From 438b74e711a99e6feffdee362a97437a6d84644f Mon Sep 17 00:00:00 2001 From: Vitor Choi Feitosa Date: Mon, 5 Sep 2016 20:07:42 -0300 Subject: [PATCH] =?UTF-8?q?Adicionada=20API=20para=20consulta=20whois=20?= =?UTF-8?q?=C3=A0=20base=20do=20SIGI?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- requirements/requirements.txt | 1 + sigi/apps/whois/__init__.py | 0 sigi/apps/whois/admin.py | 3 + sigi/apps/whois/migrations/__init__.py | 0 sigi/apps/whois/models.py | 3 + sigi/apps/whois/tests.py | 3 + sigi/apps/whois/urls.py | 10 +++ sigi/apps/whois/views.py | 86 ++++++++++++++++++++++++++ sigi/settings/base.py | 17 ++++- sigi/urls.py | 1 + 10 files changed, 123 insertions(+), 1 deletion(-) create mode 100644 sigi/apps/whois/__init__.py create mode 100644 sigi/apps/whois/admin.py create mode 100644 sigi/apps/whois/migrations/__init__.py create mode 100644 sigi/apps/whois/models.py create mode 100644 sigi/apps/whois/tests.py create mode 100644 sigi/apps/whois/urls.py create mode 100644 sigi/apps/whois/views.py diff --git a/requirements/requirements.txt b/requirements/requirements.txt index aa377d1..7faa83b 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -19,3 +19,4 @@ PyYAML==3.11 reportlab==2.7 requests==2.8.1 six==1.10.0 +djangorestframework==2.4.8 diff --git a/sigi/apps/whois/__init__.py b/sigi/apps/whois/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/sigi/apps/whois/admin.py b/sigi/apps/whois/admin.py new file mode 100644 index 0000000..8c38f3f --- /dev/null +++ b/sigi/apps/whois/admin.py @@ -0,0 +1,3 @@ +from django.contrib import admin + +# Register your models here. diff --git a/sigi/apps/whois/migrations/__init__.py b/sigi/apps/whois/migrations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/sigi/apps/whois/models.py b/sigi/apps/whois/models.py new file mode 100644 index 0000000..71a8362 --- /dev/null +++ b/sigi/apps/whois/models.py @@ -0,0 +1,3 @@ +from django.db import models + +# Create your models here. diff --git a/sigi/apps/whois/tests.py b/sigi/apps/whois/tests.py new file mode 100644 index 0000000..7ce503c --- /dev/null +++ b/sigi/apps/whois/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/sigi/apps/whois/urls.py b/sigi/apps/whois/urls.py new file mode 100644 index 0000000..8e6223a --- /dev/null +++ b/sigi/apps/whois/urls.py @@ -0,0 +1,10 @@ +# coding: utf-8 +from django.conf.urls import patterns, url +from django.views.generic.base import TemplateView +from . import views + +urlpatterns = patterns( + '', + url(r'^(?P.+)$', views.whois_query), +) + diff --git a/sigi/apps/whois/views.py b/sigi/apps/whois/views.py new file mode 100644 index 0000000..4530c01 --- /dev/null +++ b/sigi/apps/whois/views.py @@ -0,0 +1,86 @@ +# coding: utf-8 +from django.http import HttpResponse,HttpResponseBadRequest +from django.shortcuts import render +from django.views.decorators.csrf import csrf_exempt + +from rest_framework import status, permissions +from rest_framework.response import Response +from rest_framework.decorators import api_view, permission_classes + +import re +from urlparse import urlparse +from collections import OrderedDict + +from sigi.apps.servicos.models import * +from sigi.settings import WHOIS_WHITELIST + +class WhitelistPermission(permissions.BasePermission): + """ + Allow only whitelisted IP addresses + """ + + def has_permission(self, request, view): + ip_addr = request.META['REMOTE_ADDR'] + if ip_addr in WHOIS_WHITELIST: + return True + else: + return False + +def consulta_valida(consulta): + """ + Determina se uma consulta é válida. Além de ser um domínio válido, deve terminar em uf.leg.br + """ + + regex_dominio=r'^[a-zA-Z\d]{,63}(\.[a-zA-Z\d-]{,63})*.(ac|al|ap|am|ba|ce|df|es|go|ma|mt|ms|mg|pr|pb|pa|pe|pi|rj|rn|rs|ro|rr|sc|se|sp|to).leg.br$' + m = re.match(regex_dominio, consulta) + if m == None: + return False + + return True + +def match_url_dominio(url, dominio): + """ + Compara o url cadastrado no serviço com o domínio pesquisado. + """ + + url=urlparse(url) + if url.netloc == dominio: + return True + else: + return False + +@api_view(['GET']) +@permission_classes([WhitelistPermission]) +def whois_query(request, dominio): + """ + Consulta a base do SIGI por um domínio e retorna um dicionário. + """ + + if not consulta_valida(dominio): + return Response({'detail':'406 Not Acceptable'}, status=status.HTTP_406_NOT_ACCEPTABLE) + + servicos = Servico.objects.filter(tipo_servico__sigla='LEGBR', url__contains=dominio) + resposta_dic = OrderedDict() + + for s in servicos: + # valida se pegamos o dominio correto, a busca pode retornar mais de + # um registro. ex. municipio.mg.leg.br / novomunicipio.mg.leg.br + # não sei se existe algum caso, mas é possível no algoritmo. + if not match_url_dominio(s.url, dominio): + next + + resposta_dic['_encoding'] = 'utf-8' + resposta_dic['domain'] = urlparse(s.url).netloc + resposta_dic['owner'] = "%s - %s " % (s.casa_legislativa.nome, s.casa_legislativa.municipio.uf.sigla) + resposta_dic['cnpj'] = s.casa_legislativa.cnpj + resposta_dic['created'] = unicode(s.data_ativacao) + resposta_dic['modified'] = unicode(s.data_alteracao) + resposta_dic['tech-name'] = s.contato_tecnico.nome + resposta_dic['tech-email'] = s.contato_tecnico.email + resposta_dic['tech-modified'] = unicode(s.contato_tecnico.ult_alteracao) + resposta_dic['admin-name'] = s.contato_administrativo.nome + resposta_dic['admin-email'] = s.contato_administrativo.email + resposta_dic['admin-modified'] = unicode(s.contato_administrativo.ult_alteracao) + + return Response(resposta_dic, status=status.HTTP_200_OK) + diff --git a/sigi/settings/base.py b/sigi/settings/base.py index a2e49ef..dd01141 100644 --- a/sigi/settings/base.py +++ b/sigi/settings/base.py @@ -68,6 +68,7 @@ INSTALLED_APPS = ( 'sigi.apps.financeiro', 'sigi.apps.diagnosticos', 'sigi.apps.eventos', + 'sigi.apps.whois', # Integração com Saberes (moodle) 'sigi.apps.mdl', @@ -79,6 +80,7 @@ INSTALLED_APPS = ( 'django_extensions', 'easy_thumbnails', 'image_cropping', + 'rest_framework', ) @@ -180,4 +182,17 @@ LOGGING = { } SABERES_REST_PATH = 'webservice/rest/server.php' -OSTICKET_URL = 'https://suporte.interlegis.leg.br/scp/tickets.php?a=search&query=%s' \ No newline at end of file +OSTICKET_URL = 'https://suporte.interlegis.leg.br/scp/tickets.php?a=search&query=%s' + +REST_FRAMEWORK = { + # Use Django's standard `django.contrib.auth` permissions, + # or allow read-only access for unauthenticated users. + 'DEFAULT_PERMISSION_CLASSES': [ + 'rest_framework.permissions.AllowAny', + ] +} + +# Lista de endereços IP que podem acessar a API de whois +WHOIS_WHITELIST = [ + '127.0.0.1', + ] diff --git a/sigi/urls.py b/sigi/urls.py index 38fe8f9..7eae6fc 100644 --- a/sigi/urls.py +++ b/sigi/urls.py @@ -24,6 +24,7 @@ urlpatterns = patterns( url(r'^dashboard/', include('sigi.apps.metas.urls')), url(r'^ocorrencias/', include('sigi.apps.ocorrencias.urls')), url(r'^eventos/', include('sigi.apps.eventos.urls')), + url(r'^whois/', include('sigi.apps.whois.urls')), url(r'^pentaho/(?P(plugin|api)/.*)$', pentaho_proxy), url(r'^', include('sigi.apps.home.urls')), url(r'^', include(admin.site.urls)),