Commit d322c4f7 authored by Daniel Schreiber's avatar Daniel Schreiber

upgrade to Django 2.2

parent 543726b1
Pipeline #33314 failed with stage
in 21 seconds
......@@ -26,7 +26,7 @@ class Command(BaseCommand):
continue
try:
url = user.remote_reverse("health")
url = user.remote_reverse("api:health")
r = requests.get(url, headers=headers, timeout=5)
if r.status_code == 200:
......
......@@ -44,7 +44,7 @@ class Command(BaseCommand):
token = user.token()
headers = {'Authorization': 'token ' + str(token)}
try:
url = user.remote_reverse("health")
url = user.remote_reverse("api:health")
r = requests.get(url, headers=headers, timeout=5)
if r.status_code == 200:
logger.info("{} OK".format(user.username))
......
......@@ -100,17 +100,17 @@ class Migration(migrations.Migration):
migrations.AddField(
model_name='resource',
name='sp',
field=models.ForeignKey(verbose_name=b'SP', to='api.ServiceProvider'),
field=models.ForeignKey(verbose_name=b'SP', to='api.ServiceProvider', on_delete=models.PROTECT),
),
migrations.AddField(
model_name='attribute',
name='resource',
field=models.ForeignKey(related_name='attributes', to='api.Resource'),
field=models.ForeignKey(related_name='attributes', to='api.Resource', on_delete=models.CASCADE),
),
migrations.AddField(
model_name='tokenauthuser',
name='sp',
field=models.ForeignKey(blank=True, to='api.ServiceProvider', help_text=b'Must be set for type SP!', null=True, verbose_name=b'SP'),
field=models.ForeignKey(blank=True, to='api.ServiceProvider', help_text=b'Must be set for type SP!', null=True, verbose_name=b'SP', on_delete=models.PROTECT),
),
migrations.AddField(
model_name='tokenauthuser',
......
......@@ -47,6 +47,6 @@ class Migration(migrations.Migration):
migrations.AddField(
model_name='localresourcepolicy',
name='sp',
field=models.OneToOneField(verbose_name=b'SP', to='api.ServiceProvider'),
field=models.OneToOneField(verbose_name=b'SP', to='api.ServiceProvider', on_delete=models.CASCADE),
),
]
......@@ -29,7 +29,7 @@ from django.core.exceptions import ValidationError
from django.db import transaction, models
from django.contrib.auth.models import AbstractUser
from django.conf import settings
from django.core.urlresolvers import get_script_prefix
from django.urls import get_script_prefix
from django.db.models.signals import post_save
from django.dispatch import receiver
from django_choice_object import Choice
......@@ -135,7 +135,7 @@ class ServiceProvider(models.Model):
class LocalResourcePolicy(models.Model):
sp = models.OneToOneField(ServiceProvider, verbose_name="SP")
sp = models.OneToOneField(ServiceProvider, verbose_name="SP", on_delete=models.CASCADE)
delete_after_days = models.IntegerField(
default=90,
verbose_name="Default delete policy for resources",
......@@ -166,7 +166,7 @@ class Resource(models.Model):
updated = models.DateTimeField(auto_now=True)
expiry_date = models.DateTimeField(db_index=True)
deletion_date = models.DateTimeField(db_index=True)
sp = models.ForeignKey(ServiceProvider, verbose_name="SP")
sp = models.ForeignKey(ServiceProvider, verbose_name="SP", on_delete=models.PROTECT)
sp_primary_key = models.CharField(max_length=255,
blank=True,
verbose_name="Primary Key of resource in SP software")
......@@ -328,7 +328,7 @@ class Attribute(models.Model):
name = models.CharField(max_length=100, db_index=True)
default_value = models.CharField(max_length=100, blank=True)
value = models.CharField(max_length=100)
resource = models.ForeignKey(Resource, related_name="attributes")
resource = models.ForeignKey(Resource, related_name="attributes", on_delete=models.CASCADE)
vec_sp = models.IntegerField(verbose_name="VV (SP)", default=1)
vec_idp = models.IntegerField(verbose_name="VV (IdP)", default=0)
prio = models.CharField(verbose_name="Priority role",
......@@ -354,7 +354,9 @@ class TokenAuthUser(AbstractUser):
verbose_name="SP",
blank=True,
null=True,
help_text="Must be set for type SP!")
help_text="Must be set for type SP!",
on_delete=models.PROTECT,
)
realm = models.CharField(verbose_name="Realm",
max_length=100,
blank=True,
......
......@@ -51,7 +51,7 @@ class AttributeUpdateTest(APITestCase):
)
def test_attribute_update(self):
url = reverse('resource_attributes', args=[self.res.uuid])
url = reverse('api:resource_attributes', args=[self.res.uuid])
user = TokenAuthUser.objects.get(username='a_super')
self.client.force_authenticate(user=user, token=user.token())
......@@ -93,7 +93,7 @@ class AttributeUpdateTest(APITestCase):
self.assertEqual(2, QueueJob.objects.count())
def test_attribute_update_as_sp(self):
url = reverse('resource_attributes', args=[self.res.uuid])
url = reverse('api:resource_attributes', args=[self.res.uuid])
user = TokenAuthUser.objects.get(username='testservice')
self.client.force_authenticate(user=user, token=user.token())
......@@ -134,7 +134,7 @@ class AttributeUpdateTest(APITestCase):
self.assertEqual(2, QueueJob.objects.count())
def test_attribute_update_rejected(self):
url = reverse('resource_attributes', args=[self.res.uuid])
url = reverse('api:resource_attributes', args=[self.res.uuid])
user = TokenAuthUser.objects.get(username='b_sync')
self.client.force_authenticate(user=user, token=user.token())
......
......@@ -25,7 +25,7 @@ class AuthTestCommandTest(TestCase):
def test_success(self):
out = StringIO()
with requests_mock.Mocker() as m:
m.register_uri("GET", self.user.remote_reverse("health"), status_code=200)
m.register_uri("GET", self.user.remote_reverse("api:health"), status_code=200)
call_command("auth_test", stdout=out)
self.assertTrue(m.called)
self.assertEqual(out.getvalue(), "1 passed, 0 failed.\n")
......@@ -33,7 +33,7 @@ class AuthTestCommandTest(TestCase):
def test_failed(self):
out = StringIO()
with requests_mock.Mocker() as m:
m.register_uri("GET", self.user.remote_reverse("health"), status_code=500)
m.register_uri("GET", self.user.remote_reverse("api:health"), status_code=500)
call_command("auth_test", stdout=out)
self.assertTrue(m.called)
self.assertEqual(out.getvalue(), "0 passed, 1 failed.\n\nFailed:\nb_sync\n")
......@@ -41,7 +41,7 @@ class AuthTestCommandTest(TestCase):
def test_connection_failed(self):
out = StringIO()
with requests_mock.Mocker() as m:
m.register_uri("GET", self.user.remote_reverse("health"), exc=requests.exceptions.ConnectTimeout)
m.register_uri("GET", self.user.remote_reverse("api:health"), exc=requests.exceptions.ConnectTimeout)
call_command("auth_test", stdout=out)
self.assertTrue(m.called)
self.assertEqual(out.getvalue(), "0 passed, 1 failed.\n\nFailed:\nb_sync\n")
......@@ -51,7 +51,7 @@ class AuthTestCommandTest(TestCase):
self.user.save()
out = StringIO()
with requests_mock.Mocker() as m:
m.register_uri("GET", self.user.remote_reverse("health"))
m.register_uri("GET", self.user.remote_reverse("api:health"))
call_command("auth_test", stdout=out)
self.assertFalse(m.called)
self.assertEqual(out.getvalue(), "0 passed, 1 failed.\n\nFailed:\nb_sync\n")
......
......@@ -32,7 +32,7 @@ class AttributeUpdateTest(APITestCase):
realm="b.edu")
def test_health(self):
url = reverse('health')
url = reverse('api:health')
user = TokenAuthUser.objects.get(username='a_super')
token = Token.objects.get(user_id=user)
......@@ -83,7 +83,7 @@ class TestHealthCommand(TestCase):
remote_user.save()
with requests_mock.Mocker() as m:
m.register_uri("GET", remote_user.remote_reverse("health"), status_code=500)
m.register_uri("GET", remote_user.remote_reverse("api:health"), status_code=500)
with self.assertRaises(SystemExit) as ex:
call_command("check_health")
self.assertEqual(ex.exception.code, 1)
......@@ -97,7 +97,7 @@ class TestHealthCommand(TestCase):
remote_user.save()
with requests_mock.Mocker() as m:
m.register_uri("GET", remote_user.remote_reverse("health"), exc=requests.exceptions.ConnectTimeout)
m.register_uri("GET", remote_user.remote_reverse("api:health"), exc=requests.exceptions.ConnectTimeout)
with self.assertRaises(SystemExit) as ex:
call_command("check_health")
self.assertEqual(ex.exception.code, 1)
......@@ -18,6 +18,6 @@ class TokenAuthUserTest(APITestCase):
realm="a.edu")
def test_remote_reverse(self):
self.assertEqual(
self.a_super.remote_reverse("health"),
self.a_super.remote_reverse("api:health"),
"http://api.a.edu:7000/foobar/health/"
)
......@@ -63,7 +63,7 @@ class SyncResourceTest(TestCase):
"""
transfer_data = '{"foo": "bar"}'
with requests_mock.Mocker() as m:
m.register_uri('POST', self.remote_user.remote_reverse("resource_list"), status_code=201)
m.register_uri('POST', self.remote_user.remote_reverse("api:resource_list"), status_code=201)
queue_utils.sync_resource(self.remote_user, transfer_data)
self.assertTrue(m.called)
# content matches
......@@ -77,7 +77,7 @@ class SyncResourceTest(TestCase):
"""
transfer_data = '{"foo": "bar"}'
with requests_mock.Mocker() as m:
m.register_uri('POST', self.remote_user.remote_reverse("resource_list"), status_code=500)
m.register_uri('POST', self.remote_user.remote_reverse("api:resource_list"), status_code=500)
with self.assertRaises(queue_utils.SyncException):
queue_utils.sync_resource(self.remote_user, transfer_data)
self.assertTrue(m.called)
......@@ -86,8 +86,8 @@ class SyncResourceTest(TestCase):
transfer_data = '{"foo": "bar", "uuid": "12345"}'
uuid = '12345'
with requests_mock.Mocker() as m:
m.register_uri('POST', self.remote_user.remote_reverse("resource_list"), status_code=400)
m.register_uri('GET', self.remote_user.remote_reverse("resource_detail", args=(uuid, )), status_code=200)
m.register_uri('POST', self.remote_user.remote_reverse("api:resource_list"), status_code=400)
m.register_uri('GET', self.remote_user.remote_reverse("api:resource_detail", args=(uuid, )), status_code=200)
queue_utils.sync_resource(self.remote_user, transfer_data)
self.assertTrue(m.called)
......@@ -95,8 +95,8 @@ class SyncResourceTest(TestCase):
transfer_data = '{"foo": "bar", "uuid": "12345"}'
uuid = '12345'
with requests_mock.Mocker() as m:
m.register_uri('POST', self.remote_user.remote_reverse("resource_list"), status_code=400)
m.register_uri('GET', self.remote_user.remote_reverse("resource_detail", args=(uuid, )), status_code=404)
m.register_uri('POST', self.remote_user.remote_reverse("api:resource_list"), status_code=400)
m.register_uri('GET', self.remote_user.remote_reverse("api:resource_detail", args=(uuid, )), status_code=404)
with self.assertRaises(queue_utils.SyncException):
queue_utils.sync_resource(self.remote_user, transfer_data)
self.assertTrue(m.called)
......@@ -131,7 +131,7 @@ class SyncAttributesTest(TestCase):
}
])
with requests_mock.Mocker() as m:
m.register_uri('PUT', self.remote_user.remote_reverse("resource_attributes", args=(self.r.pk, )), status_code=200, text=answer)
m.register_uri('PUT', self.remote_user.remote_reverse("api:resource_attributes", args=(self.r.pk, )), status_code=200, text=answer)
queue_utils.sync_attributes(self.remote_user, transfer_data, str(self.r.pk))
foo = Attribute.objects.get(pk=self.foo.pk)
self.assertEquals(foo.vec_idp, 2)
......@@ -145,7 +145,7 @@ class SyncAttributesTest(TestCase):
}
])
with requests_mock.Mocker() as m:
m.register_uri('PUT', self.remote_user.remote_reverse("resource_attributes", args=(self.r.pk, )), status_code=404, text=answer)
m.register_uri('PUT', self.remote_user.remote_reverse("api:resource_attributes", args=(self.r.pk, )), status_code=404, text=answer)
with self.assertRaises(queue_utils.SyncException):
queue_utils.sync_attributes(self.remote_user, transfer_data, str(self.r.pk))
......@@ -162,18 +162,18 @@ class DeleteResourceTest(TestCase):
def test_success(self):
uuid = "12345"
with requests_mock.Mocker() as m:
m.register_uri('DELETE', self.remote_user.remote_reverse("resource_detail", args=(uuid, )), status_code=200)
m.register_uri('DELETE', self.remote_user.remote_reverse("api:resource_detail", args=(uuid, )), status_code=200)
queue_utils.delete_resource(self.remote_user, uuid)
def test_not_found(self):
uuid = "12345"
with requests_mock.Mocker() as m:
m.register_uri('DELETE', self.remote_user.remote_reverse("resource_detail", args=(uuid, )), status_code=404)
m.register_uri('DELETE', self.remote_user.remote_reverse("api:resource_detail", args=(uuid, )), status_code=404)
queue_utils.delete_resource(self.remote_user, uuid)
def test_failure(self):
uuid = "12345"
with requests_mock.Mocker() as m:
m.register_uri('DELETE', self.remote_user.remote_reverse("resource_detail", args=(uuid, )), status_code=500)
m.register_uri('DELETE', self.remote_user.remote_reverse("api:resource_detail", args=(uuid, )), status_code=500)
with self.assertRaises(queue_utils.SyncException):
queue_utils.delete_resource(self.remote_user, uuid)
......@@ -53,7 +53,7 @@ class ResourceUpdatedTest(APITestCase):
self.resource_update_signals.append((sender, resource, user_type))
def test_attribute_update(self):
url = reverse('resource_attributes', args=[self.res.uuid])
url = reverse('api:resource_attributes', args=[self.res.uuid])
user = TokenAuthUser.objects.get(username='a_super')
self.client.force_authenticate(user=user, token=user.token())
......@@ -110,7 +110,7 @@ class ResourceCreatedTest(APITestCase):
self.created_signal_calls.append((sender, resource, user_type))
def test_create_resource(self):
url = reverse('resource_list')
url = reverse('api:resource_list')
user = TokenAuthUser.objects.get(username='a_super')
self.client.force_authenticate(user=user, token=user.token())
......
......@@ -43,7 +43,7 @@ class SyncNewResourceTest(APITestCase):
vec_idp=0)
def test_sync_new_resource(self):
url = reverse('resource_list')
url = reverse('api:resource_list')
user = TokenAuthUser.objects.get(username='b_sync')
self.client.force_authenticate(user=user, token=user.token())
......
......@@ -83,7 +83,7 @@ class ResourceDeleteTest(APITestCase):
def _test_delete(self, res, user, queue_delta):
qlen = QueueJob.objects.filter(res_uuid=res.uuid).count()
self.client.force_authenticate(user=user, token=user.token())
self.client.delete(reverse('resource_detail', kwargs={'uuid': res.uuid}))
self.client.delete(reverse('api:resource_detail', kwargs={'uuid': res.uuid}))
# resource has been deleted
self.assertEqual(Resource.objects.filter(uuid=res.uuid).count(), 0)
# no queueJob has been created
......@@ -151,7 +151,7 @@ class ResourceCreateTest(APITestCase):
sp=self.local_sp,
sp_primary_key="usera@a.edu",
)
self.url = reverse('resource_list')
self.url = reverse('api:resource_list')
self.res = Resource()
self.queue_data = JSONRenderer().render(ResourceSerializer(self.localResource).data)
......@@ -204,14 +204,14 @@ class ResourceGetTest(APITestCase):
def test_unauthenticated(self):
invalid_uuid = str(uuid.uuid4())
url = reverse("resource_detail", args=(invalid_uuid,))
url = reverse("api:resource_detail", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 401)
def test_not_exist(self):
invalid_uuid = str(uuid.uuid4())
self.client.force_authenticate(self.sp_user)
url = reverse("resource_detail", args=(invalid_uuid,))
url = reverse("api:resource_detail", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 404)
......@@ -220,7 +220,7 @@ class ResourceGetTest(APITestCase):
r.full_clean()
r.save()
self.client.force_authenticate(self.sp_user)
url = reverse("resource_detail", args=(r.pk,))
url = reverse("api:resource_detail", args=(r.pk,))
r = self.client.get(url)
self.assertEqual(r.status_code, 200)
......@@ -244,14 +244,14 @@ class AttributesTest(APITestCase):
def test_unauthenticated(self):
invalid_uuid = str(uuid.uuid4())
url = reverse("resource_attributes", args=(invalid_uuid,))
url = reverse("api:resource_attributes", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 401)
def test_not_exist(self):
invalid_uuid = str(uuid.uuid4())
self.client.force_authenticate(self.sp_user)
url = reverse("resource_attributes", args=(invalid_uuid,))
url = reverse("api:resource_attributes", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 404)
......@@ -260,7 +260,7 @@ class AttributesTest(APITestCase):
r.full_clean()
r.save()
self.client.force_authenticate(self.sp_user)
url = reverse("resource_attributes", args=(r.pk,))
url = reverse("api:resource_attributes", args=(r.pk,))
r = self.client.get(url)
self.assertEqual(r.status_code, 200)
......@@ -284,20 +284,20 @@ class ServiceProviderGetTest(APITestCase):
def test_unauthenticated(self):
invalid_uuid = str(uuid.uuid4())
url = reverse("service_detail", args=(invalid_uuid,))
url = reverse("api:service_detail", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 401)
def test_not_exist(self):
invalid_uuid = str(uuid.uuid4())
self.client.force_authenticate(self.sp_user)
url = reverse("service_detail", args=(invalid_uuid,))
url = reverse("api:service_detail", args=(invalid_uuid,))
r = self.client.get(url)
self.assertEqual(r.status_code, 404)
def test_regular(self):
self.client.force_authenticate(self.sp_user)
url = reverse("service_detail", args=(self.local_sp.pk,))
url = reverse("api:service_detail", args=(self.local_sp.pk,))
r = self.client.get(url)
self.assertEqual(r.status_code, 200)
......@@ -345,7 +345,7 @@ class CsvUploadViewTest(APITestCase):
sp=self.local_sp,
)
self.url = reverse('csv_upload')
self.url = reverse('api:csv_upload')
def test_upload_unauthenticated(self):
now = timezone.now()
......
......@@ -21,3 +21,4 @@ urlpatterns = [
]
urlpatterns = format_suffix_patterns(urlpatterns)
app_name = 'api'
......@@ -32,7 +32,7 @@ def dispatch_resource_sync(resource):
def sync_resource(sync_user, resource_json):
url = sync_user.remote_reverse("resource_list")
url = sync_user.remote_reverse("api:resource_list")
token = sync_user.token()
headers = {'Authorization': 'token ' + str(token),
'Content-type': 'application/json'}
......@@ -43,7 +43,7 @@ def sync_resource(sync_user, resource_json):
# status code could mean, resource exists on remote side
# try to fetch it an compare.
uuid = json.loads(resource_json)['uuid']
detail_url = sync_user.remote_reverse("resource_detail", args=(uuid,))
detail_url = sync_user.remote_reverse("api:resource_detail", args=(uuid,))
r2 = requests.get(detail_url, headers=headers)
if r2.status_code == 200:
logger.info("Resource {} already exists on remote side".format(uuid))
......@@ -78,7 +78,7 @@ def dispatch_attributes_sync(attributes, res_uuid, dates):
def sync_attributes(sync_user, attributes_json, res_uuid):
url = sync_user.remote_reverse("resource_attributes", args=[res_uuid])
url = sync_user.remote_reverse("api:resource_attributes", args=[res_uuid])
token = sync_user.token()
headers = {'Authorization': 'token ' + str(token),
'Content-type': 'application/json'}
......@@ -118,7 +118,7 @@ def dispatch_deletion_sync(resource, res_uuid):
def delete_resource(sync_user, res_uuid):
url = sync_user.remote_reverse("resource_detail", args=[res_uuid])
url = sync_user.remote_reverse("api:resource_detail", args=[res_uuid])
token = sync_user.token()
headers = {'Authorization': 'token ' + str(token),
'Content-type': 'application/json'}
......
......@@ -8,7 +8,7 @@ except ImportError:
from urllib.parse import urljoin
from django.conf import settings
from django.core.urlresolvers import get_script_prefix
from django.urls import get_script_prefix
from rest_framework.authtoken.models import Token
from rest_framework.reverse import reverse
......
......@@ -121,7 +121,7 @@ class ResourceList(AuthAPIView):
if sp_primary_key:
try:
obj = Resource.objects.get(sp=request.user.sp, sp_primary_key=sp_primary_key)
location = local_reverse("resource_detail", args=[str(obj.uuid)])
location = local_reverse("api:resource_detail", args=[str(obj.uuid)])
return Response(status=status.HTTP_201_CREATED, headers={"Location": location})
except Resource.DoesNotExist:
pass
......@@ -137,7 +137,7 @@ class ResourceList(AuthAPIView):
if not ServiceProvider.objects.filter(uuid=request.data["sp"]).exists():
# That is the case, thus fetching that SP entry is now a priority
foreign_api_url = request.user\
.remote_reverse('service_detail', args=[request.data["sp"]])
.remote_reverse('api:service_detail', args=[request.data["sp"]])
headers = {'Authorization': 'token ' + str(request.auth)}
r = requests.get(foreign_api_url, headers=headers, timeout=5)
......@@ -172,7 +172,7 @@ class ResourceList(AuthAPIView):
# Dispatch resource sync procedure in queue
dispatch_resource_sync(obj)
location = local_reverse("resource_detail", args=[str(obj.uuid)])
location = local_reverse("api:resource_detail", args=[str(obj.uuid)])
return Response(status=status.HTTP_201_CREATED, headers={"Location": location})
return Response(ser.errors, status=status.HTTP_400_BAD_REQUEST)
except requests.exceptions.Timeout:
......@@ -255,7 +255,7 @@ class ResourceAttributes(AuthAPIView):
res = resource.update_attribute(request.data, request.user.user_type)
location = local_reverse("resource_attributes", args=[str(uuid)])
location = local_reverse("api:resource_attributes", args=[str(uuid)])
return Response(data=res, status=status.HTTP_200_OK, headers={"Location": location})
......
......@@ -48,15 +48,14 @@ REST_FRAMEWORK = {
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
}
MIDDLEWARE_CLASSES = [
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware',
]
ROOT_URLCONF = 'frms.urls'
......
......@@ -48,7 +48,7 @@ LOGGING = {
},
}
MIDDLEWARE_CLASSES.append('usergui.middleware.DevelopmentUserEppnMiddleware')
MIDDLEWARE.append('usergui.middleware.DevelopmentUserEppnMiddleware')
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'geqe0rie1_ibza*n311yx53w+eq=9ysv##i07-nfs-d9#o7krl'
......@@ -21,8 +21,8 @@ Anpassungen für Shibboleth/REMOTE_USER
https://docs.djangoproject.com/en/1.8/howto/auth-remote-user/
"""
#MIDDLEWARE_CLASSES.append('django.contrib.auth.middleware.AuthenticationMiddleware')
MIDDLEWARE_CLASSES.append('django.contrib.auth.middleware.RemoteUserMiddleware')
MIDDLEWARE_CLASSES.append('usergui.middleware.RemoteUserEppnMiddleware')
MIDDLEWARE.append('django.contrib.auth.middleware.RemoteUserMiddleware')
MIDDLEWARE.append('usergui.middleware.RemoteUserEppnMiddleware')
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.RemoteUserBackend',
......@@ -108,8 +108,8 @@ if os.environ.get("DOCKER", "") == "1":
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
]
MIDDLEWARE_CLASSES.append('django.contrib.auth.middleware.AuthenticationMiddleware')
MIDDLEWARE_CLASSES.remove('django.contrib.auth.middleware.RemoteUserMiddleware')
MIDDLEWARE.append('django.contrib.auth.middleware.AuthenticationMiddleware')
MIDDLEWARE.remove('django.contrib.auth.middleware.RemoteUserMiddleware')
from settings_docker import *
else:
......
......@@ -45,15 +45,14 @@ REST_FRAMEWORK = {
'PAGE_SIZE': 10
}
MIDDLEWARE_CLASSES = [
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware',
]
ROOT_URLCONF = 'frms.urls'
......@@ -147,7 +146,7 @@ LOGGING = {
},
}
MIDDLEWARE_CLASSES.append('usergui.middleware.DevelopmentUserEppnMiddleware')
MIDDLEWARE.append('usergui.middleware.DevelopmentUserEppnMiddleware')
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'geqe0rie1_ibza*n311yx53w+eq=9ysv##i07-nfs-d9#o7krl'
......@@ -3,7 +3,7 @@ from django.contrib import admin
urlpatterns = [
url(r'^', include('api.urls')),
url(r'^', include('api.urls', namespace='api')),
url(r'^user/', include('usergui.urls', namespace="usergui")),
url(r'^admin/', include(admin.site.urls)),
url(r'^admin/', admin.site.urls),
]
......@@ -5,22 +5,31 @@ import getpass
import os
class RemoteUserEppnMiddleware(object):
def __init__(self, get_response):
self.get_response = get_response
"""
Stores the username from REMOTE_USER in request.eppn.
"""
def process_request(self, request):
def __call__(self, request):
if "REMOTE_USER" in request.META:
request.eppn = request.META["REMOTE_USER"]
else:
request.eppn = None
response = self.get_response(request)
return response
class DevelopmentUserEppnMiddleware(object):
def __init__(self, get_response):
self.get_response = get_response
"""
Stores the username of the current user in request.eppn
"""
def process_request(self, request):
def __call__(self, request):
if "LOGNAME" in os.environ:
logname = os.environ["LOGNAME"]
request.eppn = logname
else:
request.eppn = "{}@tu-chemnitz.de".format(getpass.getuser())
response = self.get_response(request)
return response
......@@ -8,3 +8,4 @@ urlpatterns = [
url('^$', views.index, name='index'),
url('^detail/(?P<uuid>[^/]+)/$', views.detail, name="detail"),
]
app_name = 'usergui'