django-restit 4.1.78__py3-none-any.whl → 4.1.79__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- account/rpc/auth.py +39 -38
- {django_restit-4.1.78.dist-info → django_restit-4.1.79.dist-info}/METADATA +1 -1
- {django_restit-4.1.78.dist-info → django_restit-4.1.79.dist-info}/RECORD +23 -23
- inbox/models/bounce.py +1 -0
- inbox/models/complaint.py +1 -0
- inbox/models/message.py +2 -0
- incident/__init__.py +2 -0
- incident/models/event.py +1 -1
- incident/models/incident.py +1 -1
- incident/models/ossec.py +1 -0
- incident/models/rules.py +1 -0
- incident/rpc.py +25 -0
- location/models/ip.py +12 -4
- rest/__init__.py +1 -1
- rest/decorators.py +14 -15
- rest/models/metadata.py +1 -1
- rest/serializers/response.py +2 -0
- taskqueue/models.py +2 -0
- taskqueue/rpc.py +2 -2
- telephony/models.py +2 -0
- telephony/rpc.py +0 -2
- {django_restit-4.1.78.dist-info → django_restit-4.1.79.dist-info}/LICENSE.md +0 -0
- {django_restit-4.1.78.dist-info → django_restit-4.1.79.dist-info}/WHEEL +0 -0
account/rpc/auth.py
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
from rest import decorators as rd
|
|
2
2
|
from rest import crypto
|
|
3
3
|
from rest.mail import render_to_mail
|
|
4
|
-
from rest
|
|
4
|
+
from rest import views as rv
|
|
5
|
+
# from rest.views import restStatus, restGet, restPermissionDenied
|
|
5
6
|
from rest.jwtoken import JWToken, JWT_KEY
|
|
6
7
|
from rest import helpers
|
|
7
8
|
from rest import settings
|
|
@@ -22,7 +23,7 @@ def member_login(request):
|
|
|
22
23
|
password = request.DATA.get('password', None)
|
|
23
24
|
if username and password:
|
|
24
25
|
return member_login_uname_pword(request, username, password)
|
|
25
|
-
return
|
|
26
|
+
return rv.restPermissionDenied(request, "Invalid credentials", 401)
|
|
26
27
|
|
|
27
28
|
|
|
28
29
|
@rd.urlPOST(r'^jwt/login$')
|
|
@@ -32,10 +33,10 @@ def jwt_login(request):
|
|
|
32
33
|
# poor mans JWT, carried over
|
|
33
34
|
username = request.DATA.get('username', None)
|
|
34
35
|
if not username:
|
|
35
|
-
return
|
|
36
|
+
return rv.restPermissionDenied(request, "Password and/or Username is incorrect", error_code=422)
|
|
36
37
|
member = getMemberByUsername(username)
|
|
37
38
|
if not member:
|
|
38
|
-
return
|
|
39
|
+
return rv.restPermissionDenied(request, error="Password and/or Username is incorrect", error_code=422)
|
|
39
40
|
password = request.DATA.get('password', None)
|
|
40
41
|
member.canLogin(request) # throws exception if cannot login
|
|
41
42
|
if member.requires_totp:
|
|
@@ -44,7 +45,7 @@ def jwt_login(request):
|
|
|
44
45
|
return resp
|
|
45
46
|
if not member.login(request=request, password=password, use_jwt=True):
|
|
46
47
|
member.log("login_failed", "incorrect password", request, method="login", level=31)
|
|
47
|
-
return
|
|
48
|
+
return rv.restPermissionDenied(request, error="Invalid Credentials", error_code=401)
|
|
48
49
|
return on_complete_jwt(request, member)
|
|
49
50
|
|
|
50
51
|
|
|
@@ -69,7 +70,7 @@ def on_complete_jwt(request, member):
|
|
|
69
70
|
am.MemberDevice.register(request, member, device_id)
|
|
70
71
|
|
|
71
72
|
request.jwt_token = token.access_token # this tells the middleware to store in cookie
|
|
72
|
-
return restGet(
|
|
73
|
+
return rv.restGet(
|
|
73
74
|
request,
|
|
74
75
|
dict(
|
|
75
76
|
access=token.access_token,
|
|
@@ -87,7 +88,7 @@ def jwt_logout(request):
|
|
|
87
88
|
request.member.sendEvent("logout", "user requested logout")
|
|
88
89
|
request.member.refreshSecurityToken()
|
|
89
90
|
request.clear_jwt_cookie = True # tells middleware to remove from cookie
|
|
90
|
-
return restStatus(request, True)
|
|
91
|
+
return rv.restStatus(request, True)
|
|
91
92
|
|
|
92
93
|
|
|
93
94
|
@rd.urlPOST(r'^jwt/refresh$')
|
|
@@ -97,20 +98,20 @@ def jwt_refresh(request):
|
|
|
97
98
|
# poor mans JWT, carried over
|
|
98
99
|
rtoken = request.DATA.get(['refresh_token', 'refresh'], None)
|
|
99
100
|
if not bool(rtoken):
|
|
100
|
-
return
|
|
101
|
+
return rv.restPermissionDenied(request, error="requires token", error_code=703)
|
|
101
102
|
token = JWToken(token=rtoken)
|
|
102
103
|
member = am.Member.objects.filter(pk=token.payload.user_id).last()
|
|
103
104
|
if not member:
|
|
104
|
-
return
|
|
105
|
+
return rv.restPermissionDenied(request, error="Password or Username is incorrect", error_code=422)
|
|
105
106
|
if member.security_token is None:
|
|
106
107
|
member.refreshSecurityToken()
|
|
107
108
|
token.key = member.security_token
|
|
108
109
|
if not token.is_valid or token.payload.user_id is None:
|
|
109
|
-
return
|
|
110
|
+
return rv.restPermissionDenied(request, error="invalid token", error_code=-702)
|
|
110
111
|
member.canLogin()
|
|
111
112
|
token.refresh()
|
|
112
113
|
request.jwt_token = token.access_token # this tells the middleware to store in cookie
|
|
113
|
-
return restGet(request, dict(access=token.access_token, refresh=token.refresh_token))
|
|
114
|
+
return rv.restGet(request, dict(access=token.access_token, refresh=token.refresh_token))
|
|
114
115
|
|
|
115
116
|
|
|
116
117
|
def getMemberByUsername(username):
|
|
@@ -133,23 +134,23 @@ def checkForTOTP(request, member):
|
|
|
133
134
|
if not member.has_totp:
|
|
134
135
|
# we have a phone number so tell them to login with code
|
|
135
136
|
# they will need to request a code
|
|
136
|
-
return
|
|
137
|
-
request,
|
|
137
|
+
return rv.restPermissionDenied(
|
|
138
|
+
request, error=member.phone_number[-4:],
|
|
138
139
|
error_code=454)
|
|
139
140
|
totp_code = request.DATA.get("totp_code", None)
|
|
140
141
|
if totp_code is None:
|
|
141
142
|
# member.log("login_blocked", "requires MFA (TOTP)", request, method="login", level=31)
|
|
142
|
-
return
|
|
143
|
+
return rv.restPermissionDenied(request, error="Requires MFA (TOTP)", error_code=455)
|
|
143
144
|
if not member.totp_verify(totp_code):
|
|
144
145
|
member.log("login_blocked", "Invalid MFA code", request, method="login", level=31)
|
|
145
|
-
return
|
|
146
|
+
return rv.restPermissionDenied(request, error="Invalid Credentials", error_code=456)
|
|
146
147
|
return None
|
|
147
148
|
|
|
148
149
|
|
|
149
150
|
def member_login_uname_pword(request, username, password):
|
|
150
151
|
member = getMemberByUsername(username)
|
|
151
152
|
if not member:
|
|
152
|
-
return
|
|
153
|
+
return rv.restPermissionDenied(request, error="Password or Username is not correct", error_code=422)
|
|
153
154
|
member.canLogin(request) # throws exception if cannot login
|
|
154
155
|
if member.requires_topt:
|
|
155
156
|
resp = checkForTOTP(request, member)
|
|
@@ -157,30 +158,30 @@ def member_login_uname_pword(request, username, password):
|
|
|
157
158
|
return resp
|
|
158
159
|
if not member.login(request=request, password=password, use_jwt=False):
|
|
159
160
|
member.log("login_failed", "incorrect password", request, method="login", level=31)
|
|
160
|
-
return
|
|
161
|
+
return rv.restPermissionDenied(request, error="Password or Username is incorrect", error_code=401)
|
|
161
162
|
|
|
162
163
|
member.log("password_login", "password login", request, method="login", level=7)
|
|
163
164
|
if request.session is not None:
|
|
164
165
|
request.session["member_id"] = member.pk
|
|
165
166
|
request.session["_auth_user_id"] = member.pk
|
|
166
|
-
return restGet(request, dict(id=member.pk, session_key=request.session.session_key))
|
|
167
|
+
return rv.restGet(request, dict(id=member.pk, session_key=request.session.session_key))
|
|
167
168
|
|
|
168
169
|
|
|
169
170
|
def member_login_uname_code(request, username, auth_code):
|
|
170
171
|
member = getMemberByUsername(username)
|
|
171
172
|
if not member:
|
|
172
|
-
return
|
|
173
|
+
return rv.restPermissionDenied(request, error="Username or code is incorrect", error_code=422)
|
|
173
174
|
if not member.is_active:
|
|
174
175
|
member.log("login_blocked", "account is not active", request, method="login", level=31)
|
|
175
|
-
return
|
|
176
|
+
return rv.restPermissionDenied(request, error="Account disabled", error_code=410)
|
|
176
177
|
if member.is_blocked:
|
|
177
178
|
member.log("login_blocked", "account is locked out", request, method="login", level=31)
|
|
178
|
-
return
|
|
179
|
+
return rv.restPermissionDenied(request, error="Account locked out", error_code=411)
|
|
179
180
|
auth_code = auth_code.replace('-', '').replace(' ', '')
|
|
180
181
|
if member.auth_code is None or member.auth_code != auth_code:
|
|
181
|
-
return restPermissionDenied(request, "token most likely expired, try again", error_code=492)
|
|
182
|
+
return rv.restPermissionDenied(request, "token most likely expired, try again", error_code=492)
|
|
182
183
|
if member.auth_code_expires < datetime.now():
|
|
183
|
-
return restPermissionDenied(request, "token expired", error_code=493)
|
|
184
|
+
return rv.restPermissionDenied(request, "token expired", error_code=493)
|
|
184
185
|
password = request.DATA.get(['password', 'new_password'], None)
|
|
185
186
|
if password:
|
|
186
187
|
member.setPassword(password)
|
|
@@ -190,7 +191,7 @@ def member_login_uname_code(request, username, auth_code):
|
|
|
190
191
|
member.save()
|
|
191
192
|
member.log("code_login", "code login", request, method="login", level=8)
|
|
192
193
|
if request.DATA.get("auth_method") == "basic":
|
|
193
|
-
return restGet(request, dict(id=member.pk, session_key=request.session.session_key))
|
|
194
|
+
return rv.restGet(request, dict(id=member.pk, session_key=request.session.session_key))
|
|
194
195
|
|
|
195
196
|
return on_complete_jwt(request, member)
|
|
196
197
|
|
|
@@ -209,7 +210,7 @@ def member_logout(request):
|
|
|
209
210
|
if request.user.is_authenticated:
|
|
210
211
|
request.user.log("logout", "user logged out", request, method="logout", level=8)
|
|
211
212
|
request.member.logout(request)
|
|
212
|
-
return restStatus(request, True)
|
|
213
|
+
return rv.restStatus(request, True)
|
|
213
214
|
|
|
214
215
|
|
|
215
216
|
@rd.url(r'^loggedin/$')
|
|
@@ -223,8 +224,8 @@ def is_member_logged_in(request):
|
|
|
223
224
|
| Check if the current user is logged in
|
|
224
225
|
"""
|
|
225
226
|
if request.user:
|
|
226
|
-
return restStatus(request, request.user.is_authenticated)
|
|
227
|
-
return restStatus(request, False)
|
|
227
|
+
return rv.restStatus(request, request.user.is_authenticated)
|
|
228
|
+
return rv.restStatus(request, False)
|
|
228
229
|
|
|
229
230
|
|
|
230
231
|
@rd.urlPOST('mfa/request_code')
|
|
@@ -240,19 +241,19 @@ def member_request_code(request):
|
|
|
240
241
|
def member_from_request(request):
|
|
241
242
|
username = request.DATA.get('username', None)
|
|
242
243
|
if not username:
|
|
243
|
-
raise restPermissionDenied("Username is required")
|
|
244
|
+
raise rv.restPermissionDenied("Username is required")
|
|
244
245
|
return getMemberByUsername(username)
|
|
245
246
|
|
|
246
247
|
|
|
247
248
|
def member_check_can_login(request, member):
|
|
248
249
|
if not member:
|
|
249
|
-
return
|
|
250
|
+
return rv.restPermissionDenied(request, error="Password or Username is incorrect", error_code=422)
|
|
250
251
|
if not member.is_active:
|
|
251
252
|
member.log("login_blocked", "account is not active", request, method="login", level=31)
|
|
252
|
-
return
|
|
253
|
+
return rv.restPermissionDenied(request, error="Account disabled", error_code=410)
|
|
253
254
|
if member.is_blocked:
|
|
254
255
|
member.log("login_blocked", "account is locked out", request, method="login", level=31)
|
|
255
|
-
return
|
|
256
|
+
return rv.restPermissionDenied(request, error="Account locked out", error_code=411)
|
|
256
257
|
return None
|
|
257
258
|
|
|
258
259
|
|
|
@@ -289,7 +290,7 @@ def member_forgot_password(request):
|
|
|
289
290
|
'to': [member.email],
|
|
290
291
|
})
|
|
291
292
|
|
|
292
|
-
return restStatus(request, True, msg="Password reset instructions have been sent to your email.")
|
|
293
|
+
return rv.restStatus(request, True, msg="Password reset instructions have been sent to your email.")
|
|
293
294
|
|
|
294
295
|
|
|
295
296
|
def member_forgot_password_code(request, member):
|
|
@@ -309,9 +310,9 @@ def member_forgot_password_code(request, member):
|
|
|
309
310
|
template=settings.get("EMAIL_TEMPLATE_RESET", "email/reset_code.html"),
|
|
310
311
|
sms_msg="Your login code is:\n{}".format(code)):
|
|
311
312
|
member.log("requested", "user requested password reset code", request, method="login_token", level=8)
|
|
312
|
-
return restStatus(request, True)
|
|
313
|
+
return rv.restStatus(request, True)
|
|
313
314
|
member.log("error", "No valid email/phone, check users profile!", request, method="login_token", level=6)
|
|
314
|
-
return
|
|
315
|
+
return rv.restPermissionDenied(request, error="No valid email/phone, check users profile!")
|
|
315
316
|
|
|
316
317
|
|
|
317
318
|
# time based one time passwords
|
|
@@ -321,7 +322,7 @@ def totp_qrcode(request):
|
|
|
321
322
|
token = request.member.getProperty("totp_token", category="secrets", default=None)
|
|
322
323
|
reset = request.DATA.get("force_reset", False)
|
|
323
324
|
if token is not None and not reset:
|
|
324
|
-
return restPermissionDenied(request, "token exists")
|
|
325
|
+
return rv.restPermissionDenied(request, "token exists")
|
|
325
326
|
params = dict(data=request.member.totp_getURI())
|
|
326
327
|
error = request.DATA.get("error", None)
|
|
327
328
|
if error is not None:
|
|
@@ -349,10 +350,10 @@ def totp_qrcode(request):
|
|
|
349
350
|
def totp_verify(request):
|
|
350
351
|
code = request.DATA.get("code", None)
|
|
351
352
|
if code is None or len(code) != 6:
|
|
352
|
-
return restPermissionDenied(request, "invalid code format")
|
|
353
|
+
return rv.restPermissionDenied(request, "invalid code format")
|
|
353
354
|
if not request.member.totp_verify(code):
|
|
354
|
-
return restPermissionDenied(request, "invalid code")
|
|
355
|
+
return rv.restPermissionDenied(request, "invalid code")
|
|
355
356
|
request.member.setProperty("totp_verified", 1)
|
|
356
|
-
return restStatus(request, True)
|
|
357
|
+
return rv.restStatus(request, True)
|
|
357
358
|
|
|
358
359
|
|
|
@@ -32,7 +32,7 @@ account/oauth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
|
32
32
|
account/oauth/google.py,sha256=q5M6Qhpfp9QslKRVYFZBvtG6kgXV6vYMrR5fp6Xdb9I,2078
|
|
33
33
|
account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
|
|
34
34
|
account/rpc/__init__.py,sha256=L_AqHC0WbgUgLoqvNz6pY0E34eqh7sRaX77I6TxhRZ4,152
|
|
35
|
-
account/rpc/auth.py,sha256=
|
|
35
|
+
account/rpc/auth.py,sha256=8HNXOGHxIuBi8kZwnJsbvydoeuqbSMqz06QUOWR_Aig,13841
|
|
36
36
|
account/rpc/device.py,sha256=fbbZFp3cUdhVXvD7gVFOqFWj4hKS3bjZKD_aF5fQxd8,2852
|
|
37
37
|
account/rpc/group.py,sha256=Y_Ii-vlDx09neMd95AmC7xBwDf3wdFgXjB-kIG2jMdE,3472
|
|
38
38
|
account/rpc/member.py,sha256=oKdXSGhQ7AOPTwisZ5RvHhQ1SdZoXWlBQY0lIlDXJY0,1150
|
|
@@ -70,9 +70,9 @@ inbox/migrations/0003_attachment_content_type.py,sha256=dh_km90V6R3O0-N2oNTWhWLZ
|
|
|
70
70
|
inbox/migrations/0004_mailtemplate.py,sha256=yV51UdsRWmKC5Dy34-h2bXBeYeFtjoWQ7kOw7cuYCQo,1140
|
|
71
71
|
inbox/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
72
72
|
inbox/models/__init__.py,sha256=yARvP31nhJGLjqP-U_ONi2OLjiTUFspdH0AlKynt4Y8,174
|
|
73
|
-
inbox/models/bounce.py,sha256=
|
|
74
|
-
inbox/models/complaint.py,sha256=
|
|
75
|
-
inbox/models/message.py,sha256=
|
|
73
|
+
inbox/models/bounce.py,sha256=3b_pCKH3gwb3NE8I1XlVI6JeoVmobZyKidsILH-jIRg,2881
|
|
74
|
+
inbox/models/complaint.py,sha256=AcESgSzb26wLLmcW2VCsQ-MApZCkp_TfFJnaghiPf2s,2517
|
|
75
|
+
inbox/models/message.py,sha256=iSbeKv6GUPflk_2v97ZR51OdSUAHjbTZA5xXs7CLREs,3003
|
|
76
76
|
inbox/models/template.py,sha256=i5vf0vsM1U0251UmVsF61MDCV_c7xt-zdCdx1SiKOG0,1013
|
|
77
77
|
inbox/rpc.py,sha256=7JXvpXlEGKG7by_NkANPGYLCzagyCnTIGM4rme_htpk,1534
|
|
78
78
|
inbox/utils/__init__.py,sha256=P_UR2rGK3L0tZNlTN-mf99tpeYM-tLkA18iDKXSSLDM,89
|
|
@@ -80,7 +80,7 @@ inbox/utils/parsing.py,sha256=ae8JKm10qg6Q3dGhC29oDKKycN3yeDxI6e9SryPKxcY,4615
|
|
|
80
80
|
inbox/utils/render.py,sha256=t07vtf-G4clnFpFidswjflrlB-klJpQkEW7ZCcsanb0,4098
|
|
81
81
|
inbox/utils/sending.py,sha256=BKelTZnbkdSLGpjOY6IRTrzj-Hnw2pPZ7RYQGwe-tqk,2179
|
|
82
82
|
incident/README.md,sha256=4vbZTJj7uUmq8rogYngxqNYjFTlBOujfWUGheLoFKMc,1114
|
|
83
|
-
incident/__init__.py,sha256=
|
|
83
|
+
incident/__init__.py,sha256=9El01x5l9Xc28FD3cxGfYzXtzLWnuD1nebdktY76Bb8,3249
|
|
84
84
|
incident/migrations/0001_initial.py,sha256=KmJRau3a2QFRaUwUrFUgY2p7FQZCODv3F-Sl0ZArpu0,9720
|
|
85
85
|
incident/migrations/0002_event_component_event_component_id.py,sha256=Qfu3ndJKh4v7953ULTUZlSa3mVI-lnFIq9VFN1Rbs7Q,595
|
|
86
86
|
incident/migrations/0003_rule_action.py,sha256=LNqV52qOjxxe3L8qEdln-Hd2voFcpyjOZ_cEsasrv7s,425
|
|
@@ -94,15 +94,15 @@ incident/migrations/0010_incident_category_incident_component_id.py,sha256=FGRHn
|
|
|
94
94
|
incident/migrations/0011_ticket.py,sha256=Ml5E_Qi4Z0MD89fetoOFOL3rPlVQdjaaDCcFBfOuwd4,2142
|
|
95
95
|
incident/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
96
96
|
incident/models/__init__.py,sha256=NMphuhb0RTMf7Ov4QkNv7iv6_I8Wtr3xQ54yjX_a31M,209
|
|
97
|
-
incident/models/event.py,sha256=
|
|
98
|
-
incident/models/incident.py,sha256=
|
|
99
|
-
incident/models/ossec.py,sha256=
|
|
100
|
-
incident/models/rules.py,sha256=
|
|
97
|
+
incident/models/event.py,sha256=zXH8srWCm_bZLupWsuupqPfcu22733QBPgH-16yIMks,6786
|
|
98
|
+
incident/models/incident.py,sha256=Zsg0FP6wtl2gU8Z1MoCg2uFQ57YfPYpAkIlirYHRMIA,14384
|
|
99
|
+
incident/models/ossec.py,sha256=p1ptr-8lnaj1EP_VmPR58b2LmaYBGaYYKAMqhWK5yZM,2227
|
|
100
|
+
incident/models/rules.py,sha256=NZHy4CZ42Z4ypm4SMURl70lga91slt1gWjx7db78a0M,5382
|
|
101
101
|
incident/models/ticket.py,sha256=S3kqGQpYLE6Y4M9IKu_60sgW-f592xNr8uufqHnvDoU,2302
|
|
102
102
|
incident/parsers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
103
103
|
incident/parsers/ossec.py,sha256=joduBYN3J5IINPJaI5G6hn03Mhz9Ymd6xfw8cSiwKAc,5969
|
|
104
104
|
incident/periodic.py,sha256=K5ICRdXrRyR2rwf3IlBdByJlFw-pk80kKkXQCnx59Y0,227
|
|
105
|
-
incident/rpc.py,sha256=
|
|
105
|
+
incident/rpc.py,sha256=BYRb6fhvh3klGf7OziKxALi2UfsTdQpEWLGFF-lrk90,6590
|
|
106
106
|
incident/templates/email/incident_change.html,sha256=O_5ocWTsnqmmOuQhAtXEiE4rWecnZnJjoKU4MwV6ILo,14178
|
|
107
107
|
incident/templates/email/incident_new.html,sha256=IPX3CqIrvdrZSn13_jlR6sEb0If8ftvUrUpkzC5G2Gc,15173
|
|
108
108
|
incident/templates/email/incident_plain.html,sha256=fx4zsoldG1AQEBA6IYx5BJp_MAMizgjjx9EmuR5m4SQ,14727
|
|
@@ -115,7 +115,7 @@ location/migrations/0002_geoip_subnet_alter_geoip_ip.py,sha256=n-oJrEnIqN9VnMhiZ
|
|
|
115
115
|
location/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
116
116
|
location/models/__init__.py,sha256=rZhldkoKmoJQXjBAK1IIQn7K_OOJvFtIGOGVl_szqbE,230
|
|
117
117
|
location/models/address.py,sha256=GFMyGg9md0y6Szj6bue7sx7ucVjhOgpwJAaz6lYtQEs,2028
|
|
118
|
-
location/models/ip.py,sha256=
|
|
118
|
+
location/models/ip.py,sha256=ZaBFdW1tL1Q3bnS5gIY9SseiQ5xeeP_oyP1hp3czFeA,5984
|
|
119
119
|
location/models/legacy.py,sha256=8ROsUSZrjGQkUyXeJvoxPdKAWaKfUH-AL9TIeJb7krg,1994
|
|
120
120
|
location/models/location.py,sha256=01dJPJecbp5orExsIGWOsBC_KkwFRIW0rGDIwyx1r0w,2316
|
|
121
121
|
location/models/track.py,sha256=OdhRL1KVXlPcZkp4S6QpKc7Ctoth8VjwHs_dlZ8XHI4,1474
|
|
@@ -351,7 +351,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
|
|
|
351
351
|
rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
|
|
352
352
|
rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
|
|
353
353
|
rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
|
|
354
|
-
rest/__init__.py,sha256=
|
|
354
|
+
rest/__init__.py,sha256=ZR8fqdCL5dahKgs4COpTPpJ7HcPf2qKjiL6pgnu8vCI,121
|
|
355
355
|
rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
|
|
356
356
|
rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
|
|
357
357
|
rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
|
|
@@ -359,7 +359,7 @@ rest/crypto/aes.py,sha256=f7UgiTGCfgjCc7dL94vnxkPhq_5NzooI-kw0B8_nA58,3605
|
|
|
359
359
|
rest/crypto/privpub.py,sha256=_FioylVcbMmDP80yPYjURmafEiDmEAMkskbc7WF10ac,4082
|
|
360
360
|
rest/crypto/util.py,sha256=agFN2OCPHC70tHNGWrMkkZX4Tt_Ty6imoKEMdTkZpKA,4514
|
|
361
361
|
rest/datem.py,sha256=boG5a1PeK1q51Pf7vHhLZHItbQOlzTc9bC4bdbhiOFE,9330
|
|
362
|
-
rest/decorators.py,sha256=
|
|
362
|
+
rest/decorators.py,sha256=ig0LATc3-2mhEJPAWHRbIRM-ZOFyjm6e_F9RhpRWidE,15082
|
|
363
363
|
rest/encryption.py,sha256=x6Kiez0tVqfxK26MSsRL3k8OS05ni1gEX2aj3I0S9V0,788
|
|
364
364
|
rest/errors.py,sha256=Jy7Hld3d0Ooc-nJ995N5SDx0EXQLWKac7g6VLJpVJf0,501
|
|
365
365
|
rest/extra/__init__.py,sha256=YzmNsch5H5FFLkUK9mIAKyoRK_rJCA9HGb0kubp4h30,54
|
|
@@ -385,7 +385,7 @@ rest/middleware/session_store.py,sha256=X_i06TnZLW1srV0vkjjLhZ7fl1G56PswXxRpVzdF
|
|
|
385
385
|
rest/models/__init__.py,sha256=M8pvFDq-WCF-QcM58X7pMufYYe0aaQ3U0PwGe9TKbbY,130
|
|
386
386
|
rest/models/base.py,sha256=pjilLSXpkNVdyOVm8ipExYpjW-P--w4yKW36j3-EOdY,65787
|
|
387
387
|
rest/models/cacher.py,sha256=eKz8TINVhWEqKhJGMsRkKZTtBUIv5rN3NHbZwOC56Uk,578
|
|
388
|
-
rest/models/metadata.py,sha256=
|
|
388
|
+
rest/models/metadata.py,sha256=ui0962oaWbYGIbkNs7oaUGKyaca9epsW2H-ywgyH7rg,12631
|
|
389
389
|
rest/net.py,sha256=LTF4ip-ur8C2G7NETVOg7ioACegBGo4sDJA18PfF5kQ,1691
|
|
390
390
|
rest/regexes.yaml,sha256=VoGb4E-P_K9f82Yzcpltgzekpt9usRtwu9PYlo46nUw,149463
|
|
391
391
|
rest/requestex.py,sha256=rOMWK8S_mGm-AlDe0WfBmU-SaTE0u5G2RxJupxl9zgQ,15582
|
|
@@ -399,7 +399,7 @@ rest/serializers/json.py,sha256=R1has2PZQuXacA6WwfdrBnMG4rSM6CrnXQOhGoAU6Dk,1736
|
|
|
399
399
|
rest/serializers/legacy.py,sha256=JMv1eWhUJveBGO0E80PrsxvROGDl9EYAlx407tmVt7g,61872
|
|
400
400
|
rest/serializers/model.py,sha256=08HJeqpmytjxvyiJFfsSRRG0uH-iK2mXCw6w0oMfWrI,8598
|
|
401
401
|
rest/serializers/profiler.py,sha256=OxOimhEyvCAuzUBC9Q1dz2xaakjAqmSnekMATsjduXM,997
|
|
402
|
-
rest/serializers/response.py,sha256
|
|
402
|
+
rest/serializers/response.py,sha256=-XDJG60LGfy1kwuuOamrEKkxiDX-nbBelWBjwK0weHg,6903
|
|
403
403
|
rest/serializers/util.py,sha256=-In89fpuVTd6_Ul8nwEUt3DjVKdpeoEyAxudlyB8K6Y,2734
|
|
404
404
|
rest/settings_helper.py,sha256=_Vn9nmL5_GPss9zIsXzacbTQkn99NbO42CqvOZC3ge4,1532
|
|
405
405
|
rest/ssl_check.py,sha256=kH4Pk4upUEwKTAnBLR0DIKezNJHjkW3g2TdQAObEgW4,1419
|
|
@@ -431,9 +431,9 @@ taskqueue/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
|
431
431
|
taskqueue/admin.py,sha256=E6zXoToS_ea3MdoGjZzF1JiepWFtDSoZUQdan8H-pXI,208
|
|
432
432
|
taskqueue/migrations/0001_initial.py,sha256=JwYib8CK5ftSXlfxKZUcKEEVsXktNB5q3h-2tu9inGk,4738
|
|
433
433
|
taskqueue/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
434
|
-
taskqueue/models.py,sha256=
|
|
434
|
+
taskqueue/models.py,sha256=nYS9Thv3P673cWJ3DPVVr0SnZEWj7Fqa0uHvyXhTJkg,19274
|
|
435
435
|
taskqueue/periodic.py,sha256=2i0271khrCow3hDmlNEcoAZnesBVl40jd7MIim2Cxs4,3543
|
|
436
|
-
taskqueue/rpc.py,sha256=
|
|
436
|
+
taskqueue/rpc.py,sha256=If5E9D9AR2RqW4lHRaDuD9L9b9ZfL_PaBQ6iX91ehvU,5736
|
|
437
437
|
taskqueue/tq.py,sha256=PzSoDrawYcqZylruEgsK95gcJ4J_VhdM6rxg9V6_X8E,942
|
|
438
438
|
taskqueue/transports/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
439
439
|
taskqueue/transports/email.py,sha256=H4GaomiyCck5R_AOcsrMawCl-_Bp_Zg-uWto9t1Xcoo,623
|
|
@@ -448,9 +448,9 @@ telephony/decorators.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
|
448
448
|
telephony/migrations/0001_initial.py,sha256=YRiNtpeqj-4uvq19sfI64Q-KRnQ_T53kNzyt-CZUl14,3030
|
|
449
449
|
telephony/migrations/0002_alter_sms_sid.py,sha256=QAnMG-UZ5emssZwdJ8XwfaRh3872zUUR55maDMD4RkE,424
|
|
450
450
|
telephony/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
451
|
-
telephony/models.py,sha256=
|
|
451
|
+
telephony/models.py,sha256=xltZ-PJIOOB2NaHTGM9oBaCLSjNDzP2tVEyyqgk38s0,8248
|
|
452
452
|
telephony/phone_util.py,sha256=15IWkTSqkjDWT9edPAYogAxHc1OdjOziPSxsJ8vfpfE,2426
|
|
453
|
-
telephony/rpc.py,sha256=
|
|
453
|
+
telephony/rpc.py,sha256=PXPDFvgoXkCKlfMzIbt6lYZPay3fcveNj2X4Pjby7p4,3473
|
|
454
454
|
wiki/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
|
|
455
455
|
wiki/migrations/0001_initial.py,sha256=9jvUyjrbJrbDilRnwzQUPhPV8Xi_olEPBk_N0nycvM0,3606
|
|
456
456
|
wiki/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -483,7 +483,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
|
|
|
483
483
|
ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
|
|
484
484
|
ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
|
|
485
485
|
ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
|
|
486
|
-
django_restit-4.1.
|
|
487
|
-
django_restit-4.1.
|
|
488
|
-
django_restit-4.1.
|
|
489
|
-
django_restit-4.1.
|
|
486
|
+
django_restit-4.1.79.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
|
|
487
|
+
django_restit-4.1.79.dist-info/METADATA,sha256=Ba4UkIRWNgZ9Ongd5-J4HgIza9ZN7GueY_o_tY5VA6E,7573
|
|
488
|
+
django_restit-4.1.79.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
|
|
489
|
+
django_restit-4.1.79.dist-info/RECORD,,
|
inbox/models/bounce.py
CHANGED
inbox/models/complaint.py
CHANGED
|
@@ -13,6 +13,7 @@ class Complaint(models.Model, rm.RestModel):
|
|
|
13
13
|
CAN_SAVE = CAN_CREATE = False
|
|
14
14
|
DEFAULT_SORT = "-id"
|
|
15
15
|
SEARCH_FIELDS = ["address"]
|
|
16
|
+
VIEW_PERMS = ["view_logs", "view_email"]
|
|
16
17
|
SEARCH_TERMS = [
|
|
17
18
|
("email", "address"),
|
|
18
19
|
("to", "address"), "source", "reason", "state",
|
inbox/models/message.py
CHANGED
|
@@ -5,6 +5,7 @@ from rest import models as rm
|
|
|
5
5
|
class Mailbox(models.Model, rm.RestModel, rm.MetaDataModel):
|
|
6
6
|
class RestMeta:
|
|
7
7
|
DEFAULT_SORT = "-id"
|
|
8
|
+
VIEW_PERMS = ["view_logs", "view_email"]
|
|
8
9
|
|
|
9
10
|
created = models.DateTimeField(auto_now_add=True, editable=False, db_index=True)
|
|
10
11
|
modified = models.DateTimeField(auto_now=True)
|
|
@@ -28,6 +29,7 @@ class Message(models.Model, rm.RestModel):
|
|
|
28
29
|
CAN_SAVE = CAN_CREATE = False
|
|
29
30
|
CAN_DELETE = True
|
|
30
31
|
DEFAULT_SORT = "-id"
|
|
32
|
+
VIEW_PERMS = ["view_logs", "view_email"]
|
|
31
33
|
|
|
32
34
|
created = models.DateTimeField(auto_now_add=True, editable=False, db_index=True)
|
|
33
35
|
modified = models.DateTimeField(auto_now=True)
|
incident/__init__.py
CHANGED
|
@@ -24,6 +24,8 @@ def event_now(category, description, level=10, request=None, **kwargs):
|
|
|
24
24
|
data.metadata[key.lower()] = str(value)
|
|
25
25
|
if hasattr(request, "buid"):
|
|
26
26
|
data.metadata["buid"] = request.buid
|
|
27
|
+
if "username" not in data.metadata and hasattr(request, "member") and request.member is not None:
|
|
28
|
+
data.metadata["username"] = request.member.username
|
|
27
29
|
if "hostname" in data.metadata:
|
|
28
30
|
data.hostname = data.metadata.hostname
|
|
29
31
|
if "details" in data.metadata:
|
incident/models/event.py
CHANGED
|
@@ -46,7 +46,7 @@ class Event(JSONMetaData, rm.RestModel):
|
|
|
46
46
|
class RestMeta:
|
|
47
47
|
POST_SAVE_FIELDS = ["level", "catagory"]
|
|
48
48
|
SEARCH_FIELDS = ["description", "hostname"]
|
|
49
|
-
|
|
49
|
+
VIEW_PERMS = ["view_incidents"]
|
|
50
50
|
GRAPHS = {
|
|
51
51
|
"default": {
|
|
52
52
|
"graphs": {
|
incident/models/incident.py
CHANGED
|
@@ -36,7 +36,7 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
|
|
|
36
36
|
class RestMeta:
|
|
37
37
|
POST_SAVE_FIELDS = ["level", "catagory"]
|
|
38
38
|
SEARCH_FIELDS = ["description", "hostname"]
|
|
39
|
-
|
|
39
|
+
VIEW_PERMS = ["view_incidents"]
|
|
40
40
|
GRAPHS = {
|
|
41
41
|
"default": {
|
|
42
42
|
"extra": ["metadata", ("get_state_display", "state_display")],
|
incident/models/ossec.py
CHANGED
|
@@ -9,6 +9,7 @@ class ServerOssecAlert(models.Model, rm.RestModel):
|
|
|
9
9
|
# osec alert settings will be managed through metadata
|
|
10
10
|
class RestMeta:
|
|
11
11
|
DEFAULT_SORT = "-id"
|
|
12
|
+
VIEW_PERMS = ["view_incidents"]
|
|
12
13
|
SEARCH_FIELDS = ["rule_id", "hostname", "action"]
|
|
13
14
|
GRAPHS = {
|
|
14
15
|
"default": {
|
incident/models/rules.py
CHANGED
incident/rpc.py
CHANGED
|
@@ -5,6 +5,31 @@ from rest import settings
|
|
|
5
5
|
from . import models as am
|
|
6
6
|
from .parsers import ossec
|
|
7
7
|
from taskqueue.models import Task
|
|
8
|
+
import incident
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
def patched_restPermissionDenied(request, error="permission denied", error_code=403):
|
|
12
|
+
description = f"permission denied: {error_code} '{error}' for {request.user} {request.method}:{request.path}"
|
|
13
|
+
rh.log_error(description)
|
|
14
|
+
metadata = dict(error=error, error_code=error_code)
|
|
15
|
+
if hasattr(request, "member") and request.member is not None:
|
|
16
|
+
metadata["component"] = "account.Member"
|
|
17
|
+
metadata["component_id"] = request.member.pk
|
|
18
|
+
incident.event_now(
|
|
19
|
+
"rest_denied",
|
|
20
|
+
description,
|
|
21
|
+
level=10,
|
|
22
|
+
request=request,
|
|
23
|
+
**metadata)
|
|
24
|
+
return rv.restStatus(request, False, error=error, error_code=error_code)
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
def patched_restNotFound(request):
|
|
28
|
+
return rv.restPermissionDenied(request, error="not found", error_code=404)
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
if settings.REPORT_PERMISSION_DENIED:
|
|
32
|
+
rv.restPermissionDenied = patched_restPermissionDenied
|
|
8
33
|
|
|
9
34
|
|
|
10
35
|
@rd.urlPOST(r'^ossec/alert$')
|
location/models/ip.py
CHANGED
|
@@ -12,6 +12,7 @@ GEOIP_LOOKUP_BY_SUBNET = settings.get("GEOIP_LOOKUP_BY_SUBNET", True)
|
|
|
12
12
|
class GeoIP(models.Model, rm.RestModel):
|
|
13
13
|
class RestMeta:
|
|
14
14
|
SEARCH_FIELDS = ["ip", "isp"]
|
|
15
|
+
CAN_DELETE = False
|
|
15
16
|
|
|
16
17
|
created = models.DateTimeField(auto_now_add=True)
|
|
17
18
|
modified = models.DateTimeField(auto_now=True)
|
|
@@ -124,21 +125,28 @@ class GeoIP(models.Model, rm.RestModel):
|
|
|
124
125
|
@staticmethod
|
|
125
126
|
def removeDuplicates():
|
|
126
127
|
# Find all ip_addresses that have duplicates
|
|
128
|
+
# would be good to figure out how to not create duplicates
|
|
127
129
|
duplicates = GeoIP.objects.values('ip')\
|
|
128
|
-
|
|
129
|
-
|
|
130
|
+
.annotate(ip_count=models.Count('id'))\
|
|
131
|
+
.filter(ip_count__gt=1)
|
|
130
132
|
for entry in duplicates:
|
|
131
133
|
# Get the first instance of MyModel for this ip_address
|
|
132
134
|
first_instance = GeoIP.objects.filter(ip=entry['ip'])\
|
|
133
135
|
.order_by('id').first()
|
|
134
|
-
|
|
135
136
|
# Find all related models
|
|
136
137
|
for rel in GeoIP._meta.related_objects:
|
|
137
138
|
if isinstance(rel, models.ForeignKey):
|
|
138
139
|
related_model = rel.related_model
|
|
139
140
|
fk_field = rel.field.name
|
|
140
141
|
# Update the ForeignKey in each related model
|
|
141
|
-
related_model.objects.filter(**{fk_field: entry['ip']})\
|
|
142
|
+
related_model.objects.filter(**{f"{fk_field}__ip": entry['ip']})\
|
|
143
|
+
.exclude(**{fk_field: first_instance})\
|
|
144
|
+
.update(**{fk_field: first_instance})
|
|
145
|
+
elif isinstance(rel, models.ManyToOneRel):
|
|
146
|
+
related_model = rel.related_model
|
|
147
|
+
fk_field = rel.field.name
|
|
148
|
+
# print(f"{rel}.{related_model}.{fk_field}")
|
|
149
|
+
related_model.objects.filter(**{f"{fk_field}__ip": entry['ip']})\
|
|
142
150
|
.exclude(**{fk_field: first_instance})\
|
|
143
151
|
.update(**{fk_field: first_instance})
|
|
144
152
|
|
rest/__init__.py
CHANGED
rest/decorators.py
CHANGED
|
@@ -8,7 +8,7 @@ from django.http import HttpResponseRedirect
|
|
|
8
8
|
from django.utils.cache import patch_cache_control, add_never_cache_headers, patch_vary_headers
|
|
9
9
|
|
|
10
10
|
from rest import settings
|
|
11
|
-
from rest
|
|
11
|
+
from rest import views as rv
|
|
12
12
|
from rest.errors import RestError, PermissionDeniedException
|
|
13
13
|
from rest import helpers as rh
|
|
14
14
|
import metrics
|
|
@@ -61,8 +61,7 @@ def rest_error_catcher(func, request, *args, **kwargs):
|
|
|
61
61
|
metrics.metric(f"rest_call_{slug_path}", category="rest_calls")
|
|
62
62
|
return func(request, *args, **kwargs)
|
|
63
63
|
except PermissionDeniedException as err:
|
|
64
|
-
|
|
65
|
-
return restStatus(request, False, error=err.reason, error_code=err.code)
|
|
64
|
+
return rv.restPermissionDenied(request, err.reason, err.code)
|
|
66
65
|
except RestError as err:
|
|
67
66
|
rh.log_exception("REST ERROR", request.path, err.reason)
|
|
68
67
|
if settings.get("REST_ERROR_METRICS", True):
|
|
@@ -72,7 +71,7 @@ def rest_error_catcher(func, request, *args, **kwargs):
|
|
|
72
71
|
request, f"{err.code}: {err.reason}", level=7,
|
|
73
72
|
category="rest_error",
|
|
74
73
|
reason=err.reason, code=err.code)
|
|
75
|
-
return restStatus(request, False, error=err.reason, error_code=err.code)
|
|
74
|
+
return rv.restStatus(request, False, error=err.reason, error_code=err.code)
|
|
76
75
|
except Exception as err:
|
|
77
76
|
rh.log_exception("REST EXCEPTION", request.path)
|
|
78
77
|
if settings.get("REST_ERROR_METRICS", True):
|
|
@@ -84,8 +83,8 @@ def rest_error_catcher(func, request, *args, **kwargs):
|
|
|
84
83
|
PersistentLog.logException(body, request=request, component="rest", action="error")
|
|
85
84
|
stack = str(traceback.format_exc())
|
|
86
85
|
incident.exception_event(request, err, body, stack)
|
|
87
|
-
return restStatus(request, False, error=str(err), stack=stack)
|
|
88
|
-
return restStatus(request, False)
|
|
86
|
+
return rv.restStatus(request, False, error=str(err), stack=stack)
|
|
87
|
+
return rv.restStatus(request, False)
|
|
89
88
|
|
|
90
89
|
|
|
91
90
|
def dispatcher(request, *args, **kwargs):
|
|
@@ -102,7 +101,7 @@ def dispatcher(request, *args, **kwargs):
|
|
|
102
101
|
if key in module.urlpattern_methods:
|
|
103
102
|
return rest_error_catcher(module.urlpattern_methods[key], request, *args, **kwargs)
|
|
104
103
|
# print module.urlpattern_methods
|
|
105
|
-
return
|
|
104
|
+
return rv.restPermissionDenied(request, error="endpoint not found", error_code=404)
|
|
106
105
|
|
|
107
106
|
|
|
108
107
|
def _load_module(mod):
|
|
@@ -303,7 +302,7 @@ def login_required(func):
|
|
|
303
302
|
@wraps(func)
|
|
304
303
|
def inner_func(request=None, *args, **kwargs):
|
|
305
304
|
if not request.user.is_authenticated:
|
|
306
|
-
return
|
|
305
|
+
return rv.restPermissionDenied(request, error="permission denied", error_code=401)
|
|
307
306
|
return func(request, *args, **kwargs)
|
|
308
307
|
return inner_func
|
|
309
308
|
|
|
@@ -319,7 +318,7 @@ def staff_required(func):
|
|
|
319
318
|
@wraps(func)
|
|
320
319
|
def inner_func(request=None, *args, **kwargs):
|
|
321
320
|
if not request.user.is_authenticated or not request.user.is_staff:
|
|
322
|
-
return
|
|
321
|
+
return rv.restPermissionDenied(request, error="staff request denied", error_code=402)
|
|
323
322
|
return func(request, *args, **kwargs)
|
|
324
323
|
return inner_func
|
|
325
324
|
|
|
@@ -328,7 +327,7 @@ def superuser_required(func):
|
|
|
328
327
|
@wraps(func)
|
|
329
328
|
def inner_func(request=None, *args, **kwargs):
|
|
330
329
|
if not request.user.is_authenticated or not request.user.is_superuser:
|
|
331
|
-
return
|
|
330
|
+
return rv.restPermissionDenied(request, error="admin request denied", error_code=402)
|
|
332
331
|
return func(request, *args, **kwargs)
|
|
333
332
|
return inner_func
|
|
334
333
|
|
|
@@ -340,7 +339,7 @@ class requires_params(object):
|
|
|
340
339
|
def __call__(self, func):
|
|
341
340
|
def inner_func(request=None, *args, **kwargs):
|
|
342
341
|
if not request.DATA.hasRequired(self.params):
|
|
343
|
-
return restPermissionDenied(request, error="missing required fields")
|
|
342
|
+
return rv.restPermissionDenied(request, error="missing required fields")
|
|
344
343
|
return func(request, *args, **kwargs)
|
|
345
344
|
return inner_func
|
|
346
345
|
|
|
@@ -353,7 +352,7 @@ class perm_required(object):
|
|
|
353
352
|
def inner_func(request=None, *args, **kwargs):
|
|
354
353
|
status, error, code = rh.requestHasPerms(request, self.perms)
|
|
355
354
|
if not status:
|
|
356
|
-
return
|
|
355
|
+
return rv.restPermissionDenied(request, error=error, error_code=code)
|
|
357
356
|
return func(request, *args, **kwargs)
|
|
358
357
|
return inner_func
|
|
359
358
|
|
|
@@ -367,9 +366,9 @@ class post_perm_required(object):
|
|
|
367
366
|
if request.method == "post":
|
|
368
367
|
status, error, code = rh.requestHasPerms(request, self.perms)
|
|
369
368
|
if not status:
|
|
370
|
-
return
|
|
369
|
+
return rv.restPermissionDenied(request, error=error, error_code=code)
|
|
371
370
|
elif not request.user.is_authenticated:
|
|
372
|
-
return
|
|
371
|
+
return rv.restPermissionDenied(request, error="permission denied", error_code=401)
|
|
373
372
|
return func(request, *args, **kwargs)
|
|
374
373
|
return inner_func
|
|
375
374
|
|
|
@@ -379,7 +378,7 @@ def ip_whitelist(func, *args, **kwargs):
|
|
|
379
378
|
def inner_func(request=None, *args, **kwargs):
|
|
380
379
|
request_ip = request.META['REMOTE_ADDR']
|
|
381
380
|
if request_ip not in settings.AUTHORIZED_IPS:
|
|
382
|
-
return
|
|
381
|
+
return rv.restPermissionDenied(request, error="permission denied")
|
|
383
382
|
return func(request, *args, **kwargs)
|
|
384
383
|
return inner_func
|
|
385
384
|
|
rest/models/metadata.py
CHANGED
|
@@ -213,7 +213,7 @@ class MetaDataModel(object):
|
|
|
213
213
|
self
|
|
214
214
|
)
|
|
215
215
|
request.member.notifyWithPermission(props.notify, subject, msg, email_only=True)
|
|
216
|
-
raise re.PermissionDeniedException(subject)
|
|
216
|
+
raise re.PermissionDeniedException(subject, 481)
|
|
217
217
|
|
|
218
218
|
def setProperties(self, data, category=None, request=None, using=None):
|
|
219
219
|
for k, v in data.items():
|
rest/serializers/response.py
CHANGED
|
@@ -95,6 +95,8 @@ def restResponseLog(request, resp):
|
|
|
95
95
|
|
|
96
96
|
|
|
97
97
|
def restPermissionDenied(request, error="permission denied", error_code=403):
|
|
98
|
+
# from rest import helpers as rh
|
|
99
|
+
# rh.log_error(error)
|
|
98
100
|
return restStatus(request, False, error=error, error_code=error_code)
|
|
99
101
|
|
|
100
102
|
|
taskqueue/models.py
CHANGED
|
@@ -61,6 +61,7 @@ class Task(models.Model, RestModel):
|
|
|
61
61
|
DEFAULT_SORT = "-modified"
|
|
62
62
|
POST_SAVE_FIELDS = ["action"]
|
|
63
63
|
SEARCH_FIELDS = ["channel", "model", "fname", "data"]
|
|
64
|
+
VIEW_PERMS = ["tq_view"]
|
|
64
65
|
SEARCH_TERMS = [
|
|
65
66
|
"channel", "model", "fname",
|
|
66
67
|
"data", "reason", "runtime", "state"
|
|
@@ -469,6 +470,7 @@ class TaskHook(models.Model, RestModel, MetaDataModel):
|
|
|
469
470
|
CAN_DELETE = True
|
|
470
471
|
DEFAULT_SORT = "-modified"
|
|
471
472
|
SEARCH_FIELDS = ["channel", "model", "endpoint"]
|
|
473
|
+
VIEW_PERMS = ["tq_view"]
|
|
472
474
|
SEARCH_TERMS = [
|
|
473
475
|
"channel", "model", "fname",
|
|
474
476
|
"data", "reason", "runtime", "state"
|
taskqueue/rpc.py
CHANGED
|
@@ -27,12 +27,12 @@ def rest_on_tasklog(request, pk=None):
|
|
|
27
27
|
@rd.url(r'^task/schedule$')
|
|
28
28
|
@rd.url(r'^task/schedule/(?P<pk>\d+)$')
|
|
29
29
|
@rd.login_required
|
|
30
|
-
def
|
|
30
|
+
def rest_on_tasklog_schedule(request, pk=None):
|
|
31
31
|
return tq.ScheduledTask.on_rest_request(request, pk)
|
|
32
32
|
|
|
33
33
|
|
|
34
34
|
@rd.urlPOST(r'^task/publish$')
|
|
35
|
-
@rd.perm_required("
|
|
35
|
+
@rd.perm_required(["manage_users", "tq_publish"])
|
|
36
36
|
def rest_on_task_publish(request, pk=None):
|
|
37
37
|
app = request.DATA.get("app").strip()
|
|
38
38
|
module = request.DATA.get("module").strip()
|
telephony/models.py
CHANGED
|
@@ -12,6 +12,7 @@ class SMS(models.Model, RestModel):
|
|
|
12
12
|
CAN_CREATE = False
|
|
13
13
|
CAN_DELETE = True
|
|
14
14
|
DEFAULT_SORT = "-created"
|
|
15
|
+
VIEW_PERMS = ["view_logs", "view_telephony"]
|
|
15
16
|
QUERY_FIELDS = ["endpoint", "srcpoint"]
|
|
16
17
|
SEARCH_FIELDS = ["endpoint", "srcpoint"]
|
|
17
18
|
SEARCH_TERMS = [
|
|
@@ -175,6 +176,7 @@ class SMS(models.Model, RestModel):
|
|
|
175
176
|
class PhonenumberInfo(models.Model, RestModel):
|
|
176
177
|
class RestMeta:
|
|
177
178
|
CAN_CREATE = False
|
|
179
|
+
VIEW_PERMS = ["view_logs", "view_telephony"]
|
|
178
180
|
QUERY_FIELDS = ["number", "owner_name"]
|
|
179
181
|
SEARCH_FIELDS = ["number", "owner_name"]
|
|
180
182
|
SEARCH_TERMS = [
|
telephony/rpc.py
CHANGED
|
@@ -17,14 +17,12 @@ except ImportError:
|
|
|
17
17
|
|
|
18
18
|
@rd.url('sms/msg')
|
|
19
19
|
@rd.url('sms/msg/<int:pk>')
|
|
20
|
-
@rd.perm_required("view_logs")
|
|
21
20
|
def handle_sms_list(request, pk=None):
|
|
22
21
|
return SMS.on_rest_request(request, pk)
|
|
23
22
|
|
|
24
23
|
|
|
25
24
|
@rd.urlGET('info')
|
|
26
25
|
@rd.urlGET('info/<int:pk>')
|
|
27
|
-
@rd.perm_required("view_logs")
|
|
28
26
|
def handle_number_info(request, pk=None):
|
|
29
27
|
return PhonenumberInfo.on_rest_request(request, pk)
|
|
30
28
|
|
|
File without changes
|
|
File without changes
|