def get_form(self, request, obj=None, **kwargs): choices = [] for k in METHODS.keys(): choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION)) AuthEventAdminForm.Meta.widgets['auth_method'] = forms.Select(attrs={'obj':'str'}, choices=choices) f = super(AuthEventAdmin, self).get_form(request, obj, **kwargs) return f
def get_form(self, request, obj=None, **kwargs): choices = [] for k in METHODS.keys(): choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION)) AuthEventAdminForm.Meta.widgets['auth_method'] = forms.Select( attrs={'obj': 'str'}, choices=choices) f = super(AuthEventAdmin, self).get_form(request, obj, **kwargs) return f
class Meta: model = AuthEvent fields = ('auth_method', 'census', 'auth_method_config', 'extra_fields', 'status') choices = [] for k in METHODS.keys(): choices.append((k, k + ': ' + METHODS.get(k).DESCRIPTION)) widgets = { 'auth_method': forms.Select(attrs={'obj': 'str'}, choices=choices), }
def check_authmethod(method): """ Check if method exists in method list. """ from authmethods import METHODS if method in METHODS.keys(): return '' else: return "Invalid authmethod\n"
def get(self, request, name=None): ''' Lists all existing modules if not pk. If pk show the module given. ''' if name is None: # show all data = {'methods': []} for k in METHODS.keys(): desc = METHODS.get(k).DESCRIPTION config = METHODS.get(k).CONFIG pipe = VALID_PIPELINES meta = VALID_FIELDS data['methods'].append([ k, { 'description': desc, 'auth_method_config': config, 'pipelines': pipe, 'extra_fields': meta, } ]) elif name in METHODS.keys(): # show module desc = METHODS.get(name).DESCRIPTION config = METHODS.get(name).CONFIG pipe = VALID_PIPELINES meta = VALID_FIELDS data = { name: { 'description': desc, 'auth_method_config': config, 'pipelines': pipe, 'extra_fields': meta, } } jsondata = json.dumps(data) return HttpResponse(jsondata, content_type='application/json')
def get(self, request, name=None): ''' Lists all existing modules if not pk. If pk show the module given. ''' if name is None: # show all data = {'methods': []} for k in METHODS.keys(): desc = METHODS.get(k).DESCRIPTION config = METHODS.get(k).CONFIG pipe = VALID_PIPELINES meta = VALID_FIELDS data['methods'].append( [k, { 'description': desc, 'auth_method_config': config, 'pipelines': pipe, 'extra_fields': meta, }] ) elif name in METHODS.keys(): # show module desc = METHODS.get(name).DESCRIPTION config = METHODS.get(name).CONFIG pipe = VALID_PIPELINES meta = VALID_FIELDS data = { name: { 'description': desc, 'auth_method_config': config, 'pipelines': pipe, 'extra_fields': meta, } } return json_response(data)
def post(request, pk=None): ''' Creates a new auth-event or edit auth_event create_authevent permission required or edit_authevent permission required ''' try: req = json.loads(request.body.decode('utf-8')) except: bad_request = json.dumps({"error": "bad_request"}) return HttpResponseBadRequest(bad_request, content_type='application/json') if pk is None: # create permission_required(request.user, 'AuthEvent', 'create') auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: data = {'msg': msg} jsondata = json.dumps(data) return HttpResponse(jsondata, status=400, content_type='application/json') auth_method_config = { "config": METHODS.get(auth_method).CONFIG, "pipeline": METHODS.get(auth_method).PIPELINES } config = req.get('config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields( extra_fields, METHODS.get(auth_method).USED_TYPE_FIELDS) census = req.get('census', '') if not census in ('open', 'close'): msg += "Invalid type of census\n" if msg: data = {'msg': msg} jsondata = json.dumps(data) return HttpResponse(jsondata, status=400, content_type='application/json') if config: auth_method_config.get('config').update(config) ae = AuthEvent(auth_method=auth_method, auth_method_config=auth_method_config, extra_fields=extra_fields, census=census) # Save before the acl creation to get the ae id ae.save() acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.id) acl.save() acl = ACL(user=request.user.userdata, perm='create', object_type='UserData', object_id=ae.id) acl.save() # if necessary, generate captchas from authmethods.utils import have_captcha if have_captcha(ae): generate_captcha(settings.PREGENERATION_CAPTCHA) else: # edit permission_required(request.user, 'AuthEvent', 'edit', pk) auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: data = {'msg': msg} jsondata = json.dumps(data) return HttpResponse(jsondata, status=400, content_type='application/json') config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields(extra_fields) if msg: data = {'msg': msg} jsondata = json.dumps(data) return HttpResponse(jsondata, status=400, content_type='application/json') ae = AuthEvent.objects.get(pk=pk) ae.auth_method = auth_method if config: ae.auth_method_config.get('config').update(config) if extra_fields: ae.extra_fields = extra_fields ae.save() # TODO: Problem if object_id is None, change None by 0 acl = get_object_or_404(ACL, user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.pk) data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()} jsondata = json.dumps(data) return HttpResponse(jsondata, content_type='application/json')
def post(request, pk=None): ''' Creates a new auth-event or edit auth_event create_authevent permission required or edit_authevent permission required ''' try: req = parse_json_request(request) except: return json_response(status=400, error_codename=ErrorCodes.BAD_REQUEST) if pk is None: # create permission_required(request.user, 'AuthEvent', 'create') auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) auth_method_config = { "config": METHODS.get(auth_method).CONFIG, "pipeline": METHODS.get(auth_method).PIPELINES } config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields( extra_fields, METHODS.get(auth_method).USED_TYPE_FIELDS) census = req.get('census', '') # check census mode if not census in ('open', 'close'): return json_response(status=400, error_codename="INVALID_CENSUS_TYPE") error_kwargs = plugins.call("extend_type_census", census) if error_kwargs: return json_response(**error_kwargs[0]) real = req.get('real', False) based_in = req.get('based_in', None) if based_in and not ACL.objects.filter(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=based_in): msg += "Invalid id to based_in" if msg: return json_response(status=400, message=msg, error_codename=ErrorCodes.BAD_REQUEST) if config: auth_method_config.get('config').update(config) ae = AuthEvent(auth_method=auth_method, auth_method_config=auth_method_config, extra_fields=extra_fields, census=census, real=real, based_in=based_in) # Save before the acl creation to get the ae id ae.save() acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.id) acl.save() acl = ACL(user=request.user.userdata, perm='create', object_type='UserData', object_id=ae.id) acl.save() # if necessary, generate captchas from authmethods.utils import have_captcha if have_captcha(ae): generate_captcha(settings.PREGENERATION_CAPTCHA) else: # edit permission_required(request.user, 'AuthEvent', 'edit', pk) auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields(extra_fields) if msg: return json_response(status=400, message=msg) ae = AuthEvent.objects.get(pk=pk) ae.auth_method = auth_method if config: ae.auth_method_config.get('config').update(config) if extra_fields: ae.extra_fields = extra_fields ae.save() # TODO: Problem if object_id is None, change None by 0 acl = get_object_or_404(ACL, user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.pk) data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()} return json_response(data)
def post(request, pk=None): ''' Creates a new auth-event or edit auth_event create_authevent permission required or edit_authevent permission required ''' try: req = parse_json_request(request) except: return json_response( status=400, error_codename=ErrorCodes.BAD_REQUEST) if pk is None: # create real = req.get('real', False) if real: # requires create perm permission_required(request.user, 'AuthEvent', 'create') else: # requires create or create-notreal permission_required(request.user, 'AuthEvent', ['create', 'create-notreal']) auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) auth_method_config = { "config": METHODS.get(auth_method).CONFIG, "pipeline": METHODS.get(auth_method).PIPELINES } config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields( extra_fields, METHODS.get(auth_method).USED_TYPE_FIELDS) slug_set = set() for field in extra_fields: if 'name' in field: field['slug'] = slugify(field['name']).replace("-","_").upper() slug_set.add(field['slug']) else: msg += "some extra_fields have no name\n" if len(slug_set) != len(extra_fields): msg += "some extra_fields may have repeated slug names\n" census = req.get('census', '') # check census mode if not census in ('open', 'close'): return json_response( status=400, error_codename="INVALID_CENSUS_TYPE") error_kwargs = plugins.call("extend_type_census", census) if error_kwargs: return json_response(**error_kwargs[0]) based_in = req.get('based_in', None) if based_in and not ACL.objects.filter(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=based_in): msg += "Invalid id to based_in" # Note that a login is only complete if a call has been received and # accepted at /authevent/<ID>/successful_login num_successful_logins_allowed = req.get( 'num_successful_logins_allowed', 0) if type(num_successful_logins_allowed) is not int: msg += "num_successful_logins_allowed invalid type" if msg: return json_response( status=400, message=msg, error_codename=ErrorCodes.BAD_REQUEST) if config: auth_method_config.get('config').update(config) ae = AuthEvent(auth_method=auth_method, auth_method_config=auth_method_config, extra_fields=extra_fields, census=census, real=real, num_successful_logins_allowed=num_successful_logins_allowed, based_in=based_in) # Save before the acl creation to get the ae id ae.save() acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.id) acl.save() acl = ACL(user=request.user.userdata, perm='create', object_type='UserData', object_id=ae.id) acl.save() # if necessary, generate captchas from authmethods.utils import have_captcha if have_captcha(ae): generate_captcha(settings.PREGENERATION_CAPTCHA) else: # edit permission_required(request.user, 'AuthEvent', 'edit', pk) auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields(extra_fields) if msg: return json_response(status=400, message=msg) ae = AuthEvent.objects.get(pk=pk) ae.auth_method = auth_method if config: ae.auth_method_config.get('config').update(config) if extra_fields: ae.extra_fields = extra_fields ae.save() # TODO: Problem if object_id is None, change None by 0 acl = get_object_or_404(ACL, user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.pk) data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()} return json_response(data)
def post(request, pk=None): ''' Creates a new auth-event or edit auth_event create_authevent permission required or edit_authevent permission required ''' try: req = json.loads(request.body.decode('utf-8')) except: return json_response(status=400, error_codename=ErrorCodes.BAD_REQUEST) if pk is None: # create permission_required(request.user, 'AuthEvent', 'create') auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) auth_method_config = { "config": METHODS.get(auth_method).CONFIG, "pipeline": METHODS.get(auth_method).PIPELINES } config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields(extra_fields, METHODS.get(auth_method).USED_TYPE_FIELDS) census = req.get('census', '') if not census in ('open', 'close'): msg += "Invalid type of census\n" if msg: return json_response(status=400, message=msg) if config: auth_method_config.get('config').update(config) ae = AuthEvent(auth_method=auth_method, auth_method_config=auth_method_config, extra_fields=extra_fields, census=census) # Save before the acl creation to get the ae id ae.save() acl = ACL(user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.id) acl.save() acl = ACL(user=request.user.userdata, perm='create', object_type='UserData', object_id=ae.id) acl.save() # if necessary, generate captchas from authmethods.utils import have_captcha if have_captcha(ae): generate_captcha(settings.PREGENERATION_CAPTCHA) else: # edit permission_required(request.user, 'AuthEvent', 'edit', pk) auth_method = req.get('auth_method', '') msg = check_authmethod(auth_method) if msg: return json_response(status=400, message=msg) config = req.get('auth_method_config', None) if config: msg += check_config(config, auth_method) extra_fields = req.get('extra_fields', None) if extra_fields: msg += check_extra_fields(extra_fields) if msg: return json_response(status=400, message=msg) ae = AuthEvent.objects.get(pk=pk) ae.auth_method = auth_method if config: ae.auth_method_config.get('config').update(config) if extra_fields: ae.extra_fields = extra_fields ae.save() # TODO: Problem if object_id is None, change None by 0 acl = get_object_or_404(ACL, user=request.user.userdata, perm='edit', object_type='AuthEvent', object_id=ae.pk) data = {'status': 'ok', 'id': ae.pk, 'perm': acl.get_hmac()} return json_response(data)