From: Rob Crittenden Date: Mon, 2 Mar 2015 19:47:22 +0000 (-0500) Subject: Require admin when accessing REST pages X-Git-Tag: v0.5.0~37 X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=commitdiff_plain;h=13b359d8e4682fb239cf02293aef3a1b235a2cf6 Require admin when accessing REST pages Signed-off-by: Rob Crittenden Reviewed-by: Patrick Uiterwijk --- diff --git a/ipsilon/providers/common.py b/ipsilon/providers/common.py index dff302d..169fddc 100644 --- a/ipsilon/providers/common.py +++ b/ipsilon/providers/common.py @@ -19,6 +19,7 @@ from ipsilon.util.log import Log from ipsilon.util.plugin import PluginInstaller, PluginLoader from ipsilon.util.plugin import PluginObject, PluginConfig from ipsilon.util.page import Page +from ipsilon.util.page import admin_protect from ipsilon.rest.common import RestPage import cherrypy @@ -163,15 +164,19 @@ class RestProviderBase(RestPage): self.plugin_name = config.name self.cfg = config + @admin_protect def GET(self, *args, **kwargs): raise cherrypy.HTTPError(501) + @admin_protect def POST(self, *args, **kwargs): raise cherrypy.HTTPError(501) + @admin_protect def DELETE(self, *args, **kwargs): raise cherrypy.HTTPError(501) + @admin_protect def PUT(self, *args, **kwargs): raise cherrypy.HTTPError(501) diff --git a/ipsilon/providers/saml2/rest.py b/ipsilon/providers/saml2/rest.py index 6ad8ae6..730b374 100644 --- a/ipsilon/providers/saml2/rest.py +++ b/ipsilon/providers/saml2/rest.py @@ -6,6 +6,7 @@ from ipsilon.providers.common import FACILITY from ipsilon.rest.common import rest_error, jsonout from ipsilon.providers.saml2.provider import ServiceProviderCreator from ipsilon.providers.saml2.provider import InvalidProviderId +from ipsilon.util.page import admin_protect from lasso import ServerAddProviderFailedError @@ -77,10 +78,12 @@ class SPS(RestProviderBase): return dict(result=results) @jsonout + @admin_protect def GET(self, *args, **kwargs): return self._get_sp(*args, **kwargs) @jsonout + @admin_protect def POST(self, *args, **kwargs): cherrypy.response.status = 201