def administration_applications_get():
logging.info("In administration_applications_get()")
view_model = get_model()
db = hci_firestore()
view_model["application_list"] = db.get_applications()
return view(view_model)
def administration_roles_get():
logging.info("In administration_roles_get()")
view_model = get_model()
# db = hci_db()
# projects = db.get_owned_projects(view_model['user_id'])
# view_model["projects"] = projects
db = hci_firestore()
view_model["role_list"] = db.get_roles()
return view(view_model)
def administration_applications_post():
logging.info("In administration_applications_post()")
view_model = get_model()
application_name = request.form['application_name']
form_action = request.form['action']
if form_action == "add_application":
db = hci_firestore()
db.add_application(application_name)
return view(view_model, view_path="administration/administration_applications_get.html")
def api_administration_test(errorMessages=None):
logging.info("In api_administration_test()")
db = hci_firestore()
#db.find_user("*****@*****.**")
#db.add_user("*****@*****.**")
#db.assign_application("dnmo_app", "*****@*****.**")
#return str(db.has_access("dnmo_app", "*****@*****.**"))
#db.remove_application_access("dnmo_app", "*****@*****.**")
db.add_application_access("dnmo_app", "dummy_user")
return "ok"
def administration_roles_post():
logging.info("In administration_roles_post()")
role_name = request.form['role_name']
form_action = request.form['action']
if form_action == "add_role":
db = hci_firestore()
db.add_role(role_name)
view_model = get_model()
# db = hci_db()
# projects = db.get_owned_projects(view_model['user_id'])
# view_model["projects"] = projects
return view(view_model, view_path="administration/administration_roles_get.html")
def api_administration(errorMessages=None):
if request.method != 'POST' or not request.is_json:
logging.info(
"message=Invalid request|method={0}|is_json={1}|src={2}|event=end".
format(request.method, request.is_json, __name__))
abort(404, {
"is_api": True,
"message": "Invalid request",
"src": __name__
})
view_model = get_model()
#db = hci_firestore()
#has_access = db.has_access(__MODULE__, view_model["user_id"])
user_id = view_model['user_id']
application_name = request.json["application_name"]
user_email = request.json["user_email"]
action = request.json["action"]
logging.info(
"user_id={0}|application_name={1}|user_email={2}|action={3}".format(
user_id, application_name, user_email, action))
if action == "adsd_application_user":
db = hci_firestore()
db.add_application_access(application_name, user_id)
#db.add_application_user(application_name, user_email)
# db.assign_application(application_name, user_email)
#user_list = db.get_application_users(application_name)
return "OK"
def administration_assignments_get():
"""Status: dev | test | review | production """
db = hci_firestore()
view_model = get_model()
has_access = db.has_access(__MODULE__, view_model["user_id"])
user_list = db.get_user_list()
if not has_access:
logging.info("has_access={0}|event=end".format(has_access))
abort(404)
logging.info("has_access={0}|event=end".format(has_access))
# view_model["application_list"] = db.get_applications()
view_model["user_list"] = user_list
return view(view_model)
def webroot_authorize_post():
logging.info("In webroot_authorize_post()")
from google.oauth2 import id_token
from google.auth.transport import requests
if 'idtoken' not in request.form.keys():
return
token = request.form['idtoken']
google_client_id = app_settings["application"]["google_client_id"]
try:
id_info = id_token.verify_oauth2_token(token, requests.Request(),
google_client_id)
# Or, if multiple clients access the backend server:
# idinfo = id_token.verify_oauth2_token(token, requests.Request())
# if idinfo['aud'] not in [CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]:
# raise ValueError('Could not verify audience.')
# ID token is valid. Get the user's Google Account ID from the decoded token.
# account_id = id_info['sub'] # Not using this anymore; using email
# TODO:
# If the user no in user database, save new user record from the information in the ID token payload
# Else establish a session for the user
#if not account_id_exists(account_id):
# db = hci_db()
# user = db.add_user(id_info['email'])
fsdb = hci_firestore()
user_id = fsdb.get_user_id(id_info['email'])
# (success_flag, user_id) = fsdb.add_user(id_info['email'])
start_date = datetime.utcnow()
expiry_date = start_date + timedelta(days=1)
cookie_text = "{0}|{1}|{2}".format(user_id,
start_date.strftime("%Y%m%d"),
expiry_date.strftime("%Y%m%d"))
crypto_struct = {
'key': app_secrets['login']['aes_key_hex'],
'iv': app_secrets['login']['aes_iv_hex']
}
cipher_text = aes_encrypt_as_hex(crypto_struct, cookie_text)
# Use this if we want to set cookie
# if 'from' in request.args:
# resp = redirect(request.args['from'])
# else:
# # Default
from urllib.parse import urlparse, parse_qs
# parsed_url = urlparse(URL)
query_string = request.query_string.decode("UTF8")
if len(query_string) > 0:
x = parse_qs(request.query_string.decode("UTF8"))
resp = make_response(''.join(x['from']))
else:
resp = make_response("/")
resp.set_cookie(app_settings['application']['app_token'], cipher_text)
return resp
except ValueError:
# Invalid token
pass
