def user_cert_generate(request, user_id):
"""Create a new user certificate after confirmation.
@param request: the request object
@param user_id: the id of the user whose certificate we are generating.
"""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_change_user_cert")
cert_fname = get_user_cert_fname(user)
key_fname = get_user_key_fname(user)
urn = get_user_urn(user.username)
if request.method == "POST":
create_x509_cert(urn, cert_fname, key_fname)
DatedMessage.objects.post_message_to_user(
"GCF Certificate for user %s successfully created." % user.username,
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS)
return HttpResponseRedirect(reverse(user_cert_manage, args=[user.id]))
return simple.direct_to_template(
request,
template="user_cert_generate.html",
extra_context={
"curr_user": user,
},
)
def user_cert_manage(request, user_id):
"""Allow the user to download/regenerate/upload a GCF certificate.
@param request: the request object
@param user_id: the id of the user whose certificate we are managing.
"""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_change_user_cert")
cert_fname = get_user_cert_fname(user)
if not os.access(cert_fname, os.F_OK):
cert = None
else:
cert = read_cert_from_file(cert_fname)
return simple.direct_to_template(
request,
template=TEMPLATE_PATH + "/user_cert_manage.html",
extra_context={
"curr_user": user,
"cert": cert,
},
)
def user_cert_generate(request, user_id):
"""Create a new user certificate after confirmation.
@param request: the request object
@param user_id: the id of the user whose certificate we are generating.
"""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_change_user_cert")
cert_fname = get_user_cert_fname(user)
key_fname = get_user_key_fname(user)
urn = get_user_urn(user.username)
if request.method == "POST":
create_x509_cert(urn, cert_fname, key_fname)
DatedMessage.objects.post_message_to_user(
"GCF Certificate for user %s successfully created." %
user.username,
user=request.user,
msg_type=DatedMessage.TYPE_SUCCESS)
return HttpResponseRedirect(reverse(user_cert_manage, args=[user.id]))
return simple.direct_to_template(
request,
template=TEMPLATE_PATH + "/user_cert_generate.html",
extra_context={
"curr_user": user,
},
)
def user_cert_manage(request, user_id):
"""Allow the user to download/regenerate/upload a GCF certificate.
@param request: the request object
@param user_id: the id of the user whose certificate we are managing.
"""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_change_user_cert")
cert_fname = get_user_cert_fname(user)
if not os.access(cert_fname, os.F_OK):
cert = None
else:
cert = read_cert_from_file(cert_fname)
return simple.direct_to_template(
request,
template="user_cert_manage.html",
extra_context={
"curr_user": user,
"cert": cert,
},
)
def setUp(self):
self.u = User.objects.create_user(
"test_user", "*****@*****.**", "password")
self.cert_fname = get_user_cert_fname(self.u)
self.key_fname = get_user_key_fname(self.u)
try_unlink(self.cert_fname)
try_unlink(self.key_fname)
def setUp(self):
self.u = User.objects.create_user("test_user", "*****@*****.**",
"password")
self.cert_fname = get_user_cert_fname(self.u)
self.key_fname = get_user_key_fname(self.u)
try_unlink(self.cert_fname)
try_unlink(self.key_fname)
def save(self, user):
"""Write the key and cert into files.
@param user: the user to save the cert and key for.
@type user: C{django.contrib.auth.models.User}
"""
key_fname = get_user_key_fname(user)
cert_fname = get_user_cert_fname(user)
self.key.save_to_file(key_fname)
self.cert.save_to_file(cert_fname)
def save(self, user):
"""Write the key and cert into files.
@param user: the user to save the cert and key for.
@type user: C{django.contrib.auth.models.User}
"""
key_fname = get_user_key_fname(user)
cert_fname = get_user_cert_fname(user)
self.key.save_to_file(key_fname)
self.cert.save_to_file(cert_fname)
def user_cert_download(request, user_id):
"""Download a GCF certificate."""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_download_certs")
cert_fname = get_user_cert_fname(user)
response = HttpResponse(open(cert_fname, 'r').read(),
mimetype='application/force-download')
response['Content-Disposition'] = 'attachment; filename=%s' % cert_fname
return response
def user_cert_download(request, user_id):
"""Download a GCF certificate."""
user = get_object_or_404(User, pk=user_id)
must_have_permission(request.user, user, "can_download_certs")
cert_fname = get_user_cert_fname(user)
response = HttpResponse(open(cert_fname,'r').read(),
mimetype='application/force-download')
response['Content-Disposition'] = 'attachment; filename=%s' % cert_fname
return response
def get_user_client(self, user):
"""Get a client to talk to the aggregate as the user."""
return self._get_client(
get_user_cert_fname(user), get_user_key_fname(user))
def get_user_client(self, user):
"""Get a client to talk to the aggregate as the user."""
return self._get_client(get_user_cert_fname(user),
get_user_key_fname(user))