def dashboard(request):
project_list = get_project_list(request.user, key='slug')
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
if project_list:
cutoff = datetime.datetime.now() - datetime.timedelta(days=1)
base_qs = Group.objects.filter(
project__in=project_list.values(),
status=0,
).select_related('project').order_by('-score')
top_event_list = list(base_qs.filter(
last_seen__gte=cutoff
)[:10])
new_event_list = list(base_qs.filter(
first_seen__gte=cutoff,
)[:10])
else:
top_event_list = None
new_event_list = None
return render_to_response('sentry/dashboard.html', {
'top_event_list': top_event_list,
'new_event_list': new_event_list,
}, request)
def edit_user(request, user_id):
if not request.is_superuser():
return HttpResponseRedirect(get_login_url())
try:
user = User.objects.get(pk=user_id)
except User.DoesNotExist:
return HttpResponseRedirect(reverse('sentry-admin-users'))
form = ChangeUserForm(request.POST or None, instance=user)
if form.is_valid():
user = form.save()
return HttpResponseRedirect(reverse('sentry-admin-users'))
project_list = Project.objects.filter(
status=0,
organization__member_set__user=user,
).order_by('-date_added')
context = {
'form': form,
'the_user': user,
'project_list': project_list,
}
context.update(csrf(request))
return render_to_response('sentry/admin/users/edit.html', context, request)
def dashboard(request):
project_list = get_project_list(request.user, key='slug')
if len(project_list) == 1:
return HttpResponseRedirect(reverse('sentry', kwargs={'project_id': project_list.keys()[0]}))
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return render_to_response('sentry/dashboard.html', request=request)
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
if not request.user.is_staff:
return render_to_response('sentry/missing_permissions.html', status=400)
return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
if not request.user.is_staff:
return render_to_response('sentry/missing_permissions.html', status=400)
return func(request, *args, **kwargs)
def dashboard(request):
project_list = get_project_list(request.user, key='slug')
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
if project_list:
cutoff = datetime.datetime.now() - datetime.timedelta(days=1)
base_qs = Group.objects.filter(
project__in=project_list.values(),
status=0,
).select_related('project').order_by('-score')
# TODO: change this to calculate the most frequent events in the time period,
# not just events seen within the time period that have at one time been frequent
top_event_list = list(base_qs.filter(
last_seen__gte=cutoff
)[:10])
new_event_list = list(base_qs.filter(
active_at__gte=cutoff,
)[:10])
else:
top_event_list = None
new_event_list = None
return render_to_response('sentry/dashboard.html', {
'top_event_list': top_event_list,
'new_event_list': new_event_list,
}, request)
def _wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
if not request.user.has_perm(perm):
return render_to_response('sentry/missing_permissions.html',
status=400)
return func(request, *args, **kwargs)
def handle_auth_required(self, request, *args, **kwargs):
request.session["_next"] = request.get_full_path()
if "organization_slug" in kwargs:
redirect_to = reverse("sentry-auth-organization", args=[kwargs["organization_slug"]])
else:
redirect_to = get_login_url()
return self.redirect(redirect_to)
def _wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
if not request.user.has_perm(perm):
return render_to_response('sentry/missing_permissions.html', status=400)
return func(request, *args, **kwargs)
def dashboard(request):
project_list = get_project_list(request.user, key='slug')
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return render_to_response('sentry/dashboard.html', {
}, request)
def handle(self, request, organization, member_id):
try:
member = OrganizationMember.objects.get(
Q(user__is_active=True) | Q(user__isnull=True),
organization=organization,
id=member_id,
)
except OrganizationMember.DoesNotExist:
return self.redirect(get_login_url())
if request.POST.get('op') == 'reinvite' and member.is_pending:
return self.resend_invite(request, organization, member)
elif request.POST.get('op') == 'regenerate' and member.is_pending:
return self.resend_invite(request, organization, member, regen=True)
can_admin = request.access.has_scope('member:delete')
if can_admin and not request.is_superuser():
acting_member = OrganizationMember.objects.get(
user=request.user,
organization=organization,
)
if roles.get(acting_member.role).priority < roles.get(member.role).priority:
can_admin = False
else:
allowed_roles = [
r for r in roles.get_all()
if r.priority <= roles.get(acting_member.role).priority
]
can_admin = bool(allowed_roles)
elif request.is_superuser():
allowed_roles = roles.get_all()
if member.user == request.user or not can_admin:
return self.view_member(request, organization, member)
form = self.get_form(request, member, allowed_roles)
if form.is_valid():
member = form.save(request.user, organization, request.META['REMOTE_ADDR'])
messages.add_message(request, messages.SUCCESS,
_('Your changes were saved.'))
redirect = reverse('sentry-organization-member-settings',
args=[organization.slug, member.id])
return self.redirect(redirect)
context = {
'member': member,
'form': form,
'invite_link': member.get_invite_link(),
'role_list': [
(r, r in allowed_roles)
for r in roles.get_all()
]
}
return self.respond('sentry/organization-member-settings.html', context)
def dashboard(request):
project_list = get_project_list(request.user)
if len(project_list) == 1:
return HttpResponseRedirect(
reverse('sentry', kwargs={'project_id': project_list.keys()[0]}))
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return render_to_response('sentry/dashboard.html', request=request)
def handle_auth_required(self, request, *args, **kwargs):
request.session['_next'] = request.get_full_path()
if 'organization_slug' in kwargs:
redirect_to = reverse('sentry-auth-organization',
args=[kwargs['organization_slug']])
else:
redirect_to = get_login_url()
return self.redirect(redirect_to)
def test_get_login_url(self):
with self.Settings(LOGIN_URL='/really-a-404'):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
with self.Settings(LOGIN_URL=reverse('sentry-fake-login')):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-fake-login'))
# should still be cached
with self.Settings(LOGIN_URL='/really-a-404'):
url = get_login_url(False)
self.assertEquals(url, reverse('sentry-fake-login'))
with self.Settings(SENTRY_LOGIN_URL=None):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
def handle_auth_required(self, request, *args, **kwargs):
request.session['_next'] = request.get_full_path()
if 'organization_slug' in kwargs:
redirect_to = reverse('sentry-auth-organization',
args=[kwargs['organization_slug']])
else:
redirect_to = get_login_url()
return self.redirect(redirect_to)
def handle(self, request, organization, member_id):
try:
member = OrganizationMember.objects.get(
Q(user__is_active=True) | Q(user__isnull=True),
organization=organization,
id=member_id,
)
except OrganizationMember.DoesNotExist:
return self.redirect(get_login_url())
if request.POST.get('op') == 'reinvite' and member.is_pending:
return self.resend_invite(request, organization, member)
can_admin = request.access.has_scope('member:delete')
if can_admin and not request.is_superuser():
acting_member = OrganizationMember.objects.get(
user=request.user,
organization=organization,
)
if roles.get(acting_member.role).priority < roles.get(member.role).priority:
can_admin = False
else:
allowed_roles = [
r for r in roles.get_all()
if r.priority <= roles.get(acting_member.role).priority
]
can_admin = bool(allowed_roles)
elif request.is_superuser():
allowed_roles = roles.get_all()
if member.user == request.user or not can_admin:
return self.view_member(request, organization, member)
form = self.get_form(request, member, allowed_roles)
if form.is_valid():
member = form.save(request.user, organization, request.META['REMOTE_ADDR'])
messages.add_message(request, messages.SUCCESS,
_('Your changes were saved.'))
redirect = reverse('sentry-organization-member-settings',
args=[organization.slug, member.id])
return self.redirect(redirect)
context = {
'member': member,
'form': form,
'role_list': [
(r, r in allowed_roles)
for r in roles.get_all()
]
}
return self.respond('sentry/organization-member-settings.html', context)
def handle(self, request):
user = auth.get_pending_2fa_user(request)
if user is None or request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
interfaces = Authenticator.objects.all_interfaces_for_user(user)
# If for whatever reason we ended up here but the user has no 2FA
# enabled, we just continue successfully.
if not interfaces:
return self.perform_signin(request, user)
challenge = activation = None
interface = self.negotiate_interface(request, interfaces)
if request.method == 'GET':
activation = interface.activate(request)
if activation is not None and activation.type == 'challenge':
challenge = activation.challenge
elif 'challenge' in request.POST:
challenge = json.loads(request.POST['challenge'])
form = TwoFactorForm()
# If an OTP response was supplied, we try to make it pass.
otp = request.POST.get('otp')
if otp:
used_interface = self.validate_otp(otp, interface, interfaces)
if used_interface is not None:
return self.perform_signin(request, user, used_interface)
self.fail_signin(request, user, form)
# If a challenge and response exists, validate
if challenge:
response = request.POST.get('response')
if response:
response = json.loads(response)
if interface.validate_response(request, challenge, response):
return self.perform_signin(request, user, interface)
self.fail_signin(request, user, form)
return render_to_response(
[
'sentry/twofactor_%s.html' % interface.interface_id,
'sentry/twofactor.html'
], {
'form':
form,
'interface':
interface,
'other_interfaces':
self.get_other_interfaces(interface, interfaces),
'activation':
activation,
},
request,
status=200)
def create_new_user(request):
if not request.is_superuser():
return HttpResponseRedirect(get_login_url())
form = NewUserForm(request.POST or None, initial={
'send_welcome_mail': True,
'create_project': True,
})
if form.is_valid():
user = form.save(commit=False)
# create a random password
password = uuid.uuid4().hex
user.set_password(password)
user.save()
if form.cleaned_data['send_welcome_mail']:
context = {
'username': user.username,
'password': password,
'url': absolute_uri(get_login_url()),
}
body = render_to_string('sentry/emails/welcome_mail.txt', context, request)
try:
send_mail(
'%s Welcome to Sentry' % (options.get('mail.subject-prefix'),),
body, options.get('mail.from'), [user.email],
fail_silently=False
)
except Exception as e:
logger = logging.getLogger('sentry.mail.errors')
logger.exception(e)
return HttpResponseRedirect(reverse('sentry-admin-users'))
context = {
'form': form,
}
context.update(csrf(request))
return render_to_response('sentry/admin/users/new.html', context, request)
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
if 'organization_slug' in kwargs:
redirect_uri = reverse('sentry-auth-organization',
args=[kwargs['organization_slug']])
else:
redirect_uri = get_login_url()
return HttpResponseRedirect(redirect_uri)
return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
if 'organization_slug' in kwargs:
redirect_uri = reverse('sentry-auth-organization',
args=[kwargs['organization_slug']])
else:
redirect_uri = get_login_url()
return HttpResponseRedirect(redirect_uri)
return func(request, *args, **kwargs)
def get_login_redirect(request, default=None):
if default is None:
default = get_login_url()
# If there is a pending 2fa authentication bound to the session then
# we need to go to the 2fa dialog.
if has_pending_2fa(request):
return reverse('sentry-2fa-dialog')
# If we have a different URL to go after the 2fa flow we want to go to
# that now here.
after_2fa = request.session.pop('_after_2fa', None)
if after_2fa is not None:
return after_2fa
login_url = request.session.pop('_next', None) or default
if login_url.startswith(('http://', 'https://')):
login_url = default
elif login_url.startswith(get_login_url()):
login_url = default
return login_url
def dashboard(request):
project_list = get_project_list(request.user, key="slug")
has_projects = len(project_list) > 1 or (len(project_list) == 1 and project_list.values()[0].pk != settings.PROJECT)
if not has_projects:
if not request.user.is_authenticated():
request.session["_next"] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
elif can_create_projects(request.user):
return HttpResponseRedirect(reverse("sentry-new-project"))
return render_to_response("sentry/dashboard.html", {}, request)
def get_login_redirect(request, default=None):
if default is None:
default = get_login_url()
# If there is a pending 2fa authentication bound to the session then
# we need to go to the 2fa dialog.
if has_pending_2fa(request):
return reverse('sentry-2fa-dialog')
# If we have a different URL to go after the 2fa flow we want to go to
# that now here.
after_2fa = request.session.pop('_after_2fa', None)
if after_2fa is not None:
return after_2fa
login_url = request.session.pop('_next', None) or default
if login_url.startswith(('http://', 'https://')):
login_url = default
elif login_url.startswith(get_login_url()):
login_url = default
return login_url
def dashboard(request, template='dashboard.html'):
project_list = get_project_list(request.user, key='slug')
has_projects = len(project_list) > 1 or (len(project_list) == 1 and project_list.values()[0].pk != settings.PROJECT)
if not has_projects:
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
elif can_create_projects(request.user):
return HttpResponseRedirect(reverse('sentry-new-project'))
return render_to_response('sentry/%s' % template, {}, request)
def handle(self, request, organization, member_id):
try:
member = OrganizationMember.objects.get(
Q(user__is_active=True) | Q(user__isnull=True),
organization=organization,
id=member_id,
)
except OrganizationMember.DoesNotExist:
return self.redirect(get_login_url())
if request.POST.get('op') == 'reinvite' and member.is_pending:
return self.resend_invite(request, organization, member)
elif request.POST.get('op') == 'regenerate' and member.is_pending:
return self.resend_invite(request,
organization,
member,
regen=True)
can_admin, allowed_roles = self.get_allowed_roles(
request, organization, member)
all_teams = Team.objects.filter(organization=organization,
status=TeamStatus.VISIBLE)
if member.user == request.user or not can_admin:
return self.view_member(request, organization, member, all_teams)
form = self.get_form(request, member, all_teams, allowed_roles)
if form.is_valid():
member = form.save(request.user, organization,
request.META['REMOTE_ADDR'])
messages.add_message(request, messages.SUCCESS,
_('Your changes were saved.'))
redirect = reverse('sentry-organization-member-settings',
args=[organization.slug, member.id])
return self.redirect(redirect)
context = {
'member': member,
'form': form,
'invite_link': member.get_invite_link(),
'role_list': [(r, r in allowed_roles) for r in roles.get_all()],
'all_teams': all_teams
}
return self.respond('sentry/organization-member-settings.html',
context)
def _wrapped(request, project_id=None, *args, **kwargs):
# If we're asking for anything other than implied access, the user
# must be authenticated
if group_or_func is not None and not request.user.is_authenticated(
):
request.session['_next'] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
# XXX: if project_id isn't set, should we only allow superuser?
if not project_id:
return func(request, None, *args, **kwargs)
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
else:
lookup_kwargs = {'slug': project_id}
if request.user.is_superuser:
if project_id:
try:
project = Project.objects.get_from_cache(
**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(
slug=project_id)
except Project.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
return func(request, project, *args, **kwargs)
if project_id:
key, value = lookup_kwargs.items()[0]
project_list = get_project_list(request.user,
group_or_func,
key=key)
try:
project = project_list[value]
except KeyError:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
return func(request, project, *args, **kwargs)
def dashboard(request, template='dashboard.html'):
project_list = get_project_list(request.user, key='slug')
has_projects = len(project_list) > 1 or (
len(project_list) == 1
and project_list.values()[0].pk != settings.PROJECT)
if not has_projects:
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
elif can_create_projects(request.user):
return HttpResponseRedirect(reverse('sentry-new-project'))
return render_to_response('sentry/%s' % template, {}, request)
def configure_plugin(request, slug):
plugin = plugins.get(slug)
if not plugin.has_site_conf():
return HttpResponseRedirect(get_login_url())
view = plugin.configure(request=request)
if isinstance(view, HttpResponse):
return view
return render_to_response('sentry/admin/plugins/configure.html', {
'plugin': plugin,
'title': plugin.get_conf_title(),
'slug': plugin.slug,
'view': view,
}, request)
def _wrapped(request, project_id=None, *args, **kwargs):
# If we're asking for anything other than implied access, the user
# must be authenticated
if group_or_func is not None and not request.user.is_authenticated():
request.session['_next'] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
# XXX: if project_id isn't set, should we only allow superuser?
if not project_id:
return func(request, None, *args, **kwargs)
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
else:
lookup_kwargs = {'slug': project_id}
if request.user.is_superuser:
if project_id:
try:
project = Project.objects.get_from_cache(**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(slug=project_id)
except Project.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
return func(request, project, *args, **kwargs)
if project_id:
key, value = lookup_kwargs.items()[0]
project_list = get_project_list(request.user, group_or_func, key=key)
try:
project = project_list[value]
except KeyError:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
return func(request, project, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
if self.auth_required and not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return self.redirect(get_login_url())
if self.sudo_required and not request.is_sudo():
return redirect_to_sudo(request.get_full_path())
args, kwargs = self.convert_args(request, *args, **kwargs)
if not self.has_permission(request, *args, **kwargs):
redirect_uri = self.get_no_permission_url(request, *args, **kwargs)
return self.redirect(redirect_uri)
self.request = request
self.default_context = self.get_context_data(request, *args, **kwargs)
return self.handle(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
if self.auth_required and not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return self.redirect(get_login_url())
if self.sudo_required and not request.is_sudo():
return redirect_to_sudo(request.get_full_path())
args, kwargs = self.convert_args(request, *args, **kwargs)
if not self.has_permission(request, *args, **kwargs):
redirect_uri = self.get_no_permission_url(request, *args, **kwargs)
return self.redirect(redirect_uri)
self.request = request
self.default_context = self.get_context_data(request, *args, **kwargs)
return self.handle(request, *args, **kwargs)
def email_unsubscribe_project(request, project_id):
# For now we only support getting here from the signed link.
if not request.user_from_signed_request:
raise Http404()
try:
project = Project.objects.get(pk=project_id)
except Project.DoesNotExist:
raise Http404()
if request.method == 'POST':
if 'cancel' not in request.POST:
UserOption.objects.set_value(request.user, project, 'mail:alert',
0)
return HttpResponseRedirect(get_login_url())
context = csrf(request)
context['project'] = project
return render_to_response('sentry/account/email_unsubscribe_project.html',
context, request)
def email_unsubscribe_project(request, project_id):
# For now we only support getting here from the signed link.
if not request.user_from_signed_request:
raise Http404()
try:
project = Project.objects.get(pk=project_id)
except Project.DoesNotExist:
raise Http404()
if request.method == 'POST':
if 'cancel' not in request.POST:
UserOption.objects.set_value(
request.user, project, 'mail:alert', 0)
return HttpResponseRedirect(get_login_url())
context = csrf(request)
context['project'] = project
return render_to_response('sentry/account/email_unsubscribe_project.html',
context, request)
def test_as_lazy_url(self):
with self.settings(LOGIN_URL=reverse('sentry-fake-login')):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-fake-login'))
def test_as_path(self):
with self.settings(LOGIN_URL='/really-a-404'):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
def get_redirect_uri(self, request, exception):
return absolute_uri(get_login_url())
def test_no_value(self):
with self.settings(SENTRY_LOGIN_URL=None):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
def test_cached(self):
# should still be cached
with self.settings(LOGIN_URL='/really-a-404'):
url = get_login_url(False)
self.assertNotEquals(url, '/really-a-404')
def wrapped(request, *args, **kwargs):
if not settings.PUBLIC:
if not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs):
# All requests require authentication
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
has_team = 'team_slug' in kwargs
has_project = 'project_id' in kwargs
team_slug = kwargs.pop('team_slug', None)
project_id = kwargs.pop('project_id', None)
# Pull in team if it's part of the URL arguments
if team_slug:
if request.user.is_superuser:
try:
team = Team.objects.get_from_cache(slug=team_slug)
except Team.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
team_list = Team.objects.get_for_user(request.user, access)
try:
team = team_list[team_slug]
except KeyError:
return HttpResponseRedirect(reverse('sentry'))
else:
team = None
if project_id:
# Support project id's
if request.user.is_superuser:
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
elif team:
lookup_kwargs = {'slug': project_id, 'team': team}
else:
return HttpResponseRedirect(reverse('sentry'))
try:
project = Project.objects.get_from_cache(**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(slug=project_id)
except Project.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
return HttpResponseRedirect(reverse('sentry'))
else:
project_list = Project.objects.get_for_user(request.user, access, team=team)
if project_id.isdigit():
key = 'id'
value = int(project_id)
elif team:
key = 'slug'
value = project_id
else:
return HttpResponseRedirect(reverse('sentry'))
for p in project_list:
if getattr(p, key) == value:
project = p
break
else:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
if has_project:
# ensure we're accessing this url correctly
if project and team:
if project.team_id != team.id:
return HttpResponseRedirect(reverse('sentry'))
project._team_cache = team
kwargs['project'] = project
if has_team:
kwargs['team'] = team
return func(request, *args, **kwargs)
def dashboard(request):
project_list = get_project_list(request.user, key='slug')
if len(project_list) == 0 and not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return render_to_response('sentry/dashboard.html', {}, request)
def wrapped(request, *args, **kwargs):
if not settings.PUBLIC:
if not request.user.is_authenticated():
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs):
# All requests require authentication
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
if request.is_ajax():
return HttpResponse(status=401)
if 'organization_slug' in kwargs:
redirect_uri = reverse('sentry-auth-organization',
args=[kwargs['organization_slug']])
else:
redirect_uri = get_login_url()
return HttpResponseRedirect(redirect_uri)
has_org = 'organization_slug' in kwargs
has_team = 'team_slug' in kwargs
has_project = 'project_id' in kwargs
organization_slug = kwargs.pop('organization_slug', None)
team_slug = kwargs.pop('team_slug', None)
project_id = kwargs.pop('project_id', None)
assert not has_team or has_org, \
'Must pass organization_slug with team_slug'
if organization_slug:
if not request.user.is_superuser:
if has_team or has_project:
org_access = None
else:
org_access = access
org_list = Organization.objects.get_for_user(
user=request.user,
access=org_access,
)
for o in org_list:
if o.slug == organization_slug:
organization = o
break
else:
logging.debug(
'User %s is not listed in organization with slug %s',
request.user.id, organization_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
try:
organization = Organization.objects.get_from_cache(
slug=organization_slug, )
except Organization.DoesNotExist:
logging.debug(
'Organization with slug %s does not exist',
organization_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
organization = None
if team_slug:
if not request.user.is_superuser:
team_list = Team.objects.get_for_user(
user=request.user,
access=access,
organization=organization,
)
for t in team_list:
if t.slug == team_slug:
team = t
break
else:
logging.debug(
'User %s is not listed in team with slug %s',
request.user.id, team_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
try:
team = Team.objects.get_from_cache(
slug=team_slug,
organization=organization,
)
except Team.DoesNotExist:
logging.debug('Team with slug %s does not exist',
team_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
team = None
if project_id:
# Support project id's
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
elif organization:
lookup_kwargs = {
'slug': project_id,
'organization': organization
}
else:
return HttpResponseRedirect(reverse('sentry'))
try:
project = Project.objects.get_from_cache(**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(
slug=project_id)
except Project.DoesNotExist:
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
if not request.user.is_superuser and not project.has_access(
request.user, access=access):
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
if has_project:
kwargs['project'] = project
if has_team:
kwargs['team'] = team
if has_org:
kwargs['organization'] = organization
return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs):
if not settings.PUBLIC:
if not request.user.is_authenticated():
request.session['_next'] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
def test_cached(self):
# should still be cached
with self.settings(LOGIN_URL='/really-a-404'):
url = get_login_url(False)
self.assertNotEquals(url, '/really-a-404')
def test_as_lazy_url(self):
with self.settings(LOGIN_URL=reverse('sentry-fake-login')):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-fake-login'))
def test_no_value(self):
with self.settings(SENTRY_LOGIN_URL=None):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
def login_url(context):
return get_login_url(request=context['request'])
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs):
# All requests require authentication
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
if request.is_ajax():
return HttpResponse(status=401)
return HttpResponseRedirect(get_login_url())
has_org = 'organization_slug' in kwargs
has_team = 'team_slug' in kwargs
has_project = 'project_id' in kwargs
organization_slug = kwargs.pop('organization_slug', None)
team_slug = kwargs.pop('team_slug', None)
project_id = kwargs.pop('project_id', None)
assert not has_team or has_org, \
'Must pass organization_slug with team_slug'
if organization_slug:
if not request.user.is_superuser:
if has_team or has_project:
org_access = None
else:
org_access = access
org_list = Organization.objects.get_for_user(
user=request.user,
access=org_access,
)
for o in org_list:
if o.slug == organization_slug:
organization = o
break
else:
logging.debug('User %s is not listed in organization with slug %s', request.user.id, organization_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
try:
organization = Organization.objects.get_from_cache(
slug=organization_slug,
)
except Organization.DoesNotExist:
logging.debug('Organization with slug %s does not exist', organization_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
organization = None
if team_slug:
if not request.user.is_superuser:
team_list = Team.objects.get_for_user(
user=request.user,
access=access,
organization=organization,
)
for t in team_list:
if t.slug == team_slug:
team = t
break
else:
logging.debug('User %s is not listed in team with slug %s', request.user.id, team_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
try:
team = Team.objects.get_from_cache(
slug=team_slug,
organization=organization,
)
except Team.DoesNotExist:
logging.debug('Team with slug %s does not exist', team_slug)
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
team = None
if project_id:
# Support project id's
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
elif organization:
lookup_kwargs = {'slug': project_id, 'organization': organization}
else:
return HttpResponseRedirect(reverse('sentry'))
try:
project = Project.objects.get_from_cache(**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(slug=project_id)
except Project.DoesNotExist:
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
if not request.user.is_superuser and not project.has_access(request.user, access=access):
if request.is_ajax():
return HttpResponse(status=400)
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
if has_project:
kwargs['project'] = project
if has_team:
kwargs['team'] = team
if has_org:
kwargs['organization'] = organization
return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs):
# All requests require authentication
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
has_team = 'team_slug' in kwargs
has_project = 'project_id' in kwargs
team_slug = kwargs.pop('team_slug', None)
project_id = kwargs.pop('project_id', None)
# Pull in team if it's part of the URL arguments
if team_slug:
if request.user.is_superuser:
try:
team = Team.objects.get_from_cache(slug=team_slug)
except Team.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
team_list = Team.objects.get_for_user(request.user, access)
try:
team = team_list[team_slug]
except KeyError:
return HttpResponseRedirect(reverse('sentry'))
else:
team = None
if project_id:
# Support project id's
if project_id.isdigit():
lookup_kwargs = {'id': int(project_id)}
else:
lookup_kwargs = {'slug': project_id}
if team:
lookup_kwargs['team'] = team
if request.user.is_superuser:
try:
project = Project.objects.get_from_cache(**lookup_kwargs)
except Project.DoesNotExist:
if project_id.isdigit():
# It could be a numerical slug
try:
project = Project.objects.get_from_cache(slug=project_id)
except Project.DoesNotExist:
return HttpResponseRedirect(reverse('sentry'))
else:
return HttpResponseRedirect(reverse('sentry'))
else:
key, value = lookup_kwargs.items()[0]
project_list = get_project_list(request.user, access, key=key)
try:
project = project_list[value]
except KeyError:
return HttpResponseRedirect(reverse('sentry'))
else:
project = None
if has_project:
# ensure we're accessing this url correctly
if project and team and project.team != team:
return HttpResponseRedirect(reverse('sentry'))
kwargs['project'] = project
if has_team:
kwargs['team'] = team
return func(request, *args, **kwargs)
def test_as_path(self):
with self.settings(LOGIN_URL='/really-a-404'):
url = get_login_url(True)
self.assertEquals(url, reverse('sentry-login'))
def wrapped(request, *args, **kwargs):
if not settings.PUBLIC:
if not request.user.is_authenticated():
request.session['_next'] = request.build_absolute_uri()
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs):
if not request.user.is_authenticated():
request.session['_next'] = request.get_full_path()
return HttpResponseRedirect(get_login_url())
return func(request, *args, **kwargs)
