Store user database token in cairis_user

cairis-platform · May 1, 2019 · 1789574 · 1789574
1 parent e0505c7
commit 1789574
Show file tree

Hide file tree

Showing 12 changed files with 36 additions and 98 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -22,11 +22,6 @@ addons:
     - docbook-utils
     - libxml2-dev
     - libxslt1-dev
-    - python-dbus
-    - gnome-keyring
-    - libffi-dev
-    - libssl-dev
-    - python3-keyring
 
 env:
 - PYTHONPATH=. CAIRIS_SRC=$PYTHONPATH/cairis CAIRIS_CFG=cairis_travis.cnf XML_CATALOG_FILES=$CAIRIS_SRC/config/catalog

diff --git a/cairis/bin/add_cairis_user.py b/cairis/bin/add_cairis_user.py
@@ -23,7 +23,6 @@
 from flask_cors import CORS
 from cairis.core.Borg import Borg
 from cairis.core.MySQLDatabaseProxy import createDatabaseAccount,createDatabaseAndPrivileges,createDatabaseSchema
-from cairis.core.PasswordManager import setDatabasePassword
 import cairis.core.BorgFactory
 
 __author__ = 'Shamal Faily'
@@ -51,6 +50,7 @@ class User(db.Model, UserMixin):
   id = db.Column(db.Integer, primary_key=True)
   email = db.Column(db.String(255), unique=True)
   password = db.Column(db.String(255))
+  dbtoken = db.Column(db.String(255))
   name = db.Column(db.String(255))
   active = db.Column(db.Boolean())
   confirmed_at = db.Column(db.DateTime())
@@ -66,13 +66,14 @@ def main():
   parser.add_argument('name',help='Full name')
   args = parser.parse_args()
 
-  rp = setDatabasePassword(args.user)
+  rp = ''.join(choice(ascii_letters + digits) for i in range(255))
+
   createDatabaseAccount(b.rPasswd,b.dbHost,b.dbPort,args.user,rp)
   createDatabaseAndPrivileges(b.rPasswd,b.dbHost,b.dbPort,args.user,rp,args.user + '_default')
   createDatabaseSchema(b.cairisRoot,b.dbHost,b.dbPort,args.user,rp,args.user + '_default')
 
   db.create_all()
-  user_datastore.create_user(email=args.user, password=args.password, name=args.name) 
+  user_datastore.create_user(email=userName, password=passWd,dbtoken=rp,name = 'Default user')
   db.session.commit()
 
 if __name__ == '__main__':

diff --git a/cairis/core/BorgFactory.py b/cairis/core/BorgFactory.py
@@ -22,9 +22,8 @@
 import logging
 import json
 from cairis.tools.GraphicsGenerator import GraphicsGenerator
-from .MySQLDatabaseProxy import MySQLDatabaseProxy
+from .MySQLDatabaseProxy import MySQLDatabaseProxy,dbtoken
 from .ARM import ARMException
-from .PasswordManager import getDatabasePassword
 
 def testUploadDirectory(uploadDir,logger):
 
@@ -124,7 +123,7 @@ def initialise(user='cairis_test',db='cairis_test_default'):
     db='cairis_test_default'
   else:
     b.dbUser = user
-    dbPasswd = getDatabasePassword(user)
+    dbPasswd = dbtoken(b.rPasswd,b.dbHost,b.dbPort,user)
     b.dbPasswd = dbPasswd
     b.dbName = db
   b.dbProxy = GUIDatabaseProxy(user=user,passwd=b.dbPasswd,db=db)

diff --git a/cairis/core/MySQLDatabaseProxy.py b/cairis/core/MySQLDatabaseProxy.py
@@ -116,6 +116,28 @@
 
 __author__ = 'Shamal Faily, Robin Quetin, Nathan Jenkins'
 
+def dbtoken(rPasswd,dbHost,dbPort,dbUser):
+  try:
+    rootConn = MySQLdb.connect(host=dbHost,port=int(dbPort),user='root',passwd=rPasswd)
+    rootCursor = rootConn.cursor()
+    sqlTxt = 'select dbtoken from cairis_user.auth_user where email="' + dbUser + '"'
+    rs = rootCursor.execute(sqlTxt)
+    if (rs != 1):
+      exceptionText = 'MySQL error getting token for ' + dbUser 
+      raise DatabaseProxyException(exceptionText) 
+    else:
+      t = rootCursor.fetchone()
+    rootCursor.close()
+    rootConn.close()
+    return t[0]
+  except OperationalError as e:
+    exceptionText = 'MySQL error getting token for ' + dbUser + ' (message:' + format(e) + ')'
+    raise DatabaseProxyException(exceptionText) 
+  except _mysql_exceptions.DatabaseError as e:
+    id,msg = e
+    exceptionText = 'MySQL error getting token for ' + dbUser + ' (id:' + str(id) + ',message:' + msg
+    raise DatabaseProxyException(exceptionText) 
+
 def createDatabaseSchema(rootDir,dbHost,dbPort,dbUser,dbPasswd,dbName):
   srcDir = rootDir + '/sql'
   initSql = srcDir + '/init.sql'

diff --git a/cairis/core/PasswordManager.py b/cairis/core/PasswordManager.py
diff --git a/cairis/daemon/main/views.py b/cairis/daemon/main/views.py
@@ -40,15 +40,14 @@
     PersonaCharacteristicController, TaskCharacteristicController, ObjectDependencyController, ArchitecturalPatternController, SecurityPatternController, ValueTypeController, TemplateGoalController, TemplateAssetController,TemplateRequirementController, LocationsController, RiskLevelController, TraceController, SummaryController, ConceptReferenceController, DataFlowController, DirectoryController,TrustBoundaryController, VersionController, ValidationController
 from cairis.daemon.main import main, api
 from cairis.tools.SessionValidator import get_session_id
-from cairis.core.PasswordManager import getDatabasePassword
 
 
 __author__ = 'Robin Quetin, Shamal Faily'
 
 def set_dbproxy(dbUser,userName):
   b = Borg()
   dbName = dbUser + '_default'
-  dbPasswd = getDatabasePassword(dbUser)
+  dbPasswd = current_user.dbtoken
 
   db_proxy = MySQLDatabaseProxy(user=dbUser,passwd=dbPasswd,db=dbName)
   pSettings = db_proxy.getProjectSettings()

diff --git a/cairis/daemon/models.py b/cairis/daemon/models.py
@@ -32,8 +32,9 @@ class User(db.Model, UserMixin):
   __tablename__ = 'auth_user'
   id = db.Column(db.Integer, primary_key=True)
   email = db.Column(db.String(255), unique=True) 
-  name = db.Column(db.String(255)) 
   password = db.Column(db.String(255))
+  dbtoken = db.Column(db.String(255))
+  name = db.Column(db.String(255)) 
   active = db.Column(db.Boolean())
   confirmed_at = db.Column(db.DateTime())
   roles = db.relationship('Role', secondary=roles_users, backref=db.backref('users', lazy='dynamic'))
diff --git a/cairis/test/test_PasswordManager.py b/cairis/test/test_PasswordManager.py
diff --git a/cairis/tools/quickSetup.py b/cairis/tools/quickSetup.py
@@ -24,8 +24,10 @@
 import MySQLdb
 import _mysql_exceptions
 from cairis.core.MySQLDatabaseProxy import createDatabaseAccount, createDatabaseAndPrivileges, createDatabaseSchema
-from cairis.core.PasswordManager import setDatabasePassword
 import binascii
+from random import choice
+from string import ascii_letters, digits
+
 
 __author__ = 'Shamal Faily'
 
@@ -49,11 +51,10 @@ def quick_setup(dbHost,dbPort,dbRootPassword,tmpDir,rootDir,imageDir,configFile,
   from cairis.bin.add_cairis_user import user_datastore, db
 
   db.create_all()
-
-  user_datastore.create_user(email=userName, password=passWd,name = 'Default user')
+  rp = ''.join(choice(ascii_letters + digits) for i in range(255))
+  user_datastore.create_user(email=userName, password=passWd,dbtoken=rp,name = 'Default user')
   db.session.commit()
 
-  rp = setDatabasePassword(userName)
   createDatabaseAccount(dbRootPassword,dbHost,dbPort,userName,rp)
   createDatabaseAndPrivileges(dbRootPassword,dbHost,dbPort,userName,rp,userName + '_default')
   createDatabaseSchema(rootDir,dbHost,dbPort,userName,rp,userName + '_default')

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -17,11 +17,6 @@ RUN apt-get install -y apache2-dev
 RUN apt-get install -y poppler-utils
 RUN apt-get install -y apt-transport-https 
 RUN apt-get install -y ca-certificates
-RUN apt-get install -y python-dbus
-RUN apt-get install -y gnome-keyring
-RUN apt-get install -y libffi-dev
-RUN apt-get install -y libssl-dev
-RUN apt-get install -y python3-keyring
 
 COPY requirements.txt /
 COPY wsgi_requirements.txt /

diff --git a/docker/requirements.txt b/docker/requirements.txt
@@ -23,5 +23,3 @@ mako>=1.0.4
 lxml>=3.6.4
 openpyxl>=2.4.0
 bcrypt>=3.1.6
-secretstorage>=2.3.1
-keyring>=3.7.4
diff --git a/requirements.txt b/requirements.txt
@@ -23,5 +23,3 @@ lxml>=3.6.4
 openpyxl>=2.4.0
 SQLAlchemy>=1.2.0b3
 bcrypt>=3.1.6
-secretstorage>=2.3.1
-keyring>=3.7.4