orc: - - Права доступа в случае незаявленного пользователя (Hotfix)

- - Возможность авторизации в формате login@domain
dev-fastapi
Иван Маслов 2 years ago
parent 04b20f0875
commit d1189657c5

@ -79,29 +79,41 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
if "\\" in lUser: if "\\" in lUser:
lDomain = lUser.split("\\")[0] lDomain = lUser.split("\\")[0]
lUser = lUser.split("\\")[1] lUser = lUser.split("\\")[1]
elif "@" in lUser:
lDomain = lUser.split("@")[1]
lUser = lUser.split("@")[0]
lLogonBool = __Orchestrator__.OSCredentialsVerify(inUserStr=lUser, inPasswordStr=lPassword, inDomainStr=lDomain) lLogonBool = __Orchestrator__.OSCredentialsVerify(inUserStr=lUser, inPasswordStr=lPassword, inDomainStr=lDomain)
#Check result #Check result
if lLogonBool: if lLogonBool: # check user in gsettings rules
lResult["Domain"] = lDomain lLogonBool = False
lResult["User"] = lUser gSettings = __Orchestrator__.GSettingsGet() # Set the global settings
#Create token lUserTurple = (lDomain.upper(),lUser.upper()) # Create turple key for inGSettings["ServerDict"]["AccessUsers"]["RuleDomainUserDict"]
lAuthToken=str(uuid.uuid1()) lUserTurple2 = ("",lUser.upper()) # Create turple key for inGSettings["ServerDict"]["AccessUsers"]["RuleDomainUserDict"]
__Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken] = {} if lUserTurple in gSettings.get("ServerDict",{}).get("AccessUsers", {}).get("RuleDomainUserDict", {}): lLogonBool = True
__Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["Domain"] = lResult["Domain"] elif lUserTurple2 in gSettings.get("ServerDict",{}).get("AccessUsers", {}).get("RuleDomainUserDict", {}): lLogonBool = True
__Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["User"] = lResult["User"] if lLogonBool: # If user exists in UAC Dict
__Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["FlagDoNotExpire"] = False lResult["Domain"] = lDomain
__Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["TokenDatetime"] = datetime.datetime.now() lResult["User"] = lUser
#Set-cookie #Create token
inResponse.set_cookie(key="AuthToken",value=lAuthToken) lAuthToken=str(uuid.uuid1())
mOpenRPA={} __Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken] = {}
mOpenRPA["AuthToken"] = lAuthToken __Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["Domain"] = lResult["Domain"]
mOpenRPA["Domain"] = lResult["Domain"] __Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["User"] = lResult["User"]
mOpenRPA["User"] = lResult["User"] __Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["FlagDoNotExpire"] = False
mOpenRPA["IsSuperToken"] = __Orchestrator__.GSettingsGet().get("ServerDict", {}).get("AccessUsers", {}).get("AuthTokensDict", {}).get(mOpenRPA["AuthToken"], {}).get("FlagDoNotExpire", False) __Orchestrator__.GSettingsGet()["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]["TokenDatetime"] = datetime.datetime.now()
return lAuthToken #Set-cookie
#inRequest.OpenRPASetCookie = {} inResponse.set_cookie(key="AuthToken",value=lAuthToken)
#New engine of server mOpenRPA={}
#inRequest.OpenRPAResponseDict["SetCookies"]["AuthToken"] = lAuthToken mOpenRPA["AuthToken"] = lAuthToken
mOpenRPA["Domain"] = lResult["Domain"]
mOpenRPA["User"] = lResult["User"]
mOpenRPA["IsSuperToken"] = __Orchestrator__.GSettingsGet().get("ServerDict", {}).get("AccessUsers", {}).get("AuthTokensDict", {}).get(mOpenRPA["AuthToken"], {}).get("FlagDoNotExpire", False)
return lAuthToken
#inRequest.OpenRPASetCookie = {}
#New engine of server
#inRequest.OpenRPAResponseDict["SetCookies"]["AuthToken"] = lAuthToken
else:
raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (для пользователя не заявлен доступ к оркестратору pyOpenRPA. Обратитесь в техническую поддержку)", headers={})
else: else:
raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (неверная пара логин / пароль)", headers={}) raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (неверная пара логин / пароль)", headers={})
###################################### ######################################
@ -111,6 +123,7 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
lRouteList =[] lRouteList =[]
for lItem in app.router.routes: for lItem in app.router.routes:
lRouteList.append(lItem) lRouteList.append(lItem)

@ -148,7 +148,7 @@ async def pyOpenRPA_ServerData(inRequest: Request, inAuthTokenStr:str=Depends(Id
"CPDict": HiddenCPDictGenerate(inAuthTokenStr=inAuthTokenStr), "CPDict": HiddenCPDictGenerate(inAuthTokenStr=inAuthTokenStr),
"RDPDict": HiddenRDPDictGenerate(inAuthTokenStr=inAuthTokenStr), "RDPDict": HiddenRDPDictGenerate(inAuthTokenStr=inAuthTokenStr),
"AgentDict": HiddenAgentDictGenerate(inAuthTokenStr=inAuthTokenStr), "AgentDict": HiddenAgentDictGenerate(inAuthTokenStr=inAuthTokenStr),
"UserDict": {"UACClientDict": {}, "CWDPathStr": os.getcwd(), "VersionStr": inGSettings["VersionStr"]}, "UserDict": {"UACClientDict": __Orchestrator__.WebUserUACHierarchyGet(inAuthTokenStr=inAuthTokenStr), "CWDPathStr": os.getcwd(), "VersionStr": inGSettings["VersionStr"]},
} }
# Create JSON # Create JSON
lServerDataDictJSONStr = json.dumps(lServerDataDict) lServerDataDictJSONStr = json.dumps(lServerDataDict)

Loading…
Cancel
Save