8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-12-25 00:13:45 +00:00

can_edit pour machines.models

This commit is contained in:
Maël Kervella 2017-11-29 23:45:53 +00:00 committed by root
parent 3ef9035712
commit 67b519d2fb
2 changed files with 282 additions and 95 deletions

View file

@ -72,6 +72,9 @@ class Machine(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, machineid):
return True, None
def __str__(self):
return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name)
@ -97,6 +100,15 @@ class MachineType(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type de machine"
def can_edit(user_request, machinetypeid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types de machine"
try:
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
except MachineType.DoesNotExist:
return False, u"Type de machine inexistant"
return True, None
def __str__(self):
return self.type
@ -211,6 +223,15 @@ class IpType(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type d'ip"
def can_edit(user_request, iptypeid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types d'ip"
try:
iptype_instance = IpType.objects.get(pk=iptypeid)
except IpType.DoesNotExist:
return False, u"Type d'ip inexistant"
return True, None
def __str__(self):
return self.type
@ -228,6 +249,15 @@ class Vlan(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un vlan"
def can_edit(user_request, vlanid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des vlans"
try:
vlan_instance = Vlan.objects.get(pk=vlanid)
except Vlan.DoesNotExist:
return False, u"Vlan inexistant"
return True, None
def __str__(self):
return self.name
@ -266,6 +296,15 @@ class Nas(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un nas"
def can_edit(user_request, nasid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des nas"
try:
nas_instance = Nas.objects.get(pk=nasid)
except Nas.DoesNotExist:
return False, u"Nas inexistant"
return True, None
def __str__(self):
return self.name
@ -306,6 +345,15 @@ class SOA(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SOA"
def can_edit(user_request, soaid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SOA"
try:
soa_instance = SOA.objects.get(pk=soaid)
except SOA.DoesNotExist:
return False, u"Enregistrement SOA inexistant"
return True, None
def __str__(self):
return str(self.name)
@ -392,6 +440,15 @@ class Extension(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer une extension"
def can_edit(user_request, extensionid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des extensions"
try:
extension_instance = Extension.objects.get(pk=extensionid)
except Extension.DoesNotExist:
return False, u"Extension inexistante"
return True, None
def __str__(self):
return self.name
@ -421,6 +478,15 @@ class Mx(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement MX"
def can_edit(user_request, mxid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregstrements MX"
try:
mx_instance = Mx.objects.get(pk=mxid)
except Mx.DoesNotExist:
return False, u"Enregistremet MX inexistant"
return True, None
def __str__(self):
return str(self.zone) + ' ' + str(self.priority) + ' ' + str(self.name)
@ -441,6 +507,15 @@ class Ns(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement NS"
def can_edit(user_request, nsid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements NS"
try:
ns_instance = Ns.objects.get(pk=nsid)
except Ns.DoesNotExist:
return False, u"Enregistrement NS inexistant"
return True, None
def __str__(self):
return str(self.zone) + ' ' + str(self.ns)
@ -457,6 +532,15 @@ class Txt(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement TXT"
def can_edit(user_request, txtid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrement TXT"
try:
txt_instance = Txt.objects.get(pk=txtid)
except Txt.DoesNotExist:
return False, u"Enregistrement TXT inexistant"
return True, None
def __str__(self):
return str(self.zone) + " : " + str(self.field1) + " " +\
str(self.field2)
@ -514,6 +598,15 @@ class Srv(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SRV"
def can_edit(user_request, srvid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SRV"
try:
srv_instance = Srv.objects.get(pk=srvid)
except Srv.DoesNotExist:
return False, u"Enregistrement SRV inexistant"
return True, None
def __str__(self):
return str(self.service) + ' ' + str(self.protocole) + ' ' +\
str(self.extension) + ' ' + str(self.priority) +\
@ -648,6 +741,17 @@ class Interface(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, interfaceid):
try:
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
return False, u"Interface inexistante"
if not user_request.has_perms(('infra',)):
if not user_request.has_perms(('cableur',)) and interface.machine.user != user_request:
return False, u"Vous ne pouvez pas éditer une machine\
d'un autre user que vous sans droit"
return True, None
def __str__(self):
try:
domain = self.domain
@ -768,6 +872,16 @@ class Domain(models.Model):
% max_lambdauser_aliases
return True, None
def can_edit(user_request, domainid):
try:
alias_instance = Domain.objects.get(pk=domainid)
except Domain.DoesNotExist:
return False, u"Alias inexistant"
if not user_request.has_perms(('cableur',)) and (alias_instance.cname is None or alias_instance.cname.interface_parent.machine.user != user_request):
return False, u"Vous ne pouvez pas ajouter un alias à une machine\
d'un autre user que vous sans droit"
return True, None
def __str__(self):
return str(self.name) + str(self.extension)
@ -798,6 +912,9 @@ class IpList(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, iplistid):
return True, None
def __str__(self):
return self.ipv4
@ -842,6 +959,15 @@ class Service(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un service"
def can_edit(user_request, serviceid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des services"
try:
service_instance = Service.objects.get(pk=serviceid)
except Service.DoesNotExist:
return False, u"Service inexistant"
return True, None
def __str__(self):
return str(self.service_type)
@ -885,6 +1011,9 @@ class Service_link(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, service_linkid):
return True, None
def __str__(self):
return str(self.server) + " " + str(self.service)
@ -899,6 +1028,16 @@ class OuverturePortList(models.Model):
)
def can_create(user_request):
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
d'ouvrir un port"
def can_edit(user_request, ouvertureportlistpk):
if not user_request.has_perms(('bureau',)):
return False, u"Vous n'avez pas le droit d'éditer des ouvertures de port"
try:
port_list_instance = OuverturePortList.objects.get(pk=ouvertureportlistpk)
except OuverturePortList.DoesNotExist:
return False, u"Ouverture de port inexistante"
return True, None
def __str__(self):
@ -972,8 +1111,10 @@ class OuverturePort(models.Model):
)
def can_create(user_request):
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
d'ouvrir un port"
return True, None
def can_edit(user_request, ouvertureportid):
return True, None
def __str__(self):
if self.begin == self.end:

View file

@ -273,18 +273,17 @@ def new_machine(request, userid):
def edit_interface(request, interfaceid):
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
infra permet de modifier le propriétaire"""
try:
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
messages.error(request, u"Interface inexistante" )
return redirect(reverse('machines:index'))
can, reason = Interface.can_edit(request.user, interfaceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
interface = Interface.objects.get(pk=interfaceid)
if not request.user.has_perms(('infra',)):
if not request.user.has_perms(('cableur',)) and interface.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas éditer une machine d'un autre user que vous sans droit")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machine_form = BaseEditMachineForm(request.POST or None, instance=interface.machine)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface, infra=False)
else:
@ -432,14 +431,18 @@ def add_iptype(request):
return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_iptype(request, iptypeid):
""" Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence"""
try:
iptype_instance = IpType.objects.get(pk=iptypeid)
except IpType.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-iptype'))
can, reason = IpType.can_edit(request.user, iptypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
iptype_instance = IpType.objects.get(pk=iptypeid)
iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance)
if iptype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -490,13 +493,17 @@ def add_machinetype(request):
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_machinetype(request, machinetypeid):
try:
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
except MachineType.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-machinetype'))
can, reason = MachineType.can_edit(request.user, machinetypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance)
if machinetype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -546,20 +553,24 @@ def add_extension(request):
return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_extension(request, extensionid):
try:
extension_instance = Extension.objects.get(pk=extensionid)
except Extension.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Extension.can_edit(request.user, extensionid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
extension_instance = Extension.objects.get(pk=extensionid)
extension = ExtensionForm(request.POST or None, instance=extension_instance)
if extension.is_valid():
with transaction.atomic(), reversion.create_revision():
extension.save()
reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in extension.changed_data))
messages.success(request, "Extension modifiée")
mssages.success(request, "Extension modifiée")
return redirect(reverse('machines:index-extension'))
return form({'extensionform': extension}, 'machines/machine.html', request)
@ -602,13 +613,17 @@ def add_soa(request):
return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_soa(request, soaid):
try:
soa_instance = SOA.objects.get(pk=soaid)
except SOA.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = SOA.can_edit(request.user, soaid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
soa_instance = SOA.objects.get(pk=soaid)
soa = SOAForm(request.POST or None, instance=soa_instance)
if soa.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -658,13 +673,17 @@ def add_mx(request):
return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_mx(request, mxid):
try:
mx_instance = Mx.objects.get(pk=mxid)
except Mx.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Mx.can_edit(request.user, mxid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
mx_instance = Mx.objects.get(pk=mxid)
mx = MxForm(request.POST or None, instance=mx_instance)
if mx.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -714,13 +733,17 @@ def add_ns(request):
return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_ns(request, nsid):
try:
ns_instance = Ns.objects.get(pk=nsid)
except Ns.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Ns.can_edit(request.user, nsid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
ns_instance = Ns.objects.get(pk=nsid)
ns = NsForm(request.POST or None, instance=ns_instance)
if ns.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -770,13 +793,17 @@ def add_txt(request):
return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_txt(request, txtid):
try:
txt_instance = Txt.objects.get(pk=txtid)
except Txt.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Txt.can_edit(request.user, txtid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
txt_instance = Txt.objects.get(pk=txtid)
txt = TxtForm(request.POST or None, instance=txt_instance)
if txt.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -826,13 +853,17 @@ def add_srv(request):
return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_srv(request, srvid):
try:
srv_instance = Srv.objects.get(pk=srvid)
except Srv.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Srv.can_edit(request.user, srvid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
srv_instance = Srv.objects.get(pk=srvid)
srv = SrvForm(request.POST or None, instance=srv_instance)
if srv.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -890,17 +921,16 @@ def add_alias(request, interfaceid):
@login_required
def edit_alias(request, aliasid):
try:
alias_instance = Domain.objects.get(pk=aliasid)
except Domain.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
if not request.user.has_perms(('cableur',)) and alias_instance.cname.interface_parent.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas ajouter un alias à une machine d'un autre user que vous sans droit")
can, reason = Domain.can_edit(request.user, aliasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
))
alias_instance = Domain.objects.get(pk=aliasid)
alias = AliasForm(request.POST or None, instance=alias_instance, infra=request.user.has_perms(('infra',)))
if alias.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -967,13 +997,17 @@ def add_service(request):
return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_service(request, serviceid):
try:
service_instance = Service.objects.get(pk=serviceid)
except Ns.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Service.can_edit(request.user, serviceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
service_instance = Service.objects.get(pk=serviceid)
service = ServiceForm(request.POST or None, instance=service_instance)
if service.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1023,13 +1057,17 @@ def add_vlan(request):
return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_vlan(request, vlanid):
try:
vlan_instance = Vlan.objects.get(pk=vlanid)
except Vlan.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-vlan'))
can, reason = Vlan.can_edit(request.user, vlanid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
vlan_instance = Vlan.objects.get(pk=vlanid)
vlan = VlanForm(request.POST or None, instance=vlan_instance)
if vlan.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1079,13 +1117,17 @@ def add_nas(request):
return form({'nasform': nas}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_nas(request, nasid):
try:
nas_instance = Nas.objects.get(pk=nasid)
except Nas.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-nas'))
can, reason = Nas.can_edit(request.user, nasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
nas_instance = Nas.objects.get(pk=nasid)
nas = NasForm(request.POST or None, instance=nas_instance)
if nas.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1327,13 +1369,17 @@ def index_portlist(request):
return render(request, "machines/index_portlist.html", {'port_list':port_list})
@login_required
@permission_required('bureau')
def edit_portlist(request, pk):
try:
port_list_instance = OuverturePortList.objects.get(pk=pk)
except OuverturePortList.DoesNotExist:
messages.error(request, "Liste de ports inexistante")
return redirect(reverse('machines:index-portlist'))
can, reason = OuverturePortList.can_edit(request.user, pk)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
port_list_instance = OuverturePortList.objects.get(pk=pk)
port_list = EditOuverturePortListForm(request.POST or None, instance=port_list_instance)
port_formset = modelformset_factory(
OuverturePort,
@ -1373,7 +1419,7 @@ def del_portlist(request, pk):
@login_required
def add_portlist(request):
can, reason = OuverturePort.can_create(request.user)
can, reason = OuverturePortList.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(