def adminServletDeleteUser(request, response, toDeleteUserID):
"""
This function...
@param {Request} request, the request object
@param {Response} response, the response object
"""
try:
#****************************************************************
# Step 0.CHECK IF VALID USER SESSION
#****************************************************************
logging.info("STEP0 - CHECK IF VALID USER....")
userID = request.cookies.get('userID')
sessionToken = request.cookies.get('sessionToken')
userName = request.cookies.get('userName')
UserSessionManager().isValidAdminUser(userID, userName, sessionToken)
if toDeleteUserID == "0":
response.setContent({"success": False})
else:
jobDAOInstance = JobDAO()
filesDAOInstance = FileDAO()
userDAOInstance = UserDAO()
logging.info("STEP1 - CLEANING DATA FOR " + toDeleteUserID + "...")
#****************************************************************
# Step 1. DELETE ALL JOBS FOR THE USER
#****************************************************************
allJobs = jobDAOInstance.findAll(
otherParams={"userID": toDeleteUserID})
jobID = ""
for jobInstance in allJobs:
jobID = jobInstance.getJobID()
logging.info("STEP2 - REMOVING " + jobID + " FROM DATABASE...")
jobDAOInstance.remove(jobInstance.getJobID(),
otherParams={"userID": toDeleteUserID})
#****************************************************************
# Step 3. DELETE ALL FILES FOR THE USER
#****************************************************************
logging.info("STEP3 - REMOVING ALL FILES FROM DATABASE...")
filesDAOInstance.removeAll(otherParams={"userID": toDeleteUserID})
logging.info("STEP3 - REMOVING ALL FILES FROM USER DIRECTORY...")
if os_path.isdir(CLIENT_TMP_DIR + toDeleteUserID):
shutil_rmtree(CLIENT_TMP_DIR + toDeleteUserID)
#****************************************************************
# Step 4. DELETE THE USER INSTANCE FROM DATABASE
#****************************************************************
logging.info("STEP6 - REMOVING ALL FILES FROM DATABASE...")
userDAOInstance.remove(int(toDeleteUserID))
response.setContent({"success": True})
except Exception as ex:
handleException(response, ex, __file__, "adminServletDeleteUser")
finally:
return response
def userManagementChangePassword(request, response):
# VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1. CHECK IF VALID USER SESSION
#****************************************************************
logging.info("STEP0 - CHECK IF VALID USER....")
userID = request.cookies.get('userID')
sessionToken = request.cookies.get('sessionToken')
UserSessionManager().isValidUser(userID, sessionToken)
# ****************************************************************
# Step 2.READ THE NEW PASS
# ****************************************************************
logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...")
password = request.form.get("password")
from hashlib import sha1
password = sha1(password.encode('ascii')).hexdigest()
daoInstance = UserDAO()
userInstance = daoInstance.findByID(userID)
if userInstance == None:
raise CredentialException(
"The email or password you entered is incorrect.")
# ****************************************************************
# Step 3. UPDATE THE MODEL
# ****************************************************************
userInstance.setPassword(password)
daoInstance.update(userInstance, {})
response.setContent({"success": True})
except CredentialException as ex:
handleException(response, ex, __file__, "userManagementChangePassword",
200)
except Exception as ex:
handleException(response, ex, __file__, "userManagementChangePassword")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response
def adminServletGetAllUsers(request, response):
"""
This function obtains a list of all the users registered in the system including different details
such as the used space, the registration date, etc.
@param {Request} request, the request object
@param {Response} response, the response object
"""
try:
#****************************************************************
# Step 0.CHECK IF VALID USER SESSION
#****************************************************************
logging.info("STEP0 - CHECK IF VALID USER....")
userID = request.cookies.get('userID')
sessionToken = request.cookies.get('sessionToken')
userName = request.cookies.get('userName')
UserSessionManager().isValidAdminUser(userID, userName, sessionToken)
#****************************************************************
# Step 1. GET THE LIST OF ALL USERS
#****************************************************************
logging.info("STEP1 - GET THE LIST OF ALL USERS...")
userList = UserDAO().findAll()
for userInstance in userList:
userInstance.usedSpace = 0
if os_path.isdir(CLIENT_TMP_DIR + str(userInstance.getUserId())):
userInstance.usedSpace = dir_total_size(
CLIENT_TMP_DIR + str(userInstance.getUserId()))
response.setContent({
"success": True,
"userList": userList,
"availableSpace": MAX_CLIENT_SPACE,
"max_jobs_days": MAX_JOB_DAYS,
"max_guest_days": MAX_GUEST_DAYS
})
except Exception as ex:
handleException(response, ex, __file__, "adminServletGetAllUsers")
finally:
return response
def adminServletSendReport(request, response, ROOT_DIRECTORY):
"""
This function...
@param {Request} request, the request object
@param {Response} response, the response object
"""
try:
#logging.info("STEP0 - CHECK IF VALID USER....")
#****************************************************************
# Step 0.CHECK IF VALID USER SESSION
#****************************************************************
userID = request.cookies.get('userID')
#sessionToken = request.cookies.get('sessionToken')
#UserSessionManager().isValidUser(userID, sessionToken)
#****************************************************************
# Step 1.GET THE SPECIE CODE AND THE UPDATE OPTION
#****************************************************************
formFields = request.form
if userID is not None:
userEmail = UserDAO().findByID(userID)
userName = userEmail.getUserName()
userEmail = userEmail.getEmail()
else:
userEmail = formFields.get("fromEmail", smpt_sender)
userName = formFields.get("fromName", "No name provided")
type = formFields.get("type")
_message = formFields.get("message")
title = "Other request"
color = "#333"
if type == "error":
type = "Error notification"
title = "<h1>New error notification</h1>"
color = "#f95959"
elif type == "specie_request":
type = "New specie requesting"
title = "<h1>New organism requested</h1>"
color = "#0090ff"
else:
type = "Other request"
message = '<html><body>'
message += "<a href='" + "http://bioinfo.cipf.es/paintomics/" + "' target='_blank'>"
message += " <img src='cid:image1' border='0' width='auto' height='50' alt='Paintomics 3 logo'>"
message += "</a>"
message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>"
message += "<h1>" + title + "</h1>"
message += "<p>Thanks for the report, " + userName + "!</p>"
message += "<p><b>Username:</b> " + userEmail + "</p></br>"
message += "<div style='width:100%; border: 1px solid " + color + "; padding:10px;font-family: monospace;color:" + color + ";'>" + _message + "</div>"
message += "<p>We will contact you as soon as possible.</p>"
message += "<p>Best regards,</p>"
message += "<p>The Paintomics developers team.</p>"
message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>"
message += "<p>Problems? E-mail <a href='mailto:" + "*****@*****.**" + "'>" + "*****@*****.**" + "</a></p>"
message += '</body></html>'
sendEmail(ROOT_DIRECTORY,
smpt_sender,
smpt_sender_name,
type,
message,
fromEmail=userEmail,
fromName=userName,
isHTML=True)
response.setContent({"success": True})
except Exception as ex:
handleException(response, ex, __file__, "adminServletSendReport")
finally:
return response
def isValidAdminUser(self, user_id, user_name, sessionToken):
self.isValidUser(user_id, sessionToken)
_user = UserDAO().findByID(user_id)
if _user.userName != user_name or not (
user_name in ADMIN_ACCOUNTS.split(",")):
raise Exception("User not allowed")
def userManagementSignIn(request, response):
#VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1.READ PARAMS AND CHECK IF USER ALREADY EXISTS
#****************************************************************
logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...")
formFields = request.form
email = formFields.get("email")
password = formFields.get("password")
from hashlib import sha1
password = sha1(password.encode('ascii')).hexdigest()
daoInstance = UserDAO()
userInstance = daoInstance.findByEmail(email, {"password": password})
if userInstance == None:
raise CredentialException(
"The email or password you entered is incorrect.")
#TODO: LINK PARA ACTIVAR CUENTAS
# elif userInstance.isActivated() == False:
# raise CredentialException("Account not activated, please check your email inbox and follow the instructions for account activation.")
logging.info(
"STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...OK USER EXISTS"
)
#****************************************************************
# Step 2. REGISTER NEW SESSION
#****************************************************************
logging.info("STEP2 - GETTING A NEW SESSION TOKEN...")
sessionToken = UserSessionManager().registerNewUser(
userInstance.getUserId())
#Update the last login date at the database
from time import strftime
today = strftime("%Y%m%d")
userInstance.setLastLogin(today)
daoInstance.update(userInstance, {"fieldList": ["last_login"]})
logging.info("STEP2 - GETTING A NEW SESSION TOKEN...DONE")
#****************************************************************
# Step 3. GET INIT SESSION MESSAGE
#****************************************************************
logging.info("STEP2 - GETTING NEW SESSION MESSAGE...")
daoInstance = MessageDAO()
loginMessage = daoInstance.findByType(message_type="login_message")
response.setContent({
"success": True,
"userID": userInstance.getUserId(),
"userName": userInstance.getUserName(),
"sessionToken": sessionToken,
"loginMessage": loginMessage
})
except CredentialException as ex:
handleException(response, ex, __file__, "userManagementSignIn", 200)
except Exception as ex:
handleException(response, ex, __file__, "userManagementSignIn")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response
def userManagementNewGuestSession(request, response):
#VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1.GENERATE RANDOM PASSWORD AND A RANDOM EMAIL FOR GUEST USER
#****************************************************************
logging.info("STEP1 - GETTING RANDOM PASS AND USER...")
password = getRandowWord(6) #GENERATE A RANDOM PASSWORD USING A WORD
daoInstance = UserDAO()
valid = False
userName = ""
from random import randrange
while valid == False:
userName = "******" + str(randrange(99999))
valid = daoInstance.findByEmail(userName +
"@paintomics.org") == None
#****************************************************************
# Step 2. ADD NEW USER TO DATABASE
#****************************************************************
logging.info(
"STEP2 - CREATING USER INSTANCE AND SAVING TO DATABASE...")
userInstance = User("")
userInstance.setEmail(userName + "@paintomics.org")
from hashlib import sha1
userInstance.setPassword(sha1(password.encode('ascii')).hexdigest())
userInstance.setUserName(userName)
userInstance.setAffiliation("GUEST USER")
#Update the last login date at the database
from time import strftime
today = strftime("%Y%m%d")
userInstance.setCreationDate(today)
userInstance.setLastLogin(today)
userInstance.setIsGuest(True)
userID = daoInstance.insert(userInstance)
#****************************************************************
# Step 3. Create user directories
#****************************************************************
logging.info("STEP3 - INITIALIZING DIRECTORIES...")
initializeUserDirectories(str(userID))
#****************************************************************
# Step 4. Create new session
#****************************************************************
logging.info("STEP4 - GETTING A NEW SESSION TOKEN...")
sessionToken = UserSessionManager().registerNewUser("" + str(userID))
response.setContent({
"success": True,
"userID": userID,
"userName": userInstance.getUserName(),
"sessionToken": sessionToken,
"p": password
})
except Exception as ex:
handleException(response, ex, __file__,
"userManagementNewGuestSession")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response
def userManagementSignUp(request, response, ROOT_DIRECTORY):
#VARIABLE DECLARATION
userInstance = None
daoInstance = None
try:
#****************************************************************
# Step 1.READ PARAMS AND CHECK IF USER ALREADY EXISTS
#****************************************************************
logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...")
formFields = request.form
email = formFields.get("email")
email = email.lower()
password = formFields.get("password")
userName = adapt_string(formFields.get("userName"))
affiliation = adapt_string(formFields.get("affiliation"))
daoInstance = UserDAO()
userInstance = daoInstance.findByEmail(email)
if userInstance != None:
logging.info("STEP1 - ERROR! EMAIL ALREADY AT THE DATABASE...")
raise CredentialException("Email is already registered")
#****************************************************************
# Step 2. Add user to database
#****************************************************************
logging.info(
"STEP2 - CREATING USER INSTANCE AND SAVING TO DATABASE...")
userInstance = User("")
userInstance.setEmail(email)
from hashlib import sha1
userInstance.setPassword(sha1(password.encode('ascii')).hexdigest())
userInstance.setUserName(userName)
userInstance.setAffiliation(affiliation)
#Update the last login date at the database
from time import strftime
today = strftime("%Y%m%d")
userInstance.setCreationDate(today)
userInstance.setLastLogin(today)
userID = daoInstance.insert(userInstance)
#****************************************************************
# Step 3. Sending confirmation email
#****************************************************************
logging.info("STEP3 - SENDING CONFIRMATION EMAIL... TODO!!")
try:
#TODO: SERVER ADDRESS AND ADMIN EMAIL
message = '<html><body>'
message += "<a href='" + "http://bioinfo.cipf.es/paintomics/" + "' target='_blank'>"
message += " <img src='" + "http://bioinfo.cipf.es/paintomics/" + "resources/images/paintomics_white_300x66' border='0' width='150' height='33' alt='Paintomics 3 logo'>"
message += "</a>"
message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>"
message += "<h1>Welcome to Paintomics 3!</h1>"
message += "<p>Thanks for joining, " + userInstance.getUserName(
) + "! You're already able to work with Paintomics.</p>"
message += "<p>Your user name is as follows:</p>"
message += "<p><b>Username:</b> " + userInstance.getEmail(
) + "</p></br>"
message += "<p>Login in to Paintomics 3 at </p><a href='" + "http://bioinfo.cipf.es/paintomics/" + "'>" + "http://bioinfo.cipf.es/paintomics/" + "</a>"
message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>"
message += "<p>Problems? E-mail <a href='mailto:" + "*****@*****.**" + "'>" + "*****@*****.**" + "</a></p>"
message += '</body></html>'
sendEmail(ROOT_DIRECTORY,
userInstance.getEmail(),
userInstance.getUserName(),
"Welcome to Paintomics 3",
message,
isHTML=True)
except Exception:
logging.error("Failed to send the email.")
#****************************************************************
# Step 4. Create user directories
#****************************************************************
logging.info("STEP4 - INITIALIZING DIRECTORIES...")
initializeUserDirectories(str(userID))
response.setContent({"success": True})
except Exception as ex:
handleException(response, ex, __file__, "userManagementSignUp")
finally:
if (daoInstance != None):
daoInstance.closeConnection()
return response