filter request credentials if admin is not validated
This commit is contained in:
Cayo Puigdefabregas
parent
c76ed799be
commit
baa909ed94
|
|
@ -3,12 +3,21 @@ from django.contrib.auth import views as auth_views
|
||||||
from django.urls import reverse_lazy, resolve
|
from django.urls import reverse_lazy, resolve
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from django.shortcuts import redirect
|
from django.shortcuts import redirect
|
||||||
|
from django.core.cache import cache
|
||||||
|
|
||||||
|
|
||||||
class UserView(LoginRequiredMixin):
|
class UserView(LoginRequiredMixin):
|
||||||
login_url = "/login/"
|
login_url = "/login/"
|
||||||
wallet = False
|
wallet = False
|
||||||
|
|
||||||
|
def get(self, request, *args, **kwargs):
|
||||||
|
self.admin_validated = cache.get("KEY_DIDS")
|
||||||
|
return super().get(request, *args, **kwargs)
|
||||||
|
|
||||||
|
def post(self, request, *args, **kwargs):
|
||||||
|
self.admin_validated = cache.get("KEY_DIDS")
|
||||||
|
return super().post(request, *args, **kwargs)
|
||||||
|
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
context = super().get_context_data(**kwargs)
|
context = super().get_context_data(**kwargs)
|
||||||
context.update({
|
context.update({
|
||||||
|
|
@ -19,6 +28,7 @@ class UserView(LoginRequiredMixin):
|
||||||
'path': resolve(self.request.path).url_name,
|
'path': resolve(self.request.path).url_name,
|
||||||
'user': self.request.user,
|
'user': self.request.user,
|
||||||
'wallet': self.wallet,
|
'wallet': self.wallet,
|
||||||
|
'admin_validated': True if self.admin_validated else False
|
||||||
})
|
})
|
||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -109,11 +109,13 @@
|
||||||
{% trans 'My credentials' %}
|
{% trans 'My credentials' %}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
{% if admin_validated %}
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link {% if path == 'user_credentials_request' %}active2{% endif %}" href="{% url 'idhub:user_credentials_request' %}">
|
<a class="nav-link {% if path == 'user_credentials_request' %}active2{% endif %}" href="{% url 'idhub:user_credentials_request' %}">
|
||||||
{% trans 'Request a credential' %}
|
{% trans 'Request a credential' %}
|
||||||
</a>
|
</a>
|
||||||
</li>
|
</li>
|
||||||
|
{% endif %}
|
||||||
<li class="nav-item">
|
<li class="nav-item">
|
||||||
<a class="nav-link {% if path in 'user_demand_authorization, authorize' %}active2{% endif %}" href="{% url 'idhub:user_demand_authorization' %}">
|
<a class="nav-link {% if path in 'user_demand_authorization, authorize' %}active2{% endif %}" href="{% url 'idhub:user_demand_authorization' %}">
|
||||||
{% trans 'Present a credential' %}
|
{% trans 'Present a credential' %}
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,7 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="row mt-3">
|
<div class="row mt-3">
|
||||||
{% if object.eidas1_did %}
|
{% if object.eidas1_did and admin_validated %}
|
||||||
<div class="col text-center">
|
<div class="col text-center">
|
||||||
<a class="btn btn-green-user" href="{% url 'idhub:user_credential_pdf' object.id %}">{% trans 'Sign credential in PDF format' %}</a>
|
<a class="btn btn-green-user" href="{% url 'idhub:user_credential_pdf' object.id %}">{% trans 'Sign credential in PDF format' %}</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,6 @@ from django.views.generic.base import TemplateView
|
||||||
from django.shortcuts import get_object_or_404, redirect
|
from django.shortcuts import get_object_or_404, redirect
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
from django.http import HttpResponse
|
from django.http import HttpResponse
|
||||||
from django.core.cache import cache
|
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from idhub.user.forms import (
|
from idhub.user.forms import (
|
||||||
|
|
@ -223,9 +222,9 @@ class CredentialPdfView(MyWallet, TemplateView):
|
||||||
|
|
||||||
def get_pfx_data(self):
|
def get_pfx_data(self):
|
||||||
did = self.object.eidas1_did
|
did = self.object.eidas1_did
|
||||||
if not did:
|
pw = self.admin_validated
|
||||||
|
if not did or not pw:
|
||||||
return None, None
|
return None, None
|
||||||
pw = cache.get("KEY_DIDS")
|
|
||||||
key_material = json.loads(did.get_key_material(pw))
|
key_material = json.loads(did.get_key_material(pw))
|
||||||
cert = key_material.get("cert")
|
cert = key_material.get("cert")
|
||||||
passphrase = key_material.get("passphrase")
|
passphrase = key_material.get("passphrase")
|
||||||
|
|
@ -236,6 +235,8 @@ class CredentialPdfView(MyWallet, TemplateView):
|
||||||
|
|
||||||
def signer_init(self):
|
def signer_init(self):
|
||||||
pfx_data, passphrase = self.get_pfx_data()
|
pfx_data, passphrase = self.get_pfx_data()
|
||||||
|
if not pfx_data or not passphrase:
|
||||||
|
return
|
||||||
s = certs.load_cert(
|
s = certs.load_cert(
|
||||||
pfx_data, passphrase
|
pfx_data, passphrase
|
||||||
)
|
)
|
||||||
|
|
@ -310,6 +311,12 @@ class CredentialsRequestView(MyWallet, FormView):
|
||||||
form_class = RequestCredentialForm
|
form_class = RequestCredentialForm
|
||||||
success_url = reverse_lazy('idhub:user_credentials')
|
success_url = reverse_lazy('idhub:user_credentials')
|
||||||
|
|
||||||
|
def get(self, request, *args, **kwargs):
|
||||||
|
response = super().get(request, *args, **kwargs)
|
||||||
|
if not self.admin_validated:
|
||||||
|
return redirect(reverse_lazy('idhub:user_dashboard'))
|
||||||
|
return response
|
||||||
|
|
||||||
def get_form_kwargs(self):
|
def get_form_kwargs(self):
|
||||||
kwargs = super().get_form_kwargs()
|
kwargs = super().get_form_kwargs()
|
||||||
kwargs['user'] = self.request.user
|
kwargs['user'] = self.request.user
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue