def authenticated(request, groups): """ helper function to check if user is authenticated and in a given group. """ if not request.META.get("verified") == "SUCCESS" or ( groups and todn(request.META.get("dn")).get("O") not in settings.TLS_ADMINGROUPS ): return HttpResponse("Forbidden", status=403)
def authorized(env, users=None): email=todn(env.get('dn')).get('emailAddress') if env.get('verified') == 'SUCCESS': #print self.users if users and email not in users: return False return email return False
def authorized(env, users=None): email = todn(env.get('dn')).get('emailAddress') if env.get('verified') == 'SUCCESS': #print self.users if users and email not in users: return False return email return False
def showcsrs(self): email=authorized(self.environ, CONFIG['admins']) if not email: return _404(self.environ, self.resp) return send_template(self.resp, 'csrs.html', isadmin=authorized(self.environ, CONFIG['admins']), certs=[(todn(cert.get_subject()), datetime.datetime.fromtimestamp(os.stat(path).st_mtime), os.path.basename(path)) for cert, path in self.ca.incoming()])
def wrapped(): try: err=authenticated(groups) if err: return err return render_template('csrs.html', certs=[(todn(cert.get_subject()), datetime.datetime.fromtimestamp(os.stat(path).st_mtime), os.path.basename(path)) for cert, path in ca.incoming()]) except: import traceback print traceback.format_exc()
def wrapped(): try: err = authenticated(groups) if err: return err return render_template('csrs.html', certs=[(todn(cert.get_subject()), datetime.datetime.fromtimestamp( os.stat(path).st_mtime), os.path.basename(path)) for cert, path in ca.incoming()]) except: import traceback print traceback.format_exc()
def showcsrs(self): email = authorized(self.environ, CONFIG['admins']) if not email: return _404(self.environ, self.resp) return send_template(self.resp, 'csrs.html', isadmin=authorized(self.environ, CONFIG['admins']), certs=[(todn(cert.get_subject()), datetime.datetime.fromtimestamp( os.stat(path).st_mtime), os.path.basename(path)) for cert, path in self.ca.incoming()])
def showcsrs(request): """ authenticated view list of submitted CSRs """ err = authenticated(request, settings.TLS_ADMINGROUPS) if err: return err return render_to_response( "csrs.html", { "certs": [ ( todn(cert.get_subject()), datetime.datetime.fromtimestamp(os.stat(path).st_mtime), os.path.basename(path), ) for cert, path in settings.TLS_CA.incoming() ] }, )
def wrapped(*args,**kwargs): if request.environ['verified']=="SUCCESS" and (not groups or todn(request.environ['dn']).get('O') in groups): return func(*args,**kwargs) return unauth(*args,**kwargs)
def authenticated(groups): """ (FLASK) helper function to check if user is authenticated and in a given group. """ if not request.environ['verified']=="SUCCESS" or (groups and todn(request.environ['dn']).get('O') not in groups): return Response("Forbidden",403)
def wrapped(*args, **kwargs): if request.environ['verified'] == "SUCCESS" and ( not groups or todn(request.environ['dn']).get('O') in groups): return func(*args, **kwargs) return unauth(*args, **kwargs)
def authenticated(groups): """ (FLASK) helper function to check if user is authenticated and in a given group. """ if not request.environ['verified'] == "SUCCESS" or (groups and todn( request.environ['dn']).get('O') not in groups): return Response("Forbidden", 403)
def wrapped(request, *args, **kwargs): if request.META.get("verified") == "SUCCESS" and ( not groups or todn(request.META.get("dn")).get("O") in groups ): return func(request, *args, **kwargs) return unauth(request, *args, **kwargs)
def filterfile(self, line): """ parsing and handling the mime part of a POST file upload param. param line: is the first line of the mime part. """ name=line[len(startfile):-1] line=self.fd.readline().strip() if not line.startswith(contenttxt): raise Exception("y u no content_type?!?") content_type=line[len(contenttxt):] line=self.fd.readline() # drop separating empty line dropDir = CONFIG['root'] + '/drop/'+ self.dropper.stashid fd, fname = mkstemp(dir=dropDir + '/') if self.crypto: os.close(fd) self.gpg.encrypt_file(self, self.dropper.recipients, output=fname, always_trust=True) else: fd=os.fdopen(fd, 'w') while True: buf=self.read(1024) if buf=='': break fd.write(buf) meta="%s\n%s\n%s\n%s" % ( name, content_type, self.dropper.environ.get('dn'), self.hash.hexdigest()) if self.crypto: meta=self.gpg.encrypt(meta, self.dropper.recipients, always_trust=True, armor=False).data with open(fname+'.meta','w') as fd: fd.write(meta) url=urlunparse((self.dropper.environ.get('wsgi.url_scheme'), self.dropper.environ.get('HTTP_HOST') + \ (':'+self.dropper.environ.get('HTTP_HOST') if (self.dropper.environ['wsgi.url_scheme']=='https' and self.dropper.environ['SERVER_PORT'] != '443') or (self.dropper.environ['wsgi.url_scheme']=='http' and self.dropper.environ['SERVER_PORT'] != '80') else ''), "/%s/%s" % (self.dropper.stashid, fname.split('/')[-1]), '', '', '')) if CONFIG.get('notify'): sender=(todn(self.dropper.environ.get('dn',''))['emailAddress'] if todn(self.dropper.environ.get('dn','')).get('emailAddress') else "anon@localhost") txt = render_template('notification.txt', path=fname, name=name, type=content_type, url=url, size=sizeof_fmt(self.size), sender=sender, hash=self.hash.hexdigest()) txt=self.gpg.encrypt(txt, self.dropper.recipients, always_trust=True).data res=mail(txt, [x['uids'][0] for x in self.gpg.list_keys() if x['keyid'] in self.dropper.recipients])
def filterfile(self, line): """ parsing and handling the mime part of a POST file upload param. param line: is the first line of the mime part. """ name = line[len(startfile):-1] line = self.fd.readline().strip() if not line.startswith(contenttxt): raise Exception("y u no content_type?!?") content_type = line[len(contenttxt):] line = self.fd.readline() # drop separating empty line dropDir = CONFIG['root'] + '/drop/' + self.dropper.stashid fd, fname = mkstemp(dir=dropDir + '/') if self.crypto: os.close(fd) self.gpg.encrypt_file(self, self.dropper.recipients, output=fname, always_trust=True) else: fd = os.fdopen(fd, 'w') while True: buf = self.read(1024) if buf == '': break fd.write(buf) meta = "%s\n%s\n%s\n%s" % (name, content_type, self.dropper.environ.get('dn'), self.hash.hexdigest()) if self.crypto: meta = self.gpg.encrypt(meta, self.dropper.recipients, always_trust=True, armor=False).data with open(fname + '.meta', 'w') as fd: fd.write(meta) url=urlunparse((self.dropper.environ.get('wsgi.url_scheme'), self.dropper.environ.get('HTTP_HOST') + \ (':'+self.dropper.environ.get('HTTP_HOST') if (self.dropper.environ['wsgi.url_scheme']=='https' and self.dropper.environ['SERVER_PORT'] != '443') or (self.dropper.environ['wsgi.url_scheme']=='http' and self.dropper.environ['SERVER_PORT'] != '80') else ''), "/%s/%s" % (self.dropper.stashid, fname.split('/')[-1]), '', '', '')) if CONFIG.get('notify'): sender = (todn(self.dropper.environ.get('dn', ''))['emailAddress'] if todn(self.dropper.environ.get( 'dn', '')).get('emailAddress') else "anon@localhost") txt = render_template('notification.txt', path=fname, name=name, type=content_type, url=url, size=sizeof_fmt(self.size), sender=sender, hash=self.hash.hexdigest()) txt = self.gpg.encrypt(txt, self.dropper.recipients, always_trust=True).data res = mail(txt, [ x['uids'][0] for x in self.gpg.list_keys() if x['keyid'] in self.dropper.recipients ])