From a022a23f12b511578126f6ec82814340cc8b07a0 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Wed, 27 Dec 2017 23:07:05 +0100 Subject: [PATCH] Nouvelle gestion acl sur topologie --- topologie/models.py | 65 +------------------ .../templates/topologie/aff_chambres.html | 8 ++- .../topologie/aff_constructor_switch.html | 8 ++- .../templates/topologie/aff_model_switch.html | 8 ++- topologie/templates/topologie/aff_port.html | 8 ++- topologie/templates/topologie/aff_stacks.html | 14 ++-- topologie/templates/topologie/aff_switch.html | 12 +++- .../templates/topologie/edit_stack_sw.html | 8 ++- topologie/templates/topologie/index.html | 5 +- .../topologie/index_model_switch.html | 9 +-- topologie/templates/topologie/index_p.html | 5 +- topologie/templates/topologie/index_room.html | 5 +- .../templates/topologie/index_stack.html | 5 +- topologie/views.py | 22 +++---- 14 files changed, 78 insertions(+), 104 deletions(-) diff --git a/topologie/models.py b/topologie/models.py index 686cce5b..bb63b7e2 100644 --- a/topologie/models.py +++ b/topologie/models.py @@ -67,33 +67,23 @@ class Stack(models.Model): return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\ de créer un stack" - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer des stack" - return True, None - def can_edit(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit d'éditer des stack" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer une stack" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer une stack" return True, None def can_view_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): + if not user_request.has_perms(('cableur',)): return False, u"Vous n'avez pas le droit de voir une stack" return True, None def can_view(self, user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): + if not user_request.has_perms(('cableur',)): return False, u"Vous n'avez pas le droit de voir une stack" return True, None @@ -158,21 +148,11 @@ class Switch(models.Model): return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\ de créer un switch" - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer des switch" - return True, None - def can_edit(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit d'éditer des switch" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer un switch" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer un switch" @@ -253,21 +233,11 @@ class ModelSwitch(models.Model): return False, u"Vous n'avez pas le droit d'éditer des modèle de switchs" return True, None - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer des modèle de switchs" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer un modèle switch" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer un modèle switch" - return True, None - def can_view(self, user_request, *args, **kwargs): if not user_request.has_perms(('cableur',)): return False, u"Vous n'avez pas le droit de voir un modèle switch" @@ -294,23 +264,12 @@ class ConstructorSwitch(models.Model): return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\ de créer un constructeur de switch" - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer des\ - constructeurs de switchs" - return True, None - def can_edit(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit d'éditer des\ constructeurs de switchs" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer un constructeur" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer un constructeur" @@ -403,21 +362,11 @@ class Port(models.Model): return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\ de créer un port" - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer des ports" - return True, None - def can_edit(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit d'éditer des ports" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer un port" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer un port" @@ -494,21 +443,11 @@ class Room(models.Model): return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\ de créer une chambre" - def can_edit_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit d'éditer une chambre" - return True, None - def can_edit(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit d'éditer une chambre" return True, None - def can_delete_all(user_request, *args, **kwargs): - if not user_request.has_perms(('infra',)): - return False, u"Vous n'avez pas le droit de supprimer une chambre" - return True, None - def can_delete(self, user_request, *args, **kwargs): if not user_request.has_perms(('infra',)): return False, u"Vous n'avez pas le droit de supprimer une chambre" diff --git a/topologie/templates/topologie/aff_chambres.html b/topologie/templates/topologie/aff_chambres.html index 5e488606..6d0cee37 100644 --- a/topologie/templates/topologie/aff_chambres.html +++ b/topologie/templates/topologie/aff_chambres.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} + {% if room_list.paginator %} {% include "pagination.html" with list=room_list %} {% endif %} @@ -42,14 +44,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit room %} + {% acl_end %} + {% can_delete room %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/aff_constructor_switch.html b/topologie/templates/topologie/aff_constructor_switch.html index 94d63b39..9b601e1b 100644 --- a/topologie/templates/topologie/aff_constructor_switch.html +++ b/topologie/templates/topologie/aff_constructor_switch.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} + {% if constructor_switch_list.paginator %} {% include "pagination.html" with list=constructor_switch_list %} {% endif %} @@ -40,14 +42,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit constructor_switch %} + {% acl_end %} + {% can_delete constructor_switch %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/aff_model_switch.html b/topologie/templates/topologie/aff_model_switch.html index 97e45fcd..f6c0d3b8 100644 --- a/topologie/templates/topologie/aff_model_switch.html +++ b/topologie/templates/topologie/aff_model_switch.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} + {% if model_switch_list.paginator %} {% include "pagination.html" with list=model_switch_list %} {% endif %} @@ -42,14 +44,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit model_switch %} + {% acl_end %} + {% can_delete model_switch %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/aff_port.html b/topologie/templates/topologie/aff_port.html index 6d1ca08e..61c4bf4b 100644 --- a/topologie/templates/topologie/aff_port.html +++ b/topologie/templates/topologie/aff_port.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} + @@ -60,14 +62,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit port %} + {% acl_end %} + {% can_delete port %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/aff_stacks.html b/topologie/templates/topologie/aff_stacks.html index 1a9d316e..8d91d41c 100644 --- a/topologie/templates/topologie/aff_stacks.html +++ b/topologie/templates/topologie/aff_stacks.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} +
@@ -46,14 +48,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit stack %} + {% acl_end %} + {% can_delete stack %} - {% endif %} + {% acl_end %} {% endif %} @@ -67,14 +71,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit stack %} + {% acl_end %} + {% can_delete stack %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/aff_switch.html b/topologie/templates/topologie/aff_switch.html index e1e818a1..38980736 100644 --- a/topologie/templates/topologie/aff_switch.html +++ b/topologie/templates/topologie/aff_switch.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} + {% if switch_list.paginator %} {% include "pagination.html" with list=switch_list %} {% endif %} @@ -56,11 +58,15 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endfor %} diff --git a/topologie/templates/topologie/edit_stack_sw.html b/topologie/templates/topologie/edit_stack_sw.html index e4ca286d..04987add 100644 --- a/topologie/templates/topologie/edit_stack_sw.html +++ b/topologie/templates/topologie/edit_stack_sw.html @@ -22,6 +22,8 @@ with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. {% endcomment %} +{% load acl %} +
{{switch.details}} {% include 'buttons/history.html' with href='topologie:history' name='switch' id=switch.pk%} - {% if is_infra %} - {% include 'buttons/edit.html' with href='topologie:edit-switch' id=switch.pk %} + {% can_edit switch %} + {% include 'buttons/edit.html' with href='topologie:edit-switch' id=switch.pk %} + {% acl_end %} + {% can_delete switch %} {% include 'buttons/suppr.html' with href='machines:del-interface' id=switch.switch_interface.id %} + {% acl_end %} + {% can_create Port %} {% include 'buttons/add.html' with href='topologie:create-ports' id=switch.pk desc='Création de ports'%} - {% endif %} + {% acl_end %}
@@ -39,14 +41,16 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% if is_infra %} + {% can_edit stack %} + {% acl_end %} + {% can_delete stack %} - {% endif %} + {% acl_end %} {% endfor %} diff --git a/topologie/templates/topologie/index.html b/topologie/templates/topologie/index.html index 6b17b6de..11f533c4 100644 --- a/topologie/templates/topologie/index.html +++ b/topologie/templates/topologie/index.html @@ -24,15 +24,16 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load acl %} {% block title %}Switchs{% endblock %} {% block content %}

Switchs

-{% if is_infra %} +{% can_create Switch %} Ajouter un switch
-{% endif %} +{% acl_end %} {% include "topologie/aff_switch.html" with switch_list=switch_list %}

diff --git a/topologie/templates/topologie/index_model_switch.html b/topologie/templates/topologie/index_model_switch.html index 784b5ea6..e185a9b8 100644 --- a/topologie/templates/topologie/index_model_switch.html +++ b/topologie/templates/topologie/index_model_switch.html @@ -24,21 +24,22 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load acl %} {% block title %}Modèles de switches{% endblock %} {% block content %}

Modèles de switches

-{% if is_infra %} +{% can_create ModelSwitch %} Ajouter un modèle
-{% endif %} +{% acl_end %} {% include "topologie/aff_model_switch.html" with model_switch_list=model_switch_list %}

Constructeurs de switches

-{% if is_infra %} +{% can_create ConstructorSwitch %} Ajouter un constructeur
-{% endif %} +{% acl_end %} {% include "topologie/aff_constructor_switch.html" with constructor_switch_list=constructor_switch_list %}

diff --git a/topologie/templates/topologie/index_p.html b/topologie/templates/topologie/index_p.html index 3f9356f2..3cea6968 100644 --- a/topologie/templates/topologie/index_p.html +++ b/topologie/templates/topologie/index_p.html @@ -24,16 +24,17 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load acl %} {% block title %}Ports du switch{% endblock %} {% block content %}

Switch {{ nom_switch }}

-{% if is_infra %} Editer +{% can_create Port %} Ajouter un port +{% acl_end %} Ajouter des ports -{% endif %} {% include "topologie/aff_port.html" with port_list=port_list %}

diff --git a/topologie/templates/topologie/index_room.html b/topologie/templates/topologie/index_room.html index bff4b1c2..15493d92 100644 --- a/topologie/templates/topologie/index_room.html +++ b/topologie/templates/topologie/index_room.html @@ -24,15 +24,16 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load acl %} {% block title %}Chambres{% endblock %} {% block content %}

Chambres

-{% if is_infra %} +{% can_create Room %} Ajouter une chambre
-{% endif %} +{% acl_end %} {% include "topologie/aff_chambres.html" with room_list=room_list %}

diff --git a/topologie/templates/topologie/index_stack.html b/topologie/templates/topologie/index_stack.html index b358e07d..fb39009d 100644 --- a/topologie/templates/topologie/index_stack.html +++ b/topologie/templates/topologie/index_stack.html @@ -24,14 +24,15 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load acl %} {% block title %}Stacks{% endblock %} {% block content %}

Stacks

-{% if is_infra %} +{% can_create Stack %} Ajouter une stack -{% endif %} +{% acl_end %} {% include "topologie/aff_stacks.html" with stack_list=stack_list %}

diff --git a/topologie/views.py b/topologie/views.py index 7cff42d3..fc4da4e4 100644 --- a/topologie/views.py +++ b/topologie/views.py @@ -70,7 +70,8 @@ from re2o.utils import ( can_create, can_edit, can_delete, - can_view + can_view, + can_view_all, ) from machines.forms import ( DomainForm, @@ -84,7 +85,7 @@ from preferences.models import AssoOption, GeneralOption @login_required -@permission_required('cableur') +@can_view_all(Switch) def index(request): """ Vue d'affichage de tous les swicthes""" switch_list = Switch.objects\ @@ -178,14 +179,10 @@ def history(request, object_name, object_id): @login_required -@permission_required('cableur') -def index_port(request, switch_id): +@can_view_all(Port) +@can_view(Switch) +def index_port(request, switch, switch_id): """ Affichage de l'ensemble des ports reliés à un switch particulier""" - try: - switch = Switch.objects.get(pk=switch_id) - except Switch.DoesNotExist: - messages.error(request, u"Switch inexistant") - return redirect(reverse('topologie:index')) port_list = Port.objects.filter(switch=switch)\ .select_related('room')\ .select_related('machine_interface__domain__extension')\ @@ -208,7 +205,7 @@ def index_port(request, switch_id): @login_required -@permission_required('cableur') +@can_view_all(Room) def index_room(request): """ Affichage de l'ensemble des chambres""" room_list = Room.objects @@ -236,7 +233,7 @@ def index_room(request): @login_required -@permission_required('infra') +@can_view_all(Stack) def index_stack(request): """Affichage de la liste des stacks (affiche l'ensemble des switches)""" stack_list = Stack.objects\ @@ -253,7 +250,8 @@ def index_stack(request): @login_required -@permission_required('cableur') +@can_view_all(ModelSwitch) +@can_view_all(ConstructorSwitch) def index_model_switch(request): """ Affichage de l'ensemble des modèles de switches""" model_switch_list = ModelSwitch.objects