def set_message_sent(id_message, svc_port): log.info('Set {} sent'.format(id_message)) import json import datetime from base_svc.comm import BaseAPIRequestHandler n = str(datetime.datetime.now())[:19] rh = BaseAPIRequestHandler() data = {'id_message': id_message, 'sent_time': n} rh.set_argument('data', json.dumps(data, ensure_ascii=False)) kwargs = {} kwargs['request_handler'] = rh from base_svc.comm import call import base_api.mail_api.sent_mail try: res, status = call( 'localhost', # base_config.settings.APP_PORT, svc_port, base_api.mail_api.sent_mail.location, data, base_api.mail_api.sent_mail.set_mail_sent.__api_method_type__) except ConnectionRefusedError as e: log.critical('Servis not working: {}'.format(e)) return False if status != 204: log.error('Error set message {} sent: {}'.format(id_message, res)) return True
def change_username_hook(hash2param, newusername, dbuser, **kwargs): # jedan hook za oba mail-a message = _get_email_message(hash2param) # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument("sender", support_mail) rh1.set_argument("receiver", newusername) rh1.set_argument("subject", "Username change request") rh1.set_argument("message", message) kwargs["request_handler"] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, newusername, message, **kwargs) if "http_status" not in res or res["http_status"] != 204: log.critical("Error save redirection email") return False message2 = _get_email_warning(dbuser.username, newusername) rh2 = BaseAPIRequestHandler() rh2.set_argument("sender", support_mail) rh2.set_argument("receiver", dbuser.username) rh2.set_argument("subject", "Username change request saved") rh2.set_argument("message", message2) kwargs["request_handler"] = rh2 res = base_api.mail_api.save_mail.do_put(support_mail, dbuser.username, message2, **kwargs) if "http_status" not in res or res["http_status"] != 204: log.critical("Error save warning email") return False return True
def f_wrapper(*args, **kwargs): request_handler = kwargs['request_handler'] if not hasattr(request_handler, 'auth_token'): return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) from base_config import settings as base_settings if not base_settings.APP_DB: return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) tk = request_handler.auth_token _db = get_db() from base_common.dbatokens import authorized_by_token if not authorized_by_token(_db, tk): log.critical("Unauthorized access attempt") return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) from base_common.dbatokens import get_user_by_token dbuser = get_user_by_token(_db, tk) _access = (len(arguments) == 0) for a in arguments: if bool(dbuser.role & a): _access = True _access = _access if dbuser.active else False if not _access: log.critical("Unauthorized user access attempt") return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) return original_f(*args, **kwargs)
def change_username_hook(hash2param, newusername, dbuser, **kwargs): # jedan hook za oba mail-a message = _get_email_message(hash2param) # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument('sender', support_mail) rh1.set_argument('receiver', newusername) rh1.set_argument('subject', 'Username change request') rh1.set_argument('message', message) kwargs['request_handler'] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, newusername, message, **kwargs) if 'http_status' not in res or res['http_status'] != 204: log.critical('Error save redirection email') return False message2 = _get_email_warning(dbuser.username, newusername) rh2 = BaseAPIRequestHandler() rh2.set_argument('sender', support_mail) rh2.set_argument('receiver', dbuser.username) rh2.set_argument('subject', 'Username change request saved') rh2.set_argument('message', message2) kwargs['request_handler'] = rh2 res = base_api.mail_api.save_mail.do_put(support_mail, dbuser.username, message2, **kwargs) if 'http_status' not in res or res['http_status'] != 204: log.critical('Error save warning email') return False return True
def check_args(installed_apps): a = argparse.ArgumentParser() if not installed_apps: log.critical('There is no one application installed in DigitalBaseAPI') a.exit(1, w_arning) if len(installed_apps.keys()) > 1: a.add_argument("app", help="Application to run with DigitalBaseAPI", choices=[a for (a, b) in installed_apps.items()]) else: a.add_argument("app", help="Application to run with DigitalBaseAPI", choices=[a for (a, b) in installed_apps.items()], default=list(installed_apps.keys())[0], nargs='?') a.add_argument("-p", "--port", help="Application port") a.add_argument("-t", "--test", help="TEST Application", action='store_true') return a.parse_args()
def do_post(**kwargs): """ Check if user is logged """ _db = get_db() tk = kwargs['auth_token'] from base_common.dbatokens import get_user_by_token dbuser = get_user_by_token(_db, tk) d = dbuser.dump_user() d['token'] = tk if hasattr(apphooks, 'extend_user_check'): _extend_res = apphooks.extend_user_check(dbuser) if _extend_res == False: log.critical('Error user check extending') return base_common.msg.error(msgs.ERROR_POST_CHECK) if isinstance(_extend_res, dict): d.update(_extend_res) apphooks.action_log_hook(dbuser.id_user, kwargs['r_ip'], 'check', 'user {} successfuly checked status'.format(dbuser.username)) return base_common.msg.post_ok(d)
def f_wrapper(*args, **kwargs): request_handler = kwargs['request_handler'] if not hasattr(request_handler, 'auth_token'): return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) from base_config import settings as base_settings if not base_settings.APP_DB: return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) tk = request_handler.auth_token _db = get_db() from base_common.dbatokens import authorized_by_token if not authorized_by_token(_db, tk): log.critical("Unauthorized access attempt") return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) from base_common.dbatokens import get_user_by_token dbuser = get_user_by_token(_db, tk) _access = (len(arguments) == 0) for a in arguments: if bool(dbuser.role&a): _access = True if not _access: log.critical("Unauthorized user access attempt") return base_common.msg.error(amsgs.UNAUTHORIZED_REQUEST) return original_f(*args, **kwargs)
def set_option(option_name, option_value, **kwargs): """ Set option in database """ _db = get_db() dbc = _db.cursor() q = '''INSERT into options (o_key, o_value) VALUES ('{}', '{}')'''.format(option_name, option_value) _update = False if _key_exists(_db, option_name): q = '''UPDATE options set o_value = '{}' where o_key = '{}' '''.format(option_value, option_name) _update = True try: dbc.execute(q) except IntegrityError as e: log.critical('Error {} option {} with {}: {}'.format( 'update' if _update else 'insert', option_name, option_value, e)) return base_common.msg.error(msgs.ERROR_SET_OPTION) _db.commit() return base_common.msg.put_ok()
def save_email(sender, sender_name, receiver, receiver_name, subject, emessage, _get_id, data, db=None, **kwargs): if not db: _db = get_db() else: _db = db dbc = _db.cursor() rdb = get_redis_db() if sender_name is None: sender_name = sender if receiver_name is None: receiver_name = receiver from MySQLdb import IntegrityError try: dbc.execute( 'insert into mail_queue (id, sender, sender_name, receiver, receiver_name, time_created, subject, message, data) values (%s,%s,%s,%s,%s,now(),%s,%s,%s)', (None, sender, sender_name, receiver, receiver_name, subject, emessage, data)) # print (dbc._last_executed) except IntegrityError as e: log.critical('Inserting mail queue: {}'.format(e)) return False, msgs.CANNOT_SAVE_MESSAGE, None _db.commit() m_id = dbc.lastrowid r_data = { 'id': m_id, 'sender': sender, 'sender_name': sender_name, 'receiver': receiver, 'receiver_name': receiver_name, 'subject': subject, 'message': emessage } r_data = json.dumps(r_data, ensure_ascii=False) from config import send_mail_config __SVC_PORT = send_mail_config.SVC_PORT rdb.lpush("{} {}".format(MAIL_CHANNEL, __SVC_PORT), r_data) if _get_id: return True, None, m_id return True, None, None
def get_current_datetime(): _db = get_db() dbc = _db.cursor() _t = 'test_datetime' if base_config.settings.TEST_MODE: q = '''SELECT o_value FROM options where o_key = '{}' '''.format(_t) try: dbc.execute(q) except IntegrityError as e: log.critical('Error reading {} from database: {}'.format(_t, e)) return False if dbc.rowcount != 1: log.warning('Found {} current date occurrences'.format( dbc.rowcount)) return datetime.datetime.now() _td = dbc.fetchone() try: _td_datetime = datetime.datetime.strptime(_td['o_value'], '%Y-%m-%d %H:%M:%S.%f') except ValueError as e: log.critical('Error creating datetime from {}: {}'.format( _td['o_value'], e)) return False return _td_datetime else: return datetime.datetime.now()
def get_current_datetime(): _db = get_db() dbc = _db.cursor() _t = 'test_datetime' if base_config.settings.TEST_MODE: q = '''SELECT o_value FROM options where o_key = '{}' '''.format(_t) try: dbc.execute(q) except IntegrityError as e: log.critical('Error reading {} from database: {}'.format(_t, e)) return False if dbc.rowcount != 1: log.warning('Found {} current date occurrences'.format(dbc.rowcount)) return datetime.datetime.now() _td = dbc.fetchone() try: _td_datetime = datetime.datetime.strptime(_td['o_value'], '%Y-%m-%d %H:%M:%S.%f') except ValueError as e: log.critical('Error creating datetime from {}: {}'.format(_td['o_value'], e)) return False return _td_datetime else: return datetime.datetime.now()
def set_message_sent(id_message, svc_port): log.info('Set {} sent'.format(id_message)) import json import datetime from base_svc.comm import BaseAPIRequestHandler n = str(datetime.datetime.now())[:19] rh = BaseAPIRequestHandler() data = {'id_message': id_message, 'sent_time': n} rh.set_argument('data', json.dumps(data)) kwargs = {} kwargs['request_handler'] = rh from base_svc.comm import call import base_api.mail_api.sent_mail try: res, status = call( 'localhost', # base_config.settings.APP_PORT, svc_port, base_api.mail_api.sent_mail.location, data, base_api.mail_api.sent_mail.set_mail_sent.__api_method_type__) except ConnectionRefusedError as e: log.critical('Servis not working: {}'.format(e)) return False if status != 204: log.error('Error set message {} sent: {}'.format(id_message, res)) return True
def f_wrapper(*args, **kwargs): try: return origin_f(*args, **kwargs) except Exception as e: exc_type, exc_obj, exc_tb = sys.exc_info() fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1] _list = '{}({})'.format(fname, exc_tb.tb_lineno) _n = exc_tb.tb_next _c = None while _n: _fname = os.path.split(_n.tb_frame.f_code.co_filename)[1] _list += ' -> {}({})'.format(_fname, _n.tb_lineno) _c = '{}({})'.format(_n.tb_frame.f_code.co_name, _n.tb_lineno) _n = _n.tb_next import inspect parent_module = inspect.getmodule(origin_f) log.critical('{} -> {} -> {} -> {} -> {}'.format( parent_module.__name__, str(e), _list, origin_f.__name__, _c)) return base_common.msg.error(amsgs.API_CALL_EXCEPTION)
def log_hash_access(db, did, ip): dbc = db.cursor() n = datetime.datetime.now() q = "insert into hash_2_params_historylog (id, id_hash_2_params, ip, log_time ) VALUES (null, {}, '{}', '{}')". \ format( did, ip, str(n) ) try: dbc.execute(q) except IntegrityError as e: log.critical('Save hash access log: {}'.format(e)) return False qh = "update hash_2_params set last_access = '{}' where id = {}".format( n, did) try: dbc.execute(qh) except IntegrityError as e: log.critical('Change access hash time: {}'.format(e)) return False db.commit() return True
def get_option(option_name, **kwargs): """ Get option from database """ _db = get_db() dbc = _db.cursor() q = '''SELECT o_value FROM options where o_key = '{}' '''.format(option_name) try: dbc.execute(q) except IntegrityError as e: log.critical('Error getting option {}: {}'.format(option_name, e)) return base_common.msg.error(msgs.ERROR_GET_OPTION) if dbc.rowcount != 1: log.warning('Found {} options {}'.format(dbc.rowcount, option_name)) return base_common.msg.error(msgs.OPTION_NOT_EXIST) _dbr = dbc.fetchone() _dbrk = _dbr['o_value'] res = {} res[option_name] = _dbrk return base_common.msg.get_ok(res)
def __close_session_by_token_in_sql(dbc, tk): q = "update session_token set closed = true where id = '{}'".format(tk) try: dbc.execute(q) except Exception as e: log.critical("Close session: {}".format(e)) return False return True
def _get_user_by_token_from_sql(db, tk, is_active): dbc = db.cursor() if not __get_user_by_token_from_sql(dbc, tk, is_active): log.critical("Cannot find users token {} in sql".format(tk)) return False db_tk = dbc.fetchone() u_id = db_tk["id_user"] return base_common.app_hooks.pack_user_by_id(db, u_id)
def _get_user_by_token_from_sql(db, tk, is_active): dbc = db.cursor() if not __get_user_by_token_from_sql(dbc, tk, is_active): log.critical('Cannot find users token {} in sql'.format(tk)) return False db_tk = dbc.fetchone() u_id = db_tk['id_user'] return base_common.app_hooks.pack_user_by_id(db, u_id)
def __close_session_by_token_in_sql(dbc, tk): q = "update session_token set closed = true where id = '{}'".format(tk) try: dbc.execute(q) except Exception as e: log.critical('Close session: {}'.format(e)) return False return True
def _key_exists(db, _key): dbc = db.cursor() q = '''SELECT * FROM options WHERE o_key = '{}' '''.format(_key) try: dbc.execute(q) except IntegrityError as e: log.critical('Error getting option {} from database: {}'.format(_key, e)) return False # consider this return dbc.rowcount != 0
def get_params(**kwargs): res = {} if hasattr(apphooks, 'get_params'): get_params_res = apphooks.get_params() if get_params_res == False: log.critical('Error getting params') return base_common.msg.error('ERROR') if isinstance(get_params_res, dict): res.update(get_params_res) return base_common.msg.ok(res)
def do_post(newusername, password, **kwargs): """ Change password """ _db = get_db() tk = kwargs['auth_token'] dbuser = get_user_by_token(_db, tk) if not check_password(dbuser.password, dbuser.username, password): log.critical('Wrong users password: {}'.format(password)) return base_common.msg.error(msgs.WRONG_PASSWORD) # SAVE HASH FOR USERNAME CHANGE rh = BaseAPIRequestHandler() data = {'cmd': 'change_username', 'newusername': newusername, 'id_user': dbuser.id_user, 'password': password} rh.set_argument('data', json.dumps(data)) kwargs['request_handler'] = rh res = base_api.hash2params.save_hash.do_put(json.dumps(data), **kwargs) if 'http_status' not in res or res['http_status'] != 200: return base_common.msg.error('Cannot handle forgot password') h = res['h'] message = _get_email_message(h) # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument('sender', support_mail) rh1.set_argument('receiver', newusername) rh1.set_argument('message', message) kwargs['request_handler'] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, newusername, message, **kwargs) if 'http_status' not in res or res['http_status'] != 204: return base_common.msg.error(msgs.CANNOT_SAVE_MESSAGE) message2 = _get_email_warning(dbuser.username, newusername) rh2 = BaseAPIRequestHandler() rh2.set_argument('sender', support_mail) rh2.set_argument('receiver', dbuser.username) rh2.set_argument('message', message2) kwargs['request_handler'] = rh2 res = base_api.mail_api.save_mail.do_put(support_mail, dbuser.username, message2, **kwargs) if 'http_status' not in res or res['http_status'] != 204: return base_common.msg.error(msgs.CANNOT_SAVE_MESSAGE) return base_common.msg.post_ok(msgs.CHANGE_USERNAME_REQUEST)
def wrapper(*args, **kwargs): ags = [] request = kwargs['request_handler'] for a in arguments: default_arg_value = a['default'] if 'default' in a else None argmnt = a['arg'].strip() atr = request.get_argument(argmnt, default=default_arg_value) required = a['required'] if 'required' in a else True if atr is None: if not required: converted = None else: log.critical( 'Missing request argument: {}'.format(argmnt)) return base_common.msg.error( amsgs.MISSING_REQUEST_ARGUMENT) else: tip = a['type'] if 'type' in a else str esc = a['escaped'] if 'escaped' in a else ( tip in [str, 'e-mail']) converted = _convert_args(atr, tip, esc) if tip != bool and converted is None: if not (tip == int and converted == 0): # count 0 as int c_type = "|type get error|" try: c_type = type(atr) except Exception as e: log.warning( 'Get argument type error: {}'.format(e)) log.critical( 'Invalid request argument {} type {}, expected {}' .format(atr, c_type, tip)) return base_common.msg.error( amsgs.INVALID_REQUEST_ARGUMENT) ags.append(converted) return original(*ags, **kwargs)
def save_email(sender, sender_name, receiver, receiver_name, subject, emessage, _get_id, data, db=None, **kwargs): if not db: _db = get_db() else: _db = db dbc = _db.cursor() rdb = get_redis_db() if sender_name is None: sender_name = sender if receiver_name is None: receiver_name = receiver from MySQLdb import IntegrityError try: dbc.execute('insert into mail_queue (id, sender, sender_name, receiver, receiver_name, time_created, subject, message, data) values (%s,%s,%s,%s,%s,now(),%s,%s,%s)', (None, sender, sender_name, receiver, receiver_name, subject, emessage, data)) # print (dbc._last_executed) except IntegrityError as e: log.critical('Inserting mail queue: {}'.format(e)) return False, msgs.CANNOT_SAVE_MESSAGE, None _db.commit() m_id = dbc.lastrowid r_data = { 'id': m_id, 'sender': sender, 'sender_name': sender_name, 'receiver': receiver, 'receiver_name': receiver_name, 'subject': subject, 'message': emessage } r_data = json.dumps(r_data, ensure_ascii=False) from config import send_mail_config __SVC_PORT = send_mail_config.SVC_PORT rdb.lpush("{} {}".format(MAIL_CHANNEL, __SVC_PORT), r_data) if _get_id: return True, None, m_id return True, None, None
def change_username_success_hook(receiver, **kwargs): message = "Dear,<br/> Your username has been updated!<br/>Thank You!" # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument("sender", support_mail) rh1.set_argument("receiver", receiver) rh1.set_argument("subject", "Username successfully changed") rh1.set_argument("message", message) kwargs["request_handler"] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, receiver, message, **kwargs) if "http_status" not in res or res["http_status"] != 204: log.critical("Error save info message") return False return True
def forgot_password_hook(request, receiver, tk, **kwargs): message = get_email_message(request, receiver, tk) # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument("sender", support_mail) rh1.set_argument("receiver", receiver) rh1.set_argument("subject", "Forgot password query") rh1.set_argument("message", message) kwargs["request_handler"] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, receiver, message, **kwargs) if "http_status" not in res or res["http_status"] != 204: log.critical("Error save info message") return False return True
def get_lookups(**kwargs): """ Get lookups """ res = {} if hasattr(apphooks, 'pack_lookups'): _pck_lkp_res = apphooks.pack_lookups() if _pck_lkp_res == False: log.critical('Error pack lookups') return base_common.msg.error(msgs.ERROR_POST_CHECK) if isinstance(_pck_lkp_res, dict): res.update(_pck_lkp_res) return base_common.msg.get_ok(res)
def do_put(username, *args, **kwargs): """ Forgot password """ _db = get_db() request = kwargs['request_handler'] username = username.lower() if not check_user_exists(username, _db): log.critical('User check fail') return base_common.msg.error(msgs.USER_NOT_FOUND) # GET HASH FOR FORGOTTEN PASSWORD rh = BaseAPIRequestHandler() data = {'cmd': 'forgot_password', 'username': username} rh.set_argument('data', json.dumps(data, ensure_ascii=False)) kwargs['request_handler'] = rh res = base_api.hash2params.save_hash.do_put( json.dumps(data, ensure_ascii=False), *args, **kwargs) if 'http_status' not in res or res['http_status'] != 200: return base_common.msg.error('Cannot handle forgot password') tk = res['h'] if not forgot_password_hook(request, username, tk, **kwargs): log.critical('Error finishing username change process') return base_common.msg.error(msgs.ERROR_PASSWORD_RESTORE) # # message = get_email_message(request, username, tk) # # # SAVE EMAIL FOR SENDING # rh1 = BaseAPIRequestHandler() # rh1.set_argument('sender', support_mail) # rh1.set_argument('receiver', username) # rh1.set_argument('message', message) # kwargs['request_handler'] = rh1 # res = base_api.mail_api.save_mail.do_put(support_mail, username, message, *args, **kwargs) # if 'http_status' not in res or res['http_status'] != 204: # return base_common.msg.error('Error finishing change password request') return base_common.msg.post_ok(msgs.OK)
def del_option(option_name, **kwargs): """ Delete option from database """ _db = get_db() dbc = _db.cursor() q = '''DELETE FROM options where o_key = '{}' '''.format(option_name) try: dbc.execute(q) except IntegrityError as e: log.critical('Error deleting option {}: {}'.format(option_name, e)) return base_common.msg.error(msgs.ERROR_GET_OPTION) _db.commit() return base_common.msg.delete_ok()
def _get_user_by_token_from_redis(db, tk, is_active): r = get_redis_db() _rd = r.get(tk) if not _rd: log.critical('Cannot find users token {} in redis'.format(tk)) return False import json.decoder try: _rd = json.loads(_rd.decode('utf-8')) except json.decoder.JSONDecodeError as e: log.critical('Error loading token {} string {}: {}'.format(tk, _rd, e)) return False u_id = _rd['id_user'] return base_common.app_hooks.pack_user_by_id(db, u_id)
def check_user_exists(username, db, userid=None): dbc = db.cursor() if userid: q = "select id from users where id = '{}'".format(userid) else: q = "select id from users where username = '******'".format(username) try: dbc.execute(q) except IntegrityError as e: log.critical('Check user: {}'.format(e)) return False if dbc.rowcount != 1: log.warning('Fund {} users with {} username'.format(dbc.rowcount, username)) return False return True
def forgot_password_hook(request, receiver, tk, **kwargs): message = get_email_message(request, receiver, tk) # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument('sender', support_mail) rh1.set_argument('receiver', receiver) rh1.set_argument('subject', 'Forgot password query') rh1.set_argument('message', message) kwargs['request_handler'] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, receiver, message, **kwargs) if 'http_status' not in res or res['http_status'] != 204: log.critical('Error save info message') return False return True
def change_username_success_hook(receiver, **kwargs): message = 'Dear,<br/> Your username has been updated!<br/>Thank You!' # SAVE EMAILS FOR SENDING rh1 = BaseAPIRequestHandler() rh1.set_argument('sender', support_mail) rh1.set_argument('receiver', receiver) rh1.set_argument('subject', 'Username successfully changed') rh1.set_argument('message', message) kwargs['request_handler'] = rh1 res = base_api.mail_api.save_mail.do_put(support_mail, receiver, message, **kwargs) if 'http_status' not in res or res['http_status'] != 204: log.critical('Error save info message') return False return True
def pack_user_by_id(db, id_user, get_dict=False): """ Pack users information in DBUser class instance :param db: database :param id_user: users id :param get_dict: export user like DBUser or dict :return: DBUser instance or user dict """ dbc = db.cursor() q = "select id, username, password, role_flags, active from users where id = '{}'".format( id_user) import MySQLdb try: dbc.execute(q) except MySQLdb.IntegrityError as e: log.critical('Error find user by token: {}'.format(e)) return False if dbc.rowcount != 1: log.critical('Fount {} users with id {}'.format(dbc.rowcount, id_user)) return False #DUMMY CLASS INSTANCE USER JUST FOR EASIER MANIPULATION OF DATA class DBUser: def dump_user(self): ret = {} for k in self.__dict__: if self.__dict__[k]: ret[k] = self.__dict__[k] return ret db_user = DBUser() user = dbc.fetchone() db_user.id_user = user['id'] db_user.username = user['username'] db_user.password = user['password'] db_user.role = user['role_flags'] db_user.active = user['active'] return db_user.dump_user() if get_dict else db_user
def pack_user_by_id(db, id_user, get_dict=False): """ Pack users information in DBUser class instance :param db: database :param id_user: users id :param get_dict: export user like DBUser or dict :return: DBUser instance or user dict """ dbc = db.cursor() q = "select id, username, password, role_flags, active from users where id = '{}'".format(id_user) import MySQLdb try: dbc.execute(q) except MySQLdb.IntegrityError as e: log.critical('Error find user by token: {}'.format(e)) return False if dbc.rowcount != 1: log.critical('Fount {} users with id {}'.format(dbc.rowcount, id_user)) return False #DUMMY CLASS INSTANCE USER JUST FOR EASIER MANIPULATION OF DATA class DBUser: def dump_user(self): ret = {} for k in self.__dict__: if self.__dict__[k]: ret[k] = self.__dict__[k] return ret db_user = DBUser() user = dbc.fetchone() db_user.id_user = user['id'] db_user.username = user['username'] db_user.password = user['password'] db_user.role = user['role_flags'] db_user.active = user['active'] return db_user.dump_user() if get_dict else db_user
def do_get(h, grant_access, **kwargs): """ Get data for given hash """ _db = get_db() dbc = _db.cursor() get_data_q = prepare_get_query(h) try: dbc.execute(get_data_q) except IntegrityError as e: log.critical('Retrieve data for hash: {}'.format(e)) return base_common.msg.error('Retrieve hash data') if dbc.rowcount != 1: log.warning('Found {} hashes'.format(dbc.rowcount)) return base_common.msg.error('No data found for given hash') dbd = dbc.fetchone() d = dbd['data'] did = dbd['id'] d_last_accessed = dbd['last_access'] if d_last_accessed: log.warning('New access to {}'.format(h)) if not log_hash_access(_db, did, kwargs['r_ip']): log.warning("Error save hash access log") if not grant_access: return base_common.msg.error(msgs.WRONG_OR_EXPIRED_TOKEN) try: d = json.loads(d) except Exception as e: log.warning('Load hash data: {}'.format(e)) if not log_hash_access(_db, did, kwargs['r_ip']): log.warning("Error save hash access log") return base_common.msg.get_ok(d)
def set_mail_sent(id_message, message_sent_time, **kwargs): """ Set e-mail sent """ _db = get_db() dbc = _db.cursor() q = get_mail_query(id_message, message_sent_time) from MySQLdb import IntegrityError try: dbc.execute(q) except IntegrityError as e: log.critical('Update mail queue: {}'.format(e)) return base_common.msg.error(msgs.ERROR_UPDATE_MESSAGE) _db.commit() return base_common.msg.patch_ok()
def check_user_exists(username, db, userid=None): dbc = db.cursor() if userid: q = "select id from users where id = '{}'".format(userid) else: q = "select id from users where username = '******'".format(username) try: dbc.execute(q) except IntegrityError as e: log.critical('Check user: {}'.format(e)) return False if dbc.rowcount != 1: log.warning('Fund {} users with {} username'.format( dbc.rowcount, username)) return False return True
def do_put(hdata, **kwargs): """ Save hash for give parameters """ _db = get_db() dbc = _db.cursor() h_id = sequencer().new('h') h2p = prepare_hash2params_query(h_id, hdata) try: dbc.execute(h2p) except IntegrityError as e: log.critical('Insert hash for data: {}'.format(e)) return base_common.msg.error(msgs.ERROR_SAVE_HASH) _db.commit() return base_common.msg.post_ok({'h': h_id})
def check_args(installed_apps): a = argparse.ArgumentParser() if not installed_apps: log.critical('There is no one application installed in DigitalBaseAPI') a.exit(1, w_arning) if len(installed_apps.keys()) > 1: a.add_argument("app", help="Application to run with DigitalBaseAPI", choices=[a for (a, b) in installed_apps.items()]) else: a.add_argument("app", help="Application to run with DigitalBaseAPI", choices=[a for (a, b) in installed_apps.items()], default=list(installed_apps.keys())[0], nargs='?') a.add_argument("-p", "--port", help="Application port") a.add_argument("-t", "--test", help="TEST Application") a.add_argument("-k", "--keep", help="TEST comma separated tables to keep in tests") return a.parse_args()
def wrapper(*args, **kwargs): ags = [] request = kwargs['request_handler'] for a in arguments: default_arg_value = a['default'] if 'default' in a else None argmnt = a['arg'].strip() atr = request.get_argument(argmnt, default=default_arg_value) required = a['required'] if 'required' in a else True if not atr: if not required: converted = None else: log.critical('Missing request argument: {}'.format(argmnt)) return base_common.msg.error(amsgs.MISSING_REQUEST_ARGUMENT) else: tip = a['type'] if 'type' in a else str esc = a['escaped'] if 'escaped' in a else (tip in [str, 'e-mail']) converted = _convert_args(atr, tip, esc) if not converted: if not (tip == int and converted == 0): # count 0 as int c_type = "|type get error|" try: c_type = type(atr) except Exception as e: log.warning('Get argument type error: {}'.format(e)) log.critical('Invalid request argument {} type {}, expected {}'.format(atr, c_type, tip)) return base_common.msg.error(amsgs.INVALID_REQUEST_ARGUMENT) ags.append(converted) return original(*ags, **kwargs)
def __get_user_by_token_from_sql(dbc, tk, is_active): q = '''SELECT s.id id, s.id_user id_user, s.created created, s.closed closed FROM session_token s JOIN users u ON s.id_user = u.id WHERE s.id = '{}' {} AND NOT s.closed'''.format( tk, ' AND u.active ' if is_active else '') try: dbc.execute(q) except Exception as e: log.critical('Get session: {}'.format(e)) return False if dbc.rowcount != 1: log.critical('Found {} sessions'.format(dbc.rowcount)) return False return True
def do_post(newusername, password, redirect_url, **kwargs): """ Change username """ _db = get_db() dbc = _db.cursor() if check_user_registered(dbc, newusername): return base_common.msg.error(msgs.USERNAME_ALREADY_TAKEN) tk = kwargs['auth_token'] dbuser = get_user_by_token(_db, tk) if not check_password(dbuser.password, dbuser.username, password): log.critical('Wrong users password: {}'.format(password)) return base_common.msg.error(msgs.WRONG_PASSWORD) passwd = format_password(newusername, password) # SAVE HASH FOR USERNAME CHANGE rh = BaseAPIRequestHandler() # encryptuj pass, successfully landing page data = {'cmd': 'change_username', 'newusername': newusername, 'id_user': dbuser.id_user, 'password': passwd, 'redirect_url': redirect_url} rh.set_argument('data', json.dumps(data, ensure_ascii=False)) kwargs['request_handler'] = rh res = base_api.hash2params.save_hash.do_put(json.dumps(data, ensure_ascii=False), **kwargs) if 'http_status' not in res or res['http_status'] != 200: return base_common.msg.error('Cannot handle forgot password') h = res['h'] if not change_username_hook(h, newusername, dbuser, **kwargs): log.critical('Error finishing username change process') return base_common.msg.error(msgs.ERROR_CHANGE_USERNAME) return base_common.msg.post_ok(msgs.CHANGE_USERNAME_REQUEST)
def __get_user_by_token_from_sql(dbc, tk, is_active): q = """SELECT s.id id, s.id_user id_user, s.created created, s.closed closed FROM session_token s JOIN users u ON s.id_user = u.id WHERE s.id = '{}' {} AND NOT s.closed""".format( tk, " AND u.active " if is_active else "" ) try: dbc.execute(q) except Exception as e: log.critical("Get session: {}".format(e)) return False if dbc.rowcount != 1: log.critical("Found {} sessions".format(dbc.rowcount)) return False return True
def do_put(sender, receiver, emessage, _get_id, **kwargs): """ Save e-mail message """ _db = get_db() dbc = _db.cursor() rdb = get_redis_db() q = get_mail_query(sender, receiver, emessage) from MySQLdb import IntegrityError try: dbc.execute(q) except IntegrityError as e: log.critical('Inserting mail queue: {}'.format(e)) return base_common.msg.error(msgs.CANNOT_SAVE_MESSAGE) _db.commit() m_id = dbc.lastrowid subject = 'General mail subject' r_data = { 'id': m_id, 'sender': sender, 'receiver': receiver, 'subject': subject, 'message': emessage } r_data = json.dumps(r_data) rdb.lpush(MAIL_CHANNEL, r_data) if _get_id: return base_common.msg.post_ok({'message_id': m_id}) return base_common.msg.post_ok()
def send_message(sender, _to, subject, message): receiver = [{'email': _to, 'name': _to, 'type': 'to'}] msg = { 'from_email': sender, 'from_name': sender, 'html': message, 'subject': subject, 'to': receiver, # 'auto_html': None, # automatic html generating if html not provided # 'auto_text': None, # automatic text generating if text not provided # 'bcc_address': '*****@*****.**', # bcc address # 'headers': {'Reply-To': '*****@*****.**'}, # additional headers # 'inline_css': None, # if css has to be inline (only for <=256 line messages) # 'preserve_recipients': None, # if every receiver has to see other receivers in header # 'text': 'Example text content', # message plain text # 'view_content_link': None # False for disable content logging for sensitive mails } # if _site: # msg['metadata'] = {'website': _site} # if tags: # msg['tags'] = tags m = get_mail_api() try: res = m.messages.send(message=msg, async=False) except mandrill.Error as e: log.critical('MANDRILL send message error: {}'.format(e)) return False if 'status' not in res or res['status'] != 'sent': log.warning('MANDRILL send mail error status: {}'.format(res)) return False log.info('Receiver: {}, status: {}'.format(_to, res)) return True