From: Yasin Date: Fri, 25 Jul 2014 14:11:38 +0000 (+0200) Subject: Clear creds: made a generic function X-Git-Tag: myslice-1.0~43^2 X-Git-Url: http://git.onelab.eu/?p=myslice.git;a=commitdiff_plain;h=11ad57d19872deb23cfebc149952f094813bea9d Clear creds: made a generic function --- diff --git a/portal/accountview.py b/portal/accountview.py index fb9f6427..bf033e63 100644 --- a/portal/accountview.py +++ b/portal/accountview.py @@ -5,7 +5,7 @@ from sfa.trust.certificate import Keypair # from manifold.core.query import Query from manifoldapi.manifoldapi import execute_query -from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, sfa_get_user +from portal.actions import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user, sfa_get_user, clear_user_creds # from unfold.page import Page from ui.topmenu import topmenu_items_live, the_user @@ -252,6 +252,7 @@ def account_process(request): # getting the user_id from the session for user_detail in user_details: user_id = user_detail['user_id'] + user_email = user_detail['email'] for account_detail in account_details: for platform_detail in platform_details: @@ -509,28 +510,16 @@ def account_process(request): #clear all creds elif 'clear_cred' in request.POST: - for account_detail in account_details: - for platform_detail in platform_details: - if platform_detail['platform_id'] == account_detail['platform_id']: - if 'myslice' in platform_detail['platform']: - account_config = json.loads(account_detail['config']) - user_cred = account_config.get('delegated_user_credential','N/A') - if 'N/A' not in user_cred: - user_hrn = account_config.get('user_hrn','N/A') - user_pub_key = json.dumps(account_config.get('user_public_key','N/A')) - user_priv_key = json.dumps(account_config.get('user_private_key','N/A')) - updated_config = '{"user_public_key":'+ user_pub_key + ', "user_private_key":'+ user_priv_key + ', "user_hrn":"'+ user_hrn + '"}' - user_params = { 'config': updated_config} - manifold_update_account(request,user_id, user_params) - messages.success(request, 'All Credentials cleared') - return HttpResponseRedirect("/portal/account/") - else: - messages.error(request, 'Delete error: Credentials are not stored in the server') - return HttpResponseRedirect("/portal/account/") - else: + try: + result = clear_user_creds(request, user_email) + if result is not None: + messages.success(request, 'All Credentials cleared') + else: + messages.error(request, 'Delete error: Credentials are not stored in the server') + except Exception,e: + print "Exception in accountview.py in clear_user_creds %s" % e messages.error(request, 'Account error: You need an account in myslice platform to perform this action') - return HttpResponseRedirect("/portal/account/") - + return HttpResponseRedirect("/portal/account/") # Download delegated_user_cred elif 'dl_user_cred' in request.POST: diff --git a/portal/actions.py b/portal/actions.py index d62f9941..75e5d06f 100644 --- a/portal/actions.py +++ b/portal/actions.py @@ -49,6 +49,44 @@ def authority_get_pi_emails(request, authority_hrn): results = execute_admin_query(request, query) return [result['user_email'] for result in results] +#clear user credentials +def clear_user_creds(request, user_email): + try: + user_query = Query().get('local:user').filter_by('email', '==', user_email).select('user_id','email','password','config') + user_details = execute_admin_query(request, user_query) + + # getting the user_id from the session + for user_detail in user_details: + user_id = user_detail['user_id'] + user_email = user_detail['email'] + + account_query = Query().get('local:account').filter_by('user_id', '==', user_id).select('user_id','platform_id','auth_type','config') + account_details = execute_admin_query(request, account_query) + + platform_query = Query().get('local:platform').select('platform_id','platform') + platform_details = execute_admin_query(request, platform_query) + + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + user_cred = account_config.get('delegated_user_credential','N/A') + if 'N/A' not in user_cred: + user_hrn = account_config.get('user_hrn','N/A') + user_pub_key = json.dumps(account_config.get('user_public_key','N/A')) + user_priv_key = json.dumps(account_config.get('user_private_key','N/A')) + updated_config = '{"user_public_key":'+ user_pub_key + ', "user_private_key":'+ user_priv_key + ', "user_hrn":"'+ user_hrn + '"}' + user_params = { 'config': updated_config} + manifold_update_account(request, user_id,user_params) + return user_email + else: + return None + + except Exception,e: + print "Exception in actions.py in clear_user_creds %s" % e + return None + def is_pi(wsgi_request, user_hrn, authority_hrn): # XXX could be done in a single query ! diff --git a/portal/homeview.py b/portal/homeview.py index ae45ee12..39e3c181 100644 --- a/portal/homeview.py +++ b/portal/homeview.py @@ -98,6 +98,7 @@ class HomeView (FreeAccessView, ThemeView): def get (self, request, state=None): env = self.default_env() if request.user.is_authenticated(): + acc_auth_cred='N/A' ## check user is pi or not platform_query = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled') account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') diff --git a/portal/manageuserview.py b/portal/manageuserview.py index 3cbb91df..52a69daf 100644 --- a/portal/manageuserview.py +++ b/portal/manageuserview.py @@ -399,7 +399,7 @@ def user_process(request, **kwargs): return HttpResponseRedirect(redirect_url) else: messages.error(request, 'Account error: You need an account in myslice platform to perform this action') - return HttpResponseRedirect("/portal/account/") + return HttpResponseRedirect(redirect_url) elif 'dl_pubkey' in request.POST: for account_detail in account_details: @@ -433,7 +433,7 @@ def user_process(request, **kwargs): else: messages.error(request, 'Account error: You need an account in myslice platform to perform this action') - return HttpResponseRedirect("/portal/account/") + return HttpResponseRedirect(redirect_url) # elif 'delete' in request.POST: # for account_detail in account_details: @@ -476,7 +476,7 @@ def user_process(request, **kwargs): user_params = { 'config': updated_config} manifold_update_account(request, user_id,user_params) messages.success(request, 'All Credentials cleared') - return HttpResponseRedirect("/portal/account/") + return HttpResponseRedirect(redirect_url) else: messages.error(request, 'Delete error: Credentials are not stored in the server') return HttpResponseRedirect(redirect_url) diff --git a/portal/slicerequestview.py b/portal/slicerequestview.py index 95d2794b..90cb587b 100644 --- a/portal/slicerequestview.py +++ b/portal/slicerequestview.py @@ -7,7 +7,7 @@ from unfold.page import Page from manifold.core.query import Query from manifoldapi.manifoldapi import execute_admin_query, execute_query -from portal.actions import is_pi, create_slice, create_pending_slice +from portal.actions import is_pi, create_slice, create_pending_slice, clear_user_creds #from portal.forms import SliceRequestForm from unfold.loginrequired import LoginRequiredAutoLogoutView from ui.topmenu import topmenu_items_live, the_user @@ -154,6 +154,7 @@ class SliceRequestView (LoginRequiredAutoLogoutView, ThemeView): if is_pi(wsgi_request, user_hrn, authority_hrn): # PIs can directly create slices in their own authority... create_slice(wsgi_request, slice_request) + clear_user_creds(wsgi_request, user_email) self.template_name = 'slice-request-done-view.html' else: # Otherwise a wsgi_request is sent to the PI