예제 #1
0
파일: alias.py 프로젝트: dmdm/PySite 
 def xhr_list_domains(self):
     sess = DbSession()
     qry = sess.query(Domain.id, Domain.name).order_by(
         Domain.name)
     opts = "\n".join(['<option value="{0}">{1}</option>'.format(
         markupsafe.escape(x[0]), markupsafe.escape(x[1])) for x in qry])
     return "<select>\n" + opts + "\n</select>"
예제 #2
0
파일: alias.py 프로젝트: dmdm/PySite 
 def _build_browse_queries(self, request, grid):
     sess = DbSession()
     vw_browse = pysite.vmailmgr.models.get_vw_alias_browse()
     # Build query for count and apply filter
     qry_total = sess.query(sa.func.count(vw_browse.c.id))
     qry_total = grid.apply_filter(qry_total)
     qry = sess.query(vw_browse)
     # Setup field names for initial order and primary key
     if not grid.order_field:
         grid.order_field = 'id'
     # Apply filter, order and limit from grid to qry.
     # Grid must have been initialised with order_field for this.
     qry = grid.apply_filter(qry)
     qry = grid.apply_order(qry)
     qry = grid.apply_limit(qry)
     return (qry, qry_total, )
예제 #3
0
파일: manager.py 프로젝트: dmdm/PySite 
def update_principal(data):
    """
    Updates a principal.

    Data fields:
    ``id``:     Required. ID of principal to update
    ``editor``: Required
    ``mtime``:  Required

    :param data: Dict with data fields
    :returns: Instance of updated principal
    """
    # Make sure the password is encrypted
    if 'pwd' in data:
        if not data['pwd'].startswith(('{', '$')):
            data['pwd'] = pysite.security.pwd_context.encrypt(data['pwd'],
                PASSWORD_SCHEME)
    # Allow only lowercase principals
    if 'principal' in data:
        data['principal'] = data['principal'].lower()
    # Ditto email
    if 'email' in data:
        data['email'] = data['email'].lower()
    sess = DbSession()
    p = sess.query(Principal).filter(Principal.id == data['id']).one()
    for k, v in data.items():
        setattr(p, k, v)
    # If display_name is emptied, use principal
    if not p.display_name:
        p.display_name = p.principal
    sess.flush()
    return p
예제 #4
0
파일: principal.py 프로젝트: dmdm/PySite 
 def xhr_create_rolemember(self):
     log = pysite.lib.JsonResp()
     principal_ids = [int(x) for x in self.request.POST.getall(
         'principal_ids[]') if int(x) != 0]
     if not principal_ids:
         log.error('No principals selected')
         return log.resp
     role_ids = [int(x) for x in self.request.POST.getall(
         'role_ids[]') if int(x) != 0]
     if not role_ids:
         log.error('No roles selected')
         return log.resp
     sess = DbSession()
     try:
         for rid in role_ids:
             for pid in principal_ids:
                 # XXX This is not atomic!
                 if not sess.query(RoleMember.id).filter(
                         sa.and_(RoleMember.principal_id == pid,
                             RoleMember.role_id == rid)).all():
                     manager.create_rolemember(dict(
                         owner=self.request.user.uid,
                         principal_id=pid,
                         role_id=rid
                     ))
     except (StatementError) as exc:
         log.fatal(str(exc))
         return log.resp
     else:
         log.ok("{0} principals added to {1} roles"
             .format(len(principal_ids), len(role_ids)))
         return log.resp
예제 #5
0
파일: manager.py 프로젝트: dmdm/PySite 
def update_domain(data):
    """
    Updates a domain.

    Field ``tenant``, if given, can be ID (int), principal (str) or
    an instance of a Principal.

    Data fields:
    ``id``:     Required. ID of domain to update
    ``editor``: Required. ID of Principal
    ``mtime``:  Required

    :param data: Dict with data fields
    :returns: Instance of updated domain
    """
    # If 'tenant' is set, it may be ID, name or instance of a principal.
    if 'tenant' in data:
        if not isinstance(data['tenant'], Principal):
            data['tenant'] = Principal.find_one(data['tenant'])
        data['tenant_id'] = data['tenant'].id
        del data['tenant']
    sess = DbSession()
    dom = sess.query(Domain).filter(Domain.id==data['id']).one()
    for k, v in data.items():
        setattr(dom, k, v)
    sess.flush()
    return dom
예제 #6
0
파일: manager.py 프로젝트: dmdm/PySite 
def update_alias(data):
    """
    Updates an existing alias.

    Field ``domain``, if given, can be ID (int), name (str) or
    an instance of a Domain.

    Data fields:
    ``id``:     Required. ID of alias to update
    ``editor``: Required. ID of Principal
    ``mtime``:  Required

    :param data: Dict with data fields
    :returns: Instance of updated alias
    """
    if 'domain' in data:
        if not isinstance(data['domain'], Domain):
            data['domain'] = Domain.find_one(data['domain'])
        data['domain_id'] = data['domain'].id
        del data['domain']
    sess = DbSession()
    al = sess.query(Alias).filter(Alias.id==data['id']).one()
    for k, v in data.items():
        setattr(al, k, v)
    sess.flush()
    return al
예제 #7
0
파일: manager.py 프로젝트: dmdm/PySite 
def update_mailbox(data):
    """
    Updates a mailbox.

    Field ``domain``, if given, can be ID (int), name (str) or
    an instance of a Domain.

    Data fields:
    ``id``:     Required. ID of mailbox to update
    ``editor``: Required. ID of Principal
    ``mtime``:  Required

    :param data: Dict with data fields
    :returns: Instance of updated mailbox
    """
    # If 'domain' is set, it may be ID, name or instance of a domain.
    if 'domain' in data:
        if not isinstance(data['domain'], Domain):
            data['domain'] = Domain.find_one(data['domain'])
        data['domain_id'] = data['domain'].id
        del data['domain']
    # Make sure the password is encrypted
    if 'pwd' in data and not data['pwd'].startswith('{'):
        data['pwd'] = pysite.security.pwd_context(data['pwd'],
            PASSWORD_SCHEME)

    sess = DbSession()
    mb = sess.query(Mailbox).filter(Mailbox.id==data['id']).one()
    for k, v in data.items():
        setattr(mb, k, v)
    sess.flush()
    return mb
예제 #8
0
파일: domain.py 프로젝트: dmdm/PySite 
 def xhr_list_tenants(self):
     sess = DbSession()
     qry = sess.query(Principal.id, Principal.display_name).order_by(
         Principal.display_name)
     opts = "\n".join(['<option value="{0}">{1}</option>'.format(
         markupsafe.escape(x[0]), markupsafe.escape(x[1])) for x in qry])
     return "<select>\n" + opts + "\n</select>"
예제 #9
0
파일: manager.py 프로젝트: dmdm/PySite 
def create_principal(data):
    """
    Creates a new principal record.

    Data fields:
    - ``owner``: Required
    - ``roles``: Optional list of role names. Role 'users' is always
                 automatically set.
                 If we provide a value for roles that evaluates to False,
                 this account is not member of any role.

    :param data: Dict with data fields
    :returns: Instance of created principal
    """
    # Determine roles this principal will be member of.
    # Always at least 'users'.
    if 'roles' in data:
        if data['roles']:
            roles = set(data['roles'] + ['users'])
        else:
            roles = set()
        del data['roles']
    else:
        roles = ['users']
    # Make sure the password is encrypted
    if 'pwd' in data:
        if not data['pwd'].startswith(('{', '$')):
            data['pwd'] = pysite.security.pwd_context.encrypt(data['pwd'],
                PASSWORD_SCHEME)
    # If display_name is not explicitly set, use principal, thus
    # preserving its case (real principal will be stored lower case).
    if not 'display_name' in data:
        data['display_name'] = data['principal']
    # Allow only lowercase principals
    data['principal'] = data['principal'].lower()
    # Ditto email
    data['email'] = data['email'].lower()

    sess = DbSession()
    # Create principal
    p = Principal()
    for k, v in data.items():
        setattr(p, k, v)
    sess.add(p)
    sess.flush()  # to get ID of principal
    # Load/create the roles and memberships
    for name in roles:
        try:
            r = sess.query(Role).filter(Role.name == name).one()
        except NoResultFound:
            r = Role(name=name, owner=data['owner'])
            sess.add(r)
            sess.flush()
        rm = RoleMember(principal_id=p.id, role_id=r.id, owner=p.owner)
        sess.add(rm)
    sess.flush()
    return p
예제 #10
0
파일: manager.py 프로젝트: dmdm/PySite 
def delete_rolemember(id):
    """
    Deletes a rolemember.

    :param id: ID of rolemember to delete
    """
    sess = DbSession()
    rm = sess.query(RoleMember).filter(RoleMember.id == id).one()
    sess.delete(rm)
    sess.flush()
예제 #11
0
파일: manager.py 프로젝트: dmdm/PySite 
def delete_role(id):
    """
    Deletes a role.

    :param id: ID of role to delete
    """
    sess = DbSession()
    r = sess.query(Role).filter(Role.id == id).one()
    sess.delete(r)
    sess.flush()
예제 #12
0
파일: manager.py 프로젝트: dmdm/PySite 
def delete_principal(id):
    """
    Deletes a principal.

    :param id: ID of principal to delete
    """
    sess = DbSession()
    p = sess.query(Principal).filter(Principal.id == id).one()
    sess.delete(p)
    sess.flush()
예제 #13
0
파일: manager.py 프로젝트: dmdm/PySite 
def load_by_principal(principal):
    """
    Loads a princpal instance by principal.
    """
    sess = DbSession()
    try:
        p = sess.query(Principal).filter(
            Principal.principal == principal).one()
    except NoResultFound:
        raise AuthError('Principal not found')
    return p
예제 #14
0
파일: manager.py 프로젝트: dmdm/PySite 
def update_role(data):
    """
    Updates a role.

    Data fields:
    ``id``:     Required. ID of role to update
    ``editor``: Required
    ``mtime``:  Required

    :param data: Dict with data fields
    :returns: Instance of updated role
    """
    sess = DbSession()
    r = sess.query(Role).filter(Role.id == data['id']).one()
    for k, v in data.items():
        setattr(r, k, v)
    sess.flush()
    return r
예제 #15
0
파일: manager.py 프로젝트: dmdm/PySite 
def _login(filter, pwd):
    """
    Performs login.

    Called by the ``login_by...`` functions which initialise the filter.
    """
    filter.append(Principal.is_enabled == True)
    filter.append(Principal.is_blocked == False)
    sess = DbSession()
    try:
        p = sess.query(Principal).filter(and_(*filter)).one()
    except NoResultFound:
        raise AuthError('Principal not found')
    if not pysite.security.pwd_context.verify(pwd, p.pwd):
        raise AuthError('Wrong credentials')
    p.prev_login_time = p.login_time
    p.login_time = datetime.datetime.now()
    sess.flush()
    return p