def check_auth(*args, **kwargs):
# auth not enabled in config.
auth = _config["auth"];
if not auth["on"]:
return;
# method donot require check.
conditions = cherrypy.request.config.get('auth.require', None)
if conditions is None:
return;
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
trace("check session, session_id=%s"%(cherrypy.session.id));
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
if user_id is None:
error("session invalid, check auth failed.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized, login please.");
return;
# check condition.
for condition in conditions:
if not condition():
error("codition check invalid, check auth failed.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized for specified condition");
return;
trace("check auth success. user_id=%s"%(user_id));
def GET(self, r=None):
enable_crossdomain();
records = sql_exec("select type_id,type_name from dr_type");
ret = [];
for record in records:
ret.append({"id":record["type_id"], "value":record["type_name"]});
return json.dumps({"code":ErrorCode.Success, "data":ret});
def authorize_user(request_user_id):
auth = _config["auth"];
if not auth["on"]:
return;
# method donot require check.
conditions = cherrypy.request.config.get('auth.require', None)
if conditions is None:
return;
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
if user_id is None:
error("authorize_user invalid, no session.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized, login please.");
return;
if request_user_id in authorize_get_exception_user_id(user_id):
error("authorize_user(id=%s) requires user id=%s invalid, check authorization failed."%(user_id, request_user_id));
enable_crossdomain();
raise cherrypy.HTTPError(403, "You(id=%s) are not authorized as %s, login please."%(user_id, request_user_id));
return;
trace("authorize success, user_id=%s requires id=%s"%(user_id, request_user_id));
return;
def GET(self, group="", start_time="", end_time="", summary="", user_id="", product_id="", type_id="", query_all="false", r=None):
enable_crossdomain();
if query_all == True or query_all == "true" or str(query_all) == "1":
query_all = True
else:
query_all = False
# if not null, must be a digit.
if group != "" and str(group) != "-1" and not str(group).isdigit():
error("group must be digit, actual is %s"%(group));
raise cherrypy.HTTPError(400, "group must be digit");
trace('group=%s, start_time=%s, end_time=%s, summary=%s, user_id=%s, product_id=%s, type_id=%s, query_all=%s'%(group, start_time, end_time, summary, user_id, product_id, type_id, query_all));
if user_id != "":
authorize_user(user_id);
if group == "" or str(group) == "-1":
if summary == "1":
return self.query_summary(start_time, end_time, user_id, product_id, type_id, query_all);
else:
return self.query_detail(start_time, end_time, user_id, product_id, type_id, query_all);
else:
if summary == "1":
return self.query_summary_group(group, start_time, end_time, user_id, product_id, type_id, query_all);
else:
return self.query_detail_group(group, start_time, end_time, user_id, product_id, type_id, query_all);
def authorize_user(request_user_id):
auth = _config["auth"];
if not auth["on"]:
return;
# method donot require check.
conditions = cherrypy.request.config.get('auth.require', None)
if conditions is None:
return;
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
if user_id is None:
error("authorize_user invalid, no session.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized, login please.");
return;
if request_user_id in authorize_get_exception_user_id(user_id):
error("authorize_user(id=%s) requires user id=%s invalid, check authorization failed."%(user_id, request_user_id));
enable_crossdomain();
raise cherrypy.HTTPError(403, "You(id=%s) are not authorized as %s, login please."%(user_id, request_user_id));
return;
trace("authorize success, user_id=%s requires id=%s"%(user_id, request_user_id));
return;
def GET(self, group="", start_time="", end_time="", summary="", user_id="", product_id="", type_id="", query_all="false", r=None):
enable_crossdomain();
if query_all == True or query_all == "true" or str(query_all) == "1":
query_all = True
else:
query_all = False
# if not null, must be a digit.
if group != "" and str(group) != "-1" and not str(group).isdigit():
error("group must be digit, actual is %s"%(group));
raise cherrypy.HTTPError(400, "group must be digit");
trace('group=%s, start_time=%s, end_time=%s, summary=%s, user_id=%s, product_id=%s, type_id=%s, query_all=%s'%(group, start_time, end_time, summary, user_id, product_id, type_id, query_all));
if user_id != "":
authorize_user(user_id);
if group == "" or str(group) == "-1":
if summary == "1":
return self.query_summary(start_time, end_time, user_id, product_id, type_id, query_all);
else:
return self.query_detail(start_time, end_time, user_id, product_id, type_id, query_all);
else:
if summary == "1":
return self.query_summary_group(group, start_time, end_time, user_id, product_id, type_id, query_all);
else:
return self.query_detail_group(group, start_time, end_time, user_id, product_id, type_id, query_all);
def GET(self, r=None):
enable_crossdomain();
records = sql_exec("select type_id,type_name from dr_type");
ret = [];
for record in records:
ret.append({"id":record["type_id"], "value":record["type_name"]});
return json.dumps({"code":ErrorCode.Success, "data":ret});
def POST(self):
enable_crossdomain();
req_json_str = cherrypy.request.body.read();
try:
req_json = json.loads(req_json_str);
except Exception,e:
error(sys.exc_info);
return json.dumps({"code":ErrorCode.Failed, "error":ErrorCode.Failed, "error_description":"to json error"});
def POST(self):
enable_crossdomain();
req_json_str = cherrypy.request.body.read();
try:
req_json = json.loads(req_json_str);
except Exception,e:
error(sys.exc_info);
return json.dumps({"code":ErrorCode.Failed, "error":ErrorCode.Failed, "error_description":"to json error"});
def GET(self, group="", query_all="false", r=None):
enable_crossdomain();
if query_all == True or query_all == "true" or str(query_all) == "1":
query_all = True
else:
query_all = False
# if not null, must be a digit.
if group != "" and str(group) != "-1" and not str(group).isdigit():
error("group must be digit, actual is %s"%(group));
raise cherrypy.HTTPError(400, "group must be digit");
records = [];
if query_all:
if group == "" or str(group) == "-1":
records = sql_exec("select user_id,user_name from dr_user");
else:
records = sql_exec("select u.user_id,u.user_name "
"from dr_user u,dr_group g,dr_rs_group_user rs "
"where rs.user_id = u.user_id and g.group_id = rs.group_id and g.group_id = %s", (group));
else:
if group == "" or str(group) == "-1":
records = sql_exec("select user_id,user_name from dr_user where enabled=true");
else:
records = sql_exec("select u.user_id,u.user_name "
"from dr_user u,dr_group g,dr_rs_group_user rs "
"where u.enabled=true "
"and rs.user_id = u.user_id and g.group_id = rs.group_id and g.group_id = %s", (group));
user_id = None;
auth = _config["auth"];
if auth["on"]:
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
# the user cannot authorize by specified user.
exception_users = authorize_get_exception_user_id(user_id);
trace("get users while group=%s for user_id=%s exception_users=%s"%(group, user_id, exception_users));
ret = [];
for record in records:
returned_user_id = record["user_id"];
if returned_user_id in exception_users:
continue;
ret.append({
"id":returned_user_id, "value":record["user_name"]
});
return json.dumps({"code":ErrorCode.Success, "auth":user_id, "users":ret});
def GET(self, group="", query_all="false", r=None):
enable_crossdomain();
if query_all == True or query_all == "true" or str(query_all) == "1":
query_all = True
else:
query_all = False
# if not null, must be a digit.
if group != "" and str(group) != "-1" and not str(group).isdigit():
error("group must be digit, actual is %s"%(group));
raise cherrypy.HTTPError(400, "group must be digit");
records = [];
if query_all:
if group == "" or str(group) == "-1":
records = sql_exec("select user_id,user_name from dr_user");
else:
records = sql_exec("select u.user_id,u.user_name "
"from dr_user u,dr_group g,dr_rs_group_user rs "
"where rs.user_id = u.user_id and g.group_id = rs.group_id and g.group_id = %s", (group));
else:
if group == "" or str(group) == "-1":
records = sql_exec("select user_id,user_name from dr_user where enabled=true");
else:
records = sql_exec("select u.user_id,u.user_name "
"from dr_user u,dr_group g,dr_rs_group_user rs "
"where u.enabled=true "
"and rs.user_id = u.user_id and g.group_id = rs.group_id and g.group_id = %s", (group));
user_id = None;
auth = _config["auth"];
if auth["on"]:
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
# the user cannot authorize by specified user.
exception_users = authorize_get_exception_user_id(user_id);
trace("get users while group=%s for user_id=%s exception_users=%s"%(group, user_id, exception_users));
ret = [];
for record in records:
returned_user_id = record["user_id"];
if returned_user_id in exception_users:
continue;
ret.append({
"id":returned_user_id, "value":record["user_name"]
});
return json.dumps({"code":ErrorCode.Success, "auth":user_id, "users":ret});
def GET(self, access_token, r=None):
enable_crossdomain();
auth = _config["auth"];
if not auth["on"]:
raise cherrypy.HTTPError(405, "auth is off");
return;
# valid for QQ-OAuth
if auth["strategy"] == "qq_oauth":
return self.qq_oauth_access(access_token);
else:
raise cherrypy.HTTPError(405, "no auth strategy speicfied");
def POST(self):
enable_crossdomain()
(code, ret) = (ErrorCode.Success, [])
req_str = cherrypy.request.body.read()
try:
req = json.loads(req_str)
except Exception, e:
error(sys.exc_info)
return json.dumps({
"code": ErrorCode.Failed,
"error": ErrorCode.Failed,
"error_description": "to json error"
})
def GET(self, access_token, r=None):
enable_crossdomain()
auth = _config["auth"]
if not auth["on"]:
raise cherrypy.HTTPError(405, "auth is off")
return
# valid for QQ-OAuth
if auth["strategy"] == "qq_oauth":
return self.qq_oauth_access(access_token)
else:
raise cherrypy.HTTPError(405, "no auth strategy speicfied")
def GET(self, r=None):
enable_crossdomain()
records = sql_exec("select product_id,product_name from dr_product")
ret = []
for record in records:
ret.append({
"id": record["product_id"],
"value": record["product_name"]
})
return json.dumps({
"code": ErrorCode.Success,
"data": ret
})
def POST(self):
enable_crossdomain();
auth = _config["auth"];
if not auth["on"]:
raise cherrypy.HTTPError(405, "auth is off");
return;
req_json_str = cherrypy.request.body.read();
try:
req_json = json.loads(req_json_str);
except Exception,e:
error(sys.exc_info);
return json.dumps({"code":ErrorCode.Failed, "error":ErrorCode.Failed, "error_description":"to json error"});
def POST(self):
enable_crossdomain();
auth = _config["auth"];
if not auth["on"]:
raise cherrypy.HTTPError(405, "auth is off");
return;
req_json_str = cherrypy.request.body.read();
try:
req_json = json.loads(req_json_str);
except Exception,e:
error(sys.exc_info);
return json.dumps({"code":ErrorCode.Failed, "error":ErrorCode.Failed, "error_description":"to json error"});
def GET(self, issue_id, r=None):
enable_crossdomain();
# read config from file.
redmine = _config["redmine"];
redmine_api_issues = "%s://%s:%s@%s:%s/%s"%(
redmine["protocol"], redmine["username"], redmine["password"],
redmine["host"], redmine["port"], redmine["path"]);
# proxy for redmine issues
# 1. must Enable the RESTful api: http://www.redmine.org/projects/redmine/wiki/Rest_api#Authentication
# 2. add a user, username="******", password="******", add to report user, which can access the issues.
api = "%s/%s.json"%(redmine_api_issues, issue_id);
trace(api);
url = urllib.urlopen(api);
data = url.read();
url.close();
return data;
def GET(self, issue_id, r=None):
enable_crossdomain()
# read config from file.
redmine = _config["redmine"]
redmine_api_issues = "%s://%s:%s@%s:%s/%s" % (
redmine["protocol"], redmine["username"], redmine["password"],
redmine["host"], redmine["port"], redmine["path"])
# proxy for redmine issues
# 1. must Enable the RESTful api: http://www.redmine.org/projects/redmine/wiki/Rest_api#Authentication
# 2. add a user, username="******", password="******", add to report user, which can access the issues.
api = "%s/%s.json" % (redmine_api_issues, issue_id)
trace(api)
url = urllib.urlopen(api)
data = url.read()
url.close()
return data
def check_auth(*args, **kwargs):
# auth not enabled in config.
auth = _config["auth"];
if not auth["on"]:
return;
# method donot require check.
conditions = cherrypy.request.config.get('auth.require', None)
if conditions is None:
return;
# QQ-OAuth not enabled.
if auth["strategy"] == "qq_oauth":
trace("check session, session_id=%s"%(cherrypy.session.id));
# check QQ-OAuth session.
user_id = cherrypy.session.get(SESSION_KEY);
if user_id is None:
error("session invalid, check auth failed.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized, login please.");
return;
# check user enabled.
if True:
user_id = cherrypy.session.get(SESSION_KEY);
trace("check whether user enabled. id=%s"%(user_id));
records = sql_exec("select user_id from dr_user where user_id='%s' and enabled=true",(user_id));
if len(records) <= 0:
error("user disabled, id=%s."%(user_id));
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are disabled");
return;
# check condition.
for condition in conditions:
if not condition():
error("codition check invalid, check auth failed.");
enable_crossdomain();
raise cherrypy.HTTPError(401, "You are not authorized for specified condition");
return;
trace("check auth success. user_id=%s"%(user_id));
def OPTIONS(self):
enable_crossdomain();
def OPTIONS(self):
enable_crossdomain()
