Download as
Browse Code »

Commit a9f86002f3ca204a7c4ca155a55de6f56fc52e64

Authored by Adley
1 parent e636a517
Exists in master

Inclusão do sistema de Autenticação e Controle de Usuário

Showing 10 changed files with 226 additions and 111 deletions   Show diff stats
development.ini
  Diff comments   View file @a9f8600
... ... @@ -6,8 +6,9 @@ pyramid.debug_authorization = false
6 6 pyramid.debug_notfound = false
7 7 pyramid.debug_routematch = false
8 8 pyramid.default_locale_name = en
9   -pyramid.includes =
10   - pyramid_tm
  9 +#pyramid.includes = pyramid_tm
  10 +
  11 +rest_url = http://api.brlight.net/api
11 12  
12 13 [server:main]
13 14 use = egg:waitress#main
... ... @@ -46,5 +47,3 @@ formatter = generic
46 47 [formatter_generic]
47 48 format = %(asctime)s %(levelname)-5.5s [%(name)s][%(threadName)s] %(message)s
48 49  
49   -[lbgenerator]
50   -rest_url = http://api.brlight.net/api
... ...
wscacicneo/__init__.py
  Diff comments   View file @a9f8600
1 1 #!/usr/env python
2 2 # -*- coding: utf-8 -*-
3   -import os
4   -import configparser
5   -from pyramid.config import Configurator
6 3  
  4 +from wscacicneo import config
  5 +from pyramid.authentication import AuthTktAuthenticationPolicy
  6 +from pyramid.authorization import ACLAuthorizationPolicy
  7 +from pyramid.config import Configurator
7 8  
8   -config = configparser.ConfigParser()
9   -here = os.path.abspath(os.path.dirname(__file__))
10   -config_file = os.path.join(here, '../development.ini')
11   -config.read(config_file)
12   -
13   -
14   -class WSCacicNeo(object):
15   - """
16   - Classe genérica com os parâmetros de configuração
17   - """
18   - def __init__(self):
19   - """
20   - Método construtor
21   - """
22   - self.rest_url = config.get('lbgenerator', 'rest_url')
23 9  
24 10  
25 11 def main(global_config, **settings):
26 12 """ This function returns a Pyramid WSGI application.
27 13 """
28   - config = Configurator(settings=settings)
29   - config.include('pyramid_chameleon')
30   - config.add_static_view('static', 'static', cache_max_age=3600)
31   - config.add_route('master', 'master')
32   - config.add_route('blankmaster', 'blankmaster')
33   - config.add_route('root', '/')
  14 +
  15 + config.setup(settings)
  16 + from wscacicneo.security import groupfinder
  17 + authn_policy = AuthTktAuthenticationPolicy(
  18 + 'sosecret', callback=groupfinder, hashalg='sha512')
  19 + authz_policy = ACLAuthorizationPolicy()
  20 + cfg = Configurator(settings=settings, root_factory='wscacicneo.models.RootFactory')
  21 + cfg.set_authentication_policy(authn_policy)
  22 + cfg.set_authorization_policy(authz_policy)
  23 +
  24 + cfg.include('pyramid_chameleon')
  25 + cfg.add_static_view('static', 'static', cache_max_age=3600)
  26 + cfg.add_route('master', 'master')
  27 + cfg.add_route('blankmaster', 'blankmaster')
  28 + cfg.add_route('root', '/')
34 29  
35   - config.add_route('home', 'home')
36   - config.add_route('graficop', 'graficop')
37   - config.add_route('notifications', 'notifications')
38   - config.add_route('admin', 'admin')
39   - config.add_route('proc', 'proc')
40   - config.add_route('sistema', 'sistema')
41   - #Órgão
42   - config.add_route('orgao', 'orgao/cadastro')
43   - config.add_route('post_orgao', 'post_orgao')
44   - config.add_route('put_orgao', 'put_orgao')
45   - config.add_route('editorgao', 'orgao/editar/{sigla}')
46   - config.add_route('listorgao', 'orgao/lista')
47   - config.add_route('delete_orgao', 'orgao/delete/{sigla}')
48   - config.add_route('base_de_dados', 'orgao/base/{sigla}')
  30 + cfg.add_route('home', 'home')
  31 + cfg.add_route('graficop', 'graficop')
  32 + cfg.add_route('notifications', 'notifications')
  33 + cfg.add_route('admin', 'admin')
  34 + cfg.add_route('proc', 'proc')
  35 + cfg.add_route('sistema', 'sistema')
  36 + cfg
  37 + cfg.add_route('orgao', 'orgao/cadastro')
  38 + cfg.add_route('post_orgao', 'post_orgao')
  39 + cfg.add_route('put_orgao', 'put_orgao')
  40 + cfg.add_route('editorgao', 'orgao/editar/{sigla}')
  41 + cfg.add_route('listorgao', 'orgao/lista')
  42 + cfg.add_route('delete_orgao', 'orgao/delete/{sigla}')
  43 + cfg.add_route('base_de_dados', 'orgao/base/{sigla}')
49 44 #
50   - #Usuários
51   - config.add_route('user', 'usuario/cadastro')
52   - config.add_route('post_user', 'post_user')
53   - config.add_route('put_user', 'put_user')
54   - config.add_route('edituser', 'usuario/editar/{matricula}')
55   - config.add_route('favoritos', 'usuario/favoritos/{matricula}')
56   - config.add_route('edit_favoritos', 'edit_favoritos')
57   - config.add_route('listuser', 'usuario/lista')
58   - config.add_route('delete_user', 'usuario/delete/{matricula}')
  45 +
  46 + cfg.add_route('user', 'usuario/cadastro')
  47 + cfg.add_route('post_user', 'post_user')
  48 + cfg.add_route('put_user', 'put_user')
  49 + cfg.add_route('edituser', 'usuario/editar/{matricula}')
  50 + cfg.add_route('favoritos', 'usuario/favoritos/{matricula}')
  51 + cfg.add_route('edit_favoritos', 'edit_favoritos')
  52 + cfg.add_route('listuser', 'usuario/lista')
  53 + cfg.add_route('delete_user', 'usuario/delete/{matricula}')
59 54 #
60   - config.add_route('list', 'list')
61   - config.add_route('gestao', 'gestao')
62   - config.add_route('memoria', 'memoria')
63   - config.add_route('basico', 'basico')
64   - config.add_route('rede', 'rede')
65   - config.add_route('escritorio', 'escritorio')
66   - config.add_route('hd', 'hd')
67   - config.add_route('config', 'config')
68   - config.add_route('bot', 'bot')
69   - config.add_route('login', 'login')
70   - config.add_route('reports', 'reports')
71   - config.add_route('computador', 'computador')
72   - config.add_route('busca', 'busca')
73   - config.add_route('gestor', 'gestor')
74   - config.add_route('diagnostic', 'diagnostic')
75   - config.add_route('cadastro', 'cadastro')
76   - config.add_route('sobre', 'sobre')
77   - config.add_route('perfil', 'perfil')
78   - config.add_route('configapi','configapi')
79   - config.add_route('notify','notify')
80   - config.add_route('processador','processador')
81   - config.add_route('configcoleta','configcoleta')
82   - config.add_route('configfav','configfav')
83   - config.add_route('reportsgestor','reportsgestor')
84   - config.add_route('questionarcoleta','questionarcoleta')
85   - config.add_route('confighome','confighome')
86   - config.add_route('db','db')
87   - config.scan()
88   - return config.make_wsgi_app()
89   -
  55 + cfg.add_route('list', 'list')
  56 + cfg.add_route('gestao', 'gestao')
  57 + cfg.add_route('memoria', 'memoria')
  58 + cfg.add_route('basico', 'basico')
  59 + cfg.add_route('rede', 'rede')
  60 + cfg.add_route('escritorio', 'escritorio')
  61 + cfg.add_route('hd', 'hd')
  62 + cfg.add_route('config', 'config')
  63 + cfg.add_route('bot', 'bot')
  64 + cfg.add_route('login', 'login')
  65 + cfg.add_route('loginautentication', 'loginautentication')
  66 + cfg.add_route('logout', 'logout')
  67 + cfg.add_route('reports', 'reports')
  68 + cfg.add_route('computador', 'computador')
  69 + cfg.add_route('busca', 'busca')
  70 + cfg.add_route('gestor', 'gestor')
  71 + cfg.add_route('diagnostic', 'diagnostic')
  72 + cfg.add_route('cadastro', 'cadastro')
  73 + cfg.add_route('sobre', 'sobre')
  74 + cfg.add_route('perfil', 'perfil')
  75 + cfg.add_route('configapi','configapi')
  76 + cfg.add_route('notify','notify')
  77 + cfg.add_route('processador','processador')
  78 + cfg.add_route('configcoleta','configcoleta')
  79 + cfg.add_route('configfav','configfav')
  80 + cfg.add_route('reportsgestor','reportsgestor')
  81 + cfg.add_route('questionarcoleta','questionarcoleta')
  82 + cfg.add_route('confighome','confighome')
  83 + cfg.add_route('db','db')
  84 + cfg.scan()
  85 + return cfg.make_wsgi_app()
... ...
wscacicneo/config/__init__.py 0 → 100644
  Diff comments   View file @a9f8600
... ... @@ -0,0 +1,13 @@
  1 +import os
  2 +import configparser
  3 +
  4 +def setup(settings):
  5 +
  6 + # config = configparser.ConfigParser()
  7 + # here = os.path.abspath(os.path.dirname(__file__))
  8 + # config_file = os.path.join(here, '../../development.ini')
  9 + # config.read(config_file)
  10 +
  11 + global REST_URL
  12 + REST_URL = settings['rest_url']
  13 +
... ...
wscacicneo/model/orgao.py
  Diff comments   View file @a9f8600
... ... @@ -3,7 +3,7 @@
3 3 __author__ = 'macieski'
4 4  
5 5 from requests.exceptions import HTTPError
6   -from wscacicneo import WSCacicNeo
  6 +from wscacicneo import config
7 7 import logging
8 8 from liblightbase.lbbase.struct import Base, BaseMetadata
9 9 from liblightbase.lbbase.lbstruct.group import *
... ... @@ -16,7 +16,7 @@ from liblightbase.lbsearch.search import Search, OrderBy
16 16  
17 17 log = logging.getLogger()
18 18  
19   -class OrgaoBase(WSCacicNeo):
  19 +class OrgaoBase():
20 20 """
21 21 Classe para a base de órgãos
22 22 """
... ... @@ -24,7 +24,7 @@ class OrgaoBase(WSCacicNeo):
24 24 """
25 25 Método construtor
26 26 """
27   - WSCacicNeo.__init__(self)
  27 + self.rest_url= config.REST_URL
28 28 self.baserest = BaseREST(rest_url=self.rest_url, response_object=True)
29 29 self.documentrest = DocumentREST(rest_url=self.rest_url,
30 30 base=self.lbbase, response_object=False)
... ...
wscacicneo/model/user.py
  Diff comments   View file @a9f8600
... ... @@ -3,7 +3,7 @@
3 3 __author__ = 'adley'
4 4  
5 5 from requests.exceptions import HTTPError
6   -from wscacicneo import WSCacicNeo
  6 +from wscacicneo import config
7 7 import logging
8 8 from liblightbase.lbbase.struct import Base, BaseMetadata
9 9 from liblightbase.lbbase.lbstruct.group import *
... ... @@ -16,7 +16,7 @@ from liblightbase.lbsearch.search import Search, OrderBy
16 16  
17 17 log = logging.getLogger()
18 18  
19   -class UserBase(WSCacicNeo):
  19 +class UserBase():
20 20 """
21 21 Classe para a base de usuários
22 22 """
... ... @@ -24,7 +24,7 @@ class UserBase(WSCacicNeo):
24 24 """
25 25 Método construtor
26 26 """
27   - WSCacicNeo.__init__(self)
  27 + self.rest_url = config.REST_URL
28 28 self.baserest = BaseREST(rest_url=self.rest_url, response_object=True)
29 29 self.documentrest = DocumentREST(rest_url=self.rest_url,
30 30 base=self.lbbase, response_object=False)
... ... @@ -179,7 +179,6 @@ class UserBase(WSCacicNeo):
179 179 Cria base no LB
180 180 """
181 181 response = self.baserest.create(self.lbbase)
182   - #print(response.status_code)
183 182 if response.status_code == 200:
184 183 return self.lbbase
185 184 else:
... ... @@ -293,3 +292,15 @@ class User(user_base.metaclass):
293 292 results = self.documentrest.delete_path(id, path)
294 293  
295 294 return results
  295 +
  296 + def search_user_by_email(self, email):
  297 + """
  298 + Busca registro completo do usuário pelo email
  299 + :return: obj collection com os dados da base
  300 + """
  301 + search = Search(
  302 + literal="document->>'email' = '"+email+"'"
  303 + )
  304 + results = self.documentrest.get_collection(search_obj=search)
  305 +
  306 + return results
296 307 \ No newline at end of file
... ...
wscacicneo/models.py
  Diff comments   View file @a9f8600
... ... @@ -12,6 +12,11 @@ from sqlalchemy.orm import (
12 12  
13 13 from zope.sqlalchemy import ZopeTransactionExtension
14 14  
  15 +from pyramid.security import (
  16 + Allow,
  17 + Everyone,
  18 + )
  19 +
15 20 DBSession = scoped_session(sessionmaker(extension=ZopeTransactionExtension()))
16 21 Base = declarative_base()
17 22  
... ... @@ -58,3 +63,9 @@ so = Table('so', Base.metadata,
58 63 )
59 64  
60 65 mapper(SistemaOperacional, so)
  66 +
  67 +class RootFactory(object):
  68 + __acl__ = [ (Allow, Everyone, 'view'),
  69 + (Allow, 'Administrador', 'edit') ]
  70 + def __init__(self, request):
  71 + pass
61 72 \ No newline at end of file
... ...
wscacicneo/security.py 0 → 100644
  Diff comments   View file @a9f8600
... ... @@ -0,0 +1,23 @@
  1 +# # 1. carregar usuário da sessão
  2 +# # 2. carregar objeto usuário
  3 +# # 3. pegar grupo do usuário
  4 +
  5 +from wscacicneo.model.user import User
  6 +
  7 +
  8 +def groupfinder(userid, request):
  9 + user_obj = User(
  10 + nome = 'asdasd',
  11 + matricula = 'asdasd',
  12 + email = 'asdsad',
  13 + orgao = 'asdsad',
  14 + telefone = 'sdasd',
  15 + cargo = 'asdasdasd',
  16 + setor = 'asdasd',
  17 + permissao = 'asdasd',
  18 + senha = 'sadasdasd',
  19 + favoritos = ['asdasdasdasd']
  20 + )
  21 + usuario = user_obj.search_user_by_email(userid)
  22 + permissao = usuario.results[0].permissao
  23 + return [permissao]
0 24 \ No newline at end of file
... ...
wscacicneo/templates/login.pt
  Diff comments   View file @a9f8600
1 1 <metal:main use-macro="load: master.pt">
2   - <!-- Insere JavaScript -->
3   - <script metal:fill-slot="javascript" type="text/javascript" src="static/login.js"></script>
4   -
5   - <div metal:fill-slot="conteudo" id="widgets"></div>
  2 + <metal:content fill-slot="conteudo">
  3 + <div class="padd">
  4 + <br />
  5 + <!-- Form starts. -->
  6 + <form action="${url}" class="form-horizontal" method="post">
  7 + <input type="hidden" name="came_from" value="${came_from}"/>
  8 + <div class="form-group">
  9 + <label class="col-lg-2 control-label">E-mail</label>
  10 + <div class="col-lg-5">
  11 + <input type="text" name="email" id="email" value="${email}" class="form-control" /><br/>
  12 + </div>
  13 + </div>
  14 + <div class="form-group">
  15 + <label class="col-lg-2 control-label">Senha</label>
  16 + <div class="col-lg-5">
  17 + <input type="password" name="senha" id="senha" value="${senha}" class="form-control"/><br/>
  18 + </div>
  19 + </div>
  20 + <div class="col-lg-offset-2 col-lg-6">
  21 + <input type="submit" name="form.submitted" class="btn btn-sm" value="Acesar"/>
  22 + </div>
  23 + </form>
  24 + </metal:content>
6 25 </metal:main>
7   -
  26 +
8 27 \ No newline at end of file
... ...
wscacicneo/templates/master.pt
  Diff comments   View file @a9f8600
... ... @@ -31,13 +31,12 @@
31 31 <ul class="nav navbar-nav pull-right">
32 32 <li class="dropdown pull-right">
33 33 <a data-toggle="dropdown" class="dropdown-toggle" href="#">
34   - <i class="fa fa-user"></i> Admin <b class="caret"></b>
  34 + <i class="fa fa-user"></i> Usuário <b class="caret"></b>
35 35 </a>
36 36 <!-- Dropdown menu -->
37 37 <ul class="dropdown-menu">
38   - <li><a href="#"><i class="fa fa-user"></i> Profile</a></li>
39   - <li><a href="#"><i class="fa fa-cogs"></i> Settings</a></li>
40   - <li><a href="login.html"><i class="fa fa-sign-out"></i> Logout</a></li>
  38 + <li><a href="${request.route_url('root')}login"><i class="fa fa-user"></i> Login </a></li>
  39 + <li><a href="${request.route_url('root')}logout"><i class="fa fa-sign-out"></i> Logout</a></li>
41 40 </ul>
42 41 </li>
43 42 </ul>
... ...
wscacicneo/views.py
  Diff comments   View file @a9f8600
... ... @@ -17,7 +17,12 @@ from wscacicneo.model.user import UserBase
17 17 from liblightbase.lbbase.struct import Base
18 18 from liblightbase.lbutils import conv
19 19 from liblightbase.lbrest.document import DocumentREST
  20 +from pyramid.view import forbidden_view_config
20 21  
  22 +from pyramid.security import (
  23 + remember,
  24 + forget,
  25 + )
21 26  
22 27 engine = create_engine('postgresql://rest:rest@localhost/cacic')
23 28 REST_URL = 'http://api.brlight.net/api'
... ... @@ -73,18 +78,10 @@ def admin(request):
73 78 def diagnostic(request):
74 79 return {'project': 'WSCacicNeo'}
75 80  
76   -@view_config(route_name='user', renderer='templates/user.pt')
77   -def user(request):
78   - return {'project': 'WSCacicNeo'}
79   -
80 81 @view_config(route_name='cadastro', renderer='templates/cadastro.pt')
81 82 def cadastro(request):
82 83 return {'project': 'WSCacicNeo'}
83 84  
84   -@view_config(route_name='login', renderer='templates/login.pt')
85   -def login(request):
86   - return {'project': 'WSCacicNeo'}
87   -
88 85 @view_config(route_name='orgao', renderer='templates/orgao.pt')
89 86 def orgao(request):
90 87 return {'project': 'WSCacicNeo'}
... ... @@ -226,7 +223,6 @@ def post_orgao(request):
226 223 )
227 224  
228 225 id_doc = orgao_obj.create_orgao()
229   - print(id_doc)
230 226  
231 227 return Response(str(id_doc))
232 228  
... ... @@ -289,6 +285,10 @@ def delete_orgao(request):
289 285  
290 286 #URL Users
291 287  
  288 +@view_config(route_name='user', renderer='templates/user.pt', permission='edit')
  289 +def user(request):
  290 + return {'project': 'WSCacicNeo'}
  291 +
292 292 @view_config(route_name='post_user')
293 293 def post_user(request):
294 294 """
... ... @@ -302,7 +302,7 @@ def post_user(request):
302 302 if(email_is_institucional):
303 303 document = doc['favoritos']
304 304 favoritos = [document]
305   - itens = [doc['lista_orgao'], doc['cadastro_orgao'], doc['lista_user'], doc['cadastro_user'], doc['relatorios'], doc['coleta'], doc['notify']]
  305 + itens = [doc['lista_orgao'], doc['cadastro_orgao'], doc['lista_user'], doc['cadastro_user'], doc['coleta'], doc['notify']]
306 306 user_obj = User(
307 307 nome = doc['nome'],
308 308 matricula = doc['matricula'],
... ... @@ -316,15 +316,13 @@ def post_user(request):
316 316 favoritos = favoritos,
317 317 itens = itens
318 318 )
319   - print(user_obj)
320 319 id_doc = user_obj.create_user()
321   - print(id_doc)
322 320  
323 321 return Response(str(id_doc))
324 322 else:
325 323 return {"yololo":"yololo"}
326 324  
327   -@view_config(route_name='edituser', renderer='templates/editaruser.pt')
  325 +@view_config(route_name='edituser', renderer='templates/editaruser.pt', permission="edit")
328 326 def edituser(request):
329 327 matricula = request.matchdict['matricula']
330 328 user_obj = User(
... ... @@ -387,7 +385,7 @@ def put_user(request):
387 385  
388 386 return Response(edit)
389 387  
390   -@view_config(route_name='listuser', renderer='templates/list_user.pt')
  388 +@view_config(route_name='listuser', renderer='templates/list_user.pt', permission="view")
391 389 def listuser(request):
392 390 user_obj = User(
393 391 nome = 'asdasd',
... ... @@ -466,3 +464,49 @@ def edit_favoritos(request):
466 464  
467 465 return Response(edit)
468 466  
  467 +@view_config(route_name='login', renderer='templates/login.pt')
  468 +@forbidden_view_config(renderer='templates/login.pt')
  469 +def login(request):
  470 + user_obj = User(
  471 + nome = 'asdasd',
  472 + matricula = 'asdasd',
  473 + email = 'asdsad',
  474 + orgao = 'asdsad',
  475 + telefone = 'sdasd',
  476 + cargo = 'asdasdasd',
  477 + setor = 'asdasd',
  478 + permissao = 'asdasd',
  479 + senha = 'sadasdasd',
  480 + favoritos = ['asdasdasdasd']
  481 + )
  482 + login_url = request.route_url('login')
  483 + referrer = request.url
  484 + if referrer == login_url:
  485 + referrer = request.route_url('root') + 'home' # never use the login form itself as came_from
  486 + came_from = request.params.get('came_from', referrer)
  487 + message = ''
  488 + email = ''
  489 + senha = ''
  490 + if 'form.submitted' in request.params:
  491 + email = request.params['email']
  492 + senha = request.params['senha']
  493 + usuario = user_obj.search_user_by_email(email)
  494 + if usuario.results[0].senha == senha:
  495 + headers = remember(request, email)
  496 + return HTTPFound(location = came_from,
  497 + headers = headers)
  498 + message = 'Failed login'
  499 +
  500 + return dict(
  501 + message = message,
  502 + url = request.application_url + '/login',
  503 + came_from = came_from,
  504 + email = email,
  505 + senha = senha,
  506 + )
  507 +
  508 +@view_config(route_name='logout')
  509 +def logout(request):
  510 + headers = forget(request)
  511 + return HTTPFound(location = request.route_url('login'),
  512 + headers = headers)
469 513 \ No newline at end of file
... ...