burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

updated handlers.py from mainstream

Browse Source
This commit is contained in:
Adolfo Gómez García 2015-04-16 18:24:43 +02:00
parent 2fe783e3ae
commit fc447e3ccf
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
server/src/uds/REST/handlers.py
View File

@ -37,6 +37,8 @@ from __future__ import unicode_literals
from django.contrib.sessions.backends.db import SessionStore from django.contrib.sessions.backends.db import SessionStore
from uds.core.util.Config import GlobalConfig from uds.core.util.Config import GlobalConfig
from uds.core.auths.auth import getRootUser
from uds.models import Authenticator
import logging import logging
@ -80,6 +82,13 @@ class ResponseError(HandlerError):
pass pass
class NotSupportedError(HandlerError):
'''
Some elements do not support some operations (as searching over an authenticator that does not supports it)
'''
pass
class Handler(object): class Handler(object):
''' '''
REST requests handler base class REST requests handler base class
@ -88,7 +97,7 @@ class Handler(object):
name = None # If name is not used, name will be the class name in lower case name = None # If name is not used, name will be the class name in lower case
path = None # Path for this method, so we can do /auth/login, /auth/logout, /auth/auths in a simple way path = None # Path for this method, so we can do /auth/login, /auth/logout, /auth/auths in a simple way
authenticated = True # By default, all handlers needs authentication authenticated = True # By default, all handlers needs authentication
needs_admin = False # By default, the methods will be accessible by anyone if nothine else indicated needs_admin = False # By default, the methods will be accessible by anyone if nothing else indicated
needs_staff = False # By default, staff needs_staff = False # By default, staff
# method names: 'get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace' # method names: 'get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace'
@ -108,6 +117,7 @@ class Handler(object):
self._kwargs = kwargs self._kwargs = kwargs
self._headers = {} self._headers = {}
self._authToken = None self._authToken = None
self._user = None
if self.authenticated: # Only retrieve auth related data on authenticated handlers if self.authenticated: # Only retrieve auth related data on authenticated handlers
try: try:
self._authToken = self._request.META.get(AUTH_TOKEN_HEADER, '') self._authToken = self._request.META.get(AUTH_TOKEN_HEADER, '')
@ -127,6 +137,8 @@ class Handler(object):
if self.needs_staff and not self.getValue('staff_member'): if self.needs_staff and not self.getValue('staff_member'):
raise AccessDenied() raise AccessDenied()
self._user = self.getUser()
def headers(self): def headers(self):
''' '''
Returns the headers of the REST request (all) Returns the headers of the REST request (all)
@ -246,3 +258,17 @@ class Handler(object):
True if user of this REST request is member of staff True if user of this REST request is member of staff
''' '''
return self.getValue('staff_member') and True or False return self.getValue('staff_member') and True or False
def getUser(self):
'''
If user is staff member, returns his Associated user on auth
'''
logger.debug('REST : {}'.format(self._session))
authId = self.getValue('auth')
username = self.getValue('username')
# Maybe it's root user??
if (GlobalConfig.SUPER_USER_ALLOW_WEBACCESS.getBool(True) and
username == GlobalConfig.SUPER_USER_LOGIN.get(True) and
authId == -1):
return getRootUser()
return Authenticator.objects.get(pk=authId).users.get(name=username)