views.py 3.05 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
# Copyright 2014 Budapest University of Technology and Economics (BME IK)
#
# This file is part of CIRCLE Cloud.
#
# CIRCLE is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# CIRCLE is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along
# with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.

18 19 20 21
import base64
import datetime
import json

Bach Dániel committed
22
from django.core.exceptions import ValidationError
23 24 25 26 27 28 29
from django.db import IntegrityError
from django.http import HttpResponse
from django.utils.timezone import utc
from django.utils.translation import ugettext_lazy as _
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST

Bach Dániel committed
30
from .tasks.local_tasks import reloadtask
31
from .models import BlacklistItem, Host
32

33

34 35 36 37 38
def reload_firewall(request):
    if request.user.is_authenticated():
        if request.user.is_superuser:
            html = (_("Dear %s, you've signed in as administrator!<br />"
                      "Reloading in 10 seconds...") % request.user.username)
Bach Dániel committed
39
            reloadtask.delay()
Bach Dániel committed
40
            reloadtask.delay('Vlan')
41 42 43 44 45 46
        else:
            html = (_("Dear %s, you've signed in!") % request.user.username)
    else:
        html = _("Dear anonymous, you've not signed in yet!")
    return HttpResponse(html)

47

48 49 50 51
@csrf_exempt
@require_POST
def firewall_api(request):
    try:
52
        data = json.loads(base64.b64decode(request.POST["data"]))
53 54 55 56 57
        command = request.POST["command"]
        if data["password"] != "bdmegintelrontottaanetet":
            raise Exception(_("Wrong password."))

        if command == "blacklist":
58
            obj, created = BlacklistItem.objects.get_or_create(ipv4=data["ip"])
59 60
            obj.reason = data["reason"]
            obj.snort_message = data["snort_message"]
61 62
            if created:
                try:
63 64 65
                    obj.host = Host.objects.get(ipv4=data["ip"])
                except (Host.DoesNotExist, ValidationError,
                        IntegrityError, AttributeError):
66
                    pass
67 68 69 70

            modified = obj.modified_at + datetime.timedelta(minutes=1)
            now = datetime.dateime.utcnow().replace(tzinfo=utc)
            if obj.type == 'tempwhite' and modified < now:
71
                obj.type = 'tempban'
Bach Dániel committed
72 73
            if obj.type != 'whitelist':
                obj.save()
74 75 76 77 78 79 80 81 82 83
            return HttpResponse(unicode(_("OK")))
        else:
            raise Exception(_("Unknown command."))

    except (ValidationError, IntegrityError, AttributeError, Exception) as e:
        return HttpResponse(_("Something went wrong!\n%s\n") % e)
    except:
        return HttpResponse(_("Something went wrong!\n"))

    return HttpResponse(unicode(_("OK")))