* Adapting to new "near" auth groups

server/requirements.txt

@@ -11,3 +11,4 @@ pyOpenSSL
 python-ldap
 six
 MySQL-python
+reportlab

server/src/uds/admin/urls.py

@@ -30,13 +30,14 @@
 @author: Adolfo Gómez, dkmaster at dkmon dot com
 '''
 from __future__ import unicode_literals
-from django.conf.urls import patterns
+from django.conf.urls import patterns, include
 
-__updated__ = '2014-09-15'
+__updated__ = '2015-02-28'
 
 urlpatterns = patterns(
     'uds.admin.views',
     (r'^$', 'index'),
     (r'^tmpl/(?P<template>[a-zA-Z0-9_-]*)$', 'tmpl'),
     (r'^sample$', 'sample'),
+    (r'^reports/', include('uds.admin.views.reports.urls')),
 )

server/src/uds/admin/views/__init__.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.http import HttpResponse, HttpResponseForbidden
 from django.template import RequestContext, loader
 
@@ -41,25 +43,18 @@ from uds.core.util.decorators import denyBrowsers
 
 import logging
 
-__updated__ = '2015-02-02'
-
 logger = logging.getLogger(__name__)
 
 
 @denyBrowsers(browsers=['ie<9'])
-@webLoginRequired
+@webLoginRequired(admin=True)
 def index(request):
-    if request.user.isStaff() is False:
-        return HttpResponseForbidden(_('Forbidden'))
-
     return render(request, 'uds/admin/index.html')
 
 
 @denyBrowsers(browsers=['ie<9'])
-@webLoginRequired
+@webLoginRequired(admin=True)
 def tmpl(request, template):
-    if request.user.isStaff() is False:
-        return HttpResponseForbidden(_('Forbidden'))
     try:
         t = loader.get_template('uds/admin/tmpl/' + template + ".html")
         c = RequestContext(request)
@@ -71,9 +66,6 @@ def tmpl(request, template):
 
 
 @denyBrowsers(browsers=['ie<9'])
-@webLoginRequired
+@webLoginRequired(admin=True)
 def sample(request):
-    if request.user.isStaff() is False:
-        return HttpResponseForbidden(_('Forbidden'))
-
     return render(request, 'uds/admin/sample.html')

server/src/uds/admin/views/reports/__init__.py

@@ -0,0 +1,33 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (c) 2014 Virtual Cable S.L.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    * Redistributions of source code must retain the above copyright notice,
+#      this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above copyright notice,
+#      this list of conditions and the following disclaimer in the documentation
+#      and/or other materials provided with the distribution.
+#    * Neither the name of Virtual Cable S.L. nor the names of its contributors
+#      may be used to endorse or promote products derived from this software
+#      without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+'''
+@author: Adolfo Gómez, dkmaster at dkmon dot com
+'''
+from __future__ import unicode_literals
+
+from .usage import usage

server/src/uds/admin/views/reports/urls.py

@@ -0,0 +1,40 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (c) 2012 Virtual Cable S.L.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    * Redistributions of source code must retain the above copyright notice,
+#      this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above copyright notice,
+#      this list of conditions and the following disclaimer in the documentation
+#      and/or other materials provided with the distribution.
+#    * Neither the name of Virtual Cable S.L. nor the names of its contributors
+#      may be used to endorse or promote products derived from this software
+#      without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+'''
+@author: Adolfo Gómez, dkmaster at dkmon dot com
+'''
+from __future__ import unicode_literals
+from django.conf.urls import patterns
+
+__updated__ = '2015-02-28'
+
+urlpatterns = patterns(
+    'uds.admin.views.reports',
+    (r'^usage/', 'usage'),
+)

server/src/uds/admin/views/reports/usage.py

@@ -0,0 +1,49 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (c) 2012 Virtual Cable S.L.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without modification,
+# are permitted provided that the following conditions are met:
+#
+#    * Redistributions of source code must retain the above copyright notice,
+#      this list of conditions and the following disclaimer.
+#    * Redistributions in binary form must reproduce the above copyright notice,
+#      this list of conditions and the following disclaimer in the documentation
+#      and/or other materials provided with the distribution.
+#    * Neither the name of Virtual Cable S.L. nor the names of its contributors
+#      may be used to endorse or promote products derived from this software
+#      without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+'''
+@author: Adolfo Gómez, dkmaster at dkmon dot com
+'''
+from __future__ import unicode_literals
+
+__updated__ = '2015-02-28'
+
+from django.http import HttpResponse, HttpResponseRedirect
+from django.shortcuts import render_to_response
+
+from uds.core.auths.auth import webLoginRequired
+from uds.core.util.decorators import denyBrowsers
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+@denyBrowsers(browsers=['ie<9'])
+@webLoginRequired(admin=True)
+def usage(request):
+    return HttpResponse('ok', content_type='text/plain')

server/src/uds/core/auths/auth.py

@@ -38,6 +38,7 @@ from __future__ import unicode_literals
 from functools import wraps
 from django.http import HttpResponseRedirect, HttpResponseForbidden
 from django.utils.translation import get_language
+from django.utils.decorators import available_attrs
 
 from django.utils.translation import ugettext as _
 from uds.core.util.Config import GlobalConfig
@@ -53,7 +54,7 @@ from uds.core.util.request import getRequest
 import logging
 import six
 
-__updated__ = '2015-01-22'
+__updated__ = '2015-02-28'
 
 logger = logging.getLogger(__name__)
 authLogger = logging.getLogger('authLog')
@@ -101,36 +102,43 @@ def getIp(request):
 
 
 # Decorator to make easier protect pages that needs to be logged in
-def webLoginRequired(view_func):
+def webLoginRequired(admin):
     '''
     Decorator to set protection to access page
     Look for samples at uds.core.web.views
     '''
-    @wraps(view_func)
-    def _wrapped_view(request, *args, **kwargs):
-        '''
-        Wrapped function for decorator
-        '''
-        user = request.session.get(USER_KEY)
-        if user is not None:
-            try:
-                if user == ROOT_ID:
-                    user = getRootUser()
-                else:
-                    user = User.objects.get(pk=user)
-            except User.DoesNotExist:
-                user = None
-        if user is None:
-            url = request.build_absolute_uri(GlobalConfig.LOGIN_URL.get())
-            if GlobalConfig.REDIRECT_TO_HTTPS.getBool() is True:
-                url = url.replace('http://', 'https://')
-            logger.debug('No user found, redirecting to {0}'.format(url))
-            return HttpResponseRedirect(url)
-        # Refresh session duration
-        # request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
-        request.user = user
-        return view_func(request, *args, **kwargs)
-    return _wrapped_view
+    def decorator(view_func):
+        @wraps(view_func, assigned=available_attrs(view_func))
+        def _wrapped_view(request, *args, **kwargs):
+            '''
+            Wrapped function for decorator
+            '''
+            user = request.session.get(USER_KEY)
+            if user is not None:
+                try:
+                    if user == ROOT_ID:
+                        user = getRootUser()
+                    else:
+                        user = User.objects.get(pk=user)
+                except User.DoesNotExist:
+                    user = None
+
+            if admin is True:
+               if user is None or user.isStaff() is False:
+                   return HttpResponseForbidden(_('Forbidden'))
+
+            if user is None:
+                url = request.build_absolute_uri(GlobalConfig.LOGIN_URL.get())
+                if GlobalConfig.REDIRECT_TO_HTTPS.getBool() is True:
+                    url = url.replace('http://', 'https://')
+                logger.debug('No user found, redirecting to {0}'.format(url))
+                return HttpResponseRedirect(url)
+            # Refresh session duration
+            # request.session.set_expiry(GlobalConfig.USER_SESSION_LENGTH.getInt())
+            request.user = user
+            return view_func(request, *args, **kwargs)
+        return _wrapped_view
+    return decorator
 
 
 # Decorator to protect pages that needs to be accessed from "trusted sites"

server/src/uds/templates/uds/html5/snippets/navbar.html

@@ -34,7 +34,7 @@
                       {% endfor %}
                     </ul>
                   </li>
-                  {% if user and user.pk is not None %}
+                  {% if user and user.pk != None %}
                   <li class="dropdown">
                     <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> {{ user.real_name }} <b class="caret"></b></a>
                     <ul class="dropdown-menu">

server/src/uds/web/views/__init__.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 import logging
 
 logger = logging.getLogger(__name__)

server/src/uds/web/views/auth.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.http import HttpResponse, HttpResponseRedirect, HttpResponsePermanentRedirect
 from django.views.decorators.csrf import csrf_exempt
 from django.shortcuts import render_to_response
@@ -135,7 +137,7 @@ def authInfo(request, authName):
         return HttpResponse(_('Authenticator does not provide information'))
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def authJava(request, idAuth, hasJava):
     request.session['java'] = hasJava == 'y'
     try:

server/src/uds/web/views/download.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.http import HttpResponseForbidden
 from django.shortcuts import render_to_response
 from django.template import RequestContext
@@ -44,14 +46,11 @@ import logging
 logger = logging.getLogger(__name__)
 
 
-@webLoginRequired
+@webLoginRequired(admin=True)
 def download(request, idDownload):
     '''
     Downloadables management
     '''
-    if request.user.isStaff() is False:
-        return HttpResponseForbidden(_('Forbidden'))
-
     if idDownload == '':
         files = [{'id': key, 'name': val['name'], 'comment': _(val['comment'])} for key, val in DownloadsManager.manager().getDownloadables().items()]
         logger.debug('Files: {0}'.format(files))

server/src/uds/web/views/index.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.shortcuts import render_to_response
 from django.shortcuts import render
 from django.shortcuts import redirect
@@ -58,7 +60,7 @@ def about(request):
     return render(request, theme.template('about.html'))
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def index(request):
     '''
     Renders the main page.

server/src/uds/web/views/js.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.views.decorators.cache import cache_page
 from django.views.i18n import javascript_catalog
 

server/src/uds/web/views/login.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render_to_response
 from django.template import RequestContext
@@ -143,7 +145,7 @@ def customAuth(request, idAuth):
     return HttpResponse(res, content_type='text/html')
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def logout(request):
     authLogLogout(request)
     return webLogout(request, request.user.logout())

server/src/uds/web/views/prefs.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.shortcuts import render_to_response
 from django.shortcuts import redirect
 from django.template import RequestContext
@@ -45,7 +47,7 @@ import logging
 logger = logging.getLogger(__name__)
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def prefs(request):
     '''
     Preferences form

server/src/uds/web/views/service.py

@@ -30,6 +30,8 @@
 '''
 from __future__ import unicode_literals
 
+__updated__ = '2015-02-28'
+
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render_to_response
 from django.template import RequestContext
@@ -55,7 +57,7 @@ logger = logging.getLogger(__name__)
 __updated__ = '2015-02-22'
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def service(request, idService, idTransport):
     kind, idService = idService[0], idService[1:]
     try:
@@ -104,7 +106,7 @@ def service(request, idService, idTransport):
         return errors.exceptionView(request, e)
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def transcomp(request, idTransport, componentId):
     try:
         # We got translated first id
@@ -118,7 +120,7 @@ def transcomp(request, idTransport, componentId):
         return errors.exceptionView(request, e)
 
 
-@webLoginRequired
+@webLoginRequired(admin=False)
 def sernotify(request, idUserService, notification):
     try:
         if notification == 'hostname':