External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-19 14:57:39 -02:30
Code Issues Packages Projects Releases Wiki Activity

Changes to be more strict on connection authentication for the socketio service

Browse Source
This commit is contained in:
Matthew Jones
2015-01-30 12:14:39 -05:00
parent 2a556ecab6
commit 2887855c15
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
awx/main/management/commands/run_socketio_service.py
View File

@@ -44,14 +44,17 @@ class TowerBaseNamespace(BaseNamespace):
def get_initial_acl(self): def get_initial_acl(self):
global valid_sockets global valid_sockets
print self
v_user = self.valid_user() v_user = self.valid_user()
self.is_valid_connection = False
if v_user: if v_user:
if self.socket.sessid not in valid_sockets: if self.socket.sessid not in valid_sockets:
valid_sockets.append(self.socket.sessid) valid_sockets.append(self.socket.sessid)
self.is_valid_connection = True
if len(valid_sockets) > 1000: if len(valid_sockets) > 1000:
valid_sockets = valid_sockets[1:] valid_sockets = valid_sockets[1:]
return set(['recv_connect'] + self.get_allowed_methods()) return set(['recv_connect'] + self.get_allowed_methods())
else:
self.emit("connect_failed", "Authentication failed")
return set(['recv_connect']) return set(['recv_connect'])
def valid_user(self): def valid_user(self):
@@ -75,21 +78,28 @@ class TowerBaseNamespace(BaseNamespace):
except Exception, e: except Exception, e:
return False return False
def recv_connect(self):
if not self.is_valid_connection:
self.disconnect(silent=False)
class TestNamespace(TowerBaseNamespace): class TestNamespace(TowerBaseNamespace):
def recv_connect(self): def recv_connect(self):
print_log("Received client connect for test namespace from %s" % str(self.environ['REMOTE_ADDR'])) print_log("Received client connect for test namespace from %s" % str(self.environ['REMOTE_ADDR']))
self.emit('test', "If you see this then you are connected to the test socket endpoint") self.emit('test', "If you see this then you attempted to connect to the test socket endpoint")
super(TestNamespace, self).recv_connect()
class JobNamespace(TowerBaseNamespace): class JobNamespace(TowerBaseNamespace):
def recv_connect(self): def recv_connect(self):
print_log("Received client connect for job namespace from %s" % str(self.environ['REMOTE_ADDR'])) print_log("Received client connect for job namespace from %s" % str(self.environ['REMOTE_ADDR']))
super(JobNamespace, self).recv_connect()
class JobEventNamespace(TowerBaseNamespace): class JobEventNamespace(TowerBaseNamespace):
def recv_connect(self): def recv_connect(self):
print_log("Received client connect for job event namespace from %s" % str(self.environ['REMOTE_ADDR'])) print_log("Received client connect for job event namespace from %s" % str(self.environ['REMOTE_ADDR']))
super(JobEventNamespace, self).recv_connect()
class ScheduleNamespace(TowerBaseNamespace): class ScheduleNamespace(TowerBaseNamespace):
@@ -98,6 +108,7 @@ class ScheduleNamespace(TowerBaseNamespace):
def recv_connect(self): def recv_connect(self):
print_log("Received client connect for schedule namespace from %s" % str(self.environ['REMOTE_ADDR'])) print_log("Received client connect for schedule namespace from %s" % str(self.environ['REMOTE_ADDR']))
super(ScheduleNamespace, self).recv_connect()
class TowerSocket(object): class TowerSocket(object):