def dt_login(request): redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_names = get_backend_names() is_active_directory = 'LdapBackend' in backend_names and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) ) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': request.audit = { 'operation': 'USER_LOGIN', 'username': request.POST.get('username') } # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever or 'AllowAllBackend' in backend_names or 'LdapBackend' in backend_names: # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) if require_change_password(userprofile): return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.save() msg = 'Successful login for user: %s' % user.username request.audit['operationText'] = msg access_warn(request, msg) return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get('username') request.audit['operationText'] = msg access_warn(request, msg)
def dt_login(request): """Used by the non-jframe login""" redirect_to = request.REQUEST.get('next', '/') login_errors = False is_first_login_ever = first_login_ever() if request.method == 'POST': form = django.contrib.auth.forms.AuthenticationForm(data=request.POST) if form.is_valid(): login(request, form.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever: ensure_home_directory(request.fs, request.POST.get('username')) access_warn(request, '"%s" login ok' % (request.user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),)) login_errors = True else: form = django.contrib.auth.forms.AuthenticationForm() request.session.set_test_cookie() return render('login.mako', request, { 'action': urlresolvers.reverse('desktop.auth.views.dt_login'), 'form': form, 'next': redirect_to, 'first_login_ever': is_first_login_ever, 'login_errors': login_errors, })
def dt_login(request): """Used by the non-jframe login""" redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() if request.method == 'POST': # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever: # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) access_warn(request, '"%s" login ok' % (user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
def dt_login(request): redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_names = get_backend_names() is_active_directory = 'LdapBackend' in backend_names and (bool( LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get())) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm( data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever or 'AllowAllBackend' in backend_names or 'LdapBackend' in backend_names: # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) if require_change_password(userprofile): return HttpResponseRedirect( urlresolvers.reverse( 'useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.save() access_warn(request, '"%s" login ok' % (user.username, )) return HttpResponseRedirect(redirect_to) else: access_warn( request, 'Failed login for user "%s"' % (request.POST.get('username'), ))
def dt_login(request): reload_config() redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_name = get_backend_name() is_active_directory = backend_name == 'LdapBackend' and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) ) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if SINGLE_USER_MODE or request.method == 'POST': # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: if not SINGLE_USER_MODE: auth_form = AuthenticationForm(data=request.POST) if SINGLE_USER_MODE or auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. if not SINGLE_USER_MODE: user = auth_form.get_user() else: user = authenticate(username=SINGLE_USER_MODE['user'], password=SINGLE_USER_MODE['pass']) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever or backend_name in ('AllowAllBackend', 'LdapBackend'): # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) access_warn(request, '"%s" login ok' % (user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
def dt_login(request): """Used by the non-jframe login""" redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_name = get_backend_name() if request.method == 'POST': # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm( data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever or backend_name in ('AllowAllBackend', 'LdapBackend'): # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) access_warn(request, '"%s" login ok' % (user.username, )) return HttpResponseRedirect(redirect_to) else: access_warn( request, 'Failed login for user "%s"' % (request.POST.get('username'), ))
def dt_login(request): """Used by the non-jframe login""" redirect_to = request.REQUEST.get('next', '/') login_errors = False is_first_login_ever = first_login_ever() if request.method == 'POST': form = django.contrib.auth.forms.AuthenticationForm(data=request.POST) if form.is_valid(): login(request, form.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever: try: ensure_home_directory(request.fs, request.POST.get('username')) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) access_warn(request, '"%s" login ok' % (request.user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),)) login_errors = True
'username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.REQUEST.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False}) else: first_user_form = None auth_form = AuthenticationForm() if DEMO_ENABLED.get() and not 'admin' in request.REQUEST: user = authenticate(username=request.user.username, password='******') login(request, user) ensure_home_directory(request.fs, user.username) return HttpResponseRedirect(redirect_to) if not from_modal: request.session.set_test_cookie() renderable_path = 'login.mako' if from_modal: renderable_path = 'login_modal.mako' return render( renderable_path, request, { 'action': urlresolvers.reverse('desktop.auth.views.dt_login'), 'form': first_user_form or auth_form, 'next': redirect_to, 'first_login_ever': is_first_login_ever,
def dt_login(request, from_modal=False): if request.method == 'GET': redirect_to = request.GET.get('next', '/') else: redirect_to = request.POST.get('next', '/') is_first_login_ever = first_login_ever() backend_names = auth_forms.get_backend_names() is_active_directory = auth_forms.is_active_directory() is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' or \ request.POST.get('server') in auth_forms.get_ldap_server_keys() if is_active_directory and is_ldap_option_selected: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm if 'ImpersonationBackend' in backend_names: AuthenticationForm = ImpersonationAuthenticationForm else: AuthenticationForm = auth_forms.AuthenticationForm if ENABLE_ORGANIZATIONS.get(): UserCreationForm = OrganizationUserCreationForm AuthenticationForm = OrganizationAuthenticationForm if request.method == 'POST': request.audit = { 'operation': 'USER_LOGIN', 'username': request.POST.get('username', request.POST.get('email')) } # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. It provides 'backend' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) # If Test cookie exists , it should be deleted if request.session.test_cookie_worked(): request.session.delete_test_cookie() if request.fs is None: request.fs = fsmanager.get_filesystem(request.fs_ref) try: ensure_home_directory(request.fs, user) except (IOError, WebHdfsException) as e: LOG.error('Could not create home directory at login for %s.' % user, exc_info=e) if require_change_password(userprofile): return HttpResponseRedirect('/hue' + reverse('useradmin:useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.last_activity = datetime.now() if userprofile.creation_method == UserProfile.CreationMethod.EXTERNAL: # This is to fix a bug in Hue 4.3 userprofile.creation_method = UserProfile.CreationMethod.EXTERNAL.name userprofile.update_data({'auth_backend': user.backend}) userprofile.save() msg = 'Successful login for user: %s' % user.username request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': True}) else: return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get('username', request.POST.get('email')) request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False}) else: first_user_form = None auth_form = AuthenticationForm() # SAML/OIDC user is already authenticated in djangosaml2.views.login if hasattr(request, 'fs') and ( 'KnoxSpnegoDjangoBackend' in backend_names or 'SpnegoDjangoBackend' in backend_names or 'OIDCBackend' in backend_names or 'SAML2Backend' in backend_names ) and request.user.is_authenticated: if request.fs is None: request.fs = fsmanager.get_filesystem(request.fs_ref) try: ensure_home_directory(request.fs, request.user) except (IOError, WebHdfsException) as e: LOG.error('Could not create home directory for %s user %s.' % ('OIDC' if 'OIDCBackend' in backend_names else 'SAML', request.user)) if request.user.is_authenticated and not from_modal: return HttpResponseRedirect(redirect_to) if is_active_directory and not is_ldap_option_selected and \ request.method == 'POST' and request.user.username != request.POST.get('username'): # local user login failed, give the right auth_form with 'server' field auth_form = auth_forms.LdapAuthenticationForm() if not from_modal and SESSION.ENABLE_TEST_COOKIE.get() : request.session.set_test_cookie() if 'SAML2Backend' in backend_names: request.session['samlgroup_permitted_flag'] = samlgroup_check(request) renderable_path = 'login.mako' if from_modal: renderable_path = 'login_modal.mako' response = render(renderable_path, request, { 'action': reverse('desktop_auth_views_dt_login'), 'form': first_user_form or auth_form, 'next': redirect_to, 'first_login_ever': is_first_login_ever, 'login_errors': request.method == 'POST', 'backend_names': backend_names, 'active_directory': is_active_directory, 'user': request.user }) if not request.user.is_authenticated: response.delete_cookie(LOAD_BALANCER_COOKIE) # Note: might be re-balanced to another Hue on login. return response
def test_copy_files(): cluster = pseudo_hdfs4.shared_cluster() try: c = make_logged_in_client() user = User.objects.get(username='******') ensure_home_directory(cluster.fs, user) prefix = '/tmp/test_copy_files' if cluster.fs.exists(prefix): cluster.fs.rmtree( prefix, skip_trash=True) # admin user might not have a home directory # Jars in various locations deployment_dir = '%s/workspace' % prefix external_deployment_dir = '%s/deployment' % prefix jar_1 = '%s/udf1.jar' % prefix jar_2 = '%s/lib/udf2.jar' % prefix jar_3 = '%s/udf3.jar' % deployment_dir jar_4 = '%s/lib/udf4.jar' % deployment_dir # Never move cluster.fs.mkdir(prefix) cluster.fs.create(jar_1) cluster.fs.create(jar_2) cluster.fs.create(jar_3) cluster.fs.create(jar_4) class MockNode(): def __init__(self, jar_path): self.jar_path = jar_path class MockJob(): def __init__(self): self.node_list = [ MockNode(jar_1), MockNode(jar_2), MockNode(jar_3), MockNode(jar_4), ] def get_application_filename(self): return 'workflow.xml' submission = Submission(user, job=MockJob(), fs=cluster.fs, jt=cluster.jt) submission._copy_files(deployment_dir, "<xml>My XML</xml>") submission._copy_files(external_deployment_dir, "<xml>My XML</xml>") # All sources still there assert_true(cluster.fs.exists(jar_1)) assert_true(cluster.fs.exists(jar_2)) assert_true(cluster.fs.exists(jar_3)) assert_true(cluster.fs.exists(jar_4)) deployment_dir = deployment_dir + '/lib' external_deployment_dir = external_deployment_dir + '/lib' list_dir_workspace = cluster.fs.listdir(deployment_dir) list_dir_deployement = cluster.fs.listdir(external_deployment_dir) # All destinations there assert_true(cluster.fs.exists(deployment_dir + '/udf1.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf2.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf3.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf4.jar'), list_dir_workspace) assert_true(cluster.fs.exists(external_deployment_dir + '/udf1.jar'), list_dir_deployement) assert_true(cluster.fs.exists(external_deployment_dir + '/udf2.jar'), list_dir_deployement) assert_true(cluster.fs.exists(external_deployment_dir + '/udf3.jar'), list_dir_deployement) assert_true(cluster.fs.exists(external_deployment_dir + '/udf4.jar'), list_dir_deployement) stats_udf1 = cluster.fs.stats(deployment_dir + '/udf1.jar') stats_udf2 = cluster.fs.stats(deployment_dir + '/udf2.jar') stats_udf3 = cluster.fs.stats(deployment_dir + '/udf3.jar') stats_udf4 = cluster.fs.stats(deployment_dir + '/udf4.jar') submission._copy_files('%s/workspace' % prefix, "<xml>My XML</xml>") assert_not_equal( stats_udf1['fileId'], cluster.fs.stats(deployment_dir + '/udf1.jar')['fileId']) assert_not_equal( stats_udf2['fileId'], cluster.fs.stats(deployment_dir + '/udf2.jar')['fileId']) assert_not_equal( stats_udf3['fileId'], cluster.fs.stats(deployment_dir + '/udf3.jar')['fileId']) assert_equal(stats_udf4['fileId'], cluster.fs.stats(deployment_dir + '/udf4.jar')['fileId']) finally: try: cluster.fs.rmtree(prefix, skip_trash=True) except: LOG.exception('failed to remove %s' % prefix)
def dt_login(request, from_modal=False): redirect_to = request.GET.get('next', '/') is_first_login_ever = first_login_ever() backend_names = auth_forms.get_backend_names() is_active_directory = auth_forms.is_active_directory() is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' \ or request.POST.get('server') in auth_forms.get_ldap_server_keys() if is_active_directory and is_ldap_option_selected: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm if 'ImpersonationBackend' in backend_names: AuthenticationForm = ImpersonationAuthenticationForm else: AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': request.audit = { 'operation': 'USER_LOGIN', 'username': request.POST.get('username') } # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm( data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() try: ensure_home_directory(request.fs, user) except (IOError, WebHdfsException), e: LOG.error( 'Could not create home directory at login for %s.' % user, exc_info=e) if require_change_password(userprofile): return HttpResponseRedirect( urlresolvers.reverse( 'useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.last_activity = datetime.now() userprofile.save() msg = 'Successful login for user: %s' % user.username request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': True}) else: return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get( 'username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False})
def dt_login(request, from_modal=False): redirect_to = request.REQUEST.get("next", "/") is_first_login_ever = first_login_ever() backend_names = get_backend_names() is_active_directory = "LdapBackend" in backend_names and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) ) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if request.method == "POST": request.audit = {"operation": "USER_LOGIN", "username": request.POST.get("username")} # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if is_first_login_ever or "AllowAllBackend" in backend_names or "LdapBackend" in backend_names: # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_("Could not create home directory."), exc_info=e) request.error(_("Could not create home directory.")) if require_change_password(userprofile): return HttpResponseRedirect( urlresolvers.reverse("useradmin.views.edit_user", kwargs={"username": user.username}) ) userprofile.first_login = False userprofile.last_activity = datetime.now() userprofile.save() msg = "Successful login for user: %s" % user.username request.audit["operationText"] = msg access_warn(request, msg) if from_modal or request.REQUEST.get("fromModal", "false") == "true": return JsonResponse({"auth": True}) else: return HttpResponseRedirect(redirect_to) else: request.audit["allowed"] = False msg = "Failed login for user: %s" % request.POST.get("username") request.audit["operationText"] = msg access_warn(request, msg) if from_modal or request.REQUEST.get("fromModal", "false") == "true": return JsonResponse({"auth": False})
def dt_login(request, from_modal=False): if request.method == 'GET': redirect_to = request.GET.get('next', '/') else: redirect_to = request.POST.get('next', '/') is_first_login_ever = first_login_ever() backend_names = auth_forms.get_backend_names() is_active_directory = auth_forms.is_active_directory() is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' \ or request.POST.get('server') in auth_forms.get_ldap_server_keys() if is_active_directory and is_ldap_option_selected: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm if 'ImpersonationBackend' in backend_names: AuthenticationForm = ImpersonationAuthenticationForm else: AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': request.audit = { 'operation': 'USER_LOGIN', 'username': request.POST.get('username') } # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() try: ensure_home_directory(request.fs, user) except (IOError, WebHdfsException), e: LOG.error('Could not create home directory at login for %s.' % user, exc_info=e) if require_change_password(userprofile): return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.last_activity = datetime.now() # This is to fix a bug in Hue 4.3 if userprofile.creation_method == UserProfile.CreationMethod.EXTERNAL: userprofile.creation_method = UserProfile.CreationMethod.EXTERNAL.name userprofile.save() msg = 'Successful login for user: %s' % user.username request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': True}) else: return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get('username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False})
return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get('username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False}) else: first_user_form = None auth_form = AuthenticationForm() # SAML/OIDC user is already authenticated in djangosaml2.views.login if hasattr(request,'fs') and ('SpnegoDjangoBackend' in backend_names or 'OIDCBackend' in backend_names or 'SAML2Backend' in backend_names) and request.user.is_authenticated(): try: ensure_home_directory(request.fs, request.user) except (IOError, WebHdfsException), e: LOG.error('Could not create home directory for %s user %s.' % ('OIDC' if 'OIDCBackend' in backend_names else 'SAML', request.user)) if is_active_directory and not is_ldap_option_selected and \ request.method == 'POST' and request.user.username != request.POST.get('username'): # local user login failed, give the right auth_form with 'server' field auth_form = auth_forms.LdapAuthenticationForm() if not from_modal: request.session.set_test_cookie() renderable_path = 'login.mako' if from_modal: renderable_path = 'login_modal.mako'
def dt_login(request, from_modal=False): redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_names = get_backend_names() is_active_directory = 'LdapBackend' in backend_names and (bool( LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get())) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': request.audit = { 'operation': 'USER_LOGIN', 'username': request.POST.get('username') } # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm( data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() auto_create_home_backends = [ 'AllowAllBackend', 'LdapBackend', 'SpnegoDjangoBackend' ] if is_first_login_ever or any( backend in backend_names for backend in auto_create_home_backends): # Create home directory for first user. try: ensure_home_directory(request.fs, user.username) except (IOError, WebHdfsException), e: LOG.error(_('Could not create home directory.'), exc_info=e) request.error(_('Could not create home directory.')) if require_change_password(userprofile): return HttpResponseRedirect( urlresolvers.reverse( 'useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.last_activity = datetime.now() userprofile.save() msg = 'Successful login for user: %s' % user.username request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.REQUEST.get('fromModal', 'false') == 'true': return JsonResponse({'auth': True}) else: return HttpResponseRedirect(redirect_to) else: request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get( 'username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.REQUEST.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False})
request.audit['allowed'] = False msg = 'Failed login for user: %s' % request.POST.get( 'username') request.audit['operationText'] = msg access_warn(request, msg) if from_modal or request.GET.get('fromModal', 'false') == 'true': return JsonResponse({'auth': False}) else: first_user_form = None auth_form = AuthenticationForm() # SAML user is already authenticated in djangosaml2.views.login if 'SAML2Backend' in backend_names and request.user.is_authenticated(): try: ensure_home_directory(request.fs, request.user) except (IOError, WebHdfsException), e: LOG.error('Could not create home directory for SAML user %s.' % request.user) if not from_modal: request.session.set_test_cookie() renderable_path = 'login.mako' if from_modal: renderable_path = 'login_modal.mako' response = render( renderable_path, request, { 'action': urlresolvers.reverse('desktop_auth_views_dt_login'), 'form': first_user_form or auth_form,
def test_copy_files(): cluster = pseudo_hdfs4.shared_cluster() try: c = make_logged_in_client() user = User.objects.get(username='******') ensure_home_directory(cluster.fs, user) prefix = '/tmp/test_copy_files' if cluster.fs.exists(prefix): cluster.fs.rmtree(prefix) # Jars in various locations deployment_dir = '%s/workspace' % prefix external_deployment_dir = '%s/deployment' % prefix jar_1 = '%s/udf1.jar' % prefix jar_2 = '%s/lib/udf2.jar' % prefix jar_3 = '%s/udf3.jar' % deployment_dir jar_4 = '%s/lib/udf4.jar' % deployment_dir # Doesn't move jar_5 = 'udf5.jar' jar_6 = 'lib/udf6.jar' # Doesn't move cluster.fs.mkdir(prefix) cluster.fs.create(jar_1) cluster.fs.create(jar_2) cluster.fs.create(jar_3) cluster.fs.create(jar_4) cluster.fs.create(deployment_dir + '/' + jar_5) cluster.fs.create(deployment_dir + '/' + jar_6) class MockJob(object): XML_FILE_NAME = 'workflow.xml' def __init__(self): self.deployment_dir = deployment_dir self.nodes = [ Node({ 'id': '1', 'type': 'mapreduce', 'properties': { 'jar_path': jar_1 } }), Node({ 'id': '2', 'type': 'mapreduce', 'properties': { 'jar_path': jar_2 } }), Node({ 'id': '3', 'type': 'java', 'properties': { 'jar_path': jar_3 } }), Node({ 'id': '4', 'type': 'java', 'properties': { 'jar_path': jar_4 } }), # Workspace relative paths Node({ 'id': '5', 'type': 'java', 'properties': { 'jar_path': jar_5 } }), Node({ 'id': '6', 'type': 'java', 'properties': { 'jar_path': jar_6 } }) ] submission = Submission(user, job=MockJob(), fs=cluster.fs, jt=cluster.jt) submission._copy_files(deployment_dir, "<xml>My XML</xml>", {'prop1': 'val1'}) submission._copy_files(external_deployment_dir, "<xml>My XML</xml>", {'prop1': 'val1'}) assert_true(cluster.fs.exists(deployment_dir + '/workflow.xml'), deployment_dir) assert_true(cluster.fs.exists(deployment_dir + '/job.properties'), deployment_dir) # All sources still there assert_true(cluster.fs.exists(jar_1)) assert_true(cluster.fs.exists(jar_2)) assert_true(cluster.fs.exists(jar_3)) assert_true(cluster.fs.exists(jar_4)) assert_true(cluster.fs.exists(deployment_dir + '/' + jar_5)) assert_true(cluster.fs.exists(deployment_dir + '/' + jar_6)) # Lib deployment_dir = deployment_dir + '/lib' external_deployment_dir = external_deployment_dir + '/lib' if USE_LIBPATH_FOR_JARS.get(): assert_true(jar_1 in submission.properties['oozie.libpath']) assert_true(jar_2 in submission.properties['oozie.libpath']) assert_true(jar_3 in submission.properties['oozie.libpath']) assert_true(jar_4 in submission.properties['oozie.libpath']) print(deployment_dir + '/' + jar_5) assert_true((deployment_dir + '/' + jar_5) in submission.properties['oozie.libpath'], submission.properties['oozie.libpath']) assert_true((deployment_dir + '/' + jar_6) in submission.properties['oozie.libpath'], submission.properties['oozie.libpath']) else: list_dir_workspace = cluster.fs.listdir(deployment_dir) list_dir_deployement = cluster.fs.listdir(external_deployment_dir) # All destinations there assert_true(cluster.fs.exists(deployment_dir + '/udf1.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf2.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf3.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf4.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf5.jar'), list_dir_workspace) assert_true(cluster.fs.exists(deployment_dir + '/udf6.jar'), list_dir_workspace) assert_true( cluster.fs.exists(external_deployment_dir + '/udf1.jar'), list_dir_deployement) assert_true( cluster.fs.exists(external_deployment_dir + '/udf2.jar'), list_dir_deployement) assert_true( cluster.fs.exists(external_deployment_dir + '/udf3.jar'), list_dir_deployement) assert_true( cluster.fs.exists(external_deployment_dir + '/udf4.jar'), list_dir_deployement) assert_true( cluster.fs.exists(external_deployment_dir + '/udf5.jar'), list_dir_deployement) assert_true( cluster.fs.exists(external_deployment_dir + '/udf6.jar'), list_dir_deployement) stats_udf1 = cluster.fs.stats(deployment_dir + '/udf1.jar') stats_udf2 = cluster.fs.stats(deployment_dir + '/udf2.jar') stats_udf3 = cluster.fs.stats(deployment_dir + '/udf3.jar') stats_udf4 = cluster.fs.stats(deployment_dir + '/udf4.jar') stats_udf5 = cluster.fs.stats(deployment_dir + '/udf5.jar') stats_udf6 = cluster.fs.stats(deployment_dir + '/udf6.jar') submission._copy_files('%s/workspace' % prefix, "<xml>My XML</xml>", {'prop1': 'val1'}) assert_not_equal( stats_udf1['fileId'], cluster.fs.stats(deployment_dir + '/udf1.jar')['fileId']) assert_not_equal( stats_udf2['fileId'], cluster.fs.stats(deployment_dir + '/udf2.jar')['fileId']) assert_not_equal( stats_udf3['fileId'], cluster.fs.stats(deployment_dir + '/udf3.jar')['fileId']) assert_equal( stats_udf4['fileId'], cluster.fs.stats(deployment_dir + '/udf4.jar')['fileId']) assert_not_equal( stats_udf5['fileId'], cluster.fs.stats(deployment_dir + '/udf5.jar')['fileId']) assert_equal( stats_udf6['fileId'], cluster.fs.stats(deployment_dir + '/udf6.jar')['fileId']) # Test _create_file() submission._create_file(deployment_dir, 'test.txt', data='Test data') assert_true(cluster.fs.exists(deployment_dir + '/test.txt'), list_dir_workspace) finally: try: cluster.fs.rmtree(prefix) except: LOG.exception('failed to remove %s' % prefix)
request.error(_('Could not create home directory.')) access_warn(request, '"%s" login ok' % (user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),)) else: first_user_form = None auth_form = AuthenticationForm() if DEMO_ENABLED.get() and not 'admin' in request.REQUEST: user = authenticate(username='', password='') login(request, user) ensure_home_directory(request.fs, user.username) return HttpResponseRedirect(redirect_to) request.session.set_test_cookie() return render('login.mako', request, { 'action': urlresolvers.reverse('desktop.auth.views.dt_login'), 'form': first_user_form or auth_form, 'next': redirect_to, 'first_login_ever': is_first_login_ever, 'login_errors': request.method == 'POST', 'backend_name': backend_name, 'active_directory': is_active_directory }) def dt_logout(request, next_page=None):
def dt_login(request): redirect_to = request.REQUEST.get('next', '/') is_first_login_ever = first_login_ever() backend_name = get_backend_name() is_active_directory = backend_name == 'LdapBackend' and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) ) if is_active_directory: UserCreationForm = auth_forms.LdapUserCreationForm AuthenticationForm = auth_forms.LdapAuthenticationForm else: UserCreationForm = auth_forms.UserCreationForm AuthenticationForm = auth_forms.AuthenticationForm if request.method == 'POST': # For first login, need to validate user info! first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None first_user = first_user_form and first_user_form.is_valid() if first_user or not is_first_login_ever: auth_form = AuthenticationForm(data=request.POST) if auth_form.is_valid(): # Must login by using the AuthenticationForm. # It provides 'backends' on the User object. user = auth_form.get_user() userprofile = get_profile(user) login(request, user) if request.session.test_cookie_worked(): request.session.delete_test_cookie() # For Bluemix - don't try to create HDFS home directory because we're ignoring the identity of the Hue user #if is_first_login_ever or backend_name in ('AllowAllBackend', 'LdapBackend'): # # Create home directory for first user. # try: # ensure_home_directory(request.fs, user.username) # except (IOError, WebHdfsException), e: # LOG.error(_('Could not create home directory.'), exc_info=e) # request.error(_('Could not create home directory.')) if require_change_password(userprofile): return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username})) userprofile.first_login = False userprofile.save() access_warn(request, '"%s" login ok' % (user.username,)) return HttpResponseRedirect(redirect_to) else: access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),)) else: first_user_form = None auth_form = AuthenticationForm() if DEMO_ENABLED.get() and not 'admin' in request.REQUEST: user = authenticate(username='', password='') login(request, user) ensure_home_directory(request.fs, user.username) return HttpResponseRedirect(redirect_to) request.session.set_test_cookie() return render('login.mako', request, { 'action': urlresolvers.reverse('desktop.auth.views.dt_login'), 'form': first_user_form or auth_form, 'next': redirect_to, 'first_login_ever': is_first_login_ever, 'login_errors': request.method == 'POST', 'backend_name': backend_name, 'active_directory': is_active_directory })