def CLI_login(self, CLIkey, userId, format="cli", **kwargs): rootURL, local, sMessages, fMessages = cherrypy.request.app.config['filelocker']['root_url'], False, [], [] if session.query(ConfigParameter).filter(ConfigParameter.name == "cli_feature").one().value == 'Yes': userId = strip_tags(userId) CLIkey = strip_tags(CLIkey) hostIP = Filelocker.get_client_address() if(self.validIPv4.match(hostIP)): hostIPv4 = hostIP hostIPv6 = "" elif(self.validIPv6.match(hostIP)): hostIPv4 = "" hostIPv6 = hostIP self.directory = CLIDirectory.CLIDirectory() if self.directory.authenticate(userId, CLIkey, hostIPv4, hostIPv6): currentUser = AccountService.get_user(userId, True) cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32] if currentUser is not None: session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address()))) session.commit() sMessages.append(cherrypy.session['request-origin']) else: fMessages.append("Failure: Not Authorized!") else: fMessages.append("Failure: Not Authorized!") else: fMessages.append("Failure: CLI not supported by server!") return fl_response(sMessages, fMessages, format)
def process_login(self, username, password, **kwargs): rootURL, local = cherrypy.request.app.config['filelocker'][ 'root_url'], False if kwargs.has_key("local") and kwargs['local'] == str(True): local = True username = strip_tags(username) if password is None or password == "": raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local))) else: directory = AccountService.ExternalDirectory(local) if directory.authenticate(username, password): cherrypy.session['request-origin'] = str( os.urandom(32).encode('hex'))[0:32] currentUser = AccountService.get_user( username, True ) #if they are authenticated and local, this MUST return a user object if currentUser is not None: if not currentUser.authorized: raise cherrypy.HTTPError( 403, "You do not have permission to access this system") session.add( AuditLog( cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address()))) session.commit() raise cherrypy.HTTPRedirect(rootURL) else: #This should only happen in the case of a user existing in the external directory, but having never logged in before try: newUser = directory.lookup_user(username) AccountService.install_user(newUser) currentUser = AccountService.get_user(username, True) if currentUser is not None and currentUser.authorized != False: raise cherrypy.HTTPRedirect(rootURL) else: raise cherrypy.HTTPError( 403, "You do not have permission to access this system" ) except Exception, e: return "Unable to install user: %s" % str(e) else:
#Set status to scanning if cherrypy.file_uploads.has_key(uploadKey): for fileTransfer in cherrypy.file_uploads[uploadKey]: if fileTransfer.file_object.name == upFile.file_object.name: fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting" #Check in the file try: FileService.check_in_file(tempFileName, newFile) ### Moved to check_in_file so the record can be trashed if virus scan fails #session.add(newFile) #session.commit() #If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded if uploadRequest is not None: if uploadRequest.type == "single": session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id)) attachedUploadRequest = session.query(UploadRequest).filter(UploadRequest.id == uploadRequest.id).one() session.delete(attachedUploadRequest) cherrypy.session['uploadRequest'].expired = True else: session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id)) checkInLog = AuditLog(user.id, Actions.UPLOAD, "File %s (%s) checked in to Filelocker: MD5 %s " % (newFile.name, newFile.id, newFile.md5)) if role is not None: checkInLog.affected_role_id = role.id session.add(checkInLog) sMessages.append("File %s uploaded successfully." % str(fileName)) session.commit() except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find upload request with ID: %s" % str(uploadRequest.id)) except Exception, e: cherrypy.log.error("[%s] [upload] [Couldn't check in file: %s]" % (user.id, str(e)))
def process_login(self, username, password, **kwargs): rootURL, local = cherrypy.request.app.config['filelocker']['root_url'], False if kwargs.has_key("local") and kwargs['local'] == str(True): local = True username = strip_tags(username) if password is None or password == "": raise cherrypy.HTTPRedirect("%s/login?msg=3&local=%s" % (rootURL, str(local))) else: directory = AccountService.ExternalDirectory(local) if directory.authenticate(username, password): cherrypy.session['request-origin'] = str(os.urandom(32).encode('hex'))[0:32] currentUser = AccountService.get_user(username, True) #if they are authenticated and local, this MUST return a user object if currentUser is not None: if not currentUser.authorized: raise cherrypy.HTTPError(403, "You do not have permission to access this system") session.add(AuditLog(cherrypy.session.get("user").id, "Login", "User %s logged in successfully from IP %s" % (currentUser.id, Filelocker.get_client_address()))) session.commit() raise cherrypy.HTTPRedirect(rootURL) else: #This should only happen in the case of a user existing in the external directory, but having never logged in before try: newUser = directory.lookup_user(username) AccountService.install_user(newUser) currentUser = AccountService.get_user(username, True) if currentUser is not None and currentUser.authorized != False: raise cherrypy.HTTPRedirect(rootURL) else: raise cherrypy.HTTPError(403, "You do not have permission to access this system") except Exception, e: return "Unable to install user: %s" % str(e) else:
if cherrypy.file_uploads.has_key(uploadKey): for fileTransfer in cherrypy.file_uploads[uploadKey]: if fileTransfer.file_object.name == upFile.file_object.name: fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting" #Check in the file try: FileService.check_in_file(tempFileName, newFile) ### Moved to check_in_file so the record can be trashed if virus scan fails #session.add(newFile) #session.commit() #If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded if uploadRequest is not None: if uploadRequest.type == "single": session.add( AuditLog( Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id)) attachedUploadRequest = session.query( UploadRequest).filter( UploadRequest.id == uploadRequest.id).one() session.delete(attachedUploadRequest) cherrypy.session['uploadRequest'].expired = True else: session.add( AuditLog( Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id))