示例#1
0
def POST(request):
    """Add a new User."""

    request.check_required_parameters(body={'user': {'email': 'string'}})

    user = User(request.params_body['user'])
    user.set_property('googleId', request.google_id)
    user.set_property('authorizations', [])

    user.check_already_exists()

    user.insert()

    return Response(200, 'Successfully created user.', user.obj)
示例#2
0
def DELETE(request):
    """Delete this Project."""

    request.check_required_parameters(path={'projectId': 'string'})

    project = Project.from_id(request.params_path['projectId'])

    project.check_exists()
    project.check_user_access(request.google_id, True)

    for topology_id in project.obj['topologyIds']:
        topology = Topology.from_id(topology_id)
        topology.delete()

    for portfolio_id in project.obj['portfolioIds']:
        portfolio = Portfolio.from_id(portfolio_id)
        portfolio.delete()

    user = User.from_google_id(request.google_id)
    user.obj['authorizations'] = list(
        filter(lambda x: x['projectId'] != project.get_id(),
               user.obj['authorizations']))
    user.update()

    old_object = project.delete()

    return Response(200, 'Successfully deleted project.', old_object)
示例#3
0
def POST(request):
    """Create a new project, and return that new project."""

    request.check_required_parameters(body={'project': {'name': 'string'}})

    topology = Topology({'name': 'Default topology', 'rooms': []})
    topology.insert()

    project = Project(request.params_body['project'])
    project.set_property('datetimeCreated',
                         Database.datetime_to_string(datetime.now()))
    project.set_property('datetimeLastEdited',
                         Database.datetime_to_string(datetime.now()))
    project.set_property('topologyIds', [topology.get_id()])
    project.set_property('portfolioIds', [])
    project.insert()

    topology.set_property('projectId', project.get_id())
    topology.update()

    user = User.from_google_id(request.google_id)
    user.obj['authorizations'].append({
        'projectId': project.get_id(),
        'authorizationLevel': 'OWN'
    })
    user.update()

    return Response(200, 'Successfully created project.', project.obj)
示例#4
0
def POST(request):
    """Add a new User."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(body={'user': {'email': 'string'}})

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User

    request.params_body['user']['googleId'] = request.google_id
    user = User.from_JSON(request.params_body['user'])

    # Make sure a User with this Google ID does not already exist

    if user.exists('google_id'):
        user = user.from_google_id(user.google_id)
        return Response(409, '{} already exists.'.format(user))

    # Make sure this User is authorized to create this User

    if not request.google_id == user.google_id:
        return Response(403, 'Forbidden from creating this User.')

    # Insert the User

    user.insert()

    # Return a JSON representation of the User

    return Response(200, 'Successfully created {}'.format(user),
                    user.to_JSON())
示例#5
0
def GET(request):
    """Get this User."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Return this User

    return Response(
        200,
        'Successfully retrieved {}'.format(user),
        user.to_JSON(),
    )
示例#6
0
def GET(request):
    """Search for a User using their email address."""

    request.check_required_parameters(query={'email': 'string'})

    user = User.from_email(request.params_query['email'])

    user.check_exists()

    return Response(200, 'Successfully retrieved user.', user.obj)
示例#7
0
def GET(request):
    """Get this User."""

    request.check_required_parameters(path={'userId': 'string'})

    user = User.from_id(request.params_path['userId'])

    user.check_exists()

    return Response(200, 'Successfully retrieved user.', user.obj)
示例#8
0
    def check_user_access(self, google_id, edit_access):
        """Raises an error if the user with given [google_id] has insufficient access.

        :param google_id: The Google ID of the user.
        :param edit_access: True when edit access should be checked, otherwise view access.
        """
        user = User.from_google_id(google_id)
        authorizations = list(filter(lambda x: str(x['projectId']) == str(self.get_id()),
                                     user.obj['authorizations']))
        if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
            raise ClientError(Response(403, "Forbidden from retrieving project."))
示例#9
0
    def google_id_has_at_least(self, google_id, authorization_level):
        """Return True if the User has at least the given auth level over this Authorization."""

        authorization = Authorization.from_primary_key(
            (
                User.from_google_id(google_id).id,
                self.simulation_id
            )
        )

        if authorization is None:
            return False

        return authorization.has_at_least(authorization_level)
示例#10
0
文件: prefab.py 项目: HongyuHe/opendc
    def check_user_access(self, google_id):
        """Raises an error if the user with given [google_id] has insufficient access to view this prefab.

        :param google_id: The Google ID of the user.
        """
        user = User.from_google_id(google_id)

        # TODO(Jacob) add special handling for OpenDC-provided prefabs

        #try:

        print(self.obj)
        if self.obj['authorId'] != user.get_id(
        ) and self.obj['visibility'] == "private":
            raise ClientError(
                Response(403, "Forbidden from retrieving prefab."))
示例#11
0
    def google_id_has_at_least(self, google_id, authorization_level):
        """Return True if the user has at least the given auth level over this Path."""

        # Get the User id

        try:
            user_id = User.from_google_id(google_id).read().id
        except exceptions.RowNotFoundError:
            return False

        # Check the Authorization

        authorization = Authorization.from_primary_key(
            (user_id, self.simulation_id))

        return authorization.has_at_least(authorization_level)
示例#12
0
def PUT(request):
    """Update this User's given name and/ or family name."""

    # Make sure the required parameters are there

    try:
        request.check_required_parameters(
            body={
                'user': {
                    'givenName': 'string',
                    'familyName': 'string'
                }
            },
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Make sure this User is allowed to edit this User

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from editing {}.'.format(user))

    # Update this User

    user.given_name = request.params_body['user']['givenName']
    user.family_name = request.params_body['user']['familyName']

    user.update()

    # Return this User

    return Response(
        200,
        'Successfully updated {}.'.format(user),
        user.to_JSON()
    )
示例#13
0
def POST(request):
    """Create a new prefab, and return that new prefab."""

    request.check_required_parameters(body={'prefab': {'name': 'string'}})

    prefab = Prefab(request.params_body['prefab'])
    prefab.set_property('datetimeCreated',
                        Database.datetime_to_string(datetime.now()))
    prefab.set_property('datetimeLastEdited',
                        Database.datetime_to_string(datetime.now()))

    user = User.from_google_id(request.google_id)
    prefab.set_property('authorId', user.get_id())

    prefab.insert()

    return Response(200, 'Successfully created prefab.', prefab.obj)
示例#14
0
def GET(request):
    """Return all prefabs the user is authorized to access"""

    user = User.from_google_id(request.google_id)

    user.check_exists()

    own_prefabs = DB.fetch_all({'authorId': user.get_id()},
                               Prefab.collection_name)
    public_prefabs = DB.fetch_all({'visibility': 'public'},
                                  Prefab.collection_name)

    authorizations = {"authorizations": []}

    authorizations["authorizations"].append(own_prefabs)
    authorizations["authorizations"].append(public_prefabs)

    return Response(200, 'Successfully fetched authorizations.',
                    authorizations)
示例#15
0
    def check_user_access(self, google_id, edit_access):
        """Raises an error if the user with given [google_id] has insufficient access.

        Checks access on the parent project.

        :param google_id: The Google ID of the user.
        :param edit_access: True when edit access should be checked, otherwise view access.
        """
        portfolio = Portfolio.from_id(self.obj['portfolioId'])
        user = User.from_google_id(google_id)
        authorizations = list(
            filter(
                lambda x: str(x['projectId']) == str(portfolio.obj[
                    'projectId']), user.obj['authorizations']))
        if len(authorizations) == 0 or (
                edit_access
                and authorizations[0]['authorizationLevel'] == 'VIEW'):
            raise ClientError(
                Response(403, 'Forbidden from retrieving/editing scenario.'))
示例#16
0
def DELETE(request):
    """Delete this User."""

    request.check_required_parameters(path={'userId': 'string'})

    user = User.from_id(request.params_path['userId'])

    user.check_exists()
    user.check_correct_user(request.google_id)

    for authorization in user.obj['authorizations']:
        if authorization['authorizationLevel'] != 'OWN':
            continue

        project = Project.from_id(authorization['projectId'])
        project.delete()

    old_object = user.delete()

    return Response(200, 'Successfully deleted user.', old_object)
示例#17
0
def PUT(request):
    """Update this User's given name and/or family name."""

    request.check_required_parameters(
        body={'user': {
            'givenName': 'string',
            'familyName': 'string'
        }},
        path={'userId': 'string'})

    user = User.from_id(request.params_path['userId'])

    user.check_exists()
    user.check_correct_user(request.google_id)

    user.set_property('givenName', request.params_body['user']['givenName'])
    user.set_property('familyName', request.params_body['user']['familyName'])

    user.update()

    return Response(200, 'Successfully updated user.', user.obj)
示例#18
0
def DELETE(request):
    """Delete this user."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found'.format(user))

    # Make sure this User is allowed to delete this User

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from deleting {}.'.format(user))

    # Delete this User

    user.delete()

    # Return this User

    return Response(
        200,
        'Successfully deleted {}'.format(user),
        user.to_JSON()
    )
示例#19
0
文件: main.py 项目: mkipcak/opendc
def sign_in():
    """Authenticate a user with Google sign in"""

    try:
        token = request.form['idtoken']
    except KeyError:
        return 'No idtoken provided', 401

    try:
        idinfo = client.verify_id_token(token,
                                        os.environ['OPENDC_OAUTH_CLIENT_ID'])

        if idinfo['aud'] != os.environ['OPENDC_OAUTH_CLIENT_ID']:
            raise crypt.AppIdentityError('Unrecognized client.')

        if idinfo['iss'] not in [
                'accounts.google.com', 'https://accounts.google.com'
        ]:
            raise crypt.AppIdentityError('Wrong issuer.')
    except ValueError:
        url = "https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={}".format(
            token)
        req = urllib.request.Request(url)
        response = urllib.request.urlopen(url=req, timeout=30)
        res = response.read()
        idinfo = json.loads(res)
    except crypt.AppIdentityError as e:
        return 'Did not successfully authenticate'

    user = User.from_google_id(idinfo['sub'])

    data = {'isNewUser': user.obj is None}

    if user.obj is not None:
        data['userId'] = user.get_id()

    return jsonify(**data)
示例#20
0
def GET(request):
    """Search for a User using their email address."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(query={'email': 'string'})

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate and read a User from the database

    user = User.from_email(request.params_query['email'])

    # Make sure this User exists in the database

    if not user.exists():
        return Response(404, '{} not found'.format(user))

    # Return this User

    return Response(200, 'Successfully retrieved {}.'.format(user),
                    user.to_JSON())
示例#21
0
def GET(request):
    """Get this User's Authorizations."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int'
            }
        )

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a User and make sure they exist

    user = User.from_primary_key((request.params_path['userId'],))

    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    # Make sure this requester is allowed to retrieve this User's Authorizations

    if not user.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403, 'Forbidden from retrieving Authorizations for {}.'.format(user))

    # Return this User's Authorizations

    authorizations = Authorization.query('user_id', request.params_path['userId'])

    return Response(
        200,
        'Successfully retrieved Authorizations for {}.'.format(user),
        [x.to_JSON() for x in authorizations]
    )
示例#22
0
        if idinfo['iss'] not in [
                'accounts.google.com', 'https://accounts.google.com'
        ]:
            raise crypt.AppIdentityError('Wrong issuer.')
    except ValueError:
        url = "https://www.googleapis.com/oauth2/v3/tokeninfo?id_token={}".format(
            token)
        req = urllib2.Request(url)
        response = urllib2.urlopen(url=req, timeout=30)
        res = response.read()
        idinfo = json.loads(res)
    except crypt.AppIdentityError, e:
        return 'Did not successfully authenticate'

    user = User.from_google_id(idinfo['sub'])

    data = {'isNewUser': not user.exists()}

    if user.exists():
        data['userId'] = user.id

    return jsonify(**data)


@FLASK_CORE_APP.route('/api/<string:version>/<path:endpoint_path>',
                      methods=['GET', 'POST', 'PUT', 'DELETE'])
def api_call(version, endpoint_path):
    """Call an API endpoint directly over HTTP"""

    # Get path and parameters
示例#23
0
文件: endpoint.py 项目: kl1de/kl1de
def POST(request):
    """Add an authorization for a user's access to a simulation."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            path={
                'userId': 'int',
                'simulationId': 'int'
            },
            body={'authorization': {
                'authorizationLevel': 'string'
            }})

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate an Authorization

    authorization = Authorization.from_JSON({
        'userId':
        request.params_path['userId'],
        'simulationId':
        request.params_path['simulationId'],
        'authorizationLevel':
        request.params_body['authorization']['authorizationLevel']
    })

    # Make sure the Simulation and User exist

    user = User.from_primary_key((authorization.user_id, ))
    if not user.exists():
        return Response(404, '{} not found.'.format(user))

    simulation = Simulation.from_primary_key((authorization.simulation_id, ))
    if not simulation.exists():
        return Response(404, '{} not found.'.format(simulation))

    # Make sure this User is allowed to add this Authorization

    if not simulation.google_id_has_at_least(request.google_id, 'OWN'):
        return Response(403,
                        'Forbidden from creating {}.'.format(authorization))

    # Make sure this Authorization does not already exist

    if authorization.exists():
        return Response(409, '{} already exists.'.format(authorization))

    # Try to insert this Authorization into the database

    try:
        authorization.insert()

    except exceptions.ForeignKeyError:
        return Response(400, 'Invalid authorizationLevel')

    # Return this Authorization

    return Response(200, 'Successfully added {}'.format(authorization),
                    authorization.to_JSON())
示例#24
0
def POST(request):
    """Create a new simulation, and return that new simulation."""

    # Make sure required parameters are there

    try:
        request.check_required_parameters(
            body={'simulation': {
                'name': 'string'
            }})

    except exceptions.ParameterError as e:
        return Response(400, e.message)

    # Instantiate a Simulation

    simulation_data = request.params_body['simulation']

    simulation_data['datetimeCreated'] = database.datetime_to_string(
        datetime.now())
    simulation_data['datetimeLastEdited'] = database.datetime_to_string(
        datetime.now())

    simulation = Simulation.from_JSON(simulation_data)

    # Insert this Simulation into the database

    simulation.insert()

    # Instantiate an Authorization and insert it into the database

    authorization = Authorization(user_id=User.from_google_id(
        request.google_id).id,
                                  simulation_id=simulation.id,
                                  authorization_level='OWN')

    authorization.insert()

    # Instantiate a Path and insert it into the database

    path = Path(simulation_id=simulation.id,
                datetime_created=database.datetime_to_string(datetime.now()))

    path.insert()

    # Instantiate a Datacenter and insert it into the database

    datacenter = Datacenter(starred=0, simulation_id=simulation.id)

    datacenter.insert()

    # Instantiate a Section and insert it into the database

    section = Section(path_id=path.id,
                      datacenter_id=datacenter.id,
                      start_tick=0)

    section.insert()

    # Return this Simulation

    return Response(200, 'Successfully created {}.'.format(simulation),
                    simulation.to_JSON())