Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def hash_password(password, salt=None, algorithm="argon2"):
if salt is None:
salt = uuid.uuid4().hex
if isinstance(salt, str):
salt = salt.encode("utf-8")
if isinstance(password, str):
password = password.encode("utf-8")
hash_func = get_utility(IPasswordHasher, name=algorithm)
hashed_password = hash_func(password, salt)
return "{}:{}:{}".format(algorithm, salt.decode("utf-8"), hashed_password)
async def close_utilities(app):
root = get_utility(IApplication, name="root")
for key in list(root._async_utilities.keys()):
app_logger.info("Removing " + key)
await root.del_async_utility(key)
def _global_permissions_for(self, principal, permission):
"""On a principal (user + group) get global permissions."""
groups = get_utility(IGroups)
if self.principal and principal == self.principal.id:
# Its the actual user
permissions = self.principal.permissions.copy()
if permission in permissions:
return level_setting_as_boolean("p", permissions[permission])
for group in self.principal.groups:
permissions = groups.get_principal(group, self.principal).permissions
if permission in permissions:
return level_setting_as_boolean("p", permissions[permission])
return None
async def get_containers(request):
root = get_utility(IApplication, name='root')
for _id, db in root:
if IDatabase.providedBy(db):
tm = request._tm = db.get_transaction_manager()
tm.request = request
request._db_id = _id
async with tm.lock:
request._txn = txn = await tm.begin(request)
items = {(k, v) async for k, v in db.async_items()}
await tm.abort(txn=txn)
for _, container in items:
request._txn = txn = await tm.begin(request)
tm.request.container = container
tm.request._container_id = container.id
if hasattr(request, 'container_settings'):
del request.container_settings
def _global_roles_for(self, principal):
"""On a principal (user/group) get global roles."""
roles = {}
groups = get_utility(IGroups)
if self.principal and principal == self.principal.id:
# Its the actual user id
# We return all the global roles (including group)
roles = self.principal.roles.copy()
for group in self.principal.groups:
roles.update(groups.get_principal(group, self.principal).roles)
return roles
# We are asking for group id so only group roles
if groups:
group = groups.get_principal(principal)
return group.roles.copy()
def apply_concrete_behaviors():
"""
Configured behaviors for an object should always be applied and can't
be removed.
Should be called once at startup instead of doing alsoProvides every
time an object is created
"""
for type_name, factory in get_utilities_for(IResourceFactory):
for behavior in factory.behaviors:
behavior_registration = get_utility(IBehavior, name=behavior.__identifier__)
if behavior_registration.marker is not None:
classImplements(factory._callable, behavior_registration.marker)
async def get_database(db_id, root=None) -> IDatabase:
"""
Get configured database
:param db_id: configured database id
"""
if root is None:
root = get_utility(IApplication, name="root")
if db_id in root:
db = root[db_id]
if IDatabase.providedBy(db):
return db
for _, config in list_or_dict_items(app_settings["storages"]):
ctype = config.get("type", config["storage"])
factory = get_adapter(root, IDatabaseManager, name=ctype, args=[config])
databases = await factory.get_names()
if db_id in databases:
return await factory.get_database(db_id)
raise DatabaseNotFound(db_id)
async def get_database(self, name: str) -> IDatabase:
if name not in self.app:
config = deepcopy(self.config)
factory = get_utility(IDatabaseConfigurationFactory, name=config["storage"])
self.app[name] = await apply_coroutine(factory, name, config)
await notify(DatabaseInitializedEvent(self.app[name]))
return self.app[name]
def _get_stub_content(self, url):
type_name = self._get_type_name(url)
rfactory = get_utility(IResourceFactory, name=type_name)
return create_content(rfactory._callable, type_name)
async def stats(context, request):
utility = get_utility(ICacheUtility)
return await utility.get_stats()