예제 #1
0
    def on_confirm(self):
        password = LoginUser.hash(self.model.password)
        current_branch = api.get_current_branch(self.store)

        try:
            self.retval = LoginUser.authenticate(self.store,
                                                 self.model.username, password,
                                                 current_branch)
        except LoginError as e:
            self.retval = None
            warning(str(e))
예제 #2
0
    def on_confirm(self):
        password = LoginUser.hash(self.model.password)
        current_branch = api.get_current_branch(self.store)

        try:
            self.retval = LoginUser.authenticate(self.store,
                                                 self.model.username, password,
                                                 current_branch)
        except LoginError as e:
            self.retval = None
            warning(str(e))
예제 #3
0
파일: test_person.py 프로젝트: rosalin/stoq
    def test_get_active_users(self):
        active_users_count = LoginUser.get_active_users(self.store).count()

        user = self.create_user()
        active_users = LoginUser.get_active_users(self.store)
        self.assertTrue(user in active_users)
        self.assertEqual(active_users.count(), active_users_count + 1)

        user.inactivate()
        active_users = LoginUser.get_active_users(self.store)
        self.assertFalse(user in active_users)
        self.assertEqual(active_users.count(), active_users_count)
예제 #4
0
    def test_get_active_users(self):
        active_users_count = LoginUser.get_active_users(self.store).count()

        user = self.create_user()
        active_users = LoginUser.get_active_users(self.store)
        self.assertTrue(user in active_users)
        self.assertEqual(active_users.count(), active_users_count + 1)

        user.inactivate()
        active_users = LoginUser.get_active_users(self.store)
        self.assertFalse(user in active_users)
        self.assertEqual(active_users.count(), active_users_count)
예제 #5
0
파일: login.py 프로젝트: Guillon88/stoq
    def cookie_login(self):
        if api.sysparam.get_bool('DISABLE_COOKIES'):
            log.info("Cookies disable by parameter")
            return

        cookie_file = get_utility(ICookieFile)
        try:
            username, password = cookie_file.get()
        except CookieError:
            log.info("Not using cookie based login")
            return

        def is_md5(password):
            # This breaks for passwords that are 32 characters long,
            # uses only digits and lowercase a-f, pretty unlikely as
            # real-world password
            if len(password) != 32:
                return False
            for c in '1234567890abcdef':
                password = password.replace(c, '')
            return password == ''

        # Migrate old passwords to md5 hashes.
        if not is_md5(password):
            password = LoginUser.hash(password)
            cookie_file.store(username, password)

        try:
            user = self._check_user(username, password)
        except (LoginError, UserProfileError, DatabaseError) as e:
            log.info("Cookie login failed: %r" % e)
            return

        log.info("Logging in using cookie credentials")
        return user
예제 #6
0
    def cookie_login(self):
        if api.sysparam.get_bool('DISABLE_COOKIES'):
            log.info("Cookies disable by parameter")
            return

        cookie_file = get_utility(ICookieFile)
        try:
            username, password = cookie_file.get()
        except CookieError:
            log.info("Not using cookie based login")
            return

        def is_md5(password):
            # This breaks for passwords that are 32 characters long,
            # uses only digits and lowercase a-f, pretty unlikely as
            # real-world password
            if len(password) != 32:
                return False
            for c in '1234567890abcdef':
                password = password.replace(c, '')
            return password == ''

        # Migrate old passwords to md5 hashes.
        if not is_md5(password):
            password = LoginUser.hash(password)
            cookie_file.store(username, password)

        try:
            user = self._check_user(username, password)
        except (LoginError, UserProfileError, DatabaseError) as e:
            log.info("Cookie login failed: %r" % e)
            return

        log.info("Logging in using cookie credentials")
        return user
예제 #7
0
 def create_model(self, store):
     person = BasePersonRoleEditor.create_model(self, store)
     return person.login_user or LoginUser(person=person,
                                           store=store,
                                           username=u"",
                                           password=u"",
                                           profile=None)
예제 #8
0
 def test_default_receiving_cfop(self):
     branch = self.create_branch()
     param = self.sparam.get_object(self.store, 'DEFAULT_RECEIVING_CFOP')
     person = Person(name=u'Craudinho', store=self.store)
     Individual(person=person, store=self.store)
     profile = UserProfile(name=u'profile', store=self.store)
     responsible = LoginUser(person=person,
                             store=self.store,
                             password=u'asdfgh',
                             profile=profile,
                             username=u'craudio')
     receiving_order = ReceivingOrder(responsible=responsible,
                                      branch=branch,
                                      store=self.store,
                                      invoice_number=876,
                                      supplier=None)
     param2 = self.sparam.get_object(self.store, 'DEFAULT_SALES_CFOP')
     receiving_order2 = ReceivingOrder(responsible=responsible,
                                       cfop=param2,
                                       branch=branch,
                                       store=self.store,
                                       invoice_number=1231,
                                       supplier=None)
     self.assertEqual(param, receiving_order.cfop)
     self.failIfEqual(param, receiving_order2.cfop)
예제 #9
0
파일: login.py 프로젝트: Guillon88/stoq
    def _check_user(self, username, pw_hash):
        username = unicode(username)
        pw_hash = unicode(pw_hash)
        # This function is really just a post-validation item.
        default_store = api.get_default_store()
        current_branch = api.get_current_branch(default_store)

        user = LoginUser.authenticate(default_store, username, pw_hash,
                                      current_branch)

        # Dont know why, but some users have this empty. Prevent user from
        # login in, since it will break later
        if not user.profile:
            msg = (_("User '%s' has no profile set, "
                     "but this should not happen.") % user.username + '\n\n' +
                   _("Please contact your system administrator or Stoq team."))
            warning(msg)
            raise LoginError(_("User does not have a profile"))

        user.login()

        # ICurrentUser might already be provided which is the case when
        # creating a new database, thus we need to replace it.
        provide_utility(ICurrentUser, user, replace=True)
        return user
예제 #10
0
    def _check_user(self, username, pw_hash):
        username = str(username)
        pw_hash = str(pw_hash)
        # This function is really just a post-validation item.
        default_store = api.get_default_store()
        current_branch = api.get_current_branch(default_store)

        user = LoginUser.authenticate(default_store, username, pw_hash,
                                      current_branch)

        # Dont know why, but some users have this empty. Prevent user from
        # login in, since it will break later
        if not user.profile:
            msg = (_("User '%s' has no profile set, "
                     "but this should not happen.") % user.username + '\n\n' +
                   _("Please contact your system administrator or Stoq team."))
            warning(msg)
            raise LoginError(_("User does not have a profile"))

        user.login()

        # ICurrentUser might already be provided which is the case when
        # creating a new database, thus we need to replace it.
        provide_utility(ICurrentUser, user, replace=True)
        return user
예제 #11
0
 def create_user(self, username=u'username'):
     from stoqlib.domain.person import LoginUser
     individual = self.create_individual()
     profile = self.create_user_profile()
     return LoginUser(person=individual.person,
                      username=username,
                      password=u'password',
                      profile=profile,
                      store=self.store)
예제 #12
0
    def requestAvatarId(self, credentials):
        with api.new_store() as store:
            try:
                login_ok = LoginUser.authenticate(
                    store,
                    unicode(credentials.username),
                    unicode(credentials.password),
                    None)
            except LoginError as err:
                return defer.fail(cred_error.UnauthorizedLogin(str(err)))

        assert login_ok
        return defer.succeed(credentials.username)
예제 #13
0
    def post(self):
        username = self.get_arg('user')
        pw_hash = self.get_arg('pw_hash')

        with api.new_store() as store:
            try:
                # FIXME: Respect the branch the user is in.
                user = LoginUser.authenticate(store, username, pw_hash, current_branch=None)
                provide_utility(ICurrentUser, user, replace=True)
            except LoginError as e:
                abort(403, str(e))

        return user.id
예제 #14
0
파일: login.py 프로젝트: Guillon88/stoq
 def _do_login(self):
     username = unicode(self.username.get_text().strip())
     password = unicode(self.password.get_text().strip())
     password = LoginUser.hash(password)
     self.retval = username, password
     self.set_field_sensitivity(False)
     self.notification_label.set_color('black')
     msg = _(" Authenticating user...")
     self.notification_label.set_text(msg)
     while gtk.events_pending():
         gtk.main_iteration()
     gtk.main_quit()
     self.set_field_sensitivity(True)
예제 #15
0
 def _do_login(self):
     username = str(self.username.get_text().strip())
     password = str(self.password.get_text().strip())
     password = LoginUser.hash(password)
     self.retval = username, password
     self.set_field_sensitivity(False)
     self.notification_label.set_color('black')
     msg = _(" Authenticating user...")
     self.notification_label.set_text(msg)
     while Gtk.events_pending():
         Gtk.main_iteration()
     Gtk.main_quit()
     self.set_field_sensitivity(True)
예제 #16
0
    def get(self, store):
        data = request.args
        request_is_active = data.get('ativo')

        users = store.find(LoginUser)
        if request_is_active == '1':
            users = LoginUser.get_active_users(store)
        elif request_is_active == '0':
            users = users.find(is_active=False)

        network = _get_network_info()
        response = []

        for user in users:
            person_names = _get_person_names(user.person)
            profile = user.profile

            response.append({
                'id':
                user.id,
                'codigo':
                user.username,
                'dataCriacao':
                user.te.te_time.strftime('%Y-%m-%d %H:%M:%S -0300'),
                'dataAlteracao':
                user.te.te_server.strftime('%Y-%m-%d %H:%M:%S -0300'),
                'primeiroNome':
                person_names['primeiroNome'],
                'segundoNome':
                person_names['segundoNome'],
                'sobrenome':
                person_names['sobrenome'],
                'apelido':
                person_names['apelido'],
                # FIXME: Assert every one has profile in database or
                # create a default profile for all?
                'idCargo':
                profile.id if profile else None,
                'codCargo':
                profile.id if profile else None,
                'nomeCargo':
                profile.name if profile else None,
                'redeId':
                network['id'],
                'lojaId':
                None,
                'ativo':
                user.is_active,
            })

        return response
예제 #17
0
    def post(self, store):
        username = self.get_arg('user')
        pw_hash = self.get_arg('pw_hash')
        permission = self.get_arg('permission')

        try:
            # FIXME: Respect the branch the user is in.
            user = LoginUser.authenticate(store, username, pw_hash, current_branch=None)
        except LoginError as e:
            return make_response(str(e), 403)

        if user.profile.check_app_permission(permission):
            return True
        return make_response(_('User does not have permission'), 403)
예제 #18
0
파일: admin.py 프로젝트: 5l1v3r1/stoq-1
def ensure_admin_user(administrator_password):
    log.info("Creating administrator user")

    default_store = get_default_store()
    user = get_admin_user(default_store)

    if user is None:
        store = new_store()
        person = Person(name=_(u'Administrator'), store=store)

        # Dependencies to create an user.
        role = EmployeeRole(name=_(u'System Administrator'), store=store)
        Individual(person=person, store=store)
        employee = Employee(person=person, role=role, store=store)
        EmployeeRoleHistory(store=store,
                            role=role,
                            employee=employee,
                            is_active=True,
                            salary=currency(800))

        # This is usefull when testing a initial database. Admin user actually
        # must have all the facets.
        SalesPerson(person=person, store=store)

        profile = store.find(UserProfile, name=_(u'Administrator')).one()
        # Backwards compatibility. this profile used to be in english
        # FIXME: Maybe its safe to assume the first profile in the table is
        # the admin.
        if not profile:
            profile = store.find(UserProfile, name=u'Administrator').one()

        log.info("Attaching a LoginUser (%s)" % (USER_ADMIN_DEFAULT_NAME, ))
        LoginUser(person=person,
                  username=USER_ADMIN_DEFAULT_NAME,
                  password=administrator_password,
                  profile=profile,
                  store=store)

        store.commit(close=True)

    # Fetch the user again, this time from the right connection
    user = get_admin_user(default_store)
    assert user

    user.set_password(administrator_password)

    # We can't provide the utility until it's actually in the database
    log.info('providing utility ICurrentUser')
    provide_utility(ICurrentUser, user)
예제 #19
0
    def process_one(self, data, fields, store):
        person = Person(
            store=store,
            name=data.name,
            phone_number=data.phone_number,
            mobile_number=data.mobile_number)

        Individual(person=person,
                   store=store,
                   cpf=data.cpf,
                   rg_number=data.rg)

        role = EmployeeRole(store=store, name=data.role)

        employee = Employee(person=person,
                            store=store,
                            role=role,
                            salary=int(data.salary),
                            registry_number=data.employee_number)

        start = self.parse_date(data.start)
        EmployeeRoleHistory(
            store=store, role=role,
            employee=employee,
            is_active=True,
            began=start,
            salary=int(data.salary))

        ctloc = CityLocation.get_or_create(store=store,
                                           city=data.city,
                                           state=data.state,
                                           country=data.country)
        streetnumber = data.streetnumber and int(data.streetnumber) or None
        Address(is_main_address=True,
                person=person,
                city_location=ctloc,
                store=store,
                street=data.street,
                streetnumber=streetnumber,
                district=data.district)

        if self.create_users:
            profile = store.find(UserProfile, name=data.profile).one()
            LoginUser(person=person, store=store, profile=profile,
                      username=data.username,
                      password=data.password)

        SalesPerson(person=person, store=store)
예제 #20
0
    def do_GET(self):
        auth = self.headers.getheader('Authorization')
        if not auth or not auth.startswith('Basic '):
            self.do_AUTHHEAD()
            self.wfile.write('Missing authentication')
            return

        encoded_auth = auth.replace('Basic ', '')
        username, password = base64.b64decode(encoded_auth).split(':')
        with api.new_store() as store:
            try:
                login_ok = LoginUser.authenticate(
                    store, str(username), str(password), None)
            except LoginError:
                login_ok = False

        if not login_ok:
            self.send_error(403, "User not found")
            return

        return http.server.SimpleHTTPRequestHandler.do_GET(self)
예제 #21
0
    def do_GET(self):
        auth = self.headers.getheader('Authorization')
        if not auth or not auth.startswith('Basic '):
            self.do_AUTHHEAD()
            self.wfile.write('Missing authentication')
            return

        encoded_auth = auth.replace('Basic ', '')
        username, password = base64.b64decode(encoded_auth).split(':')
        with api.new_store() as store:
            try:
                login_ok = LoginUser.authenticate(store, unicode(username),
                                                  unicode(password), None)
            except LoginError:
                login_ok = False

        if not login_ok:
            self.send_error(403, "User not found")
            return

        return SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
예제 #22
0
 def _fill_execution_responsible_combo(self):
     users = LoginUser.get_active_users(self.store)
     self.execution_responsible.prefill(api.for_person_combo(users))
예제 #23
0
 def _fill_execution_responsible_combo(self):
     users = LoginUser.get_active_users(self.store)
     self.execution_responsible.prefill(api.for_person_combo(users))
예제 #24
0
    def validate_user(self):
        """ Checks if an user can log in or not.
        :returns: a user object
        """
        # If there is only one user, and that user is admin with a blank
        # password, just log the user in
        store = api.get_default_store()
        if store.find(LoginUser).count() == 1:
            try:
                return self._check_user(u'admin', LoginUser.hash(u''))
            except Exception:
                pass

        log.info("Showing login dialog")
        # Loop for logins
        retry = 0
        retry_msg = None
        dialog = None

        while retry < RETRY_NUMBER:
            username = self._force_username
            password = None

            if not dialog:
                dialog = LoginDialog(_("Stoq - Access Control"))
            if self._force_username:
                dialog.force_username(username)

            ret = dialog.run(username, password, msg=retry_msg)

            # user cancelled (escaped) the login dialog
            if not ret:
                return

            # Use credentials
            if not (isinstance(ret, (tuple, list)) and len(ret) == 2):
                raise ValueError('Invalid return value, got %s'
                                 % str(ret))

            username, password = ret

            if not username:
                retry_msg = _("specify an username")
                continue

            try:
                user = self._check_user(username, password)
            except (LoginError, UserProfileError) as e:
                # We don't hide the dialog here; it's kept open so the
                # next loop we just can call run() and display the error
                cookie = get_utility(ICookieFile, None)
                if cookie:
                    cookie.clear()
                retry += 1
                retry_msg = str(e)
            except DatabaseError as e:
                if dialog:
                    dialog.destroy()
                self._abort(str(e))
            else:
                log.info("Authenticated user %s" % username)
                self._force_username = None

                if dialog.remember.get_active():
                    get_utility(ICookieFile).store(user.username,
                                                   user.pw_hash)

                if dialog:
                    dialog.destroy()

                return user

        if dialog:
            dialog.destroy()
        raise LoginError(_("Depleted attempts of authentication"))