def oauth(self, request): response = {} request_data = request.json username = request_data.get(Constants.USERNAME_KEY) email = request_data.get(Constants.EMAIL_KEY) display_name = request_data.get(Constants.DISPLAY_NAME_KEY) privilege = { "model": False, "asset": False, "datacenters": [], "power": False, "audit": False, "admin": False, } datacenters = privilege["datacenters"] password = Constants.NETID_PASSWORD.encode("utf-8") client_id = request_data.get("client_id") token = request_data.get(Constants.TOKEN_KEY) headers = {"x-api-key": client_id, "Authorization": f"Bearer {token}"} duke_response = requests.get("https://api.colab.duke.edu/identity/v1/", headers=headers) data_matches = self.__match_oauth(request_data, duke_response.json()) if not data_matches: raise UserException(f"Cannot confirm NetID user {username}") user = User(username, display_name, email, password, privilege, datacenters) try: self.VALIDATOR.validate_shibboleth_login(user) except UserException as e: raise UserException(e.message) except Exception as e: print(str(e)) raise UserException("Could not authorize shibboleth login") existing_user = self.USER_TABLE.get_user(user.username) if existing_user is None: self.USER_TABLE.add_user(user) else: privilege = existing_user.privilege # TODO: FIgure out what to do when adding netID user overwrites existing user response[Constants.TOKEN_KEY] = self.AUTH_MANAGER.encode_auth_token( username) response[Constants.PRIVILEGE_KEY] = privilege response[Constants.MESSAGE_KEY] = Constants.API_SUCCESS response[Constants.USERNAME_KEY] = username # print("RESPONSE") # print(response) return response
def validate_edit_user(self, user: User, original_username: str): old_user = self.validate_existing_username(original_username) # if old_user.password.decode("utf-8") == Constants.NETID_PASSWORD: # raise UserException("Cannot edit NetID user") if old_user == user: raise NoEditsError("No edits made") if not (user.email == old_user.email): self.validate_email(user.email) # if user.password is not None: # self.validate_password(user.password) if not (user.privilege == old_user.privilege): self.validate_privilege(user.privilege, user.username) if not (original_username == user.username): self.validate_new_username(user.username) if not (set(user.datacenters) == set(old_user.datacenters)): self.validate_datacenters(user.datacenters) user.password = old_user.password return [user, old_user]
def __make_user_from_json(json) -> User: privilege = json.get(Constants.PRIVILEGE_KEY) # if json.get(Constants.USERNAME_KEY) is None: # raise TypeError("Username cannot be None. Requires type str.") # if json.get(Constants.DISPLAY_NAME_KEY) is None: # raise TypeError("Username cannot be None. Requires type str.") # if json.get(Constants.EMAIL_KEY) is None: # raise TypeError("Username cannot be None. Requires type str.") # if json.get(Constants.PASSWORD_KEY) is None: # raise TypeError("Username cannot be None. Requires type str.") # if json.get(Constants.PRIVILEGE_KEY) is None: # raise TypeError("Username cannot be None. Requires type dict.") return User( username=json.get(Constants.USERNAME_KEY), display_name=json.get(Constants.DISPLAY_NAME_KEY), email=json.get(Constants.EMAIL_KEY), password=json.get(Constants.PASSWORD_KEY), privilege=privilege, datacenters=privilege.get(PermissionConstants.DATACENTERS), )
def new_user(): """ Create a new user """ data: JSON = request.get_json() user_table: UserTable = UserTable() try: username: str = data["username"] password: str = data["password"] display_name: str = data["display_name"] email: str = data["email"] privilege: str = data["privilege"] user: User = User( username=username, display_name=display_name, email=email, password=password, privilege=privilege, ) user_table.add_user(user=user) except KeyError: return HTTPStatus.BAD_REQUEST except DBWriteException: return HTTPStatus.INTERNAL_SERVER_ERROR return HTTPStatus.OK
def get_user_by_email(self, email: str) -> Optional[User]: """ Get the user for the given username """ user: UserEntry = UserEntry.query.filter_by(email=email).first() if user is None: return None return User( username=user.username, display_name=user.display_name, email=user.email, password=user.password_hash, privilege=user.privilege, datacenters=user.datacenters, )
def get_all_users(self) -> List[User]: """ Get a list of all users """ all_users: List[UserEntry] = UserEntry.query.all() return [ User( username=entry.username, display_name=entry.display_name, email=entry.email, password=entry.password_hash, privilege=entry.privilege, datacenters=entry.datacenters, ) for entry in all_users ]
def search_users( self, username: Optional[str], display_name: Optional[str], email: Optional[str], privilege: Optional[JSON], datacenters: Optional[List[str]], limit: int, ) -> List[User]: """ Get a list of all users matching the given criteria """ criteria = [] if username is not None and username != "": criteria.append(UserEntry.username == username) if display_name is not None and display_name != "": criteria.append(UserEntry.display_name == display_name) if email is not None and email != "": criteria.append(UserEntry.email == email) if privilege is not None: for key in privilege: if privilege[key] and key != PermissionConstants.DATACENTERS: criteria.append(UserEntry.privilege[key].astext.cast( Boolean) == privilege[key]) if datacenters is not None: for center in datacenters: print(center) # criteria.append(UserEntry.datacenters.any([f"{{{center}}}"])) # criteria.append(UserEntry.datacenters.all(center)) criteria.append(center == any_(UserEntry.datacenters)) filtered_users: List[UserEntry] = UserEntry.query.filter( and_(*criteria)).limit(limit) return [ User( username=user.username, display_name=user.display_name, email=user.email, password=user.password_hash, privilege=user.privilege, datacenters=user.datacenters, ) for user in filtered_users ]
def create_user(): print("Please enter new user information") print() username: str = input("Username: "******"Password: "******"Display name: ") email: str = input("Email: ") privilege: str = input("Privilege: ") encrypted_password = AuthManager().encrypt_pw(password=password) user: User = User( username=username, display_name=display_name, email=email, password=encrypted_password, privilege=privilege, ) user_table.add_user(user=user) print()
db.drop_all() db.create_all() db.session.commit() encrypted_password = AuthManager().encrypt_pw(password="******") datacenters = ["*"] priv: Permission = Permission( model=True, asset=True, datacenters=datacenters, power=True, audit=True, admin=True, ) user: User = User( username="******", display_name="Admin", email="*****@*****.**", password=encrypted_password, privilege=priv.make_json(), datacenters=datacenters, ) UserTable().add_user(user=user) model: Model = Model(vendor="dell", model_number="1234", mount_type="rackmount", height=3) ModelTable().add_model(model=model)
def create_user(self, request): """Route for creating users Username Criteria: - Between 4 and 20 characters - Contains only alphanumeric characters and ".", "_" - No "." or "_" at the beginning - No doubles of special characters (".." or "__") - Not already taken by another user Email Criteria: - Valid email address compliant with RCF 5322 standard - Not already associated with another account Password Criteria: - Contains at least one number. - Contains at least one uppercase and one lowercase character. - Contains at least one special symbol. - Between 8 to 20 characters long. Returns: string: Success or failure, if failure provide message """ response = {} request_data = request.get_json() print(request_data) try: username = request_data.get(Constants.USERNAME_KEY) password = request_data.get(Constants.PASSWORD_KEY) email = request_data.get(Constants.EMAIL_KEY) display_name = request_data.get(Constants.DISPLAY_NAME_KEY) privilege = request_data.get(Constants.PRIVILEGE_KEY) datacenters = privilege.get(PermissionConstants.DATACENTERS) except: raise InvalidInputsError( "Incorrectly formatted message. Application error on the frontend" ) try: user = self.__make_user_from_json(request_data) self.VALIDATOR.validate_create_user(user) except UserException as e: raise UserException(e.message) except: raise UserException("Could not create user") # dcs = [] # for datacenter in datacenters: # dcs.append(f"{}") try: encrypted_password = self.AUTH_MANAGER.encrypt_pw(password) user = User( username=username, display_name=display_name, email=email, password=encrypted_password, privilege=privilege, datacenters=datacenters, ) print(user) self.USER_TABLE.add_user(user) except: raise UserException("Could not create user") return self.__add_message_to_JSON(response, "success")
# Admin user encrypted_password = AuthManager().encrypt_pw(password="******") datacenters = ["*"] priv: Permission = Permission( model=True, asset=True, datacenters=datacenters, power=True, audit=True, admin=True, ) user: User = User( username="******", display_name="Admin", email="*****@*****.**", password=encrypted_password, privilege=priv.make_json(), datacenters=datacenters, ) UserTable().add_user(user=user) # Basic user encrypted_password = AuthManager().encrypt_pw(password="******") datacenters = [] basic_priv: Permission = Permission( model=False, asset=False, datacenters=datacenters, power=False, audit=False, admin=False,