def delete_users(self, userIds, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
userIds = split_list_sanitized(userIds)
try:
for userId in userIds:
try:
delUser = session.query(User).filter(User.id == userId).one()
session.delete(delUser)
for flFile in session.query(File).filter(File.owner_id == delUser.id):
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by user %s has been deleted as a result of the owner being deleted. " % (flFile.name, flFile.id, delUser.id), "admin"))
session.add(AuditLog(user.id, Actions.DELETE_USER, "User with ID: \"%s\" deleted from system" % delUser.id, "admin"))
sMessages.append("Successfully deleted user %s" % userId)
except sqlalchemy.orm.exc.NoResultFound:
fMessages.append("User with ID:%s does not exist" % userId)
except Exception, e:
fMessages.append("Could not delete user: %s" % str(e))
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error("[%s] [delete_users] [Could not delete users: %s]" % (user.id, str(e)))
fMessages.append("Could not delete users: %s" % str(e))
def delete_upload_request(self, ticketId, format="json", requestOrigin=""):
user, sMessages, fMessages = cherrypy.session.get("user"), [], []
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
ticketId = strip_tags(ticketId)
uploadRequest = session.query(UploadRequest).filter(
UploadRequest.id == ticketId).one()
if uploadRequest.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
session.delete(uploadRequest)
session.add(
AuditLog(
user.id, Actions.DELETE_UPLOAD_REQUEST,
"You deleted an upload request with ID: %s" %
uploadRequest.id))
session.commit()
sMessages.append("Upload request deleted")
else:
fMessages.append(
"You do not have permission to delete this upload request"
)
except Exception, e:
fMessages.append(str(e))
def delete_messages(self,
messageIds,
format="json",
requestOrigin="",
**kwargs):
user, sMessages, fMessages = cherrypy.session.get("user"), [], []
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
messageIdList = split_list_sanitized(messageIds)
for messageId in messageIdList:
message = session.query(Message).filter(
Message.id == messageId).scalar()
if (message.owner_id == user.id
or AccountService.user_has_permission(
user, "admin")):
session.delete(message)
else:
fMessages.append(
"You do not have permission to delete message with ID: %s"
% messageId)
session.commit()
sMessages.append("Message(s) deleted")
except Exception, e:
cherrypy.log.error(
"[%s] [delete_messages] [Could not delete message: %s]" %
(user.id, str(e)))
fMessages.append("Could not delete message: %s" % str(e))
def delete_roles(self, roleIds, format="json", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
try:
roleIds = split_list_sanitized(roleIds)
for roleId in roleIds:
try:
role = session.query(Role).filter(Role.id == roleId).one()
session.delete(role)
for flFile in session.query(File).filter(
File.role_owner_id == role.id):
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(
AuditLog(
user.id, Actions.DELETE_FILE,
"File %s (%s) owned by role %s has been deleted as a result of the role owner being deleted. "
% (flFile.name, flFile.id, role.id), "admin"))
session.add(
AuditLog(
user.id, Actions.DELETE_ROLE,
"%s deleted role \"%s\"(%s) from the system" %
(user.id, role.name, role.id), None))
sMessages.append("Successfully deleted roles%s." %
str(roleId))
except sqlalchemy.orm.exc.NoResultFound:
fMessages.append("The role ID: %s does not exist" %
str(roleId))
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error(
"[%s] [delete_roles] [Problem deleting roles: %s]" %
(user.id, str(e)))
fMessages.append("Problem deleting roles: %s" % str(e))
def delete_attribute_shares(self,
fileIds,
attributeId,
format="json",
**kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
try:
userShareableAttributes, permission = AccountService.get_shareable_attributes_by_user(
user), False
for attribute in userShareableAttributes:
if attributeId == attribute.id:
permission = True
break
if permission:
fileIdList = split_list_sanitized(fileIds)
for fileId in fileIdList:
share = session.query(AttributeShare).filter(
AttributeShare.attribute_id == attributeId
and AttributeShare.fileId == fileId).one()
session.delete(share)
sMessages.append(
"Successfully unshared file(s) with users having the %s attribute"
% attributeId)
else:
fMessages.append(
"You do not have permission to delete attribute shares for this attribute"
)
except Exception, e:
fMessages.append(str(e))
def delete_public_share(self, shareId, format="json", **kwargs):
user, role, sMessages, fMessages = (
cherrypy.session.get("user"), cherrypy.session.get("current_role"),
[], [])
shareId = strip_tags(shareId)
try:
ps = session.query(PublicShare).filter(
PublicShare.id == shareId).one()
if role is not None and ps.role_owner_id == role.id:
session.delete(ps)
session.add(
AuditLog(
user.id, Actions.DELETE_PUBLIC_SHARE,
"Role %s stopped sharing files publicly via URL using share ID: %s"
% (role.name, str(ps.id)), None, role.id))
session.commit()
sMessages.append("Successfully unshared files")
elif ps.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
session.delete(ps)
session.add(
AuditLog(
user.id, Actions.DELETE_PUBLIC_SHARE,
"You stopped sharing files publicly via URL using share ID: %s"
% str(ps.id)))
session.commit()
sMessages.append("Successfully unshared files")
else:
fMessages.append(
"You do not have permission to modify share ID: %s" %
str(ps.id))
except Exception, e:
fMessages.append(str(e))
def delete_user_shares(self, fileIds, userId, format="json"):
user, role, sMessages, fMessages = (
cherrypy.session.get("user"), cherrypy.session.get("current_role"),
[], [])
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
flFile = session.query(File).filter(File.id == fileId).one()
if (
role is not None and flFile.role_owner_id == role.id
) or flFile.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
ps = session.query(UserShare).filter(
and_(UserShare.user_id == userId,
UserShare.file_id == flFile.id)).scalar()
if ps is not None:
session.delete(ps)
session.add(
AuditLog(
user.id, Actions.DELETE_USER_SHARE,
"You stopped sharing file %s with %s" %
(flFile.name, userId), None,
role.id if role is not None else None))
session.commit()
sMessages.append("Share has been successfully deleted")
else:
fMessages.append("This share does not exist")
else:
fMessages.append(
"You do not have permission to modify shares for file with ID: %s"
% str(flFile.id))
except Exception, e:
session.rollback()
fMessages.append("Problem deleting share for file: %s" %
str(e))
def delete_files(self, fileIds, format="json", requestOrigin="", **kwargs):
user, role, sMessages, fMessages = (cherrypy.session.get("user"),cherrypy.session.get("current_role"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
fileId = int(fileId)
flFile = session.query(File).filter(File.id == fileId).one()
if flFile.role_owner_id is not None and role is not None and flFile.role_owner_id == role.id:
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted by user %s. " % (flFile.name, flFile.id, role.name, user.id)))
session.commit()
sMessages.append("File %s deleted successfully" % flFile.name)
elif flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) has been deleted" % (flFile.name, flFile.id)))
session.commit()
sMessages.append("File %s deleted successfully" % flFile.name)
else:
fMessages.append("You do not have permission to delete file %s" % flFile.name)
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find file with ID: %s" % str(fileId))
except Exception, e:
session.rollback()
cherrypy.log.error("[%s] [delete_files] [Could not delete file: %s]" % (user.id, str(e)))
fMessages.append("File not deleted: %s" % str(e))
def purge_expired_nodes():
# Clean node table, check for master, if none run election
expirationTime = datetime.datetime.now() - datetime.timedelta(minutes=5)
expiredNodes = session.query(ClusterNode).filter(ClusterNode.last_seen_timestamp < expirationTime).all()
for node in expiredNodes:
session.delete(node)
session.commit()
def routine_maintenance(config):
from lib import AccountService
expiredFiles = session.query(File).filter(File.date_expires < datetime.datetime.now())
for flFile in expiredFiles:
try:
for share in flFile.user_shares:
session.delete(share)
for share in flFile.group_shares:
session.delete(share)
for share in flFile.public_shares:
session.delete(share)
for share in flFile.attribute_shares:
session.delete(share)
FileService.queue_for_deletion(flFile.id)
session.add(
AuditLog(
"admin",
Actions.DELETE_FILE,
"File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id),
flFile.owner_id,
)
)
session.delete(flFile)
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e))
def secure_delete(config, fileName):
import errno
vault = config['filelocker']['vault']
deleteConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('delete_%')).all())
deleteCommand = deleteConfig['delete_command']
deleteArguments = deleteConfig['delete_arguments']
deleteList = [deleteCommand]
for argument in deleteArguments.split(" "):
deleteList.append(argument)
deleteList.append(os.path.join(vault,fileName))
try:
p = subprocess.Popen(deleteList, stdout=subprocess.PIPE)
output = p.communicate()[0]
if(p.returncode != 0):
cherrypy.log.error("[%s] [secure_delete] [The command to delete the file returned a failure code of %s: %s]" % ("admin", p.returncode, output))
else:
deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileName).scalar()
if deletedFile is not None:
session.delete(deletedFile)
session.commit()
except OSError, oe:
if oe.errno == errno.ENOENT:
cherrypy.log.error("[admin] [secure_delete] [Couldn't delete because the file was not found (dequeing): %s]" % str(oe))
deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileName).scalar()
if deletedFile is not None:
session.delete(deletedFile)
session.commit()
else:
cherrypy.log.error("[admin] [secure_delete] [Generic system error while deleting file: %s" % str(oe))
def routine_maintenance(config):
from lib import AccountService
expiredFiles = session.query(File).filter(
File.date_expires < datetime.datetime.now())
for flFile in expiredFiles:
try:
for share in flFile.user_shares:
session.delete(share)
for share in flFile.group_shares:
session.delete(share)
for share in flFile.public_shares:
session.delete(share)
for share in flFile.attribute_shares:
session.delete(share)
FileService.queue_for_deletion(flFile.id)
session.add(
AuditLog(
"admin", Actions.DELETE_FILE,
"File %s (ID:%s) has expired and has been purged by the system."
% (flFile.name, flFile.id), flFile.owner_id))
session.delete(flFile)
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error(
"[system] [routine_maintenance] [Error while deleting expired file: %s]"
% str(e))
def purge_expired_nodes():
#Clean node table, check for master, if none run election
expirationTime = datetime.datetime.now() - datetime.timedelta(minutes=5)
expiredNodes = session.query(ClusterNode).filter(
ClusterNode.last_seen_timestamp < expirationTime).all()
for node in expiredNodes:
session.delete(node)
session.commit()
def cluster_elections(config):
try:
currentNodeId = int(config["filelocker"]["cluster_member_id"])
currentNode = session.query(ClusterNode).filter(ClusterNode.member_id == currentNodeId).scalar()
if currentNode is None: # This node isn't in the DB yet, check in
import socket
currentNode = ClusterNode(
member_id=currentNodeId,
hostname=socket.gethostname(),
is_master=False,
last_seen_timestamp=datetime.datetime.now(),
)
session.add(currentNode)
session.commit()
else: # In the DB, update last seen to avoid purging
currentNode.last_seen_timestamp = datetime.datetime.now()
session.commit()
currentMaster = session.query(ClusterNode).filter(ClusterNode.is_master == True).scalar()
# If this is default master node and another node has assumed master, reset and force election
if currentNodeId == 0 and currentNode.is_master == False and currentMaster is not None:
for node in session.query(ClusterNode).all():
node.is_master = False
session.commit()
# This isn't the default master, there is one, but it's expired
elif currentMaster is not None and currentMaster.last_seen_timestamp < datetime.datetime.now() - datetime.timedelta(
minutes=5
): # master is expired
session.delete(currentMaster)
session.commit()
# No master, hold election
elif currentMaster is None: # No master nodes found, become master if eligible
purge_expired_nodes()
highestPriority = currentNode.member_id
for node in session.query(ClusterNode).all():
if node.member_id < highestPriority:
highestPriority = node.member_id
break
if (
highestPriority == currentNode.member_id
): # Current node has lowest node id, thus highest priority, assume master
currentNode.is_master = True
session.commit()
return True
except sqlalchemy.orm.exc.ConcurrentModificationError, cme:
cherrypy.log.error(
"[system] [cluster_elections] [Concurrency error during elections. This can occur if locks on the DB inhibit normal cluster elections. If this error occurs infrequently, it can usually be disregarded. Full Error: %s]"
% str(cme)
)
session.rollback()
return False
def delete_files(self, fileIds, format="json", requestOrigin="", **kwargs):
user, role, sMessages, fMessages = (
cherrypy.session.get("user"), cherrypy.session.get("current_role"),
[], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
fileId = int(fileId)
flFile = session.query(File).filter(
File.id == fileId).one()
if flFile.role_owner_id is not None and role is not None and flFile.role_owner_id == role.id:
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(
AuditLog(
user.id, Actions.DELETE_FILE,
"File %s (%s) owned by role %s has been deleted by user %s. "
%
(flFile.name, flFile.id, role.name, user.id)))
session.commit()
sMessages.append("File %s deleted successfully" %
flFile.name)
elif flFile.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(
AuditLog(
user.id, Actions.DELETE_FILE,
"File %s (%s) has been deleted" %
(flFile.name, flFile.id)))
session.commit()
sMessages.append("File %s deleted successfully" %
flFile.name)
else:
fMessages.append(
"You do not have permission to delete file %s" %
flFile.name)
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find file with ID: %s" %
str(fileId))
except Exception, e:
session.rollback()
cherrypy.log.error(
"[%s] [delete_files] [Could not delete file: %s]" %
(user.id, str(e)))
fMessages.append("File not deleted: %s" % str(e))
def delete_message_shares(self, messageIds, format="json", **kwargs):
user, sMessages, fMessages = cherrypy.session.get("user"), [], []
try:
messageIdList = split_list_sanitized(messageIds)
for messageId in messageIdList:
rMessage = session.query(MessageShare).filter(MessageShare.message_id==messageId).one()
if rMessage.recipient_id == user.id or rMessage.message.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(rMessage)
else:
fMessages.append("You do not have permission to delete message with ID: %s" % messageId)
session.commit()
sMessages.append("Message(s) deleted")
except Exception, e:
cherrypy.log.error("[%s] [delete_message_shares] [Could not delete received message: %s]" % (user.id, str(e)))
fMessages.append("Could not delete received message: %s" % str(e))
def cluster_elections(config):
try:
currentNodeId = int(config['filelocker']['cluster_member_id'])
currentNode = session.query(ClusterNode).filter(
ClusterNode.member_id == currentNodeId).scalar()
if currentNode is None: #This node isn't in the DB yet, check in
import socket
currentNode = ClusterNode(
member_id=currentNodeId,
hostname=socket.gethostname(),
is_master=False,
last_seen_timestamp=datetime.datetime.now())
session.add(currentNode)
session.commit()
else: #In the DB, update last seen to avoid purging
currentNode.last_seen_timestamp = datetime.datetime.now()
session.commit()
currentMaster = session.query(ClusterNode).filter(
ClusterNode.is_master == True).scalar()
#If this is default master node and another node has assumed master, reset and force election
if currentNodeId == 0 and currentNode.is_master == False and currentMaster is not None:
for node in session.query(ClusterNode).all():
node.is_master = False
session.commit()
#This isn't the default master, there is one, but it's expired
elif currentMaster is not None and currentMaster.last_seen_timestamp < datetime.datetime.now(
) - datetime.timedelta(minutes=5): #master is expired
session.delete(currentMaster)
session.commit()
#No master, hold election
elif currentMaster is None: #No master nodes found, become master if eligible
purge_expired_nodes()
highestPriority = currentNode.member_id
for node in session.query(ClusterNode).all():
if node.member_id < highestPriority:
highestPriority = node.member_id
break
if highestPriority == currentNode.member_id: #Current node has lowest node id, thus highest priority, assume master
currentNode.is_master = True
session.commit()
return True
except sqlalchemy.orm.exc.ConcurrentModificationError, cme:
cherrypy.log.error(
"[system] [cluster_elections] [Concurrency error during elections. This can occur if locks on the DB inhibit normal cluster elections. If this error occurs infrequently, it can usually be disregarded. Full Error: %s]"
% str(cme))
session.rollback()
return False
def delete_upload_request(self, ticketId, format="json", requestOrigin=""):
user, sMessages, fMessages = cherrypy.session.get("user"), [], []
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
ticketId = strip_tags(ticketId)
uploadRequest = session.query(UploadRequest).filter(UploadRequest.id == ticketId).one()
if uploadRequest.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(uploadRequest)
session.add(AuditLog(user.id, Actions.DELETE_UPLOAD_REQUEST, "You deleted an upload request with ID: %s" % uploadRequest.id))
session.commit()
sMessages.append("Upload request deleted")
else:
fMessages.append("You do not have permission to delete this upload request")
except Exception, e:
fMessages.append(str(e))
def delete_messages(self, messageIds, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = cherrypy.session.get("user"), [], []
if requestOrigin != cherrypy.session["request-origin"]:
fMessages.append("Missing request key!!")
else:
try:
messageIdList = split_list_sanitized(messageIds)
for messageId in messageIdList:
message = session.query(Message).filter(Message.id == messageId).scalar()
if message.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(message)
else:
fMessages.append("You do not have permission to delete message with ID: %s" % messageId)
session.commit()
sMessages.append("Message(s) deleted")
except Exception, e:
cherrypy.log.error("[%s] [delete_messages] [Could not delete message: %s]" % (user.id, str(e)))
fMessages.append("Could not delete message: %s" % str(e))
def delete_attributes(self, attributeIds, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
attributeIdList = split_list_sanitized(attributeIds)
for attributeId in attributeIdList:
try:
delAttribute = session.query(Attribute).filter(Attribute.id==attributeId).one()
session.delete(delAttribute)
sMessages.append("Successfully deleted attribute: %s" % attributeId)
except sqlalchemy.orm.exc.NoResultFound:
fMessages.append("Attribute with ID: %s does not exist" % str(attributeId))
session.commit()
except Exception, e:
cherrypy.log.error("[%s] [delete_attributes] [Could not delete attributes: %s]" % (user.id, str(e)))
fMessages.append("Unable to delete attribute: %s" % str(e))
def delete_clikey(self, hostIPv4, hostIPv6, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
clikey = session.query(CLIKey).filter(CLIKey.host_ipv4==hostIPv4).filter(CLIKey.host_ipv6==hostIPv6).one()
if clikey.user_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(clikey)
sMessages.append("Key %s deleted successfully" % clikey.value)
session.add(AuditLog(user.id, Actions.DELETE_CLIKEY, "%s deleted CLI Key for host: %s%s" % (user.id, hostIPv4, hostIPv6)))
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find key for host: %s%s" % str(hostIPv4), str(hostIPv6))
session.commit()
except Exception, e:
session.rollback()
fMessages.append("Could not delete Key: %s" % str(e))
cherrypy.log.error("[%s] [delete_clikey] [Could not delete key: %s]" % (user.id, str(e)))
def delete_group_shares(self, fileIds, groupId, format="json"):
user, role, sMessages, fMessages = (
cherrypy.session.get("user"), cherrypy.session.get("current_role"),
[], [])
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
group = session.query(Group).filter(Group.id == groupId).one()
if (
role is not None and group.role_owner_id == role.id
) or group.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
flFile = session.query(File).filter(
File.id == fileId).one()
if (
role is not None
and flFile.role_owner_id == role.id
) or flFile.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
share = session.query(GroupShare).filter(
GroupShare.group_id == groupId
and GroupShare.file_id == flFile.id).scalar()
if share is not None:
session.delete(share)
session.add(
AuditLog(
user.id, Actions.DELETE_GROUP_SHARE,
"You stopped sharing file %s with group %s"
% (flFile.name, group.name), None,
role.id if role is not None else None))
session.commit()
else:
fMessages.append(
"You do not have permission to modify shares for file with ID: %s"
% str(flFile.id))
else:
fMessages.append(
"You do not have permission delete shares with this group"
)
except Exception, e:
session.rollback()
fMessages.append("Problem deleting share for file: %s" %
str(e))
def file_download_complete(user, fileId, publicShareId=None):
config = cherrypy.request.app.config['filelocker']
try:
role = None
if cherrypy.session.has_key("current_role"):
role = cherrypy.session.get("current_role")
flFile = session.query(File).filter(File.id==fileId).one()
if ((role is not None and flFile.role_owner_id != role.id) or user is None or user.id != flFile.owner_id) and flFile.notify_on_download and publicShareId is None:
ownerName = "Unknown"
try:
owner = None
if role is not None: owner = session.query(User).filter(User.id==flFile.role_owner_id).one()
else: owner = session.query(User).filter(User.id==flFile.owner_id).one()
ownerName = owner.id
if owner.email is not None and owner.email != "":
orgConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('org_%')).all())
Mail.notify(get_template_file('download_notification.tmpl'),{'sender': None, 'recipient': owner.email, 'fileName': flFile.name, 'downloadUserId': user.id, 'downloadUserName': user.display_name, 'filelockerURL': config['root_url'], 'org_url': orgConfig['org_url'], 'org_name': orgConfig['org_name']})
except Exception, e:
cherrypy.log.error("[%s] [file_download_complete] [Unable to notify user %s of download completion: %s]" % (user.id, ownerName, str(e)))
if publicShareId is not None:
publicShare = session.query(PublicShare).filter(PublicShare.id == publicShareId).one()
session.add(AuditLog(flFile.owner_id, "Download File", "File %s downloaded via Public Share. " % str(flFile.name), None, flFile.role_owner_id, flFile.id))
if flFile.notify_on_download:
try:
owner = None
if role is not None: owner = session.query(User).filter(User.id==flFile.role_owner_id).one()
else: owner = session.query(User).filter(User.id==flFile.owner_id).one()
if owner.email is not None and owner.email != "":
orgConfig = get_config_dict_from_objects(session.query(ConfigParameter).filter(ConfigParameter.name.like('org_%')).all())
Mail.notify(get_template_file('public_download_notification.tmpl'),{'sender': None, 'recipient': owner.email, 'fileName': flFile.name, 'filelockerURL': config['root_url'], 'org_url': orgConfig['org_url'], 'org_name': orgConfig['org_name']})
except Exception, e:
cherrypy.log.error("[%s] [file_download_complete] [(2)Unable to notify user %s of download completion: %s]" % ("admin", owner.id, str(e)))
if publicShare.reuse == "single":
publicShare.files.remove(flFile)
session.commit()
publicShare = session.query(PublicShare).filter(PublicShare.id == publicShare.id).one()
if len(publicShare.files) == 0:
session.delete(publicShare)
session.add(AuditLog(flFile.owner_id, "Delete Public Share", "File %s (%s) downloaded via single use public share. File is no longer publicly shared." % (flFile.name, flFile.id), None, flFile.role_owner_id, flFile.id))
session.commit()
def delete_groups(self, groupIds, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
groupIds = split_list_sanitized(groupIds)
for groupId in groupIds:
try:
group = session.query(Group).filter(Group.id==groupId).one()
if group.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(group)
sMessages.append("Group %s deleted successfully" % group.name)
session.add(AuditLog(user.id, Actions.DELETE_GROUP, "%s deleted group \"%s\"(%s)" % (user.id, group.name, group.id), None))
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find group with ID: %s" % str(groupId))
session.commit()
except Exception, e:
session.rollback()
fMessages.append("Could not delete groups: %s" % str(e))
cherrypy.log.error("[%s] [remove_users_from_group] [Could not delete groups: %s]" % (user.id, str(e)))
def delete_attribute_shares(self, fileIds, attributeId, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
userShareableAttributes, permission = AccountService.get_shareable_attributes_by_user(user), False
for attribute in userShareableAttributes:
if attributeId == attribute.id:
permission = True
break
if permission:
fileIdList = split_list_sanitized(fileIds)
for fileId in fileIdList:
share = session.query(AttributeShare).filter(AttributeShare.attribute_id==attributeId and AttributeShare.fileId==fileId).one()
session.delete(share)
sMessages.append("Successfully unshared file(s) with users having the %s attribute" % attributeId)
else:
fMessages.append("You do not have permission to delete attribute shares for this attribute")
except Exception, e:
fMessages.append(str(e))
def delete_public_share(self, shareId, format="json", requestOrigin="", **kwargs):
user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
shareId = strip_tags(shareId)
try:
ps = session.query(PublicShare).filter(PublicShare.id == shareId).one()
if role is not None and ps.role_owner_id == role.id:
session.delete(ps)
session.add(AuditLog(user.id, Actions.DELETE_PUBLIC_SHARE, "Role %s stopped sharing files publicly via URL using share ID: %s" % (role.name, str(ps.id)), None, role.id))
session.commit()
sMessages.append("Successfully unshared files")
elif ps.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
session.delete(ps)
session.add(AuditLog(user.id, Actions.DELETE_PUBLIC_SHARE, "You stopped sharing files publicly via URL using share ID: %s" % str(ps.id)))
session.commit()
sMessages.append("Successfully unshared files")
else:
fMessages.append("You do not have permission to modify share ID: %s" % str(ps.id))
except Exception, e:
fMessages.append(str(e))
def process_deletion_queue(config):
vault = config['filelocker']['vault']
fileRows = session.query(DeletedFile.file_name).all()
for fileRow in fileRows:
try:
if os.path.isfile(os.path.join(vault, fileRow.file_name)):
secure_delete(config, fileRow.file_name)
if not os.path.isfile(os.path.join(vault, fileRow.file_name)):
deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileRow.file_name).scalar()
if deletedFile is not None:
session.delete(deletedFile)
session.commit()
else:
pass
#This isn't necessarily an error, it just means that the file finally got deleted
else:
deletedFile = session.query(DeletedFile).filter(DeletedFile.file_name==fileRow.file_name).scalar()
if deletedFile is not None:
session.delete(deletedFile)
session.commit()
except Exception, e:
cherrypy.log.error("[system] [processDeletionQueue] [Couldn't delete file in deletion queue: %s]" % str(e))
def delete_groups(self, groupIds, format="json", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
try:
groupIds = split_list_sanitized(groupIds)
for groupId in groupIds:
try:
group = session.query(Group).filter(
Group.id == groupId).one()
if group.owner_id == user.id or AccountService.user_has_permission(
user, "admin"):
session.delete(group)
sMessages.append("Group %s deleted successfully" %
group.name)
session.add(
AuditLog(
user.id, Actions.DELETE_GROUP,
"%s deleted group \"%s\"(%s)" %
(user.id, group.name, group.id), None))
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find group with ID: %s" %
str(groupId))
session.commit()
def delete_user_shares(self, fileIds, userId, format="json", requestOrigin=""):
user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
flFile = session.query(File).filter(File.id==fileId).one()
if (role is not None and flFile.role_owner_id == role.id) or flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
ps = session.query(UserShare).filter(and_(UserShare.user_id == userId, UserShare.file_id == flFile.id)).scalar()
if ps is not None:
session.delete(ps)
session.add(AuditLog(user.id, Actions.DELETE_USER_SHARE, "You stopped sharing file %s with %s" % (flFile.name, userId), None, role.id if role is not None else None))
session.commit()
sMessages.append("Share has been successfully deleted")
else:
fMessages.append("This share does not exist")
else:
fMessages.append("You do not have permission to modify shares for file with ID: %s" % str(flFile.id))
except Exception, e:
session.rollback()
fMessages.append("Problem deleting share for file: %s" % str(e))
def delete_group_shares(self, fileIds, groupId, format="json", requestOrigin=""):
user, role, sMessages, fMessages = (cherrypy.session.get("user"), cherrypy.session.get("current_role"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
fileIds = split_list_sanitized(fileIds)
for fileId in fileIds:
try:
group = session.query(Group).filter(Group.id==groupId).one()
if (role is not None and group.role_owner_id == role.id) or group.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
flFile = session.query(File).filter(File.id==fileId).one()
if (role is not None and flFile.role_owner_id == role.id) or flFile.owner_id == user.id or AccountService.user_has_permission(user, "admin"):
share = session.query(GroupShare).filter(GroupShare.group_id == groupId and GroupShare.file_id == flFile.id).scalar()
if share is not None:
session.delete(share)
session.add(AuditLog(user.id, Actions.DELETE_GROUP_SHARE, "You stopped sharing file %s with group %s" % (flFile.name, group.name), None, role.id if role is not None else None))
session.commit()
else:
fMessages.append("You do not have permission to modify shares for file with ID: %s" % str(flFile.id))
else:
fMessages.append("You do not have permission delete shares with this group")
except Exception, e:
session.rollback()
fMessages.append("Problem deleting share for file: %s" % str(e))
def delete_roles(self, roleIds, format="json", requestOrigin="", **kwargs):
user, sMessages, fMessages = (cherrypy.session.get("user"), [], [])
if requestOrigin != cherrypy.session['request-origin']:
fMessages.append("Missing request key!!")
else:
try:
roleIds = split_list_sanitized(roleIds)
for roleId in roleIds:
try:
role = session.query(Role).filter(Role.id == roleId).one()
session.delete(role)
for flFile in session.query(File).filter(File.role_owner_id == role.id):
FileService.queue_for_deletion(flFile.id)
session.delete(flFile)
session.add(AuditLog(user.id, Actions.DELETE_FILE, "File %s (%s) owned by role %s has been deleted as a result of the role owner being deleted. " % (flFile.name, flFile.id, role.id), "admin"))
session.add(AuditLog(user.id, Actions.DELETE_ROLE, "%s deleted role \"%s\"(%s) from the system" % (user.id, role.name, role.id), None))
sMessages.append("Successfully deleted roles%s." % str(roleId))
except sqlalchemy.orm.exc.NoResultFound:
fMessages.append("The role ID: %s does not exist" % str(roleId))
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error("[%s] [delete_roles] [Problem deleting roles: %s]" % (user.id, str(e)))
fMessages.append("Problem deleting roles: %s" % str(e))
AuditLog(
"admin",
Actions.DELETE_FILE,
"File %s (ID:%s) has expired and has been purged by the system." % (flFile.name, flFile.id),
flFile.owner_id,
)
)
session.delete(flFile)
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired file: %s]" % str(e))
expiredMessages = session.query(Message).filter(Message.date_expires < datetime.datetime.now())
for message in expiredMessages:
try:
session.delete(message)
FileService.queue_for_deletion("m%s" % str(message.id))
session.add(
AuditLog(
"admin",
Actions.DELETE_MESSAGE,
"Message %s (ID:%s) has expired and has been deleted by the system."
% (message.messageSubject, message.messageId),
message.owner_id,
)
)
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error("[system] [routine_maintenance] [Error while deleting expired message: %s]" % str(e))
expiredUploadRequests = session.query(UploadRequest).filter(UploadRequest.date_expires < datetime.datetime.now())
AuditLog(
"admin", Actions.DELETE_FILE,
"File %s (ID:%s) has expired and has been purged by the system."
% (flFile.name, flFile.id), flFile.owner_id))
session.delete(flFile)
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error(
"[system] [routine_maintenance] [Error while deleting expired file: %s]"
% str(e))
expiredMessages = session.query(Message).filter(
Message.date_expires < datetime.datetime.now())
for message in expiredMessages:
try:
session.delete(message)
FileService.queue_for_deletion("m%s" % str(message.id))
session.add(
AuditLog(
"admin", Actions.DELETE_MESSAGE,
"Message %s (ID:%s) has expired and has been deleted by the system."
% (message.messageSubject, message.messageId),
message.owner_id))
session.commit()
except Exception, e:
session.rollback()
cherrypy.log.error(
"[system] [routine_maintenance] [Error while deleting expired message: %s]"
% str(e))
expiredUploadRequests = session.query(UploadRequest).filter(
UploadRequest.date_expires < datetime.datetime.now())
#Check in the file
try:
FileService.check_in_file(tempFileName, newFile)
#If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded
if uploadRequest is not None:
if uploadRequest.type == "single":
session.add(
AuditLog(
cherrypy.request.remote.ip,
Actions.UPLOAD_REQUEST_FULFILLED,
"File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired."
% (newFile.name), uploadRequest.owner_id))
attachedUploadRequest = session.query(
UploadRequest).filter(
UploadRequest.id == uploadRequest.id).one()
session.delete(attachedUploadRequest)
cherrypy.session['uploadRequest'].expired = True
else:
session.add(
AuditLog(
cherrypy.request.remote.ip,
Actions.UPLOAD_REQUEST_FULFILLED,
"File %s has been uploaded by an external user to your Filelocker account."
% (newFile.name), uploadRequest.owner_id))
checkInLog = AuditLog(
user.id, Actions.UPLOAD,
"File %s (%s) checked in to Filelocker: MD5 %s " %
(newFile.name, newFile.id, newFile.md5))
if role is not None:
checkInLog.affected_role_id = role.id
session.add(checkInLog)
if cherrypy.file_uploads.has_key(uploadKey):
for fileTransfer in cherrypy.file_uploads[uploadKey]:
if fileTransfer.file_object.name == upFile.file_object.name:
fileTransfer.status = "Scanning and Encrypting" if scanFile else "Encrypting"
#Check in the file
try:
FileService.check_in_file(tempFileName, newFile)
### Moved to check_in_file so the record can be trashed if virus scan fails
#session.add(newFile)
#session.commit()
#If this is an upload request, check to see if it's a single use request and nullify the ticket if so, now that the file has been successfully uploaded
if uploadRequest is not None:
if uploadRequest.type == "single":
session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account. This was a single user request and the request has now expired." % (newFile.name), uploadRequest.owner_id))
attachedUploadRequest = session.query(UploadRequest).filter(UploadRequest.id == uploadRequest.id).one()
session.delete(attachedUploadRequest)
cherrypy.session['uploadRequest'].expired = True
else:
session.add(AuditLog(Filelocker.get_client_address(), Actions.UPLOAD_REQUEST_FULFILLED, "File %s has been uploaded by an external user to your Filelocker account." % (newFile.name), uploadRequest.owner_id))
checkInLog = AuditLog(user.id, Actions.UPLOAD, "File %s (%s) checked in to Filelocker: MD5 %s " % (newFile.name, newFile.id, newFile.md5))
if role is not None:
checkInLog.affected_role_id = role.id
session.add(checkInLog)
sMessages.append("File %s uploaded successfully." % str(fileName))
session.commit()
except sqlalchemy.orm.exc.NoResultFound, nrf:
fMessages.append("Could not find upload request with ID: %s" % str(uploadRequest.id))
except Exception, e:
cherrypy.log.error("[%s] [upload] [Couldn't check in file: %s]" % (user.id, str(e)))
fMessages.append("File couldn't be checked in to the file repository: %s" % str(e))
upFile.file_object.close()
