def test_get_close_db(app): with app.app_context(): db = get_db() assert db is get_db() with pytest.raises(sqlite3.ProgrammingError) as e: db.execute('SELECT 1') assert 'closed' in str(e.value)
def execute_SecureX_Workflow(): """ Back-End functionality for the SecureX WebHook. NOTE: This WebHook currently only supports Applying policy to Endpoints. To clear policy via SecureX, an additional function (similar to this) will need to be created. :return: """ print('Request received! Authenticating...') if request.authorization["username"] is None or request.authorization["password"] is None: # Application requires user to be logged in return Response(status=401) else: activeUser = get_db().execute( 'SELECT * FROM user WHERE username = ?', (request.authorization["username"],) ).fetchone() if activeUser is None: error = 'Username/Password not found!' return Response(status=401) elif not check_password_hash(activeUser['password'], request.authorization["password"]): error = 'Incorrect password.' return Response(status=401) print('Received SecureX Workflow Correctly Authenticated!') print('Taking Action...') print('--------------------------') payload = request.get_json() db = get_db() # If valid request format if "policyName" in payload and "ipAddress" in payload: requestSession = {} # Establish needed ISE connections requestSession['config'] = DEFAULT_PXGRID_CONFIG requestSession['pxgrid_Account_Status'] = pxgrid_account_activate(requestSession['config']) pxgrid_Services_Full = pxgrid_service_lookup(requestSession['config'], PXGRID_ANC_SERVICE_NAME) requestSession['iseNodeName'] = pxgrid_Services_Full['services'][0]['nodeName'] requestSession['iseNodeProperties'] = pxgrid_Services_Full['services'][0]['properties'] if requestSession['config']['secret'] == '': secret_Response = pxgrid_access_secret(requestSession['config'], requestSession['iseNodeName']) requestSession['config']['secret'] = secret_Response['secret'] # Apply the policy pxgrid_anc_apply_policy_to_Ip(requestSession['config'], payload['ipAddress'], payload['policyName']) # Log action in task log now = datetime.now() timestamp = now.strftime("%m/%d/%Y, %H:%M:%S") description = "Applying {} to the endpoint {}".format(payload['policyName'], payload['ipAddress']) db.execute( 'INSERT INTO tasklog (ts, type, description) VALUES (?, ?, ?)', (timestamp, "APPLY", description) ) db.commit() return Response(status=200) else: # Unprocessable print('Invalid payload received.') return Response(status=422)
def refresh_login_credentials(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] if not username: return jsonify({"Error": "Empty username field"}), 401 db = get_db() error = None user = db.execute('SELECT * FROM Login WHERE user_name = ?', (username, )).fetchone() if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' if error is None: ret = { "access_token": create_access_token(identity=user['login_id'], fresh=True), } return jsonify(ret), 200 else: return jsonify({"Error": error, "authenticated": False}), 401
def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif db.execute('SELECT login_id FROM Login WHERE user_name = ?', (username, )).fetchone() is not None: error = 'User {} is already registered.'.format(username) if error is None: db.execute('INSERT INTO Login (user_name, password) VALUES (?, ?)', (username, generate_password_hash(password))) db.commit() ret = { "access_token": create_access_token(identity=username, fresh=True), "refresh_token": create_refresh_token(identity=username) } ### SUCCESS ### return jsonify(ret), 200 else: return jsonify({"Error": error}) return
def insert_conf_to_db(filename): db = get_db() user = get_jwt_identity() exists = db.execute( "SELECT config_id, config_path FROM ConfigFile WHERE config_path=?", [filename]).fetchone() if exists is not None: return jsonify({ **dict(exists), **{ "Error": "Config file already exists in database", "filename": filename } }) else: db.execute("INSERT INTO ConfigFile (config_path) VALUES (?)", [filename]) config_row = dict( db.execute("SELECT * FROM ConfigFile WHERE config_path=?", [filename]).fetchone()) db.execute("INSERT OR IGNORE INTO Creates VALUES (?,?)", [user, config_row['config_id']]) db.commit() return jsonify(config_row)
def search_by_config_path(config_path): db = get_db() db_res = db.execute("SELECT * FROM ConfigFile WHERE config_path=(?)", [config_path]).fetchone() return jsonify(dict(db_res))
def search_by_config_id(config_id): db = get_db() db_res = db.execute("SELECT * FROM ConfigFile WHERE config_id=?", config_id).fetchone() return jsonify(dict(db_res))
def display(id_game): db = get_db() game = db.execute("SELECT * FROM game WHERE id = ?", (id_game, )).fetchone() if game is not None: try: cards = json.loads(game["cards"]) pictures = json.loads(game["pictures"]) sizes = json.loads(game["sizes"]) except json.decoder.JSONDecodeError: return flask.redirect(flask.url_for("homepage")) nb_sym_per_card = len(cards[0]) pictures = add_id_to_picture(pictures) max_width = get_max_width_cards(nb_sym_per_card) positions, sizes = get_positions(cards, nb_sym_per_card, max_width, sizes) return flask.render_template( "display.html", cards=cards, pictures=pictures, positions=positions, radius=RADIUS, position_radius=POSITION_IMAGE_RADIUS, max_width=max_width, sizes=sizes, ) else: return flask.redirect(flask.url_for("homepage"))
def games_search_with_earnings(): conn = db.get_db() cursor = conn.cursor() params = dict(request.args) earnings = models.Earnings.search(params, cursor) earnings_dicts = [earning.to_json(cursor) for earning in earnings] return json.dumps(earnings_dicts, default=str)
def games_all(): conn = db.get_db() cursor = conn.cursor() games = db.find_all(models.Game, cursor) game_dicts = [game.__dict__ for game in games] return json.dumps(game_dicts, default=str)
def login(): """ User Login. """ if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('index')) flash(error) return render_template('auth/login.html')
def load_logged_in_user(): user_id = session.get("user_id") if user_id is None: g.user = None else: g.user = get_db().execute("SELECT * FROM user WHERE id = ?", (user_id, )).fetchone()
def login(): if request.method == "POST": username = request.form["username"] password = request.form["password"] db = get_db() error = None if not username: error = "Username is required." elif not password: error = "Password is required." else: user = db.execute("SELECT * FROM user WHERE username = ?", (username, )).fetchone() if user is None: error = "User does not exist." elif not check_password_hash(user["password"], password): error = "Password is incorrect." if error is None: session.clear() session["user_id"] = user["id"] return redirect(url_for("index")) flash(error) return render_template("auth/login.html")
def register(): """ :return: """ if request.method == 'POST': username = request.form['username'] password = request.form['password'] accessToken = request.form['X_CISCO_MERAKI_API_KEY'] db = get_db() error = None if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif not accessToken: error = 'API Key is required.' elif db.execute('SELECT id FROM user WHERE username = ?', (username, )).fetchone() is not None: error = 'User {} is already registered.'.format(username) # Success if error is None: db.execute( 'INSERT INTO user (username, password, accessToken) VALUES (?, ?, ?)', (username, generate_password_hash(password), accessToken)) db.commit() return redirect(url_for('blog.home')) # Error flash(error) return render_template('auth/register.html')
def login(): """ :return: """ if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() if user is None: error = 'Username does not exist!' elif not check_password_hash(user['password'], password): error = 'Invalid Password!' # Success if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('blog.home')) # Error flash(error) return render_template('auth/login.html')
def save_annotation(self, annotation): try: collections = get_db()[DB_SCHEMA_NAME] results = collections.update( { 'annotations': { '$elemMatch': { 'annotationId': { '$eq': annotation['annotationId'] } } } }, { '$set': { 'annotations.$.saved': annotation['saved'], 'annotations.$.score': annotation['score'] } }, upsert=True) if 'writeError' in list(results.keys()): return False return True except Exception as e: log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e) return False
def blacklist(): """ Blacklist Page back-end functionality :return: """ # Page Setup error = None db = get_db() if session['autoUpdateBlacklist'] is None: error = "Error: No Blacklist selected for automation" return redirect(url_for('portal.home')) # Define User Interaction if request.method == 'POST': print() # Retrieve Page Data task_List = db.execute( 'SELECT tl.id, task_time, type, description' ' FROM tasklog tl JOIN user u ON tl.user_id = u.id' ' ORDER BY task_time DESC' ).fetchall() selected_Blacklist = open('src/Blacklists/{}'.format(session['autoUpdateBlacklist']), "r") blacklist_Data = selected_Blacklist.readlines() selected_Blacklist.close() if error is not None: flash(error) return render_template('portal/blacklist.html', session=session, task_List=task_List, blacklist_Data=blacklist_Data)
def register(): """ :return: """ g.user = None if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None if not username: error = 'Username is required.' elif not password: error = 'Password is required.' elif db.execute('SELECT id FROM user WHERE username = ?', (username, )).fetchone() is not None: error = 'User {} is already registered.'.format(username) if error is None: db.execute('INSERT INTO user (username, password) VALUES (?, ?)', (username, generate_password_hash(password))) db.commit() return redirect(url_for('auth.login')) flash(error) return render_template('auth/register.html')
def search_user_task(self, userId): updated_docs = [] try: collections = get_db()[DB_SCHEMA_NAME] docs = collections.find({'user.userId': userId}) for doc in docs: try: doc['src_locale'] = doc['annotations'][0]["source"][ "language"] doc['tgt_locale'] = doc['annotations'][0]["target"][ "language"] except Exception as e: log_exception("Exception on user task search", LOG_WITHOUT_CONTEXT, e) doc['src_locale'] = None doc['tgt_locale'] = None pass del doc['annotations'] updated_docs.append(normalize_bson_to_json(doc)) return updated_docs except Exception as e: log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e) return updated_docs
def login(): """ :return: """ g.user = None if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' if error is None: session.clear() session['user_id'] = user['id'] session['username'] = user['username'] session['password'] = user['password'] session['ise_Status'] = False session['webhook_Status'] = False session['securex_Status'] = False session['stealthwatch_Status'] = False return redirect(url_for('portal.home')) flash(error) return render_template('auth/login.html')
def insert_model_to_db(name, metrics, model_class): db = get_db() test_acc = metrics[-1]['test_acc_mean'] test_loss = metrics[-1]['test_loss_mean'] exists = db.execute( "SELECT * FROM Model WHERE model_path=?", [name] ).fetchone() if exists is not None: pass # exists = dict(exists) # if exists['model_accuracy'] < test_acc and exists['model_loss'] > test_loss: # db.execute('UPDATE Model SET model_accuracy=?, model_loss=? WHERE model_id=?', # [test_acc, test_loss, exists['model_id']]) else: db.execute( "INSERT INTO Model(model_python_class, model_path, model_metrics, model_accuracy, model_loss) VALUES (?,?,?,?,?)", [model_class, name, name.split('.')[0] + '.json', test_acc, test_loss]) db.commit() res = db.execute("SELECT * FROM Model WHERE model_path=?", [name]).fetchone() return dict(res)
def app(): db_fd, db_path = tempfile.mkstemp() app = create_app({ 'TESTING': True, 'DATABASE': db_path, }) with app.app_context(): init_db() get_db().executescript(_data_sql) yield app os.close(db_fd) os.unlink(db_path)
def index(): db = get_db() posts = db.execute( 'SELECT p.id, image, body, created, cred, fingerprint, author_id, username' ' FROM post p JOIN user u ON p.author_id = u.id' ' ORDER BY created DESC').fetchall() return render_template('index.html', posts=posts)
def reminder(): db = get_db() if (request.method == 'OPTIONS'): response = make_response() response.headers["Access-Control-Allow-Origin"] = "*" response.headers[ "Access-Control-Allow-Headers"] = "Accept, Content-Type" return response if (request.method == "POST"): content = request.get_json() reminder = content["reminder"] unixTime = content['unixTime'] addTimer(unixTime, reminder) db.execute( 'INSERT INTO reminders (reminder, unixTime) VALUES (?, ?)', (reminder, int(unixTime))) db.commit() response = make_response() response.headers["Access-Control-Allow-Origin"] = "*" return response elif (request.method == "GET"): rows = db.execute('SELECT * FROM reminders').fetchall() response = make_response(json.dumps([dict(x) for x in rows])) response.headers["Access-Control-Allow-Origin"] = "*" return response return "<div>Error</>"
def create(): if request.method == 'POST': title = request.form['title'] body = request.form['body'] error = None res = None if not title: error = 'Title is required.' if error is not None: flash(error) else: db = get_db() db.execute( 'INSERT INTO post (title, body, author_id)' ' VALUES (?, ?, ?)', (title, body, g.user['id'])) db.commit() res = db.execute( 'SELECT title, body, created, author_id, username' 'FROM post WHERE title=? AND body=?', ( title, body, )).fetchone() return jsonify(res), 200
def login(): """ User login page :return: """ if request.method == 'POST': error = None db = get_db() # Retrieve Input Forms username = request.form['username'] password = request.form['password'] # Check if user exists user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() # Check for errors if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' # On Success, Login if error is None: session.clear() session['user_id'] = user['id'] session['username'] = user['username'] session['apiKey'] = user['accessToken'] return redirect(url_for('dashboard.dashboard')) # Else, display error flash(error) return render_template('auth/login.html')
def __init__(self): collections = get_db()[DB_SCHEMA_NAME] try: collections.create_index('userId') except pymongo.errors.DuplicateKeyError as e: log_info("duplicate key, ignoring", LOG_WITHOUT_CONTEXT) except Exception as e: log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e)
def seed_admin(): print("add admin user") db = get_db() user = User() user.username = '******' user.password_hash = generate_password_hash(current_app.config['ADMIN_PASSWORD']) db.add(user) db.commit()
def store_bulk(self, tasks): try: collections = get_db()[DB_SCHEMA_NAME] results = collections.insert_many(tasks) if len(tasks) == len(results.inserted_ids): return True except Exception as e: log_exception("db connection exception ", LOG_WITHOUT_CONTEXT, e) return False
def build(): """Creates database, migrates, and seeds""" create_database() database = get_db() migrate(database) seed_patch(database) seed_heroes(database) seed_changelog(database)
def app(): """Create and configure a new app instance for each test""" # create temporary file to isolate database for each test. db_fd, db_path = tempfile.mkstemp() # create app with common test config app = create_app({'TESTING': True, 'DATABASE': db_path}) with app.app_context(): init_db() get_db() yield app # close and remove temporary database os.close(db_fd) os.unlink(db_path)
# r.set_oauth_app_info(client_id=CLIENT_ID, client_secret=CLIENT_SECRET, redirect_uri=REDIRECT_URI) # o = OAuth2Util.OAuth2Util(r) # o.refresh() oauth_helper = PrawOAuth2Mini( r, app_key=CLIENT_ID, app_secret=CLIENT_SECRET, access_token=ACCESS_TOKEN, scopes=SCOPES, refresh_token=REFRESH_TOKEN ) DONE = [] db = get_db() def comment_is_valid(comment): if re.match('[a-zA-Z\s]+ \d\.\d\d[a-z]?(\-\d\.\d\d[a-z]?)?', comment): return True else: return False def read_config_done(): done = [] try: with open("config/data/comments_done.cfg", "r") as f: for line in f: if line.strip(): done.append(line.strip())