2017-11-16 00:43:27 +01:00
|
|
|
from argparse import ArgumentParser
|
2016-06-04 16:52:18 +02:00
|
|
|
from typing import Any
|
|
|
|
|
2020-01-14 21:59:46 +01:00
|
|
|
from zerver.lib.management import CommandError, ZulipBaseCommand
|
2020-03-04 14:05:25 +01:00
|
|
|
from zerver.lib.rate_limiter import RateLimitedUser
|
2017-11-16 00:43:27 +01:00
|
|
|
from zerver.models import UserProfile, get_user_profile_by_api_key
|
2013-05-29 23:58:07 +02:00
|
|
|
|
2020-01-14 21:59:46 +01:00
|
|
|
|
2017-07-08 17:58:54 +02:00
|
|
|
class Command(ZulipBaseCommand):
|
2015-08-21 02:10:41 +02:00
|
|
|
help = """Manually block or unblock a user from accessing the API"""
|
|
|
|
|
2017-10-26 11:35:57 +02:00
|
|
|
def add_arguments(self, parser: ArgumentParser) -> None:
|
2015-08-21 02:10:41 +02:00
|
|
|
parser.add_argument('-e', '--email',
|
|
|
|
help="Email account of user.")
|
|
|
|
parser.add_argument('-a', '--api-key',
|
|
|
|
help="API key of user.")
|
|
|
|
parser.add_argument('-s', '--seconds',
|
|
|
|
default=60,
|
|
|
|
type=int,
|
|
|
|
help="Seconds to block for.")
|
|
|
|
parser.add_argument('-d', '--domain',
|
2019-08-03 20:39:49 +02:00
|
|
|
default='api_by_user',
|
|
|
|
help="Rate-limiting domain. Defaults to 'api_by_user'.")
|
2015-08-21 02:10:41 +02:00
|
|
|
parser.add_argument('-b', '--all-bots',
|
|
|
|
dest='bots',
|
|
|
|
action='store_true',
|
|
|
|
default=False,
|
|
|
|
help="Whether or not to also block all bots for this user.")
|
|
|
|
parser.add_argument('operation', metavar='<operation>', type=str, choices=['block', 'unblock'],
|
|
|
|
help="operation to perform (block or unblock)")
|
2017-07-08 17:58:54 +02:00
|
|
|
self.add_realm_args(parser)
|
2013-05-29 23:58:07 +02:00
|
|
|
|
2017-10-26 11:35:57 +02:00
|
|
|
def handle(self, *args: Any, **options: Any) -> None:
|
2013-05-29 23:58:07 +02:00
|
|
|
if (not options['api_key'] and not options['email']) or \
|
|
|
|
(options['api_key'] and options['email']):
|
2019-05-03 23:20:39 +02:00
|
|
|
raise CommandError("Please enter either an email or API key to manage")
|
2013-05-29 23:58:07 +02:00
|
|
|
|
2017-07-08 17:58:54 +02:00
|
|
|
realm = self.get_realm(options)
|
2013-05-29 23:58:07 +02:00
|
|
|
if options['email']:
|
2017-07-08 17:58:54 +02:00
|
|
|
user_profile = self.get_user(options['email'], realm)
|
2013-05-29 23:58:07 +02:00
|
|
|
else:
|
|
|
|
try:
|
2017-08-25 07:43:38 +02:00
|
|
|
user_profile = get_user_profile_by_api_key(options['api_key'])
|
|
|
|
except UserProfile.DoesNotExist:
|
2020-06-10 06:41:04 +02:00
|
|
|
raise CommandError("Unable to get user profile for api key {}".format(options['api_key']))
|
2013-05-29 23:58:07 +02:00
|
|
|
|
|
|
|
users = [user_profile]
|
|
|
|
if options['bots']:
|
|
|
|
users.extend(bot for bot in UserProfile.objects.filter(is_bot=True,
|
|
|
|
bot_owner=user_profile))
|
|
|
|
|
2015-08-21 02:10:41 +02:00
|
|
|
operation = options['operation']
|
2013-05-29 23:58:07 +02:00
|
|
|
for user in users:
|
2020-06-10 06:41:04 +02:00
|
|
|
print(f"Applying operation to User ID: {user.id}: {operation}")
|
2013-05-29 23:58:07 +02:00
|
|
|
|
|
|
|
if operation == 'block':
|
2020-03-04 14:05:25 +01:00
|
|
|
RateLimitedUser(user, domain=options['domain']).block_access(options['seconds'])
|
2013-05-29 23:58:07 +02:00
|
|
|
elif operation == 'unblock':
|
2020-03-04 14:05:25 +01:00
|
|
|
RateLimitedUser(user, domain=options['domain']).unblock_access()
|