mirror of
https://github.com/ansible/awx.git
synced 2026-07-08 14:58:03 -02:30
convert py2 -> py3
This commit is contained in:
@@ -8,19 +8,23 @@ import threading
|
||||
xmlsec_init_lock = threading.Lock()
|
||||
xmlsec_initialized = False
|
||||
|
||||
import dm.xmlsec.binding # noqa
|
||||
original_xmlsec_initialize = dm.xmlsec.binding.initialize
|
||||
|
||||
|
||||
def xmlsec_initialize(*args, **kwargs):
|
||||
global xmlsec_init_lock, xmlsec_initialized, original_xmlsec_initialize
|
||||
with xmlsec_init_lock:
|
||||
if not xmlsec_initialized:
|
||||
original_xmlsec_initialize(*args, **kwargs)
|
||||
xmlsec_initialized = True
|
||||
|
||||
|
||||
dm.xmlsec.binding.initialize = xmlsec_initialize
|
||||
#
|
||||
# TODO: THIS DOES NOT WORK IN PY3
|
||||
#
|
||||
#import dm.xmlsec.binding # noqa
|
||||
#original_xmlsec_initialize = dm.xmlsec.binding.initialize
|
||||
#
|
||||
#
|
||||
#def xmlsec_initialize(*args, **kwargs):
|
||||
# global xmlsec_init_lock, xmlsec_initialized, original_xmlsec_initialize
|
||||
# with xmlsec_init_lock:
|
||||
# if not xmlsec_initialized:
|
||||
# original_xmlsec_initialize(*args, **kwargs)
|
||||
# xmlsec_initialized = True
|
||||
#
|
||||
#
|
||||
#dm.xmlsec.binding.initialize = xmlsec_initialize
|
||||
|
||||
|
||||
default_app_config = 'awx.sso.apps.SSOConfig'
|
||||
|
||||
@@ -40,11 +40,11 @@ logger = logging.getLogger('awx.sso.backends')
|
||||
|
||||
class LDAPSettings(BaseLDAPSettings):
|
||||
|
||||
defaults = dict(BaseLDAPSettings.defaults.items() + {
|
||||
defaults = dict(list(BaseLDAPSettings.defaults.items()) + list({
|
||||
'ORGANIZATION_MAP': {},
|
||||
'TEAM_MAP': {},
|
||||
'GROUP_TYPE_PARAMS': {},
|
||||
}.items())
|
||||
}.items()))
|
||||
|
||||
def __init__(self, prefix='AUTH_LDAP_', defaults={}):
|
||||
super(LDAPSettings, self).__init__(prefix, defaults)
|
||||
@@ -117,7 +117,7 @@ class LDAPBackend(BaseLDAPBackend):
|
||||
raise ImproperlyConfigured(
|
||||
"{} must be an {} instance.".format(setting_name, type_)
|
||||
)
|
||||
return super(LDAPBackend, self).authenticate(username, password)
|
||||
return super(LDAPBackend, self).authenticate(None, username, password)
|
||||
except Exception:
|
||||
logger.exception("Encountered an error authenticating to LDAP")
|
||||
return None
|
||||
@@ -198,7 +198,7 @@ class RADIUSBackend(BaseRADIUSBackend):
|
||||
if not feature_enabled('enterprise_auth'):
|
||||
logger.error("Unable to authenticate, license does not support RADIUS authentication")
|
||||
return None
|
||||
return super(RADIUSBackend, self).authenticate(username, password)
|
||||
return super(RADIUSBackend, self).authenticate(None, username, password)
|
||||
|
||||
def get_user(self, user_id):
|
||||
if not django_settings.RADIUS_SERVER:
|
||||
@@ -228,16 +228,16 @@ class TACACSPlusBackend(object):
|
||||
try:
|
||||
# Upstream TACACS+ client does not accept non-string, so convert if needed.
|
||||
auth = tacacs_plus.TACACSClient(
|
||||
django_settings.TACACSPLUS_HOST.encode('utf-8'),
|
||||
django_settings.TACACSPLUS_HOST,
|
||||
django_settings.TACACSPLUS_PORT,
|
||||
django_settings.TACACSPLUS_SECRET.encode('utf-8'),
|
||||
django_settings.TACACSPLUS_SECRET,
|
||||
timeout=django_settings.TACACSPLUS_SESSION_TIMEOUT,
|
||||
).authenticate(
|
||||
username.encode('utf-8'), password.encode('utf-8'),
|
||||
username, password,
|
||||
authen_type=tacacs_plus.TAC_PLUS_AUTHEN_TYPES[django_settings.TACACSPLUS_AUTH_PROTOCOL],
|
||||
)
|
||||
except Exception as e:
|
||||
logger.exception("TACACS+ Authentication Error: %s" % (e.message,))
|
||||
logger.exception("TACACS+ Authentication Error: %s" % str(e))
|
||||
return None
|
||||
if auth.valid:
|
||||
return _get_or_set_enterprise_user(username, password, 'tacacs+')
|
||||
@@ -341,8 +341,10 @@ def _update_m2m_from_groups(user, ldap_user, rel, opts, remove=True):
|
||||
if ldap_user._get_groups().is_member_of(group_dn):
|
||||
should_add = True
|
||||
if should_add:
|
||||
user.save()
|
||||
rel.add(user)
|
||||
elif remove and user in rel.all():
|
||||
user.save()
|
||||
rel.remove(user)
|
||||
|
||||
|
||||
@@ -398,6 +400,7 @@ def on_populate_user(sender, **kwargs):
|
||||
remove)
|
||||
|
||||
# Update user profile to store LDAP DN.
|
||||
user.save()
|
||||
profile = user.profile
|
||||
if profile.ldap_dn != ldap_user.dn:
|
||||
profile.ldap_dn = ldap_user.dn
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Python
|
||||
import collections
|
||||
import urlparse
|
||||
import urllib.parse as urlparse
|
||||
|
||||
# Django
|
||||
from django.conf import settings
|
||||
@@ -461,7 +461,7 @@ register(
|
||||
|
||||
register(
|
||||
'RADIUS_SECRET',
|
||||
field_class=fields.RADIUSSecretField,
|
||||
field_class=fields.CharField,
|
||||
allow_blank=True,
|
||||
default='',
|
||||
label=_('RADIUS Secret'),
|
||||
|
||||
@@ -51,7 +51,7 @@ class DependsOnMixin():
|
||||
Then fall back to the raw value from the setting in the DB.
|
||||
"""
|
||||
from django.conf import settings
|
||||
dependent_key = iter(self.depends_on).next()
|
||||
dependent_key = next(iter(self.depends_on))
|
||||
|
||||
if self.context:
|
||||
request = self.context.get('request', None)
|
||||
@@ -160,7 +160,7 @@ class AuthenticationBackendsField(fields.StringListField):
|
||||
if not required_feature or feature_enabled(required_feature):
|
||||
if all([getattr(settings, rs, None) for rs in required_settings]):
|
||||
continue
|
||||
backends = filter(lambda x: x != backend, backends)
|
||||
backends = [x for x in backends if x != backend]
|
||||
return backends
|
||||
|
||||
|
||||
@@ -198,7 +198,8 @@ class LDAPConnectionOptionsField(fields.DictField):
|
||||
valid_options = dict([(v, k) for k, v in ldap.OPT_NAMES_DICT.items()])
|
||||
invalid_options = set(data.keys()) - set(valid_options.keys())
|
||||
if invalid_options:
|
||||
options_display = json.dumps(list(invalid_options)).lstrip('[').rstrip(']')
|
||||
invalid_options = sorted(list(invalid_options))
|
||||
options_display = json.dumps(invalid_options).lstrip('[').rstrip(']')
|
||||
self.fail('invalid_options', invalid_options=options_display)
|
||||
# Convert named options to their integer constants.
|
||||
internal_data = {}
|
||||
@@ -224,7 +225,7 @@ class LDAPDNListField(fields.StringListField):
|
||||
|
||||
def __init__(self, **kwargs):
|
||||
super(LDAPDNListField, self).__init__(**kwargs)
|
||||
self.validators.append(lambda dn: map(validate_ldap_dn, dn))
|
||||
self.validators.append(lambda dn: list(map(validate_ldap_dn, dn)))
|
||||
|
||||
def run_validation(self, data=empty):
|
||||
if not isinstance(data, (list, tuple)):
|
||||
@@ -338,7 +339,7 @@ class LDAPSearchUnionField(fields.ListField):
|
||||
data = super(LDAPSearchUnionField, self).to_internal_value(data)
|
||||
if len(data) == 0:
|
||||
return None
|
||||
if len(data) == 3 and isinstance(data[0], basestring):
|
||||
if len(data) == 3 and isinstance(data[0], str):
|
||||
return self.ldap_search_field_class().run_validation(data)
|
||||
else:
|
||||
search_args = []
|
||||
@@ -367,7 +368,8 @@ class LDAPUserAttrMapField(fields.DictField):
|
||||
data = super(LDAPUserAttrMapField, self).to_internal_value(data)
|
||||
invalid_attrs = (set(data.keys()) - self.valid_user_attrs)
|
||||
if invalid_attrs:
|
||||
attrs_display = json.dumps(list(invalid_attrs)).lstrip('[').rstrip(']')
|
||||
invalid_attrs = sorted(list(invalid_attrs))
|
||||
attrs_display = json.dumps(invalid_attrs).lstrip('[').rstrip(']')
|
||||
self.fail('invalid_attrs', invalid_attrs=attrs_display)
|
||||
return data
|
||||
|
||||
@@ -432,7 +434,8 @@ class LDAPGroupTypeParamsField(fields.DictField, DependsOnMixin):
|
||||
|
||||
invalid_keys = set(value.keys()) - set(inspect.getargspec(group_type_cls.__init__).args[1:])
|
||||
if invalid_keys:
|
||||
keys_display = json.dumps(list(invalid_keys)).lstrip('[').rstrip(']')
|
||||
invalid_keys = sorted(list(invalid_keys))
|
||||
keys_display = json.dumps(invalid_keys).lstrip('[').rstrip(']')
|
||||
self.fail('invalid_keys', invalid_keys=keys_display)
|
||||
return value
|
||||
|
||||
@@ -491,13 +494,16 @@ class BaseDictWithChildField(fields.DictField):
|
||||
continue
|
||||
elif key not in data:
|
||||
missing_keys.add(key)
|
||||
missing_keys = sorted(list(missing_keys))
|
||||
if missing_keys and (data or not self.allow_blank):
|
||||
keys_display = json.dumps(list(missing_keys)).lstrip('[').rstrip(']')
|
||||
missing_keys = sorted(list(missing_keys))
|
||||
keys_display = json.dumps(missing_keys).lstrip('[').rstrip(']')
|
||||
self.fail('missing_keys', missing_keys=keys_display)
|
||||
if not self.allow_unknown_keys:
|
||||
invalid_keys = set(data.keys()) - set(self.child_fields.keys())
|
||||
if invalid_keys:
|
||||
keys_display = json.dumps(list(invalid_keys)).lstrip('[').rstrip(']')
|
||||
invalid_keys = sorted(list(invalid_keys))
|
||||
keys_display = json.dumps(invalid_keys).lstrip('[').rstrip(']')
|
||||
self.fail('invalid_keys', invalid_keys=keys_display)
|
||||
for k, v in data.items():
|
||||
child_field = self.child_fields.get(k, None)
|
||||
@@ -544,21 +550,6 @@ class LDAPTeamMapField(fields.DictField):
|
||||
child = LDAPSingleTeamMapField()
|
||||
|
||||
|
||||
class RADIUSSecretField(fields.CharField):
|
||||
|
||||
def run_validation(self, data=empty):
|
||||
value = super(RADIUSSecretField, self).run_validation(data)
|
||||
if isinstance(value, unicode):
|
||||
value = value.encode('utf-8')
|
||||
return value
|
||||
|
||||
def to_internal_value(self, value):
|
||||
value = super(RADIUSSecretField, self).to_internal_value(value)
|
||||
if isinstance(value, unicode):
|
||||
value = value.encode('utf-8')
|
||||
return value
|
||||
|
||||
|
||||
class SocialMapStringRegexField(fields.CharField):
|
||||
|
||||
def to_representation(self, value):
|
||||
@@ -605,7 +596,7 @@ class SocialMapField(fields.ListField):
|
||||
return False
|
||||
elif value in fields.NullBooleanField.NULL_VALUES:
|
||||
return None
|
||||
elif isinstance(value, (basestring, type(re.compile('')))):
|
||||
elif isinstance(value, (str, type(re.compile('')))):
|
||||
return self.child.to_representation(value)
|
||||
else:
|
||||
self.fail('type_error', input_type=type(value))
|
||||
@@ -619,7 +610,7 @@ class SocialMapField(fields.ListField):
|
||||
return False
|
||||
elif data in fields.NullBooleanField.NULL_VALUES:
|
||||
return None
|
||||
elif isinstance(data, basestring):
|
||||
elif isinstance(data, str):
|
||||
return self.child.run_validation(data)
|
||||
else:
|
||||
self.fail('type_error', input_type=type(data))
|
||||
@@ -688,7 +679,8 @@ class SAMLOrgInfoField(fields.DictField):
|
||||
if not re.match(r'^[a-z]{2}(?:-[a-z]{2})??$', key, re.I):
|
||||
invalid_keys.add(key)
|
||||
if invalid_keys:
|
||||
keys_display = json.dumps(list(invalid_keys)).lstrip('[').rstrip(']')
|
||||
invalid_keys = sorted(list(invalid_keys))
|
||||
keys_display = json.dumps(invalid_keys).lstrip('[').rstrip(']')
|
||||
self.fail('invalid_lang_code', invalid_lang_codes=keys_display)
|
||||
return data
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
# All Rights Reserved.
|
||||
|
||||
# Python
|
||||
import urllib
|
||||
import urllib.parse
|
||||
|
||||
# Six
|
||||
import six
|
||||
@@ -40,7 +40,7 @@ class SocialAuthMiddleware(SocialAuthExceptionMiddleware):
|
||||
# see: https://github.com/ansible/tower/issues/1979
|
||||
utils.BACKENDS = settings.AUTHENTICATION_BACKENDS
|
||||
token_key = request.COOKIES.get('token', '')
|
||||
token_key = urllib.quote(urllib.unquote(token_key).strip('"'))
|
||||
token_key = urllib.parse.quote(urllib.parse.unquote(token_key).strip('"'))
|
||||
|
||||
if not hasattr(request, 'successful_authenticator'):
|
||||
request.successful_authenticator = None
|
||||
|
||||
@@ -14,6 +14,6 @@ class Migration(migrations.Migration):
|
||||
migrations.AlterField(
|
||||
model_name='userenterpriseauth',
|
||||
name='provider',
|
||||
field=models.CharField(max_length=32, choices=[(b'radius', 'RADIUS'), (b'tacacs+', 'TACACS+'), (b'saml', 'SAML')]),
|
||||
field=models.CharField(max_length=32, choices=[('radius', 'RADIUS'), ('tacacs+', 'TACACS+'), ('saml', 'SAML')]),
|
||||
),
|
||||
]
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Python
|
||||
import pytest
|
||||
import mock
|
||||
from unittest import mock
|
||||
|
||||
# Tower
|
||||
from awx.sso.backends import _get_or_set_enterprise_user
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
|
||||
import pytest
|
||||
import mock
|
||||
import re
|
||||
from unittest import mock
|
||||
|
||||
from awx.sso.pipeline import (
|
||||
update_user_orgs,
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
|
||||
import pytest
|
||||
import mock
|
||||
from unittest import mock
|
||||
|
||||
from rest_framework.exceptions import ValidationError
|
||||
|
||||
@@ -37,7 +37,7 @@ class TestSAMLOrgAttrField():
|
||||
({'remove': True, 'saml_attr': False},
|
||||
ValidationError('Not a valid string.')),
|
||||
({'remove': True, 'saml_attr': False, 'foo': 'bar', 'gig': 'ity'},
|
||||
ValidationError('Invalid key(s): "gig", "foo".')),
|
||||
ValidationError('Invalid key(s): "foo", "gig".')),
|
||||
({'remove_admins': True, 'saml_admin_attr': False},
|
||||
ValidationError('Not a valid string.')),
|
||||
({'remove_admins': 'blah', 'saml_admin_attr': 'foobar'},
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import mock
|
||||
from unittest import mock
|
||||
|
||||
|
||||
def test_empty_host_fails_auth(tacacsplus_backend):
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
# All Rights Reserved.
|
||||
|
||||
# Python
|
||||
import urllib
|
||||
import urllib.parse
|
||||
import logging
|
||||
|
||||
# Django
|
||||
@@ -24,7 +24,7 @@ class BaseRedirectView(RedirectView):
|
||||
|
||||
def get_redirect_url(self, *args, **kwargs):
|
||||
last_path = self.request.COOKIES.get('lastPath', '')
|
||||
last_path = urllib.quote(urllib.unquote(last_path).strip('"'))
|
||||
last_path = urllib.parse.quote(urllib.parse.unquote(last_path).strip('"'))
|
||||
url = reverse('ui:index')
|
||||
if last_path:
|
||||
return '%s#%s' % (url, last_path)
|
||||
@@ -45,7 +45,7 @@ class CompleteView(BaseRedirectView):
|
||||
response.set_cookie('userLoggedIn', 'true')
|
||||
current_user = UserSerializer(self.request.user)
|
||||
current_user = JSONRenderer().render(current_user.data)
|
||||
current_user = urllib.quote('%s' % current_user, '')
|
||||
current_user = urllib.parse.quote('%s' % current_user, '')
|
||||
response.set_cookie('current_user', current_user, secure=settings.SESSION_COOKIE_SECURE or None)
|
||||
return response
|
||||
|
||||
|
||||
Reference in New Issue
Block a user