コード例 #1
0
def delet_domain(request):
    myjson = {
        'error': "",
        'success': False,
    }

    if "id_domain" in request.POST.keys():
        id_domain = request.POST['id_domain']
        domain = SubDomain.objects.get(id=id_domain)
        domain_name = domain.name
        domain_user = domain.user

        if request.user.is_superuser or request.user == domain_user:
            domain.delete()
            myjson['success'] = True
            Activity_log(action='DELET DOMAIN',
                         xforward=getForwardedFor(request),
                         user_affected=domain_user,
                         result="Delet domain --> name: %s" %
                         domain_name).save()
        else:
            myjson['error'] = "permission"
    else:
        myjson['error'] = "No se pasaron los datos por post"
    return HttpResponse(json.dumps(myjson))
コード例 #2
0
def delet_user(request):
    myjson = {
        'error': "",
        'success': False,
    }
    if "id_user" in request.POST.keys():
        id_user = request.POST['id_user']
        user = User.objects.get(id=request.POST['id_user'])
        user.delete()
        myjson['success'] = True
        Activity_log(action='DELET USER',
                     xforward=getForwardedFor(request),
                     user_affected=request.user,
                     result="Delet User --> name: %s" % user).save()
    else:
        myjson['error'] = "No se pasaron los datos por post"
    return HttpResponse(json.dumps(myjson))
コード例 #3
0
ファイル: views.py プロジェクト: tajisoft/PyDDNS
def dologin(request):
    myjson = {
        'errors': {},
        'message': '',
        'success': False,
        'redirect': '',
        'sync': ''
    }
    username = request.POST['username']
    if request.session.test_cookie_worked():
        cant_fails = Activity_log.objects.filter(
            action='DOLOGIN',
            xforward=getForwardedFor(request),
            date__gt=(datetime.now() - timedelta(minutes=10)),
            result__startswith='False').count()
        if cant_fails >= 5:
            myjson['errors'][
                'reason'] = u'Ha superado la cantidad máxima de intentos.'
        else:
            user = authenticate(username=username,
                                password=request.POST['password'])
            if user is not None:
                if user.is_active:
                    request.session.delete_test_cookie()
                    djlogin(request, user)
                    myjson['success'] = True
                    myjson['message'] = 'Bienvenido, %s!' % (
                        user.get_full_name(), )
                    myjson['redirect'] = '/common/main/'
                    myjson['errors']['reason'] = 'Login correcto.'
                else:
                    myjson['errors']['reason'] = 'Cuenta deshabilitada.'
            else:
                myjson['errors']['reason'] = 'Usuario y/o clave invalida.'
    else:
        myjson['errors'][
            'reason'] = 'Por favor, habilite las Cookies en su navegador.'
    Activity_log(action='DOLOGIN',
                 xforward=getForwardedFor(request),
                 user_affected=username,
                 result="%s - %s" %
                 (myjson['success'], myjson['errors']['reason'])).save()

    return HttpResponse(json.dumps(myjson))
コード例 #4
0
def updateip(request):
    return_code = "unknown"
    username = ""
    domain = ""
    ip = ""
    ip_x_forwarded = ""
    hostname = ""
    message = ""
    agent = ""

    if request.method == 'GET':
        if 'hostname' in request.GET:
            domain = request.GET['hostname']
        if 'myip' in request.GET:
            ip = request.GET['myip']

    if 'HTTP_X_FORWARDED_FOR' in request.META:
        ip_x_forwarded = request.META['HTTP_X_FORWARDED_FOR']

    if 'HTTP_USER_AGENT' in request.META:
        agent = request.META['HTTP_USER_AGENT']

    verified_agent = False
    if settings.DNS_ALLOW_AGENT:
        list_agent_allow = settings.DNS_ALLOW_AGENT.split(",")
        if list_agent_allow:
            for a in list_agent_allow:
                if a in request.META['HTTP_USER_AGENT']:
                    verified_agent = True
    else:
        verified_agent = True

    cant_fails = Activity_log.objects.filter(
        action='SYNC',
        ip=ip,
        date__gt=(datetime.now() - timedelta(minutes=10)),
        result__startswith='False').count()
    if cant_fails < 10:
        if verified_agent:
            if 'HTTP_AUTHORIZATION' in request.META:
                auth = request.META['HTTP_AUTHORIZATION'].split()
                if len(auth) == 2:
                    logger.info(auth)
                    logger.info(auth[0].lower())
                    logger.info(auth[1])

                    if auth[0].lower() == "basic":
                        username, passwd = base64.b64decode(auth[1]).decode(
                            "utf-8", "ignore").split(':')
                        user = authenticate(username=username, password=passwd)
                        if user is not None and user.is_active:

                            user_subdomains = SubDomain.objects.filter(
                                user=user)
                            valid_domain = False

                            for sub in user_subdomains:
                                if domain == "%s.%s" % (sub.name,
                                                        settings.DNS_DOMAIN):
                                    valid_domain = True

                            if valid_domain:
                                return_code, message = set_ip(
                                    request, domain, ip)
                            else:
                                return_code = "nohost"
                                message = "The hostname specified does not exist in this user account"
                        else:
                            return_code = "badauth"
                            message = "The username and password pair do not match a real user"
                    else:
                        return_code = "unknown"
                        message = "Incorrect authentication format"
                else:
                    return_code = "unknown"
                    message = "Incorrect authentication format"
            else:
                return_code = "unknown"
                message = "Missing header HTTP_AUTHORIZATION"
        else:
            return_code = "badagent"
            message = "Missing header HTTP_USER_AGENT"
    else:
        return_code = "abuse"
        message = "You have exceeded the maximum number of attempts"

    #if return_code != "nochg":
    register = False
    last_activity = Activity_log.objects.filter(user_affected=username).last()
    if last_activity:
        if last_activity.code != return_code or return_code == "good":
            register = True
    else:
        register = True

    if register:
        Activity_log(action='SYNC',
                     agent=agent,
                     ip=ip,
                     code=return_code,
                     xforward=ip_x_forwarded,
                     user_affected=username,
                     domain=domain,
                     result="%s" % (message)).save()

    return HttpResponse(return_code)
コード例 #5
0
def set_ip_web(request, domain, ip):
    myjson = {
        'message': '',
        'success': False,
    }

    admin = False
    user = request.user
    if user.is_superuser:
        admin = True

    #print "Dominio"
    #print domain
    subdomain = domain.split(".")[0]
    subdomain_obj = SubDomain.objects.get(name=subdomain)
    try:
        check_valid_subdomain = SubDomain.objects.get(user=user,
                                                      name=subdomain)
    except SubDomain.DoesNotExist:
        check_valid_subdomain = False

    if check_valid_subdomain or admin:

        agent = ""
        ip_x_forwarded = ""
        username = user.username
        if 'HTTP_X_FORWARDED_FOR' in request.META:
            ip_x_forwarded = request.META['HTTP_X_FORWARDED_FOR']

        if 'HTTP_USER_AGENT' in request.META:
            agent = request.META['HTTP_USER_AGENT']

        return_code, message = set_ip(request, domain, ip)
        if return_code == "good":
            myjson['success'] = True
        else:
            myjson['message'] = message

        #print return_code
        #if return_code != "nochg":

        register = False
        last_activity = Activity_log.objects.filter(
            user_affected=username).last()
        if last_activity:
            if last_activity.code != return_code or return_code == "good":
                register = True
        else:
            register = True

        if register:
            Activity_log(action='SYNC',
                         agent=agent,
                         ip=ip,
                         code=return_code,
                         xforward=ip_x_forwarded,
                         user_affected=subdomain_obj.user.username,
                         domain=domain,
                         result="%s" % (message)).save()

    return HttpResponse(json.dumps(myjson))
コード例 #6
0
def set_user(request):
    myjson = {
        'error': "",
        'success': False,
    }
    #print request.POST
    if "username" in request.POST.keys():
        username = request.POST['username']
        name = request.POST['name']
        last_name = request.POST['last_name']
        email = request.POST['email']
        password = request.POST['password']
        is_admin = request.POST['is_admin']

        if is_admin == "1":
            is_admin = True
        else:
            is_admin = False

        try:
            user_exist = User.objects.get(username=username)
            myjson['error'] = "username exist"
            return HttpResponse(json.dumps(myjson))
        except User.DoesNotExist:
            user = User.objects.create_user(username=username,
                                            email=email,
                                            password=password)
            if password:
                #user.password=password
                user.set_password(password)
            user.first_name = name
            user.last_name = last_name
            user.is_superuser = is_admin
            user.save()
            myjson['success'] = True
        Activity_log(action='EDIT USER',
                     xforward=getForwardedFor(request),
                     user_affected=request.user,
                     result="Edit User --> name: %s" % user).save()

    elif "id_user" in request.POST.keys():
        name = request.POST['name']
        last_name = request.POST['last_name']
        email = request.POST['email']
        password = request.POST['password']
        is_admin = request.POST['is_admin']
        user = User.objects.get(id=request.POST['id_user'])
        if is_admin == "1":
            is_admin = True
        else:
            is_admin = False
        user.first_name = name
        user.last_name = last_name
        user.is_superuser = is_admin
        user.email = email
        if password:
            #user.password=password
            #print password
            user.set_password(password)
        user.save()
        myjson['success'] = True
        Activity_log(action='SET USER',
                     xforward=getForwardedFor(request),
                     user_affected=request.user,
                     result="Add User --> name: %s" % user).save()
    else:
        myjson['error'] = "No se pasaron los datos por post"

    return HttpResponse(json.dumps(myjson))