← Back to branch summary

~ubuntu-branches/ubuntu/raring/horizon/raring

« back to all changes in this revision

Viewing changes to .pc/CVE-2012-2144.patch/horizon/views/auth.py

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2012-05-24 14:33:20 UTC
  • mfrom: (1.1.14)
  • Revision ID: package-import@ubuntu.com-20120524143320-i7eswfq6ecxlvh5a
Tags: 2012.2~f1-0ubuntu1
* New usptream release. 
* Prepare for quantal:
  - debian/patches/fix-coverage-binary-name.patch: Refreshed.
* Temporarily pass the testsuite.

Show diffs side-by-side

added added

removed removed

Lines of Context:
.pc/CVE-2012-2144.patch/horizon/views/auth.py
1
 
# vim: tabstop=4 shiftwidth=4 softtabstop=4
2
 
 
3
 
# Copyright 2012 United States Government as represented by the
4
 
# Administrator of the National Aeronautics and Space Administration.
5
 
# All Rights Reserved.
6
 
#
7
 
# Copyright 2012 Nebula, Inc.
8
 
#
9
 
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
10
 
#    not use this file except in compliance with the License. You may obtain
11
 
#    a copy of the License at
12
 
#
13
 
#         http://www.apache.org/licenses/LICENSE-2.0
14
 
#
15
 
#    Unless required by applicable law or agreed to in writing, software
16
 
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17
 
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
18
 
#    License for the specific language governing permissions and limitations
19
 
#    under the License.
20
 
 
21
 
import logging
22
 
 
23
 
from django import shortcuts
24
 
from django.conf import settings
25
 
from django.contrib.auth import REDIRECT_FIELD_NAME
26
 
from django.utils.translation import ugettext as _
27
 
 
28
 
import horizon
29
 
from horizon import api
30
 
from horizon import exceptions
31
 
from horizon import forms
32
 
from horizon import users
33
 
from horizon.base import Horizon
34
 
from horizon.views.auth_forms import Login, LoginWithTenant, _set_session_data
35
 
 
36
 
 
37
 
LOG = logging.getLogger(__name__)
38
 
 
39
 
 
40
 
def user_home(request):
41
 
    """ Reversible named view to direct a user to the appropriate homepage. """
42
 
    return shortcuts.redirect(horizon.get_user_home(request.user))
43
 
 
44
 
 
45
 
class LoginView(forms.ModalFormView):
46
 
    """
47
 
    Logs in a user and redirects them to the URL specified by
48
 
    :func:`horizon.get_user_home`.
49
 
    """
50
 
    form_class = Login
51
 
    template_name = "horizon/auth/login.html"
52
 
 
53
 
    def get_context_data(self, **kwargs):
54
 
        context = super(LoginView, self).get_context_data(**kwargs)
55
 
        redirect_to = self.request.REQUEST.get(REDIRECT_FIELD_NAME, "")
56
 
        context["redirect_field_name"] = REDIRECT_FIELD_NAME
57
 
        context["next"] = redirect_to
58
 
        return context
59
 
 
60
 
    def get_initial(self):
61
 
        initial = super(LoginView, self).get_initial()
62
 
        current_region = self.request.session.get('region_endpoint', None)
63
 
        requested_region = self.request.GET.get('region', None)
64
 
        regions = dict(getattr(settings, "AVAILABLE_REGIONS", []))
65
 
        if requested_region in regions and requested_region != current_region:
66
 
            initial.update({'region': requested_region})
67
 
        return initial
68
 
 
69
 
 
70
 
def switch_tenants(request, tenant_id):
71
 
    """
72
 
    Swaps a user from one tenant to another using the unscoped token from
73
 
    Keystone to exchange scoped tokens for the new tenant.
74
 
    """
75
 
    form, handled = LoginWithTenant.maybe_handle(
76
 
            request, initial={'tenant': tenant_id,
77
 
                              'username': request.user.username})
78
 
    if handled:
79
 
        return handled
80
 
 
81
 
    unscoped_token = request.session.get('unscoped_token', None)
82
 
    if unscoped_token:
83
 
        try:
84
 
            token = api.token_create_scoped(request,
85
 
                                            tenant_id,
86
 
                                            unscoped_token)
87
 
            _set_session_data(request, token)
88
 
            user = users.User(users.get_user_from_request(request))
89
 
            return shortcuts.redirect(Horizon.get_user_home(user))
90
 
        except:
91
 
            exceptions.handle(request,
92
 
                              _("You are not authorized for that tenant."))
93
 
 
94
 
    return shortcuts.redirect("horizon:auth_login")
95
 
 
96
 
 
97
 
def logout(request):
98
 
    """ Clears the session and logs the current user out. """
99
 
    request.session.clear()
100
 
    # FIXME(gabriel): we don't ship a view named splash
101
 
    return shortcuts.redirect('splash')