def validate_authentication(self, username, apikey, handler): """Raises AuthenticationFailed if supplied username and password don't match the stored credentials, else return None. """ msg = "Authentication failed." if apikey == 'anonymous': return if apikey != 'anonymous': user = None if self.cfg['web']['local_endpoint']: user_req = requests.get(self.cfg['web']['local_endpoint'] + '/api/info/apikey/' + apikey) if not user_req.status_code == 200: raise AuthenticationFailed( 'Wrong or failed authentication') user = user_req.json() else: user = BmajUser.get_user_by_apikey(apikey) bank = self.db.banks.find_one({'name': username}) if not bank: logging.error('Bank not found: ' + username) raise AuthenticationFailed('Bank does not exists') if bank['properties']['visibility'] != 'public': if user['id'] != bank['properties']['owner']: if 'members' not in bank['properties'] or user[ 'id'] not in bank['properties']['members']: raise AuthenticationFailed( 'Not allowed to access to this bank') if len(bank['production']) == 0: raise AuthenticationFailed('No production release available') self.bank = bank
def get_user_by_apikey(apikey): ''' Get a user from his api key ''' user = BmajUser.get_user_by_apikey(apikey) if user: del user['_id'] if 'hashed_password' in user: del user['hashed_password'] return jsonify({'user': user})
def validate_authentication(self, username, apikey, handler): """Raises AuthenticationFailed if supplied username and password don't match the stored credentials, else return None. """ # msg = "Authentication failed." #anonymous user : we defined the user as anonymous proxy = Utils.get_service_endpoint(self.cfg, 'user') if username == "biomaj_default": user = {} user['id'] = "BMJ_default" elif proxy: user_req = requests.get(proxy + '/api/user/info/apikey/' + apikey) if not user_req.status_code == 200: raise AuthenticationFailed('Wrong or failed authentication') user = user_req.json() else: user = BmajUser.get_user_by_apikey(apikey) if not user: self.logger.error('User not found: ' + username) raise AuthenticationFailed('User does not exists') #Determining the authorized path dict_bank = {} for db_entry in self.db.banks.find(): home_dir = self.get_home_dir(username, db_entry) dict_bank[home_dir] = [ db_entry['properties']['visibility'], db_entry['properties']['owner'] ] self.bank = dict_bank #Create a new user for biomaj server with specific permission if not self.has_user(username): self.add_user(username, apikey, self.get_home_dir(username)) for directory in dict_bank: if dict_bank[directory][0] == "public": perm = "elr" self.override_perm(username, directory, perm, recursive=True) elif dict_bank[directory][ 1] == username and dict_bank[directory][0] != "public": perm = "elr" self.override_perm(username, directory, perm, recursive=True) elif username == "biomaj_default" or dict_bank[directory][ 0] != "public": #biomaj_default user and private bank perm = "" self.override_perm(username, directory, perm, recursive=True) return
def get_user_by_apikey(apikey): user = BmajUser.get_user_by_apikey(apikey) del user['_id'] del user['hashed_password'] return jsonify({'user': user})