Skip to content
Snippets Groups Projects
Forked from DM / dm-docs
261 commits behind, 824 commits ahead of the upstream repository.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
dmSessionController.py 4.01 KiB
#!/usr/bin/env python

#
# Base DM session controller class.
#

import cherrypy
from dm.common.constants import dmRole
from dm.common.utility.configurationManager import ConfigurationManager
from dm.common.service.dmController import DmController
from dm.common.service.loginController import LoginController

class DmSessionController(DmController):
    """ Base session controller class. """

    _cp_config = {
        'tools.sessions.on': True,
        'tools.auth.on': True
    }

    #auth = LoginController()
    # Add before_handler for authorization
    cherrypy.tools.auth = cherrypy.Tool('before_handler', LoginController.authCheck)

    def __init__(self):
        DmController.__init__(self)

    @classmethod
    def require(cls, *conditions):
        """
        Decorator that appends conditions to the auth.require config
        variable.
        """
        def decorate(f):
            if not hasattr(f, '_cp_config'):
                f._cp_config = dict()
            if 'auth.require' not in f._cp_config:
                f._cp_config['auth.require'] = []
                f._cp_config['auth.require'].extend(conditions)
            return f
        return decorate

    @classmethod
    def anyOf(cls, *conditions):
        """ Returns True if any of the conditions match. """
        def check():
            for c in conditions:
                if c():
                    return True
            return False
        return check

    @classmethod
    def allOf(cls, *conditions):
        """ Returns True if all of the conditions match. """
        def check():
            for c in conditions:
                if not c():
                    return False
            return True
        return check

    @classmethod
    def isLoggedIn(cls):
        """ Returns True if session has been established. """
        def userIsLoggedIn():
            role = cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None)
            if role is not None:
                return True
            return False
        return userIsLoggedIn

    @classmethod
    def isAdministrator(cls):
        def userIsAdministrator():
            result = (cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None) == dmRole.DM_ADMIN_SESSION_ROLE)
            return result
        return userIsAdministrator

    @classmethod
    def hasAdministratorRole(cls):
        sessionRole = cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None)
        return (sessionRole == dmRole.DM_ADMIN_SESSION_ROLE)
        
    @classmethod
    def hasManagerRole(cls, experimentStationIdOrName):
        systemRoleDict = cherrypy.session.get(LoginController.SESSION_SYSTEM_ROLE_DICT_KEY, None)
        experimentStationIdOrNameList = systemRoleDict.get(dmRole.DM_MANAGER_SYSTEM_ROLE_ID, [])
        if not experimentStationIdOrNameList:
            # Remote sessions may come with string key
            experimentStationIdOrNameList = systemRoleDict.get(str(dmRole.DM_MANAGER_SYSTEM_ROLE_ID), [])
        return (experimentStationIdOrNameList.count(experimentStationIdOrName) > 0)
        
    @classmethod
    def hasPiRole(cls, experimentIdOrName):
        experimentRoleDict = cherrypy.session.get(LoginController.SESSION_EXPERIMENT_ROLE_DICT_KEY, None)
        experimentIdOrNameList = experimentRoleDict.get(dmRole.DM_PI_EXPERIMENT_ROLE_ID, [])
        return (experimentIdOrNameList.count(experimentIdOrName) > 0)
        
    @classmethod
    def hasUserRole(cls, experimentIdOrName):
        experimentRoleDict = cherrypy.session.get(LoginController.SESSION_EXPERIMENT_ROLE_DICT_KEY, None)
        experimentIdOrNameList = experimentRoleDict.get(dmRole.DM_USER_EXPERIMENT_ROLE_ID, [])
        return (experimentIdOrNameList.count(experimentIdOrName) > 0)
        
    @classmethod
    def canManageStation(cls):
        def userCanManageStation():
            if cls.hasAdministratorRole():
                return True
            stationName = ConfigurationManager.getInstance().getStationName()
            return cls.hasManagerRole(stationName)
        return userCanManageStation