2013-05-29 23:58:07 +02:00
|
|
|
from __future__ import absolute_import
|
2015-11-01 17:11:06 +01:00
|
|
|
from __future__ import print_function
|
2013-05-29 23:58:07 +02:00
|
|
|
|
2016-06-04 16:52:18 +02:00
|
|
|
from typing import Any
|
|
|
|
|
|
|
|
from argparse import ArgumentParser
|
2017-07-08 17:58:54 +02:00
|
|
|
from zerver.models import UserProfile
|
2017-07-31 07:08:33 +02:00
|
|
|
from zerver.lib.rate_limiter import block_access, unblock_user, RateLimitedUser
|
2017-07-08 17:58:54 +02:00
|
|
|
from zerver.lib.management import ZulipBaseCommand
|
2013-05-29 23:58:07 +02:00
|
|
|
|
|
|
|
from optparse import make_option
|
|
|
|
|
2017-07-08 17:58:54 +02:00
|
|
|
class Command(ZulipBaseCommand):
|
2015-08-21 02:10:41 +02:00
|
|
|
help = """Manually block or unblock a user from accessing the API"""
|
|
|
|
|
|
|
|
def add_arguments(self, parser):
|
2016-06-04 16:52:18 +02:00
|
|
|
# type: (ArgumentParser) -> None
|
2015-08-21 02:10:41 +02:00
|
|
|
parser.add_argument('-e', '--email',
|
|
|
|
dest='email',
|
|
|
|
help="Email account of user.")
|
|
|
|
parser.add_argument('-a', '--api-key',
|
|
|
|
dest='api_key',
|
|
|
|
help="API key of user.")
|
|
|
|
parser.add_argument('-s', '--seconds',
|
|
|
|
dest='seconds',
|
|
|
|
default=60,
|
|
|
|
type=int,
|
|
|
|
help="Seconds to block for.")
|
|
|
|
parser.add_argument('-d', '--domain',
|
|
|
|
dest='domain',
|
|
|
|
default='all',
|
|
|
|
help="Rate-limiting domain. Defaults to 'all'.")
|
|
|
|
parser.add_argument('-b', '--all-bots',
|
|
|
|
dest='bots',
|
|
|
|
action='store_true',
|
|
|
|
default=False,
|
|
|
|
help="Whether or not to also block all bots for this user.")
|
|
|
|
parser.add_argument('operation', metavar='<operation>', type=str, choices=['block', 'unblock'],
|
|
|
|
help="operation to perform (block or unblock)")
|
2017-07-08 17:58:54 +02:00
|
|
|
self.add_realm_args(parser)
|
2013-05-29 23:58:07 +02:00
|
|
|
|
|
|
|
def handle(self, *args, **options):
|
2016-06-04 16:52:18 +02:00
|
|
|
# type: (*Any, **Any) -> None
|
2013-05-29 23:58:07 +02:00
|
|
|
if (not options['api_key'] and not options['email']) or \
|
|
|
|
(options['api_key'] and options['email']):
|
2015-11-01 17:11:06 +01:00
|
|
|
print("Please enter either an email or API key to manage")
|
2013-05-29 23:58:07 +02:00
|
|
|
exit(1)
|
|
|
|
|
2017-07-08 17:58:54 +02:00
|
|
|
realm = self.get_realm(options)
|
2013-05-29 23:58:07 +02:00
|
|
|
if options['email']:
|
2017-07-08 17:58:54 +02:00
|
|
|
user_profile = self.get_user(options['email'], realm)
|
2013-05-29 23:58:07 +02:00
|
|
|
else:
|
|
|
|
try:
|
|
|
|
user_profile = UserProfile.objects.get(api_key=options['api_key'])
|
2017-03-05 10:25:27 +01:00
|
|
|
except Exception:
|
2016-05-04 23:16:27 +02:00
|
|
|
print("Unable to get user profile for api key %s" % (options['api_key'],))
|
2013-05-29 23:58:07 +02:00
|
|
|
exit(1)
|
|
|
|
|
|
|
|
users = [user_profile]
|
|
|
|
if options['bots']:
|
|
|
|
users.extend(bot for bot in UserProfile.objects.filter(is_bot=True,
|
|
|
|
bot_owner=user_profile))
|
|
|
|
|
2015-08-21 02:10:41 +02:00
|
|
|
operation = options['operation']
|
2013-05-29 23:58:07 +02:00
|
|
|
for user in users:
|
2015-11-01 17:11:06 +01:00
|
|
|
print("Applying operation to User ID: %s: %s" % (user.id, operation))
|
2013-05-29 23:58:07 +02:00
|
|
|
|
|
|
|
if operation == 'block':
|
2017-07-31 07:08:33 +02:00
|
|
|
block_access(RateLimitedUser(user, domain=options['domain']),
|
|
|
|
options['seconds'])
|
2013-05-29 23:58:07 +02:00
|
|
|
elif operation == 'unblock':
|
|
|
|
unblock_user(user, options['domain'])
|