X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Fproviders%2Fsaml2%2Fadmin.py;h=a9fb9e0118c5fe0ff659d4e36b62a18547e22538;hp=2f346ce915e5f23f565552a19df570ec4c3e2743;hb=c4aa2a8fc207d464aa23e065b5f2ad0549a58f5e;hpb=01bfc020dd2135069c7b8560a94ecf8cd7f72df8

diff --git a/ipsilon/providers/saml2/admin.py b/ipsilon/providers/saml2/admin.py
index 2f346ce..a9fb9e0 100755
--- a/ipsilon/providers/saml2/admin.py
+++ b/ipsilon/providers/saml2/admin.py
@@ -31,7 +31,7 @@ VALID_IN_NAME = r'[^\ a-zA-Z0-9]'
 class NewSPAdminPage(Page):
 
     def __init__(self, site, parent):
-        super(NewSPAdminPage, self).__init__(site)
+        super(NewSPAdminPage, self).__init__(site, form=True)
         self.parent = parent
         self.title = 'New Service Provider'
         self.backurl = parent.url
@@ -51,8 +51,8 @@ class NewSPAdminPage(Page):
     def POST(self, *args, **kwargs):
 
         if self.user.is_admin:
-            #TODO: allow authenticated user to create SPs on their own
-            #      set the owner in that case
+            # TODO: allow authenticated user to create SPs on their own
+            #       set the owner in that case
             name = None
             meta = None
             if 'content-type' not in cherrypy.request.headers:
@@ -103,11 +103,6 @@ class NewSPAdminPage(Page):
 
         return self.form_new(message, message_type)
 
-    def root(self, *args, **kwargs):
-        op = getattr(self, cherrypy.request.method, self.GET)
-        if callable(op):
-            return op(*args, **kwargs)
-
 
 class InvalidValueFormat(Exception):
     pass
@@ -120,7 +115,7 @@ class UnauthorizedUser(Exception):
 class SPAdminPage(Page):
 
     def __init__(self, sp, site, parent):
-        super(SPAdminPage, self).__init__(site)
+        super(SPAdminPage, self).__init__(site, form=True)
         self.parent = parent
         self.sp = sp
         self.title = sp.name
@@ -172,6 +167,8 @@ class SPAdminPage(Page):
             self._debug("Replacing %s: %s -> %s" % (key,
                                                     self.sp.default_nameid,
                                                     value))
+            if not self.sp.is_valid_nameid(value):
+                raise InvalidValueFormat('Invalid default nameid value')
             return {'default_nameid': value}
         else:
             raise UnauthorizedUser("Unauthorized to set default nameid value")
@@ -185,6 +182,11 @@ class SPAdminPage(Page):
             self._debug("Replacing %s: %s -> %s" % (key,
                                                     self.sp.allowed_nameids,
                                                     list(v)))
+            for x in v:
+                if not self.sp.is_valid_nameid(x):
+                    l = ', '.join(self.sp.valid_nameids())
+                    err = 'Invalid nameid [%s]. Available [%s].' % (x, l)
+                    raise InvalidValueFormat(err)
             return {'allowed_nameids': list(v)}
         else:
             raise UnauthorizedUser("Unauthorized to set alowed nameids values")
@@ -252,11 +254,6 @@ class SPAdminPage(Page):
 
         return self.form_standard(message, message_type)
 
-    def root(self, *args, **kwargs):
-        op = getattr(self, cherrypy.request.method, self.GET)
-        if callable(op):
-            return op(*args, **kwargs)
-
     def delete(self):
         self.parent.del_sp(self.sp.name)
         self.sp.permanently_delete()