Пример #1
0
def test_get_close_db(app):
    with app.app_context():
        db = get_db()
        assert db is get_db()

    with pytest.raises(sqlite3.ProgrammingError) as e:
        db.execute('SELECT 1')

    assert 'closed' in str(e.value)
Пример #2
0
def execute_SecureX_Workflow():
    """
    Back-End functionality for the SecureX WebHook.
    NOTE: This WebHook currently only supports Applying policy to Endpoints.
    To clear policy via SecureX, an additional function (similar to this) will need to be created.
    :return:
    """
    print('Request received! Authenticating...')
    if request.authorization["username"] is None or request.authorization["password"] is None:
        # Application requires user to be logged in
        return Response(status=401)
    else:
        activeUser = get_db().execute(
            'SELECT * FROM user WHERE username = ?', (request.authorization["username"],)
        ).fetchone()

        if activeUser is None:
            error = 'Username/Password not found!'
            return Response(status=401)
        elif not check_password_hash(activeUser['password'], request.authorization["password"]):
            error = 'Incorrect password.'
            return Response(status=401)
        print('Received SecureX Workflow Correctly Authenticated!')
        print('Taking Action...')
        print('--------------------------')
        payload = request.get_json()
        db = get_db()
        # If valid request format
        if "policyName" in payload and "ipAddress" in payload:
            requestSession = {}
            # Establish needed ISE connections
            requestSession['config'] = DEFAULT_PXGRID_CONFIG
            requestSession['pxgrid_Account_Status'] = pxgrid_account_activate(requestSession['config'])
            pxgrid_Services_Full = pxgrid_service_lookup(requestSession['config'], PXGRID_ANC_SERVICE_NAME)
            requestSession['iseNodeName'] = pxgrid_Services_Full['services'][0]['nodeName']
            requestSession['iseNodeProperties'] = pxgrid_Services_Full['services'][0]['properties']
            if requestSession['config']['secret'] == '':
                secret_Response = pxgrid_access_secret(requestSession['config'], requestSession['iseNodeName'])
                requestSession['config']['secret'] = secret_Response['secret']
            # Apply the policy
            pxgrid_anc_apply_policy_to_Ip(requestSession['config'], payload['ipAddress'], payload['policyName'])
            # Log action in task log
            now = datetime.now()
            timestamp = now.strftime("%m/%d/%Y, %H:%M:%S")
            description = "Applying {} to the endpoint {}".format(payload['policyName'], payload['ipAddress'])
            db.execute(
                'INSERT INTO tasklog (ts, type, description) VALUES (?, ?, ?)',
                (timestamp, "APPLY", description)
            )
            db.commit()
            return Response(status=200)
        else:
            # Unprocessable
            print('Invalid payload received.')
            return Response(status=422)
Пример #3
0
def refresh_login_credentials():

    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']

        if not username:
            return jsonify({"Error": "Empty username field"}), 401

        db = get_db()
        error = None
        user = db.execute('SELECT * FROM Login WHERE user_name = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            ret = {
                "access_token":
                create_access_token(identity=user['login_id'], fresh=True),
            }

            return jsonify(ret), 200

        else:
            return jsonify({"Error": error, "authenticated": False}), 401
Пример #4
0
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute('SELECT login_id FROM Login WHERE user_name = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(username)

        if error is None:
            db.execute('INSERT INTO Login (user_name, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()

            ret = {
                "access_token": create_access_token(identity=username,
                                                    fresh=True),
                "refresh_token": create_refresh_token(identity=username)
            }

            ### SUCCESS ###
            return jsonify(ret), 200

        else:
            return jsonify({"Error": error})

    return
Пример #5
0
def insert_conf_to_db(filename):
    db = get_db()
    user = get_jwt_identity()

    exists = db.execute(
        "SELECT config_id, config_path FROM ConfigFile WHERE config_path=?",
        [filename]).fetchone()

    if exists is not None:
        return jsonify({
            **dict(exists),
            **{
                "Error": "Config file already exists in database",
                "filename": filename
            }
        })

    else:
        db.execute("INSERT INTO ConfigFile (config_path) VALUES (?)",
                   [filename])

        config_row = dict(
            db.execute("SELECT * FROM ConfigFile WHERE config_path=?",
                       [filename]).fetchone())

        db.execute("INSERT OR IGNORE INTO Creates VALUES (?,?)",
                   [user, config_row['config_id']])

        db.commit()

        return jsonify(config_row)
Пример #6
0
def search_by_config_path(config_path):
    db = get_db()

    db_res = db.execute("SELECT * FROM ConfigFile WHERE config_path=(?)",
                        [config_path]).fetchone()

    return jsonify(dict(db_res))
Пример #7
0
def search_by_config_id(config_id):
    db = get_db()

    db_res = db.execute("SELECT * FROM ConfigFile WHERE config_id=?",
                        config_id).fetchone()

    return jsonify(dict(db_res))
Пример #8
0
def display(id_game):
    db = get_db()
    game = db.execute("SELECT * FROM game WHERE id = ?",
                      (id_game, )).fetchone()
    if game is not None:
        try:
            cards = json.loads(game["cards"])
            pictures = json.loads(game["pictures"])
            sizes = json.loads(game["sizes"])
        except json.decoder.JSONDecodeError:
            return flask.redirect(flask.url_for("homepage"))

        nb_sym_per_card = len(cards[0])
        pictures = add_id_to_picture(pictures)
        max_width = get_max_width_cards(nb_sym_per_card)
        positions, sizes = get_positions(cards, nb_sym_per_card, max_width,
                                         sizes)

        return flask.render_template(
            "display.html",
            cards=cards,
            pictures=pictures,
            positions=positions,
            radius=RADIUS,
            position_radius=POSITION_IMAGE_RADIUS,
            max_width=max_width,
            sizes=sizes,
        )
    else:
        return flask.redirect(flask.url_for("homepage"))
Пример #9
0
 def games_search_with_earnings():
     conn = db.get_db()
     cursor = conn.cursor()
     params = dict(request.args)
     earnings = models.Earnings.search(params, cursor)
     earnings_dicts = [earning.to_json(cursor) for earning in earnings]
     return json.dumps(earnings_dicts, default=str)
Пример #10
0
    def games_all():
        conn = db.get_db()
        cursor = conn.cursor()

        games = db.find_all(models.Game, cursor)
        game_dicts = [game.__dict__ for game in games]
        return json.dumps(game_dicts, default=str)
Пример #11
0
def login():
    """
        User Login.
    """
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Пример #12
0
def load_logged_in_user():
    user_id = session.get("user_id")
    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute("SELECT * FROM user WHERE id = ?",
                                  (user_id, )).fetchone()
Пример #13
0
def login():
    if request.method == "POST":
        username = request.form["username"]
        password = request.form["password"]
        db = get_db()
        error = None

        if not username:
            error = "Username is required."
        elif not password:
            error = "Password is required."
        else:
            user = db.execute("SELECT * FROM user WHERE username = ?",
                              (username, )).fetchone()
            if user is None:
                error = "User does not exist."
            elif not check_password_hash(user["password"], password):
                error = "Password is incorrect."

        if error is None:
            session.clear()
            session["user_id"] = user["id"]
            return redirect(url_for("index"))

        flash(error)

    return render_template("auth/login.html")
Пример #14
0
def register():
    """

    :return:
    """
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        accessToken = request.form['X_CISCO_MERAKI_API_KEY']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif not accessToken:
            error = 'API Key is required.'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(username)

        # Success
        if error is None:
            db.execute(
                'INSERT INTO user (username, password, accessToken) VALUES (?, ?, ?)',
                (username, generate_password_hash(password), accessToken))
            db.commit()
            return redirect(url_for('blog.home'))
        # Error
        flash(error)
    return render_template('auth/register.html')
Пример #15
0
def login():
    """

    :return:
    """
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Username does not exist!'
        elif not check_password_hash(user['password'], password):
            error = 'Invalid Password!'

        # Success
        if error is None:
            session.clear()
            session['user_id'] = user['id']
            return redirect(url_for('blog.home'))
        # Error
        flash(error)
    return render_template('auth/login.html')
Пример #16
0
    def save_annotation(self, annotation):
        try:
            collections = get_db()[DB_SCHEMA_NAME]
            results = collections.update(
                {
                    'annotations': {
                        '$elemMatch': {
                            'annotationId': {
                                '$eq': annotation['annotationId']
                            }
                        }
                    }
                }, {
                    '$set': {
                        'annotations.$.saved': annotation['saved'],
                        'annotations.$.score': annotation['score']
                    }
                },
                upsert=True)
            if 'writeError' in list(results.keys()):
                return False
            return True

        except Exception as e:
            log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e)
            return False
Пример #17
0
def blacklist():
    """
    Blacklist Page back-end functionality
    :return:
    """
    # Page Setup
    error = None
    db = get_db()
    if session['autoUpdateBlacklist'] is None:
        error = "Error: No Blacklist selected for automation"
        return redirect(url_for('portal.home'))

    # Define User Interaction
    if request.method == 'POST':
        print()

    # Retrieve Page Data
    task_List = db.execute(
        'SELECT tl.id, task_time, type, description'
        ' FROM tasklog tl JOIN user u ON tl.user_id = u.id'
        ' ORDER BY task_time DESC'
    ).fetchall()

    selected_Blacklist = open('src/Blacklists/{}'.format(session['autoUpdateBlacklist']), "r")
    blacklist_Data = selected_Blacklist.readlines()
    selected_Blacklist.close()

    if error is not None:
        flash(error)
    return render_template('portal/blacklist.html', session=session, task_List=task_List, blacklist_Data=blacklist_Data)
Пример #18
0
def register():
    """

    :return:
    """
    g.user = None
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'
        elif db.execute('SELECT id FROM user WHERE username = ?',
                        (username, )).fetchone() is not None:
            error = 'User {} is already registered.'.format(username)

        if error is None:
            db.execute('INSERT INTO user (username, password) VALUES (?, ?)',
                       (username, generate_password_hash(password)))
            db.commit()
            return redirect(url_for('auth.login'))

        flash(error)

    return render_template('auth/register.html')
Пример #19
0
    def search_user_task(self, userId):
        updated_docs = []

        try:
            collections = get_db()[DB_SCHEMA_NAME]
            docs = collections.find({'user.userId': userId})
            for doc in docs:
                try:
                    doc['src_locale'] = doc['annotations'][0]["source"][
                        "language"]
                    doc['tgt_locale'] = doc['annotations'][0]["target"][
                        "language"]
                except Exception as e:
                    log_exception("Exception on user task search",
                                  LOG_WITHOUT_CONTEXT, e)
                    doc['src_locale'] = None
                    doc['tgt_locale'] = None
                    pass

                del doc['annotations']
                updated_docs.append(normalize_bson_to_json(doc))
            return updated_docs
        except Exception as e:
            log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e)
            return updated_docs
Пример #20
0
def login():
    """

    :return:
    """
    g.user = None
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user['id']
            session['username'] = user['username']
            session['password'] = user['password']
            session['ise_Status'] = False
            session['webhook_Status'] = False
            session['securex_Status'] = False
            session['stealthwatch_Status'] = False
            return redirect(url_for('portal.home'))

        flash(error)

    return render_template('auth/login.html')
Пример #21
0
def insert_model_to_db(name, metrics, model_class):
	db = get_db()

	test_acc = metrics[-1]['test_acc_mean']
	test_loss = metrics[-1]['test_loss_mean']
	exists = db.execute(
		"SELECT * FROM Model WHERE model_path=?",
		[name]
	).fetchone()

	if exists is not None:
		pass

		# exists = dict(exists)
		# if exists['model_accuracy'] < test_acc and exists['model_loss'] > test_loss:
		# 	db.execute('UPDATE Model SET model_accuracy=?, model_loss=? WHERE model_id=?',
		# 		[test_acc, test_loss, exists['model_id']])

	else:
		db.execute(
			"INSERT INTO Model(model_python_class, model_path, model_metrics, model_accuracy, model_loss) VALUES (?,?,?,?,?)",
			[model_class, 
			name,
			name.split('.')[0] + '.json',
			test_acc,
			test_loss])


	db.commit()
	res = db.execute("SELECT * FROM Model WHERE model_path=?",
		[name]).fetchone()

	return dict(res)
Пример #22
0
def app():
    db_fd, db_path = tempfile.mkstemp()

    app = create_app({
        'TESTING': True,
        'DATABASE': db_path,
    })

    with app.app_context():
        init_db()
        get_db().executescript(_data_sql)

    yield app

    os.close(db_fd)
    os.unlink(db_path)
Пример #23
0
def index():
    db = get_db()
    posts = db.execute(
        'SELECT p.id, image, body, created, cred, fingerprint, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' ORDER BY created DESC').fetchall()
    return render_template('index.html', posts=posts)
Пример #24
0
    def reminder():
        db = get_db()

        if (request.method == 'OPTIONS'):
            response = make_response()
            response.headers["Access-Control-Allow-Origin"] = "*"
            response.headers[
                "Access-Control-Allow-Headers"] = "Accept, Content-Type"
            return response

        if (request.method == "POST"):
            content = request.get_json()
            reminder = content["reminder"]
            unixTime = content['unixTime']

            addTimer(unixTime, reminder)
            db.execute(
                'INSERT INTO reminders (reminder, unixTime) VALUES (?, ?)',
                (reminder, int(unixTime)))
            db.commit()
            response = make_response()
            response.headers["Access-Control-Allow-Origin"] = "*"
            return response
        elif (request.method == "GET"):
            rows = db.execute('SELECT * FROM reminders').fetchall()
            response = make_response(json.dumps([dict(x) for x in rows]))
            response.headers["Access-Control-Allow-Origin"] = "*"
            return response

        return "<div>Error</>"
Пример #25
0
def create():
    if request.method == 'POST':
        title = request.form['title']
        body = request.form['body']
        error = None
        res = None
        if not title:
            error = 'Title is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'INSERT INTO post (title, body, author_id)'
                ' VALUES (?, ?, ?)', (title, body, g.user['id']))
            db.commit()
            res = db.execute(
                'SELECT title, body, created, author_id, username'
                'FROM post WHERE title=?  AND body=?', (
                    title,
                    body,
                )).fetchone()

    return jsonify(res), 200
Пример #26
0
def login():
    """
    User login page
    :return:
    """
    if request.method == 'POST':
        error = None
        db = get_db()

        # Retrieve Input Forms
        username = request.form['username']
        password = request.form['password']

        # Check if user exists
        user = db.execute('SELECT * FROM user WHERE username = ?',
                          (username, )).fetchone()

        # Check for errors
        if user is None:
            error = 'Incorrect username.'
        elif not check_password_hash(user['password'], password):
            error = 'Incorrect password.'

        # On Success, Login
        if error is None:
            session.clear()
            session['user_id'] = user['id']
            session['username'] = user['username']
            session['apiKey'] = user['accessToken']
            return redirect(url_for('dashboard.dashboard'))

        # Else, display error
        flash(error)
    return render_template('auth/login.html')
Пример #27
0
 def __init__(self):
     collections = get_db()[DB_SCHEMA_NAME]
     try:
         collections.create_index('userId')
     except pymongo.errors.DuplicateKeyError as e:
         log_info("duplicate key, ignoring", LOG_WITHOUT_CONTEXT)
     except Exception as e:
         log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e)
Пример #28
0
def seed_admin():
    print("add admin user")
    db = get_db()
    user = User()
    user.username = '******'
    user.password_hash = generate_password_hash(current_app.config['ADMIN_PASSWORD'])
    db.add(user)
    db.commit()
Пример #29
0
 def store_bulk(self, tasks):
     try:
         collections = get_db()[DB_SCHEMA_NAME]
         results = collections.insert_many(tasks)
         if len(tasks) == len(results.inserted_ids):
             return True
     except Exception as e:
         log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e)
         return False
Пример #30
0
def build():
    """Creates database, migrates, and seeds"""

    create_database()
    database = get_db()
    migrate(database)
    seed_patch(database)
    seed_heroes(database)
    seed_changelog(database)
Пример #31
0
def app():
    """Create and configure a new app instance for each test"""

    # create temporary file to isolate database for each test.
    db_fd, db_path = tempfile.mkstemp()

    # create app with common test config
    app = create_app({'TESTING': True, 'DATABASE': db_path})

    with app.app_context():
        init_db()
        get_db()

    yield app

    # close and remove temporary database
    os.close(db_fd)
    os.unlink(db_path)
Пример #32
0
# r.set_oauth_app_info(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, redirect_uri=REDIRECT_URI)
# o = OAuth2Util.OAuth2Util(r)
# o.refresh()


oauth_helper = PrawOAuth2Mini(
    r, 
    app_key=CLIENT_ID, 
    app_secret=CLIENT_SECRET,
    access_token=ACCESS_TOKEN,
    scopes=SCOPES,
    refresh_token=REFRESH_TOKEN
    )

DONE = []
db = get_db()

def comment_is_valid(comment):

    if re.match('[a-zA-Z\s]+ \d\.\d\d[a-z]?(\-\d\.\d\d[a-z]?)?', comment):
        return True
    else:
        return False

def read_config_done():
    done = []
    try:
        with open("config/data/comments_done.cfg", "r") as f:
            for line in f:
                if line.strip():
                    done.append(line.strip())