X-Git-Url: https://code.grnet.gr/git/flowspy/blobdiff_plain/3bfa0ea6423e76f2ffd65273e08a2e426cd2f66b..f963445596437dc73930127a2bb7a68cee3bd0e4:/flowspec/views.py
diff --git a/flowspec/views.py b/flowspec/views.py
index 05340a4..83d8262 100644
--- a/flowspec/views.py
+++ b/flowspec/views.py
@@ -8,6 +8,8 @@ from django.core import urlresolvers
from django.core import serializers
from django.contrib.auth.decorators import login_required
from django.contrib.auth import logout
+from django.contrib.sites.models import Site
+from django.contrib.auth.models import User
from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse
from django.shortcuts import get_object_or_404, render_to_response
from django.core.context_processors import request
@@ -17,6 +19,7 @@ from django.utils import simplejson
from django.core.urlresolvers import reverse
from django.contrib import messages
from flowspy.accounts.models import *
+from ipaddr import *
from django.contrib.auth import authenticate, login
@@ -24,20 +27,21 @@ from django.forms.models import model_to_dict
from flowspy.flowspec.forms import *
from flowspy.flowspec.models import *
+from registration.models import RegistrationProfile
from copy import deepcopy
from flowspy.utils.decorators import shib_required
from django.views.decorators.cache import never_cache
from django.conf import settings
-from django.core.mail import mail_admins, mail_managers, send_mail
-
+from django.core.mail.message import EmailMessage
+import datetime
import os
LOG_FILENAME = os.path.join(settings.LOG_FILE_LOCATION, 'celery_jobs.log')
#FORMAT = '%(asctime)s %(levelname)s: %(message)s'
#logging.basicConfig(format=FORMAT)
-formatter = logging.Formatter('%(asctime)s %(levelname)s: %(message)s')
+formatter = logging.Formatter('%(asctime)s %(levelname)s %(clientip)s %(user)s: %(message)s')
logger = logging.getLogger(__name__)
logger.setLevel(logging.DEBUG)
@@ -78,6 +82,8 @@ def add_route(request):
return HttpResponseRedirect(reverse("group-routes"))
if request.method == "GET":
form = RouteForm()
+ if not request.user.is_superuser:
+ form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True)
return render_to_response('apply.html', {'form': form, 'applier': applier},
context_instance=RequestContext(request))
@@ -87,15 +93,21 @@ def add_route(request):
route=form.save(commit=False)
route.applier = request.user
route.status = "PENDING"
+ route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
+ route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
route.save()
form.save_m2m()
route.commit_add()
+ requesters_address = request.META['HTTP_X_FORWARDED_FOR']
mail_body = render_to_string("rule_add_mail.txt",
- {"route": route})
- send_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s creation request submitted by %s" %(route.name, route.applier.username),
- mail_body, settings.SERVER_EMAIL,
- get_peer_techc_mails(route.applier), fail_silently=True)
- logger.info(mail_body)
+ {"route": route, "address": requesters_address})
+ user_mail = "%s" %route.applier.email
+ user_mail = user_mail.split(';')
+ send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s creation request submitted by %s" %(route.name, route.applier.username),
+ mail_body, settings.SERVER_EMAIL, user_mail,
+ get_peer_techc_mails(route.applier))
+ d = { 'clientip' : "%s"%requesters_address, 'user' : route.applier.username }
+ logger.info(mail_body, extra=d)
return HttpResponseRedirect(reverse("group-routes"))
else:
return render_to_response('apply.html', {'form': form, 'applier':applier},
@@ -132,16 +144,21 @@ def edit_route(request, route_slug):
route.name = route_original.name
route.applier = request.user
route.status = "PENDING"
+ route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
+ route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
route.save()
form.save_m2m()
route.commit_edit()
+ requesters_address = request.META['HTTP_X_FORWARDED_FOR']
mail_body = render_to_string("rule_edit_mail.txt",
- {"route": route})
- send_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s edit request submitted by %s" %(route.name, route.applier.username),
- mail_body, settings.SERVER_EMAIL,
- get_peer_techc_mails(route.applier), fail_silently=True)
- logger.info(mail_body)
-
+ {"route": route, "address": requesters_address})
+ user_mail = "%s" %route.applier.email
+ user_mail = user_mail.split(';')
+ send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s edit request submitted by %s" %(route.name, route.applier.username),
+ mail_body, settings.SERVER_EMAIL, user_mail,
+ get_peer_techc_mails(route.applier))
+ d = { 'clientip' : requesters_address, 'user' : route.applier.username }
+ logger.info(mail_body, extra=d)
return HttpResponseRedirect(reverse("group-routes"))
else:
return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
@@ -150,6 +167,8 @@ def edit_route(request, route_slug):
dictionary = model_to_dict(route_edit, fields=[], exclude=[])
#form = RouteForm(instance=route_edit)
form = RouteForm(dictionary)
+ if not request.user.is_superuser:
+ form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True)
return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier},
context_instance=RequestContext(request))
@@ -162,14 +181,19 @@ def delete_route(request, route_slug):
requester_peer = request.user.get_profile().peer
if applier_peer == requester_peer:
route.status = "PENDING"
+ route.expires = datetime.date.today()
route.save()
route.commit_delete()
+ requesters_address = request.META['HTTP_X_FORWARDED_FOR']
mail_body = render_to_string("rule_delete_mail.txt",
- {"route": route})
- send_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s removal request submitted by %s" %(route.name, route.applier.username),
- mail_body, settings.SERVER_EMAIL,
- get_peer_techc_mails(route.applier), fail_silently=True)
- logger.info(mail_body)
+ {"route": route, "address": requesters_address})
+ user_mail = "%s" %route.applier.email
+ user_mail = user_mail.split(';')
+ send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s removal request submitted by %s" %(route.name, route.applier.username),
+ mail_body, settings.SERVER_EMAIL, user_mail,
+ get_peer_techc_mails(route.applier))
+ d = { 'clientip' : requesters_address, 'user' : route.applier.username }
+ logger.info(mail_body, extra=d)
html = "Done"
return HttpResponse(html)
else:
@@ -187,9 +211,11 @@ def user_profile(request):
@never_cache
def user_login(request):
try:
- error_username = None
- error_orgname = None
- error_affiliation = None
+ error_username = False
+ error_orgname = False
+ error_affiliation = False
+ error_mail = False
+ has_affiliation = False
error = ''
username = request.META['HTTP_EPPN']
if not username:
@@ -205,33 +231,62 @@ def user_login(request):
error_affiliation = True
if not organization:
error_orgname = True
+ if not mail:
+ error_mail = True
if error_username:
- error = "Your idP should release the HTTP_EPPN attribute towards this service\n"
+ error = "Your idP should release the HTTP_EPPN attribute towards this service
"
if error_orgname:
- error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n"
+ error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service
"
if error_affiliation:
- error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service"
- if error_username or error_orgname or error_affiliation:
- return render_to_response('error.html', {'error': error,},
+ error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service
"
+ if error_mail:
+ error = error + "Your idP should release the HTTP_SHIB_INETORGPERSON_MAIL attribute towards this service"
+ if error_username or error_orgname or error_affiliation or error_mail:
+ return render_to_response('error.html', {'error': error, "missing_attributes": True},
context_instance=RequestContext(request))
+ try:
+ user = User.objects.get(username__exact=username)
+ user_exists = True
+ except:
+ user_exists = False
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=affiliation)
if user is not None:
- login(request, user)
- update_user_attributes(user, firstname=firstname, lastname=lastname, mail=mail)
- return HttpResponseRedirect(reverse("group-routes"))
- # Redirect to a success page.
- # Return a 'disabled account' error message
+ if not user_exists:
+ user_activation_notify(user)
+ if user.is_active:
+ login(request, user)
+ return HttpResponseRedirect(reverse("group-routes"))
+ else:
+ error = "User %s is not active yet. Administrators have been notified and will soon activate this account.
If your problem persists contact Helpdesk" %user.username
+ return render_to_response('error.html', {'error': error, 'inactive': True},
+ context_instance=RequestContext(request))
else:
error = "Something went wrong during user authentication. Contact your administrator"
return render_to_response('error.html', {'error': error,},
context_instance=RequestContext(request))
- except Exception as e:
+ except Exception:
error = "Invalid login procedure"
return render_to_response('error.html', {'error': error,},
context_instance=RequestContext(request))
# Return an 'invalid login' error message.
# return HttpResponseRedirect(reverse("user-routes"))
+def user_activation_notify(user):
+ current_site = Site.objects.get_current()
+ subject = render_to_string('registration/activation_email_subject.txt',
+ { 'site': current_site })
+ # Email subject *must not* contain newlines
+ subject = ''.join(subject.splitlines())
+ registration_profile = RegistrationProfile.objects.create_profile(user)
+ message = render_to_string('registration/activation_email.txt',
+ { 'activation_key': registration_profile.activation_key,
+ 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS,
+ 'site': current_site,
+ 'user': user })
+ send_new_mail(settings.EMAIL_SUBJECT_PREFIX + subject,
+ message, settings.SERVER_EMAIL,
+ get_peer_techc_mails(user), [])
+
@login_required
@never_cache
def add_rate_limit(request):
@@ -253,12 +308,6 @@ def add_rate_limit(request):
else:
return render_to_response('add_rate_limit.html', {'form': form,},
context_instance=RequestContext(request))
-
-def update_user_attributes(user, firstname, lastname, mail):
- user.first_name = firstname
- user.last_name = lastname
- user.email = mail
- user.save()
@login_required
@never_cache
@@ -293,13 +342,22 @@ def load_jscript(request, file):
def get_peer_techc_mails(user):
- user_mail = user.email
+ mail = []
+ additional_mail = []
+ techmails_list = []
+ user_mail = "%s" %user.email
+ user_mail = user_mail.split(';')
techmails = user.get_profile().peer.techc()
- additional_mail = "%s;%s" %(settings.HELPDESK_MAIL,settings.NOC_MAIL)
if techmails:
- mail = "%s;%s" %(techmails, additional_mail)
- else:
- mail = additional_mail
- mail = "%s;%s" %(user_mail, mail)
- mail = mail.split(';')
+ techmails_list = techmails.split(';')
+ if settings.NOTIFY_ADMIN_MAILS:
+ additional_mail = settings.NOTIFY_ADMIN_MAILS
+# mail.extend(user_mail)
+ mail.extend(additional_mail)
+ mail.extend(techmails_list)
return mail
+
+
+def send_new_mail(subject, message, from_email, recipient_list, bcc_list):
+ return EmailMessage(subject, message, from_email, recipient_list, bcc_list).send()
+