Revision 6a946adf flowspec/views.py
b/flowspec/views.py | ||
---|---|---|
27 | 27 |
|
28 | 28 |
from copy import deepcopy |
29 | 29 |
from flowspy.utils.decorators import shib_required |
30 |
import datetime |
|
30 | 31 |
|
31 |
def days_offset(): return datetime.now() + timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
|
32 |
from django.views.decorators.cache import never_cache |
|
33 |
from django.conf import settings |
|
34 |
|
|
35 |
|
|
36 |
def days_offset(): return datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
|
32 | 37 |
|
33 | 38 |
@login_required |
34 | 39 |
def user_routes(request): |
... | ... | |
37 | 42 |
context_instance=RequestContext(request)) |
38 | 43 |
|
39 | 44 |
@login_required |
45 |
@never_cache |
|
40 | 46 |
def group_routes(request): |
41 | 47 |
group_routes = [] |
42 | 48 |
peer = request.user.get_profile().peer |
... | ... | |
49 | 55 |
|
50 | 56 |
|
51 | 57 |
@login_required |
58 |
@never_cache |
|
52 | 59 |
def add_route(request): |
53 | 60 |
applier = request.user.pk |
61 |
applier_peer_networks = request.user.get_profile().peer.networks.all() |
|
62 |
if not applier_peer_networks: |
|
63 |
messages.add_message(request, messages.WARNING, |
|
64 |
"Insufficient rights on administrative networks. Cannot add route. Contact your administrator") |
|
65 |
return HttpResponseRedirect(reverse("group-routes")) |
|
54 | 66 |
if request.method == "GET": |
55 | 67 |
form = RouteForm() |
56 | 68 |
return render_to_response('apply.html', {'form': form, 'applier': applier}, |
... | ... | |
72 | 84 |
context_instance=RequestContext(request)) |
73 | 85 |
|
74 | 86 |
@login_required |
87 |
@never_cache |
|
75 | 88 |
def add_then(request): |
76 | 89 |
applier = request.user.pk |
77 | 90 |
if request.method == "GET": |
... | ... | |
94 | 107 |
context_instance=RequestContext(request)) |
95 | 108 |
|
96 | 109 |
@login_required |
110 |
@never_cache |
|
97 | 111 |
def edit_route(request, route_slug): |
98 | 112 |
applier = request.user.pk |
99 | 113 |
applier_peer = request.user.get_profile().peer |
... | ... | |
127 | 141 |
context_instance=RequestContext(request)) |
128 | 142 |
|
129 | 143 |
@login_required |
144 |
@never_cache |
|
130 | 145 |
def delete_route(request, route_slug): |
131 | 146 |
if request.is_ajax(): |
132 | 147 |
route = get_object_or_404(Route, name=route_slug) |
133 | 148 |
applier_peer = route.applier.get_profile().peer |
134 | 149 |
requester_peer = request.user.get_profile().peer |
135 | 150 |
if applier_peer == requester_peer: |
136 |
route.deactivate()
|
|
151 |
route.status = "PENDING"
|
|
137 | 152 |
route.commit_delete() |
138 | 153 |
html = "<html><body>Done</body></html>" |
139 | 154 |
return HttpResponse(html) |
... | ... | |
141 | 156 |
return HttpResponseRedirect(reverse("group-routes")) |
142 | 157 |
|
143 | 158 |
@login_required |
159 |
@never_cache |
|
144 | 160 |
def user_profile(request): |
145 | 161 |
user = request.user |
146 | 162 |
peer = request.user.get_profile().peer |
... | ... | |
148 | 164 |
return render_to_response('profile.html', {'user': user, 'peer':peer}, |
149 | 165 |
context_instance=RequestContext(request)) |
150 | 166 |
|
151 |
|
|
167 |
@never_cache |
|
152 | 168 |
def user_login(request): |
153 | 169 |
try: |
154 | 170 |
error_username = None |
155 | 171 |
error_orgname = None |
172 |
error_affiliation = None |
|
173 |
error = '' |
|
156 | 174 |
username = request.META['HTTP_EPPN'] |
157 | 175 |
if not username: |
158 | 176 |
error_username = True |
... | ... | |
160 | 178 |
lastname = request.META['HTTP_SHIB_PERSON_SURNAME'] |
161 | 179 |
mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL'] |
162 | 180 |
organization = request.META['HTTP_SHIB_HOMEORGANIZATION'] |
181 |
affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT'] |
|
182 |
match = re.compile(settings.SHIB_AUTH_AFFILIATION) |
|
183 |
has_affiliation = match.search(affiliation) |
|
184 |
if not has_affiliation: |
|
185 |
error_affiliation = True |
|
163 | 186 |
if not organization: |
164 | 187 |
error_orgname = True |
165 |
|
|
166 |
if error_orgname or error_username: |
|
167 |
error = "Your idP should release the HTTP_EPPN, HTTP_SHIB_HOMEORGANIZATION attributes towards this service" |
|
188 |
if error_username: |
|
189 |
error = "Your idP should release the HTTP_EPPN attribute towards this service\n" |
|
190 |
if error_orgname: |
|
191 |
error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service\n" |
|
192 |
if error_affiliation: |
|
193 |
error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service" |
|
194 |
if error_username or error_orgname or error_affiliation: |
|
168 | 195 |
return render_to_response('error.html', {'error': error,}, |
169 | 196 |
context_instance=RequestContext(request)) |
170 |
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=None)
|
|
197 |
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation) |
|
171 | 198 |
if user is not None: |
172 | 199 |
login(request, user) |
173 | 200 |
return HttpResponseRedirect(reverse("group-routes")) |
174 | 201 |
# Redirect to a success page. |
175 | 202 |
# Return a 'disabled account' error message |
176 | 203 |
else: |
177 |
html = "<html><body>Invalid User</body></html>" |
|
178 |
return HttpResponse(html) |
|
204 |
error = "Something went wrong during user authentication. Contact your administrator" |
|
205 |
return render_to_response('error.html', {'error': error,}, |
|
206 |
context_instance=RequestContext(request)) |
|
179 | 207 |
except Exception as e: |
180 |
html = "<html><body>Invalid Login Procedure %s </body></html>" %e |
|
181 |
return HttpResponse(html) |
|
208 |
error = "Invalid login procedure" |
|
209 |
return render_to_response('error.html', {'error': error,}, |
|
210 |
context_instance=RequestContext(request)) |
|
182 | 211 |
# Return an 'invalid login' error message. |
183 | 212 |
# return HttpResponseRedirect(reverse("user-routes")) |
184 | 213 |
|
185 | 214 |
@login_required |
215 |
@never_cache |
|
186 | 216 |
def add_rate_limit(request): |
187 | 217 |
if request.method == "GET": |
188 | 218 |
form = ThenPlainForm() |
... | ... | |
204 | 234 |
context_instance=RequestContext(request)) |
205 | 235 |
|
206 | 236 |
@login_required |
237 |
@never_cache |
|
207 | 238 |
def add_port(request): |
208 | 239 |
if request.method == "GET": |
209 | 240 |
form = PortPlainForm() |
... | ... | |
223 | 254 |
context_instance=RequestContext(request)) |
224 | 255 |
|
225 | 256 |
@login_required |
257 |
@never_cache |
|
226 | 258 |
def user_logout(request): |
227 | 259 |
return HttpResponseRedirect(settings.SHIB_LOGOUT_URL) |
228 | 260 |
|
Also available in: Unified diff