Merge pull request #36 from ComputerScienceHouse/develop

Allow connections to LDAP with self-signed certs

Author: galenguyer

.pylintrc

@@ -14,7 +14,9 @@ disable =
 	global-statement,
 	cyclic-import,
 	locally-disabled,
-	file-ignored
+	file-ignored,
+    inconsistent-return-statements,
+    no-else-return
 
 [REPORTS]
 output-format = text
@@ -28,6 +30,9 @@ single-line-if-stmt = no
 no-space-check = trailing-comma,dict-separator
 max-module-lines = 1000
 indent-string = '    '
+string-quote=single-avoid-escape
+triple-quote=single
+docstring-quote=double
 
 [MISCELLANEOUS]
 notes = FIXME,XXX,TODO

.travis.yml

@@ -5,4 +5,4 @@ python:
 install:
   - "pip install -r requirements.txt"
 script:
-  - "pylint selections"
+  - "pylint --load-plugins pylint_quotes selections"

requirements.txt

@@ -1,50 +1,52 @@
-alabaster==0.7.10
+alabaster==0.7.12
 alembic==0.9.9
-asn1crypto==0.24.0
-astroid==1.6.2
-Beaker==1.9.0
+astroid==2.4.1
+Beaker==1.11.0
 blinker==1.4
-certifi==2018.1.18
+certifi==2020.4.5.1
 cffi==1.14.0
 chardet==3.0.4
-click==6.7
-cryptography==2.3
+click==7.1.2
+cryptography==2.9.2
 csh-ldap==2.2.0
-Flask==1.0
+dnspython==1.16.0
+Flask==1.1.2
 Flask-Migrate==2.1.1
 Flask-pyoidc==1.2.0
 Flask-SQLAlchemy==2.3.2
-future==0.16.0
+future==0.18.2
 gunicorn==19.7.1
-idna==2.6
-isort==4.3.4
-itsdangerous==0.24
-Jinja2~=2.10.3
-lazy-object-proxy==1.3.1
-lxml==4.2.1
-Mako==1.0.7
-MarkupSafe==1.0
+idna==2.9
+isort==4.3.21
+itsdangerous==1.1.0
+Jinja2==2.11.2
+lazy-object-proxy==1.4.3
+lxml==4.5.0
+Mako==1.1.2
+MarkupSafe==1.1.1
 mccabe==0.6.1
 oic==0.11.0.1
-Pillow==6.2.2
-pyasn1==0.4.2
-pyasn1-modules==0.2.1
-pycparser==2.18
-pycryptodomex==3.5.1
-pyjwkest==1.4.0
-pyldap==3.0.0.post1
-pylint==1.8.3
+Pillow==7.1.2
+pyasn1==0.4.8
+pyasn1-modules==0.2.8
+pycparser==2.20
+pycryptodomex==3.9.7
+pyjwkest==1.4.2
+pylint==2.5.2
+pylint-quotes==0.2.1
 PyMySQL==0.8.0
-pyOpenSSL==17.5.0
-python-dateutil==2.7.2
+pyOpenSSL==19.1.0
+python-dateutil==2.8.1
 python-docx==0.8.6
-python-editor==1.0.3
+python-editor==1.0.4
 python-ldap==3.0.0
 python-resize-image==1.1.11
-requests==2.20.0
-six==1.11.0
+requests==2.23.0
 sentry-sdk==0.14.3
-SQLAlchemy~=1.3.0
-urllib3==1.24.2
-Werkzeug==0.15.5
-wrapt==1.10.11
+six==1.14.0
+SQLAlchemy==1.3.17
+srvlookup==2.0.0
+toml==0.10.1
+urllib3==1.25.9
+Werkzeug==1.0.1
+wrapt==1.12.1

selections/__init__.py

@@ -1,6 +1,8 @@
+# pylint: disable=wrong-import-position
 import os
 from collections import defaultdict
 
+import ldap
 import csh_ldap
 from flask import Flask
 from flask_migrate import Migrate
@@ -14,15 +16,16 @@
 app = Flask(__name__)
 
 # Check if deployed on OpenShift, if so use environment.
-if os.path.exists(os.path.join(os.getcwd(), "config.py")):
-    app.config.from_pyfile(os.path.join(os.getcwd(), "config.py"))
+if os.path.exists(os.path.join(os.getcwd(), 'config.py')):
+    app.config.from_pyfile(os.path.join(os.getcwd(), 'config.py'))
 else:
-    app.config.from_pyfile(os.path.join(os.getcwd(), "config.env.py"))
+    app.config.from_pyfile(os.path.join(os.getcwd(), 'config.env.py'))
 
-auth = OIDCAuthentication(app, issuer=app.config["OIDC_ISSUER"],
-                          client_registration_info=app.config["OIDC_CLIENT_CONFIG"])
+auth = OIDCAuthentication(app, issuer=app.config['OIDC_ISSUER'],
+                          client_registration_info=app.config['OIDC_CLIENT_CONFIG'])
 
 # Create a connection to CSH LDAP
+ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
 _ldap = csh_ldap.CSHLDAP(
     app.config['LDAP_BIND_DN'], app.config['LDAP_BIND_PASS'])
 
@@ -46,52 +49,55 @@
 from selections.utils import before_request, get_member_info
 
 
-@app.route("/")
+@app.route('/')
 @auth.oidc_auth
 @before_request
 def main(info=None):
-    is_evals = "eboard-evaluations" in info['member_info']['group_list']
-    is_rtp = "rtp" in info['member_info']['group_list']
-    member = members.query.filter_by(username=info['uid']).first()
+    is_evals = 'eboard-evaluations' in info['member_info']['group_list']
+    is_rtp = 'rtp' in info['member_info']['group_list']
+    member = Members.query.filter_by(username=info['uid']).first()
 
-    all_applications = applicant.query.all()
-    all_users = [u.username for u in members.query.all()]
+    all_applications = Applicant.query.all()
+    all_users = [u.username for u in Members.query.all()]
 
     averages = {}
     reviewers = defaultdict(list)
     evaluated = {}
-    for application in all_applications:
+    for applicant in all_applications:
         score_sum = 0
-        results = submission.query.filter_by(
-            application=application.id,
-            medium="Paper").all()
-        phone_r = submission.query.filter_by(
-            application=application.id,
-            medium="Phone").first()
+        results = Submission.query.filter_by(
+            application=applicant.id,
+            medium='Paper').all()
+        phone_r = Submission.query.filter_by(
+            application=applicant.id,
+            medium='Phone').first()
         for result in results:
             score_sum += int(result.score)
-            reviewers[application.id].append(result.member)
-            reviewers[application.id] = sorted(reviewers[application.id])
+            reviewers[applicant.id].append(result.member)
+            reviewers[applicant.id] = sorted(reviewers[applicant.id])
         if len(results) != 0:
             avg = int(score_sum / len(results))
             if phone_r:
                 avg += phone_r.score
-            averages[application.id] = avg
+            averages[applicant.id] = avg
         else:
-            averages[application.id] = 0
-            reviewers[application.id] = []
-        evaluated[application.id] = bool(submission.query.filter_by(application=application.id, medium="Phone").all())
+            averages[applicant.id] = 0
+            reviewers[applicant.id] = []
+        evaluated[applicant.id] = bool(Submission.query.filter_by(application=applicant.id, medium='Phone').all())
 
-    if member and member.team or is_evals or is_rtp:
-        team = members.query.filter_by(team=member.team)
-        reviewed_apps = [a.application for a in submission.query.filter_by(
+    if member and member.team:
+        team = Members.query.filter_by(team=member.team)
+        reviewed_apps = [a.application for a in Submission.query.filter_by(
             member=info['uid']).all()]
-        applications = [{
-            "id": a.id,
-            "gender": a.gender,
-            "reviewed": a.id in reviewed_apps,
-            "interview": a.phone_int,
-            "review_count": submission.query.filter_by(application=a.id).count()} for a in applicant.query.filter_by(team=member.team).all()]
+        applications = [
+                {
+                    'id': a.id,
+                    'gender': a.gender,
+                    'reviewed': a.id in reviewed_apps,
+                    'interview': a.phone_int,
+                    'review_count': Submission.query.filter_by(application=a.id).count()
+                    } for a in Applicant.query.filter_by(team=member.team).all()
+                ]
 
         return render_template(
             'index.html',
@@ -104,9 +110,30 @@ def main(info=None):
             averages=averages,
             evaluated=evaluated,
             reviewers=reviewers)
+    elif is_evals or is_rtp:
+        all_users.append(info['uid'])
+        return render_template(
+            'index.html',
+            info=info,
+            all_applications=all_applications,
+            all_users=all_users,
+            averages=averages,
+            evaluated=evaluated,
+            reviewers=reviewers)
+    else:
+        return render_template(
+            'index.html',
+            info=info,
+            all_users=all_users)
+
+
+@app.route('/logout')
+@auth.oidc_logout
+def logout():
+    return redirect('/', 302)
 
 
-if __name__ == "__main__":
+if __name__ == '__main__':
     app.run()
 
 application = app