flaschengeist/geruecht/controller/accesTokenController.py

from geruecht.model.accessToken import AccessToken
import geruecht.controller as gc
import geruecht.controller.userController as uc
from geruecht.model import BAR
from geruecht.controller import LOGGER
from datetime import datetime, timedelta
import hashlib
from . import Singleton

userController = uc.UserController()

class AccesTokenController(metaclass=Singleton):
    """ Control all createt AccesToken

        This Class create, delete, find and manage AccesToken.

        Attributes:
            tokenList: List of currents AccessToken
            lifetime: Variable for the Lifetime of one AccessToken in seconds.
    """
    instance = None
    tokenList = None

    def __init__(self, lifetime=1800):
        """ Initialize AccessTokenController

            Initialize Thread and set tokenList empty.
        """
        LOGGER.info("Initialize AccessTokenController")
        self.lifetime = gc.accConfig

        self.tokenList = []

    def checkBar(self, user):
        if (userController.checkBarUser(user)):
            if BAR not in user.group:
                user.group.append(BAR)
        else:
            while BAR in user.group:
                user.group.remove(BAR)

    def validateAccessToken(self, token, group):
        """ Verify Accestoken

            Verify an Accestoken and Group so if the User has permission or not.
            Retrieves the accestoken if valid else retrieves False

            Args:
                token: Token to verify.
                group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
            Returns:
                An the AccesToken for this given Token or False.
        """
        LOGGER.info("Verify AccessToken with token: {} and group: {}".format(token, group))
        for accToken in self.tokenList:
            LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))
            if accToken == token:
                LOGGER.debug("AccessToken is {}".format(accToken))
                endTime = accToken.timestamp + timedelta(seconds=self.lifetime)
                now = datetime.now()
                LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))
                if now <= endTime:
                    self.checkBar(accToken.user)
                    LOGGER.debug("Check if AccesToken {} has same group {}".format(accToken, group))
                    if self.isSameGroup(accToken, group):
                        accToken.updateTimestamp()
                        LOGGER.info("Found AccessToken {} with token: {} and group: {}".format(accToken, token, group))
                        return accToken
                else:
                    LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))
                    self.tokenList.remove(accToken)
        LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
        return False

    def createAccesToken(self, user, ldap_conn):
        """ Create an AccessToken

            Create an AccessToken for an User and add it to the tokenList.

            Args:
                user: For wich User is to create an AccessToken

            Returns:
                A created Token for User
        """
        LOGGER.info("Create AccessToken")
        now = datetime.ctime(datetime.now())
        token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
        self.checkBar(user)
        accToken = AccessToken(user, token, ldap_conn, datetime.now())
        LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
        self.tokenList.append(accToken)
        LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
        return token

    def isSameGroup(self, accToken, groups):
        """ Verify group in AccessToken

            Verify if the User in the AccesToken has the right group.

            Args:
                accToken: AccessToken to verify.
                groups: Group to verify.

            Returns:
                A Bool. If the same then True else False
        """
        print("controll if", accToken, "hase groups", groups)
        LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, groups))
        for group in groups:
            if group in accToken.user.group: return True
        return False
new start 2019-04-11 21:56:55 +00:00			`from geruecht.model.accessToken import AccessToken`
fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`import geruecht.controller as gc`
			`import geruecht.controller.userController as uc`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`from geruecht.model import BAR`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`from geruecht.controller import LOGGER`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`from datetime import datetime, timedelta`
new start 2019-04-11 21:56:55 +00:00			`import hashlib`
update for UnitTests new controller: userController so routes don't have to import users or creditlist and don't do logics. 2019-12-28 20:52:49 +00:00			`from . import Singleton`
new start 2019-04-11 21:56:55 +00:00
fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`userController = uc.UserController()`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`class AccesTokenController(metaclass=Singleton):`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`""" Control all createt AccesToken`
Dokumentation vervollständigt 2019-05-02 16:50:59 +00:00
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`This Class create, delete, find and manage AccesToken.`

			`Attributes:`
			`tokenList: List of currents AccessToken`
			`lifetime: Variable for the Lifetime of one AccessToken in seconds.`
			`"""`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`instance = None`
new start 2019-04-11 21:56:55 +00:00			`tokenList = None`

added a Configparser 2019-12-30 08:22:43 +00:00			`def __init__(self, lifetime=1800):`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`""" Initialize AccessTokenController`
Dokumentation vervollständigt 2019-05-02 16:50:59 +00:00
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`Initialize Thread and set tokenList empty.`
			`"""`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.info("Initialize AccessTokenController")`
fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`self.lifetime = gc.accConfig`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00
new start 2019-04-11 21:56:55 +00:00			`self.tokenList = []`

fixed imports, bugfix that accLifetime will load from config file 2020-01-18 23:37:40 +00:00			`def checkBar(self, user):`
			`if (userController.checkBarUser(user)):`
fixed ##193 2020-03-04 20:38:21 +00:00			`if BAR not in user.group:`
			`user.group.append(BAR)`
			`else:`
			`while BAR in user.group:`
			`user.group.remove(BAR)`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`def validateAccessToken(self, token, group):`
			`""" Verify Accestoken`
Dokumentation vervollständigt 2019-05-02 16:50:59 +00:00
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`Verify an Accestoken and Group so if the User has permission or not.`
			`Retrieves the accestoken if valid else retrieves False`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00
			`Args:`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`token: Token to verify.`
			`group: Group like 'moneymaster', 'gastro', 'user' or 'bar'`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`Returns:`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`An the AccesToken for this given Token or False.`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`"""`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`LOGGER.info("Verify AccessToken with token: {} and group: {}".format(token, group))`
new start 2019-04-11 21:56:55 +00:00			`for accToken in self.tokenList:`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`LOGGER.debug("Check is token {} same as in AccessToken {}".format(token, accToken))`
new start 2019-04-11 21:56:55 +00:00			`if accToken == token:`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`LOGGER.debug("AccessToken is {}".format(accToken))`
			`endTime = accToken.timestamp + timedelta(seconds=self.lifetime)`
			`now = datetime.now()`
			`LOGGER.debug("Check if AccessToken's Endtime {} is bigger then now {}".format(endTime, now))`
			`if now <= endTime:`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`self.checkBar(accToken.user)`
update token validatition no second thread to validate for token ... only on access it will be validate 2019-12-28 10:31:45 +00:00			`LOGGER.debug("Check if AccesToken {} has same group {}".format(accToken, group))`
			`if self.isSameGroup(accToken, group):`
			`accToken.updateTimestamp()`
			`LOGGER.info("Found AccessToken {} with token: {} and group: {}".format(accToken, token, group))`
			`return accToken`
			`else:`
			`LOGGER.debug("AccessToken {} is no longer valid and will removed".format(accToken))`
			`self.tokenList.remove(accToken)`
			`LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))`
			`return False`
new start 2019-04-11 21:56:55 +00:00
added ldap modifying for users 2020-01-26 22:31:22 +00:00			`def createAccesToken(self, user, ldap_conn):`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`""" Create an AccessToken`

			`Create an AccessToken for an User and add it to the tokenList.`

			`Args:`
			`user: For wich User is to create an AccessToken`

			`Returns:`
			`A created Token for User`
			`"""`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.info("Create AccessToken")`
AccesTokenController ist ein Thread AccesTokenController schaut immer wieder nach, ob ein AccesToken noch valid ist. Zeitabstand beträgt bis jetzt 10 SeKunden ValidLifeTime beträgt bis jetzt 60 Sekunden 2019-04-12 12:51:37 +00:00			`now = datetime.ctime(datetime.now())`
mysql adapter and ldap adapter start adapetr for mysql not sqllite authenfication with ldap problem.. ldap and db is initialize in __init__.py when you initialize db, you initialize User and that requires ldap from __init__.py. But ldap is not initialize. if you initialize ldap, you initialize User and that requires db from __init__.py. But db is not initialize. 2019-12-19 07:12:29 +00:00			`token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`self.checkBar(user)`
added ldap modifying for users 2020-01-26 22:31:22 +00:00			`accToken = AccessToken(user, token, ldap_conn, datetime.now())`
Task #60 erledigt. Es wird jetzt per StreamHandler geloggt und per File gespeichert. Vielleicht wird auch ein bisschen zuviel geloggt. 2019-05-02 23:40:13 +00:00			`LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))`
			`self.tokenList.append(accToken)`
			`LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))`
new start 2019-04-11 21:56:55 +00:00			`return token`

add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`def isSameGroup(self, accToken, groups):`
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`""" Verify group in AccessToken`
Dokumentation vervollständigt 2019-05-02 16:50:59 +00:00
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`Verify if the User in the AccesToken has the right group.`

			`Args:`
			`accToken: AccessToken to verify.`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`groups: Group to verify.`
Dokumentation vervollständigt 2019-05-02 16:50:59 +00:00
Erste Doku hinzugefügt im Ticket #41 2019-04-17 12:46:46 +00:00			`Returns:`
			`A Bool. If the same then True else False`
			`"""`
add addWorker and deletWorker 2020-01-18 22:31:49 +00:00			`print("controll if", accToken, "hase groups", groups)`
			`LOGGER.debug("Check if AccessToken {} has group {}".format(accToken, groups))`
			`for group in groups:`
			`if group in accToken.user.group: return True`
			`return False`