Exemplo n.º 1
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data.get('user', None)

    if user:
        user_id = user.get('id', None)
    else:
        user_id = None

    partition = params.get('partition', None)
    max_workers = params.get('max_workers', None)

    if database_can_not_access_to_item(partition):
        body['error'] = error.PERMISSION_DENIED
        return body

    # Check partition has been existed
    if not resource.db_has_partition(partition):
        body['error'] = error.NO_SUCH_PARTITION
        return body

    items = params.get('items', [])
    error_list = [None] * len(items)
    item_ids = [None] * len(items)

    index_keys = util.get_index_keys_to_index(resource, user, partition, 'w')
    sort_keys = util.get_sort_keys(resource)
    policy_code = get_policy_code(resource, partition, 'create')

    def try_put_item(idx, item):
        item['id'] = uuid()
        if 'owner' not in item:
            item['owner'] = user_id
        item = {
            key: value
            for key, value in item.items()
            if value != '' and value != {} and value != []
        }
        if match_policy(policy_code, user, item):
            resource.db_put_item(partition,
                                 item,
                                 item_id=item['id'],
                                 index_keys=index_keys,
                                 sort_keys=sort_keys)
            item_ids[idx] = item.get('id', None)
        else:
            error_list[idx] = error.PERMISSION_DENIED

    if not max_workers:
        max_workers = len(items)
    max_workers = int(max_workers) + 1
    max_workers = min(32, max_workers)
    with ThreadPoolExecutor(max_workers=max_workers) as exc:
        for _idx, _item in enumerate(items):
            exc.submit(try_put_item, _idx, _item)

    body['error_list'] = error_list
    body['item_ids'] = item_ids
    return body
Exemplo n.º 2
0
def do(data, resource):
    body = {}
    params = data['params']
    runner_user = data.get('user', None)  # 작업을 시행하는 유저

    user_id = params.get('user_id', None)
    new_user_fields = params.get('user')

    user_to_update = resource.db_get_item(user_id)
    if user_to_update['partition'] != 'user':
        body['error'] = error.NOT_USER_PARTITION
        body['success'] = False
        return body

    if not get_policy_code.match_policy_after_get_policy_code(
            resource, 'update', 'user', runner_user, new_user_fields):
        body['error'] = error.UPDATE_POLICY_VIOLATION
        return body

    # 생성날짜 유지를 위해 기록
    creation_date = user_to_update.get('creation_date', float(time.time()))

    # For security
    new_item = {}
    for field in new_user_fields:
        if field in [
                'id', 'email', 'password_hash', 'salt', 'groups',
                'login_method'
        ]:
            body['error'] = error.FORBIDDEN_MODIFICATION
            body.setdefault('forbidden_fields', [])
            body['forbidden_fields'].append(field)
        else:
            new_item[field] = new_user_fields[field]
    new_item = util.simplify_item(user_to_update, new_item)
    new_item['partition'] = 'user'
    new_item['updated_date'] = float(time.time())
    new_item['creation_date'] = creation_date

    # 소트키 존재시 무조건 포함
    sort_keys = database_util.get_sort_keys(resource)
    for sort_key_item in sort_keys:
        s_key = sort_key_item.get('sort_key', None)
        if s_key and s_key not in new_item and user_to_update.get(
                s_key, None) is not None:
            new_item[s_key] = user_to_update.get(s_key, None)

    resource.db_update_item_v2(user_id, new_item)
    body['user_id'] = user_id
    body['success'] = True
    return body
Exemplo n.º 3
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    item_id = params.get('item_id', None)
    field_name = params.get('field_name', None)
    field_value = params.get('field_value', None)

    item = resource.db_get_item(item_id)
    # 시스템 파티션 접근 제한
    if database_can_not_access_to_item(item['partition']):
        body['error'] = error.PERMISSION_DENIED
        return body
    if not resource.db_has_partition(item['partition']):
        body['error'] = error.NO_SUCH_PARTITION
        return body

    new_item = {
        'id': item_id,
        field_name: field_value,
        'partition': item['partition'],
        'creation_date': item.get('creation_date', 0)
    }

    if match_policy_after_get_policy_code(resource,
                                          'update',
                                          item['partition'],
                                          user,
                                          item,
                                          new_item=new_item):
        index_keys = util.get_index_keys_to_index(resource, user,
                                                  item['partition'], 'w')

        # 소트키는 무조건 업데이트시 포함해야함.
        sort_keys = util.get_sort_keys(resource)
        for sort_key in sort_keys:
            s_key = sort_key.get('sort_key', None)
            if s_key and s_key not in new_item and item.get(s_key,
                                                            None) is not None:
                new_item[s_key] = item.get(s_key, None)

        success = resource.db_update_item_v2(item_id,
                                             new_item,
                                             index_keys=index_keys,
                                             sort_keys=sort_keys)
        body['success'] = success
    else:
        body['error'] = error.PERMISSION_DENIED
    return body
Exemplo n.º 4
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    if not user:
        body['error'] = error.LOGIN_IS_REQUIRED
        return body

    user_id = user['id']
    field = params.get('field')
    value = params.get('value', None)

    user_to_update = {
        field: value
    }

    # user = resource.db_get_item(user_id)

    # For security
    if field in ['id', 'email', 'password_hash', 'salt', 'groups', 'login_method']:
        body['error'] = error.FORBIDDEN_MODIFICATION
        return body
    elif not get_policy_code.match_policy_after_get_policy_code(resource, 'update', 'user', user, user_to_update):
        body['error'] = error.UPDATE_POLICY_VIOLATION
        return body
    else:
        creation_date = user.get('creation_date', time.time())

        user_to_update = {
            'partition': 'user',
            'updated_date': float(time.time()),
            field: value,
            'creation_date': creation_date,
        }
        # 소트키 존재시 무조건 포함
        sort_keys = util.get_sort_keys(resource)
        for sort_key_item in sort_keys:
            s_key = sort_key_item.get('sort_key', None)
            if s_key and s_key not in user_to_update and user.get(s_key, None) is not None:
                user_to_update[s_key] = user.get(s_key, None)

        resource.db_update_item_v2(user_id, user_to_update)
        body['user_id'] = user_id
        return body
Exemplo n.º 5
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data.get('user', None)

    user_id = params.get('user_id', None)
    field = params.get('field')
    value = params.get('value', None)
    user_to_update = {field: value, 'updated_date': float(time.time())}

    item = resource.db_get_item(user_id)
    if item.get('partition', None) != 'user':
        body['error'] = error.NOT_USER_PARTITION
        body['success'] = False
        return body

    # For security
    if field in ['id', 'password_hash', 'salt', 'groups', 'login_method']:
        body['error'] = error.FORBIDDEN_MODIFICATION
        return body
    elif not get_policy_code.match_policy_after_get_policy_code(
            resource, 'update', 'user', user, user_to_update):
        body['error'] = error.UPDATE_POLICY_VIOLATION
        return body
    else:
        # for field, value in user_to_update.items():
        #     item[field] = value
        creation_date = item.get('creation_date', time.time())
        user_to_update['partition'] = 'user'
        user_to_update['creation_date'] = creation_date

        # 소트키 존재시 무조건 포함
        sort_keys = util.get_sort_keys(resource)
        for sort_key_item in sort_keys:
            s_key = sort_key_item.get('sort_key', None)
            if s_key and s_key not in user_to_update and item.get(
                    s_key, None) is not None:
                user_to_update[s_key] = item.get(s_key, None)

        resource.db_update_item_v2(user_id, user_to_update)
        body['user_id'] = user_id
        return body
Exemplo n.º 6
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']
    user_id = user['id']
    ignore_error = params.get('ignore_error', False)

    user_item = params.get('item', {})
    user_to_update = {}

    # user = resource.db_get_item(user_id)
    # For security
    for field, value in user_item.items():
        if field in ['id', 'email', 'password_hash', 'salt', 'groups', 'login_method']:
            body['error'] = error.FORBIDDEN_MODIFICATION
            if not ignore_error:  # 에러 무시하는 경우
                return body
        else:
            user_to_update[field] = value

    if not get_policy_code.match_policy_after_get_policy_code(resource, 'update', 'user', user, user_to_update):
        body['error'] = error.UPDATE_POLICY_VIOLATION
        return body
    else:
        creation_date = user.get('creation_date', time.time())
        user_to_update['partition'] = 'user'
        user_to_update['updated_date'] = float(time.time())
        user_to_update['creation_date'] = creation_date

        # 소트키 존재시 무조건 포함
        sort_keys = util.get_sort_keys(resource)
        for sort_key_item in sort_keys:
            s_key = sort_key_item.get('sort_key', None)
            if s_key and s_key not in user_to_update and user.get(s_key, None) is not None:
                user_to_update[s_key] = user.get(s_key, None)

        resource.db_update_item_v2(user_id, user_to_update)
        body['user_id'] = user_id
        return body
Exemplo n.º 7
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']
    user_id = user['id']
    creation_date = user.get('creation_date', time.time())

    email = params.get('email')

    instructions = [[None, 'email', 'eq', email]]
    items, end_key = resource.db_query('user', instructions)
    users = list(items)
    if len(users) > 0:
        body['error'] = error.EXISTING_ACCOUNT
        return body

    # user = resource.db_get_item(user_id)
    if not get_policy_code.match_policy_after_get_policy_code(
            resource, 'update', 'user', user, {'email': email}):
        body['error'] = error.UPDATE_POLICY_VIOLATION
        return body
    user_to_update = {
        'partition': 'user',
        'updated_date': float(time.time()),
        'email': email,
        'creation_date': creation_date,
    }
    # 소트키 존재시 무조건 포함
    sort_keys = util.get_sort_keys(resource)
    for sort_key_item in sort_keys:
        s_key = sort_key_item.get('sort_key', None)
        if s_key and s_key not in user_to_update and user.get(
                s_key, None) is not None:
            user_to_update[s_key] = user.get(s_key, None)

    resource.db_update_item_v2(user_id, user_to_update)
    body['user_id'] = user_id
    return body
Exemplo n.º 8
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data.get('user', None)

    if user:
        user_id = user.get('id', None)
    else:
        user_id = None

    partition = params.get('partition', None)
    item = params.get('item', {})

    item['id'] = uuid()
    if 'owner' not in item:
        item['owner'] = user_id

    item = {key: value for key, value in item.items() if value != '' and value != {} and value != []}

    # 시스템 파티션 접근 제한
    if database_can_not_access_to_item(partition):
        body['error'] = error.PERMISSION_DENIED
        return body
    # Check partition has been existed
    if resource.db_has_partition(partition):
        if match_policy_after_get_policy_code(resource, 'create', partition, user, item):
            index_keys = util.get_index_keys_to_index(resource, user, partition, 'w')
            sort_keys = util.get_sort_keys(resource)
            resource.db_put_item(partition, item, item_id=item['id'], index_keys=index_keys, sort_keys=sort_keys)
            body['item_id'] = item.get('id', None)
            return body
        else:
            body['error'] = error.PERMISSION_DENIED
            return body

    body['error'] = error.NO_SUCH_PARTITION
    return body
Exemplo n.º 9
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    pairs = params.get('pairs', None)
    max_workers = params.get('max_workers', None)
    error_list = [None] * len(pairs)
    success_list = [False] * len(pairs)

    policy_codes_by_partition = {}

    partitions = resource.db_get_partitions()
    partition_names = [partition['name'] for partition in partitions]
    sort_keys = util.get_sort_keys(resource)

    def update_work(idx, item_id):
        new_item = pairs[item_id]
        item = resource.db_get_item(item_id)
        # 아이템 없는 경우
        if not item:
            error_list[idx] = error.NO_SUCH_ITEM
            return
        # 시스템 파티션 접근 제한
        if database_can_not_access_to_item(item['partition']):
            error_list[idx] = error.PERMISSION_DENIED
            return
        # 등록된 파티션이 아닌경우
        if item['partition'] not in partition_names:
            error_list[idx] = error.UNREGISTERED_PARTITION
            return

        if item['partition'] in policy_codes_by_partition:
            policy_code = policy_codes_by_partition[item['partition']]
        else:
            policy_code = get_policy_code(resource, item['partition'], 'update')
            policy_codes_by_partition[item['partition']] = policy_code

        # Remove field if value is None
        # for key, value in new_item.copy().items():
        #     if value is None:
        #         new_item.pop(key)

        new_item = {key: value for key, value in new_item.items() if value != '' and value != {} and value != []}
        new_item = util.simplify_item(item, new_item)
        new_item['partition'] = item.get('partition', None)
        new_item['creation_date'] = item.get('creation_date', None)

        if match_policy(policy_code, user, item, new_item=new_item):
            index_keys = util.get_index_keys_to_index(resource, user, item['partition'], 'w')

            # 소트키는 무조건 업데이트시 포함해야함.
            for sort_key in sort_keys:
                s_key = sort_key.get('sort_key', None)
                if s_key and s_key not in new_item and item.get(s_key, None) is not None:
                    new_item[s_key] = item.get(s_key, None)

            success = resource.db_update_item_v2(item_id, new_item, index_keys=index_keys, sort_keys=sort_keys)
            success_list[idx] = success
        else:
            error_list[idx] = error.UPDATE_POLICY_VIOLATION
    if not max_workers:
        max_workers = len(pairs)
    max_workers = int(max_workers) + 1
    max_workers = min(32, max_workers)
    with ThreadPoolExecutor(max_workers=max_workers) as exc:
        for _idx, _item_id in enumerate(pairs):
            exc.submit(update_work, _idx, _item_id)

    body['error_list'] = error_list
    body['success_list'] = success_list
    return body
Exemplo n.º 10
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    item_id = params.get('item_id', None)
    new_item = params.get('item', {})
    use_simplify = params.get('use_simplify', True)

    item = resource.db_get_item(item_id)
    # 아이템 없는 경우
    if not item:
        body['item'] = None
        body['error'] = error.NO_SUCH_ITEM
        return body

    # 시스템 파티션 접근 제한
    if database_can_not_access_to_item(item['partition']):
        body['error'] = error.PERMISSION_DENIED
        return body

    # 등록된 파티션이 아닌경우
    if not resource.db_has_partition(item['partition']):
        body['item'] = None
        body['error'] = error.UNREGISTERED_PARTITION
        return body

    # Remove null
    # for key, value in new_item.copy().items():
    #     if value is None:
    #         new_item.pop(key)

    # Put the value in the previous item that is not in the new field
    new_item = {
        key: value
        for key, value in new_item.items()
        if value != '' and value != {} and value != []
    }
    if use_simplify:
        new_item = util.simplify_item(item, new_item)
    new_item['partition'] = item['partition']
    new_item['creation_date'] = item['creation_date']

    if match_policy_after_get_policy_code(resource,
                                          'update',
                                          item['partition'],
                                          user,
                                          item,
                                          new_item=new_item):
        index_keys = util.get_index_keys_to_index(resource, user,
                                                  item['partition'], 'w')

        # 소트키는 무조건 업데이트시 포함해야함.
        sort_keys = util.get_sort_keys(resource)
        for sort_key in sort_keys:
            s_key = sort_key.get('sort_key', None)
            if s_key and s_key not in new_item and item.get(s_key,
                                                            None) is not None:
                new_item[s_key] = item.get(s_key, None)
        success = resource.db_update_item_v2(item_id,
                                             new_item,
                                             index_keys=index_keys,
                                             sort_keys=sort_keys)
        body['success'] = success
    else:
        body['error'] = error.UPDATE_POLICY_VIOLATION
    return body