class TestAdminLogin(unittest.TestCase): def setUp(self): self._db = Database(logger, True) def test_admin_login(self): result = self._db.login("admin", "test_password") self.assertIsNotNone(result) new_session_token = result[0] admin_user_id = result[1] admin_user = self._db.validate_session(new_session_token) self.assertEqual(admin_user.user_id, admin_user_id) self.assertEqual(admin_user.session_token, new_session_token) self.assertEqual(admin_user.email_address, "admin") self.assertEqual(admin_user.full_name, "Administrator")
def admin_create_api_key(): with current_app.app_context(): environment = Environment(current_app) session_token = request.form["token"] db = Database(logger=current_app.logger, env=environment) analyst_user = db.validate_session(session_token) if analyst_user and analyst_user.has_permission("create-api-key"): new_api_key = binascii.hexlify(os.urandom(8)).decode('utf-8').upper() result = db.create_api_key(new_api_key) if result == -1: flash("Could not create API key.", category="error") return redirect(url_for("admin.home", session_token=session_token)) else: abort(403)
def latest_events(limit, session_token): with current_app.app_context(): environment = Environment(current_app) db = Database(logger=current_app.logger, env=environment, read_only=True) try: user = db.validate_session(session_token) # TODO: permissions event_log = EventLog(db, logger=current_app.logger) _latest_events = event_log.retrieve_events(limit=limit) json_array = [] for each_event in _latest_events: json_array.append(str(each_event)) return Response(json.dumps({"success": True, "count": len(json_array), "events": json_array})) except DatabaseException: abort(403)
def add_event_type(session_token): with current_app.app_context(): environment = Environment(current_app) db = Database(logger=current_app.logger, env=environment) user_object = db.validate_session(session_token) if user_object and user_object.has_permission("add-event-type"): new_event_type = request.form["new_event_type"] if EVENT_TYPE_REGEX.match(new_event_type): new_event_type_id = db.create_event_type(new_event_type) if new_event_type_id: return Response(json.dumps({"new_event_type_id": new_event_type_id, "success": True})) else: return Response(json.dumps({"success": False, "error_message": "Could not add to database.", "error_code": 1})) else: return Response(json.dumps({"success": False, "error_message": "Invalid event type name.", "error_code": 2})) return Response(status=403)
def home(session_token): with current_app.app_context(): environment = Environment(current_app) db = Database(logger=current_app.logger, env=environment) event_log = EventLog(db, current_app.logger) user = db.validate_session(session_token) if user: event_types = event_log.list_event_types() color_schema_css = "" color_schema = DefaultColorSchema() for x in range(0, len(event_types)): rgb = color_schema.rgb(x) css = "#event_row_id_{0} {{ background-color: rgb({1},{2},{3}); }}".format( x, rgb[0], rgb[1], rgb[2]) color_schema_css += css + "\n" api_keys = event_log.list_api_keys() return render_template("admin_control_panel.jinja2", session_token=session_token, event_types=event_types, api_keys=api_keys, color_schema_css=color_schema_css) return redirect(url_for("admin_no_session"))
def add_event_type(): with current_app.app_context(): environment = Environment(current_app) session_token = request.form['token'] new_event_name = request.form['new_event_name'] db = Database(logger=current_app.logger, env=environment) user = db.validate_session(session_token) if user and user.has_permission("add-event-type"): event_log = EventLog(db, current_app.logger) try: new_event_id = event_log.add_event_type(new_event_name) if new_event_id > 0: return redirect( url_for("admin.home", session_token=session_token)) except EventLogException: current_app.logger.error( "Event log exception on add_event_type: {0}".format( new_event_name)) flash("Event log/database exception on add_event_type function.", "error") return redirect(url_for("admin.home", session_token=session_token)) flash("Not authorized.", category="error")