from django.core.exceptions import ValidationError from django.utils.translation import ugettext_lazy as _ from orchestra.utils.python import import_class from . import settings # TODO multiple and unique validation support in the formset class SiteOption(object): unique = True def __init__(self, name, *args, **kwargs): self.name = name self.verbose_name = kwargs.pop('verbose_name', name) self.help_text = kwargs.pop('help_text', '') for k,v in kwargs.iteritems(): setattr(self, k, v) def validate(self, website): if self.regex and not re.match(self.regex, website.value): raise ValidationError({ 'value': ValidationError(_("'%(value)s' does not match %(regex)s."), params={ 'value': website.value, 'regex': self.regex }), }) directory_protection = SiteOption('directory_protection', verbose_name=_("Directory protection"), help_text=_("Space separated ..."), regex=r'^([\w/_]+)\s+(\".*\")\s+([\w/_\.]+)$', ) redirect = SiteOption('redirect', verbose_name=_("Redirection"), help_text=_("<website path> <destination URL>"), regex=r'^[^ ]+\s[^ ]+$', ) proxy = SiteOption('proxy', verbose_name=_("Proxy"), help_text=_("<website path> <target URL>"), regex=r'^[^ ]+\shttp[^ ]+(timeout=[0-9]{1,3}|retry=[0-9]|\s)*$', ) ssl_ca = SiteOption('ssl_ca', verbose_name=_("SSL CA"), help_text=_("Filesystem path of the CA certificate file."), regex=r'^[^ ]+$' ) ssl_cert = SiteOption('ssl_cert', verbose_name=_("SSL cert"), help_text=_("Filesystem path of the certificate file."), regex=r'^[^ ]+$', ) ssl_key = SiteOption('ssl_key', verbose_name=_("SSL key"), help_text=_("Filesystem path of the key file."), regex=r'^[^ ]+$', ) sec_rule_remove = SiteOption('sec_rule_remove', verbose_name=_("SecRuleRemoveById"), help_text=_("Space separated ModSecurity rule IDs."), regex=r'^[0-9\s]+$', ) sec_engine = SiteOption('sec_engine', verbose_name=_("Modsecurity engine"), help_text=_("On or Off, defaults to On"), regex=r'^(On|Off)$', ) user_group = SiteOption('user_group', verbose_name=_("SuexecUserGroup"), help_text=_("user [group], username and optional groupname."), # TODO validate existing user/group regex=r'^[\w/_]+(\s[\w/_]+)*$', ) error_document = SiteOption('error_document', verbose_name=_("ErrorDocumentRoot"), help_text=_("<error code> <URL/path/message>
" " 500 http://foo.example.com/cgi-bin/tester
" " 404 /cgi-bin/bad_urls.pl
" " 401 /subscription_info.html
" " 403 \"Sorry can't allow you access today\""), regex=r'[45]0[0-9]\s.*', ) ssl = [ ssl_ca, ssl_cert, ssl_key, ] sec = [ sec_rule_remove, sec_engine, ] httpd = [ directory_protection, redirect, proxy, user_group, error_document, ] _enabled = None def get_enabled(): global _enabled if _enabled is None: from . import settings _enabled = {} for op in settings.WEBSITES_ENABLED_OPTIONS: op = import_class(op) _enabled[op.name] = op return _enabled