def setup_db(): #these tests are detructive of the nest_users table in #the database, so point nest_users at a different table #for the duration of these tests nest_users.COLLECTION_NAME = 'test_users' md = nest_db.get_global_sqlalchemy_metadata() sqla_maker = core_db.get_nest_users_sqla_maker() users_tbl = sqla_maker.get_sqla_table(md) # initialize the test_projects db table projects.COLLECTION_NAME = 'test_projects' sp = SecurityPolicy(anyone_can_write=True, anyone_can_read_all=False) proj_sqla_maker = TablelikeSqlaMaker(projects.generate_schema(), security_policy=sp) proj_tbl = proj_sqla_maker.get_sqla_table(md) engine = nest_db.get_global_sqlalchemy_engine() if users_tbl.exists(engine): print('dropping existing table test_users') users_tbl.drop(engine) users_tbl.create(engine) print('created table test_users') # This is a side-effect of KNOW-516 # TODO: Update this when fixing/moving db_ops_utils.ensure_default_project() if proj_tbl.exists(engine): print('dropping existing table test_projects') proj_tbl.drop(engine) proj_tbl.create(engine) print('created table test_projects') return
def make_users_db_client(): md = nest_db.get_global_sqlalchemy_metadata() sqla_maker = core_db.get_nest_users_sqla_maker() engine = nest_db.get_global_sqlalchemy_engine() sys_user = core_db.get_system_user() db_client = sqla_maker.get_db_client(engine, md) db_client.set_requesting_user(sys_user) return db_client
def get_sqla_makers(): """ get a lookup table of the SqlaMakers for the omix project. returns a dict of (name(str) -> SqlaMaker) """ registry = dict() for schema in omix_schemas.get_schemas().values(): sqla_maker = TablelikeSqlaMaker(schema) tbl_name = sqla_maker.get_table_name() registry[tbl_name] = sqla_maker users_nm = nest_users.COLLECTION_NAME users_sqlam = core_db.get_nest_users_sqla_maker() registry[users_nm] = users_sqlam return registry
def seed_users(project_env, runlevel): """ adds users declared in nest_config to the nest_users table if they don't already exist """ db_client_maker = core_db.get_nest_users_sqla_maker() md = nest_db.get_global_sqlalchemy_metadata() engine = nest_db.get_global_sqlalchemy_engine() #note this is a tablelike client, not a NestUser client db_client = db_client_maker.get_db_client(engine, md) #needs a unique *instance* of system_user to act as 'owner' #as we will alter the instance that we add to the table db_client.set_requesting_user(core_db.get_system_user()) user_configs = nest_config.generate_seed_users(project_env, runlevel) success = _add_users_from_configs(db_client, user_configs) return success
def get_sqla_makers(): """ get a lookup table of the SqlaMakers for the hello_world project. returns a dict of (name(str) -> SqlaMaker) """ registry = dict() for schema in hw_schemas.get_schemas(): sqla_maker = TablelikeSqlaMaker(schema) tbl_name = sqla_maker.get_table_name() registry[tbl_name] = sqla_maker simplest_dto_sqlam = _make_simplest_dto_sqla_maker() simplest_name = simplest_dto_sqlam.get_table_name() registry[simplest_name] = simplest_dto_sqlam users_nm = nest_users.COLLECTION_NAME users_sqlam = core_db.get_nest_users_sqla_maker() registry[users_nm] = users_sqlam return registry
def set_db_user(db_client): """ similar to 'logging in', sets the requesting_user for a database client to the standard user that jobs run under. Note this is a NestUser for Nest's data ownership model, this is not the postgres user that connects to postgres. """ #FIXME: this is a user that is also hardcoded in flask_config, #but we are keeping the flask packages out of the jobs packages #so we cut and paste users_sqla_maker = core_db.get_nest_users_sqla_maker() db_engine = nest_db.get_global_sqlalchemy_engine() md = nest_db.get_global_sqlalchemy_metadata() users_client = users_sqla_maker.get_db_client(db_engine, md) users_client.set_requesting_user(core_db.get_system_user()) username = '******' user_tle = users_client.simple_filter_query({'username':username})[0] jobs_user = NestUser.from_tablelike_entry(user_tle) db_client.set_requesting_user(jobs_user) return
def add_user(username, password): """ leaves most fields blank except the username and password needed to login to the webapp. adds the user to the localhost instance. """ db_client_maker = core_db.get_nest_users_sqla_maker() md = nest_db.get_global_sqlalchemy_metadata() engine = nest_db.get_global_sqlalchemy_engine() #note this is a tablelike client, not a NestUser client db_client = db_client_maker.get_db_client(engine, md) system_user = core_db.get_system_user() db_client.set_requesting_user(system_user) schema = nest_users.generate_schema() passlib_hash = password_hash.compute_passlib_hash(password) nu = NestUser(None, username, None, None, is_superuser=False, passlib_hash=passlib_hash, origin='nest') tle = nu.to_tablelike_entry() tle = db_client.create_entry(tle) if tle is None: print('FAILURE ensuring user: '******'ensured user: ' + str(username)) success = True ensure_default_project(NestUser.from_tablelike_entry(tle)) return success
def build_authenticator(flask_app, project_env, runlevel): users_sqla_maker = core_db.get_nest_users_sqla_maker() db_engine = nest_db.get_global_sqlalchemy_engine() md = nest_db.get_global_sqlalchemy_metadata() users_client = users_sqla_maker.get_db_client(db_engine, md) #the authenticator will interact with the local db as the master system_user auth_user = core_db.get_system_user() users_client.set_requesting_user(auth_user) #knoweng uses hubzero to look up user accounts in production #all other situations will use user accounts stored in the local db use_hubzero = (ProjectEnv.knoweng_instance() == project_env and RunLevel.production_instance() == runlevel) if use_hubzero: print('registering Hubzero authenticator') from nest_py.knoweng.flask.accounts.knoweng_authentication import HubzeroAuthenticationStrategy authenticator = HubzeroAuthenticationStrategy(flask_app, users_client) else: from nest_py.core.flask.accounts.authentication import NativeAuthenticationStrategy authenticator = NativeAuthenticationStrategy(flask_app, users_client) return authenticator