Skip to content
Permalink
Browse files

Feature: allow user to disable session ip check

  • Loading branch information
usmannasir committed Nov 12, 2019
1 parent dd3a551 commit e40fca9596b6976dc72a7ca44b4da773f4e58e7c
@@ -2,19 +2,24 @@
import json
from django.shortcuts import HttpResponse
import re
from loginSystem.models import Administrator

class secMiddleware:

HIGH = 0
LOW = 1

def __init__(self, get_response):
self.get_response = get_response

def __call__(self, request):
try:
uID = request.session['userID']
admin = Administrator.objects.get(pk=uID)
ipAddr = request.META.get('REMOTE_ADDR')

if ipAddr.find('.') > -1:
if request.session['ipAddr'] == ipAddr:
if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
pass
else:
del request.session['userID']
@@ -27,7 +32,7 @@ def __call__(self, request):
else:
ipAddr = request.META.get('REMOTE_ADDR').split(':')[:3]

if request.session['ipAddr'] == ipAddr:
if request.session['ipAddr'] == ipAddr or admin.securityLevel == secMiddleware.LOW:
pass
else:
del request.session['userID']
@@ -85,6 +85,7 @@ class Administrator(models.Model):
owner = models.IntegerField(default=1)
token = models.CharField(max_length=500, default='None')
api = models.IntegerField(default=0)
securityLevel = models.IntegerField(default=0)

initWebsitesLimit = models.IntegerField(default=0)
acl = models.ForeignKey(ACL, default=1)
@@ -553,6 +553,11 @@ def applyLoginSystemMigrations():
except:
pass

try:
cursor.execute('ALTER TABLE loginSystem_administrator ADD securityLevel integer')
except:
pass

try:
cursor.execute('ALTER TABLE loginSystem_administrator ADD api integer')
except:
2 upgrade.sh 100644 → 100755
@@ -6,7 +6,7 @@
## Then run it like below.
## /usr/local/CyberCP/upgrade.sh

cd /usr/local/CyberCP && python manage.py collectstatic --no-input
cd /usr/local/CyberCP && /usr/local/CyberCP/bin/python2 manage.py collectstatic --no-input
rm -rf /usr/local/CyberCP/public/static/*
cp -R /usr/local/CyberCP/static/* /usr/local/CyberCP/public/static/
find /usr/local/CyberCP -type d -exec chmod 0755 {} \;
@@ -42,7 +42,8 @@ app.controller('createUserCtr', function ($scope, $http) {
selectedACL: selectedACL,
websitesLimit: websitesLimits,
userName: userName,
password: password
password: password,
securityLevel: $scope.securityLevel
};

var config = {
@@ -171,6 +172,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.firstName = userDetails.firstName;
$scope.lastName = userDetails.lastName;
$scope.email = userDetails.email;
$scope.secLevel = userDetails.securityLevel;

$scope.userModificationLoading = true;
$scope.acctDetailsFetched = false;
@@ -181,6 +183,7 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.detailsFetched = false;
$scope.userAccountsLimit = true;
$scope.websitesLimit = true;

} else {
$scope.userModificationLoading = true;
$scope.acctDetailsFetched = true;
@@ -248,7 +251,8 @@ app.controller('modifyUser', function ($scope, $http) {
firstName: firstName,
lastName: lastName,
email: email,
password: password
password: password,
securityLevel: $scope.securityLevel
};

var config = {
@@ -102,6 +102,17 @@ <h3 class="content-box-header">
</div>
</div>


<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Security Level" %}</label>
<div class="col-sm-6">
<select ng-change="fetchUserDetails()" ng-model="securityLevel" class="form-control">
<option>HIGH</option>
<option>LOW</option>
</select>
</div>
</div>

<div class="form-group">
<label class="col-sm-3 control-label"></label>
<div class="col-sm-4">
@@ -81,6 +81,20 @@ <h3 class="content-box-header">
</div>


<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Security Level" %}</label>
<div class="col-sm-6">
<select ng-change="fetchUserDetails()" ng-model="securityLevel" class="form-control">
<option>HIGH</option>
<option>LOW</option>
</select>
</div>
<div class="col-sm-3">
Currently: {$ secLevel $}
</div>
</div>


<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label"></label>
<div class="col-sm-4">
@@ -10,6 +10,7 @@
from plogical import CyberCPLogFileWriter as logging
from plogical.acl import ACLManager
from plogical.virtualHostUtilities import virtualHostUtilities
from CyberCP.secMiddleware import secMiddleware

# Create your views here.

@@ -138,6 +139,7 @@ def submitUserCreation(request):
password = data['password']
websitesLimit = data['websitesLimit']
selectedACL = data['selectedACL']
securityLevel = data['securityLevel']

selectedACL = ACL.objects.get(name=selectedACL)

@@ -146,6 +148,11 @@ def submitUserCreation(request):
else:
type = 3

if securityLevel == 'LOW':
securityLevel = secMiddleware.LOW
else:
securityLevel = secMiddleware.HIGH

token = hashPassword.generateToken(userName, password)
password = hashPassword.hash_password(password)
currentAdmin = Administrator.objects.get(pk=userID)
@@ -168,7 +175,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()

@@ -183,7 +191,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()
elif currentACL['createNewUser'] == 1:
@@ -197,7 +206,8 @@ def submitUserCreation(request):
initWebsitesLimit=websitesLimit,
owner=currentAdmin.pk,
acl=selectedACL,
token=token
token=token,
securityLevel=securityLevel,
)
newAdmin.save()
else:
@@ -261,14 +271,21 @@ def fetchUserDetails(request):
email = user.email

websitesLimit = user.initWebsitesLimit
securityLevel = ''

if user.securityLevel == secMiddleware.LOW:
securityLevel = 'Low'
else:
securityLevel = 'High'

userDetails = {
"id": user.id,
"firstName": firstName,
"lastName": lastName,
"email": email,
"acl": user.acl.name,
"websitesLimit": websitesLimit
"websitesLimit": websitesLimit,
"securityLevel": securityLevel
}

data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails}
@@ -296,6 +313,7 @@ def saveModifications(request):
firstName = data['firstName']
lastName = data['lastName']
email = data['email']
securityLevel = data['securityLevel']

user = Administrator.objects.get(userName=accountUsername)

@@ -323,6 +341,11 @@ def saveModifications(request):
user.token = token
user.type = 0

if securityLevel == 'LOW':
user.securityLevel = secMiddleware.LOW
else:
user.securityLevel = secMiddleware.HIGH

user.save()

data_ret = {'status': 1, 'saveStatus': 1, 'error_message': 'None'}

0 comments on commit e40fca9

Please sign in to comment.
You can’t perform that action at this time.