def add_group_pgroup(gid, pgid): """Add a permissiongroup to a user group.""" group = db_session.query(Group).filter_by(id=gid).first() pgroup = db_session.query(PermissionGroup).fiter_by(id=pgid).first() if group is None or pgroup is None: return Response( '{"error": "invalid id specified for group or pgroup"}', 400) group.permissions.add(pgroup) db_session.commit()
def in_group(uid, gid): user = db_session.query(User).filter_by(id=uid).first() if user is None: return False group = db_session.query(Group).filter_by(id=gid).first() if group is None: return False if group in user.groups: return True return False
def wrapper(*args, **kwargs): user = db_session.query(User)\ .filter_by(username=session.get('username'))\ .first() if user is None: raise Exception('User not found! Cookies compromised?') permission_group = db_session.query(PermissionGroup)\ .filter_by(name=pgroup)\ .first() if permission_group is None: raise Exception('Specified permission group is not found') for group in user.groups: if permission_group in group.permissions: f(*args, **kwargs) # We have approval to run. return Response("Access denied", 403)
def group_has_permission(gid, pgroup_name): """Check weather a group has a specific permission.""" group = db_session.query(Group).filter_by(id=group) if group is None: return False permission_group = db_session.query(PermissionGroup)\ .filter_by(name=pgroup_name)\ .first() if permission_group is None: raise Exception("No such permission group") if permission_group in group.permissions: return True return False
def view_user(uid): """View a user given a uid.""" user = db_session.query(User).filter_by(id=uid).first() if user is None: return Response('{"error": "User ' + str(id) + ' not found"}', status=404, mimetype="application/json") return jsonify(dict(data=user))
def view_group(gid): """View a group given its id.""" group = db_session.query(Group).filter_by(id=gid).first() if group is None: return Response('{"error": "User ' + str(id) + ' not found"}', status=404, mimetype="application/json") return jsonify(dict(data=group))
def add_group_user(gid, uid): """Add a user to a group.""" group = db_session.query(Group).filter_by(id=gid).first() user = db_session.query(User).filter_by(id=uid).first() if group is None or user is None: return Response('{"error": "User or Group not found"}', status=404, mimetype="application/json") usergroup = db_session.query(UserGroup)\ .filter_by(user_id=uid, group_id=gid).first() if usergroup is not None: return Response('{"error": "User already in group!"}', status=404, mimetype="application/json") usergroup = UserGroup(uid, gid, "Because rayhaan said so") db_session.add(usergroup) db_session.commit() return jsonify(dict(data=usergroup))
def check_login(username, password): """Verify if this user exists and has the right password.""" user = db_session.query(User)\ .filter_by(username=username).first() if user is None: return False # Check if the user only has an old login, if so try and update it. if user.password is not None: return user.check_password(password) else: return check_legacy_password(password)
def enroll_response(): username = session.get('username') user = db_session.query(User).filter_by(username=username).first() response = dict(registrationData=session.get('registrationData'), clientData=session.get('clientData')) binding, cert = complete_register(session.get('u2f_enroll'), response, 'http://localhost:5000') user.u2f_binding = binding.json db_session.commit() print binding.json print cert.as_text() return Response('Enrolled token!')
def edit_user(uid): user = db_session.query(User).filter_by(id=uid).first() if user is None: return abort(404) return render_template('edit_user.html', user=user)
def get_permission_groups(): """Return all permission groups.""" permisisongroups = db_session.query(PermissionGroup) return jsonify(dict(data=permisisongroups))
def get_users(): """Return all users.""" users = db_session.query(User) return jsonify(dict(data=users))
def get_groups(): """Return all groups.""" groups = db_session.query(Group) return jsonify(dict(data=groups))