本文整理汇总了Python中zerver.lib.utils.check_subdomain函数的典型用法代码示例。如果您正苦于以下问题:Python check_subdomain函数的具体用法?Python check_subdomain怎么用?Python check_subdomain使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了check_subdomain函数的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: validate_api_key
def validate_api_key(request, role, api_key, is_webhook=False):
# type: (HttpRequest, Text, Text, bool) -> Union[UserProfile, RemoteZulipServer]
# Remove whitespace to protect users from trivial errors.
role, api_key = role.strip(), api_key.strip()
if not is_remote_server(role):
try:
profile = get_user_profile_by_email(role) # type: Union[UserProfile, RemoteZulipServer]
except UserProfile.DoesNotExist:
raise JsonableError(_("Invalid user: %s") % (role,))
else:
try:
profile = get_remote_server_by_uuid(role)
except RemoteZulipServer.DoesNotExist:
raise JsonableError(_("Invalid Zulip server: %s") % (role,))
if api_key != profile.api_key:
if len(api_key) != 32:
reason = _("Incorrect API key length (keys should be 32 "
"characters long) for role '%s'")
else:
reason = _("Invalid API key for role '%s'")
raise JsonableError(reason % (role,))
# early exit for RemoteZulipServer instances
if settings.ZILENCER_ENABLED and isinstance(profile, RemoteZulipServer):
if not check_subdomain(get_subdomain(request), ""):
raise JsonableError(_("This API key only works on the root subdomain"))
return profile
profile = cast(UserProfile, profile) # is UserProfile
if not profile.is_active:
raise JsonableError(_("Account not active"))
if profile.is_incoming_webhook and not is_webhook:
raise JsonableError(_("Account is not valid to post webhook messages"))
if profile.realm.deactivated:
raise JsonableError(_("Realm for account has been deactivated"))
if (not check_subdomain(get_subdomain(request), profile.realm.subdomain) and
# Allow access to localhost for Tornado
not (settings.RUNNING_INSIDE_TORNADO and
request.META["SERVER_NAME"] == "127.0.0.1" and
request.META["REMOTE_ADDR"] == "127.0.0.1")):
logging.warning("User %s attempted to access API on wrong subdomain %s" % (
profile.email, get_subdomain(request)))
raise JsonableError(_("Account is not associated with this subdomain"))
return profile
示例2: clean_username
def clean_username(self):
# type: () -> str
email = self.cleaned_data['username']
try:
user_profile = get_user_profile_by_email(email)
except UserProfile.DoesNotExist:
return email
if user_profile.realm.deactivated:
error_msg = u"""Sorry for the trouble, but %s has been deactivated.
Please contact %s to reactivate this group.""" % (
user_profile.realm.name,
FromAddress.SUPPORT)
raise ValidationError(mark_safe(error_msg))
if not user_profile.is_active and not user_profile.is_mirror_dummy:
error_msg = (u"Sorry for the trouble, but your account has been "
u"deactivated. Please contact %s to reactivate "
u"it.") % (FromAddress.SUPPORT,)
raise ValidationError(mark_safe(error_msg))
if not check_subdomain(get_subdomain(self.request), user_profile.realm.subdomain):
logging.warning("User %s attempted to password login to wrong subdomain %s" %
(user_profile.email, get_subdomain(self.request)))
raise ValidationError(mark_safe(WRONG_SUBDOMAIN_ERROR))
return email
示例3: send_mail
def send_mail(self, subject_template_name, email_template_name,
context, from_email, to_email, html_email_template_name=None):
# type: (str, str, Dict[str, Any], str, str, str) -> None
"""
Currently we don't support accounts in multiple subdomains using
a single email address. We override this function so that we do
not send a reset link to an email address if the reset attempt is
done on the subdomain which does not match user.realm.subdomain.
Once we start supporting accounts with the same email in
multiple subdomains, we may be able to refactor this function.
A second reason we override this function is so that we can send
the mail through the functions in zerver.lib.send_email, to match
how we send all other mail in the codebase.
"""
user = get_user_profile_by_email(to_email)
attempted_subdomain = get_subdomain(getattr(self, 'request'))
context['attempted_realm'] = False
if not check_subdomain(user.realm.subdomain, attempted_subdomain):
context['attempted_realm'] = get_realm(attempted_subdomain)
send_email('zerver/emails/password_reset', to_user_id=user.id,
from_name="Zulip Account Security",
from_address=FromAddress.NOREPLY, context=context)
示例4: send_mail
def send_mail(self, subject_template_name, email_template_name,
context, from_email, to_email, html_email_template_name=None):
# type: (str, str, Dict[str, Any], str, str, str) -> None
"""
Currently we don't support accounts in multiple subdomains using
a single email addresss. We override this function so that we do
not send a reset link to an email address if the reset attempt is
done on the subdomain which does not match user.realm.subdomain.
Once we start supporting accounts with the same email in
multiple subdomains, we may be able to delete or refactor this
function.
"""
user_realm = get_user_profile_by_email(to_email).realm
attempted_subdomain = get_subdomain(getattr(self, 'request'))
context['attempted_realm'] = False
if not check_subdomain(user_realm.subdomain, attempted_subdomain):
context['attempted_realm'] = get_realm(attempted_subdomain)
super(ZulipPasswordResetForm, self).send_mail(
subject_template_name,
email_template_name,
context,
from_email,
to_email,
html_email_template_name=html_email_template_name
)
示例5: authenticate
def authenticate(self, google_oauth2_token=None, realm_subdomain=None, return_data=None):
# type: (Optional[str], Optional[Text], Optional[Dict[str, Any]]) -> Optional[UserProfile]
if return_data is None:
return_data = {}
try:
token_payload = googleapiclient.verify_id_token(google_oauth2_token, settings.GOOGLE_CLIENT_ID)
except AppIdentityError:
return None
if token_payload["email_verified"] in (True, "true"):
try:
user_profile = get_user_profile_by_email(token_payload["email"])
except UserProfile.DoesNotExist:
return_data["valid_attestation"] = True
return None
if not user_profile.is_active:
return_data["inactive_user"] = True
return None
if user_profile.realm.deactivated:
return_data["inactive_realm"] = True
return None
if not check_subdomain(realm_subdomain, user_profile.realm.subdomain):
return_data["invalid_subdomain"] = True
return None
if not google_auth_enabled(realm=user_profile.realm):
return_data["google_auth_disabled"] = True
return None
return user_profile
else:
return_data["valid_attestation"] = False
return None
示例6: authenticate_log_and_execute_json
def authenticate_log_and_execute_json(request, view_func, *args, **kwargs):
# type: (HttpRequest, Callable[..., HttpResponse], *Any, **Any) -> HttpResponse
if not request.user.is_authenticated():
return json_error(_("Not logged in"), status=401)
user_profile = request.user
if not user_profile.is_active:
raise JsonableError(_("Account not active"))
if user_profile.realm.deactivated:
raise JsonableError(_("Realm for account has been deactivated"))
if user_profile.is_incoming_webhook:
raise JsonableError(_("Webhook bots can only access webhooks"))
if (
not check_subdomain(get_subdomain(request), user_profile.realm.subdomain)
and
# Exclude the SOCKET requests from this filter; they were
# checked when the original websocket request reached Tornado
not (request.method == "SOCKET" and request.META["SERVER_NAME"] == "127.0.0.1")
):
logging.warning(
"User %s attempted to access JSON API on wrong subdomain %s" % (user_profile.email, get_subdomain(request))
)
raise JsonableError(_("Account is not associated with this subdomain"))
process_client(request, user_profile, True)
request._email = user_profile.email
return view_func(request, user_profile, *args, **kwargs)
示例7: authenticate
def authenticate(self, *args, **kwargs):
# type: (*Any, **Any) -> Optional[UserProfile]
return_data = kwargs.get('return_data', {})
email_address = self.get_email_address(*args, **kwargs)
if not email_address:
return None
try:
user_profile = get_user_profile_by_email(email_address)
except UserProfile.DoesNotExist:
return_data["valid_attestation"] = True
return None
if not user_profile.is_active:
return_data["inactive_user"] = True
return None
if user_profile.realm.deactivated:
return_data["inactive_realm"] = True
return None
if not check_subdomain(kwargs.get("realm_subdomain"),
user_profile.realm.subdomain):
return_data["invalid_subdomain"] = True
return None
return user_profile
示例8: logged_in_and_active
def logged_in_and_active(request):
# type: (HttpRequest) -> bool
if not request.user.is_authenticated():
return False
if not request.user.is_active:
return False
if request.user.realm.deactivated:
return False
return check_subdomain(get_subdomain(request), request.user.realm.subdomain)
示例9: authenticate
def authenticate(self, username=None, realm_subdomain=None, use_dummy_backend=False, return_data=None):
# type: (Optional[Text], Optional[Text], bool, Optional[Dict[str, Any]]) -> Optional[UserProfile]
if use_dummy_backend:
user_profile = common_get_active_user_by_email(username)
if user_profile is None:
return None
if not check_subdomain(realm_subdomain, user_profile.realm.subdomain):
return_data["invalid_subdomain"] = True
return None
return user_profile
return None
示例10: _wrapped_func_arguments
def _wrapped_func_arguments(request, api_key=REQ(),
*args, **kwargs):
# type: (HttpRequest, Text, *Any, **Any) -> HttpResponse
try:
user_profile = UserProfile.objects.get(api_key=api_key)
except UserProfile.DoesNotExist:
raise JsonableError(_("Invalid API key"))
if not user_profile.is_active:
raise JsonableError(_("Account not active"))
if user_profile.realm.deactivated:
raise JsonableError(_("Realm for account has been deactivated"))
if not check_subdomain(get_subdomain(request), user_profile.realm.subdomain):
logging.warning("User %s attempted to access webhook API on wrong subdomain %s" % (
user_profile.email, get_subdomain(request)))
raise JsonableError(_("Account is not associated with this subdomain"))
request.user = user_profile
request._email = user_profile.email
webhook_client_name = "Zulip{}Webhook".format(client_name)
process_client(request, user_profile, client_name=webhook_client_name)
if settings.RATE_LIMITING:
rate_limit_user(request, user_profile, domain='all')
try:
return view_func(request, user_profile, *args, **kwargs)
except Exception as err:
if request.content_type == 'application/json':
try:
request_body = ujson.dumps(ujson.loads(request.body), indent=4)
except ValueError:
request_body = str(request.body)
else:
request_body = str(request.body)
message = """
user: {email} ({realm})
client: {client_name}
URL: {path_info}
content_type: {content_type}
body:
{body}
""".format(
email=user_profile.email,
realm=user_profile.realm.string_id,
client_name=webhook_client_name,
body=request_body,
path_info=request.META.get('PATH_INFO', None),
content_type=request.content_type,
)
webhook_logger.exception(message)
raise err
示例11: validate_api_key
def validate_api_key(request, role, api_key, is_webhook=False):
# type: (HttpRequest, text_type, text_type, bool) -> Union[UserProfile, Deployment]
# Remove whitespace to protect users from trivial errors.
role, api_key = role.strip(), api_key.strip()
try:
profile = get_deployment_or_userprofile(role)
except UserProfile.DoesNotExist:
raise JsonableError(_("Invalid user: %s") % (role,))
except Deployment.DoesNotExist:
raise JsonableError(_("Invalid deployment: %s") % (role,))
if api_key != profile.api_key:
if len(api_key) != 32:
reason = _("Incorrect API key length (keys should be 32 " "characters long) for role '%s'")
else:
reason = _("Invalid API key for role '%s'")
raise JsonableError(reason % (role,))
if not profile.is_active:
raise JsonableError(_("Account not active"))
if profile.is_incoming_webhook and not is_webhook:
raise JsonableError(_("Account is not valid to post webhook messages"))
try:
if profile.realm.deactivated:
raise JsonableError(_("Realm for account has been deactivated"))
except AttributeError:
# Deployment objects don't have realms
pass
if (
not check_subdomain(get_subdomain(request), profile.realm.subdomain)
# Allow access to localhost for Tornado
and not (
settings.RUNNING_INSIDE_TORNADO
and request.META["SERVER_NAME"] == "127.0.0.1"
and request.META["REMOTE_ADDR"] == "127.0.0.1"
)
):
logging.warning(
"User %s attempted to access API on wrong subdomain %s" % (profile.email, get_subdomain(request))
)
raise JsonableError(_("Account is not associated with this subdomain"))
return profile
示例12: clean_username
def clean_username(self):
# type: () -> str
email = self.cleaned_data['username']
try:
user_profile = get_user_profile_by_email(email)
except UserProfile.DoesNotExist:
return email
if user_profile.realm.deactivated:
error_msg = u"""Sorry for the trouble, but %s has been deactivated.
Please contact %s to reactivate this group.""" % (
user_profile.realm.name,
settings.ZULIP_ADMINISTRATOR)
raise ValidationError(mark_safe(error_msg))
if not check_subdomain(get_subdomain(self.request), user_profile.realm.subdomain):
logging.warning("User %s attempted to password login to wrong subdomain %s" %
(user_profile.email, get_subdomain(self.request)))
raise ValidationError(mark_safe(WRONG_SUBDOMAIN_ERROR))
return email
示例13: _wrapped_func_arguments
def _wrapped_func_arguments(request, api_key=REQ(),
*args, **kwargs):
# type: (HttpRequest, text_type, *Any, **Any) -> HttpResponse
try:
user_profile = UserProfile.objects.get(api_key=api_key)
except UserProfile.DoesNotExist:
raise JsonableError(_("Invalid API key"))
if not user_profile.is_active:
raise JsonableError(_("Account not active"))
if user_profile.realm.deactivated:
raise JsonableError(_("Realm for account has been deactivated"))
if not check_subdomain(get_subdomain(request), user_profile.realm.subdomain):
logging.warning("User %s attempted to access webhook API on wrong subdomain %s" % (
user_profile.email, get_subdomain(request)))
raise JsonableError(_("Account is not associated with this subdomain"))
request.user = user_profile
request._email = user_profile.email
webhook_client_name = "Zulip{}Webhook".format(client_name)
process_client(request, user_profile, client_name=webhook_client_name)
if settings.RATE_LIMITING:
rate_limit_user(request, user_profile, domain='all')
return view_func(request, user_profile, request.client, *args, **kwargs)