def run(self, *args, **named_args):
request = args[0]
user_service = UserService()
netid = user_service.get_user()
if not netid:
return invalid_session()
if "GET" == request.META['REQUEST_METHOD']:
if hasattr(self, "GET"):
return self.GET(*args, **named_args)
else:
return invalid_method()
elif "POST" == request.META['REQUEST_METHOD']:
if hasattr(self, "POST"):
return self.POST(*args, **named_args)
else:
return invalid_method()
elif "PUT" == request.META['REQUEST_METHOD']:
if hasattr(self, "PUT"):
return self.PUT(*args, **named_args)
else:
return invalid_method()
elif "DELETE" == request.META['REQUEST_METHOD']:
if hasattr(self, "DELETE"):
return self.DELETE(*args, **named_args)
else:
return invalid_method()
else:
return invalid_method()
def _get_user():
user_svc = UserService()
override_userid = user_svc.get_override_user()
actual_userid = user_svc.get_original_user()
log_userid = {'user': actual_userid}
if override_userid:
log_userid['override-as'] = override_userid
return log_userid
def filter(self, record):
from userservice.user import UserService
user_service = UserService()
try:
record.user = user_service.get_original_user() or "-"
record.actas = (user_service.get_user() or "-").lower()
except Exception as ex:
record.user = "******"
record.actas = "-"
return True
def filter(self, record):
from userservice.user import UserService
user_service = UserService()
try:
record.user = user_service.get_original_user() or "-"
record.actas = (user_service.get_user() or "-").lower()
except Exception as ex:
record.user = "******"
record.actas = "-"
return True
def user(request):
try:
user_fullname = person_display_name(person_from_user())
except Exception as ex:
user_fullname = None
user_service = UserService()
return {
"user_login": user_service.get_user(),
"user_fullname": user_fullname,
"override_user": user_service.get_override_user(),
}
def override(request):
logger = logging.getLogger(__name__)
user_service = UserService()
user_service.get_user()
override_error_username = None
override_error_msg = None
# Do the group auth here.
if not hasattr(settings, "USERSERVICE_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using USERSERVICE_ADMIN_GROUP="foo_group"'
raise Exception("Missing USERSERVICE_ADMIN_GROUP in settings")
actual_user = user_service.get_original_user()
if not actual_user:
raise Exception("No user in session")
g = Group()
group_name = settings.USERSERVICE_ADMIN_GROUP
is_admin = g.is_member_of_group(actual_user, group_name)
if is_admin is False:
return render_to_response('no_access.html', {})
context = {}
if request.method == "POST":
_handle_post(request, context)
try:
extra_template = "userservice/user_override_extra_info.html"
template.loader.get_template(extra_template)
context['has_extra_template'] = True
context['extra_template'] = 'userservice/user_override_extra_info.html'
except template.TemplateDoesNotExist:
# This is a fine exception - there doesn't need to be an extra info
# template
pass
try:
template.loader.get_template("userservice/user_override_wrapper.html")
context['wrapper_template'] = 'userservice/user_override_wrapper.html'
except template.TemplateDoesNotExist:
context['wrapper_template'] = 'support_wrapper.html'
# This is a fine exception - there doesn't need to be an extra info
# template
pass
add_session_context(request, context)
add_date_term_info(request, context)
add_seen_registration_context(request, context)
return render_to_response("display_dates/override.html", context,
context_instance=RequestContext(request))
def override(request):
logger = logging.getLogger(__name__)
user_service = UserService()
user_service.get_user()
override_error_username = None
override_error_msg = None
# Do the group auth here.
if not hasattr(settings, "USERSERVICE_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using USERSERVICE_ADMIN_GROUP="foo_group"'
raise Exception("Missing USERSERVICE_ADMIN_GROUP in settings")
actual_user = user_service.get_original_user()
if not actual_user:
raise Exception("No user in session")
g = Group()
group_name = settings.USERSERVICE_ADMIN_GROUP
is_admin = g.is_member_of_group(actual_user, group_name)
if is_admin is False:
return render(request, 'no_access.html', {})
context = {}
if request.method == "POST":
_handle_post(request, context)
try:
extra_template = "userservice/user_override_extra_info.html"
template.loader.get_template(extra_template)
context['has_extra_template'] = True
context['extra_template'] = 'userservice/user_override_extra_info.html'
except template.TemplateDoesNotExist:
# This is a fine exception - there doesn't need to be an extra info
# template
pass
try:
template.loader.get_template("userservice/user_override_wrapper.html")
context['wrapper_template'] = 'userservice/user_override_wrapper.html'
except template.TemplateDoesNotExist:
context['wrapper_template'] = 'support_wrapper.html'
# This is a fine exception - there doesn't need to be an extra info
# template
pass
add_session_context(request, context)
add_date_term_info(request, context)
add_seen_registration_context(request, context)
return render(request, "display_dates/override.html", context)
def user(request):
user_service = UserService()
try:
user = person_from_username(user_service.get_user())
user_fullname = display_name(user.first_name, user.surname)
except Exception as ex:
user_fullname = None
return {
"user_login": user_service.get_user(),
"user_fullname": user_fullname,
"override_user": user_service.get_override_user(),
}
def delete(self, request, quarter, collection_type, collection_id, *args,
**kwargs):
params = json.loads(request.body)
comment = params.get('comment')
user = UserService().get_original_user()
try:
apps = get_applications_by_type_id_qtr(collection_type,
collection_id, quarter)
import_args = {
'quarter': int(quarter),
'campus': 0,
'comment': comment,
'created_by': user
}
if collection_type == "purplegold":
reset_purplegold(import_args, apps)
else:
if collection_type == "cohort":
import_args['cohort'] = 0
if collection_type == "major":
import_args['major'] = "none"
assignment_import = \
AssignmentImport.objects.create(**import_args)
Assignment.create_from_applications(assignment_import, apps)
reset_collection(assignment_import, collection_type)
return self.json_response()
except Exception:
return self.error_response(status=400)
def recorders(request, template='scheduler/recorders.html'):
user = UserService().get_original_user()
if not Group().is_member_of_group(user, settings.PANOPTO_ADMIN_GROUP):
return HttpResponseRedirect("/")
status_code = 200
try:
term = get_current_term()
except DataFailureException as ex:
logger.exception(ex)
raise StudentWebServiceUnavailable()
t = loader.get_template(template)
c = RequestContext(
request, {
'canvas_host':
settings.RESTCLIENTS_CANVAS_HOST if hasattr(
settings, 'RESTCLIENTS_CANVAS_HOST') else '',
'panopto_server':
settings.PANOPTO_SERVER
if hasattr(settings, 'PANOPTO_SERVER') else '',
'STATIC_URL':
settings.STATIC_URL,
})
return HttpResponse(t.render(c), status=status_code)
def wrapper(*args, **kwargs):
if not hasattr(settings, "RESTCLIENTS_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using RESTCLIENTS_ADMIN_GROUP="u_foo_bar"'
raise Exception("Missing RESTCLIENTS_ADMIN_GROUP in settings")
user_service = UserService()
actual_user = user_service.get_original_user()
g = Group()
is_admin = g.is_member_of_group(actual_user,
settings.RESTCLIENTS_ADMIN_GROUP)
if not is_admin:
return HttpResponseRedirect("/")
return view_func(*args, **kwargs)
def get_logging_userid():
"""
Return <actual user netid> acting_as: <override user netid> if
the user is acting as someone else, otherwise
<actual user netid> no_override: <actual user netid>
"""
user_svc = UserService()
override_userid = user_svc.get_override_user()
actual_userid = user_svc.get_original_user()
log_format = 'base_user: %s acting_user: %s is_override: %s'
try:
if override_userid:
log_userid = log_format % (actual_userid, override_userid, 'true')
else:
log_userid = log_format % (actual_userid, actual_userid, 'false')
except TypeError:
return None
return log_userid
def get_logging_userid():
"""
Return <actual user netid> acting_as: <override user netid> if
the user is acting as someone else, otherwise
<actual user netid> no_override: <actual user netid>
"""
user_svc = UserService()
override_userid = user_svc.get_override_user()
actual_userid = user_svc.get_original_user()
log_format = 'base_user: %s acting_user: %s is_override: %s'
try:
if override_userid:
log_userid = log_format % (actual_userid, override_userid, 'true')
else:
log_userid = log_format % (actual_userid, actual_userid, 'false')
except TypeError:
return None
return log_userid
def post(self, request, *args, **kwargs):
timer = Timer()
try:
accept = json.loads(request.read())
accept_id = accept['accept_id']
except KeyError:
return invalid_session(logger, timer)
user_service = UserService()
netid = user_service.get_user()
if not netid:
return invalid_session(logger, timer)
original_user = user_service.get_original_user()
acted_as = None if (netid == original_user) else original_user
records = EndorsementRecord.objects.get_accept_endorsement(accept_id)
if len(records) != 1:
return invalid_session(logger, timer)
record = records[0]
is_o365 = (
record.category_code == EndorsementRecord.OFFICE_365_ENDORSEE)
is_google = (
record.category_code == EndorsementRecord.GOOGLE_SUITE_ENDORSEE)
if is_o365:
json_data = store_office365_endorsement(
record.endorser, record.endorsee,
acted_as, record.reason).json_data()
elif is_google:
json_data = store_google_endorsement(
record.endorser, record.endorsee,
acted_as, record.reason).json_data()
json_data['is_o365'] = is_o365
json_data['is_google'] = is_google
return self.json_response(json_data)
def supportools_globals(request):
params = {
"supporttools_user":
UserService().get_original_user(),
"supporttools_parent_app":
getattr(settings, "SUPPORTTOOLS_PARENT_APP", ""),
"supporttools_parent_app_url":
getattr(settings, "SUPPORTTOOLS_PARENT_APP_URL", "/"),
"supporttools_extra_views":
getattr(settings, "SUPPORTTOOLS_EXTRA_VIEWS", {}),
}
return (params)
def put(self, request, upload_id, *args, **kwargs):
request_params = json.loads(request.body)
is_reassign = request_params.get('is_reassign', False)
is_reassign_protected = request_params.get('is_reassign_protected',
False)
# reassign is required to be true to reassign protected
if is_reassign_protected:
is_reassign = True
is_submitted = request_params.get('is_submitted', False)
ids_to_delete = request_params.get('to_delete', [])
comment = request_params.get('comment', '')
major_id = request_params.get('major_id')
cohort_id = request_params.get('cohort_id')
user = UserService().get_original_user()
is_purplegold = request_params.get('purplegold')
try:
upload = None
if is_purplegold:
upload = PurpleGoldImport.objects.get(id=upload_id)
else:
upload = SyskeyImport.objects.get(id=upload_id)
if cohort_id:
upload.cohort = cohort_id
if major_id:
upload.major = major_id
upload.is_reassign = is_reassign
upload.is_reassign_protected = is_reassign_protected
upload.remove_assignments(ids_to_delete)
# Using logged in user for bulk upload
upload.created_by = user
upload.is_submitted = is_submitted
upload.comment = comment
upload.save()
response = upload.json_data()
if is_submitted:
(imp, post_body) = _get_collection(upload)
response['request'] = post_body.json_data()
try:
submission = submit_collection(upload)
except DataFailureException as ex:
if "timeout" in str(ex):
return self.json_response(status=202, content=response)
else:
return self.error_response(543, message=ex)
return self.json_response(status=200, content=response)
except ObjectDoesNotExist as ex:
return self.error_response(404, message=ex)
def post(self, request, *args, **kwargs):
user = UserService().get_acting_user()
try:
imp = None
request_body = json.loads(request.body)
is_purplegold = request_body.get("is_purplegold", False)
if is_purplegold:
imp = PurpleGoldImport.create_from_json(request_body, user)
pass
else:
imp = SyskeyImport.create_from_json(request_body, user)
content = imp.json_data()
return self.json_response(status=200, content=content)
except (AttributeError, IntegrityError) as ex:
return self.error_response(status=400, message=ex)
def filter(self, record):
user_service = UserService()
record.user = user_service.get_original_user() or "-"
record.actas = (user_service.get_user() or "-").lower()
return True
def proxy(request, service, url):
user_service = UserService()
actual_user = user_service.get_original_user()
use_pre = False
headers = {}
if service == "sws":
dao = SWS_DAO()
headers["X-UW-Act-as"] = actual_user
elif service == "pws":
dao = PWS_DAO()
elif service == "gws":
dao = GWS_DAO()
elif service == "nws":
dao = NWS_DAO()
elif service == "hfs":
dao = Hfs_DAO()
elif service == "book":
dao = Book_DAO()
elif service == "canvas":
dao = Canvas_DAO()
elif service == "grad":
dao = Grad_DAO()
elif service == "uwnetid":
dao = Uwnetid_DAO()
elif service == "libraries":
dao = MyLibInfo_DAO()
elif service == "libcurrics":
dao = LibCurrics_DAO()
elif service == "myplan":
dao = MyPlan_DAO()
elif service == "iasystem":
dao = IASYSTEM_DAO()
headers = {"Accept": "application/vnd.collection+json"}
subdomain = None
if url.endswith('/evaluation'):
if url.startswith('uwb/') or url.startswith('uwt/'):
subdomain = url[:3]
url = url[4:]
else:
subdomain = url[:2]
url = url[3:]
elif service == "calendar":
dao = TrumbaCalendar_DAO()
use_pre = True
else:
return HttpResponseNotFound("Unknown service: %s" % service)
url = "/%s" % quote(url)
if request.GET:
try:
url = "%s?%s" % (url, urlencode(request.GET))
except UnicodeEncodeError:
err = "Bad URL param given to the restclients browser"
return HttpResponse(err)
start = time()
try:
if service == "iasystem" and subdomain is not None:
response = dao.getURL(url, headers, subdomain)
else:
if service == "libcurrics":
if "?campus=" in url:
url = url.replace("?campus=", "/")
elif "course?" in url:
url_prefix = re.sub(r'\?.*$', "", url)
url = "%s/%s/%s/%s/%s/%s" % (
url_prefix,
request.GET["year"],
request.GET["quarter"],
request.GET["curriculum_abbr"].replace(" ", "%20"),
request.GET["course_number"],
request.GET["section_id"])
response = dao.getURL(url, headers)
except Exception as ex:
response = MockHTTP()
response.status = 500
response.data = str(ex)
end = time()
# Assume json, and try to format it.
try:
if not use_pre:
content = format_json(service, response.data)
json_data = response.data
else:
content = response.data
json_data = None
except Exception as e:
content = format_html(service, response.data)
json_data = None
context = {
"url": unquote(url),
"content": content,
"json_data": json_data,
"response_code": response.status,
"time_taken": "%f seconds" % (end - start),
"headers": response.headers,
"override_user": user_service.get_override_user(),
"use_pre": use_pre,
}
try:
loader.get_template("restclients/extra_info.html")
context["has_extra_template"] = True
context["extra_template"] = "restclients/extra_info.html"
except TemplateDoesNotExist:
pass
set_wrapper_template(context)
try:
search_template_path = re.sub(r"\..*$", "", url)
search_template = "proxy/%s%s.html" % (service, search_template_path)
loader.get_template(search_template)
context["search_template"] = search_template
context["search"] = format_search_params(url)
except TemplateDoesNotExist:
context["search_template"] = None
return render(request, "proxy.html", context)
def proxy(request, service, url):
if not hasattr(settings, "RESTCLIENTS_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using RESTCLIENTS_ADMIN_GROUP="u_foo_bar"'
raise Exception("Missing RESTCLIENTS_ADMIN_GROUP in settings")
user_service = UserService()
actual_user = user_service.get_original_user()
g = Group()
is_admin = g.is_member_of_group(actual_user,
settings.RESTCLIENTS_ADMIN_GROUP)
if not is_admin:
return HttpResponseRedirect("/")
use_pre = False
headers = {}
if service == "sws":
dao = SWS_DAO()
headers["X-UW-Act-as"] = actual_user
elif service == "pws":
dao = PWS_DAO()
elif service == "gws":
dao = GWS_DAO()
elif service == "nws":
dao = NWS_DAO()
elif service == "hfs":
dao = Hfs_DAO()
elif service == "book":
dao = Book_DAO()
elif service == "canvas":
dao = Canvas_DAO()
elif service == "grad":
dao = Grad_DAO()
elif service == "uwnetid":
dao = Uwnetid_DAO()
elif service == "libraries":
dao = MyLibInfo_DAO()
elif service == "libcurrics":
dao = LibCurrics_DAO()
elif service == "myplan":
dao = MyPlan_DAO()
elif service == "iasystem":
dao = IASYSTEM_DAO()
headers = {"Accept": "application/vnd.collection+json"}
subdomain = None
if url.endswith('/evaluation'):
if url.startswith('uwb/') or url.startswith('uwt/'):
subdomain = url[:3]
url = url[4:]
else:
subdomain = url[:2]
url = url[3:]
elif service == "calendar":
dao = TrumbaCalendar_DAO()
use_pre = True
else:
return HttpResponseNotFound("Unknown service: %s" % service)
url = "/%s" % quote(url)
if request.GET:
try:
url = "%s?%s" % (url, urlencode(request.GET))
except UnicodeEncodeError:
err = "Bad URL param given to the restclients browser"
return HttpResponse(err)
start = time()
try:
if service == "iasystem" and subdomain is not None:
response = dao.getURL(url, headers, subdomain)
else:
response = dao.getURL(url, headers)
except Exception as ex:
response = MockHTTP()
response.status = 500
response.data = str(ex)
end = time()
# Assume json, and try to format it.
try:
if not use_pre:
content = format_json(service, response.data)
json_data = response.data
else:
content = response.data
json_data = None
except Exception as e:
content = format_html(service, response.data)
json_data = None
context = {
"url": unquote(url),
"content": content,
"json_data": json_data,
"response_code": response.status,
"time_taken": "%f seconds" % (end - start),
"headers": response.headers,
"override_user": user_service.get_override_user(),
"use_pre": use_pre,
}
try:
loader.get_template("restclients/extra_info.html")
context["has_extra_template"] = True
context["extra_template"] = "restclients/extra_info.html"
except TemplateDoesNotExist:
pass
try:
loader.get_template("restclients/proxy_wrapper.html")
context["wrapper_template"] = "restclients/proxy_wrapper.html"
except TemplateDoesNotExist:
context["wrapper_template"] = "proxy_wrapper.html"
try:
search_template_path = re.sub(r"\..*$", "", url)
search_template = "proxy/%s%s.html" % (service, search_template_path)
loader.get_template(search_template)
context["search_template"] = search_template
context["search"] = format_search_params(url)
except TemplateDoesNotExist:
context["search_template"] = None
return render_to_response("proxy.html",
context,
context_instance=RequestContext(request))
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context["user"] = {"netid": UserService().get_user()}
return context
def filter(self, record):
user_service = UserService()
record.user = user_service.get_original_user() or "-"
record.actas = (user_service.get_user() or "-").lower()
return True
def get_netid_of_current_user():
return UserService().get_user()
def proxy(request, service, url):
if not hasattr(settings, "RESTCLIENTS_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using RESTCLIENTS_ADMIN_GROUP="u_foo_bar"'
raise Exception("Missing RESTCLIENTS_ADMIN_GROUP in settings")
user_service = UserService()
actual_user = user_service.get_original_user()
g = Group()
is_admin = g.is_member_of_group(actual_user, settings.RESTCLIENTS_ADMIN_GROUP)
if not is_admin:
return HttpResponseRedirect("/")
use_pre = False
headers = {}
if service == "sws":
dao = SWS_DAO()
headers["X-UW-Act-as"] = actual_user
elif service == "pws":
dao = PWS_DAO()
elif service == "gws":
dao = GWS_DAO()
elif service == "nws":
dao = NWS_DAO()
elif service == "hfs":
dao = Hfs_DAO()
elif service == "book":
dao = Book_DAO()
elif service == "canvas":
dao = Canvas_DAO()
elif service == "uwnetid":
dao = Uwnetid_DAO()
elif service == "libraries":
dao = Libraries_DAO()
elif service == "myplan":
dao = MyPlan_DAO()
elif service == "calendar":
dao = TrumbaCalendar_DAO()
use_pre = True
else:
return HttpResponseNotFound("Unknown service: %s" % service)
url = "/%s" % quote(url)
if request.GET:
url = "%s?%s" % (url, urlencode(request.GET))
start = time()
try:
response = dao.getURL(url, headers)
except Exception as ex:
response = MockHTTP()
response.status = 500
response.data = str(ex)
end = time()
# Assume json, and try to format it.
try:
if not use_pre:
content = format_json(service, response.data)
json_data = response.data;
else:
content = response.data
json_data = None
except Exception as e:
content = format_html(service, response.data)
json_data = None;
context = {
"url": unquote(url),
"content": content,
"json_data": json_data,
"response_code": response.status,
"time_taken": "%f seconds" % (end - start),
"headers": response.headers,
"override_user": user_service.get_override_user(),
"use_pre": use_pre,
}
try:
loader.get_template("restclients/extra_info.html")
context["has_extra_template"] = True
context["extra_template"] = "restclients/extra_info.html"
except TemplateDoesNotExist:
pass
try:
loader.get_template("restclients/proxy_wrapper.html")
context["wrapper_template"] = "restclients/proxy_wrapper.html"
except TemplateDoesNotExist:
context["wrapper_template"] = "proxy_wrapper.html"
try:
search_template_path = re.sub(r"\..*$", "", url)
search_template = "proxy/%s%s.html" % (service, search_template_path)
loader.get_template(search_template)
context["search_template"] = search_template
context["search"] = format_search_params(url)
except TemplateDoesNotExist:
context["search_template"] = None
return render_to_response("proxy.html",
context,
context_instance=RequestContext(request))
def support(request):
#timer = Timer()
logger = logging.getLogger(__name__)
user_service = UserService()
user_service.get_user()
override_error_username = None
override_error_msg = None
# Do the group auth here.
if not hasattr(settings, "USERSERVICE_ADMIN_GROUP"):
print "You must have a group defined as your admin group."
print 'Configure that using USERSERVICE_ADMIN_GROUP="foo_group"'
raise Exception("Missing USERSERVICE_ADMIN_GROUP in settings")
actual_user = user_service.get_original_user()
if not actual_user:
raise Exception("No user in session")
g = Group()
group_name = settings.USERSERVICE_ADMIN_GROUP
is_admin = g.is_member_of_group(actual_user, group_name)
if is_admin == False:
return render_to_response('no_access.html', {})
if "override_as" in request.POST:
new_user = request.POST["override_as"].strip()
validation_module = _get_validation_module()
validation_error = validation_module(new_user)
if validation_error is None:
logger.info("%s is impersonating %s",
user_service.get_original_user(),
new_user)
user_service.set_override_user(new_user)
else:
override_error_username = new_user
override_error_msg = validation_error
if "clear_override" in request.POST:
logger.info("%s is ending impersonation of %s",
user_service.get_original_user(),
user_service.get_override_user())
user_service.clear_override()
context = {
'original_user': user_service.get_original_user(),
'override_user': user_service.get_override_user(),
'override_error_username': override_error_username,
'override_error_msg': override_error_msg,
}
try:
template.loader.get_template("userservice/user_override_extra_info.html")
context['has_extra_template'] = True
except template.TemplateDoesNotExist:
# This is a fine exception - there doesn't need to be an extra info
# template
pass
return render_to_response('support.html',
context,
context_instance=RequestContext(request))
