[Mpuls-commits] r1022 - in wasko/branches/2.0: . waskaweb/lib
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Fri Jan 29 16:08:44 CET 2010
Author: bh
Date: 2010-01-29 16:08:42 +0100 (Fri, 29 Jan 2010)
New Revision: 1022
Modified:
wasko/branches/2.0/ChangeLog
wasko/branches/2.0/waskaweb/lib/security.py
Log:
* waskaweb/lib/security.py: Fix formatting.
Modified: wasko/branches/2.0/ChangeLog
===================================================================
--- wasko/branches/2.0/ChangeLog 2010-01-29 15:08:20 UTC (rev 1021)
+++ wasko/branches/2.0/ChangeLog 2010-01-29 15:08:42 UTC (rev 1022)
@@ -1,5 +1,9 @@
2010-01-29 Bernhard Herzog <bh at intevation.de>
+ * waskaweb/lib/security.py: Fix formatting.
+
+2010-01-29 Bernhard Herzog <bh at intevation.de>
+
* waskaweb/model/appointment.py
(AppointmentFactory.createByDBRow): Use ensure_unicode to convert
to unicode instead of hardcoding the conversion inline.
Modified: wasko/branches/2.0/waskaweb/lib/security.py
===================================================================
--- wasko/branches/2.0/waskaweb/lib/security.py 2010-01-29 15:08:20 UTC (rev 1021)
+++ wasko/branches/2.0/waskaweb/lib/security.py 2010-01-29 15:08:42 UTC (rev 1022)
@@ -1,27 +1,27 @@
# -*- coding: utf-8 -*-
#
# Copyright 2007, 2008 Intevation GmbH, Germany, <info at intevation.de>
-#
-# This file is part of mpuls WASKA (CoMPUter-based case fiLeS -
+#
+# This file is part of mpuls WASKA (CoMPUter-based case fiLeS -
# Web-Anwendungs-Server fuer Kompetenzagenturen).
-#
+#
# mpuls WASKA is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the
# Free Software Foundation, either version 3 of the License, or (at your
# option) any later version.
-#
+#
# mpuls WASKA is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
-#
+#
# You should have received a copy of the GNU Affero General Public
# License along with mpuls WASKA. If not, see <http://www.gnu.org/licenses/>.
-#
-# mpuls WASKA has been developed on behalf of the
+#
+# mpuls WASKA has been developed on behalf of the
# Projekttraeger im Deutschen Zentrum fuer Luft- und Raumfahrt e.V. (PT-DLR)
# within the programme Kompetenzagenturen (Durchfuehrungsphase) funded by
-# the Bundesministerium fuer Familie, Senioren, Frauen und Jugend and
+# the Bundesministerium fuer Familie, Senioren, Frauen und Jugend and
# European Social Fund resources.
#
# Authors:
@@ -38,30 +38,37 @@
import traceback
import logging
from codecs import getdecoder
-from decorator import decorator
from types import ListType, TupleType
import psycopg2 as dbapi
+from decorator import decorator
+
from paste.httpexceptions import HTTPUnauthorized
+from pylons import request, session, config
-from pylons import request, session, config
from waskaweb.lib.db import DB, db, enter, leave
+
log = logging.getLogger(__name__)
-HOST = '192.168.11.17'
-PORT = 5433
+HOST = '192.168.11.17'
+PORT = 5433
DBNAME = u'ka_%s_db'
-USER = u'ka_%s_%s'
+USER = u'ka_%s_%s'
# maps new FKZs to old
NEW_DBS = {}
-check_re = re.compile(r"^[a-z_0-9]+$")
-ROLE_SQL = """select groname from pg_group where getOID() = ANY (grolist)"""
-ROLE_SQL = """select where getOID() = ANY (grolist)"""
-FETCH_USER_DATA_SQL = """SELECT id, vorname, nachname, passwort_aendern, aktiviert, rolle, gid, last_login, vertreter from ka_benutzer_tbl_view WHERE login = %(login)s"""
+check_re = re.compile(r"^[a-z_0-9]+$")
+ROLE_SQL = """select groname from pg_group where getOID() = ANY (grolist)"""
+ROLE_SQL = """select where getOID() = ANY (grolist)"""
+FETCH_USER_DATA_SQL = """\
+SELECT id, vorname, nachname, passwort_aendern, aktiviert,
+ rolle, gid, last_login, vertreter
+FROM ka_benutzer_tbl_view
+WHERE login = %(login)s
+"""
UPDATE_LASTLOGIN_SQL = """SELECT set_last_logintime(%(user_id)s)"""
UNAUTHORIZED_DETAIL = \
"""Sie sind nicht authorisiert, das angeforderte Dokument anzuschauen.
@@ -71,6 +78,7 @@
log = logging.getLogger(__name__)
+
def slashSplit(s):
for p in s.split("/"):
if p.find("=") == -1 and out:
@@ -87,24 +95,16 @@
return True
def checkLogin(user, password):
-
dbname = getDbName()
- if not password \
- or not validPassword(password) \
- or not dbname \
- or not check_re.match(user) \
- or not check_re.match(dbname):
+ if (not password or not validPassword(password)
+ or not dbname or not check_re.match(dbname)
+ or not check_re.match(user)):
return None
-
+
log.info('Login: user "%s" in "%s"' % (user, dbname))
try:
- mydb = DB(
- dbname = DBNAME % dbname,
- host = HOST,
- port = PORT,
- user = USER % (dbname, user),
- password = password)
-
+ mydb = DB(dbname=DBNAME % dbname, host=HOST, port=PORT,
+ user=USER % (dbname, user), password=password)
try:
enter(mydb)
conn, cursor = None, None
@@ -117,22 +117,22 @@
try:
result = cursor.fetchone()
data = {}
- data['id'] = result[0]
- data['firstname'] = unicode(str(result[1]), 'utf-8')
- data['lastname'] = unicode(str(result[2]), 'utf-8')
- data['newpass'] = result[3]
- data['activated'] = result[4]
- data['role'] = unicode(str(result[5]), 'utf-8')
- data['gid'] = result[6]
+ data['id'] = result[0]
+ data['firstname'] = unicode(str(result[1]), 'utf-8')
+ data['lastname'] = unicode(str(result[2]), 'utf-8')
+ data['newpass'] = result[3]
+ data['activated'] = result[4]
+ data['role'] = unicode(str(result[5]), 'utf-8')
+ data['gid'] = result[6]
data['last_login'] = result[7]
- data['standin'] = result[8]
+ data['standin'] = result[8]
except:
- data = None
+ data = None
finally:
db.recycleConnection(conn, cursor)
try:
- from waskaweb.model.user import SessionUser, SessionSuperAdmin
+ from waskaweb.model.user import SessionUser, SessionSuperAdmin
if data:
userobject = SessionUser(login, password)
userobject.setData(data)
@@ -144,7 +144,7 @@
# UPDATE last login time
conn, cursor = None, None
try:
- conn = db.getConnection()
+ conn = db.getConnection()
cursor = conn.cursor()
if data:
try:
@@ -153,7 +153,7 @@
conn.commit()
except StandardError, err:
traceback.print_exc(file=sys.stderr)
- print "Error on setting last logintime: %s" % cursor.query
+ print "Error on setting last logintime: %s" % cursor.query
finally:
db.recycleConnection(conn, cursor)
@@ -172,22 +172,25 @@
# XXX: Is there a way in DB Api 2.0 to determine
# this database independent?
traceback.print_exc(file=sys.stderr)
- except:
+ except:
traceback.print_exc(file=sys.stderr)
log.info('Login failed :(')
return None
def generateID(obj=None):
array = [time.time(), os.times(), random.random()]
- if not obj is None: array.append(id(obj))
+ if not obj is None:
+ array.append(id(obj))
return md5.new(str(array)).hexdigest()
def subnet(addr):
- '''poor man's subnet splitting'''
+ """poor man's subnet splitting"""
x = addr.rsplit('.', 1) # IPv4
- if len(x) == 2: return x[0]
+ if len(x) == 2:
+ return x[0]
x = addr.rsplit(':', 1) # IPv6
- if len(x) == 2: return x[0]
+ if len(x) == 2:
+ return x[0]
return addr
def userIdentity():
@@ -202,15 +205,16 @@
f = open(fname, "r")
for line in f:
line = line.strip()
- if not line or line.startswith("#"): continue
+ if not line or line.startswith("#"):
+ continue
parts = line.split(';')
if len(parts) > 1:
NEW_DBS[parts[0]] = parts[1]
finally:
if f:
try: f.close()
- except StandardError, e:
- print e
+ except StandardError, e:
+ print e
else:
print >> sys.stderr, "No file mapping file found named: %s" % fname
@@ -225,7 +229,7 @@
return NEW_DBS.get(dbname, dbname)
except:
log.error("Could not fetch database name from client certificate")
- return dbname
+ return dbname
def getKAName():
kaname = ""
@@ -240,19 +244,21 @@
kaname = config.get('mpuls.app.name')
except:
log.error("Could not fetch KA-name from client certificate")
- return kaname
+ return kaname
def checkRole(role):
- if type(role) in (ListType, TupleType): _role = role
- else: _role = ( role, )
+ if type(role) in (ListType, TupleType):
+ _role = role
+ else:
+ _role = (role,)
def validate(func, self, *args, **kwargs):
if not hasRole(_role):
- raise HTTPUnauthorized(detail = UNAUTHORIZED_DETAIL)
+ raise HTTPUnauthorized(detail=UNAUTHORIZED_DETAIL)
try:
return func(self, *args, **kwargs)
except dbapi.OperationalError, err:
- raise HTTPUnauthorized(detail = UNAUTHORIZED_DETAIL)
+ raise HTTPUnauthorized(detail=UNAUTHORIZED_DETAIL)
return decorator(validate)
More information about the Mpuls-commits
mailing list