def resolve_user(request):
user = None
geoserver = False
superuser = False
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
if acl_user:
user = acl_user.username
superuser = acl_user.is_superuser
elif _get_basic_auth_info(request) == ogc_server_settings.credentials:
geoserver = True
superuser = True
else:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
content_type="text/plain")
if not any([user, geoserver, superuser]
) and not request.user.is_anonymous():
user = request.user.username
superuser = request.user.is_superuser
resp = {
'user': user,
'geoserver': geoserver,
'superuser': superuser,
}
if acl_user and acl_user.is_authenticated():
resp['fullname'] = acl_user.get_full_name()
resp['email'] = acl_user.email
return HttpResponse(json.dumps(resp), content_type="application/json")
def resolve_user(request):
user = None
geoserver = False
superuser = False
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
if acl_user:
user = acl_user.username
superuser = acl_user.is_superuser
elif _get_basic_auth_info(request) == ogc_server_settings.credentials:
geoserver = True
superuser = True
else:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
content_type="text/plain")
if not any([user, geoserver, superuser]) and not request.user.is_anonymous:
user = request.user.username
superuser = request.user.is_superuser
resp = {
'user': user,
'geoserver': geoserver,
'superuser': superuser,
}
if acl_user and acl_user.is_authenticated():
resp['fullname'] = acl_user.get_full_name()
resp['email'] = acl_user.email
return HttpResponse(json.dumps(resp), content_type="application/json")
def resolve_user(request):
user = None
geoserver = False
superuser = False
if 'HTTP_AUTHORIZATION' in request.META:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
if acl_user:
user = acl_user.username
superuser = acl_user.is_superuser
elif _get_basic_auth_info(request) == (settings.OGC_SERVER['default']['USER'], settings.OGC_SERVER['default']['PASSWORD']):
geoserver = True
superuser = True
else:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
if not any([user, geoserver, superuser]) and not request.user.is_anonymous():
user = request.user.username
superuser = request.user.is_superuser
resp = {
'user' : user,
'geoserver' : geoserver,
'superuser' : superuser,
}
if acl_user.is_authenticated():
resp['fullname'] = acl_user.get_full_name()
resp['email'] = acl_user.email
return HttpResponse(json.dumps(resp))
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and
username == ogc_server_settings.USER and
password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(json.dumps(result), mimetype="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
# Include permissions on the anonymous user
all_readable = get_objects_for_user(acl_user, 'base.view_resourcebase')
all_writable = get_objects_for_user(acl_user, 'base.change_resourcebase')
read_only = [x.layer.typename for x in all_readable if x not in all_writable and hasattr(x, 'layer')]
read_write = [x.layer.typename for x in all_writable if x in all_readable and hasattr(x, 'layer')]
result = {
'rw': read_write,
'ro': read_only,
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.first_name
result['email'] = acl_user.email
return HttpResponse(json.dumps(result), mimetype="application/json")
def resolve_user(request):
user = None
geoserver = False
superuser = False
if 'HTTP_AUTHORIZATION' in request.META:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
if acl_user:
user = acl_user.username
superuser = acl_user.is_superuser
elif _get_basic_auth_info(request) == settings.GEOSERVER_CREDENTIALS:
geoserver = True
superuser = True
if not any([user, geoserver, superuser]) and not request.user.is_anonymous():
user = request.user.username
superuser = request.user.is_superuser
return HttpResponse(json.dumps({
'user' : user,
'geoserver' : geoserver,
'superuser' : superuser
}))
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if "HTTP_AUTHORIZATION" in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if acl_user is None and username == ogc_server_settings.USER and password == ogc_server_settings.PASSWORD:
# great, tell geoserver it's an admin.
result = {"rw": [], "ro": [], "name": username, "is_superuser": True, "is_anonymous": False}
return HttpResponse(json.dumps(result), content_type="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."), status=401, content_type="text/plain")
# Include permissions on the anonymous user
# use of polymorphic selectors/functions to optimize performances
resources_readable = get_objects_for_user(
acl_user, "view_resourcebase", ResourceBase.objects.instance_of(Layer)
).values_list("id", flat=True)
layer_writable = get_objects_for_user(acl_user, "change_layer_data", Layer.objects.all())
_read = set(Layer.objects.filter(id__in=resources_readable).values_list("typename", flat=True))
_write = set(layer_writable.values_list("typename", flat=True))
read_only = _read ^ _write
read_write = _read & _write
result = {
"rw": list(read_write),
"ro": list(read_only),
"name": acl_user.username,
"is_superuser": acl_user.is_superuser,
"is_anonymous": acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result["fullname"] = acl_user.get_full_name()
result["email"] = acl_user.email
return HttpResponse(json.dumps(result), content_type="application/json")
def resolve_user(request):
user = None
geoserver = False
superuser = False
if 'HTTP_AUTHORIZATION' in request.META:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
if acl_user:
user = acl_user.username
superuser = acl_user.is_superuser
elif _get_basic_auth_info(request) == settings.GEOSERVER_CREDENTIALS:
geoserver = True
superuser = True
if not any([user, geoserver, superuser
]) and not request.user.is_anonymous():
user = request.user.username
superuser = request.user.is_superuser
return HttpResponse(
json.dumps({
'user': user,
'geoserver': geoserver,
'superuser': superuser
}))
def dispatch(self, *args, **kwargs):
user = self.request.user
logger.debug(self.request)
if not user.is_authenticated() and self.request.META.get('HTTP_AUTHORIZATION'):
try:
logger.debug("User is not logged in, but the request has basic auth headers. Attempting to log "
"the user in.")
username, password = _get_basic_auth_info(self.request)
user = authenticate(username=username, password=password)
logger.debug("Able to log user in: {0}".format(user.is_authenticated()))
except Exception, e:
logger.debug(e)
return self.unauthenticated_response
def dispatch(self, *args, **kwargs):
user = self.request.user
logger.debug(self.request)
if not user.is_authenticated() and self.request.META.get(
'HTTP_AUTHORIZATION'):
try:
logger.debug(
"User is not logged in, but the request has basic auth headers. Attempting to log "
"the user in.")
username, password = _get_basic_auth_info(self.request)
user = authenticate(username=username, password=password)
logger.debug("Able to log user in: {0}".format(
user.is_authenticated()))
except Exception, e:
logger.debug(e)
return self.unauthenticated_response
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and username == ogc_server_settings.USER
and password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(json.dumps(result),
content_type="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
content_type="text/plain")
# Include permissions on the anonymous user
# use of polymorphic selectors/functions to optimize performances
resources_readable = get_objects_for_user(
acl_user, 'view_resourcebase',
ResourceBase.objects.instance_of(Layer)).values_list('id', flat=True)
layer_writable = get_objects_for_user(acl_user, 'change_layer_data',
Layer.objects.all())
_read = set(
Layer.objects.filter(id__in=resources_readable).values_list(
'alternate', flat=True))
_write = set(layer_writable.values_list('alternate', flat=True))
read_only = _read ^ _write
read_write = _read & _write
result = {
'rw': list(read_write),
'ro': list(read_only),
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.get_full_name()
result['email'] = acl_user.email
return HttpResponse(json.dumps(result), content_type="application/json")
def layer_acls(request):
from geonode.utils import http_client, _get_basic_auth_info
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and username == ogc_server_settings.USER
and password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(json.dumps(result),
mimetype="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
all_readable = set()
all_writable = set()
for bck in get_auth_backends():
if hasattr(bck, 'objects_with_perm'):
all_readable.update(
bck.objects_with_perm(acl_user, 'layers.view_layer', Layer))
all_writable.update(
bck.objects_with_perm(acl_user, 'layers.change_layer', Layer))
read_only = [x for x in all_readable if x not in all_writable]
read_write = [x for x in all_writable if x in all_readable]
read_only = [
x[0] for x in Layer.objects.filter(
id__in=read_only).values_list('typename').all()
]
read_write = [
x[0] for x in Layer.objects.filter(
id__in=read_write).values_list('typename').all()
]
result = {
'rw': read_write,
'ro': read_only,
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.profile.name
result['email'] = acl_user.profile.email
return HttpResponse(json.dumps(result), mimetype="application/json")
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and
username == ogc_server_settings.USER and
password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(json.dumps(result), mimetype="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
all_readable = set()
all_writable = set()
for bck in get_auth_backends():
if hasattr(bck, 'objects_with_perm'):
all_readable.update(bck.objects_with_perm(acl_user,
'layers.view_layer',
Layer))
all_writable.update(bck.objects_with_perm(acl_user,
'layers.change_layer',
Layer))
read_only = [x for x in all_readable if x not in all_writable]
read_write = [x for x in all_writable if x in all_readable]
read_only = [x[0] for x in Layer.objects.filter(id__in=read_only).values_list('typename').all()]
read_write = [x[0] for x in Layer.objects.filter(id__in=read_write).values_list('typename').all()]
result = {
'rw': read_write,
'ro': read_only,
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.profile.name
result['email'] = acl_user.profile.email
return HttpResponse(json.dumps(result), mimetype="application/json")
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and username == ogc_server_settings.USER
and password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(json.dumps(result),
mimetype="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
# Include permissions on the anonymous user
all_readable = get_objects_for_user(acl_user, 'base.view_resourcebase')
all_writable = get_objects_for_user(acl_user, 'base.change_resourcebase')
read_only = [
x.layer.typename for x in all_readable
if x not in all_writable and hasattr(x, 'layer')
]
read_write = [
x.layer.typename for x in all_writable
if x in all_readable and hasattr(x, 'layer')
]
result = {
'rw': read_write,
'ro': read_only,
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.first_name
result['email'] = acl_user.email
return HttpResponse(json.dumps(result), mimetype="application/json")
def layer_acls(request):
"""
returns json-encoded lists of layer identifiers that
represent the sets of read-write and read-only layers
for the currently authenticated user.
"""
# the layer_acls view supports basic auth, and a special
# user which represents the geoserver administrator that
# is not present in django.
acl_user = request.user
if 'HTTP_AUTHORIZATION' in request.META:
try:
username, password = _get_basic_auth_info(request)
acl_user = authenticate(username=username, password=password)
# Nope, is it the special geoserver user?
if (acl_user is None and
username == ogc_server_settings.USER and
password == ogc_server_settings.PASSWORD):
# great, tell geoserver it's an admin.
result = {
'rw': [],
'ro': [],
'name': username,
'is_superuser': True,
'is_anonymous': False
}
return HttpResponse(
json.dumps(result),
mimetype="application/json")
except Exception:
pass
if acl_user is None:
return HttpResponse(_("Bad HTTP Authorization Credentials."),
status=401,
mimetype="text/plain")
# Include permissions on the anonymous user
# use of polymorphic selectors/functions to optimize performances
layer_readable = get_objects_for_user(acl_user, 'view_resourcebase',
ResourceBase.objects.instance_of(Layer))
layer_writable = get_objects_for_user(acl_user, 'change_layer_data',
Layer.objects.all())
_read = set([l.typename for l in layer_readable.get_real_instances()])
_write = set(layer_writable.values_list('typename', flat=True))
read_only = _read ^ _write
read_write = _read & _write
result = {
'rw': list(read_write),
'ro': list(read_only),
'name': acl_user.username,
'is_superuser': acl_user.is_superuser,
'is_anonymous': acl_user.is_anonymous(),
}
if acl_user.is_authenticated():
result['fullname'] = acl_user.get_full_name()
result['email'] = acl_user.email
return HttpResponse(json.dumps(result), mimetype="application/json")