Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

# -*- coding: utf-8 -*- 

""" 

This test module will search for all site's urls and analyze their security 

status. 

""" 

from importlib import import_module 

 

from django.core.management import BaseCommand 

from django.utils import timezone 

try: 

from django.utils.translation import gettext as _ 

except: 

from django.utils.translation import ugettext as _ 

from django.conf import settings 

 

from django_roles_access.tools import get_app_type 

from django_roles_access.utils import (walk_site_url, get_views_by_app, 

view_access_analyzer, 

OutputReport) 

 

 

DJANGO_ROLE_ACCESS_MIDDLEWARE = 'django_roles_access.middleware.RolesMiddleware' 

 

 

class Command(BaseCommand): 

""" 

**checkviewaccess** management _output to analyze *site's views access*. 

""" 

help = 'Manage _output checkviewaccess' 

 

def add_arguments(self, parser): 

# Add optional argument issue # 2 

parser.add_argument( 

'--output-format', 

dest='format', 

type=str) 

 

def handle(self, *args, **options): 

""" 

This method implements checkviewaccess _output behavior. 

""" 

output = OutputReport(self.stdout, self.style) 

self.with_format = False 

if options['format']: 

self.with_format = True 

output.set_format('csv') 

output.write_header() 

 

# 1. Get information. All views are collected and grouped by application 

url = import_module(settings.ROOT_URLCONF).urlpatterns 

views_by_app = get_views_by_app(walk_site_url(url)) 

 

# 2. Check if Django roles middleware is active or not 

if DJANGO_ROLE_ACCESS_MIDDLEWARE in settings.MIDDLEWARE: 

site_active = True 

else: 

site_active = False 

output.write_middleware_status(site_active) 

 

output.write_end_of_head() 

# 3. Analysis is done by application 

for app_name, views_list in views_by_app.items(): 

# Get application classification. 

app_type = get_app_type(app_name) 

output.process_application_data(app_name, app_type, views_list) 

 

# 4. For each view of the analyzed application 

for url, callback, view_name in views_list: 

output.process_view_data(view_name, url) 

 

analysis = view_access_analyzer(app_type, callback, view_name, 

site_active) 

output.write_view_access_analyzer(analysis) 

 

output.close_application_data(app_name) 

 

# 6. End of report 

output.write_footer()