root / flowspec / views.py @ 7ae0e0ec
History | View | Annotate | Download (29.5 kB)
1 | 9f54980a | Leonidas Poulopoulos | # -*- coding: utf-8 -*- vim:fileencoding=utf-8:
|
---|---|---|---|
2 | afe2813b | Leonidas Poulopoulos | # vim: tabstop=4:shiftwidth=4:softtabstop=4:expandtab
|
3 | afe2813b | Leonidas Poulopoulos | |
4 | 0492a5b5 | Leonidas Poulopoulos | # Copyright (C) 2010-2014 GRNET S.A.
|
5 | 0492a5b5 | Leonidas Poulopoulos | #
|
6 | 0492a5b5 | Leonidas Poulopoulos | # This program is free software: you can redistribute it and/or modify
|
7 | 0492a5b5 | Leonidas Poulopoulos | # it under the terms of the GNU General Public License as published by
|
8 | 0492a5b5 | Leonidas Poulopoulos | # the Free Software Foundation, either version 3 of the License, or
|
9 | 0492a5b5 | Leonidas Poulopoulos | # (at your option) any later version.
|
10 | 0492a5b5 | Leonidas Poulopoulos | #
|
11 | 0492a5b5 | Leonidas Poulopoulos | # This program is distributed in the hope that it will be useful,
|
12 | 0492a5b5 | Leonidas Poulopoulos | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
13 | 0492a5b5 | Leonidas Poulopoulos | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
14 | 0492a5b5 | Leonidas Poulopoulos | # GNU General Public License for more details.
|
15 | 0492a5b5 | Leonidas Poulopoulos | #
|
16 | 0492a5b5 | Leonidas Poulopoulos | # You should have received a copy of the GNU General Public License
|
17 | 0492a5b5 | Leonidas Poulopoulos | # along with this program. If not, see <http://www.gnu.org/licenses/>.
|
18 | 0492a5b5 | Leonidas Poulopoulos | #
|
19 | afe2813b | Leonidas Poulopoulos | |
20 | 357d48dc | Leonidas Poulopoulos | import urllib2 |
21 | 357d48dc | Leonidas Poulopoulos | import socket |
22 | 97e42c7d | Leonidas Poulopoulos | import json |
23 | 357d48dc | Leonidas Poulopoulos | from django import forms |
24 | 357d48dc | Leonidas Poulopoulos | from django.views.decorators.csrf import csrf_exempt |
25 | 9cad4715 | Leonidas Poulopoulos | from django.core import urlresolvers |
26 | 97e42c7d | Leonidas Poulopoulos | from django.core import serializers |
27 | 357d48dc | Leonidas Poulopoulos | from django.contrib.auth.decorators import login_required |
28 | 34cff057 | Leonidas Poulopoulos | from django.contrib.auth import logout |
29 | 357e5b54 | Leonidas Poulopoulos | from django.contrib.sites.models import Site |
30 | 357e5b54 | Leonidas Poulopoulos | from django.contrib.auth.models import User |
31 | 357d48dc | Leonidas Poulopoulos | from django.http import HttpResponseRedirect, HttpResponseForbidden, HttpResponse |
32 | 357d48dc | Leonidas Poulopoulos | from django.shortcuts import get_object_or_404, render_to_response |
33 | 357d48dc | Leonidas Poulopoulos | from django.core.context_processors import request |
34 | 357d48dc | Leonidas Poulopoulos | from django.template.context import RequestContext |
35 | fd3870ee | Leonidas Poulopoulos | from django.template.loader import get_template, render_to_string |
36 | ab02d61c | Leonidas Poulopoulos | from django.utils.translation import ugettext as _ |
37 | 357d48dc | Leonidas Poulopoulos | from django.core.urlresolvers import reverse |
38 | 357d48dc | Leonidas Poulopoulos | from django.contrib import messages |
39 | afe2813b | Leonidas Poulopoulos | from accounts.models import * |
40 | c6c0a85f | Leonidas Poulopoulos | from ipaddr import * |
41 | 357d48dc | Leonidas Poulopoulos | |
42 | 97e42c7d | Leonidas Poulopoulos | from django.contrib.auth import authenticate, login |
43 | 97e42c7d | Leonidas Poulopoulos | |
44 | 3e99e2d1 | Leonidas Poulopoulos | from django.forms.models import model_to_dict |
45 | 3e99e2d1 | Leonidas Poulopoulos | |
46 | 7ae0e0ec | Stauros Kroustouris | from flowspec.forms import * |
47 | afe2813b | Leonidas Poulopoulos | from flowspec.models import * |
48 | afe2813b | Leonidas Poulopoulos | from peers.models import * |
49 | b969de46 | Leonidas Poulopoulos | |
50 | 357e5b54 | Leonidas Poulopoulos | from registration.models import RegistrationProfile |
51 | 357d48dc | Leonidas Poulopoulos | |
52 | 3e99e2d1 | Leonidas Poulopoulos | from copy import deepcopy |
53 | afe2813b | Leonidas Poulopoulos | from utils.decorators import shib_required |
54 | 3e99e2d1 | Leonidas Poulopoulos | |
55 | 6a946adf | Leonidas Poulopoulos | from django.views.decorators.cache import never_cache |
56 | 6a946adf | Leonidas Poulopoulos | from django.conf import settings |
57 | fdb1f9ec | Leonidas Poulopoulos | from django.core.mail.message import EmailMessage |
58 | 4b9e3e40 | Leonidas Poulopoulos | from django.template.defaultfilters import slugify |
59 | fdc3d663 | Leonidas Poulopoulos | import datetime |
60 | 57de574d | Leonidas Poulopoulos | import os |
61 | 57de574d | Leonidas Poulopoulos | |
62 | b4401a0c | Leonidas Poulopoulos | LOG_FILENAME = os.path.join(settings.LOG_FILE_LOCATION, 'celery_jobs.log')
|
63 | 57de574d | Leonidas Poulopoulos | #FORMAT = '%(asctime)s %(levelname)s: %(message)s'
|
64 | 57de574d | Leonidas Poulopoulos | #logging.basicConfig(format=FORMAT)
|
65 | cb0e212e | Leonidas Poulopoulos | formatter = logging.Formatter('%(asctime)s %(levelname)s %(clientip)s %(user)s: %(message)s')
|
66 | 57de574d | Leonidas Poulopoulos | |
67 | 57de574d | Leonidas Poulopoulos | logger = logging.getLogger(__name__) |
68 | 57de574d | Leonidas Poulopoulos | logger.setLevel(logging.DEBUG) |
69 | 57de574d | Leonidas Poulopoulos | handler = logging.FileHandler(LOG_FILENAME) |
70 | 57de574d | Leonidas Poulopoulos | handler.setFormatter(formatter) |
71 | 57de574d | Leonidas Poulopoulos | logger.addHandler(handler) |
72 | 57de574d | Leonidas Poulopoulos | |
73 | 3e99e2d1 | Leonidas Poulopoulos | @login_required
|
74 | 357d48dc | Leonidas Poulopoulos | def user_routes(request): |
75 | 357d48dc | Leonidas Poulopoulos | user_routes = Route.objects.filter(applier=request.user) |
76 | 357d48dc | Leonidas Poulopoulos | return render_to_response('user_routes.html', {'routes': user_routes}, |
77 | 357d48dc | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
78 | 357d48dc | Leonidas Poulopoulos | |
79 | 049a5a10 | Leonidas Poulopoulos | def welcome(request): |
80 | 049a5a10 | Leonidas Poulopoulos | return render_to_response('welcome.html', context_instance=RequestContext(request)) |
81 | 049a5a10 | Leonidas Poulopoulos | |
82 | 3e99e2d1 | Leonidas Poulopoulos | @login_required
|
83 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
84 | f5cd0730 | Leonidas Poulopoulos | def dashboard(request): |
85 | f5cd0730 | Leonidas Poulopoulos | group_routes = [] |
86 | f5cd0730 | Leonidas Poulopoulos | try:
|
87 | f5cd0730 | Leonidas Poulopoulos | peer = request.user.get_profile().peer |
88 | f5cd0730 | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
89 | f5cd0730 | Leonidas Poulopoulos | error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % request.user.username
|
90 | f5cd0730 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) |
91 | f5cd0730 | Leonidas Poulopoulos | if peer:
|
92 | f5cd0730 | Leonidas Poulopoulos | peer_members = UserProfile.objects.filter(peer=peer) |
93 | f5cd0730 | Leonidas Poulopoulos | users = [prof.user for prof in peer_members] |
94 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.filter(applier__in=users).order_by('-expires')[:10] |
95 | f5cd0730 | Leonidas Poulopoulos | if request.user.is_superuser:
|
96 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.all().order_by('-expires')[:10] |
97 | f5cd0730 | Leonidas Poulopoulos | return render_to_response('dashboard.html', {'routes': group_routes}, |
98 | f5cd0730 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
99 | f5cd0730 | Leonidas Poulopoulos | |
100 | f5cd0730 | Leonidas Poulopoulos | @login_required
|
101 | f5cd0730 | Leonidas Poulopoulos | @never_cache
|
102 | 6ee21ffd | Leonidas Poulopoulos | def group_routes(request): |
103 | d60db93b | Leonidas Poulopoulos | try:
|
104 | d60db93b | Leonidas Poulopoulos | peer = request.user.get_profile().peer |
105 | d60db93b | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
106 | d60db93b | Leonidas Poulopoulos | error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % request.user.username
|
107 | 284406c4 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) |
108 | e010a831 | Leonidas Poulopoulos | return render_to_response('user_routes.html', context_instance=RequestContext(request)) |
109 | 6ee21ffd | Leonidas Poulopoulos | |
110 | f5cd0730 | Leonidas Poulopoulos | @login_required
|
111 | f5cd0730 | Leonidas Poulopoulos | @never_cache
|
112 | f5cd0730 | Leonidas Poulopoulos | def group_routes_ajax(request): |
113 | f5cd0730 | Leonidas Poulopoulos | group_routes = [] |
114 | f5cd0730 | Leonidas Poulopoulos | try:
|
115 | f5cd0730 | Leonidas Poulopoulos | peer = request.user.get_profile().peer |
116 | f5cd0730 | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
117 | f5cd0730 | Leonidas Poulopoulos | error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % request.user.username
|
118 | f5cd0730 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) |
119 | f5cd0730 | Leonidas Poulopoulos | if peer:
|
120 | f5cd0730 | Leonidas Poulopoulos | peer_members = UserProfile.objects.filter(peer=peer) |
121 | f5cd0730 | Leonidas Poulopoulos | users = [prof.user for prof in peer_members] |
122 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.filter(applier__in=users) |
123 | f5cd0730 | Leonidas Poulopoulos | if request.user.is_superuser:
|
124 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.all() |
125 | f5cd0730 | Leonidas Poulopoulos | jresp = {} |
126 | f5cd0730 | Leonidas Poulopoulos | routes = build_routes_json(group_routes) |
127 | f5cd0730 | Leonidas Poulopoulos | jresp['aaData'] = routes
|
128 | 7ae0e0ec | Stauros Kroustouris | return HttpResponse(json.dumps(jresp), mimetype='application/json') |
129 | f5cd0730 | Leonidas Poulopoulos | |
130 | f5cd0730 | Leonidas Poulopoulos | @login_required
|
131 | f5cd0730 | Leonidas Poulopoulos | @never_cache
|
132 | f5cd0730 | Leonidas Poulopoulos | def overview_routes_ajax(request): |
133 | f5cd0730 | Leonidas Poulopoulos | group_routes = [] |
134 | f5cd0730 | Leonidas Poulopoulos | try:
|
135 | f5cd0730 | Leonidas Poulopoulos | peer = request.user.get_profile().peer |
136 | f5cd0730 | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
137 | f5cd0730 | Leonidas Poulopoulos | error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % request.user.username
|
138 | f5cd0730 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) |
139 | f5cd0730 | Leonidas Poulopoulos | if peer:
|
140 | f5cd0730 | Leonidas Poulopoulos | peer_members = UserProfile.objects.filter(peer=peer) |
141 | f5cd0730 | Leonidas Poulopoulos | users = [prof.user for prof in peer_members] |
142 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.filter(applier__in=users) |
143 | f5cd0730 | Leonidas Poulopoulos | if request.user.is_superuser or request.user.has_perm('accounts.overview'): |
144 | f5cd0730 | Leonidas Poulopoulos | group_routes = Route.objects.all() |
145 | f5cd0730 | Leonidas Poulopoulos | jresp = {} |
146 | f5cd0730 | Leonidas Poulopoulos | routes = build_routes_json(group_routes) |
147 | f5cd0730 | Leonidas Poulopoulos | jresp['aaData'] = routes
|
148 | 7ae0e0ec | Stauros Kroustouris | return HttpResponse(json.dumps(jresp), mimetype='application/json') |
149 | f5cd0730 | Leonidas Poulopoulos | |
150 | f5cd0730 | Leonidas Poulopoulos | def build_routes_json(groutes): |
151 | f5cd0730 | Leonidas Poulopoulos | routes = [] |
152 | f5cd0730 | Leonidas Poulopoulos | for r in groutes: |
153 | f5cd0730 | Leonidas Poulopoulos | rd = {} |
154 | f5cd0730 | Leonidas Poulopoulos | rd['id'] = r.pk
|
155 | f5cd0730 | Leonidas Poulopoulos | rd['name'] = r.name
|
156 | 7ae0e0ec | Stauros Kroustouris | if not r.comments: |
157 | 7ae0e0ec | Stauros Kroustouris | rd['comments'] = 'Not Any' |
158 | 7ae0e0ec | Stauros Kroustouris | else:
|
159 | 7ae0e0ec | Stauros Kroustouris | rd['comments'] = r.comments
|
160 | f5cd0730 | Leonidas Poulopoulos | rd['match'] = r.get_match()
|
161 | f5cd0730 | Leonidas Poulopoulos | rd['then'] = r.get_then()
|
162 | f5cd0730 | Leonidas Poulopoulos | rd['status'] = r.status
|
163 | f5cd0730 | Leonidas Poulopoulos | rd['applier'] = r.applier.username
|
164 | e010a831 | Leonidas Poulopoulos | try:
|
165 | e010a831 | Leonidas Poulopoulos | rd['peer'] = r.applier.get_profile().peer.peer_name
|
166 | e010a831 | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
167 | e010a831 | Leonidas Poulopoulos | rd['peer'] = '' |
168 | f5cd0730 | Leonidas Poulopoulos | rd['expires'] = "%s" %r.expires |
169 | f5cd0730 | Leonidas Poulopoulos | rd['response'] = "%s" %r.response |
170 | f5cd0730 | Leonidas Poulopoulos | routes.append(rd) |
171 | f5cd0730 | Leonidas Poulopoulos | return routes
|
172 | 6ee21ffd | Leonidas Poulopoulos | |
173 | 6ee21ffd | Leonidas Poulopoulos | @login_required
|
174 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
175 | 9cad4715 | Leonidas Poulopoulos | def add_route(request): |
176 | 97e42c7d | Leonidas Poulopoulos | applier = request.user.pk |
177 | 6a946adf | Leonidas Poulopoulos | applier_peer_networks = request.user.get_profile().peer.networks.all() |
178 | f5cd0730 | Leonidas Poulopoulos | if request.user.is_superuser:
|
179 | f5cd0730 | Leonidas Poulopoulos | applier_peer_networks = PeerRange.objects.all() |
180 | 6a946adf | Leonidas Poulopoulos | if not applier_peer_networks: |
181 | 6a946adf | Leonidas Poulopoulos | messages.add_message(request, messages.WARNING, |
182 | ab02d61c | Leonidas Poulopoulos | _("Insufficient rights on administrative networks. Cannot add rule. Contact your administrator"))
|
183 | 6a946adf | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
184 | 9cad4715 | Leonidas Poulopoulos | if request.method == "GET": |
185 | 88a6afb7 | Leonidas Poulopoulos | form = RouteForm(initial={'applier': applier})
|
186 | 6d48c46c | Leonidas Poulopoulos | if not request.user.is_superuser: |
187 | 6d48c46c | Leonidas Poulopoulos | form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True) |
188 | b4e7dff4 | Leonidas Poulopoulos | form.fields['protocol'] = forms.ModelMultipleChoiceField(queryset=MatchProtocol.objects.filter(protocol__in=settings.UI_USER_PROTOCOLS).order_by('protocol'), required=False) |
189 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('apply.html', {'form': form, 'applier': applier}, |
190 | 9cad4715 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
191 | 9cad4715 | Leonidas Poulopoulos | |
192 | 9cad4715 | Leonidas Poulopoulos | else:
|
193 | 88a6afb7 | Leonidas Poulopoulos | request_data = request.POST.copy() |
194 | 88a6afb7 | Leonidas Poulopoulos | if request.user.is_superuser:
|
195 | 88a6afb7 | Leonidas Poulopoulos | request_data['issuperuser'] = request.user.username
|
196 | 88a6afb7 | Leonidas Poulopoulos | else:
|
197 | 94571d8d | Leonidas Poulopoulos | request_data['applier'] = applier
|
198 | 88a6afb7 | Leonidas Poulopoulos | try:
|
199 | 88a6afb7 | Leonidas Poulopoulos | del requset_data['issuperuser'] |
200 | 88a6afb7 | Leonidas Poulopoulos | except:
|
201 | 88a6afb7 | Leonidas Poulopoulos | pass
|
202 | 88a6afb7 | Leonidas Poulopoulos | form = RouteForm(request_data) |
203 | 9cad4715 | Leonidas Poulopoulos | if form.is_valid():
|
204 | 9cad4715 | Leonidas Poulopoulos | route=form.save(commit=False)
|
205 | 88a6afb7 | Leonidas Poulopoulos | if not request.user.is_superuser: |
206 | 88a6afb7 | Leonidas Poulopoulos | route.applier = request.user |
207 | 97e42c7d | Leonidas Poulopoulos | route.status = "PENDING"
|
208 | b17c9716 | Leonidas Poulopoulos | route.response = "Applying"
|
209 | c6c0a85f | Leonidas Poulopoulos | route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
|
210 | c6c0a85f | Leonidas Poulopoulos | route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
|
211 | 9cad4715 | Leonidas Poulopoulos | route.save() |
212 | 9cad4715 | Leonidas Poulopoulos | form.save_m2m() |
213 | 9cad4715 | Leonidas Poulopoulos | route.commit_add() |
214 | cb0e212e | Leonidas Poulopoulos | requesters_address = request.META['HTTP_X_FORWARDED_FOR']
|
215 | 370ce61c | Leonidas Poulopoulos | fqdn = Site.objects.get_current().domain |
216 | e010a831 | Leonidas Poulopoulos | admin_url = "https://%s%s" % (fqdn, reverse("edit-route", kwargs={'route_slug': route.name })) |
217 | 370ce61c | Leonidas Poulopoulos | mail_body = render_to_string("rule_action.txt",
|
218 | 370ce61c | Leonidas Poulopoulos | {"route": route, "address": requesters_address, "action": "creation", "url": admin_url}) |
219 | fdb1f9ec | Leonidas Poulopoulos | user_mail = "%s" %route.applier.email
|
220 | fdb1f9ec | Leonidas Poulopoulos | user_mail = user_mail.split(';')
|
221 | fdb1f9ec | Leonidas Poulopoulos | send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s creation request submitted by %s" %(route.name, route.applier.username),
|
222 | fdb1f9ec | Leonidas Poulopoulos | mail_body, settings.SERVER_EMAIL, user_mail, |
223 | fdb1f9ec | Leonidas Poulopoulos | get_peer_techc_mails(route.applier)) |
224 | cb0e212e | Leonidas Poulopoulos | d = { 'clientip' : "%s"%requesters_address, 'user' : route.applier.username } |
225 | cb0e212e | Leonidas Poulopoulos | logger.info(mail_body, extra=d) |
226 | 97e42c7d | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
227 | 9cad4715 | Leonidas Poulopoulos | else:
|
228 | 88a6afb7 | Leonidas Poulopoulos | if not request.user.is_superuser: |
229 | 88a6afb7 | Leonidas Poulopoulos | form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True) |
230 | 88a6afb7 | Leonidas Poulopoulos | form.fields['protocol'] = forms.ModelMultipleChoiceField(queryset=MatchProtocol.objects.filter(protocol__in=settings.UI_USER_PROTOCOLS).order_by('protocol'), required=False) |
231 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('apply.html', {'form': form, 'applier':applier}, |
232 | 9cad4715 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
233 | 97e42c7d | Leonidas Poulopoulos | |
234 | 97e42c7d | Leonidas Poulopoulos | @login_required
|
235 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
236 | 3e99e2d1 | Leonidas Poulopoulos | def edit_route(request, route_slug): |
237 | 97e42c7d | Leonidas Poulopoulos | applier = request.user.pk |
238 | 5141cf4a | Leonidas Poulopoulos | applier_peer = request.user.get_profile().peer |
239 | 3e99e2d1 | Leonidas Poulopoulos | route_edit = get_object_or_404(Route, name=route_slug) |
240 | 5141cf4a | Leonidas Poulopoulos | route_edit_applier_peer = route_edit.applier.get_profile().peer |
241 | 88a6afb7 | Leonidas Poulopoulos | if applier_peer != route_edit_applier_peer and (not request.user.is_superuser): |
242 | 5141cf4a | Leonidas Poulopoulos | messages.add_message(request, messages.WARNING, |
243 | ab02d61c | Leonidas Poulopoulos | _("Insufficient rights to edit rule %s") %(route_slug))
|
244 | 5141cf4a | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
245 | 2e52e8a5 | Leonidas Poulopoulos | # if route_edit.status == "ADMININACTIVE" :
|
246 | 2e52e8a5 | Leonidas Poulopoulos | # messages.add_message(request, messages.WARNING,
|
247 | 2e52e8a5 | Leonidas Poulopoulos | # "Administrator has disabled editing of rule %s" %(route_slug))
|
248 | 2e52e8a5 | Leonidas Poulopoulos | # return HttpResponseRedirect(reverse("group-routes"))
|
249 | 2e52e8a5 | Leonidas Poulopoulos | # if route_edit.status == "EXPIRED" :
|
250 | 2e52e8a5 | Leonidas Poulopoulos | # messages.add_message(request, messages.WARNING,
|
251 | 2e52e8a5 | Leonidas Poulopoulos | # "Cannot edit the expired rule %s. Contact helpdesk to enable it" %(route_slug))
|
252 | 2e52e8a5 | Leonidas Poulopoulos | # return HttpResponseRedirect(reverse("group-routes"))
|
253 | fd3870ee | Leonidas Poulopoulos | if route_edit.status == "PENDING" : |
254 | fd3870ee | Leonidas Poulopoulos | messages.add_message(request, messages.WARNING, |
255 | ab02d61c | Leonidas Poulopoulos | _("Cannot edit a pending rule: %s.") %(route_slug))
|
256 | fd3870ee | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
257 | 3e99e2d1 | Leonidas Poulopoulos | route_original = deepcopy(route_edit) |
258 | 3e99e2d1 | Leonidas Poulopoulos | if request.POST:
|
259 | 88a6afb7 | Leonidas Poulopoulos | request_data = request.POST.copy() |
260 | 88a6afb7 | Leonidas Poulopoulos | if request.user.is_superuser:
|
261 | 88a6afb7 | Leonidas Poulopoulos | request_data['issuperuser'] = request.user.username
|
262 | 88a6afb7 | Leonidas Poulopoulos | else:
|
263 | 94571d8d | Leonidas Poulopoulos | request_data['applier'] = applier
|
264 | 88a6afb7 | Leonidas Poulopoulos | try:
|
265 | 88a6afb7 | Leonidas Poulopoulos | del request_data['issuperuser'] |
266 | 88a6afb7 | Leonidas Poulopoulos | except:
|
267 | 88a6afb7 | Leonidas Poulopoulos | pass
|
268 | 88a6afb7 | Leonidas Poulopoulos | form = RouteForm(request_data, instance = route_edit) |
269 | a6e30e87 | Leonidas Poulopoulos | critical_changed_values = ['source', 'destination', 'sourceport', 'destinationport', 'port', 'protocol', 'then', 'fragmenttype'] |
270 | 3e99e2d1 | Leonidas Poulopoulos | if form.is_valid():
|
271 | 3d81901c | Leonidas Poulopoulos | changed_data = form.changed_data |
272 | 3e99e2d1 | Leonidas Poulopoulos | route=form.save(commit=False)
|
273 | 3e99e2d1 | Leonidas Poulopoulos | route.name = route_original.name |
274 | 3d81901c | Leonidas Poulopoulos | route.status = route_original.status |
275 | 3d81901c | Leonidas Poulopoulos | route.response = route_original.response |
276 | 88a6afb7 | Leonidas Poulopoulos | if not request.user.is_superuser: |
277 | 88a6afb7 | Leonidas Poulopoulos | route.applier = request.user |
278 | 3d81901c | Leonidas Poulopoulos | if bool(set(changed_data) & set(critical_changed_values)) or (not route_original.status == 'ACTIVE'): |
279 | 3d81901c | Leonidas Poulopoulos | route.status = "PENDING"
|
280 | b17c9716 | Leonidas Poulopoulos | route.response = "Applying"
|
281 | 3d81901c | Leonidas Poulopoulos | route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
|
282 | 3d81901c | Leonidas Poulopoulos | route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
|
283 | 3e99e2d1 | Leonidas Poulopoulos | route.save() |
284 | 3d81901c | Leonidas Poulopoulos | if bool(set(changed_data) & set(critical_changed_values)) or (not route_original.status == 'ACTIVE'): |
285 | 3d81901c | Leonidas Poulopoulos | form.save_m2m() |
286 | 3d81901c | Leonidas Poulopoulos | route.commit_edit() |
287 | 3d81901c | Leonidas Poulopoulos | requesters_address = request.META['HTTP_X_FORWARDED_FOR']
|
288 | 370ce61c | Leonidas Poulopoulos | fqdn = Site.objects.get_current().domain |
289 | e010a831 | Leonidas Poulopoulos | admin_url = "https://%s%s" % (fqdn, reverse("edit-route", kwargs={'route_slug': route.name })) |
290 | 370ce61c | Leonidas Poulopoulos | mail_body = render_to_string("rule_action.txt",
|
291 | 370ce61c | Leonidas Poulopoulos | {"route": route, "address": requesters_address, "action": "edit", "url": admin_url}) |
292 | 3d81901c | Leonidas Poulopoulos | user_mail = "%s" %route.applier.email
|
293 | 3d81901c | Leonidas Poulopoulos | user_mail = user_mail.split(';')
|
294 | 3d81901c | Leonidas Poulopoulos | send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s edit request submitted by %s" %(route.name, route.applier.username),
|
295 | fdb1f9ec | Leonidas Poulopoulos | mail_body, settings.SERVER_EMAIL, user_mail, |
296 | fdb1f9ec | Leonidas Poulopoulos | get_peer_techc_mails(route.applier)) |
297 | 3d81901c | Leonidas Poulopoulos | d = { 'clientip' : requesters_address, 'user' : route.applier.username } |
298 | 3d81901c | Leonidas Poulopoulos | logger.info(mail_body, extra=d) |
299 | 97e42c7d | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
300 | 3e99e2d1 | Leonidas Poulopoulos | else:
|
301 | 88a6afb7 | Leonidas Poulopoulos | if not request.user.is_superuser: |
302 | 88a6afb7 | Leonidas Poulopoulos | form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True) |
303 | 88a6afb7 | Leonidas Poulopoulos | form.fields['protocol'] = forms.ModelMultipleChoiceField(queryset=MatchProtocol.objects.filter(protocol__in=settings.UI_USER_PROTOCOLS).order_by('protocol'), required=False) |
304 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier}, |
305 | 3e99e2d1 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
306 | 3e99e2d1 | Leonidas Poulopoulos | else:
|
307 | 88a6afb7 | Leonidas Poulopoulos | if (not route_original.status == 'ACTIVE'): |
308 | 88a6afb7 | Leonidas Poulopoulos | route_edit.expires = datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET) |
309 | 3e99e2d1 | Leonidas Poulopoulos | dictionary = model_to_dict(route_edit, fields=[], exclude=[]) |
310 | 88a6afb7 | Leonidas Poulopoulos | if request.user.is_superuser:
|
311 | 88a6afb7 | Leonidas Poulopoulos | dictionary['issuperuser'] = request.user.username
|
312 | 88a6afb7 | Leonidas Poulopoulos | else:
|
313 | 88a6afb7 | Leonidas Poulopoulos | try:
|
314 | 88a6afb7 | Leonidas Poulopoulos | del dictionary['issuperuser'] |
315 | 88a6afb7 | Leonidas Poulopoulos | except:
|
316 | 88a6afb7 | Leonidas Poulopoulos | pass
|
317 | 3e99e2d1 | Leonidas Poulopoulos | form = RouteForm(dictionary) |
318 | 6d48c46c | Leonidas Poulopoulos | if not request.user.is_superuser: |
319 | 6d48c46c | Leonidas Poulopoulos | form.fields['then'] = forms.ModelMultipleChoiceField(queryset=ThenAction.objects.filter(action__in=settings.UI_USER_THEN_ACTIONS).order_by('action'), required=True) |
320 | b4e7dff4 | Leonidas Poulopoulos | form.fields['protocol'] = forms.ModelMultipleChoiceField(queryset=MatchProtocol.objects.filter(protocol__in=settings.UI_USER_PROTOCOLS).order_by('protocol'), required=False) |
321 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('apply.html', {'form': form, 'edit':True, 'applier': applier}, |
322 | 3e99e2d1 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
323 | 3e99e2d1 | Leonidas Poulopoulos | |
324 | 3e99e2d1 | Leonidas Poulopoulos | @login_required
|
325 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
326 | 3e99e2d1 | Leonidas Poulopoulos | def delete_route(request, route_slug): |
327 | 3e99e2d1 | Leonidas Poulopoulos | if request.is_ajax():
|
328 | 3e99e2d1 | Leonidas Poulopoulos | route = get_object_or_404(Route, name=route_slug) |
329 | 97e42c7d | Leonidas Poulopoulos | applier_peer = route.applier.get_profile().peer |
330 | 97e42c7d | Leonidas Poulopoulos | requester_peer = request.user.get_profile().peer |
331 | 88a6afb7 | Leonidas Poulopoulos | if applier_peer == requester_peer or request.user.is_superuser: |
332 | 6a946adf | Leonidas Poulopoulos | route.status = "PENDING"
|
333 | fdc3d663 | Leonidas Poulopoulos | route.expires = datetime.date.today() |
334 | 88a6afb7 | Leonidas Poulopoulos | if not request.user.is_superuser: |
335 | 88a6afb7 | Leonidas Poulopoulos | route.applier = request.user |
336 | a6e30e87 | Leonidas Poulopoulos | route.response = "Deactivating"
|
337 | 22752ac0 | Leonidas Poulopoulos | route.save() |
338 | 3e99e2d1 | Leonidas Poulopoulos | route.commit_delete() |
339 | cb0e212e | Leonidas Poulopoulos | requesters_address = request.META['HTTP_X_FORWARDED_FOR']
|
340 | 370ce61c | Leonidas Poulopoulos | fqdn = Site.objects.get_current().domain |
341 | e010a831 | Leonidas Poulopoulos | admin_url = "https://%s%s" % (fqdn, reverse("edit-route", kwargs={'route_slug': route.name })) |
342 | 370ce61c | Leonidas Poulopoulos | mail_body = render_to_string("rule_action.txt",
|
343 | 370ce61c | Leonidas Poulopoulos | {"route": route, "address": requesters_address, "action": "removal", "url": admin_url}) |
344 | fdb1f9ec | Leonidas Poulopoulos | user_mail = "%s" %route.applier.email
|
345 | fdb1f9ec | Leonidas Poulopoulos | user_mail = user_mail.split(';')
|
346 | 7ae0e0ec | Stauros Kroustouris | send_new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s removal request submitted by %s" %(route.name, route.applier.username),
|
347 | fdb1f9ec | Leonidas Poulopoulos | mail_body, settings.SERVER_EMAIL, user_mail, |
348 | fdb1f9ec | Leonidas Poulopoulos | get_peer_techc_mails(route.applier)) |
349 | cb0e212e | Leonidas Poulopoulos | d = { 'clientip' : requesters_address, 'user' : route.applier.username } |
350 | 88a6afb7 | Leonidas Poulopoulos | logger.info(mail_body, extra=d) |
351 | 97e42c7d | Leonidas Poulopoulos | html = "<html><body>Done</body></html>"
|
352 | 97e42c7d | Leonidas Poulopoulos | return HttpResponse(html)
|
353 | 97e42c7d | Leonidas Poulopoulos | else:
|
354 | 97e42c7d | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("group-routes")) |
355 | 97e42c7d | Leonidas Poulopoulos | |
356 | 97e42c7d | Leonidas Poulopoulos | @login_required
|
357 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
358 | 97e42c7d | Leonidas Poulopoulos | def user_profile(request): |
359 | 97e42c7d | Leonidas Poulopoulos | user = request.user |
360 | d60db93b | Leonidas Poulopoulos | try:
|
361 | d60db93b | Leonidas Poulopoulos | peer = request.user.get_profile().peer |
362 | 3d81901c | Leonidas Poulopoulos | peers = Peer.objects.filter(pk=peer.pk) |
363 | 3d81901c | Leonidas Poulopoulos | if user.is_superuser:
|
364 | 3d81901c | Leonidas Poulopoulos | peers = Peer.objects.all() |
365 | d60db93b | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
366 | d60db93b | Leonidas Poulopoulos | error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % user.username
|
367 | 284406c4 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) |
368 | 3d81901c | Leonidas Poulopoulos | return render_to_response('profile.html', {'user': user, 'peers':peers}, |
369 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
370 | 97e42c7d | Leonidas Poulopoulos | |
371 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
372 | 97e42c7d | Leonidas Poulopoulos | def user_login(request): |
373 | 97e42c7d | Leonidas Poulopoulos | try:
|
374 | 26d25791 | Leonidas Poulopoulos | error_username = False
|
375 | 26d25791 | Leonidas Poulopoulos | error_orgname = False
|
376 | b969de46 | Leonidas Poulopoulos | error_entitlement = False
|
377 | 26d25791 | Leonidas Poulopoulos | error_mail = False
|
378 | b969de46 | Leonidas Poulopoulos | has_entitlement = False
|
379 | 6a946adf | Leonidas Poulopoulos | error = ''
|
380 | 4b9e3e40 | Leonidas Poulopoulos | username = lookupShibAttr(settings.SHIB_USERNAME, request.META) |
381 | 97e42c7d | Leonidas Poulopoulos | if not username: |
382 | 97e42c7d | Leonidas Poulopoulos | error_username = True
|
383 | 7dc5bd0c | Leonidas Poulopoulos | firstname = lookupShibAttr(settings.SHIB_FIRSTNAME, request.META) |
384 | 7dc5bd0c | Leonidas Poulopoulos | lastname = lookupShibAttr(settings.SHIB_LASTNAME, request.META) |
385 | 7dc5bd0c | Leonidas Poulopoulos | mail = lookupShibAttr(settings.SHIB_MAIL, request.META) |
386 | 7dc5bd0c | Leonidas Poulopoulos | entitlement = lookupShibAttr(settings.SHIB_ENTITLEMENT, request.META) |
387 | 1698da77 | Leonidas Poulopoulos | #organization = request.META['HTTP_SHIB_HOMEORGANIZATION']
|
388 | 7ae0e0ec | Stauros Kroustouris | |
389 | b969de46 | Leonidas Poulopoulos | if settings.SHIB_AUTH_ENTITLEMENT in entitlement.split(";"): |
390 | b969de46 | Leonidas Poulopoulos | has_entitlement = True
|
391 | b969de46 | Leonidas Poulopoulos | if not has_entitlement: |
392 | b969de46 | Leonidas Poulopoulos | error_entitlement = True
|
393 | 1698da77 | Leonidas Poulopoulos | # if not organization:
|
394 | 1698da77 | Leonidas Poulopoulos | # error_orgname = True
|
395 | 26d25791 | Leonidas Poulopoulos | if not mail: |
396 | 26d25791 | Leonidas Poulopoulos | error_mail = True
|
397 | 6a946adf | Leonidas Poulopoulos | if error_username:
|
398 | ab02d61c | Leonidas Poulopoulos | error = _("Your idP should release the HTTP_EPPN attribute towards this service<br>")
|
399 | 1698da77 | Leonidas Poulopoulos | # if error_orgname:
|
400 | 1698da77 | Leonidas Poulopoulos | # error = error + _("Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service<br>")
|
401 | b969de46 | Leonidas Poulopoulos | if error_entitlement:
|
402 | ab02d61c | Leonidas Poulopoulos | error = error + _("Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service<br>")
|
403 | 26d25791 | Leonidas Poulopoulos | if error_mail:
|
404 | ab02d61c | Leonidas Poulopoulos | error = error + _("Your idP should release the HTTP_SHIB_INETORGPERSON_MAIL attribute towards this service")
|
405 | b969de46 | Leonidas Poulopoulos | if error_username or error_orgname or error_entitlement or error_mail: |
406 | f9634455 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error, "missing_attributes": True}, |
407 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
408 | 357e5b54 | Leonidas Poulopoulos | try:
|
409 | 4b9e3e40 | Leonidas Poulopoulos | if settings.SHIB_SLUGIFY_USERNAME:
|
410 | 4b9e3e40 | Leonidas Poulopoulos | username = slugify(username) |
411 | 357e5b54 | Leonidas Poulopoulos | user = User.objects.get(username__exact=username) |
412 | d60db93b | Leonidas Poulopoulos | user.email = mail |
413 | d60db93b | Leonidas Poulopoulos | user.first_name = firstname |
414 | d60db93b | Leonidas Poulopoulos | user.last_name = lastname |
415 | d60db93b | Leonidas Poulopoulos | user.save() |
416 | 357e5b54 | Leonidas Poulopoulos | user_exists = True
|
417 | 357e5b54 | Leonidas Poulopoulos | except:
|
418 | 357e5b54 | Leonidas Poulopoulos | user_exists = False
|
419 | d60db93b | Leonidas Poulopoulos | user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, authsource='shibboleth')
|
420 | 7ae0e0ec | Stauros Kroustouris | |
421 | 97e42c7d | Leonidas Poulopoulos | if user is not None: |
422 | b969de46 | Leonidas Poulopoulos | try:
|
423 | 1698da77 | Leonidas Poulopoulos | peer = user.get_profile().peer |
424 | 1698da77 | Leonidas Poulopoulos | # peer = Peer.objects.get(domain_name=organization)
|
425 | 1698da77 | Leonidas Poulopoulos | # up = UserProfile.objects.get_or_create(user=user,peer=peer)
|
426 | b969de46 | Leonidas Poulopoulos | except:
|
427 | 1698da77 | Leonidas Poulopoulos | form = UserProfileForm() |
428 | 1698da77 | Leonidas Poulopoulos | form.fields['user'] = forms.ModelChoiceField(queryset=User.objects.filter(pk=user.pk), empty_label=None) |
429 | 1698da77 | Leonidas Poulopoulos | form.fields['peer'] = forms.ModelChoiceField(queryset=Peer.objects.all(), empty_label=None) |
430 | 1698da77 | Leonidas Poulopoulos | return render_to_response('registration/select_institution.html', {'form': form}, context_instance=RequestContext(request)) |
431 | 357e5b54 | Leonidas Poulopoulos | if not user_exists: |
432 | 357e5b54 | Leonidas Poulopoulos | user_activation_notify(user) |
433 | 357e5b54 | Leonidas Poulopoulos | if user.is_active:
|
434 | 357e5b54 | Leonidas Poulopoulos | login(request, user) |
435 | f5cd0730 | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("dashboard")) |
436 | 357e5b54 | Leonidas Poulopoulos | else:
|
437 | ab02d61c | Leonidas Poulopoulos | error = _("User account <strong>%s</strong> is pending activation. Administrators have been notified and will activate this account within the next days. <br>If this account has remained inactive for a long time contact your technical coordinator or GRNET Helpdesk") %user.username
|
438 | 357e5b54 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error, 'inactive': True}, |
439 | 357e5b54 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
440 | 97e42c7d | Leonidas Poulopoulos | else:
|
441 | ab02d61c | Leonidas Poulopoulos | error = _("Something went wrong during user authentication. Contact your administrator")
|
442 | 6a946adf | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error,}, |
443 | 6a946adf | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
444 | 9f012dae | Leonidas Poulopoulos | except User.DoesNotExist as e: |
445 | 7dc5bd0c | Leonidas Poulopoulos | error = _("Invalid login procedure. Error: %s" %e)
|
446 | 6a946adf | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error,}, |
447 | 6a946adf | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
448 | 97e42c7d | Leonidas Poulopoulos | # Return an 'invalid login' error message.
|
449 | 97e42c7d | Leonidas Poulopoulos | # return HttpResponseRedirect(reverse("user-routes"))
|
450 | 97e42c7d | Leonidas Poulopoulos | |
451 | 357e5b54 | Leonidas Poulopoulos | def user_activation_notify(user): |
452 | 357e5b54 | Leonidas Poulopoulos | current_site = Site.objects.get_current() |
453 | 2b16c157 | Leonidas Poulopoulos | peer = user.get_profile().peer |
454 | 7ae0e0ec | Stauros Kroustouris | |
455 | 7ae0e0ec | Stauros Kroustouris | |
456 | 2b16c157 | Leonidas Poulopoulos | # Email subject *must not* contain newlines
|
457 | 2b16c157 | Leonidas Poulopoulos | # TechCs will be notified about new users.
|
458 | 2b16c157 | Leonidas Poulopoulos | # Platform admins will activate the users.
|
459 | 357e5b54 | Leonidas Poulopoulos | subject = render_to_string('registration/activation_email_subject.txt',
|
460 | 357e5b54 | Leonidas Poulopoulos | { 'site': current_site })
|
461 | 357e5b54 | Leonidas Poulopoulos | subject = ''.join(subject.splitlines())
|
462 | 357e5b54 | Leonidas Poulopoulos | registration_profile = RegistrationProfile.objects.create_profile(user) |
463 | 357e5b54 | Leonidas Poulopoulos | message = render_to_string('registration/activation_email.txt',
|
464 | 357e5b54 | Leonidas Poulopoulos | { 'activation_key': registration_profile.activation_key,
|
465 | 357e5b54 | Leonidas Poulopoulos | 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS,
|
466 | 357e5b54 | Leonidas Poulopoulos | 'site': current_site,
|
467 | 357e5b54 | Leonidas Poulopoulos | 'user': user })
|
468 | 2b16c157 | Leonidas Poulopoulos | if settings.NOTIFY_ADMIN_MAILS:
|
469 | 2b16c157 | Leonidas Poulopoulos | admin_mails = settings.NOTIFY_ADMIN_MAILS |
470 | 7ae0e0ec | Stauros Kroustouris | send_new_mail(settings.EMAIL_SUBJECT_PREFIX + subject, |
471 | 2b16c157 | Leonidas Poulopoulos | message, settings.SERVER_EMAIL, |
472 | 2b16c157 | Leonidas Poulopoulos | admin_mails, []) |
473 | 7ae0e0ec | Stauros Kroustouris | |
474 | 2b16c157 | Leonidas Poulopoulos | # Mail to domain techCs plus platform admins (no activation hash sent)
|
475 | 2b16c157 | Leonidas Poulopoulos | subject = render_to_string('registration/activation_email_peer_notify_subject.txt',
|
476 | 2b16c157 | Leonidas Poulopoulos | { 'site': current_site,
|
477 | 2b16c157 | Leonidas Poulopoulos | 'peer': peer })
|
478 | 2b16c157 | Leonidas Poulopoulos | subject = ''.join(subject.splitlines())
|
479 | 2b16c157 | Leonidas Poulopoulos | message = render_to_string('registration/activation_email_peer_notify.txt',
|
480 | 2b16c157 | Leonidas Poulopoulos | { 'user': user,
|
481 | 2b16c157 | Leonidas Poulopoulos | 'peer': peer })
|
482 | 7ae0e0ec | Stauros Kroustouris | send_new_mail(settings.EMAIL_SUBJECT_PREFIX + subject, |
483 | 357e5b54 | Leonidas Poulopoulos | message, settings.SERVER_EMAIL, |
484 | 357e5b54 | Leonidas Poulopoulos | get_peer_techc_mails(user), []) |
485 | b969de46 | Leonidas Poulopoulos | |
486 | 97e42c7d | Leonidas Poulopoulos | @login_required
|
487 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
488 | 97e42c7d | Leonidas Poulopoulos | def add_rate_limit(request): |
489 | 97e42c7d | Leonidas Poulopoulos | if request.method == "GET": |
490 | 97e42c7d | Leonidas Poulopoulos | form = ThenPlainForm() |
491 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('add_rate_limit.html', {'form': form,}, |
492 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
493 | 97e42c7d | Leonidas Poulopoulos | |
494 | 97e42c7d | Leonidas Poulopoulos | else:
|
495 | 97e42c7d | Leonidas Poulopoulos | form = ThenPlainForm(request.POST) |
496 | 97e42c7d | Leonidas Poulopoulos | if form.is_valid():
|
497 | 97e42c7d | Leonidas Poulopoulos | then=form.save(commit=False)
|
498 | 97e42c7d | Leonidas Poulopoulos | then.action_value = "%sk"%then.action_value
|
499 | 97e42c7d | Leonidas Poulopoulos | then.save() |
500 | 97e42c7d | Leonidas Poulopoulos | response_data = {} |
501 | 97e42c7d | Leonidas Poulopoulos | response_data['pk'] = "%s" %then.pk |
502 | 97e42c7d | Leonidas Poulopoulos | response_data['value'] = "%s:%s" %(then.action, then.action_value) |
503 | c00eba1c | Leonidas Poulopoulos | return HttpResponse(json.dumps(response_data), mimetype='application/json') |
504 | 97e42c7d | Leonidas Poulopoulos | else:
|
505 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('add_rate_limit.html', {'form': form,}, |
506 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
507 | 97e42c7d | Leonidas Poulopoulos | |
508 | 97e42c7d | Leonidas Poulopoulos | @login_required
|
509 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
510 | 97e42c7d | Leonidas Poulopoulos | def add_port(request): |
511 | 97e42c7d | Leonidas Poulopoulos | if request.method == "GET": |
512 | 97e42c7d | Leonidas Poulopoulos | form = PortPlainForm() |
513 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('add_port.html', {'form': form,}, |
514 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
515 | 97e42c7d | Leonidas Poulopoulos | |
516 | 97e42c7d | Leonidas Poulopoulos | else:
|
517 | 97e42c7d | Leonidas Poulopoulos | form = PortPlainForm(request.POST) |
518 | 97e42c7d | Leonidas Poulopoulos | if form.is_valid():
|
519 | 97e42c7d | Leonidas Poulopoulos | port=form.save() |
520 | 97e42c7d | Leonidas Poulopoulos | response_data = {} |
521 | 97e42c7d | Leonidas Poulopoulos | response_data['value'] = "%s" %port.pk |
522 | 97e42c7d | Leonidas Poulopoulos | response_data['text'] = "%s" %port.port |
523 | c00eba1c | Leonidas Poulopoulos | return HttpResponse(json.dumps(response_data), mimetype='application/json') |
524 | 97e42c7d | Leonidas Poulopoulos | else:
|
525 | 97e42c7d | Leonidas Poulopoulos | return render_to_response('add_port.html', {'form': form,}, |
526 | 97e42c7d | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
527 | 97e42c7d | Leonidas Poulopoulos | |
528 | 1698da77 | Leonidas Poulopoulos | @never_cache
|
529 | 1698da77 | Leonidas Poulopoulos | def selectinst(request): |
530 | 1698da77 | Leonidas Poulopoulos | if request.method == 'POST': |
531 | 1698da77 | Leonidas Poulopoulos | request_data = request.POST.copy() |
532 | 1698da77 | Leonidas Poulopoulos | user = request_data['user']
|
533 | 1698da77 | Leonidas Poulopoulos | try:
|
534 | 1698da77 | Leonidas Poulopoulos | existingProfile = UserProfile.objects.get(user=user) |
535 | 1698da77 | Leonidas Poulopoulos | error = _("Violation warning: User account is already associated with an institution.The event has been logged and our administrators will be notified about it")
|
536 | 1698da77 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error, 'inactive': True}, |
537 | 1698da77 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
538 | 1698da77 | Leonidas Poulopoulos | except UserProfile.DoesNotExist:
|
539 | 1698da77 | Leonidas Poulopoulos | pass
|
540 | 7ae0e0ec | Stauros Kroustouris | |
541 | 1698da77 | Leonidas Poulopoulos | form = UserProfileForm(request_data) |
542 | 1698da77 | Leonidas Poulopoulos | if form.is_valid():
|
543 | 1698da77 | Leonidas Poulopoulos | userprofile = form.save() |
544 | 1698da77 | Leonidas Poulopoulos | user_activation_notify(userprofile.user) |
545 | 1698da77 | Leonidas Poulopoulos | error = _("User account <strong>%s</strong> is pending activation. Administrators have been notified and will activate this account within the next days. <br>If this account has remained inactive for a long time contact your technical coordinator or GRNET Helpdesk") %userprofile.user.username
|
546 | 1698da77 | Leonidas Poulopoulos | return render_to_response('error.html', {'error': error, 'inactive': True}, |
547 | 1698da77 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
548 | 1698da77 | Leonidas Poulopoulos | else:
|
549 | 1698da77 | Leonidas Poulopoulos | form.fields['user'] = forms.ModelChoiceField(queryset=User.objects.filter(pk=user.pk), empty_label=None) |
550 | 1698da77 | Leonidas Poulopoulos | form.fields['institution'] = forms.ModelChoiceField(queryset=Peer.objects.all(), empty_label=None) |
551 | 1698da77 | Leonidas Poulopoulos | return render_to_response('registration/select_institution.html', {'form': form}, context_instance=RequestContext(request)) |
552 | 1698da77 | Leonidas Poulopoulos | |
553 | c491c6f8 | Leonidas Poulopoulos | @never_cache
|
554 | c491c6f8 | Leonidas Poulopoulos | def overview(request): |
555 | c491c6f8 | Leonidas Poulopoulos | user = request.user |
556 | c491c6f8 | Leonidas Poulopoulos | if user.is_authenticated():
|
557 | c491c6f8 | Leonidas Poulopoulos | if user.has_perm('accounts.overview'): |
558 | c491c6f8 | Leonidas Poulopoulos | users = User.objects.all() |
559 | f5cd0730 | Leonidas Poulopoulos | return render_to_response('overview/index.html', {'users': users}, |
560 | c491c6f8 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
561 | c491c6f8 | Leonidas Poulopoulos | else:
|
562 | c491c6f8 | Leonidas Poulopoulos | violation=True
|
563 | c491c6f8 | Leonidas Poulopoulos | return render_to_response('overview/index.html', {'violation': violation}, |
564 | c491c6f8 | Leonidas Poulopoulos | context_instance=RequestContext(request)) |
565 | c491c6f8 | Leonidas Poulopoulos | else:
|
566 | c491c6f8 | Leonidas Poulopoulos | return HttpResponseRedirect(reverse("altlogin")) |
567 | c491c6f8 | Leonidas Poulopoulos | |
568 | 97e42c7d | Leonidas Poulopoulos | @login_required
|
569 | 6a946adf | Leonidas Poulopoulos | @never_cache
|
570 | 97e42c7d | Leonidas Poulopoulos | def user_logout(request): |
571 | 34cff057 | Leonidas Poulopoulos | logout(request) |
572 | 34cff057 | Leonidas Poulopoulos | return HttpResponseRedirect(reverse('group-routes')) |
573 | 7ae0e0ec | Stauros Kroustouris | |
574 | 049a5a10 | Leonidas Poulopoulos | @never_cache
|
575 | 97e42c7d | Leonidas Poulopoulos | def load_jscript(request, file): |
576 | bec1a51b | Leonidas Poulopoulos | long_polling_timeout = int(settings.POLL_SESSION_UPDATE)*1000 + 10000 |
577 | bec1a51b | Leonidas Poulopoulos | return render_to_response('%s.js' % file, {'timeout': long_polling_timeout}, context_instance=RequestContext(request), mimetype="text/javascript") |
578 | a2f464f0 | Leonidas Poulopoulos | |
579 | a2f464f0 | Leonidas Poulopoulos | |
580 | a2f464f0 | Leonidas Poulopoulos | def get_peer_techc_mails(user): |
581 | 86da41f0 | Leonidas Poulopoulos | mail = [] |
582 | 86da41f0 | Leonidas Poulopoulos | additional_mail = [] |
583 | 86da41f0 | Leonidas Poulopoulos | techmails_list = [] |
584 | 86da41f0 | Leonidas Poulopoulos | user_mail = "%s" %user.email
|
585 | 86da41f0 | Leonidas Poulopoulos | user_mail = user_mail.split(';')
|
586 | b36bd381 | Leonidas Poulopoulos | techmails = user.get_profile().peer.techc_emails.all() |
587 | a2f464f0 | Leonidas Poulopoulos | if techmails:
|
588 | b36bd381 | Leonidas Poulopoulos | for techmail in techmails: |
589 | b36bd381 | Leonidas Poulopoulos | techmails_list.append(techmail.email) |
590 | 86da41f0 | Leonidas Poulopoulos | if settings.NOTIFY_ADMIN_MAILS:
|
591 | 86da41f0 | Leonidas Poulopoulos | additional_mail = settings.NOTIFY_ADMIN_MAILS |
592 | 86da41f0 | Leonidas Poulopoulos | mail.extend(additional_mail) |
593 | 86da41f0 | Leonidas Poulopoulos | mail.extend(techmails_list) |
594 | a2f464f0 | Leonidas Poulopoulos | return mail
|
595 | fdb1f9ec | Leonidas Poulopoulos | |
596 | fdb1f9ec | Leonidas Poulopoulos | def send_new_mail(subject, message, from_email, recipient_list, bcc_list): |
597 | fdb1f9ec | Leonidas Poulopoulos | return EmailMessage(subject, message, from_email, recipient_list, bcc_list).send()
|
598 | fdb1f9ec | Leonidas Poulopoulos | |
599 | 7dc5bd0c | Leonidas Poulopoulos | |
600 | 7dc5bd0c | Leonidas Poulopoulos | def lookupShibAttr(attrmap, requestMeta): |
601 | 7dc5bd0c | Leonidas Poulopoulos | for attr in attrmap: |
602 | c491c6f8 | Leonidas Poulopoulos | if (attr in requestMeta.keys()): |
603 | c491c6f8 | Leonidas Poulopoulos | if len(requestMeta[attr]) > 0: |
604 | c491c6f8 | Leonidas Poulopoulos | return requestMeta[attr]
|
605 | c491c6f8 | Leonidas Poulopoulos | return '' |