burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

* Fixed configuration commands with parameters with "equal" sign

Browse Source 
* Fixed access using ticket
This commit is contained in:
Adolfo Gómez García 2021-03-12 11:41:53 +01:00
parent 49ee75d986
commit 1505fd346b
4 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/uds/management/commands/config.py
View File

@ -51,7 +51,7 @@ class Command(BaseCommand):
try: try:
for config in options['name_value']: for config in options['name_value']:
logger.debug('Config: %s', config) logger.debug('Config: %s', config)
first, value = config.split('=') first, value = config.split('=', 1) # Only first = is separator :)
first = first.split('.') first = first.split('.')
if len(first) == 2: if len(first) == 2:
mod, name = first mod, name = first

2
server/src/uds/urls.py
View File

@ -81,7 +81,7 @@ urlpatterns = [
# Ticket authentication related # Ticket authentication related
re_path(r'^uds/page/ticket/auth/(?P<ticketId>[a-zA-Z0-9.-]+)$', uds.web.views.ticketAuth, name='page.ticket.auth'), re_path(r'^uds/page/ticket/auth/(?P<ticketId>[a-zA-Z0-9.-]+)$', uds.web.views.ticketAuth, name='page.ticket.auth'),
path(r'uds/page/ticket/launcher', uds.web.views.modern.index, name='page.ticket.launcher'), path(r'uds/page/ticket/launcher', uds.web.views.modern.ticketLauncher, name='page.ticket.launcher'),
# This must be the last, so any patition will be managed by client in fact # This must be the last, so any patition will be managed by client in fact
re_path(r'uds/page/.*', uds.web.views.modern.index, name='page.placeholder'), re_path(r'uds/page/.*', uds.web.views.modern.index, name='page.placeholder'),

2
server/src/uds/web/util/configjs.py
View File

@ -68,6 +68,8 @@ def udsJs(request: 'HttpRequest') -> str:
if user: if user:
role = 'staff' if user.isStaff() and not user.is_admin else 'admin' if user.is_admin else 'user' role = 'staff' if user.isStaff() and not user.is_admin else 'admin' if user.is_admin else 'user'
if request.session.get('restricted', False):
role = 'restricted'
profile: typing.Dict[str, typing.Any] = { profile: typing.Dict[str, typing.Any] = {
'user': user.name if user else None, 'user': user.name if user else None,

8
server/src/uds/web/views/modern.py
View File

@ -59,11 +59,18 @@ def index(request: HttpRequest) -> HttpResponse:
return response return response
# Includes a request.session ticket, indicating that
def ticketLauncher(request: HttpRequest) -> HttpResponse:
request.session['restricted'] = True # Access is from ticket
return index(request)
# Basically, the original /login method, but fixed for modern interface # Basically, the original /login method, but fixed for modern interface
def login(request: HttpRequest, tag: typing.Optional[str] = None) -> HttpResponse: def login(request: HttpRequest, tag: typing.Optional[str] = None) -> HttpResponse:
# Default empty form # Default empty form
logger.debug('Tag: %s', tag) logger.debug('Tag: %s', tag)
if request.method == 'POST': if request.method == 'POST':
request.session['restricted'] = False # Access is from login
form = LoginForm(request.POST, tag=tag) form = LoginForm(request.POST, tag=tag)
user, data = checkLogin(request, form, tag) user, data = checkLogin(request, form, tag)
if user: if user:
@ -92,6 +99,7 @@ def login(request: HttpRequest, tag: typing.Optional[str] = None) -> HttpRespons
@auth.webLoginRequired(admin=False) @auth.webLoginRequired(admin=False)
def logout(request: HttpRequest) -> HttpResponse: def logout(request: HttpRequest) -> HttpResponse:
auth.authLogLogout(request) auth.authLogLogout(request)
request.session['restricted'] = False # Remove restricted
logoutUrl = request.user.logout() logoutUrl = request.user.logout()
if logoutUrl is None: if logoutUrl is None:
logoutUrl = request.session.get('logouturl', None) logoutUrl = request.session.get('logouturl', None)