def process_request(self, request):
if request.path in ("/logout", "/login", "/", ""):
return None
acl = vAcl()
page = acl.get_page_from_url(request)
userrights = acl.get_page_user_rights(request)
if "admin+" in page:
if page == "admin+menu":
return None
if hasattr(request, "sarvuser") \
and request.sarvuser.pk in PROJECT_ADMINS:
request.__class__.acl = [True,True,True,True]
elif "admin+acl" in page \
and "acl" in request.session \
and page in request.session["acl"] \
and (userrights[3] == True \
or request.sarvuser.pk in PROJECT_ADMINS):
pass
else:
return HttpResponseRedirect("/")
if not "acl" in request.session:
return HttpResponseRedirect("/")
if "acl" in request.session \
and page in request.session["acl"] \
and userrights[0] == False:
return HttpResponseRedirect("/")
else:
request.__class__.acl = userrights
def login_with_password (request):
username = request.POST['username']
password = request.POST['password']
redirect_path = request.META['HTTP_REFERER']
#Test validity of given login information
from django.contrib.auth import authenticate, login
user = authenticate(username = username, password = password)
if user is not None and user.is_active:
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
else:
return HttpResponseRedirect(redirect_path+'?e=login')
request.__class__.user = user
#Set sarvuser session variables
sarvuser = None
try:
sarvuser = SarvUser.objects.using('sarv').get(username=username)
except SarvUser.DoesNotExist:
return HttpResponse("Ei ole lubatud seda lehte vaadata %s" % get_database())
request.session['sarvuser_id'] = sarvuser.id
request.session['database'] = sarvuser.db
#Set user rights per page session variables
from apps.acl.views import Acl as vAcl
request.session['acl'] = vAcl().get_all_user_rights(request)
return HttpResponseRedirect(redirect_path.replace("?e=login", ""))
def process_request(self, request):
if request.path in ("/logout", "/login", "/", ""):
return None
acl = vAcl()
page = acl.get_page_from_url(request)
userrights = acl.get_page_user_rights(request)
if "admin+" in page:
if page == "admin+menu":
return None
if hasattr(request, "sarvuser") \
and request.sarvuser.pk in PROJECT_ADMINS:
request.__class__.acl = [True, True, True, True]
elif "admin+acl" in page \
and "acl" in request.session \
and page in request.session["acl"] \
and (userrights[3] == True \
or request.sarvuser.pk in PROJECT_ADMINS):
pass
else:
return HttpResponseRedirect("/")
if not "acl" in request.session:
return HttpResponseRedirect("/")
if "acl" in request.session \
and page in request.session["acl"] \
and userrights[0] == False:
return HttpResponseRedirect("/")
else:
request.__class__.acl = userrights
def login_with_password(request):
username = request.POST['username']
password = request.POST['password']
redirect_path = request.META['HTTP_REFERER']
#Test validity of given login information
from django.contrib.auth import authenticate, login
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
else:
return HttpResponseRedirect(redirect_path + '?e=login')
request.__class__.user = user
#Set sarvuser session variables
sarvuser = None
try:
sarvuser = SarvUser.objects.using('sarv').get(username=username)
except SarvUser.DoesNotExist:
return HttpResponse("Ei ole lubatud seda lehte vaadata %s" %
get_database())
request.session['sarvuser_id'] = sarvuser.id
request.session['database'] = sarvuser.db
#Set user rights per page session variables
from apps.acl.views import Acl as vAcl
request.session['acl'] = vAcl().get_all_user_rights(request)
return HttpResponseRedirect(redirect_path.replace("?e=login", ""))
def router(self, request, action=False):
response = False
acl = vAcl()
if "add" and hasattr(acl, request.GET.dict()["subaction"]):
response = getattr(acl, request.GET.dict()["subaction"])(request.GET.dict())
else:
print ("no attr")
return HttpResponse(response)
def router(self, request, action=False):
response = False
acl = vAcl()
if "add" and hasattr(acl, request.GET.dict()["subaction"]):
response = getattr(acl,
request.GET.dict()["subaction"])(
request.GET.dict())
else:
print("no attr")
return HttpResponse(response)
def get_page_data(self, request):
p_l=Menu.objects \
.select_related().all() \
.exclude(page__visibility="public") \
.values_list(
"page__pk",
"page__name",
"page__url",
"column") \
.order_by("column", "row")
acl_d=vAcl().get_all_rights_by_user({"obj": True})
users=User.objects.all() \
.order_by("username") \
.values_list("db", "username") \
if request.sarvuser.pk \
in PROJECT_ADMINS\
else User.objects.filter(
db=request.sarvuser.db) \
.order_by("username") \
.values_list("db", "username")
out={}
for u in users:
po_l=[]
g = AclGroup()
g.keyword = u[0]
groups = [g]
c_n=p_l[0][3]
n=0
cn_d={}
for p in p_l:
if not p[2] \
or not c_n == p[3]: #column header
cn_d.update({n:p[1]})
c_n=p[3]
continue
elif p[2] is not None \
and len(p[2]) > 0:
o_d={}
for group in groups:
gkw=group.keyword
try:
x = acl_d[u[1]][gkw][p[0]]
except KeyError:
x = None
o_d.update({gkw:x})
po_l.append({p[1]:[p[0],o_d]})
n+=1
out.update({u[1]: po_l})
return out,[i[1] for i in users], cn_d
def get_page_data(self, request):
p_l=Menu.objects \
.select_related().all() \
.exclude(page__visibility="public") \
.values_list(
"page__pk",
"page__name",
"page__url",
"column") \
.order_by("column", "row")
acl_d = vAcl().get_all_rights_by_user({"obj": True})
users=User.objects.all() \
.order_by("username") \
.values_list("db", "username") \
if request.sarvuser.pk \
in PROJECT_ADMINS\
else User.objects.filter(
db=request.sarvuser.db) \
.order_by("username") \
.values_list("db", "username")
out = {}
for u in users:
po_l = []
g = AclGroup()
g.keyword = u[0]
groups = [g]
c_n = p_l[0][3]
n = 0
cn_d = {}
for p in p_l:
if not p[2] \
or not c_n == p[3]: #column header
cn_d.update({n: p[1]})
c_n = p[3]
continue
elif p[2] is not None \
and len(p[2]) > 0:
o_d = {}
for group in groups:
gkw = group.keyword
try:
x = acl_d[u[1]][gkw][p[0]]
except KeyError:
x = None
o_d.update({gkw: x})
po_l.append({p[1]: [p[0], o_d]})
n += 1
out.update({u[1]: po_l})
return out, [i[1] for i in users], cn_d
def login(request):
if not request.is_secure():
return HttpResponse("Seda lehte saab näha ainult üle https protokolli.")
name = request.__class__.__name__
if name == "WSGIRequest":
env = request.environ
elif name == "ModPythonRequest":
env = request._req.subprocess_env
else:
return HttpResponse("Antud serveri konfiguratsiooniga ei õnnestu seda lehte kasutada.")
verified = env.get("SSL_CLIENT_VERIFY", None)
if verified is None \
or verified != "SUCCESS":
return HttpResponse("Vale PIN") # seda ei tohiks juhtuda, kui on SSLClientVerify require
personal_code = env.get("SSL_CLIENT_S_DN_CN", "").split(",")[2]
sarvuser = None
try:
sarvuser = SarvUser.objects.get(isikukood = personal_code)
if "username" in request.GET.dict() \
and sarvuser.pk in PROJECT_ADMINS:
try:
sarvuser = SarvUser.objects \
.get(username = request.GET.dict()["username"])
except SarvUser.DoesNotExist:
return HttpResponse("Kasutajat ei eksisteeri")
except SarvUser.DoesNotExist:
return HttpResponse("Ei ole lubatud seda lehte vaadata %s" % get_database())
request.session["sarvuser_id"] = sarvuser.id
request.session["database"] = sarvuser.db
request.session["sarvuser"] = sarvuser.username
request.session["database_id"] = sarvuser.database_id
request.session["agent_id"] = sarvuser.id
try:
Session.objects.filter(user=sarvuser.username,active=1) \
.update(active=0,session_end=datetime.now())
except Exception as e:
print(e)
try:
from django.db.models import Q
Session.objects.filter((Q(user=sarvuser.username) & Q(active=1)))
Session.objects.create(
user=sarvuser.username,
active=1,
session_start=datetime.now(),
database_id=sarvuser.database_id,
)
except Exception as e:
print (e)
"""
Set user rights per page session variables
"""
from apps.acl.views import Acl as vAcl
urights = vAcl().get_all_user_rights(request)
if len(urights) > 0:
request.session["acl"] = urights
return HttpResponseRedirect("/")
def login(request):
if not request.is_secure():
return HttpResponse(
"Seda lehte saab näha ainult üle https protokolli.")
name = request.__class__.__name__
if name == "WSGIRequest":
env = request.environ
elif name == "ModPythonRequest":
env = request._req.subprocess_env
else:
return HttpResponse(
"Antud serveri konfiguratsiooniga ei õnnestu seda lehte kasutada.")
verified = env.get("SSL_CLIENT_VERIFY", None)
if verified is None \
or verified != "SUCCESS":
return HttpResponse(
"Vale PIN"
) # seda ei tohiks juhtuda, kui on SSLClientVerify require
personal_code = env.get("SSL_CLIENT_S_DN_CN", "").split(",")[2]
sarvuser = None
try:
sarvuser = SarvUser.objects.get(isikukood=personal_code)
if "username" in request.GET.dict() \
and sarvuser.pk in PROJECT_ADMINS:
try:
sarvuser = SarvUser.objects \
.get(username = request.GET.dict()["username"])
except SarvUser.DoesNotExist:
return HttpResponse("Kasutajat ei eksisteeri")
except SarvUser.DoesNotExist:
return HttpResponse("Ei ole lubatud seda lehte vaadata %s" %
get_database())
request.session["sarvuser_id"] = sarvuser.id
request.session["database"] = sarvuser.db
request.session["sarvuser"] = sarvuser.username
request.session["database_id"] = sarvuser.database_id
request.session["agent_id"] = sarvuser.id
try:
Session.objects.filter(user=sarvuser.username,active=1) \
.update(active=0,session_end=datetime.now())
except Exception as e:
print(e)
try:
from django.db.models import Q
Session.objects.filter((Q(user=sarvuser.username) & Q(active=1)))
Session.objects.create(
user=sarvuser.username,
active=1,
session_start=datetime.now(),
database_id=sarvuser.database_id,
)
except Exception as e:
print(e)
"""
Set user rights per page session variables
"""
from apps.acl.views import Acl as vAcl
urights = vAcl().get_all_user_rights(request)
if len(urights) > 0:
request.session["acl"] = urights
return HttpResponseRedirect("/")
