本文整理匯總了Python中aleph.model.Role.load_or_create方法的典型用法代碼示例。如果您正苦於以下問題:Python Role.load_or_create方法的具體用法?Python Role.load_or_create怎麽用?Python Role.load_or_create使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類aleph.model.Role的用法示例。
在下文中一共展示了Role.load_or_create方法的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: callback
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def callback():
resp = oauth_provider.authorized_response()
if resp is None or isinstance(resp, OAuthException):
log.warning("Failed OAuth: %r", resp)
# FIXME: notify the user, somehow.
return redirect(url_for('base_api.ui'))
session['oauth'] = resp
session['roles'] = [Role.system(Role.SYSTEM_USER)]
if 'googleapis.com' in oauth_provider.base_url:
me = oauth_provider.get('userinfo')
user_id = 'google:%s' % me.data.get('id')
role = Role.load_or_create(user_id, Role.USER, me.data.get('name'),
email=me.data.get('email'))
elif 'occrp.org' in oauth_provider.base_url or \
'investigativedashboard.org' in oauth_provider.base_url:
me = oauth_provider.get('api/2/accounts/profile/')
user_id = 'idashboard:user:%s' % me.data.get('id')
role = Role.load_or_create(user_id, Role.USER,
me.data.get('display_name'),
email=me.data.get('email'),
is_admin=me.data.get('is_admin'))
for group in me.data.get('groups', []):
group_id = 'idashboard:%s' % group.get('id')
group_role = Role.load_or_create(group_id, Role.GROUP,
group.get('name'))
session['roles'].append(group_role.id)
else:
raise RuntimeError("Unknown OAuth URL: %r" % oauth_provider.base_url)
session['roles'].append(role.id)
session['user'] = role.id
db.session.commit()
log.info("Logged in: %r", role)
return redirect(url_for('base_api.ui'))示例2: handle_keycloak_oauth
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def handle_keycloak_oauth(sender, provider=None, oauth=None):
from aleph.model import Role
superuser_role = 'superuser'
if 'secure.occrp.org' not in provider.base_url:
return
access_token = oauth.get('access_token')
token_data = jwt.decode(access_token, verify=False)
clients = token_data.get('resource_access', {})
client = clients.get(provider.consumer_key, {})
roles = set(client.get('roles', []))
is_admin = superuser_role in roles
user_id = 'kc:%s' % token_data.get('email')
if token_data.get('idashboard'):
user_id = 'idashboard:user:%s' % token_data.get('idashboard')
role = Role.load_or_create(user_id, Role.USER,
token_data.get('name'),
email=token_data.get('email'),
is_admin=is_admin)
role.clear_roles()
for role_name in roles:
group_role = Role.load_or_create('kc:%s' % role_name,
Role.GROUP,
role_name)
role.add_role(group_role)
log.debug("User %r is member of %r", role, group_role)
return role示例3: system_role
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def system_role(role_name):
from aleph.model import Role
if not hasattr(app, '_authz_roles'):
app._authz_roles = {}
role = Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM,
'All visitors')
app._authz_roles[Role.SYSTEM_GUEST] = role.id
role = Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM,
'Logged-in users')
app._authz_roles[Role.SYSTEM_USER] = role.id
db.session.commit()
return app._authz_roles.get(role_name)示例4: handle_azure_oauth
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def handle_azure_oauth(sender, provider=None, oauth=None):
from aleph.model import Role
if 'login.microsoftonline.com' not in provider.base_url:
return
# Get incoming token, extract header for use with certificate verification
id_token = oauth.get('id_token')
headerbit = id_token.split('.')[0]
headerbit = base64.b64decode(headerbit).decode('utf8')
headerbit = json.loads(headerbit)
# Load cert from MS - can be cached for upwards of 24hrs, not done now
cert_loc = 'https://login.microsoftonline.com/common/discovery/keys'
cert_data = json.loads(urlopen(cert_loc).read())
pemstart = "-----BEGIN CERTIFICATE-----\n"
pemend = "\n-----END CERTIFICATE-----\n"
# Find correct cert based on header
for key in cert_data['keys']:
if headerbit['kid'] == key['kid'] and headerbit['x5t'] == key['x5t']:
mspubkey = key['x5c'][0]
break
cert_str = pemstart + mspubkey + pemend
cert_obj = load_pem_x509_certificate(cert_str.encode('ascii'),
default_backend())
public_key = cert_obj.public_key()
# Decode incoming token and verify against the MS cert
token_data = jwt.decode(id_token, public_key, verify=True,
audience=settings.OAUTH_KEY)
# All Ok, move on
user_id = 'azure:%s' % token_data['upn']
return Role.load_or_create(user_id, Role.USER, token_data['name'],
email=token_data['upn'])示例5: create
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def create():
require(not request.authz.in_maintenance, settings.PASSWORD_LOGIN)
data = parse_request(RoleCreateSchema)
try:
email = Role.SIGNATURE.loads(data.get('code'),
max_age=Role.SIGNATURE_MAX_AGE)
except BadSignature:
return jsonify({
'status': 'error',
'message': gettext('Invalid code')
}, status=400)
role = Role.by_email(email)
if role is not None:
return jsonify({
'status': 'error',
'message': gettext('Email is already registered')
}, status=409)
role = Role.load_or_create(
foreign_id='password:{}'.format(email),
type=Role.USER,
name=data.get('name') or email,
email=email
)
role.set_password(data.get('password'))
db.session.add(role)
db.session.commit()
update_role(role)
# Let the serializer return more info about this user
request.authz.id = role.id
tag_request(role_id=role.id)
return RoleSerializer.jsonify(role, status=201)示例6: create_user
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def create_user(self, foreign_id='tester', name=None, email=None,
is_admin=False):
role = Role.load_or_create(foreign_id, Role.USER,
name or foreign_id,
email=email or self.fake.email(),
is_admin=is_admin)
db.session.commit()
return role示例7: handle_facebook_oauth
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def handle_facebook_oauth(sender, provider=None, oauth=None):
from aleph.model import Role
if 'facebook.com' not in provider.base_url:
return
token = (oauth.get('access_token'), '')
me = provider.get('me?fields=id,name,email', token=token)
user_id = 'facebook:%s' % me.data.get('id')
return Role.load_or_create(user_id, Role.USER, me.data.get('name'),
email=me.data.get('email'))示例8: handle_google_oauth
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def handle_google_oauth(sender, provider=None, oauth=None):
from aleph.model import Role
if 'googleapis.com' not in provider.base_url:
return
token = (oauth.get('access_token'), '')
me = provider.get('userinfo', token=token)
user_id = 'google:%s' % me.data.get('id')
return Role.load_or_create(user_id, Role.USER, me.data.get('name'),
email=me.data.get('email'))示例9: test_load_or_create_role_exists
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def test_load_or_create_role_exists(self):
self.assertEqual(
Role.load_or_create(
foreign_id=self.role.foreign_id,
type=self.role.type,
name=self.role.name,
email=self.role.email
),
self.role
)示例10: handle_google_oauth
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def handle_google_oauth(sender, provider=None, session=None):
# If you wish to use another OAuth provider with your installation of
# aleph, you can create a Python extension package and include a
# custom oauth handler like this, which will create roles and state
# for your session.
if 'googleapis.com' not in provider.base_url:
return
me = provider.get('userinfo')
user_id = 'google:%s' % me.data.get('id')
role = Role.load_or_create(user_id, Role.USER, me.data.get('name'),
email=me.data.get('email'))
session['roles'].append(role.id)
session['user'] = role.id示例11: create_system_roles
# 需要導入模塊: from aleph.model import Role [as 別名]
# 或者: from aleph.model.Role import load_or_create [as 別名]
def create_system_roles():
log.info("Creating system roles...")
Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, 'All visitors')
Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, 'Logged-in users')
db.session.commit()