예제 #1
0
    def wrapper(request, *args, **kwargs):
        if not admin_settings.ADMIN_ENABLED:
            # we must never raise an AdminHttp404 exception here.
            raise Http404

        token = get_token_from_cookie(request, admin_settings.AUTH_COOKIE_NAME)
        astakos.get_user(request, settings.ASTAKOS_AUTH_URL,
                         fallback_token=token, logger=logger)
        if hasattr(request, 'user') and request.user:
            groups = request.user['access']['user']['roles']
            groups = [g["name"] for g in groups]

            if not set(groups) & set(permitted_groups):
                logger.debug("Failed to access admin view %r. No valid admin "
                             "group (%r) matches user groups (%r)",
                             request.user_uniq, permitted_groups, groups)
                raise PermissionDenied
        else:
            logger.debug("Failed to access admin view %r. No authenticated "
                         "user found.", request.user_uniq)
            logger.debug("auth_url (%s)", settings.ASTAKOS_AUTH_URL)
            raise PermissionDenied

        logging.debug("User %s accessed admininterface view (%s)",
                      request.user_uniq, request.path)
        return func(request, *args, **kwargs)
예제 #2
0
def generate_key_pair(request):
    """
    Response to generate private/public RSA key pair
    """

    get_user(request, settings.ASTAKOS_AUTH_URL)

    if request.method != "POST":
        return http.HttpResponseNotAllowed(["POST"])

    if not SUPPORT_GENERATE_KEYS:
        raise Exception("Application does not support ssh keys generation")

    if PublicKeyPair.user_limit_exceeded(request.user_uniq):
        return http.HttpResponseServerError("SSH keys limit exceeded")

    # generate RSA key
    from Crypto import Random
    Random.atfork()

    key = rsakey.RSA.generate(SSH_KEY_LENGTH)

    # get PEM string
    pem = exportKey(key, 'PEM')

    public_data = Message()
    public_data.add_string('ssh-rsa')
    public_data.add_mpint(key.key.e)
    public_data.add_mpint(key.key.n)

    # generate public content
    public = str("ssh-rsa %s" % base64.b64encode(str(public_data)))

    data = {'private': pem, 'public': public}
    return http.HttpResponse(json.dumps(data), mimetype="application/json")
예제 #3
0
파일: views.py 프로젝트: apyrgio/synnefo
    def wrapper(request, *args, **kwargs):
        HELPDESK_ENABLED = getattr(settings, 'HELPDESK_ENABLED', True)
        if not HELPDESK_ENABLED:
            raise Http404

        token = get_token_from_cookie(request, AUTH_COOKIE_NAME)
        astakos.get_user(request, settings.ASTAKOS_AUTH_URL,
                         fallback_token=token, logger=logger)
        if hasattr(request, 'user') and request.user:
            groups = request.user['access']['user']['roles']
            groups = [g["name"] for g in groups]

            if not groups:
                logger.info("Failed to access helpdesk view. User: %r",
                            request.user_uniq)
                raise PermissionDenied

            has_perm = False
            for g in groups:
                if g in permitted_groups:
                    has_perm = True

            if not has_perm:
                logger.info("Failed to access helpdesk view %r. No valid "
                            "helpdesk group (%r) matches user groups (%r)",
                            request.user_uniq, permitted_groups, groups)
                raise PermissionDenied
        else:
            logger.info("Failed to access helpdesk view %r. No authenticated "
                        "user found.", request.user_uniq)
            raise PermissionDenied

        logging.info("User %s accessed helpdesk view (%s)", request.user_uniq,
                     request.path)
        return func(request, *args, **kwargs)
예제 #4
0
    def wrapper(request, *args, **kwargs):
        HELPDESK_ENABLED = getattr(settings, 'HELPDESK_ENABLED', True)
        if not HELPDESK_ENABLED:
            raise Http404

        token = get_token_from_cookie(request, AUTH_COOKIE_NAME)
        astakos.get_user(request, settings.ASTAKOS_BASE_URL,
                         fallback_token=token, logger=logger)
        if hasattr(request, 'user') and request.user:
            groups = request.user.get('groups', [])

            if not groups:
                logger.error("Failed to access helpdesk view. User: %r",
                             request.user_uniq)
                raise PermissionDenied

            has_perm = False
            for g in groups:
                if g in permitted_groups:
                    has_perm = True

            if not has_perm:
                logger.error("Failed to access helpdesk view %r. No valid "
                             "helpdesk group (%r) matches user groups (%r)",
                             request.user_uniq, permitted_groups, groups)
                raise PermissionDenied
        else:
            logger.error("Failed to access helpdesk view %r. No authenticated "
                         "user found.", request.user_uniq)
            raise PermissionDenied

        logging.info("User %s accessed helpdesk view (%s)", request.user_uniq,
                     request.path)
        return func(request, *args, **kwargs)
예제 #5
0
파일: views.py 프로젝트: vgerak/synnefo
    def wrapper(request, *args, **kwargs):
        if not admin_settings.ADMIN_ENABLED:
            # we must never raise an AdminHttp404 exception here.
            raise Http404

        token = get_token_from_cookie(request, admin_settings.AUTH_COOKIE_NAME)
        astakos.get_user(request,
                         settings.ASTAKOS_AUTH_URL,
                         fallback_token=token,
                         logger=logger)
        if hasattr(request, 'user') and request.user:
            groups = request.user['access']['user']['roles']
            groups = [g["name"] for g in groups]

            if not set(groups) & set(permitted_groups):
                logger.debug(
                    "Failed to access admin view %r. No valid admin "
                    "group (%r) matches user groups (%r)", request.user_uniq,
                    permitted_groups, groups)
                raise PermissionDenied
        else:
            logger.debug(
                "Failed to access admin view %r. No authenticated "
                "user found.", request.user_uniq)
            logger.debug("auth_url (%s)", settings.ASTAKOS_AUTH_URL)
            raise PermissionDenied

        logging.debug("User %s accessed admininterface view (%s)",
                      request.user_uniq, request.path)
        return func(request, *args, **kwargs)
예제 #6
0
파일: views.py 프로젝트: vgerak/synnefo
def create_new_keypair(request):
    """
    Response to generate private/public RSA key pair
    """

    get_user(request, settings.ASTAKOS_AUTH_URL)

    if request.method != "POST":
        return http.HttpResponseNotAllowed(["POST"])

    if not SUPPORT_GENERATE_KEYS:
        raise Exception("Application does not support ssh keys generation")

    if PublicKeyPair.user_limit_exceeded(request.user_uniq):
        return http.HttpResponseServerError("SSH keys limit exceeded")

    data = generate_keypair()
    return http.HttpResponse(json.dumps(data), content_type="application/json")
예제 #7
0
 def view(request, *args, **kwargs):
     get_user(request, settings.ASTAKOS_AUTH_URL)
     if not request.user_uniq:
         return HttpResponse(status=401)
     self = cls(*initargs, **initkwargs)
     return self.dispatch(request, *args, **kwargs)
예제 #8
0
파일: rest.py 프로젝트: antonis-m/synnefo
 def view(request, *args, **kwargs):
     get_user(request, settings.ASTAKOS_AUTH_URL)
     if not request.user_uniq:
         return HttpResponse(status=401)
     self = cls(*initargs, **initkwargs)
     return self.dispatch(request, *args, **kwargs)