CIRCL
/
AIL-framework
mirror of https://github.com/CIRCL/AIL-framework
2
1
Fork 0
Code Issues Releases Wiki Activity

chg: [create edit user] add org selector search

pull/607/merge
terrtia 2024-09-23 15:01:15 +02:00
parent d825fd62c8
commit ded1ee85e8
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
4 changed files with 41 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bin/lib/ail_orgs.py
View File

@ -76,7 +76,7 @@ def get_orgs_selector():
for org_uuid in get_orgs(): for org_uuid in get_orgs():
org = Organisation(org_uuid) org = Organisation(org_uuid)
name = org.get_name() name = org.get_name()
orgs.append({'uuid': org_uuid, 'name': name}) orgs.append(f'{org_uuid}: {name}')
return orgs return orgs
def create_default_org(): def create_default_org():

17
bin/lib/ail_users.py
View File

@ -333,6 +333,11 @@ def create_user(user_id, password=None, admin_id=None, chg_passwd=True, org_uuid
# CREATE USER # CREATE USER
if admin_id: if admin_id:
# ORG
org = ail_orgs.Organisation(org_uuid)
if not org.exists():
raise Exception('Organisation does not exist')
r_serv_db.hset(f'ail:user:metadata:{user_id}', 'creator', admin_id) r_serv_db.hset(f'ail:user:metadata:{user_id}', 'creator', admin_id)
date = datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S') date = datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')
r_serv_db.hset(f'ail:user:metadata:{user_id}', 'created_at', date) r_serv_db.hset(f'ail:user:metadata:{user_id}', 'created_at', date)
@ -344,9 +349,6 @@ def create_user(user_id, password=None, admin_id=None, chg_passwd=True, org_uuid
set_user_role(user_id, role) set_user_role(user_id, role)
# ORG # ORG
org = ail_orgs.Organisation(org_uuid)
if not org.exists():
raise Exception('Organisation does not exist')
org.add_user(user_id) org.add_user(user_id)
r_serv_db.hset('ail:users:all', user_id, password_hash) r_serv_db.hset('ail:users:all', user_id, password_hash)
@ -699,13 +701,19 @@ def api_create_user_api_key(user_id, admin_id, ip_address, user_agent):
def api_create_user(admin_id, ip_address, user_agent, user_id, password, org_uuid, role, otp): def api_create_user(admin_id, ip_address, user_agent, user_id, password, org_uuid, role, otp):
user = AILUser(user_id) user = AILUser(user_id)
if not ail_orgs.exists_org(org_uuid):
return {'status': 'error', 'reason': 'Unknown Organisation'}, 400
if not exists_role(role):
return {'status': 'error', 'reason': 'Unknown User Role'}, 400
if not user.exists(): if not user.exists():
create_user(user_id, password=password, admin_id=admin_id, org_uuid=org_uuid, role=role, otp=otp) create_user(user_id, password=password, admin_id=admin_id, org_uuid=org_uuid, role=role, otp=otp)
access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent}) access_logger.info(f'Create user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
return user_id, 200
# Edit # Edit
else: else:
edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp, role=role) edit_user(admin_id, user_id, password, chg_passwd=True, org_uuid=org_uuid, edit_otp=True, otp=otp, role=role)
access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent}) access_logger.info(f'Edit user {user_id}', extra={'user_id': admin_id, 'ip_address': ip_address, 'user_agent': user_agent})
return user_id, 200
def api_change_user_self_password(user_id, password): def api_change_user_self_password(user_id, password):
if not check_password_strength(password): if not check_password_strength(password):
@ -755,6 +763,9 @@ def _get_users_roles_dict():
'admin': ['read_only', 'user_no_api', 'user', 'org_admin', 'admin'], 'admin': ['read_only', 'user_no_api', 'user', 'org_admin', 'admin'],
} }
def exists_role(role):
return role in _get_users_roles_list()
def set_user_role(user_id, role): def set_user_role(user_id, role):
roles = _get_users_roles_dict() roles = _get_users_roles_dict()
# set role # set role

14
var/www/blueprints/settings_b.py
View File

@ -221,8 +221,12 @@ def create_user():
meta = r[0] meta = r[0]
all_roles = ail_users.get_roles() all_roles = ail_users.get_roles()
orgs = ail_orgs.get_orgs_selector() orgs = ail_orgs.get_orgs_selector()
if meta:
selector_val = f"{meta['org']}: {meta['org_name']}"
else:
selector_val = None
return render_template("create_user.html", all_roles=all_roles, orgs=orgs, meta=meta, return render_template("create_user.html", all_roles=all_roles, orgs=orgs, meta=meta,
error=error, error_mail=error_mail, error=error, error_mail=error_mail, selector_val=selector_val,
acl_admin=True) acl_admin=True)
@settings_b.route("/settings/edit_user", methods=['GET']) @settings_b.route("/settings/edit_user", methods=['GET'])
@ -251,6 +255,9 @@ def create_user_post():
else: else:
enable_2_fa = False enable_2_fa = False
if org_uuid:
org_uuid = org_uuid[2:].split(':', 1)[0]
all_roles = ail_users.get_roles() all_roles = ail_users.get_roles()
if email and len(email) < 300 and ail_users.check_email(email) and role: if email and len(email) < 300 and ail_users.check_email(email) and role:
@ -277,7 +284,10 @@ def create_user_post():
edit = True edit = True
else: else:
edit = False edit = False
ail_users.api_create_user(admin_id, request.access_route[0], request.user_agent, email, password, org_uuid, role, enable_2_fa) r = ail_users.api_create_user(admin_id, request.access_route[0], request.user_agent, email, password, org_uuid, role, enable_2_fa)
if r[1] != 200:
return create_json_response(r[0], r[1])
new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit} new_user = {'email': email, 'password': str_password, 'org': org_uuid, 'otp': enable_2_fa, 'edited': edit}
# qr_code = ail_users.create_qr_code(f'{email} - {password}') # qr_code = ail_users.create_qr_code(f'{email} - {password}')
return render_template("create_user.html", new_user=new_user, meta={}, return render_template("create_user.html", new_user=new_user, meta={},

23
var/www/templates/settings/create_user.html
View File

@ -9,6 +9,7 @@
<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet"> <link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
<link href="{{ url_for('static', filename='css/tags.css') }}" rel="stylesheet" type="text/css" />
<!-- JS --> <!-- JS -->
<script src="{{ url_for('static', filename='js/jquery.js')}}"></script> <script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
@ -16,6 +17,7 @@
<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script> <script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script> <script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script> <script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
<script src="{{ url_for('static', filename='js/tags.js') }}"></script>
</head> </head>
<body> <body>
@ -60,15 +62,8 @@
{% endif %} {% endif %}
<label class="mt-3" for="role_selector">Organisation</label> <label class="mt-3" for="role_selector">Organisation</label>
<select class="custom-select" id="role_selector" name="user_organisation">
{% for org in orgs %} <input id="user_organisation" name="user_organisation" type="text" class="form-control" aria-describedby="role_selector" autocomplete="off">
{% if meta['org'] == org['uuid'] %}
<option value="{{ org['uuid'] }}" selected>{{ org['uuid'] }} - {{ org['name'] }}</option>
{% else %}
<option value="{{ org['uuid'] }}">{{ org['uuid'] }} - {{ org['name'] }}</option>
{% endif %}
{% endfor %}
</select>
<label class="mt-3" for="role_selector">User Role</label> <label class="mt-3" for="role_selector">User Role</label>
<select class="custom-select" id="role_selector" name="user_role"> <select class="custom-select" id="role_selector" name="user_role">
@ -122,6 +117,16 @@ $(document).ready(function(){
{% if error %} {% if error %}
toggle_password_fields(); toggle_password_fields();
{% endif %} {% endif %}
$('#user_organisation').tagSuggest({
data: [{% for org in orgs %}"{{ org }}" ,{% endfor %}],
sortOrder: 'name',
maxDropHeight: 200,
maxSelection: 1,
emptyText: 'Select Organisation',
name: 'user_organisation',
{% if selector_val %}value: ['{{ selector_val | safe}}']{% endif %}
});
} ); } );
function toggle_sidebar(){ function toggle_sidebar(){