flaschengeist/geruecht/controller/accesTokenController.py

from geruecht.model.accessToken import AccessToken
import geruecht.controller as gc
import geruecht.controller.mainController as mc
import geruecht.controller.databaseController as dc
from geruecht.model import BAR
from datetime import datetime, timedelta
import hashlib
from . import Singleton
from geruecht.logger import getDebugLogger

debug = getDebugLogger()

mainController = mc.MainController()
db = dc.DatabaseController()

class AccesTokenController(metaclass=Singleton):
    """ Control all createt AccesToken

        This Class create, delete, find and manage AccesToken.

        Attributes:
            tokenList: List of currents AccessToken
            lifetime: Variable for the Lifetime of one AccessToken in seconds.
    """
    instance = None
    tokenList = None

    def __init__(self, lifetime=1800):
        """ Initialize AccessTokenController

            Initialize Thread and set tokenList empty.
        """
        debug.info("init accesstoken controller")
        self.lifetime = gc.accConfig

    def checkBar(self, user):
        debug.info("check if user {{ {} }} is baruser".format(user))
        if (mainController.checkBarUser(user)):
            if BAR not in user.group:
                debug.debug("append bar to user {{ {} }}".format(user))
                user.group.append(BAR)
            return True
        else:
            while BAR in user.group:
                debug.debug("delete bar from user {{ {} }}".format(user))
                user.group.remove(BAR)
                return False
        debug.debug("user {{ {} }} groups are {{ {} }}".format(user, user.group))

    def validateAccessToken(self, token, group):
        """ Verify Accestoken

            Verify an Accestoken and Group so if the User has permission or not.
            Retrieves the accestoken if valid else retrieves False

            Args:
                token: Token to verify.
                group: Group like 'moneymaster', 'gastro', 'user' or 'bar'
            Returns:
                An the AccesToken for this given Token or False.
        """
        debug.info("check token {{ {} }} is valid")
        for accToken in db.getAccessTokens():
            debug.debug("accesstoken is {}".format(accToken))
            endTime = accToken.timestamp + timedelta(seconds=accToken.lifetime)
            now = datetime.now()
            debug.debug("now is {{ {} }}, endtime is {{ {} }}".format(now, endTime))
            if now <= endTime:
                debug.debug("check if token {{ {} }} is same as {{ {} }}".format(token, accToken))
                if accToken == token:
                    if not self.checkBar(accToken.user):
                        accToken.lock_bar = False
                    debug.debug("check if accestoken {{ {} }} has group {{ {} }}".format(accToken, group))
                    if self.isSameGroup(accToken, group):
                        accToken.updateTimestamp()
                        db.updateAccessToken(accToken)
                        debug.debug("found accesstoken {{ {} }} with token: {{ {} }} and group: {{ {} }}".format(accToken, token, group))
                        return accToken
            else:
                debug.debug("accesstoken is {{ {} }} out of date".format(accToken))
                db.deleteAccessToken(accToken)
        debug.debug("no valid accesstoken with token: {{ {} }} and group: {{ {} }}".format(token, group))
        return False

    def createAccesToken(self, user, user_agent=None):
        """ Create an AccessToken

            Create an AccessToken for an User and add it to the tokenList.

            Args:
                user: For wich User is to create an AccessToken

            Returns:
                A created Token for User
        """
        debug.info("creat accesstoken")
        now = datetime.ctime(datetime.now())
        token = hashlib.md5((now + user.dn).encode('utf-8')).hexdigest()
        self.checkBar(user)
        accToken = db.createAccessToken(user, token, self.lifetime, datetime.now(), lock_bar=False, user_agent=user_agent)
        debug.debug("accesstoken is {{ {} }}".format(accToken))
        return token

    def isSameGroup(self, accToken, groups):
        """ Verify group in AccessToken

            Verify if the User in the AccesToken has the right group.

            Args:
                accToken: AccessToken to verify.
                groups: Group to verify.

            Returns:
                A Bool. If the same then True else False
        """
        debug.info("check accesstoken {{ {} }} has group {{ {} }}".format(accToken, groups))
        for group in groups:
            if group in accToken.user.group: return True
        return False

    def getAccessTokensFromUser(self, user):
        return db.getAccessTokensFromUser(user)

    def deleteAccessToken(self, accToken):
        db.deleteAccessToken(accToken)

    def updateAccessToken(self, accToken):
        accToken.updateTimestamp()
        return db.updateAccessToken(accToken)