def revokeRoleFromUser(self, params):
user_name = params[0] # TODO get user by id instead of name
role_id = params[1]
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.grant_revoke'):
role = Role.get_role(role_id)
User.get_user_by_name(user_name).revoke_role(role)
def createUser(self,params):
username = unicode(params[0])
password = unicode(params[1])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.create'):
User.create_user(username,password)
return True
def get_session(cls,cookies):
"""
returns the session if it's not expired or nonexistant
"""
cookie = SimpleCookie(cookies)
session_id = cookie['session_id'].value
db = Database()
stmnt = "SELECT SES_USR_ID, SES_EXPIRES FROM SESSIONS WHERE SES_ID = ? ;"
cur = db.query(stmnt,(session_id,))
row = cur.fetchonemap()
session=None
if row is not None:
user = User.get_user_by_id(row["SES_USR_ID"])
session = Session(user)
session._id = session_id
expiration = row["SES_EXPIRES"]
if expiration < datetime.now():
raise SessionException(SessionException.get_msg(0))
session._expiration = row["SES_EXPIRES"]
else:
raise SessionException(SessionException.get_msg(2))
return session
def deleteUser(self, params):
user_id = int(params[0])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.delete'):
user = User.get_user_by_id(user_id)
user.delete()
def revokeRightFromUser(self,params):
user_id = int(params[0])
permission_name = str(params[1])
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.grant_revoke'):
user = User.get_user_by_id(user_id)
user.revoke_permission(permission_name)
return True
def create_permissions_for_module(cls,module):
"""
creates the permissions of a newly installed module
"""
rootuser = User.get_root_user()
module_name = module.get_name()
permissions = module.get_permissions()
for permission in permissions:
new_permission = cls.create_permission(permission,module_name)
rootuser.grant_permission(new_permission,ignore_check=True)
def authenticateUser(self,params):
username = unicode(params[0])
password = unicode(params[1])
try:
user = User.get_user_by_name(username)
except UserException , e:
session = Session.get_current_session()
if session is not None:
session.delete()
return False
def alterPassword(self, params):
user_id = int(params[0])
new_password = unicode(params[1])
old_password = unicode(params[2])
session_user = Session.get_current_session_user()
if user_id == session_user.get_id():
session_user.alter_password(new_password,old_password)
else:
if session_user.check_permission("skarphed.users.alter_password"):
user = User.get_user_by_id(user_id)
user.alter_password(new_password,"",True)
return True
def update_permissions_for_module(cls,module):
"""
updates the permissions of a module
"""
rootuser = User.get_root_user()
module_name = module.get_name()
permissions = module.get_permissions()
current = [s.replace(module_name+".","",1) for s in cls.get_permissions_for_module(module)]
for permission in permissions:
if permission not in current:
new_permission = cls.create_permission(permission, module_name)
rootuser.grant_permission(new_permission,ignore_check=True)
for permission in current:
if permission not in permissions:
cls.remove_permission(permission, module_name)
def get_user(self):
"""
returns this session's user
"""
return User.get_user_by_id(self._user)
def getRolesForUserPage(self, params):
user_name = params[0] # TODO get user by id instead of name
user = User.get_user_by_name(user_name)
return user.get_grantable_roles()
def getRightsForUserPage(self,params):
user_id = int(params[0])
user = User.get_user_by_id(user_id)
return user.get_grantable_permissions()
def getUsers(self,params):
session_user = Session.get_current_session_user()
if session_user.check_permission('skarphed.users.view'):
users = User.get_users_for_admin_interface()
return users
return False
