From 7d1d0bf868d918316a54f1d07abd46cea933cdb8 Mon Sep 17 00:00:00 2001 From: Hugo LEVY-FALK Date: Sat, 30 Dec 2017 01:48:23 +0100 Subject: [PATCH] No more has_perms in machines. --- machines/forms.py | 13 ++++++++----- machines/models.py | 39 ++++++++++++++++++++++++++++++++++++++- machines/views.py | 18 +++++++++--------- 3 files changed, 55 insertions(+), 15 deletions(-) diff --git a/machines/forms.py b/machines/forms.py index 96ee58af..f23f1d7d 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -38,6 +38,8 @@ from __future__ import unicode_literals from django.forms import ModelForm, Form from django import forms +from re2o.field_permissions import FieldPermissionFormMixin + from .models import ( Domain, Machine, @@ -58,7 +60,7 @@ from .models import ( ) -class EditMachineForm(ModelForm): +class EditMachineForm(FieldPermissionFormMixin, ModelForm): """Formulaire d'édition d'une machine""" class Meta: model = Machine @@ -117,10 +119,10 @@ class AddInterfaceForm(EditInterfaceForm): fields = ['type', 'ipv4', 'mac_address', 'details'] def __init__(self, *args, **kwargs): - infra = kwargs.pop('infra') + user = kwargs.pop('user') super(AddInterfaceForm, self).__init__(*args, **kwargs) self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4" - if not infra: + if not IpType.can_use_all(user): self.fields['type'].queryset = MachineType.objects.filter( ip_type__in=IpType.objects.filter(need_infra=False) ) @@ -146,13 +148,14 @@ class BaseEditInterfaceForm(EditInterfaceForm): fields = ['type', 'ipv4', 'mac_address', 'details'] def __init__(self, *args, **kwargs): - infra = kwargs.pop('infra') + user = kwargs.pop('user') super(BaseEditInterfaceForm, self).__init__(*args, **kwargs) self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4" - if not infra: + if not MachineType.can_use_all(user): self.fields['type'].queryset = MachineType.objects.filter( ip_type__in=IpType.objects.filter(need_infra=False) ) + if not IpType.can_use_all(user): self.fields['ipv4'].queryset = IpList.objects.filter( interface__isnull=True ).filter(ip_type__in=IpType.objects.filter(need_infra=False)) diff --git a/machines/models.py b/machines/models.py index 90954128..165bd403 100644 --- a/machines/models.py +++ b/machines/models.py @@ -37,11 +37,13 @@ from django.core.validators import MaxValueValidator from macaddress.fields import MACAddressField +from re2o.field_permissions import FieldPermissionModelMixin + import users.models import preferences.models -class Machine(models.Model): +class Machine(FieldPermissionModelMixin, models.Model): """ Class définissant une machine, object parent user, objets fils interfaces""" PRETTY_NAME = "Machine" @@ -61,6 +63,21 @@ class Machine(models.Model): :return: Une instance machine évidemment""" return Machine.objects.get(pk=machineid) + @staticmethod + def can_change_user(user_request, *args, **kwargs): + """Checks if an user is allowed to change the user who owns a + Machine. + + Args: + user_request: The user requesting to change owner. + + Returns: + A tuple with a boolean stating if edition is allowed and an + explanation message. + """ + return user_request.has_perms(('infra',)), "Vous ne pouvez pas \ + modifier l'utilisateur de la machine." + def can_create(user_request, userid, *args, **kwargs): """Vérifie qu'un user qui fait la requète peut bien créer la machine et n'a pas atteint son quota, et crée bien une machine à lui @@ -180,6 +197,19 @@ class MachineType(models.Model): return False, u"Vous n'avez pas le droit de supprimer des types de machines" return True, None + def can_use_all(user_request, *args, **kwargs): + """Check if an user can use every MachineType. + + Args: + user_request: The user requesting edition. + Returns: + A tuple with a boolean stating if user can acces and an explanation + message is acces is not allowed. + """ + if not user_request.has_perms(('infra',)): + return False, u"Vous n'avez pas le droit d'utiliser tout types de machines" + return True, None + def can_view_all(user_request, *args, **kwargs): """Vérifie qu'on peut bien afficher l'ensemble des machinetype, droit particulier correspondant @@ -313,6 +343,13 @@ class IpType(models.Model): :return: Une instance iptype évidemment""" return IpType.objects.get(pk=iptypeid) + def can_use_all(user_request, *args, **kwargs): + """Superdroit qui permet d'utiliser toutes les extensions sans restrictions + :param user_request: instance user qui fait l'edition + :return: True ou False avec la raison de l'échec le cas échéant""" + return user_request.has_perms(('infra',)), None + + def can_create(user_request, *args, **kwargs): """Verifie que l'user a les bons droits infra pour créer un type d'ip diff --git a/machines/views.py b/machines/views.py index 2581fb01..1dfc07ff 100644 --- a/machines/views.py +++ b/machines/views.py @@ -225,10 +225,10 @@ def new_machine(request, user, userid): le sous objet interface et l'objet domain à partir de model forms. Trop complexe, devrait être simplifié""" - machine = NewMachineForm(request.POST or None) + machine = NewMachineForm(request.POST or None, user=user) interface = AddInterfaceForm( request.POST or None, - infra=request.user.has_perms(('infra',)) + user=request.user ) domain = DomainForm(request.POST or None, user=user) if machine.is_valid() and interface.is_valid(): @@ -275,12 +275,12 @@ def edit_interface(request, interface_instance, interfaceid): """ Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier infra permet de modifier le propriétaire""" - if not request.user.has_perms(('infra',)): - machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine) - interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False) - else: - machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine) - interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance) + machine_form = EditMachineForm( + request.POST or None, + instance=interface_instance.machine, + user=request.user + ) + interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user) domain_form = DomainForm(request.POST or None, instance=interface_instance.domain) if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid(): new_machine = machine_form.save(commit=False) @@ -327,7 +327,7 @@ def del_machine(request, machine, machineid): def new_interface(request, machine, machineid): """ Ajoute une interface et son domain associé à une machine existante""" - interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',))) + interface_form = AddInterfaceForm(request.POST or None, user=user) domain_form = DomainForm(request.POST or None) if interface_form.is_valid(): new_interface = interface_form.save(commit=False)