Exemplo n.º 1
0
def getUserGrups(dbSession, user):
    try:
        user = User.getByNameOrID(user)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this username or ID")
    else:
        return user.groups
Exemplo n.º 2
0
def get_user_groups(db_session, user):
    try:
        user = User.getByNameOrID(user)
    except orm_exceptions.NoResultFound:
        raise HTTPRequestError(404, "No user found with this username or ID")
    else:
        return user.groups
Exemplo n.º 3
0
def getUserDirectPermissions(dbSession, user):
    try:
        user = User.getByNameOrID(user)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this username or ID")

    return user.permissions
Exemplo n.º 4
0
def deleteUser(dbSession, user, requester):
    try:
        user = User.getByNameOrID(user)
        if user.id == requester['userid']:
            raise HTTPRequestError(400, "a user can't remove himself")
        dbSession.execute(
            UserPermission.__table__.delete(UserPermission.user_id == user.id)
        )
        dbSession.execute(
            UserGroup.__table__.delete(UserGroup.user_id == user.id)
        )
        cache.deleteKey(userid=user.id)

        # The user is not hardDeleted.
        # it should be copied to inactiveUser table
        inactiveTables.PasswdInactive.createInactiveFromUser(dbSession,
                                                             user,)
        inactiveTables.UserInactive.createInactiveFromUser(dbSession,
                                                           user,
                                                           requester['userid'])
        passwd.expirePasswordResetRequests(dbSession, user.id)
        dbSession.delete(user)
        log().info('user ' + user.username + ' deleted by '
                   + requester['username'],
                   user.safeDict())
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this ID")
Exemplo n.º 5
0
def updateUser(dbSession, user, updatedInfo, requester):
    # Drop invalid fields
    updatedInfo = {
                    k: updatedInfo[k]
                    for k in updatedInfo
                    if k in User.fillable
                  }
    oldUser = User.getByNameOrID(user)

    if 'username' in updatedInfo.keys() \
            and updatedInfo['username'] != oldUser.username:
        raise HTTPRequestError(400, "usernames can't be updated")

    checkUser(updatedInfo)

    # Verify if the email is in use by another user
    if 'email' in updatedInfo.keys() and updatedInfo['email'] != oldUser.email:
        anotherUser = dbSession.query(User) \
                               .filter_by(email=updatedInfo['email']) \
                               .one_or_none()
        if anotherUser:
            raise HTTPRequestError(400, "email already in use")

    log().info('user ' + oldUser.username + ' updated by '
               + requester['username'],
               {'oldUser': oldUser.safeDict(), 'newUser': updatedInfo})
    if 'name' in updatedInfo.keys():
        oldUser.name = updatedInfo['name']
    if 'service' in updatedInfo.keys():
        oldUser.service = updatedInfo['service']
    if 'email' in updatedInfo.keys():
        oldUser.email = updatedInfo['email']

    return oldUser
Exemplo n.º 6
0
def get_all_user_permissions(db_session, user):
    try:
        user = User.getByNameOrID(user)
    except orm_exceptions.NoResultFound:
        raise HTTPRequestError(404, "No user found with this username or ID")

    permissions = user.permissions
    permissions += [
        perm for group in user.groups for perm in group.permissions
    ]

    # drop possible duplicates
    return list({v.id: v for v in permissions}.values())
Exemplo n.º 7
0
def add_user_groups():
    predef_user_group = [
        {
            "name": "admin",
            "groups": ["admin"]
        },
    ]

    for user in predef_user_group:
        user_id = User.getByNameOrID(user['name']).id
        for group_name in user['groups']:
            r = UserGroup(user_id=user_id,
                          group_id=Group.getByNameOrID(group_name).id)
            db.session.add(r)
    db.session.commit()
Exemplo n.º 8
0
def removeUserGroup(dbSession, user, group, requester):
    try:
        user = User.getByNameOrID(user)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this ID or name")
    try:
        group = Group.getByNameOrID(group)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No group found with this ID or name")
    try:
        relation = dbSession.query(UserGroup) \
            .filter_by(user_id=user.id, group_id=group.id).one()
        dbSession.delete(relation)
        cache.deleteKey(userid=user.id)
        log().info('user ' + user.username + ' removed from ' + group.name +
                   ' by ' + requester['username'])
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "User is not a member of the group")
Exemplo n.º 9
0
def removeUserPermission(dbSession, user, permission, requester):
    try:
        user = User.getByNameOrID(user)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this ID or name")
    try:
        perm = Permission.getByNameOrID(permission)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No permission found with this ID")
    try:
        relation = dbSession.query(UserPermission) \
            .filter_by(user_id=user.id, permission_id=perm.id).one()
        dbSession.delete(relation)
        cache.deleteKey(userid=user.id, action=perm.method, resource=perm.path)
        log().info('user ' + user.username + ' removed permission ' +
                   perm.name + ' by ' + requester['username'])
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "User does not have this permission")
Exemplo n.º 10
0
def addUserGroup(dbSession, user, group, requester):
    try:
        user = User.getByNameOrID(user)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No user found with this ID or name")
    try:
        group = Group.getByNameOrID(group)
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, "No group found with this ID or name")

    if dbSession.query(UserGroup).filter_by(user_id=user.id,
                                            group_id=group.id).one_or_none():
        raise HTTPRequestError(409, "User is already a member of the group")

    r = UserGroup(user_id=user.id, group_id=group.id)
    dbSession.add(r)
    cache.deleteKey(userid=user.id)
    log().info('user ' + user.username + ' added to group ' + group.name +
               ' by ' + requester['username'])
Exemplo n.º 11
0
def resetPassword(dbSession, link, resetData):
    if 'passwd' not in resetData.keys():
        raise HTTPRequestError(400, 'missing password')
    try:
        resetRequest = dbSession.query(PasswordRequest). \
            filter_by(link=link).one()
        if chechRequestValidity(dbSession, resetRequest):
            user = User.getByNameOrID(resetRequest.user_id)
            user.salt, user.hash = update(dbSession, user, resetData['passwd'])

            # remove this used reset request
            PasswordRequestInactive.createInactiveFromRequest(
                dbSession, resetRequest)
            dbSession.delete(resetRequest)
            return user
        else:
            raise HTTPRequestError(404, 'Page not found or expired')
    except sqlalchemy.orm.exc.NoResultFound:
        raise HTTPRequestError(404, 'Page not found or expired')
Exemplo n.º 12
0
def add_user_permission(db_session, user, permission, requester):
    try:
        user = User.getByNameOrID(user)
    except orm_exceptions.NoResultFound:
        raise HTTPRequestError(404, "No user found with this ID or name")
    try:
        perm = Permission.getByNameOrID(permission)
    except orm_exceptions.NoResultFound:
        raise HTTPRequestError(404, "No permission found with this ID")

    if db_session.query(UserPermission) \
            .filter_by(user_id=user.id, permission_id=perm.id).one_or_none():
        raise HTTPRequestError(409, "User already have this permission")

    r = UserPermission(user_id=user.id, permission_id=perm.id)
    db_session.add(r)
    cache.delete_key(userid=user.id,
                     action=perm.method,
                     resource=perm.path)
    log().info('user ' + user.username + ' received permission '
               + perm.name + ' by ' + requester['username'])
Exemplo n.º 13
0
def getUser(dbSession, user):
    try:
        user = User.getByNameOrID(user)
        return user
    except (sqlalchemy.orm.exc.NoResultFound, ValueError):
        raise HTTPRequestError(404, "No user found with this ID")
Exemplo n.º 14
0
def get_user(db_session, user):
    try:
        user = User.getByNameOrID(user)
        return user
    except (orm_exceptions.NoResultFound, ValueError):
        raise HTTPRequestError(404, "No user found with this ID")