def addsampledata():
"""Add sample data"""
OrganizationGroup._OrganizationGroup__insert_defaults()
ReportType._ReportType__insert_defaults()
Role._Role__insert_defaults()
Country._Country__insert_defaults()
MembershipRole._MembershipRole__insert_defaults()
adm = Role.query.filter_by(permissions=0xff).first()
o = Organization(
abbreviation="CERT-EU",
full_name="Computer Emergency Response Team for EU "
"Institutions Agencies and Bodies",
ip_ranges=['212.8.189.16/28'],
abuse_emails=['*****@*****.**'],
contact_emails=[ContactEmail(email='*****@*****.**')],
asns=[5400],
fqdns=['cert.europa.eu'])
db.session.add(o)
db.session.commit()
user = User(name='testadmin',
email='*****@*****.**',
password='******',
role=adm)
db.session.add(user)
db.session.commit()
click.echo('Done')
def addsampledata(client):
"""Add sample testing data"""
OrganizationGroup._OrganizationGroup__insert_defaults()
ReportType._ReportType__insert_defaults()
Role._Role__insert_defaults()
o = Organization(
abbreviation="CERT-EU",
full_name="Computer Emergency Response Team for EU "
"Institutions Agencies and Bodies",
ip_ranges=['212.8.189.16/28'],
abuse_emails=['*****@*****.**'],
contact_emails=[ContactEmail(email='*****@*****.**')],
asns=[5400],
fqdns=['cert.europa.eu'])
_db.session.add(o)
_db.session.commit()
def update_cp_organization(org_id):
"""Update organization details
**Example request**:
.. sourcecode:: http
PUT /api/1.0/organizations HTTP/1.1
Host: cp.cert.europa.eu
Accept: application/json
Content-Type: application/json
{
"abbreviation": "CERT-EU",
"abuse_emails": ["*****@*****.**"],
"asns": [5400],
"contact_emails": [
{
"email": "*****@*****.**",
"cp": true
}
],
"fqdns": ["cert.europa.eu"],
"full_name": "Computer Emergency Response Team for EU...",
"group": {
"color": "#0033cc",
"id": 1,
"name": "Constituents"
},
"group_id": 1,
"id": 185,
"ip_ranges": [
"212.8.189.16/28"
],
"mail_template": "EnglishReport",
"mail_times": 3600,
"old_ID": "00",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: application/json
{
"message": "Organization saved"
}
**Example validation error**:
.. sourcecode:: http
HTTP/1.0 400 BAD REQUEST
Content-Type: application/json
{
"message": "'abbreviation' is a required property",
"validator": "required"
}
:reqheader Accept: Content type(s) accepted by the client
:resheader Content-Type: this depends on `Accept` header or request
:<json integer id: Unique ID of organization
:<json string abbreviation: Abbreviation of organization
:<json string full_name: Full official name of organization
:<json string mail_template: Template used by AbuseHelper
:<json integer mail_times: E-mailing time interval, in seconds
:<json string old_ID: ID used in the legacu excel sheet
:<json integer group_id: Unique ID of the belonging group
:<json object group: Group information
:<json array abuse_emails: E-mail addresses used to send abuse information
:<json array contact_emails: Contact e-mail addresses
:<jsonarr string email: E-mail address
:<jsonarr boolean cp: CP access flag
:<jsonarr boolean fmb: Functional mailbox marker
:<json array asns: AS numbers
:<json array fqdns: List of FQDNs
:<json array ip_ranges: List of IP ranges used by this organization
:>json string message: Status message
:status 200: Organization details were successfully updated
:status 400: Bad request
:status 422: Validation error
"""
o = Organization.query.filter(
Organization.id == org_id
).first()
if not o:
return redirect(url_for('cp.add_cp_organization'))
if not g.user.may_handle_organization(o):
abort(403)
untouchables_ = ['is_sla', 'mail_template', 'group_id', 'old_ID', 'group',
'group_id', 'parent_org_abbreviation']
for k in untouchables_:
request.json.pop(k, None)
contact_emails = request.json.pop('contact_emails', [])
abuse_emails = request.json.pop('abuse_emails', [])
o.from_json(request.json)
o.contact_emails = []
o.abuse_emails = []
for ac in abuse_emails:
o.abuse_emails.append(ac)
for e in contact_emails:
cp = e.get('cp', False)
fmb = e.get('fmb', False)
o.contact_emails.append(
ContactEmail(
email_=Email(email=e['email']),
fmb=fmb,
cp=cp))
db.session.add(o)
db.session.commit()
return ApiResponse({'message': 'Organization saved'})
def add_cp_organization():
"""Add new organization
When adding a new organization only the full name and abbreviation are
required.
**Example request**:
.. sourcecode:: http
POST /api/1.0/organizations HTTP/1.1
Host: do.cert.europa.eu
Accept: application/json
Content-Type: application/json
{
"abbreviation": "BEREC1",
"abuse_emails": [
"*****@*****.**"
],
"asns": [
8194
],
"contact_emails": [
{
"email": "*****@*****.**",
"cp": true
}
],
"fqdns": [
"berec.europa.eu"
],
"full_name": "New Body of European Regulators for Electronic...",
"group_id": 1,
"ip_ranges": [
"212.70.173.66/32",
"212.70.173.67/32",
"212.70.173.68/32"
],
"mail_template": "EnglishReport",
"mail_times": 3600,
"old_ID": "64"
"parent_org_id": 95
}
**Example response**:
.. sourcecode:: http
HTTP/1.0 201 CREATED
Content-Type: application/json
{
"message": "Organization saved"
}
**Example validation error**:
.. sourcecode:: http
HTTP/1.0 400 BAD REQUEST
Content-Type: application/json
{
"message": "'abbreviation' is a required property",
"validator": "required"
}
:reqheader Accept: Content type(s) accepted by the client
:reqheader API-Authorization: API key. If present authentication and
authorization will be attempted.
:resheader Content-Type: this depends on `Accept` header or request
:<json string abbreviation: Abbreviation of organization
:<json string full_name: Full official name of organization
:<json string mail_template: Template used by AbuseHelper.
Default is EnglishReport
:<json integer mail_times: E-mailing time interval, in seconds.
Default is 3600
:<json string old_ID: ID used in the legacu excel sheet
:<json integer group_id: Unique ID of the belonging group
:<json object group: Group information
:<json array abuse_emails: E-mail addresses
:<json array contact_emails: Contact e-mail addresses
:<jsonarr string email: E-mail address
:<jsonarr boolean cp: CP access flag
:<jsonarr boolean fmb: Functional mailbox marker
:<json array asns: AS numbers
:<json array fqdns: List of FQDNs
:<json array ip_ranges: List of IP ranges used by this organization
:<json integer parent_org_id: Parent organization ID
:>json string message: Status message
:>json integer id: organization ID
:status 200: Organization details were successfully updated
:status 400: Bad request
:status 401: Authorization failure. The client MAY repeat the request with
a suitable API-Authorization header field. If the request already
included Authorization credentials, then the 401 response indicates
that authorization has been refused for those credentials.
:status 403: Access denied. Authorization will not help and the request
SHOULD NOT be repeated.
"""
o = Organization.fromdict(request.json)
parent_org = Organization.query.get(o.parent_org_id)
if not parent_org or not g.user.may_handle_organization(parent_org):
abort(403)
try:
contact_emails = request.json.pop('contact_emails')
for e in contact_emails:
cp = e.get('cp', False)
o.contact_emails.append(
ContactEmail(
email_=Email(email=e['email']),
cp=cp))
except KeyError as ke:
print('No contact emails provided: {}'.format(ke))
db.session.add(o)
db.session.commit()
return ApiResponse({'organization': o.serialize(),
'message': 'Organization added'}, 201, \
{'Location': url_for('cp.get_cp_organization', org_id=o.id)})
def register():
"""Register new constituent account
.. note::
The email address will be added to :class:`~app.models.Email` and
:attr:`~app.models.ContactEmail.cp` will be enabled.
**Example request**:
.. sourcecode:: http
POST /api/1.0/auth/register HTTP/1.1
Host: do.cert.europa.eu
Accept: application/json
{
"organization_id": 317,
"name": "BEREC ([email protected])",
"email": "*****@*****.**"
}
**Example response**:
.. sourcecode:: http
HTTP/1.0 201 CREATED
Content-Type: application/json
{
"message": "User registered. An activation email was sent to ..."
}
:reqheader Accept: Content type(s) accepted by the client
:resheader Content-Type: this depends on `Accept` header or request
:>json integer organization_id: Organization unique ID
:>json string name: Name of account
:>json string email: E-mail address
:status 201: Account created.
"""
org = Organization.query.filter_by(id=request.json['organization_id']).\
first_or_404()
eml = ContactEmail.query.filter_by(
email=request.json['email'],
organization_id=request.json['organization_id']).first()
if not eml:
eml = ContactEmail.fromdict(request.json)
eml.cp = True
user = User.fromdict(request.json)
user.password = _random_ascii()
user.api_key = user.generate_api_key()
if org.is_sla:
roles = Role.query.filter(db.not_(Role.permissions == 0xff)).all()
for role in roles:
if ((role.permissions
& Permission.SLAACTIONS) == Permission.SLAACTIONS):
user.role = role
break
db.session.add(user)
db.session.add(eml)
try:
db.session.commit()
except Exception as e:
db.session.rollback()
db.session.flush()
raise e
expiry = 72 * 3600
activation_token = user.generate_reset_token(expiry)
send_email('Your account details', [user.email],
'auth/email/activate_account',
user=user,
webroot=current_app.config['CP_WEB_ROOT'],
token=activation_token,
expiry=expiry / 60)
msg = 'User registered. An activation email was sent to {}'
return ApiResponse({'message': msg.format(user.email)}, 201)