def adminServletDeleteUser(request, response, toDeleteUserID): """ This function... @param {Request} request, the request object @param {Response} response, the response object """ try: #**************************************************************** # Step 0.CHECK IF VALID USER SESSION #**************************************************************** logging.info("STEP0 - CHECK IF VALID USER....") userID = request.cookies.get('userID') sessionToken = request.cookies.get('sessionToken') userName = request.cookies.get('userName') UserSessionManager().isValidAdminUser(userID, userName, sessionToken) if toDeleteUserID == "0": response.setContent({"success": False}) else: jobDAOInstance = JobDAO() filesDAOInstance = FileDAO() userDAOInstance = UserDAO() logging.info("STEP1 - CLEANING DATA FOR " + toDeleteUserID + "...") #**************************************************************** # Step 1. DELETE ALL JOBS FOR THE USER #**************************************************************** allJobs = jobDAOInstance.findAll( otherParams={"userID": toDeleteUserID}) jobID = "" for jobInstance in allJobs: jobID = jobInstance.getJobID() logging.info("STEP2 - REMOVING " + jobID + " FROM DATABASE...") jobDAOInstance.remove(jobInstance.getJobID(), otherParams={"userID": toDeleteUserID}) #**************************************************************** # Step 3. DELETE ALL FILES FOR THE USER #**************************************************************** logging.info("STEP3 - REMOVING ALL FILES FROM DATABASE...") filesDAOInstance.removeAll(otherParams={"userID": toDeleteUserID}) logging.info("STEP3 - REMOVING ALL FILES FROM USER DIRECTORY...") if os_path.isdir(CLIENT_TMP_DIR + toDeleteUserID): shutil_rmtree(CLIENT_TMP_DIR + toDeleteUserID) #**************************************************************** # Step 4. DELETE THE USER INSTANCE FROM DATABASE #**************************************************************** logging.info("STEP6 - REMOVING ALL FILES FROM DATABASE...") userDAOInstance.remove(int(toDeleteUserID)) response.setContent({"success": True}) except Exception as ex: handleException(response, ex, __file__, "adminServletDeleteUser") finally: return response
def userManagementChangePassword(request, response): # VARIABLE DECLARATION userInstance = None daoInstance = None try: #**************************************************************** # Step 1. CHECK IF VALID USER SESSION #**************************************************************** logging.info("STEP0 - CHECK IF VALID USER....") userID = request.cookies.get('userID') sessionToken = request.cookies.get('sessionToken') UserSessionManager().isValidUser(userID, sessionToken) # **************************************************************** # Step 2.READ THE NEW PASS # **************************************************************** logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...") password = request.form.get("password") from hashlib import sha1 password = sha1(password.encode('ascii')).hexdigest() daoInstance = UserDAO() userInstance = daoInstance.findByID(userID) if userInstance == None: raise CredentialException( "The email or password you entered is incorrect.") # **************************************************************** # Step 3. UPDATE THE MODEL # **************************************************************** userInstance.setPassword(password) daoInstance.update(userInstance, {}) response.setContent({"success": True}) except CredentialException as ex: handleException(response, ex, __file__, "userManagementChangePassword", 200) except Exception as ex: handleException(response, ex, __file__, "userManagementChangePassword") finally: if (daoInstance != None): daoInstance.closeConnection() return response
def adminServletGetAllUsers(request, response): """ This function obtains a list of all the users registered in the system including different details such as the used space, the registration date, etc. @param {Request} request, the request object @param {Response} response, the response object """ try: #**************************************************************** # Step 0.CHECK IF VALID USER SESSION #**************************************************************** logging.info("STEP0 - CHECK IF VALID USER....") userID = request.cookies.get('userID') sessionToken = request.cookies.get('sessionToken') userName = request.cookies.get('userName') UserSessionManager().isValidAdminUser(userID, userName, sessionToken) #**************************************************************** # Step 1. GET THE LIST OF ALL USERS #**************************************************************** logging.info("STEP1 - GET THE LIST OF ALL USERS...") userList = UserDAO().findAll() for userInstance in userList: userInstance.usedSpace = 0 if os_path.isdir(CLIENT_TMP_DIR + str(userInstance.getUserId())): userInstance.usedSpace = dir_total_size( CLIENT_TMP_DIR + str(userInstance.getUserId())) response.setContent({ "success": True, "userList": userList, "availableSpace": MAX_CLIENT_SPACE, "max_jobs_days": MAX_JOB_DAYS, "max_guest_days": MAX_GUEST_DAYS }) except Exception as ex: handleException(response, ex, __file__, "adminServletGetAllUsers") finally: return response
def adminServletSendReport(request, response, ROOT_DIRECTORY): """ This function... @param {Request} request, the request object @param {Response} response, the response object """ try: #logging.info("STEP0 - CHECK IF VALID USER....") #**************************************************************** # Step 0.CHECK IF VALID USER SESSION #**************************************************************** userID = request.cookies.get('userID') #sessionToken = request.cookies.get('sessionToken') #UserSessionManager().isValidUser(userID, sessionToken) #**************************************************************** # Step 1.GET THE SPECIE CODE AND THE UPDATE OPTION #**************************************************************** formFields = request.form if userID is not None: userEmail = UserDAO().findByID(userID) userName = userEmail.getUserName() userEmail = userEmail.getEmail() else: userEmail = formFields.get("fromEmail", smpt_sender) userName = formFields.get("fromName", "No name provided") type = formFields.get("type") _message = formFields.get("message") title = "Other request" color = "#333" if type == "error": type = "Error notification" title = "<h1>New error notification</h1>" color = "#f95959" elif type == "specie_request": type = "New specie requesting" title = "<h1>New organism requested</h1>" color = "#0090ff" else: type = "Other request" message = '<html><body>' message += "<a href='" + "http://bioinfo.cipf.es/paintomics/" + "' target='_blank'>" message += " <img src='cid:image1' border='0' width='auto' height='50' alt='Paintomics 3 logo'>" message += "</a>" message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>" message += "<h1>" + title + "</h1>" message += "<p>Thanks for the report, " + userName + "!</p>" message += "<p><b>Username:</b> " + userEmail + "</p></br>" message += "<div style='width:100%; border: 1px solid " + color + "; padding:10px;font-family: monospace;color:" + color + ";'>" + _message + "</div>" message += "<p>We will contact you as soon as possible.</p>" message += "<p>Best regards,</p>" message += "<p>The Paintomics developers team.</p>" message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>" message += "<p>Problems? E-mail <a href='mailto:" + "*****@*****.**" + "'>" + "*****@*****.**" + "</a></p>" message += '</body></html>' sendEmail(ROOT_DIRECTORY, smpt_sender, smpt_sender_name, type, message, fromEmail=userEmail, fromName=userName, isHTML=True) response.setContent({"success": True}) except Exception as ex: handleException(response, ex, __file__, "adminServletSendReport") finally: return response
def isValidAdminUser(self, user_id, user_name, sessionToken): self.isValidUser(user_id, sessionToken) _user = UserDAO().findByID(user_id) if _user.userName != user_name or not ( user_name in ADMIN_ACCOUNTS.split(",")): raise Exception("User not allowed")
def userManagementSignIn(request, response): #VARIABLE DECLARATION userInstance = None daoInstance = None try: #**************************************************************** # Step 1.READ PARAMS AND CHECK IF USER ALREADY EXISTS #**************************************************************** logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...") formFields = request.form email = formFields.get("email") password = formFields.get("password") from hashlib import sha1 password = sha1(password.encode('ascii')).hexdigest() daoInstance = UserDAO() userInstance = daoInstance.findByEmail(email, {"password": password}) if userInstance == None: raise CredentialException( "The email or password you entered is incorrect.") #TODO: LINK PARA ACTIVAR CUENTAS # elif userInstance.isActivated() == False: # raise CredentialException("Account not activated, please check your email inbox and follow the instructions for account activation.") logging.info( "STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...OK USER EXISTS" ) #**************************************************************** # Step 2. REGISTER NEW SESSION #**************************************************************** logging.info("STEP2 - GETTING A NEW SESSION TOKEN...") sessionToken = UserSessionManager().registerNewUser( userInstance.getUserId()) #Update the last login date at the database from time import strftime today = strftime("%Y%m%d") userInstance.setLastLogin(today) daoInstance.update(userInstance, {"fieldList": ["last_login"]}) logging.info("STEP2 - GETTING A NEW SESSION TOKEN...DONE") #**************************************************************** # Step 3. GET INIT SESSION MESSAGE #**************************************************************** logging.info("STEP2 - GETTING NEW SESSION MESSAGE...") daoInstance = MessageDAO() loginMessage = daoInstance.findByType(message_type="login_message") response.setContent({ "success": True, "userID": userInstance.getUserId(), "userName": userInstance.getUserName(), "sessionToken": sessionToken, "loginMessage": loginMessage }) except CredentialException as ex: handleException(response, ex, __file__, "userManagementSignIn", 200) except Exception as ex: handleException(response, ex, __file__, "userManagementSignIn") finally: if (daoInstance != None): daoInstance.closeConnection() return response
def userManagementNewGuestSession(request, response): #VARIABLE DECLARATION userInstance = None daoInstance = None try: #**************************************************************** # Step 1.GENERATE RANDOM PASSWORD AND A RANDOM EMAIL FOR GUEST USER #**************************************************************** logging.info("STEP1 - GETTING RANDOM PASS AND USER...") password = getRandowWord(6) #GENERATE A RANDOM PASSWORD USING A WORD daoInstance = UserDAO() valid = False userName = "" from random import randrange while valid == False: userName = "******" + str(randrange(99999)) valid = daoInstance.findByEmail(userName + "@paintomics.org") == None #**************************************************************** # Step 2. ADD NEW USER TO DATABASE #**************************************************************** logging.info( "STEP2 - CREATING USER INSTANCE AND SAVING TO DATABASE...") userInstance = User("") userInstance.setEmail(userName + "@paintomics.org") from hashlib import sha1 userInstance.setPassword(sha1(password.encode('ascii')).hexdigest()) userInstance.setUserName(userName) userInstance.setAffiliation("GUEST USER") #Update the last login date at the database from time import strftime today = strftime("%Y%m%d") userInstance.setCreationDate(today) userInstance.setLastLogin(today) userInstance.setIsGuest(True) userID = daoInstance.insert(userInstance) #**************************************************************** # Step 3. Create user directories #**************************************************************** logging.info("STEP3 - INITIALIZING DIRECTORIES...") initializeUserDirectories(str(userID)) #**************************************************************** # Step 4. Create new session #**************************************************************** logging.info("STEP4 - GETTING A NEW SESSION TOKEN...") sessionToken = UserSessionManager().registerNewUser("" + str(userID)) response.setContent({ "success": True, "userID": userID, "userName": userInstance.getUserName(), "sessionToken": sessionToken, "p": password }) except Exception as ex: handleException(response, ex, __file__, "userManagementNewGuestSession") finally: if (daoInstance != None): daoInstance.closeConnection() return response
def userManagementSignUp(request, response, ROOT_DIRECTORY): #VARIABLE DECLARATION userInstance = None daoInstance = None try: #**************************************************************** # Step 1.READ PARAMS AND CHECK IF USER ALREADY EXISTS #**************************************************************** logging.info("STEP1 - READ PARAMS AND CHECK IF USER ALREADY EXISTS...") formFields = request.form email = formFields.get("email") email = email.lower() password = formFields.get("password") userName = adapt_string(formFields.get("userName")) affiliation = adapt_string(formFields.get("affiliation")) daoInstance = UserDAO() userInstance = daoInstance.findByEmail(email) if userInstance != None: logging.info("STEP1 - ERROR! EMAIL ALREADY AT THE DATABASE...") raise CredentialException("Email is already registered") #**************************************************************** # Step 2. Add user to database #**************************************************************** logging.info( "STEP2 - CREATING USER INSTANCE AND SAVING TO DATABASE...") userInstance = User("") userInstance.setEmail(email) from hashlib import sha1 userInstance.setPassword(sha1(password.encode('ascii')).hexdigest()) userInstance.setUserName(userName) userInstance.setAffiliation(affiliation) #Update the last login date at the database from time import strftime today = strftime("%Y%m%d") userInstance.setCreationDate(today) userInstance.setLastLogin(today) userID = daoInstance.insert(userInstance) #**************************************************************** # Step 3. Sending confirmation email #**************************************************************** logging.info("STEP3 - SENDING CONFIRMATION EMAIL... TODO!!") try: #TODO: SERVER ADDRESS AND ADMIN EMAIL message = '<html><body>' message += "<a href='" + "http://bioinfo.cipf.es/paintomics/" + "' target='_blank'>" message += " <img src='" + "http://bioinfo.cipf.es/paintomics/" + "resources/images/paintomics_white_300x66' border='0' width='150' height='33' alt='Paintomics 3 logo'>" message += "</a>" message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>" message += "<h1>Welcome to Paintomics 3!</h1>" message += "<p>Thanks for joining, " + userInstance.getUserName( ) + "! You're already able to work with Paintomics.</p>" message += "<p>Your user name is as follows:</p>" message += "<p><b>Username:</b> " + userInstance.getEmail( ) + "</p></br>" message += "<p>Login in to Paintomics 3 at </p><a href='" + "http://bioinfo.cipf.es/paintomics/" + "'>" + "http://bioinfo.cipf.es/paintomics/" + "</a>" message += "<div style='width:100%; height:10px; border-top: 1px dotted #333; margin-top:20px; margin-bottom:30px;'></div>" message += "<p>Problems? E-mail <a href='mailto:" + "*****@*****.**" + "'>" + "*****@*****.**" + "</a></p>" message += '</body></html>' sendEmail(ROOT_DIRECTORY, userInstance.getEmail(), userInstance.getUserName(), "Welcome to Paintomics 3", message, isHTML=True) except Exception: logging.error("Failed to send the email.") #**************************************************************** # Step 4. Create user directories #**************************************************************** logging.info("STEP4 - INITIALIZING DIRECTORIES...") initializeUserDirectories(str(userID)) response.setContent({"success": True}) except Exception as ex: handleException(response, ex, __file__, "userManagementSignUp") finally: if (daoInstance != None): daoInstance.closeConnection() return response