def get(self): # deferred.defer(add_permissions_schema_update.AddPermissionsSchemaUpdate) # self.response.out.write('Schema migration successfully initiated.') login_success = 0 login_failures = 0 orgs = organization.Organization.all() for org in orgs: del org._password_hash_list[:] if generate_hash.recursive_hash( org.password) not in org._password_hash_list: org._password_hash_list.append( generate_hash.recursive_hash(org.password)) organization.PutAndCache(org) # log. Save old? for org in orgs: if generate_hash.recursive_hash( org.password) in org._password_hash_list: login_success += 1 else: login_failures += 1 self.response.out.write('Passwords updated<br>') self.response.out.write("Login successes: %s<br>" % login_success) self.response.out.write("Login failures: %s<br>" % login_failures)
def get(self): ### Loop through the password hashes of each org orgs = organization.Organization.all() for org in orgs: for password_hash in org._password_hash_list: ### Find an audit with that password hash audit = audit_db.Audit.all().order("-created_at").filter( "password_hash =", password_hash).get() ### get todays date, and set a cutoff date depending on ### if the password has been used to login or not today = datetime.datetime.now() cutoff_date = today - datetime.timedelta(days=CUTOFF_DAYS) if audit and audit.type == "generate_new_password": cutoff_date = today - datetime.timedelta( days=FIRST_LOGIN_CUTOFF_DAYS) ### If the password hash hasn't been used since the cutoff date ### try to delete it, or log the error if audit and audit.created_at < cutoff_date: try: org._password_hash_list.remove(password_hash) organization.PutAndCache(org) logging.info("Password removed") except: logging.error("Password removal error") logging.error(password_hash) logging.error(org.name)
def GetOrganizationForm(post_data): e = event_db.Event(name="Test Incident", case_label="B", counties=["Kings"]) query_string = "SELECT * FROM Organization WHERE is_active = True ORDER BY name" organizations = db.GqlQuery(query_string) events = event_db.GetAllCached() events = db.GqlQuery("SELECT * From Event ORDER BY created_date DESC") event_key = None if events.count() == 0: logging.warning("Initialize called") e = event_db.Event(name="North Central Victorian Floods", case_label="A", short_name="ncv_floods") e.put() event_key = e.key() # TODO(Jeremy): This could be dangerous if we reset events. for s in site_db.Site.all().run(batch_size=1000): event_db.AddSiteToEvent(s, e.key().id(), force=True) events = [e] if organizations.count() == 0: # init: populate the database with Admin user admin_org = organization.Organization(name="Admin", password="******", org_verified=True, is_active=True, is_admin=True, incidents=[event_key]) organization.PutAndCache(admin_org) admin_contact = primary_contact_db.Contact(first_name="Admin", last_name="Admin", title="Admin", phone="1234", email="*****@*****.**", organization=admin_org, is_primary=True) admin_contact.put() organizations = db.GqlQuery( "SELECT * FROM Organization WHERE is_active = True ORDER BY name") class OrganizationForm(wtforms.form.Form): event = wtforms.fields.SelectField( 'Work Event', choices=[(e.name, e.name) for e in events], validators=[wtforms.validators.required()]) password = wtforms.fields.PasswordField( 'Password', validators=[wtforms.validators.required()]) form = OrganizationForm(post_data) return form
def AuthenticatedPost(self, org, event): if not org.name == GLOBAL_ADMIN_NAME: self.redirect("/") return data = event_db.NewEventForm(self.request.POST) if not data.validate(): query_string = "SELECT * FROM Event" events_list = db.GqlQuery(query_string) count = events_list.count() self.response.out.write( template.render({ "form": data, "errors": data.errors, "case_label": CASE_LABELS[count], })) else: query_string = "SELECT * FROM Event" events_list = db.GqlQuery(query_string) count = events_list.count() this_event = event_db.Event( name=data.name.data, short_name=data.short_name.data, case_label=CASE_LABELS[count], ) ten_minutes = 600 cache.PutAndCache(this_event, ten_minutes) # create local admin new_admin = organization.Organization( name="Local Admin - " + data.short_name.data, email="", phone="", address="", city="", state="", zip_code="", physical_presence=True, number_volunteers="0", voad_member=False, org_verified=True, twitter="", url="", facebook="", incidents=[this_event.key()], password=self.request.get("password"), is_active=True, is_admin=True, ) organization.PutAndCache(new_admin, ten_minutes) self.redirect("/admin")
def AuthenticatedPost(self, org, event): """ Update info details of authenticated org. """ form = organization.OrganizationInformationForm(self.request.POST) if form.validate(): form.populate_obj(org) org.save() organization.PutAndCache(org, 600) self.redirect("/organization-settings") return else: self.response.out.write(template.render({ "form": form, "org": org })) return
def AuthenticatedPost(self, org, event): name = self.request.get("name") form = GetOrganizationForm(self.request.POST) event_name = None if form.event.data: event_name = form.event.data if event_name == "None" or event_name == None: event_name = self.request.get("event_name") logging.info("new password") logging.info(name) logging.info(event_name) password = self.request.get("password") # raise Exception(event_name) if self.request.get("accept") == "true": event_name = self.request.get("event_name") this_event = event_db.Event.all().filter("name =", event_name).get() org = organization.Organization.all().filter( "name =", name).filter("incidents =", this_event.key()).get() password_hash = generate_hash.recursive_hash(password) if org: if password_hash in org._password_hash_list: self.rediect( "/admin?message=That password already exists for that organization" ) return org._password_hash_list.append(password_hash) org._password_hash_list = list(set(org._password_hash_list)) organization.PutAndCache(org) audit = audit_db.new_password(org, password_hash) url = "/admin?message=New password added to " + name + " working on " + event_name self.redirect(url) return else: url = "/admin-generate-new-password?error_message=Could not find " + name + "for: " + event_name self.redirect(url) return password = random_password.generate_password() template_params = page_db.get_page_block_dict() template_params.update({ "password": password, "name": name, "event_name": event_name }) self.response.out.write(post_template.render(template_params))
def AuthenticatedPost(self, org, event): name = self.request.get("name") event_name = self.request.get("event") password = self.request.get("password") event = event_db.Event.all().filter("name =", event_name).get() org = organization.Organization.all().filter("name =", name).filter( "incidents =", event.key()).get() password_hash = generate_hash.recursive_hash(password) if password_hash in org._password_hash_list: org._password_hash_list.remove(password_hash) org._password_hash_list = list(set(org._password_hash_list)) organization.PutAndCache(org) self.redirect("/admin?message=Password deleted.") else: self.redirect( "/admin-delete-password?message=That password doesn't exist for this org. Select an incident to try again." )
def AuthenticatedPost(self, org, _): global_admin = False local_admin = False if org.name == GLOBAL_ADMIN_NAME: global_admin = True if org.is_admin == True and global_admin == False: local_admin = True if global_admin == False and local_admin == False: self.redirect("/") return # create form form = (GlobalAdminCreateOrganizationForm(self.request.POST) if global_admin else CreateOrganizationForm(self.request.POST)) events = self._get_events(org, global_admin, local_admin) form.incident.choices = [(str(event.key().id()), event.name) for event in events] if form.validate() and not form.errors: # create new org event = event_db.Event.get_by_id(int(form.incident.data)) new_org = Organization(name=form.name.data, ) new_org.incidents = [event.key()] new_org.save() del (form.incident) del (form.incidents) form.populate_obj(new_org) new_org.save() organization.PutAndCache(new_org) # redirect to the add contact page self.redirect('/admin-create-contact?selected_org=%d' % new_org.key().id()) else: self.response.out.write( template.render({ "form": form, "global_admin": global_admin, }))
def AuthenticatedPost(self, org, event): global_admin = False local_admin = False if org.name == GLOBAL_ADMIN_NAME: global_admin = True if org.is_admin == True and global_admin == False: local_admin = True if global_admin == False and local_admin == False: self.redirect("/") return if self.request.get("create_contact"): data = primary_contact_db.ContactFormFull(self.request.POST) if data.validate(): organization_id = self.request.get("choose_organization") try: id = int(organization_id) except: return this_organization = organization.Organization.get_by_id(id) if not org.may_administer(this_organization): self.abort(403) contact = primary_contact_db.Contact( first_name=data.first_name.data, last_name=data.last_name.data, title=data.title.data, phone=data.phone.data, email=data.email.data, is_primary=bool(data.is_primary.data), organization=this_organization.key(), ) primary_contact_db.PutAndCache(contact, ten_minutes) self.redirect( "/admin-create-contact?selected_org=%s&message=Contact Created" % this_organization.key().id()) return else: #query_string = "SELECT * FROM Event" #events_list = db.GqlQuery(query_string) suggested_password = random_password.generate_password() query_string = "SELECT * FROM Organization" organization_list = db.GqlQuery(query_string) self.response.out.write( template.render({ "form": data, "errors": data.errors, "create_contact": True, "organization_list": organization_list, })) return if self.request.get("create_admin"): data = organization.OrganizationAdminForm(self.request.POST) event_id = self.request.get("choose_event") try: id = int(event_id) except: return this_event = event_db.Event.get_by_id(id) if local_admin: if not this_event.key() == event.key(): self.redirect("/") return if data.validate(): new_org = organization.Organization( name=data.name.data, email=data.email.data, phone=data.phone.data, address=data.address.data, city=data.city.data, state=data.state.data, zip_code=data.zip_code.data, physical_presence=True, number_volunteers="0", voad_member=False, org_verified=True, twitter=data.twitter.data, url=data.url.data, facebook=data.facebook.data, incidents=[this_event.key()], password=self.request.get("password"), is_active=True, is_admin=True, ) # set all phase fields true for admin for phase_name in new_org.get_phase_boolean_names(): setattr(new_org, phase_name, True) new_contact = primary_contact_db.Contact( first_name=data.contact_first_name.data, last_name=data.contact_last_name.data, title=data.contact_title.data, email=data.contact_email.data, phone=data.contact_phone.data, is_primary=True) organization.PutAndCacheOrganizationAndContact( organization=new_org, contact=new_contact, ) self.redirect("/admin?message=Admin Created") return else: # needs events lists, password, errors query_string = "SELECT * FROM Event" suggested_password = random_password.generate_password() self.response.out.write( template.render({ "form": data, "errors": data.errors, "create_admin": True, #"events_list": events_list, "auto_password": suggested_password, })) return if self.request.get("delete_org_id"): # delete organization try: id = int(self.request.get("delete_org_id")) org_by_id = organization.Organization.get_by_id(id) except: self.abort(400) if not org.may_administer(org_by_id): self.abort(403) primary_contact_db.RemoveOrgFromContacts(org_by_id) db.delete(org_by_id) self.redirect("/admin") return if self.request.get("delete_contact_id"): # delete contact try: id = int(self.request.get("delete_contact_id")) contact_by_id = primary_contact_db.Contact.get_by_id(id) except: self.abort(400) if not org.may_administer(org_by_id): self.abort(403) db.delete(contact_by_id) self.redirect("/admin") return if self.request.get("verify_organization"): # verify organization try: id = int(self.request.get("verify_organization")) org_by_id = organization.Organization.get_by_id(id) except: self.abort(400) # check we are allowed if not org.may_administer(org_by_id): self.abort(403) # perform verification org_by_id.verify() # cache organization.PutAndCache(org_by_id, 600) self.redirect("/admin") return if self.request.get("save_org_id"): # save org (?) try: id = int(self.request.get("save_org_id")) org_by_id = organization.Organization.get_by_id(id) except: self.abort(400) if not org.may_administer(org_by_id): self.abort(403) org_by_id.org_verified = True organization.PutAndCache(org_by_id, 600) self.redirect("/admin") return