def client_config():
if not current_user.is_api_user() and current_user.is_authenticated:
client_config = {
'newVersionAvailable': bool(get_latest_version()),
'version': __version__
}
else:
client_config = {}
defaults = {
'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT,
'showPermissionsControl': current_org.get_setting("feature_show_permissions_control"),
'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS,
'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES,
'mailSettingsMissing': not settings.email_server_is_configured(),
'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS,
'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS,
'googleLoginEnabled': settings.GOOGLE_OAUTH_ENABLED,
'pageSize': settings.PAGE_SIZE,
'pageSizeOptions': settings.PAGE_SIZE_OPTIONS,
'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE,
}
client_config.update(defaults)
client_config.update({
'basePath': base_href()
})
client_config.update(date_format_config())
client_config.update(number_format_config())
return client_config
def client_config():
if not current_user.is_api_user() and current_user.is_authenticated:
client_config = {
'newVersionAvailable': bool(get_latest_version()),
'version': __version__
}
else:
client_config = {}
defaults = {
'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT,
'showPermissionsControl': current_org.get_setting("feature_show_permissions_control"),
'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS,
'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES,
'extendedAlertOptions': settings.FEATURE_EXTENDED_ALERT_OPTIONS,
'mailSettingsMissing': not settings.email_server_is_configured(),
'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS,
'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS,
'googleLoginEnabled': settings.GOOGLE_OAUTH_ENABLED,
'pageSize': settings.PAGE_SIZE,
'pageSizeOptions': settings.PAGE_SIZE_OPTIONS,
'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE,
}
client_config.update(defaults)
client_config.update({
'basePath': base_href()
})
client_config.update(date_time_format_config())
client_config.update(number_format_config())
return client_config
def client_config():
if not current_user.is_api_user() and current_user.is_authenticated:
client_config = {
"newVersionAvailable": bool(get_latest_version()),
"version": __version__,
}
else:
client_config = {}
if (current_user.has_permission("admin")
and current_org.get_setting("beacon_consent") is None):
client_config["showBeaconConsentMessage"] = True
defaults = {
"allowScriptsInUserInput":
settings.ALLOW_SCRIPTS_IN_USER_INPUT,
"showPermissionsControl":
current_org.get_setting("feature_show_permissions_control"),
"hidePlotlyModeBar":
current_org.get_setting("hide_plotly_mode_bar"),
"disablePublicUrls":
current_org.get_setting("disable_public_urls"),
"disableEmbedUrls":
current_org.get_setting("disable_embed_urls"),
"allowCustomJSVisualizations":
settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS,
"autoPublishNamedQueries":
settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES,
"extendedAlertOptions":
settings.FEATURE_EXTENDED_ALERT_OPTIONS,
"mailSettingsMissing":
not settings.email_server_is_configured(),
"dashboardRefreshIntervals":
settings.DASHBOARD_REFRESH_INTERVALS,
"queryRefreshIntervals":
settings.QUERY_REFRESH_INTERVALS,
"googleLoginEnabled":
settings.GOOGLE_OAUTH_ENABLED,
"microsoftLoginEnabled":
settings.MICROSOFT_OAUTH_ENABLED,
"ldapLoginEnabled":
settings.LDAP_LOGIN_ENABLED,
"pageSize":
settings.PAGE_SIZE,
"pageSizeOptions":
settings.PAGE_SIZE_OPTIONS,
"tableCellMaxJSONSize":
settings.TABLE_CELL_MAX_JSON_SIZE,
}
client_config.update(defaults)
client_config.update({"basePath": base_href()})
client_config.update(date_time_format_config())
client_config.update(number_format_config())
return client_config
def invite_user(org, inviter, user, send_email=True):
d = user.to_dict()
invite_url = invite_link_for_user(user)
if settings.email_server_is_configured() and send_email:
send_invite_email(inviter, user, invite_url, org)
else:
d['invite_link'] = invite_url
return d
def invite_user(org, inviter, user, send_email=True):
d = user.to_dict()
invite_url = invite_link_for_user(user)
if settings.email_server_is_configured() and send_email:
send_invite_email(inviter, user, invite_url, org)
else:
d['invite_link'] = invite_url
return d
def post(self, user_id):
user = models.User.get_by_id(user_id)
if user.is_disabled:
abort(404, message='Not found')
verify_link = verify_link_for_user(user)
email_sent = False
if settings.email_server_is_configured():
send_verify_email(user, verify_link)
email_sent = True
return {'verify_link': verify_link, 'email_sent': email_sent}
def client_config():
client_config = {}
defaults = {
'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT,
'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS,
'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES,
'mailSettingsMissing': not settings.email_server_is_configured(),
'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS,
'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS,
'pageSize': settings.PAGE_SIZE,
'pageSizeOptions': settings.PAGE_SIZE_OPTIONS,
'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE,
}
client_config.update(defaults)
client_config.update(date_time_format_config())
client_config.update(number_format_config())
return client_config
def post(self, user_id):
require_admin_or_owner(user_id)
user = models.User.get_by_id_and_org(user_id, self.current_org)
req = request.get_json(True)
params = project(
req, ('email', 'name', 'password', 'old_password', 'group_ids'))
if 'password' in params and 'old_password' not in params:
abort(403,
message="Must provide current password to update password.")
if 'old_password' in params and not user.verify_password(
params['old_password']):
abort(403, message="Incorrect current password.")
if 'password' in params:
user.hash_password(params.pop('password'))
params.pop('old_password')
if 'group_ids' in params:
if not self.current_user.has_permission('admin'):
abort(403,
message="Must be admin to change groups membership.")
for group_id in params['group_ids']:
try:
models.Group.get_by_id_and_org(group_id, self.current_org)
except NoResultFound:
abort(400,
message="Group id {} is invalid.".format(group_id))
if len(params['group_ids']) == 0:
params.pop('group_ids')
if 'email' in params:
_, domain = params['email'].split('@', 1)
if domain.lower() in blacklist or domain.lower() == 'qq.com':
abort(400, message='Bad email address.')
email_address_changed = 'email' in params and params[
'email'] != user.email
needs_to_verify_email = email_address_changed and settings.email_server_is_configured(
)
if needs_to_verify_email:
user.is_email_verified = False
try:
self.update_model(user, params)
models.db.session.commit()
if needs_to_verify_email:
send_verify_email(user, self.current_org)
# The user has updated their email or password. This should invalidate all _other_ sessions,
# forcing them to log in again. Since we don't want to force _this_ session to have to go
# through login again, we call `login_user` in order to update the session with the new identity details.
if current_user.id == user.id:
login_user(user, remember=True)
except IntegrityError as e:
if "email" in e.message:
message = "Email already taken."
else:
message = "Error updating record"
abort(400, message=message)
self.record_event({
'action': 'edit',
'object_id': user.id,
'object_type': 'user',
'updated_fields': params.keys()
})
return user.to_dict(with_api_key=is_admin_or_owner(user_id))
def post(self, user_id):
require_admin_or_owner(user_id)
user = models.User.get_by_id_and_org(user_id, self.current_org)
req = request.get_json(True)
params = project(
req, ("email", "name", "password", "old_password", "group_ids")
)
if "password" in params and "old_password" not in params:
abort(403, message="Must provide current password to update password.")
if "old_password" in params and not user.verify_password(
params["old_password"]
):
abort(403, message="Incorrect current password.")
if "password" in params:
user.hash_password(params.pop("password"))
params.pop("old_password")
if "group_ids" in params:
if not self.current_user.has_permission("admin"):
abort(403, message="Must be admin to change groups membership.")
for group_id in params["group_ids"]:
try:
models.Group.get_by_id_and_org(group_id, self.current_org)
except NoResultFound:
abort(400, message="Group id {} is invalid.".format(group_id))
if len(params["group_ids"]) == 0:
params.pop("group_ids")
if "email" in params:
require_allowed_email(params["email"])
email_address_changed = "email" in params and params["email"] != user.email
needs_to_verify_email = (
email_address_changed and settings.email_server_is_configured()
)
if needs_to_verify_email:
user.is_email_verified = False
try:
self.update_model(user, params)
models.db.session.commit()
if needs_to_verify_email:
send_verify_email(user, self.current_org)
# The user has updated their email or password. This should invalidate all _other_ sessions,
# forcing them to log in again. Since we don't want to force _this_ session to have to go
# through login again, we call `login_user` in order to update the session with the new identity details.
if current_user.id == user.id:
login_user(user, remember=True)
except IntegrityError as e:
if "email" in str(e):
message = "Email already taken."
else:
message = "Error updating record"
abort(400, message=message)
self.record_event(
{
"action": "edit",
"object_id": user.id,
"object_type": "user",
"updated_fields": list(params.keys()),
}
)
return user.to_dict(with_api_key=is_admin_or_owner(user_id))
def post(self, user_id):
require_admin_or_owner(user_id)
user = models.User.get_by_id_and_org(user_id, self.current_org)
req = request.get_json(True)
params = project(req, ('email', 'name', 'password', 'old_password', 'group_ids'))
if 'password' in params and 'old_password' not in params:
abort(403, message="Must provide current password to update password.")
if 'old_password' in params and not user.verify_password(params['old_password']):
abort(403, message="Incorrect current password.")
if 'password' in params:
user.hash_password(params.pop('password'))
params.pop('old_password')
if 'group_ids' in params:
if not self.current_user.has_permission('admin'):
abort(403, message="Must be admin to change groups membership.")
for group_id in params['group_ids']:
try:
models.Group.get_by_id_and_org(group_id, self.current_org)
except NoResultFound:
abort(400, message="Group id {} is invalid.".format(group_id))
if len(params['group_ids']) == 0:
params.pop('group_ids')
if 'email' in params:
_, domain = params['email'].split('@', 1)
if domain.lower() in blacklist or domain.lower() == 'qq.com':
abort(400, message='Bad email address.')
email_address_changed = 'email' in params and params['email'] != user.email
needs_to_verify_email = email_address_changed and settings.email_server_is_configured()
if needs_to_verify_email:
user.is_email_verified = False
try:
self.update_model(user, params)
models.db.session.commit()
if needs_to_verify_email:
send_verify_email(user, self.current_org)
# The user has updated their email or password. This should invalidate all _other_ sessions,
# forcing them to log in again. Since we don't want to force _this_ session to have to go
# through login again, we call `login_user` in order to update the session with the new identity details.
if current_user.id == user.id:
login_user(user, remember=True)
except IntegrityError as e:
if "email" in e.message:
message = "Email already taken."
else:
message = "Error updating record"
abort(400, message=message)
self.record_event({
'action': 'edit',
'object_id': user.id,
'object_type': 'user',
'updated_fields': params.keys()
})
return user.to_dict(with_api_key=is_admin_or_owner(user_id))
