Merge branch 'master' of https://github.com/R4stl1n/allianceauth

2025-07-12 05:50:16 +02:00 · 2016-04-01 16:43:56 +02:00 · 2016-04-01 16:43:56 +02:00 · ceee5d9859
commit ceee5d9859
parent 8ae5c7b13f 4f4f7fc955
9 changed files with 299 additions and 4 deletions
--- a/alliance_auth/settings.py.example
+++ b/alliance_auth/settings.py.example
@ -97,7 +97,17 @@ DATABASES = {
        'PASSWORD': os.environ.get('AA_DB_PHPBB3_PASSWORD', 'password'),
        'HOST': os.environ.get('AA_DB_PHPBB3_HOST', '127.0.0.1'),
        'PORT': os.environ.get('AA_DB_PHPBB3_PORT', '3306'),
    },
    'ips4': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'alliance_ips4',
        'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver'),
        'PASSWORD': os.environ.get('AA_DB_IPS4_PASSWORD', 'password'),
        'HOST': os.environ.get('AA_DB_IPS4_HOST', '127.0.0.1'),
        'PORT': os.environ.get('AA_DB_IPS4_PORT', '3306'),
    }
 }
 TEMPLATE_CONTEXT_PROCESSORS = (
@ -224,6 +234,7 @@ BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'Fals
 # ENABLE_AUTH_MUMBLE - Enable mumble support in the auth for auth'd members
 # ENABLE_AUTH_IPBOARD - Enable IPBoard forum support in the auth for auth'd members
 # ENABLE_AUTH_DISCORD - Enable Discord support in the auth for auth'd members
 # ENABLE_AUTH_IPS4 - Enable IPS4 support in the auth for auth'd members
 #########################
 ENABLE_AUTH_FORUM = 'True' == os.environ.get('AA_ENABLE_AUTH_FORUM', 'False')
 ENABLE_AUTH_JABBER = 'True' == os.environ.get('AA_ENABLE_AUTH_JABBER', 'False')
@ -231,6 +242,7 @@ ENABLE_AUTH_MUMBLE = 'True' == os.environ.get('AA_ENABLE_AUTH_MUMBLE', 'False')
 ENABLE_AUTH_IPBOARD = 'True' == os.environ.get('AA_ENABLE_AUTH_IPBOARD', 'False')
 ENABLE_AUTH_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_AUTH_TEAMSPEAK3', 'False')
 ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False')
 ENABLE_AUTH_IPS4 = 'True' == os.environ.get('AA_ENABLE_AUTH_IPS4', 'False')
 #####################
 # Blue service Setup
@ -241,6 +253,7 @@ ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False'
 # ENABLE_BLUE_MUMBLE - Enable mumble support in the auth for blues
 # ENABLE_BLUE_IPBOARD - Enable IPBoard forum support in the auth for blues
 # ENABLE_BLUE_DISCORD - Enable Discord support in the auth for blues
 # ENABLE_BLUE_IPS4 - Enable IPS4 support in the auth for blues
 #####################
 BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
 ENABLE_BLUE_FORUM = 'True' == os.environ.get('AA_ENABLE_BLUE_FORUM', 'False')
@ -249,6 +262,7 @@ ENABLE_BLUE_MUMBLE = 'True' == os.environ.get('AA_ENABLE_BLUE_MUMBLE', 'False')
 ENABLE_BLUE_IPBOARD = 'True' == os.environ.get('AA_ENABLE_BLUE_IPBOARD', 'False')
 ENABLE_BLUE_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_BLUE_TEAMSPEAK3', 'False')
 ENABLE_BLUE_DISCORD = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCORD', 'False')
 ENABLE_BLUE_IPS4 = 'True' == os.environ.get('AA_ENABLE_BLUE_IPS4', 'False')
 #########################
 # Corp Configuration
@ -365,6 +379,15 @@ DISCORD_SERVER_ID = os.environ.get('AA_DISCORD_SERVER_ID', '')
 DISCORD_USER_EMAIL = os.environ.get('AA_DISCORD_USER_EMAIL', '')
 DISCORD_USER_PASSWORD = os.environ.get('AA_DISCORD_USER_PASSWORD', '')
 #####################################
 # IPS4 Configuration
 #####################################
 # IPS4_URL - base url of the IPS4 install (no trailing slash)
 # IPS4_API_KEY - API key provided by IPS4
 #####################################
 IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://mydomain.com/ips4')
 IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
 #####################################
 # Logging Configuration
 #####################################
--- a/alliance_auth/urls.py
+++ b/alliance_auth/urls.py
@ -137,6 +137,15 @@ urlpatterns = patterns('',
                       url(r'^deactivate_discord/$', 'services.views.deactivate_discord', name='auth_deactivate_discord'),
                       url(r'^reset_discord/$', 'services.views.reset_discord', name='auth_reset_discord'),
                       # IPS4 Service Control
                       url(r'^activate_ips4/$', 'services.views.activate_ips4',
                           name='auth_activate_ips4'),
                       url(r'^deactivate_ips4/$', 'services.views.deactivate_ips4',
                           name='auth_deactivate_ips4'),
                       url(r'^reset_ips4_password/$', 'services.views.reset_ips4_password',
                           name='auth_reset_ips4_password'),
                       url(r'^set_ips4_password/$', 'services.views.set_ips4_password', name='auth_set_ips4_password'),
                       # Tools
                       url(r'^tool/fleet_formatter_tool/$', 'services.views.fleet_formatter_view',
                           name='auth_fleet_format_tool_view'),
--- a/authentication/managers.py
+++ b/authentication/managers.py
@ -121,3 +121,17 @@ class AuthServicesInfoManager:
            logger.info("Updated user %s discord info in authservicesinfo model." % user)
        else:
            logger.error("Failed to update user %s discord info: user does not exist." % user)
    @staticmethod
    def update_user_ips4_info(username, password, id, user):
        if User.objects.filter(username=user.username).exists():
            logger.debug("Updating user %s IPS4 info: username %s" % (user, username))
            authserviceinfo = AuthServicesInfoManager.__get_or_create(user)
            authserviceinfo.ips4_username = username
            authserviceinfo.ips4_password = password
            authserviceinfo.ips4_id = id
            authserviceinfo.save(update_fields=['ips4_username', 'ips4_password', 'ips4_id'])
            logger.info("Updated user %s IPS4 info in authservicesinfo model." % user)
        else:
            logger.error("Failed to update user %s IPS4 info: user does not exist." % user)
--- a/authentication/models.py
+++ b/authentication/models.py
@ -14,6 +14,9 @@ class AuthServicesInfo(models.Model):
    teamspeak3_uid = models.CharField(max_length=254, blank=True, default="")
    teamspeak3_perm_key = models.CharField(max_length=254, blank=True, default="")
    discord_uid = models.CharField(max_length=254, blank=True, default="")
    ips4_username = models.CharField(max_length=254, blank=True, default="")
    ips4_password = models.CharField(max_length=254, blank=True, default="")
    ips4_id = models.CharField(max_length=254, blank=True, default="")
    main_char_id = models.CharField(max_length=64, blank=True, default="")
    is_blue = models.BooleanField(default=False)
    user = models.ForeignKey(User)
--- a/celerytask/tasks.py
+++ b/celerytask/tasks.py
@ -412,12 +412,11 @@ def run_api_refresh():
                        refresh_api(api_key_pair)
                    except evelink.api.APIError as e:
                        if int(e.code) >= 500:
-                            logger.error("EVE API servers encountered an error. Aborting API updates")
+                            logger.error("EVE API servers encountered error %s updating %s" % (e.code, api_key_pair))
                            return
                        elif int(e.code) == 221:
-                            logger.warn("API server hiccup while updating %s" % api_key_pair)
+                            logger.warn("API server hiccup %s while updating %s" % (e.code, api_key_pair))
                        else:
-                            logger.debug("API key %s failed update with error code %s" % (api_key_pair.api_id, e.code))
+                            logger.info("API key %s failed update with error code %s" % (api_key_pair.api_id, e.code))
                            EveManager.delete_characters_by_api_id(api_key_pair.api_id, user.id)
                            EveManager.delete_api_key_pair(api_key_pair.api_id, user.id)
                            notify(user, "API Key Deleted", message="Your API key ID %s failed validation with code %s. It and its associated characters have been deleted." % (api_key_pair.api_id, e.code), level="danger")
--- a/services/managers/ips4_manager.py
+++ b/services/managers/ips4_manager.py
@ -0,0 +1,110 @@
 import logging
 from django.conf import settings
 import requests
 import os
 from django.db import connections
 from passlib.hash import bcrypt
 from django.utils import timezone
 logger = logging.getLogger(__name__)
 class Ips4Manager:
    SQL_ADD_USER = r"INSERT INTO core_members (name, email, members_pass_hash, members_pass_salt, " \
                   r"member_group_id) VALUES (%s, %s, %s, %s, %s)"
    SQL_GET_ID = r"SELECT member_id FROM core_members WHERE name = %s"
    SQL_UPDATE_PASSWORD = r"UPDATE core_members SET members_pass_hash = %s, members_pass_salt = %s WHERE name = %s"
    SQL_DEL_USER = r"DELETE FROM core_members WHERE member_id = %s"
    MEMBER_GROUP_ID = 3
    @staticmethod
    def add_user(username, email):
        logger.debug("Adding new IPS4 user %s" % username)
        plain_password = Ips4Manager.__generate_random_pass()
        hash = bcrypt.encrypt(plain_password, rounds=13)
        hash_result = hash
        rounds_striped = hash_result.strip('$2a$13$')
        salt = rounds_striped[:22]
        joined_date = timezone.now
        group = Ips4Manager.MEMBER_GROUP_ID
        cursor = connections['ips4'].cursor()
        cursor.execute(Ips4Manager.SQL_ADD_USER, [username, email, hash, salt, group])
        member_id = Ips4Manager.get_user_id(username)
        return username, plain_password, member_id
    @staticmethod
    def get_user_id(username):
        cursor = connections['ips4'].cursor()
        cursor.execute(Ips4Manager.SQL_GET_ID, [username])
        row = cursor.fetchone()
        if row is not None:
            logger.debug("Got user id %s for username %s" % (row[0], username))
            return row[0]
        else:
            logger.error("username %s not found. Unable to determine id." % username)
            return None
    @staticmethod
    def __generate_random_pass():
        return os.urandom(8).encode('hex')
    @staticmethod
    def delete_user(id):
        logger.debug("Deleting IPS4 user id %s" % id)
        try:
            cursor = connections['ips4'].cursor()
            cursor.execute(Ips4Manager.SQL_DEL_USER, [id])
            logger.info("Deleted IPS4 user %s" % id)
            return True
        except:
            logger.exception("Failed to delete IPS4 user id %s" % id)
            return False
    @staticmethod
    def update_user_password(username):
        logger.debug("Updating IPS4 user id %s password" % id)
        if Ips4Manager.check_user(username):
            plain_password = Ips4Manager.__generate_random_pass()
            hash = bcrypt.encrypt(plain_password, rounds=13)
            hash_result = hash
            rounds_striped = hash_result.strip('$2a$13$')
            salt = rounds_striped[:22]
            cursor = connections['ips4'].cursor()
            cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
            return plain_password
        else:
            logger.error("Unable to update ips4 user %s password" % username)
            return ""
    @staticmethod
    def check_user(username):
        logger.debug("Checking IPS4 username %s" % username)
        cursor = connections['ips4'].cursor()
        cursor.execute(Ips4Manager.SQL_GET_ID, [username])
        row = cursor.fetchone()
        if row:
            logger.debug("Found user %s on IPS4" % username)
            return True
        logger.debug("User %s not found on IPS4" % username)
        return False
    @staticmethod
    def update_custom_password(username, plain_password):
        logger.debug("Updating IPS4 user id %s password" % id)
        if Ips4Manager.check_user(username):
            hash = bcrypt.encrypt(plain_password, rounds=13)
            hash_result = hash
            rounds_striped = hash_result.strip('$2a$13$')
            salt = rounds_striped[:22]
            cursor = connections['ips4'].cursor()
            cursor.execute(Ips4Manager.SQL_UPDATE_PASSWORD, [hash, salt, username])
            return plain_password
        else:
            logger.error("Unable to update ips4 user %s password" % username)
            return ""
--- a/services/views.py
+++ b/services/views.py
@ -14,6 +14,7 @@ from managers.mumble_manager import MumbleManager
 from managers.ipboard_manager import IPBoardManager
 from managers.teamspeak3_manager import Teamspeak3Manager
 from managers.discord_manager import DiscordManager
 from managers.ips4_manager import Ips4Manager
 from authentication.managers import AuthServicesInfoManager
 from eveonline.managers import EveManager
 from celerytask.tasks import update_jabber_groups
@ -603,3 +604,82 @@ def set_ipboard_password(request):
    logger.debug("Rendering form for user %s" % request.user)
    context = {'form': form, 'service': 'IPBoard', 'error': error}
    return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request))
@login_required
@user_passes_test(service_blue_alliance_test)
 def activate_ips4(request):
    logger.debug("activate_ips4 called by user %s" % request.user)
    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
    # Valid now we get the main characters
    character = EveManager.get_character_by_id(authinfo.main_char_id)
    logger.debug("Adding IPS4 user for user %s with main character %s" % (request.user, character))
    result = Ips4Manager.add_user(character.character_name, request.user.email)
    # if empty we failed
    if result[0] != "":
        AuthServicesInfoManager.update_user_ips4_info(result[0], result[1], result[2], request.user)
        logger.debug("Updated authserviceinfo for user %s with IPS4 credentials." % request.user)
        #update_ips4_groups.delay(request.user.pk)
        logger.info("Succesfully activated IPS4 for user %s" % request.user)
        return HttpResponseRedirect("/services/")
    logger.error("Unsuccesful attempt to activate IPS4 for user %s" % request.user)
    return HttpResponseRedirect("/dashboard")
@login_required
@user_passes_test(service_blue_alliance_test)
 def reset_ips4_password(request):
    logger.debug("reset_ips4_password called by user %s" % request.user)
    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
    result = Ips4Manager.update_user_password(authinfo.ips4_username)
    member_id = Ips4Manager.get_user_id(authinfo.ips4_username)
    # false we failed
    if result != "":
        AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, member_id, request.user)
        logger.info("Succesfully reset IPS4 password for user %s" % request.user)
        return HttpResponseRedirect("/services/")
    logger.error("Unsuccessful attempt to reset IPS4 password for user %s" % request.user)
    return HttpResponseRedirect("/dashboard")
@login_required
@user_passes_test(service_blue_alliance_test)
 def set_ips4_password(request):
    logger.debug("set_ips4_password called by user %s" % request.user)
    error = None
    if request.method == 'POST':
        logger.debug("Received POST request with form.")
        form = ServicePasswordForm(request.POST)
        logger.debug("Form is valid: %s" % form.is_valid())
        if form.is_valid():
            password = form.cleaned_data['password']
            logger.debug("Form contains password of length %s" % len(password))
            authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
            result = Ips4Manager.update_custom_password(authinfo.ips4_username, plain_password=password)
            member_id = Ips4Manager.get_user_id(authinfo.ips4_username)
            if result != "":
                AuthServicesInfoManager.update_user_ips4_info(authinfo.ips4_username, result, member_id, request.user)
                logger.info("Succesfully reset IPS4 password for user %s" % request.user)
                return HttpResponseRedirect("/services/")
            else:
                logger.error("Failed to install custom IPS4 password for user %s" % request.user)
                error = "Failed to install custom password."
        else:
            error = "Invalid password provided"
    else:
        logger.debug("Request is not type POST - providing empty form.")
        form = ServicePasswordForm()
    logger.debug("Rendering form for user %s" % request.user)
    context = {'form': form, 'service': 'IPS4', 'error': error}
    return render_to_response('registered/service_password.html', context, context_instance=RequestContext(request))
@login_required
@user_passes_test(service_blue_alliance_test)
 def deactivate_ips4(request):
    logger.debug("deactivate_ips4 called by user %s" % request.user)
    authinfo = AuthServicesInfoManager.get_auth_service_info(request.user)
    result = Ips4Manager.delete_user(authinfo.ips4_id)
    if result != "":
        AuthServicesInfoManager.update_user_ips4_info("", "", "", request.user)
        logger.info("Succesfully deactivated IPS4 for user %s" % request.user)
        return HttpResponseRedirect("/services/")
    logger.error("Unsuccesful attempt to deactivate IPS4 for user %s" % request.user)
    return HttpResponseRedirect("/dashboard")
--- a/stock/templates/registered/services.html
+++ b/stock/templates/registered/services.html
@ -130,6 +130,33 @@
                    </td>
                </tr>
            {% endif %}
            {% if ENABLE_BLUE_IPS4 %}
                <td class="text-center">IPS4</td>
                <td class="text-center">{{ authinfo.ips4_username }}</td>
                <td class="text-center">{{ authinfo.ips4_password }}</td>
                <td class="text-center"><a href="{{ IPS4_URL }}">{{ IPS4_URL }}</a></td>
                <td class="text-center">
                    {% ifequal authinfo.ips4_username "" %}
                        <a href="{% url 'auth_activate_ips4' %}">
                            <button type="button" class="btn btn-warning"><span
                                    class="glyphicon glyphicon-ok"></span></button>
                        </a>
                    {% else %}
                        <a href="{% url 'auth_set_ips4_password' %}">
                            <button type="button" class="btn btn-warning"><span
                                    class="glyphicon glyphicon-pencil"></span></button>
                        </a>
                        <a href="{% url 'auth_reset_ips4_password' %}">
                            <button type="button" class="btn btn-primary"><span
                                    class="glyphicon glyphicon-refresh"></span></button>
                        </a>
                        <a href="{% url 'auth_deactivate_ips4' %}">
                            <button type="button" class="btn btn-danger"><span
                                    class="glyphicon glyphicon-remove"></span></button>
                        </a>
                    {% endifequal %}
                </td>
            {% endif %}
            {% if ENABLE_BLUE_DISCORD %}
                <tr>
                    <td class="text-center">Discord</td>
@ -318,6 +345,33 @@
                    </td>
                </tr>
            {% endif %}
            {% if ENABLE_AUTH_IPS4 %}
                <td class="text-center">IPS4</td>
                <td class="text-center">{{ authinfo.ips4_username }}</td>
                <td class="text-center">{{ authinfo.ips4_password }}</td>
                <td class="text-center"><a href="{{ IPS4_URL }}">{{ IPS4_URL }}</a></td>
                <td class="text-center">
                    {% ifequal authinfo.ips4_username "" %}
                        <a href="{% url 'auth_activate_ips4' %}">
                            <button type="button" class="btn btn-warning"><span
                                    class="glyphicon glyphicon-ok"></span></button>
                        </a>
                    {% else %}
                        <a href="{% url 'auth_set_ips4_password' %}">
                            <button type="button" class="btn btn-warning"><span
                                    class="glyphicon glyphicon-pencil"></span></button>
                        </a>
                        <a href="{% url 'auth_reset_ips4_password' %}">
                            <button type="button" class="btn btn-primary"><span
                                    class="glyphicon glyphicon-refresh"></span></button>
                        </a>
                        <a href="{% url 'auth_deactivate_ips4' %}">
                            <button type="button" class="btn btn-danger"><span
                                    class="glyphicon glyphicon-remove"></span></button>
                        </a>
                    {% endifequal %}
                </td>
            {% endif %}
            {% if ENABLE_AUTH_DISCORD %}
                <tr>
                    <td class="text-center">Discord</td>
--- a/util/context_processors.py
+++ b/util/context_processors.py
@ -37,15 +37,18 @@ def domain_url(request):
            'ENABLE_AUTH_IPBOARD': settings.ENABLE_AUTH_IPBOARD,
            'ENABLE_AUTH_TEAMSPEAK3': settings.ENABLE_AUTH_TEAMSPEAK3,
            'ENABLE_AUTH_DISCORD': settings.ENABLE_AUTH_DISCORD,
            'ENABLE_AUTH_IPS4': settings.ENABLE_AUTH_IPS4,
            'ENABLE_BLUE_JABBER': settings.ENABLE_BLUE_JABBER,
            'ENABLE_BLUE_FORUM': settings.ENABLE_BLUE_FORUM,
            'ENABLE_BLUE_MUMBLE': settings.ENABLE_BLUE_MUMBLE,
            'ENABLE_BLUE_IPBOARD': settings.ENABLE_BLUE_IPBOARD,
            'ENABLE_BLUE_TEAMSPEAK3': settings.ENABLE_BLUE_TEAMSPEAK3,
            'ENABLE_BLUE_DISCORD': settings.ENABLE_BLUE_DISCORD,
            'ENABLE_BLUE_IPS4': settings.ENABLE_BLUE_IPS4,
            'TEAMSPEAK3_PUBLIC_URL': settings.TEAMSPEAK3_PUBLIC_URL,
            'JACK_KNIFE_URL': settings.JACK_KNIFE_URL,
            'DISCORD_SERVER_ID': settings.DISCORD_SERVER_ID,
            'KILLBOARD_URL': settings.KILLBOARD_URL,
            'IPS4_URL': settings.IPS4_URL,
            'EXTERNAL_MEDIA_URL': settings.EXTERNAL_MEDIA_URL,
            'CURRENT_UTC_TIME': timezone.now()}