def __reginit__(self):
self.authenticated = False
self.authorized = False
self.clientdb = ClientDB()
self.acldb = ACLDB()
# this one is to do operation on sites from the console
# or the command line
self._sitedb = SiteDB()
self.tags = ACLTags()
def rq_reload_acl_rules(self, id, *args):
u"""
Reloads system ACLs database to cache
"""
ACLDB().reload_rules()
return _(u"ACL Rules reloaded.")
def __reginit__(self):
self.authenticated = False
self.authorized = False
self.clientdb = ClientDB()
self.acldb = ACLDB()
# this one is to do operation on sites from the console
# or the command line
self._sitedb = SiteDB()
self.tags = ACLTags()
def authorize(self, user_site, client, need_login=False):
if not isinstance(user_site, SiteInfo):
if not self.exists(user_site):
return False
user, site = self.split_user_site(user_site)
siteinfo = SiteInfo(user, site)
else:
siteinfo = user_site
if not siteinfo.loaded:
return False
if not ACLDB().check(acl='authorize', client=client.get_tags(),
site=siteinfo.get_tags()):
return False
self.siteinfo = siteinfo
if need_login and siteinfo.login is None:
self.select_login()
return True
def authenticate(self, username, auth_tokens, **tokens):
"""
Authenticate the client connecting as C{username} with C{**tokens}.
If authentication is successful, set the attribute C{clientinfo} as
an instance of L{ClientInfo}.
This only controls the connection from the client to the proxy.
@param username: the username
@type username: str
@param **tokens: the authentication tokens (password, key, ...)
@type **tokens: dict
@return: True if authenticated, False otherwise.
@rtype: bool
"""
clientinfo = ClientInfo(username, **tokens)
if not ACLDB().check(acl='authenticate', client=clientinfo.get_tags()):
return False
if clientinfo.authenticate(**auth_tokens):
self.clientinfo = clientinfo
return True
else:
return False
class Backend(Registry):
_class_id = 'Backend'
def __reginit__(self):
self.authenticated = False
self.authorized = False
self.clientdb = ClientDB()
self.acldb = ACLDB()
# this one is to do operation on sites from the console
# or the command line
self._sitedb = SiteDB()
self.tags = ACLTags()
def authenticate(self, username, auth_tokens, **tokens):
if self.clientdb.authenticate(username, auth_tokens, **tokens):
self.authenticated = True
else:
self.authenticated = False
return self.authenticated
def authorize(self, user_site, need_login=False):
sitedb = SiteDB()
if sitedb.authorize(user_site, self.clientdb, need_login):
self.authorized = True
self.sitedb = sitedb
else:
self.authorized = False
return self.authorized
def is_admin(self):
return self.acldb.check(acl='admin', client=self.clientdb.get_tags())
def get_client(self, username=None, **kw):
return self.clientdb.get_user_info(username=username, **kw)
def get_client_tags(self):
return self.clientdb.get_tags()
def get_site_tags(self):
return self.sitedb.get_tags()
def get_site(self, user_site=None):
return SiteDB().get_site(user_site)
def list_site_users(self, **tokens):
sitedb = SiteDB()
return sitedb.list_site_users(**tokens)
def list_allowed_sites(self):
sites = self.list_site_users()
allowed_sites = []
for site in sites:
if self.authorize(site):
allowed_sites.append(site)
return allowed_sites
def list_clients(self, **kw):
return self.clientdb.list_clients(**kw)
def add_client(self, username, **tokens):
return ClientDB().add_client(username, **tokens)
def add_client_pubkey(self, username, pubkey, number):
if username:
client = ClientDB()
else:
client = self.clientdb
return client.add_pubkey(username, pubkey, number)
def del_client(self, username, **tokens):
return ClientDB().del_client(username, **tokens)
def tag_client(self, username, **tokens):
return ClientDB().tag_client(username, **tokens)
def client_exists(self, username, **tokens):
return ClientDB().exists(username, **tokens)
def add_site(self, sitename, **tokens):
return self._sitedb.add_site(sitename, **tokens)
def del_site(self, sitename, **tokens):
return self._sitedb.del_site(sitename, **tokens)
def tag_site(self, sitename, **tokens):
return self._sitedb.tag_site(sitename, **tokens)
def site_exists(self, sitename, **tokens):
return self._sitedb.exists(sitename, **tokens)
def list_aclrules(self, name=None):
return self.acldb.list_rules(name)
def add_aclrule(self, name, rule, index=None):
return self.acldb.add_rule(name, rule, index)
def set_aclrule(self, name, rule, index):
return self.acldb.set_rule(name, rule, index)
def del_aclrule(self, name, index):
return self.acldb.del_rule(name, index)
def func_reload_acl_rules(self, *args):
ACLDB().reload_rules()
return True
def func_check_acl(self, _chan, *args, **kw):
if not len(args):
return False
namespaces = self.namespaces[_chan]
return ACLDB().check(acl=args[0], **namespaces)
class Backend(Registry):
_class_id = 'Backend'
def __reginit__(self):
self.authenticated = False
self.authorized = False
self.clientdb = ClientDB()
self.acldb = ACLDB()
# this one is to do operation on sites from the console
# or the command line
self._sitedb = SiteDB()
self.tags = ACLTags()
def authenticate(self, username, auth_tokens, **tokens):
if self.clientdb.authenticate(username, auth_tokens, **tokens):
self.authenticated = True
else:
self.authenticated = False
return self.authenticated
def authorize(self, user_site, need_login=False):
sitedb = SiteDB()
if sitedb.authorize(user_site, self.clientdb, need_login):
self.authorized = True
self.sitedb = sitedb
else:
self.authorized = False
return self.authorized
def is_admin(self):
return self.acldb.check(acl='admin', client=self.clientdb.get_tags())
def get_client(self, username=None, **kw):
return self.clientdb.get_user_info(username=username, **kw)
def get_client_tags(self):
return self.clientdb.get_tags()
def get_site_tags(self):
return self.sitedb.get_tags()
def get_site(self, user_site=None):
return SiteDB().get_site(user_site)
def list_site_users(self, **tokens):
sitedb = SiteDB()
return sitedb.list_site_users(**tokens)
def list_allowed_sites(self):
sites = self.list_site_users()
allowed_sites = []
for site in sites:
if self.authorize(site):
allowed_sites.append(site)
return allowed_sites
def list_clients(self, **kw):
return self.clientdb.list_clients(**kw)
def add_client(self, username, **tokens):
return ClientDB().add_client(username, **tokens)
def add_client_pubkey(self, username, pubkey, number):
if username:
client = ClientDB()
else:
client = self.clientdb
return client.add_pubkey(username, pubkey, number)
def del_client(self, username, **tokens):
return ClientDB().del_client(username, **tokens)
def tag_client(self, username, **tokens):
return ClientDB().tag_client(username, **tokens)
def client_exists(self, username, **tokens):
return ClientDB().exists(username, **tokens)
def add_site(self, sitename, **tokens):
return self._sitedb.add_site(sitename, **tokens)
def del_site(self, sitename, **tokens):
return self._sitedb.del_site(sitename, **tokens)
def tag_site(self, sitename, **tokens):
return self._sitedb.tag_site(sitename, **tokens)
def site_exists(self, sitename, **tokens):
return self._sitedb.exists(sitename, **tokens)
def list_aclrules(self, name=None):
return self.acldb.list_rules(name)
def add_aclrule(self, name, rule, index=None):
return self.acldb.add_rule(name, rule, index)
def set_aclrule(self, name, rule, index):
return self.acldb.set_rule(name, rule, index)
def del_aclrule(self, name, index):
return self.acldb.del_rule(name, index)
