def get(self, username):
try:
asking_user = self.get_current_user()
if asking_user is None:
self.validate_user()
return
if self.permission_level < constants.PERMISSION_LEVEL_SPOOF:
raise SpoofError("You don't have permissions to spoof as another user")
user_to_spoof = User.get_user(username)
if user_to_spoof is None:
raise SpoofError("User {} does not exist.".format(username))
# make sure we're not spoofing as god
if self.permission_level < user_to_spoof.permission_level:
raise SpoofError(
"You cannot spoof as a user with higher permissions than you. (Then everything WOULD-- nothing wouldn't... what would that even MEAN???)"
)
self.set_secure_cookie("spoofing_user", asking_user)
self.set_secure_cookie("user", user_to_spoof.username)
self.redirect(constants.SERVICE_URL, permanent=False)
except SpoofError as e:
username = self.get_current_user()
user = User.get_user(username)
self.render(
"error.html", debug=constants.DEBUG, user=user, constants=constants, traceback=traceback.format_exc()
)
def open(self):
self.subscriptions = []
username = self.get_secure_cookie("user")
if username is not None:
self.user = User.get_user(username)
if self.user is not None:
# Check if "new" user and create a project dir for them if needed.
if not os.path.exists(self.user_dir()):
os.makedirs(self.user_dir())
if not self.username in self.active_users:
self.active_users[self.username] = []
self.active_users[self.username].append(self)
self.user.on_connect()
result_message = {'type': 'login_success'}
self.write_message(json.dumps(result_message))
if self.user.current_project is not None:
# Send a message to re-open the current project
#TODO: fix this hack! this module should not "know" about this method.
self.message_handlers["open_project_request"](self, {'id': self.user.current_project})
self.log("info", "User '{}' has connected.".format(self.username))
return
self.redirect(CAS_SERVER + "/cas/login?service=" + SERVICE_URL, permanent=False)
self.notify("Session expired. Please login again.", "error")
def get(self, action):
if action == "logout":
self.logout_user()
else:
username = self.get_current_user()
if username is None:
self.validate_user()
return
user = User.get_user(username)
if action == "admin" and user.permission_level >= constants.PERMISSION_LEVEL_TA:
self.render("admin.html",
debug=constants.DEBUG,
user=user,
constants=constants)
elif user.permission_level >= constants.PERMISSION_LEVEL_USER:
self.render("index.html",
debug=constants.DEBUG,
user=user,
constants=constants)
else:
self.render("denied.html",
debug=constants.DEBUG,
user=user,
constants=constants)
def permission_level(self):
"""
Returns the permission_level associated with this connection.
"""
username = self.get_current_user()
user = User.get_user(username)
if user is not None:
return user.permission_level
return PERMISSION_LEVEL_NONE
def permission_level(self):
"""
Returns the permission_level associated with this connection.
"""
username = self.get_current_user()
user = User.get_user(username)
if user is not None:
return user.permission_level
return PERMISSION_LEVEL_NONE
def get(self, action):
if action == "logout":
self.logout_user()
else:
username = self.get_current_user()
if username is None:
self.validate_user()
return
user = User.get_user(username)
if action == "admin" and user.permission_level >= constants.PERMISSION_LEVEL_TA:
self.render("admin.html", debug=constants.DEBUG, user=user, constants=constants)
elif user.permission_level >= constants.PERMISSION_LEVEL_USER:
self.render("index.html", debug=constants.DEBUG, user=user, constants=constants)
else:
self.render("denied.html", debug=constants.DEBUG, user=user, constants=constants)
def open(self):
self.subscriptions = []
username = self.get_secure_cookie("user")
if username is not None:
self.user = User.get_user(username)
if self.user is not None:
# Check if "new" user and create a project dir for them if needed.
if not os.path.exists(self.user_dir()):
os.makedirs(self.user_dir())
if not self.username in self.active_users:
self.active_users[self.username] = []
self.active_users[self.username].append(self)
self.user.on_connect()
result_message = {'type': 'login_success'}
self.write_message(json.dumps(result_message))
if self.user.current_project is not None:
# Send a message to re-open the current project
#TODO: fix this hack! this module should not "know" about this method.
self.message_handlers["open_project_request"](
self, {
'id': self.user.current_project
})
self.log("info",
"User '{}' has connected.".format(self.username))
return
self.redirect(CAS_SERVER + "/cas/login?service=" + SERVICE_URL,
permanent=False)
self.notify("Session expired. Please login again.", "error")
#!/usr/bin/python
import os
import sys
system_directory = os.path.dirname(os.path.abspath(__file__))
sys.path.append(system_directory + "/imports")
username = sys.argv[1]
permission_level = int(sys.argv[2])
from rayage.database.User import User
from rayage.database.SessionFactory import SessionFactory
session = SessionFactory()
try:
user = User.get_user(username)
user.permission_level = permission_level
session.add(user)
session.commit()
print "Successfully set permission level for user '{}' to {}.".format(user.username, user.permission_level)
finally:
session.close()
#!/usr/bin/python
import os
import sys
import random
system_directory = os.path.dirname(os.path.abspath(__file__))
sys.path.append(system_directory + "/imports")
#from names import names as usernames
from names_from_home_directories import names as usernames
from rayage.database.User import User
from rayage.database.SessionFactory import SessionFactory
import constants
session = SessionFactory()
try:
for username in usernames:
permission_level = constants.PERMISSION_LEVEL_USER
user = User(username, permission_level)
session.add(user)
session.commit()
finally:
session.close()
#!/usr/bin/python
import os
import sys
system_directory = os.path.dirname(os.path.abspath(__file__))
sys.path.append(system_directory + "/imports")
username = sys.argv[1]
permission_level = int(sys.argv[2])
from rayage.database.User import User
from rayage.database.SessionFactory import SessionFactory
session = SessionFactory()
try:
user = User.get_user(username)
user.permission_level = permission_level
session.add(user)
session.commit()
print "Successfully set permission level for user '{}' to {}.".format(
user.username, user.permission_level)
finally:
session.close()
