re2o/preferences/models.py

# -*- mode: python; coding: utf-8 -*-
# Re2o un logiciel d'administration développé initiallement au rezometz. Il
# se veut agnostique au réseau considéré, de manière à être installable en
# quelques clics.
#
# Copyright © 2017  Gabriel Détraz
# Copyright © 2017  Goulven Kermarec
# Copyright © 2017  Augustin Lemesle
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
"""
Reglages généraux, machines, utilisateurs, mail, general pour l'application.
"""
from __future__ import unicode_literals

from django.utils.functional import cached_property
from django.db import models
import cotisations.models
import machines.models
from django.db.models.signals import post_save, post_delete
from django.dispatch import receiver
from django.core.cache import cache

from .aes_field import AESEncryptedField


class PreferencesModel(models.Model):
    @classmethod
    def set_in_cache(cls):
        instance, _created = cls.objects.get_or_create()
        cache.set(cls().__class__.__name__.lower(), instance, None)
        return instance

    @classmethod
    def get_cached_value(cls, key):
        instance = cache.get(cls().__class__.__name__.lower())
        if instance == None:
            instance = cls.set_in_cache() 
        return getattr(instance, key)

    class Meta:
        abstract = True


class OptionalUser(PreferencesModel):
    """Options pour l'user : obligation ou nom du telephone,
    activation ou non du solde, autorisation du negatif, fingerprint etc"""
    PRETTY_NAME = "Options utilisateur"

    is_tel_mandatory = models.BooleanField(default=True)
    user_solde = models.BooleanField(default=False)
    solde_negatif = models.DecimalField(
        max_digits=5,
        decimal_places=2,
        default=0
    )
    max_solde = models.DecimalField(
        max_digits=5,
        decimal_places=2,
        default=50
    )
    min_online_payment = models.DecimalField(
        max_digits=5,
        decimal_places=2,
        default=10
    )
    gpg_fingerprint = models.BooleanField(default=True)
    all_can_create_club = models.BooleanField(
        default=False,
        help_text="Les users peuvent créer un club"
    )
    all_can_create_adherent = models.BooleanField(
        default=False,
        help_text="Les users peuvent créer d'autres adhérents",
    )
    self_adhesion = models.BooleanField(
        default=False,
        help_text="Un nouvel utilisateur peut se créer son compte sur re2o"
    )

    class Meta:
        permissions = (
            ("view_optionaluser", "Peut voir les options de l'user"),
        )

    def get_instance(*args, **kwargs):
        return OptionalUser.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a OptionalUser object.

        :param user_request: The user who wants to create a user object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_optionaluser'), u"Vous n'avez pas le droit\
            de créer les préférences concernant les users"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a OptionalUser object.

        :param self: The OptionalUser which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_optionaluser'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant les users"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a OptionalUser object.

        :param self: The OptionalUser which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_optionaluser'), u"Vous n'avez pas le droit\
            de supprimer les préférences concernant les users"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every OptionalUser objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """
        return user_request.has_perm('preferences.view_optionaluser'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les utilisateurs"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a OptionalUser object.

        :param self: The targeted OptionalUser.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_optionaluser'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les utilisateurs"

    def clean(self):
        """Creation du mode de paiement par solde"""
        if self.user_solde:
            p = cotisations.models.Paiement.objects.filter(moyen="Solde")
            if not len(p):
                c = cotisations.models.Paiement(moyen="Solde")
                c.save()


@receiver(post_save, sender=OptionalUser)
def optionaluser_post_save(sender, **kwargs):
    """Ecriture dans le cache"""            
    user_pref = kwargs['instance']
    user_pref.set_in_cache()


class OptionalMachine(PreferencesModel):
    """Options pour les machines : maximum de machines ou d'alias par user
    sans droit, activation de l'ipv6"""
    PRETTY_NAME = "Options machines"

    SLAAC = 'SLAAC'
    DHCPV6 = 'DHCPV6'
    DISABLED = 'DISABLED'
    CHOICE_IPV6 = (
        (SLAAC, 'Autoconfiguration par RA'),
        (DHCPV6, 'Attribution des ip par dhcpv6'),
        (DISABLED, 'Désactivé'),
    )

    password_machine = models.BooleanField(default=False)
    max_lambdauser_interfaces = models.IntegerField(default=10)
    max_lambdauser_aliases = models.IntegerField(default=10)
    ipv6_mode = models.CharField(
        max_length=32,
        choices=CHOICE_IPV6,
        default='DISABLED'
    )
    create_machine = models.BooleanField(
        default=True,
        help_text="Permet à l'user de créer une machine"
    )

    @cached_property
    def ipv6(self):
         return not self.get_cached_value('ipv6_mode') == 'DISABLED'

    class Meta:
        permissions = (
            ("view_optionalmachine", "Peut voir les options de machine"),
        )

    def get_instance(*args, **kwargs):
        return OptionalMachine.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a OptionalMachine object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_optionalmachine'), u"Vous n'avez pas le droit\
            de créer les préférences concernant les machines"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a OptionalMachine object.

        :param self: The OptionalMachine which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_optionalmachine'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant les machines"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a OptionalMachine object.

        :param self: The OptionalMachine which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """

        return user_request.has_perm('preferences.delete_optionalmachine'), u"Vous n'avez pas le droit\
            de supprimer les préférences concernant les machines"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every OptionalMachine objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """
        return user_request.has_perm('preferences.view_optionalmachine'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les machines"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a OptionalMachine object.

        :param self: The targeted OptionalMachine.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_optionalmachine'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les machines"


@receiver(post_save, sender=OptionalMachine)
def optionalmachine_post_save(sender, **kwargs):
    """Synchronisation ipv6 et ecriture dans le cache"""            
    machine_pref = kwargs['instance']
    machine_pref.set_in_cache()
    if machine_pref.ipv6_mode != "DISABLED":
        for interface in machines.models.Interface.objects.all():
            interface.sync_ipv6()


class OptionalTopologie(PreferencesModel):
    """Reglages pour la topologie : mode d'accès radius, vlan où placer
    les machines en accept ou reject"""
    PRETTY_NAME = "Options topologie"
    MACHINE = 'MACHINE'
    DEFINED = 'DEFINED'
    CHOICE_RADIUS = (
        (MACHINE, 'Sur le vlan de la plage ip machine'),
        (DEFINED, 'Prédéfini dans "Vlan où placer les machines\
            après acceptation RADIUS"'),
    )

    radius_general_policy = models.CharField(
        max_length=32,
        choices=CHOICE_RADIUS,
        default='DEFINED'
    )
    vlan_decision_ok = models.OneToOneField(
        'machines.Vlan',
        on_delete=models.PROTECT,
        related_name='decision_ok',
        blank=True,
        null=True
    )
    vlan_decision_nok = models.OneToOneField(
        'machines.Vlan',
        on_delete=models.PROTECT,
        related_name='decision_nok',
        blank=True,
        null=True
    )

    class Meta:
        permissions = (
            ("view_optionaltopologie", "Peut voir les options de topologie"),
        )

    def get_instance(*args, **kwargs):
        return OptionalTopologie.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a OptionalTopologie object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_optionaltopologie'), u"Vous n'avez pas le droit\
            de créer les préférences concernant la topologie"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a OptionalTopologie object.

        :param self: The OptionalTopologie which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_optionaltopologie'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant la topologie"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a OptionalTopologie object.

        :param self: The OptionalTopologie which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_optionaltoplogie'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant la topologie"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every OptionalTopologie objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """
        return user_request.has_perm('preferences.view_optionaltopologie'), u"Vous n'avez pas le droit\
            de voir les préférences concernant la topologie"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a OptionalTopologie object.

        :param self: The targeted OptionalTopologie.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_optionaltopologie'), u"Vous n'avez pas le droit\
            de voir les préférences concernant la topologie"


@receiver(post_save, sender=OptionalTopologie)
def optionaltopologie_post_save(sender, **kwargs):
    """Ecriture dans le cache"""            
    topologie_pref = kwargs['instance']
    topologie_pref.set_in_cache()


class GeneralOption(PreferencesModel):
    """Options générales : nombre de resultats par page, nom du site,
    temps où les liens sont valides"""
    PRETTY_NAME = "Options générales"

    general_message = models.TextField(
        default="",
        blank=True,
        help_text="Message général affiché sur le site (maintenance, etc"
    )
    search_display_page = models.IntegerField(default=15)
    pagination_number = models.IntegerField(default=25)
    pagination_large_number = models.IntegerField(default=8)
    req_expire_hrs = models.IntegerField(default=48)
    site_name = models.CharField(max_length=32, default="Re2o")
    email_from = models.EmailField(default="www-data@serveur.net")
    GTU_sum_up = models.TextField(
        default="",
        blank=True,
    )
    GTU = models.FileField(
        upload_to = '',
        default="",
        null=True,
        blank=True,
    )

    class Meta:
        permissions = (
            ("view_generaloption", "Peut voir les options générales"),
        )

    def get_instance(*args, **kwargs):
        return GeneralOption.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a GeneralOption object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_generaloption'), u"Vous n'avez pas le droit\
            de créer les préférences générales"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a GeneralOption object.

        :param self: The GeneralOption which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_generaloption'), u"Vous n'avez pas le droit\
            d'éditer les préférences générales"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a GeneralOption object.

        :param self: The GeneralOption which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_generaloption'), u"Vous n'avez pas le droit\
            d'éditer les préférences générales"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every GeneralOption objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """

        return user_request.has_perm('preferences.view_generaloption'), u"Vous n'avez pas le droit\
            de voir les préférences générales"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a GeneralOption object.

        :param self: The targeted GeneralOption.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_generaloption'), u"Vous n'avez pas le droit\
            de voir les préférences générales"


@receiver(post_save, sender=GeneralOption)
def generaloption_post_save(sender, **kwargs):
    """Ecriture dans le cache"""            
    general_pref = kwargs['instance']
    general_pref.set_in_cache()


class Service(models.Model):
    """Liste des services affichés sur la page d'accueil : url, description,
    image et nom"""
    name = models.CharField(max_length=32)
    url = models.URLField()
    description = models.TextField()
    image = models.ImageField(upload_to='logo', blank=True)

    class Meta:
        permissions = (
            ("view_service", "Peut voir les options de service"),
        )

    def get_instance(serviceid, *args, **kwargs):
        return Service.objects.get(pk=serviceid)

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a Service object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """

        return user_request.has_perm('preferences.add_service'), u"Vous n'avez pas le droit\
            de créer un service pour la page d'accueil"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a Service object.

        :param self: The Service which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_service'), u"Vous n'avez pas le droit\
            d'éditer les services pour la page d'accueil"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a Service object.

        :param self: The Right which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_service'), u"Vous n'avez pas le droit\
            de supprimer les services pour la page d'accueil"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every Service objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """

        return user_request.has_perm('preferences.view_service'), u"Vous n'avez pas le droit\
            de voir les services pour la page d'accueil"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a Service object.

        :param self: The targeted Service.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_service'), u"Vous n'avez pas le droit\
            de voir les services pour la page d'accueil"

    def __str__(self):
        return str(self.name)


class AssoOption(PreferencesModel):
    """Options générales de l'asso : siret, addresse, nom, etc"""
    PRETTY_NAME = "Options de l'association"

    name = models.CharField(
        default="Association réseau école machin",
        max_length=256
    )
    siret = models.CharField(default="00000000000000", max_length=32)
    adresse1 = models.CharField(default="1 Rue de exemple", max_length=128)
    adresse2 = models.CharField(default="94230 Cachan", max_length=128)
    contact = models.EmailField(default="contact@example.org")
    telephone = models.CharField(max_length=15, default="0000000000")
    pseudo = models.CharField(default="Asso", max_length=32)
    utilisateur_asso = models.OneToOneField(
        'users.User',
        on_delete=models.PROTECT,
        blank=True,
        null=True
    )
    PAYMENT = (
        ('NONE', 'NONE'),
        ('COMNPAY', 'COMNPAY'),
    )
    payment = models.CharField(max_length=255,
        choices=PAYMENT,
        default='NONE',
    )
    payment_id = models.CharField(
        max_length=255,
        default='',
    )
    payment_pass = AESEncryptedField(
        max_length=255,
        null=True,
        blank=True,
    )
    description = models.TextField(default="")

    class Meta:
        permissions = (
            ("view_assooption", "Peut voir les options de l'asso"),
        )

    def get_instance(*args, **kwargs):
        return AssoOption.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a AssoOption object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_assooption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant l'association"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a AssoOption object.

        :param self: The AssoOption which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """
        return user_request.has_perm('preferences.change_assooption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant l'association"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a AssoOption object.

        :param self: The AssoOption which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_assooption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant l'association"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every AssoOption objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """
        return user_request.has_perm('preferences.view_assooption'), u"Vous n'avez pas le droit\
            de voir les préférences concernant l'association"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a AssoOption object.

        :param self: The targeted AssoOption.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_assooption'), u"Vous n'avez pas le droit\
            de voir les préférences concernant l'association"


@receiver(post_save, sender=AssoOption)
def assooption_post_save(sender, **kwargs):
    """Ecriture dans le cache"""            
    asso_pref = kwargs['instance']
    asso_pref.set_in_cache()


class MailMessageOption(models.Model):
    """Reglages, mail de bienvenue et autre"""
    PRETTY_NAME = "Options de corps de mail"

    welcome_mail_fr = models.TextField(default="")
    welcome_mail_en = models.TextField(default="")

    class Meta:
        permissions = (
            ("view_mailmessageoption", "Peut voir les options de mail"),
        )

    def get_instance(*args, **kwargs):
        return MailMessageOption.objects.get_or_create()

    def can_create(user_request, *args, **kwargs):
        """Check if an user can create a MailMessageOption object.

        :param user_request: The user who wants to create an object.
        :return: a message and a boolean which is True if the user can create.
        """
        return user_request.has_perm('preferences.add_mailmessageoption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant les mails"

    def can_edit(self, user_request, *args, **kwargs):
        """Check if an user can edit a MailMessageOption object.

        :param self: The MailMessageOption which is to be edited.
        :param user_request: The user who requests to edit self.
        :return: a message and a boolean which is True if edition is granted.
        """

        return user_request.has_perm('preferences.change_mailmessageoption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant les mails"

    def can_delete(self, user_request, *args, **kwargs):
        """Check if an user can delete a AssoOption object.

        :param self: The AssoOption which is to be deleted.
        :param user_request: The user who requests deletion.
        :return: True if deletion is granted, and a message.
        """
        return user_request.has_perm('preferences.delete_mailmessageoption'), u"Vous n'avez pas le droit\
            d'éditer les préférences concernant les mails"

    def can_view_all(user_request, *args, **kwargs):
        """Check if an user can access to the list of every AssoOption objects

        :param user_request: The user who wants to view the list.
        :return: True if the user can view the list and an explanation message.
        """
        return user_request.has_perm('preferences.view_mailmessageoption'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les mails"

    def can_view(self, user_request, *args, **kwargs):
        """Check if an user can view a AssoOption object.

        :param self: The targeted AssoOption.
        :param user_request: The user who ask for viewing the target.
        :return: A boolean telling if the acces is granted and an explanation
        text
        """
        return user_request.has_perm('preferences.view_mailmessageoption'), u"Vous n'avez pas le droit\
            de voir les préférences concernant les mails"