def getUserGrups(dbSession, user): try: user = User.getByNameOrID(user) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this username or ID") else: return user.groups
def get_user_groups(db_session, user): try: user = User.getByNameOrID(user) except orm_exceptions.NoResultFound: raise HTTPRequestError(404, "No user found with this username or ID") else: return user.groups
def getUserDirectPermissions(dbSession, user): try: user = User.getByNameOrID(user) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this username or ID") return user.permissions
def deleteUser(dbSession, user, requester): try: user = User.getByNameOrID(user) if user.id == requester['userid']: raise HTTPRequestError(400, "a user can't remove himself") dbSession.execute( UserPermission.__table__.delete(UserPermission.user_id == user.id) ) dbSession.execute( UserGroup.__table__.delete(UserGroup.user_id == user.id) ) cache.deleteKey(userid=user.id) # The user is not hardDeleted. # it should be copied to inactiveUser table inactiveTables.PasswdInactive.createInactiveFromUser(dbSession, user,) inactiveTables.UserInactive.createInactiveFromUser(dbSession, user, requester['userid']) passwd.expirePasswordResetRequests(dbSession, user.id) dbSession.delete(user) log().info('user ' + user.username + ' deleted by ' + requester['username'], user.safeDict()) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this ID")
def updateUser(dbSession, user, updatedInfo, requester): # Drop invalid fields updatedInfo = { k: updatedInfo[k] for k in updatedInfo if k in User.fillable } oldUser = User.getByNameOrID(user) if 'username' in updatedInfo.keys() \ and updatedInfo['username'] != oldUser.username: raise HTTPRequestError(400, "usernames can't be updated") checkUser(updatedInfo) # Verify if the email is in use by another user if 'email' in updatedInfo.keys() and updatedInfo['email'] != oldUser.email: anotherUser = dbSession.query(User) \ .filter_by(email=updatedInfo['email']) \ .one_or_none() if anotherUser: raise HTTPRequestError(400, "email already in use") log().info('user ' + oldUser.username + ' updated by ' + requester['username'], {'oldUser': oldUser.safeDict(), 'newUser': updatedInfo}) if 'name' in updatedInfo.keys(): oldUser.name = updatedInfo['name'] if 'service' in updatedInfo.keys(): oldUser.service = updatedInfo['service'] if 'email' in updatedInfo.keys(): oldUser.email = updatedInfo['email'] return oldUser
def get_all_user_permissions(db_session, user): try: user = User.getByNameOrID(user) except orm_exceptions.NoResultFound: raise HTTPRequestError(404, "No user found with this username or ID") permissions = user.permissions permissions += [ perm for group in user.groups for perm in group.permissions ] # drop possible duplicates return list({v.id: v for v in permissions}.values())
def add_user_groups(): predef_user_group = [ { "name": "admin", "groups": ["admin"] }, ] for user in predef_user_group: user_id = User.getByNameOrID(user['name']).id for group_name in user['groups']: r = UserGroup(user_id=user_id, group_id=Group.getByNameOrID(group_name).id) db.session.add(r) db.session.commit()
def removeUserGroup(dbSession, user, group, requester): try: user = User.getByNameOrID(user) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this ID or name") try: group = Group.getByNameOrID(group) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No group found with this ID or name") try: relation = dbSession.query(UserGroup) \ .filter_by(user_id=user.id, group_id=group.id).one() dbSession.delete(relation) cache.deleteKey(userid=user.id) log().info('user ' + user.username + ' removed from ' + group.name + ' by ' + requester['username']) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "User is not a member of the group")
def removeUserPermission(dbSession, user, permission, requester): try: user = User.getByNameOrID(user) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this ID or name") try: perm = Permission.getByNameOrID(permission) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No permission found with this ID") try: relation = dbSession.query(UserPermission) \ .filter_by(user_id=user.id, permission_id=perm.id).one() dbSession.delete(relation) cache.deleteKey(userid=user.id, action=perm.method, resource=perm.path) log().info('user ' + user.username + ' removed permission ' + perm.name + ' by ' + requester['username']) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "User does not have this permission")
def addUserGroup(dbSession, user, group, requester): try: user = User.getByNameOrID(user) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No user found with this ID or name") try: group = Group.getByNameOrID(group) except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, "No group found with this ID or name") if dbSession.query(UserGroup).filter_by(user_id=user.id, group_id=group.id).one_or_none(): raise HTTPRequestError(409, "User is already a member of the group") r = UserGroup(user_id=user.id, group_id=group.id) dbSession.add(r) cache.deleteKey(userid=user.id) log().info('user ' + user.username + ' added to group ' + group.name + ' by ' + requester['username'])
def resetPassword(dbSession, link, resetData): if 'passwd' not in resetData.keys(): raise HTTPRequestError(400, 'missing password') try: resetRequest = dbSession.query(PasswordRequest). \ filter_by(link=link).one() if chechRequestValidity(dbSession, resetRequest): user = User.getByNameOrID(resetRequest.user_id) user.salt, user.hash = update(dbSession, user, resetData['passwd']) # remove this used reset request PasswordRequestInactive.createInactiveFromRequest( dbSession, resetRequest) dbSession.delete(resetRequest) return user else: raise HTTPRequestError(404, 'Page not found or expired') except sqlalchemy.orm.exc.NoResultFound: raise HTTPRequestError(404, 'Page not found or expired')
def add_user_permission(db_session, user, permission, requester): try: user = User.getByNameOrID(user) except orm_exceptions.NoResultFound: raise HTTPRequestError(404, "No user found with this ID or name") try: perm = Permission.getByNameOrID(permission) except orm_exceptions.NoResultFound: raise HTTPRequestError(404, "No permission found with this ID") if db_session.query(UserPermission) \ .filter_by(user_id=user.id, permission_id=perm.id).one_or_none(): raise HTTPRequestError(409, "User already have this permission") r = UserPermission(user_id=user.id, permission_id=perm.id) db_session.add(r) cache.delete_key(userid=user.id, action=perm.method, resource=perm.path) log().info('user ' + user.username + ' received permission ' + perm.name + ' by ' + requester['username'])
def getUser(dbSession, user): try: user = User.getByNameOrID(user) return user except (sqlalchemy.orm.exc.NoResultFound, ValueError): raise HTTPRequestError(404, "No user found with this ID")
def get_user(db_session, user): try: user = User.getByNameOrID(user) return user except (orm_exceptions.NoResultFound, ValueError): raise HTTPRequestError(404, "No user found with this ID")