def delete_users(self, userIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: userIds = split_list_sanitized(userIds) try: for userId in userIds: try: delUser = session.query(User).filter(User.id == userId).one() session.delete(delUser) for flFile in session.query(File).filter(File.owner_id == delUser.id): FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by user %s has been deleted as a result of the owner being deleted. " % (flFile.name, flFile.id, delUser.id), "admin")) session.add(AuditLog(user.id, Actions.DELETE_USER, "User with ID: \"%s\" deleted from system" % delUser.id, "admin")) sMessages.append("Successfully deleted user %s" % userId) except sqlalchemy.orm.exc.NoResultFound: fMessages.append("User with ID:%s does not exist" % userId) except Exception, e: fMessages.append("Could not delete user: %s" % str(e)) session.commit() except Exception, e: session.rollback() cherrypy.log.error("[%s] [delete_users] [Could not delete users: %s]" % (user.id, str(e))) fMessages.append("Could not delete users: %s" % str(e))
def delete_upload_request(self, ticketId, format="json", requestOrigin=""): user, sMessages, fMessages = cherrypy.session.get("user"), [], [] if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: ticketId = strip_tags(ticketId) uploadRequest = session.query(UploadRequest).filter( UploadRequest.id == ticketId).one() if uploadRequest.owner_id == user.id or AccountService.user_has_permission( user, "admin"): session.delete(uploadRequest) session.add( AuditLog( user.id, Actions.DELETE_UPLOAD_REQUEST, "You deleted an upload request with ID: %s" % uploadRequest.id)) session.commit() sMessages.append("Upload request deleted") else: fMessages.append( "You do not have permission to delete this upload request" ) except Exception, e: fMessages.append(str(e))
def delete_messages(self, messageIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = cherrypy.session.get("user"), [], [] if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: messageIdList = split_list_sanitized(messageIds) for messageId in messageIdList: message = session.query(Message).filter( Message.id == messageId).scalar() if (message.owner_id == user.id or AccountService.user_has_permission( user, "admin")): session.delete(message) else: fMessages.append( "You do not have permission to delete message with ID: %s" % messageId) session.commit() sMessages.append("Message(s) deleted") except Exception, e: cherrypy.log.error( "[%s] [delete_messages] [Could not delete message: %s]" % (user.id, str(e))) fMessages.append("Could not delete message: %s" % str(e))
def delete_roles(self, roleIds, format="json", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) try: roleIds = split_list_sanitized(roleIds) for roleId in roleIds: try: role = session.query(Role).filter(Role.id == roleId).one() session.delete(role) for flFile in session.query(File).filter( File.role_owner_id == role.id): FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add( AuditLog( user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted as a result of the role owner being deleted. " % (flFile.name, flFile.id, role.id), "admin")) session.add( AuditLog( user.id, Actions.DELETE_ROLE, "%s deleted role \"%s\"(%s) from the system" % (user.id, role.name, role.id), None)) sMessages.append("Successfully deleted roles%s." % str(roleId)) except sqlalchemy.orm.exc.NoResultFound: fMessages.append("The role ID: %s does not exist" % str(roleId)) session.commit() except Exception, e: session.rollback() cherrypy.log.error( "[%s] [delete_roles] [Problem deleting roles: %s]" % (user.id, str(e))) fMessages.append("Problem deleting roles: %s" % str(e))
def delete_attribute_shares(self, fileIds, attributeId, format="json", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) try: userShareableAttributes, permission = AccountService.get_shareable_attributes_by_user( user), False for attribute in userShareableAttributes: if attributeId == attribute.id: permission = True break if permission: fileIdList = split_list_sanitized(fileIds) for fileId in fileIdList: share = session.query(AttributeShare).filter( AttributeShare.attribute_id == attributeId and AttributeShare.fileId == fileId).one() session.delete(share) sMessages.append( "Successfully unshared file(s) with users having the %s attribute" % attributeId) else: fMessages.append( "You do not have permission to delete attribute shares for this attribute" ) except Exception, e: fMessages.append(str(e))
def delete_public_share(self, shareId, format="json", **kwargs): user, role, sMessages, fMessages = ( cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) shareId = strip_tags(shareId) try: ps = session.query(PublicShare).filter( PublicShare.id == shareId).one() if role is not None and ps.role_owner_id == role.id: session.delete(ps) session.add( AuditLog( user.id, Actions.DELETE_PUBLIC_SHARE, "Role %s stopped sharing files publicly via URL using share ID: %s" % (role.name, str(ps.id)), None, role.id)) session.commit() sMessages.append("Successfully unshared files") elif ps.owner_id == user.id or AccountService.user_has_permission( user, "admin"): session.delete(ps) session.add( AuditLog( user.id, Actions.DELETE_PUBLIC_SHARE, "You stopped sharing files publicly via URL using share ID: %s" % str(ps.id))) session.commit() sMessages.append("Successfully unshared files") else: fMessages.append( "You do not have permission to modify share ID: %s" % str(ps.id)) except Exception, e: fMessages.append(str(e))
def delete_user_shares(self, fileIds, userId, format="json"): user, role, sMessages, fMessages = ( cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: flFile = session.query(File).filter(File.id == fileId).one() if ( role is not None and flFile.role_owner_id == role.id ) or flFile.owner_id == user.id or AccountService.user_has_permission( user, "admin"): ps = session.query(UserShare).filter( and_(UserShare.user_id == userId, UserShare.file_id == flFile.id)).scalar() if ps is not None: session.delete(ps) session.add( AuditLog( user.id, Actions.DELETE_USER_SHARE, "You stopped sharing file %s with %s" % (flFile.name, userId), None, role.id if role is not None else None)) session.commit() sMessages.append("Share has been successfully deleted") else: fMessages.append("This share does not exist") else: fMessages.append( "You do not have permission to modify shares for file with ID: %s" % str(flFile.id)) except Exception, e: session.rollback() fMessages.append("Problem deleting share for file: %s" % str(e))
def delete_files(self, fileIds, format="json", requestOrigin="", **kwargs): user, role, sMessages, fMessages = (cherrypy.session.get("user"),cherrypy.session.get("current_role"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: fileId = int(fileId) flFile = session.query(File).filter(File.id == fileId).one() if flFile.role_owner_id is not None and role is not None and flFile.role_owner_id == role.id: FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted by user %s. " % (flFile.name, flFile.id, role.name, user.id))) session.commit() sMessages.append("File %s deleted successfully" % flFile.name) elif flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"): FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) has been deleted" % (flFile.name, flFile.id))) session.commit() sMessages.append("File %s deleted successfully" % flFile.name) else: fMessages.append("You do not have permission to delete file %s" % flFile.name) except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find file with ID: %s" % str(fileId)) except Exception, e: session.rollback() cherrypy.log.error("[%s] [delete_files] [Could not delete file: %s]" % (user.id, str(e))) fMessages.append("File not deleted: %s" % str(e))
def purge_expired_nodes(): # Clean node table, check for master, if none run election expirationTime = datetime.datetime.now() - datetime.timedelta(minutes=5) expiredNodes = session.query(ClusterNode).filter(ClusterNode.last_seen_timestamp < expirationTime).all() for node in expiredNodes: session.delete(node) session.commit()
def routine_maintenance(config): from lib import AccountService expiredFiles = session.query(File).filter(File.date_expires < datetime.datetime.now()) for flFile in expiredFiles: try: for share in flFile.user_shares: session.delete(share) for share in flFile.group_shares: session.delete(share) for share in flFile.public_shares: session.delete(share) for share in flFile.attribute_shares: session.delete(share) FileService.queue_for_deletion(flFile.id) session.add( AuditLog( "admin", Actions.DELETE_FILE, "File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id), flFile.owner_id, ) ) session.delete(flFile) session.commit() except Exception, e: session.rollback() cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e))
def secure_delete(config, fileName): import errno vault = config['filelocker']['vault'] deleteConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('delete_%')).all()) deleteCommand = deleteConfig['delete_command'] deleteArguments = deleteConfig['delete_arguments'] deleteList = [deleteCommand] for argument in deleteArguments.split(" "): deleteList.append(argument) deleteList.append(os.path.join(vault,fileName)) try: p = subprocess.Popen(deleteList, stdout=subprocess.PIPE) output = p.communicate()[0] if(p.returncode != 0): cherrypy.log.error("[%s] [secure_delete] [The command to delete the file returned a failure code of %s: %s]" % ("admin", p.returncode, output)) else: deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileName).scalar() if deletedFile is not None: session.delete(deletedFile) session.commit() except OSError, oe: if oe.errno == errno.ENOENT: cherrypy.log.error("[admin] [secure_delete] [Couldn't delete because the file was not found (dequeing): %s]" % str(oe)) deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileName).scalar() if deletedFile is not None: session.delete(deletedFile) session.commit() else: cherrypy.log.error("[admin] [secure_delete] [Generic system error while deleting file: %s" % str(oe))
def routine_maintenance(config): from lib import AccountService expiredFiles = session.query(File).filter( File.date_expires < datetime.datetime.now()) for flFile in expiredFiles: try: for share in flFile.user_shares: session.delete(share) for share in flFile.group_shares: session.delete(share) for share in flFile.public_shares: session.delete(share) for share in flFile.attribute_shares: session.delete(share) FileService.queue_for_deletion(flFile.id) session.add( AuditLog( "admin", Actions.DELETE_FILE, "File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id), flFile.owner_id)) session.delete(flFile) session.commit() except Exception, e: session.rollback() cherrypy.log.error( "[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e))
def purge_expired_nodes(): #Clean node table, check for master, if none run election expirationTime = datetime.datetime.now() - datetime.timedelta(minutes=5) expiredNodes = session.query(ClusterNode).filter( ClusterNode.last_seen_timestamp < expirationTime).all() for node in expiredNodes: session.delete(node) session.commit()
def cluster_elections(config): try: currentNodeId = int(config["filelocker"]["cluster_member_id"]) currentNode = session.query(ClusterNode).filter(ClusterNode.member_id == currentNodeId).scalar() if currentNode is None: # This node isn't in the DB yet, check in import socket currentNode = ClusterNode( member_id=currentNodeId, hostname=socket.gethostname(), is_master=False, last_seen_timestamp=datetime.datetime.now(), ) session.add(currentNode) session.commit() else: # In the DB, update last seen to avoid purging currentNode.last_seen_timestamp = datetime.datetime.now() session.commit() currentMaster = session.query(ClusterNode).filter(ClusterNode.is_master == True).scalar() # If this is default master node and another node has assumed master, reset and force election if currentNodeId == 0 and currentNode.is_master == False and currentMaster is not None: for node in session.query(ClusterNode).all(): node.is_master = False session.commit() # This isn't the default master, there is one, but it's expired elif currentMaster is not None and currentMaster.last_seen_timestamp < datetime.datetime.now() - datetime.timedelta( minutes=5 ): # master is expired session.delete(currentMaster) session.commit() # No master, hold election elif currentMaster is None: # No master nodes found, become master if eligible purge_expired_nodes() highestPriority = currentNode.member_id for node in session.query(ClusterNode).all(): if node.member_id < highestPriority: highestPriority = node.member_id break if ( highestPriority == currentNode.member_id ): # Current node has lowest node id, thus highest priority, assume master currentNode.is_master = True session.commit() return True except sqlalchemy.orm.exc.ConcurrentModificationError, cme: cherrypy.log.error( "[system] [cluster_elections] [Concurrency error during elections. This can occur if locks on the DB inhibit normal cluster elections. If this error occurs infrequently, it can usually be disregarded. Full Error: %s]" % str(cme) ) session.rollback() return False
def delete_files(self, fileIds, format="json", requestOrigin="", **kwargs): user, role, sMessages, fMessages = ( cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: fileId = int(fileId) flFile = session.query(File).filter( File.id == fileId).one() if flFile.role_owner_id is not None and role is not None and flFile.role_owner_id == role.id: FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add( AuditLog( user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted by user %s. " % (flFile.name, flFile.id, role.name, user.id))) session.commit() sMessages.append("File %s deleted successfully" % flFile.name) elif flFile.owner_id == user.id or AccountService.user_has_permission( user, "admin"): FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add( AuditLog( user.id, Actions.DELETE_FILE, "File %s (%s) has been deleted" % (flFile.name, flFile.id))) session.commit() sMessages.append("File %s deleted successfully" % flFile.name) else: fMessages.append( "You do not have permission to delete file %s" % flFile.name) except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find file with ID: %s" % str(fileId)) except Exception, e: session.rollback() cherrypy.log.error( "[%s] [delete_files] [Could not delete file: %s]" % (user.id, str(e))) fMessages.append("File not deleted: %s" % str(e))
def delete_message_shares(self, messageIds, format="json", **kwargs): user, sMessages, fMessages = cherrypy.session.get("user"), [], [] try: messageIdList = split_list_sanitized(messageIds) for messageId in messageIdList: rMessage = session.query(MessageShare).filter(MessageShare.message_id==messageId).one() if rMessage.recipient_id == user.id or rMessage.message.owner_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(rMessage) else: fMessages.append("You do not have permission to delete message with ID: %s" % messageId) session.commit() sMessages.append("Message(s) deleted") except Exception, e: cherrypy.log.error("[%s] [delete_message_shares] [Could not delete received message: %s]" % (user.id, str(e))) fMessages.append("Could not delete received message: %s" % str(e))
def cluster_elections(config): try: currentNodeId = int(config['filelocker']['cluster_member_id']) currentNode = session.query(ClusterNode).filter( ClusterNode.member_id == currentNodeId).scalar() if currentNode is None: #This node isn't in the DB yet, check in import socket currentNode = ClusterNode( member_id=currentNodeId, hostname=socket.gethostname(), is_master=False, last_seen_timestamp=datetime.datetime.now()) session.add(currentNode) session.commit() else: #In the DB, update last seen to avoid purging currentNode.last_seen_timestamp = datetime.datetime.now() session.commit() currentMaster = session.query(ClusterNode).filter( ClusterNode.is_master == True).scalar() #If this is default master node and another node has assumed master, reset and force election if currentNodeId == 0 and currentNode.is_master == False and currentMaster is not None: for node in session.query(ClusterNode).all(): node.is_master = False session.commit() #This isn't the default master, there is one, but it's expired elif currentMaster is not None and currentMaster.last_seen_timestamp < datetime.datetime.now( ) - datetime.timedelta(minutes=5): #master is expired session.delete(currentMaster) session.commit() #No master, hold election elif currentMaster is None: #No master nodes found, become master if eligible purge_expired_nodes() highestPriority = currentNode.member_id for node in session.query(ClusterNode).all(): if node.member_id < highestPriority: highestPriority = node.member_id break if highestPriority == currentNode.member_id: #Current node has lowest node id, thus highest priority, assume master currentNode.is_master = True session.commit() return True except sqlalchemy.orm.exc.ConcurrentModificationError, cme: cherrypy.log.error( "[system] [cluster_elections] [Concurrency error during elections. This can occur if locks on the DB inhibit normal cluster elections. If this error occurs infrequently, it can usually be disregarded. Full Error: %s]" % str(cme)) session.rollback() return False
def delete_upload_request(self, ticketId, format="json", requestOrigin=""): user, sMessages, fMessages = cherrypy.session.get("user"), [], [] if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: ticketId = strip_tags(ticketId) uploadRequest = session.query(UploadRequest).filter(UploadRequest.id == ticketId).one() if uploadRequest.owner_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(uploadRequest) session.add(AuditLog(user.id, Actions.DELETE_UPLOAD_REQUEST, "You deleted an upload request with ID: %s" % uploadRequest.id)) session.commit() sMessages.append("Upload request deleted") else: fMessages.append("You do not have permission to delete this upload request") except Exception, e: fMessages.append(str(e))
def delete_messages(self, messageIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = cherrypy.session.get("user"), [], [] if requestOrigin != cherrypy.session["request-origin"]: fMessages.append("Missing request key!!") else: try: messageIdList = split_list_sanitized(messageIds) for messageId in messageIdList: message = session.query(Message).filter(Message.id == messageId).scalar() if message.owner_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(message) else: fMessages.append("You do not have permission to delete message with ID: %s" % messageId) session.commit() sMessages.append("Message(s) deleted") except Exception, e: cherrypy.log.error("[%s] [delete_messages] [Could not delete message: %s]" % (user.id, str(e))) fMessages.append("Could not delete message: %s" % str(e))
def delete_attributes(self, attributeIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: attributeIdList = split_list_sanitized(attributeIds) for attributeId in attributeIdList: try: delAttribute = session.query(Attribute).filter(Attribute.id==attributeId).one() session.delete(delAttribute) sMessages.append("Successfully deleted attribute: %s" % attributeId) except sqlalchemy.orm.exc.NoResultFound: fMessages.append("Attribute with ID: %s does not exist" % str(attributeId)) session.commit() except Exception, e: cherrypy.log.error("[%s] [delete_attributes] [Could not delete attributes: %s]" % (user.id, str(e))) fMessages.append("Unable to delete attribute: %s" % str(e))
def delete_clikey(self, hostIPv4, hostIPv6, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: clikey = session.query(CLIKey).filter(CLIKey.host_ipv4==hostIPv4).filter(CLIKey.host_ipv6==hostIPv6).one() if clikey.user_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(clikey) sMessages.append("Key %s deleted successfully" % clikey.value) session.add(AuditLog(user.id, Actions.DELETE_CLIKEY, "%s deleted CLI Key for host: %s%s" % (user.id, hostIPv4, hostIPv6))) except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find key for host: %s%s" % str(hostIPv4), str(hostIPv6)) session.commit() except Exception, e: session.rollback() fMessages.append("Could not delete Key: %s" % str(e)) cherrypy.log.error("[%s] [delete_clikey] [Could not delete key: %s]" % (user.id, str(e)))
def delete_group_shares(self, fileIds, groupId, format="json"): user, role, sMessages, fMessages = ( cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: group = session.query(Group).filter(Group.id == groupId).one() if ( role is not None and group.role_owner_id == role.id ) or group.owner_id == user.id or AccountService.user_has_permission( user, "admin"): flFile = session.query(File).filter( File.id == fileId).one() if ( role is not None and flFile.role_owner_id == role.id ) or flFile.owner_id == user.id or AccountService.user_has_permission( user, "admin"): share = session.query(GroupShare).filter( GroupShare.group_id == groupId and GroupShare.file_id == flFile.id).scalar() if share is not None: session.delete(share) session.add( AuditLog( user.id, Actions.DELETE_GROUP_SHARE, "You stopped sharing file %s with group %s" % (flFile.name, group.name), None, role.id if role is not None else None)) session.commit() else: fMessages.append( "You do not have permission to modify shares for file with ID: %s" % str(flFile.id)) else: fMessages.append( "You do not have permission delete shares with this group" ) except Exception, e: session.rollback() fMessages.append("Problem deleting share for file: %s" % str(e))
def file_download_complete(user, fileId, publicShareId=None): config = cherrypy.request.app.config['filelocker'] try: role = None if cherrypy.session.has_key("current_role"): role = cherrypy.session.get("current_role") flFile = session.query(File).filter(File.id==fileId).one() if ((role is not None and flFile.role_owner_id != role.id) or user is None or user.id != flFile.owner_id) and flFile.notify_on_download and publicShareId is None: ownerName = "Unknown" try: owner = None if role is not None: owner = session.query(User).filter(User.id==flFile.role_owner_id).one() else: owner = session.query(User).filter(User.id==flFile.owner_id).one() ownerName = owner.id if owner.email is not None and owner.email != "": orgConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('org_%')).all()) Mail.notify(get_template_file('download_notification.tmpl'),{'sender': None, 'recipient': owner.email, 'fileName': flFile.name, 'downloadUserId': user.id, 'downloadUserName': user.display_name, 'filelockerURL': config['root_url'], 'org_url': orgConfig['org_url'], 'org_name': orgConfig['org_name']}) except Exception, e: cherrypy.log.error("[%s] [file_download_complete] [Unable to notify user %s of download completion: %s]" % (user.id, ownerName, str(e))) if publicShareId is not None: publicShare = session.query(PublicShare).filter(PublicShare.id == publicShareId).one() session.add(AuditLog(flFile.owner_id, "Download File", "File %s downloaded via Public Share. " % str(flFile.name), None, flFile.role_owner_id, flFile.id)) if flFile.notify_on_download: try: owner = None if role is not None: owner = session.query(User).filter(User.id==flFile.role_owner_id).one() else: owner = session.query(User).filter(User.id==flFile.owner_id).one() if owner.email is not None and owner.email != "": orgConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('org_%')).all()) Mail.notify(get_template_file('public_download_notification.tmpl'),{'sender': None, 'recipient': owner.email, 'fileName': flFile.name, 'filelockerURL': config['root_url'], 'org_url': orgConfig['org_url'], 'org_name': orgConfig['org_name']}) except Exception, e: cherrypy.log.error("[%s] [file_download_complete] [(2)Unable to notify user %s of download completion: %s]" % ("admin", owner.id, str(e))) if publicShare.reuse == "single": publicShare.files.remove(flFile) session.commit() publicShare = session.query(PublicShare).filter(PublicShare.id == publicShare.id).one() if len(publicShare.files) == 0: session.delete(publicShare) session.add(AuditLog(flFile.owner_id, "Delete Public Share", "File %s (%s) downloaded via single use public share. File is no longer publicly shared." % (flFile.name, flFile.id), None, flFile.role_owner_id, flFile.id)) session.commit()
def delete_groups(self, groupIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: groupIds = split_list_sanitized(groupIds) for groupId in groupIds: try: group = session.query(Group).filter(Group.id==groupId).one() if group.owner_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(group) sMessages.append("Group %s deleted successfully" % group.name) session.add(AuditLog(user.id, Actions.DELETE_GROUP, "%s deleted group \"%s\"(%s)" % (user.id, group.name, group.id), None)) except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find group with ID: %s" % str(groupId)) session.commit() except Exception, e: session.rollback() fMessages.append("Could not delete groups: %s" % str(e)) cherrypy.log.error("[%s] [remove_users_from_group] [Could not delete groups: %s]" % (user.id, str(e)))
def delete_attribute_shares(self, fileIds, attributeId, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: userShareableAttributes, permission = AccountService.get_shareable_attributes_by_user(user), False for attribute in userShareableAttributes: if attributeId == attribute.id: permission = True break if permission: fileIdList = split_list_sanitized(fileIds) for fileId in fileIdList: share = session.query(AttributeShare).filter(AttributeShare.attribute_id==attributeId and AttributeShare.fileId==fileId).one() session.delete(share) sMessages.append("Successfully unshared file(s) with users having the %s attribute" % attributeId) else: fMessages.append("You do not have permission to delete attribute shares for this attribute") except Exception, e: fMessages.append(str(e))
def delete_public_share(self, shareId, format="json", requestOrigin="", **kwargs): user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: shareId = strip_tags(shareId) try: ps = session.query(PublicShare).filter(PublicShare.id == shareId).one() if role is not None and ps.role_owner_id == role.id: session.delete(ps) session.add(AuditLog(user.id, Actions.DELETE_PUBLIC_SHARE, "Role %s stopped sharing files publicly via URL using share ID: %s" % (role.name, str(ps.id)), None, role.id)) session.commit() sMessages.append("Successfully unshared files") elif ps.owner_id == user.id or AccountService.user_has_permission(user, "admin"): session.delete(ps) session.add(AuditLog(user.id, Actions.DELETE_PUBLIC_SHARE, "You stopped sharing files publicly via URL using share ID: %s" % str(ps.id))) session.commit() sMessages.append("Successfully unshared files") else: fMessages.append("You do not have permission to modify share ID: %s" % str(ps.id)) except Exception, e: fMessages.append(str(e))
def process_deletion_queue(config): vault = config['filelocker']['vault'] fileRows = session.query(DeletedFile.file_name).all() for fileRow in fileRows: try: if os.path.isfile(os.path.join(vault, fileRow.file_name)): secure_delete(config, fileRow.file_name) if not os.path.isfile(os.path.join(vault, fileRow.file_name)): deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileRow.file_name).scalar() if deletedFile is not None: session.delete(deletedFile) session.commit() else: pass #This isn't necessarily an error, it just means that the file finally got deleted else: deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileRow.file_name).scalar() if deletedFile is not None: session.delete(deletedFile) session.commit() except Exception, e: cherrypy.log.error("[system] [processDeletionQueue] [Couldn't delete file in deletion queue: %s]" % str(e))
def delete_groups(self, groupIds, format="json", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) try: groupIds = split_list_sanitized(groupIds) for groupId in groupIds: try: group = session.query(Group).filter( Group.id == groupId).one() if group.owner_id == user.id or AccountService.user_has_permission( user, "admin"): session.delete(group) sMessages.append("Group %s deleted successfully" % group.name) session.add( AuditLog( user.id, Actions.DELETE_GROUP, "%s deleted group \"%s\"(%s)" % (user.id, group.name, group.id), None)) except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find group with ID: %s" % str(groupId)) session.commit()
def delete_user_shares(self, fileIds, userId, format="json", requestOrigin=""): user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: flFile = session.query(File).filter(File.id==fileId).one() if (role is not None and flFile.role_owner_id == role.id) or flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"): ps = session.query(UserShare).filter(and_(UserShare.user_id == userId, UserShare.file_id == flFile.id)).scalar() if ps is not None: session.delete(ps) session.add(AuditLog(user.id, Actions.DELETE_USER_SHARE, "You stopped sharing file %s with %s" % (flFile.name, userId), None, role.id if role is not None else None)) session.commit() sMessages.append("Share has been successfully deleted") else: fMessages.append("This share does not exist") else: fMessages.append("You do not have permission to modify shares for file with ID: %s" % str(flFile.id)) except Exception, e: session.rollback() fMessages.append("Problem deleting share for file: %s" % str(e))
def delete_group_shares(self, fileIds, groupId, format="json", requestOrigin=""): user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: fileIds = split_list_sanitized(fileIds) for fileId in fileIds: try: group = session.query(Group).filter(Group.id==groupId).one() if (role is not None and group.role_owner_id == role.id) or group.owner_id == user.id or AccountService.user_has_permission(user, "admin"): flFile = session.query(File).filter(File.id==fileId).one() if (role is not None and flFile.role_owner_id == role.id) or flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"): share = session.query(GroupShare).filter(GroupShare.group_id == groupId and GroupShare.file_id == flFile.id).scalar() if share is not None: session.delete(share) session.add(AuditLog(user.id, Actions.DELETE_GROUP_SHARE, "You stopped sharing file %s with group %s" % (flFile.name, group.name), None, role.id if role is not None else None)) session.commit() else: fMessages.append("You do not have permission to modify shares for file with ID: %s" % str(flFile.id)) else: fMessages.append("You do not have permission delete shares with this group") except Exception, e: session.rollback() fMessages.append("Problem deleting share for file: %s" % str(e))
def delete_roles(self, roleIds, format="json", requestOrigin="", **kwargs): user, sMessages, fMessages = (cherrypy.session.get("user"), [], []) if requestOrigin != cherrypy.session['request-origin']: fMessages.append("Missing request key!!") else: try: roleIds = split_list_sanitized(roleIds) for roleId in roleIds: try: role = session.query(Role).filter(Role.id == roleId).one() session.delete(role) for flFile in session.query(File).filter(File.role_owner_id == role.id): FileService.queue_for_deletion(flFile.id) session.delete(flFile) session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted as a result of the role owner being deleted. " % (flFile.name, flFile.id, role.id), "admin")) session.add(AuditLog(user.id, Actions.DELETE_ROLE, "%s deleted role \"%s\"(%s) from the system" % (user.id, role.name, role.id), None)) sMessages.append("Successfully deleted roles%s." % str(roleId)) except sqlalchemy.orm.exc.NoResultFound: fMessages.append("The role ID: %s does not exist" % str(roleId)) session.commit() except Exception, e: session.rollback() cherrypy.log.error("[%s] [delete_roles] [Problem deleting roles: %s]" % (user.id, str(e))) fMessages.append("Problem deleting roles: %s" % str(e))
AuditLog( "admin", Actions.DELETE_FILE, "File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id), flFile.owner_id, ) ) session.delete(flFile) session.commit() except Exception, e: session.rollback() cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e)) expiredMessages = session.query(Message).filter(Message.date_expires < datetime.datetime.now()) for message in expiredMessages: try: session.delete(message) FileService.queue_for_deletion("m%s" % str(message.id)) session.add( AuditLog( "admin", Actions.DELETE_MESSAGE, "Message %s (ID:%s) has expired and has been deleted by the system." % (message.messageSubject, message.messageId), message.owner_id, ) ) session.commit() except Exception, e: session.rollback() cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired message: %s]" % str(e)) expiredUploadRequests = session.query(UploadRequest).filter(UploadRequest.date_expires < datetime.datetime.now())
AuditLog( "admin", Actions.DELETE_FILE, "File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id), flFile.owner_id)) session.delete(flFile) session.commit() except Exception, e: session.rollback() cherrypy.log.error( "[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e)) expiredMessages = session.query(Message).filter( Message.date_expires < datetime.datetime.now()) for message in expiredMessages: try: session.delete(message) FileService.queue_for_deletion("m%s" % str(message.id)) session.add( AuditLog( "admin", Actions.DELETE_MESSAGE, "Message %s (ID:%s) has expired and has been deleted by the system." % (message.messageSubject, message.messageId), message.owner_id)) session.commit() except Exception, e: session.rollback() cherrypy.log.error( "[system] [routine_maintenance] [Error while deleting expired message: %s]" % str(e)) expiredUploadRequests = session.query(UploadRequest).filter( UploadRequest.date_expires < datetime.datetime.now())
#Check in the file try: FileService.check_in_file(tempFileName, newFile) #If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded if uploadRequest is not None: if uploadRequest.type == "single": session.add( AuditLog( cherrypy.request.remote.ip, Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id)) attachedUploadRequest = session.query( UploadRequest).filter( UploadRequest.id == uploadRequest.id).one() session.delete(attachedUploadRequest) cherrypy.session['uploadRequest'].expired = True else: session.add( AuditLog( cherrypy.request.remote.ip, Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id)) checkInLog = AuditLog( user.id, Actions.UPLOAD, "File %s (%s) checked in to Filelocker: MD5 %s " % (newFile.name, newFile.id, newFile.md5)) if role is not None: checkInLog.affected_role_id = role.id session.add(checkInLog)
if cherrypy.file_uploads.has_key(uploadKey): for fileTransfer in cherrypy.file_uploads[uploadKey]: if fileTransfer.file_object.name == upFile.file_object.name: fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting" #Check in the file try: FileService.check_in_file(tempFileName, newFile) ### Moved to check_in_file so the record can be trashed if virus scan fails #session.add(newFile) #session.commit() #If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded if uploadRequest is not None: if uploadRequest.type == "single": session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id)) attachedUploadRequest = session.query(UploadRequest).filter(UploadRequest.id == uploadRequest.id).one() session.delete(attachedUploadRequest) cherrypy.session['uploadRequest'].expired = True else: session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id)) checkInLog = AuditLog(user.id, Actions.UPLOAD, "File %s (%s) checked in to Filelocker: MD5 %s " % (newFile.name, newFile.id, newFile.md5)) if role is not None: checkInLog.affected_role_id = role.id session.add(checkInLog) sMessages.append("File %s uploaded successfully." % str(fileName)) session.commit() except sqlalchemy.orm.exc.NoResultFound, nrf: fMessages.append("Could not find upload request with ID: %s" % str(uploadRequest.id)) except Exception, e: cherrypy.log.error("[%s] [upload] [Couldn't check in file: %s]" % (user.id, str(e))) fMessages.append("File couldn't be checked in to the file repository: %s" % str(e)) upFile.file_object.close()