Revision d60db93b

b/ChangeLog
1 1
===========
2
0.8.4 RELEASE
3
Vulnerability prevention/bug fixes release
4
Fixes:
5
	- Fixed a bug where the shib auth backend erased non-shibboleth users info
6
	- Added an authsource variable to prevent authentication backend overlapping
7
	- Added exception handling for non-Shibboleth users that do not belong to a peer
8

  
9
===========
2 10
0.8.3 RELEASE
3 11
Feature enhancement release
4 12
Fixes:
b/djangobackends/shibauthBackend.py
10 10
        firstname = kwargs.get('firstname')
11 11
        lastname = kwargs.get('lastname')
12 12
        mail = kwargs.get('mail')
13
        authsource = kwargs.get('authsource')
14
        if authsource != 'shibboleth':
15
            return None
13 16
        try:
14 17
            user = self._auth_user(username, firstname, lastname, mail)
15 18
        except:
......
22 25

  
23 26
        try:
24 27
            user = User.objects.get(username__exact=username)
25
            user.email = mail
26
            user.first_name = firstname
27
            user.last_name = lastname
28
            user.save()
29 28
        # The user did not exist. Create one with no privileges
30 29
        except: 
31 30
            user = User.objects.create_user(username, mail, None)
b/flowspec/views.py
63 63
@never_cache
64 64
def group_routes(request):
65 65
    group_routes = []
66
    peer = request.user.get_profile().peer
66
    try:
67
        peer = request.user.get_profile().peer
68
    except UserProfile.DoesNotExist:
69
        error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % request.user.username
70
        return render_to_response('error.html', {'error': error})
67 71
    if peer:
68 72
       peer_members = UserProfile.objects.filter(peer=peer)
69 73
       users = [prof.user for prof in peer_members]
70 74
       group_routes = Route.objects.filter(applier__in=users)
71
    return render_to_response('user_routes.html', {'routes': group_routes},
75
       return render_to_response('user_routes.html', {'routes': group_routes},
72 76
                              context_instance=RequestContext(request))
73 77

  
74 78

  
......
207 211
@never_cache
208 212
def user_profile(request):
209 213
    user = request.user
210
    peer = request.user.get_profile().peer
211
    
214
    try:
215
        peer = request.user.get_profile().peer
216
    except UserProfile.DoesNotExist:
217
        error = "User <strong>%s</strong> does not belong to any peer or organization. It is not possible to create new firewall rules.<br>Please contact Helpdesk to resolve this issue" % user.username
218
        return render_to_response('error.html', {'error': error})
212 219
    return render_to_response('profile.html', {'user': user, 'peer':peer},
213 220
                                  context_instance=RequestContext(request))
214 221

  
......
250 257
                                  context_instance=RequestContext(request))
251 258
        try:
252 259
            user = User.objects.get(username__exact=username)
260
            user.email = mail
261
            user.first_name = firstname
262
            user.last_name = lastname
263
            user.save()
253 264
            user_exists = True
254 265
        except:
255 266
            user_exists = False
256
        user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail)
267
        user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, authsource='shibboleth')
257 268
        if user is not None:
258 269
            try:
259 270
                peer = Peer.objects.get(domain_name=organization)
b/templates/error.html
73 73
			</div>
74 74
			<div id="content">
75 75
				{% block brcrmb_container %}
76
				<div class="info_content_title">{% if user.is_authenticated %}<a href="{% url group-routes %}">{% trans "My routes" %}</a>{% endif %}
76
				<div class="info_content_title">{% if user.is_authenticated %}<a href="{% url group-routes %}">{% trans "My rules" %}</a>{% endif %}
77 77
				{% block breadcrumbs %}{% endblock %}
78 78
				</div>
79 79
				

Also available in: Unified diff