1
0
mirror of https://github.com/dkmstr/openuds.git synced 2024-12-22 13:34:04 +03:00

Added loging capability from web to root user

This commit is contained in:
Adolfo Gómez 2014-01-22 09:06:03 +00:00
parent e639911b38
commit f5b4dd2ea6
3 changed files with 32 additions and 4 deletions

View File

@ -157,6 +157,7 @@ encoding//src/uds/migrations/0013_auto__add_field_group_is_meta__add_field_uniqu
encoding//src/uds/migrations/0014_auto__add_field_network_net_string.py=utf-8
encoding//src/uds/migrations/0016_auto__add_field_userservice_cluster_node.py=utf-8
encoding//src/uds/migrations/0017_change_tables.py=utf-8
encoding//src/uds/migrations/0018_security_config.py=utf-8
encoding//src/uds/models.py=utf-8
encoding//src/uds/osmanagers/LinuxOsManager/LinuxOsManager.py=utf-8
encoding//src/uds/osmanagers/LinuxOsManager/__init__.py=utf-8

View File

@ -39,6 +39,7 @@ from functools import wraps
from django.http import HttpResponseRedirect, HttpResponseForbidden
from django.utils.translation import get_language
from django.utils.translation import ugettext as _
from uds.core.util.Config import GlobalConfig
from uds.core.util import log
from uds.core import auths
@ -51,9 +52,18 @@ import logging
logger = logging.getLogger(__name__)
authLogger = logging.getLogger('authLog')
USER_KEY = 'uk'
PASS_KEY = 'pk'
ROOT_ID = -20091204 # Any negative number will do the trick
def getRootUser():
from uds.models import Authenticator
u = User(id=ROOT_ID, name=GlobalConfig.SUPER_USER_LOGIN.get(True), real_name=_('System Administrator'), state= State.ACTIVE, staff_member = True, is_admin = True )
u.manager = Authenticator()
u.getGroups = lambda: []
u.updateLastAccess = lambda: None
u.logout = lambda: None
return u
def getIp(request, translateProxy = True):
'''
@ -83,7 +93,10 @@ def webLoginRequired(view_func):
user = request.session.get(USER_KEY)
if user is not None:
try:
user = User.objects.get(pk=user)
if user == ROOT_ID:
user = getRootUser()
else:
user = User.objects.get(pk=user)
except User.DoesNotExist:
user = None
if user is None:
@ -147,6 +160,11 @@ def authenticate(username, password, authenticator, useInternalAuthenticate = Fa
@return: None if authentication fails, User object (database object) if authentication is o.k.
'''
logger.debug('Authenticating user {0} with authenticator {1}'.format(username, authenticator))
# If global root auth is enabled && user/password is correct,
if GlobalConfig.SUPER_USER_ALLOW_WEBACCESS.getBool(True) and username == GlobalConfig.SUPER_USER_LOGIN.get(True) and password == GlobalConfig.SUPER_USER_PASS.get(True):
return getRootUser()
gm = auths.GroupsManager(authenticator)
authInstance = authenticator.getInstance()
if useInternalAuthenticate is False:
@ -224,12 +242,17 @@ def webLogin(request, response, user, password):
@return: Always returns True
'''
from uds import REST
if user.id != ROOT_ID: # If not ROOT user (this user is not inside any authenticator)
manager_id = user.manager.id
else:
manager_id = -1
user.updateLastAccess()
request.session.clear()
request.session[USER_KEY] = user.id
request.session[PASS_KEY] = CryptoManager.manager().xor(password.encode('utf-8'), request.COOKIES['uds'])
# Ensures that this user will have access througt REST api if logged in through web interface
REST.Handler.storeSessionAuthdata(request.session, user.manager.small_name, user.name, get_language(), user.is_admin, user.staff_member)
REST.Handler.storeSessionAuthdata(request.session, manager_id, user.name, get_language(), user.is_admin, user.staff_member)
return True

View File

@ -100,7 +100,11 @@ class LogManager(object):
pass
# now, we add new log
Log.objects.create(owner_type = owner_type, owner_id = owner_id, created = getSqlDatetime(), source = source, level = level, data = message)
try:
Log.objects.create(owner_type = owner_type, owner_id = owner_id, created = getSqlDatetime(), source = source, level = level, data = message)
except:
# Some objects will not get logged, such as System administrator objects
pass
def __getLogs(self, owner_type, owner_id, limit):