mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-22 11:23:10 +00:00
Merge branch 'roles' into 'dev'
Ajout les Roles See merge request federez/re2o!182
This commit is contained in:
commit
42f3c32cef
13 changed files with 388 additions and 45 deletions
|
@ -120,3 +120,11 @@ Don't forget to run migrations, several settings previously in the `preferences`
|
|||
in their own Payment models.
|
||||
|
||||
To have a closer look on how the payments works, please go to the wiki.
|
||||
|
||||
## MR 182: Add role models
|
||||
|
||||
Adds the Role model.
|
||||
You need to ensure that your database character set is utf-8.
|
||||
```sql
|
||||
ALTER DATABASE re2o CHARACTER SET utf8;
|
||||
```
|
||||
|
|
|
@ -338,6 +338,7 @@ class OptionalMachineSerializer(NamespacedHMSerializer):
|
|||
class OptionalTopologieSerializer(NamespacedHMSerializer):
|
||||
"""Serialize `preferences.models.OptionalTopologie` objects.
|
||||
"""
|
||||
|
||||
class Meta:
|
||||
model = preferences.OptionalTopologie
|
||||
fields = ('radius_general_policy', 'vlan_decision_ok',
|
||||
|
|
|
@ -42,6 +42,7 @@ from .models import (
|
|||
SshFp,
|
||||
Nas,
|
||||
Service,
|
||||
Role,
|
||||
OuverturePort,
|
||||
Ipv6List,
|
||||
OuverturePortList,
|
||||
|
@ -146,6 +147,11 @@ class ServiceAdmin(VersionAdmin):
|
|||
""" Admin view of a ServiceAdmin object """
|
||||
list_display = ('service_type', 'min_time_regen', 'regular_time_regen')
|
||||
|
||||
class RoleAdmin(VersionAdmin):
|
||||
""" Admin view of a RoleAdmin object """
|
||||
pass
|
||||
|
||||
|
||||
|
||||
admin.site.register(Machine, MachineAdmin)
|
||||
admin.site.register(MachineType, MachineTypeAdmin)
|
||||
|
@ -162,6 +168,7 @@ admin.site.register(IpList, IpListAdmin)
|
|||
admin.site.register(Interface, InterfaceAdmin)
|
||||
admin.site.register(Domain, DomainAdmin)
|
||||
admin.site.register(Service, ServiceAdmin)
|
||||
admin.site.register(Role, RoleAdmin)
|
||||
admin.site.register(Vlan, VlanAdmin)
|
||||
admin.site.register(Ipv6List, Ipv6ListAdmin)
|
||||
admin.site.register(Nas, NasAdmin)
|
||||
|
|
|
@ -37,6 +37,7 @@ from __future__ import unicode_literals
|
|||
|
||||
from django.forms import ModelForm, Form
|
||||
from django import forms
|
||||
from django.utils.translation import ugettext_lazy as _l
|
||||
|
||||
from re2o.field_permissions import FieldPermissionFormMixin
|
||||
from re2o.mixins import FormRevMixin
|
||||
|
@ -53,6 +54,7 @@ from .models import (
|
|||
Txt,
|
||||
DName,
|
||||
Ns,
|
||||
Role,
|
||||
Service,
|
||||
Vlan,
|
||||
Srv,
|
||||
|
@ -497,6 +499,38 @@ class DelNasForm(FormRevMixin, Form):
|
|||
self.fields['nas'].queryset = Nas.objects.all()
|
||||
|
||||
|
||||
class RoleForm(FormRevMixin, ModelForm):
|
||||
"""Add and edit role."""
|
||||
class Meta:
|
||||
model = Role
|
||||
fields = '__all__'
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
|
||||
super(RoleForm, self).__init__(*args, prefix=prefix, **kwargs)
|
||||
self.fields['servers'].queryset = (Interface.objects.all()
|
||||
.select_related(
|
||||
'domain__extension'
|
||||
))
|
||||
|
||||
|
||||
class DelRoleForm(FormRevMixin, Form):
|
||||
"""Deletion of one or several roles."""
|
||||
role = forms.ModelMultipleChoiceField(
|
||||
queryset=Role.objects.none(),
|
||||
label=_l("Current roles"),
|
||||
widget=forms.CheckboxSelectMultiple
|
||||
)
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
instances = kwargs.pop('instances', None)
|
||||
super(DelRoleForm, self).__init__(*args, **kwargs)
|
||||
if instances:
|
||||
self.fields['role'].queryset = instances
|
||||
else:
|
||||
self.fields['role'].queryset = Role.objects.all()
|
||||
|
||||
|
||||
class ServiceForm(FormRevMixin, ModelForm):
|
||||
"""Ajout et edition d'une classe de service : dns, dhcp, etc"""
|
||||
class Meta:
|
||||
|
|
27
machines/migrations/0086_role.py
Normal file
27
machines/migrations/0086_role.py
Normal file
|
@ -0,0 +1,27 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2018-06-23 14:07
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
import re2o.mixins
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('machines', '0085_sshfingerprint'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Role',
|
||||
fields=[
|
||||
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
||||
('role_type', models.CharField(max_length=255, unique=True)),
|
||||
('servers', models.ManyToManyField(to='machines.Interface')),
|
||||
('specific_role', models.CharField(blank=True, choices=[('dhcp-server', 'DHCP server'), ('switch-conf-server', 'Switches configuration server'), ('dns-recursif-server', 'Recursive DNS server'), ('ntp-server', 'NTP server'), ('radius-server', 'Radius server'), ('log-server', 'Log server'), ('ldap-master-server', 'LDAP master server'), ('ldap-backup-server', 'LDAP backup server'), ('smtp-server', 'SMTP server'), ('postgresql-server', 'postgreSQL server'), ('mysql-server', 'mySQL server'), ('sql-client', 'SQL client'), ('gateway', 'Gatewaw')], max_length=32, null=True))
|
||||
],
|
||||
options={'permissions': (('view_role', 'Can view a role.'),), 'verbose_name': 'Server role'},
|
||||
bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model),
|
||||
),
|
||||
]
|
|
@ -42,6 +42,7 @@ from django.forms import ValidationError
|
|||
from django.utils.functional import cached_property
|
||||
from django.utils import timezone
|
||||
from django.core.validators import MaxValueValidator
|
||||
from django.utils.translation import ugettext_lazy as _l
|
||||
|
||||
from macaddress.fields import MACAddressField
|
||||
|
||||
|
@ -1441,6 +1442,75 @@ class IpList(RevMixin, AclMixin, models.Model):
|
|||
return self.ipv4
|
||||
|
||||
|
||||
class Role(RevMixin, AclMixin, models.Model):
|
||||
"""Define the role of a machine.
|
||||
Allow automated generation of the server configuration.
|
||||
"""
|
||||
|
||||
ROLE = (
|
||||
('dhcp-server', _l('DHCP server')),
|
||||
('switch-conf-server', _l('Switches configuration server')),
|
||||
('dns-recursif-server', _l('Recursive DNS server')),
|
||||
('ntp-server', _l('NTP server')),
|
||||
('radius-server', _l('Radius server')),
|
||||
('log-server', _l('Log server')),
|
||||
('ldap-master-server', _l('LDAP master server')),
|
||||
('ldap-backup-server', _l('LDAP backup server')),
|
||||
('smtp-server', _l('SMTP server')),
|
||||
('postgresql-server', _l('postgreSQL server')),
|
||||
('mysql-server', _l('mySQL server')),
|
||||
('sql-client', _l('SQL client')),
|
||||
('gateway', _l('Gatewaw')),
|
||||
)
|
||||
|
||||
role_type = models.CharField(max_length=255, unique=True)
|
||||
servers = models.ManyToManyField('Interface')
|
||||
specific_role = models.CharField(
|
||||
choices=ROLE,
|
||||
null=True,
|
||||
blank=True,
|
||||
max_length=32,
|
||||
)
|
||||
|
||||
class Meta:
|
||||
permissions = (
|
||||
("view_role", _l("Can view a role.")),
|
||||
)
|
||||
verbose_name = _l("Server role")
|
||||
|
||||
@classmethod
|
||||
def get_instance(cls, roleid, *_args, **_kwargs):
|
||||
"""Get the Role instance with roleid.
|
||||
|
||||
Args:
|
||||
roleid: The id
|
||||
|
||||
Returns:
|
||||
The role.
|
||||
"""
|
||||
return cls.objects.get(pk=roleid)
|
||||
|
||||
@classmethod
|
||||
def interface_for_roletype(cls, roletype):
|
||||
"""Return interfaces for a roletype"""
|
||||
return Interface.objects.filter(
|
||||
role=cls.objects.filter(specific_role=roletype)
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def all_interfaces_for_roletype(cls, roletype):
|
||||
"""Return all interfaces for a roletype"""
|
||||
return Interface.objects.filter(
|
||||
machine__interface__role=cls.objects.filter(specific_role=roletype)
|
||||
)
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
super(Role, self).save(*args, **kwargs)
|
||||
|
||||
def __str__(self):
|
||||
return str(self.role_type)
|
||||
|
||||
|
||||
class Service(RevMixin, AclMixin, models.Model):
|
||||
""" Definition d'un service (dhcp, dns, etc)"""
|
||||
PRETTY_NAME = "Services à générer (dhcp, dns, etc)"
|
||||
|
|
54
machines/templates/machines/aff_role.html
Normal file
54
machines/templates/machines/aff_role.html
Normal file
|
@ -0,0 +1,54 @@
|
|||
{% comment %}
|
||||
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
|
||||
se veut agnostique au réseau considéré, de manière à être installable en
|
||||
quelques clics.
|
||||
|
||||
Copyright © 2017 Gabriel Détraz
|
||||
Copyright © 2017 Goulven Kermarec
|
||||
Copyright © 2017 Augustin Lemesle
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
{% endcomment %}
|
||||
|
||||
{% load acl %}
|
||||
{% load i18n %}
|
||||
{% load logs_extra %}
|
||||
|
||||
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>{% trans "Role name" %}</th>
|
||||
<th>{% trans "Specific role" %}</th>
|
||||
<th>{% trans "Servers" %}</th>
|
||||
<th></th>
|
||||
<th></th>
|
||||
</tr>
|
||||
</thead>
|
||||
{% for role in role_list %}
|
||||
<tr>
|
||||
<td>{{ role.role_type }}</td>
|
||||
<td>{{ role.specific_role }}</td>
|
||||
<td>{% for serv in role.servers.all %}{{ serv }}, {% endfor %}</td>
|
||||
<td class="text-right">
|
||||
{% can_edit role %}
|
||||
{% include 'buttons/edit.html' with href='machines:edit-role' id=role.id %}
|
||||
{% acl_end %}
|
||||
{% history_button role %}
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
42
machines/templates/machines/index_role.html
Normal file
42
machines/templates/machines/index_role.html
Normal file
|
@ -0,0 +1,42 @@
|
|||
{% extends "machines/sidebar.html" %}
|
||||
{% comment %}
|
||||
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
|
||||
se veut agnostique au réseau considéré, de manière à être installable en
|
||||
quelques clics.
|
||||
|
||||
Copyright © 2017 Gabriel Détraz
|
||||
Copyright © 2017 Goulven Kermarec
|
||||
Copyright © 2017 Augustin Lemesle
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along
|
||||
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
{% endcomment %}
|
||||
|
||||
{% load bootstrap3 %}
|
||||
{% load acl %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block title %}Machines{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<h2>{% trans "Roles list" %}</h2>
|
||||
{% can_create Role %}
|
||||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'machines:add-role' %}"><i class="fa fa-plus"></i> {% trans "Add role"%}</a>
|
||||
{% acl_end %}
|
||||
<a class="btn btn-danger btn-sm" role="button" href="{% url 'machines:del-role' %}"><i class="fa fa-trash"></i> {% trans "Delete one or several roles" %}</a>
|
||||
{% include "machines/aff_role.html" with role_list=role_list %}
|
||||
<br />
|
||||
<br />
|
||||
{% endblock %}
|
||||
|
|
@ -72,6 +72,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
{% if sshfpform %}
|
||||
{% bootstrap_form_errors sshfpform %}
|
||||
{% endif %}
|
||||
{% if roleform %}
|
||||
{% bootstrap_form_errors roleform %}
|
||||
{% endif %}
|
||||
{% if vlanform %}
|
||||
{% bootstrap_form_errors vlanform %}
|
||||
{% endif %}
|
||||
|
@ -148,6 +151,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<h3>Service</h3>
|
||||
{% massive_bootstrap_form serviceform 'servers' %}
|
||||
{% endif %}
|
||||
{% if roleform %}
|
||||
<h3>Role</h3>
|
||||
{% massive_bootstrap_form roleform 'servers' %}
|
||||
{% endif %}
|
||||
{% if vlanform %}
|
||||
<h3>Vlan</h3>
|
||||
{% bootstrap_form vlanform %}
|
||||
|
|
|
@ -24,6 +24,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
{% endcomment %}
|
||||
|
||||
{% load acl %}
|
||||
{% load i18n %}
|
||||
|
||||
{% block sidebar %}
|
||||
{% can_view_all Machine %}
|
||||
|
@ -68,6 +69,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
Services (dhcp, dns...)
|
||||
</a>
|
||||
{% acl_end %}
|
||||
{% can_view_all Role %}
|
||||
<a class="list-group-item list-group-item-info" href="{% url "machines:index-role" %}">
|
||||
<i class="fa fa-list-ul"></i>
|
||||
{% trans "Server roles" %}
|
||||
</a>
|
||||
{% acl_end %}
|
||||
{% can_view_all OuverturePortList %}
|
||||
<a class="list-group-item list-group-item-info" href="{% url "machines:index-portlist" %}">
|
||||
<i class="fa fa-list-ul"></i>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
"""machines.urls
|
||||
The defined URLs for the Cotisations app
|
||||
The defined URLs for the Machines app
|
||||
"""
|
||||
|
||||
from __future__ import unicode_literals
|
||||
|
@ -125,6 +125,12 @@ urlpatterns = [
|
|||
name='edit-service'),
|
||||
url(r'^del_service/$', views.del_service, name='del-service'),
|
||||
url(r'^index_service/$', views.index_service, name='index-service'),
|
||||
url(r'^add_role/$', views.add_role, name='add-role'),
|
||||
url(r'^edit_role/(?P<roleid>[0-9]+)$',
|
||||
views.edit_role,
|
||||
name='edit-role'),
|
||||
url(r'^del_role/$', views.del_role, name='del-role'),
|
||||
url(r'^index_role/$', views.index_role, name='index-role'),
|
||||
url(r'^add_vlan/$', views.add_vlan, name='add-vlan'),
|
||||
url(r'^edit_vlan/(?P<vlanid>[0-9]+)$', views.edit_vlan, name='edit-vlan'),
|
||||
url(r'^del_vlan/$', views.del_vlan, name='del-vlan'),
|
||||
|
|
|
@ -40,6 +40,7 @@ from django.contrib.auth.decorators import login_required, permission_required
|
|||
from django.db.models import ProtectedError, F
|
||||
from django.forms import modelformset_factory
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from rest_framework.renderers import JSONRenderer
|
||||
|
||||
|
@ -101,6 +102,8 @@ from .forms import (
|
|||
DelMxForm,
|
||||
VlanForm,
|
||||
DelVlanForm,
|
||||
RoleForm,
|
||||
DelRoleForm,
|
||||
ServiceForm,
|
||||
DelServiceForm,
|
||||
SshFpForm,
|
||||
|
@ -122,6 +125,7 @@ from .models import (
|
|||
Mx,
|
||||
Ns,
|
||||
Domain,
|
||||
Role,
|
||||
Service,
|
||||
Service_link,
|
||||
Vlan,
|
||||
|
@ -1141,6 +1145,65 @@ def del_alias(request, interface, interfaceid):
|
|||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_create(Role)
|
||||
def add_role(request):
|
||||
""" View used to add a Role object """
|
||||
role = RoleForm(request.POST or None)
|
||||
if role.is_valid():
|
||||
role.save()
|
||||
messages.success(request, "Cet enregistrement role a été ajouté")
|
||||
return redirect(reverse('machines:index-role'))
|
||||
return form(
|
||||
{'roleform': role, 'action_name': 'Créer'},
|
||||
'machines/machine.html',
|
||||
request
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_edit(Role)
|
||||
def edit_role(request, role_instance, **_kwargs):
|
||||
""" View used to edit a Role object """
|
||||
role = RoleForm(request.POST or None, instance=role_instance)
|
||||
if role.is_valid():
|
||||
if role.changed_data:
|
||||
role.save()
|
||||
messages.success(request, _("Role updated"))
|
||||
return redirect(reverse('machines:index-role'))
|
||||
return form(
|
||||
{'roleform': role, 'action_name': _('Edit')},
|
||||
'machines/machine.html',
|
||||
request
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_delete_set(Role)
|
||||
def del_role(request, instances):
|
||||
""" View used to delete a Service object """
|
||||
role = DelRoleForm(request.POST or None, instances=instances)
|
||||
if role.is_valid():
|
||||
role_dels = role.cleaned_data['role']
|
||||
for role_del in role_dels:
|
||||
try:
|
||||
role_del.delete()
|
||||
messages.success(request, _("The role has been deleted."))
|
||||
except ProtectedError:
|
||||
messages.error(
|
||||
request,
|
||||
(_("Error: The following role cannot be deleted: %(role)")
|
||||
% {'role': role_del}
|
||||
)
|
||||
)
|
||||
return redirect(reverse('machines:index-role'))
|
||||
return form(
|
||||
{'roleform': role, 'action_name': _('Delete')},
|
||||
'machines/machine.html',
|
||||
request
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_create(Service)
|
||||
def add_service(request):
|
||||
|
@ -1481,6 +1544,21 @@ def index_ipv6(request, interface, interfaceid):
|
|||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_view_all(Role)
|
||||
def index_role(request):
|
||||
""" View used to display the list of existing roles """
|
||||
role_list = (Role.objects
|
||||
.prefetch_related(
|
||||
'servers__domain__extension'
|
||||
).all())
|
||||
return render(
|
||||
request,
|
||||
'machines/index_role.html',
|
||||
{'role_list': role_list}
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_view_all(Service)
|
||||
def index_service(request):
|
||||
|
@ -1622,11 +1700,12 @@ def configure_ports(request, interface_instance, **_kwargs):
|
|||
)
|
||||
|
||||
|
||||
## Framework Rest
|
||||
# Framework Rest
|
||||
|
||||
|
||||
class JSONResponse(HttpResponse):
|
||||
""" Class to build a JSON response. Used for API """
|
||||
|
||||
def __init__(self, data, **kwargs):
|
||||
content = JSONRenderer().render(data)
|
||||
kwargs['content_type'] = 'application/json'
|
||||
|
|
|
@ -79,6 +79,7 @@ from django.contrib.contenttypes.models import ContentType
|
|||
|
||||
register = template.Library()
|
||||
|
||||
|
||||
def get_model(model_name):
|
||||
"""Retrieve the model object from its name"""
|
||||
splitted = model_name.split('.')
|
||||
|
|
Loading…
Reference in a new issue