X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Faccountview.py;h=25eb15a2d7dac6b806082bb11e1b8e4334a9fc74;hb=dfdc8ce3be8c9381e91169dba7ee87444280b0c5;hp=9a3f6d463bb6ff6ff46d67e9259fd3d1ebd41f5a;hpb=18e2193c02477ab0b948f0748848e8bf190b6e7e;p=myslice.git diff --git a/portal/accountview.py b/portal/accountview.py index 9a3f6d46..25eb15a2 100644 --- a/portal/accountview.py +++ b/portal/accountview.py @@ -1,10 +1,10 @@ -from views.loginrequired import LoginRequiredAutoLogoutView +from unfold.loginrequired import LoginRequiredAutoLogoutView # from manifold.core.query import Query from manifold.manifoldapi import execute_query from portal.actions import manifold_update_user, manifold_update_account # -from myslice.viewutils import topmenu_items, the_user +from ui.topmenu import topmenu_items, the_user # from django.http import HttpResponse, HttpResponseRedirect from django.contrib import messages @@ -42,39 +42,67 @@ class AccountView(LoginRequiredAutoLogoutView): account_type = '' account_usr_hrn = '' account_pub_key = '' + account_reference = '' platform_name_list = [] + platform_name_secondary_list = [] account_type_list = [] + account_type_secondary_list = [] + account_reference_list = [] + delegation_type_list = [] usr_hrn_list = [] pub_key_list = [] for account_detail in account_details: for platform_detail in platform_details: if platform_detail['platform_id'] == account_detail['platform_id']: platform_name = platform_detail['platform'] - account_type = account_detail['auth_type'] account_config = json.loads(account_detail['config']) # a bit more pythonic account_usr_hrn = account_config.get('user_hrn','N/A') account_pub_key = account_config.get('user_public_key','N/A') + account_reference = account_config.get ('reference_platform','N/A') + + if 'reference' in account_detail['auth_type']: + account_type = 'Reference' + delegation = 'N/A' + platform_name_secondary_list.append(platform_name) + account_type_secondary_list.append(account_type) + account_reference_list.append(account_reference) + secondary_list = [{'platform_name': t[0], 'account_type': t[1], 'account_reference': t[2]} + for t in zip(platform_name_secondary_list, account_type_secondary_list, account_reference_list)] + + elif 'managed' in account_detail['auth_type']: + account_type = 'Principal' + delegation = 'Automatic' + else: + account_type = 'Principal' + delegation = 'Manual' + + if 'reference' not in account_detail['auth_type']: + platform_name_list.append(platform_name) + account_type_list.append(account_type) + delegation_type_list.append(delegation) + usr_hrn_list.append(account_usr_hrn) + pub_key_list.append(account_pub_key) + # combining 5 lists into 1 [to render in the template] + lst = [{'platform_name': t[0], 'account_type': t[1], 'delegation_type': t[2], 'usr_hrn':t[3], 'usr_pubkey':t[4]} + for t in zip(platform_name_list, account_type_list, delegation_type_list, usr_hrn_list, pub_key_list)] + # to hide private key row if it doesn't exist + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + account_priv_key = account_config.get('user_private_key','N/A') + - platform_name_list.append(platform_name) - account_type_list.append(account_type) - usr_hrn_list.append(account_usr_hrn) - pub_key_list.append(account_pub_key) - - # combining 4 lists into 1 [to render in the template] - lst = [{'platform_name': t[0], 'account_type': t[1], 'usr_hrn':t[2], 'usr_pubkey':t[3]} - for t in zip(platform_name_list, account_type_list, usr_hrn_list, pub_key_list)] - #print "test" - #print lst + context = super(AccountView, self).get_context_data(**kwargs) context['data'] = lst + context ['ref_acc'] = secondary_list context['person'] = self.request.user context ['firstname'] = config.get('firstname',"?") context ['lastname'] = config.get('lastname',"?") context ['fullname'] = context['firstname'] +' '+ context['lastname'] context ['authority'] = config.get('authority',"Unknown Authority") - #context['users'] = userlist.render(self.request) + context['user_private_key'] = account_priv_key # XXX This is repeated in all pages # more general variables expected in the template @@ -93,6 +121,16 @@ class AccountView(LoginRequiredAutoLogoutView): def account_process(request): user_query = Query().get('local:user').select('password','config') user_details = execute_query(request, user_query) + + account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') + account_details = execute_query(request, account_query) + + platform_query = Query().get('local:platform').select('platform_id','platform') + platform_details = execute_query(request, platform_query) + + # for account_detail in account_details: + # if account_detail['platform_id'] == 5: + # account_config = json.loads(account_detail['config']) if 'submit_name' in request.POST: edited_first_name = request.POST['fname'] @@ -119,6 +157,7 @@ def account_process(request): # Redirect to same page with success message messages.success(request, 'Sucess: First Name and Last Name Updated.') return HttpResponseRedirect("/portal/account/") + elif 'submit_pass' in request.POST: edited_password = request.POST['password'] @@ -131,48 +170,135 @@ def account_process(request): messages.success(request, 'Sucess: Password Updated.') return HttpResponseRedirect("/portal/account/") +# XXX TODO: Factorize with portal/registrationview.py + elif 'generate' in request.POST: - # Generate public and private keys using SFA Library - from sfa.trust.certificate import Keypair - k = Keypair(create=True) - public_key = k.get_pubkey_string() - private_key = k.as_pem() - private_key = ''.join(private_key.split()) - public_key = "ssh-rsa " + public_key - # Saving to DB - keypair = '{"user_public_key":"'+ public_key + '", "user_private_key":"'+ private_key + '"}' -# keypair = re.sub("\r", "", keypair) -# keypair = re.sub("\n", "\\n", keypair) -# #keypair = keypair.rstrip('\r\n') -# keypair = ''.join(keypair.split()) - user_params = { 'config': keypair, 'auth_type':'managed'} - manifold_update_account(request,user_params) -# return HttpResponse('Success: New Keypair Generated!') - messages.success(request, 'Sucess: New Keypair Generated!') - return HttpResponseRedirect("/portal/account/") + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + from Crypto.PublicKey import RSA + private = RSA.generate(1024) + private_key = json.dumps(private.exportKey()) + public = private.publickey() + public_key = json.dumps(public.exportKey(format='OpenSSH')) + # Generate public and private keys using SFA Library +# from sfa.trust.certificate import Keypair +# k = Keypair(create=True) +# public_key = k.get_pubkey_string() +# private_key = k.as_pem() +# private_key = ''.join(private_key.split()) +# public_key = "ssh-rsa " + public_key + # now we overwrite the config field with keypair + # once there will be user_hrn, we need to keep user_hrn and change only the keypair + # see submit_name section for implementing this +# keypair = re.sub("\r", "", keypair) +# keypair = re.sub("\n", "\\n", keypair) +# #keypair = keypair.rstrip('\r\n') +# keypair = ''.join(keypair.split()) + # updating maniolf local:account table + account_config = json.loads(account_detail['config']) + # preserving user_hrn + user_hrn = account_config.get('user_hrn','N/A') + keypair = '{"user_public_key":'+ public_key + ', "user_private_key":'+ private_key + ', "user_hrn":"'+ user_hrn + '"}' + updated_config = json.dumps(account_config) + user_params = { 'config': keypair, 'auth_type':'managed'} + manifold_update_account(request,user_params) + messages.success(request, 'Sucess: New Keypair Generated!') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + elif 'upload_key' in request.POST: - up_file = request.FILES['pubkey'] - file_content = up_file.read() - file_name = up_file.name - file_extension = os.path.splitext(file_name)[1] - allowed_extension = ['.pub','.txt'] - if file_extension in allowed_extension and re.search(r'ssh-rsa',file_content): - file_content = '{"user_public_key":"'+ file_content +'"}' - #file_content = re.sub("\r", "", file_content) - #file_content = re.sub("\n", "\\n",file_content) - file_content = ''.join(file_content.split()) - # update manifold account table - user_params = { 'config': file_content, 'auth_type':'user'} - manifold_update_account(request,user_params) -# return HttpResponse('Success: Publickey uploaded! Please delegate your credentials using SFA: http://trac.myslice.info/wiki/DelegatingCredentials') - messages.success(request, 'Publickey uploaded! Please delegate your credentials using SFA: http://trac.myslice.info/wiki/DelegatingCredentials') + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + up_file = request.FILES['pubkey'] + file_content = up_file.read() + file_name = up_file.name + file_extension = os.path.splitext(file_name)[1] + allowed_extension = ['.pub','.txt'] + if file_extension in allowed_extension and re.search(r'ssh-rsa',file_content): + account_config = json.loads(account_detail['config']) + # preserving user_hrn + user_hrn = account_config.get('user_hrn','N/A') + file_content = '{"user_public_key":"'+ file_content + '", "user_hrn":"'+ user_hrn +'"}' + #file_content = re.sub("\r", "", file_content) + #file_content = re.sub("\n", "\\n",file_content) + file_content = ''.join(file_content.split()) + #update manifold local:account table + user_params = { 'config': file_content, 'auth_type':'user'} + manifold_update_account(request,user_params) + messages.success(request, 'Publickey uploaded! Please delegate your credentials using SFA: http://trac.myslice.info/wiki/DelegatingCredentials') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'RSA key error: Please upload a valid RSA public key [.txt or .pub].') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + elif 'dl_pubkey' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + public_key = account_config['user_public_key'] + response = HttpResponse(public_key, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="pubkey.txt"' + return response + break + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') return HttpResponseRedirect("/portal/account/") + + elif 'dl_pkey' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + if 'user_private_key' in account_config: + private_key = account_config['user_private_key'] + response = HttpResponse(private_key, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="privkey.txt"' + return response + else: + messages.error(request, 'Download error: Private key is not stored in the server') + return HttpResponseRedirect("/portal/account/") else: -# return HttpResponse('Please upload a valid RSA public key [.txt or .pub].') - messages.error(request, 'RSA key error: Please upload a valid RSA public key [.txt or .pub].') + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + elif 'delete' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + if 'user_private_key' in account_config: + for key in account_config.keys(): + if key== 'user_private_key': + del account_config[key] + + updated_config = json.dumps(account_config) + user_params = { 'config': updated_config, 'auth_type':'user'} + manifold_update_account(request,user_params) + messages.success(request, 'Private Key deleted. You need to delegate credentials manually once it expires.') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'Delete error: Private key is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') return HttpResponseRedirect("/portal/account/") + else: messages.info(request, 'Under Construction. Please try again later!')