def get_consent_challenge(challenge: str):
"""
Acepta el consentimiento del usuario para el acceso a los datos de la app cliente.
respuestas:
200 - ok
"""
if not challenge:
return Response('Formato de datos erróneo', 400)
status, data = hydraModel.get_consent_challenge(challenge)
if status == 409:
return Response('Id ya usado', status=409)
if status != 200:
return Response('Id no encontrado', status=404)
try:
"""
with open_session() as session:
hydraLocalModel.store_consent_challenge(session, data)
session.commit()
"""
original_url = data['request_url']
scopes = data['requested_scope']
context = data['context']
# aca se debe obtener el usuario para chequear si se debe actualizar el contexto.
uid = context['sub']
with open_users_session() as users_session:
users = usersModel.get_users(users_session, [uid])
if not users or len(users) <= 0:
raise Exception(f'no se pudo obtener usuario con uid : {uid}')
user = users[0]
context = _generate_context(user)
status, redirect = hydraModel.accept_consent_challenge(
challenge=challenge,
scopes=scopes,
context=context,
remember=False)
if status != 200:
return Response('Interno de validación', 503)
response = {
'skip': data['skip'],
'scopes': data['requested_scope'],
'audience': data['requested_access_token_audience'],
'subject': data['subject'],
'redirect_to': redirect['redirect_to']
}
return jsonify({'status': 200, 'response': response}), 200
except Exception as e1:
logging.exception(e1)
return Response('Interno del servidor', 500)
def generate_users(students, results_file):
from login.model import obtener_session as open_login_session
from users.model import open_session as open_users_session
from users.model.entities.User import User, IdentityNumber, IdentityNumberTypes, Mail, MailTypes
from login.model.entities.Login import UserCredentials
from sqlalchemy import select
from sqlalchemy import or_
with open(results_file, 'w') as results:
with open_users_session() as session:
for student in students:
print(
f"testeando : {student.dni} {student.name} {student.lastname}"
)
stmt = select(IdentityNumber.user_id).filter(
or_(IdentityNumber.number == student.dni,
IdentityNumber.number == student.number))
user_id = session.execute(stmt).first()
# stmt = select(User.id).all()
if user_id is None:
print(
f'No existe {student.dni} {student.name} {student.lastname}'
)
results.write(
f"{student.dni};{student.name};{student.lastname};{student.number};{student.email};NO EXISTE\n"
)
continue
user_id = user_id[0]
emid = session.execute(
select(Mail.id).filter_by(email=student.email,
user_id=user_id)).first()
if emid is not None:
print('ya tiene el correo')
continue
email_id = str(uuid.uuid4())
email = Mail(id=email_id,
user_id=user_id,
type=MailTypes.ALTERNATIVE,
confirmed=datetime.datetime.now(),
email=student.email)
session.add(email)
session.commit()
results.write(
f"{student.dni};{student.name};{student.lastname};{student.number};{student.email};AGREGADO\n"
)
return results
def _buscar_o_crear_usuario_uid(dni):
with open_users_session() as session:
uid = UsersModel.get_uid_person_number(session, dni)
if not uid:
uid = str(uuid.uuid4())
user = User()
user.id = uid
user.name = 'Importado del sileg.'
user.lastname = 'Importado del sileg'
session.add(user)
idni = IdentityNumber()
idni.id = str(uuid.uuid4())
idni.number = dni
idni.user_id = uid
session.add(idni)
session.commit()
return uid
def generate_users(students, results_file):
from login.model import obtener_session as open_login_session
from users.model import open_session as open_users_session
from users.model.entities.User import User, IdentityNumber, IdentityNumberTypes, Mail, MailTypes
from login.model.entities.Login import UserCredentials
from sqlalchemy import select
from sqlalchemy import or_
with open(results_file, 'w') as results:
with open_users_session() as session:
with open_login_session(echo=False) as login_session:
for student in students:
print(
f"testeando : {student.dni} {student.name} {student.lastname}"
)
stmt = select(IdentityNumber.user_id).filter(
or_(IdentityNumber.number == student.dni,
IdentityNumber.number == student.number))
user_id = session.execute(stmt).first()
# stmt = select(User.id).all()
if user_id is not None:
print(f'YA EXISTE {user_id}')
results.write(
f"{student.dni};{student.name};{student.lastname};{student.number};{student.email};YA EXISTE\n"
)
continue
stmt = select(
UserCredentials.id).filter_by(username=student.dni)
lid = login_session.execute(stmt).first()
if lid is not None:
print(f'LOGIN YA EXISTE {user_id} {student.dni}')
results.write(
f"{student.dni};{student.name};{student.lastname};{student.number};{student.email};YA EXISTE\n"
)
continue
""" agrego la persona debido a que no existe """
user_id = str(uuid.uuid4())
email_id = str(uuid.uuid4())
id_id = str(uuid.uuid4())
student_id = str(uuid.uuid4())
login_id = str(uuid.uuid4())
user = User(id=user_id,
firstname=student.name,
lastname=student.lastname)
session.add(user)
email = Mail(id=email_id,
user_id=user_id,
type=MailTypes.ALTERNATIVE,
confirmed=datetime.datetime.now(),
email=student.email)
session.add(email)
idn = IdentityNumber(id=id_id,
user_id=user_id,
number=student.dni,
type=IdentityNumberTypes.DNI)
idns = IdentityNumber(id=student_id,
user_id=user_id,
number=student.number,
type=IdentityNumberTypes.STUDENT)
session.add(idn)
session.add(idns)
session.commit()
credentials = UserCredentials(id=login_id,
user_id=user_id,
username=student.dni,
credentials=student.passw,
temporal=False)
login_session.add(credentials)
login_session.commit()
results.write(
f"{student.dni};{student.name};{student.lastname};{student.number};{student.email};AGREGADO\n"
)
return results
def login():
"""
Logueo de un usuario mediante credenciales de usuario y clave.
Respuestas:
200 - ok
500 - excepción irrecuperable
400 - (Bad request) - challenge no encontrado
404 - (Not Found) - Usuario/clave no válidas
409 - (Gone) - challenge que existía pero ya fue usado
"""
data = request.json
try:
user = data['user']
assert user is not None
password = data['password']
assert password is not None
challenge = data['challenge']
assert challenge is not None
#device_id = data['device_id']
#assert device_id is not None
except Exception:
return Response('Formato de datos erróneo', 400)
# obtengo el challenge de hydra.
status, ch = hydraModel.get_login_challenge(challenge)
if status == 409:
return Response('Id ya usado', status=409)
if status != 200:
return Response('Id no encontrado', status=404)
try:
original_url = ch['request_url']
usr = None
with open_session() as session:
"""
ch = hydraLocalModel.get_login_challenge(session, challenge)
if not ch:
status = 400
return jsonify({'status':status, 'response':{'error':'challenge not found'}}), status
original_url = ch.request_url
"""
usr, hash_ = loginModel.login(session,
user,
password,
None,
challenge,
position=None)
session.commit()
if not usr:
"""
d = hydraModel.get_device_logins(session, device_id)
d.errors = d.errors + 1
session.commit()
"""
status, data = hydraModel.deny_login_challenge(
challenge, None, 'Credenciales incorrectas')
if status != 200:
return Response('Usuario o Contraseña incorrecta', 503)
redirect = data['redirect_to']
return Response(redirect, 401)
"""
d = hydraModel.get_device_logins(session, device_id)
d.success = d.success + 1
session.commit()
"""
# aca se debe obtener el usuario para poder setearlo dentro del idtoken
uid = usr.user_id
with open_users_session() as users_session:
users = usersModel.get_users(users_session, [uid])
if not users or len(users) <= 0:
raise Exception(f'no se pudo obtener usuario con uid : {uid}')
user = users[0]
context = _generate_context(user)
status, data = hydraModel.accept_login_challenge(challenge=challenge,
uid=uid,
data=context,
remember=False)
if status != 200:
return Response('Interno de validación', 503)
redirect = data['redirect_to']
response = {'hash': hash_, 'redirect_to': redirect}
return jsonify({'status': status, 'response': response}), status
except Exception as e1:
logging.exception(e1)
return Response('Interno del servidor', 500)
cur = con.cursor()
try:
cur.execute(
'select pers_nrodoc from empleado e left join persona p on (p.pers_id = e.empleado_pers_id)'
)
dnis = [str(d[0]) for d in cur]
finally:
cur.close()
finally:
con.close()
for dni in dnis:
try:
print(f'buscando usuario {dni}')
with open_users_session() as s2:
uid = UsersModel.get_uid_person_number(s2, dni)
if not uid:
raise Exception(f'no se encuentra uid para el dni {dni}')
silegModel = SilegModel()
with open_session(echo=False) as session:
try:
""" elimino fisicamente todas las designaciones de la persona referenciada """
print(f"eliminando designaciones {dni}")
for p in session.query(PersonalLeaveLicense.id).filter(
PersonalLeaveLicense.user_id == uid).all():
session.query(PersonalLeaveLicense).filter(
PersonalLeaveLicense.license_id == p.id).delete()
session.commit()
session.query(PersonalLeaveLicense).filter(