Пример #1
0
    def run(self):
        email = prompt('Email')
        password = prompt_pass('Password')
        password_confirm = prompt_pass('Confirm Password')
        first_name = prompt('First name')
        last_name = prompt('Last name')

        data = MultiDict(
            dict(email=email,
                 password=password,
                 password_confirm=password_confirm,
                 first_name=first_name,
                 last_name=last_name))
        form = RegisterForm(data, csrf_enabled=False)

        if form.validate():
            user = _datastore.create_user(
                email=email,
                password=encrypt_password(password),
                first_name=first_name,
                last_name=last_name,
                active=True,
                confirmed_at=datetime.datetime.utcnow())
            get_or_create_role = _datastore.find_or_create_role("ADMIN")
            _datastore.add_role_to_user(user, get_or_create_role)
            _datastore.commit()

            print('\nUser created successfully')
            print('User(id=%s email=%s)' % (user.id, user.email))
            return

        print('\nError creating user:'******'\n'.join(errors))
Пример #2
0
def create_user(email, role):
    from flask_security import SQLAlchemyUserDatastore
    from security_monkey.datastore import User
    from security_monkey.datastore import Role
    from flask_security.utils import encrypt_password

    user_datastore = SQLAlchemyUserDatastore(db, User, Role)

    ROLES = ['View', 'Comment', 'Justify', 'Admin']
    if role not in ROLES:
        sys.stderr.write('[!] Role must be one of [{0}].\n'.format(
            ' '.join(ROLES)))
        sys.exit(1)

    users = User.query.filter(User.email == email)

    if users.count() == 0:
        password1 = prompt_pass("Password")
        password2 = prompt_pass("Confirm Password")

        if password1 != password2:
            sys.stderr.write("[!] Passwords do not match\n")
            sys.exit(1)

        user = user_datastore.create_user(email=email,
                                          password=encrypt_password(password1),
                                          confirmed_at=datetime.now())
    else:
        sys.stdout.write("[+] Updating existing user\n")
        user = users.first()

    user.role = role

    db.session.add(user)
    db.session.commit()
Пример #3
0
def createsuperuser():
    """
    Create a super user of the system, requiring Email and password.
    """

    email = prompt('User E-Mail')
    email_confirm = prompt('Confirm E-Mail')

    if not email == email_confirm:
        sys.exit('\nCould not create user: E-Mail did not match')

    if not EMAIL_REGEX.match(email):
        sys.exit('\nCould not create user: Invalid E-Mail addresss')

    password = prompt_pass('User password')
    password_confirm = prompt_pass('Confirmed password')

    if not password == password_confirm:
        sys.exit('\nCould not create user: Passwords did not match')

    datastore = SQLAlchemyUserDatastore(db, User, Role)
    datastore.create_user(
        email=email,
        password=encrypt_password(password),
        active=True,
        super_user=True)

    db.session.commit()
Пример #4
0
 def run(self):
     email = prompt('Email')
     password = prompt_pass('Password')
     password_confirm = prompt_pass('Confirm Password')
     fullname = prompt('Fullname')
     tel = prompt('Tel')
     active = bool(prompt('Actvice immediately', default='True'))
     role = prompt('Role', default='admin')
     data = MultiDict(
         dict(email=email,
              password=password,
              password_confirm=password_confirm,
              fullname=fullname,
              tel=tel,
              active=active,
              role=role))
     form = RegisterForm(data, csrf_enabled=False)
     if form.validate():
         user = register_user(email=email,
                              password=password,
                              fullname=fullname,
                              tel=tel,
                              active=active,
                              role=role)
         print("\nUser created successfully")
         print("User(id=%s,email=%s,fullname=%s)" %
               (user.id, user.email, user.fullname))
         return
     print("\nError creating user:"******"\n".join(errors))
Пример #5
0
    def run(self):
        deployments = Deployment.objects
        option = prompt_choices('Deployment', [
            (str(i), v) for i, v in enumerate(deployments, 1)])
        deployment = deployments[int(option) - 1]
        email = prompt('Email')
        password = prompt_pass('Password')
        password_confirm = prompt_pass('Confirm Password')

        can_create, form_errors = can_create_user(email, password,
                                                  password_confirm, deployment)

        if can_create:
            try:
                user = register_user(email=email, password=password)
            except socket.error as e:
                # if there's an error sending the notification email,
                # recover
                print 'Error sending confirmation email: {}'.format(e)
                user = users.get(email=email, deployment=None)
            user.update(set__deployment=deployment)
            print '\nUser created successfully'
            print 'User(id=%s email=%s)' % (user.id, user.email)
            return
        print '\nError creating user:'******'\n'.join(errors)
Пример #6
0
    def run(self):
        email            = prompt('Email')
        password         = prompt_pass('Password')
        password_confirm = prompt_pass('Confirm Password')
        first_name       = prompt('First name')
        last_name        = prompt('Last name')

        data             = MultiDict(dict(email=email, password=password,
                                          password_confirm=password_confirm,
                                          first_name=first_name,
                                          last_name=last_name))
        form             = RegisterForm(data, csrf_enabled=False)

        if form.validate():
            user = _datastore.create_user(email=email,
                                          password=encrypt_password(password),
                                            first_name=first_name,
                                            last_name=last_name, active=True,
                                            confirmed_at=datetime.datetime.utcnow())
            get_or_create_role = _datastore.find_or_create_role("ADMIN")
            _datastore.add_role_to_user(user, get_or_create_role)
            _datastore.commit()

            print('\nUser created successfully')
            print('User(id=%s email=%s)' % (user.id, user.email))
            return

        print('\nError creating user:'******'\n'.join(errors))
Пример #7
0
    def run(self):
        email = prompt('Email')
        password = prompt_pass('Password')
        password_confirm = prompt_pass('Confirm Password')

        ListRolesCommand().run()
        role_names = prompt("This user's comma-separated roles")
        role_models = []
        for name in role_names.split(','):
            r = roles.first(name=name.strip())
            if not r:
                print('Invalid role: %s' % name.strip())
            else:
                role_models.append(r)

        data = MultiDict(dict(email=email, password=password, password_confirm=password_confirm))
        form = RegisterForm(data, csrf_enabled=False)
        if form.validate():
            user = register_user(email=email, password=password)
            user.roles = role_models
            db.session.add(user)
            db.session.commit()
            print('\nUser created successfully')
            print('User(id=%s email=%s, roles=%s)' % (user.id, user.email,
                ','.join([r.name for r in user.roles])))
        else:
            print('\nError creating user:'******'\n'.join(errors))
Пример #8
0
    def run(self):
        """Run the command."""
        # Get the information.
        email = prompt('Email')
        name = prompt('Name')
        password = prompt_pass('Password')
        password_confirm = prompt_pass('Confirm Password')
        data = MultiDict({
            'email': email,
            'password': password,
            'password_confirm': password_confirm,
        })

        # Validate the form.
        form = RegisterForm(data, csrf_enabled=False)
        if form.validate():
            user = register_user(name=name, email=email, password=password)
            print('\nUser created successfully.')
            print('User(id={} email={})'.format(user.id, user.email))
            return

        # If something went wrong, report it and exit out.
        print('\nError creating user:'******'\n'.join(errors))
        sys.exit(1)
Пример #9
0
def create_user(email, role):
    from flask_security import SQLAlchemyUserDatastore
    from security_monkey.datastore import User
    from security_monkey.datastore import Role
    user_datastore = SQLAlchemyUserDatastore(db, User, Role)

    ROLES = ['View', 'Comment', 'Justify', 'Admin']
    if role not in ROLES:
        sys.stderr.write('[!] Role must be one of [{0}].\n'.format(' '.join(ROLES)))
        sys.exit(1)

    users = User.query.filter(User.email == email)

    if users.count() == 0:
        password1 = prompt_pass("Password")
        password2 = prompt_pass("Confirm Password")

        if password1 != password2:
            sys.stderr.write("[!] Passwords do not match\n")
            sys.exit(1)

        user = user_datastore.create_user(email=email, password=password1, confirmed_at=datetime.now())
    else:
        sys.stdout.write("[+] Updating existing user\n")
        user = users.first()

    user.role = role

    db.session.add(user)
    db.session.commit()
Пример #10
0
    def run(self, demo=False):
        if demo:
            email, password = '******', 'demo'
            print("Creating user with login {0} and password {1}".format(email, password))
        else:
            email = prompt("Provide email for the superuser")
            password = prompt_pass("Provide user {} with the password".format(email))
            confirm = prompt_pass("Confirm password")

            if password != confirm:
                print("Password doesn't match it's confirmation")
                return

        admin_role = self.get_admin_role()

        try:
            user = app.security.datastore.find_user(email=email)
            print 'user:'******'Демо',
                                               last_name=u'Демович')
Пример #11
0
def create_superadmin(email):
    password = prompt_pass('Please input password')
    confirm_password = prompt_pass('Please input password again')
    if password != confirm_password:
        print('Password mismatch! Please confirm that you type same passwords.')
        return
    current_app.extensions['perm'].create_super_admin(email, password)
    print('Success!')
Пример #12
0
def create_superadmin(email):
    password = prompt_pass('Please input password')
    confirm_password = prompt_pass('Please input password again')
    if password != confirm_password:
        print(
            'Password mismatch! Please confirm that you type same passwords.')
        return
    current_app.extensions['perm'].create_super_admin(email, password)
    print('Success!')
Пример #13
0
 def run(self):
     email = prompt('email')
     password = prompt_pass('password')
     confirm_password = prompt_pass('confirm password')
     if password != confirm_password:
         print '\nMismatching passwords'
         return
     user = users.create( email = email, password = password, registered_at = datetime.datetime.utcnow(), active = True, confirmed_at = datetime.datetime.utcnow())
     print '\nUser created successfully'
     print 'User(id=%s email=%s)' % (user.id, user.title)
Пример #14
0
 def run(self):
     auth = HTTPDigestAuth()
     p1 = prompt_pass('Password')
     p2 = prompt_pass('Retype password')
     if p1 != p2:
         print >> sys.stderr, 'Passwords didn\'t match.'
         return
     print
     print 'Add this to your configuration file:'
     print 'PASSWORD = \'%s\'' % auth.a1(p1)
Пример #15
0
    def run(self):
        """
        Prompts the user to Changes a cluster password
        """
        clusters = []
        for c in models.Cluster.query.all():
          clusters.append(c.name)

        try:
            cluster = prompt_choices("Which cluster?", clusters, resolve=str)
            password_old = prompt_pass("Enter the current cluster password", "None")

            c = models.Cluster.query.get(cluster)

            # no password provided
            if (password_old == "None"):
                # if cluster has a password, obviously deny the request
                if (c.secret is not None):
                    print "Cluster password is wrong."
                    sys.exit(1)

            if (auth.verify_password(cluster, password_old)):
                password_one = prompt_pass("Enter the new password", "None")
                password_two = prompt_pass("Confirm the new password", "None")

                if password_one == password_two:
                    # if password is None, we will remove the password, not change it
                    if (password_one == "None" and password_two == "None"):
                        if (prompt_bool("Do you want to remove the password?", True)):
                            c.secret = None
                            action = "removed"
                        else:
                            print "Password change cancelled."
                            sys.exit(1)
                    else:
                        c.secret = auth.generate_password(password_one)
                        action = "changed"

                    try:
                      db.session.commit()
                      log.info("Password for cluster %s was %s." % (cluster, action))
                    except Exception as ex:
                      log.debug(ex)
                      print "Error while changing the cluster password."
                      sys.exit(1)
                else:
                    print "Passwords don't match."
                    sys.exit(1)
            else:
                print "Cluster password is wrong."
                sys.exit(1)

        except KeyboardInterrupt:
            print "Password change cancelled."
            sys.exit(1)
Пример #16
0
def create_user():
    username = prompt("Enter username")
    password1 = prompt_pass("Enter password")
    password2 = prompt_pass("Re-type password")
    if password1 == password2:
        new_user = models.User(username, password1)
        models.db.session.add(new_user)
        models.db.session.commit()
        print('User {0} successfully created'.format(username))
    else:
        print("Error: Passwords don't match")
Пример #17
0
    def run(self):
        local_config_exists = os.path.isfile('local_config.py')
        if local_config_exists:
            if not prompt_bool("Overwrite existing settings?"):
                return

        admin_username = prompt('Choose an admin user name')
        admin_pass = prompt_pass('Choose an admin password')
        email_address = prompt('What email address do you want to send alerts to?')
        time_zone = prompt('What time zone are we in?', default='Europe/London')
        database_name = prompt_pass('Choose a database name', default='habitat')
Пример #18
0
 def run(self, email):
     u = user_datastore.find_user(email=email)
     password = prompt_pass("New password for \"%s\"" % u.email)
     password2 = prompt_pass("New password (repeat)")
     if password != password2:
         print "Passwords do not match."
         return 1
     u.password = encrypt_password(password)
     db.session.add(u)
     db.session.commit()
     print "Password updated."
     return 0
Пример #19
0
 def run(self, email):
     u = user_datastore.find_user(email=email)
     password = prompt_pass("New password for \"%s\"" % u.email)
     password2 = prompt_pass("New password (repeat)")
     if password != password2:
         print "Passwords do not match."
         return 1
     u.password = encrypt_password(password)
     db.session.add(u)
     db.session.commit()
     print "Password updated."
     return 0
Пример #20
0
    def run(self, password):
        create()
        user = user_service.get_by_username("lemur")

        if not user:
            if not password:
                sys.stdout.write(
                    "We need to set Lemur's password to continue!\n")
                password = prompt_pass("Password")
                password1 = prompt_pass("Confirm Password")

                if password != password1:
                    sys.stderr.write("[!] Passwords do not match!\n")
                    sys.exit(1)

            role = role_service.get_by_name('admin')

            if role:
                sys.stdout.write(
                    "[-] Admin role already created, skipping...!\n")
            else:
                # we create an admin role
                role = role_service.create(
                    'admin',
                    description='this is the lemur administrator role')
                sys.stdout.write("[+] Created 'admin' role\n")

            user_service.create("lemur", password, 'lemur@nobody', True, None,
                                [role])
            sys.stdout.write(
                "[+] Added a 'lemur' user and added it to the 'admin' role!\n")

        else:
            sys.stdout.write(
                "[-] Default user has already been created, skipping...!\n")

        sys.stdout.write("[+] Creating expiration email notifications!\n")
        sys.stdout.write(
            "[!] Using {0} as specified by LEMUR_SECURITY_TEAM_EMAIL for notifications\n"
            .format("LEMUR_SECURITY_TEAM_EMAIL"))

        intervals = current_app.config.get(
            "LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS", [])
        sys.stdout.write(
            "[!] Creating {num} notifications for {intervals} days as specified by LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS\n"
            .format(num=len(intervals),
                    intervals=",".join([str(x) for x in intervals])))

        recipients = current_app.config.get('LEMUR_SECURITY_TEAM_EMAIL')
        notification_service.create_default_expiration_notifications(
            "DEFAULT_SECURITY", recipients=recipients)

        sys.stdout.write("[/] Done!\n")
Пример #21
0
def builddb():
    """ Management function to create the required DB. """ 
    models.db.create_all()
    print 'Blank database created'
    passwd = None
    while passwd is None:
        passwd = prompt_pass("Please enter primary admin password")
        passwd_confirm = prompt_pass("Please confirm password")
        if passwd != passwd_confirm:
            print "Passwords do not match."
            passwd = None
    models.db.session.add(admin_models.Admin('root',passwd,True))
    models.db.session.commit()
Пример #22
0
def createuser(username=None, password=None, email=None, role=None):
    """
    Create a new user
    """

    if username is None:
        while True:
            username = prompt("Username")
            user = User.query.filter(User.username == username).first()
            if user is not None:
                print "Username %s is already taken" % username
            else:
                break

    if email is None:
        while True:
            email = prompt("Email address")
            user = User.query.filter(User.email == email).first()
            if user is not None:
                print "Email %s is already taken" % email
            else:
                break

    if password is None:
        password = prompt_pass("Password")

        while True:
            password_again = prompt_pass("Password again")
            if password != password_again:
                print "Passwords do not match"
            else:
                break

    roles = (
        (User.MEMBER, "member"),
        (User.MODERATOR, "moderator"),
        (User.ADMIN, "admin"),
    )

    if role is None:
        role = prompt_choices("Role", roles, resolve=int, default=User.MEMBER)

    user = User(username=username,
                email=email,
                password=password,
                role=role)

    db.session.add(user)
    db.session.commit()

    print "User created with ID", user.id
Пример #23
0
def createuser(username=None, password=None, email=None, role=None):
    """
    Create a new user
    """

    if username is None:
        while True:
            username = prompt("Username")
            user = User.query.filter(User.username==username).first()
            if user is not None:
                print "Username %s is already taken" % username
            else:
                break

    if email is None:
        while True:
            email = prompt("Email address")
            user = User.query.filter(User.email==email).first()
            if user is not None:
                print "Email %s is already taken" % email
            else:
                break

    if password is None:
        password = prompt_pass("Password")

        while True:
            password_again = prompt_pass("Password again")
            if password != password_again:
                print "Passwords do not match"
            else:
                break

    roles = (
        (User.MEMBER, "member"),
        (User.MODERATOR, "moderator"),
        (User.ADMIN, "admin"),
    )

    if role is None:
        role = prompt_choices("Role", roles, resolve=int, default=User.MEMBER)

    user = User(username=username,
                email=email,
                password=password,
                role=role)

    db.session.add(user)
    db.session.commit()

    print "User created with ID", user.id
Пример #24
0
 def run(self):
     email = prompt('email')
     password = prompt_pass('password')
     confirm_password = prompt_pass('confirm password')
     if password != confirm_password:
         print '\nMismatching passwords'
         return
     user = users.create(email=email,
                         password=password,
                         registered_at=datetime.datetime.utcnow(),
                         active=True,
                         confirmed_at=datetime.datetime.utcnow())
     print '\nUser created successfully'
     print 'User(id=%s email=%s)' % (user.id, user.title)
Пример #25
0
def create_user(admin=False):
    """Creates an user in database"""
    username = prompt("Enter username")
    email = prompt("Enter email")
    password1 = prompt_pass("Enter password")
    password2 = prompt_pass("Re-type password")
    if password1 == password2:
        new_user = User(username=username, password=password1, email=email)
        new_user.is_admin = admin
        db.session.add(new_user)
        db.session.commit()
        print('User {0} successfully created'.format(username))
    else:
        print("Error: Passwords don't match")
Пример #26
0
    def run(self):
        local_config_exists = os.path.isfile('local_config.py')
        if local_config_exists:
            if not prompt_bool("Overwrite existing settings?"):
                return

        admin_username = prompt('Choose an admin user name')
        admin_pass = prompt_pass('Choose an admin password')
        email_address = prompt(
            'What email address do you want to send alerts to?')
        time_zone = prompt('What time zone are we in?',
                           default='Europe/London')
        database_name = prompt_pass('Choose a database name',
                                    default='habitat')
Пример #27
0
 def run(self):
     email = prompt('Email')
     password = prompt_pass('Password')
     password_confirm = prompt_pass('Confirm Password')
     data = MultiDict(dict(email=email, password=password, password_confirm=password_confirm))
     form = RegisterForm(data, csrf_enabled=False)
     if form.validate():
         user = register_user(email=email, password=password)
         print '\nUser created successfully'
         print 'User(id=%s email=%s)' % (user.id, user.email)
         return
     print '\nError creating user:'******'\n'.join(errors)
Пример #28
0
def add(username):
    "Add a new user"
    if User.query.filter_by(username=username).count():
        print "There is already a user with the username {}".format(username)
    else:
        password = prompt_pass('Password')
        confirm = prompt_pass('Confirm Password')
        if password == confirm:
            user = User(username, password)
            db.session.add(user)
            db.session.commit()
            print "Created user {}".format(user.username)
        else:
            print "Passwords don't match"
Пример #29
0
 def run(self):
     email = prompt('Email')
     password = prompt_pass('Password')
     password_confirm = prompt_pass('Confirm Password')
     active = bool(prompt('Actvice immediately', default='True'))
     role = prompt('Role', default='admin')
     if password == password_confirm:
         user = User(email=email,
                     password=hash_password(password),
                     confirmed_at=now(),
                     active=active,
                     role=role)
         db.session.add(user)
         db.session.commit()
Пример #30
0
 def run(self):
     email = prompt('Email')
     password = prompt_pass('Password')
     password_confirm = prompt_pass('Confirm Password')
     data = MultiDict(dict(email=email, password=password, password_confirm=password_confirm))
     form = RegisterForm(data, csrf_enabled=False)
     if form.validate():
         user = register_user(email=email, password=password)
         print '\nUser created successfully'
         print 'User(id=%s email=%s)' % (user.id, user.email)
         return
     print '\nError creating user:'******'\n'.join(errors)
Пример #31
0
def create_admin():
    """Creates a default administrator."""
    from app.forms import RegisterUser
    from werkzeug.datastructures import MultiDict
    from app.models import User

    # app.config['TESTING'] = True
    # app.config.update(TESTING=True)
    app.config.update(dict(
        TESTING=True
        ))

    firstname = prompt("What be your first name?").title()
    lastname = prompt("What is your last name?").title()
    email = prompt("What be your email?").lower().strip()
    password = prompt_pass("Please enter a password")
    confirm = prompt_pass("Please confirm password")
    data = MultiDict(dict(
        firstname=firstname,
        lastname=lastname,
        email=email,
        password=password,
        confirm=confirm,
        ))

    form = RegisterUser(data, csrf_enabled=False)

    if not form.validate():
        print form.errors
        return create_admin()
    else:
        newUser = User(firstname=form.firstname.data.title(),
                       lastname=form.lastname.data.title(),
                       email=form.email.data.lower().strip())
        newUser.set_password(form.password.data)
        # payload = User.get_activation_link(newUser)
        # email_confirmation(newUser, payload)
        # print("Please confirm your email address by checking your email.")
        newUser.roles.is_admin = True
        newUser.roles.can_login = True
        newUser.save()
        try:
            user = User.get(email=form.email.data.lower().strip())
            if user.is_admin() is True and user.roles.can_login is True:
                pass
        except:
            print('There was an error adding your username to the db.')
        print("{} has been added as an admin.".format(user.email))
Пример #32
0
def unlock(path=None):
    """
    Decrypts all of the files in a given directory with provided password.
    This is most commonly used during the startup sequence of Lemur
    allowing it to go from source code to something that can communicate
    with external services.

    Path defaults ~/.lemur/keys

    :param: path
    """
    key = prompt_pass("[!] Please enter the encryption password")

    if not path:
        path = os.path.expanduser('~/.lemur/keys')

    dest_dir = os.path.join(path, "decrypted")
    source_dir = os.path.join(path, "encrypted")

    if not os.path.exists(dest_dir):
        sys.stdout.write("[+] Creating decryption directory: {0}\n".format(dest_dir))
        os.makedirs(dest_dir)

    for root, dirs, files in os.walk(source_dir):
        for f in files:
            source = os.path.join(source_dir, f)
            dest = os.path.join(dest_dir, ".".join(f.split(".")[:-1]))
            with open(source, 'rb') as in_file, open(dest, 'wb') as out_file:
                f = Fernet(key)
                data = f.decrypt(in_file.read())
                out_file.write(data)
                sys.stdout.write("[+] Writing file: {0} Source: {1}\n".format(dest, source))

    sys.stdout.write("[+] Keys have been unencrypted!\n")
Пример #33
0
    def run(self, addroles=True, revision='head', default=False):
        # migrate database to latest revision
        logger.info('Upgrading DB')
        upgrade(revision=revision)

        if addroles:
            logger.info('Inserting Roles into DB')
            Role.insert_roles()

        admin_role = Role.query.filter_by(name='Administrator').one()

        if default:
            admin_email = current_app.config.get('ADMIN_EMAIL', '*****@*****.**')
        else:
            admin_email = prompt('Admin email', default='*****@*****.**')

        existing = User.query.filter(User.email==admin_email).scalar()
        while existing:
            print('Email already registered. Please provide a different email address')
            admin_email = prompt('Admin email', default='*****@*****.**')
            existing = User.query.filter(User.email==admin_email).scalar()

        admin = User(email=admin_email)

        if default:
            admin.password = '******'
        else:
            admin.password = prompt_pass('Admin password')

        db.session.add(admin)
        db.session.commit()
Пример #34
0
    def run(self, name=None, email=None, password=None, role=None):
        if not name:
            name = prompt("Full Name")

        if not email:
            email = prompt("A valid email address")

        if not password:
            password = prompt_pass("Password")

        if not role:
            roles = [r.name for r in Role.objects]
            role_name = prompt_choices("Role", choices=roles,
                                       no_choice=('none', ''))
            if role_name:
                role, created = Role.objects.get_or_create(name=role_name)
            else:
                role = None
        else:
            role, created = Role.objects.get_or_create(name=role)

        if all([name, email, password]):
            user = User.objects.create(
                name=name,
                email=email,
                password=encrypt_password(password),
                active=True,
                roles=[role]
            )
        else:
            user = u"Cant create the supersuser"

        print user
Пример #35
0
def login(username=None, password=None, service=None):
    ''' Logs into a comicbook store provider (e.g. Comixology).
    '''
    try:
        service_class = _get_service_class_safe(service, message="Choose a service to log into:")
    except Exception as e:
        app.logger.error(e)
        return 1

    if username is None:
        username = prompt('username (on %s)' % str(service_class.service_label))
    if password is None:
        password = prompt_pass('password (on %s)' % str(service_class.service_label))

    try:
        service_account = service_class(username)
        service_account.login(password)
    except Exception as e:
        app.logger.error("Error authenticating with %s" % service_class.service_label)
        app.logger.error(e)
        return 1

    account = _get_account()
    account.services[service_class.service_name] = service_account
    account.save()
Пример #36
0
def create_admin(username=None, password=None, email=None):
    if not (username and password and email):
        username = prompt("Username")
        email = prompt("A valid email address")
        password = prompt_pass("Password")

    create_admin_user(username=username, password=password, email=email)
Пример #37
0
def genpwhash():
    """
    Generate password hash for input
    """
    print("Current password hash algorithm: {}".format(app.config['SECURITY_PASSWORD_HASH']))
    password = prompt_pass("Enter password to hash (hidden)")
    print(encrypt_password(password))
Пример #38
0
def create(email,
           name,
           groups,
           is_admin=False,
           google_auth=False,
           password=None):
    print "Creating user (%s, %s)..." % (email, name)
    print "Admin: %r" % is_admin
    print "Login with Google Auth: %r\n" % google_auth
    if isinstance(groups, basestring):
        groups = groups.split(',')
        groups.remove('')  # in case it was empty string

    if is_admin:
        groups += ['admin']

    user = models.User(email=email, name=name, groups=groups)
    if not google_auth:
        password = password or prompt_pass("Password")
        user.hash_password(password)

    try:
        user.save()
    except Exception, e:
        print "Failed creating user: %s" % e.message
Пример #39
0
    def run(self):
        """
        Prompts the user for a password to be hashed and shown on screen
        """
        try:
            password_one = prompt_pass("Enter a password")
            password_two = prompt_pass("Confirm the password")
        except KeyboardInterrupt:
            print "Generation cancelled."
            sys.exit(1)

        if password_one == password_two:
            print "Generated hash: " + auth.generate_password(password_one)
        else:
            print "Passwords don't match."
            self.run()
Пример #40
0
def unlock(path=None):
    """
    Decrypts all of the files in a given directory with provided password.
    This is most commonly used during the startup sequence of Lemur
    allowing it to go from source code to something that can communicate
    with external services.

    Path defaults ~/.lemur/keys

    :param: path
    """
    key = prompt_pass("[!] Please enter the encryption password")

    if not path:
        path = os.path.expanduser('~/.lemur/keys')

    dest_dir = os.path.join(path, "decrypted")
    source_dir = os.path.join(path, "encrypted")

    if not os.path.exists(dest_dir):
        sys.stdout.write("[+] Creating decryption directory: {0}\n".format(dest_dir))
        os.makedirs(dest_dir)

    for root, dirs, files in os.walk(source_dir):
        for f in files:
            source = os.path.join(source_dir, f)
            dest = os.path.join(dest_dir, ".".join(f.split(".")[:-1]))
            with open(source, 'rb') as in_file, open(dest, 'wb') as out_file:
                f = Fernet(key)
                data = f.decrypt(in_file.read())
                out_file.write(data)
                sys.stdout.write("[+] Writing file: {0} Source: {1}\n".format(dest, source))

    sys.stdout.write("[+] Keys have been unencrypted!\n")
Пример #41
0
    def run(self, addroles=True, revision='head', default=False):
        # migrate database to latest revision
        logger.info('Upgrading DB')
        upgrade(revision=revision)

        if addroles:
            logger.info('Inserting Roles into DB')
            Role.insert_roles()

        admin_role = Role.query.filter_by(name='Administrator').one()

        if default:
            admin_email = current_app.config.get('ADMIN_EMAIL',
                                                 '*****@*****.**')
        else:
            admin_email = prompt('Admin email', default='*****@*****.**')

        existing = User.query.filter(User.email == admin_email).scalar()
        while existing:
            print(
                'Email already registered. Please provide a different email address'
            )
            admin_email = prompt('Admin email', default='*****@*****.**')
            existing = User.query.filter(User.email == admin_email).scalar()

        admin = User(email=admin_email)

        if default:
            admin.password = '******'
        else:
            admin.password = prompt_pass('Admin password')

        db.session.add(admin)
        db.session.commit()
Пример #42
0
    def run(self, name=None, email=None, password=None, role=None):
        if not name:
            name = prompt("Full Name")

        if not email:
            email = prompt("A valid email address")

        if not password:
            password = prompt_pass("Password")

        if not role:
            roles = [r.name for r in Role.objects]
            role_name = prompt_choices("Role",
                                       choices=roles,
                                       no_choice=('none', ''))
            if role_name:
                role, created = Role.objects.get_or_create(name=role_name)
            else:
                role = None
        else:
            role, created = Role.objects.get_or_create(name=role)

        if all([name, email, password]):
            user = User.createuser(name, email, password, roles=[role])
        else:
            user = "******"

        print(user)
Пример #43
0
def create_user(email, password):
    email = email or prompt('Email')
    password = password or prompt_pass('Password')
    user = User(email=email, password=password)
    db.session.add(user)
    db.session.commit()
    print('User created successfully')
Пример #44
0
def createAdmin():
    "Create an Admin User"
    print "Creating Admin User..."
    fname = prompt(name="First Name")
    lname = prompt(name="Last Name")
    email = prompt(name="Email")
    password = prompt_pass(name="password")

    name = {"last": lname,
            "first": fname}

    client = MongoClient()
    db = client.mydb
    users = db.users

    uid = str(uuid.uuid4())
    salt = str(uuid.uuid4())
    m = md5.md5()
    m.update(unicode(salt)+password)
    hashed = m.hexdigest()

    admin = {
        "_id": uid,
        "hash": hashed,
        "name": name,
        "admin": False,
        "salt": salt,
        "email": email,
        "admin": True,
        "tags": [],
        "picture": "http://lorempixel.com/g/250/250/"
    }

    users.insert_one(admin)
Пример #45
0
def create(email, name, groups, is_admin=False, google_auth=False, password=None):
    print "Creating user (%s, %s)..." % (email, name)
    print "Admin: %r" % is_admin
    print "Login with Google Auth: %r\n" % google_auth

    org = models.Organization.get_by_slug('default')
    if isinstance(groups, basestring):
        groups= groups.split(',')
        groups.remove('') # in case it was empty string
        groups = [int(g) for g in groups]

    if groups is None:
        groups = [models.Group.get(models.Group.name=="default", models.Group.org==org).id]

    if is_admin:
        groups += [models.Group.get(models.Group.name=="admin", models.Group.org==org).id]

    user = models.User(org=org, email=email, name=name, groups=groups)
    if not google_auth:
        password = password or prompt_pass("Password")
        user.hash_password(password)

    try:
        user.save()
    except Exception, e:
        print "Failed creating user: %s" % e.message
Пример #46
0
def create_user(email, password):
    email = email or prompt('Email')
    password = password or prompt_pass('Password')
    user = User(email=email, password=password)
    db.session.add(user)
    db.session.commit()
    print('User created successfully')
Пример #47
0
    def run(self, password):
        create()
        user = user_service.get_by_username("lemur")

        if not user:
            if not password:
                sys.stdout.write("We need to set Lemur's password to continue!\n")
                password = prompt_pass("Password")
                password1 = prompt_pass("Confirm Password")

                if password != password1:
                    sys.stderr.write("[!] Passwords do not match!\n")
                    sys.exit(1)

            role = role_service.get_by_name("admin")

            if role:
                sys.stdout.write("[-] Admin role already created, skipping...!\n")
            else:
                # we create an admin role
                role = role_service.create("admin", description="this is the lemur administrator role")
                sys.stdout.write("[+] Created 'admin' role\n")

            user_service.create("lemur", password, "lemur@nobody", True, None, [role])
            sys.stdout.write("[+] Added a 'lemur' user and added it to the 'admin' role!\n")

        else:
            sys.stdout.write("[-] Default user has already been created, skipping...!\n")

        sys.stdout.write("[+] Creating expiration email notifications!\n")
        sys.stdout.write(
            "[!] Using {0} as specified by LEMUR_SECURITY_TEAM_EMAIL for notifications\n".format(
                "LEMUR_SECURITY_TEAM_EMAIL"
            )
        )

        intervals = current_app.config.get("LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS", [])
        sys.stdout.write(
            "[!] Creating {num} notifications for {intervals} days as specified by LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS\n".format(
                num=len(intervals), intervals=",".join([str(x) for x in intervals])
            )
        )

        recipients = current_app.config.get("LEMUR_SECURITY_TEAM_EMAIL")
        notification_service.create_default_expiration_notifications("DEFAULT_SECURITY", recipients=recipients)

        sys.stdout.write("[/] Done!\n")
Пример #48
0
def add_admin(steam_id):
    config_app(app)
    from lobbypy.utils import db
    from lobbypy.models import Player
    player = Player.query.filter_by(steam_id=steam_id).first()
    if player:
        player.admin = True
    else:
        player = Player(steam_id)
        player.admin = True
    password = prompt_pass("Enter password for the Administrator")
    if password == prompt_pass("Re-enter password for the Administrator"):
        player.password = crypt(password)
        db.session.add(player)
        db.session.commit()
    else:
        print "Passwords do not match, re-run command"
Пример #49
0
def genpwhash():
    """
    Generate password hash for input
    """
    print("Current password hash algorithm: {}".format(
        app.config['SECURITY_PASSWORD_HASH']))
    password = prompt_pass("Enter password to hash (hidden)")
    print(encrypt_password(password))
Пример #50
0
    def run(self):
        if models.Deployment.objects.count() > 0:
            print 'You already have deployments set up.'
            return

        name = prompt('Name of new deployment')
        hostname = prompt('Hostname for deployment')

        deployment = models.Deployment.objects.create(name=name,
                                                      hostnames=[hostname])

        # create the roles
        role_names = ['manager', 'clerk', 'analyst', 'admin']
        for role_name in role_names:
            role = models.Role.objects.create(name=role_name)

        # create the admin user
        email = prompt('Email for admin user')
        password = prompt_pass('Password for admin user')
        password_confirm = prompt_pass('Confirm password')

        data = MultiDict({
            'email': email,
            'password': password,
            'password_confirm': password_confirm
        })
        form = RegisterForm(data, csrf_enabled=False)
        if form.validate():
            try:
                user = register_user(email=email, password=password)
            except socket.error as e:
                print 'Error sending registration email: {}'.format(e)
                user = services.users.get(email=email, deployment=None)
            user.update(set__deployment=deployment, add_to_set__roles=role)

            print '\nUser created successfully'
            print 'User(id=%s email=%s)' % (user.id, user.email)
        else:
            print '\nError creating user:'******'\n'.join(errors)

        # create at least one event
        from apollo.manage.deployments import CreateEventCommand
        CreateEventCommand._create_event(deployment)
Пример #51
0
def create_admin(username=None, password=None, email=None):
    """Creates the admin user"""

    if not (username and password and email):
        username = prompt("Username")
        email = prompt("A valid email address")
        password = prompt_pass("Password")

    create_admin_user(username=username, password=password, email=email)
Пример #52
0
    def run(self):
        username = prompt('Enter a username')
        email = prompt('Enter email address')
        password = prompt_pass('Enter password')
        confirm_password = prompt_pass('Enter password again')

        if password == confirm_password:
            try:
                user = User(username, email, password)
                user.confirmed = True
                user.confirmed_date = datetime.utcnow()
                db.session.add(user)
                db.session.commit()
                print "Superuser '{}' has been created".format(username)
            except:
                print "Username and/or email already taken."
        else:
            print "Username and password do not match. Try again"
Пример #53
0
    def run(self, username):
        user = user_service.get_by_username(username)

        if not user:
            sys.stderr.write("[!] No user found for username: {0}\n".format(username))
            sys.exit(1)

        sys.stderr.write("[+] Resetting password for {0}\n".format(username))
        password1 = prompt_pass("Password")
        password2 = prompt_pass("Confirm Password")

        if password1 != password2:
            sys.stderr.write("[!] Passwords do not match\n")
            sys.exit(1)

        user.password = password1
        user.hash_password()
        database.commit()
Пример #54
0
def create_user():
    email = prompt('Email address')
    password = prompt_pass('Password')

    try:
        print "Creating user..."
        User.create(email, password)
    except:
        print "Error creating user!"
Пример #55
0
    def run(self):
        while True:
            username = prompt("username")
            if not User.query.filter(
                    func.lower(User.username) == func.lower(username)
            ).count():
                break
            print("username taken")

        while True:
            password = prompt_pass("password")
            password_confirm = prompt_pass("confirm password")
            if len(password) and password == password_confirm:
                break
            print("invalid or non-matching passwords")

        user = User(username, password)
        db.session.add(user)
        db.session.commit()
Пример #56
0
    def run(self, username, email, active, roles):
        role_objs = []
        for r in roles:
            role_obj = role_service.get_by_name(r)
            if role_obj:
                role_objs.append(role_obj)
            else:
                sys.stderr.write("[!] Cannot find role {0}".format(r))
                sys.exit(1)

        password1 = prompt_pass("Password")
        password2 = prompt_pass("Confirm Password")

        if password1 != password2:
            sys.stderr.write("[!] Passwords do not match")
            sys.exit(1)

        user_service.create(username, password1, email, active, None, role_objs)
        sys.stdout.write("[+] Created new user: {0}".format(username))
Пример #57
0
def create():
    '''Create a new user'''
    data = {
        'first_name': prompt('First name'),
        'last_name': prompt('Last name'),
        'email': prompt('Email'),
        'password': prompt_pass('Password'),
        'password_confirm': prompt_pass('Confirm Password'),
    }
    form = RegisterForm(MultiDict(data), csrf_enabled=False)
    if form.validate():
        data['password'] = encrypt_password(data['password'])
        user = datastore.create_user(**data)
        print '\nUser created successfully'
        print 'User(id=%s email=%s)' % (user.id, user.email)
        return
    print '\nError creating user:'******'\n'.join(errors)