Example #1
0
    def __check_permissions(self, accepted_group, match_if_all=False):
        """ A function to check user's permission in
        internal factory functions. Accepts `accepted_group` parameter
        must be without `group:` lead part.
        Like: `admins`
        """
        groups = groupfinder(self.username, self.request)

        type_ = type(accepted_group)
        if type_ is str: # single STR group
            if 'group:' + accepted_group in groups:
                return True
            else:
                return False
        elif type_ is list: # multiple permissions
            if match_if_all: # Match all
                for item in accepted_group:
                    if 'group:' + item not in groups:
                        return False
                return True
            else:
                for item in accepted_group:
                    if 'group:' + item in groups:
                        return True
                return False
        else:
            raise TypeError ("Wrong accepted_groups type provided!")
Example #2
0
 def __call__(self):
     # Actual function to run by framework (CBV)
     # TODO: display server IP and maybe some other info which can be loaded only once (will not change during run)
     if not verify_ip(self.request['REMOTE_ADDR']):
         return HTTPForbidden()
     show_settings = False
     username = authenticated_userid(self.request)
     user_groups = groupfinder(username, self.request)
     if user_groups[0] is None: # Deleted user tries to do something
         headers = forget(self.request)
         return HTTPForbidden(headers=headers)
     print ('%s %s %s' % (user_groups, username, show_settings))
     return {'username': username, 'show_settings': show_settings, 'user_groups': user_groups}
Example #3
0
    def vnc_connection(self, username, machine_name, local_user=False):
        """ Function to prepare proxy VNC connection for VM provider """
        global localhost

        # Step 1: can user view this machine at all?
        if not username:
            return False, "Not allowed"
        user_machines = User.get_user_machines_by_name(username)
        if user_machines == [True]:
            pass # Admin
        elif machine_name not in user_machines:
            return False, 'Now allowed'

        # Step 2: Finding your IP to bind to it (this allows remote users to connect)
        if not local_user: # This was added because local user does not store cookies for WAN IP connection.
            sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
            sock.connect(('yandex.ru', 0))
            hostname = sock.getsockname()[0]
        else:
            hostname = localhost

        # Step 3: Finding but not binding free port to run
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        try:
            sock.bind((hostname, 0)) # Asking OS to bind free port on your WAN IP
        except Exception:
            sock.bind(('', 0)) # If failed - on local IP.
            hostname = localhost
        finally:
            listen_port = sock.getsockname()[1] # << Here it is
        del(sock)

        # Step 4: Processing by VM manager
        answer = self.conn.vnc_connection(user_groups=groupfinder(username, None),
                                            machine_name=machine_name,
                                            listen_port=listen_port,
                                            listen_host=hostname,
                                            target_host=localhost)

        # Step 5: Pack answer to client
        return answer
Example #4
0
    def mainline(self):

        if not verify_ip(self.request['REMOTE_ADDR']):
            return HTTPForbidden()

        if groupfinder(self.username, self.request)[0] is None: # Deleted user tries to do something
            headers = forget(self.request)
            return HTTPForbidden(headers=headers)

        # Add to redis info that user is online
        VMC.log_active(authenticated_userid(self.request))

        # Factory to answer for JSON requests
        try:
            func = self.functions[self.json['query']]
        except KeyError:
            # If we have wrong JSON request
            print ('Wrong JSON request: ' + str(self.json.get('query')))
            return {'status': False, 'answer': 'Wrong query'}
        else:
            return func(self)