Code, Django, Uncategorized

Making django-sitetree’s Display Permissions Show Access Denied

I like django-sitetree for what it is. There aren’t any other modules with as many features. One thing that bothers me is the permissions options just hide links. Anyone with a URL can still go to pages they aren’t allowed to. If this is how you are doing security for your site this can be a huge security risk.

Using custom middleware you can use django-sitetree’s own methods to check if you should show a page.

First, if you have multiple sitetrees come up with some logic to decide what sitetree you should look up based off the path.

If have:
alias = 'control_panel' if 'control_panel/action' in request.path else 'main_menu'

This makes it use the ‘control_panel’ sitetree and the ‘main_menu’ sitetree if ‘control_panel/action’ is not in the path.

Next make a middleware class based of whats below. Pay attention to the alias line you made earlier and replace it:


from sitetree.sitetreeapp import SiteTree, get_sitetree

class CheckAccessMiddleware(object): 

def process_request(self, request):
tree = get_sitetree()
context = SiteTree.get_global_context()
context['user'] = request.user
context['request'] = request
------REPLACE THIS------
alias = 'control_panel' if 'control_panel/action' in request.path else 'main_menu'
------REPLACE THIS------
tree.init_tree(alias, context)
page = tree.get_tree_current_item(alias)
if page:
    access = tree.check_access(page, context)
    if not access:
         # This should happen very rarely. A user will not
         # be shown a URL they don't have access to
         from django.core.exceptions import PermissionDenied
         raise PermissionDenied

Add this class to you MIDDLEWARE_CLASSES in settings.py. That should be it. If a path is not in your sitetree it won’t do anything. So make sure everything sensitive is in the sitetree. Don’t have items in your sitetree without a trailing slash and a trailing slash in your urls.py. Django will just redirect to the URL with the trailing slash and this will be run on the URL that does not exist in your sitetree.

One other thing of note, when looking through django-sitetree’s code I noticed they put the requests in a global variable and access it though a singleton. It seems to me that doing that is a definite no no as requests could bleed from one user to the other. I’m not well versed enough in how Django splits up requests among processes to know. It just doesn’t feel particularly right.

Django

Simple Django Module to Log Request Information to the Database

There are some solutions out there for logging analytics information to the database. I wanted something really simple and minimalistic. This set of scripts monkey patches each request to write some basic information out to the database after the request data is sent to the user. Because of this it should not impact the speed of your site. In a situation where you can’t or don’t want to use something like Google analytics this gets the job done. You can change it to capture any information that is useful to you.

You can find it on Github.

Elementary OS, Linux, Uncategorized

Updates to Relay

I pushed out some updates to Relay. You can find the changes on Github or Launchpad. Relay is an elegant and sleek IRC client designed for Elementary OS but will work on any Linux OS.

Relay will try to switch to a theme that looks good. You can now disable this by passing the -t option.

I also added better Unicode support and fixed an issue that was causing it to close prematurely.

Here is what Relay looks like. Its one of the nicest looking IRC clients out there.

Screenshot from 2015-07-04 13:52:24

Elementary OS, Linux, Ubuntu

Create BTRFS Snapshots With Each apt-get Transaction

So I took it upon myself to fork apt-btrfs-snapshot. It is a program that takes BTRFS snapshots after each apt transaction. I wanted it to use Snapper because Snapper has a GUI. Snapper also abstracts all of the functionality of working with BTRFS snapshots.

Here are some of the things its provides:

  • Management via a GUI
  • Rollbacks without mounting anything
  • A list of what files were changed and their filesizes
  • Tracking of what packages were installed
  • Pre and post snapshots
  • Automatic clean up

You can check it out on github:
https://github.com/agronick/apt-btrfs-snapper

64bit .deb

Ubuntu 14.04 Ubuntu 14.10 Ubuntu 15.04
32bit .deb 32bit .deb 32bit .deb
64bit .deb 64bit .deb 64bit .deb

You can use a tool called gdebi to grab all the dependencies you need, which are only really Python and Ssnapper. If you want this done for you run
gdebi apt-btrfs-snapper_0.4.1_all.deb

Management Via a GUI

You can check out this post on installing Snapper GUI on Ubuntu. As you can see below you get a list of all your snapshots and in the bottom you can see what packages were installed. If you hold down control you can select two snapshots and open up the changes view to see what files were changed.

Snapper-GUI on Ubuntu
Snapper-GUI on Ubuntu

ROLLBACKS WITHOUT MOUNTING ANYTHING

To rollback to a previous version you just type:
sudo apt-btrfs-snapper --restore .
Replace <ID> with the snapshot ID or the snapshot name. This will delete, create, and modify your files to get your machine back in the state that it was in when that snapshot was created. You can then roll forward in time just by using a newer ID. You don’t need to restart anything.

A LIST OF FILES THAT WERE CHANGED AND THEIR FILESIZES

You can get a list of snapshots with:
sudo apt-btrfs-snapper list
You can then see what files were changed between two snapshots with:
sudo apt-btrfs-snapper diff

Here is a sample of that output:

c   391 B      /usr/share/doc/maya-calendar-plugin-caldav/changelog.gz
c   391 B      /usr/share/doc/maya-calendar-plugin-google/changelog.gz
c   391 B      /usr/share/doc/maya-calendar/changelog.gz
c   542 B      /usr/share/doc/pantheon-files/changelog.gz
c   246 B      /usr/share/doc/pantheon-photos-common/changelog.Debian.gz
c   246 B      /usr/share/doc/pantheon-photos/changelog.Debian.gz
c   854 B      /usr/share/doc/plank/changelog.Debian.gz 

You can use snapper itself to restore an individual file to a specific state.

Tracking of what packages were installed

apt-btrfs-snapper saves the names of all the packages that were installed in the user data of each snapshot. The best place to view this is in snapper-gui. It can be viewed in the snapper command line tools but it is hard to read. You can see this in the bottom pane in the screenshot above.

Pre and post snapshots

apt-btrfs-snapper takes a snapshot before and after each transaction. They are grouped together in snapper-gui. You can easily see what changes took place between the two snapshots.

Automatic clean up

One of the best parts about snapper are the clean up algorithms built into it. apt-btrfs-snapper simply uses the configuration settings set for the number cleanup algorithm which is part of snapper.

So check it out. Its stable, works great, and makes taking and manipulating BTRFS snapshots a lot easier.

Linux

Installing Snapper-GUI on Ubuntu: A GUI for BTRFS Snapshots

Snapper GUI is a great program and one you absolutely need if you are using Snapper on a desktop. Snapper is a program that helps manage snapshots on the btrfs filesystem. This quick guide will go over how to install it on Ubuntu.

Snapper-GUI on Ubuntu
Snapper-GUI on Ubuntu

Run the following in a terminal.

First install the packages you will need to run:
sudo apt-get install python3 libgtksourceview-3.0-1 python3 python3-dbus python3-setuptools git

Then clone the snapper-gui GIT repo somewhere:
git clone --depth=1 https://github.com/ricardomv/snapper-gui.git

cd into the snapper-gui folder GIT created and run:
sudo python3 setup.py install

Now run the program:
snapper-gui

If you haven’t made a config with snapper first run:
snapper create-config /

Now that you have it installed you can use apt-btrfs-snapper to take a snapper snapshot every time you do an apt-get transaction.

Bash Scripts, Elementary OS, Linux

Updated Desktop Slideshow script for ElementaryOS

ElementaryOS logo A few days ago I released a desktop wallpaper slideshow script for ElementaryOS. A user pointed out that it wasn’t changing the login screen wallpaper. I added a fix and now your login screen will have a random background; the same one as the desktop slideshow. If there is a big demand for them to be independant of eachother I may make the desktop slideshow differ from the login screen.

You can still use the -bootonly flag to only set only one random wallpaper once when you log in to ElementaryOS. This will now also change your login screen’s wallpaper.

If you rather not change the login screen background from the default ElementaryOS one you can use the –nologin flag.

To change the login screen you will need qdbus. You can install it with apt-get install qdbus.

I added a bunch of logging which is useful if you give the desktop slideshow script a large number of files to work with. Occasionally you may see an x on your desktop indicating that an image couldn’t load. You can then check the logs with tail -f /var/log/syslog and see what image is giving you issues. Then you can delete it or move it. You must enable logging with the –log flag for this to work.

As always you can get the wallpaper slideshow script from Github. Check out the last post for more information on installing and running the Wallpaper Slideshow script. Let me know if you encounter any issues. Its always good to hear feedback.

Bash Scripts, Linux

Get the size of your BTRFS Snapshots

If you want to get the size of your BTRFS snapshots you would probably use btrfs qgroup show.  This only shows you a list of IDs and the sizes are in bytes. I wrote a script that will convert the sizes from bytes to kilobytes, megabytes or gigabytes. It will combine the IDs with the name of each snapshot or subvolume from btrfs subvolume list to make each row a lot more meaningful.

In the end instead of seeing a list like this:
Screenshot from 2015-05-26 15:47:24

You’ll see:

Detailed information of each BTRFS snapshot
Detailed information of each BTRFS snapshot

Instead of meaningless IDs you now have the name of your BTRFS subvolumes or snapshots. Instead of a hard to decipher string of bytes it converts each amount into the most appropriate unit of measurement. You can also see the total amount of data that is being used by the snapshots.

For this to work you first need to enable  quotas. Run this command to enable quotas if you haven’t done so already:

sudo btrfs quota enable /

You can clone the project from github by running:
git clone https://github.com/agronick/btrfs-size.git

Or you can just go a wget on the script:
wget https://raw.githubusercontent.com/agronick/btrfs-size/master/btrfs-size.sh

Set it to executable with:
chmod +x ./btrfs-size.sh

Now you can just run the script with: ./btrfs-size.sh

All the columns are pretty self explanatory. The Total column will tell you how much data is in that BTRFS subvolume. The Exclusive Data column is how much data is exclusive to that subvolume. Since BTRFS is a “copy on write” filesystem none of the data is replicated when you create a snapshot. It only needs to make a copy when something changes.

Leave your feedback here to let me know how it worked for you.