organization creation function prototype
This commit is contained in:
parent
5c8cfd1759
commit
cb821f2564
|
@ -2,14 +2,18 @@ from hashlib import sha1
|
|||
import hmac
|
||||
|
||||
import ckan.plugins as plugins
|
||||
import ckan.plugins.toolkit as toolkit
|
||||
|
||||
import ckan.logic as logic
|
||||
|
||||
from pylons import config
|
||||
from ckan.common import request, _
|
||||
from ckan.logic.action.create import _group_or_org_create as group_or_org_create
|
||||
|
||||
plugin_config_prefix = 'ckanext.ozwillo_organization_api.'
|
||||
|
||||
def valid_signature_required(func):
|
||||
plugin_config_prefix = 'ckanext.ozwillo_organization_api.'
|
||||
|
||||
signature_header_name = config.get(plugin_config_prefix + 'signature_header_name',
|
||||
'X-Hub-Signature')
|
||||
instantiated_secret = config.get(plugin_config_prefix + 'instantiated_secret',
|
||||
|
@ -18,9 +22,11 @@ def valid_signature_required(func):
|
|||
def wrapper(context, data):
|
||||
if signature_header_name in request.headers:
|
||||
if request.headers[signature_header_name].startswith('sha1='):
|
||||
algo, hash = request.headers[signature_header_name].rsplit('=')
|
||||
computed_hash = hmac.new(instantiated_secret, str(data), sha1).hexdigest()
|
||||
if hash != computed_hash:
|
||||
algo, received_hmac = request.headers[signature_header_name].rsplit('=')
|
||||
computed_hmac = hmac.new(instantiated_secret, str(data), sha1).hexdigest()
|
||||
# the received hmac is uppercase according to
|
||||
# http://doc.ozwillo.com/#ref-3-2-1
|
||||
if received_hmac != computed_hmac.upper():
|
||||
raise logic.NotAuthorized(_('Invalid HMAC'))
|
||||
else:
|
||||
raise logic.ValidationError(_('Invalid HMAC algo'))
|
||||
|
@ -31,7 +37,53 @@ def valid_signature_required(func):
|
|||
|
||||
@valid_signature_required
|
||||
def create_organization(context, data_dict):
|
||||
pass
|
||||
|
||||
destruction_secret = config.get(plugin_config_prefix + 'destruction_secret',
|
||||
'changeme')
|
||||
|
||||
client_id = data_dict.pop('client_id')
|
||||
client_secret = data_dict.pop('client_secret')
|
||||
instance_id = data_dict.pop('instance_id')
|
||||
|
||||
# re-mapping received dict
|
||||
registration_uri = data_dict.pop('instance_registration_uri')
|
||||
organization = data_dict['organization']
|
||||
org_dict = {
|
||||
'type': 'organization',
|
||||
'name': organization['organization_name'].lower(),
|
||||
'id': organization['id'],
|
||||
'title': organization['organization_name'],
|
||||
'description': organization['type'],
|
||||
}
|
||||
try:
|
||||
delete_uri = toolkit.url_for(controller='api', action='action',
|
||||
logic_function="delete-organization",
|
||||
ver=context['api_version'],
|
||||
qualified=True)
|
||||
|
||||
group_or_org_create(context, org_dict, is_org=True)
|
||||
|
||||
# notify about organization creation
|
||||
services = {'services': [{
|
||||
'local_id': 'organization',
|
||||
'name': 'Organization ' + org_dict['name'] + ' on CKAN',
|
||||
'service_uri': '/organization/' + org_dict['name'],
|
||||
'visible': True}],
|
||||
'instance_id': instance_id,
|
||||
'destruction_uri': delete_uri,
|
||||
'destruction_secret': destruction_secret,
|
||||
'needed_scopes': [{
|
||||
'scope_id': 'profile',
|
||||
'motivation': 'Used to link user to the organization'
|
||||
}]
|
||||
}
|
||||
requests.post(registration_uri,
|
||||
data = services,
|
||||
auth=(client_id, client_secret)
|
||||
)
|
||||
except:
|
||||
request.delete(registration_uri)
|
||||
|
||||
|
||||
@valid_signature_required
|
||||
def delete_organization(context, data_dict):
|
||||
|
|
Reference in New Issue