django-orchestra/orchestra/apps/websites/options.py

128 lines
3.4 KiB
Python

from django.core.exceptions import ValidationError
from django.utils.translation import ugettext_lazy as _
from orchestra.utils.python import import_class
from . import settings
# TODO multiple and unique validation support in the formset
class SiteOption(object):
unique = True
def __init__(self, name, *args, **kwargs):
self.name = name
self.verbose_name = kwargs.pop('verbose_name', name)
self.help_text = kwargs.pop('help_text', '')
for k,v in kwargs.iteritems():
setattr(self, k, v)
def validate(self, website):
if self.regex and not re.match(self.regex, website.value):
raise ValidationError({
'value': ValidationError(_("'%(value)s' does not match %(regex)s."),
params={
'value': website.value,
'regex': self.regex
}),
})
directory_protection = SiteOption('directory_protection',
verbose_name=_("Directory protection"),
help_text=_("Space separated ..."),
regex=r'^([\w/_]+)\s+(\".*\")\s+([\w/_\.]+)$',
)
redirect = SiteOption('redirect',
verbose_name=_("Redirection"),
help_text=_("<tt>&lt;website path&gt; &lt;destination URL&gt;</tt>"),
regex=r'^[^ ]+\s[^ ]+$',
)
proxy = SiteOption('proxy',
verbose_name=_("Proxy"),
help_text=_("<tt>&lt;website path&gt; &lt;target URL&gt;</tt>"),
regex=r'^[^ ]+\shttp[^ ]+(timeout=[0-9]{1,3}|retry=[0-9]|\s)*$',
)
ssl_ca = SiteOption('ssl_ca',
verbose_name=_("SSL CA"),
help_text=_("Filesystem path of the CA certificate file."),
regex=r'^[^ ]+$'
)
ssl_cert = SiteOption('ssl_cert',
verbose_name=_("SSL cert"),
help_text=_("Filesystem path of the certificate file."),
regex=r'^[^ ]+$',
)
ssl_key = SiteOption('ssl_key',
verbose_name=_("SSL key"),
help_text=_("Filesystem path of the key file."),
regex=r'^[^ ]+$',
)
sec_rule_remove = SiteOption('sec_rule_remove',
verbose_name=_("SecRuleRemoveById"),
help_text=_("Space separated ModSecurity rule IDs."),
regex=r'^[0-9\s]+$',
)
sec_engine = SiteOption('sec_engine',
verbose_name=_("Modsecurity engine"),
help_text=_("<tt>On</tt> or <tt>Off</tt>, defaults to On"),
regex=r'^(On|Off)$',
)
user_group = SiteOption('user_group',
verbose_name=_("SuexecUserGroup"),
help_text=_("<tt>user [group]</tt>, username and optional groupname."),
# TODO validate existing user/group
regex=r'^[\w/_]+(\s[\w/_]+)*$',
)
error_document = SiteOption('error_document',
verbose_name=_("ErrorDocumentRoot"),
help_text=_("&lt;error code&gt; &lt;URL/path/message&gt;<br>"
"<tt>&nbsp;500 http://foo.example.com/cgi-bin/tester</tt><br>"
"<tt>&nbsp;404 /cgi-bin/bad_urls.pl</tt><br>"
"<tt>&nbsp;401 /subscription_info.html</tt><br>"
"<tt>&nbsp;403 \"Sorry can't allow you access today\"</tt>"),
regex=r'[45]0[0-9]\s.*',
)
ssl = [
ssl_ca,
ssl_cert,
ssl_key,
]
sec = [
sec_rule_remove,
sec_engine,
]
httpd = [
directory_protection,
redirect,
proxy,
user_group,
error_document,
]
_enabled = None
def get_enabled():
global _enabled
if _enabled is None:
from . import settings
_enabled = {}
for op in settings.WEBSITES_ENABLED_OPTIONS:
op = import_class(op)
_enabled[op.name] = op
return _enabled