linter

2024-08-19 13:43:40 +00:00 · 2021-05-13 19:43:39 +02:00 · 2021-05-13 19:43:39 +02:00 · a234be0981
commit a234be0981
parent f70b97677f
2 changed files with 18 additions and 19 deletions
--- a/api/permissions.py
+++ b/api/permissions.py
@ -213,7 +213,7 @@ class AutodetectACLPermission(permissions.BasePermission):

        return [perm(obj) for perm in self.perms_obj_map[method]]

-    @ staticmethod
+    @staticmethod
    def _queryset(view):
        return _get_param_in_view(view, "queryset")

@ -240,7 +240,9 @@ class AutodetectACLPermission(permissions.BasePermission):
        if getattr(view, "_ignore_model_permissions", False):
            return True

-        if not getattr(view, "queryset", None):
+        # Bypass permission verifications if it is a functional view
+        # (permissions are handled by ACL)
+        if not hasattr(view, "queryset") and not hasattr(view, "get_queryset"):
            return True

        if not request.user or not request.user.is_authenticated:
@ -277,8 +279,7 @@ class AutodetectACLPermission(permissions.BasePermission):
            # they have read permissions to see 403, or not, and simply see
            # a 404 response.

-            SAFE_METHODS = ("GET", "OPTIONS", "HEAD",
-                            "POST", "PUT", "PATCH", "DELETE")
+            SAFE_METHODS = ("GET", "OPTIONS", "HEAD", "POST", "PUT", "PATCH", "DELETE")

            if request.method in SAFE_METHODS:
                # Read permissions already checked and failed, no need
--- a/freeradius_utils/auth.py
+++ b/freeradius_utils/auth.py
@ -34,12 +34,12 @@ https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_pyth
 Inspired by Daniel Stan in Crans
 """

+import logging
 import os
 import sys
-import logging
 import traceback
-import radiusd  # Magic module freeradius (radiusd.py is dummy)

+import radiusd  # Magic module freeradius (radiusd.py is dummy)
 from django.core.wsgi import get_wsgi_application
 from django.db.models import Q

@ -54,11 +54,10 @@ os.chdir(proj_path)
 # This is so models get loaded.
 application = get_wsgi_application()

-from machines.models import Interface, IpList, Nas, Domain
+from machines.models import Domain, Interface, IpList, Nas
+from preferences.models import RadiusOption
 from topologie.models import Port, Switch
 from users.models import User
-from preferences.models import RadiusOption
-


 # Logging
@ -76,7 +75,7 @@ class RadiusdHandler(logging.Handler):
        radiusd.radlog(rad_sig, str(record.msg))


-# Init for logging 
+# Init for logging
 logger = logging.getLogger("auth.py")
 logger.setLevel(logging.DEBUG)
 formatter = logging.Formatter("%(name)s: [%(levelname)s] %(message)s")
@ -97,7 +96,7 @@ def radius_event(fun):
    """

    def new_f(auth_data):
-        """ The function transforming the tuples as dict """
+        """The function transforming the tuples as dict """
        if isinstance(auth_data, dict):
            data = auth_data
        else:
@ -132,10 +131,10 @@ def authorize(data):
    - If the nas is known, we apply the 802.1X if enabled,
    - It the nas is known AND nas auth is enabled with mac address, returns
    accept here"""
-    # For proxified request, split 
+    # For proxified request, split
    nas = data.get("NAS-IP-Address", data.get("NAS-Identifier", None))
    nas_instance = find_nas_from_request(nas)
-    # For none proxified requests 
+    # For none proxified requests
    nas_type = None
    if nas_instance:
        nas_type = Nas.objects.filter(nas_type=nas_instance.machine_type).first()
@ -162,12 +161,11 @@ def authorize(data):

@radius_event
 def post_auth(data):
-    """ Function called after the user is authenticated
-    """
+    """ Function called after the user is authenticated"""

    nas = data.get("NAS-IP-Address", data.get("NAS-Identifier", None))
    nas_instance = find_nas_from_request(nas)
-    # All non proxified requests 
+    # All non proxified requests
    if not nas_instance:
        logger.info("Proxified request, nas unknown")
        return radiusd.RLM_MODULE_OK
@ -309,7 +307,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
            - no room : Decision set in Re2o RadiusOption,
            - no user in this room : Reject,
            - user of this room is banned or disable : Reject,
-            - user of this room non-contributor and not whitelisted: 
+            - user of this room non-contributor and not whitelisted:
            Decision set in Re2o RadiusOption
        - mode common :
            - mac-address already registered:
@ -336,7 +334,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
    }
    # Get port from switch and port number
    extra_log = ""
-    # If NAS is unknown, go to default vlan 
+    # If NAS is unknown, go to default vlan
    if not nas_machine:
        return (
            "?",
@ -366,7 +364,7 @@ def decide_vlan_switch(nas_machine, nas_type, port_number, mac_address):
            RadiusOption.get_cached_value("unknown_port") != RadiusOption.REJECT,
            RadiusOption.get_attributes("unknown_port_attributes", attributes_kwargs),
        )
- 
+
    # Retrieve port profile
    port_profile = port.get_port_profile