X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Faccountview.py;h=f0e7a4a63ad93a3d8b2dc26daa9516bebf4844d2;hb=5c3c3f2147e6adc9178fe82c80596772ce6f7240;hp=5f7a3960fe9162a152e7c675594cc77fa50f65b7;hpb=6a8cd8d5f11411cdb4bf2510c9be5fd60d72cb50;p=myslice.git diff --git a/portal/accountview.py b/portal/accountview.py index 5f7a3960..f0e7a4a6 100644 --- a/portal/accountview.py +++ b/portal/accountview.py @@ -1,14 +1,16 @@ -from portal.templateviews import LoginRequiredAutoLogoutView +from unfold.loginrequired import LoginRequiredAutoLogoutView # -from manifold.core.query import Query -from manifold.manifoldapi import execute_query -from portal.actions import manifold_update_user +from manifold.core.query import Query +from manifold.manifoldapi import execute_query +from portal.actions import manifold_update_user, manifold_update_account # -from myslice.viewutils import topmenu_items, the_user +from ui.topmenu import topmenu_items, the_user # -from django.http import HttpResponse -from django.contrib.auth.decorators import login_required -import json +from django.http import HttpResponse, HttpResponseRedirect +from django.contrib import messages +from django.contrib.auth.decorators import login_required +# +import json, os, re # requires login class AccountView(LoginRequiredAutoLogoutView): @@ -58,12 +60,15 @@ class AccountView(LoginRequiredAutoLogoutView): account_type_list.append(account_type) usr_hrn_list.append(account_usr_hrn) pub_key_list.append(account_pub_key) + + # to hide private key row if it doesn't exist + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + account_priv_key = account_config.get('user_private_key','N/A') # combining 4 lists into 1 [to render in the template] lst = [{'platform_name': t[0], 'account_type': t[1], 'usr_hrn':t[2], 'usr_pubkey':t[3]} for t in zip(platform_name_list, account_type_list, usr_hrn_list, pub_key_list)] - #print "test" - #print lst context = super(AccountView, self).get_context_data(**kwargs) context['data'] = lst @@ -72,7 +77,7 @@ class AccountView(LoginRequiredAutoLogoutView): context ['lastname'] = config.get('lastname',"?") context ['fullname'] = context['firstname'] +' '+ context['lastname'] context ['authority'] = config.get('authority',"Unknown Authority") - #context['users'] = userlist.render(self.request) + context['user_private_key'] = account_priv_key # XXX This is repeated in all pages # more general variables expected in the template @@ -91,6 +96,16 @@ class AccountView(LoginRequiredAutoLogoutView): def account_process(request): user_query = Query().get('local:user').select('password','config') user_details = execute_query(request, user_query) + + account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config') + account_details = execute_query(request, account_query) + + platform_query = Query().get('local:platform').select('platform_id','platform') + platform_details = execute_query(request, platform_query) + + # for account_detail in account_details: + # if account_detail['platform_id'] == 5: + # account_config = json.loads(account_detail['config']) if 'submit_name' in request.POST: edited_first_name = request.POST['fname'] @@ -113,7 +128,11 @@ def account_process(request): #user_params = { 'config': updated_config} manifold_update_user(request,user_params) # this will be depricated, we will show the success msg in same page - return HttpResponse('Sucess: First Name and Last Name Updated!') +# return HttpResponse('Sucess: First Name and Last Name Updated!') + # Redirect to same page with success message + messages.success(request, 'Sucess: First Name and Last Name Updated.') + return HttpResponseRedirect("/portal/account/") + elif 'submit_pass' in request.POST: edited_password = request.POST['password'] @@ -122,43 +141,142 @@ def account_process(request): #updating password in local:user user_params = { 'password': user_pass['password']} manifold_update_user(request,user_params) +# return HttpResponse('Success: Password Changed!!') + messages.success(request, 'Sucess: Password Updated.') + return HttpResponseRedirect("/portal/account/") + +# XXX TODO: Factorize with portal/registrationview.py - return HttpResponse('Success: Password Changed!!') elif 'generate' in request.POST: - # Generate public and private keys using SFA Library - from sfa.trust.certificate import Keypair - k = Keypair(create=True) - public_key = k.get_pubkey_string() - private_key = k.as_pem() - private_key = ''.join(private_key.split()) - public_key = "ssh-rsa " + public_key - # Saving to DB - keypair = '{"user_public_key":"'+ public_key + '", "user_private_key":"'+ private_key + '"}' -# keypair = re.sub("\r", "", keypair) -# keypair = re.sub("\n", "\\n", keypair) -# #keypair = keypair.rstrip('\r\n') -# keypair = ''.join(keypair.split()) - get_user.keypair = keypair - get_user.save() - return HttpResponse('Success: New Keypair Generated! %s' % keypair) + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + from Crypto.PublicKey import RSA + private = RSA.generate(1024) + private_key = json.dumps(private.exportKey()) + public = private.publickey() + public_key = json.dumps(public.exportKey(format='OpenSSH')) + # Generate public and private keys using SFA Library +# from sfa.trust.certificate import Keypair +# k = Keypair(create=True) +# public_key = k.get_pubkey_string() +# private_key = k.as_pem() +# private_key = ''.join(private_key.split()) +# public_key = "ssh-rsa " + public_key + # now we overwrite the config field with keypair + # once there will be user_hrn, we need to keep user_hrn and change only the keypair + # see submit_name section for implementing this +# keypair = re.sub("\r", "", keypair) +# keypair = re.sub("\n", "\\n", keypair) +# #keypair = keypair.rstrip('\r\n') +# keypair = ''.join(keypair.split()) + # updating maniolf local:account table + account_config = json.loads(account_detail['config']) + # preserving user_hrn + user_hrn = account_config.get('user_hrn','N/A') + keypair = '{"user_public_key":'+ public_key + ', "user_private_key":'+ private_key + ', "user_hrn":"'+ user_hrn + '"}' + updated_config = json.dumps(account_config) + user_params = { 'config': keypair, 'auth_type':'managed'} + manifold_update_account(request,user_params) + messages.success(request, 'Sucess: New Keypair Generated!') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + elif 'upload_key' in request.POST: - up_file = request.FILES['pubkey'] - file_content = up_file.read() - file_name = up_file.name - file_extension = os.path.splitext(file_name)[1] - allowed_extension = ['.pub','.txt'] - if file_extension in allowed_extension and re.search(r'ssh-rsa',file_content): - file_content = '{"user_public_key":"'+ file_content +'"}' - file_content = re.sub("\r", "", file_content) - file_content = re.sub("\n", "\\n",file_content) - file_content = ''.join(file_content.split()) - get_user.keypair = file_content - get_user.save() - return HttpResponse('Success: Publickey uploaded! Old records overwritten') + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + up_file = request.FILES['pubkey'] + file_content = up_file.read() + file_name = up_file.name + file_extension = os.path.splitext(file_name)[1] + allowed_extension = ['.pub','.txt'] + if file_extension in allowed_extension and re.search(r'ssh-rsa',file_content): + account_config = json.loads(account_detail['config']) + # preserving user_hrn + user_hrn = account_config.get('user_hrn','N/A') + file_content = '{"user_public_key":"'+ file_content + '", "user_hrn":"'+ user_hrn +'"}' + #file_content = re.sub("\r", "", file_content) + #file_content = re.sub("\n", "\\n",file_content) + file_content = ''.join(file_content.split()) + #update manifold local:account table + user_params = { 'config': file_content, 'auth_type':'user'} + manifold_update_account(request,user_params) + messages.success(request, 'Publickey uploaded! Please delegate your credentials using SFA: http://trac.myslice.info/wiki/DelegatingCredentials') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'RSA key error: Please upload a valid RSA public key [.txt or .pub].') + return HttpResponseRedirect("/portal/account/") else: - return HttpResponse('Please upload a valid RSA public key [.txt or .pub].') - + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + elif 'dl_pubkey' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + public_key = account_config['user_public_key'] + response = HttpResponse(public_key, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="pubkey.txt"' + return response + break + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + elif 'dl_pkey' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + if 'user_private_key' in account_config: + private_key = account_config['user_private_key'] + response = HttpResponse(private_key, content_type='text/plain') + response['Content-Disposition'] = 'attachment; filename="privkey.txt"' + return response + else: + messages.error(request, 'Download error: Private key is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + elif 'delete' in request.POST: + for account_detail in account_details: + for platform_detail in platform_details: + if platform_detail['platform_id'] == account_detail['platform_id']: + if 'myslice' in platform_detail['platform']: + account_config = json.loads(account_detail['config']) + if 'user_private_key' in account_config: + for key in account_config.keys(): + if key== 'user_private_key': + del account_config[key] + + updated_config = json.dumps(account_config) + user_params = { 'config': updated_config, 'auth_type':'user'} + manifold_update_account(request,user_params) + messages.success(request, 'Private Key deleted. You need to delegate credentials manually once it expires.') + return HttpResponseRedirect("/portal/account/") + else: + messages.error(request, 'Delete error: Private key is not stored in the server') + return HttpResponseRedirect("/portal/account/") + + else: + messages.error(request, 'Account error: You need an account in myslice platform to perform this action') + return HttpResponseRedirect("/portal/account/") + + else: - message = 'You submitted an empty form.' - return HttpResponse(message) + messages.info(request, 'Under Construction. Please try again later!') + return HttpResponseRedirect("/portal/account/") + +