def revoke_access(request):
'''
Revoke an access to a specified server.
View Type: Form POST
'''
if request.method == 'POST':
user = User.objects.get(username=request.POST['username'])
host = Server.objects.get(hostname=request.POST['hostname'])
hostuser = request.POST['hostuser']
message = None
if SshKeys.objects.filter(user=user).count == 0:
message = 'No RSA saved on database. Contact user to set his RSA key.'
elif SshKeys.objects.filter(user=user).count() > 1:
message = 'More than one RSA saved on database. Contact administrator to set his RSA key.'
else:
rsa_key = SshKeys.objects.get(user=user)
err = Controller.revokePermission(user, host, request.POST['hostuser'], rsa_key)
if err is None:
message = 'Permission revoked on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
if Demands.objects.filter(user=user, server=host, hostuser=hostuser).exists():
Demands.objects.get(user=user, server=host, hostuser=hostuser).delete()
else:
message = err.message
messages.success(request, message)
else:
messages.success(request, 'You have not the rights to do this action')
return HttpResponseRedirect(reverse('admin-permissions'))
def revoke_access(request):
'''
Revoke an access to a specified server.
View Type: Form POST
'''
if request.method == 'POST':
user = User.objects.get(username=request.POST['username'])
host = Server.objects.get(hostname=request.POST['hostname'])
hostuser = request.POST['hostuser']
message = None
if SshKeys.objects.filter(user=user).count == 0:
message = 'No RSA saved on database. Contact user to set his RSA key.'
elif SshKeys.objects.filter(user=user).count() > 1:
message = 'More than one RSA saved on database. Contact administrator to set his RSA key.'
else:
rsa_key = SshKeys.objects.get(user=user)
err = Controller.revokePermission(user, host,
request.POST['hostuser'],
rsa_key)
if err is None:
message = 'Permission revoked on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
if Demands.objects.filter(user=user,
server=host,
hostuser=hostuser).exists():
Demands.objects.get(user=user,
server=host,
hostuser=hostuser).delete()
else:
message = err.message
messages.success(request, message)
else:
messages.success(request, 'You have not the rights to do this action')
return HttpResponseRedirect(reverse('admin-permissions'))
def deposite(request):
'''
Deposite a new rsa key.
'''
userConnected = request.user
# Handle file upload
docfile = []
if request.method == 'POST':
if request.POST['type'] == 'update':
keysend = request.POST['key']
if keysend and keysend != "":
sshkey = None
if SshKeys.objects.filter(user=userConnected).count() > 0:
sshkey = SshKeys.objects.get(user=userConnected)
sshkey.key = keysend
else:
sshkey = SshKeys(user=userConnected, key=keysend)
sshkey.save()
err = Controller.revokeAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
# Redirect to the document list after POST
return HttpResponseRedirect(reverse('deposite'))
messages.success(request, "SSH key is not valid")
return HttpResponseRedirect(reverse('deposite'))
else:
form = UploadSshKeyForm(request.POST, request.FILES)
if form.is_valid():
docfile = request.FILES['docfile']
if docfile:
for line in docfile:
if SshKeys.objects.filter(user=userConnected).count() > 0:
sshkey = SshKeys.objects.get(user=userConnected)
sshkey.key = line
sshkey.save()
err = Controller.revokeAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
else:
sshkey = SshKeys(user=userConnected, key=line)
sshkey.save()
err = Controller.revokeAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(Permission.objects.filter(user=request.user), userConnected, sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
# Redirect to the document list after POST
return HttpResponseRedirect(reverse('deposite'))
messages.success(request, "SSH key is not valid")
return HttpResponseRedirect(reverse('deposite'))
else:
if SshKeys.objects.filter(user=userConnected).count() > 0:
key = SshKeys.objects.get(user=userConnected).key
else:
key = ''
form = UploadSshKeyForm()
args = utils.give_arguments(request.user, 'Depot')
args.update({'documents': docfile, 'form': form, 'key': key})
return render_to_response('user/deposite.html', args, context_instance=RequestContext(request))
def grant_access(request):
'''
Grant an access to a server on user.
View Type: Form POST
'''
if request.user.groups.filter(name__in=["heimdall-admin", "heimdall"]):
if request.method == 'POST':
user = None
host = None
if request.POST['username'] != '[[ALL]]':
user = User.objects.get(username=request.POST['username'])
else:
print('TODO: look after demands')
if request.POST['hostname'] != '[[ALL]]':
host = Server.objects.get(hostname=request.POST['hostname'])
else:
print('TODO: look after demands')
if request.POST['hostuser'] != '[[ALL]]':
hostuser = request.POST['hostuser']
else:
print('TODO: look after demands')
request_type = request.POST['type']
if request_type == 'grant':
message = None
if not SshKeys.objects.filter(user=user).exists():
message = 'No RSA saved on database. Contact user to set his RSA key.'
elif SshKeys.objects.filter(user=user).count() > 1:
message = 'More than one RSA saved on database. Contact administrator to set his RSA key.'
else:
rsa_key = SshKeys.objects.get(user=user)
err = Controller.addPermission(user, host, request.POST['hostuser'], rsa_key)
if Demands.objects.filter(user=user, server=host, hostuser=hostuser).exists():
demand = Demands.objects.get(user=user, server=host, hostuser=hostuser)
demand.close_date = datetime.today()
demand.accepted = True
demand.markAsIgnore = False
demand.save()
if err is None:
if request.POST['username'] != '[[ALL]]':
message = 'Permission granted on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
else:
message = 'All requested permissions granted'
else:
message = err.message
messages.success(request, message)
else:
host = Server.objects.get(hostname=request.POST['hostname'])
demand = Demands.objects.get(user=user, server=host, hostuser=hostuser)
demand.close_date = datetime.today()
demand.accepted = False
demand.markAsIgnore = False
demand.save()
message = 'Permission rejected on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
messages.success(request, message)
else:
messages.success(request, 'You have not the rights to do this action')
return HttpResponseRedirect(reverse('admin-permissions'))
def deposite(request):
'''
Deposite a new rsa key.
'''
userConnected = request.user
# Handle file upload
docfile = []
if request.method == 'POST':
if request.POST['type'] == 'update':
keysend = request.POST['key']
if keysend and keysend != "":
sshkey = None
if SshKeys.objects.filter(user=userConnected).count() > 0:
sshkey = SshKeys.objects.get(user=userConnected)
sshkey.key = keysend
else:
sshkey = SshKeys(user=userConnected, key=keysend)
sshkey.save()
err = Controller.revokeAllKeys(
Permission.objects.filter(user=request.user),
userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(
Permission.objects.filter(user=request.user),
userConnected, sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
# Redirect to the document list after POST
return HttpResponseRedirect(reverse('deposite'))
messages.success(request, "SSH key is not valid")
return HttpResponseRedirect(reverse('deposite'))
else:
form = UploadSshKeyForm(request.POST, request.FILES)
if form.is_valid():
docfile = request.FILES['docfile']
if docfile:
for line in docfile:
if SshKeys.objects.filter(
user=userConnected).count() > 0:
sshkey = SshKeys.objects.get(user=userConnected)
sshkey.key = line
sshkey.save()
err = Controller.revokeAllKeys(
Permission.objects.filter(user=request.user),
userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(
Permission.objects.filter(
user=request.user), userConnected,
sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
else:
sshkey = SshKeys(user=userConnected, key=line)
sshkey.save()
err = Controller.revokeAllKeys(
Permission.objects.filter(user=request.user),
userConnected, sshkey)
if err is None:
err = Controller.replicateAllKeys(
Permission.objects.filter(
user=request.user), userConnected,
sshkey)
if err is None:
message = 'Please wait a minute to connect, during the replication on all server finished. Check your mails to know the access updates'
else:
message = err.message
else:
message = err.message
messages.success(request, message)
# Redirect to the document list after POST
return HttpResponseRedirect(reverse('deposite'))
messages.success(request, "SSH key is not valid")
return HttpResponseRedirect(reverse('deposite'))
else:
if SshKeys.objects.filter(user=userConnected).count() > 0:
key = SshKeys.objects.get(user=userConnected).key
else:
key = ''
form = UploadSshKeyForm()
args = utils.give_arguments(request.user, 'Depot')
args.update({'documents': docfile, 'form': form, 'key': key})
return render_to_response('user/deposite.html',
args,
context_instance=RequestContext(request))
def grant_access(request):
'''
Grant an access to a server on user.
View Type: Form POST
'''
if request.user.groups.filter(name__in=["heimdall-admin", "heimdall"]):
if request.method == 'POST':
user = None
host = None
if request.POST['username'] != '[[ALL]]':
user = User.objects.get(username=request.POST['username'])
else:
print('TODO: look after demands')
if request.POST['hostname'] != '[[ALL]]':
host = Server.objects.get(hostname=request.POST['hostname'])
else:
print('TODO: look after demands')
if request.POST['hostuser'] != '[[ALL]]':
hostuser = request.POST['hostuser']
else:
print('TODO: look after demands')
request_type = request.POST['type']
if request_type == 'grant':
message = None
if not SshKeys.objects.filter(user=user).exists():
message = 'No RSA saved on database. Contact user to set his RSA key.'
elif SshKeys.objects.filter(user=user).count() > 1:
message = 'More than one RSA saved on database. Contact administrator to set his RSA key.'
else:
rsa_key = SshKeys.objects.get(user=user)
err = Controller.addPermission(user, host,
request.POST['hostuser'],
rsa_key)
if Demands.objects.filter(user=user,
server=host,
hostuser=hostuser).exists():
demand = Demands.objects.get(user=user,
server=host,
hostuser=hostuser)
demand.close_date = datetime.today()
demand.accepted = True
demand.markAsIgnore = False
demand.save()
if err is None:
if request.POST['username'] != '[[ALL]]':
message = 'Permission granted on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
else:
message = 'All requested permissions granted'
else:
message = err.message
messages.success(request, message)
else:
host = Server.objects.get(hostname=request.POST['hostname'])
demand = Demands.objects.get(user=user,
server=host,
hostuser=hostuser)
demand.close_date = datetime.today()
demand.accepted = False
demand.markAsIgnore = False
demand.save()
message = 'Permission rejected on: ' + host.hostname + ' with ' + hostuser + ' (for the user ' + user.username + ')'
messages.success(request, message)
else:
messages.success(request, 'You have not the rights to do this action')
return HttpResponseRedirect(reverse('admin-permissions'))
