Merge branch 'feature/ldap' into develop
This commit is contained in:
commit
0ab9da4736
|
@ -7,6 +7,7 @@
|
||||||
from .logger import getLogger
|
from .logger import getLogger
|
||||||
from geruecht.controller import dbConfig
|
from geruecht.controller import dbConfig
|
||||||
from flask_mysqldb import MySQL
|
from flask_mysqldb import MySQL
|
||||||
|
from flask_ldapconn import LDAPConn
|
||||||
|
|
||||||
LOGGER = getLogger(__name__)
|
LOGGER = getLogger(__name__)
|
||||||
LOGGER.info("Initialize App")
|
LOGGER.info("Initialize App")
|
||||||
|
@ -23,6 +24,13 @@ app.config['MYSQL_USER'] = dbConfig['user']
|
||||||
app.config['MYSQL_PASSWORD'] = dbConfig['passwd']
|
app.config['MYSQL_PASSWORD'] = dbConfig['passwd']
|
||||||
app.config['MYSQL_DB'] = dbConfig['database']
|
app.config['MYSQL_DB'] = dbConfig['database']
|
||||||
app.config['MYSQL_CURSORCLASS'] = 'DictCursor'
|
app.config['MYSQL_CURSORCLASS'] = 'DictCursor'
|
||||||
|
app.config['LDAP_SERVER'] = '192.168.5.128'
|
||||||
|
app.config['LDAP_PORT'] = 389
|
||||||
|
app.config['LDAP_BINDDN'] = 'dc=ldap,dc=example,dc=local'
|
||||||
|
app.config['LDAP_USE_TLS'] = False
|
||||||
|
app.config['FORCE_ATTRIBUTE_VALUE_AS_LIST'] = True
|
||||||
|
|
||||||
|
ldap = LDAPConn(app)
|
||||||
db = MySQL(app)
|
db = MySQL(app)
|
||||||
|
|
||||||
from geruecht import routes
|
from geruecht import routes
|
||||||
|
|
|
@ -70,7 +70,7 @@ class AccesTokenController(metaclass=Singleton):
|
||||||
LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
|
LOGGER.info("Found no valid AccessToken with token: {} and group: {}".format(token, group))
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def createAccesToken(self, user):
|
def createAccesToken(self, user, ldap_conn):
|
||||||
""" Create an AccessToken
|
""" Create an AccessToken
|
||||||
|
|
||||||
Create an AccessToken for an User and add it to the tokenList.
|
Create an AccessToken for an User and add it to the tokenList.
|
||||||
|
@ -85,7 +85,7 @@ class AccesTokenController(metaclass=Singleton):
|
||||||
now = datetime.ctime(datetime.now())
|
now = datetime.ctime(datetime.now())
|
||||||
token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
|
token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
|
||||||
self.checkBar(user)
|
self.checkBar(user)
|
||||||
accToken = AccessToken(user, token, datetime.now())
|
accToken = AccessToken(user, token, ldap_conn, datetime.now())
|
||||||
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
|
LOGGER.debug("Add AccessToken {} to current Tokens".format(accToken))
|
||||||
self.tokenList.append(accToken)
|
self.tokenList.append(accToken)
|
||||||
LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
|
LOGGER.info("Finished create AccessToken {} with Token {}".format(accToken, token))
|
||||||
|
|
|
@ -4,6 +4,8 @@ from geruecht import db
|
||||||
from geruecht.model.user import User
|
from geruecht.model.user import User
|
||||||
from geruecht.model.creditList import CreditList
|
from geruecht.model.creditList import CreditList
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
|
from geruecht.exceptions import UsernameExistDB, DatabaseExecption
|
||||||
|
import traceback
|
||||||
|
|
||||||
class DatabaseController(metaclass=Singleton):
|
class DatabaseController(metaclass=Singleton):
|
||||||
'''
|
'''
|
||||||
|
@ -54,6 +56,8 @@ class DatabaseController(metaclass=Singleton):
|
||||||
|
|
||||||
def _convertGroupToString(self, groups):
|
def _convertGroupToString(self, groups):
|
||||||
retVal = ''
|
retVal = ''
|
||||||
|
print('groups: {}'.format(groups))
|
||||||
|
if groups:
|
||||||
for group in groups:
|
for group in groups:
|
||||||
if len(retVal) != 0:
|
if len(retVal) != 0:
|
||||||
retVal += ','
|
retVal += ','
|
||||||
|
@ -71,6 +75,7 @@ class DatabaseController(metaclass=Singleton):
|
||||||
|
|
||||||
def updateUser(self, user):
|
def updateUser(self, user):
|
||||||
cursor = self.db.connection.cursor()
|
cursor = self.db.connection.cursor()
|
||||||
|
print('uid: {}; group: {}'.format(user.uid, user.group))
|
||||||
groups = self._convertGroupToString(user.group)
|
groups = self._convertGroupToString(user.group)
|
||||||
sql = "update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}', lockLimit={}, locked={}, autoLock={}, mail='{}' where uid='{}'".format(
|
sql = "update user set dn='{}', firstname='{}', lastname='{}', gruppe='{}', lockLimit={}, locked={}, autoLock={}, mail='{}' where uid='{}'".format(
|
||||||
user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.mail, user.uid)
|
user.dn, user.firstname, user.lastname, groups, user.limit, user.locked, user.autoLock, user.mail, user.uid)
|
||||||
|
@ -144,9 +149,26 @@ class DatabaseController(metaclass=Singleton):
|
||||||
|
|
||||||
|
|
||||||
def deleteWorker(self, user, date):
|
def deleteWorker(self, user, date):
|
||||||
|
try:
|
||||||
cursor = self.db.connection.cursor()
|
cursor = self.db.connection.cursor()
|
||||||
cursor.execute("delete from bardienste where user_id={} and startdatetime='{}'".format(user.id, date))
|
cursor.execute("delete from bardienste where user_id={} and startdatetime='{}'".format(user.id, date))
|
||||||
self.db.connection.commit()
|
self.db.connection.commit()
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exc()
|
||||||
|
|
||||||
|
def changeUsername(self, user, newUsername):
|
||||||
|
try:
|
||||||
|
cursor= self.db.connection.cursor()
|
||||||
|
cursor.execute("select * from user where uid='{}'".format(newUsername))
|
||||||
|
data = cursor.fetchall()
|
||||||
|
if data:
|
||||||
|
raise UsernameExistDB("Username already exists")
|
||||||
|
else:
|
||||||
|
cursor.execute("update user set uid='{}' where id={}".format(newUsername, user.id))
|
||||||
|
self.db.connection()
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exc()
|
||||||
|
raise DatabaseExecption("Something went worng with Datatabase: {}".format(err))
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
db = DatabaseController()
|
db = DatabaseController()
|
||||||
|
|
|
@ -1,65 +1,66 @@
|
||||||
import ldap
|
from geruecht import ldap
|
||||||
|
from ldap3 import SUBTREE, MODIFY_REPLACE, HASHED_SALTED_MD5
|
||||||
|
from ldap3.utils.hashed import hashed
|
||||||
from geruecht.model import MONEY, USER, GASTRO, BAR
|
from geruecht.model import MONEY, USER, GASTRO, BAR
|
||||||
from geruecht.exceptions import PermissionDenied
|
from geruecht.exceptions import PermissionDenied
|
||||||
from . import Singleton
|
from . import Singleton
|
||||||
|
from geruecht.exceptions import UsernameExistLDAP, LDAPExcetpion
|
||||||
|
import traceback
|
||||||
|
|
||||||
class LDAPController(metaclass=Singleton):
|
class LDAPController(metaclass=Singleton):
|
||||||
'''
|
'''
|
||||||
Authentification over LDAP. Create Account on-the-fly
|
Authentification over LDAP. Create Account on-the-fly
|
||||||
'''
|
'''
|
||||||
|
|
||||||
def __init__(self, url="ldap://192.168.5.108", dn='dc=ldap,dc=example,dc=local'):
|
def __init__(self, dn='dc=ldap,dc=example,dc=local'):
|
||||||
self.url = url
|
|
||||||
self.dn = dn
|
self.dn = dn
|
||||||
self.connect()
|
self.ldap = ldap
|
||||||
|
|
||||||
def connect(self):
|
|
||||||
try:
|
|
||||||
self.client = ldap.initialize(self.url, bytes_mode=False)
|
|
||||||
except Exception as err:
|
|
||||||
raise err
|
|
||||||
|
|
||||||
def login(self, username, password):
|
def login(self, username, password):
|
||||||
self.connect()
|
|
||||||
try:
|
try:
|
||||||
cn = self.client.search_s("ou=user,{}".format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username),['cn'])[0][1]['cn'][0].decode('utf-8')
|
retVal = self.ldap.authenticate(username, password, 'uid', self.dn)
|
||||||
self.client.bind_s("cn={},ou=user,{}".format(cn, self.dn), password)
|
if not retVal:
|
||||||
self.client.unbind_s()
|
|
||||||
except:
|
|
||||||
self.client.unbind_s()
|
|
||||||
raise PermissionDenied("Invalid Password or Username")
|
raise PermissionDenied("Invalid Password or Username")
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exception(err)
|
||||||
|
raise PermissionDenied("Wrong username or password.")
|
||||||
|
|
||||||
|
def bind(self, user, password):
|
||||||
|
ldap_conn = self.ldap.connect(user.dn, password)
|
||||||
|
return ldap_conn
|
||||||
|
|
||||||
def getUserData(self, username):
|
def getUserData(self, username):
|
||||||
try:
|
try:
|
||||||
self.connect()
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
|
||||||
search_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username), ['uid', 'givenName', 'sn', 'mail'])
|
user = self.ldap.connection.response[0]['attributes']
|
||||||
retVal = search_data[0][1]
|
retVal = {
|
||||||
for k,v in retVal.items():
|
'dn': self.ldap.connection.response[0]['dn'],
|
||||||
retVal[k] = v[0].decode('utf-8')
|
'firstname': user['givenName'][0],
|
||||||
retVal['dn'] = self.dn
|
'lastname': user['sn'][0],
|
||||||
retVal['firstname'] = retVal['givenName']
|
'uid': username
|
||||||
retVal['lastname'] = retVal['sn']
|
}
|
||||||
return retVal
|
return retVal
|
||||||
except:
|
except:
|
||||||
raise PermissionDenied("No User exists with this uid.")
|
raise PermissionDenied("No User exists with this uid.")
|
||||||
|
|
||||||
|
|
||||||
def getGroup(self, username):
|
def getGroup(self, username):
|
||||||
|
try:
|
||||||
retVal = []
|
retVal = []
|
||||||
self.connect()
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid={})'.format(username), SUBTREE, attributes=['gidNumber'])
|
||||||
main_group_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username), ['gidNumber'])
|
response = self.ldap.connection.response
|
||||||
if main_group_data:
|
main_group_number = self.ldap.connection.response[0]['attributes']['gidNumber']
|
||||||
main_group_number = main_group_data[0][1]['gidNumber'][0].decode('utf-8')
|
if main_group_number:
|
||||||
group_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'gidNumber={}'.format(main_group_number), ['cn'])
|
group_data = self.ldap.connection.search('ou=group,{}'.format(self.dn), '(gidNumber={})'.format(main_group_number), attributes=['cn'])
|
||||||
if group_data:
|
group_name = self.ldap.connection.response[0]['attributes']['cn'][0]
|
||||||
group_name = group_data[0][1]['cn'][0].decode('utf-8')
|
|
||||||
if group_name == 'ldap-user':
|
if group_name == 'ldap-user':
|
||||||
retVal.append(USER)
|
retVal.append(USER)
|
||||||
|
|
||||||
groups_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'memberUID={}'.format(username), ['cn'])
|
self.ldap.connection.search('ou=group,{}'.format(self.dn), '(memberUID={})'.format(username), SUBTREE, attributes=['cn'])
|
||||||
|
groups_data = self.ldap.connection.response
|
||||||
for data in groups_data:
|
for data in groups_data:
|
||||||
print(data[1]['cn'][0].decode('utf-8'))
|
group_name = data['attributes']['cn'][0]
|
||||||
group_name = data[1]['cn'][0].decode('utf-8')
|
|
||||||
if group_name == 'finanzer':
|
if group_name == 'finanzer':
|
||||||
retVal.append(MONEY)
|
retVal.append(MONEY)
|
||||||
elif group_name == 'gastro':
|
elif group_name == 'gastro':
|
||||||
|
@ -67,6 +68,8 @@ class LDAPController(metaclass=Singleton):
|
||||||
elif group_name == 'bar':
|
elif group_name == 'bar':
|
||||||
retVal.append(BAR)
|
retVal.append(BAR)
|
||||||
return retVal
|
return retVal
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exc()
|
||||||
|
|
||||||
def __isUserInList(self, list, username):
|
def __isUserInList(self, list, username):
|
||||||
help_list = []
|
help_list = []
|
||||||
|
@ -77,19 +80,19 @@ class LDAPController(metaclass=Singleton):
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def getAllUser(self):
|
def getAllUser(self):
|
||||||
self.connect()
|
|
||||||
retVal = []
|
retVal = []
|
||||||
data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, attrlist=['uid', 'givenName', 'sn', 'mail'])
|
self.ldap.connection.search()
|
||||||
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
|
||||||
|
data = self.ldap.connection.response
|
||||||
for user in data:
|
for user in data:
|
||||||
if 'uid' in user[1]:
|
if 'uid' in user['attributes']:
|
||||||
username = user[1]['uid'][0].decode('utf-8')
|
username = user['attributes']['uid'][0]
|
||||||
firstname = user[1]['givenName'][0].decode('utf-8')
|
firstname = user['attributes']['givenName'][0]
|
||||||
lastname = user[1]['sn'][0].decode('utf-8')
|
lastname = user['attributes']['sn'][0]
|
||||||
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
def searchUser(self, searchString):
|
def searchUser(self, searchString):
|
||||||
self.connect()
|
|
||||||
|
|
||||||
name = searchString.split(" ")
|
name = searchString.split(" ")
|
||||||
|
|
||||||
|
@ -103,29 +106,57 @@ class LDAPController(metaclass=Singleton):
|
||||||
|
|
||||||
if len(name) == 1:
|
if len(name) == 1:
|
||||||
if name[0] == "**":
|
if name[0] == "**":
|
||||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(uid=*)', SUBTREE,
|
||||||
attrlist=['uid', 'givenName', 'sn']))
|
attributes=['uid', 'givenName', 'sn'])
|
||||||
|
name_result.append(self.ldap.connection.response)
|
||||||
else:
|
else:
|
||||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['uid', 'givenName', 'sn', 'mail']))
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(givenName={})'.format(name[0]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
|
||||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['uid', 'givenName', 'sn'], 'mail'))
|
name_result.append(self.ldap.connection.response)
|
||||||
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(sn={})'.format(name[0]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
|
||||||
|
name_result.append(self.ldap.connection.response)
|
||||||
else:
|
else:
|
||||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(givenName={})'.format(name[1]), SUBTREE, attributes=['uid', 'givenName', 'sn'])
|
||||||
'givenName={}'.format(name[1]), ['uid', 'givenName', 'sn']))
|
name_result.append(self.ldap.connection.response)
|
||||||
name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[1]),
|
self.ldap.connection.search('ou=user,{}'.format(self.dn), '(sn={})'.format(name[1]), SUBTREE, attributes=['uid', 'givenName', 'sn', 'mail'])
|
||||||
['uid', 'givenName', 'sn', 'mail']))
|
name_result.append(self.ldap.connection.response)
|
||||||
retVal = []
|
retVal = []
|
||||||
|
|
||||||
for names in name_result:
|
for names in name_result:
|
||||||
for user in names:
|
for user in names:
|
||||||
if 'uid' in user[1]:
|
if 'uid' in user['attributes']:
|
||||||
username = user[1]['uid'][0].decode('utf-8')
|
username = user['attributes']['uid'][0]
|
||||||
if not self.__isUserInList(retVal, username):
|
if not self.__isUserInList(retVal, username):
|
||||||
firstname = user[1]['givenName'][0].decode('utf-8')
|
firstname = user['attributes']['givenName'][0]
|
||||||
lastname = user[1]['sn'][0].decode('utf-8')
|
lastname = user['attributes']['sn'][0]
|
||||||
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname})
|
||||||
|
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
|
def modifyUser(self, user, conn, attributes):
|
||||||
|
try:
|
||||||
|
if 'username' in attributes:
|
||||||
|
conn.search('ou=user,{}'.format(self.dn), '(uid={})'.format(attributes['username']))
|
||||||
|
if conn.entries:
|
||||||
|
raise UsernameExistLDAP("Username already exists in LDAP")
|
||||||
|
#create modifyer
|
||||||
|
mody = {}
|
||||||
|
if 'username' in attributes:
|
||||||
|
mody['uid'] = [(MODIFY_REPLACE, [attributes['username']])]
|
||||||
|
if 'firstname' in attributes:
|
||||||
|
mody['givenName'] = [(MODIFY_REPLACE, [attributes['firstname']])]
|
||||||
|
if 'lastname' in attributes:
|
||||||
|
mody['sn'] = [(MODIFY_REPLACE, [attributes['lastname']])]
|
||||||
|
if 'mail' in attributes:
|
||||||
|
mody['mail'] = [(MODIFY_REPLACE, [attributes['mail']])]
|
||||||
|
if 'password' in attributes:
|
||||||
|
salted_password = hashed(HASHED_SALTED_MD5, attributes['password'])
|
||||||
|
mody['userPassword'] = [(MODIFY_REPLACE, [salted_password])]
|
||||||
|
conn.modify(user.dn, mody)
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exc()
|
||||||
|
raise LDAPExcetpion("Something went wrong in LDAP: {}".format(err))
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
a = LDAPController()
|
a = LDAPController()
|
||||||
|
|
|
@ -5,9 +5,10 @@ import geruecht.controller.emailController as ec
|
||||||
from geruecht.model.user import User
|
from geruecht.model.user import User
|
||||||
from geruecht.exceptions import PermissionDenied
|
from geruecht.exceptions import PermissionDenied
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
|
from geruecht.exceptions import UsernameExistLDAP, UsernameExistDB, DatabaseExecption, LDAPExcetpion
|
||||||
|
|
||||||
db = dc.DatabaseController()
|
db = dc.DatabaseController()
|
||||||
ldap = lc.LDAPController(ldapConfig['URL'], ldapConfig['dn'])
|
ldap = lc.LDAPController(ldapConfig['dn'])
|
||||||
emailController = ec.EmailController(mailConfig['URL'], mailConfig['user'], mailConfig['passwd'], mailConfig['port'], mailConfig['email'])
|
emailController = ec.EmailController(mailConfig['URL'], mailConfig['user'], mailConfig['passwd'], mailConfig['port'], mailConfig['email'])
|
||||||
|
|
||||||
class UserController(metaclass=Singleton):
|
class UserController(metaclass=Singleton):
|
||||||
|
@ -128,10 +129,31 @@ class UserController(metaclass=Singleton):
|
||||||
retVal.append(self.sendMail(user))
|
retVal.append(self.sendMail(user))
|
||||||
return retVal
|
return retVal
|
||||||
|
|
||||||
|
def modifyUser(self, user, ldap_conn, attributes):
|
||||||
|
try:
|
||||||
|
if 'username' in attributes:
|
||||||
|
db.changeUsername(user, attributes['username'])
|
||||||
|
ldap.modifyUser(user, ldap_conn, attributes)
|
||||||
|
if 'username' in attributes:
|
||||||
|
return self.getUser(attributes['username'])
|
||||||
|
else:
|
||||||
|
return self.getUser(user.uid)
|
||||||
|
except UsernameExistLDAP as err:
|
||||||
|
db.changeUsername(user, user.uid)
|
||||||
|
raise Exception(err)
|
||||||
|
except LDAPExcetpion as err:
|
||||||
|
if 'username' in attributes:
|
||||||
|
db.changeUsername(user, user.uid)
|
||||||
|
raise Exception(err)
|
||||||
|
except Exception as err:
|
||||||
|
raise Exception(err)
|
||||||
|
|
||||||
def loginUser(self, username, password):
|
def loginUser(self, username, password):
|
||||||
try:
|
try:
|
||||||
user = self.getUser(username)
|
user = self.getUser(username)
|
||||||
|
user.password = password
|
||||||
ldap.login(username, password)
|
ldap.login(username, password)
|
||||||
return user
|
ldap_conn = ldap.bind(user, password)
|
||||||
|
return user, ldap_conn
|
||||||
except PermissionDenied as err:
|
except PermissionDenied as err:
|
||||||
raise err
|
raise err
|
||||||
|
|
|
@ -1,2 +1,10 @@
|
||||||
class PermissionDenied(Exception):
|
class PermissionDenied(Exception):
|
||||||
pass
|
pass
|
||||||
|
class UsernameExistDB(Exception):
|
||||||
|
pass
|
||||||
|
class UsernameExistLDAP(Exception):
|
||||||
|
pass
|
||||||
|
class DatabaseExecption(Exception):
|
||||||
|
pass
|
||||||
|
class LDAPExcetpion(Exception):
|
||||||
|
pass
|
|
@ -4,6 +4,7 @@ from datetime import datetime
|
||||||
import geruecht.controller.userController as uc
|
import geruecht.controller.userController as uc
|
||||||
from geruecht.model import MONEY
|
from geruecht.model import MONEY
|
||||||
from geruecht.decorator import login_required
|
from geruecht.decorator import login_required
|
||||||
|
import time
|
||||||
|
|
||||||
finanzer = Blueprint("finanzer", __name__)
|
finanzer = Blueprint("finanzer", __name__)
|
||||||
|
|
||||||
|
|
|
@ -15,8 +15,9 @@ class AccessToken():
|
||||||
timestamp = None
|
timestamp = None
|
||||||
user = None
|
user = None
|
||||||
token = None
|
token = None
|
||||||
|
ldap_conn = None
|
||||||
|
|
||||||
def __init__(self, user, token, timestamp=datetime.now()):
|
def __init__(self, user, token, ldap_conn, timestamp=datetime.now()):
|
||||||
""" Initialize Class AccessToken
|
""" Initialize Class AccessToken
|
||||||
|
|
||||||
No more to say.
|
No more to say.
|
||||||
|
@ -30,6 +31,7 @@ class AccessToken():
|
||||||
self.user = user
|
self.user = user
|
||||||
self.timestamp = timestamp
|
self.timestamp = timestamp
|
||||||
self.token = token
|
self.token = token
|
||||||
|
self.ldap_conn = ldap_conn
|
||||||
|
|
||||||
def updateTimestamp(self):
|
def updateTimestamp(self):
|
||||||
""" Update the Timestamp
|
""" Update the Timestamp
|
||||||
|
|
|
@ -49,6 +49,7 @@ class User():
|
||||||
self.group = data['gruppe'].split(',')
|
self.group = data['gruppe'].split(',')
|
||||||
if 'creditLists' in data:
|
if 'creditLists' in data:
|
||||||
self.geruechte = data['creditLists']
|
self.geruechte = data['creditLists']
|
||||||
|
self.password = ''
|
||||||
|
|
||||||
def updateData(self, data):
|
def updateData(self, data):
|
||||||
if 'dn' in data:
|
if 'dn' in data:
|
||||||
|
@ -204,7 +205,8 @@ class User():
|
||||||
"username": self.uid,
|
"username": self.uid,
|
||||||
"locked": self.locked,
|
"locked": self.locked,
|
||||||
"autoLock": self.autoLock,
|
"autoLock": self.autoLock,
|
||||||
"limit": self.limit
|
"limit": self.limit,
|
||||||
|
"mail": self.mail
|
||||||
}
|
}
|
||||||
return dic
|
return dic
|
||||||
|
|
||||||
|
|
|
@ -48,9 +48,9 @@ def _login():
|
||||||
password = data['password']
|
password = data['password']
|
||||||
LOGGER.info("search {} in database".format(username))
|
LOGGER.info("search {} in database".format(username))
|
||||||
try:
|
try:
|
||||||
user = userController.loginUser(username, password)
|
user, ldap_conn = userController.loginUser(username, password)
|
||||||
user.password = password
|
user.password = password
|
||||||
token = accesTokenController.createAccesToken(user)
|
token = accesTokenController.createAccesToken(user, ldap_conn)
|
||||||
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
|
dic = accesTokenController.validateAccessToken(token, [USER]).user.toJSON()
|
||||||
dic["token"] = token
|
dic["token"] = token
|
||||||
dic["accessToken"] = token
|
dic["accessToken"] = token
|
||||||
|
@ -58,5 +58,7 @@ def _login():
|
||||||
return jsonify(dic)
|
return jsonify(dic)
|
||||||
except PermissionDenied as err:
|
except PermissionDenied as err:
|
||||||
return jsonify({"error": str(err)}), 401
|
return jsonify({"error": str(err)}), 401
|
||||||
|
except Exception:
|
||||||
|
return jsonify({"error": "permission denied"}), 401
|
||||||
LOGGER.info("User {} does not exist.".format(username))
|
LOGGER.info("User {} does not exist.".format(username))
|
||||||
return jsonify({"error": "wrong username"}), 401
|
return jsonify({"error": "wrong username"}), 401
|
||||||
|
|
|
@ -3,6 +3,8 @@ from geruecht.decorator import login_required
|
||||||
import geruecht.controller.userController as uc
|
import geruecht.controller.userController as uc
|
||||||
from geruecht.model import USER
|
from geruecht.model import USER
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
import time
|
||||||
|
import traceback
|
||||||
|
|
||||||
user = Blueprint("user", __name__)
|
user = Blueprint("user", __name__)
|
||||||
|
|
||||||
|
@ -34,3 +36,41 @@ def _addAmount(**kwargs):
|
||||||
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||||
return jsonify(retVal)
|
return jsonify(retVal)
|
||||||
return jsonify({"error": "something went wrong"}), 500
|
return jsonify({"error": "something went wrong"}), 500
|
||||||
|
|
||||||
|
@user.route("/user/saveConfig", methods=['POST'])
|
||||||
|
@login_required(groups=[USER])
|
||||||
|
def _saveConfig(**kwargs):
|
||||||
|
try:
|
||||||
|
if 'accToken' in kwargs:
|
||||||
|
accToken = kwargs['accToken']
|
||||||
|
data = request.get_json()
|
||||||
|
accToken.user = userController.modifyUser(accToken.user, accToken.ldap_conn, data)
|
||||||
|
retVal = accToken.user.toJSON()
|
||||||
|
retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
|
||||||
|
return jsonify(retVal)
|
||||||
|
except Exception as err:
|
||||||
|
return jsonify({"error": err}), 409
|
||||||
|
|
||||||
|
@user.route("/user/job", methods=['POST'])
|
||||||
|
@login_required(groups=[USER])
|
||||||
|
def _getJob(**kwargs):
|
||||||
|
try:
|
||||||
|
if 'accToken' in kwargs:
|
||||||
|
accToken = kwargs['accToken']
|
||||||
|
data = request.get_json()
|
||||||
|
date = datetime.utcfromtimestamp(int(data['date']))
|
||||||
|
test = userController.getWorker(date, username=accToken.user.uid)
|
||||||
|
if test == [None]:
|
||||||
|
job = False
|
||||||
|
else:
|
||||||
|
job = True
|
||||||
|
if job:
|
||||||
|
workers = userController.getWorker(date)
|
||||||
|
for worker in workers:
|
||||||
|
if worker['user']['uid'] == accToken.user.uid:
|
||||||
|
workers.remove(worker)
|
||||||
|
return jsonify({'job': job, 'workers': workers})
|
||||||
|
return jsonify({'job': job})
|
||||||
|
except Exception as err:
|
||||||
|
traceback.print_exc()
|
||||||
|
return jsonify({"error": str(err)}), 409
|
|
@ -3,6 +3,7 @@ from datetime import datetime
|
||||||
import geruecht.controller.userController as uc
|
import geruecht.controller.userController as uc
|
||||||
from geruecht.decorator import login_required
|
from geruecht.decorator import login_required
|
||||||
from geruecht.model import MONEY, GASTRO
|
from geruecht.model import MONEY, GASTRO
|
||||||
|
import time
|
||||||
|
|
||||||
vorstand = Blueprint("vorstand", __name__)
|
vorstand = Blueprint("vorstand", __name__)
|
||||||
userController = uc.UserController()
|
userController = uc.UserController()
|
||||||
|
|
Loading…
Reference in New Issue