Revision 74d08116
Added by Serghei Mihai about 10 years ago
ckanext/ozwillo_organization_api/plugin.py | ||
---|---|---|
1 | 1 |
from hashlib import sha1 |
2 | 2 |
import hmac |
3 |
import requests |
|
4 |
import logging |
|
3 | 5 |
|
4 | 6 |
import ckan.plugins as plugins |
5 | 7 |
import ckan.plugins.toolkit as toolkit |
... | ... | |
9 | 11 |
from pylons import config |
10 | 12 |
from ckan.common import request, _ |
11 | 13 |
from ckan.logic.action.create import _group_or_org_create as group_or_org_create |
14 |
from ckan.logic.action.create import user_create |
|
12 | 15 |
from ckan.logic.action.delete import _group_or_org_purge |
13 | 16 |
|
14 | 17 |
plugin_config_prefix = 'ckanext.ozwillo_organization_api.' |
15 | 18 |
|
19 |
log = logging.getLogger(__name__) |
|
20 |
|
|
16 | 21 |
def valid_signature_required(func): |
17 | 22 |
|
18 | 23 |
signature_header_name = config.get(plugin_config_prefix + 'signature_header_name', |
... | ... | |
24 | 29 |
if signature_header_name in request.headers: |
25 | 30 |
if request.headers[signature_header_name].startswith('sha1='): |
26 | 31 |
algo, received_hmac = request.headers[signature_header_name].rsplit('=') |
27 |
computed_hmac = hmac.new(instantiated_secret, str(data), sha1).hexdigest()
|
|
32 |
computed_hmac = hmac.new(instantiated_secret, request.body, sha1).hexdigest()
|
|
28 | 33 |
# the received hmac is uppercase according to |
29 | 34 |
# http://doc.ozwillo.com/#ref-3-2-1 |
30 | 35 |
if received_hmac != computed_hmac.upper(): |
... | ... | |
38 | 43 |
|
39 | 44 |
@valid_signature_required |
40 | 45 |
def create_organization(context, data_dict): |
46 |
context['ignore_auth'] = True |
|
47 |
model = context['model'] |
|
41 | 48 |
|
42 | 49 |
destruction_secret = config.get(plugin_config_prefix + 'destruction_secret', |
43 | 50 |
'changeme') |
... | ... | |
49 | 56 |
# re-mapping received dict |
50 | 57 |
registration_uri = data_dict.pop('instance_registration_uri') |
51 | 58 |
organization = data_dict['organization'] |
59 |
user = data_dict['user'] |
|
52 | 60 |
org_dict = { |
53 | 61 |
'type': 'organization', |
54 |
'name': organization['organization_name'].lower(),
|
|
62 |
'name': organization['name'].lower(), |
|
55 | 63 |
'id': instance_id, |
56 |
'title': organization['organization_name'],
|
|
64 |
'title': organization['name'], |
|
57 | 65 |
'description': organization['type'], |
66 |
'user': user['name'] |
|
67 |
} |
|
68 |
|
|
69 |
user_dict = { |
|
70 |
'name': user['name'], |
|
71 |
'email': user['email_address'], |
|
72 |
'password': user['id'] |
|
58 | 73 |
} |
74 |
user_obj = model.User.get(user_dict['name']) |
|
75 |
if not user_obj: |
|
76 |
user_create(context, user_dict) |
|
77 |
|
|
78 |
context['user'] = user_dict['name'] |
|
79 |
|
|
59 | 80 |
try: |
60 | 81 |
delete_uri = toolkit.url_for(controller='api', action='action', |
61 | 82 |
logic_function="delete-organization", |
62 | 83 |
ver=context['api_version'], |
63 | 84 |
qualified=True) |
85 |
organization_uri = toolkit.url_for(host=request.host, |
|
86 |
controller='organization', |
|
87 |
action='read', |
|
88 |
id=org_dict['name'], |
|
89 |
qualified=True) |
|
90 |
|
|
64 | 91 |
|
65 | 92 |
group_or_org_create(context, org_dict, is_org=True) |
66 | 93 |
|
94 |
# setting organization as active explicitely |
|
95 |
group = model.Group.get(org_dict['name']) |
|
96 |
group.state = 'active' |
|
97 |
group.save() |
|
98 |
|
|
67 | 99 |
# notify about organization creation |
68 | 100 |
services = {'services': [{ |
69 | 101 |
'local_id': 'organization', |
70 | 102 |
'name': 'Organization ' + org_dict['name'] + ' on CKAN', |
71 |
'service_uri': '/organization/' + org_dict['name'],
|
|
103 |
'service_uri': organization_uri,
|
|
72 | 104 |
'visible': True}], |
73 | 105 |
'instance_id': instance_id, |
74 | 106 |
'destruction_uri': delete_uri, |
... | ... | |
82 | 114 |
data = services, |
83 | 115 |
auth=(client_id, client_secret) |
84 | 116 |
) |
85 |
except: |
|
117 |
except Exception, e: |
|
118 |
log.debug('Exception "%s" occured while creating organization' % e) |
|
86 | 119 |
requests.delete(registration_uri) |
87 | 120 |
|
88 | 121 |
|
Also available in: Unified diff
Hmac computing done from http body string.
user created, if doesn't exist, before creating organization