89 lines
2.5 KiB
Python
89 lines
2.5 KiB
Python
"""
|
|
.. module: lemur.users.models
|
|
:platform: unix
|
|
:synopsis: This module contains all of the models need to create a user within
|
|
lemur
|
|
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
|
|
:license: Apache, see LICENSE for more details.
|
|
|
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
|
"""
|
|
from sqlalchemy.orm import relationship
|
|
from sqlalchemy import Column, Integer, String, Boolean, DateTime
|
|
from sqlalchemy.event import listen
|
|
|
|
|
|
from lemur.database import db
|
|
from lemur.models import roles_users
|
|
|
|
from lemur.extensions import bcrypt
|
|
|
|
|
|
def hash_password(mapper, connect, target):
|
|
"""
|
|
Helper function that is a listener and hashes passwords before
|
|
insertion into the database.
|
|
|
|
:param mapper:
|
|
:param connect:
|
|
:param target:
|
|
"""
|
|
target.hash_password()
|
|
|
|
|
|
class User(db.Model):
|
|
__tablename__ = 'users'
|
|
id = Column(Integer, primary_key=True)
|
|
password = Column(String(128))
|
|
active = Column(Boolean())
|
|
confirmed_at = Column(DateTime())
|
|
username = Column(String(255), nullable=False, unique=True)
|
|
email = Column(String(128), unique=True)
|
|
profile_picture = Column(String(255))
|
|
roles = relationship('Role', secondary=roles_users, passive_deletes=True, backref=db.backref('user'), lazy='dynamic')
|
|
certificates = relationship("Certificate", backref=db.backref('user'), lazy='dynamic')
|
|
authorities = relationship("Authority", backref=db.backref('user'), lazy='dynamic')
|
|
|
|
def check_password(self, password):
|
|
"""
|
|
Hash a given password and check it against the stored value
|
|
to determine it's validity.
|
|
|
|
:param password:
|
|
:return:
|
|
"""
|
|
if self.password:
|
|
return bcrypt.check_password_hash(self.password, password)
|
|
|
|
def hash_password(self):
|
|
"""
|
|
Generate the secure hash for the password.
|
|
|
|
:return:
|
|
"""
|
|
if self.password:
|
|
self.password = bcrypt.generate_password_hash(self.password)
|
|
return self.password
|
|
|
|
@property
|
|
def is_admin(self):
|
|
"""
|
|
Determine if the current user has the 'admin' role associated
|
|
with it.
|
|
|
|
:return:
|
|
"""
|
|
for role in self.roles:
|
|
if role.name == 'admin':
|
|
return True
|
|
|
|
def as_dict(self):
|
|
return {c.name: getattr(self, c.name) for c in self.__table__.columns}
|
|
|
|
def serialize(self):
|
|
blob = self.as_dict()
|
|
return blob
|
|
|
|
|
|
listen(User, 'before_insert', hash_password)
|