예제 #1
0
    def test_state_embargo(self):
        # Azerbaijan and France should not be blocked
        good_states = ['AZ', 'FR']
        # Gah block USA and Antartica
        blocked_states = ['US', 'AQ']
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in blocked_states + good_states:
            self.assertNotIn(state, currently_blocked)

        # Block
        cauth = EmbargoedState(embargoed_countries='US, AQ')
        cauth.save()
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in good_states:
            self.assertNotIn(state, currently_blocked)
        for state in blocked_states:
            self.assertIn(state, currently_blocked)

        # Change embargo - block Isle of Man too
        blocked_states.append('IM')
        cauth.embargoed_countries = 'US, AQ, IM'
        cauth.save()
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in good_states:
            self.assertNotIn(state, currently_blocked)
        for state in blocked_states:
            self.assertIn(state, currently_blocked)
예제 #2
0
    def test_state_embargo(self):
        # Azerbaijan and France should not be blocked
        good_states = ['AZ', 'FR']
        # Gah block USA and Antartica
        blocked_states = ['US', 'AQ']
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in blocked_states + good_states:
            self.assertFalse(state in currently_blocked)

        # Block
        cauth = EmbargoedState(embargoed_countries='US, AQ')
        cauth.save()
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in good_states:
            self.assertFalse(state in currently_blocked)
        for state in blocked_states:
            self.assertTrue(state in currently_blocked)

        # Change embargo - block Isle of Man too
        blocked_states.append('IM')
        cauth.embargoed_countries = 'US, AQ, IM'
        cauth.save()
        currently_blocked = EmbargoedState.current().embargoed_countries_list

        for state in good_states:
            self.assertFalse(state in currently_blocked)
        for state in blocked_states:
            self.assertTrue(state in currently_blocked)
예제 #3
0
    def setUp(self):
        super(EmbargoMiddlewareTests, self).setUp()

        self.user = UserFactory(username='******', password='******')
        self.client.login(username='******', password='******')
        self.embargo_course = CourseFactory.create()
        self.embargo_course.save()
        self.regular_course = CourseFactory.create(org="Regular")
        self.regular_course.save()
        self.embargoed_page = '/courses/' + self.embargo_course.id.to_deprecated_string(
        ) + '/info'
        self.regular_page = '/courses/' + self.regular_course.id.to_deprecated_string(
        ) + '/info'
        EmbargoedCourse(course_id=self.embargo_course.id,
                        embargoed=True).save()
        EmbargoedState(embargoed_countries="cu, ir, Sy, SD",
                       changed_by=self.user,
                       enabled=True).save()
        CourseEnrollment.enroll(self.user, self.regular_course.id)
        CourseEnrollment.enroll(self.user, self.embargo_course.id)
        # Text from lms/templates/static_templates/embargo.html
        self.embargo_text = "Unfortunately, at this time edX must comply with export controls, and we cannot allow you to access this course."

        self.patcher = mock.patch.object(pygeoip.GeoIP, 'country_code_by_addr',
                                         self.mock_country_code_by_addr)
        self.patcher.start()
예제 #4
0
    def process_request(self, request):
        """
        Processes embargo requests
        """
        url = request.path
        course_id = course_id_from_url(url)

        # If they're trying to access a course that cares about embargoes
        if EmbargoedCourse.is_embargoed(course_id):
            # If we're having performance issues, add caching here
            ip_addr = get_ip(request)

            # if blacklisted, immediately fail
            if ip_addr in IPFilter.current().blacklist_ips:
                log.info("Embargo: Restricting IP address %s to course %s because IP is blacklisted.", ip_addr, course_id)
                return redirect('embargo')

            country_code_from_ip = pygeoip.GeoIP(settings.GEOIP_PATH).country_code_by_addr(ip_addr)
            is_embargoed = country_code_from_ip in EmbargoedState.current().embargoed_countries_list
            # Fail if country is embargoed and the ip address isn't explicitly whitelisted
            if is_embargoed and ip_addr not in IPFilter.current().whitelist_ips:
                log.info(
                    "Embargo: Restricting IP address %s to course %s because IP is from country %s.",
                    ip_addr, course_id, country_code_from_ip
                )
                return redirect('embargo')
예제 #5
0
 def test_add_valid_states(self):
     # test adding valid two letter states
     # case and spacing should not matter
     form_data = {'embargoed_countries': 'cu, Sy ,      US'}
     form = EmbargoedStateForm(data=form_data)
     self.assertTrue(form.is_valid())
     form.save()
     current_embargoes = EmbargoedState.current().embargoed_countries_list
     for country in ["CU", "SY", "US"]:
         self.assertIn(country, current_embargoes)
     # Test clearing by adding an empty list is OK too
     form_data = {'embargoed_countries': ''}
     form = EmbargoedStateForm(data=form_data)
     self.assertTrue(form.is_valid())
     form.save()
     self.assertTrue(len(EmbargoedState.current().embargoed_countries_list) == 0)
예제 #6
0
    def process_request(self, request):
        """
        Processes embargo requests
        """
        url = request.path
        course_id = course_id_from_url(url)

        # If they're trying to access a course that cares about embargoes
        if EmbargoedCourse.is_embargoed(course_id):
            # If we're having performance issues, add caching here
            ip_addr = get_ip(request)

            # if blacklisted, immediately fail
            if ip_addr in IPFilter.current().blacklist_ips:
                log.info(
                    "Embargo: Restricting IP address %s to course %s because IP is blacklisted.",
                    ip_addr, course_id)
                return redirect('embargo')

            country_code_from_ip = pygeoip.GeoIP(
                settings.GEOIP_PATH).country_code_by_addr(ip_addr)
            is_embargoed = country_code_from_ip in EmbargoedState.current(
            ).embargoed_countries_list
            # Fail if country is embargoed and the ip address isn't explicitly whitelisted
            if is_embargoed and ip_addr not in IPFilter.current(
            ).whitelist_ips:
                log.info(
                    "Embargo: Restricting IP address %s to course %s because IP is from country %s.",
                    ip_addr, course_id, country_code_from_ip)
                return redirect('embargo')
예제 #7
0
    def test_add_invalid_states(self):
        # test adding invalid codes
        # xx is not valid
        # usa is not valid
        form_data = {'embargoed_countries': 'usa, xx'}
        form = EmbargoedStateForm(data=form_data)
        self.assertFalse(form.is_valid())

        msg = 'COULD NOT PARSE COUNTRY CODE(S) FOR: {0}'.format([u'USA', u'XX'])
        msg += ' Please check the list of country codes and verify your entries.'
        self.assertEquals(msg, form._errors['embargoed_countries'][0])  # pylint: disable=protected-access

        with self.assertRaisesRegexp(ValueError, "The EmbargoedState could not be created because the data didn't validate."):
            form.save()

        self.assertFalse('USA' in EmbargoedState.current().embargoed_countries_list)
        self.assertFalse('XX' in EmbargoedState.current().embargoed_countries_list)
예제 #8
0
    def _embargoed_countries(self):
        """
        Return the list of 2-letter country codes for embargoed countries.
        The result is cached within the scope of the response.

        Returns:
            list

        """
        return EmbargoedState.current().embargoed_countries_list
예제 #9
0
    def _embargoed_countries(self):
        """
        Return the list of 2-letter country codes for embargoed countries.
        The result is cached within the scope of the response.

        Returns:
            list

        """
        return EmbargoedState.current().embargoed_countries_list
예제 #10
0
    def process_request(self, request):
        """
        Processes embargo requests
        """
        url = request.path
        course_id = course_id_from_url(url)
        course_is_embargoed = EmbargoedCourse.is_embargoed(course_id)

        # If they're trying to access a course that cares about embargoes
        if self.site_enabled or course_is_embargoed:
            response = redirect('embargo')
            # Set the proper response if site is enabled
            if self.site_enabled:
                redirect_url = getattr(settings, 'EMBARGO_SITE_REDIRECT_URL',
                                       None)
                response = HttpResponseRedirect(redirect_url) if redirect_url \
                           else HttpResponseForbidden('Access Denied')

            # If we're having performance issues, add caching here
            ip_addr = get_ip(request)

            # if blacklisted, immediately fail
            if ip_addr in IPFilter.current().blacklist_ips:
                if course_is_embargoed:
                    msg = "Embargo: Restricting IP address %s to course %s because IP is blacklisted." % \
                          (ip_addr, course_id)
                else:
                    msg = "Embargo: Restricting IP address %s because IP is blacklisted." % ip_addr
                log.info(msg)
                return response
            # ipv6 support
            if ip_addr.find(':') >= 0:
                country_code_from_ip = pygeoip.GeoIP(
                    settings.GEOIPV6_PATH).country_code_by_addr(ip_addr)
            else:
                country_code_from_ip = pygeoip.GeoIP(
                    settings.GEOIP_PATH).country_code_by_addr(ip_addr)

            is_embargoed = country_code_from_ip in EmbargoedState.current(
            ).embargoed_countries_list
            # Fail if country is embargoed and the ip address isn't explicitly
            # whitelisted
            if is_embargoed and ip_addr not in IPFilter.current(
            ).whitelist_ips:
                if course_is_embargoed:
                    msg = "Embargo: Restricting IP address %s to course %s because IP is from country %s." % \
                          (ip_addr, course_id, country_code_from_ip)
                else:
                    msg = "Embargo: Restricting IP address %s because IP is from country %s." % \
                          (ip_addr, country_code_from_ip)

                log.info(msg)
                return response
예제 #11
0
    def process_request(self, request):
        """
        Processes embargo requests
        """
        url = request.path
        course_id = course_id_from_url(url)
        course_is_embargoed = EmbargoedCourse.is_embargoed(course_id)

        # If they're trying to access a course that cares about embargoes
        if self.site_enabled or course_is_embargoed:
            response = redirect("embargo")
            # Set the proper response if site is enabled
            if self.site_enabled:
                redirect_url = getattr(settings, "EMBARGO_SITE_REDIRECT_URL", None)
                response = (
                    HttpResponseRedirect(redirect_url) if redirect_url else HttpResponseForbidden("Access Denied")
                )

            # If we're having performance issues, add caching here
            ip_addr = get_ip(request)

            # if blacklisted, immediately fail
            if ip_addr in IPFilter.current().blacklist_ips:
                if course_is_embargoed:
                    msg = "Embargo: Restricting IP address %s to course %s because IP is blacklisted." % (
                        ip_addr,
                        course_id,
                    )
                else:
                    msg = "Embargo: Restricting IP address %s because IP is blacklisted." % ip_addr

                log.info(msg)
                return response

            country_code_from_ip = pygeoip.GeoIP(settings.GEOIP_PATH).country_code_by_addr(ip_addr)
            is_embargoed = country_code_from_ip in EmbargoedState.current().embargoed_countries_list
            # Fail if country is embargoed and the ip address isn't explicitly whitelisted
            if is_embargoed and ip_addr not in IPFilter.current().whitelist_ips:
                if course_is_embargoed:
                    msg = "Embargo: Restricting IP address %s to course %s because IP is from country %s." % (
                        ip_addr,
                        course_id,
                        country_code_from_ip,
                    )
                else:
                    msg = "Embargo: Restricting IP address %s because IP is from country %s." % (
                        ip_addr,
                        country_code_from_ip,
                    )

                log.info(msg)
                return response