cleaned up security checks and made API work again

benadida · Dec 31, 2008 · 9cf87eb · 9cf87eb
1 parent 637bed2
commit 9cf87eb
Show file tree

Hide file tree

Showing 15 changed files with 808 additions and 81 deletions.
diff --git a/client/heliosclient.py b/client/heliosclient.py
@@ -6,7 +6,7 @@
 """
 
 import oauthclient
-from base import utils, oauth
+from helios import utils, oauth
 from crypto import algs, electionalgs
 
 class HeliosClient(object):
@@ -15,7 +15,7 @@ def __init__(self, auth_info, host, port):
     auth_info is consumer_key, ....
     """
     self.consumer = oauth.OAuthConsumer(auth_info['consumer_key'],auth_info['consumer_secret'])
-    self.token = oauth.OAuthToken(auth_info['access_token'],auth_info['access_token_secret'])
+    self.token = oauth.OAuthToken(auth_info['consumer_key'],auth_info['consumer_secret'])
     self.client = oauthclient.MachineOAuthClient(self.consumer, self.token, host, port)
 
   def get(self, url, parameters = None):
@@ -33,7 +33,7 @@ def election_new(self, name, public_key):
     return election_id
 
   def election_get(self, election_id):
-    return electionalgs.Election.fromJSONDict(utils.from_json(self.get("/elections/%s" % election_id)))
+    return electionalgs.Election.fromJSONDict(utils.from_json(self.get("/elections/%s/" % election_id)))
 
   def election_set_reg(self, election_id, open_reg=False):
     result = self.post("/elections/%s/set_reg" % election_id, {'open_p' : str(int(open_reg))})
@@ -44,7 +44,7 @@ def election_questions_save(self, election_id, questions):
     return result == "SUCCESS"
 
   def election_freeze(self, election_id):
-    result = self.post("/elections/%s/freeze_2" % election_id, {})
+    result = self.post("/elections/%s/freeze" % election_id, {})
     return result == "SUCCESS"
 
   def open_submit(self, election_id, encrypted_vote, email=None, openid_url=None, name=None, category=None):

diff --git a/client/oauthclient.py b/client/oauthclient.py
@@ -5,7 +5,7 @@
 2008-08-30
 """
 
-from base import oauth, utils
+from helios import oauth, utils
 
 import httplib
 

diff --git a/helios/admin_views.py b/helios/admin_views.py
@@ -0,0 +1,37 @@
+"""
+Helios Django Views
+
+Ben Adida (ben@adida.net)
+"""
+
+from django.http import *
+from security import *
+
+from django.contrib import auth
+
+from crypto import algs
+import utils
+import csv
+
+from models import *
+from view_utils import *
+
+@admin_required
+def admin_home(request):
+  return render_template(request, 'admin_home')
+
+@admin_required
+def admin_clients(request):
+  api_clients = APIClient.objects.all()
+  return render_template(request, 'admin_clients', {'clients': api_clients})
+
+@admin_required
+def admin_client_new(request):
+  new_client = APIClient.objects.create(consumer_key = request.POST['consumer_key'], consumer_secret = request.POST['consumer_secret'])
+  return HttpResponseRedirect("./")
+
+@admin_required
+def admin_client_delete(request):
+  client= APIClient.objects.get(consumer_key = request.POST['consumer_key'])
+  client.delete()
+  return HttpResponseRedirect("./")
diff --git a/helios/election_urls.py b/helios/election_urls.py
@@ -27,7 +27,7 @@
     (r'^bboard$', one_election_bboard),
 
     # construct election
-    (r'^set_pk$', one_election_set_pk),
+    # (r'^set_pk$', one_election_set_pk),
     (r'^voters_manage$', one_election_voters_manage),
     (r'^voters_bulk_upload$', one_election_voters_bulk_upload),
     (r'^voters_delete$', one_election_voters_delete),
@@ -42,10 +42,10 @@
 
     # computing tally
     (r'^compute_tally$', one_election_compute_tally),
-    (r'^drive_tally_chunk$', one_election_drive_tally_chunk),
+    # (r'^drive_tally_chunk$', one_election_drive_tally_chunk),
     (r'^drive_tally$', one_election_drive_tally),
     (r'^set_tally$', one_election_set_tally),
-    (r'^compute_tally_chunk$', one_election_compute_tally_chunk),
+    # (r'^compute_tally_chunk$', one_election_compute_tally_chunk),
 
     # managing voters
     (r'^voters/$', voter_list),

diff --git a/helios/models.py b/helios/models.py
@@ -22,7 +22,7 @@ class Election(models.Model, JSONObject):
   election_id = models.AutoField(primary_key=True)
 
   # we'll use django users from now
-  admin = models.ForeignKey(auth_models.User)
+  admin = models.ForeignKey(auth_models.User, null = True)
 
   # if machine-able API
   api_client = models.ForeignKey('APIClient', null=True)
@@ -433,8 +433,6 @@ class APIClient(models.Model):
   api_client_id = models.AutoField(primary_key=True)
   consumer_key = models.CharField(max_length=100)
   consumer_secret = models.CharField(max_length=100)
-  access_token = models.CharField(max_length=100)
-  access_token_secret = models.CharField(max_length=100)
 
   @classmethod
   def get_by_consumer_key(cls, consumer_key):