from Framework import Context from Framework.Logger import Logger from Tools.SiteDBCore import SiteDBApi context = Context() context.addService(Logger("sitedbtest")) api = SiteDBApi(context) api.connect() print api.getTierList()
from Framework import Context from Framework.Logger import Logger from Tools.SiteDBCore import SiteDBApi context = Context () context.addService (Logger ("sitedbtest")) api = SiteDBApi (context) api.connect () print api.getTierList ()
class SecurityDBApi(object): def __init__(self, context): """The constructor of the SecurityDBApi creates a SiteDBApi, connects to the sitedb instance and puts it on the context so that it is available for others to use """ self.api = SiteDBApi (context) self.api.connect () context.addService (self.api) def _first(self, cur): row = cur.fetchone() if row: return row[0] else: return None def getDNFromUsername(self, username): fields = ("dn") return self.api.getDataObject (fields, '''select dn from contact where username = :username''', { 'username' : username }) def getPasswordFromUsername(self, username): fields = ("passwd") return self.api.getDataObject (fields, '''select passwd from user_passwd where username = :username''', { 'username' : username }) def getUsernameFromDN(self, dn): fields = ("username") return self.api.getDataObject (fields, '''select username from contact where dn = :dn''', { 'dn' : dn }) def getAllFromID(self, id): fields = ("dn", "username", "passwd") return self.api.getDataObject (fields, '''select c.dn, c.username, p.passwd from contact c left join user_passwd p on p.username = c.username where c.id = :id''', { 'id' : id }) def getUsernameFromID(self, id): fields = ("username") return self.api.getDataObject (fields, '''select username from contact where id = :id''', { 'id' : id })[0]["username"] def getDNFromID(self, id): fields = ("dn") return self.api.getDataObject (fields, '''select dn from contact where id = :id''', { 'id' : id })[0]["dn"] def getIDFromUsername(self, username): fields = ("id") return self.api.getDataObject (fields, '''select id from contact where username = :username''', { 'username' : username })[0]["id"] def getIDFromDN(self, dn): fields = ("id") return self.api.getDataObject (fields, '''select id from contact where dn = :dn''', { 'dn' : dn })[0]["id"] def getCryptoKey(self, id): #id comes from cookie fields = ("timestamp", "key") keyinfo = self.api.getDataObject(fields, '''select time, cryptkey from crypt_key where id = :id''', {"id": id}) return keyinfo[0] def addCryptoKey(self, key): #store key to database, return the key id: if self.api.connectionType() == "sqlite": self.api.editDataObject("""insert into crypt_key (cryptkey) values (:key)""", {"key":key}) elif self.api.connectionType() == "oracle" or self.api.connectionType() == "SQLAlchemy": self.api.editDataObject("""insert into crypt_key (cryptkey, time, id) values (:key, systimestamp, crypt_key_sq.nextval)""", {"key":key}) fields = ("id") keyinfo = self.api.getDataObject(fields, '''select id from crypt_key where cryptkey = :key''', {"key": key}) return keyinfo[0]['id'] def hasGroupResponsibility (self, username, group, role): self.api.context.Logger().debug( "Does %s have %s for group %s" % (username, role, group) ) fields = ("count") try: self.api.context.Logger().debug ( "Connection type = %s" % self.api.connectionType() ) data = '' if self.api.connectionType() == "sqlite": self.api.context.Logger().debug( "Has group responsibility" ) groupsplit = group.replace("|", "', '") self.api.context.Logger().debug( groupsplit ) rolesplit = role.replace("|", "', '") self.api.context.Logger().debug( rolesplit ) sql = """SELECT count (contact.id) FROM group_responsibility JOIN contact on contact.id = group_responsibility.contact JOIN role on role.id = group_responsibility.role JOIN user_group on user_group.id = group_responsibility.user_group WHERE contact.username = :sdb_username AND role.title in ('%s') AND user_group.name in ('%s')"""% (rolesplit, groupsplit) data = self.api.getDataObject (fields, sql, {"sdb_username": username}) self.api.context.Logger().debug( "count = %s" % data ) elif self.api.connectionType() == "oracle": data = self.api.getDataObject (fields, """SELECT count (contact.id) FROM group_responsibility JOIN contact on contact.id = group_responsibility.contact JOIN role on role.id = group_responsibility.role JOIN user_group on user_group.id = group_responsibility.user_group WHERE contact.username = :sdb_username AND REGEXP_LIKE(role.title, :sdb_role) AND REGEXP_LIKE(user_group.name, :sdb_group)""", {"sdb_username": username, "sdb_group": group, "sdb_role": role}) if data[0]["count"]: return True except: return False return False # site can be either the site name or the site id def hasSiteResponsibility (self, username, site, role): self.api.context.Logger().debug( "Does %s have %s for site %s" % (username, role, site) ) fields = ("count") try: data = {} if site: if not site.isdigit(): if self.api.connectionType() == "sqlite": sitesplit = site.replace("|", "', '") self.api.context.Logger().debug( sitesplit ) rolesplit = role.replace("|", "', '") self.api.context.Logger().debug( rolesplit ) sql = """SELECT count (contact.id) FROM site_responsibility join contact on contact.id = site_responsibility.contact join role on role.id = site_responsibility.role join site on site.id = site_responsibility.site WHERE contact.username = :sdb_username AND role.title in ('%s') AND site.name in ('%s')""" % (rolesplit, sitesplit) data = self.api.getDataObject (fields, sql, {"sdb_username": username}) elif self.api.connectionType() == "oracle": data = self.api.getDataObject (fields, """SELECT count (contact.id) FROM site_responsibility join contact on contact.id = site_responsibility.contact join role on role.id = site_responsibility.role join site on site.id = site_responsibility.site WHERE contact.username = :sdb_username AND REGEXP_LIKE(role.title, :sdb_role) AND REGEXP_LIKE(site.name, :sdb_site)""", {"sdb_username": username, "sdb_site": site, "sdb_role": role}) else: if self.api.connectionType() == "sqlite": sitesplit = site.replace("|", "', '") self.api.context.Logger().debug( sitesplit ) rolesplit = role.replace("|", "', '") self.api.context.Logger().debug( rolesplit ) sql = """SELECT count (contact.id) FROM site_responsibility join contact on contact.id = site_responsibility.contact join role on role.id = site_responsibility.role join site on site.id = site_responsibility.site WHERE contact.username = :sdb_username AND role.title in ('%s') AND site.id in ('%s')""" % (rolesplit, sitesplit) data = self.api.getDataObject (fields, sql, {"sdb_username": username}) elif self.api.connectionType() == "oracle": data = self.api.getDataObject (fields, """SELECT count (contact.id) FROM site_responsibility join contact on contact.id = site_responsibility.contact join role on role.id = site_responsibility.role join site on site.id = site_responsibility.site WHERE contact.username = :sdb_username AND REGEXP_LIKE(role.title, :sdb_role) AND REGEXP_LIKE(site.id, :sdb_site)""", {"sdb_username": username, "sdb_site": site, "sdb_role": role}) if data[0]["count"]: self.api.context.Logger().debug( "%s has role %s for site %s" % (username, role, site) ) return True except Exception, e: self.api.context.Logger().debug( e ) return False return False