def dashboard(request): project_list = get_project_list(request.user, key='slug') if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) if project_list: cutoff = datetime.datetime.now() - datetime.timedelta(days=1) base_qs = Group.objects.filter( project__in=project_list.values(), status=0, ).select_related('project').order_by('-score') top_event_list = list(base_qs.filter( last_seen__gte=cutoff )[:10]) new_event_list = list(base_qs.filter( first_seen__gte=cutoff, )[:10]) else: top_event_list = None new_event_list = None return render_to_response('sentry/dashboard.html', { 'top_event_list': top_event_list, 'new_event_list': new_event_list, }, request)
def edit_user(request, user_id): if not request.is_superuser(): return HttpResponseRedirect(get_login_url()) try: user = User.objects.get(pk=user_id) except User.DoesNotExist: return HttpResponseRedirect(reverse('sentry-admin-users')) form = ChangeUserForm(request.POST or None, instance=user) if form.is_valid(): user = form.save() return HttpResponseRedirect(reverse('sentry-admin-users')) project_list = Project.objects.filter( status=0, organization__member_set__user=user, ).order_by('-date_added') context = { 'form': form, 'the_user': user, 'project_list': project_list, } context.update(csrf(request)) return render_to_response('sentry/admin/users/edit.html', context, request)
def dashboard(request): project_list = get_project_list(request.user, key='slug') if len(project_list) == 1: return HttpResponseRedirect(reverse('sentry', kwargs={'project_id': project_list.keys()[0]})) if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) return render_to_response('sentry/dashboard.html', request=request)
def wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) if not request.user.is_staff: return render_to_response('sentry/missing_permissions.html', status=400) return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): request.session['_next'] = request.build_absolute_uri() return HttpResponseRedirect(get_login_url()) if not request.user.is_staff: return render_to_response('sentry/missing_permissions.html', status=400) return func(request, *args, **kwargs)
def dashboard(request): project_list = get_project_list(request.user, key='slug') if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) if project_list: cutoff = datetime.datetime.now() - datetime.timedelta(days=1) base_qs = Group.objects.filter( project__in=project_list.values(), status=0, ).select_related('project').order_by('-score') # TODO: change this to calculate the most frequent events in the time period, # not just events seen within the time period that have at one time been frequent top_event_list = list(base_qs.filter( last_seen__gte=cutoff )[:10]) new_event_list = list(base_qs.filter( active_at__gte=cutoff, )[:10]) else: top_event_list = None new_event_list = None return render_to_response('sentry/dashboard.html', { 'top_event_list': top_event_list, 'new_event_list': new_event_list, }, request)
def _wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) if not request.user.has_perm(perm): return render_to_response('sentry/missing_permissions.html', status=400) return func(request, *args, **kwargs)
def handle_auth_required(self, request, *args, **kwargs): request.session["_next"] = request.get_full_path() if "organization_slug" in kwargs: redirect_to = reverse("sentry-auth-organization", args=[kwargs["organization_slug"]]) else: redirect_to = get_login_url() return self.redirect(redirect_to)
def _wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) if not request.user.has_perm(perm): return render_to_response('sentry/missing_permissions.html', status=400) return func(request, *args, **kwargs)
def dashboard(request): project_list = get_project_list(request.user, key='slug') if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) return render_to_response('sentry/dashboard.html', { }, request)
def handle(self, request, organization, member_id): try: member = OrganizationMember.objects.get( Q(user__is_active=True) | Q(user__isnull=True), organization=organization, id=member_id, ) except OrganizationMember.DoesNotExist: return self.redirect(get_login_url()) if request.POST.get('op') == 'reinvite' and member.is_pending: return self.resend_invite(request, organization, member) elif request.POST.get('op') == 'regenerate' and member.is_pending: return self.resend_invite(request, organization, member, regen=True) can_admin = request.access.has_scope('member:delete') if can_admin and not request.is_superuser(): acting_member = OrganizationMember.objects.get( user=request.user, organization=organization, ) if roles.get(acting_member.role).priority < roles.get(member.role).priority: can_admin = False else: allowed_roles = [ r for r in roles.get_all() if r.priority <= roles.get(acting_member.role).priority ] can_admin = bool(allowed_roles) elif request.is_superuser(): allowed_roles = roles.get_all() if member.user == request.user or not can_admin: return self.view_member(request, organization, member) form = self.get_form(request, member, allowed_roles) if form.is_valid(): member = form.save(request.user, organization, request.META['REMOTE_ADDR']) messages.add_message(request, messages.SUCCESS, _('Your changes were saved.')) redirect = reverse('sentry-organization-member-settings', args=[organization.slug, member.id]) return self.redirect(redirect) context = { 'member': member, 'form': form, 'invite_link': member.get_invite_link(), 'role_list': [ (r, r in allowed_roles) for r in roles.get_all() ] } return self.respond('sentry/organization-member-settings.html', context)
def dashboard(request): project_list = get_project_list(request.user) if len(project_list) == 1: return HttpResponseRedirect( reverse('sentry', kwargs={'project_id': project_list.keys()[0]})) if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) return render_to_response('sentry/dashboard.html', request=request)
def handle_auth_required(self, request, *args, **kwargs): request.session['_next'] = request.get_full_path() if 'organization_slug' in kwargs: redirect_to = reverse('sentry-auth-organization', args=[kwargs['organization_slug']]) else: redirect_to = get_login_url() return self.redirect(redirect_to)
def test_get_login_url(self): with self.Settings(LOGIN_URL='/really-a-404'): url = get_login_url(True) self.assertEquals(url, reverse('sentry-login')) with self.Settings(LOGIN_URL=reverse('sentry-fake-login')): url = get_login_url(True) self.assertEquals(url, reverse('sentry-fake-login')) # should still be cached with self.Settings(LOGIN_URL='/really-a-404'): url = get_login_url(False) self.assertEquals(url, reverse('sentry-fake-login')) with self.Settings(SENTRY_LOGIN_URL=None): url = get_login_url(True) self.assertEquals(url, reverse('sentry-login'))
def handle(self, request, organization, member_id): try: member = OrganizationMember.objects.get( Q(user__is_active=True) | Q(user__isnull=True), organization=organization, id=member_id, ) except OrganizationMember.DoesNotExist: return self.redirect(get_login_url()) if request.POST.get('op') == 'reinvite' and member.is_pending: return self.resend_invite(request, organization, member) can_admin = request.access.has_scope('member:delete') if can_admin and not request.is_superuser(): acting_member = OrganizationMember.objects.get( user=request.user, organization=organization, ) if roles.get(acting_member.role).priority < roles.get(member.role).priority: can_admin = False else: allowed_roles = [ r for r in roles.get_all() if r.priority <= roles.get(acting_member.role).priority ] can_admin = bool(allowed_roles) elif request.is_superuser(): allowed_roles = roles.get_all() if member.user == request.user or not can_admin: return self.view_member(request, organization, member) form = self.get_form(request, member, allowed_roles) if form.is_valid(): member = form.save(request.user, organization, request.META['REMOTE_ADDR']) messages.add_message(request, messages.SUCCESS, _('Your changes were saved.')) redirect = reverse('sentry-organization-member-settings', args=[organization.slug, member.id]) return self.redirect(redirect) context = { 'member': member, 'form': form, 'role_list': [ (r, r in allowed_roles) for r in roles.get_all() ] } return self.respond('sentry/organization-member-settings.html', context)
def handle(self, request): user = auth.get_pending_2fa_user(request) if user is None or request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) interfaces = Authenticator.objects.all_interfaces_for_user(user) # If for whatever reason we ended up here but the user has no 2FA # enabled, we just continue successfully. if not interfaces: return self.perform_signin(request, user) challenge = activation = None interface = self.negotiate_interface(request, interfaces) if request.method == 'GET': activation = interface.activate(request) if activation is not None and activation.type == 'challenge': challenge = activation.challenge elif 'challenge' in request.POST: challenge = json.loads(request.POST['challenge']) form = TwoFactorForm() # If an OTP response was supplied, we try to make it pass. otp = request.POST.get('otp') if otp: used_interface = self.validate_otp(otp, interface, interfaces) if used_interface is not None: return self.perform_signin(request, user, used_interface) self.fail_signin(request, user, form) # If a challenge and response exists, validate if challenge: response = request.POST.get('response') if response: response = json.loads(response) if interface.validate_response(request, challenge, response): return self.perform_signin(request, user, interface) self.fail_signin(request, user, form) return render_to_response( [ 'sentry/twofactor_%s.html' % interface.interface_id, 'sentry/twofactor.html' ], { 'form': form, 'interface': interface, 'other_interfaces': self.get_other_interfaces(interface, interfaces), 'activation': activation, }, request, status=200)
def create_new_user(request): if not request.is_superuser(): return HttpResponseRedirect(get_login_url()) form = NewUserForm(request.POST or None, initial={ 'send_welcome_mail': True, 'create_project': True, }) if form.is_valid(): user = form.save(commit=False) # create a random password password = uuid.uuid4().hex user.set_password(password) user.save() if form.cleaned_data['send_welcome_mail']: context = { 'username': user.username, 'password': password, 'url': absolute_uri(get_login_url()), } body = render_to_string('sentry/emails/welcome_mail.txt', context, request) try: send_mail( '%s Welcome to Sentry' % (options.get('mail.subject-prefix'),), body, options.get('mail.from'), [user.email], fail_silently=False ) except Exception as e: logger = logging.getLogger('sentry.mail.errors') logger.exception(e) return HttpResponseRedirect(reverse('sentry-admin-users')) context = { 'form': form, } context.update(csrf(request)) return render_to_response('sentry/admin/users/new.html', context, request)
def wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() if 'organization_slug' in kwargs: redirect_uri = reverse('sentry-auth-organization', args=[kwargs['organization_slug']]) else: redirect_uri = get_login_url() return HttpResponseRedirect(redirect_uri) return func(request, *args, **kwargs)
def get_login_redirect(request, default=None): if default is None: default = get_login_url() # If there is a pending 2fa authentication bound to the session then # we need to go to the 2fa dialog. if has_pending_2fa(request): return reverse('sentry-2fa-dialog') # If we have a different URL to go after the 2fa flow we want to go to # that now here. after_2fa = request.session.pop('_after_2fa', None) if after_2fa is not None: return after_2fa login_url = request.session.pop('_next', None) or default if login_url.startswith(('http://', 'https://')): login_url = default elif login_url.startswith(get_login_url()): login_url = default return login_url
def dashboard(request): project_list = get_project_list(request.user, key="slug") has_projects = len(project_list) > 1 or (len(project_list) == 1 and project_list.values()[0].pk != settings.PROJECT) if not has_projects: if not request.user.is_authenticated(): request.session["_next"] = request.build_absolute_uri() return HttpResponseRedirect(get_login_url()) elif can_create_projects(request.user): return HttpResponseRedirect(reverse("sentry-new-project")) return render_to_response("sentry/dashboard.html", {}, request)
def dashboard(request, template='dashboard.html'): project_list = get_project_list(request.user, key='slug') has_projects = len(project_list) > 1 or (len(project_list) == 1 and project_list.values()[0].pk != settings.PROJECT) if not has_projects: if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) elif can_create_projects(request.user): return HttpResponseRedirect(reverse('sentry-new-project')) return render_to_response('sentry/%s' % template, {}, request)
def handle(self, request, organization, member_id): try: member = OrganizationMember.objects.get( Q(user__is_active=True) | Q(user__isnull=True), organization=organization, id=member_id, ) except OrganizationMember.DoesNotExist: return self.redirect(get_login_url()) if request.POST.get('op') == 'reinvite' and member.is_pending: return self.resend_invite(request, organization, member) elif request.POST.get('op') == 'regenerate' and member.is_pending: return self.resend_invite(request, organization, member, regen=True) can_admin, allowed_roles = self.get_allowed_roles( request, organization, member) all_teams = Team.objects.filter(organization=organization, status=TeamStatus.VISIBLE) if member.user == request.user or not can_admin: return self.view_member(request, organization, member, all_teams) form = self.get_form(request, member, all_teams, allowed_roles) if form.is_valid(): member = form.save(request.user, organization, request.META['REMOTE_ADDR']) messages.add_message(request, messages.SUCCESS, _('Your changes were saved.')) redirect = reverse('sentry-organization-member-settings', args=[organization.slug, member.id]) return self.redirect(redirect) context = { 'member': member, 'form': form, 'invite_link': member.get_invite_link(), 'role_list': [(r, r in allowed_roles) for r in roles.get_all()], 'all_teams': all_teams } return self.respond('sentry/organization-member-settings.html', context)
def _wrapped(request, project_id=None, *args, **kwargs): # If we're asking for anything other than implied access, the user # must be authenticated if group_or_func is not None and not request.user.is_authenticated( ): request.session['_next'] = request.build_absolute_uri() return HttpResponseRedirect(get_login_url()) # XXX: if project_id isn't set, should we only allow superuser? if not project_id: return func(request, None, *args, **kwargs) if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} else: lookup_kwargs = {'slug': project_id} if request.user.is_superuser: if project_id: try: project = Project.objects.get_from_cache( **lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache( slug=project_id) except Project.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: return HttpResponseRedirect(reverse('sentry')) else: project = None return func(request, project, *args, **kwargs) if project_id: key, value = lookup_kwargs.items()[0] project_list = get_project_list(request.user, group_or_func, key=key) try: project = project_list[value] except KeyError: return HttpResponseRedirect(reverse('sentry')) else: project = None return func(request, project, *args, **kwargs)
def dashboard(request, template='dashboard.html'): project_list = get_project_list(request.user, key='slug') has_projects = len(project_list) > 1 or ( len(project_list) == 1 and project_list.values()[0].pk != settings.PROJECT) if not has_projects: if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) elif can_create_projects(request.user): return HttpResponseRedirect(reverse('sentry-new-project')) return render_to_response('sentry/%s' % template, {}, request)
def configure_plugin(request, slug): plugin = plugins.get(slug) if not plugin.has_site_conf(): return HttpResponseRedirect(get_login_url()) view = plugin.configure(request=request) if isinstance(view, HttpResponse): return view return render_to_response('sentry/admin/plugins/configure.html', { 'plugin': plugin, 'title': plugin.get_conf_title(), 'slug': plugin.slug, 'view': view, }, request)
def _wrapped(request, project_id=None, *args, **kwargs): # If we're asking for anything other than implied access, the user # must be authenticated if group_or_func is not None and not request.user.is_authenticated(): request.session['_next'] = request.build_absolute_uri() return HttpResponseRedirect(get_login_url()) # XXX: if project_id isn't set, should we only allow superuser? if not project_id: return func(request, None, *args, **kwargs) if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} else: lookup_kwargs = {'slug': project_id} if request.user.is_superuser: if project_id: try: project = Project.objects.get_from_cache(**lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache(slug=project_id) except Project.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: return HttpResponseRedirect(reverse('sentry')) else: project = None return func(request, project, *args, **kwargs) if project_id: key, value = lookup_kwargs.items()[0] project_list = get_project_list(request.user, group_or_func, key=key) try: project = project_list[value] except KeyError: return HttpResponseRedirect(reverse('sentry')) else: project = None return func(request, project, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): if self.auth_required and not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return self.redirect(get_login_url()) if self.sudo_required and not request.is_sudo(): return redirect_to_sudo(request.get_full_path()) args, kwargs = self.convert_args(request, *args, **kwargs) if not self.has_permission(request, *args, **kwargs): redirect_uri = self.get_no_permission_url(request, *args, **kwargs) return self.redirect(redirect_uri) self.request = request self.default_context = self.get_context_data(request, *args, **kwargs) return self.handle(request, *args, **kwargs)
def email_unsubscribe_project(request, project_id): # For now we only support getting here from the signed link. if not request.user_from_signed_request: raise Http404() try: project = Project.objects.get(pk=project_id) except Project.DoesNotExist: raise Http404() if request.method == 'POST': if 'cancel' not in request.POST: UserOption.objects.set_value(request.user, project, 'mail:alert', 0) return HttpResponseRedirect(get_login_url()) context = csrf(request) context['project'] = project return render_to_response('sentry/account/email_unsubscribe_project.html', context, request)
def email_unsubscribe_project(request, project_id): # For now we only support getting here from the signed link. if not request.user_from_signed_request: raise Http404() try: project = Project.objects.get(pk=project_id) except Project.DoesNotExist: raise Http404() if request.method == 'POST': if 'cancel' not in request.POST: UserOption.objects.set_value( request.user, project, 'mail:alert', 0) return HttpResponseRedirect(get_login_url()) context = csrf(request) context['project'] = project return render_to_response('sentry/account/email_unsubscribe_project.html', context, request)
def test_as_lazy_url(self): with self.settings(LOGIN_URL=reverse('sentry-fake-login')): url = get_login_url(True) self.assertEquals(url, reverse('sentry-fake-login'))
def test_as_path(self): with self.settings(LOGIN_URL='/really-a-404'): url = get_login_url(True) self.assertEquals(url, reverse('sentry-login'))
def get_redirect_uri(self, request, exception): return absolute_uri(get_login_url())
def test_no_value(self): with self.settings(SENTRY_LOGIN_URL=None): url = get_login_url(True) self.assertEquals(url, reverse('sentry-login'))
def test_cached(self): # should still be cached with self.settings(LOGIN_URL='/really-a-404'): url = get_login_url(False) self.assertNotEquals(url, '/really-a-404')
def wrapped(request, *args, **kwargs): if not settings.PUBLIC: if not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs): # All requests require authentication if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) has_team = 'team_slug' in kwargs has_project = 'project_id' in kwargs team_slug = kwargs.pop('team_slug', None) project_id = kwargs.pop('project_id', None) # Pull in team if it's part of the URL arguments if team_slug: if request.user.is_superuser: try: team = Team.objects.get_from_cache(slug=team_slug) except Team.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: team_list = Team.objects.get_for_user(request.user, access) try: team = team_list[team_slug] except KeyError: return HttpResponseRedirect(reverse('sentry')) else: team = None if project_id: # Support project id's if request.user.is_superuser: if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} elif team: lookup_kwargs = {'slug': project_id, 'team': team} else: return HttpResponseRedirect(reverse('sentry')) try: project = Project.objects.get_from_cache(**lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache(slug=project_id) except Project.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: return HttpResponseRedirect(reverse('sentry')) else: project_list = Project.objects.get_for_user(request.user, access, team=team) if project_id.isdigit(): key = 'id' value = int(project_id) elif team: key = 'slug' value = project_id else: return HttpResponseRedirect(reverse('sentry')) for p in project_list: if getattr(p, key) == value: project = p break else: return HttpResponseRedirect(reverse('sentry')) else: project = None if has_project: # ensure we're accessing this url correctly if project and team: if project.team_id != team.id: return HttpResponseRedirect(reverse('sentry')) project._team_cache = team kwargs['project'] = project if has_team: kwargs['team'] = team return func(request, *args, **kwargs)
def dashboard(request): project_list = get_project_list(request.user, key='slug') if len(project_list) == 0 and not request.user.is_authenticated(): return HttpResponseRedirect(get_login_url()) return render_to_response('sentry/dashboard.html', {}, request)
def _wrapped(request, *args, **kwargs): # All requests require authentication if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() if request.is_ajax(): return HttpResponse(status=401) if 'organization_slug' in kwargs: redirect_uri = reverse('sentry-auth-organization', args=[kwargs['organization_slug']]) else: redirect_uri = get_login_url() return HttpResponseRedirect(redirect_uri) has_org = 'organization_slug' in kwargs has_team = 'team_slug' in kwargs has_project = 'project_id' in kwargs organization_slug = kwargs.pop('organization_slug', None) team_slug = kwargs.pop('team_slug', None) project_id = kwargs.pop('project_id', None) assert not has_team or has_org, \ 'Must pass organization_slug with team_slug' if organization_slug: if not request.user.is_superuser: if has_team or has_project: org_access = None else: org_access = access org_list = Organization.objects.get_for_user( user=request.user, access=org_access, ) for o in org_list: if o.slug == organization_slug: organization = o break else: logging.debug( 'User %s is not listed in organization with slug %s', request.user.id, organization_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: try: organization = Organization.objects.get_from_cache( slug=organization_slug, ) except Organization.DoesNotExist: logging.debug( 'Organization with slug %s does not exist', organization_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: organization = None if team_slug: if not request.user.is_superuser: team_list = Team.objects.get_for_user( user=request.user, access=access, organization=organization, ) for t in team_list: if t.slug == team_slug: team = t break else: logging.debug( 'User %s is not listed in team with slug %s', request.user.id, team_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: try: team = Team.objects.get_from_cache( slug=team_slug, organization=organization, ) except Team.DoesNotExist: logging.debug('Team with slug %s does not exist', team_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: team = None if project_id: # Support project id's if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} elif organization: lookup_kwargs = { 'slug': project_id, 'organization': organization } else: return HttpResponseRedirect(reverse('sentry')) try: project = Project.objects.get_from_cache(**lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache( slug=project_id) except Project.DoesNotExist: if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) if not request.user.is_superuser and not project.has_access( request.user, access=access): if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: project = None if has_project: kwargs['project'] = project if has_team: kwargs['team'] = team if has_org: kwargs['organization'] = organization return func(request, *args, **kwargs)
def wrapped(request, *args, **kwargs): if not settings.PUBLIC: if not request.user.is_authenticated(): request.session['_next'] = request.build_absolute_uri() return HttpResponseRedirect(get_login_url()) return func(request, *args, **kwargs)
def login_url(context): return get_login_url(request=context['request'])
def wrapped(request, *args, **kwargs): if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs): # All requests require authentication if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() if request.is_ajax(): return HttpResponse(status=401) return HttpResponseRedirect(get_login_url()) has_org = 'organization_slug' in kwargs has_team = 'team_slug' in kwargs has_project = 'project_id' in kwargs organization_slug = kwargs.pop('organization_slug', None) team_slug = kwargs.pop('team_slug', None) project_id = kwargs.pop('project_id', None) assert not has_team or has_org, \ 'Must pass organization_slug with team_slug' if organization_slug: if not request.user.is_superuser: if has_team or has_project: org_access = None else: org_access = access org_list = Organization.objects.get_for_user( user=request.user, access=org_access, ) for o in org_list: if o.slug == organization_slug: organization = o break else: logging.debug('User %s is not listed in organization with slug %s', request.user.id, organization_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: try: organization = Organization.objects.get_from_cache( slug=organization_slug, ) except Organization.DoesNotExist: logging.debug('Organization with slug %s does not exist', organization_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: organization = None if team_slug: if not request.user.is_superuser: team_list = Team.objects.get_for_user( user=request.user, access=access, organization=organization, ) for t in team_list: if t.slug == team_slug: team = t break else: logging.debug('User %s is not listed in team with slug %s', request.user.id, team_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: try: team = Team.objects.get_from_cache( slug=team_slug, organization=organization, ) except Team.DoesNotExist: logging.debug('Team with slug %s does not exist', team_slug) if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: team = None if project_id: # Support project id's if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} elif organization: lookup_kwargs = {'slug': project_id, 'organization': organization} else: return HttpResponseRedirect(reverse('sentry')) try: project = Project.objects.get_from_cache(**lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache(slug=project_id) except Project.DoesNotExist: if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) if not request.user.is_superuser and not project.has_access(request.user, access=access): if request.is_ajax(): return HttpResponse(status=400) return HttpResponseRedirect(reverse('sentry')) else: project = None if has_project: kwargs['project'] = project if has_team: kwargs['team'] = team if has_org: kwargs['organization'] = organization return func(request, *args, **kwargs)
def _wrapped(request, *args, **kwargs): # All requests require authentication if not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return HttpResponseRedirect(get_login_url()) has_team = 'team_slug' in kwargs has_project = 'project_id' in kwargs team_slug = kwargs.pop('team_slug', None) project_id = kwargs.pop('project_id', None) # Pull in team if it's part of the URL arguments if team_slug: if request.user.is_superuser: try: team = Team.objects.get_from_cache(slug=team_slug) except Team.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: team_list = Team.objects.get_for_user(request.user, access) try: team = team_list[team_slug] except KeyError: return HttpResponseRedirect(reverse('sentry')) else: team = None if project_id: # Support project id's if project_id.isdigit(): lookup_kwargs = {'id': int(project_id)} else: lookup_kwargs = {'slug': project_id} if team: lookup_kwargs['team'] = team if request.user.is_superuser: try: project = Project.objects.get_from_cache(**lookup_kwargs) except Project.DoesNotExist: if project_id.isdigit(): # It could be a numerical slug try: project = Project.objects.get_from_cache(slug=project_id) except Project.DoesNotExist: return HttpResponseRedirect(reverse('sentry')) else: return HttpResponseRedirect(reverse('sentry')) else: key, value = lookup_kwargs.items()[0] project_list = get_project_list(request.user, access, key=key) try: project = project_list[value] except KeyError: return HttpResponseRedirect(reverse('sentry')) else: project = None if has_project: # ensure we're accessing this url correctly if project and team and project.team != team: return HttpResponseRedirect(reverse('sentry')) kwargs['project'] = project if has_team: kwargs['team'] = team return func(request, *args, **kwargs)