def su_view(request, next_page=None, redirect_field_name=REDIRECT_FIELD_NAME):
form = SuForm(request.POST)
if not form.is_valid():
return TemplateResponse(
request,
'simple-centered-form.html',
{
'form': form,
'action': reverse('su'),
'title': _("Login as another user"),
},
)
user = form.cleaned_data['user']
if is_under_su(request):
raise SuspiciousOperation
su_to_user(request, user, form.cleaned_data['backend'])
if redirect_field_name in request.GET:
next_page = request.GET[redirect_field_name]
elif redirect_field_name in request.POST:
next_page = request.POST[redirect_field_name]
request.session[REDIRECTION_AFTER_SU_KEY] = 'PRE_SU'
return safe_redirect(request, next_page)
def get_su_status(request, response):
response['is_real_superuser'] = is_real_superuser(request)
response['is_under_su'] = is_under_su(request)
response['real_user'] = request.real_user.username
if is_real_superuser(request):
response['sync_time'] = min(10000, response.get('sync_time', 10000))
return response
def get_su_status(request, response):
response['is_real_superuser'] = is_real_superuser(request)
response['is_under_su'] = is_under_su(request)
response['real_user'] = request.real_user.username
if is_real_superuser(request):
response['sync_time'] = min(10000, response.get('sync_time', 10000))
return response
def su_dropdown_form(context):
from oioioi.su.forms import SuForm
from oioioi.su.utils import is_under_su
return {
'ctx': context,
'form': SuForm(auto_id='su-%s'),
'is_under_su': is_under_su(context['request']),
'num_hints': getattr(settings, 'NUM_HINTS', 10),
}
def process_exception(self, request, exception):
# pylint: disable=broad-except
try:
if not hasattr(request, 'user'):
return
request.META['IS_AUTHENTICATED'] = str(
request.user.is_authenticated())
request.META['IS_UNDER_SU'] = str(is_under_su(request))
if request.user.is_authenticated():
request.META['USERNAME'] = str(request.user.username)
request.META['USER_EMAIL'] = str(request.user.email)
if is_under_su(request):
request.META['REAL_USERNAME'] = str(request.real_user.username)
request.META['REAL_USER_EMAIL'] = str(request.real_user.email)
except Exception:
pass
def process_exception(self, request, exception):
# pylint: disable=broad-except
try:
if not hasattr(request, 'user'):
return
request.META['IS_AUTHENTICATED'] = str(request.user
.is_authenticated())
request.META['IS_UNDER_SU'] = str(is_under_su(request))
if request.user.is_authenticated():
request.META['USERNAME'] = str(request.user.username)
request.META['USER_EMAIL'] = str(request.user.email)
if is_under_su(request):
request.META['REAL_USERNAME'] = str(request.real_user.username)
request.META['REAL_USER_EMAIL'] = str(request.real_user.email)
except Exception:
pass
def real_user(request):
if not hasattr(request, 'real_user'):
return {
'real_user': getattr(request, 'user', AnonymousUser()),
'is_under_su': False,
}
else:
return {
'real_user': request.real_user,
'is_under_su': is_under_su(request)
}
def process_exception(self, request, exception):
# pylint: disable=broad-except
try:
if not hasattr(request, 'user'):
return
# This is because is_authenticated is a CallableBool not bool until Django 2.0,
# so its str is not True/False as expected.
request.META['IS_AUTHENTICATED'] =\
str(bool(request.user.is_authenticated))
request.META['IS_UNDER_SU'] = str(is_under_su(request))
if request.user.is_authenticated:
request.META['USERNAME'] = str(request.user.username)
request.META['USER_EMAIL'] = str(request.user.email)
if is_under_su(request):
request.META['REAL_USERNAME'] = str(request.real_user.username)
request.META['REAL_USER_EMAIL'] = str(request.real_user.email)
except Exception:
pass
def process_exception(self, request, exception):
# pylint: disable=broad-except
try:
if not hasattr(request, 'user'):
return
# This is because is_authenticated is a CallableBool not bool until Django 2.0,
# so its str is not True/False as expected.
request.META['IS_AUTHENTICATED'] =\
str(bool(request.user.is_authenticated))
request.META['IS_UNDER_SU'] = str(is_under_su(request))
if request.user.is_authenticated:
request.META['USERNAME'] = str(request.user.username)
request.META['USER_EMAIL'] = str(request.user.email)
if is_under_su(request):
request.META['REAL_USERNAME'] = str(request.real_user.username)
request.META['REAL_USER_EMAIL'] = str(request.real_user.email)
except Exception:
pass
def su_view(request, next_page=None, redirect_field_name=REDIRECT_FIELD_NAME):
form = SuForm(request.POST)
if not form.is_valid():
return TemplateResponse(request, 'simple-centered-form.html',
{'form': form, 'action': reverse('su'),
'title': _("Login as another user")})
user = form.cleaned_data['user']
if user.is_superuser or is_under_su(request):
raise SuspiciousOperation
su_to_user(request, user, form.cleaned_data['backend'])
if redirect_field_name in request.REQUEST:
next_page = request.REQUEST[redirect_field_name]
return safe_redirect(request, next_page)
def process_view(self, request, view_func, view_args, view_kwargs):
if not hasattr(request, 'user'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'django.contrib.auth.middleware.AuthenticationMiddleware'"
" earlier in MIDDLEWARE.")
if not request.user.is_anonymous and \
not hasattr(request.user, 'backend'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.base.middleware.AnnotateUserBackendMiddleware'"
" earlier in MIDDLEWARE.")
if not hasattr(request, 'contest'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.contests.middleware.CurrentContestMiddleware'"
" earlier in MIDDLEWARE.")
if not request.contest:
return
if not hasattr(request, 'contest_exclusive'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.contextexcl.middleware.ExclusiveContestsMiddleware'"
" earlier in MIDDLEWARE.")
if not request.contest_exclusive:
return
if not request.contest.controller.is_onsite():
return
if not request.user.is_authenticated:
return
backend_path = request.user.backend
if backend_path != 'oioioi.ipdnsauth.backends.IpDnsBackend':
if is_under_su(request):
reset_to_real_user(request)
else:
auth.logout(request)
return TemplateResponse(request, 'ipdnsauth/access_blocked.html',
{'auth_backend': backend_path})
def process_view(self, request, view_func, view_args, view_kwargs):
if not hasattr(request, 'user'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'django.contrib.auth.middleware.AuthenticationMiddleware'"
" earlier in MIDDLEWARE_CLASSES.")
if not request.user.is_anonymous and \
not hasattr(request.user, 'backend'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.base.middleware.AnnotateUserBackendMiddleware'"
" earlier in MIDDLEWARE_CLASSES.")
if not hasattr(request, 'contest'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.contests.middleware.CurrentContestMiddleware'"
" earlier in MIDDLEWARE_CLASSES.")
if not request.contest:
return
if not hasattr(request, 'contest_exclusive'):
raise ImproperlyConfigured(
"The ForceDnsIpAuthMiddleware middleware requires the"
" 'oioioi.contextexcl.middleware.ExclusiveContestsMiddleware'"
" earlier in MIDDLEWARE_CLASSES.")
if not request.contest_exclusive:
return
if not request.contest.controller.is_onsite():
return
if not request.user.is_authenticated:
return
backend_path = request.user.backend
if backend_path != 'oioioi.ipdnsauth.backends.IpDnsBackend':
if is_under_su(request):
reset_to_real_user(request)
else:
auth.logout(request)
return TemplateResponse(request, 'ipdnsauth/access_blocked.html',
{'auth_backend': backend_path})
