This repository was archived by the owner on May 13, 2026. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathadmin.py
More file actions
executable file
·45 lines (43 loc) · 1.41 KB
/
admin.py
File metadata and controls
executable file
·45 lines (43 loc) · 1.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# ----------------------------------------------------------------------
# Initiate a new CDR Session using the user's NIH domain account login
# and redirects to the top level CDR Admin menu.
# JIRA::OCECDR-3849
# JIRA::OCECDR-4092
# ----------------------------------------------------------------------
import os
import cdrlite
import datetime
import urllib.parse
target = "cgi-bin/cdr/Admin.py"
query_string = os.environ.get("QUERY_STRING")
if query_string:
for key, value in urllib.parse.parse_qsl(query_string):
if key.lower() == "target":
target = value
session = None
auth_user = os.environ.get("AUTH_USER")
webserver = os.environ.get("SERVER_NAME")
if auth_user:
domain, name = auth_user.split("\\")
if domain.upper() == "NIH":
try:
session = cdrlite.login(name)
except Exception:
session = False
now = datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S")
try:
strings = now, repr(auth_user), repr(session), target
fp = open("d:/cdr/log/admin-login.log", "a")
fp.write("{} admin.py {} {} {}\n".format(*strings))
fp.close()
except Exception:
pass
if session:
if "//" not in target:
path = target.lstrip("/")
target = f"https://{webserver}/{path}"
delimiter = "&" if "?" in target else "?"
url = f"{target}{delimiter}Session={session}"
print(f"Location: {url}\n")
else:
print("Status: 401 Unauthorized\n")