def client_config(): if not current_user.is_api_user() and current_user.is_authenticated: client_config = { 'newVersionAvailable': bool(get_latest_version()), 'version': __version__ } else: client_config = {} defaults = { 'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT, 'showPermissionsControl': current_org.get_setting("feature_show_permissions_control"), 'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS, 'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES, 'mailSettingsMissing': not settings.email_server_is_configured(), 'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS, 'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS, 'googleLoginEnabled': settings.GOOGLE_OAUTH_ENABLED, 'pageSize': settings.PAGE_SIZE, 'pageSizeOptions': settings.PAGE_SIZE_OPTIONS, 'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE, } client_config.update(defaults) client_config.update({ 'basePath': base_href() }) client_config.update(date_format_config()) client_config.update(number_format_config()) return client_config
def client_config(): if not current_user.is_api_user() and current_user.is_authenticated: client_config = { 'newVersionAvailable': bool(get_latest_version()), 'version': __version__ } else: client_config = {} defaults = { 'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT, 'showPermissionsControl': current_org.get_setting("feature_show_permissions_control"), 'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS, 'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES, 'extendedAlertOptions': settings.FEATURE_EXTENDED_ALERT_OPTIONS, 'mailSettingsMissing': not settings.email_server_is_configured(), 'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS, 'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS, 'googleLoginEnabled': settings.GOOGLE_OAUTH_ENABLED, 'pageSize': settings.PAGE_SIZE, 'pageSizeOptions': settings.PAGE_SIZE_OPTIONS, 'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE, } client_config.update(defaults) client_config.update({ 'basePath': base_href() }) client_config.update(date_time_format_config()) client_config.update(number_format_config()) return client_config
def client_config(): if not current_user.is_api_user() and current_user.is_authenticated: client_config = { "newVersionAvailable": bool(get_latest_version()), "version": __version__, } else: client_config = {} if (current_user.has_permission("admin") and current_org.get_setting("beacon_consent") is None): client_config["showBeaconConsentMessage"] = True defaults = { "allowScriptsInUserInput": settings.ALLOW_SCRIPTS_IN_USER_INPUT, "showPermissionsControl": current_org.get_setting("feature_show_permissions_control"), "hidePlotlyModeBar": current_org.get_setting("hide_plotly_mode_bar"), "disablePublicUrls": current_org.get_setting("disable_public_urls"), "disableEmbedUrls": current_org.get_setting("disable_embed_urls"), "allowCustomJSVisualizations": settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS, "autoPublishNamedQueries": settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES, "extendedAlertOptions": settings.FEATURE_EXTENDED_ALERT_OPTIONS, "mailSettingsMissing": not settings.email_server_is_configured(), "dashboardRefreshIntervals": settings.DASHBOARD_REFRESH_INTERVALS, "queryRefreshIntervals": settings.QUERY_REFRESH_INTERVALS, "googleLoginEnabled": settings.GOOGLE_OAUTH_ENABLED, "microsoftLoginEnabled": settings.MICROSOFT_OAUTH_ENABLED, "ldapLoginEnabled": settings.LDAP_LOGIN_ENABLED, "pageSize": settings.PAGE_SIZE, "pageSizeOptions": settings.PAGE_SIZE_OPTIONS, "tableCellMaxJSONSize": settings.TABLE_CELL_MAX_JSON_SIZE, } client_config.update(defaults) client_config.update({"basePath": base_href()}) client_config.update(date_time_format_config()) client_config.update(number_format_config()) return client_config
def invite_user(org, inviter, user, send_email=True): d = user.to_dict() invite_url = invite_link_for_user(user) if settings.email_server_is_configured() and send_email: send_invite_email(inviter, user, invite_url, org) else: d['invite_link'] = invite_url return d
def post(self, user_id): user = models.User.get_by_id(user_id) if user.is_disabled: abort(404, message='Not found') verify_link = verify_link_for_user(user) email_sent = False if settings.email_server_is_configured(): send_verify_email(user, verify_link) email_sent = True return {'verify_link': verify_link, 'email_sent': email_sent}
def client_config(): client_config = {} defaults = { 'allowScriptsInUserInput': settings.ALLOW_SCRIPTS_IN_USER_INPUT, 'allowCustomJSVisualizations': settings.FEATURE_ALLOW_CUSTOM_JS_VISUALIZATIONS, 'autoPublishNamedQueries': settings.FEATURE_AUTO_PUBLISH_NAMED_QUERIES, 'mailSettingsMissing': not settings.email_server_is_configured(), 'dashboardRefreshIntervals': settings.DASHBOARD_REFRESH_INTERVALS, 'queryRefreshIntervals': settings.QUERY_REFRESH_INTERVALS, 'pageSize': settings.PAGE_SIZE, 'pageSizeOptions': settings.PAGE_SIZE_OPTIONS, 'tableCellMaxJSONSize': settings.TABLE_CELL_MAX_JSON_SIZE, } client_config.update(defaults) client_config.update(date_time_format_config()) client_config.update(number_format_config()) return client_config
def post(self, user_id): require_admin_or_owner(user_id) user = models.User.get_by_id_and_org(user_id, self.current_org) req = request.get_json(True) params = project( req, ('email', 'name', 'password', 'old_password', 'group_ids')) if 'password' in params and 'old_password' not in params: abort(403, message="Must provide current password to update password.") if 'old_password' in params and not user.verify_password( params['old_password']): abort(403, message="Incorrect current password.") if 'password' in params: user.hash_password(params.pop('password')) params.pop('old_password') if 'group_ids' in params: if not self.current_user.has_permission('admin'): abort(403, message="Must be admin to change groups membership.") for group_id in params['group_ids']: try: models.Group.get_by_id_and_org(group_id, self.current_org) except NoResultFound: abort(400, message="Group id {} is invalid.".format(group_id)) if len(params['group_ids']) == 0: params.pop('group_ids') if 'email' in params: _, domain = params['email'].split('@', 1) if domain.lower() in blacklist or domain.lower() == 'qq.com': abort(400, message='Bad email address.') email_address_changed = 'email' in params and params[ 'email'] != user.email needs_to_verify_email = email_address_changed and settings.email_server_is_configured( ) if needs_to_verify_email: user.is_email_verified = False try: self.update_model(user, params) models.db.session.commit() if needs_to_verify_email: send_verify_email(user, self.current_org) # The user has updated their email or password. This should invalidate all _other_ sessions, # forcing them to log in again. Since we don't want to force _this_ session to have to go # through login again, we call `login_user` in order to update the session with the new identity details. if current_user.id == user.id: login_user(user, remember=True) except IntegrityError as e: if "email" in e.message: message = "Email already taken." else: message = "Error updating record" abort(400, message=message) self.record_event({ 'action': 'edit', 'object_id': user.id, 'object_type': 'user', 'updated_fields': params.keys() }) return user.to_dict(with_api_key=is_admin_or_owner(user_id))
def post(self, user_id): require_admin_or_owner(user_id) user = models.User.get_by_id_and_org(user_id, self.current_org) req = request.get_json(True) params = project( req, ("email", "name", "password", "old_password", "group_ids") ) if "password" in params and "old_password" not in params: abort(403, message="Must provide current password to update password.") if "old_password" in params and not user.verify_password( params["old_password"] ): abort(403, message="Incorrect current password.") if "password" in params: user.hash_password(params.pop("password")) params.pop("old_password") if "group_ids" in params: if not self.current_user.has_permission("admin"): abort(403, message="Must be admin to change groups membership.") for group_id in params["group_ids"]: try: models.Group.get_by_id_and_org(group_id, self.current_org) except NoResultFound: abort(400, message="Group id {} is invalid.".format(group_id)) if len(params["group_ids"]) == 0: params.pop("group_ids") if "email" in params: require_allowed_email(params["email"]) email_address_changed = "email" in params and params["email"] != user.email needs_to_verify_email = ( email_address_changed and settings.email_server_is_configured() ) if needs_to_verify_email: user.is_email_verified = False try: self.update_model(user, params) models.db.session.commit() if needs_to_verify_email: send_verify_email(user, self.current_org) # The user has updated their email or password. This should invalidate all _other_ sessions, # forcing them to log in again. Since we don't want to force _this_ session to have to go # through login again, we call `login_user` in order to update the session with the new identity details. if current_user.id == user.id: login_user(user, remember=True) except IntegrityError as e: if "email" in str(e): message = "Email already taken." else: message = "Error updating record" abort(400, message=message) self.record_event( { "action": "edit", "object_id": user.id, "object_type": "user", "updated_fields": list(params.keys()), } ) return user.to_dict(with_api_key=is_admin_or_owner(user_id))
def post(self, user_id): require_admin_or_owner(user_id) user = models.User.get_by_id_and_org(user_id, self.current_org) req = request.get_json(True) params = project(req, ('email', 'name', 'password', 'old_password', 'group_ids')) if 'password' in params and 'old_password' not in params: abort(403, message="Must provide current password to update password.") if 'old_password' in params and not user.verify_password(params['old_password']): abort(403, message="Incorrect current password.") if 'password' in params: user.hash_password(params.pop('password')) params.pop('old_password') if 'group_ids' in params: if not self.current_user.has_permission('admin'): abort(403, message="Must be admin to change groups membership.") for group_id in params['group_ids']: try: models.Group.get_by_id_and_org(group_id, self.current_org) except NoResultFound: abort(400, message="Group id {} is invalid.".format(group_id)) if len(params['group_ids']) == 0: params.pop('group_ids') if 'email' in params: _, domain = params['email'].split('@', 1) if domain.lower() in blacklist or domain.lower() == 'qq.com': abort(400, message='Bad email address.') email_address_changed = 'email' in params and params['email'] != user.email needs_to_verify_email = email_address_changed and settings.email_server_is_configured() if needs_to_verify_email: user.is_email_verified = False try: self.update_model(user, params) models.db.session.commit() if needs_to_verify_email: send_verify_email(user, self.current_org) # The user has updated their email or password. This should invalidate all _other_ sessions, # forcing them to log in again. Since we don't want to force _this_ session to have to go # through login again, we call `login_user` in order to update the session with the new identity details. if current_user.id == user.id: login_user(user, remember=True) except IntegrityError as e: if "email" in e.message: message = "Email already taken." else: message = "Error updating record" abort(400, message=message) self.record_event({ 'action': 'edit', 'object_id': user.id, 'object_type': 'user', 'updated_fields': params.keys() }) return user.to_dict(with_api_key=is_admin_or_owner(user_id))