Пример #1
0
    def execute(my):
        # Since this is not called with Command.execute_cmd
        my.check()

        web = WebContainer.get_web()

        reset_on = my.kwargs.get('reset') == True
        if reset_on:
            security = WebContainer.get_security()
            #Batch()
            login = Login.get_by_login(my.login)
            if not login:
                web.set_form_value(ResetPasswordWdg.MSG, 'This user [%s] does not exist or has been disabled. Please contact the Administrator.'%my.login)
                return
            email = login.get_value('email')
            if not email:
                web.set_form_value(ResetPasswordWdg.MSG, 'This user [%s] does not have an email entry for us to email you the new password. Please contact the Administrator.'%my.login)
                return

        
            # auto pass generation
            unique_code = ''.join([ random.choice('abcdefghijklmno12345') for i in xrange(0, 5)])
            auto_password = unique_code
            
            msg = ResetPasswordWdg.RESET_MSG
            
            # send the email
            try:
                from pyasm.command import EmailTriggerTestCmd

                admin = Login.get_by_login('admin')
                if admin:
                    sender_email = admin.get_value('email')
                else:
                    sender_email = '*****@*****.**'

                recipient_emails = [email]
                email_msg =  'Your TACTIC password has been reset. The new password is:\n%s\nYou can change your password once you log in by going to Edit My Account at the top right corner.'%auto_password
                email_cmd = EmailTriggerTestCmd(sender_email=sender_email, recipient_emails=recipient_emails, msg= email_msg, subject='TACTIC password change')
            
                email_cmd.execute()
            except TacticException, e:
                
                msg = "Failed to send an email for your new password. Reset aborted."
                web.set_form_value(ResetPasswordWdg.MSG, msg)
                raise 
            else:
                encrypted = hashlib.md5(auto_password).hexdigest()
                login.set_value('password', encrypted)
                login.commit()
                web.set_form_value(ResetPasswordWdg.MSG, 'A new password has been sent to your email address. Please check your email.')


                
            # handle windows domains
            #if my.domain:
            #    my.login = "******" % (my.domain, my.login)

            web.set_form_value(ResetPasswordWdg.MSG, msg)
Пример #2
0
    def execute(my):

        from pyasm.web import WebContainer
        web = WebContainer.get_web()

        # If the tag <force_lowercase_login> is set to "true"
        # in the TACTIC config file,
        # then force the login string argument to be lowercase.
        # This tag is false by default.
        my.login = web.get_form_value("login")
        if Config.get_value("security","force_lowercase_login") == "true":
            my.login = my.login.lower()
        my.password = web.get_form_value("password")
        my.domain = web.get_form_value("domain")

        if my.login == "" and my.password == "":
            return False

        
        if my.login == "" or  my.password == "":
            web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                "Empty username or password") 
            return False
        
        security = WebContainer.get_security()

        # handle windows domains
        #if my.domain:
        #    my.login = "******" % (my.domain, my.login)

        verify_password = web.get_form_value("verify_password")
        if verify_password:
            if verify_password != my.password:
                web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                    "Passwords do not match.") 
                return False

            my.password = Login.get_default_password()

        try:
            security.login_user(my.login, my.password, domain=my.domain)
        except SecurityException, e:
            msg = str(e)
            if not msg:
                msg = "Incorrect username or password"

            from pyasm.widget import WebLoginWdg
            web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)
Пример #3
0
    def add(my,widget,title=None,index=None):
        if title == None:
            title = widget.__class__.__name__

        # determine the url and check security
        # DEPRECATED!!!! use "tab" security
        url_selector = WebContainer.get_web().get_request_url().get_selector()
        check = "%s|%s" % (url_selector,title)

        # check tab security
        if my.mode != "check":
            security = WebContainer.get_security()
            if not security.check_access("url", check, "view"):
                return
            # new security mechanism
            if not security.check_access("tab_title", title, "view"):
                return
            # new, new security mechanism
            tab_path = my.get_tab_path(title)
            if not security.check_access("tab", tab_path, "view"):
                return

            # check if this tab is invisible
            if not my.check_visibility(tab_path):
                return

        if index == None:
            my.tab_names.append(title)
        else:
            my.tab_names.insert(index,title)

        my.wdg_dict[title] = widget
        # for tabs, the widget passed in can be None.  Only the
        # title is added
        if widget == None:
            return

        # only the selected one really gets added
        if not my.tab_value or title == my.tab_value:
            Container.put("tab_path", my.get_tab_path(title))

            widget = my.init_widget(widget, title)
            # the very first time user click on the main tab
            if not my.tab_value:
                my.tab_value = title

            super(TabWdg,my)._add_widget(widget, title)
Пример #4
0
    def add(my, widget, title=None, index=None):
        if title == None:
            title = widget.__class__.__name__

        # determine the url and check security
        # DEPRECATED!!!! use "tab" security
        url_selector = WebContainer.get_web().get_request_url().get_selector()
        check = "%s|%s" % (url_selector, title)

        # check tab security
        if my.mode != "check":
            security = WebContainer.get_security()
            if not security.check_access("url", check, "view"):
                return
            # new security mechanism
            if not security.check_access("tab_title", title, "view"):
                return
            # new, new security mechanism
            tab_path = my.get_tab_path(title)
            if not security.check_access("tab", tab_path, "view"):
                return

            # check if this tab is invisible
            if not my.check_visibility(tab_path):
                return

        if index == None:
            my.tab_names.append(title)
        else:
            my.tab_names.insert(index, title)

        my.wdg_dict[title] = widget
        # for tabs, the widget passed in can be None.  Only the
        # title is added
        if widget == None:
            return

        # only the selected one really gets added
        if not my.tab_value or title == my.tab_value:
            Container.put("tab_path", my.get_tab_path(title))

            widget = my.init_widget(widget, title)
            # the very first time user click on the main tab
            if not my.tab_value:
                my.tab_value = title

            super(TabWdg, my)._add_widget(widget, title)
Пример #5
0
    def add(self,widget,title=None):
        if title == None:
            title = widget.__class__.__name__

        # determine the url and check security
        request_url = WebContainer.get_web().get_request_url()
        base = request_url.get_base()
        if base.endswith("/"):
            base = "%sIndex" % base 
        check = "%s|%s" % (base,title)

        security = WebContainer.get_security()
        if not security.check_access("url", check, "view"):
            return


        if not security.check_access("tab", title, "view"):
            return

        self.tab_names.append(title)

        # for tabs, the widget passed in can be None.  Only the
        # title is added
        assert widget != None

        # only the selected one really gets added
        try:
            # if a method was passed in, then execute it
            if type(widget) == types.MethodType:
                widget = MethodWdg(widget)
            elif isinstance(widget, basestring):
                widget = Common.create_from_class_path(widget)
            elif not isinstance(widget, Widget):
                widget = ClassWdg(widget)
                
        # catch all exceptions and log them
        except Exception as e:
            self.handle_exception(e)

        super(DynTabWdg,self)._add_widget(widget, title)
Пример #6
0
    def add(self, widget, title=None):
        if title == None:
            title = widget.__class__.__name__

        # determine the url and check security
        request_url = WebContainer.get_web().get_request_url()
        base = request_url.get_base()
        if base.endswith("/"):
            base = "%sIndex" % base
        check = "%s|%s" % (base, title)

        security = WebContainer.get_security()
        if not security.check_access("url", check, "view"):
            return

        if not security.check_access("tab", title, "view"):
            return

        self.tab_names.append(title)

        # for tabs, the widget passed in can be None.  Only the
        # title is added
        assert widget != None

        # only the selected one really gets added
        try:
            # if a method was passed in, then execute it
            if type(widget) == types.MethodType:
                widget = MethodWdg(widget)
            elif isinstance(widget, basestring):
                widget = Common.create_from_class_path(widget)
            elif not isinstance(widget, Widget):
                widget = ClassWdg(widget)

        # catch all exceptions and log them
        except Exception as e:
            self.handle_exception(e)

        super(DynTabWdg, self)._add_widget(widget, title)
Пример #7
0
 def get_upload_dir(cls):
     from pyasm.web import WebContainer
     ticket = WebContainer.get_security().get_ticket().get_key()
     dir = "%s/upload/%s" % (Environment.get_tmp_dir(), ticket)
     return dir
Пример #8
0
    def execute(my):

        from pyasm.web import WebContainer
        web = WebContainer.get_web()

        from pyasm.widget import WebLoginWdg
        # If the tag <force_lowercase_login> is set to "true"
        # in the TACTIC config file,
        # then force the login string argument to be lowercase.
        # This tag is false by default.
        my.login = web.get_form_value("login")
        if Config.get_value("security","force_lowercase_login") == "true":
            my.login = my.login.lower()
        my.password = web.get_form_value("password")
        my.domain = web.get_form_value("domain")

        if my.login == "" and my.password == "":
            return False

        
        if my.login == "" or  my.password == "":
            web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                "Empty username or password") 
            return False
        
        security = WebContainer.get_security()

        # handle windows domains
        #if my.domain:
        #    my.login = "******" % (my.domain, my.login)


        verify_password = web.get_form_value("verify_password")
        if verify_password:
            if verify_password != my.password:
                web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                    "Passwords do not match.") 
                return False

            search = Search("sthpw/login")
         
            search.add_filter('upn',my.login)
            login_sobject = search.get_sobject()
            if not login_sobject:
                search2 = Search("sthpw/login")              
                search2.add_filter('login',my.login)
                login_sobject = search2.get_sobject()
            if login_sobject.get_value("login") == "admin":
                login_sobject.set_password(verify_password)

          

        try:
            security.login_user(my.login, my.password, domain=my.domain)
        except SecurityException, e:
            msg = str(e)
            if not msg:
                msg = "Incorrect username or password"
            web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)


            max_attempts=-1
            try:
                max_attempts = int(Config.get_value("security", "max_login_attempt"))
            except:
                pass
            if max_attempts >0:
                login_attempt = login_sobject.get_value('login_attempt')

                login_attempt = login_attempt+1
                login_sobject.set_value('login_attempt', login_attempt)

                if login_attempt == max_attempts:
                    #set license_Type to disabled and set off the thread to re-enable it
                    login_sobject.set_value('license_type', 'disabled')
                    disabled_time = Config.get_value("security", "account_lockout_duration")
                    if not disabled_time:
                        disabled_time = "30 minutes"


                    delay,unit = disabled_time.split(" ",1)
                    if "minute" in unit:
                        delay = int(delay)*60
                    
                    elif "hour" in unit:
                        delay =int(delay)*3600
                    
                    elif "second" in unit:
                        delay = int(delay)
                    else:
                        #make delay default to 30 min
                        delay = 30*60

                    my.reenable_user(login_sobject, delay)

                
                login_sobject.commit(triggers=False)
Пример #9
0
    def execute(my):
        # Since this is not called with Command.execute_cmd
        my.check()

        web = WebContainer.get_web()

        reset_on = my.kwargs.get('reset') == True
        if reset_on:
            security = WebContainer.get_security()
            #Batch()
            login = Login.get_by_login(my.login)
            if not login:
                web.set_form_value(
                    ResetPasswordWdg.MSG,
                    'This user [%s] does not exist or has been disabled. Please contact the Administrator.'
                    % my.login)
                return
            email = login.get_value('email')
            if not email:
                web.set_form_value(
                    ResetPasswordWdg.MSG,
                    'This user [%s] does not have an email entry for us to email you the new password. Please contact the Administrator.'
                    % my.login)
                return

            # auto pass generation
            unique_code = ''.join(
                [random.choice('abcdefghijklmno12345') for i in xrange(0, 5)])
            auto_password = unique_code

            msg = ResetPasswordWdg.RESET_MSG

            # send the email
            try:
                from pyasm.command import EmailTriggerTestCmd

                admin = Login.get_by_login('admin')
                if admin:
                    sender_email = admin.get_value('email')
                else:
                    sender_email = '*****@*****.**'

                recipient_emails = [email]
                email_msg = 'Your TACTIC password has been reset. The new password is:\n%s\nYou can change your password once you log in by going to Edit My Account at the top right corner.' % auto_password
                email_cmd = EmailTriggerTestCmd(
                    sender_email=sender_email,
                    recipient_emails=recipient_emails,
                    msg=email_msg,
                    subject='TACTIC password change')

                email_cmd.execute()
            except TacticException, e:

                msg = "Failed to send an email for your new password. Reset aborted."
                web.set_form_value(ResetPasswordWdg.MSG, msg)
                raise
            else:
                encrypted = hashlib.md5(auto_password).hexdigest()
                login.set_value('password', encrypted)
                login.commit()
                web.set_form_value(
                    ResetPasswordWdg.MSG,
                    'A new password has been sent to your email address. Please check your email.'
                )

            # handle windows domains
            #if my.domain:
            #    my.login = "******" % (my.domain, my.login)

            web.set_form_value(ResetPasswordWdg.MSG, msg)
Пример #10
0
 def get_upload_dir(cls):
     from pyasm.web import WebContainer
     ticket = WebContainer.get_security().get_ticket().get_key()
     dir = "%s/upload/%s" % (Environment.get_tmp_dir(), ticket)
     return dir
Пример #11
0
 def is_logged_in(my):
     security = WebContainer.get_security()
     return security.is_logged_in()
Пример #12
0
    def execute(self):

        from pyasm.web import WebContainer
        web = WebContainer.get_web()

        from pyasm.widget import WebLoginWdg
        # If the tag <force_lowercase_login> is set to "true"
        # in the TACTIC config file,
        # then force the login string argument to be lowercase.
        # This tag is false by default.
        self.login = web.get_form_value("login")
        if Config.get_value("security", "force_lowercase_login") == "true":
            self.login = self.login.lower()

        password = web.get_form_value("password")
        self.password = password

        self.domain = web.get_form_value("domain")

        if self.login == "" and self.password == "":
            web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                "Username and password are empty")
            return False
        if self.login == "":
            web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                "Username is empty")
            return False
        if self.password == "":
            web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                "Password is empty")
            return False

        security = WebContainer.get_security()

        # handle windows domains
        #if self.domain:
        #    self.login = "******" % (self.domain, self.login)

        verify_password = web.get_form_value("verify_password")

        if verify_password:
            if verify_password != self.password:
                web.set_form_value(WebLoginWdg.LOGIN_MSG, \
                    "Passwords do not match.")
                return False

        # check to see if the login exists in the database
        login_sobject = None
        if SearchType.column_exists("sthpw/login", "upn"):
            search = Search("sthpw/login")
            search.add_filter('upn', self.login)
            login_sobject = search.get_sobject()
        if not login_sobject:
            search2 = Search("sthpw/login")
            search2.add_filter('login', self.login)
            login_sobject = search2.get_sobject()
        if not login_sobject:
            search2 = Search("sthpw/login")
            search2.add_filter('email', self.login)
            login_sobject = search2.get_sobject()

        # FIXME: need to only be able to do this if admin password is empty
        if verify_password:
            if login_sobject and login_sobject.get_value("login") == "admin":
                login_sobject.set_password(verify_password)

        try:
            # always use the login column regardless of what the user entered
            if login_sobject:
                login = login_sobject.get_value("login")
            else:
                login = self.login

            security.login_user(login, self.password, domain=self.domain)
        except SecurityException, e:
            msg = str(e)
            if not msg:
                msg = "Incorrect username or password"
            web.set_form_value(WebLoginWdg.LOGIN_MSG, msg)

            max_attempts = -1
            try:
                max_attempts = int(
                    Config.get_value("security", "max_login_attempt"))
            except:
                pass

            if max_attempts > 0:
                login_attempt = 0
                if login_sobject:
                    login_attempt = login_sobject.get_value('login_attempt')

                    login_attempt = login_attempt + 1
                    login_sobject.set_value('login_attempt', login_attempt)

                if login_attempt == max_attempts:
                    #set license_Type to disabled and set off the thread to re-enable it
                    login_sobject.set_value('license_type', 'disabled')
                    disabled_time = Config.get_value(
                        "security", "account_lockout_duration")
                    if not disabled_time:
                        disabled_time = "30 minutes"

                    delay, unit = disabled_time.split(" ", 1)
                    if "minute" in unit:
                        delay = int(delay) * 60

                    elif "hour" in unit:
                        delay = int(delay) * 3600

                    elif "second" in unit:
                        delay = int(delay)
                    else:
                        #make delay default to 30 min
                        delay = 30 * 60

                    self.reenable_user(login_sobject, delay)

                if login_sobject:
                    login_sobject.commit(triggers=False)
Пример #13
0
 def is_logged_in(self):
     security = WebContainer.get_security()
     return security.is_logged_in()