Exemplo n.º 1
0
def invited_user(email):
    # Validate email with https://github.com/JoshData/python-email-validator  ?
    # Setup a temporary user so that we can add the ACL
    # Also setup the pre-registration info they can
    name = email.split('@', 1)[0]
    count = 1
    check_name = name
    while True:
        user = DBSession.query(BQUser).filter_by(
            resource_name=check_name).first()
        if user is None:
            name = check_name
            break
        check_name = name + str(count)
        count += 1

    password = ''.join(random.SystemRandom().choice(string.ascii_uppercase +
                                                    string.digits)
                       for _ in range(6))
    log.debug('AUTH: tg_user name=%s email=%s display=%s', name, email, email)
    tg_user = User(user_name=name,
                   password=password,
                   email_address=email,
                   display_name=email)
    try:
        DBSession.add(tg_user)
        DBSession.flush()
        data_service.cache_invalidate("/data_service/user")
    except sqlalchemy.exc.IntegrityError:
        log.exception('During user invitation')
    log.debug("AUTH: tg_user = %s", str(tg_user))

    # we should have created the BQUser by now.
    user = DBSession.query(BQUser).filter_by(resource_name=name).first()
    return (user, password)
Exemplo n.º 2
0
    def post_user(self, doc, **kw):
        """
            Creates new user with tags, the owner of the tags is assigned to the user

            document format:
                <user name="user">
                    <tag name="password" value="12345"/>
                    <tag name="email" value="*****@*****.**"/>
                    <tag name="display_name" value="user"/>
                </user>
        """
        userxml = etree.fromstring(doc)
        required_tags = ['user_name', 'password', 'email', 'display_name']
        tags = {}
        if userxml.tag == 'user':
            user_name = userxml.attrib['name']
            if user_name:
                tags['user_name'] = user_name
                for t in userxml.xpath('tag'):
                    tags[t.get('name')] = t.get('value')
                    #if (t.attrib['name']=='password') or (t.attrib['name']=='email'):
                    if t.get('name') in REMOVE_TAGS:
                        t.getparent().remove(t)  #removes email and password
                        if t.attrib['name'] == 'email':
                            userxml.attrib['value'] = t.attrib[
                                'value']  #set it as value of the user
                if all(k in tags for k in required_tags):
                    log.debug("ADMIN: Adding user: %s", str(user_name))
                    u = User(user_name=tags['user_name'],
                             password=tags['password'],
                             email_address=tags['email'],
                             display_name=tags['display_name'])
                    DBSession.add(u)
                    self._update_groups(u, tags.get('groups', '').split(','))
                    try:
                        transaction.commit()
                    except IntegrityError:
                        abort(
                            405,
                            'Another user already has this user name or email address'
                        )
                    #r = BQUser.query.filter(BQUser.resource_name == tags['user_name']).first()
                    r = data_service.query(resource_type='user',
                                           name=tags['user_name'],
                                           wpublic=1)
                    if len(r) > 0:
                        admin = get_username()  #get admin user
                        set_current_user(
                            tags['user_name']
                        )  #change document as user so that all changes are owned by the new user
                        r = data_service.update_resource(
                            '/data_service/%s' %
                            r[0].attrib.get('resource_uniq'),
                            new_resource=userxml)
                        set_current_user(admin)  #set back to admin user
                        return self.get_user(
                            '%s' % r.attrib.get('resource_uniq'), **kw)
                    else:
                        abort(400)
        abort(400)
Exemplo n.º 3
0
    def __init__(self, user_name=None, password=None,
					email_address=None, display_name=None,
					create_tg=False, tg_user = None, create_store=True,**kw):
        super(BQUser, self).__init__()
        if not display_name: display_name = user_name

        if create_tg and tg_user is None:
            tg_user = User()
            tg_user.user_name = user_name
            tg_user.email_address = email_address
            tg_user.password = password
            tg_user.display_name = display_name
            DBSession.add(tg_user)

        self.permission = 'published'
        self.resource_name = tg_user.user_name
        self.resource_value = tg_user.email_address
        dn = Tag (parent = self)
        dn.name = 'display_name'
        dn.value = tg_user.display_name or tg_user.user_name
        dn.owner = self
        self.owner = self
        self.permission = 'published'

        if create_store:
            #from bq.commands.stores import init_stores
            #init_stores (tg_user.user_name)
            root_store = BQStore(owner_id = self)
            root_store.resource_name='(root)'
            root_store.resource_unid='(root)'
            DBSession.add(root_store)
Exemplo n.º 4
0
 def setUp(self):
     """Prepare model test fixture."""
     try:
         new_attrs = {}
         new_attrs.update(self.attrs)
         new_attrs.update(self.do_get_dependencies())
         self.obj = self.klass(**new_attrs)  #pylint: disable=not-callable
         DBSession.add(self.obj)
         DBSession.flush()
         return self.obj
     except Exception:
         DBSession.rollback()
         raise
Exemplo n.º 5
0
def bquser_callback (tg_user, operation, **kw):
    # Deleted users will receive and update callback
    if tg_user is None:
        return
    if operation =='create':
        u = DBSession.query(BQUser).filter_by(resource_name=tg_user.user_name).first()
        if u is None:
            u = BQUser(tg_user=tg_user)
            DBSession.add(u)
            log.info ('created BQUSER %s' , u.name)
        return
    if operation  == 'update':
        u = DBSession.query(BQUser).filter_by(resource_name=tg_user.user_name).first()
        if u is not None:
            u.value = tg_user.email_address
            dn = u.findtag('display_name', create=True)
            dn.value = tg_user.display_name
            dn.permission = 'published'
            log.info ('updated BQUSER %s' , u.name)
        return
Exemplo n.º 6
0
    def new_group(self, *args, **kw):
        if len(args):
            group_names = args
        else:
            content_type = request.headers.get('Content-Type')
            inputer = find_inputer(content_type)
            els = inputer(request.body_file)
            group_names = els.xpath('//group/@name')
        resource = etree.Element('resource')
        for nm in group_names:
            g = Group(group_name=nm)
            DBSession.add(g)
            etree.SubElement(resource, 'group', name=nm)

        try:
            transaction.commit()
        except (IntegrityError, InvalidRequestError) as e:
            transaction.abort()
            abort(400, "Bad request %s" % e)

        return resource
Exemplo n.º 7
0
    def new_user (cls, email, password, create_tg = False):
        bquser =  cls( user_name= email,
                       email_address=email,
                       display_name=email,
                       password = password)
        DBSession.add (bquser)
        DBSession.flush()
        DBSession.refresh(bquser)
        bquser.owner_id = bquser.id

        if create_tg:
            tg_user = User()
            tg_user.user_name = email
            tg_user.email_address = email
            tg_user.password = password
            tg_user.display_name = email
            #tg_user.dough_user_id = self.id
            DBSession.add(tg_user)
            DBSession.flush()

        return bquser
Exemplo n.º 8
0
def bisquik2db_internal(inputs, parent, resource, replace):
    '''Parse a document (either as a doc, or an etree.
    Verify against xmlschema if present
    '''
    results = []
    if parent is not None:
        parent = DBSession.merge(parent)
    if resource is not None:
        resource = DBSession.merge(resource)
    ts = datetime.now()

    for el in inputs:
        node = updateDB(root=el,
                        parent=parent,
                        resource=resource,
                        replace=replace,
                        ts=ts)
        log.debug("returned %s ", str(node))
        log.debug('modified : new (%d), dirty (%d), deleted(%d)',
                  len(DBSession.new), len(DBSession.dirty),
                  len(DBSession.deleted))  # pylint: disable=no-member
        if node not in DBSession:  # pylint: disable=unsupported-membership-test
            # pylint: disable=no-member
            DBSession.add(node)
        #log.debug ("node.document = %s"  , str( node.document))
        node.document.ts = ts
        results.append(node)

    #DBSession.flush()
    #for node in results:
    #    DBSession.refresh(node)
    if log.isEnabledFor(logging.DEBUG):
        log.debug('modifyed : new (%d), dirty (%d), deleted(%d)',
                  len(DBSession.new), len(DBSession.dirty),
                  len(DBSession.deleted))  # pylint: disable=no-member
        log.debug("Bisquik2db last_node %s of document %s ", str(node),
                  str(node.document))
    if len(results) == 1:
        return node
    return results
Exemplo n.º 9
0
def resource_acl(resource,
                 newauth,
                 user=None,
                 acl=None,
                 notify=False,
                 invalidate=True,
                 action='append'):
    """Create or modify resource acls

    @param resource:  resource (Taggable)
    @param newauth :  an etree of the acl record or None if deleting
    @param user    :  the user (Taggable) of the acl  or None (will be determined from newauth)
    @param acl     :  the acl (TaggableAcl) or None (will be found or created)
    @param notify  :  send an email on state change (boolean)
    @param invalidate: Invalidate caches (boolean)
    @parama delete : Append/modify or Delete record (boolean)

    @return an etree acl record
    """
    log.debug("ACL SET %s", resource)
    user, passwd = match_user(user=user,
                              user_uniq=newauth.get('user'),
                              email=newauth.get('email'))
    if acl is None:
        try:
            DBSession.flush()  # autoflush is off so flush before query
        except sqlalchemy.exc.IntegrityError:
            log.exception("while preparing for query")

        acl = DBSession.query(TaggableAcl).filter_by(taggable_id=resource.id,
                                                     user_id=user.id).first()
        if acl is None:  # Check if newauth is not None or delete is true???
            acl = TaggableAcl()
            acl.taggable_id = resource.id
            acl.user_id = user.id
            acl.action = "read"
            DBSession.add(acl)

    if action == 'delete':
        log.debug("Removing %s from %s  for %s",
                  newauth.get('action', RESOURCE_READ), resource.resource_uniq,
                  user.resource_uniq)
        # http://stackoverflow.com/questions/8306506/deleting-an-object-from-an-sqlalchemy-session-before-its-been-persisted

        if acl in DBSession.new:
            DBSession.expunge(acl)
        else:
            DBSession.delete(acl)
    else:
        log.debug("Changing share on %s for %s action=%s",
                  resource.resource_uniq, user.resource_uniq,
                  newauth.get('action', RESOURCE_READ))
        acl.action = newauth.get('action', RESOURCE_READ)
    #
    # Special actions on sharing  specific resource types
    #
    handler = SHARE_HANDLERS.get(resource.resource_type)
    if handler:
        log.debug("Special share handling with %s", handler)
        handler(resource.resource_uniq, user.resource_uniq, newauth, action)

    # Notify changes if needed
    if notify:
        try:
            notify_user(action, resource, user, passwd)
        except Exception:
            log.exception("While notifying share")

    if invalidate:
        Resource.hier_cache.invalidate_resource(None, user=user.id)

    # Return the new/updated auth element
    return _aclelem(resource, user, acl)