def account_processor(request): """Provides account information to RequestContext. Returns these variables: - account: This is the nav.models.profiles.Account object representing the current user. - is_admin: Does this user belong to the NAV administrator group - messages: A list of message dictionaries which is meant for the user to see. """ account = get_account(request) admin = is_admin(account) messages = Messages(request) messages = messages.get_and_delete() sudo = get_sudoer(request) my_links = NavbarLink.objects.filter(account=account) tools = sorted(tool_list(account), key=attrgetter('name')) current_user_data = { 'account': account, 'is_admin': admin, 'sudoer': sudo, 'messages': messages, 'my_links': my_links, 'tools': tools, 'split_tools': split_tools(tools) } return { 'current_user_data': current_user_data, }
def sudo(request, other_user): """Switches the current session to become other_user""" if SUDOER_ID_VAR in request.session: # Already logged in as another user. raise SudoRecursionError() if not is_admin(get_account(request)): # Check if sudoer is acctually admin raise SudoNotAdminError() request.session[SUDOER_ID_VAR] = request.account.id request.session[ACCOUNT_ID_VAR] = other_user.id request.session.save() request.account = other_user
def resolve_account_admin_and_owner(request): """Primarily used before saving filters and filter groups. Gets account, checks if user is admin, and sets owner to a appropriate value. """ account = get_account(request) admin = is_admin(account) owner = None if request.POST.get('owner') or not admin: owner = account return account, admin, owner
def resolve_account_admin_and_owner(request): """Primarily used before saving filters and filter groups. Gets account, checks if user is admin, and sets owner to a appropriate value. """ account = get_account(request) admin = is_admin(account) owner = Account() if request.POST.get('owner') or not admin: owner = account return (account, admin, owner)
def find_allowed_vlans_for_user_on_netbox( account: profiles.Account, netbox: manage.Netbox, handler: ManagementHandler = None) -> List[FantasyVlan]: """Finds allowed vlans for this user on this netbox""" netbox_vlans = find_vlans_on_netbox(netbox, handler=handler) if CONFIG.is_vlan_authorization_enabled(): if is_admin(account): allowed_vlans = netbox_vlans else: all_allowed_vlans = find_allowed_vlans_for_user(account) allowed_vlans = intersect(all_allowed_vlans, netbox_vlans) else: allowed_vlans = netbox_vlans return sorted(allowed_vlans, key=attrgetter('vlan'))
def find_allowed_vlans_for_user_on_netbox(account, netbox, factory=None): """Find allowed vlans for this user on this netbox ::returns list of Fantasyvlans """ netbox_vlans = find_vlans_on_netbox(netbox, factory=factory) if CONFIG.is_vlan_authorization_enabled(): if is_admin(account): allowed_vlans = netbox_vlans else: all_allowed_vlans = find_allowed_vlans_for_user(account) allowed_vlans = intersect(all_allowed_vlans, netbox_vlans) else: allowed_vlans = netbox_vlans return sorted(allowed_vlans, key=attrgetter('vlan'))
def sudo(request, other_user): """Switches the current session to become other_user""" if SUDOER_ID_VAR in request.session: # Already logged in as another user. raise SudoRecursionError() if not is_admin(get_account(request)): # Check if sudoer is acctually admin raise SudoNotAdminError() original_user = request.account request.session[SUDOER_ID_VAR] = original_user.id _set_account(request, other_user) _logger.info('Sudo: "%s" acting as "%s"', original_user, other_user) _logger.debug('Sudo: (session: %s, account: %s)', dict(request.session), request.account) LogEntry.add_log_entry(original_user, 'sudo', '{actor} sudoed to {target}', subsystem='auth', target=other_user)
def should_check_access_rights(account): """Return boolean indicating that this user is restricted""" return (CONFIG.is_vlan_authorization_enabled() and not is_admin(account))