Fixed some bugs in systemusers and wordpress backends

This commit is contained in:
Marc Aymerich 2015-11-26 10:42:18 +00:00
parent d6f85f07df
commit c1dcca4f79
7 changed files with 17 additions and 11 deletions

View file

@ -120,7 +120,10 @@ send_bills.url_name = 'send'
def download_bills(modeladmin, request, queryset): def download_bills(modeladmin, request, queryset):
if queryset.count() > 1: for bill in queryset:
if not validate_contact(request, bill):
return False
if len(queryset) > 1:
bytesio = io.BytesIO() bytesio = io.BytesIO()
archive = zipfile.ZipFile(bytesio, 'w') archive = zipfile.ZipFile(bytesio, 'w')
for bill in queryset: for bill in queryset:
@ -130,7 +133,7 @@ def download_bills(modeladmin, request, queryset):
response = HttpResponse(bytesio.getvalue(), content_type='application/pdf') response = HttpResponse(bytesio.getvalue(), content_type='application/pdf')
response['Content-Disposition'] = 'attachment; filename="orchestra-bills.zip"' response['Content-Disposition'] = 'attachment; filename="orchestra-bills.zip"'
return response return response
bill = queryset.get() bill = queryset[0]
pdf = bill.as_pdf() pdf = bill.as_pdf()
response = HttpResponse(pdf, content_type='application/pdf') response = HttpResponse(pdf, content_type='application/pdf')
response['Content-Disposition'] = 'attachment; filename="%s.pdf"' % bill.number response['Content-Disposition'] = 'attachment; filename="%s.pdf"' % bill.number

View file

@ -55,7 +55,7 @@ def edit_records(modeladmin, request, queryset):
link = '<a href="%(url)s" title="%(title)s">%(name)s</a>' % context link = '<a href="%(url)s" title="%(title)s">%(name)s</a>' % context
modeladmin_copy.verbose_name_plural = mark_safe(link) modeladmin_copy.verbose_name_plural = mark_safe(link)
RecordFormSet = modelformset_factory( RecordFormSet = modelformset_factory(
modeladmin.model, form=RecordForm, formset=RecordEditFormSet, extra=1, can_delete=True) Record, form=RecordForm, formset=RecordEditFormSet, extra=1, can_delete=True)
formset = RecordFormSet(queryset=domain.records.all(), prefix=domain.id) formset = RecordFormSet(queryset=domain.records.all(), prefix=domain.id)
formset.instance = domain formset.instance = domain
formset.cls = RecordFormSet formset.cls = RecordFormSet

View file

@ -157,7 +157,7 @@ class WordpressMuBackend(ServiceController):
mysql %(db_name)s --execute=" mysql %(db_name)s --execute="
DELETE FROM m DELETE FROM m
USING wp_domain_mapping AS m, wp_blogs AS b USING wp_domain_mapping AS m, wp_blogs AS b
WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s'; WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s;
UPDATE wp_blogs UPDATE wp_blogs
SET path='/' SET path='/'
WHERE blog_id = ${existing[0]};" WHERE blog_id = ${existing[0]};"
@ -165,7 +165,7 @@ class WordpressMuBackend(ServiceController):
mysql %(db_name)s --execute=" mysql %(db_name)s --execute="
UPDATE wp_domain_mapping as m, wp_blogs as b UPDATE wp_domain_mapping as m, wp_blogs as b
SET m.domain = '%(custom_domain)s', b.path = '%(custom_path)s' SET m.domain = '%(custom_domain)s', b.path = '%(custom_path)s'
WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s';" WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s;"
fi fi
elif [[ "%(custom_domain)s" != "" ]]; then elif [[ "%(custom_domain)s" != "" ]]; then
blog=( $(mysql -Nrs %(db_name)s --execute=" blog=( $(mysql -Nrs %(db_name)s --execute="
@ -175,7 +175,7 @@ class WordpressMuBackend(ServiceController):
mysql %(db_name)s --execute=" mysql %(db_name)s --execute="
UPDATE wp_domain_mapping UPDATE wp_domain_mapping
SET active = 0 SET active = 0
WHERE blog_id = ${blog[0]} AND active = 1; WHERE active AND blog_id = ${blog[0]};
INSERT INTO wp_domain_mapping INSERT INTO wp_domain_mapping
(blog_id, domain, active) VALUES (${blog[0]}, '%(custom_domain)s', 1);" (blog_id, domain, active) VALUES (${blog[0]}, '%(custom_domain)s', 1);"
if [[ "${blog[1]}" != "%(custom_path)s" ]]; then if [[ "${blog[1]}" != "%(custom_path)s" ]]; then

View file

@ -139,17 +139,20 @@ class UNIXUserBackend(ServiceController):
""") % context """) % context
) )
def revoke_permissions(self, context): def revoke_permissions(self, user, context):
revoke_perms = { revoke_perms = {
'rw': '', 'rw': '',
'r': 'w', 'r': 'w',
'w': 'r', 'w': 'r',
} }
context['perms'] = revoke_perms[user.set_perm_perms] context.update({
'perms': revoke_perms[user.set_perm_perms],
'option': '-x' if user.set_perm_perms == 'rw' else '-m'
})
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""\
# Revoke permissions # Revoke permissions
find '%(perm_to)s' %(exclude_acl)s \\ find '%(perm_to)s' %(exclude_acl)s \\
-exec setfacl -m u:%(user)s:%(perms)s {} \\;\ -exec setfacl %(option)s u:%(user)s:%(perms)s {} \\;\
""") % context """) % context
) )

View file

@ -12,7 +12,6 @@ SYSTEMUSERS_SHELLS = Setting('SYSTEMUSERS_SHELLS',
('/dev/null', _("No shell, FTP only")), ('/dev/null', _("No shell, FTP only")),
('/bin/rssh', _("No shell, SFTP/RSYNC only")), ('/bin/rssh', _("No shell, SFTP/RSYNC only")),
('/bin/bash', "/bin/bash"), ('/bin/bash', "/bin/bash"),
('/bin/sh', "/bin/sh"),
), ),
validators=[Setting.validate_choices] validators=[Setting.validate_choices]
) )

View file

@ -292,6 +292,7 @@ class Apache2Backend(ServiceController):
def get_security(self, directives): def get_security(self, directives):
rules = [] rules = []
location = '/'
for values in directives.get('sec-rule-remove', []): for values in directives.get('sec-rule-remove', []):
for rule in values.split(): for rule in values.split():
rules.append('SecRuleRemoveById %i' % int(rule)) rules.append('SecRuleRemoveById %i' % int(rule))