def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Treat requests GET to get User by the identifier.
URL: user/get/<id_user>/
"""
try:
self.log.info("Get User by the identifier")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Valid User ID
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
user_map = dict()
user_map['usuario'] = model_to_dict(usr)
user_map['usuario']['grupos'] = user_map['usuario']['grupos'] if user_map['usuario'][
'grupos'] is not None and len(user_map['usuario']['grupos']) > 0 else [None]
return self.response(dumps_networkapi(user_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def after_return(self, status, retval, task_id, args, kwargs, einfo):
user = Usuario.get_by_pk(args[1])
task = celery_app.AsyncResult(task_id)
if status == 'FAILURE':
if hasattr(task.result, "exc_message"):
result = task.result.exc_message
else:
result = task.result.message
else:
result = task.result
queue_name = 'tasks.%s' % user.user.lower()
routing_key = '%s.%s' % (queue_name, task_id)
queue_manager = QueueManager(broker_vhost='tasks',
queue_name=queue_name,
exchange_name=queue_name,
routing_key=routing_key)
queue_manager.append({
'task_id': task_id,
'status': status,
'result': result
})
queue_manager.send()
def after_return(self, status, retval, task_id, args, kwargs, einfo):
user = Usuario.get_by_pk(args[1])
task = celery_app.AsyncResult(task_id)
if status == 'FAILURE':
if hasattr(task.result, "exc_message"):
result = task.result.exc_message
else:
result = task.result.message
else:
result = task.result
queue_name = 'tasks.%s' % user.user.lower()
routing_key = '%s.%s' % (queue_name, task_id)
queue_manager = QueueManager(broker_vhost='tasks',
queue_name=queue_name,
exchange_name=queue_name,
routing_key=routing_key)
queue_manager.append({
'task_id': task_id,
'status': status,
'result': result
})
queue_manager.send()
def handle_post(self, request, user, *args, **kwargs):
"""Trata as requisições de POST para alterar a senha de um Usuario.
URL: user-change-pass/
"""
try:
xml_map, attrs_map = loads(request.raw_post_data)
self.log.info('Change user password')
# User permission
if not has_perm(user, AdminPermission.AUTHENTICATE, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.')
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(3, u'Não existe valor para a tag usuario do XML de requisição.')
# Get XML data
id_user = user_map.get('user_id')
password = user_map.get('password')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid pwd
if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(u'Parameter password is invalid. Value: ****')
raise InvalidValueError(None, 'password', '****')
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
# set variable
usr.pwd = hashlib.md5(password).hexdigest()
try:
# update User
usr.save(user)
except Exception, e:
self.log.error(u'Failed to update the user.')
raise UsuarioError(e, u'Failed to update the user.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove user.
URL: user/<id_user>/
"""
try:
self.log.info('Remove User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Find Permission by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.eventlog_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None, u'Existe event_log associado ao usuario %s' %
user.id)
if usr.usuariogrupo_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None,
u'Existe grupo associado ao usuario %s' % user.id)
# remove User
usr.delete()
except UsuarioHasEventOrGrupoError, e:
raise e
except Exception, e:
self.log.error(u'Failed to remove the user.')
raise GrupoError(e, u'Failed to remove the user.')
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove user.
URL: user/<id_user>/
"""
try:
self.log.info('Remove User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Find Permission by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.eventlog_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None, u'Existe event_log associado ao usuario %s' % user.id)
if usr.usuariogrupo_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None, u'Existe grupo associado ao usuario %s' % user.id)
# remove User
usr.delete()
except UsuarioHasEventOrGrupoError, e:
raise e
except Exception, e:
self.log.error(u'Failed to remove the user.')
raise GrupoError(e, u'Failed to remove the user.')
def handle_get(self, request, user, *args, **kwargs):
"""Treat requests GET to get User by the identifier.
URL: user/get/<id_user>/
"""
try:
self.log.info('Get User by the identifier')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Valid User ID
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
user_map = dict()
user_map['usuario'] = model_to_dict(usr)
user_map['usuario']['grupos'] = user_map['usuario'][
'grupos'] if user_map['usuario']['grupos'] is not None and len(
user_map['usuario']['grupos']) > 0 else [None]
return self.response(dumps_networkapi(user_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to associate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/
"""
try:
self.log.info("Associate User and Group.")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
group = UGrupo.get_by_pk(id_group)
try:
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
raise UsuarioGrupoDuplicatedError(
None, u'Usuário já está associado ao Grupo.')
except UserGroupNotFoundError:
pass
user_group = UsuarioGrupo()
# set variables
user_group.usuario = usr
user_group.ugrupo = group
try:
# save UserGroup
user_group.save(user)
except Exception, e:
self.log.error(u'Failed to save the UserGroup.')
raise UsuarioError(e, u'Failed to save the UserGroup.')
usr_grp_map = dict()
usr_grp_map['user_group'] = model_to_dict(
usr, exclude=["usuario", "ugrupo"])
return self.response(dumps_networkapi(usr_grp_map))
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit User.
URL: user/<id_user>/
"""
try:
self.log.info('Edit User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('user')
password = user_map.get('password')
name = user_map.get('name')
email = user_map.get('email')
active = user_map.get('active')
user_ldap = user_map.get('user_ldap')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid username
if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(
u'Parameter user is invalid. Value: %s', username)
raise InvalidValueError(None, 'user', username)
# Valid pwd
if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(u'Parameter password is invalid. Value: ****')
raise InvalidValueError(None, 'password', '****')
# Valid name
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 200):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
# Valid email
if not is_valid_string_minsize(email, 3) or not is_valid_string_maxsize(email, 200) or not is_valid_email(email):
self.log.error(u'Parameter email is invalid. Value: %s', email)
raise InvalidValueError(None, 'email', email)
# Valid active
if not is_valid_boolean_param(active):
self.log.error(
u'The active parameter is not a valid value: %s.', active)
raise InvalidValueError(None, 'active', active)
# Valid LDAP username
if not is_valid_string_minsize(user_ldap, 3, False) or not is_valid_string_maxsize(user_ldap, 45, False):
self.log.error(
u'Parameter user_ldap is invalid. Value: %s', user_ldap)
raise InvalidValueError(None, 'user_ldap', user_ldap)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.user.lower() != username.lower():
Usuario.get_by_user(username)
raise UsuarioNameDuplicatedError(
None, u'Já existe um usuário com o valor user %s.' % username)
except UsuarioNotFoundError:
pass
# set variables
usr.user = username
usr.pwd = password
usr.nome = name
usr.email = email
usr.ativo = convert_string_or_int_to_boolean(active)
usr.user_ldap = user_ldap
try:
# update User
usr.save()
except Exception, e:
self.log.error(u'Failed to update the user.')
raise UsuarioError(e, u'Failed to update the user.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit User.
URL: user/<id_user>/
"""
try:
self.log.info('Edit User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(
3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('user')
password = user_map.get('password')
name = user_map.get('name')
email = user_map.get('email')
active = user_map.get('active')
user_ldap = user_map.get('user_ldap')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid username
if not is_valid_string_minsize(
username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(u'Parameter user is invalid. Value: %s',
username)
raise InvalidValueError(None, 'user', username)
# Valid pwd
if not is_valid_string_minsize(
password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(u'Parameter password is invalid. Value: ****')
raise InvalidValueError(None, 'password', '****')
# Valid name
if not is_valid_string_minsize(
name, 3) or not is_valid_string_maxsize(name, 200):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
# Valid email
if not is_valid_string_minsize(
email, 3) or not is_valid_string_maxsize(
email, 200) or not is_valid_email(email):
self.log.error(u'Parameter email is invalid. Value: %s', email)
raise InvalidValueError(None, 'email', email)
# Valid active
if not is_valid_boolean_param(active):
self.log.error(
u'The active parameter is not a valid value: %s.', active)
raise InvalidValueError(None, 'active', active)
# Valid LDAP username
if not is_valid_string_minsize(
user_ldap, 3, False) or not is_valid_string_maxsize(
user_ldap, 45, False):
self.log.error(u'Parameter user_ldap is invalid. Value: %s',
user_ldap)
raise InvalidValueError(None, 'user_ldap', user_ldap)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.user.lower() != username.lower():
Usuario.get_by_user(username)
raise UsuarioNameDuplicatedError(
None,
u'Já existe um usuário com o valor user %s.' %
username)
except UsuarioNotFoundError:
pass
# set variables
usr.user = username
usr.pwd = password
usr.nome = name
usr.email = email
usr.ativo = convert_string_or_int_to_boolean(active)
usr.user_ldap = user_ldap
try:
# update User
usr.save()
except Exception, e:
self.log.error(u'Failed to update the user.')
raise UsuarioError(e, u'Failed to update the user.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to associate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/
"""
try:
self.log.info("Associate User and Group.")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
group = UGrupo.get_by_pk(id_group)
try:
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
raise UsuarioGrupoDuplicatedError(
None, u'Usuário já está associado ao Grupo.')
except UserGroupNotFoundError:
pass
user_group = UsuarioGrupo()
# set variables
user_group.usuario = usr
user_group.ugrupo = group
try:
# save UserGroup
user_group.save()
except Exception, e:
self.log.error(u'Failed to save the UserGroup.')
raise UsuarioError(e, u'Failed to save the UserGroup.')
usr_grp_map = dict()
usr_grp_map['user_group'] = model_to_dict(
usr, exclude=["usuario", "ugrupo"])
return self.response(dumps_networkapi(usr_grp_map))