def test_site(self): self.assertEqual(unicode(Horizon), "Horizon") self.assertEqual(repr(Horizon), "<Site: Horizon>") dash = Horizon.get_dashboard('nova') self.assertEqual(Horizon.get_default_dashboard(), dash) user = users.User() self.assertEqual(Horizon.get_user_home(user), dash.get_absolute_url())
def switch_tenants(request, tenant_id): """ Swaps a user from one tenant to another using the unscoped token from Keystone to exchange scoped tokens for the new tenant. """ form, handled = LoginWithTenant.maybe_handle( request, initial={'tenant': tenant_id, 'username': request.user.username}) if handled: return handled unscoped_token = request.session.get('unscoped_token', None) if unscoped_token: try: token = api.token_create_scoped(request, tenant_id, unscoped_token) _set_session_data(request, token) user = users.User(users.get_user_from_request(request)) return shortcuts.redirect(Horizon.get_user_home(user)) except exceptions.Unauthorized as e: messages.error(_("You are not authorized for that tenant.")) # FIXME(gabriel): we don't ship switch_tenants.html return shortcuts.render(request, 'switch_tenants.html', { 'to_tenant': tenant_id, 'form': form})
def switch_tenants(request, tenant_id): """ Swaps a user from one tenant to another using the unscoped token from Keystone to exchange scoped tokens for the new tenant. """ form, handled = LoginWithTenant.maybe_handle(request, initial={ 'tenant': tenant_id, 'username': request.user.username }) if handled: return handled unscoped_token = request.session.get('unscoped_token', None) if unscoped_token: try: token = api.token_create_scoped(request, tenant_id, unscoped_token) _set_session_data(request, token) user = users.User(users.get_user_from_request(request)) return shortcuts.redirect(Horizon.get_user_home(user)) except: exceptions.handle(request, _("You are not authorized for that tenant.")) return shortcuts.redirect("horizon:auth_login")
def switch_tenants(request, tenant_id): """ Swaps a user from one tenant to another using the unscoped token from Keystone to exchange scoped tokens for the new tenant. """ form, handled = LoginWithTenant.maybe_handle(request, initial={ 'tenant': tenant_id, 'username': request.user.username }) if handled: return handled unscoped_token = request.session.get('unscoped_token', None) if unscoped_token: try: token = api.token_create_scoped(request, tenant_id, unscoped_token) _set_session_data(request, token) user = users.User(users.get_user_from_request(request)) return shortcuts.redirect(Horizon.get_user_home(user)) except exceptions.Unauthorized as e: messages.error(_("You are not authorized for that tenant.")) # FIXME(gabriel): we don't ship switch_tenants.html return shortcuts.render(request, 'switch_tenants.html', { 'to_tenant': tenant_id, 'form': form })
def switch_tenants(request, tenant_id): """ Swaps a user from one tenant to another using the unscoped token from Keystone to exchange scoped tokens for the new tenant. """ form, handled = LoginWithTenant.maybe_handle( request, initial={'tenant': tenant_id, 'username': request.user.username}) if handled: return handled unscoped_token = request.session.get('unscoped_token', None) if unscoped_token: try: token = api.token_create_scoped(request, tenant_id, unscoped_token) _set_session_data(request, token) user = users.User(users.get_user_from_request(request)) return shortcuts.redirect(Horizon.get_user_home(user)) except: exceptions.handle(request, _("You are not authorized for that tenant.")) return shortcuts.redirect("horizon:auth_login")
def process_exception(self, request, exception): """Catches internal Horizon exception classes. Exception classes such as NotAuthorized, NotFound and Http302 are caught and handles them gracefully. """ if isinstance(exception, exceptions.NotAuthenticated) or not \ request.user.is_authenticated(): auth_url = settings.LOGIN_URL next_url = iri_to_uri(request.get_full_path()) if next_url != auth_url: field_name = REDIRECT_FIELD_NAME else: field_name = None login_url = request.build_absolute_uri(auth_url) response = redirect_to_login(next_url, login_url=login_url, redirect_field_name=field_name) if request.is_ajax(): response_401 = http.HttpResponse(status=401) response_401['X-Horizon-Location'] = response['location'] response = response_401 login_user = request.COOKIES.get("login_user") if login_user: LOG.info("process_exception logout user %s", login_user) auth_utils.handle_user_logout(login_user) response.set_cookie("login_user") return response if isinstance(exception, exceptions.NotAuthorized): """ Not authorized could be a result of project context switching. redirect to dashboard page if it is possible or to homepage """ if hasattr(request.horizon, 'dashboard'): url = request.horizon.dashboard.get_absolute_url() else: # go home if there isn't dashboard url = Horizon.get_user_home(request.user) response = shortcuts.redirect(url) if request.is_ajax(): response_403 = http.HttpResponse(status=403) response_403['X-Horizon-Location'] = response['location'] return response_403 LOG.info('Access is not authorized, redirect to: %s', url) return response # If an internal "NotFound" error gets this far, return a real 404. if isinstance(exception, exceptions.NotFound): raise http.Http404(exception) if isinstance(exception, exceptions.Http302): # TODO(gabriel): Find a way to display an appropriate message to # the user *on* the login form... return shortcuts.redirect(exception.location)
def login(request): """ Logs in a user and redirects them to the URL specified by :func:`horizon.get_user_home`. """ if request.user.is_authenticated(): user = users.User(users.get_user_from_request(request)) return shortcuts.redirect(Horizon.get_user_home(user)) form, handled = Login.maybe_handle(request) if handled: return handled # FIXME(gabriel): we don't ship a view named splash return shortcuts.render(request, 'splash.html', {'form': form})