def PATCH(self, user_type=None, user_data=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=True):
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
else:
session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value].token
osUser = OSUser(session=session)
userResult = []
if user_type is not None and user_data is not None:
if hasattr(cherrypy.request, "json"):
userUpdate = User().parseJSON(
data=cherrypy.request.json)
userUpdate.to_dict()
if "id" in user_type:
user = osUser.find(id=user_data)
if user is not None:
userObj = User().parseObject(user)
userResult.append(User().parseObject(
osUser.update(
userObj.id,
**userUpdate.to_dict())).to_dict())
elif "name" in user_type:
for user in osUser.find(name=user_data):
userObj = User().parseObject(user)
userResult.append(User().parseObject(
osUser.update(
userObj.id,
**userUpdate.to_dict())).to_dict())
else:
raise Exception("Not JSON data!")
else:
raise Exception(
"Not allowed on: /user! Specify id or name")
data = dict(current="User manager", result=userResult)
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="User manager", error=str(error))
finally:
MySQL.mysqlConn.close()
MySQL.mysqlConn.commit()
return data
def DELETE(self, user_type=None, user_data=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=True):
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
else:
session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value].token
osUser = OSUser(session=session)
if user_type is not None and user_data is not None:
user_obj = None
if "id" in user_type:
user = osUser.find(id=user_data)
if user is not None:
user_obj = User().parseObject(user)
elif "name" in user_type:
for user in osUser.find(name=user_data):
user_obj = User().parseObject(user)
if user_obj is not None:
# Remove user
osUser.delete(user_obj.id)
else:
raise Exception("No user found!")
else:
raise Exception(
"User /user/id or /user/name to specify id or name")
data = dict(current="User manager", response="OK")
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="User manager", error=str(error))
finally:
return data
def GET(self, reserv_type=None, reserv_id=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=False):
data = dict(current="Reservation manager",
user_status="not authorized",
require_moderator=False)
else:
reservArray = []
session = self.adminKSAuth
user_session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value]
# List specific
if reserv_type is not None and reserv_id is not None:
if reserv_type == "id":
# Get reservation
reservations = MySQL.mysqlConn.select_reservation(
id=reserv_id)
# Check if reservation is connected with user
if reservations is not None and len(reservations) > 0:
for reserv in reservations:
reservation = Reservation().parseDict(reserv)
# Reservation id belong to one user
if reservation.team_id is None and reservation.user_id is not None:
osUser = OSUser(session=session.token)
user = osUser.find(id=user_session.userid)
if user is not None:
user = User().parseObject(user)
if reservation.user_id == user.id:
reservArray.append(
reservation.to_dict())
else:
raise Exception(
"Not authorized to get this reservation"
)
# Reservation belong to team
elif reservation.team_id is not None:
managerTeam = ManagerTeam(
self.keystoneAuthList,
self.adminKSAuth)
teams = managerTeam.getTeam(
session=session,
userid=user_session.userid,
id=reservation.team_id,
admin=True)
if teams is not None and len(teams) > 0:
for team in teams:
usersid = []
if len(team["users"]) == 0:
raise Exception(
"No user in team")
for user in team["users"]:
user = User().parseDict(user)
usersid.append(user.id)
if user_session.userid in usersid:
reservArray.append(
reservation.to_dict())
else:
raise Exception(
"Not authorized to get this reservation"
)
else:
raise Exception(
"Unable to find resrvation with this id")
else:
raise Exception("Malformed request")
# List all
elif reserv_type is None:
if ManagerTool.isAdminOrMod(cherrypy.request.cookie,
self.keystoneAuthList):
reservations = MySQL.mysqlConn.select_reservation()
# Prepare data
for reserv in reservations:
reservArray.append(
Reservation().parseDict(reserv).to_dict())
else:
data = dict(current="Reservation manager",
user_status="not authorized",
require_moderator=False)
else:
raise Exception("Malformed request")
data = dict(current="Reservation manager",
response=reservArray)
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="Reservation manager", error=str(error))
finally:
MySQL.mysqlConn.close()
MySQL.mysqlConn.commit()
return data
def POST(self):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=False):
data = dict(current="Reservation manager",
user_status="not authorized",
require_moderator=False)
else:
if hasattr(cherrypy.request, "json"):
request = cherrypy.request.json
reservation = Reservation().parseJSON(data=request)
else:
raise Exception("JSON data not valid")
MySQL.mysqlConn.commit()
# Find laboratory
labs = MySQL.mysqlConn.select_lab(id=reservation.laboratory_id)
if len(labs) == 1:
lab = Laboratory().parseDict(labs[0])
else:
raise Exception(
"No lab found with this ID. Cannnot make reservation")
# Does laboratory is active?
# Get periods
lab_periods = MySQL.mysqlConn.select_period(
lab_id=reservation.laboratory_id)
# Check if periods expired?
labActive = False
for period in lab_periods:
period = Period().parseDict(period)
currentTime = datetime.datetime.now()
if period.start <= currentTime and currentTime <= period.stop:
labActive = True
break
#This laboratory is not active
if labActive is False:
raise Exception(
"Laboratory is not active during requested reservation time"
)
# Does reservation time fit in laboratory periods
reservationFit = False
for period in lab_periods:
period = Period().parseDict(period)
if period.start <= reservation.start and reservation.start + lab.duration <= period.stop:
reservationFit = True
break
# It does not fit
if reservationFit is False:
raise Exception("Reservation outside of lab period")
# Check allowance for making reservation
reservationUserAllow = False
session = self.adminKSAuth
user_session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value]
osUser = OSUser(session=session.token)
osGroup = OSGroup(session=session.token)
group = osGroup.find(name=lab.group)
if group is not None and len(group) == 1:
group = Group().parseObject(group[0])
else:
raise Exception("No group found for lab - not expected")
# If no user id or team id use user session
if reservation.team_id is None and reservation.user_id is None:
reservation.user_id = user_session.userid
# If reservation is for team
if reservation.team_id is not None:
team_reservations = MySQL.mysqlConn.select_reservation(
team=reservation.team_id, lab=lab.id)
if len(team_reservations) == 0:
managerTeam = ManagerTeam(self.keystoneAuthList,
self.adminKSAuth)
teams = managerTeam.getTeam(session=session,
userid=user_session.userid,
id=reservation.team_id,
admin=True)
for team in teams:
usersid = []
if len(team["users"]) == 0:
raise Exception("No user in team")
for user in team["users"]:
user = User().parseDict(user)
usersid.append(user.id)
groupusersid = []
groupusers = osGroup.getUsers(group_id=group.id)
if groupusers is None or len(groupusers) == 0:
groupusers = []
else:
for groupuser in groupusers:
groupusersid.append(groupuser.id)
if all(userid in groupusersid
for userid in usersid):
reservationUserAllow = True
else:
reservationUserAllow = False
else:
raise Exception(
"Team already have reseravtion for this lab")
# If reservation is for one user
elif reservation.user_id is not None:
# Use admin privilages
users_reservations = MySQL.mysqlConn.select_reservation(
user=reservation.user_id, lab=lab.id)
if len(users_reservations) == 0:
reservationUserAllow = osGroup.checkUserIn(
group_id=group.id, user_id=user_session.userid)
else:
raise Exception(
"User already have reseravtion for this lab")
else:
raise Exception("No user id or team id in request!")
if reservationUserAllow is False:
raise Exception(
"User or team not allowed to reserve this lab")
# Check if user or team have already reservation
# Is there any other reservation for this lab in that period
# From database reservation for this lab
# check limit of lab (allow multiple)
overlap_reservation = []
otherReservations = MySQL.mysqlConn.select_reservation(
lab=lab.id)
for otherReservation in otherReservations:
otherReservation = Reservation().parseDict(
otherReservation)
if (reservation.start + lab.duration >=
otherReservation.start
and reservation.start < otherReservation.start):
overlap_reservation.append(otherReservation)
if (reservation.start <=
otherReservation.start + lab.duration
and reservation.start >= otherReservation.start):
overlap_reservation.append(otherReservation)
if len(overlap_reservation) < lab.limit:
reservationAllow = True
else:
reservationAllow = False
if reservationAllow is False:
raise Exception(
"Unable to make reservation, limit for reservation overused"
)
# Create this reservation
if reservation.user_id is not None:
reservation.id = MySQL.mysqlConn.insert_reservation(
user=reservation.user_id,
start=reservation.start,
laboratory_id=reservation.laboratory_id)
elif reservation.team_id is not None:
reservation.id = MySQL.mysqlConn.insert_reservation(
team_id=reservation.team_id,
start=reservation.start,
laboratory_id=reservation.laboratory_id)
else:
# Not expected
raise Exception("No user id or team id not expected")
data = dict(current="Reservation manager",
response=reservation.to_dict())
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="Reservation manager", error=str(error))
finally:
MySQL.mysqlConn.close()
MySQL.mysqlConn.commit()
return data
def POST(self, vpath=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=True):
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
else:
session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value].token
osUser = OSUser(session=session)
osGroup = OSGroup(session=session)
if vpath is not None:
raise Exception("Not allowed on: /user/" + str(vpath))
else:
# Get defaults
defaults = ManagerTool.getDefaults()
# Parse incoming JSON
if hasattr(cherrypy.request, "json"):
request = cherrypy.request.json
user = User().parseJSON(data=request)
group = Group().parseJSON(data=request)
else:
raise Exception("No data in POST")
if user is not None:
user = osUser.create(name=user.name,
password=user.password,
project_id=defaults["project"],
mail=user.mail)
user = User().parseObject(user)
# Find lab group id
if group is not None:
if group.id is not None:
group = Group.parseObject(
osGroup.find(id=group.id))
elif group.name is not None:
findGroup = osGroup.find(name=group.name)
if findGroup is not None and len(
findGroup) == 1:
group = Group().parseObject(findGroup[0])
elif len(findGroup) > 0:
osUser.delete(user_id=user.id)
raise Exception(
"Found more than one group with given name. This is not expected"
)
else:
osUser.delete(user_id=user.id)
raise Exception(
"Group doesn't exists. This is not expected"
)
if group.id != defaults[
"group_moderator"] and group.id != defaults[
"group_student"]:
osUser.delete(user_id=user.id)
raise Exception(
"Group doesn't match any of system defaults"
)
else:
osGroup.addUser(group_id=group.id,
user_id=user.id)
result = user.to_dict()
else:
raise Exception("Invalid request")
data = dict(current="User manager", response=result)
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="User manager", error=str(error))
finally:
MySQL.mysqlConn.close()
MySQL.mysqlConn.commit()
return data
def GET(self, user_type=None, user_data=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=False):
data = dict(current="User manager",
user_status="not authorized",
require_moderator=False)
else:
session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value]
osUser = OSUser(session=session.token)
userDict = []
if user_type is not None and user_data is not None:
if "id" in user_type:
user = osUser.find(id=user_data)
if user is not None:
user = User().parseObject(user)
if not ManagerTool.isAdminOrMod(
cherrypy.request.cookie,
self.keystoneAuthList):
if user.id == session.userid:
userDict.append(user.to_dict())
else:
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
else:
userDict.append(user.to_dict())
elif "name" in user_type:
for user in osUser.find(name=user_data):
user = User().parseObject(user)
if not ManagerTool.isAdminOrMod(
cherrypy.request.cookie,
self.keystoneAuthList):
if user.id == session.userid:
userDict.append(user.to_dict())
else:
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
else:
userDict.append(user.to_dict())
data = dict(current="User manager", response=userDict)
# Get all
elif ManagerTool.isAdminOrMod(cherrypy.request.cookie,
self.keystoneAuthList):
for user in osUser.list():
userDict.append(User().parseObject(user).to_dict())
data = dict(current="User manager", response=userDict)
else:
data = dict(current="User manager",
user_status="not authorized",
require_moderator=True)
except Exception as e:
traceback_output = traceback.print_exc()
if traceback_output is None:
error = str(e)
else:
error = str(e) + ": " + str(traceback.print_exc())
print(error)
data = dict(current="User manager", error=str(error))
finally:
return data
def PUT(self,
team_type=None,
team_data=None,
user=None,
user_type=None,
user_data=None):
try:
if not ManagerTool.isAuthorized(cherrypy.request.cookie,
self.keystoneAuthList,
require_moderator=False):
data = dict(current="Team manager",
user_status="not authorized",
require_moderator=False)
else:
# Don't user session as every where. Student role have no access to keystone
# We control it with own policies:
# - _isOwner
session = self.adminKSAuth
osGroup = OSGroup(session=session.token)
osUser = OSUser(session=session.token)
user_session = self.keystoneAuthList[
cherrypy.request.cookie["ReservationService"].value]
if team_type is not None and team_data is not None:
if "id" in team_type:
team = MySQL.mysqlConn.select_team(id=team_data)
if team is not None and len(team) == 1:
team = Team().parseDict(team[0])
elif team is not None and len(team) == 0:
raise Exception("No team with id" + str() +
" found!")
else:
raise Exception(
"More than one team found with given id. This was not expected!"
)
else:
raise Exception("Not allowed without /team/id/")
if user_type is not None and user_data is not None:
if ManagerTool.isAdminOrMod(
cherrypy.request.cookie,
self.keystoneAuthList) or self._isOwner(
session=session,
userid=user_session.userid,
id=team_data):
# Remove specific user
if "id" in user_type:
user = User().parseObject(
osUser.find(id=user_data))
osGroup.addUser(group_id=team.team_id,
user_id=user.id)
data = self.getTeam(session=session,
team_id=team.team_id,
userid=user_session.userid)
elif "name" in user_type:
user = osUser.find(name=user_data)
if len(user) > 1:
raise Exception("Multiple users found")
elif len(user) == 0:
raise Exception("No user found!")
else:
user = User().parseObject(user[0])
osGroup.addUser(group_id=team.team_id,
user_id=user.id)
data = self.getTeam(session=session,
team_id=team.team_id,
userid=user_session.userid)
else:
data = dict(
current="Team manager",
response="Not owned by this user or not mod,admin")
except Exception as e:
error = str(e) + ": " + str(traceback.print_exc())
data = dict(current="Team manager", error=str(error))
finally:
MySQL.mysqlConn.close()
MySQL.mysqlConn.commit()
return data