Commit 27adaffe authored by Lukas Burgey's avatar Lukas Burgey

Lint some code

parent 03e91116
......@@ -22,16 +22,19 @@ def _valid_vhost(request):
LOGGER.error('illegal vhost requested')
return False
def _valid_permission(request):
perm = request.POST.get('permission')
if perm != 'write':
if perm != 'write':
return True
LOGGER.error('illegal permission requested %s', perm)
return False
def _valid_user(request):
return _apiclient_valid(request) or _webpage_client_userid(request)
def _apiclient_valid(request):
valid = models.User.objects.filter(
user_type='apiclient',
......@@ -41,6 +44,7 @@ def _apiclient_valid(request):
return True
return False
def _apiclient_get(request):
user = models.User.objects.filter(
user_type='apiclient',
......@@ -52,6 +56,7 @@ def _apiclient_get(request):
LOGGER.error('unable to get user for request')
return None
def _webpage_client_userid(request):
userid = ''
username = request.POST.get('username')
......@@ -61,6 +66,7 @@ def _webpage_client_userid(request):
userid = components[1]
return userid
def _webpage_client_valid(request):
userid = _webpage_client_userid(request)
try:
......@@ -76,6 +82,7 @@ def _webpage_client_valid(request):
# VIEWS: authentication and authorization for
# apiclients and webpage-clients
def user_endpoint(request):
if _webpage_client_valid(request):
# LOGGER.info('Authenticated webpage client')
......@@ -86,13 +93,13 @@ def user_endpoint(request):
password=request.POST.get('password'),
)
if user is not None:
#LOGGER.info('Authenticated client as %s', user)
# LOGGER.info('Authenticated client as %s', user)
return ALLOW
LOGGER.error('Failed to authenticate user for RabbitMQ')
return DENY
def vhost_endpoint(request):
# check if on the correct virtual host
if _valid_vhost(request) and _valid_user(request):
......@@ -101,6 +108,7 @@ def vhost_endpoint(request):
LOGGER.error('Authorization check for vhost failed for %s', request.POST)
return DENY
def _resource_authorized_webpage_client(request):
resource = request.POST.get('resource')
name = request.POST.get('name', '')
......@@ -108,7 +116,7 @@ def _resource_authorized_webpage_client(request):
return (
resource == 'exchange'
and name == 'users'
and not 'write' in permission
and 'write' not in permission
) or (
resource == 'queue'
and name.startswith('stomp-subscription-')
......@@ -117,6 +125,7 @@ def _resource_authorized_webpage_client(request):
and name == _webpage_client_userid(request)
)
def _resource_authorized_apiclient(request):
resource = request.POST.get('resource')
name = request.POST.get('name', '')
......@@ -127,9 +136,10 @@ def _resource_authorized_apiclient(request):
) or (
resource == 'exchange'
and name in models.RabbitMQInstance.load().exchanges
and not 'write' in permission
and 'write' not in permission
)
def resource_auth_decision(request, decision):
user = request.POST.get('username')
permission = request.POST.get('permission', [])
......@@ -154,6 +164,7 @@ def resource_auth_decision(request, decision):
)
return decision
def resource_endpoint(request):
if _valid_vhost(request):
if (
......@@ -170,6 +181,7 @@ def resource_endpoint(request):
return resource_auth_decision(request, DENY)
def topic_auth_decision(request, decision):
user = request.POST.get('username')
permission = request.POST.get('permission', [])
......@@ -198,19 +210,21 @@ def topic_auth_decision(request, decision):
)
return decision
def topic_endpoint_webpageclient(request, webpage_client_userid):
permission = request.POST.get('permission', [])
try:
models.User.objects.get(id=webpage_client_userid)
if not 'write' in permission:
if 'write' not in permission:
return topic_auth_decision(request, ALLOW)
return topic_auth_decision(request, DENY)
except models.User.DoesNotExist:
return topic_auth_decision(request, DENY)
def topic_endpoint_apiclient(request, apiclient):
name = request.POST.get('name', '')
routing_key = request.POST.get('routing_key', '')
......@@ -246,6 +260,7 @@ def topic_endpoint_apiclient(request, apiclient):
return topic_auth_decision(request, DENY)
def topic_endpoint(request):
if not _valid_vhost(request) or not _valid_permission(request):
return DENY
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment