Merge branch '2157-define-user-role-models' into 2157-switch-to-token-based-auth

mssalvatore · mssalvatore · commit 6ec465a46dfb · 2023-02-23T11:43:00.000-05:00
Issue #2157 PR #3004
diff --git a/monkey/monkey_island/Pipfile b/monkey/monkey_island/Pipfile
@@ -34,6 +34,8 @@ pydantic = "*"
 egg-timer = "*"
 pyyaml = "*"
 semver = "==2.13.0"
+flask-login = "*"
+flask-wtf = "*"
 
 [dev-packages]
 virtualenv = "==20.16.2" # Pinned to 20.16.2 due to importlib-metadat/flake8 issue
diff --git a/monkey/monkey_island/Pipfile.lock b/monkey/monkey_island/Pipfile.lock
diff --git a/monkey/monkey_island/cc/models/__init__.py b/monkey/monkey_island/cc/models/__init__.py
@@ -9,3 +9,5 @@
 from common.types import AgentID
 from .agent import Agent
 from .terminate_all_agents import TerminateAllAgents
+from .user import User
+from .role import Role
diff --git a/monkey/monkey_island/cc/models/role.py b/monkey/monkey_island/cc/models/role.py
@@ -0,0 +1,10 @@
+from __future__ import annotations
+
+from flask_login import RoleMixin
+from mongoengine import Document, StringField
+
+
+class Role(Document, RoleMixin):
+    name = StringField(max_length=80, unique=True)
+    description = StringField(max_length=255)
+    permissions = StringField(max_length=255)
diff --git a/monkey/monkey_island/cc/models/user.py b/monkey/monkey_island/cc/models/user.py
@@ -0,0 +1,18 @@
+from __future__ import annotations
+
+from flask_login import UserMixin
+from mongoengine import BooleanField, Document, ListField, ReferenceField, StringField
+
+from .role import Role
+
+
+class User(Document, UserMixin):
+    username = StringField(max_length=255, unique=True)
+    password_hash = StringField()
+    active = BooleanField(default=True)
+    fs_uniquifier = StringField(max_length=64, unique=True)
+    roles = ListField(ReferenceField(Role), default=[])
+
+    @staticmethod
+    def get_by_id(id: str):
+        return User.objects.get(id)
diff --git a/vulture_allowlist.py b/vulture_allowlist.py
@@ -19,7 +19,7 @@
 from infection_monkey.exploit.zerologon_utils.remote_shell import RemoteShell
 from infection_monkey.transport.http import FileServHTTPRequestHandler
 from monkey_island.cc.deployment import Deployment
-from monkey_island.cc.models import IslandMode, Machine
+from monkey_island.cc.models import IslandMode, Machine, Role, User
 from monkey_island.cc.repositories import IAgentEventRepository, MongoAgentEventRepository
 from monkey_island.cc.repositories.utils.hard_coded_credential_collector_schemas import (
     HARD_CODED_CREDENTIAL_COLLECTOR_SCHEMAS,
@@ -148,3 +148,10 @@
 HARD_CODED_FINGERPRINTER_MANIFESTS
 HARD_CODED_PAYLOADS_MANIFESTS
 HARD_CODED_PAYLOADS_SCHEMAS
+
+# Remove after #2157
+User.active
+User.fs_uniquifier
+User.roles
+User.get_by_id
+Role.permissions
