) DBSession.add(auth_role) return auth_role
def get_or_create_language(name): lang = DBSession.query(Language).filter_by(name=name).first() if not lang: lang = Language() lang.name = name DBSession.add(lang) DBSession.flush() return lang
def create_user(DBSession, user, password): from gengine.app.model import (AuthUser, Subject, AuthRole, AuthRolePermission, SubjectType, t_auth_roles_permissions) with transaction.manager: subjecttype_user = DBSession.query(SubjectType).filter_by( name="User").first() if not subjecttype_user: subjecttype_user = SubjectType(name="User") DBSession.add(subjecttype_user) existing = DBSession.query(AuthUser).filter_by(email=user).first() DBSession.flush() if not existing: user1 = Subject(lat=10, lng=50, timezone="Europe/Berlin", subjecttype_id=subjecttype_user.id) DBSession.add(user1) DBSession.flush() auth_user = AuthUser(subject=user1, email=user, password=password, active=True) DBSession.add(auth_user) auth_role = get_or_create_role(DBSession=DBSession, name="Global Admin") for perm in yield_all_perms(): if not exists_by_expr( t_auth_roles_permissions, and_( t_auth_roles_permissions.c.auth_role_id == auth_role.id, t_auth_roles_permissions.c.name == perm[0])): DBSession.add( AuthRolePermission(role=auth_role, name=perm[0])) auth_user.roles.append(auth_role) DBSession.add(auth_user) DBSession.flush()
def change_password(request): try: doc = request.json_body except: raise APIError(400, "invalid_json", "no valid json body") email = doc.get("email") old_password = doc.get("old_password") new_password = doc.get("new_password") if not email or not old_password or not new_password: raise APIError( 400, "change_password.email_and_old_password_and_new_password_required", "You need to send your email, the old password and a new password." ) user = DBSession.query(AuthUser).filter_by(email=email).first() if not user or not user.verify_password(old_password): raise APIError( 401, "change_password.email_or_old_password_invalid", "Either the email address or the old password is wrong.") if not user.active: raise APIError(400, "user_is_not_activated", "Your user is not activated.") if new_password == old_password: raise APIError(400, "change_password.may_not_be_the_same", "The new password may not be the same as the old one.") if not AuthUser.check_password_strength(new_password): raise APIError( 400, "change_password.invalid_new_password", "The new password is too weak. Minimum length is 8 characters.") user.password = new_password user.force_password_change = False DBSession.add(user) token = AuthToken.generate_token() tokenObj = AuthToken(auth_user_id=user.id, token=token) DBSession.add(tokenObj) DBSession.flush() return { "token": token, "subject": Subject.full_output(user.subject_id), }
def auth_login(request): try: doc = request.json_body except: raise APIError(400, "invalid_json", "no valid json body") user = request.user email = doc.get("email") password = doc.get("password") if user: #already logged in token = user.get_or_create_token().token else: if not email or not password: raise APIError(400, "login.email_and_password_required", "You need to send your email and password.") user = DBSession.query(AuthUser).filter_by(email=email).first() if not user or not user.verify_password(password): raise APIError( 401, "login.email_or_password_invalid", "Either the email address or the password is wrong.") if not user.active: raise APIError(400, "user_is_not_activated", "Your user is not activated.") if user.force_password_change: raise APIError(400, "user_has_to_change_password", "You have to change your password.") token = AuthToken.generate_token() tokenObj = AuthToken(auth_user_id=user.id, token=token) DBSession.add(tokenObj) return { "token": token, "subject": Subject.full_output(user.subject_id), }
def create_subject( name, type, lat=None, lng=None, timezone=None, language=None, additional_public_data={}, ): type_obj = DBSession.query(SubjectType).filter_by(name=type).first() language_obj = get_or_create_language(name=language) if language else None subject = Subject() subject.name = name subject.lat = lat subject.lng = lng subject.timezone = timezone subject.language = language_obj subject.additional_public_data = additional_public_data subject.type = type_obj DBSession.add(subject) return subject
def test_ancestors_descendants(self): create_subjecttypes() create_subjects() klaus = DBSession.query(Subject).filter_by(name="Klaus").first() clara = DBSession.query(Subject).filter_by(name="Clara").first() liam = DBSession.query(Subject).filter_by(name="Liam").first() bielefeld = DBSession.query(Subject).filter_by( name="Bielefeld").first() paderborn = DBSession.query(Subject).filter_by( name="Paderborn").first() germany = DBSession.query(Subject).filter_by(name="Germany").first() france = DBSession.query(Subject).filter_by(name="France").first() dev_team_bielefeld = DBSession.query(Subject).filter_by( name="Developer Team Bielefeld").first() junior_developer = DBSession.query(Subject).filter_by( name="Junior Developer").first() user_type = DBSession.query(SubjectType).filter_by(name="User").first() team_type = DBSession.query(SubjectType).filter_by(name="Team").first() country_type = DBSession.query(SubjectType).filter_by( name="Country").first() klaus_ancestors = Subject.get_ancestor_subjects( subject_id=klaus.id, of_type_id=None, from_date=default_dt(), to_date=default_dt(), whole_time_required=False) self.assertIn(bielefeld.id, klaus_ancestors.keys()) self.assertIn(germany.id, klaus_ancestors.keys()) self.assertIn(dev_team_bielefeld.id, klaus_ancestors.keys()) self.assertIn(junior_developer.id, klaus_ancestors.keys()) self.assertNotIn(france.id, klaus_ancestors.keys()) germany_descendants = Subject.get_descendent_subjects( subject_id=germany.id, of_type_id=team_type.id, from_date=default_dt(), to_date=default_dt(), whole_time_required=False) self.assertIn(dev_team_bielefeld.id, germany_descendants.keys()) self.assertNotIn(klaus.id, germany_descendants.keys())
def test_simple_invite_users(self): create_subjecttypes() create_subjects() create_variables() create_achievements() klaus = DBSession.query(Subject).filter_by(name="Klaus").first() invite_users_achievement = DBSession.query(Achievement).filter_by( name="invite_users").first() # First step: increase by 1, level 1 will not be achieved Value.increase_value(variable_name="invite_users", subject_id=klaus.id, value=1, key=None, at_datetime=default_dt()) evaluation = Achievement.evaluate( compared_subject=klaus, achievement_id=invite_users_achievement.id, achievement_date=AchievementDate.compute( evaluation_timezone=invite_users_achievement. evaluation_timezone, evaluation_type=invite_users_achievement.evaluation, evaluation_shift=invite_users_achievement.evaluation_shift, context_datetime=default_dt()), context_subject_id=None, execute_triggers=False) self.assertEqual(evaluation["level"], 0) self.assertEqual(evaluation["progress"], 1.0) # Now increase by 3, level 1 will achieved, progress 4.0 Value.increase_value(variable_name="invite_users", subject_id=klaus.id, value=3, key=None, at_datetime=default_dt()) evaluation = Achievement.evaluate( compared_subject=klaus, achievement_id=invite_users_achievement.id, achievement_date=AchievementDate.compute( evaluation_timezone=invite_users_achievement. evaluation_timezone, evaluation_type=invite_users_achievement.evaluation, evaluation_shift=invite_users_achievement.evaluation_shift, context_datetime=default_dt()), context_subject_id=None, execute_triggers=False) self.assertEqual(evaluation["level"], 1) self.assertEqual(evaluation["progress"], 4.0) # Now lets test the maximum level (100) Value.increase_value(variable_name="invite_users", subject_id=klaus.id, value=300, key=None, at_datetime=default_dt()) evaluation = Achievement.evaluate( compared_subject=klaus, achievement_id=invite_users_achievement.id, achievement_date=AchievementDate.compute( evaluation_timezone=invite_users_achievement. evaluation_timezone, evaluation_type=invite_users_achievement.evaluation, evaluation_shift=invite_users_achievement.evaluation_shift, context_datetime=default_dt()), context_subject_id=None, execute_triggers=False) self.assertEqual(evaluation["level"], 100) self.assertEqual(evaluation["progress"], 304.0)
def test_cycling_leaderboard(self): create_subjecttypes() create_subjects() create_variables() create_achievements() klaus = DBSession.query(Subject).filter_by(name="Klaus").first() clara = DBSession.query(Subject).filter_by(name="Clara").first() liam = DBSession.query(Subject).filter_by(name="Liam").first() bielefeld = DBSession.query(Subject).filter_by( name="Bielefeld").first() paderborn = DBSession.query(Subject).filter_by( name="Paderborn").first() germany = DBSession.query(Subject).filter_by(name="Germany").first() france = DBSession.query(Subject).filter_by(name="France").first() cyclist_of_the_month_achievement = DBSession.query( Achievement).filter_by(name="cyclist_of_the_month").first() def cycle(user, km, dt): Value.increase_value(variable_name="cycling", subject_id=user.id, value=km, key=None, at_datetime=dt) def ev(user, dt, context_subject): return Achievement.evaluate( compared_subject=user, achievement_id=cyclist_of_the_month_achievement.id, achievement_date=AchievementDate.compute( evaluation_timezone=cyclist_of_the_month_achievement. evaluation_timezone, evaluation_type=cyclist_of_the_month_achievement. evaluation, evaluation_shift=cyclist_of_the_month_achievement. evaluation_shift, context_datetime=dt), execute_triggers=False, context_subject_id=context_subject.id) cycle(klaus, 5, default_dt()) cycle(clara, 3, default_dt()) cycle(liam, 10, default_dt()) lb_bielefeld = ev(klaus, default_dt(), bielefeld) lb_germany = ev(klaus, default_dt(), germany) self.assertEqual(lb_bielefeld["leaderboard_position"], 0) self.assertEqual(lb_germany["leaderboard_position"], 1) lb_bielefeld = ev(clara, default_dt(), bielefeld) lb_germany = ev(clara, default_dt(), germany) lb_france = ev(clara, default_dt(), france) self.assertEqual(lb_bielefeld["leaderboard_position"], 1) self.assertEqual(lb_germany["leaderboard_position"], 2) self.assertEqual(lb_france["leaderboard_position"], None) # clara also cycled last month Subject.join_subject(subject_id=clara.id, part_of_id=germany.id, join_date=last_month(default_dt())) cycle(clara, 10, last_month(default_dt())) # should not effect this month lb_germany = ev(clara, default_dt(), germany) self.assertEqual(lb_germany["leaderboard_position"], 2) # but should effect last month lb_germany = ev(clara, last_month(default_dt()), germany) self.assertEqual(lb_germany["leaderboard_position"], 0)
def populate_demo(DBSession): from gengine.app.model import ( Achievement, AchievementCategory, Variable, Subject, Language, TranslationVariable, Translation, Reward, AchievementProperty, AchievementAchievementProperty, AchievementReward, AuthUser, AuthRole, AuthRolePermission, SubjectType, t_auth_roles_permissions ) def add_translation_variable(name): t = TranslationVariable(name=name) DBSession.add(t) return t def add_translation(variable, lang, text): tr = Translation(translationvariable=variable, text=text, language=lang) DBSession.add(tr) return tr with transaction.manager: subjecttype_country = SubjectType(name="Country") DBSession.add(subjecttype_country) subjecttype_region = SubjectType(name="Region") subjecttype_region.part_of_types.append(subjecttype_country) DBSession.add(subjecttype_region) subjecttype_city = SubjectType(name="City") subjecttype_city.part_of_types.append(subjecttype_region) DBSession.add(subjecttype_city) subjecttype_position = SubjectType(name="Position") DBSession.add(subjecttype_position) subjecttype_team = SubjectType(name="Team") DBSession.add(subjecttype_team) subjecttype_user = DBSession.query(SubjectType).filter_by(name="User").first() if not subjecttype_user: subjecttype_user = SubjectType(name="User") DBSession.add(subjecttype_user) subjecttype_user.part_of_types.append(subjecttype_city) subjecttype_user.part_of_types.append(subjecttype_team) subjecttype_user.part_of_types.append(subjecttype_position) DBSession.add(subjecttype_user) subject_germany = Subject(type=subjecttype_country, name="Germany") DBSession.add(subject_germany) subject_france = Subject(type=subjecttype_country, name="France") DBSession.add(subject_france) subject_india = Subject(type=subjecttype_country, name="India") DBSession.add(subject_india) subject_germany_north = Subject(type=subjecttype_region, name="Germany-North") DBSession.add(subject_germany_north) subject_germany_west = Subject(type=subjecttype_region, name="Germany-West") DBSession.add(subject_germany_west) subject_germany_east = Subject(type=subjecttype_region, name="Germany-East") DBSession.add(subject_germany_east) subject_germany_south = Subject(type=subjecttype_region, name="Germany-South") DBSession.add(subject_germany_south) subject_paderborn = Subject(type=subjecttype_city, name="Paderborn") DBSession.add(subject_paderborn) subject_bielefeld = Subject(type=subjecttype_city, name="Bielefeld") DBSession.add(subject_bielefeld) subject_detmold = Subject(type=subjecttype_city, name="Detmold") DBSession.add(subject_detmold) subject_berlin = Subject(type=subjecttype_city, name="Berlin") DBSession.add(subject_berlin) subject_sales = Subject(type=subjecttype_team, name="Sales") DBSession.add(subject_sales) subject_tech = Subject(type=subjecttype_team, name="Tech") DBSession.add(subject_tech) subject_junior_developer = Subject(type=subjecttype_position, name="Junior Developer") DBSession.add(subject_junior_developer) subject_senior_developer = Subject(type=subjecttype_position, name="Senior Developer") DBSession.add(subject_senior_developer) subject_manager = Subject(type=subjecttype_position, name="Manager") DBSession.add(subject_manager) subject_promoter = Subject(type=subjecttype_position, name="Promoter") DBSession.add(subject_promoter) DBSession.flush() lang_de = Language(name="de") lang_en = Language(name="en") DBSession.add(lang_de) DBSession.add(lang_en) var_invited_users = Variable(name="invite_users") DBSession.add(var_invited_users) var_invited_users = Variable(name="participate", group="none") DBSession.add(var_invited_users) achievementcategory_community = AchievementCategory(name="community") DBSession.add(achievementcategory_community) achievement_invite = Achievement(name='invite_users', evaluation="immediately", maxtimes=20, achievementcategory=achievementcategory_community, condition='{"term": {"type": "literal", "variable": "invite_users"}}', goal="5*level", operator="geq", player_subjecttype=subjecttype_user ) DBSession.add(achievement_invite) achievementcategory_sports = AchievementCategory(name="sports") DBSession.add(achievementcategory_sports) achievement_fittest = Achievement(name='fittest', relevance="friends", maxlevel=100, achievementcategory=achievementcategory_sports, condition='{"term": {"key": ["5","7","9"], "type": "literal", "key_operator": "IN", "variable": "participate"}}', evaluation="weekly", goal="5*level", player_subjecttype=subjecttype_user ) DBSession.add(achievement_fittest) property_name = AchievementProperty(name='name') DBSession.add(property_name) property_xp = AchievementProperty(name='xp') DBSession.add(property_xp) property_icon = AchievementProperty(name='icon') DBSession.add(property_icon) reward_badge = Reward(name='badge', rewarded_subjecttype=subjecttype_user) DBSession.add(reward_badge) reward_image = Reward(name='backgroud_image', rewarded_subjecttype=subjecttype_user) DBSession.add(reward_image) transvar_invite_name = add_translation_variable(name="invite_users_achievement_name") add_translation(transvar_invite_name, lang_en, 'Invite ${5*level} Users') add_translation(transvar_invite_name, lang_de, 'Lade ${5*level} Freunde ein') DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_name, value_translation=transvar_invite_name)) DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_xp, value='${100 * level}')) DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_icon, value="https://www.gamification-software.com/img/running.png")) DBSession.add(AchievementReward(achievement=achievement_invite, reward=reward_badge, value="https://www.gamification-software.com/img/trophy.png", from_level=5)) DBSession.add(AchievementReward(achievement=achievement_invite, reward=reward_image, value="https://www.gamification-software.com/img/video-controller-336657_1920.jpg", from_level=5)) transvar_fittest_name = add_translation_variable(name="fittest_achievement_name") add_translation(transvar_fittest_name, lang_en, 'Do the most sport activities among your friends') add_translation(transvar_fittest_name, lang_de, 'Mache unter deinen Freunden am meisten Sportaktivitäten') DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_name, value_translation=transvar_fittest_name)) DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_xp, value='${50 + (200 * level)}')) DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_icon, value="https://www.gamification-software.com/img/colorwheel.png")) DBSession.add(AchievementReward(achievement=achievement_fittest, reward=reward_badge, value="https://www.gamification-software.com/img/easel.png", from_level=1)) DBSession.add(AchievementReward(achievement=achievement_fittest, reward=reward_image, value="https://www.gamification-software.com/img/game-characters-622654.jpg", from_level=1)) DBSession.flush() user1 = Subject(lat=10, lng=50, timezone="Europe/Berlin", name="Fritz", type=subjecttype_user) user2 = Subject(lat=10, lng=50, timezone="US/Eastern", name="Ludwig", type=subjecttype_user) user3 = Subject(lat=10, lng=50, name="Helene", type=subjecttype_user) user1.friends.append(user2) user1.friends.append(user3) user2.friends.append(user1) user2.friends.append(user3) user3.friends.append(user1) user3.friends.append(user2) user1.part_of_subjects.append(subject_bielefeld) user1.part_of_subjects.append(subject_sales) user1.part_of_subjects.append(subject_manager) user2.part_of_subjects.append(subject_bielefeld) user2.part_of_subjects.append(subject_sales) user2.part_of_subjects.append(subject_promoter) user3.part_of_subjects.append(subject_paderborn) user3.part_of_subjects.append(subject_sales) user3.part_of_subjects.append(subject_promoter) DBSession.add(user2) DBSession.add(user3) DBSession.flush() try: auth_user = DBSession.query(AuthUser).filter_by(email="*****@*****.**").first() if not auth_user: auth_user = AuthUser(subject=user1, email="*****@*****.**", password="******", active=True) DBSession.add(auth_user) auth_role = DBSession.query(AuthRole).filter_by(name="Global Admin").first() if not auth_role: auth_role = AuthRole(name="Global Admin") DBSession.add(auth_role) DBSession.flush() for perm in yield_all_perms(): if not exists_by_expr(t_auth_roles_permissions, and_( t_auth_roles_permissions.c.auth_role_id == auth_role.id, t_auth_roles_permissions.c.name == perm[0] )): DBSession.add(AuthRolePermission(role=auth_role, name=perm[0])) auth_user.roles.append(auth_role) DBSession.add(auth_user) except ImportError as e: print("[auth] feature not installed - not importing auth demo data")
def get_user_subjecttype(): return DBSession.query(SubjectType).filter_by(name="User").first()
def admin_tenant(environ, start_response): from gengine.app.admin import adminapp def admin_app(environ, start_response): #return HTTPSProxied(DebuggedApplication(adminapp.wsgi_app, True))(environ, start_response) return HTTPSProxied(adminapp.wsgi_app)(environ, start_response) def request_auth(environ, start_response): resp = Response() resp.status_code = 401 resp.www_authenticate = 'Basic realm="%s"' % ( "Gamification Engine Admin", ) return resp(environ, start_response) if not asbool(get_settings().get("enable_user_authentication", False)): return admin_app(environ, start_response) req = Request(environ) def _get_basicauth_credentials(request): authorization = request.headers.get("authorization", "") try: authmeth, auth = authorization.split(' ', 1) except ValueError: # not enough values to unpack return None if authmeth.lower() == 'basic': try: auth = base64.b64decode(auth.strip()).decode("UTF-8") except binascii.Error: # can't decode return None try: login, password = auth.split(':', 1) except ValueError: # not enough values to unpack return None return {'login': login, 'password': password} return None user = None cred = _get_basicauth_credentials(req) token = req.cookies.get("token", None) if token: tokenObj = DBSession.query(AuthToken).filter( AuthToken.token == token).first() user = None if tokenObj and tokenObj.valid_until < datetime.datetime.utcnow(): tokenObj.extend() if tokenObj: user = tokenObj.user if not user: if cred: user = DBSession.query(AuthUser).filter_by( email=cred["login"]).first() if not user or not user.verify_password(cred["password"]): return request_auth(environ, start_response) if user: j = t_auth_users_roles.join(t_auth_roles).join( t_auth_roles_permissions) q = select( [t_auth_roles_permissions.c.name], from_obj=j).where(t_auth_users_roles.c.auth_user_id == user.id) permissions = [r["name"] for r in DBSession.execute(q).fetchall()] if not perm_global_access_admin_ui in permissions: return request_auth(environ, start_response) else: token_s = user.get_or_create_token().token def start_response_with_headers(status, headers, exc_info=None): cookie = SimpleCookie() cookie['X-Auth-Token'] = token_s cookie['X-Auth-Token']['path'] = get_settings().get( "urlprefix", "").rstrip("/") + "/" headers.append( ('Set-Cookie', cookie['X-Auth-Token'].OutputString()), ) return start_response(status, headers, exc_info) return admin_app(environ, start_response_with_headers)