def addCairisUser(userName, passWd, fullName): rp = ''.join( choice(string.ascii_letters + string.digits) for i in range(255)) if (existingAccount(userName)): raise Exception(userName + ' already exists') dbAccount = canonicalDbUser(userName) b = Borg() createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp, canonicalDbUser(userName) + '_default') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp, dbAccount + '_default') db.create_all() user_datastore.create_user(email=userName, account=dbAccount, password=hash_password(passWd), dbtoken=rp, name=fullName) db.session.commit() createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp, dbAccount + '_default')
def main(): parser = argparse.ArgumentParser( description= 'Computer Aided Integration of Requirements and Information Security - Add CAIRIS user' ) parser.add_argument('user', help='Email address') parser.add_argument('password', help='password') parser.add_argument('name', help='Full name') args = parser.parse_args() rp = ''.join( choice(string.ascii_letters + string.digits) for i in range(255)) if (existingAccount(args.user)): raise Exception(args.user + ' already exists') dbAccount = canonicalDbUser(args.user) createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp, canonicalDbUser(args.user) + '_default') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp, dbAccount + '_default') db.create_all() user_datastore.create_user(email=args.user, account=dbAccount, password=args.password, dbtoken=rp, name='Default user') db.session.commit() createDefaults(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp, dbAccount + '_default')
def quick_setup(dbHost, dbPort, dbRootPassword, tmpDir, rootDir, configFile, webPort, logLevel, staticDir, assetDir, userName, passWd, mailServer='', mailPort='', mailUser='', mailPasswd=''): if (len(userName) > 255): raise ARMException("Username cannot be longer than 255 characters") if (userName == "root"): raise ARMException("Username cannot be root") createDbOwnerDatabase(dbRootPassword, dbHost, dbPort) createUserDatabase(dbHost, dbPort, dbRootPassword, rootDir) os.environ["CAIRIS_CFG"] = configFile pathName = os.path.split( os.path.split(os.path.realpath(os.path.dirname(__file__)))[0])[0] sys.path.insert(0, pathName) fileName = os.environ.get("HOME") + "/.bashrc" f = open(fileName, 'a') f.write("export CAIRIS_SRC=" + rootDir + "\n") f.write("export CAIRIS_CFG_DIR=${CAIRIS_SRC}/config\n") f.write("export CAIRIS_CFG=" + configFile + "\n") f.write("export PYTHONPATH=${PYTHONPATH}:" + pathName + "\n") f.close() createCairisCnf(configFile, dbRootPassword, dbHost, dbPort, tmpDir, rootDir, webPort, logLevel, staticDir, assetDir, mailServer, mailPort, mailUser, mailPasswd) from cairis.bin.add_cairis_user import user_datastore, db db.create_all() if (userName != ''): rp = ''.join(choice(ascii_letters + digits) for i in range(255)) dbAccount = canonicalDbUser(userName) user_datastore.create_user(email=userName, account=dbAccount, password=passWd, dbtoken=rp, name='Default user') db.session.commit() createDatabaseAccount(dbRootPassword, dbHost, dbPort, userName, rp) createDatabaseAndPrivileges(dbRootPassword, dbHost, dbPort, userName, rp, dbAccount + '_default') createDatabaseSchema(rootDir, dbHost, dbPort, userName, rp, dbAccount + '_default') createDefaults(rootDir, dbHost, dbPort, userName, rp, dbAccount + '_default')
def addAdditionalUserData(userName, passWd): fUser = user_datastore.find_user(email=userName) rp = ''.join( choice(string.ascii_letters + string.digits) for i in range(255)) fUser.dbtoken = rp db.session.commit() b = Borg() dbAccount = canonicalDbUser(userName) createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, userName, rp, dbAccount + '_default') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp, dbAccount + '_default') createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp, dbAccount + '_default')
def main(): parser = argparse.ArgumentParser( description= 'Computer Aided Integration of Requirements and Information Security - Backup server' ) parser.add_argument('tarArchive', help='Model archive tarball to be created ') args = parser.parse_args() cairis.core.BorgFactory.initialise() b = Borg() aNames = accounts(b.rPasswd, b.dbHost, b.dbPort) for email in aNames: userPasswd = dbtoken(b.rPasswd, b.dbHost, b.dbPort, email) dbUser = canonicalDbUser(email) dbName = dbUser + '_default' dbProxy = MySQLDatabaseProxy(b.dbHost, b.dbPort, dbUser, userPasswd, dbName) packageFile = b.tmpDir + '/' + email + '.cairis' try: exportPackage(packageFile, None, 0, dbProxy) logger.info('Exported ' + email + ' default database') except ARMException as ex: logger.info('Error exporting ' + email + ' default database : ' + str(ex)) exportPackage(packageFile, None, 1, dbProxy) logger.info('Exported ' + email + ' default database by ignoring validity checks') dbProxy.close() with tarfile.open(args.tarArchive, 'w') as archive: for p in os.listdir(b.tmpDir): modelName = b.tmpDir + '/' + p archive.add(modelName, arcname=p, filter=lambda x: x if x.name.endswith('.cairis') else None) hashFile = b.tmpDir + '/hashes.txt' with open(hashFile, 'w') as f: f.write('\n'.join( list( map(lambda x: ','.join(x), emailHashes(b.rPasswd, b.dbHost, b.dbPort))))) archive.add(hashFile, arcname='hashes.txt')
def testCreateShareResetDelete(self): b = Borg() dropCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort) testAccount = '*****@*****.**' createDbOwnerDatabase(b.rPasswd, b.dbHost, b.dbPort) createCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort) db.create_all() dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount) accountList = accounts(b.rPasswd, b.dbHost, b.dbPort) self.assertEqual(testAccount not in accountList, True) rp = ''.join( choice(string.ascii_letters + string.digits) for i in range(255)) dbAccount = canonicalDbUser(testAccount) createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp, canonicalDbUser(testAccount) + '_default') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp, dbAccount + '_default') user_datastore.create_user(email=testAccount, account=dbAccount, password='******', dbtoken=rp, name='Test user') db.session.commit() self.assertEqual(rp, dbtoken(b.rPasswd, b.dbHost, b.dbPort, testAccount)) createDefaults(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp, dbAccount + '_default') accountList = accounts(b.rPasswd, b.dbHost, b.dbPort) self.assertEqual(testAccount in accountList, True) self.assertEqual(existingAccount(testAccount), True) self.assertEqual(len(databases(dbAccount)), 1) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp, canonicalDbUser(testAccount) + '_Test1') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp, dbAccount + '_Test1') self.assertEqual(len(databases(dbAccount)), 2) self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0) self.assertEqual(isOwner(dbAccount, 'Test1'), True) testAccount2 = '*****@*****.**' rp2 = ''.join( choice(string.ascii_letters + string.digits) for i in range(255)) dbAccount2 = canonicalDbUser(testAccount2) createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount2, rp2) createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount2, rp2, canonicalDbUser(testAccount2) + '_default') createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp2, dbAccount2 + '_default') user_datastore.create_user(email=testAccount2, account=dbAccount2, password='******', dbtoken=rp2, name='Test user 2') db.session.commit() accountList = accounts(b.rPasswd, b.dbHost, b.dbPort) self.assertEqual(testAccount2 in accountList, True) self.assertEqual(len(databases(dbAccount2)), 1) grantDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1', testAccount2) self.assertEqual(len(databases(dbAccount2)), 2) self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 1) self.assertEqual(isOwner(dbAccount2, 'Test1'), False) revokeDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1', testAccount2) self.assertEqual(len(databases(dbAccount2)), 1) self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0) resetUsers(b.cairisRoot, b.rPasswd, b.dbHost, b.dbPort) self.assertEqual(len(databases(dbAccount)), 1) self.assertEqual(len(databases(dbAccount2)), 1) dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount) dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount2) accountList = accounts(b.rPasswd, b.dbHost, b.dbPort) self.assertEqual(testAccount not in accountList, True) self.assertEqual(testAccount2 not in accountList, True)