crafty-4/app/classes/models/crafty_permissions.py

import logging
import typing as t
from enum import Enum
from peewee import (
    ForeignKeyField,
    CharField,
    IntegerField,
    DoesNotExist,
)

from app.classes.models.base_model import BaseModel
from app.classes.models.servers import HelperServers
from app.classes.models.users import Users, ApiKeys, HelperUsers
from app.classes.shared.permission_helper import PermissionHelper

logger = logging.getLogger(__name__)

# **********************************************************************************
#                                  User_Crafty Class
# **********************************************************************************
class UserCrafty(BaseModel):
    user_id = ForeignKeyField(Users, backref="users_crafty")
    permissions = CharField(default="00000000")
    limit_server_creation = IntegerField(default=-1)
    limit_user_creation = IntegerField(default=0)
    limit_role_creation = IntegerField(default=0)

    class Meta:
        table_name = "user_crafty"


# **********************************************************************************
#                                  Crafty Permissions Class
# **********************************************************************************
class EnumPermissionsCrafty(Enum):
    SERVER_CREATION = 0
    USER_CONFIG = 1
    ROLES_CONFIG = 2


class PermissionsCrafty:
    # **********************************************************************************
    #                                  Crafty Permissions Methods
    # **********************************************************************************
    @staticmethod
    def get_permissions_list():
        return list(EnumPermissionsCrafty.__members__.values())

    @staticmethod
    def get_permissions(permissions_mask):
        return [
            permission
            for permission in EnumPermissionsCrafty.__members__.values()
            if PermissionsCrafty.has_permission(permissions_mask, permission)
        ]

    @staticmethod
    def has_permission(permission_mask, permission_tested: EnumPermissionsCrafty):
        return permission_mask[permission_tested.value] == "1"

    @staticmethod
    def set_permission(
        permission_mask, permission_tested: EnumPermissionsCrafty, value
    ):
        index = permission_tested.value
        return permission_mask[:index] + str(value) + permission_mask[index + 1 :]

    @staticmethod
    def get_permission(permission_mask, permission_tested: EnumPermissionsCrafty):
        return permission_mask[permission_tested.value]

    @staticmethod
    def get_crafty_permissions_mask(user_id):
        # TODO: only get the permissions of the UserCrafty
        user_crafty = PermissionsCrafty.get_user_crafty(user_id)
        permissions_mask = user_crafty.permissions
        return permissions_mask

    @staticmethod
    def get_all_permission_quantity_list():
        return {name: -1 for name in EnumPermissionsCrafty.__members__.keys()}

    @staticmethod
    def get_permission_quantity_list(user_id):
        user_crafty = PermissionsCrafty.get_user_crafty(user_id)
        quantity_list = {
            EnumPermissionsCrafty.SERVER_CREATION.name: user_crafty.limit_server_creation,  # pylint: disable=line-too-long
            EnumPermissionsCrafty.USER_CONFIG.name: user_crafty.limit_user_creation,
            EnumPermissionsCrafty.ROLES_CONFIG.name: user_crafty.limit_role_creation,
        }
        return quantity_list

    # **********************************************************************************
    #                                   User_Crafty Methods
    # **********************************************************************************
    @staticmethod
    def get_user_crafty(user_id):
        try:
            user_crafty = UserCrafty.get(UserCrafty.user_id == user_id)
        except DoesNotExist:
            UserCrafty.insert(
                {
                    UserCrafty.user_id: user_id,
                    UserCrafty.permissions: "000",
                    UserCrafty.limit_server_creation: 0,
                    UserCrafty.limit_user_creation: 0,
                    UserCrafty.limit_role_creation: 0,
                }
            ).execute()
            user_crafty = PermissionsCrafty.get_user_crafty(user_id)
        return user_crafty

    @staticmethod
    def get_user_crafty_optional(user_id) -> t.Optional[UserCrafty]:
        try:
            return UserCrafty.get(UserCrafty.user_id == user_id)
        except DoesNotExist:
            return None

    @staticmethod
    def add_user_crafty(user_id, uc_permissions):
        user_crafty = UserCrafty.insert(
            {UserCrafty.user_id: user_id, UserCrafty.permissions: uc_permissions}
        ).execute()
        return user_crafty

    @staticmethod
    def add_or_update_user(
        user_id,
        permissions_mask,
        limit_server_creation,
        limit_user_creation,
        limit_role_creation,
    ):
        # http://docs.peewee-orm.com/en/latest/peewee/querying.html#upsert

        try:
            user_crafty = UserCrafty.select().where(UserCrafty.user_id == user_id).get()
            user_crafty.permissions = permissions_mask
            user_crafty.limit_server_creation = limit_server_creation
            user_crafty.limit_user_creation = limit_user_creation
            user_crafty.limit_role_creation = limit_role_creation
            UserCrafty.save(user_crafty)
        except:
            UserCrafty.insert(
                {
                    UserCrafty.user_id: user_id,
                    UserCrafty.permissions: permissions_mask,
                    UserCrafty.limit_server_creation: limit_server_creation,
                    UserCrafty.limit_user_creation: limit_user_creation,
                    UserCrafty.limit_role_creation: limit_role_creation,
                }
            ).execute()

    @staticmethod
    def get_created_quantity_list(user_id):
        quantity_list = {
            EnumPermissionsCrafty.SERVER_CREATION.name: HelperServers.get_total_owned_servers(  # pylint: disable=line-too-long
                user_id
            ),
            EnumPermissionsCrafty.USER_CONFIG.name: HelperUsers.get_managed_users(
                user_id
            ).count(),
            EnumPermissionsCrafty.ROLES_CONFIG.name: HelperUsers.get_managed_roles(
                user_id
            ).count(),
        }
        return quantity_list

    @staticmethod
    def get_crafty_limit_value(user_id, permission):
        quantity_list = PermissionsCrafty.get_permission_quantity_list(user_id)
        return quantity_list[permission]

    @staticmethod
    def can_add_in_crafty(user_id, permission):
        user_crafty = PermissionsCrafty.get_user_crafty(user_id)
        can = PermissionsCrafty.has_permission(user_crafty.permissions, permission)
        limit_list = PermissionsCrafty.get_permission_quantity_list(user_id)
        quantity_list = PermissionsCrafty.get_created_quantity_list(user_id)
        return can and (
            (quantity_list[permission.name] < limit_list[permission.name])
            or limit_list[permission.name] == -1
        )

    @staticmethod
    def get_api_key_permissions_list(key: ApiKeys):
        user = HelperUsers.get_user(key.user_id)
        if user["superuser"] and key.superuser:
            return PermissionsCrafty.get_permissions_list()
        if user["superuser"]:
            # User is superuser but API key isn't
            user_permissions_mask = "111"
        else:
            # Not superuser
            user_permissions_mask = PermissionsCrafty.get_crafty_permissions_mask(
                user["user_id"]
            )
        key_permissions_mask: str = key.crafty_permissions
        permissions_mask = PermissionHelper.combine_masks(
            user_permissions_mask, key_permissions_mask
        )
        permissions_list = PermissionsCrafty.get_permissions(permissions_mask)
        return permissions_list
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`import logging`
Add route for viewing user Crafty permissions The route includes the permission mask, counters and limits 2022-05-24 21:55:49 +00:00			`import typing as t`
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`from enum import Enum`
			`from peewee import (`
			`ForeignKeyField,`
			`CharField,`
			`IntegerField,`
			`DoesNotExist,`
			`)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
Refactored the yes to not pass objects in import Merge Conflicts ᴙ Us 2022-04-11 05:23:55 +00:00			`from app.classes.models.base_model import BaseModel`
Fix server quotas. Removed un-used perms columns 2022-08-20 17:00:20 +00:00			`from app.classes.models.servers import HelperServers`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`from app.classes.models.users import Users, ApiKeys, HelperUsers`
Appease the linter 2022-04-12 23:22:57 +00:00			`from app.classes.shared.permission_helper import PermissionHelper`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
Tidy imports & dep auto-installer 2022-03-08 04:40:44 +00:00			`logger = logging.getLogger(__name__)`
Correction for crafty permissions 2021-10-09 08:45:40 +00:00
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`# User_Crafty Class`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`class UserCrafty(BaseModel):`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`user_id = ForeignKeyField(Users, backref="users_crafty")`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`permissions = CharField(default="00000000")`
			`limit_server_creation = IntegerField(default=-1)`
			`limit_user_creation = IntegerField(default=0)`
			`limit_role_creation = IntegerField(default=0)`

			`class Meta:`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`table_name = "user_crafty"`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`# Crafty Permissions Class`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`class EnumPermissionsCrafty(Enum):`
			`SERVER_CREATION = 0`
			`USER_CONFIG = 1`
			`ROLES_CONFIG = 2`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`class PermissionsCrafty:`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`# Crafty Permissions Methods`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
			`def get_permissions_list():`
Clean up enum-related functions 2022-05-17 22:55:05 +00:00			`return list(EnumPermissionsCrafty.__members__.values())`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
			`@staticmethod`
			`def get_permissions(permissions_mask):`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`return [`
			`permission`
Clean up enum-related functions 2022-05-17 22:55:05 +00:00			`for permission in EnumPermissionsCrafty.__members__.values()`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`if PermissionsCrafty.has_permission(permissions_mask, permission)`
			`]`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
			`@staticmethod`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`def has_permission(permission_mask, permission_tested: EnumPermissionsCrafty):`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`return permission_mask[permission_tested.value] == "1"`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
			`@staticmethod`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`def set_permission(`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`permission_mask, permission_tested: EnumPermissionsCrafty, value`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`):`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`index = permission_tested.value`
			`return permission_mask[:index] + str(value) + permission_mask[index + 1 :]`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
			`@staticmethod`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`def get_permission(permission_mask, permission_tested: EnumPermissionsCrafty):`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`return permission_mask[permission_tested.value]`
Correction for crafty permissions 2021-10-09 08:45:40 +00:00
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
			`def get_crafty_permissions_mask(user_id):`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`# TODO: only get the permissions of the UserCrafty`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user_crafty = PermissionsCrafty.get_user_crafty(user_id)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`permissions_mask = user_crafty.permissions`
			`return permissions_mask`

			`@staticmethod`
			`def get_all_permission_quantity_list():`
Clean up enum-related functions 2022-05-17 22:55:05 +00:00			`return {name: -1 for name in EnumPermissionsCrafty.__members__.keys()}`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
			`@staticmethod`
			`def get_permission_quantity_list(user_id):`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user_crafty = PermissionsCrafty.get_user_crafty(user_id)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`quantity_list = {`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`EnumPermissionsCrafty.SERVER_CREATION.name: user_crafty.limit_server_creation, # pylint: disable=line-too-long`
			`EnumPermissionsCrafty.USER_CONFIG.name: user_crafty.limit_user_creation,`
			`EnumPermissionsCrafty.ROLES_CONFIG.name: user_crafty.limit_role_creation,`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`}`
			`return quantity_list`
Correction for crafty permissions 2021-10-09 08:45:40 +00:00
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`# User_Crafty Methods`
Fix files to conform with new ⚫Black pylintrc Mostly just breaking up strings and comments into new lines Some strings dont require 'f' but keeping in for readability with the rest of the concatinated string 2022-03-23 06:06:13 +00:00			`# **********************************************************************************`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`def get_user_crafty(user_id):`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`try:`
Improve permission related functions 2022-05-16 14:52:09 +00:00			`user_crafty = UserCrafty.get(UserCrafty.user_id == user_id)`
Create pylintrc, code review pipeline & correct codebase errors Fix uploads, Only send server stats to user page when they have access to servers 2022-01-26 01:45:30 +00:00			`except DoesNotExist:`
Add route for viewing user Crafty permissions The route includes the permission mask, counters and limits 2022-05-24 21:55:49 +00:00			`UserCrafty.insert(`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`{`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`UserCrafty.user_id: user_id,`
			`UserCrafty.permissions: "000",`
			`UserCrafty.limit_server_creation: 0,`
			`UserCrafty.limit_user_creation: 0,`
			`UserCrafty.limit_role_creation: 0,`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`}`
			`).execute()`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user_crafty = PermissionsCrafty.get_user_crafty(user_id)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`return user_crafty`

Add route for viewing user Crafty permissions The route includes the permission mask, counters and limits 2022-05-24 21:55:49 +00:00			`@staticmethod`
			`def get_user_crafty_optional(user_id) -> t.Optional[UserCrafty]:`
			`try:`
			`return UserCrafty.get(UserCrafty.user_id == user_id)`
			`except DoesNotExist:`
			`return None`

Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
			`def add_user_crafty(user_id, uc_permissions):`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user_crafty = UserCrafty.insert(`
			`{UserCrafty.user_id: user_id, UserCrafty.permissions: uc_permissions}`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`).execute()`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`return user_crafty`
Correction for crafty permissions 2021-10-09 08:45:40 +00:00
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`def add_or_update_user(`
			`user_id,`
			`permissions_mask,`
			`limit_server_creation,`
			`limit_user_creation,`
			`limit_role_creation,`
			`):`
Make add_or_update_user more efficient with upsert 2022-05-16 14:15:46 +00:00			`# http://docs.peewee-orm.com/en/latest/peewee/querying.html#upsert`

Fix user permissions issue 2022-06-06 21:04:45 +00:00			`try:`
			`user_crafty = UserCrafty.select().where(UserCrafty.user_id == user_id).get()`
			`user_crafty.permissions = permissions_mask`
			`user_crafty.limit_server_creation = limit_server_creation`
			`user_crafty.limit_user_creation = limit_user_creation`
			`user_crafty.limit_role_creation = limit_role_creation`
			`UserCrafty.save(user_crafty)`
			`except:`
			`UserCrafty.insert(`
			`{`
			`UserCrafty.user_id: user_id,`
			`UserCrafty.permissions: permissions_mask,`
			`UserCrafty.limit_server_creation: limit_server_creation,`
			`UserCrafty.limit_user_creation: limit_user_creation,`
			`UserCrafty.limit_role_creation: limit_role_creation,`
			`}`
			`).execute()`
Correction for crafty permissions 2021-10-09 08:45:40 +00:00
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`@staticmethod`
			`def get_created_quantity_list(user_id):`
			`quantity_list = {`
Appease the linter 2022-08-21 00:47:15 +00:00			`EnumPermissionsCrafty.SERVER_CREATION.name: HelperServers.get_total_owned_servers( # pylint: disable=line-too-long`
Fix server quotas. Removed un-used perms columns 2022-08-20 17:00:20 +00:00			`user_id`
			`),`
			`EnumPermissionsCrafty.USER_CONFIG.name: HelperUsers.get_managed_users(`
			`user_id`
			`).count(),`
			`EnumPermissionsCrafty.ROLES_CONFIG.name: HelperUsers.get_managed_roles(`
			`user_id`
			`).count(),`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`}`
			`return quantity_list`

			`@staticmethod`
			`def get_crafty_limit_value(user_id, permission):`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`quantity_list = PermissionsCrafty.get_permission_quantity_list(user_id)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00			`return quantity_list[permission]`

			`@staticmethod`
			`def can_add_in_crafty(user_id, permission):`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user_crafty = PermissionsCrafty.get_user_crafty(user_id)`
			`can = PermissionsCrafty.has_permission(user_crafty.permissions, permission)`
			`limit_list = PermissionsCrafty.get_permission_quantity_list(user_id)`
			`quantity_list = PermissionsCrafty.get_created_quantity_list(user_id)`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`return can and (`
			`(quantity_list[permission.name] < limit_list[permission.name])`
			`or limit_list[permission.name] == -1`
			`)`
Rework architecture for better MVC 2021-09-08 22:01:10 +00:00
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`@staticmethod`
			`def get_api_key_permissions_list(key: ApiKeys):`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`user = HelperUsers.get_user(key.user_id)`
Add API routes from 3.x Enhance security for permissions on API requests Fix bug where server permissions and crafty permissions were flipped upon making a new token Fix bug where new secret key would be created every time Crafty was started. Fix bug where DB locks will occur with concurrent writes to the DB. 2022-04-10 19:39:31 +00:00			`if user["superuser"] and key.superuser:`
Refactor to standardize class/variable naming ✨ 2022-04-14 02:10:25 +00:00			`return PermissionsCrafty.get_permissions_list()`
Fix no-else-* QA warnings 2022-06-14 12:40:57 +00:00			`if user["superuser"]:`
			`# User is superuser but API key isn't`
			`user_permissions_mask = "111"`
JWT login and multi API keys! 2022-01-15 00:23:50 +00:00			`else:`
Fix no-else-* QA warnings 2022-06-14 12:40:57 +00:00			`# Not superuser`
			`user_permissions_mask = PermissionsCrafty.get_crafty_permissions_mask(`
			`user["user_id"]`
⬛Black codebase Apply black formatting to codebase 2022-03-23 02:50:12 +00:00			`)`
Fix no-else-* QA warnings 2022-06-14 12:40:57 +00:00			`key_permissions_mask: str = key.crafty_permissions`
			`permissions_mask = PermissionHelper.combine_masks(`
			`user_permissions_mask, key_permissions_mask`
			`)`
			`permissions_list = PermissionsCrafty.get_permissions(permissions_mask)`
			`return permissions_list`