def user_exists(self, username):
# FIXME: this isn't supported in SQLite, for example
# need better abstraction?
username = validate_username(username, self.RESERVED_USERNAMES)
# usename, not username!
sql = ("SELECT usename FROM pg_catalog.pg_user "
"WHERE usename = '%s'" % username)
result = self.session_auto.execute(sql).scalar() or False
return bool(result)
def user_exists(self, username):
# FIXME: this isn't supported in SQLite, for example
# need better abstraction?
username = validate_username(username, self.RESERVED_USERNAMES)
# usename, not username!
sql = ("SELECT usename FROM pg_catalog.pg_user "
"WHERE usename = '%s'" % username)
result = self.session_auto.execute(sql).scalar() or False
return bool(result)
def test_validate_username():
from metrique.utils import validate_username
restricted = ['admin']
ok = 'helloworld'
OK = 'HELLOWORLD'
BAD1 = '1'
BAD2 = None
BAD3 = 'admin'
assert validate_username(ok) == ok
assert validate_username(OK) == ok
for bad in (BAD1, BAD2, BAD3):
try:
validate_username(bad, restricted_names=restricted)
except (ValueError, TypeError):
pass
else:
assert False, "Validated invalid username"
def test_validate_username():
from metrique.utils import validate_username
restricted = ['admin']
ok = 'helloworld'
OK = 'HELLOWORLD'
BAD1 = '1'
BAD2 = None
BAD3 = 'admin'
assert validate_username(ok) == ok
assert validate_username(OK) == ok
for bad in (BAD1, BAD2, BAD3):
try:
validate_username(bad, restricted_names=restricted)
except (ValueError, TypeError):
pass
else:
assert False, "Validated invalid username"
def share(self, with_user, roles=None, table=None):
'''
Give cube access rights to another user
Not, this method is NOT supported by SQLite3!
'''
table = self.get_table(table)
is_true(table is not None, 'invalid table: %s' % table)
with_user = validate_username(with_user)
roles = roles or ['SELECT']
roles = validate_roles(roles, self.VALID_SHARE_ROLES)
roles = list2str(roles)
logger.info('Sharing cube %s with %s (%s)' % (table, with_user, roles))
sql = 'GRANT %s ON %s TO %s' % (roles, table, with_user)
return self.session_auto.execute(sql)
def share(self, with_user, roles=None, table=None):
'''
Give cube access rights to another user
Not, this method is NOT supported by SQLite3!
'''
table = self.get_table(table)
is_true(table is not None, 'invalid table: %s' % table)
with_user = validate_username(with_user)
roles = roles or ['SELECT']
roles = validate_roles(roles, self.VALID_SHARE_ROLES)
roles = list2str(roles)
logger.info('Sharing cube %s with %s (%s)' % (table, with_user, roles))
sql = 'GRANT %s ON %s TO %s' % (roles, table, with_user)
return self.session_auto.execute(sql)
def user_register(self, username, password):
# FIXME: enable setting roles at creation time...
is_true(bool(username and password), 'username and password required!')
u = validate_username(username, self.RESERVED_USERNAMES)
p = validate_password(password)
logger.info('Registering new user %s' % u)
# FIXME: make a generic method which runs list of sql statements
s_u = "CREATE USER %s WITH PASSWORD '%s';" % (u, p)
s_db = "CREATE DATABASE %s WITH OWNER %s;" % (u, u)
cnx = self.engine.connect()
# can't run in a transaction...
cnx.connection.set_isolation_level(0)
if not self.user_exists(username):
cnx.execute(s_u)
logger.info('User created: %s' % u)
else:
logger.info('User exists: %s' % u)
if not self.db_exists(u):
cnx.execute(s_db)
logger.info('DB created: %s' % u)
else:
logger.info('DB exists: %s' % u)
def user_register(self, username, password):
# FIXME: enable setting roles at creation time...
is_true(bool(username and password), 'username and password required!')
u = validate_username(username, self.RESERVED_USERNAMES)
p = validate_password(password)
logger.info('Registering new user %s' % u)
# FIXME: make a generic method which runs list of sql statements
s_u = "CREATE USER %s WITH PASSWORD '%s';" % (u, p)
s_db = "CREATE DATABASE %s WITH OWNER %s;" % (u, u)
cnx = self.engine.connect()
# can't run in a transaction...
cnx.connection.set_isolation_level(0)
if not self.user_exists(username):
cnx.execute(s_u)
logger.info('User created: %s' % u)
else:
logger.info('User exists: %s' % u)
if not self.db_exists(u):
cnx.execute(s_db)
logger.info('DB created: %s' % u)
else:
logger.info('DB exists: %s' % u)
