def main():
parser = argparse.ArgumentParser(
description=
'Computer Aided Integration of Requirements and Information Security - Add CAIRIS user'
)
parser.add_argument('user', help='Email address')
parser.add_argument('password', help='password')
parser.add_argument('name', help='Full name')
args = parser.parse_args()
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
if (existingAccount(args.user)):
raise Exception(args.user + ' already exists')
dbAccount = canonicalDbUser(args.user)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp,
canonicalDbUser(args.user) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp,
dbAccount + '_default')
db.create_all()
user_datastore.create_user(email=args.user,
account=dbAccount,
password=args.password,
dbtoken=rp,
name='Default user')
db.session.commit()
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, args.user, rp,
dbAccount + '_default')
def addCairisUser(userName, passWd, fullName):
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
if (existingAccount(userName)):
raise Exception(userName + ' already exists')
dbAccount = canonicalDbUser(userName)
b = Borg()
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp,
canonicalDbUser(userName) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
db.create_all()
user_datastore.create_user(email=userName,
account=dbAccount,
password=hash_password(passWd),
dbtoken=rp,
name=fullName)
db.session.commit()
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
def quick_setup(dbHost,
dbPort,
dbRootPassword,
tmpDir,
rootDir,
configFile,
webPort,
logLevel,
staticDir,
assetDir,
userName,
passWd,
mailServer='',
mailPort='',
mailUser='',
mailPasswd=''):
if (len(userName) > 255):
raise ARMException("Username cannot be longer than 255 characters")
if (userName == "root"):
raise ARMException("Username cannot be root")
createDbOwnerDatabase(dbRootPassword, dbHost, dbPort)
createUserDatabase(dbHost, dbPort, dbRootPassword, rootDir)
os.environ["CAIRIS_CFG"] = configFile
pathName = os.path.split(
os.path.split(os.path.realpath(os.path.dirname(__file__)))[0])[0]
sys.path.insert(0, pathName)
fileName = os.environ.get("HOME") + "/.bashrc"
f = open(fileName, 'a')
f.write("export CAIRIS_SRC=" + rootDir + "\n")
f.write("export CAIRIS_CFG_DIR=${CAIRIS_SRC}/config\n")
f.write("export CAIRIS_CFG=" + configFile + "\n")
f.write("export PYTHONPATH=${PYTHONPATH}:" + pathName + "\n")
f.close()
createCairisCnf(configFile, dbRootPassword, dbHost, dbPort, tmpDir,
rootDir, webPort, logLevel, staticDir, assetDir,
mailServer, mailPort, mailUser, mailPasswd)
from cairis.bin.add_cairis_user import user_datastore, db
db.create_all()
if (userName != ''):
rp = ''.join(choice(ascii_letters + digits) for i in range(255))
dbAccount = canonicalDbUser(userName)
user_datastore.create_user(email=userName,
account=dbAccount,
password=passWd,
dbtoken=rp,
name='Default user')
db.session.commit()
createDatabaseAccount(dbRootPassword, dbHost, dbPort, userName, rp)
createDatabaseAndPrivileges(dbRootPassword, dbHost, dbPort, userName,
rp, dbAccount + '_default')
createDatabaseSchema(rootDir, dbHost, dbPort, userName, rp,
dbAccount + '_default')
createDefaults(rootDir, dbHost, dbPort, userName, rp,
dbAccount + '_default')
def addAdditionalUserData(userName, passWd):
fUser = user_datastore.find_user(email=userName)
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
fUser.dbtoken = rp
db.session.commit()
b = Borg()
dbAccount = canonicalDbUser(userName)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, userName, rp,
dbAccount + '_default')
def clear_project(self):
try:
self.db_proxy.clearDatabase(session_id=self.session_id)
b = Borg()
ses_settings = b.get_settings(self.session_id)
dbHost = ses_settings['dbHost']
dbPort = ses_settings['dbPort']
dbUser = ses_settings['dbUser']
dbPasswd = ses_settings['dbPasswd']
dbName = ses_settings['dbName']
createDefaults(b.cairisRoot,dbHost,dbPort,dbUser,dbPasswd,dbName)
except DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARMException as ex:
raise ARMHTTPError(ex)
def clear_project(self, objt=None, pathValues=[]):
try:
self.db_proxy.clearDatabase(session_id=self.session_id)
b = Borg()
ses_settings = b.get_settings(self.session_id)
dbHost = ses_settings['dbHost']
dbPort = ses_settings['dbPort']
dbUser = ses_settings['dbUser']
dbPasswd = ses_settings['dbPasswd']
dbName = ses_settings['dbName']
createDefaults(b.cairisRoot, dbHost, dbPort, dbUser, dbPasswd,
dbName)
return 'Project cleared successfully'
except DatabaseProxyException as ex:
raise ARMHTTPError(ex)
except ARMException as ex:
raise ARMHTTPError(ex)
def testCreateShareResetDelete(self):
b = Borg()
dropCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort)
testAccount = '*****@*****.**'
createDbOwnerDatabase(b.rPasswd, b.dbHost, b.dbPort)
createCairisUserDatabase(b.rPasswd, b.dbHost, b.dbPort)
db.create_all()
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount)
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount not in accountList, True)
rp = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
dbAccount = canonicalDbUser(testAccount)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount, rp)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount,
rp,
canonicalDbUser(testAccount) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_default')
user_datastore.create_user(email=testAccount,
account=dbAccount,
password='******',
dbtoken=rp,
name='Test user')
db.session.commit()
self.assertEqual(rp, dbtoken(b.rPasswd, b.dbHost, b.dbPort,
testAccount))
createDefaults(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_default')
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount in accountList, True)
self.assertEqual(existingAccount(testAccount), True)
self.assertEqual(len(databases(dbAccount)), 1)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount,
rp,
canonicalDbUser(testAccount) + '_Test1')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount, rp,
dbAccount + '_Test1')
self.assertEqual(len(databases(dbAccount)), 2)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0)
self.assertEqual(isOwner(dbAccount, 'Test1'), True)
testAccount2 = '*****@*****.**'
rp2 = ''.join(
choice(string.ascii_letters + string.digits) for i in range(255))
dbAccount2 = canonicalDbUser(testAccount2)
createDatabaseAccount(b.rPasswd, b.dbHost, b.dbPort, dbAccount2, rp2)
createDatabaseAndPrivileges(b.rPasswd, b.dbHost, b.dbPort, dbAccount2,
rp2,
canonicalDbUser(testAccount2) + '_default')
createDatabaseSchema(b.cairisRoot, b.dbHost, b.dbPort, testAccount,
rp2, dbAccount2 + '_default')
user_datastore.create_user(email=testAccount2,
account=dbAccount2,
password='******',
dbtoken=rp2,
name='Test user 2')
db.session.commit()
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount2 in accountList, True)
self.assertEqual(len(databases(dbAccount2)), 1)
grantDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1',
testAccount2)
self.assertEqual(len(databases(dbAccount2)), 2)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 1)
self.assertEqual(isOwner(dbAccount2, 'Test1'), False)
revokeDatabaseAccess(b.rPasswd, b.dbHost, b.dbPort, 'Test1',
testAccount2)
self.assertEqual(len(databases(dbAccount2)), 1)
self.assertEqual(len(dbUsers(dbAccount + '_Test1')), 0)
resetUsers(b.cairisRoot, b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(len(databases(dbAccount)), 1)
self.assertEqual(len(databases(dbAccount2)), 1)
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount)
dropUser(b.rPasswd, b.dbHost, b.dbPort, testAccount2)
accountList = accounts(b.rPasswd, b.dbHost, b.dbPort)
self.assertEqual(testAccount not in accountList, True)
self.assertEqual(testAccount2 not in accountList, True)