rezometz/re2o
8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-22 11:23:10 +00:00
Code Issues Releases Wiki Activity

Use @can_create and @can_edit on machines.models

Browse source
This commit is contained in:
Maël Kervella 2017-11-30 20:38:16 +00:00 committed by root
parent 3d89386bba
commit 28ef82176f
5 changed files with 95 additions and 313 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
machines/models.py
View file

@ -58,9 +58,9 @@ class Machine(models.Model):
def get_instance(machineid):
return Machine.objects.get(pk=machineid)
def can_create(user_request, userid_dest):
def can_create(user_request, userid):
try:
user = users.models.User.objects.get(pk=userid_dest)
user = users.models.User.objects.get(pk=userid)
except users.models.User.DoesNotExist:
return False, u"Utilisateur inexistant"
options, created = preferences.models.OptionalMachine.objects.get_or_create()
@ -75,7 +75,7 @@ class Machine(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, machine):
def can_edit(self, user_request):
return True, None
def __str__(self):
@ -106,7 +106,7 @@ class MachineType(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type de machine"
def can_edit(user_request, machinetype):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types de machine"
return True, None
@ -221,14 +221,14 @@ class IpType(models.Model):
self.clean()
super(IpType, self).save(*args, **kwargs)
def get_instance(iptyeid):
def get_instance(iptypeid):
return IpType.objects.get(pk=iptypeid)
def can_create(user_request):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type d'ip"
def can_edit(user_request, iptype):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types d'ip"
return True, None
@ -253,7 +253,7 @@ class Vlan(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un vlan"
def can_edit(user_request, vlan):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des vlans"
return True, None
@ -299,7 +299,7 @@ class Nas(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un nas"
def can_edit(user_request, nas):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des nas"
return True, None
@ -347,7 +347,7 @@ class SOA(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SOA"
def can_edit(user_request, soa):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SOA"
return True, None
@ -441,7 +441,7 @@ class Extension(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer une extension"
def can_edit(user_request, extension):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des extensions"
return True, None
@ -478,7 +478,7 @@ class Mx(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement MX"
def can_edit(user_request, mx):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregstrements MX"
return True, None
@ -506,7 +506,7 @@ class Ns(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement NS"
def can_edit(user_request, ns):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements NS"
return True, None
@ -530,7 +530,7 @@ class Txt(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement TXT"
def can_edit(user_request, txt):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrement TXT"
return True, None
@ -595,7 +595,7 @@ class Srv(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SRV"
def can_edit(user_request, srv):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SRV"
return True, None
@ -720,9 +720,9 @@ class Interface(models.Model):
def get_instance(interfaceid):
return Interface.objects.get(pk=interfaceid)
def can_create(user_request, machineid_dest):
def can_create(user_request, machineid):
try:
machine = Machine.objects.get(pk=machineid_dest)
machine = Machine.objects.get(pk=machineid)
except Machine.DoesNotExist:
return False, u"Machine inexistante"
if not user_request.has_perms(('cableur',)):
@ -737,10 +737,10 @@ class Interface(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, interface):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)) and \
not user_request.has_perms(('cableur',)) and \
interface.machine.user != user_request:
self.machine.user != user_request:
return False, u"Vous ne pouvez pas éditer une machine\
d'un autre user que vous sans droit"
return True, None
@ -847,9 +847,9 @@ class Domain(models.Model):
def get_instance(domainid):
return Domain.objects.get(pk=domainid)
def can_create(user_request, interfaceid_dest):
def can_create(user_request, interfaceid):
try:
interface = Interface.objects.get(pk=interfaceid_dest)
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
return False, u"Interface inexistante"
if not user_request.has_perms(('cableur',)):
@ -868,10 +868,10 @@ class Domain(models.Model):
% max_lambdauser_aliases
return True, None
def can_edit(user_request, domain):
def can_edit(self, user_request):
if not user_request.has_perms(('cableur',)) and (
domain.cname is None or \
domain.cname.interface_parent.machine.user != user_request
self.cname is None or \
self.cname.interface_parent.machine.user != user_request
):
return False, u"Vous ne pouvez pas ajouter un alias à une machine\
d'un autre user que vous sans droit"
@ -910,7 +910,7 @@ class IpList(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, iplist):
def can_edit(self, user_request):
return True, None
def __str__(self):
@ -960,7 +960,7 @@ class Service(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un service"
def can_edit(user_request, service):
def can_edit(self, user_request):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des services"
return True, None
@ -1011,7 +1011,7 @@ class Service_link(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, servicelink):
def can_edit(self, user_request):
return True, None
def __str__(self):
@ -1034,7 +1034,7 @@ class OuverturePortList(models.Model):
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
d'ouvrir un port"
def can_edit(user_request, ouvertureportlist):
def can_edit(self, user_request):
if not user_request.has_perms(('bureau',)):
return False, u"Vous n'avez pas le droit d'éditer des ouvertures de port"
return True, None
@ -1115,7 +1115,7 @@ class OuverturePort(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, ouvertureport):
def can_edit(self, user_request):
return True, None
def __str__(self):

6
machines/urls.py
View file

@ -61,7 +61,7 @@ urlpatterns = [
url(r'^del_srv/$', views.del_srv, name='del-srv'),
url(r'^index_extension/$', views.index_extension, name='index-extension'),
url(r'^add_alias/(?P<interfaceid>[0-9]+)$', views.add_alias, name='add-alias'),
url(r'^edit_alias/(?P<aliasid>[0-9]+)$', views.edit_alias, name='edit-alias'),
url(r'^edit_alias/(?P<domainid>[0-9]+)$', views.edit_alias, name='edit-alias'),
url(r'^del_alias/(?P<interfaceid>[0-9]+)$', views.del_alias, name='del-alias'),
url(r'^index_alias/(?P<interfaceid>[0-9]+)$', views.index_alias, name='index-alias'),
url(r'^add_service/$', views.add_service, name='add-service'),
@ -104,8 +104,8 @@ urlpatterns = [
url(r'^rest/service_servers/$', views.service_servers, name='service-servers'),
url(r'^rest/ouverture_ports/$', views.ouverture_ports, name='ouverture-ports'),
url(r'index_portlist/$', views.index_portlist, name='index-portlist'),
url(r'^edit_portlist/(?P<pk>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
url(r'^del_portlist/(?P<pk>[0-9]+)$', views.del_portlist, name='del-portlist'),
url(r'^edit_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
url(r'^del_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.del_portlist, name='del-portlist'),
url(r'^add_portlist/$', views.add_portlist, name='add-portlist'),
url(r'^port_config/(?P<pk>[0-9]+)$', views.configure_ports, name='port-config'),

336
machines/views.py
View file

@ -123,7 +123,9 @@ from re2o.utils import (
all_active_assigned_interfaces,
all_has_access,
filter_active_interfaces,
SortTable
SortTable,
can_create,
can_edit
)
from re2o.views import form
@ -210,20 +212,12 @@ def generate_ipv4_mbf_param( form, is_type_tt ):
return i_mbf_param
@login_required
@can_create(Machine)
def new_machine(request, userid):
""" Fonction de creation d'une machine. Cree l'objet machine,
le sous objet interface et l'objet domain à partir de model forms.
Trop complexe, devrait être simplifié"""
can, reason = Machine.can_create(request.user, userid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
# No need to check if userid exist, already done in can_create
user = User.objects.get(pk=userid)
machine = NewMachineForm(request.POST or None)
interface = AddInterfaceForm(
@ -270,26 +264,18 @@ def new_machine(request, userid):
)
@login_required
def edit_interface(request, interfaceid):
@can_edit(Interface)
def edit_interface(request, interface_instance, interfaceid):
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
infra permet de modifier le propriétaire"""
can, reason = Interface.can_edit(request.user, interfaceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
interface = Interface.objects.get(pk=interfaceid)
if not request.user.has_perms(('infra',)):
machine_form = BaseEditMachineForm(request.POST or None, instance=interface.machine)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface, infra=False)
machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
else:
machine_form = EditMachineForm(request.POST or None, instance=interface.machine)
interface_form = EditInterfaceForm(request.POST or None, instance=interface)
domain_form = DomainForm(request.POST or None, instance=interface.domain)
machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
new_machine = machine_form.save(commit=False)
new_interface = interface_form.save(commit=False)
@ -309,7 +295,7 @@ def edit_interface(request, interfaceid):
messages.success(request, "La machine a été modifiée")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(interface.machine.user.id)}
kwargs={'userid':str(interface_instance.machine.user.id)}
))
i_mbf_param = generate_ipv4_mbf_param( interface_form, False )
return form({'machineform': machine_form, 'interfaceform': interface_form, 'domainform': domain_form, 'i_mbf_param': i_mbf_param}, 'machines/machine.html', request)
@ -341,18 +327,10 @@ def del_machine(request, machineid):
return form({'objet': machine, 'objet_name': 'machine'}, 'machines/delete.html', request)
@login_required
@can_create(Interface)
def new_interface(request, machineid):
""" Ajoute une interface et son domain associé à une machine existante"""
can, reason = Interface.can_create(request.user, machineid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
# No need to check if machineid exist, already done in can_create
machine = Machine.objects.get(pk=machineid)
interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
domain_form = DomainForm(request.POST or None)
@ -409,17 +387,10 @@ def del_interface(request, interfaceid):
return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request)
@login_required
@can_create(IpType)
def add_iptype(request):
""" Ajoute un range d'ip. Intelligence dans le models, fonction views minimaliste"""
can, reason = IpType.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
iptype = IpTypeForm(request.POST or None)
if iptype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -431,18 +402,10 @@ def add_iptype(request):
return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
def edit_iptype(request, iptypeid):
@can_edit(IpType)
def edit_iptype(request, iptype_instance, iptypeid):
""" Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence"""
can, reason = IpType.can_edit(request.user, iptypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
iptype_instance = IpType.objects.get(pk=iptypeid)
iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance)
if iptype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -472,16 +435,9 @@ def del_iptype(request):
return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
@can_create(MachineType)
def add_machinetype(request):
can, reason = MachineType.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machinetype = MachineTypeForm(request.POST or None)
if machinetype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -493,17 +449,9 @@ def add_machinetype(request):
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
def edit_machinetype(request, machinetypeid):
@can_edit(MachineType)
def edit_machinetype(request, machinetype_instance, machinetypeid):
can, reason = MachineType.can_edit(request.user, machinetypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance)
if machinetype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -532,16 +480,9 @@ def del_machinetype(request):
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
@can_create(Extension)
def add_extension(request):
can, reason = Extension.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
extension = ExtensionForm(request.POST or None)
if extension.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -553,17 +494,9 @@ def add_extension(request):
return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
def edit_extension(request, extensionid):
@can_edit(Extension)
def edit_extension(request, extension_instance, extensionid):
can, reason = Extension.can_edit(request.user, extensionid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
extension_instance = Extension.objects.get(pk=extensionid)
extension = ExtensionForm(request.POST or None, instance=extension_instance)
if extension.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -592,16 +525,9 @@ def del_extension(request):
return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
@can_create(SOA)
def add_soa(request):
can, reason = SOA.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
soa = SOAForm(request.POST or None)
if soa.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -613,17 +539,9 @@ def add_soa(request):
return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
def edit_soa(request, soaid):
@can_edit(SOA)
def edit_soa(request, soa_instance, soaid):
can, reason = SOA.can_edit(request.user, soaid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
soa_instance = SOA.objects.get(pk=soaid)
soa = SOAForm(request.POST or None, instance=soa_instance)
if soa.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -652,16 +570,9 @@ def del_soa(request):
return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
@can_create(Mx)
def add_mx(request):
can, reason = Mx.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
mx = MxForm(request.POST or None)
if mx.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -673,17 +584,9 @@ def add_mx(request):
return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
def edit_mx(request, mxid):
@can_edit(Mx)
def edit_mx(request, mx_instance, mxid):
can, reason = Mx.can_edit(request.user, mxid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
mx_instance = Mx.objects.get(pk=mxid)
mx = MxForm(request.POST or None, instance=mx_instance)
if mx.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -712,16 +615,9 @@ def del_mx(request):
return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
@can_create(Ns)
def add_ns(request):
can, reason = Ns.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
ns = NsForm(request.POST or None)
if ns.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -733,17 +629,9 @@ def add_ns(request):
return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
def edit_ns(request, nsid):
@can_edit(Ns)
def edit_ns(request, ns_instance, nsid):
can, reason = Ns.can_edit(request.user, nsid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
ns_instance = Ns.objects.get(pk=nsid)
ns = NsForm(request.POST or None, instance=ns_instance)
if ns.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -772,16 +660,9 @@ def del_ns(request):
return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
@can_create(Txt)
def add_txt(request):
can, reason = Txt.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
txt = TxtForm(request.POST or None)
if txt.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -793,17 +674,9 @@ def add_txt(request):
return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
def edit_txt(request, txtid):
@can_edit(Txt)
def edit_txt(request, txt_instance, txtid):
can, reason = Txt.can_edit(request.user, txtid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
txt_instance = Txt.objects.get(pk=txtid)
txt = TxtForm(request.POST or None, instance=txt_instance)
if txt.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -832,16 +705,9 @@ def del_txt(request):
return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
@can_create(Srv)
def add_srv(request):
can, reason = Srv.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
srv = SrvForm(request.POST or None)
if srv.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -853,17 +719,9 @@ def add_srv(request):
return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
def edit_srv(request, srvid):
@can_edit(Srv)
def edit_srv(request, srv_instance, srvid):
can, reason = Srv.can_edit(request.user, srvid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
srv_instance = Srv.objects.get(pk=srvid)
srv = SrvForm(request.POST or None, instance=srv_instance)
if srv.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -892,17 +750,9 @@ def del_srv(request):
return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
@can_create(Domain)
def add_alias(request, interfaceid):
can, reason = Domain.can_create(request.user, interfaceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
# No need to check if interfaceid exist, already done in can_create
interface = Interface.objects.get(pk=interfaceid)
alias = AliasForm(request.POST or None, infra=request.user.has_perms(('infra',)))
if alias.is_valid():
@ -920,27 +770,19 @@ def add_alias(request, interfaceid):
return form({'aliasform': alias}, 'machines/machine.html', request)
@login_required
def edit_alias(request, aliasid):
@can_edit(Domain)
def edit_alias(request, domain_instance, domainid):
can, reason = Domain.can_edit(request.user, aliasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
alias_instance = Domain.objects.get(pk=aliasid)
alias = AliasForm(request.POST or None, instance=alias_instance, infra=request.user.has_perms(('infra',)))
alias = AliasForm(request.POST or None, instance=domain_instance, infra=request.user.has_perms(('infra',)))
if alias.is_valid():
with transaction.atomic(), reversion.create_revision():
alias_instance = alias.save()
domain_instance = alias.save()
reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in alias.changed_data))
messages.success(request, "Alias modifié")
return redirect(reverse(
'machines:index-alias',
kwargs={'interfaceid':str(alias_instance.cname.interface_parent.id)}
kwargs={'interfaceid':str(domain_instance.cname.interface_parent.id)}
))
return form({'aliasform': alias}, 'machines/machine.html', request)
@ -976,16 +818,9 @@ def del_alias(request, interfaceid):
@login_required
@can_create(Service)
def add_service(request):
can, reason = Service.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
service = ServiceForm(request.POST or None)
if service.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -997,17 +832,9 @@ def add_service(request):
return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
def edit_service(request, serviceid):
@can_edit(Service)
def edit_service(request, service_instance, serviceid):
can, reason = Service.can_edit(request.user, serviceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
service_instance = Service.objects.get(pk=serviceid)
service = ServiceForm(request.POST or None, instance=service_instance)
if service.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1036,16 +863,9 @@ def del_service(request):
return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
@can_create(Vlan)
def add_vlan(request):
can, reason = Vlan.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
vlan = VlanForm(request.POST or None)
if vlan.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1057,17 +877,9 @@ def add_vlan(request):
return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
def edit_vlan(request, vlanid):
@can_edit(Vlan)
def edit_vlan(request, vlan_instance, vlanid):
can, reason = Vlan.can_edit(request.user, vlanid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
vlan_instance = Vlan.objects.get(pk=vlanid)
vlan = VlanForm(request.POST or None, instance=vlan_instance)
if vlan.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1096,16 +908,9 @@ def del_vlan(request):
return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
@can_create(Nas)
def add_nas(request):
can, reason = Nas.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
nas = NasForm(request.POST or None)
if nas.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1117,17 +922,9 @@ def add_nas(request):
return form({'nasform': nas}, 'machines/machine.html', request)
@login_required
def edit_nas(request, nasid):
@can_edit(Nas)
def edit_nas(request, nas_instance, nasid):
can, reason = Nas.can_edit(request.user, nasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
nas_instance = Nas.objects.get(pk=nasid)
nas = NasForm(request.POST or None, instance=nas_instance)
if nas.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1369,18 +1166,10 @@ def index_portlist(request):
return render(request, "machines/index_portlist.html", {'port_list':port_list})
@login_required
def edit_portlist(request, pk):
@can_edit(OuverturePortList)
def edit_portlist(request, ouvertureportlist_instance, ouvertureportlistid):
can, reason = OuverturePortList.can_edit(request.user, pk)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
port_list_instance = OuverturePortList.objects.get(pk=pk)
port_list = EditOuverturePortListForm(request.POST or None, instance=port_list_instance)
port_list = EditOuverturePortListForm(request.POST or None, instance=ouvertureportlist_instance)
port_formset = modelformset_factory(
OuverturePort,
fields=('begin','end','protocole','io'),
@ -1388,7 +1177,7 @@ def edit_portlist(request, pk):
can_delete=True,
min_num=1,
validate_min=True,
)(request.POST or None, queryset=port_list_instance.ouvertureport_set.all())
)(request.POST or None, queryset=ouvertureportlist_instance.ouvertureport_set.all())
if port_list.is_valid() and port_formset.is_valid():
pl = port_list.save()
instances = port_formset.save(commit=False)
@ -1403,9 +1192,9 @@ def edit_portlist(request, pk):
@login_required
@permission_required('bureau')
def del_portlist(request, pk):
def del_portlist(request, ouvertureportlistid):
try:
port_list_instance = OuverturePortList.objects.get(pk=pk)
port_list_instance = OuverturePortList.objects.get(pk=ouvertureportlistid)
except OuverturePortList.DoesNotExist:
messages.error(request, "Liste de ports inexistante")
return redirect(reverse('machines:index-portlist'))
@ -1417,16 +1206,9 @@ def del_portlist(request, pk):
return redirect(reverse('machines:index-portlist'))
@login_required
@can_create(OuverturePortList)
def add_portlist(request):
can, reason = OuverturePortList.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
port_list = EditOuverturePortListForm(request.POST or None)
port_formset = modelformset_factory(
OuverturePort,

6
re2o/utils.py
View file

@ -57,8 +57,8 @@ def can_create(model):
of models.
"""
def decorator(view):
def wrapper(request,*args, **kwargs):
can, msg = model.can_create(request.user)
def wrapper(request, *args, **kwargs):
can, msg = model.can_create(request.user, *args, **kwargs)
if not can:
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse('users:profil',
@ -85,7 +85,7 @@ def can_edit(model):
return redirect(reverse('users:profil',
kwargs={'userid':str(request.user.id)}
))
can, msg = model.can_edit(instance, request.user)
can, msg = instance.can_edit(request.user)
if not can:
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
return redirect(reverse('users:profil',

4
users/models.py
View file

@ -935,7 +935,7 @@ class ServiceUser(AbstractBaseUser):
return user.has_perms(('infra',)), u"Vous n'avez pas le droit de\
créer un service user"
def can_edit(instance, user):
def can_edit(self, user):
return user.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
les services users"
@ -1119,7 +1119,7 @@ class Ban(models.Model):
def __str__(self):
return str(self.user) + ' ' + str(self.raison)
def can_create(user):
def can_create(user, userid):
return user.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
créer des bannissement"