def register_user(self, data, req_info, curs=None): env_name = data.get('environment_name') env_f = EnvironmentFilter({'name': env_name}, {}, None) env = env_f.filter_one_obj(curs) # creating user a = Authenticator() salt = a.salt() lang = data.get('lang', User.DEFAULT_LANG) u_data = {'environment_id': env.id, 'email': data.get('email'), 'password': a.encrypt_password(data.get('password'), salt), 'salt': salt, 'role': User.ROLE_USER, 'lang': lang} group_f = GroupFilter(env.id, {'is_default': True}, {}, None) groups = group_f.filter_objs(curs) groups_ids = [g.id for g in groups] u_data['groups_ids'] = groups_ids user = User(**u_data) # For correct action logging data['environment_id'] = env.id try: mapping.save(curs, user) except ObjectCreationError: raise UserAlreadyExists auth = Authenticator() session = auth.create_session(curs, env, user, req_info) _add_log_info(data, session) n = Notifier() n_process = n.register_user(curs, user, session) return response_ok(session_id=session.session_id, id=user.id, notification=n_process)
def add_user(self, data, req_info, session, curs=None): a = Authenticator() env_id = session.environment_id salt = a.salt() u_data = {'environment_id': env_id, 'email': data.get('email'), 'role': data.get('role', User.ROLE_USER), 'password': a.encrypt_password(data.get('password'), salt), 'salt': salt, 'is_active': data.get('is_active', True), 'lang': data.get('lang', User.DEFAULT_LANG) } if u_data['role'] == User.ROLE_SUPER: raise SuperUserCreationDenied groups_ids = data.get('groups_ids', []) filtered_g_ids = self._filter_existed_groups(curs, session, groups_ids) u_data['groups_ids'] = filtered_g_ids user = User(**u_data) try: mapping.save(curs, user) except ObjectCreationError: raise HelixauthObjectAlreadyExists # For correct action logging data['id'] = [user.id] n = Notifier() n_process = n.register_user(curs, user, session) return response_ok(id=user.id, notification=n_process)
def add_environment(self, data, req_info, curs=None): env_data = {'name': data.get('name')} env = Environment(**env_data) try: mapping.save(curs, env) except ObjectCreationError: raise HelixauthObjectAlreadyExists('Environment %s already exists' % env.name) # creating user a = Authenticator() salt = a.salt() u_data = {'environment_id': env.id, 'email': data.get('su_email'), 'password': a.encrypt_password(data.get('su_password'), salt), 'salt': salt, 'role': User.ROLE_SUPER, 'lang': User.DEFAULT_LANG} user = User(**u_data) mapping.save(curs, user) # creating default services and groups self._create_default_objects(req_info, curs, env) # creating session for super user auth = Authenticator() session = auth.create_session(curs, env, user, req_info) _add_log_info(data, session) return response_ok(session_id=session.session_id, environment_id=env.id, user_id=session.user_id)
def set_password_self(self, data, req_info, session, curs=None): f = UserFilter(session, {'id': session.user_id}, {}, None) d = {} a = Authenticator() salt = a.salt() d['new_salt'] = salt d['new_password'] = a.encrypt_password(data['new_password'], salt) loader = partial(f.filter_one_obj, curs, for_update=True) self.update_obj(curs, d, loader) return response_ok()
def modify_users(self, data, req_info, session, curs=None): u_ids = data['ids'] f = UserFilter(session, {'roles': [User.ROLE_SUPER]}, {}, None) su = f.filter_one_obj(curs) if su.id in u_ids: raise SuperUserModificationDenied() groups_ids = data.get('new_groups_ids', []) filtered_g_ids = self._filter_existed_groups(curs, session, groups_ids) data['new_groups_ids'] = filtered_g_ids if 'new_password' in data: a = Authenticator() salt = a.salt() data['new_password'] = a.encrypt_password(data['new_password'], salt) data['new_salt'] = salt f = UserFilter(session, {'ids': u_ids}, {}, None) loader = partial(f.filter_objs, curs, for_update=True) self.update_objs(curs, data, loader) return response_ok()
def modify_user_self(self, data, req_info, session, curs=None): f = UserFilter(session, {'id': session.user_id}, {}, None) user = f.filter_one_obj(curs) old_password = data.get('old_password') new_password = data.get('new_password') d = {} if 'new_lang' in data: d['new_lang'] = data['new_lang'] if old_password is not None: if new_password is None or len(new_password) == 0: raise UserNewPasswordNotSet("Empty new password can't be set") a = Authenticator() if user.password != a.encrypt_password(old_password, user.salt): raise UserWrongOldPassword() salt = a.salt() d['new_salt'] = salt d['new_password'] = a.encrypt_password(data['new_password'], salt) loader = partial(f.filter_one_obj, curs, for_update=True) self.update_obj(curs, d, loader) return response_ok()
def test_salt(self): a = Authenticator() for _ in xrange(1000): s = a.salt() self.assertNotEquals(None, s) self.assertNotEquals('', s)