Commit e727b6d8 authored by Guilhem Saurel's avatar Guilhem Saurel
Browse files

remove debug prints

parent 4b70cb46
Pipeline #8410 passed with stage
in 1 minute and 6 seconds
from ipaddress import ip_address, ip_network
from pprint import pprint
from django.conf import settings
from django.http import HttpRequest, HttpResponse, HttpResponseForbidden
......@@ -8,10 +7,8 @@ from rest_framework import permissions
def ip_laas(request: HttpRequest) -> bool:
"""check if request comes from settings.LAAS_NETWORKS."""
forwarded_for = ip_address(request.META.get('HTTP_X_FORWARDED_FOR'))
pprint(request.META)
for net in settings.LAAS_NETWORKS:
print(forwarded_for, 'in', ip_network(net))
return any(forwarded_for in ip_network(net) for net in settings.LAAS_NETWORKS)
......@@ -20,10 +17,10 @@ class LAASPermsMiddleware:
self.get_response = get_response
def __call__(self, request: HttpRequest) -> HttpResponse:
print(request.path.startswith('/admin/'), 'or', request.path.startswith('/accounts/'), 'or', request.user,
'and', request.user.is_authenticated, 'or', request.method, 'in', permissions.SAFE_METHODS, 'and',
ip_laas(request))
"""Allow access to pages protected at a higher application level,
or if the user is authenticated,
or if the request comes from a trusted IP.
"""
allowed = (request.path.startswith('/admin/') or request.path.startswith('/accounts/')
or request.user and request.user.is_authenticated
or request.method in permissions.SAFE_METHODS and ip_laas(request))
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment