def dt_login(request):
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = get_backend_names()
is_active_directory = 'LdapBackend' in backend_names and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) )
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
request.audit = {
'operation': 'USER_LOGIN',
'username': request.POST.get('username')
}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever or 'AllowAllBackend' in backend_names or 'LdapBackend' in backend_names:
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'), exc_info=e)
request.error(_('Could not create home directory.'))
if require_change_password(userprofile):
return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.save()
msg = 'Successful login for user: %s' % user.username
request.audit['operationText'] = msg
access_warn(request, msg)
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get('username')
request.audit['operationText'] = msg
access_warn(request, msg)
def dt_login(request):
"""Used by the non-jframe login"""
redirect_to = request.REQUEST.get('next', '/')
login_errors = False
is_first_login_ever = first_login_ever()
if request.method == 'POST':
form = django.contrib.auth.forms.AuthenticationForm(data=request.POST)
if form.is_valid():
login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever:
ensure_home_directory(request.fs, request.POST.get('username'))
access_warn(request, '"%s" login ok' % (request.user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
login_errors = True
else:
form = django.contrib.auth.forms.AuthenticationForm()
request.session.set_test_cookie()
return render('login.mako', request, {
'action': urlresolvers.reverse('desktop.auth.views.dt_login'),
'form': form,
'next': redirect_to,
'first_login_ever': is_first_login_ever,
'login_errors': login_errors,
})
def dt_login(request):
"""Used by the non-jframe login"""
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
if request.method == 'POST':
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever:
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'), exc_info=e)
request.error(_('Could not create home directory.'))
access_warn(request, '"%s" login ok' % (user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
def dt_login(request):
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = get_backend_names()
is_active_directory = 'LdapBackend' in backend_names and (bool(
LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()))
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(
data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever or 'AllowAllBackend' in backend_names or 'LdapBackend' in backend_names:
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'),
exc_info=e)
request.error(_('Could not create home directory.'))
if require_change_password(userprofile):
return HttpResponseRedirect(
urlresolvers.reverse(
'useradmin.views.edit_user',
kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.save()
access_warn(request, '"%s" login ok' % (user.username, ))
return HttpResponseRedirect(redirect_to)
else:
access_warn(
request, 'Failed login for user "%s"' %
(request.POST.get('username'), ))
def dt_login(request):
reload_config()
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_name = get_backend_name()
is_active_directory = backend_name == 'LdapBackend' and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) )
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if SINGLE_USER_MODE or request.method == 'POST':
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
if not SINGLE_USER_MODE:
auth_form = AuthenticationForm(data=request.POST)
if SINGLE_USER_MODE or auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
if not SINGLE_USER_MODE:
user = auth_form.get_user()
else:
user = authenticate(username=SINGLE_USER_MODE['user'],
password=SINGLE_USER_MODE['pass'])
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever or backend_name in ('AllowAllBackend', 'LdapBackend'):
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'), exc_info=e)
request.error(_('Could not create home directory.'))
access_warn(request, '"%s" login ok' % (user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
def dt_login(request):
"""Used by the non-jframe login"""
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_name = get_backend_name()
if request.method == 'POST':
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(
data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever or backend_name in ('AllowAllBackend',
'LdapBackend'):
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'),
exc_info=e)
request.error(_('Could not create home directory.'))
access_warn(request, '"%s" login ok' % (user.username, ))
return HttpResponseRedirect(redirect_to)
else:
access_warn(
request, 'Failed login for user "%s"' %
(request.POST.get('username'), ))
def dt_login(request):
"""Used by the non-jframe login"""
redirect_to = request.REQUEST.get('next', '/')
login_errors = False
is_first_login_ever = first_login_ever()
if request.method == 'POST':
form = django.contrib.auth.forms.AuthenticationForm(data=request.POST)
if form.is_valid():
login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever:
try:
ensure_home_directory(request.fs, request.POST.get('username'))
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'), exc_info=e)
request.error(_('Could not create home directory.'))
access_warn(request, '"%s" login ok' % (request.user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
login_errors = True
'username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.REQUEST.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': False})
else:
first_user_form = None
auth_form = AuthenticationForm()
if DEMO_ENABLED.get() and not 'admin' in request.REQUEST:
user = authenticate(username=request.user.username,
password='******')
login(request, user)
ensure_home_directory(request.fs, user.username)
return HttpResponseRedirect(redirect_to)
if not from_modal:
request.session.set_test_cookie()
renderable_path = 'login.mako'
if from_modal:
renderable_path = 'login_modal.mako'
return render(
renderable_path, request, {
'action': urlresolvers.reverse('desktop.auth.views.dt_login'),
'form': first_user_form or auth_form,
'next': redirect_to,
'first_login_ever': is_first_login_ever,
def dt_login(request, from_modal=False):
if request.method == 'GET':
redirect_to = request.GET.get('next', '/')
else:
redirect_to = request.POST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = auth_forms.get_backend_names()
is_active_directory = auth_forms.is_active_directory()
is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' or \
request.POST.get('server') in auth_forms.get_ldap_server_keys()
if is_active_directory and is_ldap_option_selected:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
if 'ImpersonationBackend' in backend_names:
AuthenticationForm = ImpersonationAuthenticationForm
else:
AuthenticationForm = auth_forms.AuthenticationForm
if ENABLE_ORGANIZATIONS.get():
UserCreationForm = OrganizationUserCreationForm
AuthenticationForm = OrganizationAuthenticationForm
if request.method == 'POST':
request.audit = {
'operation': 'USER_LOGIN',
'username': request.POST.get('username', request.POST.get('email'))
}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm. It provides 'backend' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
# If Test cookie exists , it should be deleted
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if request.fs is None:
request.fs = fsmanager.get_filesystem(request.fs_ref)
try:
ensure_home_directory(request.fs, user)
except (IOError, WebHdfsException) as e:
LOG.error('Could not create home directory at login for %s.' % user, exc_info=e)
if require_change_password(userprofile):
return HttpResponseRedirect('/hue' + reverse('useradmin:useradmin.views.edit_user', kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.last_activity = datetime.now()
if userprofile.creation_method == UserProfile.CreationMethod.EXTERNAL: # This is to fix a bug in Hue 4.3
userprofile.creation_method = UserProfile.CreationMethod.EXTERNAL.name
userprofile.update_data({'auth_backend': user.backend})
userprofile.save()
msg = 'Successful login for user: %s' % user.username
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal', 'false') == 'true':
return JsonResponse({'auth': True})
else:
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get('username', request.POST.get('email'))
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal', 'false') == 'true':
return JsonResponse({'auth': False})
else:
first_user_form = None
auth_form = AuthenticationForm()
# SAML/OIDC user is already authenticated in djangosaml2.views.login
if hasattr(request, 'fs') and (
'KnoxSpnegoDjangoBackend' in backend_names or 'SpnegoDjangoBackend' in backend_names or 'OIDCBackend' in backend_names or
'SAML2Backend' in backend_names
) and request.user.is_authenticated:
if request.fs is None:
request.fs = fsmanager.get_filesystem(request.fs_ref)
try:
ensure_home_directory(request.fs, request.user)
except (IOError, WebHdfsException) as e:
LOG.error('Could not create home directory for %s user %s.' % ('OIDC' if 'OIDCBackend' in backend_names else 'SAML', request.user))
if request.user.is_authenticated and not from_modal:
return HttpResponseRedirect(redirect_to)
if is_active_directory and not is_ldap_option_selected and \
request.method == 'POST' and request.user.username != request.POST.get('username'):
# local user login failed, give the right auth_form with 'server' field
auth_form = auth_forms.LdapAuthenticationForm()
if not from_modal and SESSION.ENABLE_TEST_COOKIE.get() :
request.session.set_test_cookie()
if 'SAML2Backend' in backend_names:
request.session['samlgroup_permitted_flag'] = samlgroup_check(request)
renderable_path = 'login.mako'
if from_modal:
renderable_path = 'login_modal.mako'
response = render(renderable_path, request, {
'action': reverse('desktop_auth_views_dt_login'),
'form': first_user_form or auth_form,
'next': redirect_to,
'first_login_ever': is_first_login_ever,
'login_errors': request.method == 'POST',
'backend_names': backend_names,
'active_directory': is_active_directory,
'user': request.user
})
if not request.user.is_authenticated:
response.delete_cookie(LOAD_BALANCER_COOKIE) # Note: might be re-balanced to another Hue on login.
return response
def test_copy_files():
cluster = pseudo_hdfs4.shared_cluster()
try:
c = make_logged_in_client()
user = User.objects.get(username='******')
ensure_home_directory(cluster.fs, user)
prefix = '/tmp/test_copy_files'
if cluster.fs.exists(prefix):
cluster.fs.rmtree(
prefix,
skip_trash=True) # admin user might not have a home directory
# Jars in various locations
deployment_dir = '%s/workspace' % prefix
external_deployment_dir = '%s/deployment' % prefix
jar_1 = '%s/udf1.jar' % prefix
jar_2 = '%s/lib/udf2.jar' % prefix
jar_3 = '%s/udf3.jar' % deployment_dir
jar_4 = '%s/lib/udf4.jar' % deployment_dir # Never move
cluster.fs.mkdir(prefix)
cluster.fs.create(jar_1)
cluster.fs.create(jar_2)
cluster.fs.create(jar_3)
cluster.fs.create(jar_4)
class MockNode():
def __init__(self, jar_path):
self.jar_path = jar_path
class MockJob():
def __init__(self):
self.node_list = [
MockNode(jar_1),
MockNode(jar_2),
MockNode(jar_3),
MockNode(jar_4),
]
def get_application_filename(self):
return 'workflow.xml'
submission = Submission(user,
job=MockJob(),
fs=cluster.fs,
jt=cluster.jt)
submission._copy_files(deployment_dir, "<xml>My XML</xml>")
submission._copy_files(external_deployment_dir, "<xml>My XML</xml>")
# All sources still there
assert_true(cluster.fs.exists(jar_1))
assert_true(cluster.fs.exists(jar_2))
assert_true(cluster.fs.exists(jar_3))
assert_true(cluster.fs.exists(jar_4))
deployment_dir = deployment_dir + '/lib'
external_deployment_dir = external_deployment_dir + '/lib'
list_dir_workspace = cluster.fs.listdir(deployment_dir)
list_dir_deployement = cluster.fs.listdir(external_deployment_dir)
# All destinations there
assert_true(cluster.fs.exists(deployment_dir + '/udf1.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf2.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf3.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf4.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(external_deployment_dir + '/udf1.jar'),
list_dir_deployement)
assert_true(cluster.fs.exists(external_deployment_dir + '/udf2.jar'),
list_dir_deployement)
assert_true(cluster.fs.exists(external_deployment_dir + '/udf3.jar'),
list_dir_deployement)
assert_true(cluster.fs.exists(external_deployment_dir + '/udf4.jar'),
list_dir_deployement)
stats_udf1 = cluster.fs.stats(deployment_dir + '/udf1.jar')
stats_udf2 = cluster.fs.stats(deployment_dir + '/udf2.jar')
stats_udf3 = cluster.fs.stats(deployment_dir + '/udf3.jar')
stats_udf4 = cluster.fs.stats(deployment_dir + '/udf4.jar')
submission._copy_files('%s/workspace' % prefix, "<xml>My XML</xml>")
assert_not_equal(
stats_udf1['fileId'],
cluster.fs.stats(deployment_dir + '/udf1.jar')['fileId'])
assert_not_equal(
stats_udf2['fileId'],
cluster.fs.stats(deployment_dir + '/udf2.jar')['fileId'])
assert_not_equal(
stats_udf3['fileId'],
cluster.fs.stats(deployment_dir + '/udf3.jar')['fileId'])
assert_equal(stats_udf4['fileId'],
cluster.fs.stats(deployment_dir + '/udf4.jar')['fileId'])
finally:
try:
cluster.fs.rmtree(prefix, skip_trash=True)
except:
LOG.exception('failed to remove %s' % prefix)
def dt_login(request, from_modal=False):
redirect_to = request.GET.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = auth_forms.get_backend_names()
is_active_directory = auth_forms.is_active_directory()
is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' \
or request.POST.get('server') in auth_forms.get_ldap_server_keys()
if is_active_directory and is_ldap_option_selected:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
if 'ImpersonationBackend' in backend_names:
AuthenticationForm = ImpersonationAuthenticationForm
else:
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
request.audit = {
'operation': 'USER_LOGIN',
'username': request.POST.get('username')
}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(
data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm. It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
try:
ensure_home_directory(request.fs, user)
except (IOError, WebHdfsException), e:
LOG.error(
'Could not create home directory at login for %s.' %
user,
exc_info=e)
if require_change_password(userprofile):
return HttpResponseRedirect(
urlresolvers.reverse(
'useradmin.views.edit_user',
kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.last_activity = datetime.now()
userprofile.save()
msg = 'Successful login for user: %s' % user.username
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': True})
else:
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get(
'username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': False})
def dt_login(request, from_modal=False):
redirect_to = request.REQUEST.get("next", "/")
is_first_login_ever = first_login_ever()
backend_names = get_backend_names()
is_active_directory = "LdapBackend" in backend_names and (
bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get())
)
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == "POST":
request.audit = {"operation": "USER_LOGIN", "username": request.POST.get("username")}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if is_first_login_ever or "AllowAllBackend" in backend_names or "LdapBackend" in backend_names:
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_("Could not create home directory."), exc_info=e)
request.error(_("Could not create home directory."))
if require_change_password(userprofile):
return HttpResponseRedirect(
urlresolvers.reverse("useradmin.views.edit_user", kwargs={"username": user.username})
)
userprofile.first_login = False
userprofile.last_activity = datetime.now()
userprofile.save()
msg = "Successful login for user: %s" % user.username
request.audit["operationText"] = msg
access_warn(request, msg)
if from_modal or request.REQUEST.get("fromModal", "false") == "true":
return JsonResponse({"auth": True})
else:
return HttpResponseRedirect(redirect_to)
else:
request.audit["allowed"] = False
msg = "Failed login for user: %s" % request.POST.get("username")
request.audit["operationText"] = msg
access_warn(request, msg)
if from_modal or request.REQUEST.get("fromModal", "false") == "true":
return JsonResponse({"auth": False})
def dt_login(request, from_modal=False):
if request.method == 'GET':
redirect_to = request.GET.get('next', '/')
else:
redirect_to = request.POST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = auth_forms.get_backend_names()
is_active_directory = auth_forms.is_active_directory()
is_ldap_option_selected = 'server' not in request.POST or request.POST.get('server') == 'LDAP' \
or request.POST.get('server') in auth_forms.get_ldap_server_keys()
if is_active_directory and is_ldap_option_selected:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
if 'ImpersonationBackend' in backend_names:
AuthenticationForm = ImpersonationAuthenticationForm
else:
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
request.audit = {
'operation': 'USER_LOGIN',
'username': request.POST.get('username')
}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm. It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
try:
ensure_home_directory(request.fs, user)
except (IOError, WebHdfsException), e:
LOG.error('Could not create home directory at login for %s.' % user, exc_info=e)
if require_change_password(userprofile):
return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.last_activity = datetime.now()
# This is to fix a bug in Hue 4.3
if userprofile.creation_method == UserProfile.CreationMethod.EXTERNAL:
userprofile.creation_method = UserProfile.CreationMethod.EXTERNAL.name
userprofile.save()
msg = 'Successful login for user: %s' % user.username
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal', 'false') == 'true':
return JsonResponse({'auth': True})
else:
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get('username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal', 'false') == 'true':
return JsonResponse({'auth': False})
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get('username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal', 'false') == 'true':
return JsonResponse({'auth': False})
else:
first_user_form = None
auth_form = AuthenticationForm()
# SAML/OIDC user is already authenticated in djangosaml2.views.login
if hasattr(request,'fs') and ('SpnegoDjangoBackend' in backend_names or 'OIDCBackend' in backend_names or 'SAML2Backend' in backend_names) and request.user.is_authenticated():
try:
ensure_home_directory(request.fs, request.user)
except (IOError, WebHdfsException), e:
LOG.error('Could not create home directory for %s user %s.' % ('OIDC' if 'OIDCBackend' in backend_names else 'SAML', request.user))
if is_active_directory and not is_ldap_option_selected and \
request.method == 'POST' and request.user.username != request.POST.get('username'):
# local user login failed, give the right auth_form with 'server' field
auth_form = auth_forms.LdapAuthenticationForm()
if not from_modal:
request.session.set_test_cookie()
renderable_path = 'login.mako'
if from_modal:
renderable_path = 'login_modal.mako'
def dt_login(request, from_modal=False):
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_names = get_backend_names()
is_active_directory = 'LdapBackend' in backend_names and (bool(
LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()))
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
request.audit = {
'operation': 'USER_LOGIN',
'username': request.POST.get('username')
}
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(
data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
auto_create_home_backends = [
'AllowAllBackend', 'LdapBackend', 'SpnegoDjangoBackend'
]
if is_first_login_ever or any(
backend in backend_names
for backend in auto_create_home_backends):
# Create home directory for first user.
try:
ensure_home_directory(request.fs, user.username)
except (IOError, WebHdfsException), e:
LOG.error(_('Could not create home directory.'),
exc_info=e)
request.error(_('Could not create home directory.'))
if require_change_password(userprofile):
return HttpResponseRedirect(
urlresolvers.reverse(
'useradmin.views.edit_user',
kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.last_activity = datetime.now()
userprofile.save()
msg = 'Successful login for user: %s' % user.username
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.REQUEST.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': True})
else:
return HttpResponseRedirect(redirect_to)
else:
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get(
'username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.REQUEST.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': False})
request.audit['allowed'] = False
msg = 'Failed login for user: %s' % request.POST.get(
'username')
request.audit['operationText'] = msg
access_warn(request, msg)
if from_modal or request.GET.get('fromModal',
'false') == 'true':
return JsonResponse({'auth': False})
else:
first_user_form = None
auth_form = AuthenticationForm()
# SAML user is already authenticated in djangosaml2.views.login
if 'SAML2Backend' in backend_names and request.user.is_authenticated():
try:
ensure_home_directory(request.fs, request.user)
except (IOError, WebHdfsException), e:
LOG.error('Could not create home directory for SAML user %s.' %
request.user)
if not from_modal:
request.session.set_test_cookie()
renderable_path = 'login.mako'
if from_modal:
renderable_path = 'login_modal.mako'
response = render(
renderable_path, request, {
'action': urlresolvers.reverse('desktop_auth_views_dt_login'),
'form': first_user_form or auth_form,
def test_copy_files():
cluster = pseudo_hdfs4.shared_cluster()
try:
c = make_logged_in_client()
user = User.objects.get(username='******')
ensure_home_directory(cluster.fs, user)
prefix = '/tmp/test_copy_files'
if cluster.fs.exists(prefix):
cluster.fs.rmtree(prefix)
# Jars in various locations
deployment_dir = '%s/workspace' % prefix
external_deployment_dir = '%s/deployment' % prefix
jar_1 = '%s/udf1.jar' % prefix
jar_2 = '%s/lib/udf2.jar' % prefix
jar_3 = '%s/udf3.jar' % deployment_dir
jar_4 = '%s/lib/udf4.jar' % deployment_dir # Doesn't move
jar_5 = 'udf5.jar'
jar_6 = 'lib/udf6.jar' # Doesn't move
cluster.fs.mkdir(prefix)
cluster.fs.create(jar_1)
cluster.fs.create(jar_2)
cluster.fs.create(jar_3)
cluster.fs.create(jar_4)
cluster.fs.create(deployment_dir + '/' + jar_5)
cluster.fs.create(deployment_dir + '/' + jar_6)
class MockJob(object):
XML_FILE_NAME = 'workflow.xml'
def __init__(self):
self.deployment_dir = deployment_dir
self.nodes = [
Node({
'id': '1',
'type': 'mapreduce',
'properties': {
'jar_path': jar_1
}
}),
Node({
'id': '2',
'type': 'mapreduce',
'properties': {
'jar_path': jar_2
}
}),
Node({
'id': '3',
'type': 'java',
'properties': {
'jar_path': jar_3
}
}),
Node({
'id': '4',
'type': 'java',
'properties': {
'jar_path': jar_4
}
}),
# Workspace relative paths
Node({
'id': '5',
'type': 'java',
'properties': {
'jar_path': jar_5
}
}),
Node({
'id': '6',
'type': 'java',
'properties': {
'jar_path': jar_6
}
})
]
submission = Submission(user,
job=MockJob(),
fs=cluster.fs,
jt=cluster.jt)
submission._copy_files(deployment_dir, "<xml>My XML</xml>",
{'prop1': 'val1'})
submission._copy_files(external_deployment_dir, "<xml>My XML</xml>",
{'prop1': 'val1'})
assert_true(cluster.fs.exists(deployment_dir + '/workflow.xml'),
deployment_dir)
assert_true(cluster.fs.exists(deployment_dir + '/job.properties'),
deployment_dir)
# All sources still there
assert_true(cluster.fs.exists(jar_1))
assert_true(cluster.fs.exists(jar_2))
assert_true(cluster.fs.exists(jar_3))
assert_true(cluster.fs.exists(jar_4))
assert_true(cluster.fs.exists(deployment_dir + '/' + jar_5))
assert_true(cluster.fs.exists(deployment_dir + '/' + jar_6))
# Lib
deployment_dir = deployment_dir + '/lib'
external_deployment_dir = external_deployment_dir + '/lib'
if USE_LIBPATH_FOR_JARS.get():
assert_true(jar_1 in submission.properties['oozie.libpath'])
assert_true(jar_2 in submission.properties['oozie.libpath'])
assert_true(jar_3 in submission.properties['oozie.libpath'])
assert_true(jar_4 in submission.properties['oozie.libpath'])
print(deployment_dir + '/' + jar_5)
assert_true((deployment_dir + '/' + jar_5)
in submission.properties['oozie.libpath'],
submission.properties['oozie.libpath'])
assert_true((deployment_dir + '/' + jar_6)
in submission.properties['oozie.libpath'],
submission.properties['oozie.libpath'])
else:
list_dir_workspace = cluster.fs.listdir(deployment_dir)
list_dir_deployement = cluster.fs.listdir(external_deployment_dir)
# All destinations there
assert_true(cluster.fs.exists(deployment_dir + '/udf1.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf2.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf3.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf4.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf5.jar'),
list_dir_workspace)
assert_true(cluster.fs.exists(deployment_dir + '/udf6.jar'),
list_dir_workspace)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf1.jar'),
list_dir_deployement)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf2.jar'),
list_dir_deployement)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf3.jar'),
list_dir_deployement)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf4.jar'),
list_dir_deployement)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf5.jar'),
list_dir_deployement)
assert_true(
cluster.fs.exists(external_deployment_dir + '/udf6.jar'),
list_dir_deployement)
stats_udf1 = cluster.fs.stats(deployment_dir + '/udf1.jar')
stats_udf2 = cluster.fs.stats(deployment_dir + '/udf2.jar')
stats_udf3 = cluster.fs.stats(deployment_dir + '/udf3.jar')
stats_udf4 = cluster.fs.stats(deployment_dir + '/udf4.jar')
stats_udf5 = cluster.fs.stats(deployment_dir + '/udf5.jar')
stats_udf6 = cluster.fs.stats(deployment_dir + '/udf6.jar')
submission._copy_files('%s/workspace' % prefix,
"<xml>My XML</xml>", {'prop1': 'val1'})
assert_not_equal(
stats_udf1['fileId'],
cluster.fs.stats(deployment_dir + '/udf1.jar')['fileId'])
assert_not_equal(
stats_udf2['fileId'],
cluster.fs.stats(deployment_dir + '/udf2.jar')['fileId'])
assert_not_equal(
stats_udf3['fileId'],
cluster.fs.stats(deployment_dir + '/udf3.jar')['fileId'])
assert_equal(
stats_udf4['fileId'],
cluster.fs.stats(deployment_dir + '/udf4.jar')['fileId'])
assert_not_equal(
stats_udf5['fileId'],
cluster.fs.stats(deployment_dir + '/udf5.jar')['fileId'])
assert_equal(
stats_udf6['fileId'],
cluster.fs.stats(deployment_dir + '/udf6.jar')['fileId'])
# Test _create_file()
submission._create_file(deployment_dir, 'test.txt', data='Test data')
assert_true(cluster.fs.exists(deployment_dir + '/test.txt'),
list_dir_workspace)
finally:
try:
cluster.fs.rmtree(prefix)
except:
LOG.exception('failed to remove %s' % prefix)
request.error(_('Could not create home directory.'))
access_warn(request, '"%s" login ok' % (user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
else:
first_user_form = None
auth_form = AuthenticationForm()
if DEMO_ENABLED.get() and not 'admin' in request.REQUEST:
user = authenticate(username='', password='')
login(request, user)
ensure_home_directory(request.fs, user.username)
return HttpResponseRedirect(redirect_to)
request.session.set_test_cookie()
return render('login.mako', request, {
'action': urlresolvers.reverse('desktop.auth.views.dt_login'),
'form': first_user_form or auth_form,
'next': redirect_to,
'first_login_ever': is_first_login_ever,
'login_errors': request.method == 'POST',
'backend_name': backend_name,
'active_directory': is_active_directory
})
def dt_logout(request, next_page=None):
def dt_login(request):
redirect_to = request.REQUEST.get('next', '/')
is_first_login_ever = first_login_ever()
backend_name = get_backend_name()
is_active_directory = backend_name == 'LdapBackend' and ( bool(LDAP.NT_DOMAIN.get()) or bool(LDAP.LDAP_SERVERS.get()) )
if is_active_directory:
UserCreationForm = auth_forms.LdapUserCreationForm
AuthenticationForm = auth_forms.LdapAuthenticationForm
else:
UserCreationForm = auth_forms.UserCreationForm
AuthenticationForm = auth_forms.AuthenticationForm
if request.method == 'POST':
# For first login, need to validate user info!
first_user_form = is_first_login_ever and UserCreationForm(data=request.POST) or None
first_user = first_user_form and first_user_form.is_valid()
if first_user or not is_first_login_ever:
auth_form = AuthenticationForm(data=request.POST)
if auth_form.is_valid():
# Must login by using the AuthenticationForm.
# It provides 'backends' on the User object.
user = auth_form.get_user()
userprofile = get_profile(user)
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
# For Bluemix - don't try to create HDFS home directory because we're ignoring the identity of the Hue user
#if is_first_login_ever or backend_name in ('AllowAllBackend', 'LdapBackend'):
# # Create home directory for first user.
# try:
# ensure_home_directory(request.fs, user.username)
# except (IOError, WebHdfsException), e:
# LOG.error(_('Could not create home directory.'), exc_info=e)
# request.error(_('Could not create home directory.'))
if require_change_password(userprofile):
return HttpResponseRedirect(urlresolvers.reverse('useradmin.views.edit_user', kwargs={'username': user.username}))
userprofile.first_login = False
userprofile.save()
access_warn(request, '"%s" login ok' % (user.username,))
return HttpResponseRedirect(redirect_to)
else:
access_warn(request, 'Failed login for user "%s"' % (request.POST.get('username'),))
else:
first_user_form = None
auth_form = AuthenticationForm()
if DEMO_ENABLED.get() and not 'admin' in request.REQUEST:
user = authenticate(username='', password='')
login(request, user)
ensure_home_directory(request.fs, user.username)
return HttpResponseRedirect(redirect_to)
request.session.set_test_cookie()
return render('login.mako', request, {
'action': urlresolvers.reverse('desktop.auth.views.dt_login'),
'form': first_user_form or auth_form,
'next': redirect_to,
'first_login_ever': is_first_login_ever,
'login_errors': request.method == 'POST',
'backend_name': backend_name,
'active_directory': is_active_directory
})
