def get_partners(self, mode):
# on obtient la liste des partners avec le Relay qui a une cle 1
self.partners = []
acct = Account.from_key(mode.relay_private_key)
mode.w3.eth.defaultAccount = acct.address
contract = mode.w3.eth.contract(self.workspace_contract,
abi=constante.workspace_ABI)
try:
partners_list = contract.functions.getKnownPartnershipsContracts(
).call()
except:
return False
liste = [
"Unknown",
"Authorized",
"Pending",
"Rejected",
"Removed",
]
for partner_workspace_contract in partners_list:
try:
authorization_index = contract.functions.getPartnership(
partner_workspace_contract).call()[1]
except Exception as ex:
logging.warning(ex)
return False
partner_username = ns.get_username_from_resolver(
partner_workspace_contract, mode)
if authorization_index != 4 and partner_username: # only if not "Removed" and parner is known in the database
partner_address = contractsToOwners(partner_workspace_contract,
mode)
partner_publickey = mode.w3.soliditySha3(['address'],
[partner_address])
self.partners.append({
'address': partner_address,
'publickey': partner_publickey,
'workspace_contract': partner_workspace_contract,
'username': partner_username,
'authorized': liste[authorization_index],
'status': 'Not available'
})
# on met a jour le status avec un acces par le owner au partnership dans le contract du partner
if self.private_key:
acct = Account.from_key(self.private_key_value)
mode.w3.eth.defaultAccount = acct.address
for index in range(0, len(self.partners)):
contract = mode.w3.eth.contract(
self.partners[index]['workspace_contract'],
abi=constante.workspace_ABI)
self.partners[index]['status'] = liste[
contract.functions.getMyPartnershipStatus().call()]
else:
logging.warning(
'status des partnerships impossible a obtenir, private key not found'
)
return True
def certificate_issuer_explore(mode) :
""" This can be an entry point too"""
menu = session.get('menu', dict())
viewer = 'guest' if not session.get('username') else 'user'
issuer_workspace_contract = request.args['workspace_contract']
certificate_id = request.args.get('certificate_id')
try :
issuer_explore = Identity(issuer_workspace_contract, mode, authenticated=False)
except :
logging.warning('issuer does not exist')
flash('Identity not found ', 'danger')
return redirect(mode.server + 'certificate/verify/?certificate_id=' + certificate_id)
if issuer_explore.type == 'person' :
session['resume']= issuer_explore.__dict__
""" clean up """
del session['resume']['file_list']
del session['resume']['experience_list']
del session['resume']['education_list']
del session['resume']['other_list']
del session['resume']['kbis_list']
del session['resume']['certificate_list']
del session['resume']['partners']
del session['resume']['synchronous']
del session['resume']['authenticated']
del session['resume']['rsa_key']
del session['resume']['relay_activated']
del session['resume']['private_key']
del session['resume']['identity_file']
session['resume']['topic'] = 'resume'
if issuer_explore.type == 'person' :
# personal
Topic = {'firstname' : 'Firstname',
'lastname' : 'Lastname',
'about' : 'About',
'profil_title' : 'Title',
'birthdate' : 'Birth Date',
'contact_email' : 'Contact Email',
'contact_phone' : 'Contact Phone',
'postal_address' : 'Postal Address',
'education' : 'Education'}
issuer_username = ns.get_username_from_resolver(issuer_workspace_contract, mode)
issuer_username = '******' if not issuer_username else issuer_username
issuer_personal = """<span><b>Username</b> : """ + issuer_username +"""<br>"""
for topic_name in issuer_explore.personal.keys() :
if issuer_explore.personal[topic_name]['claim_value'] :
#topicname_id = 'did:talao:' + mode.BLOCKCHAIN + ':' + issuer_workspace_contract[2:] + ':claim:' + issuer_explore.personal[topic_name]['claim_id']
issuer_personal = issuer_personal + """
<span><b>"""+ Topic[topic_name] +"""</b> : """+ issuer_explore.personal[topic_name]['claim_value']+"""
</span><br>"""
# Proofs of Identity
my_kyc = ""
# experience
issuer_experience = ''
if issuer_explore.experience == [] :
issuer_experience = """ <a class="text-info">No data available</a>"""
else :
for experience in issuer_explore.experience :
exp_html = """
<b>Company</b> : """+experience['company']['name']+"""<br>
<b>Title</b> : """+experience['title']+"""<br>
<b>Description</b> : """+experience['description'][:100]+"""...<br>
<p>
</p>"""
issuer_experience = issuer_experience + exp_html + """<hr>"""
# education
issuer_education = ''
if issuer_explore.education == [] :
issuer_education = """ <a class="text-info">No data available</a>"""
else :
for education in issuer_explore.education :
edu_html = """
<b>Organization</b> : """+education['organization']['name']+"""<br>
<b>Title</b> : """+education['title']+"""<br>
<b>Description</b> : """+education['description'][:100]+"""...<br>
<p>
</p>"""
issuer_education = issuer_education + edu_html + """<hr>"""
# skills
if not issuer_explore.skills or not issuer_explore.skills.get('id') :
issuer_skills = """<a class="text-info">No Skills Available</a>"""
else :
issuer_skills = ""
for skill in issuer_explore.skills['description'] :
skill_html = """
"""+ skill['skill_name'] + """ (""" + skill['skill_level'] + """)""" + """<br>
<!-- <b>Domain</b> : """+skill['skill_domain'] + """<br>
<b>Level</b> : """+ skill['skill_level'] + """...<br>
<p>
<a class="text-secondary" href="/user/remove_experience/?experience_id=""" + """>
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i>
</a>
</p> -->"""
issuer_skills = issuer_skills + skill_html
issuer_skills = issuer_skills + """
<p>
</p>"""
# certificates
issuer_certificates = ""
if issuer_explore.certificate == [] :
issuer_certificates = """<a class="text-info">No data available</a>"""
else :
for certificate in issuer_explore.certificate :
certificate_issuer_username = ns.get_username_from_resolver(certificate['issuer']['workspace_contract'], mode)
certificate_issuer_username = '******' if not certificate_issuer_username else certificate_issuer_username
if certificate['issuer']['category'] == 2001 :
certificate_issuer_name = certificate['issuer']['name']
elif certificate['issuer']['category'] == 1001 :
certificate_issuer_name = certificate['issuer']['firstname'] + ' ' + certificate['issuer']['lastname']
else :
pass
cert_html = """
<b>Issuer Name</b> : """ + certificate_issuer_name +"""<br>
<b>Title</b> : """ + certificate['title']+"""<br>
<b>Description</b> : """ + certificate['description'][:100]+"""...<br>
<b></b><a href= """ + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + issuer_workspace_contract[2:] + """:document:""" + str(certificate['doc_id']) + """>Display Certificate</a><br>
<p>
</p>"""
issuer_certificates = issuer_certificates + cert_html + """<hr>"""
return render_template('./certificate/certificate_person_issuer_identity.html',
**menu,
issuer_name=issuer_explore.name,
issuer_profil_title = issuer_explore.profil_title,
kyc=my_kyc,
personal=issuer_personal,
experience=issuer_experience,
skills=issuer_skills,
certificates=issuer_certificates,
education=issuer_education,
issuer_picturefile=issuer_explore.picture,
certificate_id= certificate_id,
viewer=viewer,)
if issuer_explore.type == 'company' :
# kbis
if not issuer_explore.personal['website']['claim_value'] and not issuer_explore.kbis :
my_kbis = """<p class="text-warning">No data available</p><br>"""
if issuer_explore.personal['website']['claim_value'] :
my_kbis = """<b>Contact</b> : """ + issuer_explore.personal['contact_email']['claim_value'] #+ """ <br>
for kbis in issuer_explore.kbis :
my_kbis = my_kbis + "<hr><b>Certificate issued by Talao</b><br><br>"
kbis_html = """
<b>Name</b> : """+ kbis['name'] +"""<br>
<b>Siret</b> : """+ kbis['siret'] +"""<br>
<b>Creation</b> : """+ kbis['date'] + """<br>
<b>Capital</b> : """+ kbis['capital']+"""<br>
<b>Address</b> : """+ kbis['address']+"""<br>
<p>
</p>"""
my_kbis = my_kbis + kbis_html
# personal
issuer_username = ns.get_username_from_resolver(issuer_workspace_contract, mode)
issuer_username = '******' if not issuer_username else issuer_username
issuer_personal = """ <span><b>Username</b> : """ + issuer_username + """<br>"""
for topic_name in issuer_explore.personal.keys() :
if issuer_explore.personal[topic_name]['claim_value'] :
topicname_id = 'did:talao:' + mode.BLOCKCHAIN + ':' + issuer_workspace_contract[2:] + ':claim:' + issuer_explore.personal[topic_name]['claim_id']
issuer_personal = issuer_personal + """
<span><b>"""+ topic_name +"""</b> : """+ issuer_explore.personal[topic_name]['claim_value']+"""
</span><br>"""
services ="""<a class="text-warning">Register to get access to services.</a><br><br>"""
return render_template('./certificate/certificate_company_issuer_identity.html',
**menu,
issuer_name=issuer_explore.name,
kbis=my_kbis,
services=services,
personal=issuer_personal,
issuer_picturefile=issuer_explore.picture,
certificate_id=certificate_id,
viewer=viewer,)
def user(mode):
"""
#@app.route('/user/', methods = ['GET'])
Main view for Identity Repository
We setup Ientity with workspace or username depending of the login method
"""
check_login()
if not session.get('uploaded', False):
logging.info('start first instanciation')
if not session.get('workspace_contract'):
logging.info('Identity set up from username')
data_from_username = ns.get_data_from_username(
session['username'], mode)
session['workspace_contract'] = data_from_username[
'workspace_contract']
else:
logging.info('Identity set up from workspace contract')
session['username'] = ns.get_username_from_resolver(
session['workspace_contract'], mode)
if mode.test:
user = Identity(session['workspace_contract'],
mode,
authenticated=True)
else:
try:
user = Identity(session['workspace_contract'],
mode,
authenticated=True)
except:
logging.error('cannot init Identity')
flash('session aborted', 'warning')
return render_template('login.html')
logging.info('end of first intanciation')
# init session side by redis
session['uploaded'] = True
session['type'] = user.type
session['address'] = user.address
session['workspace_contract'] = user.workspace_contract
session['issuer'] = user.issuer_keys
session['partner'] = user.partners
session['did'] = user.did
session['eth'] = user.eth
session['token'] = user.token
session['rsa_key'] = user.rsa_key
session['rsa_key_value'] = user.rsa_key_value
session['rsa_filename'] = session['did'] + ".pem"
session['private_key'] = user.private_key
session['private_key_value'] = user.private_key_value
session['relay_activated'] = user.relay_activated
session['personal'] = user.personal
session['identity_file'] = user.identity_file
session['name'] = user.name
session['secret'] = user.secret
session['picture'] = user.picture
session['signature'] = user.signature
session['skills'] = user.skills
session['certificate'] = user.certificate
session['private_certificate'] = user.private_certificate
session['secret_certificate'] = user.secret_certificate
session[
'all_certificate'] = user.certificate + user.private_certificate + user.secret_certificate
session['has_vault_access'] = user.has_vault_access
session['method'] = ns.get_method(session['workspace_contract'], mode)
session['mode_server'] = mode.server
if not session['method']:
session['method'] = "ethr"
phone = ns.get_data_from_username(session.get('username'),
mode).get('phone')
session['phone'] = phone if phone else ""
if user.type == 'person':
session['profil_title'] = user.profil_title
session['experience'] = user.experience
session['education'] = user.education
# no credential workflow
session['host'] = session['employee'] = None
session['role'] = session['referent'] = None
clipboard = mode.server + "resume/?did=" + session['did']
session['check_identity_key'] = False
if session['type'] == 'company':
session['profil_title'] = ""
# data for credential workflow for admin, issuer or reviewer
try:
session['host'] = session['username'].split('.')[1]
session['employee'] = session['username'].split('.')[0]
session['role'] = ns.get_data_from_username(
session['username'], mode)['role']
session['referent'] = ns.get_data_from_username(
session['username'], mode)['referent']
# for creator
except:
session['host'] = session['username']
session['employee'] = None
session['role'] = 'creator'
session['referent'] = None
clipboard = mode.server + "board/?did=" + session['did']
# for nav bar menu display
session['menu'] = {
'picturefile': session['picture'],
'username': session.get('username', ""),
'name': session['name'],
#'private_key_value' : user.private_key_value,
'rsa_filename': session['rsa_filename'],
'profil_title': session['profil_title'],
'clipboard': clipboard
}
# Dashboard start for employees
if session['role'] in ['issuer', 'reviewer']:
return redirect(mode.server + 'company/dashboard/')
# Homepage start for Talent
#if user.type == 'person' :
# return render_template('homepage.html', **session['menu'])
# check Identity key Pair for person only client side
# Keypairs for companies are setpu server side
if not ns.get_did(session['workspace_contract'],
mode) and session['type'] == 'person':
return redirect(mode.server + 'user/generate_identity/')
else:
session['check_identity_key'] = True
# Partners
if not session['partner']:
my_partner = """<a class="text-info">No Partners available</a>"""
else:
my_partner = ""
for partner in session['partner']:
if partner['authorized'] == 'Pending':
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner[
'username'] + """">""" + partner['username'] + """</a> (""" + partner[
'authorized'] + """ - """ + partner['status'] + """ )
<a class="text-secondary" href="/user/reject_partner/?partner_username=""" + partner[
'username'] + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-thumbs-o-down" title="Reject this Partnership.">   </i>
</a>
<a class="text-secondary" href="/user/authorize_partner/?partner_username=""" + partner[
'username'] + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-thumbs-o-up" title="Authorize this Parnership."></i>
</a>
</spn>"""
elif partner['authorized'] == 'Removed':
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner[
'username'] + """">""" + partner[
'username'] + """</a> (""" + partner[
'authorized'] + """ - """ + partner[
'status'] + """ )
</spn>"""
else:
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner[
'username'] + """">""" + partner[
'username'] + """</a> (""" + partner[
'authorized'] + """ - """ + partner['status'] + """ )
<a class="text-secondary" href="/user/remove_partner/?partner_username=""" + partner[
'username'] + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove this Partnership.">   </i>
</spn>"""
my_partner = my_partner + partner_html + """<br>"""
# Issuer for document, they have an ERC725 key 20002
if not session['issuer']:
my_issuer = """ <a class="text-info">No Referents available</a>"""
else:
my_issuer = ""
for one_issuer in session['issuer']:
issuer_username = ns.get_username_from_resolver(
one_issuer['workspace_contract'], mode)
issuer_username = '******' if issuer_username is None else issuer_username
issuer_html = """
<span>""" + issuer_username + """
<a class="text-secondary" href="/user/remove_issuer/?issuer_username=""" + issuer_username + """&issuer_address=""" + one_issuer[
'address'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i>
</a>
<a class="text-secondary" href="/user/issuer_explore/?issuer_username=""" + issuer_username + """">
<i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check"></i>
</a>
</span>"""
my_issuer = my_issuer + issuer_html + """<br>"""
# files
if not session['identity_file']:
my_file = """<a class="text-info">No Files available</a>"""
else:
my_file = ""
for one_file in session['identity_file']:
file_html = """
<b>File Name</b> : """ + one_file['filename'] + """ ( """ + one_file[
'privacy'] + """ ) <br>
<b>Created</b> : """ + one_file['created'] + """<br>
<p>
<a class="text-secondary" href="/user/remove_file/?file_id=""" + one_file[
'id'] + """&filename=""" + one_file['filename'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
<a class="text-secondary" href=/user/download/?filename=""" + one_file[
'filename'] + """>
<i data-toggle="tooltip" class="fa fa-download" title="Download"></i>
</a>
</p>"""
my_file = my_file + file_html
# skills
if not session['skills'] or not session['skills'].get('id'):
my_skills = """<a class="text-info">No data available</a>"""
else:
my_skills = ""
for skill in session['skills']['description']:
skill_html = skill['skill_name'] + """ (""" + skill[
'skill_level'] + """)""" + """<br>"""
my_skills = my_skills + skill_html
my_skills = my_skills + """
<p>
</p>"""
# specific to person
if session['type'] == 'person':
# experience
my_experience = ""
if not session['experience']:
my_experience = my_experience + """<a class="text-info">No Experience available</a>"""
else:
for experience in sorted(
session['experience'],
key=lambda d: time.strptime(d['start_date'], "%Y-%m-%d"),
reverse=True):
if not experience['end_date']:
end_date = "Current"
else:
end_date = experience['end_date']
exp_html = """
<b>Company</b> : """ + experience['company']['name'] + """<br>
<b>Title</b> : """ + experience['title'] + """<br>
<b>Start Date</b> : """ + experience['start_date'] + """<br>
<b>End Date</b> : """ + end_date + """<br>
<b>Description</b> : """ + experience['description'][:100] + """...<br>
<p>
<a class="text-secondary" href="/user/remove_experience/?experience_id=""" + experience[
'id'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
</p>"""
my_experience = my_experience + exp_html + "<hr>"
# education
my_education = ""
if not session['education']:
my_education = my_education + """<a class="text-info">No Education available</a>"""
else:
for education in session['education']:
edu_html = """
<b>Organization</b> : """ + education['organization']['name'] + """<br>
<b>Title</b> : """ + education['title'] + """<br>
<b>Start Date</b> : """ + education['start_date'] + """<br>
<b>End Date</b> : """ + education['end_date'] + """<br>
<p>
<a class="text-secondary" href="/user/remove_education/?education_id=""" + education[
'id'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
</p>"""
my_education = my_education + edu_html + "<hr>"
# personal
TOPIC = {
'firstname': 'Firstname',
'lastname': 'Lastname',
'about': 'About',
'profil_title': 'Title',
'birthdate': 'Birth Date',
'contact_email': 'Contact Email',
'contact_phone': 'Contact Phone',
'postal_address': 'Postal Address',
'education': 'Education'
}
my_personal = ""
for topicname in TOPIC.keys():
if session['personal'][topicname].get('claim_value'):
text = session['personal'][topicname][
'claim_value'] + ' (' + session['personal'][topicname][
'privacy'] + ')'
my_personal += """<b>""" + TOPIC[
topicname] + """</b> : """ + text + """<br>"""
# Alias
if session['username'] != ns.get_username_from_resolver(
session['workspace_contract'], mode):
display_alias = False
my_access = ""
else:
display_alias = True
my_access = ""
access_list = ns.get_alias_list(session['workspace_contract'],
mode)
for access in access_list:
if access['username'] == session['username']:
access_html = """
<span>""" + session['username'] + """ (logged)
</span>"""
else:
access_html = """
<span>""" + access['username'] + """ : """ + access['email'] + """
<a class="text-secondary" href="/user/remove_access/?alias_to_remove=""" + access[
'username'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove"> </i>
</a>
</span>"""
my_access += access_html + """<br>"""
# credentials/certificates
my_certificates = ""
if not session['all_certificate']:
my_certificates = my_certificates + """<a class="text-info">No Credential available</a>"""
else:
for counter, certificate in enumerate(session['all_certificate'],
1):
try:
cert_html = """<hr>
<b>Credential Type</b> : """ + certificate['credentialSubject'][
'credentialCategory'].capitalize() + """<br>
<b>Privacy</b> : """ + certificate['privacy'].capitalize(
) + """ credential<br>
<b>Issuer name</b> : """ + certificate['credentialSubject'].get(
'companyName', 'None').capitalize() + """ <br>
<b>Issuer DID</b> : """ + certificate['issuer'] + """<br>
<b>Issuance Date</b> : """ + certificate['proof']['created'] + """<br>"""
except:
cert_html = """<hr>
<b>#</b> : """ + str(counter) + "<br>"
cert_html += """<b></b><a href= """ + mode.server + """certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[
'workspace_contract'][2:] + """:document:""" + str(
certificate['doc_id']
) + """>Display Credential</a><br>
<p>
<a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[
'id'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
<a class="text-secondary" href=/data/?dataId=""" + certificate['id'] + """:certificate>
<i data-toggle="tooltip" class="fa fa-search-plus" title="Credential data">   </i>
</a>
<a class="text-secondary" onclick="copyToClipboard('#p""" + str(
counter
) + """')">
<i data-toggle="tooltip" class="fa fa-clipboard" title="Copy Credential Link">   </i>
</a>
<a class="text-secondary" href=/user/swap_privacy/?certificate_id=""" + certificate[
'id'] + """&privacy=""" + certificate['privacy'] + """>
<i data-toggle="tooltip" title="Change privacy" class="fas fa-redo" >   </i>
</a>
</p>
<p hidden id="p""" + str(
counter
) + """" >""" + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[
'workspace_contract'][
2:] + """:document:""" + str(
certificate['doc_id']) + """</p>"""
my_certificates += cert_html
return render_template('person_identity.html',
**session['menu'],
display_alias=display_alias,
personal=my_personal,
experience=my_experience,
education=my_education,
skills=my_skills,
certificates=my_certificates,
access=my_access,
partner=my_partner,
issuer=my_issuer,
digitalvault=my_file,
nb_certificates=len(session['all_certificate']))
# specific to company
if session['type'] == 'company':
# init employee table
employee = company.Employee(session['host'], mode)
# Admin list and add admin
my_admin_start = """<a href="/company/add_employee/?role_to_add=admin">Add an Admin</a><hr> """
my_admins = ""
admin_list = employee.get_list('admin', 'all')
for admin in admin_list:
admin_html = """
<span>""" + admin['username'] + """ => """ + admin['identity_name'] + """
<a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + admin[
'username'] + """">
<i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i>
</a>
</span>"""
my_admins += admin_html + """<br>"""
my_admins = my_admin_start + my_admins
# Issuer list and add issuer within a company
my_managers_start = """<a href="/company/add_employee/?role_to_add=issuer">Add an Issuer</a><hr> """
my_managers = ""
manager_list = employee.get_list('issuer', 'all')
for manager in manager_list:
manager_html = """
<span>""" + manager['username'] + """ => """ + manager[
'identity_name'] + """
<a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + manager[
'username'] + """">
<i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i>
</a>
</span>"""
my_managers += manager_html + """<br>"""
my_managers = my_managers_start + my_managers
# Reviewer list and add reviewers
my_reviewers_start = """<a href="/company/add_employee/?role_to_add=reviewer">Add a Reviewer</a><hr> """
my_reviewers = ""
reviewer_list = employee.get_list('reviewer', 'all')
for reviewer in reviewer_list:
reviewer_html = """
<span>""" + reviewer['username'] + """ => """ + reviewer[
'identity_name'] + """
<a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + reviewer[
'username'] + """">
<i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i>
</a>
</span>"""
my_reviewers += reviewer_html + """<br>"""
my_reviewers = my_reviewers_start + my_reviewers
# Company campaigns
if session['role'] not in ['issuer', 'reviewer']:
my_campaign = """<a href="/company/add_campaign/">Add a Campaign</a><hr> """
else:
my_campaign = ""
campaign = company.Campaign(session['host'], mode)
campaign_list = campaign.get_list()
if campaign_list:
for camp in campaign_list:
try:
description = json.loads(
camp['description'])['description']
except:
description = camp.get('description', 'unkown')
campaign_html = camp.get(
'campaign_name', 'unknown') + """ : """ + description[:100]
remove_option = """...
<a class="text-secondary" href="/company/remove_campaign/?campaign_name=""" + camp.get(
'campaign_name', 'unkown') + """">
<i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i>
</a>"""
if session['role'] not in ['issuer', 'reviewer']:
campaign_html += remove_option
my_campaign += campaign_html + "<hr>"
# company settings
if session['role'] in ['creator', 'admin']:
my_personal = """<a href="/user/picture/">Change Logo</a><br>
<a href="/user/signature/">Change Signature</a><br>"""
else:
my_personal = ""
for topicname in COMPANY_TOPIC:
if session['personal'][topicname]['claim_value']:
topicname_value = session['personal'][topicname]['claim_value']
topicname_privacy = ' (' + session['personal'][topicname][
'privacy'] + ')'
my_personal = my_personal + """
<span><b>""" + topicname + """</b> : """ + topicname_value + topicname_privacy + """
</span><br>"""
if session['role'] in ['creator', 'admin']:
my_personal = my_personal + """<a href="/user/update_company_settings/">Update Company Data</a>"""
# credentials
if not session['all_certificate']:
my_certificates = """<a class="text-info">No Credentials available</a>"""
else:
my_certificates = """<div style="height:300px;overflow:auto;overflow-x: hidden;">"""
for counter, certificate in enumerate(session['all_certificate'],
1):
if '@context' in certificate:
if certificate['credentialSubject'][
'credentialCategory'] == "reference":
cert_html = """<hr>
<b>Issuer Name</b> : """ + certificate['credentialSubject'][
'companyName'] + """<br>
<b>Certificate Type</b> : """ + certificate['credentialSubject'][
'credentialCategory'].capitalize() + """<br>
<b>Title</b> : """ + certificate['credentialSubject']['offers'][
'title'] + """<br>
<b>Description</b> : """ + certificate['credentialSubject']['offers'][
'description'] + """<br>
<b></b><a href= """ + mode.server + """certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[
'workspace_contract'][
2:] + """:document:""" + str(
certificate['doc_id']
) + """>Display Certificate</a><br>
<p>
<a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[
'id'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
<a class="text-secondary" href=/data/?dataId=""" + certificate[
'id'] + """:certificate>
<i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check">   </i>
</a>
<a class="text-secondary" onclick="copyToClipboard('#p""" + str(
counter) + """')">
<i data-toggle="tooltip" class="fa fa-clipboard" title="Copy Certificate Link"></i>
</a>
</p>
<p hidden id="p""" + str(counter
) + """" >""" + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[
'workspace_contract'][
2:] + """:document:""" + str(
certificate['doc_id']
) + """</p>"""
else:
cert_html = """<a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[
'id'] + """">
<i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i>
</a>
<a class="text-secondary" href=/data/?dataId=""" + certificate[
'id'] + """:certificate>
<i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check">   </i>
</a>"""
logging.warning('incorrect certificate type')
my_certificates = my_certificates + cert_html
my_certificates = my_certificates + """</div>"""
return render_template('company_identity.html',
**session['menu'],
admin=my_admins,
manager=my_managers,
reviewer=my_reviewers,
personal=my_personal,
skills=my_skills,
issuer=my_issuer,
certificates=my_certificates,
company_campaign=my_campaign,
digitalvault=my_file)
def user_advanced(mode):
check_login()
# account
my_account = ""
if session['username'] == 'talao':
relay_eth = mode.w3.eth.getBalance(
mode.relay_address) / 1000000000000000000
talaogen_eth = mode.w3.eth.getBalance(
mode.Talaogen_public_key) / 1000000000000000000
my_account = my_account + """<br><br>
<b>Relay ETH</b> : """ + str(relay_eth) + """<br>
<b>Talao Gen ETH</b> : """ + str(talaogen_eth) + """<br>"""
# API
credentials = ns.get_credentials(session['username'], mode)
if not credentials:
my_api = """<a class="text-info">Contact [email protected] to get your API credentials.</a>"""
else:
my_api = """ <div style="height:200px;overflow:auto;overflow-x: hidden;">"""
for cred in credentials:
my_api = my_api + """
<b>client_id</b> : """ + cred['client_id'] + """<br>
<b>client_secret</b> : """ + cred['client_secret'] + """<br>
<b>client_uri</b> : """ + cred['client_uri'] + """<br>
<b>redirect_uri</b> : """ + cred['redirect_uris'][0] + """<br>
<b>scope</b> : """ + cred['scope'] + """<br>
<b>grant_types</b> : """ + " ".join(cred['grant_types']) + """<br><hr> """
my_api = my_api + """</div>"""
# Alias
if session['username'] != ns.get_username_from_resolver(
session['workspace_contract'], mode):
my_access = ""
else:
my_access = ""
access_list = ns.get_alias_list(session['workspace_contract'], mode)
for access in access_list:
if access['username'] == session['username']:
access_html = """
<span>""" + session['username'] + """ (logged)
</span>"""
else:
access_html = """
<span>""" + access['username'] + """ : """ + access['email'] + """
<a class="text-secondary" href="/user/remove_access/?username_to_remove=""" + access[
'username'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove"> </i>
</a>
</span>"""
my_access = my_access + access_html + """<br>"""
# DID and DID document
DID = DID_Document = "No DID available"
DID = ns.get_did(session['workspace_contract'], mode)
if not DID:
logging.warning('No DID available in local database')
if DID.split(':')[1] == 'tz':
# did:tz has no driver for Universal resolver
DID_Document = json.dumps(json.loads(didkit.resolveDID(DID, '{}')),
indent=4)
else:
resolver = 'https://resolver.identity.foundation/'
#resolver = 'https://dev.uniresolver.io/1.0/identifiers/'
r = requests.get(resolver + DID)
if r.status_code == 200:
DID_Document = json.dumps(r.json(), indent=4)
else:
logging.warning(
'DID Document resolution has been rejected by Universal Resolver.'
)
# Repository data
role = session['role'] if session.get("role") else 'None'
referent = session['referent'] if session.get('referent') else 'None'
my_advanced = """
<b>Repository smart contract</b> : """ + session[
'workspace_contract'] + """<br>
<b>Repository controller</b> : """ + session['address'] + """<br>
<b>DID</b> : """ + DID + """<br>
<b>All DID attached</b> : """ + "<br>".join(
ns.get_did_list(session['workspace_contract'], mode)) + """<br>
<hr>
<b>Role</b> : """ + role + """<br>
<b>Referent</b> : """ + referent + """<br>"""
my_advanced = my_advanced + my_account
# Partners
if session['partner'] == []:
my_partner = """<a class="text-info">No Partners available</a>"""
else:
my_partner = ""
for partner in session['partner']:
partner_username = partner['username']
if partner['authorized'] == 'Pending':
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[
'authorized'] + """ - """ + partner['status'] + """ )
<a class="text-secondary" href="/user/reject_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-thumbs-o-down" title="Reject this Partnership.">   </i>
</a>
<a class="text-secondary" href="/user/authorize_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-thumbs-o-up" title="Authorize this Parnership."></i>
</a>
</spn>"""
elif partner['authorized'] == 'Removed':
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[
'authorized'] + """ - """ + partner['status'] + """ )
</spn>"""
else:
partner_html = """
<span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[
'authorized'] + """ - """ + partner['status'] + """ )
<a class="text-secondary" href="/user/remove_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[
'workspace_contract'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove this Partnership.">   </i>
</spn>"""
my_partner = my_partner + partner_html + """<br>"""
# Issuer for document, they have an ERC725 key 20002
if session['issuer'] == []:
my_issuer = """ <a class="text-info">No Referents available</a>"""
else:
my_issuer = ""
for one_issuer in session['issuer']:
issuer_username = ns.get_username_from_resolver(
one_issuer['workspace_contract'], mode)
issuer_username = '******' if not issuer_username else issuer_username
issuer_html = """
<span>""" + issuer_username + """
<a class="text-secondary" href="/user/remove_issuer/?issuer_username=""" + issuer_username + """&issuer_address=""" + one_issuer[
'address'] + """">
<i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i>
</a>
<a class="text-secondary" href="/user/issuer_explore/?issuer_username=""" + issuer_username + """">
<i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check"></i>
</a>
</span>"""
my_issuer = my_issuer + issuer_html + """<br>"""
return render_template('advanced.html',
**session['menu'],
access=my_access,
private_key_value=helpers.ethereum_to_jwk256k(
session['private_key_value']),
partner=my_partner,
issuer=my_issuer,
did_doc=DID_Document,
did=DID,
api=my_api,
advanced=my_advanced)
def generate_X509(workspace_contract, password, mode):
did = helpers.ethereum_pvk_to_DID(session['private_key_value'],
session['method'])
talao_issuer = x509.Name([
x509.NameAttribute(NameOID.COUNTRY_NAME, "FR"),
x509.NameAttribute(NameOID.LOCALITY_NAME, "Paris"),
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Talao"),
x509.NameAttribute(NameOID.DOMAIN_COMPONENT, "talao.io"),
#x509.NameAttribute(NameOID.POSTAL_ADDRESS, "16 rue de wattignies, 75012 Paris"),
x509.NameAttribute(NameOID.COMMON_NAME, "talao"),
x509.NameAttribute(NameOID.USER_ID, did),
])
# upload the Talao private rsa key
talao_rsa_private_key = privatekey.get_key(mode.owner_talao, 'rsa_key',
mode)
if type(talao_rsa_private_key) == bytes:
talao_rsa_key = serialization.load_pem_private_key(
talao_rsa_private_key,
password=None,
)
else:
talao_rsa_key = serialization.load_pem_private_key(
bytes(talao_rsa_private_key, 'utf-8'),
password=None,
)
# get identity data
address = contractsToOwners(workspace_contract, mode)
rsa_privatekey = privatekey.get_key(address, 'rsa_key', mode)
if type(rsa_privatekey) == bytes:
subject_key = serialization.load_pem_private_key(
rsa_privatekey,
password=None,
)
else:
subject_key = serialization.load_pem_private_key(
bytes(rsa_privatekey, 'utf-8'),
password=None,
)
#profil = read_profil(workspace_contract, mode, 'full')[0]
#name = profil['firstname'] + ' ' + profil['lastname']
username = ns.get_username_from_resolver(workspace_contract, mode)
email = ns.get_data_from_username(username, mode)['email']
subject = x509.Name([
#x509.NameAttribute(NameOID.COUNTRY_NAME, "FR"),
#x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, ""),
#x509.NameAttribute(NameOID.LOCALITY_NAME, "Paris"),
#x509.NameAttribute(NameOID.ORGANIZATION_NAME, ""),
x509.NameAttribute(NameOID.COMMON_NAME, session['name']),
x509.NameAttribute(NameOID.EMAIL_ADDRESS, email),
x509.NameAttribute(NameOID.USER_ID, did),
])
cert = x509.CertificateBuilder()
cert = cert.subject_name(subject)
# talao as CA
cert = cert.issuer_name(talao_issuer)
cert = cert.public_key(subject_key.public_key())
cert = cert.serial_number(x509.random_serial_number())
cert = cert.not_valid_before(datetime.datetime.utcnow() -
datetime.timedelta(days=1))
cert = cert.not_valid_after(datetime.datetime.utcnow() +
datetime.timedelta(days=3650))
cert = cert.add_extension(x509.BasicConstraints(ca=False,
path_length=None),
critical=True)
cert = cert.add_extension(x509.ExtendedKeyUsage([
x509.oid.ExtendedKeyUsageOID.EMAIL_PROTECTION,
x509.oid.ExtendedKeyUsageOID.CODE_SIGNING,
x509.oid.ExtendedKeyUsageOID.TIME_STAMPING
]),
critical=True)
#cert=cert.add_extension(x509.SubjectAlternativeName([x509.RFC822Name(email), x509.OtherName(NameOID.COMMON_NAME, bytes(did, 'utf-8'))]),critical=True,)
#cert=cert.add_extension(x509.SubjectAlternativeName([x509.OtherName(NameOID.COMMON_NAME, bytes(did, 'utf-8'))]),critical=True,)
cert = cert.add_extension(x509.KeyUsage(digital_signature=True,
key_encipherment=True,
data_encipherment=True,
key_agreement=True,
content_commitment=False,
key_cert_sign=False,
crl_sign=False,
encipher_only=False,
decipher_only=False),
critical=True)
cert = cert.sign(talao_rsa_key, hashes.SHA256())
# Write our certificate out to disk.
filename = mode.uploads_path + workspace_contract + ".pem"
with open(filename, "wb") as f:
f.write(cert.public_bytes(serialization.Encoding.PEM))
certificate = pkcs12.serialize_key_and_certificates(
bytes(did, 'utf-8'), subject_key, cert, None,
serialization.BestAvailableEncryption(bytes(password, 'utf-8')))
filename = mode.uploads_path + workspace_contract + ".p12"
with open(filename, "wb") as f:
f.write(certificate)
return True