def __init__(self, securityinfo):
"""Constructor"""
try:
if not securityinfo is None:
if isinstance(securityinfo, securityhandlerhelper):
self._securityHandler = securityinfo.securityhandler
self._username = securityinfo._username
self._password = securityinfo._password
self._proxy_url = securityinfo._proxy_url
self._proxy_port = securityinfo._proxy_port
self._token_url = securityinfo._token_url
self._security_type = securityinfo._security_type
self._featureServiceFieldCase = securityinfo._featureServiceFieldCase
self._keyfile = securityinfo._keyfile
self._certificatefile = securityinfo._certificatefile
self._referer_url = securityinfo._referer_url
self._client_id = securityinfo._client_id
self._secret_id = securityinfo._secret_id
self._is_portal = securityinfo._is_portal
self._message = securityinfo._message
self._valid = securityinfo._valid
#self._securityHandler = securityinfo
return
else:
pass
if isinstance(securityinfo,
str) and os.path.isfile(securityinfo):
securityinfo = common.init_config_json(
config_file=securityinfo)
if 'Credentials' in securityinfo:
securityinfo = securityinfo['Credentials']
if 'security_type' in securityinfo:
self._security_type = securityinfo['security_type']
else:
self._security_type = 'Portal'
if not any(self._security_type in s
for s in self._supported_types):
self._message = 'Security type not supported: ' + self._security_type
self._valid = False
return
if 'proxy_url' in securityinfo:
self._proxy_url = securityinfo['proxy_url']
if 'proxy_port' in securityinfo:
self._proxy_port = securityinfo['proxy_port']
if 'referer_url' in securityinfo:
self._referer_url = securityinfo['referer_url']
if 'token_url' in securityinfo and securityinfo[
'token_url'] is not None:
self._token_url = securityinfo['token_url']
if not self._token_url.startswith('http://') and \
not self._token_url.startswith('https://'):
self._token_url = 'https://' + self._token_url
if 'org_url' in securityinfo and securityinfo[
'org_url'] is not None:
self._org_url = securityinfo['org_url']
if not self._org_url.startswith(
'http://') and not self._org_url.startswith(
'https://'):
self._org_url = 'http://' + self._org_url
if 'username' in securityinfo:
self._username = securityinfo['username']
if 'password' in securityinfo:
self._password = securityinfo['password']
if 'certificatefile' in securityinfo:
self._certificatefile = securityinfo['certificatefile']
if 'keyfile' in securityinfo:
self._keyfile = securityinfo['keyfile']
if 'client_id' in securityinfo:
self._client_id = securityinfo['client_id']
if 'secret_id' in securityinfo:
self._secret_id = securityinfo['secret_id']
if str(self._security_type).upper() == 'ArcGIS'.upper():
self._securityHandler = security.ArcGISTokenSecurityHandler(
proxy_url=self._proxy_url, proxy_port=self._proxy_port)
self._org_url = self._securityHandler.org_url
self._username = self._securityHandler.username
self._valid = True
self._message = "ArcGIS security handler created"
elif str(self._security_type).upper() == 'Portal'.upper() or \
str(self._security_type).upper() == 'AGOL'.upper():
if self._org_url is None or self._org_url == '':
self._org_url = 'http://www.arcgis.com'
if self._username is None or self._username == '' or \
self._password is None or self._password == '':
self._message = "No username or password, no security handler generated"
self._valid = True
else:
if self._org_url is None or '.arcgis.com' in self._org_url:
self._securityHandler = security.AGOLTokenSecurityHandler(
username=self._username,
password=self._password,
org_url=self._org_url,
token_url=self._token_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._org_url = self._securityHandler.org_url
self._message = "ArcGIS Online security handler created"
else:
self._securityHandler = security.PortalTokenSecurityHandler(
username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._message = "Portal security handler created"
elif str(self._security_type).upper() == 'NTLM'.upper():
if self._username is None or self._username == '' or \
self._password is None or self._password == '':
self._message = "Username and password required for NTLM"
self._valid = False
else:
self._securityHandler = security.NTLMSecurityHandler(
username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url)
self._message = "NTLM security handler created"
elif str(self._security_type).upper() == 'LDAP'.upper():
if self._username is None or self._username == '' or \
self._password is None or self._password == '':
self._message = "Username and password required for LDAP"
self._valid = False
else:
self._securityHandler = security.LDAPSecurityHandler(
username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url)
self._message = "LDAP security handler created"
elif str(self._security_type).upper() == 'PKI'.upper():
if self._keyfile is None or self._keyfile == '' or \
self._certificatefile is None or self._certificatefile == '':
self._message = "Key file and certification file required for PKI"
self._valid = False
else:
self._securityHandler = security.PKISecurityHandler(
keyfile=self._keyfile,
certificatefile=self._certificatefile,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url)
self._message = "PKI security handler created"
elif str(self._security_type).upper() == 'OAUTH'.upper():
if self._secret_id is None or self._secret_id == '' or \
self._client_id is None or self._client_id == '':
self._message = "client_id and secret_id required for OAUTH"
self._valid = False
else:
self._securityHandler = security.OAuthSecurityHandler(
client_id=self._client_id,
secret_id=self._secret_id,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._message = "OAuth security handler created"
elif str(self._security_type).upper() == 'AGS'.upper():
if self._username is None or self._username == '' or \
self._password is None or self._password == '':
self._message = "Username and password required for ArcGIS"
self._valid = False
else:
self._securityHandler = security.AGSTokenSecurityHandler(
username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._message = "AGS security handler created"
else:
print("No valid security type set")
self._message = "No valid security type set"
if self._securityHandler is not None and str(
self._security_type).upper() != 'AGS'.upper():
admin = Administration(
url=self._org_url,
securityHandler=self._securityHandler)
try:
portal = admin.portals.portalSelf
if portal.featureServers is not None:
for hostingServer in portal.featureServers:
if hostingServer is not None:
if isinstance(hostingServer,
AGSAdministration):
try:
serData = hostingServer.data
dataItems = serData.rootDataItems
if dataItems is not None:
if 'rootItems' in dataItems:
for rootItem in dataItems[
'rootItems']:
if rootItem == '/enterpriseDatabases':
rootItems = serData.findDataItems(
ancestorPath=
rootItem,
type='fgdb,egdb'
)
if not rootItems is None and 'items' in rootItems:
for item in rootItems[
'items']:
if 'info' in item:
if 'isManaged' in item[
'info'] and item[
'info'][
'isManaged'] == True:
conStrDic = {}
conStr = item[
'info'][
'connectionString'].split(
";"
)
for conStrValue in conStr:
spltval = conStrValue.split(
"="
)
conStrDic[spltval[
0]] = spltval[
1]
if 'DBCLIENT' in conStrDic:
if str(
conStrDic[
'DBCLIENT']
).upper(
) == 'postgresql'.upper(
):
self._featureServiceFieldCase = 'lower'
except HTTPError as err:
if err.code == 403:
print(
"Admistrative access denied, unable to check if hosting servers"
)
else:
print(err)
except Exception as e:
print(e)
except HTTPError as err:
if err.code == 403:
print(
"Admistrative access denied, unable to check if hosting servers"
)
else:
print(err)
except Exception as e:
print(e)
if 'error' in self._securityHandler.message:
self._message = self._securityHandler.message
self._valid = False
else:
if self._securityHandler.message is not None:
self._message = self._securityHandler.message
self._valid = True
else:
self._message = 'Security info not set'
self._valid = True
except ValueError as e:
raise e
except six.moves.urllib.error.URLError as e:
line, filename, synerror = trace()
errorMessage = "Error making the connection to the ArcGIS Organization, this is likely due to a password or user name issue. \
User names in ArcRest, unlike using a browser, are case sensitive.\n\t{}".format(
synerror)
raise ValueError(errorMessage)
except Exception as e:
line, filename, synerror = trace()
raise common.ArcRestHelperError({
"function": "securityhandlerhelper_init",
"line": line,
"filename": filename,
"synerror": synerror,
})
def __init__(self, securityinfo):
"""Constructor
A number of different security handlers are suppoted by ArcGIS, this
function simplifies the creation of the handlers. A dict with the
type of handler and information to created it is required to generate
the handlers
Inputs:
securityinfo - The dict with details to create the handler. The
valid parameters are:
- security_type: Required, valid values are Portal,
NTLM, PKI, OAUTH, LDAP
- proxy_url: Optional, url for proxy server
- proxy_port: Optional, port for proxy server
- referer_url: Optional, url for referer
- token_url: Optional, url for token server
- username: Optional, Username for log in, not
required for all security types
- password: Optional, Password for log in, not
required for all security types
- certificatefile: Only required for PKI
- keyfile: Only required for PKI
- client_id: Only required for OAuth
- secret_id: Only required for OAuth
"""
if not securityinfo is None:
if isinstance(securityinfo,securityhandlerhelper):
self._securityHandler = securityinfo.securityhandler
self._username = securityinfo._username
self._password = securityinfo._password
self._proxy_url = securityinfo._proxy_url
self._proxy_port = securityinfo._proxy_port
self._token_url = securityinfo._token_url
self._security_type = securityinfo._security_type
self._featureServiceFieldCase = securityinfo._featureServiceFieldCase
self._keyfile = securityinfo._keyfile
self._certificatefile = securityinfo._certificatefile
self._referer_url = securityinfo._referer_url
self._client_id = securityinfo._client_id
self._secret_id = securityinfo._secret_id
self._is_portal = securityinfo._is_portal
self._message = securityinfo._message
self._valid = securityinfo._valid
#self._securityHandler = securityinfo
return
else:
pass
if isinstance(securityinfo,str) and os.path.isfile(securityinfo):
securityinfo = common.init_config_json(config_file=securityinfo)
if 'Credentials' in securityinfo:
securityinfo = securityinfo['Credentials']
if 'security_type' in securityinfo:
self._security_type = securityinfo['security_type']
else:
self._message = 'Security type not specified'
self._valid = False
return
if 'proxy_url' in securityinfo:
self._proxy_url = securityinfo['proxy_url']
if 'proxy_port' in securityinfo:
self._proxy_port = securityinfo['proxy_port']
if 'referer_url' in securityinfo:
self._referer_url = securityinfo['referer_url']
if 'token_url' in securityinfo and securityinfo['token_url'] is not None:
self._token_url = securityinfo['token_url']
if not self._token_url.startswith('http://') and \
not self._token_url.startswith('https://'):
self._token_url = 'https://' + self._token_url
if 'org_url' in securityinfo and securityinfo['org_url'] is not None:
self._org_url = securityinfo['org_url']
if not self._org_url.startswith('http://') and not self._org_url.startswith('https://'):
self._org_url = 'http://' + self._org_url
if 'username' in securityinfo:
self._username = securityinfo['username']
if 'password' in securityinfo:
self._password = securityinfo['password']
if 'certificatefile' in securityinfo:
self._certificatefile = securityinfo['certificatefile']
if 'keyfile' in securityinfo:
self._keyfile = securityinfo['keyfile']
if 'client_id' in securityinfo:
self._client_id = securityinfo['client_id']
if 'secret_id' in securityinfo:
self._secret_id = securityinfo['secret_id']
if str(securityinfo['security_type']).upper() == 'ArcGIS'.upper():
self._securityHandler = security.ArcGISTokenSecurityHandler(proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._org_url = self._securityHandler.org_url
self._username = self._securityHandler.username
self._valid = True
self._message = "ArcGIS security handler created"
elif str(securityinfo['security_type']).upper() == 'Portal'.upper() or \
str(securityinfo['security_type']).upper() == 'AGOL'.upper():
if self._org_url is None or self._org_url =='':
self._org_url = 'http://www.arcgis.com'
if self._username == "" or self._password == "":
self._message = "No username or password, no security handler generated"
self._valid = True
else:
if self._org_url is None or '.arcgis.com' in self._org_url:
self._securityHandler = security.AGOLTokenSecurityHandler(username=self._username,
password=self._password,
org_url=self._org_url,
token_url=self._token_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._message = "ArcGIS Online security handler created"
else:
self._securityHandler = security.PortalTokenSecurityHandler(username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port)
self._message = "Portal security handler created"
elif str(securityinfo['security_type']).upper() == 'NTLM'.upper():
if self._username == "" or self._password == "":
self._message = "Username and password required for NTLM"
self._valid = False
self._securityHandler = security.NTLMSecurityHandler(username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url
)
self._message = "NTLM security handler created"
elif str(securityinfo['security_type']).upper() == 'LDAP'.upper():
if self._username == "" or self._password == "":
self._message = "Username and password required for LDAP"
self._valid = False
self._securityHandler = security.LDAPSecurityHandler(username=self._username,
password=self._password,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url
)
self._message = "LDAP security handler created"
elif str(securityinfo['security_type']).upper() == 'PKI'.upper():
if self._keyfile == "" or self._certificatefile == "":
self._message = "key file and certification file required for PKI"
self._valid = False
self._securityHandler = security.PKISecurityHandler(keyfile = self._keyfile,
certificatefile = self._certificatefile,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port,
referer_url=self._referer_url
)
self._message = "PKI security handler created"
elif str(securityinfo['security_type']).upper() == 'OAUTH'.upper():
if self._secret_id == "" or self._client_id == "":
self._message = "client_id and secret_id required for OAUTH"
self._valid = False
self._securityHandler = security.OAuthSecurityHandler(client_id=self._client_id,
secret_id = self._secret_id,
org_url=self._org_url,
proxy_url=self._proxy_url,
proxy_port=self._proxy_port
)
self._message = "OAuth security handler created"
else:
print "No valid security type set"
self._message = "No valid security type set"
admin = Administration(url=self._org_url,
securityHandler=self._securityHandler)
try:
portal = admin.portals.portalSelf
for hostingServer in portal.featureServers:
if isinstance(hostingServer, AGSAdministration):
try:
serData = hostingServer.data
dataItems = serData.rootDataItems
if 'rootItems' in dataItems:
for rootItem in dataItems['rootItems']:
if rootItem == '/enterpriseDatabases':
rootItems = serData.findDataItems(ancestorPath=rootItem,type='fgdb,egdb')
if not rootItems is None and 'items' in rootItems:
for item in rootItems['items']:
if 'info' in item:
if 'isManaged' in item['info'] and item['info']['isManaged'] == True:
conStrDic = {}
conStr = item['info']['connectionString'].split(";")
for conStrValue in conStr:
spltval = conStrValue.split("=")
conStrDic[spltval[0]] = spltval[1]
if 'DBCLIENT' in conStrDic:
if str(conStrDic['DBCLIENT']).upper() == 'postgresql'.upper():
self._featureServiceFieldCase = 'lower'
except urllib2.HTTPError, err:
print err
except Exception, e:
print e
except Exception, e:
print e
