mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-25 22:22:26 +00:00
Use @can_create and @can_edit on machines.models
This commit is contained in:
parent
3d89386bba
commit
28ef82176f
5 changed files with 95 additions and 313 deletions
|
@ -58,9 +58,9 @@ class Machine(models.Model):
|
|||
def get_instance(machineid):
|
||||
return Machine.objects.get(pk=machineid)
|
||||
|
||||
def can_create(user_request, userid_dest):
|
||||
def can_create(user_request, userid):
|
||||
try:
|
||||
user = users.models.User.objects.get(pk=userid_dest)
|
||||
user = users.models.User.objects.get(pk=userid)
|
||||
except users.models.User.DoesNotExist:
|
||||
return False, u"Utilisateur inexistant"
|
||||
options, created = preferences.models.OptionalMachine.objects.get_or_create()
|
||||
|
@ -75,7 +75,7 @@ class Machine(models.Model):
|
|||
% max_lambdauser_interfaces
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, machine):
|
||||
def can_edit(self, user_request):
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
|
@ -106,7 +106,7 @@ class MachineType(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un type de machine"
|
||||
|
||||
def can_edit(user_request, machinetype):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des types de machine"
|
||||
return True, None
|
||||
|
@ -221,14 +221,14 @@ class IpType(models.Model):
|
|||
self.clean()
|
||||
super(IpType, self).save(*args, **kwargs)
|
||||
|
||||
def get_instance(iptyeid):
|
||||
def get_instance(iptypeid):
|
||||
return IpType.objects.get(pk=iptypeid)
|
||||
|
||||
def can_create(user_request):
|
||||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un type d'ip"
|
||||
|
||||
def can_edit(user_request, iptype):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des types d'ip"
|
||||
return True, None
|
||||
|
@ -253,7 +253,7 @@ class Vlan(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un vlan"
|
||||
|
||||
def can_edit(user_request, vlan):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des vlans"
|
||||
return True, None
|
||||
|
@ -299,7 +299,7 @@ class Nas(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un nas"
|
||||
|
||||
def can_edit(user_request, nas):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des nas"
|
||||
return True, None
|
||||
|
@ -347,7 +347,7 @@ class SOA(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un enregistrement SOA"
|
||||
|
||||
def can_edit(user_request, soa):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SOA"
|
||||
return True, None
|
||||
|
@ -441,7 +441,7 @@ class Extension(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer une extension"
|
||||
|
||||
def can_edit(user_request, extension):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des extensions"
|
||||
return True, None
|
||||
|
@ -478,7 +478,7 @@ class Mx(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un enregistrement MX"
|
||||
|
||||
def can_edit(user_request, mx):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des enregstrements MX"
|
||||
return True, None
|
||||
|
@ -506,7 +506,7 @@ class Ns(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un enregistrement NS"
|
||||
|
||||
def can_edit(user_request, ns):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des enregistrements NS"
|
||||
return True, None
|
||||
|
@ -530,7 +530,7 @@ class Txt(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un enregistrement TXT"
|
||||
|
||||
def can_edit(user_request, txt):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des enregistrement TXT"
|
||||
return True, None
|
||||
|
@ -595,7 +595,7 @@ class Srv(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un enregistrement SRV"
|
||||
|
||||
def can_edit(user_request, srv):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SRV"
|
||||
return True, None
|
||||
|
@ -720,9 +720,9 @@ class Interface(models.Model):
|
|||
def get_instance(interfaceid):
|
||||
return Interface.objects.get(pk=interfaceid)
|
||||
|
||||
def can_create(user_request, machineid_dest):
|
||||
def can_create(user_request, machineid):
|
||||
try:
|
||||
machine = Machine.objects.get(pk=machineid_dest)
|
||||
machine = Machine.objects.get(pk=machineid)
|
||||
except Machine.DoesNotExist:
|
||||
return False, u"Machine inexistante"
|
||||
if not user_request.has_perms(('cableur',)):
|
||||
|
@ -737,10 +737,10 @@ class Interface(models.Model):
|
|||
% max_lambdauser_interfaces
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, interface):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)) and \
|
||||
not user_request.has_perms(('cableur',)) and \
|
||||
interface.machine.user != user_request:
|
||||
self.machine.user != user_request:
|
||||
return False, u"Vous ne pouvez pas éditer une machine\
|
||||
d'un autre user que vous sans droit"
|
||||
return True, None
|
||||
|
@ -847,9 +847,9 @@ class Domain(models.Model):
|
|||
def get_instance(domainid):
|
||||
return Domain.objects.get(pk=domainid)
|
||||
|
||||
def can_create(user_request, interfaceid_dest):
|
||||
def can_create(user_request, interfaceid):
|
||||
try:
|
||||
interface = Interface.objects.get(pk=interfaceid_dest)
|
||||
interface = Interface.objects.get(pk=interfaceid)
|
||||
except Interface.DoesNotExist:
|
||||
return False, u"Interface inexistante"
|
||||
if not user_request.has_perms(('cableur',)):
|
||||
|
@ -868,10 +868,10 @@ class Domain(models.Model):
|
|||
% max_lambdauser_aliases
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, domain):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('cableur',)) and (
|
||||
domain.cname is None or \
|
||||
domain.cname.interface_parent.machine.user != user_request
|
||||
self.cname is None or \
|
||||
self.cname.interface_parent.machine.user != user_request
|
||||
):
|
||||
return False, u"Vous ne pouvez pas ajouter un alias à une machine\
|
||||
d'un autre user que vous sans droit"
|
||||
|
@ -910,7 +910,7 @@ class IpList(models.Model):
|
|||
def can_create(user_request):
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, iplist):
|
||||
def can_edit(self, user_request):
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
|
@ -960,7 +960,7 @@ class Service(models.Model):
|
|||
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
|
||||
de créer un service"
|
||||
|
||||
def can_edit(user_request, service):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('infra',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des services"
|
||||
return True, None
|
||||
|
@ -1011,7 +1011,7 @@ class Service_link(models.Model):
|
|||
def can_create(user_request):
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, servicelink):
|
||||
def can_edit(self, user_request):
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
|
@ -1034,7 +1034,7 @@ class OuverturePortList(models.Model):
|
|||
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
|
||||
d'ouvrir un port"
|
||||
|
||||
def can_edit(user_request, ouvertureportlist):
|
||||
def can_edit(self, user_request):
|
||||
if not user_request.has_perms(('bureau',)):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des ouvertures de port"
|
||||
return True, None
|
||||
|
@ -1115,7 +1115,7 @@ class OuverturePort(models.Model):
|
|||
def can_create(user_request):
|
||||
return True, None
|
||||
|
||||
def can_edit(user_request, ouvertureport):
|
||||
def can_edit(self, user_request):
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
@ -61,7 +61,7 @@ urlpatterns = [
|
|||
url(r'^del_srv/$', views.del_srv, name='del-srv'),
|
||||
url(r'^index_extension/$', views.index_extension, name='index-extension'),
|
||||
url(r'^add_alias/(?P<interfaceid>[0-9]+)$', views.add_alias, name='add-alias'),
|
||||
url(r'^edit_alias/(?P<aliasid>[0-9]+)$', views.edit_alias, name='edit-alias'),
|
||||
url(r'^edit_alias/(?P<domainid>[0-9]+)$', views.edit_alias, name='edit-alias'),
|
||||
url(r'^del_alias/(?P<interfaceid>[0-9]+)$', views.del_alias, name='del-alias'),
|
||||
url(r'^index_alias/(?P<interfaceid>[0-9]+)$', views.index_alias, name='index-alias'),
|
||||
url(r'^add_service/$', views.add_service, name='add-service'),
|
||||
|
@ -104,8 +104,8 @@ urlpatterns = [
|
|||
url(r'^rest/service_servers/$', views.service_servers, name='service-servers'),
|
||||
url(r'^rest/ouverture_ports/$', views.ouverture_ports, name='ouverture-ports'),
|
||||
url(r'index_portlist/$', views.index_portlist, name='index-portlist'),
|
||||
url(r'^edit_portlist/(?P<pk>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
|
||||
url(r'^del_portlist/(?P<pk>[0-9]+)$', views.del_portlist, name='del-portlist'),
|
||||
url(r'^edit_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.edit_portlist, name='edit-portlist'),
|
||||
url(r'^del_portlist/(?P<ouvertureportlistid>[0-9]+)$', views.del_portlist, name='del-portlist'),
|
||||
url(r'^add_portlist/$', views.add_portlist, name='add-portlist'),
|
||||
url(r'^port_config/(?P<pk>[0-9]+)$', views.configure_ports, name='port-config'),
|
||||
|
||||
|
|
|
@ -123,7 +123,9 @@ from re2o.utils import (
|
|||
all_active_assigned_interfaces,
|
||||
all_has_access,
|
||||
filter_active_interfaces,
|
||||
SortTable
|
||||
SortTable,
|
||||
can_create,
|
||||
can_edit
|
||||
)
|
||||
from re2o.views import form
|
||||
|
||||
|
@ -210,20 +212,12 @@ def generate_ipv4_mbf_param( form, is_type_tt ):
|
|||
return i_mbf_param
|
||||
|
||||
@login_required
|
||||
@can_create(Machine)
|
||||
def new_machine(request, userid):
|
||||
""" Fonction de creation d'une machine. Cree l'objet machine,
|
||||
le sous objet interface et l'objet domain à partir de model forms.
|
||||
Trop complexe, devrait être simplifié"""
|
||||
|
||||
can, reason = Machine.can_create(request.user, userid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
# No need to check if userid exist, already done in can_create
|
||||
user = User.objects.get(pk=userid)
|
||||
machine = NewMachineForm(request.POST or None)
|
||||
interface = AddInterfaceForm(
|
||||
|
@ -270,26 +264,18 @@ def new_machine(request, userid):
|
|||
)
|
||||
|
||||
@login_required
|
||||
def edit_interface(request, interfaceid):
|
||||
@can_edit(Interface)
|
||||
def edit_interface(request, interface_instance, interfaceid):
|
||||
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
|
||||
infra permet de modifier le propriétaire"""
|
||||
|
||||
can, reason = Interface.can_edit(request.user, interfaceid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
interface = Interface.objects.get(pk=interfaceid)
|
||||
if not request.user.has_perms(('infra',)):
|
||||
machine_form = BaseEditMachineForm(request.POST or None, instance=interface.machine)
|
||||
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface, infra=False)
|
||||
machine_form = BaseEditMachineForm(request.POST or None, instance=interface_instance.machine)
|
||||
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface_instance, infra=False)
|
||||
else:
|
||||
machine_form = EditMachineForm(request.POST or None, instance=interface.machine)
|
||||
interface_form = EditInterfaceForm(request.POST or None, instance=interface)
|
||||
domain_form = DomainForm(request.POST or None, instance=interface.domain)
|
||||
machine_form = EditMachineForm(request.POST or None, instance=interface_instance.machine)
|
||||
interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance)
|
||||
domain_form = DomainForm(request.POST or None, instance=interface_instance.domain)
|
||||
if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid():
|
||||
new_machine = machine_form.save(commit=False)
|
||||
new_interface = interface_form.save(commit=False)
|
||||
|
@ -309,7 +295,7 @@ def edit_interface(request, interfaceid):
|
|||
messages.success(request, "La machine a été modifiée")
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(interface.machine.user.id)}
|
||||
kwargs={'userid':str(interface_instance.machine.user.id)}
|
||||
))
|
||||
i_mbf_param = generate_ipv4_mbf_param( interface_form, False )
|
||||
return form({'machineform': machine_form, 'interfaceform': interface_form, 'domainform': domain_form, 'i_mbf_param': i_mbf_param}, 'machines/machine.html', request)
|
||||
|
@ -341,18 +327,10 @@ def del_machine(request, machineid):
|
|||
return form({'objet': machine, 'objet_name': 'machine'}, 'machines/delete.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Interface)
|
||||
def new_interface(request, machineid):
|
||||
""" Ajoute une interface et son domain associé à une machine existante"""
|
||||
|
||||
can, reason = Interface.can_create(request.user, machineid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
# No need to check if machineid exist, already done in can_create
|
||||
machine = Machine.objects.get(pk=machineid)
|
||||
interface_form = AddInterfaceForm(request.POST or None, infra=request.user.has_perms(('infra',)))
|
||||
domain_form = DomainForm(request.POST or None)
|
||||
|
@ -409,17 +387,10 @@ def del_interface(request, interfaceid):
|
|||
return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(IpType)
|
||||
def add_iptype(request):
|
||||
""" Ajoute un range d'ip. Intelligence dans le models, fonction views minimaliste"""
|
||||
|
||||
can, reason = IpType.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
iptype = IpTypeForm(request.POST or None)
|
||||
if iptype.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -431,18 +402,10 @@ def add_iptype(request):
|
|||
return form({'iptypeform': iptype}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_iptype(request, iptypeid):
|
||||
@can_edit(IpType)
|
||||
def edit_iptype(request, iptype_instance, iptypeid):
|
||||
""" Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence"""
|
||||
|
||||
can, reason = IpType.can_edit(request.user, iptypeid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
iptype_instance = IpType.objects.get(pk=iptypeid)
|
||||
iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance)
|
||||
if iptype.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -472,16 +435,9 @@ def del_iptype(request):
|
|||
return form({'iptypeform': iptype}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(MachineType)
|
||||
def add_machinetype(request):
|
||||
|
||||
can, reason = MachineType.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
machinetype = MachineTypeForm(request.POST or None)
|
||||
if machinetype.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -493,17 +449,9 @@ def add_machinetype(request):
|
|||
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_machinetype(request, machinetypeid):
|
||||
@can_edit(MachineType)
|
||||
def edit_machinetype(request, machinetype_instance, machinetypeid):
|
||||
|
||||
can, reason = MachineType.can_edit(request.user, machinetypeid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
|
||||
machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance)
|
||||
if machinetype.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -532,16 +480,9 @@ def del_machinetype(request):
|
|||
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Extension)
|
||||
def add_extension(request):
|
||||
|
||||
can, reason = Extension.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
extension = ExtensionForm(request.POST or None)
|
||||
if extension.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -553,17 +494,9 @@ def add_extension(request):
|
|||
return form({'extensionform': extension}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_extension(request, extensionid):
|
||||
@can_edit(Extension)
|
||||
def edit_extension(request, extension_instance, extensionid):
|
||||
|
||||
can, reason = Extension.can_edit(request.user, extensionid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
extension_instance = Extension.objects.get(pk=extensionid)
|
||||
extension = ExtensionForm(request.POST or None, instance=extension_instance)
|
||||
if extension.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -592,16 +525,9 @@ def del_extension(request):
|
|||
return form({'extensionform': extension}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(SOA)
|
||||
def add_soa(request):
|
||||
|
||||
can, reason = SOA.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
soa = SOAForm(request.POST or None)
|
||||
if soa.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -613,17 +539,9 @@ def add_soa(request):
|
|||
return form({'soaform': soa}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_soa(request, soaid):
|
||||
@can_edit(SOA)
|
||||
def edit_soa(request, soa_instance, soaid):
|
||||
|
||||
can, reason = SOA.can_edit(request.user, soaid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
soa_instance = SOA.objects.get(pk=soaid)
|
||||
soa = SOAForm(request.POST or None, instance=soa_instance)
|
||||
if soa.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -652,16 +570,9 @@ def del_soa(request):
|
|||
return form({'soaform': soa}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Mx)
|
||||
def add_mx(request):
|
||||
|
||||
can, reason = Mx.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
mx = MxForm(request.POST or None)
|
||||
if mx.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -673,17 +584,9 @@ def add_mx(request):
|
|||
return form({'mxform': mx}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_mx(request, mxid):
|
||||
@can_edit(Mx)
|
||||
def edit_mx(request, mx_instance, mxid):
|
||||
|
||||
can, reason = Mx.can_edit(request.user, mxid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
mx_instance = Mx.objects.get(pk=mxid)
|
||||
mx = MxForm(request.POST or None, instance=mx_instance)
|
||||
if mx.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -712,16 +615,9 @@ def del_mx(request):
|
|||
return form({'mxform': mx}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Ns)
|
||||
def add_ns(request):
|
||||
|
||||
can, reason = Ns.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
ns = NsForm(request.POST or None)
|
||||
if ns.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -733,17 +629,9 @@ def add_ns(request):
|
|||
return form({'nsform': ns}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_ns(request, nsid):
|
||||
@can_edit(Ns)
|
||||
def edit_ns(request, ns_instance, nsid):
|
||||
|
||||
can, reason = Ns.can_edit(request.user, nsid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
ns_instance = Ns.objects.get(pk=nsid)
|
||||
ns = NsForm(request.POST or None, instance=ns_instance)
|
||||
if ns.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -772,16 +660,9 @@ def del_ns(request):
|
|||
return form({'nsform': ns}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Txt)
|
||||
def add_txt(request):
|
||||
|
||||
can, reason = Txt.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
txt = TxtForm(request.POST or None)
|
||||
if txt.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -793,17 +674,9 @@ def add_txt(request):
|
|||
return form({'txtform': txt}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_txt(request, txtid):
|
||||
@can_edit(Txt)
|
||||
def edit_txt(request, txt_instance, txtid):
|
||||
|
||||
can, reason = Txt.can_edit(request.user, txtid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
txt_instance = Txt.objects.get(pk=txtid)
|
||||
txt = TxtForm(request.POST or None, instance=txt_instance)
|
||||
if txt.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -832,16 +705,9 @@ def del_txt(request):
|
|||
return form({'txtform': txt}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Srv)
|
||||
def add_srv(request):
|
||||
|
||||
can, reason = Srv.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
srv = SrvForm(request.POST or None)
|
||||
if srv.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -853,17 +719,9 @@ def add_srv(request):
|
|||
return form({'srvform': srv}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_srv(request, srvid):
|
||||
@can_edit(Srv)
|
||||
def edit_srv(request, srv_instance, srvid):
|
||||
|
||||
can, reason = Srv.can_edit(request.user, srvid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
srv_instance = Srv.objects.get(pk=srvid)
|
||||
srv = SrvForm(request.POST or None, instance=srv_instance)
|
||||
if srv.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -892,17 +750,9 @@ def del_srv(request):
|
|||
return form({'srvform': srv}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Domain)
|
||||
def add_alias(request, interfaceid):
|
||||
|
||||
can, reason = Domain.can_create(request.user, interfaceid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
# No need to check if interfaceid exist, already done in can_create
|
||||
interface = Interface.objects.get(pk=interfaceid)
|
||||
alias = AliasForm(request.POST or None, infra=request.user.has_perms(('infra',)))
|
||||
if alias.is_valid():
|
||||
|
@ -920,27 +770,19 @@ def add_alias(request, interfaceid):
|
|||
return form({'aliasform': alias}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_alias(request, aliasid):
|
||||
@can_edit(Domain)
|
||||
def edit_alias(request, domain_instance, domainid):
|
||||
|
||||
can, reason = Domain.can_edit(request.user, aliasid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
alias_instance = Domain.objects.get(pk=aliasid)
|
||||
alias = AliasForm(request.POST or None, instance=alias_instance, infra=request.user.has_perms(('infra',)))
|
||||
alias = AliasForm(request.POST or None, instance=domain_instance, infra=request.user.has_perms(('infra',)))
|
||||
if alias.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
alias_instance = alias.save()
|
||||
domain_instance = alias.save()
|
||||
reversion.set_user(request.user)
|
||||
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in alias.changed_data))
|
||||
messages.success(request, "Alias modifié")
|
||||
return redirect(reverse(
|
||||
'machines:index-alias',
|
||||
kwargs={'interfaceid':str(alias_instance.cname.interface_parent.id)}
|
||||
kwargs={'interfaceid':str(domain_instance.cname.interface_parent.id)}
|
||||
))
|
||||
return form({'aliasform': alias}, 'machines/machine.html', request)
|
||||
|
||||
|
@ -976,16 +818,9 @@ def del_alias(request, interfaceid):
|
|||
|
||||
|
||||
@login_required
|
||||
@can_create(Service)
|
||||
def add_service(request):
|
||||
|
||||
can, reason = Service.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
service = ServiceForm(request.POST or None)
|
||||
if service.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -997,17 +832,9 @@ def add_service(request):
|
|||
return form({'serviceform': service}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_service(request, serviceid):
|
||||
@can_edit(Service)
|
||||
def edit_service(request, service_instance, serviceid):
|
||||
|
||||
can, reason = Service.can_edit(request.user, serviceid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
service_instance = Service.objects.get(pk=serviceid)
|
||||
service = ServiceForm(request.POST or None, instance=service_instance)
|
||||
if service.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -1036,16 +863,9 @@ def del_service(request):
|
|||
return form({'serviceform': service}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Vlan)
|
||||
def add_vlan(request):
|
||||
|
||||
can, reason = Vlan.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
vlan = VlanForm(request.POST or None)
|
||||
if vlan.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -1057,17 +877,9 @@ def add_vlan(request):
|
|||
return form({'vlanform': vlan}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_vlan(request, vlanid):
|
||||
@can_edit(Vlan)
|
||||
def edit_vlan(request, vlan_instance, vlanid):
|
||||
|
||||
can, reason = Vlan.can_edit(request.user, vlanid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
vlan_instance = Vlan.objects.get(pk=vlanid)
|
||||
vlan = VlanForm(request.POST or None, instance=vlan_instance)
|
||||
if vlan.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -1096,16 +908,9 @@ def del_vlan(request):
|
|||
return form({'vlanform': vlan}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
@can_create(Nas)
|
||||
def add_nas(request):
|
||||
|
||||
can, reason = Nas.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
nas = NasForm(request.POST or None)
|
||||
if nas.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -1117,17 +922,9 @@ def add_nas(request):
|
|||
return form({'nasform': nas}, 'machines/machine.html', request)
|
||||
|
||||
@login_required
|
||||
def edit_nas(request, nasid):
|
||||
@can_edit(Nas)
|
||||
def edit_nas(request, nas_instance, nasid):
|
||||
|
||||
can, reason = Nas.can_edit(request.user, nasid)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
nas_instance = Nas.objects.get(pk=nasid)
|
||||
nas = NasForm(request.POST or None, instance=nas_instance)
|
||||
if nas.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -1369,18 +1166,10 @@ def index_portlist(request):
|
|||
return render(request, "machines/index_portlist.html", {'port_list':port_list})
|
||||
|
||||
@login_required
|
||||
def edit_portlist(request, pk):
|
||||
@can_edit(OuverturePortList)
|
||||
def edit_portlist(request, ouvertureportlist_instance, ouvertureportlistid):
|
||||
|
||||
can, reason = OuverturePortList.can_edit(request.user, pk)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
port_list_instance = OuverturePortList.objects.get(pk=pk)
|
||||
port_list = EditOuverturePortListForm(request.POST or None, instance=port_list_instance)
|
||||
port_list = EditOuverturePortListForm(request.POST or None, instance=ouvertureportlist_instance)
|
||||
port_formset = modelformset_factory(
|
||||
OuverturePort,
|
||||
fields=('begin','end','protocole','io'),
|
||||
|
@ -1388,7 +1177,7 @@ def edit_portlist(request, pk):
|
|||
can_delete=True,
|
||||
min_num=1,
|
||||
validate_min=True,
|
||||
)(request.POST or None, queryset=port_list_instance.ouvertureport_set.all())
|
||||
)(request.POST or None, queryset=ouvertureportlist_instance.ouvertureport_set.all())
|
||||
if port_list.is_valid() and port_formset.is_valid():
|
||||
pl = port_list.save()
|
||||
instances = port_formset.save(commit=False)
|
||||
|
@ -1403,9 +1192,9 @@ def edit_portlist(request, pk):
|
|||
|
||||
@login_required
|
||||
@permission_required('bureau')
|
||||
def del_portlist(request, pk):
|
||||
def del_portlist(request, ouvertureportlistid):
|
||||
try:
|
||||
port_list_instance = OuverturePortList.objects.get(pk=pk)
|
||||
port_list_instance = OuverturePortList.objects.get(pk=ouvertureportlistid)
|
||||
except OuverturePortList.DoesNotExist:
|
||||
messages.error(request, "Liste de ports inexistante")
|
||||
return redirect(reverse('machines:index-portlist'))
|
||||
|
@ -1417,16 +1206,9 @@ def del_portlist(request, pk):
|
|||
return redirect(reverse('machines:index-portlist'))
|
||||
|
||||
@login_required
|
||||
@can_create(OuverturePortList)
|
||||
def add_portlist(request):
|
||||
|
||||
can, reason = OuverturePortList.can_create(request.user)
|
||||
if not can:
|
||||
messages.error(request, reason)
|
||||
return redirect(reverse(
|
||||
'users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
|
||||
port_list = EditOuverturePortListForm(request.POST or None)
|
||||
port_formset = modelformset_factory(
|
||||
OuverturePort,
|
||||
|
|
|
@ -58,7 +58,7 @@ def can_create(model):
|
|||
"""
|
||||
def decorator(view):
|
||||
def wrapper(request, *args, **kwargs):
|
||||
can, msg = model.can_create(request.user)
|
||||
can, msg = model.can_create(request.user, *args, **kwargs)
|
||||
if not can:
|
||||
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse('users:profil',
|
||||
|
@ -85,7 +85,7 @@ def can_edit(model):
|
|||
return redirect(reverse('users:profil',
|
||||
kwargs={'userid':str(request.user.id)}
|
||||
))
|
||||
can, msg = model.can_edit(instance, request.user)
|
||||
can, msg = instance.can_edit(request.user)
|
||||
if not can:
|
||||
messages.error(request, msg or "Vous ne pouvez pas accéder à ce menu")
|
||||
return redirect(reverse('users:profil',
|
||||
|
|
|
@ -935,7 +935,7 @@ class ServiceUser(AbstractBaseUser):
|
|||
return user.has_perms(('infra',)), u"Vous n'avez pas le droit de\
|
||||
créer un service user"
|
||||
|
||||
def can_edit(instance, user):
|
||||
def can_edit(self, user):
|
||||
return user.has_perms(('infra',)), u"Vous n'avez pas le droit d'éditer\
|
||||
les services users"
|
||||
|
||||
|
@ -1119,7 +1119,7 @@ class Ban(models.Model):
|
|||
def __str__(self):
|
||||
return str(self.user) + ' ' + str(self.raison)
|
||||
|
||||
def can_create(user):
|
||||
def can_create(user, userid):
|
||||
return user.has_perms(('bofh',)), u"Vous n'avez pas le droit de\
|
||||
créer des bannissement"
|
||||
|
||||
|
|
Loading…
Reference in a new issue