def addCairisUser(userName, passWd, fullName):
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
if (existingAccount(userName)):
raise Exception(userName + ' already exists')
dbAccount = canonicalDbUser(userName)
b = Borg()
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp,
canonicalDbUser(userName) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
db.create_all()
user_datastore.create_user(email=userName,
account=dbAccount,
password=hash_password(passWd),
dbtoken=rp,
name=fullName)
db.session.commit()
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
def main():
parser = argparse.ArgumentParser(
description=
'Computer Aided Integration of Requirements and Information Security - Add CAIRIS user'
)
parser.add_argument('user', help='Email address')
parser.add_argument('password', help='password')
parser.add_argument('name', help='Full name')
args = parser.parse_args()
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
if (existingAccount(args.user)):
raise Exception(args.user + ' already exists')
dbAccount = canonicalDbUser(args.user)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp,
canonicalDbUser(args.user) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp,
dbAccount + '_default')
db.create_all()
user_datastore.create_user(email=args.user,
account=dbAccount,
password=args.password,
dbtoken=rp,
name='Default user')
db.session.commit()
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp,
dbAccount + '_default')
def quick_setup(dbHost,
dbPort,
dbRootPassword,
tmpDir,
rootDir,
configFile,
webPort,
logLevel,
staticDir,
assetDir,
userName,
passWd,
mailServer='',
mailPort='',
mailUser='',
mailPasswd=''):
if (len(userName) > 255):
raise ARMException("Username cannot be longer than 255 characters")
if (userName == "root"):
raise ARMException("Username cannot be root")
createDbOwnerDatabase(dbRootPassword, dbHost, dbPort)
createUserDatabase(dbHost, dbPort, dbRootPassword, rootDir)
os.environ["CAIRIS_CFG"] = configFile
pathName = os.path.split(
os.path.split(os.path.realpath(os.path.dirname(__file__)))[0])[0]
sys.path.insert(0, pathName)
fileName = os.environ.get("HOME") + "/.bashrc"
f = open(fileName, 'a')
f.write("export CAIRIS_SRC=" + rootDir + "\n")
f.write("export CAIRIS_CFG_DIR=${CAIRIS_SRC}/config\n")
f.write("export CAIRIS_CFG=" + configFile + "\n")
f.write("export PYTHONPATH=${PYTHONPATH}:" + pathName + "\n")
f.close()
createCairisCnf(configFile, dbRootPassword, dbHost, dbPort, tmpDir,
rootDir, webPort, logLevel, staticDir, assetDir,
mailServer, mailPort, mailUser, mailPasswd)
from cairis.bin.add_cairis_user import user_datastore, db
db.create_all()
if (userName != ''):
rp = ''.join(choice(ascii_letters + digits) for i in range(255))
dbAccount = canonicalDbUser(userName)
user_datastore.create_user(email=userName,
account=dbAccount,
password=passWd,
dbtoken=rp,
name='Default user')
db.session.commit()
createDatabaseAccount(dbRootPassword, dbHost, dbPort, userName, rp)
createDatabaseAndPrivileges(dbRootPassword, dbHost, dbPort, userName,
rp, dbAccount + '_default')
createDatabaseSchema(rootDir, dbHost, dbPort, userName, rp,
dbAccount + '_default')
createDefaults(rootDir, dbHost, dbPort, userName, rp,
dbAccount + '_default')
def addAdditionalUserData(userName, passWd):
fUser = user_datastore.find_user(email=userName)
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
fUser.dbtoken = rp
db.session.commit()
b = Borg()
dbAccount = canonicalDbUser(userName)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
def main():
parser = argparse.ArgumentParser(
description=
'Computer Aided Integration of Requirements and Information Security - Backup server'
)
parser.add_argument('tarArchive',
help='Model archive tarball to be created ')
args = parser.parse_args()
cairis.core.BorgFactory.initialise()
b = Borg()
aNames = accounts(b.rPasswd, b.dbHost, b.dbPort)
for email in aNames:
userPasswd = dbtoken(b.rPasswd, b.dbHost, b.dbPort, email)
dbUser = canonicalDbUser(email)
dbName = dbUser + '_default'
dbProxy = MySQLDatabaseProxy(b.dbHost, b.dbPort, dbUser, userPasswd,
dbName)
packageFile = b.tmpDir + '/' + email + '.cairis'
try:
exportPackage(packageFile, None, 0, dbProxy)
logger.info('Exported ' + email + ' default database')
except ARMException as ex:
logger.info('Error exporting ' + email + ' default database : ' +
str(ex))
exportPackage(packageFile, None, 1, dbProxy)
logger.info('Exported ' + email +
' default database by ignoring validity checks')
dbProxy.close()
with tarfile.open(args.tarArchive, 'w') as archive:
for p in os.listdir(b.tmpDir):
modelName = b.tmpDir + '/' + p
archive.add(modelName,
arcname=p,
filter=lambda x: x
if x.name.endswith('.cairis') else None)
hashFile = b.tmpDir + '/hashes.txt'
with open(hashFile, 'w') as f:
f.write('\n'.join(
list(
map(lambda x: ','.join(x),
emailHashes(b.rPasswd, b.dbHost, b.dbPort)))))
archive.add(hashFile, arcname='hashes.txt')
def testCreateShareResetDelete(self):
b = Borg()
dropCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort)
testAccount = '*****@*****.**'
createDbOwnerDatabase(b.rPasswd, b.dbHost, b.dbPort)
createCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort)
db.create_all()
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount)
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount not in accountList, True)
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
dbAccount = canonicalDbUser(testAccount)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount,
rp,
canonicalDbUser(testAccount) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_default')
user_datastore.create_user(email=testAccount,
account=dbAccount,
password='******',
dbtoken=rp,
name='Test user')
db.session.commit()
self.assertEqual(rp, dbtoken(b.rPasswd, b.dbHost, b.dbPort,
testAccount))
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_default')
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount in accountList, True)
self.assertEqual(existingAccount(testAccount), True)
self.assertEqual(len(databases(dbAccount)), 1)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount,
rp,
canonicalDbUser(testAccount) + '_Test1')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_Test1')
self.assertEqual(len(databases(dbAccount)), 2)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0)
self.assertEqual(isOwner(dbAccount, 'Test1'), True)
testAccount2 = '*****@*****.**'
rp2 = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
dbAccount2 = canonicalDbUser(testAccount2)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount2, rp2)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount2,
rp2,
canonicalDbUser(testAccount2) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount,
rp2, dbAccount2 + '_default')
user_datastore.create_user(email=testAccount2,
account=dbAccount2,
password='******',
dbtoken=rp2,
name='Test user 2')
db.session.commit()
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount2 in accountList, True)
self.assertEqual(len(databases(dbAccount2)), 1)
grantDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1',
testAccount2)
self.assertEqual(len(databases(dbAccount2)), 2)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 1)
self.assertEqual(isOwner(dbAccount2, 'Test1'), False)
revokeDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1',
testAccount2)
self.assertEqual(len(databases(dbAccount2)), 1)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0)
resetUsers(b.cairisRoot, b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(len(databases(dbAccount)), 1)
self.assertEqual(len(databases(dbAccount2)), 1)
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount)
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount2)
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount not in accountList, True)
self.assertEqual(testAccount2 not in accountList, True)