def get_users(config): salt = config.get('ce1sus', 'salt') result = list() # Add admin user user = User() user.identifier = 1 user.uuid = 'f49eb0ed-438d-49ef-aa19-1d615a3ba01d' user.name = 'Root' user.sirname = 'Administrator' user.username = '******' user.password = hashSHA1('admin' + salt) user.last_login = None user.email = '*****@*****.**' user.api_key = None user.gpg_key = None user.activated = datetime.now() user.dbcode = 31 user.activation_sent = None user.activation_str = 'e96e0b6cfdb77c4e957508315bf7b7124aea9fa0' user.api_key = '4a5e3a7e8aa200cbde64432df11c4b459b154499' group = Group() group.name = 'Administrators' group.description = 'Administrators group' group.tlp_lvl = 0 group.dbcode = 31 group.default_dbcode = 31 group.email = '*****@*****.**' user.group = group result.append(user) return result
def update_user(self, user, json): user.populate(json) if self.salt: salt = self.salt else: salt = user.username # Do not update the password if it matches the masking if user.plain_password: fistcheck = True if is_plugin_available('ldap', self.config): ldap_password_identifier = get_plugin_function( 'ldap', 'get_ldap_pwd_identifier', self.config, 'internal_plugin')() if user.plain_password == ldap_password_identifier: user.password = ldap_password_identifier fistcheck = False if not re.match(r'^\*{8,}$', user.plain_password) and fistcheck: user.password = hashSHA1(user.plain_password, salt) group_uuid = json.get('group_id', None) if group_uuid: group = self.group_broker.get_by_uuid(group_uuid) user.group_id = group.identifier user.group = group else: user.group_id = None user.group = None return user
def get_tmp_folder(self): """ Returns the temporary folder, and creates it when not existing """ try: tmp_path = self.get_base_path() + '/tmp/' + hasher.hashSHA1('{0}'.format(datetime.utcnow())) if not exists(tmp_path): makedirs(tmp_path) return tmp_path except TypeError as error: raise HandlerException(error)
def getUserByUsernameAndPassword(self, username, password, salt=None): """ Returns the user with the following username and password Note: Password will be hashed inside this function :param user: The username :type user: Stirng :param password: The username :type password: Stirng :returns: User """ if salt: passwd = hashSHA1(password, salt) old_pwd = hashSHA1(password + username) else: passwd = password old_pwd = None try: if old_pwd: user = self.session.query(User).filter( User.username == username, or_( User.password == passwd, User.password == old_pwd, )).one() else: user = self.session.query(User).filter( User.username == username, User.password == passwd).one() except sqlalchemy.orm.exc.NoResultFound: raise NothingFoundException( u'Nothing found with ID :{0}'.format(username)) except sqlalchemy.orm.exc.MultipleResultsFound: raise TooManyResultsFoundException( u'Too many results found for ID ' + ':{0}'.format(username)) except sqlalchemy.exc.SQLAlchemyError as error: self.session.rollback() raise BrokerException(error) return user
def resentmail(self, **args): try: path = args.get('path') if len(path) > 0: uuid = path.pop(0) user = self.user_controller.get_user_by_uuid(uuid) # set new random password for user user.plain_password = hashSHA1(u'{0}'.format(random.random())) self.user_controller.set_activation_str(user) self.user_controller.update_user(user) self.mail_controller.send_activation_mail(user) return 'Ok' else: raise RestHandlerException('No uuid given') except ControllerNothingFoundException as error: raise RestHandlerNotFoundException(error) except ControllerException as error: raise RestHandlerException(error)
def update(self, instance, commit=True, validate=True): """ overrides BrokerBase.insert """ errors = not instance.validate() if errors: raise ValidationException(u'User to be updated is invalid') if instance.password != 'EXTERNALAUTH': # Don't update if the password is already a hash if re.match('^[0-9a-f]{40}$', instance.password) is None: if not errors: instance.password = hashSHA1(instance.password, instance.username) try: BrokerBase.update(self, instance, commit, validate=False) self.do_commit(commit) except sqlalchemy.exc.SQLAlchemyError as error: self.session.rollback() raise BrokerException(error)
def insert_user(self, user, validate=True, commit=True, send_mail=True): try: # Add unset elements self.set_activation_str(user) if user.plain_password: user.password = hashSHA1(user.plain_password + self.salt) # TODO: add api key and mail sending self.user_broker.insert(user, validate=validate, commit=commit) if user.gpg_key: self.mail_controller.import_gpg_key(user.gpg_key) if send_mail: self.mail_controller.send_activation_mail(user) except IntegrityException as error: raise ControllerIntegrityException(error) except ValidationException as error: message = ObjectValidator.getFirstValidationError(user) raise ControllerException(u'Could not add user due to: {0}'.format(message)) except (BrokerException) as error: raise ControllerException(error)
def user(self, **args): try: method = args.get('method') path = args.get('path') details = self.get_detail_value(args) inflated = self.get_inflated_value(args) json = args.get('json') if method == 'GET': if len(path) > 0: # if there is a uuid as next parameter then return single user uuid = path.pop(0) user = self.user_controller.get_user_by_uuid(uuid) if details: password = '******' if is_plugin_available('ldap', self.config): ldap_password_identifier = get_plugin_function( 'ldap', 'get_ldap_pwd_identifier', self.config, 'internal_plugin')() if user.password == ldap_password_identifier: password = ldap_password_identifier user.password = password return user.to_dict(details, inflated) else: return user.to_dict(details, inflated) else: # else return all users = self.user_controller.get_all_users() result = list() for user in users: if details: password = AdminUserHandler.PASSWORD_MASK if is_plugin_available('ldap', self.config): ldap_password_identifier = get_plugin_function( 'ldap', 'get_ldap_pwd_identifier', self.config, 'internal_plugin')() password = ldap_password_identifier user.password = password result.append(user.to_dict(details, inflated)) else: result.append(user.to_dict(details, inflated)) return result elif method == 'POST': # Add new user user = self.assembler.assemble_user(json) user.password = hashSHA1(user.plain_password, user.username) self.user_controller.insert_user(user) return user.to_dict(details, inflated) elif method == 'PUT': # update user if len(path) > 0: # if there is a uuid as next parameter then return single user uuid = path.pop(0) user = self.user_controller.get_user_by_uuid(uuid) user = self.assembler.update_user(user, json) self.user_controller.update_user(user) return user.to_dict(details, inflated) else: raise RestHandlerException( u'Cannot update user as no identifier was given') elif method == 'DELETE': # Remove user if len(path) > 0: # if there is a uuid as next parameter then return single user uuid = path.pop(0) self.user_controller.remove_user_by_uuid(uuid) return 'Deleted user' else: raise RestHandlerException( u'Cannot delete user as no identifier was given') raise RestHandlerException(u'Unrecoverable error') except ControllerNothingFoundException as error: raise RestHandlerNotFoundException(error) except ControllerException as error: raise RestHandlerException(error)
def set_activation_str(self, user): user.activation_str = hashSHA1('{0}{1}'.format(user.plain_password, random.random())) user.activation_sent = datetime.utcnow()
def gen_attr_chksum(attribute): key = '{0}{1}{2}{3}'.format(attribute.name, attribute.regex, attribute.table_id, attribute.attributehandler_id) return hashSHA1(key)
def gen_obj_chksum(obj): return hashSHA1(obj.name)
def gen_reference_chksum(reference_definition): key = '{0}{1}{2}'.format(reference_definition.name, reference_definition.regex, reference_definition.referencehandler_id) return hashSHA1(key)