mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-25 16:33:47 +00:00
No more has_perms in machines.
This commit is contained in:
parent
3a4b72c01b
commit
7d1d0bf868
3 changed files with 55 additions and 15 deletions
|
@ -38,6 +38,8 @@ from __future__ import unicode_literals
|
||||||
from django.forms import ModelForm, Form
|
from django.forms import ModelForm, Form
|
||||||
from django import forms
|
from django import forms
|
||||||
|
|
||||||
|
from re2o.field_permissions import FieldPermissionFormMixin
|
||||||
|
|
||||||
from .models import (
|
from .models import (
|
||||||
Domain,
|
Domain,
|
||||||
Machine,
|
Machine,
|
||||||
|
@ -58,7 +60,7 @@ from .models import (
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class EditMachineForm(ModelForm):
|
class EditMachineForm(FieldPermissionFormMixin, ModelForm):
|
||||||
"""Formulaire d'édition d'une machine"""
|
"""Formulaire d'édition d'une machine"""
|
||||||
class Meta:
|
class Meta:
|
||||||
model = Machine
|
model = Machine
|
||||||
|
@ -117,10 +119,10 @@ class AddInterfaceForm(EditInterfaceForm):
|
||||||
fields = ['type', 'ipv4', 'mac_address', 'details']
|
fields = ['type', 'ipv4', 'mac_address', 'details']
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
infra = kwargs.pop('infra')
|
user = kwargs.pop('user')
|
||||||
super(AddInterfaceForm, self).__init__(*args, **kwargs)
|
super(AddInterfaceForm, self).__init__(*args, **kwargs)
|
||||||
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
||||||
if not infra:
|
if not IpType.can_use_all(user):
|
||||||
self.fields['type'].queryset = MachineType.objects.filter(
|
self.fields['type'].queryset = MachineType.objects.filter(
|
||||||
ip_type__in=IpType.objects.filter(need_infra=False)
|
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||||
)
|
)
|
||||||
|
@ -146,13 +148,14 @@ class BaseEditInterfaceForm(EditInterfaceForm):
|
||||||
fields = ['type', 'ipv4', 'mac_address', 'details']
|
fields = ['type', 'ipv4', 'mac_address', 'details']
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
infra = kwargs.pop('infra')
|
user = kwargs.pop('user')
|
||||||
super(BaseEditInterfaceForm, self).__init__(*args, **kwargs)
|
super(BaseEditInterfaceForm, self).__init__(*args, **kwargs)
|
||||||
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
||||||
if not infra:
|
if not MachineType.can_use_all(user):
|
||||||
self.fields['type'].queryset = MachineType.objects.filter(
|
self.fields['type'].queryset = MachineType.objects.filter(
|
||||||
ip_type__in=IpType.objects.filter(need_infra=False)
|
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||||
)
|
)
|
||||||
|
if not IpType.can_use_all(user):
|
||||||
self.fields['ipv4'].queryset = IpList.objects.filter(
|
self.fields['ipv4'].queryset = IpList.objects.filter(
|
||||||
interface__isnull=True
|
interface__isnull=True
|
||||||
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
|
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
|
||||||
|
|
|
@ -37,11 +37,13 @@ from django.core.validators import MaxValueValidator
|
||||||
|
|
||||||
from macaddress.fields import MACAddressField
|
from macaddress.fields import MACAddressField
|
||||||
|
|
||||||
|
from re2o.field_permissions import FieldPermissionModelMixin
|
||||||
|
|
||||||
import users.models
|
import users.models
|
||||||
import preferences.models
|
import preferences.models
|
||||||
|
|
||||||
|
|
||||||
class Machine(models.Model):
|
class Machine(FieldPermissionModelMixin, models.Model):
|
||||||
""" Class définissant une machine, object parent user, objets fils
|
""" Class définissant une machine, object parent user, objets fils
|
||||||
interfaces"""
|
interfaces"""
|
||||||
PRETTY_NAME = "Machine"
|
PRETTY_NAME = "Machine"
|
||||||
|
@ -61,6 +63,21 @@ class Machine(models.Model):
|
||||||
:return: Une instance machine évidemment"""
|
:return: Une instance machine évidemment"""
|
||||||
return Machine.objects.get(pk=machineid)
|
return Machine.objects.get(pk=machineid)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def can_change_user(user_request, *args, **kwargs):
|
||||||
|
"""Checks if an user is allowed to change the user who owns a
|
||||||
|
Machine.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user_request: The user requesting to change owner.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
A tuple with a boolean stating if edition is allowed and an
|
||||||
|
explanation message.
|
||||||
|
"""
|
||||||
|
return user_request.has_perms(('infra',)), "Vous ne pouvez pas \
|
||||||
|
modifier l'utilisateur de la machine."
|
||||||
|
|
||||||
def can_create(user_request, userid, *args, **kwargs):
|
def can_create(user_request, userid, *args, **kwargs):
|
||||||
"""Vérifie qu'un user qui fait la requète peut bien créer la machine
|
"""Vérifie qu'un user qui fait la requète peut bien créer la machine
|
||||||
et n'a pas atteint son quota, et crée bien une machine à lui
|
et n'a pas atteint son quota, et crée bien une machine à lui
|
||||||
|
@ -180,6 +197,19 @@ class MachineType(models.Model):
|
||||||
return False, u"Vous n'avez pas le droit de supprimer des types de machines"
|
return False, u"Vous n'avez pas le droit de supprimer des types de machines"
|
||||||
return True, None
|
return True, None
|
||||||
|
|
||||||
|
def can_use_all(user_request, *args, **kwargs):
|
||||||
|
"""Check if an user can use every MachineType.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
user_request: The user requesting edition.
|
||||||
|
Returns:
|
||||||
|
A tuple with a boolean stating if user can acces and an explanation
|
||||||
|
message is acces is not allowed.
|
||||||
|
"""
|
||||||
|
if not user_request.has_perms(('infra',)):
|
||||||
|
return False, u"Vous n'avez pas le droit d'utiliser tout types de machines"
|
||||||
|
return True, None
|
||||||
|
|
||||||
def can_view_all(user_request, *args, **kwargs):
|
def can_view_all(user_request, *args, **kwargs):
|
||||||
"""Vérifie qu'on peut bien afficher l'ensemble des machinetype,
|
"""Vérifie qu'on peut bien afficher l'ensemble des machinetype,
|
||||||
droit particulier correspondant
|
droit particulier correspondant
|
||||||
|
@ -313,6 +343,13 @@ class IpType(models.Model):
|
||||||
:return: Une instance iptype évidemment"""
|
:return: Une instance iptype évidemment"""
|
||||||
return IpType.objects.get(pk=iptypeid)
|
return IpType.objects.get(pk=iptypeid)
|
||||||
|
|
||||||
|
def can_use_all(user_request, *args, **kwargs):
|
||||||
|
"""Superdroit qui permet d'utiliser toutes les extensions sans restrictions
|
||||||
|
:param user_request: instance user qui fait l'edition
|
||||||
|
:return: True ou False avec la raison de l'échec le cas échéant"""
|
||||||
|
return user_request.has_perms(('infra',)), None
|
||||||
|
|
||||||
|
|
||||||
def can_create(user_request, *args, **kwargs):
|
def can_create(user_request, *args, **kwargs):
|
||||||
"""Verifie que l'user a les bons droits infra pour créer
|
"""Verifie que l'user a les bons droits infra pour créer
|
||||||
un type d'ip
|
un type d'ip
|
||||||
|
|
|
@ -225,10 +225,10 @@ def new_machine(request, user, userid):
|
||||||
le sous objet interface et l'objet domain à partir de model forms.
|
le sous objet interface et l'objet domain à partir de model forms.
|
||||||
Trop complexe, devrait être simplifié"""
|
Trop complexe, devrait être simplifié"""
|
||||||
|
|
||||||
machine = NewMachineForm(request.POST or None)
|
machine = NewMachineForm(request.POST or None, user=user)
|
||||||
interface = AddInterfaceForm(
|
interface = AddInterfaceForm(
|
||||||
request.POST or None,
|
request.POST or None,
|
||||||
infra=request.user.has_perms(('infra',))
|
user=request.user
|
||||||
)
|
)
|
||||||
domain = DomainForm(request.POST or None, user=user)
|
domain = DomainForm(request.POST or None, user=user)
|
||||||
if machine.is_valid() and interface.is_valid():
|
if machine.is_valid() and interface.is_valid():
|
||||||
|
@ -275,12 +275,12 @@ def edit_interface(request, interface_instance, interfaceid):
|
||||||
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
|
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
|
||||||
infra permet de modifier le propriétaire"""
|
infra permet de modifier le propriétaire"""
|
||||||
|
|
||||||
if not request.user.has_perms(('infra',)):
|
machine_form = EditMachineForm(
|
||||||
machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
|
request.POST or None,
|
||||||
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
|
instance=interface_instance.machine,
|
||||||
else:
|
user=request.user
|
||||||
machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
|
)
|
||||||
interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
|
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user)
|
||||||
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
|
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
|
||||||
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
|
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
|
||||||
new_machine = machine_form.save(commit=False)
|
new_machine = machine_form.save(commit=False)
|
||||||
|
@ -327,7 +327,7 @@ def del_machine(request, machine, machineid):
|
||||||
def new_interface(request, machine, machineid):
|
def new_interface(request, machine, machineid):
|
||||||
""" Ajoute une interface et son domain associé à une machine existante"""
|
""" Ajoute une interface et son domain associé à une machine existante"""
|
||||||
|
|
||||||
interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
|
interface_form = AddInterfaceForm(request.POST or None, user=user)
|
||||||
domain_form = DomainForm(request.POST or None)
|
domain_form = DomainForm(request.POST or None)
|
||||||
if interface_form.is_valid():
|
if interface_form.is_valid():
|
||||||
new_interface = interface_form.save(commit=False)
|
new_interface = interface_form.save(commit=False)
|
||||||
|
|
Loading…
Reference in a new issue