def auth_user(global_config, desired_path='/home'): auth = web.ctx.env.get('HTTP_AUTHORIZATION') authreq = False if auth is None: authreq = True else: auth = re.sub('^Basic ','',auth) username,password = base64.decodestring(auth).split(':') if logged_out_users.has_key(username): del logged_out_users[username] else: session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season']) user = UsersDataModel.getUser(session, username) session.remove() if user: if user.state == 'Disabled': raise web.seeother('/accountdisabled') #if (username,password) in allowed: if user.check_password(password) == True: raise web.seeother(desired_path) authreq = True if authreq: web.header('WWW-Authenticate','Basic realm="FRC1073 ScoutingAppCentral"') web.ctx.status = '401 Unauthorized' return
def get_user_form(global_config, username): global_config['logger'].debug( 'GET User Form For: %s', username ) session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season']) user = UsersDataModel.getUser(session, username) form = userform() if user: form[user_username_label].value = user.username form[user_emailaddress_label].value = user.email_address form[user_cellphone_label].value = user.cellphone form[user_carrier_label].value = user.carrier form[user_subgroup_label].value = user.subgroup form[user_password_label].value = user.password form[user_display_name_label].value = user.display_name form[user_role_label].value = user.role form[user_contact_mode_label].value = user.contact_mode form[user_nickname_label].value = user.altname form[user_access_level_label].value = user.access_level form[user_state_label].value = user.state form[user_taskgroups_label].value = UsersDataModel.getUserTaskgroups(session, user.username) else: form[user_access_level_label].value = 10 form[user_role_label].value = 'Guest' session.remove() return form
def process_user_form(global_config, form, username, my_access_level, new_user=False): if new_user == True: username = form[user_username_label].value global_config['logger'].debug( 'Process User Profile For: %s', username ) session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season']) email_address = form[user_emailaddress_label].value cellphone = form[user_cellphone_label].value carrier = form[user_carrier_label].value subgroup = form[user_subgroup_label].value user = UsersDataModel.getUser(session, username) if user: if new_user == True: raise Exception('User Already Exists!') # validate the password confirmation only if the user actually changed his # password if form[user_password_label].value != user.password: if form[user_password_label].value != form[user_password_confirm_label].value: raise Exception('Passwords Do NOT Match') # also make sure to pull username from the database, in case the user # provided the nickname username = user.username password = form[user_password_label].value display_name = form[user_display_name_label].value role = form[user_role_label].value contact_mode = form[user_contact_mode_label].value nickname = form[user_nickname_label].value access_level = int(form[user_access_level_label].value) if access_level == 0: if my_access_level >0: raise Exception('Only Supreme Admins (aka NOT you) can set access level to 0') taskgroups = form[user_taskgroups_label].value state = form[user_state_label].value UsersDataModel.addOrUpdateUser(session, username, email_address, cellphone, carrier, subgroup, password, display_name, role, contact_mode, nickname, access_level, state) UsersDataModel.updateUserTaskgroups(session, username, taskgroups) session.commit() session.remove() return '/users'
def check_access(global_config, access_level): auth = web.ctx.env.get('HTTP_AUTHORIZATION') if auth is None: raise web.seeother('/login?path=%s' % web.ctx.path) else: auth = re.sub('^Basic ','',auth) username,password = base64.decodestring(auth).split(':') # here is where we need to do a lookup in the user database and see if the # user is authorized to access this page. session = DbSession.open_db_session(global_config['users_db_name']) user = UsersDataModel.getUser(session, username) if user: if user.check_access_level(access_level) == True: return (username,user.access_level) raise web.seeother('/accessdenied')
def get_userprofile_form(global_config, username): global_config['logger'].debug( 'GET User Form For: %s', username ) session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season']) user = UsersDataModel.getUser(session, username) form = userprofileform() form[user_username_label].value = user.username form[user_emailaddress_label].value = user.email_address form[user_cellphone_label].value = user.cellphone form[user_carrier_label].value = user.carrier form[user_subgroup_label].value = user.subgroup form[user_password_label].value = user.password form[user_display_name_label].value = user.display_name form[user_contact_mode_label].value = user.contact_mode form[user_nickname_label].value = user.altname session.remove() return form
def process_userprofile_form(global_config, form, username): global_config['logger'].debug( 'Process User Profile For: %s', username ) session = DbSession.open_db_session(global_config['users_db_name'] + global_config['this_season']) email_address = form[user_emailaddress_label].value cellphone = form[user_cellphone_label].value carrier = form[user_carrier_label].value subgroup = form[user_subgroup_label].value # set default access level and rols, and override if the user is already in the system access_level = 5 role = 'Guest' user = UsersDataModel.getUser(session, username) if user: # validate the password confirmation only if the user actually changed his # password if form[user_password_label].value != user.password: if form[user_password_label].value != form[user_password_confirm_label].value: raise Exception('Passwords Do NOT Match') access_level = user.access_level role = user.role state = user.state password = form[user_password_label].value display_name = form[user_display_name_label].value contact_mode = form[user_contact_mode_label].value nickname = form[user_nickname_label].value UsersDataModel.addOrUpdateUser(session, username, email_address, cellphone, carrier, subgroup, password, display_name, role, contact_mode, nickname, access_level, state) session.commit() session.remove() return '/home'
if not os.path.isdir(base_dir): raise input_dir = './static/data/' + competition + '/ScoutingData/' db_name = global_config['db_name'] issues_db_name = global_config['issues_db_name'] debriefs_db_name = global_config['debriefs_db_name'] users_db_name = global_config['users_db_name'] session = DbSession.open_db_session(db_name, DataModel) issues_session = DbSession.open_db_session(issues_db_name, IssueTrackerDataModel) debrief_session = DbSession.open_db_session(debriefs_db_name, DebriefDataModel) users_session = DbSession.open_db_session(users_db_name, UsersDataModel) # make sure that there is a default admin user. If no admin user exists, then create one if UsersDataModel.getUser( users_session, 'admin' ) is None: UsersDataModel.create_admin_user(users_session, 'squirrel!') # Build the attribute definition dictionary from the definitions csv file attrdef_filename = './config/' + global_config['attr_definitions'] attr_definitions = AttributeDefinitions.AttrDefinitions() attr_definitions.parse(attrdef_filename) if options.processfiles: competition = global_config['this_competition'] + global_config['this_season'] try: process_files(session, db_name, attr_definitions, input_dir, options.recursive, options.test) dump_database_as_csv_file(session, attr_definitions, competition) except Exception, e: global_config['logger'].debug('Exception Caught Processing Files: %s' % str(e) ) traceback.print_exc(file=sys.stdout)