Forked from
DM / dm-docs
261 commits behind, 824 commits ahead of the upstream repository.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
dmSessionController.py 4.01 KiB
#!/usr/bin/env python
#
# Base DM session controller class.
#
import cherrypy
from dm.common.constants import dmRole
from dm.common.utility.configurationManager import ConfigurationManager
from dm.common.service.dmController import DmController
from dm.common.service.loginController import LoginController
class DmSessionController(DmController):
""" Base session controller class. """
_cp_config = {
'tools.sessions.on': True,
'tools.auth.on': True
}
#auth = LoginController()
# Add before_handler for authorization
cherrypy.tools.auth = cherrypy.Tool('before_handler', LoginController.authCheck)
def __init__(self):
DmController.__init__(self)
@classmethod
def require(cls, *conditions):
"""
Decorator that appends conditions to the auth.require config
variable.
"""
def decorate(f):
if not hasattr(f, '_cp_config'):
f._cp_config = dict()
if 'auth.require' not in f._cp_config:
f._cp_config['auth.require'] = []
f._cp_config['auth.require'].extend(conditions)
return f
return decorate
@classmethod
def anyOf(cls, *conditions):
""" Returns True if any of the conditions match. """
def check():
for c in conditions:
if c():
return True
return False
return check
@classmethod
def allOf(cls, *conditions):
""" Returns True if all of the conditions match. """
def check():
for c in conditions:
if not c():
return False
return True
return check
@classmethod
def isLoggedIn(cls):
""" Returns True if session has been established. """
def userIsLoggedIn():
role = cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None)
if role is not None:
return True
return False
return userIsLoggedIn
@classmethod
def isAdministrator(cls):
def userIsAdministrator():
result = (cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None) == dmRole.DM_ADMIN_SESSION_ROLE)
return result
return userIsAdministrator
@classmethod
def hasAdministratorRole(cls):
sessionRole = cherrypy.session.get(LoginController.SESSION_ROLE_KEY, None)
return (sessionRole == dmRole.DM_ADMIN_SESSION_ROLE)
@classmethod
def hasManagerRole(cls, experimentStationIdOrName):
systemRoleDict = cherrypy.session.get(LoginController.SESSION_SYSTEM_ROLE_DICT_KEY, None)
experimentStationIdOrNameList = systemRoleDict.get(dmRole.DM_MANAGER_SYSTEM_ROLE_ID, [])
if not experimentStationIdOrNameList:
# Remote sessions may come with string key
experimentStationIdOrNameList = systemRoleDict.get(str(dmRole.DM_MANAGER_SYSTEM_ROLE_ID), [])
return (experimentStationIdOrNameList.count(experimentStationIdOrName) > 0)
@classmethod
def hasPiRole(cls, experimentIdOrName):
experimentRoleDict = cherrypy.session.get(LoginController.SESSION_EXPERIMENT_ROLE_DICT_KEY, None)
experimentIdOrNameList = experimentRoleDict.get(dmRole.DM_PI_EXPERIMENT_ROLE_ID, [])
return (experimentIdOrNameList.count(experimentIdOrName) > 0)
@classmethod
def hasUserRole(cls, experimentIdOrName):
experimentRoleDict = cherrypy.session.get(LoginController.SESSION_EXPERIMENT_ROLE_DICT_KEY, None)
experimentIdOrNameList = experimentRoleDict.get(dmRole.DM_USER_EXPERIMENT_ROLE_ID, [])
return (experimentIdOrNameList.count(experimentIdOrName) > 0)
@classmethod
def canManageStation(cls):
def userCanManageStation():
if cls.hasAdministratorRole():
return True
stationName = ConfigurationManager.getInstance().getStationName()
return cls.hasManagerRole(stationName)
return userCanManageStation