def logout(request: ExtendedHttpRequestWithUser) -> HttpResponse:
auth.authLogLogout(request)
request.session['restricted'] = False # Remove restricted
logoutUrl = request.user.logout()
if logoutUrl is None:
logoutUrl = request.session.get('logouturl', None)
return auth.webLogout(request, logoutUrl)
def __call__(self, request: ExtendedHttpRequest):
self._process_request(request)
# Now, check if session is timed out...
if request.user:
# return HttpResponse(content='Session Expired', status=403, content_type='text/plain')
now = timezone.now()
expiry = request.session.get(EXPIRY_KEY, now)
if expiry < now:
webLogout(
request=request
) # Ignore the response, just processes usere session logout
return HttpResponse(content='Session Expired', status=403)
# Update session timeout..self.
request.session[EXPIRY_KEY] = now + datetime.timedelta(
seconds=GlobalConfig.SESSION_DURATION_ADMIN.getInt(
) if request.user.isStaff(
) else GlobalConfig.SESSION_DURATION_USER.getInt())
response = self._get_response(request)
return self._process_response(request, response)
def authCallback(request, authName):
"""
This url is provided so external SSO authenticators can get an url for
redirecting back the users.
This will invoke authCallback of the requested idAuth and, if this represents
an authenticator that has an authCallback
"""
from uds.core import auths
try:
authenticator = Authenticator.objects.get(name=authName)
params = request.GET.copy()
params.update(request.POST)
logger.debug('Request session:%s -> %s, %s', request.ip,
request.session.keys(), request.session.session_key)
params['_request'] = request
# params['_session'] = request.session
# params['_user'] = request.user
logger.debug('Auth callback for {0} with params {1}'.format(
authenticator, params.keys()))
user = authenticateViaCallback(authenticator, params)
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
if user is None:
authLogLogin(request, authenticator, '{0}'.format(params),
'Invalid at auth callback')
raise auths.Exceptions.InvalidUserException()
response = HttpResponseRedirect(reverse('Index'))
webLogin(request, response, user,
'') # Password is unavailable in this case
request.session['OS'] = os
# Now we render an intermediate page, so we get Java support from user
# It will only detect java, and them redirect to Java
return response
except auths.Exceptions.Redirect as e:
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
except auths.Exceptions.Logout as e:
return webLogout(request, request.build_absolute_uri(str(e)))
except Exception as e:
logger.exception('authCallback')
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def authCallback_stage2(request: HttpRequest, ticketId: str) -> HttpResponse:
try:
ticket = TicketStore.get(ticketId)
params: typing.Dict[str, typing.Any] = ticket['params']
auth_uuid: str = ticket['auth']
authenticator = Authenticator.objects.get(uuid=auth_uuid)
params['_request'] = request
# params['_session'] = request.session
# params['_user'] = request.user
logger.debug('Request session:%s -> %s, %s', request.ip,
request.session.keys(), request.session.session_key)
user = authenticateViaCallback(authenticator, params)
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
if user is None:
authLogLogin(request, authenticator, '{0}'.format(params),
'Invalid at auth callback')
raise auths.exceptions.InvalidUserException()
response = HttpResponseRedirect(reverse('page.index'))
webLogin(request, response, user,
'') # Password is unavailable in this case
request.session['OS'] = os
# Now we render an intermediate page, so we get Java support from user
# It will only detect java, and them redirect to Java
return response
except auths.exceptions.Redirect as e:
return HttpResponseRedirect(
request.build_absolute_uri(str(e)) if e.args and e.args[0] else '/'
)
except auths.exceptions.Logout as e:
return webLogout(
request,
request.build_absolute_uri(str(e))
if e.args and e.args[0] else None)
except Exception as e:
logger.exception('authCallback')
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def authCallback(request, authName):
"""
This url is provided so external SSO authenticators can get an url for
redirecting back the users.
This will invoke authCallback of the requested idAuth and, if this represents
an authenticator that has an authCallback
"""
from uds.core import auths
try:
authenticator = Authenticator.objects.get(name=authName)
params = request.GET.copy()
params.update(request.POST)
params['_request'] = request
# params['_session'] = request.session
# params['_user'] = request.user
logger.debug('Auth callback for {0} with params {1}'.format(authenticator, params.keys()))
user = authenticateViaCallback(authenticator, params)
os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT'])
if user is None:
authLogLogin(request, authenticator, '{0}'.format(params), 'Invalid at auth callback')
raise auths.Exceptions.InvalidUserException()
response = HttpResponseRedirect(reverse('Index'))
webLogin(request, response, user, '') # Password is unavailable in this case
request.session['OS'] = os
# Now we render an intermediate page, so we get Java support from user
# It will only detect java, and them redirect to Java
return response
except auths.Exceptions.Redirect as e:
return HttpResponseRedirect(request.build_absolute_uri(str(e)))
except auths.Exceptions.Logout as e:
return webLogout(request, request.build_absolute_uri(str(e)))
except Exception as e:
logger.exception('authCallback')
return errors.exceptionView(request, e)
# Will never reach this
raise RuntimeError('Unreachable point reached!!!')
def index(request):
"""
Renders the main page.
:param request: http request
"""
if request.session.get('ticket') == '1':
return webLogout(request)
# Session data
os = request.os
# We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds
groups = list(request.user.getGroups())
availServices = DeployedService.getDeployedServicesForGroups(groups)
availUserServices = UserService.getUserAssignedServices(request.user)
# Information for administrators
nets = ''
validTrans = ''
logger.debug('OS: {0}'.format(os['OS']))
if request.user.isStaff():
nets = ','.join([n.name for n in Network.networksFor(request.ip)])
tt = []
for t in Transport.objects.all():
if t.validForIp(request.ip):
tt.append(t.name)
validTrans = ','.join(tt)
# Extract required data to show to user
services = []
# Select assigned user services (manually assigned)
for svr in availUserServices:
trans = []
for t in svr.transports.all().order_by('priority'):
typeTrans = t.getType()
if t.validForIp(request.ip) and typeTrans.supportsOs(
os['OS']) and t.validForOs(os['OS']):
if typeTrans.ownLink is True:
link = reverse('TransportOwnLink',
args=('A' + svr.uuid, t.uuid))
else:
link = html.udsAccessLink(request, 'A' + svr.uuid, t.uuid)
trans.append({'id': t.uuid, 'name': t.name, 'link': link})
servicePool = svr.deployed_service
if servicePool.image is not None:
imageId = servicePool.image.uuid
else:
imageId = 'x' # Invalid
# Extract app group
group = servicePool.servicesPoolGroup if servicePool.servicesPoolGroup is not None else ServicesPoolGroup.default(
).as_dict
services.append({
'id': 'A' + svr.uuid,
'name': servicePool.name,
'visual_name': servicePool.visual_name,
'description': servicePool.comments,
'group': group,
'transports': trans,
'imageId': imageId,
'show_transports': servicePool.show_transports,
'allow_users_remove': servicePool.allow_users_remove,
'allow_users_reset': servicePool.allow_users_reset,
'maintenance': servicePool.isInMaintenance(),
'not_accesible': not servicePool.isAccessAllowed(),
'in_use': svr.in_use,
'to_be_replaced':
False, # Manually assigned will not be autoremoved never
'comments': servicePool.comments,
})
logger.debug(services)
# Now generic user service
for svr in availServices:
trans = []
for t in svr.transports.all().order_by('priority'):
typeTrans = t.getType()
if typeTrans is None: # This may happen if we "remove" a transport type but we have a transport of that kind on DB
continue
if t.validForIp(request.ip) and typeTrans.supportsOs(
os['OS']) and t.validForOs(os['OS']):
if typeTrans.ownLink is True:
link = reverse('TransportOwnLink',
args=('F' + svr.uuid, t.uuid))
else:
link = html.udsAccessLink(request, 'F' + svr.uuid, t.uuid)
trans.append({'id': t.uuid, 'name': t.name, 'link': link})
if svr.image is not None:
imageId = svr.image.uuid
else:
imageId = 'x'
# Locate if user service has any already assigned user service for this
ads = UserServiceManager.manager().getExistingAssignationForUser(
svr, request.user)
if ads is None:
in_use = False
else:
in_use = ads.in_use
group = svr.servicesPoolGroup.as_dict if svr.servicesPoolGroup is not None else ServicesPoolGroup.default(
).as_dict
tbr = svr.toBeReplaced()
if tbr is not None:
tbr = formats.date_format(tbr, "SHORT_DATETIME_FORMAT")
tbrt = ugettext(
'This service is about to be replaced by a new version. Please, close the session before {} and save all your work to avoid loosing it.'
).format(tbr)
else:
tbrt = ''
services.append({
'id': 'F' + svr.uuid,
'name': svr.name,
'visual_name': svr.visual_name,
'description': svr.comments,
'group': group,
'transports': trans,
'imageId': imageId,
'show_transports': svr.show_transports,
'allow_users_remove': svr.allow_users_remove,
'allow_users_reset': svr.allow_users_reset,
'maintenance': svr.isInMaintenance(),
'not_accesible': not svr.isAccessAllowed(),
'in_use': in_use,
'to_be_replaced': tbr,
'to_be_replaced_text': tbrt,
'comments': svr.comments,
})
logger.debug('Services: {0}'.format(services))
services = sorted(services, key=lambda s: s['name'].upper())
autorun = False
if len(services) == 1 and GlobalConfig.AUTORUN_SERVICE.getBool(
True) and len(services[0]['transports']) > 0:
if request.session.get('autorunDone', '0') == '0':
request.session['autorunDone'] = '1'
autorun = True
# return redirect('uds.web.views.service', idService=services[0]['id'], idTransport=services[0]['transports'][0]['id'])
# List of services groups
allGroups = [
v for v in sorted([ser['group'] for ser in services],
key=lambda s: s['priority'])
]
# Now remove duplicates
groups = []
already = []
for g in allGroups:
if g['name'] not in already:
already.append(g['name'])
groups.append(g)
logger.debug('Groups: {}'.format(groups))
response = render(
request, theme.template('index.html'), {
'groups': groups,
'services': services,
'ip': request.ip,
'nets': nets,
'transports': validTrans,
'autorun': autorun
})
return response
def logout(request):
authLogLogout(request)
return webLogout(request, request.user.logout())
def logout(request):
authLogLogout(request)
logoutUrl = request.user.logout()
if logoutUrl is None:
logoutUrl = request.session.get('logouturl', None)
return webLogout(request, logoutUrl)
def logout(request: HttpRequest) -> HttpResponse:
auth.authLogLogout(request)
logoutUrl = request.user.logout()
if logoutUrl is None:
logoutUrl = request.session.get('logouturl', None)
return auth.webLogout(request, logoutUrl)
def logout(request):
authLogLogout(request)
logoutUrl = request.user.logout()
if logoutUrl is None:
logoutUrl = request.session.get('logouturl', None)
return webLogout(request, logoutUrl)
def index(request):
"""
Renders the main page.
:param request: http request
"""
if request.session.get('ticket') == '1':
return webLogout(request)
# Session data
os = request.os
# We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds
groups = list(request.user.getGroups())
availServices = DeployedService.getDeployedServicesForGroups(groups)
availUserServices = UserService.getUserAssignedServices(request.user)
# Information for administrators
nets = ''
validTrans = ''
logger.debug('OS: {0}'.format(os['OS']))
if request.user.isStaff():
nets = ','.join([n.name for n in Network.networksFor(request.ip)])
tt = []
for t in Transport.objects.all():
if t.validForIp(request.ip):
tt.append(t.name)
validTrans = ','.join(tt)
# Extract required data to show to user
services = []
# Select assigned user services (manually assigned)
for svr in availUserServices:
trans = []
for t in svr.transports.all().order_by('priority'):
typeTrans = t.getType()
if t.validForIp(request.ip) and typeTrans.supportsOs(os['OS']) and t.validForOs(os['OS']):
if typeTrans.ownLink is True:
link = reverse('TransportOwnLink', args=('A' + svr.uuid, t.uuid))
else:
link = html.udsAccessLink(request, 'A' + svr.uuid, t.uuid)
trans.append(
{
'id': t.uuid,
'name': t.name,
'link': link
}
)
servicePool = svr.deployed_service
if servicePool.image is not None:
imageId = servicePool.image.uuid
else:
imageId = 'x' # Invalid
# Extract app group
group = servicePool.servicesPoolGroup if servicePool.servicesPoolGroup is not None else ServicesPoolGroup.default().as_dict
services.append({
'id': 'A' + svr.uuid,
'name': servicePool.name,
'visual_name': servicePool.visual_name,
'description': servicePool.comments,
'group': group,
'transports': trans,
'imageId': imageId,
'show_transports': servicePool.show_transports,
'allow_users_remove': servicePool.allow_users_remove,
'maintenance': servicePool.isInMaintenance(),
'not_accesible': not servicePool.isAccessAllowed(),
'in_use': svr.in_use,
'to_be_replaced': False, # Manually assigned will not be autoremoved never
'comments': servicePool.comments,
})
logger.debug(services)
# Now generic user service
for svr in availServices:
trans = []
for t in svr.transports.all().order_by('priority'):
typeTrans = t.getType()
if typeTrans is None: # This may happen if we "remove" a transport type but we have a transport of that kind on DB
continue
if t.validForIp(request.ip) and typeTrans.supportsOs(os['OS']) and t.validForOs(os['OS']):
if typeTrans.ownLink is True:
link = reverse('TransportOwnLink', args=('F' + svr.uuid, t.uuid))
else:
link = html.udsAccessLink(request, 'F' + svr.uuid, t.uuid)
trans.append(
{
'id': t.uuid,
'name': t.name,
'link': link
}
)
if svr.image is not None:
imageId = svr.image.uuid
else:
imageId = 'x'
# Locate if user service has any already assigned user service for this
ads = UserServiceManager.manager().getExistingAssignationForUser(svr, request.user)
if ads is None:
in_use = False
else:
in_use = ads.in_use
group = svr.servicesPoolGroup.as_dict if svr.servicesPoolGroup is not None else ServicesPoolGroup.default().as_dict
tbr = svr.toBeReplaced()
if tbr is not None:
tbr = formats.date_format(tbr, "SHORT_DATETIME_FORMAT")
tbrt = ugettext('This service is about to be replaced by a new version. Please, close the session before {} and save all your work to avoid loosing it.').format(tbr)
else:
tbrt = ''
services.append({
'id': 'F' + svr.uuid,
'name': svr.name,
'visual_name': svr.visual_name,
'description': svr.comments,
'group': group,
'transports': trans,
'imageId': imageId,
'show_transports': svr.show_transports,
'allow_users_remove': svr.allow_users_remove,
'maintenance': svr.isInMaintenance(),
'not_accesible': not svr.isAccessAllowed(),
'in_use': in_use,
'to_be_replaced': tbr,
'to_be_replaced_text': tbrt,
'comments': svr.comments,
})
logger.debug('Services: {0}'.format(services))
services = sorted(services, key=lambda s: s['name'].upper())
autorun = False
if len(services) == 1 and GlobalConfig.AUTORUN_SERVICE.getBool(True) and len(services[0]['transports']) > 0:
if request.session.get('autorunDone', '0') == '0':
request.session['autorunDone'] = '1'
autorun = True
# return redirect('uds.web.views.service', idService=services[0]['id'], idTransport=services[0]['transports'][0]['id'])
# List of services groups
allGroups = [v for v in sorted([ser['group'] for ser in services], key=lambda s: s['priority'])]
# Now remove duplicates
groups = []
already = []
for g in allGroups:
if g['name'] not in already:
already.append(g['name'])
groups.append(g)
logger.debug('Groups: {}'.format(groups))
response = render(
request,
theme.template('index.html'),
{
'groups': groups,
'services': services,
'ip': request.ip,
'nets': nets,
'transports': validTrans,
'autorun': autorun
}
)
return response
def logout(request):
authLogLogout(request)
return webLogout(request, request.user.logout())
