def add_group_pgroup(gid, pgid):
"""Add a permissiongroup to a user group."""
group = db_session.query(Group).filter_by(id=gid).first()
pgroup = db_session.query(PermissionGroup).fiter_by(id=pgid).first()
if group is None or pgroup is None:
return Response(
'{"error": "invalid id specified for group or pgroup"}', 400)
group.permissions.add(pgroup)
db_session.commit()
def add_group_pgroup(gid, pgid):
"""Add a permissiongroup to a user group."""
group = db_session.query(Group).filter_by(id=gid).first()
pgroup = db_session.query(PermissionGroup).fiter_by(id=pgid).first()
if group is None or pgroup is None:
return Response(
'{"error": "invalid id specified for group or pgroup"}', 400)
group.permissions.add(pgroup)
db_session.commit()
def in_group(uid, gid):
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return False
group = db_session.query(Group).filter_by(id=gid).first()
if group is None:
return False
if group in user.groups:
return True
return False
def in_group(uid, gid):
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return False
group = db_session.query(Group).filter_by(id=gid).first()
if group is None:
return False
if group in user.groups:
return True
return False
def wrapper(*args, **kwargs):
user = db_session.query(User)\
.filter_by(username=session.get('username'))\
.first()
if user is None:
raise Exception('User not found! Cookies compromised?')
permission_group = db_session.query(PermissionGroup)\
.filter_by(name=pgroup)\
.first()
if permission_group is None:
raise Exception('Specified permission group is not found')
for group in user.groups:
if permission_group in group.permissions:
f(*args, **kwargs) # We have approval to run.
return Response("Access denied", 403)
def group_has_permission(gid, pgroup_name):
"""Check weather a group has a specific permission."""
group = db_session.query(Group).filter_by(id=group)
if group is None:
return False
permission_group = db_session.query(PermissionGroup)\
.filter_by(name=pgroup_name)\
.first()
if permission_group is None:
raise Exception("No such permission group")
if permission_group in group.permissions:
return True
return False
def group_has_permission(gid, pgroup_name):
"""Check weather a group has a specific permission."""
group = db_session.query(Group).filter_by(id=group)
if group is None:
return False
permission_group = db_session.query(PermissionGroup)\
.filter_by(name=pgroup_name)\
.first()
if permission_group is None:
raise Exception("No such permission group")
if permission_group in group.permissions:
return True
return False
def wrapper(*args, **kwargs):
user = db_session.query(User)\
.filter_by(username=session.get('username'))\
.first()
if user is None:
raise Exception('User not found! Cookies compromised?')
permission_group = db_session.query(PermissionGroup)\
.filter_by(name=pgroup)\
.first()
if permission_group is None:
raise Exception('Specified permission group is not found')
for group in user.groups:
if permission_group in group.permissions:
f(*args, **kwargs) # We have approval to run.
return Response("Access denied", 403)
def view_user(uid):
"""View a user given a uid."""
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return Response('{"error": "User ' + str(id) + ' not found"}',
status=404, mimetype="application/json")
return jsonify(dict(data=user))
def view_group(gid):
"""View a group given its id."""
group = db_session.query(Group).filter_by(id=gid).first()
if group is None:
return Response('{"error": "User ' + str(id) + ' not found"}',
status=404, mimetype="application/json")
return jsonify(dict(data=group))
def view_group(gid):
"""View a group given its id."""
group = db_session.query(Group).filter_by(id=gid).first()
if group is None:
return Response('{"error": "User ' + str(id) + ' not found"}',
status=404,
mimetype="application/json")
return jsonify(dict(data=group))
def view_user(uid):
"""View a user given a uid."""
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return Response('{"error": "User ' + str(id) + ' not found"}',
status=404,
mimetype="application/json")
return jsonify(dict(data=user))
def add_group_user(gid, uid):
"""Add a user to a group."""
group = db_session.query(Group).filter_by(id=gid).first()
user = db_session.query(User).filter_by(id=uid).first()
if group is None or user is None:
return Response('{"error": "User or Group not found"}',
status=404, mimetype="application/json")
usergroup = db_session.query(UserGroup)\
.filter_by(user_id=uid, group_id=gid).first()
if usergroup is not None:
return Response('{"error": "User already in group!"}',
status=404, mimetype="application/json")
usergroup = UserGroup(uid, gid, "Because rayhaan said so")
db_session.add(usergroup)
db_session.commit()
return jsonify(dict(data=usergroup))
def check_login(username, password):
"""Verify if this user exists and has the right password."""
user = db_session.query(User)\
.filter_by(username=username).first()
if user is None:
return False
# Check if the user only has an old login, if so try and update it.
if user.password is not None:
return user.check_password(password)
else:
return check_legacy_password(password)
def check_login(username, password):
"""Verify if this user exists and has the right password."""
user = db_session.query(User)\
.filter_by(username=username).first()
if user is None:
return False
# Check if the user only has an old login, if so try and update it.
if user.password is not None:
return user.check_password(password)
else:
return check_legacy_password(password)
def add_group_user(gid, uid):
"""Add a user to a group."""
group = db_session.query(Group).filter_by(id=gid).first()
user = db_session.query(User).filter_by(id=uid).first()
if group is None or user is None:
return Response('{"error": "User or Group not found"}',
status=404,
mimetype="application/json")
usergroup = db_session.query(UserGroup)\
.filter_by(user_id=uid, group_id=gid).first()
if usergroup is not None:
return Response('{"error": "User already in group!"}',
status=404,
mimetype="application/json")
usergroup = UserGroup(uid, gid, "Because rayhaan said so")
db_session.add(usergroup)
db_session.commit()
return jsonify(dict(data=usergroup))
def enroll_response():
username = session.get('username')
user = db_session.query(User).filter_by(username=username).first()
response = dict(registrationData=session.get('registrationData'),
clientData=session.get('clientData'))
binding, cert = complete_register(session.get('u2f_enroll'), response,
'http://localhost:5000')
user.u2f_binding = binding.json
db_session.commit()
print binding.json
print cert.as_text()
return Response('Enrolled token!')
def enroll_response():
username = session.get('username')
user = db_session.query(User).filter_by(username=username).first()
response = dict(registrationData=session.get('registrationData'),
clientData=session.get('clientData'))
binding, cert = complete_register(session.get('u2f_enroll'),
response, 'http://localhost:5000')
user.u2f_binding = binding.json
db_session.commit()
print binding.json
print cert.as_text()
return Response('Enrolled token!')
def edit_user(uid):
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return abort(404)
return render_template('edit_user.html', user=user)
def get_permission_groups():
"""Return all permission groups."""
permisisongroups = db_session.query(PermissionGroup)
return jsonify(dict(data=permisisongroups))
def get_users():
"""Return all users."""
users = db_session.query(User)
return jsonify(dict(data=users))
def get_groups():
"""Return all groups."""
groups = db_session.query(Group)
return jsonify(dict(data=groups))
def get_permission_groups():
"""Return all permission groups."""
permisisongroups = db_session.query(PermissionGroup)
return jsonify(dict(data=permisisongroups))
def get_users():
"""Return all users."""
users = db_session.query(User)
return jsonify(dict(data=users))
def get_groups():
"""Return all groups."""
groups = db_session.query(Group)
return jsonify(dict(data=groups))
def edit_user(uid):
user = db_session.query(User).filter_by(id=uid).first()
if user is None:
return abort(404)
return render_template('edit_user.html', user=user)