code.grnet.gr Git - flowspy/blob - flowspec/views.py

   1 # Create your views here.
   2 import urllib2
   3 import socket
   4 import json
   5 from django import forms
   6 from django.views.decorators.csrf import csrf_exempt
   7 from django.core import urlresolvers
   8 from django.core import serializers
   9 from django.contrib.auth.decorators import login_required
  10 from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse
  11 from django.shortcuts import get_object_or_404, render_to_response
  12 from django.core.context_processors import request
  13 from django.template.context import RequestContext
  14 from django.template.loader import get_template
  15 from django.utils import simplejson
  16 from django.core.urlresolvers import reverse
  17 from django.contrib import messages
  18 from flowspy.accounts.models import *
  19
  20 from django.contrib.auth import authenticate, login
  21
  22 from django.forms.models import model_to_dict
  23
  24 from flowspy.flowspec.forms import *
  25 from flowspy.flowspec.models import *
  26
  27 from copy import deepcopy
  28 from flowspy.utils.decorators import shib_required
  29 import datetime
  30
  31 from django.views.decorators.cache import never_cache
  32 from django.conf import settings
  33
  34
  35 def days_offset(): return datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET)
  36
  37 @login_required
  38 def user_routes(request):
  39     user_routes = Route.objects.filter(applier=request.user)
  40     return render_to_response('user_routes.html', {'routes': user_routes},
  41                               context_instance=RequestContext(request))
  42
  43 def welcome(request):
  44     return render_to_response('welcome.html', context_instance=RequestContext(request))
  45
  46 @login_required
  47 @never_cache
  48 def group_routes(request):
  49     group_routes = []
  50     peer = request.user.get_profile().peer
  51     if peer:
  52        peer_members = UserProfile.objects.filter(peer=peer)
  53        users = [prof.user for prof in peer_members]
  54        group_routes = Route.objects.filter(applier__in=users)
  55     return render_to_response('user_routes.html', {'routes': group_routes},
  56                               context_instance=RequestContext(request))
  57
  58
  59 @login_required
  60 @never_cache
  61 def add_route(request):
  62     applier = request.user.pk
  63     applier_peer_networks = request.user.get_profile().peer.networks.all()
  64     if not applier_peer_networks:
  65          messages.add_message(request, messages.WARNING,
  66                              "Insufficient rights on administrative networks. Cannot add rule. Contact your administrator")
  67          return HttpResponseRedirect(reverse("group-routes"))
  68     if request.method == "GET":
  69         form = RouteForm()
  70         return render_to_response('apply.html', {'form': form, 'applier': applier},
  71                                   context_instance=RequestContext(request))
  72
  73     else:
  74         form = RouteForm(request.POST)
  75         if form.is_valid():
  76             route=form.save(commit=False)
  77             route.applier = request.user
  78             route.expires = days_offset()
  79             route.status = "PENDING"
  80             route.save()
  81             form.save_m2m()
  82             route.commit_add()
  83             return HttpResponseRedirect(reverse("group-routes"))
  84         else:
  85             return render_to_response('apply.html', {'form': form, 'applier':applier},
  86                                       context_instance=RequestContext(request))
  87
  88 @login_required
  89 @never_cache
  90 def add_then(request):
  91     applier = request.user.pk
  92     if request.method == "GET":
  93         form = RouteForm()
  94         return render_to_response('apply.html', {'form': form, 'applier': applier},
  95                                   context_instance=RequestContext(request))
  96
  97     else:
  98         form = RouteForm(request.POST)
  99         if form.is_valid():
 100             route=form.save(commit=False)
 101             route.applier = request.user
 102             route.expires = days_offset()
 103             route.save()
 104             form.save_m2m()
 105             route.commit_add()
 106             return HttpResponseRedirect(reverse("group-routes"))
 107         else:
 108             return render_to_response('apply.html', {'form': form, 'applier':applier},
 109                                       context_instance=RequestContext(request))
 110
 111 @login_required
 112 @never_cache
 113 def edit_route(request, route_slug):
 114     applier = request.user.pk
 115     applier_peer = request.user.get_profile().peer
 116     route_edit = get_object_or_404(Route, name=route_slug)
 117     route_edit_applier_peer = route_edit.applier.get_profile().peer
 118     if applier_peer != route_edit_applier_peer:
 119         messages.add_message(request, messages.WARNING,
 120                              "Insufficient rights to edit rule %s" %(route_slug))
 121         return HttpResponseRedirect(reverse("group-routes"))
 122     if route_edit.status == "ADMININACTIVE" :
 123         messages.add_message(request, messages.WARNING,
 124                              "Administrator has disabled editing of rule %s" %(route_slug))
 125         return HttpResponseRedirect(reverse("group-routes"))
 126     if route_edit.status == "EXPIRED" :
 127         messages.add_message(request, messages.WARNING,
 128                              "Cannot edit the expired rule %s. Contact helpdesk to enable it" %(route_slug))
 129         return HttpResponseRedirect(reverse("group-routes"))
 130     route_original = deepcopy(route_edit)
 131     if request.POST:
 132         form = RouteForm(request.POST, instance = route_edit)
 133         if form.is_valid():
 134             route=form.save(commit=False)
 135             route.name = route_original.name
 136             route.applier = request.user
 137             route.expires = route_original.expires
 138             route.status = "PENDING"
 139             route.save()
 140             form.save_m2m()
 141             route.commit_edit()
 142             return HttpResponseRedirect(reverse("group-routes"))
 143         else:
 144             return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
 145                                       context_instance=RequestContext(request))
 146     else:
 147         dictionary = model_to_dict(route_edit, fields=[], exclude=[])
 148         #form = RouteForm(instance=route_edit)
 149         form = RouteForm(dictionary)
 150         return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
 151                                   context_instance=RequestContext(request))
 152
 153 @login_required
 154 @never_cache
 155 def delete_route(request, route_slug):
 156     if request.is_ajax():
 157         route = get_object_or_404(Route, name=route_slug)
 158         applier_peer = route.applier.get_profile().peer
 159         requester_peer = request.user.get_profile().peer
 160         if applier_peer == requester_peer:
 161             route.status = "PENDING"
 162             route.commit_delete()
 163         html = "<html><body>Done</body></html>"
 164         return HttpResponse(html)
 165     else:
 166         return HttpResponseRedirect(reverse("group-routes"))
 167
 168 @login_required
 169 @never_cache
 170 def user_profile(request):
 171     user = request.user
 172     peer = request.user.get_profile().peer
 173
 174     return render_to_response('profile.html', {'user': user, 'peer':peer},
 175                                   context_instance=RequestContext(request))
 176
 177 @never_cache
 178 def user_login(request):
 179     try:
 180         error_username = None
 181         error_orgname = None
 182         error_affiliation = None
 183         error = ''
 184         username = request.META['HTTP_EPPN']
 185         if not username:
 186             error_username = True
 187         firstname = request.META['HTTP_SHIB_INETORGPERSON_GIVENNAME']
 188         lastname = request.META['HTTP_SHIB_PERSON_SURNAME']
 189         mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL']
 190         organization = request.META['HTTP_SHIB_HOMEORGANIZATION']
 191         affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT']
 192         if settings.SHIB_AUTH_AFFILIATION in affiliation.split(";"):
 193             has_affiliation = True
 194         if not has_affiliation:
 195             error_affiliation = True
 196         if not organization:
 197             error_orgname = True
 198         if error_username:
 199             error = "Your idP should release the HTTP_EPPN attribute towards this service\n"
 200         if error_orgname:
 201             error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n"
 202         if error_affiliation:
 203             error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service"
 204         if error_username or error_orgname or error_affiliation:
 205             return render_to_response('error.html', {'error': error,},
 206                                   context_instance=RequestContext(request))
 207         user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=affiliation)
 208         if user is not None:
 209             login(request, user)
 210             update_user_attributes(user, firstname=firstname, lastname=lastname, mail=mail)
 211             return HttpResponseRedirect(reverse("group-routes"))
 212                 # Redirect to a success page.
 213                 # Return a 'disabled account' error message
 214         else:
 215             error = "Something went wrong during user authentication. Contact your administrator"
 216             return render_to_response('error.html', {'error': error,},
 217                                   context_instance=RequestContext(request))
 218     except Exception as e:
 219         error = "Invalid login procedure"
 220         return render_to_response('error.html', {'error': error,},
 221                                   context_instance=RequestContext(request))
 222         # Return an 'invalid login' error message.
 223 #    return HttpResponseRedirect(reverse("user-routes"))
 224
 225 @login_required
 226 @never_cache
 227 def add_rate_limit(request):
 228     if request.method == "GET":
 229         form = ThenPlainForm()
 230         return render_to_response('add_rate_limit.html', {'form': form,},
 231                                   context_instance=RequestContext(request))
 232
 233     else:
 234         form = ThenPlainForm(request.POST)
 235         if form.is_valid():
 236             then=form.save(commit=False)
 237             then.action_value = "%sk"%then.action_value
 238             then.save()
 239             response_data = {}
 240             response_data['pk'] = "%s" %then.pk
 241             response_data['value'] = "%s:%s" %(then.action, then.action_value)
 242             return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
 243         else:
 244             return render_to_response('add_rate_limit.html', {'form': form,},
 245                                       context_instance=RequestContext(request))
 246
 247 def update_user_attributes(user, firstname, lastname, mail):
 248     user.first_name = firstname
 249     user.last_name = lastname
 250     user.email = mail
 251     user.save()
 252
 253 @login_required
 254 @never_cache
 255 def add_port(request):
 256     if request.method == "GET":
 257         form = PortPlainForm()
 258         return render_to_response('add_port.html', {'form': form,},
 259                                   context_instance=RequestContext(request))
 260
 261     else:
 262         form = PortPlainForm(request.POST)
 263         if form.is_valid():
 264             port=form.save()
 265             response_data = {}
 266             response_data['value'] = "%s" %port.pk
 267             response_data['text'] = "%s" %port.port
 268             return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
 269         else:
 270             return render_to_response('add_port.html', {'form': form,},
 271                                       context_instance=RequestContext(request))
 272
 273 @login_required
 274 @never_cache
 275 def user_logout(request):
 276     return HttpResponseRedirect(settings.SHIB_LOGOUT_URL)
 277
 278 @never_cache
 279 def load_jscript(request, file):
 280     return render_to_response('%s.js' % file, context_instance=RequestContext(request), mimetype="text/javascript")