]>
Commit | Line | Data |
---|---|---|
f6e6ff79 MT |
1 | #!/usr/bin/python |
2 | ||
2c909128 MT |
3 | from . import base |
4 | from . import users | |
f6e6ff79 | 5 | |
d2738057 | 6 | from .decorators import * |
f6e6ff79 | 7 | |
d2738057 MT |
8 | class Sessions(base.Object): |
9 | def __iter__(self): | |
10 | query = "SELECT * FROM sessions WHERE valid_until >= NOW() \ | |
20d7f5eb MT |
11 | ORDER BY valid_until DESC" |
12 | ||
13 | sessions = [] | |
d2738057 MT |
14 | for row in self.db.query(query): |
15 | session = Session(self.backend, row.id, data=row) | |
16 | sessions.append(session) | |
20d7f5eb | 17 | |
d2738057 MT |
18 | # Sort |
19 | sessions.sort() | |
20d7f5eb | 20 | |
d2738057 | 21 | return iter(sessions) |
20d7f5eb | 22 | |
d2738057 MT |
23 | def create(self, user, address, user_agent=None): |
24 | """ | |
25 | Creates a new session in the data. | |
f6e6ff79 | 26 | |
d2738057 MT |
27 | The user is not checked and it is assumed that the user exists |
28 | and has the right to log in. | |
29 | """ | |
30 | session_id = users.generate_random_string(48) | |
31 | ||
365892dc | 32 | res = self.db.get("INSERT INTO sessions(session_id, user_id, address, user_agent) \ |
d2738057 MT |
33 | VALUES(%s, %s, %s, %s) RETURNING *", session_id, user.id, address, user_agent) |
34 | ||
35 | return Session(self.backend, res.id, data=res) | |
f6e6ff79 | 36 | |
d2738057 MT |
37 | def get_by_session_id(self, session_id): |
38 | res = self.db.get("SELECT * FROM sessions \ | |
39 | WHERE session_id = %s AND valid_until >= NOW()", session_id) | |
f6e6ff79 | 40 | |
d2738057 MT |
41 | if res: |
42 | return Session(self.backend, res.id, data=res) | |
f6e6ff79 | 43 | |
d2738057 MT |
44 | # Alias function |
45 | get = get_by_session_id | |
f6e6ff79 | 46 | |
d2738057 MT |
47 | def cleanup(self): |
48 | # Delete all sessions that are not valid any more. | |
49 | self.db.execute("DELETE FROM sessions WHERE valid_until < NOW()") | |
f6e6ff79 | 50 | |
f6e6ff79 | 51 | |
d2738057 | 52 | class Session(base.DataObject): |
92431da4 MT |
53 | table = "sessions" |
54 | ||
d2738057 MT |
55 | def __eq__(self, other): |
56 | if isinstance(other, self.__class__): | |
57 | return self.id == other.id | |
f6e6ff79 | 58 | |
d2738057 MT |
59 | def __lt__(self, other): |
60 | if isinstance(other, self.__class__): | |
61 | return self.user < other.user | |
f6e6ff79 MT |
62 | |
63 | def destroy(self): | |
d2738057 | 64 | self.db.execute("DELETE FROM sessions WHERE id = %s", self.id) |
f6e6ff79 | 65 | |
365892dc MT |
66 | @property |
67 | def session_id(self): | |
68 | return self.data.session_id | |
69 | ||
d2738057 | 70 | @lazy_property |
f6e6ff79 | 71 | def user(self): |
d2738057 | 72 | return self.backend.users.get_by_id(self.data.user_id) |
f6e6ff79 | 73 | |
d2738057 MT |
74 | @lazy_property |
75 | def impersonated_user(self): | |
76 | if self.data.impersonated_user_id: | |
77 | return self.backend.users.get_by_id(self.data.impersonated_user_id) | |
f6e6ff79 | 78 | |
20d7f5eb | 79 | @property |
d2738057 MT |
80 | def created_at(self): |
81 | return self.data.created_at | |
20d7f5eb MT |
82 | |
83 | @property | |
84 | def valid_until(self): | |
85 | return self.data.valid_until | |
86 | ||
87 | @property | |
d2738057 MT |
88 | def address(self): |
89 | return self.data.address | |
20d7f5eb | 90 | |
f6e6ff79 | 91 | @property |
d2738057 MT |
92 | def user_agent(self): |
93 | return self.data.user_agent | |
f6e6ff79 MT |
94 | |
95 | def start_impersonation(self, user): | |
d2738057 MT |
96 | if not self.user.is_admin(): |
97 | raise RuntimeError("Only admins can impersonate other users") | |
f6e6ff79 | 98 | |
f6e6ff79 | 99 | if self.user == user: |
d2738057 | 100 | raise RuntimeError("You cannot impersonate yourself") |
f6e6ff79 | 101 | |
d2738057 | 102 | self._set_attribute("impersonated_user_id", user.id) |
f6e6ff79 MT |
103 | |
104 | def stop_impersonation(self): | |
d2738057 | 105 | self._set_attribute("impersonated_user_id", None) |