Revision 6a946adf flowspec/views.py
| b/flowspec/views.py | ||
|---|---|---|
| 27 | 27 |
|
| 28 | 28 |
from copy import deepcopy |
| 29 | 29 |
from flowspy.utils.decorators import shib_required |
| 30 |
import datetime |
|
| 30 | 31 |
|
| 31 |
def days_offset(): return datetime.now() + timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
|
| 32 |
from django.views.decorators.cache import never_cache |
|
| 33 |
from django.conf import settings |
|
| 34 |
|
|
| 35 |
|
|
| 36 |
def days_offset(): return datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
|
| 32 | 37 |
|
| 33 | 38 |
@login_required |
| 34 | 39 |
def user_routes(request): |
| ... | ... | |
| 37 | 42 |
context_instance=RequestContext(request)) |
| 38 | 43 |
|
| 39 | 44 |
@login_required |
| 45 |
@never_cache |
|
| 40 | 46 |
def group_routes(request): |
| 41 | 47 |
group_routes = [] |
| 42 | 48 |
peer = request.user.get_profile().peer |
| ... | ... | |
| 49 | 55 |
|
| 50 | 56 |
|
| 51 | 57 |
@login_required |
| 58 |
@never_cache |
|
| 52 | 59 |
def add_route(request): |
| 53 | 60 |
applier = request.user.pk |
| 61 |
applier_peer_networks = request.user.get_profile().peer.networks.all() |
|
| 62 |
if not applier_peer_networks: |
|
| 63 |
messages.add_message(request, messages.WARNING, |
|
| 64 |
"Insufficient rights on administrative networks. Cannot add route. Contact your administrator") |
|
| 65 |
return HttpResponseRedirect(reverse("group-routes"))
|
|
| 54 | 66 |
if request.method == "GET": |
| 55 | 67 |
form = RouteForm() |
| 56 | 68 |
return render_to_response('apply.html', {'form': form, 'applier': applier},
|
| ... | ... | |
| 72 | 84 |
context_instance=RequestContext(request)) |
| 73 | 85 |
|
| 74 | 86 |
@login_required |
| 87 |
@never_cache |
|
| 75 | 88 |
def add_then(request): |
| 76 | 89 |
applier = request.user.pk |
| 77 | 90 |
if request.method == "GET": |
| ... | ... | |
| 94 | 107 |
context_instance=RequestContext(request)) |
| 95 | 108 |
|
| 96 | 109 |
@login_required |
| 110 |
@never_cache |
|
| 97 | 111 |
def edit_route(request, route_slug): |
| 98 | 112 |
applier = request.user.pk |
| 99 | 113 |
applier_peer = request.user.get_profile().peer |
| ... | ... | |
| 127 | 141 |
context_instance=RequestContext(request)) |
| 128 | 142 |
|
| 129 | 143 |
@login_required |
| 144 |
@never_cache |
|
| 130 | 145 |
def delete_route(request, route_slug): |
| 131 | 146 |
if request.is_ajax(): |
| 132 | 147 |
route = get_object_or_404(Route, name=route_slug) |
| 133 | 148 |
applier_peer = route.applier.get_profile().peer |
| 134 | 149 |
requester_peer = request.user.get_profile().peer |
| 135 | 150 |
if applier_peer == requester_peer: |
| 136 |
route.deactivate()
|
|
| 151 |
route.status = "PENDING"
|
|
| 137 | 152 |
route.commit_delete() |
| 138 | 153 |
html = "<html><body>Done</body></html>" |
| 139 | 154 |
return HttpResponse(html) |
| ... | ... | |
| 141 | 156 |
return HttpResponseRedirect(reverse("group-routes"))
|
| 142 | 157 |
|
| 143 | 158 |
@login_required |
| 159 |
@never_cache |
|
| 144 | 160 |
def user_profile(request): |
| 145 | 161 |
user = request.user |
| 146 | 162 |
peer = request.user.get_profile().peer |
| ... | ... | |
| 148 | 164 |
return render_to_response('profile.html', {'user': user, 'peer':peer},
|
| 149 | 165 |
context_instance=RequestContext(request)) |
| 150 | 166 |
|
| 151 |
|
|
| 167 |
@never_cache |
|
| 152 | 168 |
def user_login(request): |
| 153 | 169 |
try: |
| 154 | 170 |
error_username = None |
| 155 | 171 |
error_orgname = None |
| 172 |
error_affiliation = None |
|
| 173 |
error = '' |
|
| 156 | 174 |
username = request.META['HTTP_EPPN'] |
| 157 | 175 |
if not username: |
| 158 | 176 |
error_username = True |
| ... | ... | |
| 160 | 178 |
lastname = request.META['HTTP_SHIB_PERSON_SURNAME'] |
| 161 | 179 |
mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL'] |
| 162 | 180 |
organization = request.META['HTTP_SHIB_HOMEORGANIZATION'] |
| 181 |
affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT'] |
|
| 182 |
match = re.compile(settings.SHIB_AUTH_AFFILIATION) |
|
| 183 |
has_affiliation = match.search(affiliation) |
|
| 184 |
if not has_affiliation: |
|
| 185 |
error_affiliation = True |
|
| 163 | 186 |
if not organization: |
| 164 | 187 |
error_orgname = True |
| 165 |
|
|
| 166 |
if error_orgname or error_username: |
|
| 167 |
error = "Your idP should release the HTTP_EPPN, HTTP_SHIB_HOMEORGANIZATION attributes towards this service" |
|
| 188 |
if error_username: |
|
| 189 |
error = "Your idP should release the HTTP_EPPN attribute towards this service\n" |
|
| 190 |
if error_orgname: |
|
| 191 |
error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n" |
|
| 192 |
if error_affiliation: |
|
| 193 |
error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service" |
|
| 194 |
if error_username or error_orgname or error_affiliation: |
|
| 168 | 195 |
return render_to_response('error.html', {'error': error,},
|
| 169 | 196 |
context_instance=RequestContext(request)) |
| 170 |
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=None)
|
|
| 197 |
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation) |
|
| 171 | 198 |
if user is not None: |
| 172 | 199 |
login(request, user) |
| 173 | 200 |
return HttpResponseRedirect(reverse("group-routes"))
|
| 174 | 201 |
# Redirect to a success page. |
| 175 | 202 |
# Return a 'disabled account' error message |
| 176 | 203 |
else: |
| 177 |
html = "<html><body>Invalid User</body></html>" |
|
| 178 |
return HttpResponse(html) |
|
| 204 |
error = "Something went wrong during user authentication. Contact your administrator" |
|
| 205 |
return render_to_response('error.html', {'error': error,},
|
|
| 206 |
context_instance=RequestContext(request)) |
|
| 179 | 207 |
except Exception as e: |
| 180 |
html = "<html><body>Invalid Login Procedure %s </body></html>" %e |
|
| 181 |
return HttpResponse(html) |
|
| 208 |
error = "Invalid login procedure" |
|
| 209 |
return render_to_response('error.html', {'error': error,},
|
|
| 210 |
context_instance=RequestContext(request)) |
|
| 182 | 211 |
# Return an 'invalid login' error message. |
| 183 | 212 |
# return HttpResponseRedirect(reverse("user-routes"))
|
| 184 | 213 |
|
| 185 | 214 |
@login_required |
| 215 |
@never_cache |
|
| 186 | 216 |
def add_rate_limit(request): |
| 187 | 217 |
if request.method == "GET": |
| 188 | 218 |
form = ThenPlainForm() |
| ... | ... | |
| 204 | 234 |
context_instance=RequestContext(request)) |
| 205 | 235 |
|
| 206 | 236 |
@login_required |
| 237 |
@never_cache |
|
| 207 | 238 |
def add_port(request): |
| 208 | 239 |
if request.method == "GET": |
| 209 | 240 |
form = PortPlainForm() |
| ... | ... | |
| 223 | 254 |
context_instance=RequestContext(request)) |
| 224 | 255 |
|
| 225 | 256 |
@login_required |
| 257 |
@never_cache |
|
| 226 | 258 |
def user_logout(request): |
| 227 | 259 |
return HttpResponseRedirect(settings.SHIB_LOGOUT_URL) |
| 228 | 260 |
|
Also available in: Unified diff