netbox-community-netbox/netbox/users/models.py

import binascii
import os

from django.contrib.auth.models import User
from django.contrib.postgres.fields import JSONField
from django.core.validators import MinLengthValidator
from django.db import models
from django.utils import timezone


__all__ = (
    'Token',
    'UserConfig',
)


class UserConfig(models.Model):
    """
    This model stores arbitrary user-specific preferences in a JSON data structure.
    """
    user = models.OneToOneField(
        to=User,
        on_delete=models.CASCADE,
        related_name='config'
    )
    data = JSONField(
        default=dict
    )

    class Meta:
        ordering = ['user']

    def get(self, path):
        """
        Retrieve a configuration parameter specified by its dotted path. Example:

            userconfig.get('foo.bar.baz')

        :param path: Dotted path to the configuration key. For example, 'foo.bar' returns self.data['foo']['bar'].
        """
        d = self.data
        keys = path.split('.')

        # Iterate down the hierarchy, returning None for any invalid keys
        for key in keys:
            if type(d) is dict:
                d = d.get(key)
            else:
                return None

        return d

    def set(self, path, value, commit=False):
        """
        Define or overwrite a configuration parameter. Example:

            userconfig.set('foo.bar.baz', 123)

        Leaf nodes (those which are not dictionaries of other nodes) cannot be overwritten as dictionaries. Similarly,
        branch nodes (dictionaries) cannot be overwritten as single values. (A TypeError exception will be raised.) In
        both cases, the existing key must first be cleared. This safeguard is in place to help avoid inadvertently
        overwriting the wrong key.

        :param path: Dotted path to the configuration key. For example, 'foo.bar' sets self.data['foo']['bar'].
        :param value: The value to be written. This can be any type supported by JSON.
        :param commit: If true, the UserConfig instance will be saved once the new value has been applied.
        """
        d = self.data
        keys = path.split('.')

        # Iterate through the hierarchy to find the key we're setting. Raise TypeError if we encounter any
        # interim leaf nodes (keys which do not contain dictionaries).
        for i, key in enumerate(keys[:-1]):
            if key in d and type(d[key]) is dict:
                d = d[key]
            elif key in d:
                err_path = '.'.join(path.split('.')[:i + 1])
                raise TypeError(f"Key '{err_path}' is a leaf node; cannot assign new keys")
            else:
                d = d.setdefault(key, {})

        # Set a key based on the last item in the path. Raise TypeError if attempting to overwrite a non-leaf node.
        key = keys[-1]
        if key in d and type(d[key]) is dict:
            raise TypeError(f"Key '{path}' has child keys; cannot assign a value")
        else:
            d[key] = value

        if commit:
            self.save()

    def clear(self, path, commit=False):
        """
        Delete a configuration parameter specified by its dotted path. The key and any child keys will be deleted.
        Example:

            userconfig.clear('foo.bar.baz')

        A KeyError is raised in the event any key along the path does not exist.

        :param path: Dotted path to the configuration key. For example, 'foo.bar' deletes self.data['foo']['bar'].
        :param commit: If true, the UserConfig instance will be saved once the new value has been applied.
        """
        d = self.data
        keys = path.split('.')

        for key in keys[:-1]:
            if key in d and type(d[key]) is dict:
                d = d[key]

        key = keys[-1]
        del(d[key])

        if commit:
            self.save()


class Token(models.Model):
    """
    An API token used for user authentication. This extends the stock model to allow each user to have multiple tokens.
    It also supports setting an expiration time and toggling write ability.
    """
    user = models.ForeignKey(
        to=User,
        on_delete=models.CASCADE,
        related_name='tokens'
    )
    created = models.DateTimeField(
        auto_now_add=True
    )
    expires = models.DateTimeField(
        blank=True,
        null=True
    )
    key = models.CharField(
        max_length=40,
        unique=True,
        validators=[MinLengthValidator(40)]
    )
    write_enabled = models.BooleanField(
        default=True,
        help_text='Permit create/update/delete operations using this key'
    )
    description = models.CharField(
        max_length=200,
        blank=True
    )

    class Meta:
        pass

    def __str__(self):
        # Only display the last 24 bits of the token to avoid accidental exposure.
        return "{} ({})".format(self.key[-6:], self.user)

    def save(self, *args, **kwargs):
        if not self.key:
            self.key = self.generate_key()
        return super().save(*args, **kwargs)

    def generate_key(self):
        # Generate a random 160-bit key expressed in hexadecimal.
        return binascii.hexlify(os.urandom(20)).decode()

    @property
    def is_expired(self):
        if self.expires is None or timezone.now() < self.expires:
            return False
        return True
Initial work on token authentication 2017-03-07 17:17:39 -05:00			`import binascii`
			`import os`

			`from django.contrib.auth.models import User`
Initial implementation of UserConfig model 2020-04-23 15:25:47 -04:00			`from django.contrib.postgres.fields import JSONField`
Finished user control panel for tokens 2017-03-08 11:34:47 -05:00			`from django.core.validators import MinLengthValidator`
Initial work on token authentication 2017-03-07 17:17:39 -05:00			`from django.db import models`
Addded is_expired property to Token 2017-03-07 23:30:31 -05:00			`from django.utils import timezone`
Initial work on token authentication 2017-03-07 17:17:39 -05:00

Define __all__ for models.py within each app 2020-01-14 12:01:23 -05:00			`__all__ = (`
			`'Token',`
Initial implementation of UserConfig model 2020-04-23 15:25:47 -04:00			`'UserConfig',`
Define __all__ for models.py within each app 2020-01-14 12:01:23 -05:00			`)`


Initial implementation of UserConfig model 2020-04-23 15:25:47 -04:00			`class UserConfig(models.Model):`
			`"""`
			`This model stores arbitrary user-specific preferences in a JSON data structure.`
			`"""`
			`user = models.OneToOneField(`
			`to=User,`
			`on_delete=models.CASCADE,`
			`related_name='config'`
			`)`
			`data = JSONField(`
			`default=dict`
			`)`

			`class Meta:`
			`ordering = ['user']`

			`def get(self, path):`
			`"""`
			`Retrieve a configuration parameter specified by its dotted path. Example:`

			`userconfig.get('foo.bar.baz')`

			`:param path: Dotted path to the configuration key. For example, 'foo.bar' returns self.data['foo']['bar'].`
			`"""`
			`d = self.data`
			`keys = path.split('.')`

			`# Iterate down the hierarchy, returning None for any invalid keys`
			`for key in keys:`
			`if type(d) is dict:`
			`d = d.get(key)`
			`else:`
			`return None`

			`return d`

			`def set(self, path, value, commit=False):`
			`"""`
			`Define or overwrite a configuration parameter. Example:`

			`userconfig.set('foo.bar.baz', 123)`

			`Leaf nodes (those which are not dictionaries of other nodes) cannot be overwritten as dictionaries. Similarly,`
			`branch nodes (dictionaries) cannot be overwritten as single values. (A TypeError exception will be raised.) In`
			`both cases, the existing key must first be cleared. This safeguard is in place to help avoid inadvertently`
			`overwriting the wrong key.`

			`:param path: Dotted path to the configuration key. For example, 'foo.bar' sets self.data['foo']['bar'].`
			`:param value: The value to be written. This can be any type supported by JSON.`
			`:param commit: If true, the UserConfig instance will be saved once the new value has been applied.`
			`"""`
			`d = self.data`
			`keys = path.split('.')`

			`# Iterate through the hierarchy to find the key we're setting. Raise TypeError if we encounter any`
			`# interim leaf nodes (keys which do not contain dictionaries).`
			`for i, key in enumerate(keys[:-1]):`
			`if key in d and type(d[key]) is dict:`
			`d = d[key]`
			`elif key in d:`
			`err_path = '.'.join(path.split('.')[:i + 1])`
			`raise TypeError(f"Key '{err_path}' is a leaf node; cannot assign new keys")`
			`else:`
			`d = d.setdefault(key, {})`

			`# Set a key based on the last item in the path. Raise TypeError if attempting to overwrite a non-leaf node.`
			`key = keys[-1]`
			`if key in d and type(d[key]) is dict:`
			`raise TypeError(f"Key '{path}' has child keys; cannot assign a value")`
			`else:`
			`d[key] = value`

			`if commit:`
			`self.save()`

			`def clear(self, path, commit=False):`
			`"""`
			`Delete a configuration parameter specified by its dotted path. The key and any child keys will be deleted.`
			`Example:`

			`userconfig.clear('foo.bar.baz')`

			`A KeyError is raised in the event any key along the path does not exist.`

			`:param path: Dotted path to the configuration key. For example, 'foo.bar' deletes self.data['foo']['bar'].`
			`:param commit: If true, the UserConfig instance will be saved once the new value has been applied.`
			`"""`
			`d = self.data`
			`keys = path.split('.')`

			`for key in keys[:-1]:`
			`if key in d and type(d[key]) is dict:`
			`d = d[key]`

			`key = keys[-1]`
			`del(d[key])`

			`if commit:`
			`self.save()`


Initial work on token authentication 2017-03-07 17:17:39 -05:00			`class Token(models.Model):`
			`"""`
			`An API token used for user authentication. This extends the stock model to allow each user to have multiple tokens.`
			`It also supports setting an expiration time and toggling write ability.`
			`"""`
Code formatting cleanup 2018-03-30 13:57:26 -04:00			`user = models.ForeignKey(`
			`to=User,`
			`on_delete=models.CASCADE,`
			`related_name='tokens'`
			`)`
			`created = models.DateTimeField(`
			`auto_now_add=True`
			`)`
			`expires = models.DateTimeField(`
			`blank=True,`
			`null=True`
			`)`
			`key = models.CharField(`
			`max_length=40,`
			`unique=True,`
			`validators=[MinLengthValidator(40)]`
			`)`
			`write_enabled = models.BooleanField(`
			`default=True,`
			`help_text='Permit create/update/delete operations using this key'`
			`)`
			`description = models.CharField(`
Standardize existing description fields to a length of 200 chars 2020-03-13 15:49:58 -04:00			`max_length=200,`
Code formatting cleanup 2018-03-30 13:57:26 -04:00			`blank=True`
			`)`
Initial work on token authentication 2017-03-07 17:17:39 -05:00
Suppress default permissions for Token model 2017-03-07 22:40:05 -05:00			`class Meta:`
Closes #2479: Add user permissions for creating/modifying API tokens 2018-10-05 11:06:59 -04:00			`pass`
Suppress default permissions for Token model 2017-03-07 22:40:05 -05:00
Initial work on token authentication 2017-03-07 17:17:39 -05:00			`def __str__(self):`
Finished user control panel for tokens 2017-03-08 11:34:47 -05:00			`# Only display the last 24 bits of the token to avoid accidental exposure.`
Import unicode_literals 2017-05-24 11:33:11 -04:00			`return "{} ({})".format(self.key[-6:], self.user)`
Initial work on token authentication 2017-03-07 17:17:39 -05:00
			`def save(self, args, *kwargs):`
			`if not self.key:`
			`self.key = self.generate_key()`
Closes #2614: Simplify calls of super() for Python 3 2018-11-27 10:52:24 -05:00			`return super().save(args, *kwargs)`
Initial work on token authentication 2017-03-07 17:17:39 -05:00
			`def generate_key(self):`
Shorten key length to 20 bytes 2017-03-07 22:56:29 -05:00			`# Generate a random 160-bit key expressed in hexadecimal.`
			`return binascii.hexlify(os.urandom(20)).decode()`
Addded is_expired property to Token 2017-03-07 23:30:31 -05:00
			`@property`
			`def is_expired(self):`
Fixes #1021: Corrected evaluation of API token expiration time 2017-03-31 11:13:37 -04:00			`if self.expires is None or timezone.now() < self.expires:`
			`return False`
			`return True`