IT-Naturschutz/konova
7
1
Fork 0
Code Issues 6 Pull Requests 1 Actions Projects Releases 28 Wiki Activity

master #454

Merged
mpeltriaux merged 5 commits from master into Docker 2024-12-23 12:09:49 +01:00
Conversation 0 Commits 5 Files Changed 9 +19
3 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit d677ac6b5a - Show all commits

1
.env.sample
View File

@ -24,6 +24,7 @@ DEFAULT_FROM_EMAIL=service@ksp.de
# Proxy
PROXY=CHANGE_ME
MAP_PROXY_HOST_WHITELIST=CHANGE_ME_1,CHANGE_ME_2
GEOPORTAL_RLP_USER=CHANGE_ME
GEOPORTAL_RLP_PASSWORD=CHANGE_ME

4
konova/sub_settings/lanis_settings.py
View File

@ -5,6 +5,7 @@ Contact: michel.peltriaux@sgdnord.rlp.de
Created on: 31.01.22
"""
from konova.sub_settings.django_settings import env
# MAPS
DEFAULT_LAT = 50.00
@ -28,3 +29,6 @@ LANIS_ZOOM_LUT = {
1000: 30,
500: 31,
}
MAP_PROXY_HOST_WHITELIST = env.list("MAP_PROXY_HOST_WHITELIST")
i = 0

14
konova/views/map_proxy.py
View File

@ -9,6 +9,7 @@ import json
from json import JSONDecodeError
import requests
import urllib3.util
from django.contrib.auth.decorators import login_required
from django.http import JsonResponse, HttpRequest
from django.utils.decorators import method_decorator
@ -18,6 +19,7 @@ from django.utils.translation import gettext_lazy as _
from requests.auth import HTTPDigestAuth
from konova.sub_settings.lanis_settings import MAP_PROXY_HOST_WHITELIST
from konova.sub_settings.proxy_settings import PROXIES, GEOPORTAL_RLP_USER, GEOPORTAL_RLP_PASSWORD
@ -32,6 +34,13 @@ class BaseClientProxyView(View):
def dispatch(self, request, *args, **kwargs):
return super().dispatch(request, *args, **kwargs)
def _check_with_whitelist(self, url):
parsed_url = urllib3.util.parse_url(url)
parsed_url_host = parsed_url.host
whitelist = set(MAP_PROXY_HOST_WHITELIST)
is_allowed = parsed_url_host in whitelist
return is_allowed
def perform_url_call(self, url, headers={}, auth=None):
""" Generic proxied call
@ -59,6 +68,11 @@ class ClientProxyParcelSearch(BaseClientProxyView):
def get(self, request: HttpRequest):
url = request.META.get("QUERY_STRING")
is_url_allowed = self._check_with_whitelist(url)
if not is_url_allowed:
raise PermissionError(f"Proxied url '{url}' is not allowed!")
content, response_code = self.perform_url_call(url)
try:
body = json.loads(content)