def jwt_secure_check(arg):
logging.info("Rest_API_Plugin.jwt_token_secure() called")
if _get_user().is_anonymous is False and rbac_authentication_enabled is True:
return func(arg)
elif rbac_authentication_enabled is False:
return func(arg)
else:
verify_jwt_in_request()
return jwt_required(func(arg))
def handle_create_service():
data = request.form
name = data['name']
description = data['description']
charge = data['charge']
service = Service(_get_user(), name, description, charge)
servicesService.create(service)
return redirect(f'{service_api_root}')
def handle_create_product():
data = request.form
name = data['name']
description = data['description']
price = data['price']
product = Product(_get_user(), name, description, price)
productsService.create(product)
return redirect(f'{products_api_root}')
def handle_create_payment_detail():
data = request.form
acc_name = data['acc_name']
bank_name = data['bank_name']
sort_code = data['sort_code']
acc_number = data['acc_number']
payment_detail = PaymentDetail(_get_user(), acc_name, bank_name, sort_code, acc_number)
paymentDetailService.create(payment_detail)
print("payment_detail was sucesifuly created")
return redirect( f'{api_root}' )
def get(self):
request_debug(r, logger)
user = utils._get_user()
user = user.dbUser
user_id = str(user.id)
args = cluster_list_parser.parse_args()
page = args['pageNo']
per_page = args['pageSize']
result = cluster_handler.list(page_no=page,
page_size=per_page,
user=user)
# result = cluster_handler.list(page_no=page, page_size=per_page, user_id=user_id)
return make_ok_resp(data=result)
def login_user(user, remember=False, duration=None, force=False, fresh=True):
'''
Logs a user in. You should pass the actual user object to this. If the
user's `is_active` property is ``False``, they will not be logged in
unless `force` is ``True``.
This will return ``True`` if the log in attempt succeeds, and ``False`` if
it fails (i.e. because the user is inactive).
:param user: The user object to log in.
:type user: object
:param remember: Whether to remember the user after their session expires.
Defaults to ``False``.
:type remember: bool
:param duration: The amount of time before the remember cookie expires. If
``None`` the value set in the settings is used. Defaults to ``None``.
:type duration: :class:`datetime.timedelta`
:param force: If the user is inactive, setting this to ``True`` will log
them in regardless. Defaults to ``False``.
:type force: bool
:param fresh: setting this to ``False`` will log in the user with a session
marked as not "fresh". Defaults to ``True``.
:type fresh: bool
'''
if not force and not user.is_active:
return False
user_id = getattr(user, current_app.login_manager.id_attribute)()
session['user_id'] = user_id
session['user_data'] = get_user_data(user)
session['_fresh'] = fresh
session['_id'] = current_app.login_manager._session_identifier_generator()
if remember:
session['remember'] = 'set'
if duration is not None:
try:
# equal to timedelta.total_seconds() but works with Python 2.6
session['remember_seconds'] = (duration.microseconds +
(duration.seconds +
duration.days * 24 * 3600) *
10**6) / 10.0**6
except AttributeError:
raise Exception('duration must be a datetime.timedelta, '
'instead got: {0}'.format(duration))
_request_ctx_stack.top.user = user
user_logged_in.send(current_app._get_current_object(), user=_get_user())
return True
def handle_create():
data = request.form
name = data['name']
phone = data['phone']
address_1 = data['address_1']
address_2 = data['address_2']
city = data['city']
post_code = data['post_code']
client = Client(_get_user(), name, phone, address_1, address_2, city,
post_code)
clientService.create(client)
print("entity was sucesifuly created")
return redirect(f'{api_root}')
def wrapper(*args, **kwargs):
user = _get_user()
if user.is_authenticated:
# Case when accessing via UI, because cookie is set
return func(*args, **kwargs)
authorization = request.headers.get('Authorization')
if not (authorization and len(authorization.split(' ')) == 2):
return self.login_manager.unauthorized()
access_token = authorization.split(' ')[1]
if self.has_valid_permissions(access_token):
return func(*args, **kwargs)
return self.login_manager.unauthorized()
def handle_create_company():
data = request.form
trading_name = data['trading_name']
contact_person = data['contact_person']
email = data['email']
phone = data['phone']
address_ln_1 = data['address_ln_1']
address_ln_2 = data['address_ln_2']
city = data['city']
postal_code = data['postal_code']
company = Company(_get_user(), trading_name, contact_person, email, phone,
address_ln_1, address_ln_2, city, postal_code)
companyService.create(company)
print("company was sucesifuly created")
return redirect(f'{api_root}')
def create():
user: User = _get_user()
invoice = Invoice()
# print("\n\n\n")
# print(user)
# print("\n")
# print(user.companies)
# print("\n")
# print(user.invoices)
# print("\n")
# print(user.paymentDetails)
# print("\n")
# print(user.services)
# print("\n")
# print(user.products)
# print("\n\n\n")
return render_template(f"{template_files_path}/create-invoice.html",
api_root=api_root,
user=user,
invoice=invoice)
def logout_user():
'''
Logs a user out. (You do not need to pass the actual user.) This will
also clean up the remember me cookie if it exists.
'''
user = _get_user()
session.pop('user_id', None)
session.pop('user_data', None)
session.pop('_fresh', None)
cookie_name = current_app.config.get('REMEMBER_COOKIE_NAME', COOKIE_NAME)
if cookie_name in request.cookies:
session['remember'] = 'clear'
if 'remember_seconds' in session:
session.pop('remember_seconds')
user_logged_out.send(current_app._get_current_object(), user=user)
current_app.login_manager.reload_user()
return True
def post(self):
user = utils._get_user()
user = user.dbUser
user_id = str(user.id)
args = org_create_parser.parse_args()
org_name = args.get('name')
org_domain = args.get('domain')
org_ca = args.get('ca', 'ca')
org_peers = args.get('peers')
org_cluster_id = args.get('cluster_id')
if not all([org_name, org_domain, org_ca, org_peers, org_cluster_id]):
return make_fail_resp(error='参数错误')
cluster = ClusterModel.objects.get(id=org_cluster_id)
if not cluster:
return make_fail_resp(error='链不存在')
orgs = OrgModel.objects(cluster=cluster, org_type='peer')
if len(orgs) >= 5:
return make_fail_resp(error='组织数量已达上限')
for org in orgs:
if org.name == org_name:
# if OrgModel.objects(cluster=cluster, org_type='peer', name=org_name):
return make_fail_resp(error='组织名重复')
if OrganizationHandler().create(name=org_name,
domain=org_domain,
ca=org_ca,
peers=org_peers,
cluster=cluster,
user=user_id):
logger.debug("org creation successful")
return make_ok_resp()
else:
logger.debug("org creation failed")
return make_fail_resp(
error="Failed to create org {}".format(org_name))
def handle_create():
data = request.form
name = data['name']
description = data['description']
charge = data['charge']
invoice = Service(_get_user(), name, description, charge)
invoiceService.create(invoice)
print("entity was sucesifuly created")
return redirect(f'{api_root}')
# Select Trading Name to Show on Invoice
# Select Payment details
# Invoice Effective Date
# Select services
# service subtotal
# selet products
# product sub total
# grand total
def get_logged_in_user(self):
logged_in_user = _get_user()
return logged_in_user
def login_user(
self,
user: User,
remember: Optional[bool] = None,
duration: Optional[timedelta] = None,
force: bool = False,
fresh: bool = True,
) -> bool:
"""
Logs a user in. You should pass the actual user object to this. If the
user's `active` property is ``False``, they will not be logged in
unless `force` is ``True``.
This will return ``True`` if the log in attempt succeeds, and ``False`` if
it fails (i.e. because the user is inactive).
:param user: The user object to log in.
:type user: object
:param remember: Whether to remember the user after their session expires.
Defaults to ``False``.
:type remember: bool
:param duration: The amount of time before the remember cookie expires. If
``None`` the value set in the settings is used. Defaults to ``None``.
:type duration: :class:`datetime.timedelta`
:param force: If the user is inactive, setting this to ``True`` will log
them in regardless. Defaults to ``False``.
:type force: bool
:param fresh: setting this to ``False`` will log in the user with a session
marked as not "fresh". Defaults to ``True``.
:type fresh: bool
"""
if not user.active and not force:
return False
if (self.security.confirmable and not user.confirmed_at
and not self.security.login_without_confirmation):
return False
session['user_id'] = getattr(user, user.Meta.pk)
session['_fresh'] = fresh
session['_id'] = app.login_manager._session_identifier_generator()
if remember is None:
remember = app.config.get('SECURITY_DEFAULT_REMEMBER_ME')
if remember:
session['remember'] = 'set'
if duration is not None:
try:
# equal to timedelta.total_seconds() but works with Python 2.6
session['remember_seconds'] = (
duration.microseconds +
(duration.seconds + duration.days * 24 * 3600) *
10**6) / 10.0**6
except AttributeError:
raise Exception('duration must be a datetime.timedelta, '
'instead got: {0}'.format(duration))
_request_ctx_stack.top.user = user
user_logged_in.send(app._get_current_object(), user=_get_user())
identity_changed.send(app._get_current_object(),
identity=Identity(user.id))
return True
def post(self):
user = utils._get_user()
user_id = str(user.dbUser.id)
args = user_create_parser.parse_args()
mobile = args.get('mobile')
email = args.get('email')
password = args.get('password')
org_id = args.get('org_id')
channel_id = args.get('channel_id')
cluster_id = args.get('cluster_id')
is_admin = args.get('is_admin', False)
if mobile:
if not re.match('^1[3456789]\d{9}$', mobile):
return {'stat': '400', 'msg': '手机号格式错误'}
if email:
if not re.match('^[a-zA-Z0-9_.-]+@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*\.[a-zA-Z0-9]{2,6}$', email):
return {'stat': '400', 'msg': '邮箱格式错误'}
try:
user = UserModel.objects.get(mobile=mobile)
if user:
return {'stat': "400", 'msg': "手机号已存在"}
except Exception as exc:
logger.error(exc)
pass
try:
cluster = ClusterModel.objects.get(id=cluster_id)
org = OrgModel.objects.get(cluster=cluster, org_type='peer',alias=org_id)
except Exception as e:
logger.error(e)
return {'msg': '组织不存在', 'stat': 400}
try:
ChannelModel.objects.get(cluster=cluster, alias=channel_id)
except Exception as e:
logger.error(e)
return {'msg': '通道不存在', 'stat': 400}
args['password'] = User.set_password(password)
# args['orgs'] = [org_id]
args.pop('org_id')
args.pop('channel_id')
args.pop('is_admin')
args.pop('cluster_id')
if int(is_admin) == 1:
role = 2
else:
role = 3
try:
new_user = UserModel(**args, orgs=[org.id], apply_stat=1, active=True, role=role)
new_user.save()
except Exception as exc:
logger.error("exc %s", exc)
return {'stat': "-1", 'msg': "存储数据库失败"}
body = {
"BlockchainSign": str(org.cluster.id),
"ChannelId": channel_id,
"OrgId": str(org_id),
"UserId": str(new_user.id)
}
logger.info('add user info:{}'.format(body))
if not send_new_user_info(str(user_id), body=body):
new_user.delete()
return {'stat': 400, 'msg': '添加用户失败'}
org.update(add_to_set__users=[new_user])
data = {
'stat': 200,
'msg': '成功'
}
return data
def post(self):
user = utils._get_user()
user = user.dbUser
body = cluster_create_parser.parse_args()
cluster_name = body.get('cluster_name')
network_type = body.get('network_type')
consensus_plugin = body.get('consensus_plugin')
domain = body.get('domain')
channel = body.get('channel')
orderer = body.get('orderer')
peer_orgs = body.get('peer_orgs')
orderer_org = body.get('orderer_org')
if not all([cluster_name, network_type, peer_orgs, channel, domain]):
error_msg = "参数缺失"
logger.warning(error_msg)
return make_fail_resp(error=error_msg, data=body)
host_id = ''
try:
hosts = HostModel.objects.all()
for host in hosts:
if len(host.clusters) < host.capacity:
host_id = host.id
break
except Exception as e:
logger.error(e)
return make_fail_resp(error='db error')
if not host_id:
return {'stat': 401, 'msg': '服务器已满,请联系客服'}
if network_type not in NETWORK_TYPES:
error_msg = "Unknown network_type={}".format(network_type)
logger.warning(error_msg)
return make_fail_resp()
peer_org_list = []
orderer_org = {
'name': 'orderer',
'domain': domain,
'orderers': ['orderer']
}
for peer_org in peer_orgs:
peer_org = demjson.decode(peer_org)
if not all([peer_org.get('name'), peer_org.get('peers')]):
return make_fail_resp(error='参数缺失', data=body)
peer_org['peers'] = [
'peer{}'.format(i) for i in range(int(peer_org['peers']))
]
peer_org['domain'] = domain
peer_org['ca'] = 'ca'
peer_org_list.append(peer_org)
cluster = ClusterModel.objects(name=cluster_name)
if cluster:
return make_fail_resp(error='链名重复')
config = FabricNetworkConfig(consensus_plugin=consensus_plugin,
network_type=network_type,
channel=channel,
orderer_org=orderer_org,
peer_orgs=peer_org_list)
config.domain = domain
if not config.validate():
return make_fail_resp(error="config not validated",
data=config.get_data())
if cluster_handler.create(name=cluster_name,
host_id=host_id,
config=config,
user=user):
logger.debug("cluster POST successfully")
return make_ok_resp()
else:
logger.debug("cluster creation failed using handlder")
return make_fail_resp(
error="Failed to create cluster {}".format(cluster_name))
def restrict_services_api_to_logged_in_users():
logged_in_user = _get_user()
if logged_in_user == None or logged_in_user.is_authenticated == False:
return redirect('/auth/login')
def getUser2():
user = utils._get_user()
return jsonify(trueReturn(user.columns_to_dict(), API_SUCCESS_MSG))
return None # valid token, but expired
except BadSignature:
return None # invalid token
user = users[data['id']]
return user
def __str__(self):
pattern = 'Пользователь: {id: >8}, администратор: {adm!s: >5}, почта: {email}'
return pattern.format(
id=self.id,
email=self.email,
adm=self.adm,
)
current_user = LocalProxy(lambda: _get_user())
def admin_required(func):
"""
Декоратор для представлений, проверяем, что текущий пользователь - админ, иначе запрещаем выполненеи функции
:param func: The view function to decorate.
:type func: function
"""
@wraps(func)
def decorated_view(*args, **kwargs):
if not current_user.is_admin():
user_unauthorized.send(current_app._get_current_object())
flash("Необходимы права администратора для выполнения операции")
return redirect("/")
return func(*args, **kwargs)
