1 # Create your views here.
5 from django import forms
6 from django.views.decorators.csrf import csrf_exempt
7 from django.core import urlresolvers
8 from django.core import serializers
9 from django.contrib.auth.decorators import login_required
10 from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse
11 from django.shortcuts import get_object_or_404, render_to_response
12 from django.core.context_processors import request
13 from django.template.context import RequestContext
14 from django.template.loader import get_template
15 from django.utils import simplejson
16 from django.core.urlresolvers import reverse
17 from django.contrib import messages
18 from flowspy.accounts.models import *
20 from django.contrib.auth import authenticate, login
22 from django.forms.models import model_to_dict
24 from flowspy.flowspec.forms import *
25 from flowspy.flowspec.models import *
27 from copy import deepcopy
28 from flowspy.utils.decorators import shib_required
31 from django.views.decorators.cache import never_cache
32 from django.conf import settings
35 def days_offset(): return datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET)
38 def user_routes(request):
39 user_routes = Route.objects.filter(applier=request.user)
40 return render_to_response('user_routes.html', {'routes': user_routes},
41 context_instance=RequestContext(request))
44 return render_to_response('welcome.html', context_instance=RequestContext(request))
48 def group_routes(request):
50 peer = request.user.get_profile().peer
52 peer_members = UserProfile.objects.filter(peer=peer)
53 users = [prof.user for prof in peer_members]
54 group_routes = Route.objects.filter(applier__in=users)
55 return render_to_response('user_routes.html', {'routes': group_routes},
56 context_instance=RequestContext(request))
61 def add_route(request):
62 applier = request.user.pk
63 applier_peer_networks = request.user.get_profile().peer.networks.all()
64 if not applier_peer_networks:
65 messages.add_message(request, messages.WARNING,
66 "Insufficient rights on administrative networks. Cannot add rule. Contact your administrator")
67 return HttpResponseRedirect(reverse("group-routes"))
68 if request.method == "GET":
70 return render_to_response('apply.html', {'form': form, 'applier': applier},
71 context_instance=RequestContext(request))
74 form = RouteForm(request.POST)
76 route=form.save(commit=False)
77 route.applier = request.user
78 route.expires = days_offset()
79 route.status = "PENDING"
83 return HttpResponseRedirect(reverse("group-routes"))
85 return render_to_response('apply.html', {'form': form, 'applier':applier},
86 context_instance=RequestContext(request))
90 def add_then(request):
91 applier = request.user.pk
92 if request.method == "GET":
94 return render_to_response('apply.html', {'form': form, 'applier': applier},
95 context_instance=RequestContext(request))
98 form = RouteForm(request.POST)
100 route=form.save(commit=False)
101 route.applier = request.user
102 route.expires = days_offset()
106 return HttpResponseRedirect(reverse("group-routes"))
108 return render_to_response('apply.html', {'form': form, 'applier':applier},
109 context_instance=RequestContext(request))
113 def edit_route(request, route_slug):
114 applier = request.user.pk
115 applier_peer = request.user.get_profile().peer
116 route_edit = get_object_or_404(Route, name=route_slug)
117 route_edit_applier_peer = route_edit.applier.get_profile().peer
118 if applier_peer != route_edit_applier_peer:
119 messages.add_message(request, messages.WARNING,
120 "Insufficient rights to edit rule %s" %(route_slug))
121 return HttpResponseRedirect(reverse("group-routes"))
122 if route_edit.status == "ADMININACTIVE" :
123 messages.add_message(request, messages.WARNING,
124 "Administrator has disabled editing of rule %s" %(route_slug))
125 return HttpResponseRedirect(reverse("group-routes"))
126 if route_edit.status == "EXPIRED" :
127 messages.add_message(request, messages.WARNING,
128 "Cannot edit the expired rule %s. Contact helpdesk to enable it" %(route_slug))
129 return HttpResponseRedirect(reverse("group-routes"))
130 route_original = deepcopy(route_edit)
132 form = RouteForm(request.POST, instance = route_edit)
134 route=form.save(commit=False)
135 route.name = route_original.name
136 route.applier = request.user
137 route.expires = route_original.expires
138 route.status = "PENDING"
142 return HttpResponseRedirect(reverse("group-routes"))
144 return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
145 context_instance=RequestContext(request))
147 dictionary = model_to_dict(route_edit, fields=[], exclude=[])
148 #form = RouteForm(instance=route_edit)
149 form = RouteForm(dictionary)
150 return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
151 context_instance=RequestContext(request))
155 def delete_route(request, route_slug):
156 if request.is_ajax():
157 route = get_object_or_404(Route, name=route_slug)
158 applier_peer = route.applier.get_profile().peer
159 requester_peer = request.user.get_profile().peer
160 if applier_peer == requester_peer:
161 route.status = "PENDING"
162 route.commit_delete()
163 html = "<html><body>Done</body></html>"
164 return HttpResponse(html)
166 return HttpResponseRedirect(reverse("group-routes"))
170 def user_profile(request):
172 peer = request.user.get_profile().peer
174 return render_to_response('profile.html', {'user': user, 'peer':peer},
175 context_instance=RequestContext(request))
178 def user_login(request):
180 error_username = None
182 error_affiliation = None
184 username = request.META['HTTP_EPPN']
186 error_username = True
187 firstname = request.META['HTTP_SHIB_INETORGPERSON_GIVENNAME']
188 lastname = request.META['HTTP_SHIB_PERSON_SURNAME']
189 mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL']
190 organization = request.META['HTTP_SHIB_HOMEORGANIZATION']
191 affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT']
192 if settings.SHIB_AUTH_AFFILIATION in affiliation.split(";"):
193 has_affiliation = True
194 if not has_affiliation:
195 error_affiliation = True
199 error = "Your idP should release the HTTP_EPPN attribute towards this service\n"
201 error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n"
202 if error_affiliation:
203 error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service"
204 if error_username or error_orgname or error_affiliation:
205 return render_to_response('error.html', {'error': error,},
206 context_instance=RequestContext(request))
207 user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=affiliation)
210 update_user_attributes(user, firstname=firstname, lastname=lastname, mail=mail)
211 return HttpResponseRedirect(reverse("group-routes"))
212 # Redirect to a success page.
213 # Return a 'disabled account' error message
215 error = "Something went wrong during user authentication. Contact your administrator"
216 return render_to_response('error.html', {'error': error,},
217 context_instance=RequestContext(request))
218 except Exception as e:
219 error = "Invalid login procedure"
220 return render_to_response('error.html', {'error': error,},
221 context_instance=RequestContext(request))
222 # Return an 'invalid login' error message.
223 # return HttpResponseRedirect(reverse("user-routes"))
227 def add_rate_limit(request):
228 if request.method == "GET":
229 form = ThenPlainForm()
230 return render_to_response('add_rate_limit.html', {'form': form,},
231 context_instance=RequestContext(request))
234 form = ThenPlainForm(request.POST)
236 then=form.save(commit=False)
237 then.action_value = "%sk"%then.action_value
240 response_data['pk'] = "%s" %then.pk
241 response_data['value'] = "%s:%s" %(then.action, then.action_value)
242 return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
244 return render_to_response('add_rate_limit.html', {'form': form,},
245 context_instance=RequestContext(request))
247 def update_user_attributes(user, firstname, lastname, mail):
248 user.first_name = firstname
249 user.last_name = lastname
255 def add_port(request):
256 if request.method == "GET":
257 form = PortPlainForm()
258 return render_to_response('add_port.html', {'form': form,},
259 context_instance=RequestContext(request))
262 form = PortPlainForm(request.POST)
266 response_data['value'] = "%s" %port.pk
267 response_data['text'] = "%s" %port.port
268 return HttpResponse(simplejson.dumps(response_data), mimetype='application/json')
270 return render_to_response('add_port.html', {'form': form,},
271 context_instance=RequestContext(request))
275 def user_logout(request):
276 return HttpResponseRedirect(settings.SHIB_LOGOUT_URL)
279 def load_jscript(request, file):
280 return render_to_response('%s.js' % file, context_instance=RequestContext(request), mimetype="text/javascript")