3 # Copyright (C) 2014 Simo Sorce <simo@redhat.com>
5 # see file 'COPYING' for use and warranty information
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 from ipsilon.util.page import Page
22 from ipsilon.providers.saml2.provider import ServiceProvider
25 class SPAdminPage(Page):
27 def __init__(self, sp, site, parent):
28 super(SPAdminPage, self).__init__(site)
31 self.backurl = parent.url
32 self.url = '%s/sp/%s' % (parent.url, sp.name)
34 def form_standard(self, message=None, message_type=None):
35 return self._template('admin/providers/saml2_sp.html',
37 message_type=message_type,
39 name='saml2_sp_%s_form' % self.sp.name,
40 backurl=self.backurl, action=self.url,
43 def GET(self, *args, **kwargs):
44 return self.form_standard()
46 def POST(self, *args, **kwargs):
48 message = "Nothing was modified."
52 for key, value in kwargs.iteritems():
54 if value != self.sp.name:
55 if self.user.is_admin or self.user.name == self.sp.owner:
56 self._debug("Replacing %s: %s -> %s" %
57 (key, self.sp.name, value))
61 message = "Unauthorized to rename object"
62 message_type = "error"
63 return self.form_standard(message, message_type)
66 if value != self.sp.owner:
67 if self.user.is_admin:
68 self._debug("Replacing %s: %s -> %s" %
69 (key, self.sp.owner, value))
73 message = "Unauthorized to set owner value"
74 message_type = "error"
75 return self.form_standard(message, message_type)
77 elif key == 'default_nameid':
78 if value != self.sp.default_nameid:
79 if self.user.is_admin:
80 self._debug("Replacing %s: %s -> %s" %
81 (key, self.sp.default_nameid, value))
82 self.sp.default_nameid = value
85 message = "Unauthorized to set default nameid value"
86 message_type = "error"
87 return self.form_standard(message, message_type)
89 elif key == 'allowed_nameids':
90 v = set([x.strip() for x in value.split(',')])
91 if v != set(self.sp.allowed_nameids):
92 if self.user.is_admin:
93 self._debug("Replacing %s: %s -> %s" %
94 (key, self.sp.allowed_nameids, list(v)))
95 self.sp.allowed_nameids = list(v)
98 message = "Unauthorized to set allowed nameids value"
99 message_type = "error"
100 return self.form_standard(message, message_type)
104 self.sp.save_properties()
105 message = "Properties succssfully changed"
106 message_type = "success"
107 except Exception: # pylint: disable=broad-except
108 message = "Failed to save data!"
109 message_type = "error"
111 return self.form_standard(message, message_type)
113 def root(self, *args, **kwargs):
114 op = getattr(self, cherrypy.request.method, self.GET)
116 return op(*args, **kwargs)
119 class AdminPage(Page):
120 def __init__(self, site, config):
121 super(AdminPage, self).__init__(site)
127 self.sp = Page(self._site)
129 def add_sp(self, name, sp):
130 page = SPAdminPage(sp, self._site, self)
131 self.sp.add_subtree(name, page)
132 self.providers.append(sp)
135 def mount(self, page):
136 self.menu = page.menu
137 self.url = '%s/%s' % (page.url, self.name)
138 for p in self.cfg.idp.get_providers():
140 sp = ServiceProvider(self.cfg, p)
141 self.add_sp(sp.name, sp)
142 except Exception, e: # pylint: disable=broad-except
143 self._debug("Failed to find provider %s: %s" % (p, str(e)))
144 page.add_subtree(self.name, self)
146 def root(self, *args, **kwargs):
147 return self._template('admin/providers/saml2.html',
148 title='SAML2 Administration',
149 providers=self.providers,