Exemplo n.º 1
0
 def getGroup(self, group_id):
     try:
         group_id = int(group_id)
     except ValueError:
         group = groups.get_by_name(group_id)
     else:
         group = groups.get(group_id)
     auditlog.log(auditlog.CODE_CONTENT_VIEW, target=group)
     return group.to_dict(include_resources=True)
Exemplo n.º 2
0
 def view(self, group_id):
     try:
         group_id = int(group_id)
     except ValueError:
         group = groups.get_by_name(group_id)
     else:
         group = groups.get(group_id)
         
     auditlog.log(auditlog.CODE_CONTENT_VIEW, target=group)
     return render("group/view.html", {'group': group})
Exemplo n.º 3
0
def check_duplicate_name(form, field):    
    name = field.data
    for group_id in form.group_ids.data:
        group = groups.get(group_id)
        q = group.resources.filter_by(name=name)
        if hasattr(form, 'resource_id'):
            q = q.filter(Resource.id != form.resource_id.data) # @UndefinedVariable
        existing = q.all()
        if existing:
            raise ValidationError("Resource \"{0}\" already exists in group \"{1}\".".format(name, group.name))
Exemplo n.º 4
0
 def delete(self, group_id):
     """
     Deletes a group.
     """
     group = groups.get(group_id)
     
     all_resources = group.resources.all()
     
     # This is very lazy (could be done in SQL), but simple/easy-to-debug.
     resources_only_in_this_group = []
     resources_in_other_groups_too = [] 
     for r in all_resources:
         if r.groups.all() == [group]:
             resources_only_in_this_group.append(r)
         else:
             resources_in_other_groups_too.append(r)
     
     if cherrypy.request.method == 'POST':
    
         # First remove any resources that are only owned by this group. 
         for r in resources_only_in_this_group:
             # Remove any passwords in this resource
             for pw in r.passwords:
                 del_pw = passwords.delete(pw.id)
                 auditlog.log(auditlog.CODE_CONTENT_DEL, target=del_pw)
             del_r = resources.delete(r.id)
             auditlog.log(auditlog.CODE_CONTENT_DEL, target=del_r)
         
         # Next we manually remove the group from any other resources that were associated
         # with this group.
         for r in resources_in_other_groups_too:
             group_ids = set([g.id for g in r.groups.all()])
             group_ids.remove(group.id)
             (mod_r, modified) = resources.modify(r.id, group_ids=group_ids)
             if modified:
                 auditlog.log(auditlog.CODE_CONTENT_MOD, target=mod_r, attributes_modified=modified)
         
         # And finally we can delete the group itself.
         group = groups.delete(group.id)
         auditlog.log(auditlog.CODE_CONTENT_DEL, target=group)
         
         notify_entity_activity(group, 'deleted')
         raise cherrypy.HTTPRedirect('/group/list')
     else:
         return render('group/delete.html', {'group_id': group_id,
                                             'del_resources': resources_only_in_this_group,
                                             'mod_resources': resources_in_other_groups_too})
Exemplo n.º 5
0
 def export(self, group_id=None, **kwargs):
     form = ExportForm(request_params(), group_id=group_id)
     form.group_id.choices = [(g.id, g.name) for g in groups.list()]
     
     exporter_choices = [('yaml', 'YAML (GPG/PGP-encrypted)')]
     if config['export.keepass.enabled']:
         if not os.path.exists(config['export.keepass.exe_path']):
             log.error("KeePass export enabled, but specified converter script does not exist: {0}".format(config.get('export.keepass.exe_path')))
         else:
             exporter_choices.append(('kdb', 'KeePass 1.x'))
     form.format.choices = exporter_choices
     
     if cherrypy.request.method == 'POST':
         if form.validate():
             group = groups.get(form.group_id.data)
             
             if form.format.data == 'yaml':
                 exporter = GpgYamlExporter(use_tags=False,
                                            passphrase=form.passphrase.data,
                                            resource_filters=[model.GroupResource.group_id==group.id]) # @UndefinedVariable
                 encrypted_stream = BytesIO()
                 exporter.export(stream=encrypted_stream)
                 encrypted_stream.seek(0) # Just to ensure it's rewound
                 
                 return serve_fileobj(encrypted_stream, content_type='application/pgp-encrypted', disposition='attachment',
                                      name='group-{0}-export.pgp'.format(re.sub('[^\w\-\.]', '_', group.name)))
                 
             elif form.format.data == 'kdb':
                 exporter = KeepassExporter(passphrase=form.passphrase.data,
                                            resource_filters=[model.GroupResource.group_id==group.id]) # @UndefinedVariable
                 encrypted_stream = BytesIO()
                 exporter.export(stream=encrypted_stream)
                 encrypted_stream.seek(0) # Just to ensure it's rewound
                 
                 return serve_fileobj(encrypted_stream, content_type='application/x-keepass-database', disposition='attachment',
                                      name='group-{0}-export.kdb'.format(re.sub('[^\w\-\.]', '_', group.name)))
                     
             else:
                 # I don't think we can get here in normal business.
                 raise RuntimeError("Unhandled format specified: {0}".format(form.format.data))
                 
         else: # does not validate
             return render("group/export.html", {'form': form})
     else: # request method is GET
         return render("group/export.html", {'form': form})
Exemplo n.º 6
0
 def test_get(self):
     random_group = random.choice(self.data.groups.values())
     match = groups.get(random_group.id)
     self.assertIs(random_group, match)
     
     with self.assertRaises(TypeError):
         groups.get(None)
     
     
     with self.assertRaisesRegexp(exc.NoSuchEntity, r'Group'):
         groups.get(0)
         
     no_match = groups.get(0, assert_exists=False)
     self.assertIs(None, no_match)
Exemplo n.º 7
0
 def edit(self, group_id):
     group = groups.get(group_id)
     form = GroupEditForm(request_params(), group, group_id=group.id)
     return render('group/edit.html', {'form': form})