18 |
18 |
import hashlib
|
19 |
19 |
import json
|
20 |
20 |
import re
|
21 |
|
import logging
|
22 |
21 |
from itertools import islice, chain
|
23 |
22 |
import warnings
|
24 |
23 |
|
... | ... | |
28 |
27 |
|
29 |
28 |
from django.conf import settings
|
30 |
29 |
from django.core.cache import cache
|
31 |
|
from django.core.exceptions import PermissionDenied, ObjectDoesNotExist
|
32 |
|
from django.core.serializers.json import DjangoJSONEncoder
|
33 |
|
from django.http import HttpRequest, HttpResponse, HttpResponseBadRequest
|
|
30 |
from django.core.exceptions import PermissionDenied
|
|
31 |
from django.http import HttpResponse, HttpResponseBadRequest
|
34 |
32 |
from django.template import Template, Context
|
35 |
33 |
from django.utils.decorators import available_attrs
|
36 |
34 |
from django.views.generic.detail import SingleObjectMixin
|
... | ... | |
44 |
42 |
from passerelle.base.models import ApiUser, AccessRight, BaseResource
|
45 |
43 |
from passerelle.base.signature import check_query, check_url
|
46 |
44 |
|
|
45 |
# legacy import, other modules keep importing to_json from passerelle.utils
|
47 |
46 |
from .jsonresponse import to_json
|
48 |
47 |
|
|
48 |
|
49 |
49 |
def get_template_vars():
|
50 |
50 |
"""
|
51 |
51 |
returns the template vars as dict, to be used in apps code
|
... | ... | |
53 |
53 |
from django.http import HttpRequest
|
54 |
54 |
return template_vars(HttpRequest())
|
55 |
55 |
|
|
56 |
|
56 |
57 |
def render_template_vars(value):
|
57 |
58 |
"""
|
58 |
59 |
renders the template vars in a string
|
... | ... | |
90 |
91 |
users.append(signature_user)
|
91 |
92 |
|
92 |
93 |
elif 'apikey' in request.GET:
|
93 |
|
users.extend(ApiUser.objects.filter(keytype='API',
|
94 |
|
key=request.GET['apikey']))
|
|
94 |
users.extend(ApiUser.objects.filter(keytype='API', key=request.GET['apikey']))
|
95 |
95 |
|
96 |
|
elif request.META.has_key('HTTP_AUTHORIZATION'):
|
97 |
|
(scheme, param) = request.META['HTTP_AUTHORIZATION'].split(' ',1)
|
|
96 |
elif 'HTTP_AUTHORIZATION' in request.META:
|
|
97 |
(scheme, param) = request.META['HTTP_AUTHORIZATION'].split(' ', 1)
|
98 |
98 |
if scheme.lower() == 'basic':
|
99 |
|
username, password = param.strip().decode('base64').split(':',1)
|
100 |
|
users.extend(ApiUser.objects.filter(keytype='SIGN',
|
101 |
|
username=username, key=password))
|
|
99 |
username, password = param.strip().decode('base64').split(':', 1)
|
|
100 |
users.extend(ApiUser.objects.filter(keytype='SIGN', username=username, key=password))
|
102 |
101 |
|
103 |
102 |
def ip_match(ip, match):
|
104 |
103 |
if not ip:
|
... | ... | |
110 |
109 |
users = [x for x in users if ip_match(x.ipsource, request.META.get('REMOTE_ADDR'))]
|
111 |
110 |
return users
|
112 |
111 |
|
|
112 |
|
113 |
113 |
def get_trusted_services():
|
114 |
114 |
'''
|
115 |
115 |
All services in settings.KNOWN_SERVICES are "trusted"
|
... | ... | |
144 |
144 |
if is_trusted(request):
|
145 |
145 |
return True
|
146 |
146 |
resource_type = ContentType.objects.get_for_model(obj)
|
147 |
|
rights = AccessRight.objects.filter(resource_type=resource_type,
|
148 |
|
resource_pk=obj.id, codename=perm)
|
|
147 |
rights = AccessRight.objects.filter(resource_type=resource_type, resource_pk=obj.id, codename=perm)
|
149 |
148 |
users = [x.apiuser for x in rights]
|
150 |
149 |
return set(users).intersection(get_request_users(request))
|
151 |
150 |
|
... | ... | |
192 |
191 |
def request(self, method, url, **kwargs):
|
193 |
192 |
cache_duration = kwargs.pop('cache_duration', None)
|
194 |
193 |
invalidate_cache = kwargs.pop('invalidate_cache', False)
|
195 |
|
params = kwargs.get('params', '')
|
196 |
194 |
|
197 |
195 |
if self.resource:
|
198 |
196 |
if 'auth' not in kwargs:
|
199 |
|
-
|