Skip to content
Permalink
Browse files

fixed rates, certbot

  • Loading branch information
Krocodial
Krocodial committed Dec 2, 2019
1 parent 5b2eff3 commit b7f93dbcf9fdba9ffe2c4e606750f114ca4a043d
@@ -4,6 +4,15 @@
from .forms import AdvancedSearch, BasicSearch


def custom_rate(group, request):
if request.user.is_authenticated:
if request.user.username == '105a1a41-543f-44c8-a7e6-5270fa6ad8a6':
return None
else:
return '20/m'
else:
return '6/m'

def role_checker(user, payload, request):

try:
@@ -20,7 +20,6 @@
path('tutorial', views.tutorial, name='tutorial'),
path('health', views.health, name='health'),
#path('gov_temp', views.gov_temp, name='gov_temp'),
path('debugg', views.debugg, name='debugg'),
path('login_complete', views.login_complete, name='login_complete'),
]

@@ -23,7 +23,7 @@
from .models import ClassificationCount, Classification, ClassificationLogs, ClassificationReviewGroups, ClassificationReview
from .forms import *
from .scripts import calc_scheduler, upload
from .helper import query_constructor, role_checker, filter_results
from .helper import query_constructor, role_checker, filter_results, custom_rate

from background_task.models import Task

@@ -53,16 +53,6 @@
lock = threading.Lock()
sizes = [10, 25, 50, 100]

@login_required
def debugg(request):
if not request.user.is_staff:
return redirect('classy:home')
http = ''
for key, value in request.META.items():
http = http + '\n' + str(key) + ': ' + str(value) + '<br />'

return HttpResponse(http)

#Accessed from the home.html page
@login_required
def tutorial(request):
@@ -74,6 +64,7 @@ def tutorial(request):

#Download search results from the search function
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def download(request):
if not request.method == 'POST':
return redirect('classy:home')
@@ -97,6 +88,7 @@ def download(request):

#Allow staff to review basic user changes, and accept/reject them
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def review(request):
if not request.user.is_staff:
return redirect('classy:home')
@@ -162,6 +154,7 @@ def review(request):

#Allows us to see what has been pre-classified before upload into this tool, for verification purposes
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def exceptions(request):
if not request.user.is_staff:
return redirect('classy:index')
@@ -236,6 +229,7 @@ def exceptions(request):

# List all of the Classification logs, filtered down to the Classification objects you are allowed to view. Searchable by Classification, flag, username, approver, and index
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def log_list(request):
form = BasicSearch(request.GET)

@@ -324,6 +318,7 @@ def log_list(request):

#Shows all information known about a Classification object. History, variables, associated users, masking instructions.
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def log_detail(request, classy_id):
num = ClassificationReviewGroups.objects.all().count()

@@ -361,6 +356,7 @@ def log_detail(request, classy_id):
#The search page POSTs to here via an AJAX call, this will auto-change values for staff, and create a review group for basic users.
#modifications will now auto-create logs if using the ClassificationForm
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def modi(request):
if request.method != 'POST':
return redirect('classy:home')
@@ -495,6 +491,7 @@ def modi(request):

#Once a user makes a search in the data view handle the request. Just search all the features of our Classification objects to find even partial matches and return them. The call to query_constructor will filter out values the user is not allowed to view.
@login_required
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def search(request):
if request.method != 'GET':
return redirect('classy:home')
@@ -619,7 +616,7 @@ def gov_temp(request):

# User is redirected here after authentication is complete via keycloak authentication server with a long, short-lived code. We exchange this code via an out-of-band REST call to the keycloak auth server for an access and refresh token. In the token is a list of permissions the user has, we check and set these via middleware. Once the token is verified we log the user in via a local session and give them a session cookie (they will never see the tokens so no risk of mishandling)
#@requires_csrf_token
@ratelimit(key='header:x-forwarded-for', rate='6/m', method=['GET'], block=True)
@ratelimit(key='header:x-forwarded-for', rate=custom_rate, block=True)
def login_complete(request):
try:
redirect_uri = os.getenv('REDIRECT_URI') + reverse('classy:login_complete')
@@ -827,7 +824,7 @@ def home(request):

#Handles file uploads. Uploads file with progress bar, schedules a task to handle the file once uploaded. A thread spawned by the classy instance will handle this file upload. I might change this back to a cron job to allow multiple classy containers in the future for higher stability. I'll need to figure out a way to share file uploads cross pods though which I'm not too keen on for now. .
@login_required
@ratelimit(key='user', rate='5/m', block=True, method=['POST'])
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def uploader(request):
spaces = re.compile(' ')
if not request.user.is_staff:
@@ -872,7 +869,7 @@ def uploader(request):

#Initial landing page for data table
@login_required
@ratelimit(key='user', rate='20/m', block=True, method=['POST'])
@ratelimit(key='user', rate=custom_rate, block=True, method='ALL')
def data(request):
if not request.user.is_authenticated:
return redirect('classy:index')
File renamed without changes.
File renamed without changes.

0 comments on commit b7f93db

Please sign in to comment.
You can’t perform that action at this time.