Esempio n. 1
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func in (login, cas_login) and request.POST.get(
            'logoutRequest', ''):
            if cas_request_logout_allowed(request):
                return cas_logout(request, *view_args, **view_kwargs)
            return HttpResponseForbidden()

        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        # for all view modules except django admin. by default, we redirect to
        # cas for all admin views
        # for all other views, we treats the request with respect of views
        # configuration
        if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH):
            return None


        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(
            '{}?{}'.format(reverse('django_cas:login'), params)
        )
Esempio n. 2
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func in (login, cas_login) and request.POST.get(
            'logoutRequest', ''):
            if cas_request_logout_allowed(request):
                return cas_logout(request, *view_args, **view_kwargs)
            return HttpResponseForbidden()

        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 3
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func in (login, cas_login) and request.POST.get(
                'logoutRequest', ''):
            if cas_request_logout_allowed(request):
                return cas_logout(request, *view_args, **view_kwargs)
            return HttpResponseForbidden()

        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        # for all view modules except django admin. by default, we redirect to
        # cas for all admin views
        # for all other views, we treats the request with respect of views
        # configuration
        if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect('{}?{}'.format(reverse('django_cas:login'),
                                                   params))
Esempio n. 4
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """

        #        print "in process view: %s (%s)..." % (view_func, type(view_func))

        if view_func == login:
            #            print "func is login ..."
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
            #            print "func is logout..."
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                #                return self._cas_gateway(request, view_func)
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            #            return self._cas_gateway(request, view_func)
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)

        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 5
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """

#        print "in process view: %s (%s)..." % (view_func, type(view_func))

        if view_func == login:
#            print "func is login ..."
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
#            print "func is logout..."
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
#                return self._cas_gateway(request, view_func)
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
#            return self._cas_gateway(request, view_func)
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)

        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 6
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """

        def is_admin_authentication(viewf, function_name):
            """
            The previous code here did not work with current admin functionality
            so we're matching in an admittedly nonpythonic way against the admin
            login/logout paths. Update to this function quite welcome!
            """
            return viewf.__module__.startswith('django.contrib.admin.sites') and viewf.__name__ is function_name

        if is_admin_authentication(view_func, 'login'):
            return cas_login(request, *view_args, **view_kwargs)
        elif is_admin_authentication(view_func, 'logout'):
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 7
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        try:
         next = request.GET['next'][:6]
        except:
         next = False
        if view_func == login and next == "/admin":
            return cas_login(request, *view_args, **view_kwargs)
        elif str(view_func)[:16] == str(logout)[:16]:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>')
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 8
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        try:
            next = request.GET['next'][:6]
        except:
            next = False
        if view_func == login and next == "/admin":
            return cas_login(request, *view_args, **view_kwargs)
        elif str(view_func)[:16] == str(logout)[:16]:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = (
                    '<h1>Forbidden</h1><p>You do not have staff '
                    'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>'
                )
                return HttpResponseForbidden(error)
        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 9
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """

        if view_func == auth.views.login:
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == auth.views.logout:
            return cas_logout(request, *view_args, **view_kwargs)

        if not view_func.__module__.startswith('django.contrib.admin.'):
            # not admin? then we don't care. Pass along the request.
            return None

        if not request.user.is_authenticated():
            params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
            return HttpResponseRedirect(settings.LOGIN_URL + '?' + params)

        if request.user.is_staff:
            return None

        error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
        return HttpResponseForbidden(error)
Esempio n. 10
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX and \
           not request.path.startswith(settings.CAS_ADMIN_PREFIX):

                # Ignore static
                if view_func.__module__.startswith('django.views.static'):
                    return None

                # Log out admins that stray off the admin section
                if getattr(settings, "CAS_ADMIN_VIEWS_RESTRICTED", False):
                    if request.user.is_authenticated():
                        if request.user.is_staff:
                            return user_logout(request)

                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)

        # Allow admins to log in by other means
        elif getattr(settings, 'CAS_ADMIN_IGNORE', False):
            return None

        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 11
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """ Forwards unauthenticated requests to the admin page to the CAS
            login URL, as well as calls to django.contrib.auth.views.login and
            logout.
        """
        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        if view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        # The rest of this method amends the Django admin authorization wich
        # will post a username/password dialog to authenticate to django admin.
        if not view_func.__module__.startswith("django.contrib.admin."):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                raise PermissionDenied("No staff priviliges")
        params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(settings.LOGIN_URL + "?" + params)
Esempio n. 12
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func == login:
            # # how to get the next query of the URL?
            # url = request.get_full_path()
            # qs = parse_qs(urlparse(url).query)
            # # print qs
            # # print "appended QUERY string:", request.GET.urlencode()
            # if REDIRECT_FIELD_NAME in qs:
            #     # print qs
            #     redirect = qs[REDIRECT_FIELD_NAME][0]
            #     res = re.match(r"^/loginredirect/(?P<identity>\w+)/", redirect)
            #     if res is not None and res.group('identity') == "student":
            #         return cas_login(request)

            return login(request, *view_args, **view_kwargs)

        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)

        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)
Esempio n. 13
0
    def process_view(self, request, view_func, view_args, view_kwargs):
        """ Forwards unauthenticated requests to the admin page to the CAS
            login URL, as well as calls to django.contrib.auth.views.login and
            logout.
        """
        if view_func == login:
            return cas_login(request, *view_args, **view_kwargs)
        if view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        # The rest of this method amends the Django admin authorization wich
        # will post a username/password dialog to authenticate to django admin.
        if not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                raise PermissionDenied("No staff priviliges")
        params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(settings.LOGIN_URL + '?' + params)
    def process_view(self, request, view_func, view_args, view_kwargs):
        """Forwards unauthenticated requests to the admin page to the CAS
        login URL, as well as calls to django.contrib.auth.views.login and
        logout.
        """
        if view_func == login:
            # # how to get the next query of the URL?
            # url = request.get_full_path()
            # qs = parse_qs(urlparse(url).query)
            # # print qs
            # # print "appended QUERY string:", request.GET.urlencode()
            # if REDIRECT_FIELD_NAME in qs:
            #     # print qs
            #     redirect = qs[REDIRECT_FIELD_NAME][0]
            #     res = re.match(r"^/loginredirect/(?P<identity>\w+)/", redirect)
            #     if res is not None and res.group('identity') == "student":
            #         return cas_login(request)

            return login(request, *view_args, **view_kwargs)

        elif view_func == logout:
            return cas_logout(request, *view_args, **view_kwargs)

        if settings.CAS_ADMIN_PREFIX:
            if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
                return None
        elif not view_func.__module__.startswith('django.contrib.admin.'):
            return None

        if request.user.is_authenticated():
            if request.user.is_staff:
                return None
            else:
                error = ('<h1>Forbidden</h1><p>You do not have staff '
                         'privileges.</p>')
                return HttpResponseForbidden(error)

        params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
        return HttpResponseRedirect(reverse(cas_login) + '?' + params)