Esempio n. 1
0
def server_terminate_group(group_id):
    """Terminate all instances in the specified instance group."""
    instances = aws.get_instances_in_group(group_id)
    instances_metadata = []
    is_admin = ldapuser.is_admin(session['username'])
    for instance in instances:
        if not is_admin:
            if not aws.is_owner(instance_id, session['username']):
                abort(404)

        instances_metadata.append({
            'id':
            instance.id,
            'private_ip_address':
            instance.private_ip_address
        })

    if request.method == 'POST':
        for instance in instances:
            if aws.can_terminate(instance):
                aws.terminate_instance.delay(instance.id)

        if request_wants_json():
            return jsonify(True)
        else:
            return redirect(url_for('server_list'))

    return render_template('confirm.html',
                           termination_group_metadata=instances_metadata)
Esempio n. 2
0
def index():
    if 'username' in session:
        if ldapuser.is_admin(session['username']):
            return redirect(url_for('admin_dashboard'))
        else:
            return redirect(url_for('server_list'))
    else:
        return redirect(url_for('login'))
Esempio n. 3
0
    def decorated_admin_function(*args, **kwargs):
        if 'username' not in session:
            return redirect(url_for('login'))

        if not ldapuser.is_admin(session['username']):
            return abort(403)

        return f(*args, **kwargs)
Esempio n. 4
0
def isadmin():
    try:
        if 'username' in session:
            return ldapuser.is_admin(session['username'])
    except:
        # Since this is a template function it should not propagate the error
        # up, as it is called on the error pages as well.
        return False
    return False
Esempio n. 5
0
    def func(*args, **kwargs):
        if not is_logged_in():
            return redirect(url_for('login'))

        current_user = session['username']
        ssh_key_id = kwargs.get('ssh_key_id')
        owner = ssh_keys.get_owner(ssh_key_id)
        if current_user != owner and not ldapuser.is_admin(current_user):
            return errors.show_error(401, 'Unauthorized')

        return f(*args, **kwargs)
Esempio n. 6
0
    def decorated_admin_function(*args, **kwargs):
        if 'username' not in session:
            return redirect(url_for('login'))

        if 'instance_id' not in kwargs:
            return abort(400)

        if not aws.is_owner(kwargs['instance_id'], session['username']):
            if not ldapuser.is_admin(session['username']):
                return abort(403)

        return f(*args, **kwargs)
Esempio n. 7
0
def ssh_key_create():
    """Handle GET (render) and POST (submit form to DB) requests at /ssh/create."""
    if request.method == 'POST':
        # Only allow admins to modify username, use session as fallback
        if ldapuser.is_admin(session['username']):
            username = request.form.get('username', session['username'])
        else:
            username = session['username']
        key_name = request.form['key_name']
        ssh_key = request.form['ssh_key']
        ssh_keys.create_new_key(username, key_name, ssh_key)
        return redirect(url_for('ssh_key_list'))
    return render_template('ssh_form.html', ssh_info={})
Esempio n. 8
0
def ssh_key_update(ssh_key_id, admin=None):
    """Handle GET (render form) and POST (update db) requests at /ssh/<id>/update."""
    ssh_info = ssh_keys.get_ssh_key(ssh_key_id)
    if request.method == 'POST':
        # Only allow admins to modify username, use session as fallback
        if ldapuser.is_admin(session['username']):
            username = request.form.get('username', session['username'])
        else:
            username = session['username']
        key_name = request.form.get('key_name', ssh_info['key_name'])
        ssh_key = request.form.get('ssh_key', ssh_info['ssh_key'])
        ssh_keys.update_ssh_key(ssh_key_id, username, key_name, ssh_key)

        # Redirect admin users back to the admin panel
        if admin:
            return redirect(url_for('admin_dashboard'))
        return redirect(url_for('ssh_key_list'))

    return render_template('ssh_form.html', ssh_info=ssh_info)