def server_terminate_group(group_id):
"""Terminate all instances in the specified instance group."""
instances = aws.get_instances_in_group(group_id)
instances_metadata = []
is_admin = ldapuser.is_admin(session['username'])
for instance in instances:
if not is_admin:
if not aws.is_owner(instance_id, session['username']):
abort(404)
instances_metadata.append({
'id':
instance.id,
'private_ip_address':
instance.private_ip_address
})
if request.method == 'POST':
for instance in instances:
if aws.can_terminate(instance):
aws.terminate_instance.delay(instance.id)
if request_wants_json():
return jsonify(True)
else:
return redirect(url_for('server_list'))
return render_template('confirm.html',
termination_group_metadata=instances_metadata)
def index():
if 'username' in session:
if ldapuser.is_admin(session['username']):
return redirect(url_for('admin_dashboard'))
else:
return redirect(url_for('server_list'))
else:
return redirect(url_for('login'))
def decorated_admin_function(*args, **kwargs):
if 'username' not in session:
return redirect(url_for('login'))
if not ldapuser.is_admin(session['username']):
return abort(403)
return f(*args, **kwargs)
def isadmin():
try:
if 'username' in session:
return ldapuser.is_admin(session['username'])
except:
# Since this is a template function it should not propagate the error
# up, as it is called on the error pages as well.
return False
return False
def func(*args, **kwargs):
if not is_logged_in():
return redirect(url_for('login'))
current_user = session['username']
ssh_key_id = kwargs.get('ssh_key_id')
owner = ssh_keys.get_owner(ssh_key_id)
if current_user != owner and not ldapuser.is_admin(current_user):
return errors.show_error(401, 'Unauthorized')
return f(*args, **kwargs)
def decorated_admin_function(*args, **kwargs):
if 'username' not in session:
return redirect(url_for('login'))
if 'instance_id' not in kwargs:
return abort(400)
if not aws.is_owner(kwargs['instance_id'], session['username']):
if not ldapuser.is_admin(session['username']):
return abort(403)
return f(*args, **kwargs)
def ssh_key_create():
"""Handle GET (render) and POST (submit form to DB) requests at /ssh/create."""
if request.method == 'POST':
# Only allow admins to modify username, use session as fallback
if ldapuser.is_admin(session['username']):
username = request.form.get('username', session['username'])
else:
username = session['username']
key_name = request.form['key_name']
ssh_key = request.form['ssh_key']
ssh_keys.create_new_key(username, key_name, ssh_key)
return redirect(url_for('ssh_key_list'))
return render_template('ssh_form.html', ssh_info={})
def ssh_key_update(ssh_key_id, admin=None):
"""Handle GET (render form) and POST (update db) requests at /ssh/<id>/update."""
ssh_info = ssh_keys.get_ssh_key(ssh_key_id)
if request.method == 'POST':
# Only allow admins to modify username, use session as fallback
if ldapuser.is_admin(session['username']):
username = request.form.get('username', session['username'])
else:
username = session['username']
key_name = request.form.get('key_name', ssh_info['key_name'])
ssh_key = request.form.get('ssh_key', ssh_info['ssh_key'])
ssh_keys.update_ssh_key(ssh_key_id, username, key_name, ssh_key)
# Redirect admin users back to the admin panel
if admin:
return redirect(url_for('admin_dashboard'))
return redirect(url_for('ssh_key_list'))
return render_template('ssh_form.html', ssh_info=ssh_info)
