adjustments part 1
This commit is contained in:
parent
dc4d60fba2
commit
8252afca16
|
@ -59,7 +59,7 @@ mv pg_hba.conf pg_hba.conf.old
|
|||
# TYPE DATABASE USER ADDRESS METHOD
|
||||
local all postgres md5
|
||||
local sameuser all md5
|
||||
host all all 0.0.0.0/0 reject
|
||||
host sameuser all 0.0.0.0/0 md5
|
||||
```
|
||||
```
|
||||
systemctl restart postgresql
|
||||
|
|
|
@ -51,6 +51,11 @@ class NoSuchListError(Exception):
|
|||
super().__init__('mailing list does not exist')
|
||||
|
||||
|
||||
class InvalidUsernameError(Exception):
|
||||
def __init__(self):
|
||||
super().__init__('Username contains characters that are not allowed')
|
||||
|
||||
|
||||
class DatabaseConnectionError(Exception):
|
||||
def __init__(self):
|
||||
super().__init__('unable to connect or authenticate to sql service')
|
||||
|
|
|
@ -3,7 +3,7 @@ from zope import component
|
|||
from ceod.api.utils import authz_restrict_to_staff, authz_restrict_to_syscom, \
|
||||
user_is_in_group, requires_authentication_no_realm, \
|
||||
create_streaming_response, development_only
|
||||
from ceo_common.errors import UserNotFoundError, DatabaseConnectionError, DatabasePermissionError
|
||||
from ceo_common.errors import UserNotFoundError, DatabaseConnectionError, DatabasePermissionError, InvalidUsernameError
|
||||
from ceo_common.interfaces import ILDAPService, IDatabaseService
|
||||
|
||||
|
||||
|
@ -13,7 +13,7 @@ bp = Blueprint('db', __name__)
|
|||
def create_db_from_type(db_type: str, username: str):
|
||||
try:
|
||||
if not username.isalnum(): # username should not contain symbols
|
||||
raise UserNotFoundError
|
||||
raise InvalidUsernameError()
|
||||
ldap_srv = component.getUtility(ILDAPService)
|
||||
ldap_srv.get_user(username) # make sure user exists
|
||||
db_srv = component.getUtility(IDatabaseService, db_type)
|
||||
|
@ -21,30 +21,30 @@ def create_db_from_type(db_type: str, username: str):
|
|||
return {'password': password}
|
||||
except UserNotFoundError:
|
||||
return {'error': 'user not found'}, 404
|
||||
except InvalidUsernameError:
|
||||
return {'error': 'username contains invalid characters'}, 400
|
||||
except DatabaseConnectionError:
|
||||
return {'error': 'unable to connect or authenticate to sql server'}, 400
|
||||
return {'error': 'unable to connect or authenticate to sql server'}, 500
|
||||
except DatabasePermissionError:
|
||||
return {'error': 'unable to perform action due to permissions'}, 502
|
||||
except:
|
||||
return {'error': 'Unexpected error'}, 500
|
||||
return {'error': 'unable to perform action due to permissions'}, 500
|
||||
|
||||
|
||||
def delete_db_from_type(db_type: str, username: str):
|
||||
try:
|
||||
if not username.isalnum(): # username should not contain symbols
|
||||
raise UserNotFoundError
|
||||
raise InvalidUsernameError()
|
||||
ldap_srv = component.getUtility(ILDAPService)
|
||||
ldap_srv.get_user(username) # make sure user exists
|
||||
db_srv = component.getUtility(IDatabaseService, db_type)
|
||||
db_srv.delete_db(username)
|
||||
except UserNotFoundError:
|
||||
return {'error': 'user not found'}, 404
|
||||
except InvalidUsernameError:
|
||||
return {'error': 'username contains invalid characters'}, 400
|
||||
except DatabaseConnectionError:
|
||||
return {'error': 'unable to connect or authenticate to sql server'}, 400
|
||||
return {'error': 'unable to connect or authenticate to sql server'}, 500
|
||||
except DatabasePermissionError:
|
||||
return {'error': 'unable to perform action due to permissions'}, 502
|
||||
except:
|
||||
return {'error': 'Unexpected error'}, 500
|
||||
return {'error': 'unable to perform action due to permissions'}, 500
|
||||
|
||||
|
||||
@bp.route('/mysql/<username>', methods=['POST'])
|
||||
|
|
|
@ -10,8 +10,10 @@ from mysql.connector.errors import InterfaceError, ProgrammingError
|
|||
|
||||
@implementer(IDatabaseService)
|
||||
class MySQLService:
|
||||
|
||||
type = 'mysql'
|
||||
|
||||
def __init__(self):
|
||||
self.type = 'mysql'
|
||||
config = component.getUtility(IConfig)
|
||||
self.auth_username = config.get('mysql_username')
|
||||
self.auth_password = config.get('mysql_password')
|
||||
|
@ -55,8 +57,8 @@ class MySQLService:
|
|||
password=self.auth_password,
|
||||
) as con:
|
||||
with con.cursor() as cursor:
|
||||
cursor.execute(drop_user)
|
||||
cursor.execute(drop_db)
|
||||
cursor.execute(drop_user)
|
||||
except InterfaceError:
|
||||
raise DatabaseConnectionError()
|
||||
except ProgrammingError:
|
||||
|
|
|
@ -10,8 +10,10 @@ from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT
|
|||
|
||||
@implementer(IDatabaseService)
|
||||
class PostgreSQLService:
|
||||
|
||||
type = 'postgresql'
|
||||
|
||||
def __init__(self):
|
||||
self.type = 'postgresql'
|
||||
config = component.getUtility(IConfig)
|
||||
self.auth_username = config.get('postgresql_username')
|
||||
self.auth_password = config.get('postgresql_password')
|
||||
|
@ -57,8 +59,8 @@ class PostgreSQLService:
|
|||
) as con:
|
||||
con.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT)
|
||||
with con.cursor() as cursor:
|
||||
cursor.execute(drop_user)
|
||||
cursor.execute(drop_db)
|
||||
cursor.execute(drop_user)
|
||||
except OperationalError:
|
||||
raise DatabaseConnectionError()
|
||||
except ProgrammingError:
|
||||
|
|
Loading…
Reference in New Issue