appenlight Commit - r135:81277de4 · RhodeCode Free Hosting

requirements: bump ziggurat_foundations to 0.8.3

ergo -

r135:81277de4

parent child

.gitignore

0 +2 -2

             downloads/
             eggs/
             .eggs/
-            lib/
+            /lib/
-            lib64/
+            /lib64/
             parts/
             sdist/
             var/

backend/requirements.txt

0 +1 -1

             celery==3.1.23
             formencode==1.3.0
             psutil==2.1.2
-            ziggurat_foundations==0.6.8
+            ziggurat_foundations==0.8.3
             bcrypt==3.1.6
             appenlight_client
             markdown==2.5

backend/src/appenlight/celery/tasks.py

0 +4 -2

             from celery.utils.log import get_task_logger
             from zope.sqlalchemy import mark_changed
             from pyramid.threadlocal import get_current_request, get_current_registry
+            from ziggurat_foundations.models.services.resource import ResourceService
             from appenlight.celery import celery
             from appenlight.models.report_group import ReportGroup
             from appenlight.models import DBSession, Datastores
                     ApplicationService.check_for_groups_alert(
                         application, 'alert', report_groups=report_groups,
                         occurence_dict=occurence_dict)
-                    users = set([p.user for p in application.users_for_perm('view')])
+                    users = set([p.user for p in ResourceService.users_for_perm(application, 'view')])
                     report_groups = report_groups.all()
                     for user in users:
                         UserService.report_notify(user, request, application,
                     application = ApplicationService.by_id(resource_id)
                     if application:
-                        users = set([p.user for p in application.users_for_perm('view')])
+                        users = set([p.user for p in ResourceService.users_for_perm(application, 'view')])
                         for user in users:
                             user.send_digest(request, application, reports=reports,
                                              since_when=since_when)

backend/src/appenlight/forms.py

0 +8 -8

             import datetime
             import appenlight.lib.helpers as h
-            from appenlight.models.user import User
+            from ziggurat_foundations.models.services.user import UserService
-            from appenlight.models.group import Group
+            from ziggurat_foundations.models.services.group import GroupService
             from appenlight.models import DBSession
             from appenlight.models.alert_channel import AlertChannel
             from appenlight.models.integrations import IntegrationException
             def found_username_validator(form, field):
-                user = User.by_user_name(field.data)
+                user = UserService.by_user_name(field.data)
                 # sets user to recover in email validator
                 form.field_user = user
                 if not user:
             def found_username_email_validator(form, field):
-                user = User.by_email(field.data)
+                user = UserService.by_email(field.data)
                 if not user:
                     raise wtforms.ValidationError('Email is incorrect')
             def unique_username_validator(form, field):
-                user = User.by_user_name(field.data)
+                user = UserService.by_user_name(field.data)
                 if user:
                     raise wtforms.ValidationError('This username already exists in system')
             def unique_groupname_validator(form, field):
-                group = Group.by_group_name(field.data)
+                group = GroupService.by_group_name(field.data)
                 mod_group = getattr(form, '_modified_group', None)
                 if group and (not mod_group or mod_group.id != group.id):
                     raise wtforms.ValidationError(
             def unique_email_validator(form, field):
-                user = User.by_email(field.data)
+                user = UserService.by_email(field.data)
                 if user:
                     raise wtforms.ValidationError('This email already exists in system')
             def old_password_validator(form, field):
-                if not field.user.check_password(field.data or ''):
+                if not UserService.check_password(field.user, field.data or ''):
                     raise wtforms.ValidationError('You need to enter correct password')

backend/src/appenlight/lib/request.py

0 +2 -2

             from authomatic.providers import oauth2, oauth1
             from authomatic import Authomatic
-            from appenlight.models.user import User
+            from ziggurat_foundations.models.services.user import UserService
             class CSRFException(Exception):
                         return None
                     if user_id:
-                        user = User.by_id(user_id)
+                        user = UserService.by_id(user_id)
                         if user:
                             request.environ['appenlight.username'] = '%d:%s' % (
                                 user_id, user.user_name)

backend/src/appenlight/lib/utils/__init__.py

0 +3 -2

                                                accepted_search_params)
             from itsdangerous import TimestampSigner
             from ziggurat_foundations.permissions import ALL_PERMISSIONS
+            from ziggurat_foundations.models.services.user import UserService
             from dateutil.relativedelta import relativedelta
             from dateutil.rrule import rrule, MONTHLY, DAILY
                     resource_permissions = ['view']
                 if request.user:
-                    applications = request.user.resources_with_perms(
+                    applications = UserService.resources_with_perms(
-                        resource_permissions, resource_types=['application'])
+                        request.user, resource_permissions, resource_types=['application'])
                 # CRITICAL - this ensures our resultset is limited to only the ones
                 # user has view permissions

backend/src/appenlight/models/alert_channel_action.py

0 +3 -3

             import sqlalchemy as sa
-            from appenlight.models.resource import Resource
+            from ziggurat_foundations.models.services.resource import ResourceService
             from appenlight.models import Base, get_db_session
             from sqlalchemy.orm import validates
             from ziggurat_foundations.models.base import BaseModel
                 def resource_name(self, db_session=None):
                     db_session = get_db_session(db_session)
                     if self.resource_id:
-                        return Resource.by_resource_id(self.resource_id,
+                        return ResourceService.by_resource_id(
-                                                       db_session=db_session).resource_name
+                            self.resource_id, db_session=db_session).resource_name
                     else:
                         return 'any resource'

backend/src/appenlight/models/event.py

0 +4 -4

             from datetime import datetime
             from appenlight.models import Base, get_db_session
             from appenlight.models.services.report_stat import ReportStatService
-            from appenlight.models.resource import Resource
             from appenlight.models.integrations import IntegrationException
             from pyramid.threadlocal import get_current_request
             from sqlalchemy.dialects.postgresql import JSON
             from ziggurat_foundations.models.base import BaseModel
+            from ziggurat_foundations.models.services.resource import ResourceService
             log = logging.getLogger(__name__)
                     db_session = get_db_session(db_session)
                     db_session.flush()
                     if not resource:
-                        resource = Resource.by_resource_id(self.resource_id)
+                        resource = ResourceService.by_resource_id(self.resource_id)
                     if not request:
                         request = get_current_request()
                     if not resource:
                         return
-                    users = set([p.user for p in resource.users_for_perm('view')])
+                    users = set([p.user for p in ResourceService.users_for_perm(resource, 'view')])
                     for user in users:
                         for channel in user.alert_channels:
                             matches_resource = not channel.resources or resource in [r.resource_id for r in channel.resources]
                         Generates close alert event if alerts get closed """
                     event_types = [Event.types['error_report_alert'],
                                    Event.types['slow_report_alert']]
-                    app = Resource.by_resource_id(self.resource_id)
+                    app = ResourceService.by_resource_id(self.resource_id)
                     # if app was deleted close instantly
                     if not app:
                         self.close()

backend/src/appenlight/models/resource.py

0 +3 -2

             from appenlight.lib.utils import permission_tuple_to_dict
             from pyramid.security import Allow, ALL_PERMISSIONS
             from ziggurat_foundations.models.resource import ResourceMixin
+            from ziggurat_foundations.models.services.resource import ResourceService
             class Resource(ResourceMixin, Base):
                 @property
                 def user_permissions_list(self):
                     return [permission_tuple_to_dict(perm) for perm in
-                            self.users_for_perm('__any_permission__',
+                            ResourceService.users_for_perm(
-                                                limit_group_permissions=True)]
+                                self, '__any_permission__', limit_group_permissions=True)]
                 @property
                 def __acl__(self):

backend/src/appenlight/models/services/event.py

0 +4 -4

             import sqlalchemy as sa
             from pyramid.threadlocal import get_current_registry
             from paginate_sqlalchemy import SqlalchemyOrmPage
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.models import get_db_session
             from appenlight.models.event import Event
             from appenlight.models.services.base import BaseService
                 @classmethod
                 def latest_for_user(cls, user, db_session=None):
                     registry = get_current_registry()
-                    resources = user.resources_with_perms(
+                    resources = UserService.resources_with_perms(user, ['view'], resource_types=registry.resource_types)
-                        ['view'], resource_types=registry.resource_types)
                     resource_ids = [r.resource_id for r in resources]
                     db_session = get_db_session(db_session)
                     return EventService.for_resource(
                     if not filter_settings:
                         filter_settings = {}
                     registry = get_current_registry()
-                    resources = user.resources_with_perms(
+                    resources = UserService.resources_with_perms(user, ['view'], resource_types=registry.resource_types)
-                        ['view'], resource_types=registry.resource_types)
                     resource_ids = [r.resource_id for r in resources]
                     query = EventService.for_resource(
                         resource_ids, or_target_user_id=user.id, limit=100,

backend/src/appenlight/models/services/group.py

0 +2 -2

             from appenlight.models import get_db_session
             from appenlight.models.group import Group
-            from appenlight.models.services.base import BaseService
+            from ziggurat_foundations.models.services.group import GroupService
-            class GroupService(BaseService):
+            class GroupService(GroupService):
                 @classmethod
                 def by_id(cls, group_id, db_session=None):
                     db_session = get_db_session(db_session)

backend/src/appenlight/models/services/group_resource_permission.py

0 +2 -2

             from appenlight.models.group_resource_permission import GroupResourcePermission
             from appenlight.models import get_db_session
-            from appenlight.models.services.base import BaseService
+            from ziggurat_foundations.models.services.group_resource_permission import GroupResourcePermissionService
-            class GroupResourcePermissionService(BaseService):
+            class GroupResourcePermissionService(GroupResourcePermissionService):
                 @classmethod
                 def by_resource_group_and_perm(cls, group_id, perm_name, resource_id,
                                                db_session=None):

backend/src/appenlight/models/services/user.py

0 +3 -2

             from collections import namedtuple
             from datetime import datetime
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.lib.rule import Rule
             from appenlight.models import get_db_session
             from appenlight.models.integrations import IntegrationException
             from appenlight.models.report import REPORT_TYPE_MATRIX
             from appenlight.models.user import User
-            from appenlight.models.services.base import BaseService
             from paginate_sqlalchemy import SqlalchemyOrmPage
             from pyramid.threadlocal import get_current_registry
             GroupOccurence = namedtuple('GroupOccurence', ['occurences', 'group'])
-            class UserService(BaseService):
+            class UserService(UserService):
                 @classmethod
                 def all(cls, db_session=None):
                     return get_db_session(db_session).query(User).order_by(User.user_name)

backend/src/appenlight/models/user.py

0 +4 -4

             from appenlight.models.integrations import IntegrationException
             from pyramid.threadlocal import get_current_request
             from ziggurat_foundations.models.user import UserMixin
+            from ziggurat_foundations.models.services.user import UserService
             log = logging.getLogger(__name__)
                     result = super(User, self).get_dict(exclude_keys, include_keys)
                     if extended_info:
                         result['groups'] = [g.group_name for g in self.groups]
-                        result['permissions'] = [p.perm_name for p in self.permissions]
+                        result['permissions'] = [p.perm_name for p in UserService.permissions(self)]
                         request = get_current_request()
-                        apps = self.resources_with_perms(
+                        apps = UserService.resources_with_perms(self,
                             ['view'], resource_types=['application'])
                         result['applications'] = sorted(
                             [{'resource_id': a.resource_id,
                 def assigned_report_groups(self):
                     from appenlight.models.report_group import ReportGroup
-                    resources = self.resources_with_perms(
+                    resources = UserService.resources_with_perms(self, ['view'], resource_types=['application'])
-                        ['view'], resource_types=['application'])
                     query = self.assigned_reports_relation
                     rid_list = [r.resource_id for r in resources]
                     query = query.filter(ReportGroup.resource_id.in_(rid_list))

backend/src/appenlight/scripts/initialize_db.py

0 +4 -2

             from pyramid.paster import setup_logging, bootstrap
             from pyramid.threadlocal import get_current_request
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.forms import UserRegisterForm
             from appenlight.lib.ext_json import json
                     if create_user:
                         group = GroupService.by_id(1)
                         user = User(user_name=user_name, email=email, status=1)
-                        user.regenerate_security_code()
+                        UserService.regenerate_security_code(user)
-                        user.set_password(user_password)
+                        UserService.set_password(user, user_password)
                         DBSession.add(user)
                         token = AuthToken(description="Uptime monitoring token")
                         if args.auth_token:

backend/src/appenlight/security.py

0 +14 -12

             from appenlight.lib import to_integer_safe
             from pyramid.httpexceptions import HTTPNotFound, HTTPBadRequest
             from ziggurat_foundations.permissions import permission_to_04_acls
+            from ziggurat_foundations.models.services.user import UserService
+            from ziggurat_foundations.models.services.resource import ResourceService
             import defusedxml.ElementTree as ElementTree
             import urllib.request, urllib.error, urllib.parse
             import logging
                 non-resource permission
                 """
                 if hasattr(request, 'user') and request.user:
-                    acls = permission_to_04_acls(request.user.permissions)
+                    acls = permission_to_04_acls(UserService.permissions(request.user))
                     for perm_user, perm_name in acls:
                         if perm_name == 'root_administration':
                             context.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                                     (Allow, Authenticated, 'create_resources')]
                     # general page factory - append custom non resource permissions
                     if hasattr(request, 'user') and request.user:
-                        acls = permission_to_04_acls(request.user.permissions)
+                        acls = permission_to_04_acls(UserService.permissions(request.user))
                         for perm_user, perm_name in acls:
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     resource_id = request.matchdict.get("resource_id",
                                                         request.GET.get("resource_id"))
                     resource_id = to_integer_safe(resource_id)
-                    self.resource = Resource.by_resource_id(resource_id) \
+                    self.resource = ResourceService.by_resource_id(resource_id) \
                         if resource_id else None
                     if self.resource and request.user:
                         self.__acl__ = self.resource.__acl__
-                        permissions = self.resource.perms_for_user(request.user)
+                        permissions = ResourceService.perms_for_user(self.resource, request.user)
                         for perm_user, perm_name in permission_to_04_acls(permissions):
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     add_root_superperm(request, self)
                         raise HTTPNotFound()
                     self.public = self.report_group.public
-                    self.resource = Resource.by_resource_id(self.report_group.resource_id) \
+                    self.resource = ResourceService.by_resource_id(self.report_group.resource_id) \
                         if self.report_group else None
                     if self.resource:
                         self.__acl__ = self.resource.__acl__
                     if request.user:
-                        permissions = self.resource.perms_for_user(request.user)
+                        permissions = ResourceService.perms_for_user(self.resource, request.user)
                         for perm_user, perm_name in permission_to_04_acls(permissions):
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     if self.public:
                     if not self.plugin:
                         raise HTTPNotFound()
                     if self.plugin.resource_id:
-                        self.resource = Resource.by_resource_id(self.plugin.resource_id)
+                        self.resource = ResourceService.by_resource_id(self.plugin.resource_id)
                     if self.resource:
                         self.__acl__ = self.resource.__acl__
                     if request.user and self.resource:
-                        permissions = self.resource.perms_for_user(request.user)
+                        permissions = ResourceService.perms_for_user(self.resource, request.user)
                         for perm_user, perm_name in permission_to_04_acls(permissions):
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     self.__acl__ = []
                     resource_id = request.unsafe_json_body().get('resource_id')
                     resource_id = to_integer_safe(resource_id)
-                    self.resource = Resource.by_resource_id(resource_id)
+                    self.resource = ResourceService.by_resource_id(resource_id)
                     if self.resource and request.user:
                         self.__acl__ = self.resource.__acl__
-                        permissions = self.resource.perms_for_user(request.user)
+                        permissions = ResourceService.perms_for_user(self.resource, request.user)
                         for perm_user, perm_name in permission_to_04_acls(permissions):
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     add_root_superperm(request, self)
                         resource_id = request.GET.get('resource_id')
                     if resource_id:
                         resource_id = to_integer_safe(resource_id)
-                        self.resource = Resource.by_resource_id(resource_id)
+                        self.resource = ResourceService.by_resource_id(resource_id)
                     if self.resource and request.user:
                         self.__acl__ = self.resource.__acl__
-                        permissions = self.resource.perms_for_user(request.user)
+                        permissions = ResourceService.perms_for_user(self.resource, request.user)
                         for perm_user, perm_name in permission_to_04_acls(permissions):
                             self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
                     add_root_superperm(request, self)

backend/src/appenlight/tests/test_unit.py

0 +1 -1

                     register(request)
                     user = UserService.by_user_name('foo')
                     assert user.user_name == 'foo'
-                    assert len(user.user_password) == 60
+                    assert len(user.user_password) >= 60
             @pytest.mark.usefixtures('base_app', 'with_migrations', 'clean_tables',

backend/src/appenlight/views/admin/users.py

0 +2 -2

             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPFound, HTTPNotFound
             from pyramid import security
-            from appenlight.models.user import User
+            from ziggurat_foundations.models.services.user import UserService
             import logging
                          match_param=['section=admin_section', 'view=relogin_user'],
                          renderer='json', request_method='GET')
             def relogin_to_user(request):
-                user = User.by_id(request.GET.get('user_id'))
+                user = UserService.by_id(request.GET.get('user_id'))
                 if not user:
                     return HTTPNotFound()
                 headers = security.remember(request, user.id)

backend/src/appenlight/views/applications.py

0 +17 -12

             from appenlight.models.application import Application
             from appenlight.models.application_postprocess_conf import \
                 ApplicationPostprocessConf
-            from appenlight.models.user import User
+            from ziggurat_foundations.models.services.user import UserService
+            from ziggurat_foundations.models.services.resource import ResourceService
+            from ziggurat_foundations.models.services.user_resource_permission import UserResourcePermissionService
             from appenlight.models.user_resource_permission import UserResourcePermission
             from appenlight.models.group_resource_permission import GroupResourcePermission
             from appenlight.models.services.application import ApplicationService
                 else:
                     permissions = request.params.getall('permission')
                     if permissions:
-                        resources = request.user.resources_with_perms(
+                        resources = UserService.resources_with_perms(
+                            request.user,
                             permissions,
                             resource_types=[request.GET.get('resource_type',
                                                             'application')])
                     MultiDict(request.safe_json_body or {}), csrf_context=request)
                 form.password.user = request.user
                 if form.validate():
-                    user = User.by_user_name(form.user_name.data)
+                    user = UserService.by_user_name(form.user_name.data)
                     user.resources.append(resource)
                     # remove integrations to not leak security data of external applications
                     for integration in resource.integrations[:]:
                 """
                 resource = request.context.resource
                 user_name = request.unsafe_json_body.get('user_name')
-                user = User.by_user_name(user_name)
+                user = UserService.by_user_name(user_name)
                 if not user:
-                    user = User.by_email(user_name)
+                    user = UserService.by_email(user_name)
                 if not user:
                     return False
                 for perm_name in request.unsafe_json_body.get('permissions', []):
-                    permission = UserResourcePermission.by_resource_user_and_perm(
+                    permission = UserResourcePermissionService.by_resource_user_and_perm(
                         user.id, perm_name, resource.resource_id)
                     if not permission:
                         permission = UserResourcePermission(perm_name=perm_name,
                                                             user_id=user.id)
                         resource.user_permissions.append(permission)
                 DBSession.flush()
-                perms = [p.perm_name for p in resource.perms_for_user(user)
+                perms = [p.perm_name for p in ResourceService.perms_for_user(resource, user)
                          if p.type == 'user']
                 result = {'user_name': user.user_name,
                           'permissions': list(set(perms))}
                 """
                 resource = request.context.resource
-                user = User.by_user_name(request.GET.get('user_name'))
+                user = UserService.by_user_name(request.GET.get('user_name'))
                 if not user:
                     return False
                 for perm_name in request.GET.getall('permissions'):
-                    permission = UserResourcePermission.by_resource_user_and_perm(
+                    permission = UserResourcePermissionService.by_resource_user_and_perm(
                         user.id, perm_name, resource.resource_id)
                     resource.user_permissions.remove(permission)
                 DBSession.flush()
-                perms = [p.perm_name for p in resource.perms_for_user(user)
+                perms = [p.perm_name for p in ResourceService.perms_for_user(resource, user)
                          if p.type == 'user']
                 result = {'user_name': user.user_name,
                           'permissions': list(set(perms))}
                                                              group_id=group.id)
                         resource.group_permissions.append(permission)
                 DBSession.flush()
-                perm_tuples = resource.groups_for_perm(
+                perm_tuples = ResourceService.groups_for_perm(
+                    resource,
                     ANY_PERMISSION,
                     limit_group_permissions=True,
                     group_ids=[group.id])
                         group.id, perm_name, resource.resource_id)
                     resource.group_permissions.remove(permission)
                 DBSession.flush()
-                perm_tuples = resource.groups_for_perm(
+                perm_tuples = ResourceService.groups_for_perm(
+                    resource,
                     ANY_PERMISSION,
                     limit_group_permissions=True,
                     group_ids=[group.id])

backend/src/appenlight/views/events.py

0 +3 -2

             from appenlight.models.services.event import EventService
             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPBadRequest, HTTPNotFound
+            from ziggurat_foundations.models.services.user import UserService
             @view_config(route_name='events_no_id',
             @view_config(route_name='events', renderer='json', request_method='PATCH',
                          permission='authenticated')
             def event_PATCH(request):
-                resources = request.user.resources_with_perms(
+                resources = UserService.resources_with_perms(
-                    ['view'], resource_types=request.registry.resource_types)
+                    request.user, ['view'], resource_types=request.registry.resource_types)
                 event = EventService.for_resource(
                     [r.resource_id for r in resources],
                     event_id=request.matchdict['event_id']).first()

backend/src/appenlight/views/groups.py

0 +7 -6

             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPUnprocessableEntity, HTTPNotFound
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.lib.utils import permission_tuple_to_dict
             from appenlight.models.services.config import ConfigService
             from appenlight.models.group import Group
                 if not group:
                     return HTTPNotFound()
                 return [permission_tuple_to_dict(perm) for perm in
-                        group.resources_with_possible_perms()]
+                        GroupService.resources_with_possible_perms(group)]
             @view_config(route_name='groups_property',
                 users_dicts = []
                 for user in group.users:
                     u_dict = user.get_dict(include_keys=props)
-                    u_dict['gravatar_url'] = user.gravatar_url(s=20)
+                    u_dict['gravatar_url'] = UserService.gravatar_url(user, s=20)
                     users_dicts.append(u_dict)
                 return users_dicts
                 Get list of permissions assigned to specific resources
                 """
                 group = GroupService.by_id(request.matchdict.get('group_id'))
-                user = User.by_user_name(request.GET.get('user_name'))
+                user = UserService.by_user_name(request.GET.get('user_name'))
                 if not group or not user:
                     return HTTPNotFound()
                 if len(group.users) > 1:
                 Get list of permissions assigned to specific resources
                 """
                 group = GroupService.by_id(request.matchdict.get('group_id'))
-                user = User.by_user_name(request.unsafe_json_body.get('user_name'))
+                user = UserService.by_user_name(request.unsafe_json_body.get('user_name'))
                 if not user:
-                    user = User.by_email(request.unsafe_json_body.get('user_name'))
+                    user = UserService.by_email(request.unsafe_json_body.get('user_name'))
                 if not group or not user:
                     return HTTPNotFound()
                 props = ['user_name', 'id', 'first_name', 'last_name', 'email',
                          'last_login_date', 'status']
                 u_dict = user.get_dict(include_keys=props)
-                u_dict['gravatar_url'] = user.gravatar_url(s=20)
+                u_dict['gravatar_url'] = UserService.gravatar_url(user, s=20)
                 return u_dict

backend/src/appenlight/views/index.py

0 +7 -6

             from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInSuccess
             from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignInBadAuth
             from ziggurat_foundations.ext.pyramid.sign_in import ZigguratSignOut
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.lib.social import handle_social_data
             from appenlight.models import DBSession
                 """
                 form = forms.LostPasswordForm(request.POST, csrf_context=request)
                 if request.method == 'POST' and form.validate():
-                    user = User.by_email(form.email.data)
+                    user = UserService.by_email(form.email.data)
                     if user:
-                        user.regenerate_security_code()
+                        UserService.regenerate_security_code(user)
                         user.security_code_date = datetime.datetime.utcnow()
                         email_vars = {
                             'user': user,
                 """
                 Shows new password form - perform time check and set new password for user
                 """
-                user = User.by_user_name_and_security_code(
+                user = UserService.by_user_name_and_security_code(
                     request.GET.get('user_name'), request.GET.get('security_code'))
                 if user:
                     delta = datetime.datetime.utcnow() - user.security_code_date
                 if user and delta.total_seconds() < 600:
                     form = forms.NewPasswordForm(request.POST, csrf_context=request)
                     if request.method == "POST" and form.validate():
-                        user.set_password(form.new_password.data)
+                        UserService.set_password(user, form.new_password.data)
                         request.session.flash(_('You can sign in with your new password.'))
                         return HTTPFound(location=request.route_url('register'))
                     else:
                     new_user = User()
                     DBSession.add(new_user)
                     form.populate_obj(new_user)
-                    new_user.regenerate_security_code()
+                    UserService.regenerate_security_code(new_user)
                     new_user.status = 1
-                    new_user.set_password(new_user.user_password)
+                    UserService.set_password(new_user, new_user.user_password)
                     new_user.registration_ip = request.environ.get('REMOTE_ADDR')
                     if social_data:

backend/src/appenlight/views/reports.py

0 +10 -7

             from pyramid.view import view_config
             from pyramid.httpexceptions import HTTPUnprocessableEntity
+            from ziggurat_foundations.models.services.resource import ResourceService
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.models import DBSession
             from appenlight.models.user import User
             from appenlight.models.report_comment import ReportComment
                 if request.user:
                     request.user.last_login_date = datetime.utcnow()
-                applications = request.user.resources_with_perms(
+                applications = UserService.resources_with_perms(
-                    ['view'], resource_types=['application'])
+                    request.user, ['view'], resource_types=['application'])
                 search_params = request.GET.mixed()
                                             report_time=report_group.first_timestamp)
                     form.populate_obj(comment)
                     report_group.comments.append(comment)
-                    perm_list = application.users_for_perm('view')
+                    perm_list = ResourceService.users_for_perm(application, 'view')
                     uids_to_notify = []
                     users_to_notify = []
                     for perm in perm_list:
                 """
                 report_group = request.context.report_group
                 application = request.context.resource
-                users = set([p.user for p in application.users_for_perm('view')])
+                users = set([p.user for p in ResourceService.users_for_perm(application, 'view')])
                 currently_assigned = [u.user_name for u in report_group.assigned_users]
                 user_status = {'assigned': [], 'unassigned': []}
                 # handle users
                 for user in users:
                     user_dict = {'user_name': user.user_name,
-                                 'gravatar_url': user.gravatar_url(),
+                                 'gravatar_url': UserService.gravatar_url(user),
                                  'name': '%s %s' % (user.first_name, user.last_name,)}
                     if user.user_name in currently_assigned:
                         user_status['assigned'].append(user_dict)
                 # first unassign old users
                 for user_name in new_assigns['unassigned']:
                     if user_name in currently_assigned:
-                        user = User.by_user_name(user_name)
+                        user = UserService.by_user_name(user_name)
                         report_group.assigned_users.remove(user)
                         comment = ReportComment(owner_id=request.user.id,
                                                 report_time=report_group.first_timestamp)
                 # assign new users
                 for user_name in new_assigns['assigned']:
                     if user_name not in currently_assigned:
-                        user = User.by_user_name(user_name)
+                        user = UserService.by_user_name(user_name)
                         if user in report_group.assigned_users:
                             report_group.assigned_users.remove(user)
                         DBSession.flush()

backend/src/appenlight/views/tests.py

0 +4 -2

             import six
             import pyramid.renderers
             import requests
+            from ziggurat_foundations.models.services.user import UserService
             import appenlight.celery.tasks
             from pyramid.view import view_config
             from pyramid_mailer.message import Message
                 """
                 Allows to test send data on various registered alerting channels
                 """
-                applications = request.user.resources_with_perms(
+                applications = UserService.resources_with_perms(request.user, ['view'], resource_types=['application'])
-                    ['view'], resource_types=['application'])
                 # what we can select in total
                 all_possible_app_ids = [app.resource_id for app in applications]
                 resource = applications[0]

backend/src/appenlight/views/user.py

0 +18 -18

             from pyramid.security import NO_PERMISSION_REQUIRED
             from ziggurat_foundations.models.services.external_identity import \
                 ExternalIdentityService
+            from ziggurat_foundations.models.services.user import UserService
             from appenlight.lib import generate_random_string
             from appenlight.lib.social import handle_social_data
                 users_dicts = []
                 for user in users:
                     u_dict = user.get_dict(include_keys=props)
-                    u_dict['gravatar_url'] = user.gravatar_url(s=20)
+                    u_dict['gravatar_url'] = UserService.gravatar_url(user, s=20)
                     users_dicts.append(u_dict)
                 return users_dicts
                     # insert new user here
                     DBSession.add(user)
                     form.populate_obj(user)
-                    user.regenerate_security_code()
+                    UserService.regenerate_security_code(user)
-                    user.set_password(user.user_password)
+                    UserService.set_password(user, user.user_password)
                     user.status = 1 if form.status.data else 0
                     request.session.flash(_('User created'))
                     DBSession.flush()
                 """
                 Updates user object
                 """
-                user = User.by_id(request.matchdict.get('user_id'))
+                user = UserService.by_id(request.matchdict.get('user_id'))
                 if not user:
                     return HTTPNotFound()
                 post_data = request.safe_json_body or {}
                     if form.validate():
                         form.populate_obj(user, ignore_none=True)
                         if form.user_password.data:
-                            user.set_password(user.user_password)
+                            UserService.set_password(user, user.user_password)
                         if form.status.data:
                             user.status = 1
                         else:
                 """
                 Get list of permissions assigned to specific resources
                 """
-                user = User.by_id(request.matchdict.get('user_id'))
+                user = UserService.by_id(request.matchdict.get('user_id'))
                 if not user:
                     return HTTPNotFound()
                 return [permission_tuple_to_dict(perm) for perm in
-                        user.resources_with_possible_perms()]
+                        UserService.resources_with_possible_perms(user)]
             @view_config(route_name='users', renderer='json',
                 operation there will be at least one admin left
                 """
                 msg = _('There needs to be at least one administrator in the system')
-                user = User.by_id(request.matchdict.get('user_id'))
+                user = UserService.by_id(request.matchdict.get('user_id'))
                 if user:
-                    users = User.users_for_perms(['root_administration']).all()
+                    users = UserService.users_for_perms(['root_administration']).all()
                     if len(users) < 2 and user.id == users[0].id:
                         request.session.flash(msg, 'warning')
                     else:
                                                 csrf_context=request)
                 form.old_password.user = user
                 if form.validate():
-                    user.regenerate_security_code()
+                    UserService.regenerate_security_code(user)
-                    user.set_password(form.new_password.data)
+                    UserService.set_password(user, form.new_password.data)
                     msg = 'Your password got updated. ' \
                           'Next time log in with your new credentials.'
                     request.session.flash(_(msg))
                     res = request.response.body('OK')
                     add_cors_headers(res)
                     return res
-                applications = user.resources_with_perms(
+                applications = UserService.resources_with_perms(user, ['view'], resource_types=['application'])
-                    ['view'], resource_types=['application'])
                 channels = ['app_%s' % app.resource_id for app in applications]
                 payload = {"username": user.user_name,
                            "conn_id": str(uuid.uuid4()),
                 items_returned = []
                 like_condition = request.params.get('user_name', '') + '%'
                 # first append used if email is passed
-                found_user = User.by_email(request.params.get('user_name', ''))
+                found_user = UserService.by_email(request.params.get('user_name', ''))
                 if found_user:
                     name = '{} {}'.format(found_user.first_name, found_user.last_name)
                     items_returned.append({'user': found_user.user_name, 'name': name})
-                for found_user in User.user_names_like(like_condition).limit(20):
+                for found_user in UserService.user_names_like(like_condition).limit(20):
                     name = '{} {}'.format(found_user.first_name, found_user.last_name)
                     items_returned.append({'user': found_user.user_name, 'name': name})
                 return items_returned
                 if request.matched_route.name == 'users_self_property':
                     user = request.user
                 else:
-                    user = User.by_id(request.matchdict.get('user_id'))
+                    user = UserService.by_id(request.matchdict.get('user_id'))
                     if not user:
                         return HTTPNotFound()
                 return [c.get_dict() for c in user.auth_tokens]
                 if request.matched_route.name == 'users_self_property':
                     user = request.user
                 else:
-                    user = User.by_id(request.matchdict.get('user_id'))
+                    user = UserService.by_id(request.matchdict.get('user_id'))
                     if not user:
                         return HTTPNotFound()
                 if request.matched_route.name == 'users_self_property':
                     user = request.user
                 else:
-                    user = User.by_id(request.matchdict.get('user_id'))
+                    user = UserService.by_id(request.matchdict.get('user_id'))
                     if not user:
                         return HTTPNotFound()

.hgignore

0 removed 0 -161

NO CONTENT: file was removed

backend/pip2nix.ini

0 removed 0 -3

NO CONTENT: file was removed

backend/python-packages.nix

0 removed 0 -1082

	1	NO CONTENT: file was removed			NO CONTENT: file was removed
This diff has been collapsed as it changes many lines, (1082 lines changed) Show them Hide them

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages