filter request credentials if admin is not validated

This commit is contained in:
Cayo Puigdefabregas 2024-01-18 18:36:41 +01:00
parent c76ed799be
commit baa909ed94
4 changed files with 23 additions and 4 deletions

View file

@ -3,12 +3,21 @@ from django.contrib.auth import views as auth_views
from django.urls import reverse_lazy, resolve from django.urls import reverse_lazy, resolve
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.shortcuts import redirect from django.shortcuts import redirect
from django.core.cache import cache
class UserView(LoginRequiredMixin): class UserView(LoginRequiredMixin):
login_url = "/login/" login_url = "/login/"
wallet = False wallet = False
def get(self, request, *args, **kwargs):
self.admin_validated = cache.get("KEY_DIDS")
return super().get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
self.admin_validated = cache.get("KEY_DIDS")
return super().post(request, *args, **kwargs)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
context.update({ context.update({
@ -19,6 +28,7 @@ class UserView(LoginRequiredMixin):
'path': resolve(self.request.path).url_name, 'path': resolve(self.request.path).url_name,
'user': self.request.user, 'user': self.request.user,
'wallet': self.wallet, 'wallet': self.wallet,
'admin_validated': True if self.admin_validated else False
}) })
return context return context

View file

@ -109,11 +109,13 @@
{% trans 'My credentials' %} {% trans 'My credentials' %}
</a> </a>
</li> </li>
{% if admin_validated %}
<li class="nav-item"> <li class="nav-item">
<a class="nav-link {% if path == 'user_credentials_request' %}active2{% endif %}" href="{% url 'idhub:user_credentials_request' %}"> <a class="nav-link {% if path == 'user_credentials_request' %}active2{% endif %}" href="{% url 'idhub:user_credentials_request' %}">
{% trans 'Request a credential' %} {% trans 'Request a credential' %}
</a> </a>
</li> </li>
{% endif %}
<li class="nav-item"> <li class="nav-item">
<a class="nav-link {% if path in 'user_demand_authorization, authorize' %}active2{% endif %}" href="{% url 'idhub:user_demand_authorization' %}"> <a class="nav-link {% if path in 'user_demand_authorization, authorize' %}active2{% endif %}" href="{% url 'idhub:user_demand_authorization' %}">
{% trans 'Present a credential' %} {% trans 'Present a credential' %}

View file

@ -39,7 +39,7 @@
</div> </div>
</div> </div>
<div class="row mt-3"> <div class="row mt-3">
{% if object.eidas1_did %} {% if object.eidas1_did and admin_validated %}
<div class="col text-center"> <div class="col text-center">
<a class="btn btn-green-user" href="{% url 'idhub:user_credential_pdf' object.id %}">{% trans 'Sign credential in PDF format' %}</a> <a class="btn btn-green-user" href="{% url 'idhub:user_credential_pdf' object.id %}">{% trans 'Sign credential in PDF format' %}</a>
</div> </div>

View file

@ -25,7 +25,6 @@ from django.views.generic.base import TemplateView
from django.shortcuts import get_object_or_404, redirect from django.shortcuts import get_object_or_404, redirect
from django.urls import reverse_lazy from django.urls import reverse_lazy
from django.http import HttpResponse from django.http import HttpResponse
from django.core.cache import cache
from django.contrib import messages from django.contrib import messages
from django.conf import settings from django.conf import settings
from idhub.user.forms import ( from idhub.user.forms import (
@ -223,9 +222,9 @@ class CredentialPdfView(MyWallet, TemplateView):
def get_pfx_data(self): def get_pfx_data(self):
did = self.object.eidas1_did did = self.object.eidas1_did
if not did: pw = self.admin_validated
if not did or not pw:
return None, None return None, None
pw = cache.get("KEY_DIDS")
key_material = json.loads(did.get_key_material(pw)) key_material = json.loads(did.get_key_material(pw))
cert = key_material.get("cert") cert = key_material.get("cert")
passphrase = key_material.get("passphrase") passphrase = key_material.get("passphrase")
@ -236,6 +235,8 @@ class CredentialPdfView(MyWallet, TemplateView):
def signer_init(self): def signer_init(self):
pfx_data, passphrase = self.get_pfx_data() pfx_data, passphrase = self.get_pfx_data()
if not pfx_data or not passphrase:
return
s = certs.load_cert( s = certs.load_cert(
pfx_data, passphrase pfx_data, passphrase
) )
@ -310,6 +311,12 @@ class CredentialsRequestView(MyWallet, FormView):
form_class = RequestCredentialForm form_class = RequestCredentialForm
success_url = reverse_lazy('idhub:user_credentials') success_url = reverse_lazy('idhub:user_credentials')
def get(self, request, *args, **kwargs):
response = super().get(request, *args, **kwargs)
if not self.admin_validated:
return redirect(reverse_lazy('idhub:user_dashboard'))
return response
def get_form_kwargs(self): def get_form_kwargs(self):
kwargs = super().get_form_kwargs() kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user kwargs['user'] = self.request.user