mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-21 19:03:11 +00:00
linter
This commit is contained in:
parent
f70b97677f
commit
a234be0981
2 changed files with 18 additions and 19 deletions
|
@ -213,7 +213,7 @@ class AutodetectACLPermission(permissions.BasePermission):
|
|||
|
||||
return [perm(obj) for perm in self.perms_obj_map[method]]
|
||||
|
||||
@ staticmethod
|
||||
@staticmethod
|
||||
def _queryset(view):
|
||||
return _get_param_in_view(view, "queryset")
|
||||
|
||||
|
@ -240,7 +240,9 @@ class AutodetectACLPermission(permissions.BasePermission):
|
|||
if getattr(view, "_ignore_model_permissions", False):
|
||||
return True
|
||||
|
||||
if not getattr(view, "queryset", None):
|
||||
# Bypass permission verifications if it is a functional view
|
||||
# (permissions are handled by ACL)
|
||||
if not hasattr(view, "queryset") and not hasattr(view, "get_queryset"):
|
||||
return True
|
||||
|
||||
if not request.user or not request.user.is_authenticated:
|
||||
|
@ -277,8 +279,7 @@ class AutodetectACLPermission(permissions.BasePermission):
|
|||
# they have read permissions to see 403, or not, and simply see
|
||||
# a 404 response.
|
||||
|
||||
SAFE_METHODS = ("GET", "OPTIONS", "HEAD",
|
||||
"POST", "PUT", "PATCH", "DELETE")
|
||||
SAFE_METHODS = ("GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE")
|
||||
|
||||
if request.method in SAFE_METHODS:
|
||||
# Read permissions already checked and failed, no need
|
||||
|
|
|
@ -34,12 +34,12 @@ https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_pyth
|
|||
Inspired by Daniel Stan in Crans
|
||||
"""
|
||||
|
||||
import logging
|
||||
import os
|
||||
import sys
|
||||
import logging
|
||||
import traceback
|
||||
import radiusd # Magic module freeradius (radiusd.py is dummy)
|
||||
|
||||
import radiusd # Magic module freeradius (radiusd.py is dummy)
|
||||
from django.core.wsgi import get_wsgi_application
|
||||
from django.db.models import Q
|
||||
|
||||
|
@ -54,11 +54,10 @@ os.chdir(proj_path)
|
|||
# This is so models get loaded.
|
||||
application = get_wsgi_application()
|
||||
|
||||
from machines.models import Interface, IpList, Nas, Domain
|
||||
from machines.models import Domain, Interface, IpList, Nas
|
||||
from preferences.models import RadiusOption
|
||||
from topologie.models import Port, Switch
|
||||
from users.models import User
|
||||
from preferences.models import RadiusOption
|
||||
|
||||
|
||||
|
||||
# Logging
|
||||
|
@ -76,7 +75,7 @@ class RadiusdHandler(logging.Handler):
|
|||
radiusd.radlog(rad_sig, str(record.msg))
|
||||
|
||||
|
||||
# Init for logging
|
||||
# Init for logging
|
||||
logger = logging.getLogger("auth.py")
|
||||
logger.setLevel(logging.DEBUG)
|
||||
formatter = logging.Formatter("%(name)s: [%(levelname)s] %(message)s")
|
||||
|
@ -97,7 +96,7 @@ def radius_event(fun):
|
|||
"""
|
||||
|
||||
def new_f(auth_data):
|
||||
""" The function transforming the tuples as dict """
|
||||
"""The function transforming the tuples as dict """
|
||||
if isinstance(auth_data, dict):
|
||||
data = auth_data
|
||||
else:
|
||||
|
@ -132,10 +131,10 @@ def authorize(data):
|
|||
- If the nas is known, we apply the 802.1X if enabled,
|
||||
- It the nas is known AND nas auth is enabled with mac address, returns
|
||||
accept here"""
|
||||
# For proxified request, split
|
||||
# For proxified request, split
|
||||
nas = data.get("NAS-IP-Address", data.get("NAS-Identifier", None))
|
||||
nas_instance = find_nas_from_request(nas)
|
||||
# For none proxified requests
|
||||
# For none proxified requests
|
||||
nas_type = None
|
||||
if nas_instance:
|
||||
nas_type = Nas.objects.filter(nas_type=nas_instance.machine_type).first()
|
||||
|
@ -162,12 +161,11 @@ def authorize(data):
|
|||
|
||||
@radius_event
|
||||
def post_auth(data):
|
||||
""" Function called after the user is authenticated
|
||||
"""
|
||||
""" Function called after the user is authenticated"""
|
||||
|
||||
nas = data.get("NAS-IP-Address", data.get("NAS-Identifier", None))
|
||||
nas_instance = find_nas_from_request(nas)
|
||||
# All non proxified requests
|
||||
# All non proxified requests
|
||||
if not nas_instance:
|
||||
logger.info("Proxified request, nas unknown")
|
||||
return radiusd.RLM_MODULE_OK
|
||||
|
@ -309,7 +307,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
|
|||
- no room : Decision set in Re2o RadiusOption,
|
||||
- no user in this room : Reject,
|
||||
- user of this room is banned or disable : Reject,
|
||||
- user of this room non-contributor and not whitelisted:
|
||||
- user of this room non-contributor and not whitelisted:
|
||||
Decision set in Re2o RadiusOption
|
||||
- mode common :
|
||||
- mac-address already registered:
|
||||
|
@ -336,7 +334,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
|
|||
}
|
||||
# Get port from switch and port number
|
||||
extra_log = ""
|
||||
# If NAS is unknown, go to default vlan
|
||||
# If NAS is unknown, go to default vlan
|
||||
if not nas_machine:
|
||||
return (
|
||||
"?",
|
||||
|
@ -366,7 +364,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
|
|||
RadiusOption.get_cached_value("unknown_port") != RadiusOption.REJECT,
|
||||
RadiusOption.get_attributes("unknown_port_attributes", attributes_kwargs),
|
||||
)
|
||||
|
||||
|
||||
# Retrieve port profile
|
||||
port_profile = port.get_port_profile
|
||||
|
||||
|
|
Loading…
Reference in a new issue