From 869e1883f6e47df2a4653fca62376ac5bba5acc0 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 7 Jan 2018 00:33:52 +0100 Subject: [PATCH] =?UTF-8?q?Gestion=20du=20groupe=20serveur=20et=20cr=C3=A9?= =?UTF-8?q?ation=20des=20groupes=20lorsqu'ils=20sont=20inexistants?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machines/views.py | 28 +++++++------- users/migrations/0066_grouppermissions.py | 24 ++++++++---- users/migrations/0067_serveurpermission.py | 43 ++++++++++++++++++++++ 3 files changed, 73 insertions(+), 22 deletions(-) create mode 100644 users/migrations/0067_serveurpermission.py diff --git a/machines/views.py b/machines/views.py index 1dfc07ff..0975e58c 100644 --- a/machines/views.py +++ b/machines/views.py @@ -1098,7 +1098,7 @@ class JSONResponse(HttpResponse): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def mac_ip_list(request): interfaces = all_active_assigned_interfaces() seria = InterfaceSerializer(interfaces, many=True) @@ -1106,7 +1106,7 @@ def mac_ip_list(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def full_mac_ip_list(request): interfaces = all_active_assigned_interfaces() seria = FullInterfaceSerializer(interfaces, many=True) @@ -1114,7 +1114,7 @@ def full_mac_ip_list(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def alias(request): alias = Domain.objects.filter(interface_parent=None).filter(cname__in=Domain.objects.filter(interface_parent__in=Interface.objects.exclude(ipv4=None))).select_related('extension').select_related('cname__extension') seria = DomainSerializer(alias, many=True) @@ -1122,7 +1122,7 @@ def alias(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def corresp(request): type = IpType.objects.all().select_related('extension') seria = TypeSerializer(type, many=True) @@ -1130,7 +1130,7 @@ def corresp(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def mx(request): mx = Mx.objects.all().select_related('zone').select_related('name__extension') seria = MxSerializer(mx, many=True) @@ -1138,7 +1138,7 @@ def mx(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def txt(request): txt = Txt.objects.all().select_related('zone') seria = TxtSerializer(txt, many=True) @@ -1146,7 +1146,7 @@ def txt(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def srv(request): srv = Srv.objects.all().select_related('extension').select_related('target__extension') seria = SrvSerializer(srv, many=True) @@ -1154,7 +1154,7 @@ def srv(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def ns(request): ns = Ns.objects.exclude(ns__in=Domain.objects.filter(interface_parent__in=Interface.objects.filter(ipv4=None))).select_related('zone').select_related('ns__extension') seria = NsSerializer(ns, many=True) @@ -1162,7 +1162,7 @@ def ns(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def zones(request): zones = Extension.objects.all().select_related('origin') seria = ExtensionSerializer(zones, many=True) @@ -1170,21 +1170,21 @@ def zones(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def mac_ip(request): seria = mac_ip_list(request) return JSONResponse(seria) @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def mac_ip_dns(request): seria = full_mac_ip_list(request) return JSONResponse(seria) @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def service_servers(request): service_link = Service_link.objects.all().select_related('server__domain').select_related('service') seria = ServiceServersSerializer(service_link, many=True) @@ -1192,7 +1192,7 @@ def service_servers(request): @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def ouverture_ports(request): r = {'ipv4':{}, 'ipv6':{}} for o in OuverturePortList.objects.all().prefetch_related('ouvertureport_set').prefetch_related('interface_set', 'interface_set__ipv4'): @@ -1220,7 +1220,7 @@ def ouverture_ports(request): return JSONResponse(r) @csrf_exempt @login_required -@permission_required('serveur') +@permission_required('machines.serveur') def regen_achieved(request): obj = Service_link.objects.filter(service__in=Service.objects.filter(service_type=request.POST['service']), server__in=Interface.objects.filter(domain__in=Domain.objects.filter(name=request.POST['server']))) if obj: diff --git a/users/migrations/0066_grouppermissions.py b/users/migrations/0066_grouppermissions.py index f7554136..d3253e64 100644 --- a/users/migrations/0066_grouppermissions.py +++ b/users/migrations/0066_grouppermissions.py @@ -227,16 +227,24 @@ class Migration(migrations.Migration): rights = apps.get_model("users", "ListRight") permissions = apps.get_model("auth", "Permission") + groups = apps.get_model("auth", "Group") db_alias = schema_editor.connection.alias for group in permission_groups: - group_object = rights.objects.using(db_alias).filter(unix_name=group).first() - if group_object: - group_object = group_object.group_ptr - for permission in permission_groups[group]: - perm = permissions.objects.using(db_alias).filter(codename=permission).first() - if perm: - group_object.permissions.add(perm) - group_object.save() + lr_object = rights.objects.using(db_alias).filter(unix_name=group).first() + if not lr_object: + last = rights.objects.using(db_alias).all().order_by('gid').last() + if last: + gid = last.gid + 1 + else: + gid = 501 + group_object = groups.objects.using(db_alias).create(name=group) + lr_object = rights.objects.using(db_alias).create(unix_name=group, gid=gid, group_ptr=group_object) + lr_object = lr_object.group_ptr + for permission in permission_groups[group]: + perm = permissions.objects.using(db_alias).filter(codename=permission).first() + if perm: + lr_object.permissions.add(perm) + lr_object.save() def untransfer_permissions(apps, schema_editor): return diff --git a/users/migrations/0067_serveurpermission.py b/users/migrations/0067_serveurpermission.py new file mode 100644 index 00000000..e5e3380c --- /dev/null +++ b/users/migrations/0067_serveurpermission.py @@ -0,0 +1,43 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2017-12-31 19:53 +from __future__ import unicode_literals + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('users', '0066_grouppermissions'), + ] + + def transfer_permissions(apps, schema_editor): + db_alias = schema_editor.connection.alias + contenttype = apps.get_model("contenttypes", "ContentType") + rights = apps.get_model("users", "ListRight") + permissions = apps.get_model("auth", "Permission") + groups = apps.get_model("auth", "Group") + machine = apps.get_model("machines", "Machine") + perm = permissions.objects.using(db_alias).filter(codename='serveur').first() + if not perm: + perm = permissions.objects.using(db_alias).create( + codename='serveur', + name='Serveur', + content_type=contenttype.objects.using(db_alias).get_for_model(machine) + ) + group_object = rights.objects.using(db_alias).filter(unix_name='serveur').first() + if not group_object: + last_gid = rights.objects.using(db_alias).all().order_by('gid').last().gid + gid = last_gid + 1 + abstract_group = groups.objects.using(db_alias).create(name='serveur') + group_object = rights.objects.using(db_alias).create(group_ptr=abstract_group, unix_name='serveur', gid=gid) + group_object = group_object.group_ptr + group_object.permissions.add(perm) + group_object.save() + + def untransfer_permissions(apps, schema_editor): + return + + operations = [ + migrations.RunPython(transfer_permissions, untransfer_permissions), + ]