def delet_domain(request):
myjson = {
'error': "",
'success': False,
}
if "id_domain" in request.POST.keys():
id_domain = request.POST['id_domain']
domain = SubDomain.objects.get(id=id_domain)
domain_name = domain.name
domain_user = domain.user
if request.user.is_superuser or request.user == domain_user:
domain.delete()
myjson['success'] = True
Activity_log(action='DELET DOMAIN',
xforward=getForwardedFor(request),
user_affected=domain_user,
result="Delet domain --> name: %s" %
domain_name).save()
else:
myjson['error'] = "permission"
else:
myjson['error'] = "No se pasaron los datos por post"
return HttpResponse(json.dumps(myjson))
def delet_user(request):
myjson = {
'error': "",
'success': False,
}
if "id_user" in request.POST.keys():
id_user = request.POST['id_user']
user = User.objects.get(id=request.POST['id_user'])
user.delete()
myjson['success'] = True
Activity_log(action='DELET USER',
xforward=getForwardedFor(request),
user_affected=request.user,
result="Delet User --> name: %s" % user).save()
else:
myjson['error'] = "No se pasaron los datos por post"
return HttpResponse(json.dumps(myjson))
def dologin(request):
myjson = {
'errors': {},
'message': '',
'success': False,
'redirect': '',
'sync': ''
}
username = request.POST['username']
if request.session.test_cookie_worked():
cant_fails = Activity_log.objects.filter(
action='DOLOGIN',
xforward=getForwardedFor(request),
date__gt=(datetime.now() - timedelta(minutes=10)),
result__startswith='False').count()
if cant_fails >= 5:
myjson['errors'][
'reason'] = u'Ha superado la cantidad máxima de intentos.'
else:
user = authenticate(username=username,
password=request.POST['password'])
if user is not None:
if user.is_active:
request.session.delete_test_cookie()
djlogin(request, user)
myjson['success'] = True
myjson['message'] = 'Bienvenido, %s!' % (
user.get_full_name(), )
myjson['redirect'] = '/common/main/'
myjson['errors']['reason'] = 'Login correcto.'
else:
myjson['errors']['reason'] = 'Cuenta deshabilitada.'
else:
myjson['errors']['reason'] = 'Usuario y/o clave invalida.'
else:
myjson['errors'][
'reason'] = 'Por favor, habilite las Cookies en su navegador.'
Activity_log(action='DOLOGIN',
xforward=getForwardedFor(request),
user_affected=username,
result="%s - %s" %
(myjson['success'], myjson['errors']['reason'])).save()
return HttpResponse(json.dumps(myjson))
def updateip(request):
return_code = "unknown"
username = ""
domain = ""
ip = ""
ip_x_forwarded = ""
hostname = ""
message = ""
agent = ""
if request.method == 'GET':
if 'hostname' in request.GET:
domain = request.GET['hostname']
if 'myip' in request.GET:
ip = request.GET['myip']
if 'HTTP_X_FORWARDED_FOR' in request.META:
ip_x_forwarded = request.META['HTTP_X_FORWARDED_FOR']
if 'HTTP_USER_AGENT' in request.META:
agent = request.META['HTTP_USER_AGENT']
verified_agent = False
if settings.DNS_ALLOW_AGENT:
list_agent_allow = settings.DNS_ALLOW_AGENT.split(",")
if list_agent_allow:
for a in list_agent_allow:
if a in request.META['HTTP_USER_AGENT']:
verified_agent = True
else:
verified_agent = True
cant_fails = Activity_log.objects.filter(
action='SYNC',
ip=ip,
date__gt=(datetime.now() - timedelta(minutes=10)),
result__startswith='False').count()
if cant_fails < 10:
if verified_agent:
if 'HTTP_AUTHORIZATION' in request.META:
auth = request.META['HTTP_AUTHORIZATION'].split()
if len(auth) == 2:
logger.info(auth)
logger.info(auth[0].lower())
logger.info(auth[1])
if auth[0].lower() == "basic":
username, passwd = base64.b64decode(auth[1]).decode(
"utf-8", "ignore").split(':')
user = authenticate(username=username, password=passwd)
if user is not None and user.is_active:
user_subdomains = SubDomain.objects.filter(
user=user)
valid_domain = False
for sub in user_subdomains:
if domain == "%s.%s" % (sub.name,
settings.DNS_DOMAIN):
valid_domain = True
if valid_domain:
return_code, message = set_ip(
request, domain, ip)
else:
return_code = "nohost"
message = "The hostname specified does not exist in this user account"
else:
return_code = "badauth"
message = "The username and password pair do not match a real user"
else:
return_code = "unknown"
message = "Incorrect authentication format"
else:
return_code = "unknown"
message = "Incorrect authentication format"
else:
return_code = "unknown"
message = "Missing header HTTP_AUTHORIZATION"
else:
return_code = "badagent"
message = "Missing header HTTP_USER_AGENT"
else:
return_code = "abuse"
message = "You have exceeded the maximum number of attempts"
#if return_code != "nochg":
register = False
last_activity = Activity_log.objects.filter(user_affected=username).last()
if last_activity:
if last_activity.code != return_code or return_code == "good":
register = True
else:
register = True
if register:
Activity_log(action='SYNC',
agent=agent,
ip=ip,
code=return_code,
xforward=ip_x_forwarded,
user_affected=username,
domain=domain,
result="%s" % (message)).save()
return HttpResponse(return_code)
def set_ip_web(request, domain, ip):
myjson = {
'message': '',
'success': False,
}
admin = False
user = request.user
if user.is_superuser:
admin = True
#print "Dominio"
#print domain
subdomain = domain.split(".")[0]
subdomain_obj = SubDomain.objects.get(name=subdomain)
try:
check_valid_subdomain = SubDomain.objects.get(user=user,
name=subdomain)
except SubDomain.DoesNotExist:
check_valid_subdomain = False
if check_valid_subdomain or admin:
agent = ""
ip_x_forwarded = ""
username = user.username
if 'HTTP_X_FORWARDED_FOR' in request.META:
ip_x_forwarded = request.META['HTTP_X_FORWARDED_FOR']
if 'HTTP_USER_AGENT' in request.META:
agent = request.META['HTTP_USER_AGENT']
return_code, message = set_ip(request, domain, ip)
if return_code == "good":
myjson['success'] = True
else:
myjson['message'] = message
#print return_code
#if return_code != "nochg":
register = False
last_activity = Activity_log.objects.filter(
user_affected=username).last()
if last_activity:
if last_activity.code != return_code or return_code == "good":
register = True
else:
register = True
if register:
Activity_log(action='SYNC',
agent=agent,
ip=ip,
code=return_code,
xforward=ip_x_forwarded,
user_affected=subdomain_obj.user.username,
domain=domain,
result="%s" % (message)).save()
return HttpResponse(json.dumps(myjson))
def set_user(request):
myjson = {
'error': "",
'success': False,
}
#print request.POST
if "username" in request.POST.keys():
username = request.POST['username']
name = request.POST['name']
last_name = request.POST['last_name']
email = request.POST['email']
password = request.POST['password']
is_admin = request.POST['is_admin']
if is_admin == "1":
is_admin = True
else:
is_admin = False
try:
user_exist = User.objects.get(username=username)
myjson['error'] = "username exist"
return HttpResponse(json.dumps(myjson))
except User.DoesNotExist:
user = User.objects.create_user(username=username,
email=email,
password=password)
if password:
#user.password=password
user.set_password(password)
user.first_name = name
user.last_name = last_name
user.is_superuser = is_admin
user.save()
myjson['success'] = True
Activity_log(action='EDIT USER',
xforward=getForwardedFor(request),
user_affected=request.user,
result="Edit User --> name: %s" % user).save()
elif "id_user" in request.POST.keys():
name = request.POST['name']
last_name = request.POST['last_name']
email = request.POST['email']
password = request.POST['password']
is_admin = request.POST['is_admin']
user = User.objects.get(id=request.POST['id_user'])
if is_admin == "1":
is_admin = True
else:
is_admin = False
user.first_name = name
user.last_name = last_name
user.is_superuser = is_admin
user.email = email
if password:
#user.password=password
#print password
user.set_password(password)
user.save()
myjson['success'] = True
Activity_log(action='SET USER',
xforward=getForwardedFor(request),
user_affected=request.user,
result="Add User --> name: %s" % user).save()
else:
myjson['error'] = "No se pasaron los datos por post"
return HttpResponse(json.dumps(myjson))