def auth_user(global_config, desired_path='/home'):
auth = web.ctx.env.get('HTTP_AUTHORIZATION')
authreq = False
if auth is None:
authreq = True
else:
auth = re.sub('^Basic ','',auth)
username,password = base64.decodestring(auth).split(':')
if logged_out_users.has_key(username):
del logged_out_users[username]
else:
session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season'])
user = UsersDataModel.getUser(session, username)
session.remove()
if user:
if user.state == 'Disabled':
raise web.seeother('/accountdisabled')
#if (username,password) in allowed:
if user.check_password(password) == True:
raise web.seeother(desired_path)
authreq = True
if authreq:
web.header('WWW-Authenticate','Basic realm="FRC1073 ScoutingAppCentral"')
web.ctx.status = '401 Unauthorized'
return
def get_user_form(global_config, username):
global_config['logger'].debug( 'GET User Form For: %s', username )
session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season'])
user = UsersDataModel.getUser(session, username)
form = userform()
if user:
form[user_username_label].value = user.username
form[user_emailaddress_label].value = user.email_address
form[user_cellphone_label].value = user.cellphone
form[user_carrier_label].value = user.carrier
form[user_subgroup_label].value = user.subgroup
form[user_password_label].value = user.password
form[user_display_name_label].value = user.display_name
form[user_role_label].value = user.role
form[user_contact_mode_label].value = user.contact_mode
form[user_nickname_label].value = user.altname
form[user_access_level_label].value = user.access_level
form[user_state_label].value = user.state
form[user_taskgroups_label].value = UsersDataModel.getUserTaskgroups(session, user.username)
else:
form[user_access_level_label].value = 10
form[user_role_label].value = 'Guest'
session.remove()
return form
def process_user_form(global_config, form, username, my_access_level, new_user=False):
if new_user == True:
username = form[user_username_label].value
global_config['logger'].debug( 'Process User Profile For: %s', username )
session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season'])
email_address = form[user_emailaddress_label].value
cellphone = form[user_cellphone_label].value
carrier = form[user_carrier_label].value
subgroup = form[user_subgroup_label].value
user = UsersDataModel.getUser(session, username)
if user:
if new_user == True:
raise Exception('User Already Exists!')
# validate the password confirmation only if the user actually changed his
# password
if form[user_password_label].value != user.password:
if form[user_password_label].value != form[user_password_confirm_label].value:
raise Exception('Passwords Do NOT Match')
# also make sure to pull username from the database, in case the user
# provided the nickname
username = user.username
password = form[user_password_label].value
display_name = form[user_display_name_label].value
role = form[user_role_label].value
contact_mode = form[user_contact_mode_label].value
nickname = form[user_nickname_label].value
access_level = int(form[user_access_level_label].value)
if access_level == 0:
if my_access_level >0:
raise Exception('Only Supreme Admins (aka NOT you) can set access level to 0')
taskgroups = form[user_taskgroups_label].value
state = form[user_state_label].value
UsersDataModel.addOrUpdateUser(session, username, email_address,
cellphone, carrier, subgroup, password,
display_name, role, contact_mode, nickname,
access_level, state)
UsersDataModel.updateUserTaskgroups(session, username, taskgroups)
session.commit()
session.remove()
return '/users'
def check_access(global_config, access_level):
auth = web.ctx.env.get('HTTP_AUTHORIZATION')
if auth is None:
raise web.seeother('/login?path=%s' % web.ctx.path)
else:
auth = re.sub('^Basic ','',auth)
username,password = base64.decodestring(auth).split(':')
# here is where we need to do a lookup in the user database and see if the
# user is authorized to access this page.
session = DbSession.open_db_session(global_config['users_db_name'])
user = UsersDataModel.getUser(session, username)
if user:
if user.check_access_level(access_level) == True:
return (username,user.access_level)
raise web.seeother('/accessdenied')
def get_userprofile_form(global_config, username):
global_config['logger'].debug( 'GET User Form For: %s', username )
session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season'])
user = UsersDataModel.getUser(session, username)
form = userprofileform()
form[user_username_label].value = user.username
form[user_emailaddress_label].value = user.email_address
form[user_cellphone_label].value = user.cellphone
form[user_carrier_label].value = user.carrier
form[user_subgroup_label].value = user.subgroup
form[user_password_label].value = user.password
form[user_display_name_label].value = user.display_name
form[user_contact_mode_label].value = user.contact_mode
form[user_nickname_label].value = user.altname
session.remove()
return form
def process_userprofile_form(global_config, form, username):
global_config['logger'].debug( 'Process User Profile For: %s', username )
session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season'])
email_address = form[user_emailaddress_label].value
cellphone = form[user_cellphone_label].value
carrier = form[user_carrier_label].value
subgroup = form[user_subgroup_label].value
# set default access level and rols, and override if the user is already in the system
access_level = 5
role = 'Guest'
user = UsersDataModel.getUser(session, username)
if user:
# validate the password confirmation only if the user actually changed his
# password
if form[user_password_label].value != user.password:
if form[user_password_label].value != form[user_password_confirm_label].value:
raise Exception('Passwords Do NOT Match')
access_level = user.access_level
role = user.role
state = user.state
password = form[user_password_label].value
display_name = form[user_display_name_label].value
contact_mode = form[user_contact_mode_label].value
nickname = form[user_nickname_label].value
UsersDataModel.addOrUpdateUser(session, username, email_address,
cellphone, carrier, subgroup, password,
display_name, role, contact_mode, nickname,
access_level, state)
session.commit()
session.remove()
return '/home'
if not os.path.isdir(base_dir):
raise
input_dir = './static/data/' + competition + '/ScoutingData/'
db_name = global_config['db_name']
issues_db_name = global_config['issues_db_name']
debriefs_db_name = global_config['debriefs_db_name']
users_db_name = global_config['users_db_name']
session = DbSession.open_db_session(db_name, DataModel)
issues_session = DbSession.open_db_session(issues_db_name, IssueTrackerDataModel)
debrief_session = DbSession.open_db_session(debriefs_db_name, DebriefDataModel)
users_session = DbSession.open_db_session(users_db_name, UsersDataModel)
# make sure that there is a default admin user. If no admin user exists, then create one
if UsersDataModel.getUser( users_session, 'admin' ) is None:
UsersDataModel.create_admin_user(users_session, 'squirrel!')
# Build the attribute definition dictionary from the definitions csv file
attrdef_filename = './config/' + global_config['attr_definitions']
attr_definitions = AttributeDefinitions.AttrDefinitions()
attr_definitions.parse(attrdef_filename)
if options.processfiles:
competition = global_config['this_competition'] + global_config['this_season']
try:
process_files(session, db_name, attr_definitions, input_dir, options.recursive, options.test)
dump_database_as_csv_file(session, attr_definitions, competition)
except Exception, e:
global_config['logger'].debug('Exception Caught Processing Files: %s' % str(e) )
traceback.print_exc(file=sys.stdout)
