Ejemplo n.º 1
0
def assignrole(request):
    initialise()
    subs_list_assigned = []
    if request.method == "POST":
        subs_list = json.loads(request.POST["subs_list"])
        user_id = request.POST["user_id"]
        t_id = request.POST["tenant_id"]
        token_user = request.POST["token_user"]
        global client_secret
        global client_id
        access_token = get_acacess_token_app(tenant_id=t_id,client_id=client_id,client_secret=client_secret,resource="https://graph.windows.net/")
        
        if access_token["status"] == "1":
            principal_id = get_principal_id(token=access_token["details"],tenant_id=t_id,client_id=client_id)
            
            for subs in subs_list:
                role_assgn_id = str(uuid.uuid4())
                global role_def_id_contributor
                put_url = "https://management.azure.com//subscriptions/" + subs +"/providers/Microsoft.Authorization/roleAssignments/" + role_assgn_id + "?api-version=2014-07-01-preview"
                body = {"properties":{"roleDefinitionId":"/subscriptions/"+ subs +"/providers/Microsoft.Authorization/roleDefinitions/" + role_def_id_contributor ,"principalId":principal_id}}
                
                headers_val = {"Authorization":"Bearer " + token_user, "Content-Type":"application/json"}
                req = Request(method="PUT",headers=headers_val,json=body,url=put_url)
                req_prepped = req.prepare()
                s = Session()
                res = Response()
                res = s.send(req_prepped)
                if res.status_code == 201:
                    subs_list_assigned.append({"subscriptionid":subs,"assigned_status":True})
    
    ### Save the subscription details in the model
    subscription_list = []
    for subs in subs_list_assigned:
        subscription_list.append(subs)

    auth_settings = {}
    auth_settings['auth_type']="A"
    auth_settings['client_id']=client_id
    auth_settings['tenant_id']=t_id
    auth_settings['redirect_uri']=redirect_uri
    auth_settings['client_secret']=client_secret
    auth_settings['subscription_id']=json.dumps(subscription_list)
    auth_settings['user'] = user_id
    user = User.objects.get(pk=auth_settings['user'])
    if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
         u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
         u.delete()        
    settings = AuthSettings(user_id=user,auth_type=auth_settings['auth_type'],client_id=auth_settings['client_id'],tenant_id=auth_settings['tenant_id'],client_secret=auth_settings['client_secret'],redirect_uri=auth_settings['redirect_uri'],subscription_id=auth_settings['subscription_id'])        
    settings.save()  
    results = "<table><tr><td>You can now deploy resources through this application into following subscriptions</td></tr>" 
    for sa in subs_list_assigned:
        results += "<tr><td>"+ sa["subscriptionid"] +"</td></tr>"
    results += "</table>"
    
    return HttpResponse(results)
Ejemplo n.º 2
0
def set_auth_settings(request):
    if request.method == "POST":
        print(request)
        auth_settings = {}
        auth_settings['auth_type']=request.POST['authtypeid']
        auth_settings['client_id']=request.POST['inp_clientid_txt']
        auth_settings['tenant_id']=request.POST['inp_tenantid_txt']
        auth_settings['redirect_uri']=request.POST['inp_redirecturi_txt']
        auth_settings['client_secret']=request.POST['inp_clientsecret_txt']
        auth_settings['subscription_id']=request.POST['inp_subsid_txt']
        auth_settings['user'] = request.POST['user_id']
        user = User.objects.get(pk=auth_settings['user'])
        if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
            u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
            u.delete()        
        settings = AuthSettings(user_id=user,auth_type=auth_settings['auth_type'],client_id=auth_settings['client_id'],tenant_id=auth_settings['tenant_id'],client_secret=auth_settings['client_secret'],redirect_uri=auth_settings['redirect_uri'],subscription_id=auth_settings['subscription_id'])        
        settings.save()  
        return HttpResponse("Your settings have been saved")
    else:
        authorization_list = [{"id":"A","name":"Application only"},{"id":"U","name":"User based"}]
        template_params = {"authorization_list":authorization_list}
        return render(request,"set_authsettings.html",template_params)
Ejemplo n.º 3
0
def assignrole(request):
    initialise()
    subs_list_assigned = []
    if request.method == "POST":
        subs_list = json.loads(request.POST["subs_list"])
        user_id = request.POST["user_id"]
        t_id = request.POST["tenant_id"]
        token_user = request.POST["token_user"]
        global client_secret
        global client_id
        access_token = get_acacess_token_app(
            tenant_id=t_id,
            client_id=client_id,
            client_secret=client_secret,
            resource="https://graph.windows.net/")

        if access_token["status"] == "1":
            principal_id = get_principal_id(token=access_token["details"],
                                            tenant_id=t_id,
                                            client_id=client_id)

            for subs in subs_list:
                role_assgn_id = str(uuid.uuid4())
                global role_def_id_contributor
                put_url = "https://management.azure.com//subscriptions/" + subs + "/providers/Microsoft.Authorization/roleAssignments/" + role_assgn_id + "?api-version=2014-07-01-preview"
                body = {
                    "properties": {
                        "roleDefinitionId":
                        "/subscriptions/" + subs +
                        "/providers/Microsoft.Authorization/roleDefinitions/" +
                        role_def_id_contributor,
                        "principalId":
                        principal_id
                    }
                }

                headers_val = {
                    "Authorization": "Bearer " + token_user,
                    "Content-Type": "application/json"
                }
                req = Request(method="PUT",
                              headers=headers_val,
                              json=body,
                              url=put_url)
                req_prepped = req.prepare()
                s = Session()
                res = Response()
                res = s.send(req_prepped)
                if res.status_code == 201:
                    subs_list_assigned.append({
                        "subscriptionid": subs,
                        "assigned_status": True
                    })

    ### Save the subscription details in the model
    subscription_list = []
    for subs in subs_list_assigned:
        subscription_list.append(subs)

    auth_settings = {}
    auth_settings['auth_type'] = "A"
    auth_settings['client_id'] = client_id
    auth_settings['tenant_id'] = t_id
    auth_settings['redirect_uri'] = redirect_uri
    auth_settings['client_secret'] = client_secret
    auth_settings['subscription_id'] = json.dumps(subscription_list)
    auth_settings['user'] = user_id
    user = User.objects.get(pk=auth_settings['user'])
    if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
        u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
        u.delete()
    settings = AuthSettings(user_id=user,
                            auth_type=auth_settings['auth_type'],
                            client_id=auth_settings['client_id'],
                            tenant_id=auth_settings['tenant_id'],
                            client_secret=auth_settings['client_secret'],
                            redirect_uri=auth_settings['redirect_uri'],
                            subscription_id=auth_settings['subscription_id'])
    settings.save()
    results = "<table><tr><td>You can now deploy resources through this application into following subscriptions</td></tr>"
    for sa in subs_list_assigned:
        results += "<tr><td>" + sa["subscriptionid"] + "</td></tr>"
    results += "</table>"

    return HttpResponse(results)