orc: - - Права доступа в случае незаявленного пользователя (Hotfix)

- - Возможность авторизации в формате login@domain
dev-fastapi
Иван Маслов 2 years ago
parent 04b20f0875
commit d1189657c5

@ -79,9 +79,19 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
if "\\" in lUser: if "\\" in lUser:
lDomain = lUser.split("\\")[0] lDomain = lUser.split("\\")[0]
lUser = lUser.split("\\")[1] lUser = lUser.split("\\")[1]
elif "@" in lUser:
lDomain = lUser.split("@")[1]
lUser = lUser.split("@")[0]
lLogonBool = __Orchestrator__.OSCredentialsVerify(inUserStr=lUser, inPasswordStr=lPassword, inDomainStr=lDomain) lLogonBool = __Orchestrator__.OSCredentialsVerify(inUserStr=lUser, inPasswordStr=lPassword, inDomainStr=lDomain)
#Check result #Check result
if lLogonBool: if lLogonBool: # check user in gsettings rules
lLogonBool = False
gSettings = __Orchestrator__.GSettingsGet() # Set the global settings
lUserTurple = (lDomain.upper(),lUser.upper()) # Create turple key for inGSettings["ServerDict"]["AccessUsers"]["RuleDomainUserDict"]
lUserTurple2 = ("",lUser.upper()) # Create turple key for inGSettings["ServerDict"]["AccessUsers"]["RuleDomainUserDict"]
if lUserTurple in gSettings.get("ServerDict",{}).get("AccessUsers", {}).get("RuleDomainUserDict", {}): lLogonBool = True
elif lUserTurple2 in gSettings.get("ServerDict",{}).get("AccessUsers", {}).get("RuleDomainUserDict", {}): lLogonBool = True
if lLogonBool: # If user exists in UAC Dict
lResult["Domain"] = lDomain lResult["Domain"] = lDomain
lResult["User"] = lUser lResult["User"] = lUser
#Create token #Create token
@ -102,6 +112,8 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
#inRequest.OpenRPASetCookie = {} #inRequest.OpenRPASetCookie = {}
#New engine of server #New engine of server
#inRequest.OpenRPAResponseDict["SetCookies"]["AuthToken"] = lAuthToken #inRequest.OpenRPAResponseDict["SetCookies"]["AuthToken"] = lAuthToken
else:
raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (для пользователя не заявлен доступ к оркестратору pyOpenRPA. Обратитесь в техническую поддержку)", headers={})
else: else:
raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (неверная пара логин / пароль)", headers={}) raise HTTPException(status_code=401, detail="Попытка авторизации не прошла успешно (неверная пара логин / пароль)", headers={})
###################################### ######################################
@ -111,6 +123,7 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
lRouteList =[] lRouteList =[]
for lItem in app.router.routes: for lItem in app.router.routes:
lRouteList.append(lItem) lRouteList.append(lItem)

@ -148,7 +148,7 @@ async def pyOpenRPA_ServerData(inRequest: Request, inAuthTokenStr:str=Depends(Id
"CPDict": HiddenCPDictGenerate(inAuthTokenStr=inAuthTokenStr), "CPDict": HiddenCPDictGenerate(inAuthTokenStr=inAuthTokenStr),
"RDPDict": HiddenRDPDictGenerate(inAuthTokenStr=inAuthTokenStr), "RDPDict": HiddenRDPDictGenerate(inAuthTokenStr=inAuthTokenStr),
"AgentDict": HiddenAgentDictGenerate(inAuthTokenStr=inAuthTokenStr), "AgentDict": HiddenAgentDictGenerate(inAuthTokenStr=inAuthTokenStr),
"UserDict": {"UACClientDict": {}, "CWDPathStr": os.getcwd(), "VersionStr": inGSettings["VersionStr"]}, "UserDict": {"UACClientDict": __Orchestrator__.WebUserUACHierarchyGet(inAuthTokenStr=inAuthTokenStr), "CWDPathStr": os.getcwd(), "VersionStr": inGSettings["VersionStr"]},
} }
# Create JSON # Create JSON
lServerDataDictJSONStr = json.dumps(lServerDataDict) lServerDataDictJSONStr = json.dumps(lServerDataDict)

Loading…
Cancel
Save