diff options
| -rw-r--r-- | portal-gui/rpkigui/myrpki/urls.py | 2 | ||||
| -rw-r--r-- | portal-gui/rpkigui/myrpki/views.py | 59 | ||||
| -rw-r--r-- | portal-gui/rpkigui/settings.py.in | 14 |
3 files changed, 46 insertions, 29 deletions
diff --git a/portal-gui/rpkigui/myrpki/urls.py b/portal-gui/rpkigui/myrpki/urls.py index db6d2b95..96d93e2d 100644 --- a/portal-gui/rpkigui/myrpki/urls.py +++ b/portal-gui/rpkigui/myrpki/urls.py @@ -40,11 +40,11 @@ urlpatterns = patterns('', (r'^asn/(?P<pk>\d+)/allocate$', views.asn_allocate_view), (r'^roa/(?P<pk>\d+)/delete$', views.roa_request_delete_view), (r'^demo/down/asns/(?P<self_handle>[^/]+)$', views.download_asns), - (r'^demo/down/myrpki/(?P<self_handle>[^/]+)$', views.download_myrpki_xml), (r'^demo/down/prefixes/(?P<self_handle>[^/]+)$', views.download_prefixes), (r'^demo/down/roas/(?P<self_handle>[^/]+)$', views.download_roas), (r'^upload-parent-request/(?P<self_handle>[^/]+)$', views.upload_parent_request), (r'^upload-repository-request/(?P<self_handle>[^/]+)$', views.upload_repository_request), + (r'^upload-myrpki-xml/(?P<self_handle>[^/]+)$', views.upload_myrpki_xml), ) # vim:sw=4 ts=8 expandtab diff --git a/portal-gui/rpkigui/myrpki/views.py b/portal-gui/rpkigui/myrpki/views.py index 79e3d6e2..dca9b2e6 100644 --- a/portal-gui/rpkigui/myrpki/views.py +++ b/portal-gui/rpkigui/myrpki/views.py @@ -17,7 +17,9 @@ PERFORMANCE OF THIS SOFTWARE. import email.utils import os +import os.path import tempfile +import sys from django.contrib.auth.decorators import login_required from django.shortcuts import get_object_or_404, render_to_response @@ -466,7 +468,7 @@ def handle_or_404(request, handle): def serve_file(handle, fname, content_type): content, mtime = glue.read_file_from_handle(handle, fname) resp = http.HttpResponse(content , mimetype=content_type) - resp['Content-Disposition'] = 'attachment; filename=%s' % (fname, ) + resp['Content-Disposition'] = 'attachment; filename=%s' % (os.path.basename(fname), ) resp['Last-Modified'] = email.utils.formatdate(mtime, usegmt=True) return resp @@ -484,12 +486,6 @@ def download_roas(request, self_handle): def download_prefixes(request, self_handle): return download_csv(request, self_handle, 'prefixes') -@login_required -def download_myrpki_xml(request, self_handle): - "handles GET of the myrpki.xml file for a given resource handle." - conf = handle_or_404(request, self_handle) - return serve_file(conf.handle, 'myrpki.xml', 'application/xml') - def get_parent_handle(conf): "determine who my parent is. for now just assume its hardcoded into the django db" parent_set = models.Parent.objects.filter(conf=conf) @@ -498,38 +494,59 @@ def get_parent_handle(conf): else: raise http.Http404, 'you have no parents' -# FIXME: nasty hack: disable CSRF protection since rpkidemo doesn't GET a form -# prior to posting. -# FIXME: refactor common ports of the upload request handlers to remove dupe code @csrf_exempt +@login_required def upload_parent_request(request, self_handle): conf = handle_or_404(request, self_handle) + parent_handle = get_parent_handle(conf) + if request.method == 'POST': input_file = tempfile.NamedTemporaryFile(delete=False) - input_file.write(request.POST['content']) + input_file.write(request.raw_post_data) input_file.close() - parent_handle = get_parent_handle(conf) + args = ['configure_child', input_file.name ] glue.invoke_rpki(parent_handle, args) + os.remove(input_file.name) - return serve_file(parent_handle, 'entitydb/children/%s.xml' % (self_handle,), 'application/xml') - return http.Http404, 'GET not implemented' -# FIXME: nasty hack: disable CSRF protection since rpkidemo doesn't GET a form -# prior to posting. + return serve_file(parent_handle, 'entitydb/children/%s.xml' % self_handle, 'application/xml') + @csrf_exempt +@login_required def upload_repository_request(request, self_handle): conf = handle_or_404(request, self_handle) + parent_handle = get_parent_handle(conf) + if request.method == 'POST': input_file = tempfile.NamedTemporaryFile(delete=False) - input_file.write(request.POST['content']) + input_file.write(request.raw_post_data) input_file.close() - parent_handle = get_parent_handle(conf) + args = ['configure_publication_client', input_file.name ] glue.invoke_rpki(parent_handle, args) + os.remove(input_file.name) - #FIXME: not sure which file gets sent back in this case - return serve_file(parent_handle, 'entitydb/repositories/%s.xml' % (self_handle,), 'application/xml') - return http.Http404, 'GET not implemented' + + # FIXME: this assumes that the parent is running pubd. the actual filename + # will be different if the parent is not running pubd. see + # rpki.myrpki.do_configure_publication_client() + return serve_file(parent_handle, 'entitydb/pubclients/%s.%s.xml' % (parent_handle, self_handle), 'application/xml') + +@csrf_exempt +@login_required +def upload_myrpki_xml(request, self_handle): + "handles POST of the myrpki.xml file for a given resource handle." + conf = handle_or_404(request, self_handle) + parent_handle = get_parent_handle(conf) + + if request.method == 'POST': + myrpki_xml = open('%s/%s/myrpki.xml' % (settings.MYRPKI_DATA_DIR, self_handle,), 'w') + myrpki_xml.write(request.raw_post_data) + myrpki_xml.close() + + glue.invoke_rpki(parent_handle, [ 'configure_daemons', myrpki_xml.name ]) + + return serve_file(self_handle, 'myrpki.xml', 'application/xml') # vim:sw=4 ts=8 expandtab diff --git a/portal-gui/rpkigui/settings.py.in b/portal-gui/rpkigui/settings.py.in index 9de67f15..b32ac696 100644 --- a/portal-gui/rpkigui/settings.py.in +++ b/portal-gui/rpkigui/settings.py.in @@ -69,8 +69,8 @@ MIDDLEWARE_CLASSES = ( # uncomment if using apache basic/digest http auth #'django.contrib.auth.middleware.RemoteUserMiddleware', - # for django 1.2 - 'django.middleware.csrf.CsrfMiddleware' + 'django.middleware.csrf.CsrfMiddleware', + 'django.middleware.http.ConditionalGetMiddleware', ) ROOT_URLCONF = 'rpkigui.urls' @@ -100,11 +100,15 @@ TEMPLATE_CONTEXT_PROCESSORS = ( "django.core.context_processors.request" ) -LOGIN_REDIRECT_URL='/myrpki/' +# uncomment if using apache basic/digest http auth +#AUTHENTICATION_BACKENDS = ( +# 'django.contrib.auth.backends.RemoteUserBackend', +#) # # RPKI GUI specific # +LOGIN_REDIRECT_URL='/myrpki/' # Top of directory tree where myrpki.conf, etc are stored for each # resource holder. @@ -113,7 +117,3 @@ MYRPKI_DATA_DIR = '@CONFDIR@' # Where to find the myrpki.py command line tool. MYRPKI_PATH = '@MYRPKI_TOOL@' -# uncomment if using apache basic/digest http auth -#AUTHENTICATION_BACKENDS = ( -# 'django.contrib.auth.backends.RemoteUserBackend', -#) |