def set_variable_value(self, value): new_value = unicode(value) if self.vardef.secure: from wirecloud.platform.workspace.utils import encrypt_value new_value = encrypt_value(new_value) self.value = new_value
def handleMultiuser(self, request, secure, new_variable, old_variable): if secure: new_value = encrypt_value(new_variable["value"]) else: new_value = new_variable["value"] new_variable = deepcopy(old_variable) new_variable["value"]["users"]["%s" % request.user.id] = new_value return new_variable
def _populate_variables_values_cache(workspace, user, key, forced_values=None): """ populates VariableValue cached values for that user """ values_by_varid = {} values_by_varname = {} if forced_values == None: user_workspace = UserWorkspace.objects.get(user=user, workspace=workspace) context_values = get_context_values(user_workspace) preferences = get_workspace_preference_values(workspace) forced_values = process_forced_values(workspace, user, context_values, preferences) var_values = VariableValue.objects.filter(user__id=user.id, variable__iwidget__tab__workspace=workspace) for var_value in var_values.select_related('variable__vardef'): variwidget = var_value.variable.iwidget.id varname = var_value.variable.vardef.name # forced_values uses string keys svariwidget = str(variwidget) if not variwidget in values_by_varname: values_by_varname[variwidget] = {} entry = {} if svariwidget in forced_values['iwidget'] and varname in forced_values['iwidget'][svariwidget]: fv_entry = forced_values['iwidget'][svariwidget][varname] entry['value'] = fv_entry['value'] if var_value.variable.vardef.secure: entry['value'] = encrypt_value(entry['value']) entry['readonly'] = True entry['hidden'] = fv_entry.get('hidden', False) else: if not var_value.variable.vardef.secure: entry['value'] = var_value.get_variable_value() else: entry['value'] = var_value.value entry['readonly'] = False entry['hidden'] = False entry['secure'] = var_value.variable.vardef.secure values_by_varname[variwidget][varname] = entry values_by_varid[var_value.variable.id] = entry values = { 'by_varid': values_by_varid, 'by_varname': values_by_varname, } cache.set(key, values) return values
def set_variable_value(self, var_name, value): iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True) vardef = iwidget_info['variables']['all'][var_name] if vardef['secure']: from wirecloud.platform.workspace.utils import encrypt_value value = encrypt_value(value) elif vardef['type'] == 'boolean': value = bool(value) elif vardef['type'] == 'number': value = float(value) self.variables[var_name] = value
def setUp(self): super(ProxySecureDataTests, self).setUp() user = User.objects.get(username='******') iwidget = IWidget.objects.get(pk=3) iwidget.set_variable_value('password', 'test_password', user) iwidget.save() self.assertNotEqual(iwidget.variables['password'], 'test_password') iwidget.tab.workspace.wiringStatus['operators']["2"]['preferences'][ 'pref_secure']['value']['users']['2'] = encrypt_value( "test_password") iwidget.tab.workspace.save() self.client.login(username='******', password='******') self.network._servers['http']['example.com'].add_response( 'POST', '/path', self.echo_response)
def set_variable_value(self, var_name, value, user): iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True) vardef = iwidget_info['variables']['all'][var_name] if vardef['secure']: from wirecloud.platform.workspace.utils import encrypt_value value = encrypt_value(value) elif vardef['type'] == 'boolean': if isinstance(value, text_type): value = value.strip().lower() == "true" else: value = bool(value) elif vardef['type'] == 'number': value = float(value) if "users" in self.variables.get(var_name, ""): self.variables[var_name]["users"] = {"%s" % user.id: value} else: self.variables[var_name] = {"users": {"%s" % user.id: value}}
def set_variable_value(self, var_name, value, user): iwidget_info = self.widget.resource.get_processed_info(translate=False, process_variables=True) vardef = iwidget_info['variables']['all'][var_name] if vardef['secure']: from wirecloud.platform.workspace.utils import encrypt_value value = encrypt_value(value) elif vardef['type'] == 'boolean': if isinstance(value, str): value = value.strip().lower() == "true" else: value = bool(value) elif vardef['type'] == 'number': value = float(value) if "users" in self.variables.get(var_name, ""): self.variables[var_name]["users"] = {"%s" % user.id: value} else: self.variables[var_name] = {"users": {"%s" % user.id: value}}
def checkWiring(self, request, new_wiring_status, old_wiring_status, can_update_secure=False): # Check read only connections old_read_only_connections = [connection for connection in old_wiring_status['connections'] if connection.get('readonly', False)] new_read_only_connections = [connection for connection in new_wiring_status['connections'] if connection.get('readonly', False)] if len(old_read_only_connections) > len(new_read_only_connections): return build_error_response(request, 403, _('You are not allowed to remove or update read only connections')) for connection in old_read_only_connections: if connection not in new_read_only_connections: return build_error_response(request, 403, _('You are not allowed to remove or update read only connections')) # Check operator preferences and properties for operator_id, operator in six.iteritems(new_wiring_status['operators']): old_operator = None if operator_id in old_wiring_status['operators']: old_operator = old_wiring_status['operators'][operator_id] added_preferences = set(operator['preferences'].keys()) - set(old_operator['preferences'].keys()) removed_preferences = set(old_operator['preferences'].keys()) - set(operator['preferences'].keys()) updated_preferences = set(operator['preferences'].keys()).intersection(old_operator['preferences'].keys()) added_properties = set(operator.get('properties', {}).keys()) - set(old_operator['properties'].keys()) removed_properties = set(old_operator['properties'].keys()) - set(operator.get('properties', {}).keys()) updated_properties = set(operator.get('properties', {}).keys()).intersection(old_operator['properties'].keys()) else: # New operator added_preferences = operator['preferences'].keys() removed_preferences = () updated_preferences = () added_properties = operator['properties'].keys() removed_properties = () updated_properties = () try: vendor, name, version = operator["name"].split("/") resource = CatalogueResource.objects.get(vendor=vendor, short_name=name, version=version).get_processed_info(process_variables=True) operator_preferences = resource["variables"]["preferences"] operator_properties = resource["variables"]["properties"] except CatalogueResource.DoesNotExist: # Missing operator variables can't be updated operator['properties'] = old_operator["properties"] operator['preferences'] = old_operator["preferences"] continue # Handle preferences for preference_name in added_preferences: if operator['preferences'][preference_name].get('readonly', False) or operator['preferences'][preference_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden preferences cannot be created using this API')) # Handle multiuser new_preference = operator['preferences'][preference_name] preference_secure = operator_preferences.get(preference_name, {}).get("secure", False) if preference_secure: new_value = encrypt_value(new_preference["value"]) else: new_value = new_preference["value"] new_preference["value"] = {"users": {"%s" % request.user.id: new_value}} operator['preferences'][preference_name] = new_preference for preference_name in removed_preferences: if old_operator['preferences'][preference_name].get('readonly', False) or old_operator['preferences'][preference_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden preferences cannot be removed')) for preference_name in updated_preferences: old_preference = old_operator['preferences'][preference_name] new_preference = operator['preferences'][preference_name] # Using patch means no change at all on non-modified preferences if old_preference == new_preference: continue # Check if its multiuser preference_secure = operator_preferences.get(preference_name, {}).get("secure", False) if old_preference.get('readonly', False) != new_preference.get('readonly', False) or old_preference.get('hidden', False) != new_preference.get('hidden', False): return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API')) if new_preference.get('readonly', False) and new_preference.get('value') != old_preference.get('value'): return build_error_response(request, 403, _('Read only preferences cannot be updated')) if preference_secure and not can_update_secure: new_preference["value"] = old_preference["value"] else: # Handle multiuser new_preference = self.handleMultiuser(request, preference_secure, new_preference, old_preference) operator['preferences'][preference_name] = new_preference # Handle properties for property_name in added_properties: if operator['properties'][property_name].get('readonly', False) or operator['properties'][property_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden properties cannot be created using this API')) # Handle multiuser new_property = operator['properties'][property_name] new_property["value"] = {"users": {"%s" % request.user.id: new_property["value"]}} operator['properties'][property_name] = new_property for property_name in removed_properties: if old_operator['properties'][property_name].get('readonly', False) or old_operator['properties'][property_name].get('hidden', False): return build_error_response(request, 403, _('Read only and hidden properties cannot be removed')) for property_name in updated_properties: old_property = old_operator['properties'][property_name] new_property = operator['properties'][property_name] # Using patch means no change at all on non-modified properties if old_property == new_property: continue # Check if its multiuser if property_name in operator_properties: prop = operator_properties[property_name] property_secure = prop.get("secure", False) else: property_secure = False if old_property.get('readonly', False) != new_property.get('readonly', False) or old_property.get('hidden', False) != new_property.get('hidden', False): return build_error_response(request, 403, _('Read only and hidden status cannot be changed using this API')) if new_property.get('readonly', False) and new_property.get('value') != old_property.get('value'): return build_error_response(request, 403, _('Read only properties cannot be updated')) if property_secure and not can_update_secure: new_property["value"] = old_property["value"] else: # Handle multiuser new_property = self.handleMultiuser(request, property_secure, new_property, old_property) operator['properties'][property_name] = new_property return True
def setUp(self): super(ProxySecureDataTests, self).setUp() user = User.objects.get(username='******') iwidget = IWidget.objects.get(pk=3) iwidget.set_variable_value('password', 'test_password', user) iwidget.save() self.assertNotEqual(iwidget.variables['password'], 'test_password') iwidget.tab.workspace.wiringStatus['operators']["2"]['preferences']['pref_secure']['value']['users']['2'] = encrypt_value("test_password") iwidget.tab.workspace.save() self.client.login(username='******', password='******') self.network._servers['http']['example.com'].add_response('POST', '/path', self.echo_response)
def checkWiring(self, request, new_wiring_status, old_wiring_status, can_update_secure=False): # Check read only connections old_read_only_connections = [ connection for connection in old_wiring_status['connections'] if connection.get('readonly', False) ] new_read_only_connections = [ connection for connection in new_wiring_status['connections'] if connection.get('readonly', False) ] if len(old_read_only_connections) > len(new_read_only_connections): return build_error_response( request, 403, _('You are not allowed to remove or update read only connections' )) for connection in old_read_only_connections: if connection not in new_read_only_connections: return build_error_response( request, 403, _('You are not allowed to remove or update read only connections' )) # Check operator preferences and properties for operator_id, operator in six.iteritems( new_wiring_status['operators']): old_operator = None if operator_id in old_wiring_status['operators']: old_operator = old_wiring_status['operators'][operator_id] added_preferences = set(operator['preferences'].keys()) - set( old_operator['preferences'].keys()) removed_preferences = set( old_operator['preferences'].keys()) - set( operator['preferences'].keys()) updated_preferences = set( operator['preferences'].keys()).intersection( old_operator['preferences'].keys()) added_properties = set(operator.get( 'properties', {}).keys()) - set( old_operator['properties'].keys()) removed_properties = set( old_operator['properties'].keys()) - set( operator.get('properties', {}).keys()) updated_properties = set( operator.get('properties', {}).keys()).intersection( old_operator['properties'].keys()) else: # New operator added_preferences = operator['preferences'].keys() removed_preferences = () updated_preferences = () added_properties = operator['properties'].keys() removed_properties = () updated_properties = () try: vendor, name, version = operator["name"].split("/") resource = CatalogueResource.objects.get( vendor=vendor, short_name=name, version=version).get_processed_info(process_variables=True) operator_preferences = resource["variables"]["preferences"] operator_properties = resource["variables"]["properties"] except CatalogueResource.DoesNotExist: # Missing operator variables can't be updated operator['properties'] = old_operator["properties"] operator['preferences'] = old_operator["preferences"] continue # Handle preferences for preference_name in added_preferences: if operator['preferences'][preference_name].get( 'readonly', False) or operator['preferences'][preference_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden preferences cannot be created using this API' )) # Handle multiuser new_preference = operator['preferences'][preference_name] preference_secure = operator_preferences.get( preference_name, {}).get("secure", False) if preference_secure: new_value = encrypt_value(new_preference["value"]) else: new_value = new_preference["value"] new_preference["value"] = { "users": { "%s" % request.user.id: new_value } } operator['preferences'][preference_name] = new_preference for preference_name in removed_preferences: if old_operator['preferences'][preference_name].get( 'readonly', False ) or old_operator['preferences'][preference_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden preferences cannot be removed') ) for preference_name in updated_preferences: old_preference = old_operator['preferences'][preference_name] new_preference = operator['preferences'][preference_name] # Using patch means no change at all on non-modified preferences if old_preference == new_preference: continue # Check if its multiuser preference_secure = operator_preferences.get( preference_name, {}).get("secure", False) if old_preference.get('readonly', False) != new_preference.get( 'readonly', False) or old_preference.get( 'hidden', False) != new_preference.get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden status cannot be changed using this API' )) if new_preference.get( 'readonly', False) and new_preference.get( 'value') != old_preference.get('value'): return build_error_response( request, 403, _('Read only preferences cannot be updated')) if preference_secure and not can_update_secure: new_preference["value"] = old_preference["value"] else: # Handle multiuser new_preference = self.handleMultiuser( request, preference_secure, new_preference, old_preference) operator['preferences'][preference_name] = new_preference # Handle properties for property_name in added_properties: if operator['properties'][property_name].get( 'readonly', False) or operator['properties'][property_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden properties cannot be created using this API' )) # Handle multiuser new_property = operator['properties'][property_name] new_property["value"] = { "users": { "%s" % request.user.id: new_property["value"] } } operator['properties'][property_name] = new_property for property_name in removed_properties: if old_operator['properties'][property_name].get( 'readonly', False ) or old_operator['properties'][property_name].get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden properties cannot be removed')) for property_name in updated_properties: old_property = old_operator['properties'][property_name] new_property = operator['properties'][property_name] # Using patch means no change at all on non-modified properties if old_property == new_property: continue # Check if its multiuser if property_name in operator_properties: prop = operator_properties[property_name] property_secure = prop.get("secure", False) else: property_secure = False if old_property.get('readonly', False) != new_property.get( 'readonly', False) or old_property.get( 'hidden', False) != new_property.get( 'hidden', False): return build_error_response( request, 403, _('Read only and hidden status cannot be changed using this API' )) if new_property.get('readonly', False) and new_property.get( 'value') != old_property.get('value'): return build_error_response( request, 403, _('Read only properties cannot be updated')) if property_secure and not can_update_secure: new_property["value"] = old_property["value"] else: # Handle multiuser new_property = self.handleMultiuser( request, property_secure, new_property, old_property) operator['properties'][property_name] = new_property return True