mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-25 12:53:11 +00:00
No more has_perms in machines.
This commit is contained in:
parent
5fea2bdebd
commit
0d54c8ab86
3 changed files with 55 additions and 15 deletions
|
@ -38,6 +38,8 @@ from __future__ import unicode_literals
|
|||
from django.forms import ModelForm, Form
|
||||
from django import forms
|
||||
|
||||
from re2o.field_permissions import FieldPermissionFormMixin
|
||||
|
||||
from .models import (
|
||||
Domain,
|
||||
Machine,
|
||||
|
@ -58,7 +60,7 @@ from .models import (
|
|||
)
|
||||
|
||||
|
||||
class EditMachineForm(ModelForm):
|
||||
class EditMachineForm(FieldPermissionFormMixin, ModelForm):
|
||||
"""Formulaire d'édition d'une machine"""
|
||||
class Meta:
|
||||
model = Machine
|
||||
|
@ -117,10 +119,10 @@ class AddInterfaceForm(EditInterfaceForm):
|
|||
fields = ['type', 'ipv4', 'mac_address', 'details']
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
infra = kwargs.pop('infra')
|
||||
user = kwargs.pop('user')
|
||||
super(AddInterfaceForm, self).__init__(*args, **kwargs)
|
||||
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
||||
if not infra:
|
||||
if not IpType.can_use_all(user):
|
||||
self.fields['type'].queryset = MachineType.objects.filter(
|
||||
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||
)
|
||||
|
@ -146,13 +148,14 @@ class BaseEditInterfaceForm(EditInterfaceForm):
|
|||
fields = ['type', 'ipv4', 'mac_address', 'details']
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
infra = kwargs.pop('infra')
|
||||
user = kwargs.pop('user')
|
||||
super(BaseEditInterfaceForm, self).__init__(*args, **kwargs)
|
||||
self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4"
|
||||
if not infra:
|
||||
if not MachineType.can_use_all(user):
|
||||
self.fields['type'].queryset = MachineType.objects.filter(
|
||||
ip_type__in=IpType.objects.filter(need_infra=False)
|
||||
)
|
||||
if not IpType.can_use_all(user):
|
||||
self.fields['ipv4'].queryset = IpList.objects.filter(
|
||||
interface__isnull=True
|
||||
).filter(ip_type__in=IpType.objects.filter(need_infra=False))
|
||||
|
|
|
@ -37,11 +37,13 @@ from django.core.validators import MaxValueValidator
|
|||
|
||||
from macaddress.fields import MACAddressField
|
||||
|
||||
from re2o.field_permissions import FieldPermissionModelMixin
|
||||
|
||||
import users.models
|
||||
import preferences.models
|
||||
|
||||
|
||||
class Machine(models.Model):
|
||||
class Machine(FieldPermissionModelMixin, models.Model):
|
||||
""" Class définissant une machine, object parent user, objets fils
|
||||
interfaces"""
|
||||
PRETTY_NAME = "Machine"
|
||||
|
@ -61,6 +63,21 @@ class Machine(models.Model):
|
|||
:return: Une instance machine évidemment"""
|
||||
return Machine.objects.get(pk=machineid)
|
||||
|
||||
@staticmethod
|
||||
def can_change_user(user_request, *args, **kwargs):
|
||||
"""Checks if an user is allowed to change the user who owns a
|
||||
Machine.
|
||||
|
||||
Args:
|
||||
user_request: The user requesting to change owner.
|
||||
|
||||
Returns:
|
||||
A tuple with a boolean stating if edition is allowed and an
|
||||
explanation message.
|
||||
"""
|
||||
return user_request.has_perms(('infra',)), "Vous ne pouvez pas \
|
||||
modifier l'utilisateur de la machine."
|
||||
|
||||
def can_create(user_request, userid, *args, **kwargs):
|
||||
"""Vérifie qu'un user qui fait la requète peut bien créer la machine
|
||||
et n'a pas atteint son quota, et crée bien une machine à lui
|
||||
|
@ -180,6 +197,19 @@ class MachineType(models.Model):
|
|||
return False, u"Vous n'avez pas le droit de supprimer des types de machines"
|
||||
return True, None
|
||||
|
||||
def can_use_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can use every MachineType.
|
||||
|
||||
Args:
|
||||
user_request: The user requesting edition.
|
||||
Returns:
|
||||
A tuple with a boolean stating if user can acces and an explanation
|
||||
message is acces is not allowed.
|
||||
"""
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'utiliser tout types de machines"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Vérifie qu'on peut bien afficher l'ensemble des machinetype,
|
||||
droit particulier correspondant
|
||||
|
@ -313,6 +343,13 @@ class IpType(models.Model):
|
|||
:return: Une instance iptype évidemment"""
|
||||
return IpType.objects.get(pk=iptypeid)
|
||||
|
||||
def can_use_all(user_request, *args, **kwargs):
|
||||
"""Superdroit qui permet d'utiliser toutes les extensions sans restrictions
|
||||
:param user_request: instance user qui fait l'edition
|
||||
:return: True ou False avec la raison de l'échec le cas échéant"""
|
||||
return user_request.has_perms(('infra',)), None
|
||||
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Verifie que l'user a les bons droits infra pour créer
|
||||
un type d'ip
|
||||
|
|
|
@ -225,10 +225,10 @@ def new_machine(request, user, userid):
|
|||
le sous objet interface et l'objet domain à partir de model forms.
|
||||
Trop complexe, devrait être simplifié"""
|
||||
|
||||
machine = NewMachineForm(request.POST or None)
|
||||
machine = NewMachineForm(request.POST or None, user=user)
|
||||
interface = AddInterfaceForm(
|
||||
request.POST or None,
|
||||
infra=request.user.has_perms(('infra',))
|
||||
user=request.user
|
||||
)
|
||||
domain = DomainForm(request.POST or None, user=user)
|
||||
if machine.is_valid() and interface.is_valid():
|
||||
|
@ -275,12 +275,12 @@ def edit_interface(request, interface_instance, interfaceid):
|
|||
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
|
||||
infra permet de modifier le propriétaire"""
|
||||
|
||||
if not request.user.has_perms(('infra',)):
|
||||
machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
|
||||
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
|
||||
else:
|
||||
machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
|
||||
interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
|
||||
machine_form = EditMachineForm(
|
||||
request.POST or None,
|
||||
instance=interface_instance.machine,
|
||||
user=request.user
|
||||
)
|
||||
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user)
|
||||
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
|
||||
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
|
||||
new_machine = machine_form.save(commit=False)
|
||||
|
@ -327,7 +327,7 @@ def del_machine(request, machine, machineid):
|
|||
def new_interface(request, machine, machineid):
|
||||
""" Ajoute une interface et son domain associé à une machine existante"""
|
||||
|
||||
interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
|
||||
interface_form = AddInterfaceForm(request.POST or None, user=user)
|
||||
domain_form = DomainForm(request.POST or None)
|
||||
if interface_form.is_valid():
|
||||
new_interface = interface_form.save(commit=False)
|
||||
|
|
Loading…
Reference in a new issue