def del_asset(): """Delete asset""" # Target asset asset_id = CTK.request.url.split('/')[-1] try: asset_id = __check_asset_id(asset_id) asset = Asset (asset_id) if not asset['id']: return CTK.HTTP_Redir('/') except: return CTK.HTTP_Redir('/') # Authentication fail_admin = Auth.assert_is_role (Role.ROLE_ADMIN) user_id = Auth.get_user_id() is_creator = (asset['creator_id'] == user_id) if fail_admin and not is_creator: return fail_admin op = OpAsset (asset) result = op.delete() if result['ret'] == False: return default() if result['type'] == 'total': return CTK.HTTP_Redir(LOCATION) return default (ERROR_IN_USE)
def publish_asset_apply (): # Authentication fail = Auth.assert_is_role (Role.ROLE_PUBLISHER) if fail: return fail acl = ACL() ret = [] for key in CTK.post: if not key.startswith('published_'): continue flag = int(CTK.post[key]) asset_id = key[len('published_'):] asset = Asset(asset_id) if asset['published_flag'] == flag: continue asset['published_flag'] = flag asset['publisher_id'] = Auth.get_user_id() asset['date_available'] = "CURRENT_TIMESTAMP()" op = OpAsset(asset) ret.append(op.update()) if ret[-1] == False: break if asset['published_flag']: acl.set_published_asset_acl(asset, True) else: acl.set_published_asset_acl(asset, False) if False in ret: return {'ret': "error"} return {'ret': "ok"}
def apply_acl (): # Add a new entry c_type = CTK.post.pop('type') c_id = CTK.post.pop('id') if c_type == 'asset': content = Asset.Asset(c_id) elif c_type == 'collection': content = Collection.Collection(c_id) else: return {'ret':'fail'} try: Auth.check_if_authorized(content) except Error.Unauthorized: return {'ret': 'fail'} ace = {} for key in CTK.post: if CTK.post[key] != 'None': ace[key] = CTK.post[key] acl = ACL() acl.add(content,ace) return {'ret': 'ok'}
def _get_owner_email (self, asset): user_id = asset['publisher_id'] if not user_id: return user_name = Auth.get_user_name (user_id) user = Auth.get_user (user_name) return user['email']
def __init__ (self, content): CTK.Container.__init__ (self) Auth.check_if_authorized (content) c_id, c_type = get_id_and_type (content) # List current ones refresh = CTK.Refreshable({'id': 'acl_%s' % content['id']}) refresh.register (lambda: ACLTable(refresh, content).Render()) self += CTK.RawHTML ("<h2>%s Permisos asociados</h2>" % BACK_LINK) self += refresh
def GET(self): if( web.ctx.session.loggedIn == 1 ): p1 = Party('1', 'Steve Party') p2 = Party('2', 'Kurtis Party') parray = list() parray.append(p1) parray.append(p2) web.header('Content-Type', 'application/json') return json.dumps(parray, cls=PartyJSONEncoder) else: Auth.doUnAuth('Getting parties') return None
def GET(self): if( web.ctx.session.loggedIn == 1 and web.ctx.session.loggedIn != Party.INVALID_PARTY_ID ): data = web.input() db = MahData.getDBConnection() results = db.select('main_playlist_view') parray = getArrayFromResults(results) web.header('Content-Type', 'application/json') return json.dumps(parray, cls=PlaylistJSONEncoder) else: Auth.doUnAuth('Getting playlist')
def Add (self, content): c_types = ['collection', 'asset'] c_type = c_types[isinstance (content, Asset.Asset)] c_id = '%s=%s' % (c_type[0], str(content['id'])) link = LINK_HREF % ("%s/meta/%s" %(LOCATION,c_id),'Metadatos') links = [CTK.RawHTML(link)] try: Auth.check_if_authorized (content) link = LINK_HREF % ("/acl/%s/%d" % (c_type, content['id']), 'Permisos') links.append(CTK.RawHTML(link)) except Error.Unauthorized: pass if c_id[0] == 'c': link = LINK_HREF % ("%s/view/%s" % (LOCATION, c_id), 'Ver') links.append(CTK.RawHTML(link)) elif c_id[0] == 'a': if content['attachment']: if not content._file['queue_flag']: if self._has_valid_attachment (content): links = links + self._get_attachment_links(content, c_id) else: # Error notice dialog = CTK.Dialog ({'title': 'Activo #%d corrupto'%content['id'], 'autoOpen': False}) dialog += CTK.RawHTML (FAULTY_NOTE) dialog.AddButton ('Cerrar', "close") link = LINK_JS_ON_CLICK %(dialog.JS_to_show(), FAULTY_LINK) self += dialog links.append(CTK.RawHTML(link)) else: # Transcoding notice dialog = CTK.Dialog ({'title': 'Procesando #%d...'%content['id'], 'autoOpen': False}) dialog += CTK.RawHTML (TRANSCODING_NOTE) dialog.AddButton ('Cerrar', "close") link = LINK_JS_ON_CLICK %(dialog.JS_to_show(), TRANSCODING_LINK) self += dialog links.append(CTK.RawHTML(link)) links.append (self._get_bookmark_link (content['id'])) table = CTK.Table({'class':"abstract_actions"}) n = 1 for link in links: table[(n,1)] = link n+=1 self+= table
def POST(self): if( web.ctx.session.loggedIn == 1 and web.ctx.session.loggedIn != Party.INVALID_PARTY_ID ): db = MahData.getDBConnection() jsonSyncInfo = json.loads(web.input().syncinfo) serverClientMap = processSyncInfo(jsonSyncInfo, db) results = db.select('main_playlist_view') parray = getArrayFromResults(results) parray = addClientIds(parray, jsonSyncInfo['added']) web.header('Content-Type', 'application/json') return json.dumps(parray, cls=PlaylistJSONEncoder) else: Auth.doUnAuth('Syncing playlist')
def page_forbidden (limiter): # Authentication fail = Auth.assert_is_role (Role.ROLE_UPLOADER) if fail: return fail for key,value in limiter.limits.items(): if value==0: limiter.limits[key] = NO_LIMIT rows = [('Número de archivos', limiter.usage['files'], limiter.limits['files']), ('Total del sistema', limiter.usage['total'], limiter.limits['total']), ('Tamaño máximo de archivo', limiter.usage['size'], limiter.limits['size'])] header = ['Restricción', 'Uso', 'Límite'] table = CTK.Table() table[(1,1)] = [CTK.RawHTML(x) for x in header] table.set_header (row=True, num=1) for x in range(len(rows)): table[(x+2,1)] = [CTK.RawHTML (str(column)) for column in rows[x]] page = Page.Default() page += CTK.RawHTML ("<h1>%s: Subir ficheros</h1>" %(MENU_LINK)) page += CTK.RawHTML ("<h2>Se han excedido los límites</h2>") page += table return page.Render()
def scrape(partic_file='DataFiles/paricipants.txt'): participants=return_participants(file_path=partic_file) my_screenname='Auth_user' out_path='DataFiles/Tweets/' api=Auth.get_authentication(screen_name=my_screenname) max_twt_count=10 count=5 bb=0 for part in participants: counter=0 tweets=[] max_twt_id=None try: user_id=int(part) user=api.GetUser(user_id) tweets_count=user.statuses_count except twitter.TwitterError, ex: print ex.message continue threshold=min([max_twt_count,tweets_count]) while counter<threshold: try: temp=api.GetUserTimeline(user_id=user_id,max_id=max_twt_id,include_entities=True,count=count,include_rts=True) counter+=len(temp) tweets+=temp max_twt_id=return_maxID(tweets=temp) except twitter.TwitterError , ex: print ex.message break if max_twt_id==None: break
def publish_asset (perform = None): # Authentication fail = Auth.assert_is_role (Role.ROLE_PUBLISHER) if fail: return fail lookup = OpLookup() search = {'published_flag': 0, '__order__': 'type'} try: result = lookup(search) except: result = [] acl = ACL() result = acl.filter_assets ("ad" , result) contents = [(Asset, x) for x in result] page = Page.Default() page += CTK.RawHTML ("<h1>%s: Publicar activos</h1>" %(MENU_LINK)) pending = CTK.Container() if len(contents) == 0: pending += CTK.RawHTML ("<h2>No hay activos pendientes de publicación</h2>") else: pending += Paginate(contents, PublishWidget) if perform or perform == []: page += CTK.RawHTML ("<h2>Activos buscados</h2>") page += publish_get_custom (perform) tabs = CTK.Tab() tabs.Add ('Pendientes', pending) tabs.Add ('Búsqueda', WidgetLookup.get_fields_form(PUBLISH_LOOKUP)) page += tabs return page.Render()
def del_license(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Target license license_id = CTK.request.url.split('/')[-1] # Check whether it can be deleted q = "SELECT COUNT(*) as total FROM assets WHERE licenses_id = %(license_id)s;" %(locals()) re = Query(q) usage = re['total'][0] if usage != 0: subs = Util.get_es_substitutions (usage) msg = ("Imposible realizar la operación. La licencia está " "siendo usada por %(num)d activo%(s)s" % subs) return default (msg) # Delete q = "DELETE FROM licenses WHERE id = %(license_id)s;" %(locals()) ok = query_check_success (q) if not ok: return default ('No se pudo eliminar la licencia.') return default ()
def edit_format(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Table format_id = CTK.request.url.split('/')[-1] f = Format.get_format (format_id) lossy_dict = {'name': 'lossy_flag', 'checked': str(f['lossy_flag'])} table = CTK.PropsAuto ('%s/edit/apply'%LOCATION) table.AddConstant ('formatid', format_id) table.Add ('Formato', CTK.RawHTML(f['name']), 'Nombre del formato') table.Add ('Con pérdida', CTK.Checkbox (lossy_dict), 'La transcodificación a este formato conlleva pérdida de calidad') page = Page.Default() page += CTK.RawHTML ("<h1>%s: Edicion de formato</h1>" %(MENU_LINK)) page += table # New targets new_table = __get_new_targets_table (format_id) if new_table: page += CTK.RawHTML ("<h3>Agregar objetivos de transcodificación</h3>") page += new_table # Current targets target_table, dialogs = __get_current_targets_table (format_id) if target_table: page += CTK.RawHTML ("<h3>Objetivos de transcodificación existentes</h3>") page += target_table for dialog in dialogs: page += dialog return page.Render()
def edit_format_apply(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail format_id = CTK.post.pop('formatid') if not format_id: return CTK.HTTP_Error(406) # Update the database q = '' for key in ['lossy_flag', 'format']: if key in CTK.post: q += "UPDATE formats SET %s='%s' WHERE id = %s;" % \ (key, CTK.post[key], format_id) if 'target' in CTK.post: q += "INSERT INTO transcode_targets (source_id, target_id) VALUES ('%s','%s');" % \ (format_id,CTK.post['target']) if q: q = "START TRANSACTION; %s COMMIT;" % q if not transaction_check_success (q): return {'ret': "error"} return {'ret': "ok", 'redirect': '%s/edit/%s'%(LOCATION,format_id)}
def edit_profile(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Table profile_id = CTK.request.url.split('/')[3] q = ("SELECT *, GROUP_CONCAT(roles_id) " + " FROM profiles, profiles_has_roles " + " WHERE profiles.id = %(profile_id)s AND " + " profiles_has_roles.profiles_id = %(profile_id)s " + " GROUP by profiles.id;") %(locals()) p = Query(q) profile_roles = [int(x) for x in p['GROUP_CONCAT(roles_id)'][0].split(',')] table = CTK.PropsAuto ('/admin/profile/apply') table.AddConstant ('profile_id', profile_id) table.Add ('Nombre', CTK.TextField ({'name': "name", 'value': p['name'][0]}), "Nombre del profile") table.Add ('Description', CTK.TextField ({'name': "description", 'value': p['description'][0]}), "Descripcion del profile") table.Add ('Role: Administrador', CTK.Checkbox ({'name': "role_"+str(Role.ROLE_ADMIN), 'checked': '01'[Role.ROLE_ADMIN in profile_roles]}), "Tiene permisos de administrador") table.Add ('Role: Ingestador', CTK.Checkbox ({'name': "role_"+str(Role.ROLE_UPLOADER), 'checked': '01'[Role.ROLE_UPLOADER in profile_roles]}), "Puede dar de alta nuevos activos en el sistema") table.Add ('Role: Editor', CTK.Checkbox ({'name': "role_"+str(Role.ROLE_EDITOR), 'checked': '01'[Role.ROLE_EDITOR in profile_roles]}), "Puede editar los activos que ya existen en el sistema") table.Add ('Role: Publicador', CTK.Checkbox ({'name': "role_"+str(Role.ROLE_PUBLISHER), 'checked': '01'[Role.ROLE_PUBLISHER in profile_roles]}), "Puede publicar activos") table.Add ('Role: Consumidor', CTK.Checkbox ({'name': "role_"+str(Role.ROLE_CONSUMER), 'checked': '01'[Role.ROLE_CONSUMER in profile_roles]}), "El usuario puede consumir, ver, y descargar activos") page = Page.Default() page += CTK.RawHTML ("<h1>%s: Edición profile</h1>" %(PROFILES_PREFIX)) page += table return page.Render()
def new_user_apply(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Update the database fields = [] values = [] for key in ['username','forename', 'surname1', 'surname2', 'email']: if key in CTK.post: fields.append (key) values.append ("'%s'"%(CTK.post[key])) if 'password' in CTK.post: fields.append ('password') values.append ("'%s'"%(md5(CTK.post['password']).hexdigest())) for key in ['profile_id']: if key in CTK.post: fields.append (key) values.append ("%s" %(CTK.post[key])) q = "INSERT INTO users (%s) VALUES (%s);" %(", ".join(fields), ", ".join(values)) if not query_check_success (q): return {'ret': "error"} return {'ret': "ok", 'redirect': "/admin/user"}
def check_in(in_path="/DataFiles/sub_paricipants.txt",out_path="/DataFiles/participants/"): screen_names=['auth_user1','auth_user2'] checked_participants_file='/DataFiles/participants/checked.txt' notauthorized_participants_file='/DataFiles/participants/notAuthorized.txt' while len(screen_names)>0: screen_name=screen_names.pop() print screen_name participants=return_participants(file_path=in_path) #print len(participants) if os.path.exists(checked_participants_file): with open(checked_participants_file,'rb') as handle: checked_partice=cpik.loads(handle.read()) participants=participants-checked_partice if os.path.exists(notauthorized_participants_file): with open(notauthorized_participants_file,'rb') as handle: checked_partice=cpik.loads(handle.read()) participants=participants-checked_partice if len(participants)==0: if os.path.exists (checked_participants_file): os.remove(checked_participants_file) if os.path.exists (notauthorized_participants_file): os.remove(notauthorized_participants_file) print 'successfully finittto! beginning next round!' api=Auth.get_authentication(screen_name=screen_name) status=recored_participants_graphs(api=api,participants=participants)
def del_type(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Target asset_type asset_type_id = CTK.request.url.split('/')[-1] # Check whether it can be deleted q = "SELECT COUNT(*) as total FROM assets WHERE asset_types_id = %(asset_type_id)s;" %(locals()) re = Query(q) usage = re['total'][0] if usage != 0: subs = Util.get_es_substitutions (usage) msg = ("No se puede eliminar. " "Existe%(n)s %(num)d activo%(s)s de este tipo." % subs) return default (msg) # Delete q = "DELETE FROM asset_types WHERE id = %(asset_type_id)s;" %(locals()) ok = query_check_success (q) if not ok: return default ('No se pudo realizar la eliminación.') return CTK.HTTP_Redir(LOCATION)
def default_admin (message = None, assets = None): not_admin = Auth.assert_is_role (Role.ROLE_ADMIN) if not_admin: return not_admin # Render page = Page.Default() page += CTK.RawHTML ("<h1>%s: Permisos</h1>" % ADMIN_LINK) contents = get_admin_contents() main = CTK.Container() if len(contents): main += Paginate(contents, DefaultWidget) else: main += CTK.RawHTML ("<h2>No hay activos.</h2>") if assets != None: page += CTK.RawHTML ("<h2>Activos buscados</h2>") page += acl_get_custom (assets) tabs = CTK.Tab() tabs.Add ('Activos', main) tabs.Add ('Búsqueda', WidgetLookup.get_fields_form(ACL_ADMIN_LOOKUP)) page += tabs if message: page += Message(message) return page.Render()
def del_format(): # Authentication fail = Auth.assert_is_role (Role.ROLE_ADMIN) if fail: return fail # Target format format_id = CTK.request.url.split('/')[-1] # Check whether it can be deleted q = ("SELECT COUNT(*) as total " "FROM view_asset_formats " "WHERE formats_id = %(format_id)s;" %(locals())) re = Query(q) usage = re['total'][0] if usage != 0: subs = [{'n':'','s':''},{'n':'n','s':''}][(usage > 1)] subs['num'] = usage msg = ("Imposible realizar la operación ya que existe%(n)s " "%(num)d activo%(s)s en ese formato" % subs) return default (msg) # Delete q = "DELETE FROM transcode_targets WHERE source_id = %(format_id)s OR target_id = %(format_id)s;" %(locals()) q += "DELETE FROM formats WHERE id = %(format_id)s;" %(locals()) q = "START TRANSACTION; %s COMMIT;" % q ok = transaction_check_success (q) if not ok: msg = 'No se pudo eliminar el formato.' return default (msg) return default()
def add_new (self, content, refresh): # Add new entry c_id, c_type = get_id_and_type (content) url = '%s/%s' % (URL_APPLY, c_type) roles = ["Administrator", "Ingestador", "Editor", "Publicador", "Consumidor"] role_options = [(None,'Todos')] + [(Role.name_to_role(x), x) for x in roles] user_options = [(None,'Todos')] + Auth.get_users() entries = [CTK.RawHTML (''), CTK.Checkbox ({'name': "ad", 'checked':False, 'class':'required'}), CTK.Checkbox ({'name': "ed", 'checked':False, 'class':'required'}), CTK.Checkbox ({'name': "rm", 'checked':False, 'class':'required'}), CTK.Checkbox ({'name': "co", 'checked':False, 'class':'required'}), CTK.Combobox ({'name':'role', 'class':'required'}, role_options), CTK.Combobox ({'name':'user_id', 'class':'required'}, user_options)] self.table[(self.n,1)] = entries + [CTK.SubmitterButton('Enviar')] self.n += 1 form = CTK.Submitter(url) form += self.table form += CTK.HiddenField({'name':'type', 'value':c_type}) form += CTK.HiddenField({'name':'id', 'value':c_id}) form.bind ('submit_success', refresh.JS_to_refresh()) self += form
def __init__ (self, params = None): if params: self.roles = params['roles'] self.user_id = params['user_id'] else: self.roles = Role.get_user_roles() self.user_id = Auth.get_user_id()
def fetch_data(screen_name=None,ids=[]): api=Auth.get_authentication(screen_name=screen_name) list_pairs={} out_path='/DataFiles/Users/pairs'# if os.path.exists(out_path): with open(out_path,'rb') as handle: list_pairs=cPickle.loads(handle.read()) if len(list_pairs)>0: extract = lambda data, sampled_data: dict(zip(data, map(sampled_data.get, data))) list_pairs=extract(ids,list_pairs) current_time=datetime.datetime.now() for ID in ids: try: usr=api.GetUser(ID) nFollows=usr.GetFollowersCount() nFriends=usr.GetFriendsCount() nStatus=usr.GetStatusesCount() if nFollows==None or nFriends==None or nStatus==None: continue if list_pairs.has_key(ID): if list_pairs[ID]!=None: list_pairs[ID].append((nFollows,nFriends,nStatus,current_time)) else: list_pairs[ID]=[(nFollows,nFriends,nStatus,current_time)] except twitter.TwitterError, ex: print ex.message if "Clients may not make more than 350 requests per hour" in ex.message: print screen_name break else: continue
def test(): import sys import OpLookup import Auth import Role try: username = sys.argv[1] asset_id = int (sys.argv[2]) asset = Asset (asset_id) user = Auth.get_user(username) roles = Role.get_user_roles (username) params = { 'roles': roles, 'user_id': user['id']} except IndexError: print 'Required test parameters: user sample_asset_id' sys.exit(1) # Create asset for testing new_asset = Asset () new_asset._db = asset._db new_asset._tags = asset._tags flag = id (new_asset) new_asset['title'] = flag oa = OpAsset (new_asset, params) assert oa print '#1 OpAsset (): Creation OK' ret = oa.add() assert ret == True print '#2 OpAsset.add(): Addition OK' ol = OpLookup.OpLookup () new_asset_id = ol({'title': flag})[0] new_asset = Asset (new_asset_id) assert int(new_asset['title']) == int(flag) print '#3 OpAsset.add(): Retrieval after addition OK' oa = OpAsset (new_asset, params) assert oa print '#4 OpAsset (new_asset): Creation after retrieval OK' new_asset['description'] = flag oa = OpAsset (new_asset, params) ret = oa.update() assert ret == True print '#5 OpAsset.update(): Modification OK' ol = OpLookup.OpLookup () updated_asset_id = ol({'description': int(flag)})[0] updated_asset = Asset (new_asset_id) assert int(updated_asset['description']) == int(flag) print '#6 OpAsset.update(): Retrieval after modification OK' assert updated_asset['id'] == new_asset['id'] print '#7 OpAsset.update(): Comparison with original OK' ret = oa.delete() assert ret['ret'] == True print '#8 OpAsset.delete(): Deletion OK'
def edit_acl (): req = CTK.request.url.split('/') content_id = req[-1] c_type = req[-2] try: if c_type == 'asset': content = Asset.Asset (content_id) else: content = Collection.Collection (content_id) Auth.check_if_authorized (content) except: return default_user ('Operación no autorizada') page = Page.Default() page += ACLWidget (content) return page.Render()
def add_asset_apply (): # Authentication fail = Auth.assert_is_role (Role.ROLE_UPLOADER) if fail: return fail asset = Asset() asset['creator_id'] = Auth.get_user_id() asset['version'] = 1 if 'parts' in CTK.post: parts = CTK.post['parts'] if parts: parts = Validations.split_list (CTK.post['parts']) asset._parts['has_parts_of'] = [int(p) for p in parts] if 'parent_id' in CTK.post: asset._parent_id = int(CTK.post['parent_id']) for key in ['asset_types_id', 'licenses_id', 'title', 'description', 'version', 'language', 'subject']: if key in CTK.post: asset[key] = CTK.post[key] filenames = [] if 'name' in CTK.post and 'ref' in CTK.post: tmp_name = CTK.post['ref'] src_name = CTK.post['name'] filenames = Upload.process_file (tmp_name, src_name) #Collection if len(filenames) > 1: col_id = create_collection (src_name) asset['collections_id'] = col_id elif len(filenames) == 1: info = Upload.get_info (filenames[0]) #If unique file is broken if not info['filename']: return {'ret': "ok", 'redirect': '%s/broken' %(LOCATION)} ret = create_assets (asset, filenames) if False in ret: return {'ret': "error"} return {'ret': "ok", 'redirect': LOCATION}
def default (): # Authentication fail = Auth.assert_is_role (Role.ROLE_CONSUMER) if fail: return fail # List of assets user_id = Auth.get_user_id() assets = get_user_bookmarks (user_id) contents = [(Asset, x) for x in assets] page = Page.Default() page += CTK.RawHTML ("<h1>Favoritos</h1>") if len(contents): page += Paginate(contents, AbstractWidget) else: page += CTK.RawHTML ("<h2>No hay favoritos</h2>") return page.Render()
def POST(self): if(web.ctx.session.loggedIn == 1): data = web.input() #TODO actuall log them into the party web.ctx.session.partyId = data.partyId web.setcookie('partyId', data.partyId) else: return Auth.doUnAuth('Party Login')
def __init__ (self, props={}): user_id = Auth.get_user_id() bookmarks = Bookmark.get_user_bookmarks (user_id) options = [('','--')]+[(b,'#%s'%b) for b in bookmarks] props['selected'] = '' renders = self._render_options (bookmarks) ComboTextField.__init__ (self, props, options, renders)
def tearDown(self): #清空测试环境 #删除微博 delBlogRes = newSocial.delBlogById(userData['hostName'] + socialData['delBlogById_url'] + str(self.blogId), headers=self.headers) self.assertEqual(delBlogRes.status_code, userData['status_code_200']) self.assertEqual(json.loads(delBlogRes.text)['code'], 0) #退出登录 signoutRes = Auth.signout(userData['hostName'] + authData['signout_url'], datas=self.headers) self.assertEqual(signoutRes.status_code, userData['status_code_200'])
def get(self, user_id, resource_name): data = token_argument.parse_args(request) if data.get('token'): if Auth.verifyToken(data.get('token'), user_id): filepath = "./Resources/" + user_id + "/" + resource_name if path.exists(filepath): fOut = tempfile.NamedTemporaryFile() pyAesCrypt.decryptFile(filepath, fOut.name, password, bufferSize) return send_file(fOut.name, as_attachment=True, attachment_filename=resource_name) else: return {'response': "File doesn't exist"}, 401 else: return {'response': "Token validation error"}, 400
def edit_user(): # Authentication is_admin = Role.user_has_role(Role.ROLE_ADMIN) user_id = CTK.request.url.split('/')[3] profile_id = Profile.get_user_profile(user_id) current_id = Auth.get_user_id() try: is_self = (int(user_id) == current_id) except: is_self = False if not is_admin and not is_self: return CTK.HTTP_Redir('/') user_query = "SELECT * FROM users WHERE id = '%(user_id)s';" % (locals()) profile_query = "SELECT id, description FROM profiles;" # Table table = PropsAutoSQL('/admin/user/apply', user_query) table.AddConstant('userid', user_id) table.AddConstant('old_password', table.SQL_result['password'][0]) if is_admin: props = {} if int(current_id) == int(user_id): props['disabled'] = '' props['selected'] = profile_id profiles = ComboboxSQL(props, profile_query) table.Add('Profile', profiles, 'profile_id', 'Profile del usuario') table.Add('Login', CTK.TextField({'disabled': True}), 'username', 'Login de usuario') table.Add('Password', CTK.TextFieldPassword(), 'password', 'Clave de acceso') table.Add('Nombre', CTK.TextField(), 'forename', 'Nombre propio') table.Add('Apellido 1', CTK.TextField(), 'surname1', 'Primer Apellido') table.Add('Apellido 2', CTK.TextField(), 'surname2', 'Segundo Apellido') table.Add('E-Mail', CTK.TextField(), 'email', 'Cuenta de correo electronico') page = Page.Default() if is_admin: title = '%s: %s' % (ADMIN_LINK, LINK_HREF % (LOCATION, 'Usuarios')) else: title = '%s Edición de usuario' % BACK_LINK page += CTK.RawHTML("<h1>%s</h1>" % title) page += table return page.Render()
def tearDown(self): #清空测试环境 #取消关注 params = {"toUserId": self.followUserId} attentionRes = newSocial.addOrCancelAttention( userData['hostName'] + socialData['addOrCancelAttention_url'], datas=params, headers=self.headers) self.assertEqual(attentionRes.status_code, userData['status_code_200']) self.assertEqual(json.loads(attentionRes.text)['code'], 0) #退出登录 signOutRes = Auth.signout(userData['hostName'] + authData['signout_url'], datas=self.headers) self.assertEqual(signOutRes.status_code, userData['status_code_200'])
def edit_type_apply(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail asset_type_id = CTK.post.pop('asset_typeid') if not asset_type_id: return CTK.HTTP_Error(406) # Update the database if 'type' in CTK.post: q = "UPDATE asset_types SET type='%s' WHERE id = %s;" % ( CTK.post['type'], asset_type_id) if not query_check_success(q): return {'ret': "error"} return {'ret': "ok"}
def setUp(self): # 登录 datas = { "account": userData['waccount'], "password": userData['wpasswd'], "remember": "false" } traderLoginRes = Auth.signin( userData['hostName'] + userDataAuth['signin_url'], userData['headers'], datas) self.assertEqual(traderLoginRes.status_code, userData['status_code_200']) self.token = json.loads(traderLoginRes.text)['data']['token'] # 连接account测试服务器 consulAccountHost = FMCommon.consul_operater( host=userDatagrpc['consulHost'], port=userDatagrpc['consulPort'], server='followme.srv.account', key='ServiceAddress') consulAccountPort = FMCommon.consul_operater( host=userDatagrpc['consulHost'], port=userDatagrpc['consulPort'], server='followme.srv.account', key='ServicePort') accountChannel = grpc.insecure_channel(consulAccountHost + ':' + str(consulAccountPort)) self.accountStub = account_pb2_grpc.AccountSrvStub(accountChannel) print("self.accountStub:", self.accountStub) # 连接dealer测试服务器 http://10.1.0.4:8500 consulDealerHost = FMCommon.consul_operater( host=userDatagrpc['consulHost'], port=userDatagrpc['consulPort'], server='followme.srv.copytrade.dealer.pico', key='ServiceAddress') consulDealerPort = FMCommon.consul_operater( host=userDatagrpc['consulHost'], port=userDatagrpc['consulPort'], server='followme.srv.copytrade.dealer.pico', key='ServicePort') print(consulDealerHost + ':' + str(consulDealerPort)) dealerChannel = grpc.insecure_channel(consulDealerHost + ':' + str(consulDealerPort)) self.dealerStub = mt4dealer_pb2_grpc.MT4DealerSrvStub(dealerChannel) print("self.dealerStub:", self.dealerStub)
def del_format_target(): """Deletes transcode targets""" # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # Target format req = CTK.request.url.split('/') source_id = req[-2] target_id = req[-1] # Delete q = "DELETE FROM transcode_targets " \ "WHERE source_id = %(source_id)s AND target_id = %(target_id)s;" %(locals()) ok = transaction_check_success(q) return CTK.HTTP_Redir("%s/edit/%s" % (LOCATION, source_id))
def setUp(self): #获取图形验证码 captchaUrl = userData['hostName'] + userDataAuthUrl['getCaptcha_url'] self.user_token = Account.getTokenForCaptcha(captchaUrl) self.header = { 'content-type': 'application/json', 'Authorization': 'Bearer ' + str(self.user_token) } #读取图形验证码 self.ccap = Account.getCaptchaForRedis(self.user_token) #根据图形验证码获取短信验证码 smsUrl = userData['hostName'] + userDataAuthUrl[ 'getSMSScode_url'] + userData[ 'registerAccount'] + '&captcha=' + self.ccap print(smsUrl) '''获取短信验证码成功''' self.smsCode = Account.getSMSCodeForRedis( smsUrl, headers=self.header, userToken=str(self.user_token), registerAccount=userData['registerAccount']) # OA登录.0 getUserTokenRes = Auth.getUserToken( userData['hostNameSwagger'] + userDataAuthUrl['loginOA_url'] + userData['oaClientId'] + "&userName="******"&password="******"getUserToken") self.assertEqual(getUserTokenRes.status_code, userData['status_code_200']) self.tokenOA = json.loads(getUserTokenRes.text)['accessToken'] # '''登录OA''' # loginOAUrl=userData['hostNameOA']+userDataAuthUrl['loginOA_url'] # loginOARes=Auth.loginOA(loginOAUrl,headers=userData['headersOA'],username=userData['usernameOA'],password=userData['passwordOA']) # # self.assertEqual(loginOARes.status_code,userData['status_code_200']) # self.tokenOA=json.loads(loginOARes.text)['Result']['Token'] '''登录OA成功''' self.headerOA = { 'content-type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer ' + str(self.tokenOA) }
def default(message=None): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # List of types q = ("SELECT id,type FROM asset_types;") types = Query(q) table = CTK.Table() title = [CTK.RawHTML(x) for x in ['Tipo de activo']] table[(1, 1)] = title table.set_header(row=True, num=1) page = Page.Default() n = 2 for asset_type in types: type_id = types[asset_type]['id'] name = types[asset_type]['type'] # Delete asset_type link dialog = CTK.Dialog({ 'title': "¿Quieres eliminar %s?" % (name), 'autoOpen': False }) dialog += CTK.RawHTML(NOTE_DELETE) dialog.AddButton('Cancelar', "close") dialog.AddButton('Borrar', "%s/del/%s" % (LOCATION, type_id)) linkdel = LINK_JS_ON_CLICK % (dialog.JS_to_show(), "Borrar") linkname = LINK_HREF % ("%s/edit/%s" % (LOCATION, type_id), name) table[(n, 1)] = [CTK.RawHTML(linkname), CTK.RawHTML(linkdel)] page += dialog n += 1 # Render page += CTK.RawHTML("<h1>%s: Tipos</h1>" % ADMIN_LINK) page += table page += CTK.RawHTML(LINK_HREF % ('%s/new' % LOCATION, 'Añadir tipo')) if message: page += Message(message) return page.Render()
def default_user(message=None): not_uploader = Auth.assert_is_role(Role.ROLE_UPLOADER) if not_uploader: return not_uploader # Render page = Page.Default() page += CTK.RawHTML("<h1>Permisos de activos de usuario</h1>") contents = get_user_contents() if len(contents): page += Paginate(contents, DefaultWidget) else: page += CTK.RawHTML("<h2>No hay activos.</h2>") if message: page += Message(message) return page.Render()
def setUp(self): #登录账号 siginParams = { "account": userData['account'], "password": userData['passwd'], "remember": False } siginRes = Auth.signin(userData['hostName'] + authData['signin_url'], headers=userData['headers'], datas=siginParams) #断言返回200登录成功 self.assertEqual(siginRes.status_code, userData['status_code_200']) #获取headers self.token = json.loads(siginRes.text)['data']['token'] self.headers = dict( userData['headers'], **{userData['Authorization']: userData['Bearer'] + self.token})
def setUp(self): '''登录followme系统''' datas = { "account": webAPIData['followAccount'], "password": webAPIData['followPasswd'], "remember": "false" } signinRes = Auth.signin( webAPIData['hostName'] + authData['signin_url'], webAPIData['headers'], datas) #登录成功,返回200 ok self.assertEqual(signinRes.status_code, webAPIData['status_code_200']) # #保存登录时的token,待登出使用 self.token = json.loads(signinRes.text)['data']['token'] #规整headers webAPIData['headers'][ webAPIData['Authorization']] = webAPIData['Bearer'] + self.token
def get_user_contents(): user_id = Auth.get_user_id() # List of collections result = Collection.get_collections_list() collections = [c['id'] for c in result if c['creator_id'] == user_id] contents = [(Collection.Collection, x) for x in collections] # List of assets lookup = OpLookup() search = {'creator_id': user_id, '__order__': 'id'} try: result = lookup(search) except: result = [] contents += [(Asset.Asset, x) for x in result] return contents
def __init__(self, target_file=None): user_id = Auth.get_user_id() user_usage = Upload.get_usage_user(user_id) system_usage = Upload.get_usage_system() self.limits = { 'size': LIMIT_ASSET_SIZE, 'files': LIMIT_ASSET_FILES, 'total': LIMIT_ASSET_TOTAL } self.usage = { 'size': 0, 'files': user_usage['files'], 'total': system_usage['size'] } if target_file: self.usage['size'] = os.path.getsize(target_file)
def setUp(self): #交易员FMS004 晋峰登陆--------------------- tradeDatas = { "account": webAPIData['account_1'], "password": webAPIData['passwd_1'], "remember": "false" } tradeSignin = Auth.signin( webAPIData['hostName'] + authData['signin_url'], webAPIData['headers'], tradeDatas) # 登录成功,返回200 ok self.assertEqual(tradeSignin.status_code, webAPIData['status_code_200']) #保存账号的nickName,待获取userID使用 self.tradeNickName = json.loads(tradeSignin.text)['data']['nickname'] # #保存登录时的token,待登出使用 self.tradeUserToken = json.loads(tradeSignin.text)['data']['token'] #保存userID self.tradeUserID = json.loads(tradeSignin.text)['data']['id'] #规整headers self.tradeHeaders = dict( webAPIData['headers'], **{ webAPIData['Authorization']: webAPIData['Bearer'] + self.tradeUserToken }) jydstradeDatas = {"token": self.tradeUserToken} self.jydstradeSignin = Tradegame.jydssignin( webAPIData['hostName'] + tradegameData['get_jydssignin_url'], webAPIData['headers'], jydstradeDatas) print("HTTP Cookies响应:") print(self.jydstradeSignin.cookies['followme-jyds-beta']) print("HTTP Cookies响应结束") self.localCookies = { 'Cookie': 'followme-jyds-beta=' + self.jydstradeSignin.cookies['followme-jyds-beta'] } self.get_Accounts = Tradegame.get_Accounts( webAPIData['hostName'] + tradegameData['get_accounts_url'], headers=self.localCookies, interfaceName='get_Account') for item in json.loads(self.get_Accounts.text)["data"]["items"]: self.target.append(item["MT4Account"])
def default(message=None): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # List of formats q = ("SELECT * FROM formats;") formats = Query(q) table = CTK.Table() title = [CTK.RawHTML(x) for x in ['Nombre', 'Pérdida']] table[(1, 1)] = title table.set_header(row=True, num=1) page = Page.Default() n = 2 for format in formats: format_id = str(formats[format]['id']) formatname = formats[format]['format'] lossy = ['No', 'Sí'][formats[format]['lossy_flag']] # Delete format link dialog = __get_del_dialog("del/%s" % (format_id), NOTE_DELETE) linkdel = LINK_JS_ON_CLICK % (dialog.JS_to_show(), "Borrar") linkname = LINK_HREF % ("%s/edit/%s" % (LOCATION, format_id), formatname) table[(n, 1)] = [ CTK.RawHTML(linkname), CTK.RawHTML(lossy), CTK.RawHTML(linkdel) ] page += dialog n += 1 # Render page += CTK.RawHTML("<h1>%s: Administración de Formatos</h1>" % (ADMIN_LINK)) page += table page += CTK.RawHTML("<h2>Añadir formato</h2>") page += __get_new_format_form() if message: page += Message(message) return page.Render()
def collect_token(): token_id = request.args.get('token_id') res = Auth.collectToken(token_id) if res is None: flask.abort(401) if (res['token_id'] != token_id): print('blurgh!') print(res['token_id']) print(token_id) session['ntv_token'] = res['token_id'] session['name'] = res['name'] #return flask.jsonify(res), 200 return flask.redirect("/")
def get_diz(self, limit=1): if not self._tags: self._lookup_tags(limit) desc, license_name = '', '' if self['tags'].has_key('Description'): desc = self['tags']['Description'][0] if self['tags'].has_key('Rights'): license_name = self['tags']['Rights'][0] d = { 'thumb': THUMB_COLLECTION, 'creator': Auth.get_user_name(self['creator_id']), 'license': license_name, 'title': self['name'], 'desc': desc, } return d
def default(): # Authentication fail = Auth.assert_is_role(Role.ROLE_CONSUMER) if fail: return fail if not Role.user_has_role(Role.ROLE_ADMIN): return report_assets() page = Page.Default() page += CTK.RawHTML("<h1>%s: Reportes</h1>" % (ADMIN_LINK)) table = CTK.Table() table[(1, 1)] = CTK.RawHTML( LINK_HREF % ("%s/assets" % LOCATION, 'Reportes de activos')) table[(2, 1)] = CTK.RawHTML( LINK_HREF % ("%s/system" % LOCATION, 'Reportes del sistema')) page += table return page.Render()
def menu(self): try: auth = Auth.Auth() if not auth.is_logged_in(): return except AttributeError: return self.menu_user() if Role.ROLE_CONSUMER in self.roles: self.menu_consumer() if Role.ROLE_UPLOADER in self.roles: self.menu_uploader() if Role.ROLE_EDITOR in self.roles: self.menu_editor() if Role.ROLE_PUBLISHER in self.roles: self.menu_publisher() if Role.ROLE_ADMIN in self.roles: self.menu_admin()
def default (perform = None): # Authentication fail = Auth.assert_is_role (Role.ROLE_CONSUMER) if fail: return fail page = Page.Default() page += CTK.RawHTML ("<h1>Búsquedas</h1>") if perform: page += CTK.RawHTML ("<h2>Resultados</h2>") page += __get_results (perform) tabs = CTK.Tab() tabs.Add ('Por texto', WidgetLookup.get_text_form()) tabs.Add ('Por campos', WidgetLookup.get_fields_form()) page += tabs return page.Render()
def edit_type(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # Table asset_type_id = CTK.request.url.split('/')[-1] q = "SELECT * FROM asset_types WHERE id = '%(asset_type_id)s';" % ( locals()) table = PropsAutoSQL('%s/edit/apply' % LOCATION, q) table.AddConstant('asset_typeid', asset_type_id) table.Add('Tipo', CTK.TextField(), 'type', 'Nombre del tipo de activo') page = Page.Default() page += CTK.RawHTML("<h1>%s: Edicion de tipos</h1>" % (MENU_LINK)) page += table return page.Render()
def new_type(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail table = CTK.PropsTable() table.Add('Tipo', CTK.TextField({ 'name': 'type', 'class': "required" }), 'Nombre del tipo de activo') form = CTK.Submitter("%s/new/apply" % LOCATION) form += table page = Page.Default() page += CTK.RawHTML("<h1>%s: Añadir tipo</h1>" % (MENU_LINK)) page += form return page.Render()
def private(): fail = Auth.assert_is_role(Role.ROLE_CONSUMER) if fail: return fail request = CTK.request.url[len(STATIC_PRIVATE) + 1:] asset_id = request.split('/')[-1] try: asset_id = int(asset_id) acl = ACL() asset_id = acl.filter_assets("co", [asset_id])[0] except: return CTK.HTTP_Error(403) filename = match_asset(request) if not filename: return CTK.HTTP_Error(404) return XSendfile(filename)
def control(self): # objects authentication = auth.Auth(self.SCOPES) creds = authentication.checkCredentials() pathStorage = PathStorage() # --------------------------------------- message = "[OPTIONS]:\n'-add' for adding a path to config file\n'-del' for deleting config file\n" \ "'-up' for uploading all synch_folders from config file\n'-ex' for exit program\n" choice = input(message) while (choice != "-ex"): if choice == "-add": pathStorage.addPath() elif choice == "-del": pathStorage.deleteConfFile() elif choice == "-up": fileMetadata = FileMetadata(creds) fileMetadata.prepareFiles(pathStorage.getFoldersList()) choice = input(message)
def new_license_apply(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # Update the database fields = [] values = [] for key in ['name', 'description']: if key in CTK.post: fields.append(key) values.append("'%s'" % (CTK.post[key])) q = "INSERT INTO licenses (%s) VALUES (%s);" % (", ".join(fields), ", ".join(values)) if not query_check_success(q): return {'ret': "error"} return {'ret': "ok", 'redirect': LOCATION}
def edit_license(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # Table license_id = CTK.request.url.split('/')[-1] q = "SELECT * FROM licenses WHERE id = '%(license_id)s';" % (locals()) table = PropsAutoSQL('%s/edit/apply' % LOCATION, q) table.AddConstant('licenseid', license_id) table.Add('Licencia', CTK.TextField(), 'name', 'Nombre de la licencia') table.Add('Descripción', CTK.TextField(), 'description', 'Breve descripción') page = Page.Default() page += CTK.RawHTML("<h1>%s: Edicion de licencia</h1>" % (MENU_LINK)) page += table return page.Render()
def del_user(): # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail # Target user user_id = CTK.request.url.split('/')[4] # Delete q = "DELETE FROM users WHERE id = %(user_id)s;" % (locals()) ok = query_check_success(q) if ok: msg = None else: msg = ('Este usuario no puede ser eliminado ya que posee ' 'activos en el sistema.') return default(msg)
def report_system(): """Report info for system administration:""" # Authentication fail = Auth.assert_is_role(Role.ROLE_ADMIN) if fail: return fail pairs = [('1h', '1 hora'), ('6h', '6 horas'), ('1d', '1 día'), ('1w', '1 semana')] tabs = CTK.Tab() for pair in pairs: mapping = {'ext': pair[0], 'desc': pair[1]} tabs.Add(pair[1], CTK.RawHTML(GRAPH_TEMPLATE % mapping)) page = Page.Default() page += CTK.RawHTML("<h1>%s</h1>" % (MENU_LINK)) page += tabs return page.Render()
def registerByMobile(mobile,password,invite): # 连接account测试服务器 consulAccountHost = FMCommon.consul_operater(host=userData['consulHost'], port=userData['consulPort'], server='followme.srv.account', key='ServiceAddress') consulAccountPort = FMCommon.consul_operater(host=userData['consulHost'], port=userData['consulPort'], server='followme.srv.account', key='ServicePort') # print(consulAccountHost + ':' + str(consulAccountPort)) accountChannel = grpc.insecure_channel(consulAccountHost + ':' + str(consulAccountPort)) accountStub = account_pb2_grpc.AccountSrvStub(accountChannel) # 连接dealer测试服务器 http://10.1.0.4:8500 consulDealerHost = FMCommon.consul_operater(host=userData['consulHost'], port=userData['consulPort'], server='followme.srv.copytrade.dealer.pico', key='ServiceAddress') consulDealerPort = FMCommon.consul_operater(host=userData['consulHost'], port=userData['consulPort'], server='followme.srv.copytrade.dealer.pico', key='ServicePort') # print(consulDealerHost + ':' + str(consulDealerPort)) dealerChannel = grpc.insecure_channel(consulDealerHost + ':' + str(consulDealerPort)) dealerStub = mt4dealer_pb2_grpc.MT4DealerSrvStub(dealerChannel) # 获取图形验证码 captchaUrl = webApiData['hostName'] + userDataAuthUrl['getCaptcha_url'] user_token = Account.getTokenForCaptcha(captchaUrl) header = {'content-type': 'application/json', 'Authorization': 'Bearer ' + str(user_token)} # 读取图形验证码 ccap = Account.getCaptchaForRedis(user_token) # 根据图形验证码获取短信验证码 smsUrl = webApiData['hostName'] + userDataAuthUrl['getSMSScode_url'] + mobile + '&captcha=' + ccap # print(smsUrl) '''获取短信验证码成功''' smsCode = Account.getSMSCodeForRedis(smsUrl, headers=header, userToken=str(user_token),registerAccount=mobile) # 注册 url = webApiData['hostName'] + userDataAuthUrl['register_url'] res = Auth.register(url, headers=header, account=mobile, password=password, platform=webApiData['platform'], captcha=str(ccap), smscode=smsCode, invite=invite, oauth2=webApiData['oauth2']) # 请求成功,返回200 ok userID = json.loads(res.text)["data"]["id"] # 设置用户昵称 setNickName = accountStub.SetNickName(account_pb2.User(Id=userID, NickName="ciStar"+str(userID))) # 检查设置成功后,返回值为:0 return userID