def get_form(self, request, obj=None, **kwargs):
choices = []
for k in METHODS.keys():
choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION))
AuthEventAdminForm.Meta.widgets['auth_method'] = forms.Select(attrs={'obj':'str'}, choices=choices)
f = super(AuthEventAdmin, self).get_form(request, obj, **kwargs)
return f
def get_form(self, request, obj=None, **kwargs):
choices = []
for k in METHODS.keys():
choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION))
AuthEventAdminForm.Meta.widgets['auth_method'] = forms.Select(
attrs={'obj': 'str'}, choices=choices)
f = super(AuthEventAdmin, self).get_form(request, obj, **kwargs)
return f
class Meta:
model = AuthEvent
fields = ('auth_method', 'census', 'auth_method_config',
'extra_fields', 'status')
choices = []
for k in METHODS.keys():
choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION))
widgets = {
'auth_method': forms.Select(attrs={'obj': 'str'}, choices=choices),
}
def check_authmethod(method):
""" Check if method exists in method list. """
from authmethods import METHODS
if method in METHODS.keys():
return ''
else:
return "Invalid authmethod\n"
def check_authmethod(method):
""" Check if method exists in method list. """
from authmethods import METHODS
if method in METHODS.keys():
return ''
else:
return "Invalid authmethod\n"
def get(self, request, name=None):
'''
Lists all existing modules if not pk. If pk show the module given.
'''
if name is None: # show all
data = {'methods': []}
for k in METHODS.keys():
desc = METHODS.get(k).DESCRIPTION
config = METHODS.get(k).CONFIG
pipe = VALID_PIPELINES
meta = VALID_FIELDS
data['methods'].append([
k, {
'description': desc,
'auth_method_config': config,
'pipelines': pipe,
'extra_fields': meta,
}
])
elif name in METHODS.keys(): # show module
desc = METHODS.get(name).DESCRIPTION
config = METHODS.get(name).CONFIG
pipe = VALID_PIPELINES
meta = VALID_FIELDS
data = {
name: {
'description': desc,
'auth_method_config': config,
'pipelines': pipe,
'extra_fields': meta,
}
}
jsondata = json.dumps(data)
return HttpResponse(jsondata, content_type='application/json')
def get(self, request, name=None):
'''
Lists all existing modules if not pk. If pk show the module given.
'''
if name is None: # show all
data = {'methods': []}
for k in METHODS.keys():
desc = METHODS.get(k).DESCRIPTION
config = METHODS.get(k).CONFIG
pipe = VALID_PIPELINES
meta = VALID_FIELDS
data['methods'].append(
[k, {
'description': desc,
'auth_method_config': config,
'pipelines': pipe,
'extra_fields': meta,
}]
)
elif name in METHODS.keys(): # show module
desc = METHODS.get(name).DESCRIPTION
config = METHODS.get(name).CONFIG
pipe = VALID_PIPELINES
meta = VALID_FIELDS
data = {
name: {
'description': desc,
'auth_method_config': config,
'pipelines': pipe,
'extra_fields': meta,
}
}
return json_response(data)
def post(request, pk=None):
'''
Creates a new auth-event or edit auth_event
create_authevent permission required or
edit_authevent permission required
'''
try:
req = json.loads(request.body.decode('utf-8'))
except:
bad_request = json.dumps({"error": "bad_request"})
return HttpResponseBadRequest(bad_request,
content_type='application/json')
if pk is None: # create
permission_required(request.user, 'AuthEvent', 'create')
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
data = {'msg': msg}
jsondata = json.dumps(data)
return HttpResponse(jsondata,
status=400,
content_type='application/json')
auth_method_config = {
"config": METHODS.get(auth_method).CONFIG,
"pipeline": METHODS.get(auth_method).PIPELINES
}
config = req.get('config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(
extra_fields,
METHODS.get(auth_method).USED_TYPE_FIELDS)
census = req.get('census', '')
if not census in ('open', 'close'):
msg += "Invalid type of census\n"
if msg:
data = {'msg': msg}
jsondata = json.dumps(data)
return HttpResponse(jsondata,
status=400,
content_type='application/json')
if config:
auth_method_config.get('config').update(config)
ae = AuthEvent(auth_method=auth_method,
auth_method_config=auth_method_config,
extra_fields=extra_fields,
census=census)
# Save before the acl creation to get the ae id
ae.save()
acl = ACL(user=request.user.userdata,
perm='edit',
object_type='AuthEvent',
object_id=ae.id)
acl.save()
acl = ACL(user=request.user.userdata,
perm='create',
object_type='UserData',
object_id=ae.id)
acl.save()
# if necessary, generate captchas
from authmethods.utils import have_captcha
if have_captcha(ae):
generate_captcha(settings.PREGENERATION_CAPTCHA)
else: # edit
permission_required(request.user, 'AuthEvent', 'edit', pk)
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
data = {'msg': msg}
jsondata = json.dumps(data)
return HttpResponse(jsondata,
status=400,
content_type='application/json')
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(extra_fields)
if msg:
data = {'msg': msg}
jsondata = json.dumps(data)
return HttpResponse(jsondata,
status=400,
content_type='application/json')
ae = AuthEvent.objects.get(pk=pk)
ae.auth_method = auth_method
if config:
ae.auth_method_config.get('config').update(config)
if extra_fields:
ae.extra_fields = extra_fields
ae.save()
# TODO: Problem if object_id is None, change None by 0
acl = get_object_or_404(ACL,
user=request.user.userdata,
perm='edit',
object_type='AuthEvent',
object_id=ae.pk)
data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()}
jsondata = json.dumps(data)
return HttpResponse(jsondata, content_type='application/json')
def post(request, pk=None):
'''
Creates a new auth-event or edit auth_event
create_authevent permission required or
edit_authevent permission required
'''
try:
req = parse_json_request(request)
except:
return json_response(status=400,
error_codename=ErrorCodes.BAD_REQUEST)
if pk is None: # create
permission_required(request.user, 'AuthEvent', 'create')
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
auth_method_config = {
"config": METHODS.get(auth_method).CONFIG,
"pipeline": METHODS.get(auth_method).PIPELINES
}
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(
extra_fields,
METHODS.get(auth_method).USED_TYPE_FIELDS)
census = req.get('census', '')
# check census mode
if not census in ('open', 'close'):
return json_response(status=400,
error_codename="INVALID_CENSUS_TYPE")
error_kwargs = plugins.call("extend_type_census", census)
if error_kwargs:
return json_response(**error_kwargs[0])
real = req.get('real', False)
based_in = req.get('based_in', None)
if based_in and not ACL.objects.filter(user=request.user.userdata,
perm='edit',
object_type='AuthEvent',
object_id=based_in):
msg += "Invalid id to based_in"
if msg:
return json_response(status=400,
message=msg,
error_codename=ErrorCodes.BAD_REQUEST)
if config:
auth_method_config.get('config').update(config)
ae = AuthEvent(auth_method=auth_method,
auth_method_config=auth_method_config,
extra_fields=extra_fields,
census=census,
real=real,
based_in=based_in)
# Save before the acl creation to get the ae id
ae.save()
acl = ACL(user=request.user.userdata,
perm='edit',
object_type='AuthEvent',
object_id=ae.id)
acl.save()
acl = ACL(user=request.user.userdata,
perm='create',
object_type='UserData',
object_id=ae.id)
acl.save()
# if necessary, generate captchas
from authmethods.utils import have_captcha
if have_captcha(ae):
generate_captcha(settings.PREGENERATION_CAPTCHA)
else: # edit
permission_required(request.user, 'AuthEvent', 'edit', pk)
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(extra_fields)
if msg:
return json_response(status=400, message=msg)
ae = AuthEvent.objects.get(pk=pk)
ae.auth_method = auth_method
if config:
ae.auth_method_config.get('config').update(config)
if extra_fields:
ae.extra_fields = extra_fields
ae.save()
# TODO: Problem if object_id is None, change None by 0
acl = get_object_or_404(ACL,
user=request.user.userdata,
perm='edit',
object_type='AuthEvent',
object_id=ae.pk)
data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()}
return json_response(data)
def post(request, pk=None):
'''
Creates a new auth-event or edit auth_event
create_authevent permission required or
edit_authevent permission required
'''
try:
req = parse_json_request(request)
except:
return json_response(
status=400,
error_codename=ErrorCodes.BAD_REQUEST)
if pk is None: # create
real = req.get('real', False)
if real:
# requires create perm
permission_required(request.user, 'AuthEvent', 'create')
else:
# requires create or create-notreal
permission_required(request.user, 'AuthEvent', ['create', 'create-notreal'])
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
auth_method_config = {
"config": METHODS.get(auth_method).CONFIG,
"pipeline": METHODS.get(auth_method).PIPELINES
}
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(
extra_fields,
METHODS.get(auth_method).USED_TYPE_FIELDS)
slug_set = set()
for field in extra_fields:
if 'name' in field:
field['slug'] = slugify(field['name']).replace("-","_").upper()
slug_set.add(field['slug'])
else:
msg += "some extra_fields have no name\n"
if len(slug_set) != len(extra_fields):
msg += "some extra_fields may have repeated slug names\n"
census = req.get('census', '')
# check census mode
if not census in ('open', 'close'):
return json_response(
status=400,
error_codename="INVALID_CENSUS_TYPE")
error_kwargs = plugins.call("extend_type_census", census)
if error_kwargs:
return json_response(**error_kwargs[0])
based_in = req.get('based_in', None)
if based_in and not ACL.objects.filter(user=request.user.userdata, perm='edit',
object_type='AuthEvent', object_id=based_in):
msg += "Invalid id to based_in"
# Note that a login is only complete if a call has been received and
# accepted at /authevent/<ID>/successful_login
num_successful_logins_allowed = req.get(
'num_successful_logins_allowed', 0)
if type(num_successful_logins_allowed) is not int:
msg += "num_successful_logins_allowed invalid type"
if msg:
return json_response(
status=400,
message=msg,
error_codename=ErrorCodes.BAD_REQUEST)
if config:
auth_method_config.get('config').update(config)
ae = AuthEvent(auth_method=auth_method,
auth_method_config=auth_method_config,
extra_fields=extra_fields,
census=census,
real=real,
num_successful_logins_allowed=num_successful_logins_allowed,
based_in=based_in)
# Save before the acl creation to get the ae id
ae.save()
acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent',
object_id=ae.id)
acl.save()
acl = ACL(user=request.user.userdata, perm='create',
object_type='UserData', object_id=ae.id)
acl.save()
# if necessary, generate captchas
from authmethods.utils import have_captcha
if have_captcha(ae):
generate_captcha(settings.PREGENERATION_CAPTCHA)
else: # edit
permission_required(request.user, 'AuthEvent', 'edit', pk)
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(extra_fields)
if msg:
return json_response(status=400, message=msg)
ae = AuthEvent.objects.get(pk=pk)
ae.auth_method = auth_method
if config:
ae.auth_method_config.get('config').update(config)
if extra_fields:
ae.extra_fields = extra_fields
ae.save()
# TODO: Problem if object_id is None, change None by 0
acl = get_object_or_404(ACL, user=request.user.userdata,
perm='edit', object_type='AuthEvent', object_id=ae.pk)
data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()}
return json_response(data)
def post(request, pk=None):
'''
Creates a new auth-event or edit auth_event
create_authevent permission required or
edit_authevent permission required
'''
try:
req = json.loads(request.body.decode('utf-8'))
except:
return json_response(status=400, error_codename=ErrorCodes.BAD_REQUEST)
if pk is None: # create
permission_required(request.user, 'AuthEvent', 'create')
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
auth_method_config = {
"config": METHODS.get(auth_method).CONFIG,
"pipeline": METHODS.get(auth_method).PIPELINES
}
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(extra_fields, METHODS.get(auth_method).USED_TYPE_FIELDS)
census = req.get('census', '')
if not census in ('open', 'close'):
msg += "Invalid type of census\n"
if msg:
return json_response(status=400, message=msg)
if config:
auth_method_config.get('config').update(config)
ae = AuthEvent(auth_method=auth_method,
auth_method_config=auth_method_config,
extra_fields=extra_fields,
census=census)
# Save before the acl creation to get the ae id
ae.save()
acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent',
object_id=ae.id)
acl.save()
acl = ACL(user=request.user.userdata, perm='create',
object_type='UserData', object_id=ae.id)
acl.save()
# if necessary, generate captchas
from authmethods.utils import have_captcha
if have_captcha(ae):
generate_captcha(settings.PREGENERATION_CAPTCHA)
else: # edit
permission_required(request.user, 'AuthEvent', 'edit', pk)
auth_method = req.get('auth_method', '')
msg = check_authmethod(auth_method)
if msg:
return json_response(status=400, message=msg)
config = req.get('auth_method_config', None)
if config:
msg += check_config(config, auth_method)
extra_fields = req.get('extra_fields', None)
if extra_fields:
msg += check_extra_fields(extra_fields)
if msg:
return json_response(status=400, message=msg)
ae = AuthEvent.objects.get(pk=pk)
ae.auth_method = auth_method
if config:
ae.auth_method_config.get('config').update(config)
if extra_fields:
ae.extra_fields = extra_fields
ae.save()
# TODO: Problem if object_id is None, change None by 0
acl = get_object_or_404(ACL, user=request.user.userdata,
perm='edit', object_type='AuthEvent', object_id=ae.pk)
data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()}
return json_response(data)