1
|
import os
|
2
|
|
3
|
import lasso
|
4
|
|
5
|
from quixote import get_session, get_session_manager, get_publisher, get_request, get_response
|
6
|
from quixote.directory import Directory, AccessControlled
|
7
|
|
8
|
from qommon.admin.menu import html_top
|
9
|
from qommon.admin import logger
|
10
|
|
11
|
from larpe import errors
|
12
|
from larpe import misc
|
13
|
|
14
|
import hosts
|
15
|
import users
|
16
|
import settings
|
17
|
|
18
|
def gpl [html] ():
|
19
|
"""<p>This program is free software; you can redistribute it and/or modify it
|
20
|
under the terms of the GNU General Public License as published by the Free
|
21
|
Software Foundation; either version 2 of the License, or (at your option)
|
22
|
any later version.</p>
|
23
|
|
24
|
<p>This program is distributed in the hope that it will be useful, but
|
25
|
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
26
|
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
27
|
for more details.</p>
|
28
|
|
29
|
<p>You should have received a copy of the GNU General Public License along with
|
30
|
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
|
31
|
Place - Suite 330, Boston, MA 02111-1307, USA.</p>
|
32
|
"""
|
33
|
|
34
|
|
35
|
class RootDirectory(AccessControlled, Directory):
|
36
|
_q_exports = ['', 'hosts', 'users', 'settings', 'logger']
|
37
|
|
38
|
hosts = hosts.HostsDirectory()
|
39
|
users = users.UsersDirectory()
|
40
|
settings = settings.SettingsDirectory()
|
41
|
logger = logger.LoggerDirectory()
|
42
|
|
43
|
menu_items = [
|
44
|
('hosts/', N_('Hosts')),
|
45
|
('users/', N_('Users')),
|
46
|
('settings/', N_('Settings')),
|
47
|
('logger/', N_('Logs')),
|
48
|
('/', N_('Liberty Alliance Reverse Proxy'))]
|
49
|
|
50
|
def _q_access(self):
|
51
|
# FIXME : this block should be moved somewhere else
|
52
|
get_publisher().reload_cfg()
|
53
|
if not get_publisher().cfg.has_key('proxy_hostname'):
|
54
|
get_publisher().cfg['proxy_hostname'] = get_request().get_server().split(':')[0]
|
55
|
get_publisher().write_cfg()
|
56
|
|
57
|
response = get_response()
|
58
|
if not hasattr(response, 'breadcrumb'):
|
59
|
response.breadcrumb = [ ('../admin/', _('Administration')) ]
|
60
|
|
61
|
# Cheater
|
62
|
if os.path.exists(os.path.join(get_publisher().app_dir, 'ADMIN_FOR_ALL')):
|
63
|
return
|
64
|
|
65
|
# No admin user created yet, free access
|
66
|
user_list = users.User.select(lambda x: x.is_admin)
|
67
|
if not user_list:
|
68
|
return
|
69
|
|
70
|
host_list = hosts.Host.select(lambda x: x.name == 'larpe')
|
71
|
if host_list:
|
72
|
host = host_list[0]
|
73
|
else:
|
74
|
raise errors.AccessForbiddenError()
|
75
|
|
76
|
if misc.get_current_protocol() == lasso.PROTOCOL_SAML_2_0:
|
77
|
user = get_session().get_user(host.saml2_provider_id)
|
78
|
else:
|
79
|
user = get_session().get_user(host.provider_id)
|
80
|
if user:
|
81
|
if not user.name or not user.is_admin:
|
82
|
raise errors.AccessForbiddenError()
|
83
|
else:
|
84
|
raise errors.AccessUnauthorizedError()
|
85
|
|
86
|
|
87
|
def _q_index [html] (self):
|
88
|
html_top('')
|
89
|
gpl()
|
90
|
|