8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2025-01-23 08:34:29 +00:00

No more has_perms in machines.

This commit is contained in:
LEVY-FALK Hugo 2017-12-30 01:48:23 +01:00 committed by root
parent 5fea2bdebd
commit 0d54c8ab86
3 changed files with 55 additions and 15 deletions

View file

@ -38,6 +38,8 @@ from __future__ import unicode_literals
from django.forms import ModelForm, Form
from django import forms
from re2o.field_permissions import FieldPermissionFormMixin
from .models import (
Domain,
Machine,
@ -58,7 +60,7 @@ from .models import (
)
class EditMachineForm(ModelForm):
class EditMachineForm(FieldPermissionFormMixin, ModelForm):
"""Formulaire d'édition d'une machine"""
class Meta:
model = Machine
@ -117,10 +119,10 @@ class AddInterfaceForm(EditInterfaceForm):
fields = ['type', 'ipv4', 'mac_address', 'details']
def __init__(self, *args, **kwargs):
infra = kwargs.pop('infra')
user = kwargs.pop('user')
super(AddInterfaceForm, self).__init__(*args, **kwargs)
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
if not infra:
if not IpType.can_use_all(user):
self.fields['type'].queryset = MachineType.objects.filter(
ip_type__in=IpType.objects.filter(need_infra=False)
)
@ -146,13 +148,14 @@ class BaseEditInterfaceForm(EditInterfaceForm):
fields = ['type', 'ipv4', 'mac_address', 'details']
def __init__(self, *args, **kwargs):
infra = kwargs.pop('infra')
user = kwargs.pop('user')
super(BaseEditInterfaceForm, self).__init__(*args, **kwargs)
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
if not infra:
if not MachineType.can_use_all(user):
self.fields['type'].queryset = MachineType.objects.filter(
ip_type__in=IpType.objects.filter(need_infra=False)
)
if not IpType.can_use_all(user):
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
).filter(ip_type__in=IpType.objects.filter(need_infra=False))

View file

@ -37,11 +37,13 @@ from django.core.validators import MaxValueValidator
from macaddress.fields import MACAddressField
from re2o.field_permissions import FieldPermissionModelMixin
import users.models
import preferences.models
class Machine(models.Model):
class Machine(FieldPermissionModelMixin, models.Model):
""" Class définissant une machine, object parent user, objets fils
interfaces"""
PRETTY_NAME = "Machine"
@ -61,6 +63,21 @@ class Machine(models.Model):
:return: Une instance machine évidemment"""
return Machine.objects.get(pk=machineid)
@staticmethod
def can_change_user(user_request, *args, **kwargs):
"""Checks if an user is allowed to change the user who owns a
Machine.
Args:
user_request: The user requesting to change owner.
Returns:
A tuple with a boolean stating if edition is allowed and an
explanation message.
"""
return user_request.has_perms(('infra',)), "Vous ne pouvez pas \
modifier l'utilisateur de la machine."
def can_create(user_request, userid, *args, **kwargs):
"""Vérifie qu'un user qui fait la requète peut bien créer la machine
et n'a pas atteint son quota, et crée bien une machine à lui
@ -180,6 +197,19 @@ class MachineType(models.Model):
return False, u"Vous n'avez pas le droit de supprimer des types de machines"
return True, None
def can_use_all(user_request, *args, **kwargs):
"""Check if an user can use every MachineType.
Args:
user_request: The user requesting edition.
Returns:
A tuple with a boolean stating if user can acces and an explanation
message is acces is not allowed.
"""
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'utiliser tout types de machines"
return True, None
def can_view_all(user_request, *args, **kwargs):
"""Vérifie qu'on peut bien afficher l'ensemble des machinetype,
droit particulier correspondant
@ -313,6 +343,13 @@ class IpType(models.Model):
:return: Une instance iptype évidemment"""
return IpType.objects.get(pk=iptypeid)
def can_use_all(user_request, *args, **kwargs):
"""Superdroit qui permet d'utiliser toutes les extensions sans restrictions
:param user_request: instance user qui fait l'edition
:return: True ou False avec la raison de l'échec le cas échéant"""
return user_request.has_perms(('infra',)), None
def can_create(user_request, *args, **kwargs):
"""Verifie que l'user a les bons droits infra pour créer
un type d'ip

View file

@ -225,10 +225,10 @@ def new_machine(request, user, userid):
le sous objet interface et l'objet domain à partir de model forms.
Trop complexe, devrait être simplifié"""
machine = NewMachineForm(request.POST or None)
machine = NewMachineForm(request.POST or None, user=user)
interface = AddInterfaceForm(
request.POST or None,
infra=request.user.has_perms(('infra',))
user=request.user
)
domain = DomainForm(request.POST or None, user=user)
if machine.is_valid() and interface.is_valid():
@ -275,12 +275,12 @@ def edit_interface(request, interface_instance, interfaceid):
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
infra permet de modifier le propriétaire"""
if not request.user.has_perms(('infra',)):
machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
else:
machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
machine_form = EditMachineForm(
request.POST or None,
instance=interface_instance.machine,
user=request.user
)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user)
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
new_machine = machine_form.save(commit=False)
@ -327,7 +327,7 @@ def del_machine(request, machine, machineid):
def new_interface(request, machine, machineid):
""" Ajoute une interface et son domain associé à une machine existante"""
interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
interface_form = AddInterfaceForm(request.POST or None, user=user)
domain_form = DomainForm(request.POST or None)
if interface_form.is_valid():
new_interface = interface_form.save(commit=False)