Merge remote-tracking branch 'origin/v3.0'

2024-12-25 23:21:41 +03:00 · 2021-05-04 13:05:31 +02:00 · 2021-05-04 13:05:31 +02:00 · 98293bba75
commit 98293bba75
parent 07738e3dc2 e920628395
5 changed files with 78 additions and 65 deletions
--- a/server/src/uds/REST/handlers.py
+++ b/server/src/uds/REST/handlers.py
@ -245,6 +245,7 @@ class Handler:
        session.save()
        self._authToken = session.session_key
        self._session = session
+        
        return self._authToken

    def cleanAuthToken(self) -> None:
--- a/server/src/uds/REST/methods/connection.py
+++ b/server/src/uds/REST/methods/connection.py
@ -40,7 +40,7 @@ from uds.REST import RequestError
 from uds.core.managers import userServiceManager
 from uds.core.managers import cryptoManager
 from uds.core.services.exceptions import ServiceNotReadyError
-from uds.web.util import errors
+from uds.web.util import errors, services


 logger = logging.getLogger(__name__)
@ -85,8 +85,6 @@ class Connection(Handler):

    def serviceList(self):
        # We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds
-        from uds.web.util.services import getServicesData
-
        # Ensure user is present on request, used by web views methods
        self._request.user = self._user

@ -180,6 +178,16 @@ class Connection(Handler):
    def getTicketContent(self):
        return {}  # TODO: use this for something?

+    def getUdsLink(self):
+        # Returns the UDS link for the user & transport
+        self._request.user = self._user  # type: ignore
+        self._request._cryptedpass = self._session['REST']['password']  # type: ignore
+        self._request._scrambler = self._request.META['HTTP_SCRAMBLER']  # type: ignore
+        linkInfo = services.enableService(self._request, idService=self._args[0], idTransport=self._args[1])
+        if linkInfo['error']:
+            return Connection.result(error=linkInfo['error'])
+        return Connection.result(result=linkInfo['url'])
+
    def get(self):
        """
        Processes get requests
@ -201,6 +209,9 @@ class Connection(Handler):
            # /connection/idService/idTransport/skipChecking
            if self._args[2] == 'skipChecking':
                return self.connection(True)
+            # /connection/idService/idTransport/udslink
+            elif self._args[2] == 'udslink':
+                return self.getUdsLink()

        if len(self._args) == 4:
            # /connection/idService/idTransport/scrambler/hostname
--- a/server/src/uds/core/auths/auth.py
+++ b/server/src/uds/core/auths/auth.py
@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 #
-# Copyright (c) 2012-2020 Virtual Cable S.L.U.
+# Copyright (c) 2012-2021 Virtual Cable S.L.U.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without modification,
@ -389,9 +389,10 @@ def webPassword(request: HttpRequest) -> str:
    session (db) and client browser cookies. This method uses this two values to recompose the user password
    so we can provide it to remote sessions.
    """
-    return cryptoManager().symDecrpyt(
-        request.session.get(PASS_KEY, ''), getUDSCookie(request)
-    )  # recover as original unicode string
+    if hasattr(request, 'session'):
+        return cryptoManager().symDecrpyt(request.session.get(PASS_KEY, ''), getUDSCookie(request))  # recover as original unicode string
+    else:  # No session, get from _session instead, this is an "client" REST request
+        return cryptoManager().symDecrpyt(request._cryptedpass, request._scrambler)  # type: ignore


 def webLogout(
--- a/server/src/uds/web/util/services.py
+++ b/server/src/uds/web/util/services.py
@ -46,6 +46,8 @@ from uds.models import (
 from uds.core.util.config import GlobalConfig
 from uds.core.util import html

+from uds.core.managers import userServiceManager
+
 # Not imported at runtime, just for type checking
 if typing.TYPE_CHECKING:
    from uds.core.util.request import ExtendedHttpRequestWithUser
@ -369,5 +371,56 @@ def getServicesData(
        'ip': request.ip,
        'nets': nets,
        'transports': validTrans,
-        'autorun': autorun,
+        'autorun': autorun
+    }
+
+def enableService(request: 'HttpRequest', idService: str, idTransport: str) -> typing.Mapping[str, typing.Any]:
+    # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..)
+    logger.debug('idService: %s, idTransport: %s', idService, idTransport)
+    url = ''
+    error = ugettext('Service not ready. Please, try again in a while.')
+
+    # If meta service, process and rebuild idService & idTransport
+
+    try:
+        res = userServiceManager().getService(request.user, request.os, request.ip, idService, idTransport, doTest=False)
+        scrambler = cryptoManager().randomString(32)
+        password = cryptoManager().symCrypt(webPassword(request), scrambler)
+
+        userService, trans = res[1], res[3]
+
+        typeTrans = trans.getType()
+
+        error = ''  # No error
+
+        if typeTrans.ownLink:
+            url = reverse('TransportOwnLink', args=('A' + userService.uuid, trans.uuid))
+        else:
+            data = {
+                'service': 'A' + userService.uuid,
+                'transport': trans.uuid,
+                'user': request.user.uuid,
+                'password': password
+            }
+
+            ticket = TicketStore.create(data)
+            url = html.udsLink(request, ticket, scrambler)
+    except ServiceNotReadyError as e:
+        logger.debug('Service not ready')
+        # Not ready, show message and return to this page in a while
+        # error += ' (code {0:04X})'.format(e.code)
+        error = ugettext('Your service is being created, please, wait for a few seconds while we complete it.)') +  '({}%)'.format(int(e.code * 25))
+    except MaxServicesReachedError:
+        logger.info('Number of service reached MAX for service pool "%s"', idService)
+        error = errors.errorString(errors.MAX_SERVICES_REACHED)
+    except ServiceAccessDeniedByCalendar:
+        logger.info('Access tried to a calendar limited access pool "%s"', idService)
+        error = errors.errorString(errors.SERVICE_CALENDAR_DENIED)
+    except Exception as e:
+        logger.exception('Error')
+        error = str(e)
+
+    return {
+        'url': str(url),
+        'error': str(error)
    }
--- a/server/src/uds/web/views/service.py
+++ b/server/src/uds/web/views/service.py
@ -130,67 +130,14 @@ def serviceImage(request: 'ExtendedHttpRequest', idImage: str) -> HttpResponse:

@webLoginRequired(admin=False)
@never_cache
-def userServiceEnabler(
-    request: 'ExtendedHttpRequestWithUser', idService: str, idTransport: str
-) -> HttpResponse:
-    # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..)
-    logger.debug('idService: %s, idTransport: %s', idService, idTransport)
-    url = ''
-    error = _('Service not ready. Please, try again in a while.')
-
-    # If meta service, process and rebuild idService & idTransport
-
-    try:
-        res = userServiceManager().getService(
-            request.user, request.os, request.ip, idService, idTransport, doTest=False
-        )
-        scrambler = cryptoManager().randomString(32)
-        password = cryptoManager().symCrypt(webPassword(request), scrambler)
-
-        userService, trans = res[1], res[3]
-
-        typeTrans = trans.getType()
-
-        error = ''  # No error
-
-        if typeTrans.ownLink:
-            url = reverse('TransportOwnLink', args=('A' + userService.uuid, trans.uuid))
-        else:
-            data = {
-                'service': 'A' + userService.uuid,
-                'transport': trans.uuid,
-                'user': request.user.uuid,
-                'password': password,
-            }
-
-            # Ensure "client access" is removed on enable action...
-            userService.setProperty('accessedByClient', '0')
-
-            ticket = TicketStore.create(data)
-            url = html.udsLink(request, ticket, scrambler)
-    except ServiceNotReadyError as e:
-        logger.debug('Service not ready')
-        # Not ready, show message and return to this page in a while
-        # error += ' (code {0:04X})'.format(e.code)
-        error = _(
-            'Your service is being created, please, wait for a few seconds while we complete it.)'
-        ) + '({}%)'.format(int(e.code * 25))
-    except MaxServicesReachedError:
-        logger.info('Number of service reached MAX for service pool "%s"', idService)
-        error = errors.errorString(errors.MAX_SERVICES_REACHED)
-    except ServiceAccessDeniedByCalendar:
-        logger.info('Access tried to a calendar limited access pool "%s"', idService)
-        error = errors.errorString(errors.SERVICE_CALENDAR_DENIED)
-    except Exception as e:
-        logger.exception('Error')
-        error = str(e)
-
+def userServiceEnabler(request: 'HttpRequest', idService: str, idTransport: str) -> HttpResponse:
    return HttpResponse(
-        json.dumps({'url': str(url), 'error': str(error)}),
-        content_type='application/json',
+        json.dumps(services.enableService(request, idService=idService, idTransport=idTransport)),
+        content_type='application/json'
    )
     

+
 def closer(request: 'ExtendedHttpRequest') -> HttpResponse:
    return HttpResponse('<html><body onload="window.close()"></body></html>')