OPEN_RPA_PUBLIC
/
ORPA-pyOpenRPA
2
0
Fork 1
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

#OrchestratorAccessUsers for test

Browse Source 
Signed-off-by: Ivan Maslov <Ivan.Maslov@UnicodeLabs.ru>
dev-linux
Ivan Maslov 5 years ago
parent f6ed0cf27a
commit 0b551d152a
5 changed files with 92 additions and 10 deletions
Show Stats Download Patch File Download Diff File

32
Orchestrator/Settings/AccessUser_ND.py
Unescape View File

@ -0,0 +1,32 @@
def SettingsUpdate(inDict):
#################################################
#General MethodMatchURL list (no domain/user)
lRuleMethodMatchURLBeforeList=[
{
"Method":"GET",
"MatchType":"Equal",
"URL":"/",
"FlagAccess": True
}
]
#Append to global list
inDict["Server"]["AccessUsers"]["RuleMethodMatchURLBeforeList"]=inDict["Server"]["AccessUsers"]["RuleMethodMatchURLBeforeList"]+lRuleMethodMatchURLBeforeList
##################################################
#""/"ND" MethodMatchURLList
l__ND_RuleMethodMatchURLBeforeList={
("","ND"): {
"MethodMatchURLBeforeList": [
{
"Method":"GET",
"MatchType":"Beginwith",
"URL":"/",
#"FlagAccessDefRequestGlobalAuthenticate": TestDef
"FlagAccess": True
}
]
}
}
#Append to global list
inDict["Server"]["AccessUsers"]["RuleDomainUserDict"].update(l__ND_RuleMethodMatchURLBeforeList)
#Return current dict
return inDict

13
Orchestrator/Settings/Settings.py
Unescape View File

@ -78,8 +78,8 @@ def Settings():
],
"AccessUsers": { #Defaul - all URL is blocked
"FlagCredentialsAsk": True, #Turn on Authentication
"RuleDict": {
#("Domain", "User"): {
"RuleDomainUserDict": {
#("DOMAIN", "USER"): { #upper case
# "MethodMatchURLBeforeList": [
# {
# "Method":"GET|POST",
@ -91,6 +91,15 @@ def Settings():
# ]
#}
},
"RuleMethodMatchURLBeforeList": [
# {
# "Method":"GET|POST",
# "MatchType":"BeginWith|Contains|Equal|EqualCase",
# "URL":"",
# "FlagAccessDefRequestGlobalAuthenticate": None, #Return bool
# "FlagAccess": True
# }
],
"AuthTokensDict": {
#"<AuthToken>":{"User":"", "Domain":"", "TokenDatetime":<Datetime>}
}

2
Orchestrator/Settings/Test.py
Unescape View File

@ -1,2 +0,0 @@
def SettingsUpdate(inDict):
print("Subsettings file in Settings folder has been sucessfully called")

53
Sources/pyOpenRPA/Orchestrator/Server.py
Unescape View File

@ -52,6 +52,8 @@ def AuthenticateVerify(inRequest):
######################################
#Way 1 - try to find AuthToken
lCookies = cookies.SimpleCookie(inRequest.headers.get("Cookie", ""))
inRequest.OpenRPA = {}
inRequest.OpenRPA["AuthToken"] = None
#pdb.set_trace()
if "AuthToken" in lCookies:
lCookieAuthToken = lCookies.get("AuthToken", "").value
@ -61,6 +63,8 @@ def AuthenticateVerify(inRequest):
#Auth Token Has Been Founded
lResult["Domain"] = mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lCookieAuthToken]["Domain"]
lResult["User"] = mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lCookieAuthToken]["User"]
#Set auth token
inRequest.OpenRPA["AuthToken"] = lCookieAuthToken
#Exit earlier
return lResult
######################################
@ -71,7 +75,7 @@ def AuthenticateVerify(inRequest):
":")
lUser = llHeaderAuthorizationDecodedUserPasswordList[0]
lPassword = llHeaderAuthorizationDecodedUserPasswordList[1]
lDomain = None
lDomain = ""
if "\\" in lUser:
lDomain = lUser.split("\\")[0]
lUser = lUser.split("\\")[1]
@ -95,8 +99,8 @@ def AuthenticateVerify(inRequest):
mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["User"] = lResult["User"]
mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["TokenDatetime"] = datetime.datetime.now()
#Set-cookie
inRequest.OpenRPA={}
inRequest.OpenRPA["AuthToken"] = lAuthToken
inRequest.OpenRPASetCookie = {}
#inRequest.OpenRPAResponse["Set-Cookie"]=[]lResult["Set-Cookie"] = lAuthToken
#pdb.set_trace()
#inRequest.send_header("Set-Cookie:", f"AuthToken={lAuthToken}")
@ -125,14 +129,17 @@ def UserAccessCheckBefore(inMethod, inRequest):
inMethod=inMethod.upper()
#Prepare result false
lResult = False
#Check rules to find first appicable
lAuthToken = inRequest.OpenRPA["AuthToken"]
#go next if user is identified
lUserDict = None
if lAuthToken:
lUserDict = mGlobalDict["Server"]["AccessUsers"]["AuthTokensDict"][lAuthToken]
#pdb.set_trace()
########################################
########################################
#Check general before rule (without User domain)
#Check rules
for lAccessRuleItem in mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("RuleDict", {}).get((lUserDict["Domain"], lUserDict["User"]), {}).get("MethodMatchURLBeforeList", []):
for lAccessRuleItem in mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("RuleMethodMatchURLBeforeList", []):
#Go next execution if flag is false
if not lResult:
#Check if Method is identical
@ -153,6 +160,36 @@ def UserAccessCheckBefore(inMethod, inRequest):
elif lAccessRuleItem["MatchType"].upper() == "EQUALCASE":
if lAccessRuleItem["URL"] == inRequest.path:
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
#########################################
#########################################
#Do check if lResult is false
if not lResult:
#Check access by User Domain
#Check rules to find first appicable
#Check rules
for lAccessRuleItem in mGlobalDict.get("Server", {}).get("AccessUsers", {}).get("RuleDomainUserDict", {}).get((lUserDict["Domain"].upper(), lUserDict["User"].upper()), {}).get("MethodMatchURLBeforeList", []):
#Go next execution if flag is false
if not lResult:
#Check if Method is identical
if lAccessRuleItem["Method"].upper() == inMethod:
#check Match type variant: BeginWith
if lAccessRuleItem["MatchType"].upper() == "BEGINWITH":
if inRequest.path.startswith(lAccessRuleItem["URL"]):
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
#check Match type variant: Contains
elif lAccessRuleItem["MatchType"].upper() == "CONTAINS":
if inRequest.path.contains(lAccessRuleItem["URL"]):
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
# check Match type variant: Equal
elif lAccessRuleItem["MatchType"].upper() == "EQUAL":
if lAccessRuleItem["URL"].upper() == inRequest.path.upper():
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
# check Match type variant: EqualCase
elif lAccessRuleItem["MatchType"].upper() == "EQUALCASE":
if lAccessRuleItem["URL"] == inRequest.path:
lResult = HelpGetFlag(lAccessRuleItem, inRequest, mGlobalDict, lUserDict)
#####################################
#####################################
#Return lResult
return lResult
# HTTPRequestHandler class
@ -164,7 +201,7 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
# Send headers
self.send_header('Content-type', inContentType)
#Check if var exist
if hasattr(self, "OpenRPA"):
if hasattr(self, "OpenRPASetCookie"):
self.send_header("Set-Cookie", f"AuthToken={self.OpenRPA['AuthToken']}")
self.end_headers()
lFileObject = open(inFilePath, "rb")
@ -261,6 +298,12 @@ class testHTTPServer_RequestHandler(BaseHTTPRequestHandler):
# check if file in FileURL - File Path Mapping Dict
if lFileURL.lower() in mGlobalDict["FileManager"]["FileURLFilePathDict"]:
self.SendResponseContentTypeFile('application/octet-stream',mGlobalDict["FileManager"]["FileURLFilePathDict"][lFileURL])
else:
#Set access denied code
# Send response status code
self.send_response(403)
# Send headers
self.end_headers()
# POST
def do_POST(self):
#####################################

2
Sources/pyOpenRPA/Orchestrator/__main__.py
Unescape View File

@ -1,4 +1,4 @@
import sys
lFolderPath = "\\".join(__file__.split("\\")[:-2])
sys.path.append(lFolderPath)
sys.path.insert(0, lFolderPath)
from Orchestrator import Orchestrator
Write Preview
Loading…
Cancel
Save