Project

General

Profile

« Previous | Next » 

Revision 74d08116

Added by Serghei Mihai almost 8 years ago

Hmac computing done from http body string.

user created, if doesn't exist, before creating organization

View differences:

ckanext/ozwillo_organization_api/plugin.py
1 1
from hashlib import sha1
2 2
import hmac
3
import requests
4
import logging
3 5

  
4 6
import ckan.plugins as plugins
5 7
import ckan.plugins.toolkit as toolkit
......
9 11
from pylons import config
10 12
from ckan.common import request, _
11 13
from ckan.logic.action.create import _group_or_org_create as group_or_org_create
14
from ckan.logic.action.create import user_create
12 15
from ckan.logic.action.delete import _group_or_org_purge
13 16

  
14 17
plugin_config_prefix = 'ckanext.ozwillo_organization_api.'
15 18

  
19
log = logging.getLogger(__name__)
20

  
16 21
def valid_signature_required(func):
17 22

  
18 23
    signature_header_name = config.get(plugin_config_prefix + 'signature_header_name',
......
24 29
        if signature_header_name in request.headers:
25 30
            if request.headers[signature_header_name].startswith('sha1='):
26 31
                algo, received_hmac = request.headers[signature_header_name].rsplit('=')
27
                computed_hmac = hmac.new(instantiated_secret, str(data), sha1).hexdigest()
32
                computed_hmac = hmac.new(instantiated_secret, request.body, sha1).hexdigest()
28 33
                # the received hmac is uppercase according to
29 34
                # http://doc.ozwillo.com/#ref-3-2-1
30 35
                if received_hmac != computed_hmac.upper():
......
38 43

  
39 44
@valid_signature_required
40 45
def create_organization(context, data_dict):
46
    context['ignore_auth'] = True
47
    model = context['model']
41 48

  
42 49
    destruction_secret = config.get(plugin_config_prefix + 'destruction_secret',
43 50
                                       'changeme')
......
49 56
    # re-mapping received dict
50 57
    registration_uri = data_dict.pop('instance_registration_uri')
51 58
    organization = data_dict['organization']
59
    user = data_dict['user']
52 60
    org_dict = {
53 61
        'type': 'organization',
54
        'name': organization['organization_name'].lower(),
62
        'name': organization['name'].lower(),
55 63
        'id': instance_id,
56
        'title': organization['organization_name'],
64
        'title': organization['name'],
57 65
        'description': organization['type'],
66
        'user': user['name']
67
    }
68

  
69
    user_dict = {
70
        'name': user['name'],
71
        'email': user['email_address'],
72
        'password': user['id']
58 73
    }
74
    user_obj = model.User.get(user_dict['name'])
75
    if not user_obj:
76
        user_create(context, user_dict)
77

  
78
    context['user'] = user_dict['name']
79

  
59 80
    try:
60 81
        delete_uri = toolkit.url_for(controller='api', action='action',
61 82
                                     logic_function="delete-organization",
62 83
                                     ver=context['api_version'],
63 84
                                     qualified=True)
85
        organization_uri = toolkit.url_for(host=request.host,
86
                                           controller='organization',
87
                                           action='read',
88
                                           id=org_dict['name'],
89
                                           qualified=True)
90

  
64 91

  
65 92
        group_or_org_create(context, org_dict, is_org=True)
66 93

  
94
        # setting organization as active explicitely
95
        group = model.Group.get(org_dict['name'])
96
        group.state = 'active'
97
        group.save()
98

  
67 99
        # notify about organization creation
68 100
        services = {'services': [{
69 101
            'local_id': 'organization',
70 102
            'name': 'Organization ' + org_dict['name'] + ' on CKAN',
71
            'service_uri': '/organization/' + org_dict['name'],
103
            'service_uri': organization_uri,
72 104
            'visible': True}],
73 105
            'instance_id': instance_id,
74 106
            'destruction_uri': delete_uri,
......
82 114
                      data = services,
83 115
                      auth=(client_id, client_secret)
84 116
                  )
85
    except:
117
    except Exception, e:
118
        log.debug('Exception "%s" occured while creating organization' % e)
86 119
        requests.delete(registration_uri)
87 120

  
88 121

  

Also available in: Unified diff