def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func in (login, cas_login) and request.POST.get(
'logoutRequest', ''):
if cas_request_logout_allowed(request):
return cas_logout(request, *view_args, **view_kwargs)
return HttpResponseForbidden()
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
# for all view modules except django admin. by default, we redirect to
# cas for all admin views
# for all other views, we treats the request with respect of views
# configuration
if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(
'{}?{}'.format(reverse('django_cas:login'), params)
)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func in (login, cas_login) and request.POST.get(
'logoutRequest', ''):
if cas_request_logout_allowed(request):
return cas_logout(request, *view_args, **view_kwargs)
return HttpResponseForbidden()
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func in (login, cas_login) and request.POST.get(
'logoutRequest', ''):
if cas_request_logout_allowed(request):
return cas_logout(request, *view_args, **view_kwargs)
return HttpResponseForbidden()
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
# for all view modules except django admin. by default, we redirect to
# cas for all admin views
# for all other views, we treats the request with respect of views
# configuration
if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect('{}?{}'.format(reverse('django_cas:login'),
params))
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
# print "in process view: %s (%s)..." % (view_func, type(view_func))
if view_func == login:
# print "func is login ..."
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
# print "func is logout..."
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
# return self._cas_gateway(request, view_func)
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
# return self._cas_gateway(request, view_func)
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
# print "in process view: %s (%s)..." % (view_func, type(view_func))
if view_func == login:
# print "func is login ..."
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
# print "func is logout..."
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
# return self._cas_gateway(request, view_func)
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
# return self._cas_gateway(request, view_func)
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
def is_admin_authentication(viewf, function_name):
"""
The previous code here did not work with current admin functionality
so we're matching in an admittedly nonpythonic way against the admin
login/logout paths. Update to this function quite welcome!
"""
return viewf.__module__.startswith('django.contrib.admin.sites') and viewf.__name__ is function_name
if is_admin_authentication(view_func, 'login'):
return cas_login(request, *view_args, **view_kwargs)
elif is_admin_authentication(view_func, 'logout'):
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
try:
next = request.GET['next'][:6]
except:
next = False
if view_func == login and next == "/admin":
return cas_login(request, *view_args, **view_kwargs)
elif str(view_func)[:16] == str(logout)[:16]:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
try:
next = request.GET['next'][:6]
except:
next = False
if view_func == login and next == "/admin":
return cas_login(request, *view_args, **view_kwargs)
elif str(view_func)[:16] == str(logout)[:16]:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = (
'<h1>Forbidden</h1><p>You do not have staff '
'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>'
)
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == auth.views.login:
return cas_login(request, *view_args, **view_kwargs)
elif view_func == auth.views.logout:
return cas_logout(request, *view_args, **view_kwargs)
if not view_func.__module__.startswith('django.contrib.admin.'):
# not admin? then we don't care. Pass along the request.
return None
if not request.user.is_authenticated():
params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(settings.LOGIN_URL + '?' + params)
if request.user.is_staff:
return None
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX and \
not request.path.startswith(settings.CAS_ADMIN_PREFIX):
# Ignore static
if view_func.__module__.startswith('django.views.static'):
return None
# Log out admins that stray off the admin section
if getattr(settings, "CAS_ADMIN_VIEWS_RESTRICTED", False):
if request.user.is_authenticated():
if request.user.is_staff:
return user_logout(request)
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
# Allow admins to log in by other means
elif getattr(settings, 'CAS_ADMIN_IGNORE', False):
return None
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
""" Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
if view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
# The rest of this method amends the Django admin authorization wich
# will post a username/password dialog to authenticate to django admin.
if not view_func.__module__.startswith("django.contrib.admin."):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
raise PermissionDenied("No staff priviliges")
params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(settings.LOGIN_URL + "?" + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == login:
# # how to get the next query of the URL?
# url = request.get_full_path()
# qs = parse_qs(urlparse(url).query)
# # print qs
# # print "appended QUERY string:", request.GET.urlencode()
# if REDIRECT_FIELD_NAME in qs:
# # print qs
# redirect = qs[REDIRECT_FIELD_NAME][0]
# res = re.match(r"^/loginredirect/(?P<identity>\w+)/", redirect)
# if res is not None and res.group('identity') == "student":
# return cas_login(request)
return login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
""" Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == login:
return cas_login(request, *view_args, **view_kwargs)
if view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
# The rest of this method amends the Django admin authorization wich
# will post a username/password dialog to authenticate to django admin.
if not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
raise PermissionDenied("No staff priviliges")
params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(settings.LOGIN_URL + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs):
"""Forwards unauthenticated requests to the admin page to the CAS
login URL, as well as calls to django.contrib.auth.views.login and
logout.
"""
if view_func == login:
# # how to get the next query of the URL?
# url = request.get_full_path()
# qs = parse_qs(urlparse(url).query)
# # print qs
# # print "appended QUERY string:", request.GET.urlencode()
# if REDIRECT_FIELD_NAME in qs:
# # print qs
# redirect = qs[REDIRECT_FIELD_NAME][0]
# res = re.match(r"^/loginredirect/(?P<identity>\w+)/", redirect)
# if res is not None and res.group('identity') == "student":
# return cas_login(request)
return login(request, *view_args, **view_kwargs)
elif view_func == logout:
return cas_logout(request, *view_args, **view_kwargs)
if settings.CAS_ADMIN_PREFIX:
if not request.path.startswith(settings.CAS_ADMIN_PREFIX):
return None
elif not view_func.__module__.startswith('django.contrib.admin.'):
return None
if request.user.is_authenticated():
if request.user.is_staff:
return None
else:
error = ('<h1>Forbidden</h1><p>You do not have staff '
'privileges.</p>')
return HttpResponseForbidden(error)
params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()})
return HttpResponseRedirect(reverse(cas_login) + '?' + params)