8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-27 07:02:26 +00:00

Fix sur les fieldpermissions topologie et machines

This commit is contained in:
Gabriel Detraz 2018-01-08 23:57:19 +01:00 committed by root
parent 99c69a5d37
commit 916c2e3e9f
7 changed files with 70 additions and 79 deletions

View file

@ -167,8 +167,10 @@ class Facture(FieldPermissionModelMixin, models.Model):
def can_change_pdf(user_request, *args, **kwargs): def can_change_pdf(user_request, *args, **kwargs):
return user_request.has_perm('cotisations.change_facture_pdf'), "Vous ne pouvez pas éditer une facture sans droit trésorier" return user_request.has_perm('cotisations.change_facture_pdf'), "Vous ne pouvez pas éditer une facture sans droit trésorier"
field_permissions = { def __init__(self, *args, **kwargs):
'control': can_change_control, super(Facture, self).__init__(*args, **kwargs)
self.field_permissions = {
'control' : self.can_change_control,
} }
def __str__(self): def __str__(self):

View file

@ -78,14 +78,7 @@ class NewMachineForm(EditMachineForm):
fields = ['name'] fields = ['name']
class BaseEditMachineForm(EditMachineForm): class EditInterfaceForm(FieldPermissionFormMixin, ModelForm):
"""Edition basique, ne permet que de changer le nom et le statut.
Réservé aux users sans droits spécifiques"""
class Meta(EditMachineForm.Meta):
fields = ['name', 'active']
class EditInterfaceForm(ModelForm):
"""Edition d'une interface. Edition complète""" """Edition d'une interface. Edition complète"""
class Meta: class Meta:
model = Interface model = Interface
@ -93,13 +86,21 @@ class EditInterfaceForm(ModelForm):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__) prefix = kwargs.pop('prefix', self.Meta.model.__name__)
user = kwargs.get('user')
super(EditInterfaceForm, self).__init__(*args, prefix=prefix, **kwargs) super(EditInterfaceForm, self).__init__(*args, prefix=prefix, **kwargs)
self.fields['mac_address'].label = 'Adresse mac' self.fields['mac_address'].label = 'Adresse mac'
self.fields['type'].label = 'Type de machine' self.fields['type'].label = 'Type de machine'
self.fields['type'].empty_label = "Séléctionner un type de machine" self.fields['type'].empty_label = "Séléctionner un type de machine"
if "ipv4" in self.fields: if "ipv4" in self.fields:
self.fields['ipv4'].empty_label = "Assignation automatique\ self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
de l'ipv4" self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
)
if not IpType.can_use_all(user):
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
else:
self.fields['ipv4'].queryset = IpList.objects.filter( self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True interface__isnull=True
) )
@ -110,6 +111,10 @@ class EditInterfaceForm(ModelForm):
if "machine" in self.fields: if "machine" in self.fields:
self.fields['machine'].queryset = Machine.objects.all()\ self.fields['machine'].queryset = Machine.objects.all()\
.select_related('user') .select_related('user')
if not MachineType.can_use_all(user):
self.fields['type'].queryset = MachineType.objects.filter(
ip_type__in=IpType.objects.filter(need_infra=False)
)
class AddInterfaceForm(EditInterfaceForm): class AddInterfaceForm(EditInterfaceForm):
@ -118,59 +123,6 @@ class AddInterfaceForm(EditInterfaceForm):
class Meta(EditInterfaceForm.Meta): class Meta(EditInterfaceForm.Meta):
fields = ['type', 'ipv4', 'mac_address', 'details'] fields = ['type', 'ipv4', 'mac_address', 'details']
def __init__(self, *args, **kwargs):
user = kwargs.pop('user')
super(AddInterfaceForm, self).__init__(*args, **kwargs)
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
if not IpType.can_use_all(user):
self.fields['type'].queryset = MachineType.objects.filter(
ip_type__in=IpType.objects.filter(need_infra=False)
)
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
else:
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
)
class NewInterfaceForm(EditInterfaceForm):
"""Formulaire light, sans choix de l'ipv4; d'ajout d'une interface"""
class Meta(EditInterfaceForm.Meta):
fields = ['type', 'mac_address', 'details']
class BaseEditInterfaceForm(EditInterfaceForm):
"""Edition basique d'une interface. En fonction des droits,
ajoute ou non l'ensemble des ipv4 disponibles (infra)"""
class Meta(EditInterfaceForm.Meta):
fields = ['type', 'ipv4', 'mac_address', 'details']
def __init__(self, *args, **kwargs):
user = kwargs.pop('user')
super(BaseEditInterfaceForm, self).__init__(*args, **kwargs)
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
if not MachineType.can_use_all(user):
self.fields['type'].queryset = MachineType.objects.filter(
ip_type__in=IpType.objects.filter(need_infra=False)
)
if not IpType.can_use_all(user):
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
# Add it's own address
self.fields['ipv4'].queryset |= IpList.objects.filter(
interface=self.instance
)
else:
self.fields['ipv4'].queryset = IpList.objects.filter(
interface__isnull=True
)
self.fields['ipv4'].queryset |= IpList.objects.filter(
interface=self.instance
)
class AliasForm(ModelForm): class AliasForm(ModelForm):
"""Ajout d'un alias (et edition), CNAME, contenant nom et extension""" """Ajout d'un alias (et edition), CNAME, contenant nom et extension"""

View file

@ -0,0 +1,19 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-08 17:22
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('machines', '0071_auto_20171231_2100'),
]
operations = [
migrations.AlterModelOptions(
name='interface',
options={'permissions': (('view_interface', 'Peut voir un objet interface'), ('change_interface_machine', "Peut changer le propriétaire d'une interface"))},
),
]

View file

@ -81,8 +81,7 @@ class Machine(FieldPermissionModelMixin, models.Model):
A tuple with a boolean stating if edition is allowed and an A tuple with a boolean stating if edition is allowed and an
explanation message. explanation message.
""" """
return user_request.has_perm('machines.change_machine_user'), "Vous ne pouvez pas \ return user_request.has_perm('machines.change_machine_user'), "Vous ne pouvez pas modifier l'utilisateur de la machine."
modifier l'utilisateur de la machine."
def can_create(user_request, userid, *args, **kwargs): def can_create(user_request, userid, *args, **kwargs):
"""Vérifie qu'un user qui fait la requète peut bien créer la machine """Vérifie qu'un user qui fait la requète peut bien créer la machine
@ -150,6 +149,12 @@ class Machine(FieldPermissionModelMixin, models.Model):
que les vôtres" que les vôtres"
return True, None return True, None
def __init__(self, *args, **kwargs):
super(Machine, self).__init__(*args, **kwargs)
self.field_permissions = {
'user' : self.can_change_user,
}
def __str__(self): def __str__(self):
return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name)
@ -1147,7 +1152,7 @@ class Srv(models.Model):
str(self.port) + ' ' + str(self.target) + '.' str(self.port) + ' ' + str(self.target) + '.'
class Interface(models.Model): class Interface(FieldPermissionModelMixin,models.Model):
""" Une interface. Objet clef de l'application machine : """ Une interface. Objet clef de l'application machine :
- une address mac unique. Possibilité de la rendre unique avec le - une address mac unique. Possibilité de la rendre unique avec le
typemachine typemachine
@ -1172,6 +1177,7 @@ class Interface(models.Model):
class Meta: class Meta:
permissions = ( permissions = (
("view_interface", "Peut voir un objet interface"), ("view_interface", "Peut voir un objet interface"),
("change_interface_machine", "Peut changer le propriétaire d'une interface"),
) )
@cached_property @cached_property
@ -1283,6 +1289,10 @@ class Interface(models.Model):
% max_lambdauser_interfaces % max_lambdauser_interfaces
return True, None return True, None
@staticmethod
def can_change_machine(user_request, *args, **kwargs):
return user_request.has_perm('machines.change_interface_machine'), "Droit requis pour changer la machine"
def can_edit(self, user_request, *args, **kwargs): def can_edit(self, user_request, *args, **kwargs):
"""Verifie que l'user a les bons droits infra pour editer """Verifie que l'user a les bons droits infra pour editer
cette instance interface, ou qu'elle lui appartient cette instance interface, ou qu'elle lui appartient
@ -1328,6 +1338,12 @@ class Interface(models.Model):
que les vôtres" que les vôtres"
return True, None return True, None
def __init__(self, *args, **kwargs):
super(Interface, self).__init__(*args, **kwargs)
self.field_permissions = {
'machine' : self.can_change_machine,
}
def __str__(self): def __str__(self):
try: try:
domain = self.domain domain = self.domain

View file

@ -69,8 +69,6 @@ from .forms import (
DelMachineTypeForm, DelMachineTypeForm,
ExtensionForm, ExtensionForm,
DelExtensionForm, DelExtensionForm,
BaseEditInterfaceForm,
BaseEditMachineForm
) )
from .forms import ( from .forms import (
EditIpTypeForm, EditIpTypeForm,
@ -225,7 +223,7 @@ def new_machine(request, user, userid):
le sous objet interface et l'objet domain à partir de model forms. le sous objet interface et l'objet domain à partir de model forms.
Trop complexe, devrait être simplifié""" Trop complexe, devrait être simplifié"""
machine = NewMachineForm(request.POST or None, user=user) machine = NewMachineForm(request.POST or None, user=request.user)
interface = AddInterfaceForm( interface = AddInterfaceForm(
request.POST or None, request.POST or None,
user=request.user user=request.user
@ -280,7 +278,7 @@ def edit_interface(request, interface_instance, interfaceid):
instance=interface_instance.machine, instance=interface_instance.machine,
user=request.user user=request.user
) )
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user) interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user)
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain) domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid(): if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
new_machine = machine_form.save(commit=False) new_machine = machine_form.save(commit=False)
@ -327,7 +325,7 @@ def del_machine(request, machine, machineid):
def new_interface(request, machine, machineid): def new_interface(request, machine, machineid):
""" Ajoute une interface et son domain associé à une machine existante""" """ Ajoute une interface et son domain associé à une machine existante"""
interface_form = AddInterfaceForm(request.POST or None, user=user) interface_form = AddInterfaceForm(request.POST or None, user=request.user)
domain_form = DomainForm(request.POST or None) domain_form = DomainForm(request.POST or None)
if interface_form.is_valid(): if interface_form.is_valid():
new_interface = interface_form.save(commit=False) new_interface = interface_form.save(commit=False)

View file

@ -456,11 +456,13 @@ def edit_switch(request, switch, switch_id):
switch_form = EditSwitchForm(request.POST or None, instance=switch) switch_form = EditSwitchForm(request.POST or None, instance=switch)
machine_form = EditMachineForm( machine_form = EditMachineForm(
request.POST or None, request.POST or None,
instance=switch.switch_interface.machine instance=switch.switch_interface.machine,
user=request.user
) )
interface_form = EditInterfaceForm( interface_form = EditInterfaceForm(
request.POST or None, request.POST or None,
instance=switch.switch_interface instance=switch.switch_interface,
user=request.user
) )
domain_form = DomainForm( domain_form = DomainForm(
request.POST or None, request.POST or None,

View file

@ -809,9 +809,11 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
else: else:
return False, u"Vous ne pouvez voir un autre utilisateur que vous même" return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
field_permissions = { def __init__(self, *args, **kwargs):
'shell' : can_change_shell, super(User, self).__init__(*args, **kwargs)
'force' : can_change_force, self.field_permissions = {
'shell' : self.can_change_shell,
'force' : self.can_change_force,
} }
def __str__(self): def __str__(self):