diff --git a/src/backoffice/templates/backoffice_proxy.html b/src/backoffice/templates/backoffice_proxy.html
new file mode 100644
index 00000000..4c50442f
--- /dev/null
+++ b/src/backoffice/templates/backoffice_proxy.html
@@ -0,0 +1,18 @@
+{% extends 'base.html' %}
+{% load bootstrap3 %}
+
+{% block content %}
+
+
See proxied content
+
+
+
+{% endblock content %}
+
diff --git a/src/backoffice/templates/index.html b/src/backoffice/templates/index.html
index a7de5365..3c02d1a2 100644
--- a/src/backoffice/templates/index.html
+++ b/src/backoffice/templates/index.html
@@ -109,6 +109,12 @@
Use this view to see and approve/reject revenues.
{% endif %}
+
+ External Content
+
+ Proxied Content
+ Use this view to see proxied content
+
diff --git a/src/backoffice/urls.py b/src/backoffice/urls.py
index 2fd97841..74189284 100644
--- a/src/backoffice/urls.py
+++ b/src/backoffice/urls.py
@@ -4,6 +4,7 @@ from .views import (
ApproveFeedbackView,
ApproveNamesView,
BackofficeIndexView,
+ BackofficeProxyView,
BadgeHandoutView,
ChainDetailView,
ChainListView,
@@ -36,6 +37,9 @@ app_name = "backoffice"
urlpatterns = [
path("", BackofficeIndexView.as_view(), name="index"),
+ # proxy view
+ path("proxy/", BackofficeProxyView.as_view(), name="proxy"),
+ # facility feedback
path(
"feedback/facilities//",
include([path("", FacilityFeedbackView.as_view(), name="facilityfeedback")]),
diff --git a/src/backoffice/views.py b/src/backoffice/views.py
index 54c7132e..acaf91d5 100644
--- a/src/backoffice/views.py
+++ b/src/backoffice/views.py
@@ -2,7 +2,9 @@ import logging
import os
from itertools import chain
+import requests
from camps.mixins import CampViewMixin
+from django import forms
from django.conf import settings
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
@@ -11,6 +13,7 @@ from django.core.exceptions import PermissionDenied
from django.core.files import File
from django.db.models import Sum
from django.forms import modelformset_factory
+from django.http import HttpResponse
from django.shortcuts import get_object_or_404, redirect
from django.urls import reverse
from django.utils import timezone
@@ -771,3 +774,41 @@ class ShopTicketOverview(LoginRequiredMixin, CampViewMixin, ListView):
def get_context_data(self, *, object_list=None, **kwargs):
kwargs["ticket_types"] = TicketType.objects.filter(camp=self.camp)
return super().get_context_data(object_list=object_list, **kwargs)
+
+
+class BackofficeProxyView(CampViewMixin, RaisePermissionRequiredMixin, FormView):
+ """
+ Show proxied stuff, only for simple HTML pages with no external content
+ Define URLs in settings.BACKOFFICE_PROXY_URLS as a dict of description: url pairs
+ """
+
+ permission_required = "camps.backoffice_permission"
+ template_name = "backoffice_proxy.html"
+
+ def setup(self, *args, **kwargs):
+ super().setup(*args, **kwargs)
+ self.form_class = forms.Form
+
+ def get_form(self, *args, **kwargs):
+ form = super().get_form(*args, **kwargs)
+ form.fields["url"] = forms.ChoiceField(
+ choices=[
+ (url, desc) for desc, url in settings.BACKOFFICE_PROXY_URLS.items()
+ ],
+ widget=forms.RadioSelect,
+ help_text="Pick the URL you wish to see",
+ )
+ return form
+
+ def form_valid(self, form):
+ """ Perform the request and return the response """
+ if form.cleaned_data["url"] not in settings.BACKOFFICE_PROXY_URLS.values():
+ # this is not one of the urls from settings
+ messages.error(self.request, "Unknown URL")
+ return redirect(
+ reverse("backoffice:proxy", kwargs={"camp_slug": self.camp.slug})
+ )
+ # perform the request
+ r = requests.get(form.cleaned_data["url"])
+ # return the response, keeping the status code but no headers
+ return HttpResponse(r.content, status=r.status_code)
diff --git a/src/bornhack/environment_settings.py.dist b/src/bornhack/environment_settings.py.dist
index 4187f833..59d6d64c 100644
--- a/src/bornhack/environment_settings.py.dist
+++ b/src/bornhack/environment_settings.py.dist
@@ -96,3 +96,5 @@ ECONOMYTEAM_NAME = "Economy"
BORNHACK_2019_OLD_TOKEN_TOKEN = "{{ bornhack_2019_old_token_token }}"
KORTFORSYNINGEN_TOKEN = "{{ kortforsyningen_token }}"
+BACKOFFICE_PROXY_URLS = {}
+
diff --git a/src/maps/views.py b/src/maps/views.py
index b805c084..627ccf2c 100644
--- a/src/maps/views.py
+++ b/src/maps/views.py
@@ -45,7 +45,7 @@ class MapProxyView(View):
"upgrade",
]
# proxy all headers from our upstream request to the response to our client,
- # if they headers are not in our list of troublemakers
+ # if the headers are not in our list of troublemakers
for key, value in r.headers.items():
if key.lower() not in excluded_headers:
response[key] = value