def loginWithoutPwd(self): obj = json.loads(self.request.body) if not checkKeys(obj, ['username']): self.write(ERR_PARA.message) return user = MeUser(self.appName, obj) userHelper = ClassHelper('develop', 'User') userInfo = userHelper.get(self.appInfo['user']) # library授权 if userInfo['type'] == 2: if user['bundleId']: log.info("Library User[%s] Auth. bundleId[%s]", user['username'], user['bundleId']); elif user['package']: log.info("Library User[%s] Auth. package[%s]", user['username'], user['package']); log.info('auth app[%s]', self.appInfo['appName']); # 普通授权失败 elif user['bundleId'] != None: if (not self.appInfo.has_key('bundleId')) or self.appInfo['bundleId'] != user['bundleId']: log.err('[%s] bundleId[%s] not match. LoginWithoutPwd Error.', self.appInfo['appName'], user['bundleId']) self.write(ERR_UNAUTHORIZED.message) return log.info('auth app[%s]', self.appInfo['appName']); elif user['package']: if (not self.appInfo.has_key('package')) or self.appInfo['package'] != user['package']: log.err('[%s] package[%s] not match. LoginWithoutPwd Error.', self.appInfo['appName'], user['package']) self.write(ERR_UNAUTHORIZED.message) return log.info('auth app[%s]', self.appInfo['appName']); else: log.err("loginWithoutPwd Error: Invalid. %s", self.request.body) self.write(ERR_UNAUTHORIZED.message) return # 检查数量限制 # userHelper = ClassHelper(self.appDb, "User") # userUpper = self.appInfo['userUpper'] # # userUpper=0表示无数量限制 # if userUpper>0: # if userHelper.count() > userUpper: # log.err('[%s] over user count limit', self.appInfo['appName']); # self.write(ERR_USER_PERMISSION.message) try: user.loginWithoutPwd() log.info('LoginWithoutPwd: %s', user['username']) self.set_secure_cookie("u", user['username']) user['authen'] = userInfo['authen']; self.write(json.dumps(user, cls=MeEncoder)) # 登录日志 loginLog = MeObject(self.appName, 'LoginLog') loginLog['username'] = user['username'] if hasattr(self, 'client_ip'): loginLog['ip'] = self.client_ip; loginLog.save() except Exception, e: log.err("LoginWithoutPwd Error: %s Error:%s", self.request.body, str(e)) self.write(str(e))
def delete(self, className, objectId): if not objectId: self.write(ERR_PARA.message) return if BaseConfig.deleteClass.count(className) <= 0: self.write(ERR_USER_PERMISSION.message) return try: ObjectId(objectId) except Exception: self.write(ERR_OBJECTID_MIS.message) return classHelper = ClassHelper(className) obj = classHelper.find_one({"_id": objectId}) if not obj: self.write(ERR_OBJECTID_MIS.message) return mo = MeObject(className, obj, False) mo.overLoadGet = False acl = MeACL(mo['acl']) if not acl.deleteAccess(self.user): self.write(ERR_USER_PERMISSION.message) return else: classHelper.delete(objectId) self.write(ERR_SUCCESS.message)
def getJson(self, className, query): classHelper = ClassHelper(className) result = classHelper.find_one(query) mo = MeObject(className, result, False) mo.overLoadGet = False acl = MeACL(mo['acl']) if not acl.readAccess(self.user): return None return mo
def getList(self, className, query): classHelper = ClassHelper(className) result = classHelper.find(query) objects = [] for obj in result: mo = MeObject(className, obj, False) mo.overLoadGet = False acl = MeACL(mo['acl']) if not acl.readAccess(self.user): continue objects.append(mo) if len(objects) == 0: return None return objects
def get(self, className, objectId=None): # if className == "User": # self.write(ERR_CLASS_PERMISSION.message) # return if objectId: try: ObjectId(objectId) except Exception: self.write(ERR_OBJECTID_MIS.message) return obj = MeObject(className) if not obj.get(objectId): self.write(ERR_OBJECTID_MIS.message) else: mo = obj.get(objectId) # self.filter_field(mo) self.write(json.dumps(mo, cls=MeEncoder)) else: classHelper = ClassHelper(className) query = {} objs = None if self.request.arguments.has_key('aggregate'): query = eval(self.get_argument('aggregate')) objs = classHelper.aggregate(query) else: if self.request.arguments.has_key('where'): query = eval(self.get_argument('where')) try: if query.has_key('_id'): ObjectId(query['_id']) if query.has_key('$or'): for item in query['$or']: if "_id" in item: item["_id"] = ObjectId(item["_id"]) except Exception: self.write(ERR_OBJECTID_MIS.message) return if self.request.arguments.has_key('keys'): keys = eval(self.get_argument('keys')) else: keys = None try: sort = json.loads(self.get_argument('sort', '{}')) idSort = sort.get('_id', -1) sort = sort or None except Exception, e: self.write(ERR_INVALID.message) print e return skip = 0 limit = 20 try: if self.request.arguments.has_key('skip'): skip = int(self.get_argument('skip')) if self.request.arguments.has_key('limit'): limit = int(self.get_argument('limit')) except Exception: self.write(ERR_INVALID.message) return if limit > 100: self.write(ERR_INVALID.message) return objs = classHelper.find(query, keys, sort, limit, skip) objects = [] for obj in objs: mo = MeObject(className, obj, False) mo.overLoadGet = False acl = MeACL(mo['acl']) # if not acl.readAccess(self.user): # continue # self.filter_field(mo) objects.append(mo) self.write(json.dumps(objects, cls=MeEncoder))
except Exception, e: log.err("JSON Error:%s , error:%s", self.request.body, str(e)) self.write(ERR_INVALID.message) return print 'className:' + className if type(obj) == list: objectIdError = False for index in range(len(obj) - 1): try: for key, value in obj[index].items(): if value.has_key('_sid'): ObjectId(value['_sid']) value = self.sentiveCheck(key, value) value = self.blacklistCheck(className, value) if value: meobj = MeObject(key, value) meobj.save() else: self.write(ERR_BLACK_PERMISSION.message) except bson.errors.InvalidId: objectIdError = True break except Exception, e: log.err("Error:%s , error:%s", self.request.body, str(e)) if objectIdError: self.write(ERR_OBJECTID_MIS.message) return mainObj = obj[len(obj) - 1] try: if mainObj.has_key('_sid'): ObjectId(mainObj['_sid'])
def get(self, className, objectId=None): admin = False if self.get_current_user() in BaseConfig.adminUser: admin = True if not admin: if className in BaseConfig.accessNoClass: self.write(ERR_CLASS_PERMISSION.message) return if className not in BaseConfig.projectClass: #不存在的class self.write(ERR_PATH_PERMISSION.message) return verify = self.verify_cookie(className) if not verify: self.write(ERR_UNAUTHORIZED.message) return if objectId: try: ObjectId(objectId) except Exception: self.write(ERR_OBJECTID_MIS.message) return obj = MeObject(className) if not obj.get(objectId): self.write(ERR_OBJECTID_MIS.message) else: mo = obj.get(objectId) self.filter_field(mo) self.write(json.dumps(mo, cls=MeEncoder)) else: classHelper = ClassHelper(className) query = {} objs = None if self.request.arguments.has_key('aggregate'): query = eval(self.get_argument('aggregate')) objs = classHelper.aggregate(query) else: if self.request.arguments.has_key('where'): query = eval(self.get_argument('where')) try: if query.has_key('_id'): ObjectId(query['_id']) if query.has_key('$or'): for item in query['$or']: if "_id" in item: item["_id"] = ObjectId(item["_id"]) except Exception: self.write(ERR_OBJECTID_MIS.message) return if self.request.arguments.has_key('keys'): keys = eval(self.get_argument('keys')) else: keys = None try: sort = json.loads(self.get_argument('sort', '{}')) idSort = sort.get('_id', -1) sort = sort or None except Exception, e: self.write(ERR_INVALID.message) print e return try: if self.request.arguments.has_key('startId'): startId = self.get_argument('startId') if idSort == -1: query["_id"] = {"$lt": ObjectId(startId)} elif idSort == 1: query["_id"] = {"$gt": ObjectId(startId)} if self.request.arguments.has_key('limit'): limit = int(self.get_argument('limit')) else: limit = 20 except Exception: self.write(ERR_INVALID.message) return skip = 0 try: if self.request.arguments.has_key('skip'): skip = int(self.get_argument('skip')) except Exception: self.write(ERR_INVALID.message) return if limit > 100: self.write(ERR_INVALID.message) return objs = classHelper.find(query, keys, sort, limit, skip) objects = [] for obj in objs: mo = MeObject(className, obj, False) mo.overLoadGet = False if self.get_current_user() and not admin: acl = MeACL(mo['acl']) if not acl.readAccess(self.user): continue self.filter_field(mo) objects.append(mo) self.write(json.dumps(objects, cls=MeEncoder))
def __init__(self, obj=None): MeObject.__init__(self, 'File', obj)