migrate ScoDoc7 user db
This commit is contained in:
parent
4526a6b934
commit
7f6a21f040
|
|
@ -5,7 +5,6 @@
|
||||||
|
|
||||||
import base64
|
import base64
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
from hashlib import md5
|
|
||||||
import json
|
import json
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
|
|
@ -40,6 +39,7 @@ class User(UserMixin, db.Model):
|
||||||
active = db.Column(db.Boolean, default=True, index=True)
|
active = db.Column(db.Boolean, default=True, index=True)
|
||||||
|
|
||||||
password_hash = db.Column(db.String(128))
|
password_hash = db.Column(db.String(128))
|
||||||
|
password_scodoc7 = db.Column(db.String(42))
|
||||||
last_seen = db.Column(db.DateTime, default=datetime.utcnow)
|
last_seen = db.Column(db.DateTime, default=datetime.utcnow)
|
||||||
date_modif_passwd = db.Column(db.DateTime, default=datetime.utcnow)
|
date_modif_passwd = db.Column(db.DateTime, default=datetime.utcnow)
|
||||||
date_created = db.Column(db.DateTime, default=datetime.utcnow)
|
date_created = db.Column(db.DateTime, default=datetime.utcnow)
|
||||||
|
|
@ -55,7 +55,6 @@ class User(UserMixin, db.Model):
|
||||||
self.roles = []
|
self.roles = []
|
||||||
self.user_roles = []
|
self.user_roles = []
|
||||||
super(User, self).__init__(**kwargs)
|
super(User, self).__init__(**kwargs)
|
||||||
self._format_noms()
|
|
||||||
# Ajoute roles:
|
# Ajoute roles:
|
||||||
if (
|
if (
|
||||||
not self.roles
|
not self.roles
|
||||||
|
|
@ -89,6 +88,18 @@ class User(UserMixin, db.Model):
|
||||||
"""
|
"""
|
||||||
if not self.active: # inactived users can't login
|
if not self.active: # inactived users can't login
|
||||||
return False
|
return False
|
||||||
|
if (not self.password_hash) and self.password_scodoc7:
|
||||||
|
# Special case: user freshly migrated from ScoDoc7
|
||||||
|
if scu.check_scodoc7_password(self.password_scodoc7, password):
|
||||||
|
current_app.logger.warning(
|
||||||
|
"migrating legacy ScoDoc7 password for {}".format(self)
|
||||||
|
)
|
||||||
|
self.set_password(password)
|
||||||
|
self.password_scodoc7 = None
|
||||||
|
db.session.add(self)
|
||||||
|
db.session.commit()
|
||||||
|
return True
|
||||||
|
return False
|
||||||
if not self.password_hash: # user without password can't login
|
if not self.password_hash: # user without password can't login
|
||||||
return False
|
return False
|
||||||
return check_password_hash(self.password_hash, password)
|
return check_password_hash(self.password_hash, password)
|
||||||
|
|
@ -161,7 +172,6 @@ class User(UserMixin, db.Model):
|
||||||
for r_d in data["roles_string"].split(","):
|
for r_d in data["roles_string"].split(","):
|
||||||
role, dept = UserRole.role_dept_from_string(r_d)
|
role, dept = UserRole.role_dept_from_string(r_d)
|
||||||
self.add_role(role, dept)
|
self.add_role(role, dept)
|
||||||
self._format_noms()
|
|
||||||
|
|
||||||
def get_token(self, expires_in=3600):
|
def get_token(self, expires_in=3600):
|
||||||
now = datetime.utcnow()
|
now = datetime.utcnow()
|
||||||
|
|
@ -342,10 +352,10 @@ class Role(db.Model):
|
||||||
def insert_roles():
|
def insert_roles():
|
||||||
"""Create default roles"""
|
"""Create default roles"""
|
||||||
default_role = "Observateur"
|
default_role = "Observateur"
|
||||||
for r, permissions in SCO_ROLES_DEFAULTS.items():
|
for role_name, permissions in SCO_ROLES_DEFAULTS.items():
|
||||||
role = Role.query.filter_by(name=r).first()
|
role = Role.query.filter_by(name=role_name).first()
|
||||||
if role is None:
|
if role is None:
|
||||||
role = Role(name=r)
|
role = Role(name=role_name)
|
||||||
role.reset_permissions()
|
role.reset_permissions()
|
||||||
for perm in permissions:
|
for perm in permissions:
|
||||||
role.add_permission(perm)
|
role.add_permission(perm)
|
||||||
|
|
|
||||||
|
|
@ -28,10 +28,12 @@
|
||||||
|
|
||||||
""" Common definitions
|
""" Common definitions
|
||||||
"""
|
"""
|
||||||
|
import base64
|
||||||
import bisect
|
import bisect
|
||||||
import copy
|
import copy
|
||||||
import datetime
|
import datetime
|
||||||
import json
|
import json
|
||||||
|
from hashlib import md5
|
||||||
import numbers
|
import numbers
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
|
|
@ -672,6 +674,16 @@ def get_scodoc_version():
|
||||||
return os.popen("cd %s; ./get_scodoc_version.sh -s" % SCO_TOOLS_DIR).read().strip()
|
return os.popen("cd %s; ./get_scodoc_version.sh -s" % SCO_TOOLS_DIR).read().strip()
|
||||||
|
|
||||||
|
|
||||||
|
def check_scodoc7_password(scodoc7_hash, password):
|
||||||
|
"""Check a password vs scodoc7 hash
|
||||||
|
used only during old databases migrations"""
|
||||||
|
m = md5()
|
||||||
|
m.update(password.encode("utf-8"))
|
||||||
|
# encodestring à remplacer par encodebytes #py3
|
||||||
|
h = base64.encodestring(m.digest()).decode("utf-8").strip()
|
||||||
|
return h == scodoc7_hash
|
||||||
|
|
||||||
|
|
||||||
# Simple string manipulations
|
# Simple string manipulations
|
||||||
# on utf-8 encoded python strings
|
# on utf-8 encoded python strings
|
||||||
# (yes, we should only use unicode strings, but... we use only strings)
|
# (yes, we should only use unicode strings, but... we use only strings)
|
||||||
|
|
|
||||||
|
|
@ -4,8 +4,11 @@
|
||||||
{% block app_content %}
|
{% block app_content %}
|
||||||
<h2>ScoDoc: gestion scolarité</h2>
|
<h2>ScoDoc: gestion scolarité</h2>
|
||||||
|
|
||||||
<p>Bonjour <font color="red"><b>{{current_user.get_nomcomplet()}}</b></font>.</p>
|
{% if not current_user.is_anonymous %}
|
||||||
|
<p>Bonjour <font color="red"><b>{{current_user.get_nomcomplet()}}</b>
|
||||||
|
</font>.</p>
|
||||||
<p>N'oubliez pas de vous <a href="{{url_for('auth.logout')}}">déconnecter</a> après usage.</p>
|
<p>N'oubliez pas de vous <a href="{{url_for('auth.logout')}}">déconnecter</a> après usage.</p>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
<ul class="main">
|
<ul class="main">
|
||||||
{% for dept in dept_ids %}
|
{% for dept in dept_ids %}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,7 @@
|
||||||
|
# -*- mode: python -*-
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Utilitaires divers, à utiliser en ligne de commande
|
||||||
|
# via flask
|
||||||
|
|
||||||
|
from app.utils.import_scodoc7_user_db import import_scodoc7_user_db
|
||||||
|
|
@ -0,0 +1,64 @@
|
||||||
|
# -*- mode: python -*-
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import pdb
|
||||||
|
import re
|
||||||
|
|
||||||
|
import psycopg2
|
||||||
|
import psycopg2.extras
|
||||||
|
|
||||||
|
from flask import current_app
|
||||||
|
from app import app, db
|
||||||
|
from app.auth.models import User, Role
|
||||||
|
|
||||||
|
|
||||||
|
def import_scodoc7_user_db(scodoc7_db="dbname=SCOUSERS"):
|
||||||
|
"""Create users from existing ScoDoc7 db (SCOUSERS)
|
||||||
|
The resulting users are in SCO8USERS,
|
||||||
|
handled via Flask/SQLAlchemy ORM.
|
||||||
|
"""
|
||||||
|
cnx = psycopg2.connect(scodoc7_db)
|
||||||
|
cursor = cnx.cursor(cursor_factory=psycopg2.extras.DictCursor)
|
||||||
|
cursor.execute("SELECT * FROM sco_users;")
|
||||||
|
for u7 in cursor:
|
||||||
|
if User.query.filter_by(user_name=u7["user_name"]).first():
|
||||||
|
# user with same name exists !
|
||||||
|
current_app.logger.warning(
|
||||||
|
"User {} exists and is left unchanged".format(u7["user_name"])
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
u = User(
|
||||||
|
user_name=u7["user_name"],
|
||||||
|
email=u7["email"],
|
||||||
|
date_modif_passwd=u7["date_modif_passwd"],
|
||||||
|
nom=u7["nom"],
|
||||||
|
prenom=u7["prenom"],
|
||||||
|
dept=u7["dept"],
|
||||||
|
passwd_temp=u7["passwd_temp"],
|
||||||
|
date_expiration=u7["date_expiration"],
|
||||||
|
password_scodoc7=u7["passwd"],
|
||||||
|
active=(u7["status"] == None),
|
||||||
|
)
|
||||||
|
# Set roles:
|
||||||
|
# ScoDoc7 roles are stored as 'AdminRT,EnsRT'
|
||||||
|
for role_dept in u7["roles"].split(","):
|
||||||
|
m = re.match(r"^([A-Za-z0-9]+?)([A-Z][A-Za-z0-9]*?)$", role_dept)
|
||||||
|
if not m:
|
||||||
|
current_app.logger.warning(
|
||||||
|
"User {}: ignoring role {}".format(u7["user_name"], role_dept)
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
role_name = m.group(1)
|
||||||
|
dept = m.group(2)
|
||||||
|
role = Role.query.filter_by(name=role_name).first()
|
||||||
|
if not role:
|
||||||
|
current_app.logger.warning(
|
||||||
|
"User {}: ignoring role {}".format(
|
||||||
|
u7["user_name"], role_dept
|
||||||
|
)
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
u.add_role(role, dept)
|
||||||
|
db.session.add(u)
|
||||||
|
current_app.logger.info("imported user {}".format(u))
|
||||||
|
db.session.commit()
|
||||||
13
scodoc.py
13
scodoc.py
|
|
@ -20,6 +20,7 @@ from app import create_app, cli, db
|
||||||
|
|
||||||
from app.auth.models import User, Role, UserRole
|
from app.auth.models import User, Role, UserRole
|
||||||
from app.views import notes, scolar, absences
|
from app.views import notes, scolar, absences
|
||||||
|
import app.utils as utils
|
||||||
|
|
||||||
from config import Config
|
from config import Config
|
||||||
|
|
||||||
|
|
@ -44,7 +45,7 @@ def make_shell_context():
|
||||||
|
|
||||||
|
|
||||||
@app.cli.command()
|
@app.cli.command()
|
||||||
def user_db_init():
|
def user_db_init(): # user-db-init
|
||||||
"""Initialize the users database."""
|
"""Initialize the users database."""
|
||||||
click.echo("Init the db")
|
click.echo("Init the db")
|
||||||
# Create roles:
|
# Create roles:
|
||||||
|
|
@ -166,3 +167,13 @@ def test_interactive(filename=None):
|
||||||
exec(open(filename).read())
|
exec(open(filename).read())
|
||||||
|
|
||||||
click.echo("Done.")
|
click.echo("Done.")
|
||||||
|
|
||||||
|
|
||||||
|
@app.cli.command()
|
||||||
|
@with_appcontext
|
||||||
|
def user_db_import_scodoc7(): # user-db-import-scodoc7
|
||||||
|
"""Import used defined in ScoDoc7 postgresql database into ScoDoc8
|
||||||
|
The old database SCOUSERS must be alive and readable by the current user.
|
||||||
|
This script is typically run as unix user www-data.
|
||||||
|
"""
|
||||||
|
utils.import_scodoc7_user_db()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue