smile/cbmi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixes IndexError on save with removed member forwarding email (#11)

Browse source 
* Fixed IndexError if a non existent field gets queried for a value. Using dict.get to either get a value or provide a reasonable default
* Removed list construction around new_key value
* Clean up source code with 80x25 terminal and vim (complies with PEP-8)
* Added some docstrings
This commit is contained in:
Matthias 2020-12-05 23:23:19 +01:00 committed by GitHub
parent 4f093c0899
commit 09af25761c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 409 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

198
account/views.py
View file

@ -1,29 +1,30 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os
import hashlib
import smbpasswd
import requests
import collections
import hashlib
import os
import requests
from django.conf import settings
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import render_to_response
from django.template.context import RequestContext
from django.contrib.auth import login, logout, authenticate
from django.contrib.auth.models import User
from django.shortcuts import get_object_or_404
from django.contrib.auth import login, logout
from django.contrib.auth.decorators import login_required
from django.contrib.auth.models import Group
from django.contrib.auth.models import User
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import get_object_or_404
from django.shortcuts import render
from django.shortcuts import render_to_response
from django.utils.translation import ugettext as _
from account.forms import GastroPinForm, WlanPresenceForm, LoginForm, PasswordForm, \
RFIDForm, NRF24Form, SIPPinForm, CLabPinForm, AdminForm, PreferredEmailForm
import smbpasswd
from account.cbase_members import retrieve_member, MemberValues
from account.forms import GastroPinForm, WlanPresenceForm, LoginForm, \
PasswordForm, RFIDForm, NRF24Form, SIPPinForm, CLabPinForm, AdminForm, \
PreferredEmailForm
from account.password_encryption import *
def landingpage(request):
if request.user.is_authenticated:
return HttpResponseRedirect('/account')
@ -31,7 +32,7 @@ def landingpage(request):
try:
# just in case the group hasn't yet been synced
admins = Group.objects.get(name="ldap_admins").user_set.all()
except:
except Exception:
# else provide an emtpy list
admins = []
@ -42,7 +43,7 @@ def landingpage(request):
try:
user = User.objects.get(username=check_nickname)
check_nickname = True
except:
except Exception:
check_nickname = False
# output as text if requested
@ -51,6 +52,7 @@ def landingpage(request):
return render(request, 'base.html', locals())
def auth_login(request):
redirect_to = request.GET.get('next', '') or '/'
if request.method == 'POST':
@ -76,6 +78,7 @@ def auth_login(request):
form = LoginForm()
return render(request, 'login.html', {'form': form})
@login_required
def home(request):
member = retrieve_member(request)
@ -85,17 +88,23 @@ def home(request):
url = "https://vorstand.c-base.org/cteward-api/legacy/member/%s" % username
cteward = None
try:
r = requests.get(url, verify=False, auth=(username, password))
r = requests.get(
url,
verify=False,
auth=(username, password)
)
cteward = r.json()
except Exception:
pass
context = {'member': member.to_dict(),
context = {
'member': member.to_dict(),
'groups': list(request.user.groups.all().order_by('name')),
'number_of_members': number_of_members,
'cteward': cteward,
}
return render(request, 'home.html', context)
@login_required
def auth_logout(request):
request.session.pop(ENCRYPTED_LDAP_PASSWORD)
@ -105,7 +114,8 @@ def auth_logout(request):
response.delete_cookie('sessionkey')
return response
@login_required(redirect_field_name="/" ,login_url="/account/login/")
@login_required(redirect_field_name="/", login_url="/account/login/")
def groups_list(request, group_name):
group = get_object_or_404(Group, name=group_name)
groups = Group.objects.all()
@ -115,13 +125,19 @@ def groups_list(request, group_name):
is_admin = True
return render_to_response("group_list.html", locals())
@login_required
def sippin(request):
return set_ldap_field(request, SIPPinForm, [('sippin', 'sippin')],
'sippin.html')
return set_ldap_field(
request,
SIPPinForm,
[('sippin', 'sippin')],
'sippin.html'
)
def set_hash_field(request, form_type, in_field, out_field, hash_func,
template_name):
template_name):
"""
Abstract view for changing LDAP attributes that need to be hashed.
Takes a function that converts the value into the hashed_value.
@ -136,16 +152,35 @@ def set_hash_field(request, form_type, in_field, out_field, hash_func,
member.set(out_field, hashed_value)
member.save()
new_form = form_type(initial=initial)
return render(request, template_name,
{'message': _('Your changes have been saved. Thank you!'),
'form': new_form, 'member': member.to_dict()})
return render(
request,
template_name,
{
'message': _('Your changes have been saved. Thank you!'),
'form': new_form,
'member': member.to_dict()
}
)
else:
return render(request, template_name,
{'form': form, 'member': member.to_dict()})
return render(
request,
template_name,
{
'form': form,
'member': member.to_dict()
}
)
else:
form = form_type(initial=initial)
return render(request, template_name,
{'form': form, 'member': member.to_dict()})
return render(
request,
template_name,
{
'form': form,
'member': member.to_dict()
}
)
@login_required
def gastropin(request):
@ -154,22 +189,31 @@ def gastropin(request):
bla = '%s%s' % (key, pin)
return hashlib.sha256(bla.encode()).hexdigest()
return set_hash_field(request, GastroPinForm,
'gastropin1', 'gastroPIN', calculate_gastro_hash, 'gastropin.html')
return set_hash_field(
request,
GastroPinForm,
'gastropin1',
'gastroPIN',
calculate_gastro_hash,
'gastropin.html'
)
@login_required
def clabpin(request):
# if len(request.user.groups.filter(name__in=['cey-c-lab', 'cey-schleuse', 'cey-soundlab'])) < 1:
# return render(request, 'access_denied.html')
# names = ['cey-c-lab', 'cey-schleuse', 'cey-soundlab']
# if len(request.user.groups.filter(name__in=names)) < 1:
# return render(request, 'access_denied.html')
def calculate_clab_hash(pin):
salt = os.urandom(12)
digest = hashlib.sha1(bytearray(pin, 'UTF-8')+salt).digest()
digest = hashlib.sha1(bytearray(pin, 'UTF-8') + salt).digest()
pin_hash = '{SSHA}%s' % base64.b64encode(digest + salt).decode()
return pin_hash
return set_hash_field(request, CLabPinForm, 'c_lab_pin1', 'c-labPIN',
calculate_clab_hash, 'clabpin.html')
calculate_clab_hash, 'clabpin.html')
@login_required
def password(request):
@ -196,17 +240,19 @@ def password(request):
request.session.save()
new_form = PasswordForm()
response = render(request, 'password.html',
{'message': _('Your password was changed. Thank you!'),
'form': new_form, 'member': member.to_dict()})
{'message': _(
'Your password was changed. Thank you!'),
'form': new_form, 'member': member.to_dict()})
response.set_cookie('sessionkey', key)
return response
else:
return render(request, 'password.html',
{'form': form, 'member': member.to_dict()})
{'form': form, 'member': member.to_dict()})
else:
form = PasswordForm()
return render(request, 'password.html',
{'form': form, 'member': member.to_dict()})
{'form': form, 'member': member.to_dict()})
def set_ldap_field(request, form_type, field_names, template_name):
"""
@ -230,36 +276,44 @@ def set_ldap_field(request, form_type, field_names, template_name):
member.save()
new_form = form_type(initial=initial)
return render(request, template_name,
{'message': _('Your changes have been saved. Thank you!'),
'form': new_form, 'member': member.to_dict()})
{'message': _(
'Your changes have been saved. Thank you!'),
'form': new_form, 'member': member.to_dict()})
else:
return render(request, template_name,
{'form': form, 'member': member.to_dict()})
{'form': form, 'member': member.to_dict()})
else:
for form_field, ldap_field in field_names:
initial[form_field] = member.get(ldap_field)
form = form_type(initial=initial)
return render(request, template_name,
{'form': form, 'member': member.to_dict()})
{'form': form, 'member': member.to_dict()})
@login_required
def wlan_presence(request):
return set_ldap_field(request, WlanPresenceForm,
[('presence', 'wlanPresence')], 'wlan_presence.html')
[('presence', 'wlanPresence')], 'wlan_presence.html')
@login_required
def rfid(request):
return set_ldap_field(request, RFIDForm, [('rfid', 'rfid')], 'rfid.html')
@login_required
def nrf24(request):
return set_ldap_field(request, NRF24Form, [('nrf24', 'nrf24')], 'nrf24.html')
return set_ldap_field(request, NRF24Form, [('nrf24', 'nrf24')],
'nrf24.html')
@login_required
def preferred_email(request):
return set_ldap_field(request, PreferredEmailForm, [('preferred_email', 'preferredEmail')],
return set_ldap_field(request, PreferredEmailForm,
[('preferred_email', 'preferredEmail')],
'preferred_email.html')
@login_required
def admin(request):
admin_member = retrieve_member(request)
@ -271,7 +325,8 @@ def admin(request):
if form.is_valid():
new_password = form.cleaned_data['password1']
admin_member.admin_change_password(form.cleaned_data['username'], new_password)
admin_member.admin_change_password(form.cleaned_data['username'],
new_password)
member = MemberValues(form.cleaned_data['username'], new_password)
member.set('sambaLMPassword', smbpasswd.lmhash(new_password))
@ -280,42 +335,61 @@ def admin(request):
new_form = AdminForm(request=request, users=users)
return render(request, 'admin.html',
{'message': _('The password for %s was changed. Thank you!' % form.cleaned_data['username']),
'form': new_form})
{'message': _(
'The password for %s was changed. Thank you!' %
form.cleaned_data['username']),
'form': new_form})
else:
return render(request, 'admin.html',
{'form': form})
{'form': form})
else:
form = AdminForm(request=request, users=users)
return render(request, 'admin.html',
{'form': form})
{'form': form})
# username = cleaned_data.get('username')
# admin_username = self._request.user.username
# admin_password = self._request.session['ldap_password']
#username = cleaned_data.get('username')
#admin_username = self._request.user.username
#admin_password = self._request.session['ldap_password']
def hammertime(request):
return render(request, 'hammertime.html', {})
@login_required
def memberstatus(request):
#url = baseurl + route_operation_mapping['SessionCreate']['Route']
#data = json.dumps({'UserLogin': username, 'Password': password})
# url = baseurl + route_operation_mapping['SessionCreate']['Route']
# data = json.dumps({'UserLogin': username, 'Password': password})
password = get_ldap_password(request)
username = request.user.username
url = "https://vorstand.c-base.org/cteward-api/legacy/member/%s/contributions" % username
r = requests.get(url, verify=False, auth=(username, password))
url = "https://vorstand.c-base.org" \
"/cteward-api/legacy/member/%s/contributions" % username
r = requests.get(
url,
verify=False,
auth=(username, password)
)
contributions = r.json()
try:
years = collections.OrderedDict(sorted(contributions['years'].items(), reverse=True))
years = collections.OrderedDict(
sorted(contributions['years'].items(), reverse=True))
contributions['years'] = years.items()
except: pass
except:
pass
url = "https://vorstand.c-base.org/cteward-api/legacy/member/%s" % username
r = requests.get(url, verify=False, auth=(username, password))
r = requests.get(
url,
verify=False,
auth=(username, password)
)
cteward = r.json()
return render(request, 'memberstatus.html', {'contributions': contributions, 'cteward': cteward})
return render(
request, 'memberstatus.html',
{
'contributions': contributions,
'cteward': cteward
}
)