def test_site(self):
self.assertEqual(unicode(Horizon), "Horizon")
self.assertEqual(repr(Horizon), "<Site: Horizon>")
dash = Horizon.get_dashboard('nova')
self.assertEqual(Horizon.get_default_dashboard(), dash)
user = users.User()
self.assertEqual(Horizon.get_user_home(user), dash.get_absolute_url())
def switch_tenants(request, tenant_id):
"""
Swaps a user from one tenant to another using the unscoped token from
Keystone to exchange scoped tokens for the new tenant.
"""
form, handled = LoginWithTenant.maybe_handle(
request, initial={'tenant': tenant_id,
'username': request.user.username})
if handled:
return handled
unscoped_token = request.session.get('unscoped_token', None)
if unscoped_token:
try:
token = api.token_create_scoped(request,
tenant_id,
unscoped_token)
_set_session_data(request, token)
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
except exceptions.Unauthorized as e:
messages.error(_("You are not authorized for that tenant."))
# FIXME(gabriel): we don't ship switch_tenants.html
return shortcuts.render(request,
'switch_tenants.html', {
'to_tenant': tenant_id,
'form': form})
def switch_tenants(request, tenant_id):
"""
Swaps a user from one tenant to another using the unscoped token from
Keystone to exchange scoped tokens for the new tenant.
"""
form, handled = LoginWithTenant.maybe_handle(request,
initial={
'tenant':
tenant_id,
'username':
request.user.username
})
if handled:
return handled
unscoped_token = request.session.get('unscoped_token', None)
if unscoped_token:
try:
token = api.token_create_scoped(request, tenant_id, unscoped_token)
_set_session_data(request, token)
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
except:
exceptions.handle(request,
_("You are not authorized for that tenant."))
return shortcuts.redirect("horizon:auth_login")
def switch_tenants(request, tenant_id):
"""
Swaps a user from one tenant to another using the unscoped token from
Keystone to exchange scoped tokens for the new tenant.
"""
form, handled = LoginWithTenant.maybe_handle(request,
initial={
'tenant':
tenant_id,
'username':
request.user.username
})
if handled:
return handled
unscoped_token = request.session.get('unscoped_token', None)
if unscoped_token:
try:
token = api.token_create_scoped(request, tenant_id, unscoped_token)
_set_session_data(request, token)
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
except exceptions.Unauthorized as e:
messages.error(_("You are not authorized for that tenant."))
# FIXME(gabriel): we don't ship switch_tenants.html
return shortcuts.render(request, 'switch_tenants.html', {
'to_tenant': tenant_id,
'form': form
})
def switch_tenants(request, tenant_id):
"""
Swaps a user from one tenant to another using the unscoped token from
Keystone to exchange scoped tokens for the new tenant.
"""
form, handled = LoginWithTenant.maybe_handle(
request, initial={'tenant': tenant_id,
'username': request.user.username})
if handled:
return handled
unscoped_token = request.session.get('unscoped_token', None)
if unscoped_token:
try:
token = api.token_create_scoped(request,
tenant_id,
unscoped_token)
_set_session_data(request, token)
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
except:
exceptions.handle(request,
_("You are not authorized for that tenant."))
return shortcuts.redirect("horizon:auth_login")
def process_exception(self, request, exception):
"""Catches internal Horizon exception classes.
Exception classes such as NotAuthorized, NotFound and Http302
are caught and handles them gracefully.
"""
if isinstance(exception, exceptions.NotAuthenticated) or not \
request.user.is_authenticated():
auth_url = settings.LOGIN_URL
next_url = iri_to_uri(request.get_full_path())
if next_url != auth_url:
field_name = REDIRECT_FIELD_NAME
else:
field_name = None
login_url = request.build_absolute_uri(auth_url)
response = redirect_to_login(next_url,
login_url=login_url,
redirect_field_name=field_name)
if request.is_ajax():
response_401 = http.HttpResponse(status=401)
response_401['X-Horizon-Location'] = response['location']
response = response_401
login_user = request.COOKIES.get("login_user")
if login_user:
LOG.info("process_exception logout user %s", login_user)
auth_utils.handle_user_logout(login_user)
response.set_cookie("login_user")
return response
if isinstance(exception, exceptions.NotAuthorized):
""" Not authorized could be a result of project context switching.
redirect to dashboard page if it is possible or to homepage
"""
if hasattr(request.horizon, 'dashboard'):
url = request.horizon.dashboard.get_absolute_url()
else:
# go home if there isn't dashboard
url = Horizon.get_user_home(request.user)
response = shortcuts.redirect(url)
if request.is_ajax():
response_403 = http.HttpResponse(status=403)
response_403['X-Horizon-Location'] = response['location']
return response_403
LOG.info('Access is not authorized, redirect to: %s', url)
return response
# If an internal "NotFound" error gets this far, return a real 404.
if isinstance(exception, exceptions.NotFound):
raise http.Http404(exception)
if isinstance(exception, exceptions.Http302):
# TODO(gabriel): Find a way to display an appropriate message to
# the user *on* the login form...
return shortcuts.redirect(exception.location)
def login(request):
"""
Logs in a user and redirects them to the URL specified by
:func:`horizon.get_user_home`.
"""
if request.user.is_authenticated():
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
form, handled = Login.maybe_handle(request)
if handled:
return handled
# FIXME(gabriel): we don't ship a view named splash
return shortcuts.render(request, 'splash.html', {'form': form})
def login(request):
"""
Logs in a user and redirects them to the URL specified by
:func:`horizon.get_user_home`.
"""
if request.user.is_authenticated():
user = users.User(users.get_user_from_request(request))
return shortcuts.redirect(Horizon.get_user_home(user))
form, handled = Login.maybe_handle(request)
if handled:
return handled
# FIXME(gabriel): we don't ship a view named splash
return shortcuts.render(request, 'splash.html', {'form': form})
