def from_role(cls, role, expire=None): roles = set([Role.load_id(Role.SYSTEM_GUEST)]) if role is None or not role.is_actor: return cls(None, roles) roles.add(role.id) roles.add(Role.load_id(Role.SYSTEM_USER)) roles.update([g.id for g in role.roles]) return cls(role.id, roles, is_admin=role.is_admin, expire=expire)
def password_login(): """ Provides email and password authentication """ # require(settings.PASSWORD_LOGIN) request_data = request.get_json() email = request_data.get('email') password = request_data.get('password') log.warning("THE REQUEST DATA LOOKS LIKE {}".format(request_data)) require(settings.PASSWORD_LOGIN) data = request.get_json() role = Role.login(data.get("email"), data.get("password")) #log.warning("LOGGING IN FROM THE SESSIONS API: {}".format(role.email)) if role is None: raise BadRequest("Invalid user or password") # role.touch() db.session.commit() # update_role(role) authz = Authz.from_role(role) return jsonify({"status": "ok", "token": authz.to_token()})
def update(id): role = obj_or_404(Role.by_id(id)) data = request.get_json() role.update(data) db.session.add(role) db.session.commit() update_role(role) return jsonify(data)
def get_role(role_id): if role_id is None: return key = cache.object_key(Role, role_id) data = cache.get_complex(key) if data is None: role = Role.by_id(role_id) if role is None: return data = role.to_dict() cache.set_complex(key, data, expires=cache.EXPIRE) return data
def create_user(email, name, password, is_admin=False): """Create a password-based user""" foregin_id = "password:{}".format(email) role = Role.load_or_create( foregin_id, Role.USER, name, email=email, is_admin=is_admin ) if password is not None: role.set_password(password) db.session.add(role) db.session.commit() #update_role(role) return role
def create(): data = request.get_json() email = "*****@*****.**" role = Role.by_email(email) if role is not None: return jsonify( { "status": "error", "message": "Email is already registered" }, status=409) role = create_user(email, data.get("name"), data.get("password")) request.authz = Authz.from_role(role) return jsonify({"status": "ok"})
def delete_role(role): """ Fully delete a role from the database and transfer the ownership of documents and entities by it to the system user """ fallback = Role.load_cli_user() def _del(cls, col): pq = db.session.query(cls) pq = pq.filter(col == role.id) def _repo(cls, col): pq = db.session.query(cls).filter(col == role.id) pq.update({col: fallback.id}, synchronize_session=False) _del(Permission, Permission.role_id) db.session.delete(role) db.session.commit()
def view(id): """Retrieve role details""" role = obj_or_404(Role.by_id(id)) data = role.to_dict() return jsonify(data)
def update_roles(): for role in Role.all(deleted=True): update_role(role)
def create_system_roles(): log.info("CREATING SYSTEM ROLES") Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, "All visitors") Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, "Logged in users") Role.load_cli_user() db.session.commit()
def private_roles(self): if not self.logged_in: return set() return self.roles.difference(Role.public_roles())
def role(self): if not hasattr(self, "_role"): self._role = Role.by_id(self.id) return self._role