def verify_user(user_id, token_info): if user_id and token_info and user_id == token_info.get('sub'): set_user_by_id(user_id) set_auth_type("automation") yield clear_user_login() else: raise MKAuthException("Unauthorized by verify_user")
def set_user_context(user_id: UserId, token_info: RFC7662): if user_id and token_info and user_id == token_info.get('sub'): set_user_by_id(user_id) set_auth_type(token_info['scope']) yield clear_user_login() else: raise MKAuthException("Unauthorized by verify_user")
def UserContext(user_id: UserId) -> Iterator[None]: """Managing authenticated user context After the user has been authenticated, initialize the global user object. Also cleanup when leaving""" try: config.set_user_by_id(user_id) yield finally: html.transaction_manager.store_new() userdb.on_end_of_request(user_id) config.clear_user_login()
def login(user_id: UserId) -> None: """After the user has been authenticated, tell the different components of the GUI which user is authenticated.""" config.set_user_by_id(user_id)
def login(user_id): if not isinstance(user_id, unicode): raise MKInternalError("Invalid user id type") config.set_user_by_id(user_id) html.set_user_id(user_id)
def execute_network_scan_job() -> None: init_wato_datastructures(with_wato_lock=True) if watolib.is_wato_slave_site(): return # Don't execute this job on slaves. folder = find_folder_to_scan() if not folder: return # Nothing to do. # We need to have the context of the user. The jobs are executed when # config.set_user_by_id() has not been executed yet. So there is no user context # available. Use the run_as attribute from the job config and revert # the previous state after completion. old_user = config.user.id run_as = folder.attribute("network_scan")["run_as"] if not userdb.user_exists(run_as): raise MKGeneralException( _("The user %s used by the network " "scan of the folder %s does not exist.") % (run_as, folder.title())) config.set_user_by_id(folder.attribute("network_scan")["run_as"]) result: NetworkScanResult = { "start": time.time(), "end": True, # means currently running "state": None, "output": "The scan is currently running.", } # Mark the scan in progress: Is important in case the request takes longer than # the interval of the cron job (1 minute). Otherwise the scan might be started # a second time before the first one finished. save_network_scan_result(folder, result) try: if config.site_is_local(folder.site_id()): found = cmk.gui.watolib.network_scan.do_network_scan(folder) else: found = watolib.do_remote_automation(config.site(folder.site_id()), "network-scan", [("folder", folder.path())]) if not isinstance(found, list): raise MKGeneralException(_("Received an invalid network scan result: %r") % found) add_scanned_hosts_to_folder(folder, found) result.update({ "state": True, "output": _("The network scan found %d new hosts.") % len(found), }) except Exception as e: result.update({ "state": False, "output": _("An exception occured: %s") % e, }) logger.error("Exception in network scan:\n%s", traceback.format_exc()) result["end"] = time.time() save_network_scan_result(folder, result) if old_user: config.set_user_by_id(old_user)
def login(user_id): if not isinstance(user_id, six.text_type): raise MKInternalError("Invalid user id type") config.set_user_by_id(user_id)