1 # Create your views here.
5 from django import forms
6 from django.views.decorators.csrf import csrf_exempt
7 from django.core import urlresolvers
8 from django.core import serializers
9 from django.contrib.auth.decorators import login_required
10 from django.contrib.auth import logout
11 from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse
12 from django.shortcuts import get_object_or_404, render_to_response
13 from django.core.context_processors import request
14 from django.template.context import RequestContext
15 from django.template.loader import get_template, render_to_string
16 from django.utils import simplejson
17 from django.core.urlresolvers import reverse
18 from django.contrib import messages
19 from flowspy.accounts.models import *
21 from django.contrib.auth import authenticate, login
23 from django.forms.models import model_to_dict
25 from flowspy.flowspec.forms import *
26 from flowspy.flowspec.models import *
28 from copy import deepcopy
29 from flowspy.utils.decorators import shib_required
31 from django.views.decorators.cache import never_cache
32 from django.conf import settings
33 from django.core.mail import mail_admins, mail_managers, send_mail
37 def user_routes(request):
38 user_routes = Route.objects.filter(applier=request.user)
39 return render_to_response('user_routes.html', {'routes': user_routes},
40 context_instance=RequestContext(request))
43 return render_to_response('welcome.html', context_instance=RequestContext(request))
47 def group_routes(request):
49 peer = request.user.get_profile().peer
51 peer_members = UserProfile.objects.filter(peer=peer)
52 users = [prof.user for prof in peer_members]
53 group_routes = Route.objects.filter(applier__in=users)
54 return render_to_response('user_routes.html', {'routes': group_routes},
55 context_instance=RequestContext(request))
60 def add_route(request):
61 applier = request.user.pk
62 applier_peer_networks = request.user.get_profile().peer.networks.all()
63 if not applier_peer_networks:
64 messages.add_message(request, messages.WARNING,
65 "Insufficient rights on administrative networks. Cannot add rule. Contact your administrator")
66 return HttpResponseRedirect(reverse("group-routes"))
67 if request.method == "GET":
69 return render_to_response('apply.html', {'form': form, 'applier': applier},
70 context_instance=RequestContext(request))
73 form = RouteForm(request.POST)
75 route=form.save(commit=False)
76 route.applier = request.user
77 route.status = "PENDING"
81 mail_body = render_to_string("rule_add_mail.txt",
83 mail_admins("Rule %s creation request submitted by %s" %(route.name, route.applier.username),
84 mail_body, fail_silently=True)
85 return HttpResponseRedirect(reverse("group-routes"))
87 return render_to_response('apply.html', {'form': form, 'applier':applier},
88 context_instance=RequestContext(request))
92 def edit_route(request, route_slug):
93 applier = request.user.pk
94 applier_peer = request.user.get_profile().peer
95 route_edit = get_object_or_404(Route, name=route_slug)
96 route_edit_applier_peer = route_edit.applier.get_profile().peer
97 if applier_peer != route_edit_applier_peer:
98 messages.add_message(request, messages.WARNING,
99 "Insufficient rights to edit rule %s" %(route_slug))
100 return HttpResponseRedirect(reverse("group-routes"))
101 if route_edit.status == "ADMININACTIVE" :
102 messages.add_message(request, messages.WARNING,
103 "Administrator has disabled editing of rule %s" %(route_slug))
104 return HttpResponseRedirect(reverse("group-routes"))
105 if route_edit.status == "EXPIRED" :
106 messages.add_message(request, messages.WARNING,
107 "Cannot edit the expired rule %s. Contact helpdesk to enable it" %(route_slug))
108 return HttpResponseRedirect(reverse("group-routes"))
109 if route_edit.status == "PENDING" :
110 messages.add_message(request, messages.WARNING,
111 "Cannot edit a pending rule: %s." %(route_slug))
112 return HttpResponseRedirect(reverse("group-routes"))
113 route_original = deepcopy(route_edit)
115 form = RouteForm(request.POST, instance = route_edit)
117 route=form.save(commit=False)
118 route.name = route_original.name
119 route.applier = request.user
120 route.status = "PENDING"
124 mail_body = render_to_string("rule_edit_mail.txt",
126 mail_admins("Rule %s edit request submitted by %s" %(route.name, route.applier.username),
127 mail_body, fail_silently=True)
128 return HttpResponseRedirect(reverse("group-routes"))
130 return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
131 context_instance=RequestContext(request))
133 dictionary = model_to_dict(route_edit, fields=[], exclude=[])
134 #form = RouteForm(instance=route_edit)
135 form = RouteForm(dictionary)
136 return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
137 context_instance=RequestContext(request))
141 def delete_route(request, route_slug):
142 if request.is_ajax():
143 route = get_object_or_404(Route, name=route_slug)
144 applier_peer = route.applier.get_profile().peer
145 requester_peer = request.user.get_profile().peer
146 if applier_peer == requester_peer:
147 route.status = "PENDING"
149 route.commit_delete()
150 mail_body = render_to_string("rule_delete_mail.txt",
152 mail_admins("Rule %s removal request submitted by %s" %(route.name, route.applier.username),
153 mail_body, fail_silently=True)
154 html = "<html><body>Done</body></html>"
155 return HttpResponse(html)
157 return HttpResponseRedirect(reverse("group-routes"))
161 def user_profile(request):
163 peer = request.user.get_profile().peer
165 return render_to_response('profile.html', {'user': user, 'peer':peer},
166 context_instance=RequestContext(request))
169 def user_login(request):
171 error_username = None
173 error_affiliation = None
175 username = request.META['HTTP_EPPN']
177 error_username = True
178 firstname = request.META['HTTP_SHIB_INETORGPERSON_GIVENNAME']
179 lastname = request.META['HTTP_SHIB_PERSON_SURNAME']
180 mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL']
181 organization = request.META['HTTP_SHIB_HOMEORGANIZATION']
182 affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT']
183 if settings.SHIB_AUTH_AFFILIATION in affiliation.split(";"):
184 has_affiliation = True
185 if not has_affiliation:
186 error_affiliation = True
190 error = "Your idP should release the HTTP_EPPN attribute towards this service\n"
192 error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n"
193 if error_affiliation:
194 error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service"
195 if error_username or error_orgname or error_affiliation:
196 return render_to_response('error.html', {'error': error,},
197 context_instance=RequestContext(request))
198 user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=affiliation)
201 update_user_attributes(user, firstname=firstname, lastname=lastname, mail=mail)
202 return HttpResponseRedirect(reverse("group-routes"))
203 # Redirect to a success page.
204 # Return a 'disabled account' error message
206 error = "Something went wrong during user authentication. Contact your administrator"
207 return render_to_response('error.html', {'error': error,},
208 context_instance=RequestContext(request))
209 except Exception as e:
210 error = "Invalid login procedure"
211 return render_to_response('error.html', {'error': error,},
212 context_instance=RequestContext(request))
213 # Return an 'invalid login' error message.
214 # return HttpResponseRedirect(reverse("user-routes"))
218 def add_rate_limit(request):
219 if request.method == "GET":
220 form = ThenPlainForm()
221 return render_to_response('add_rate_limit.html', {'form': form,},
222 context_instance=RequestContext(request))
225 form = ThenPlainForm(request.POST)
227 then=form.save(commit=False)
228 then.action_value = "%sk"%then.action_value
231 response_data['pk'] = "%s" %then.pk
232 response_data['value'] = "%s:%s" %(then.action, then.action_value)
233 return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
235 return render_to_response('add_rate_limit.html', {'form': form,},
236 context_instance=RequestContext(request))
238 def update_user_attributes(user, firstname, lastname, mail):
239 user.first_name = firstname
240 user.last_name = lastname
246 def add_port(request):
247 if request.method == "GET":
248 form = PortPlainForm()
249 return render_to_response('add_port.html', {'form': form,},
250 context_instance=RequestContext(request))
253 form = PortPlainForm(request.POST)
257 response_data['value'] = "%s" %port.pk
258 response_data['text'] = "%s" %port.port
259 return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
261 return render_to_response('add_port.html', {'form': form,},
262 context_instance=RequestContext(request))
266 def user_logout(request):
268 return HttpResponseRedirect(reverse('group-routes'))
271 def load_jscript(request, file):
272 return render_to_response('%s.js' % file, context_instance=RequestContext(request), mimetype="text/javascript")