mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-23 15:33:45 +00:00
Merge branch 'acl_mixins' into 'master'
Acl mixins See merge request federez/re2o!108
This commit is contained in:
commit
a2bde7fc1a
27 changed files with 320 additions and 1925 deletions
0
api/__init__.py
Normal file
0
api/__init__.py
Normal file
|
@ -57,9 +57,9 @@ from django.utils import timezone
|
|||
from machines.models import regen
|
||||
|
||||
from re2o.field_permissions import FieldPermissionModelMixin
|
||||
from re2o.mixins import AclMixin
|
||||
|
||||
|
||||
class Facture(FieldPermissionModelMixin, models.Model):
|
||||
class Facture(AclMixin, FieldPermissionModelMixin, models.Model):
|
||||
""" Définition du modèle des factures. Une facture regroupe une ou
|
||||
plusieurs ventes, rattachée à un user, et reliée à un moyen de paiement
|
||||
et si il y a lieu un numero pour les chèques. Possède les valeurs
|
||||
|
@ -114,13 +114,6 @@ class Facture(FieldPermissionModelMixin, models.Model):
|
|||
).values_list('name', flat=True))
|
||||
return name
|
||||
|
||||
def get_instance(factureid, *args, **kwargs):
|
||||
return Facture.objects.get(pk=factureid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_facture'), u"Vous n'avez pas le\
|
||||
droit de créer des factures"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.change_facture'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer les factures"
|
||||
|
@ -144,11 +137,6 @@ class Facture(FieldPermissionModelMixin, models.Model):
|
|||
else:
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_facture'):
|
||||
return False, u"Vous n'avez pas le droit de voir les factures"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_facture') and\
|
||||
self.user != user_request:
|
||||
|
@ -192,7 +180,7 @@ def facture_post_delete(sender, **kwargs):
|
|||
user.ldap_sync(base=False, access_refresh=True, mac_refresh=False)
|
||||
|
||||
|
||||
class Vente(models.Model):
|
||||
class Vente(AclMixin, models.Model):
|
||||
"""Objet vente, contient une quantité, une facture parente, un nom,
|
||||
un prix. Peut-être relié à un objet cotisation, via le boolean
|
||||
iscotisation"""
|
||||
|
@ -277,14 +265,6 @@ class Vente(models.Model):
|
|||
self.update_cotisation()
|
||||
super(Vente, self).save(*args, **kwargs)
|
||||
|
||||
def get_instance(venteid, *args, **kwargs):
|
||||
return Vente.objects.get(pk=venteid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_vente'), u"Vous n'avez pas le\
|
||||
droit de créer des ventes"
|
||||
return True, None
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.change_vente'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer les ventes"
|
||||
|
@ -308,11 +288,6 @@ class Vente(models.Model):
|
|||
else:
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_vente'):
|
||||
return False, u"Vous n'avez pas le droit de voir les ventes"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_vente') and\
|
||||
self.facture.user != user_request:
|
||||
|
@ -350,7 +325,7 @@ def vente_post_delete(sender, **kwargs):
|
|||
user.ldap_sync(base=False, access_refresh=True, mac_refresh=False)
|
||||
|
||||
|
||||
class Article(models.Model):
|
||||
class Article(AclMixin, models.Model):
|
||||
"""Liste des articles en vente : prix, nom, et attribut iscotisation
|
||||
et duree si c'est une cotisation"""
|
||||
PRETTY_NAME = "Articles en vente"
|
||||
|
@ -402,34 +377,11 @@ class Article(models.Model):
|
|||
"La durée est obligatoire si il s'agit d'une cotisation"
|
||||
)
|
||||
|
||||
def get_instance(articleid, *args, **kwargs):
|
||||
return Article.objects.get(pk=articleid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_article'), u"Vous n'avez pas le\
|
||||
droit d'ajouter des articles"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.change_article'), u"Vous n'avez pas le\
|
||||
droit d'éditer des articles"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.delete_article'), u"Vous n'avez pas le\
|
||||
droit de supprimer des articles"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_article'), u"Vous n'avez pas le\
|
||||
droit de voir des articles"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_article'), u"Vous n'avez pas le\
|
||||
droit de voir des articles"
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
class Banque(models.Model):
|
||||
class Banque(AclMixin, models.Model):
|
||||
"""Liste des banques"""
|
||||
PRETTY_NAME = "Banques enregistrées"
|
||||
|
||||
|
@ -440,34 +392,11 @@ class Banque(models.Model):
|
|||
("view_banque", "Peut voir un objet banque"),
|
||||
)
|
||||
|
||||
def get_instance(banqueid, *args, **kwargs):
|
||||
return Banque.objects.get(pk=banqueid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_banque'), u"Vous n'avez pas le\
|
||||
droit d'ajouter des banques"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.change_banque'), u"Vous n'avez pas le\
|
||||
droit d'éditer des banques"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.delete_banque'), u"Vous n'avez pas le\
|
||||
droit de supprimer des banques"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_banque'), u"Vous n'avez pas le\
|
||||
droit de voir des banques"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_banque'), u"Vous n'avez pas le\
|
||||
droit de voir des banques"
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
class Paiement(models.Model):
|
||||
class Paiement(AclMixin, models.Model):
|
||||
"""Moyens de paiement"""
|
||||
PRETTY_NAME = "Moyens de paiement"
|
||||
PAYMENT_TYPES = (
|
||||
|
@ -483,29 +412,6 @@ class Paiement(models.Model):
|
|||
("view_paiement", "Peut voir un objet paiement"),
|
||||
)
|
||||
|
||||
def get_instance(paiementid, *args, **kwargs):
|
||||
return Paiement.objects.get(pk=paiementid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_paiement'), u"Vous n'avez pas le\
|
||||
droit d'ajouter des paiements"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.change_paiement'), u"Vous n'avez pas le\
|
||||
droit d'éditer des paiements"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.delete_paiement'), u"Vous n'avez pas le\
|
||||
droit de supprimer des paiements"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_paiement'), u"Vous n'avez pas le\
|
||||
droit de voir des paiements"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.view_paiement'), u"Vous n'avez pas le\
|
||||
droit de voir des paiements"
|
||||
|
||||
def __str__(self):
|
||||
return self.moyen
|
||||
|
||||
|
@ -520,7 +426,7 @@ class Paiement(models.Model):
|
|||
super(Paiement, self).save(*args, **kwargs)
|
||||
|
||||
|
||||
class Cotisation(models.Model):
|
||||
class Cotisation(AclMixin, models.Model):
|
||||
"""Objet cotisation, debut et fin, relié en onetoone à une vente"""
|
||||
PRETTY_NAME = "Cotisations"
|
||||
|
||||
|
@ -545,14 +451,6 @@ class Cotisation(models.Model):
|
|||
("change_all_cotisation", "Superdroit, peut modifier toutes les cotisations"),
|
||||
)
|
||||
|
||||
def get_instance(cotisationid, *args, **kwargs):
|
||||
return Cotisations.objects.get(pk=cotisationid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('cotisations.add_cotisation'), u"Vous n'avez pas le\
|
||||
droit de créer des cotisations"
|
||||
return True, None
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.change_cotisation'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer les cotisations"
|
||||
|
@ -572,11 +470,6 @@ class Cotisation(models.Model):
|
|||
else:
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_cotisation'):
|
||||
return False, u"Vous n'avez pas le droit de voir les cotisations"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('cotisations.view_cotisation') and\
|
||||
self.vente.facture.user != user_request:
|
||||
|
|
|
@ -90,7 +90,8 @@ from topologie.models import (
|
|||
Room,
|
||||
Stack,
|
||||
ModelSwitch,
|
||||
ConstructorSwitch
|
||||
ConstructorSwitch,
|
||||
AccessPoint
|
||||
)
|
||||
from preferences.models import GeneralOption
|
||||
from re2o.views import form
|
||||
|
@ -360,6 +361,7 @@ def stats_models(request):
|
|||
},
|
||||
'Topologie': {
|
||||
'switch': [Switch.PRETTY_NAME, Switch.objects.count()],
|
||||
'bornes': [AccessPoint.PRETTY_NAME, AccessPoint.objects.count()],
|
||||
'port': [Port.PRETTY_NAME, Port.objects.count()],
|
||||
'chambre': [Room.PRETTY_NAME, Room.objects.count()],
|
||||
'stack': [Stack.PRETTY_NAME, Stack.objects.count()],
|
||||
|
|
|
@ -38,6 +38,7 @@ from .models import (
|
|||
Nas,
|
||||
Service,
|
||||
OuverturePort,
|
||||
Ipv6List,
|
||||
OuverturePortList
|
||||
)
|
||||
|
||||
|
@ -46,6 +47,10 @@ class MachineAdmin(VersionAdmin):
|
|||
pass
|
||||
|
||||
|
||||
class Ipv6ListAdmin(VersionAdmin):
|
||||
pass
|
||||
|
||||
|
||||
class IpTypeAdmin(VersionAdmin):
|
||||
pass
|
||||
|
||||
|
@ -124,6 +129,7 @@ admin.site.register(Interface, InterfaceAdmin)
|
|||
admin.site.register(Domain, DomainAdmin)
|
||||
admin.site.register(Service, ServiceAdmin)
|
||||
admin.site.register(Vlan, VlanAdmin)
|
||||
admin.site.register(Ipv6List, Ipv6ListAdmin)
|
||||
admin.site.register(Nas, NasAdmin)
|
||||
admin.site.register(OuverturePort, OuverturePortAdmin)
|
||||
admin.site.register(OuverturePortList, OuverturePortListAdmin)
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -24,6 +24,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
|
||||
{% load acl %}
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
|
@ -38,7 +39,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</tr>
|
||||
</thead>
|
||||
{% for extension in extension_list %}
|
||||
<tr>
|
||||
<tr>
|
||||
<td>{{ extension.name }}</td>
|
||||
<td>{{ extension.need_infra }}</td>
|
||||
<td>{{ extension.soa}}</td>
|
||||
|
@ -47,7 +48,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{ extension.origin_v6 }}</td>
|
||||
{% endif %}
|
||||
<td class="text-right">
|
||||
{% can_create Extension %}
|
||||
{% can_edit extension %}
|
||||
{% include 'buttons/edit.html' with href='machines:edit-extension' id=extension.id %}
|
||||
{% acl_end %}
|
||||
{% include 'buttons/history.html' with href='machines:history' name='extension' id=extension.id %}
|
||||
|
@ -55,4 +56,4 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
|
|
@ -23,15 +23,14 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
{% endcomment %}
|
||||
|
||||
{% load acl %}
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Type d'ip</th>
|
||||
<th>Extension</th>
|
||||
<th>Nécessite l'autorisation infra</th>
|
||||
<th>Début</th>
|
||||
<th>Fin</th>
|
||||
<th>Plage ipv4</th>
|
||||
<th>Préfixe v6</th>
|
||||
<th>Sur vlan</th>
|
||||
<th>Ouverture ports par défault</th>
|
||||
|
@ -44,8 +43,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{ type.type }}</td>
|
||||
<td>{{ type.extension }}</td>
|
||||
<td>{{ type.need_infra }}</td>
|
||||
<td>{{ type.domaine_ip_start }}</td>
|
||||
<td>{{ type.domaine_ip_stop }}</td>
|
||||
<td>{{ type.domaine_ip_start }}-{{ type.domaine_ip_stop }}</td>
|
||||
<td>{{ type.prefix_v6 }}</td>
|
||||
<td>{{ type.vlan }}</td>
|
||||
<td>{{ type.ouverture_ports }}</td>
|
||||
|
@ -58,4 +56,4 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
|
|
@ -24,6 +24,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
|
||||
{% load acl %}
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
|
@ -41,7 +42,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{ vlan.comment }}</td>
|
||||
<td>{% for range in vlan.iptype_set.all %}{{ range }}, {% endfor%}</td>
|
||||
<td class="text-right">
|
||||
{% can_create Vlan %}
|
||||
{% can_edit vlan %}
|
||||
{% include 'buttons/edit.html' with href='machines:edit-vlan' id=vlan.id %}
|
||||
{% acl_end %}
|
||||
{% include 'buttons/history.html' with href='machines:history' name='vlan' id=vlan.id %}
|
||||
|
@ -49,4 +50,4 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</tr>
|
||||
{% endfor %}
|
||||
</table>
|
||||
|
||||
</div>
|
||||
|
|
|
@ -34,7 +34,7 @@ from django.dispatch import receiver
|
|||
from django.core.cache import cache
|
||||
|
||||
from .aes_field import AESEncryptedField
|
||||
|
||||
from re2o.mixins import AclMixin
|
||||
|
||||
class PreferencesModel(models.Model):
|
||||
@classmethod
|
||||
|
@ -54,7 +54,7 @@ class PreferencesModel(models.Model):
|
|||
abstract = True
|
||||
|
||||
|
||||
class OptionalUser(PreferencesModel):
|
||||
class OptionalUser(AclMixin, PreferencesModel):
|
||||
"""Options pour l'user : obligation ou nom du telephone,
|
||||
activation ou non du solde, autorisation du negatif, fingerprint etc"""
|
||||
PRETTY_NAME = "Options utilisateur"
|
||||
|
@ -101,58 +101,6 @@ class OptionalUser(PreferencesModel):
|
|||
("view_optionaluser", "Peut voir les options de l'user"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return OptionalUser.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a OptionalUser object.
|
||||
|
||||
:param user_request: The user who wants to create a user object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_optionaluser'), u"Vous n'avez pas le droit\
|
||||
de créer les préférences concernant les users"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a OptionalUser object.
|
||||
|
||||
:param self: The OptionalUser which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_optionaluser'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant les users"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a OptionalUser object.
|
||||
|
||||
:param self: The OptionalUser which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_optionaluser'), u"Vous n'avez pas le droit\
|
||||
de supprimer les préférences concernant les users"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every OptionalUser objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionaluser'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les utilisateurs"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a OptionalUser object.
|
||||
|
||||
:param self: The targeted OptionalUser.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionaluser'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les utilisateurs"
|
||||
|
||||
def clean(self):
|
||||
"""Creation du mode de paiement par solde"""
|
||||
if self.user_solde:
|
||||
|
@ -169,7 +117,7 @@ def optionaluser_post_save(sender, **kwargs):
|
|||
user_pref.set_in_cache()
|
||||
|
||||
|
||||
class OptionalMachine(PreferencesModel):
|
||||
class OptionalMachine(AclMixin, PreferencesModel):
|
||||
"""Options pour les machines : maximum de machines ou d'alias par user
|
||||
sans droit, activation de l'ipv6"""
|
||||
PRETTY_NAME = "Options machines"
|
||||
|
@ -205,59 +153,6 @@ class OptionalMachine(PreferencesModel):
|
|||
("view_optionalmachine", "Peut voir les options de machine"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return OptionalMachine.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a OptionalMachine object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_optionalmachine'), u"Vous n'avez pas le droit\
|
||||
de créer les préférences concernant les machines"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a OptionalMachine object.
|
||||
|
||||
:param self: The OptionalMachine which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_optionalmachine'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant les machines"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a OptionalMachine object.
|
||||
|
||||
:param self: The OptionalMachine which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
|
||||
return user_request.has_perm('preferences.delete_optionalmachine'), u"Vous n'avez pas le droit\
|
||||
de supprimer les préférences concernant les machines"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every OptionalMachine objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionalmachine'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les machines"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a OptionalMachine object.
|
||||
|
||||
:param self: The targeted OptionalMachine.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionalmachine'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les machines"
|
||||
|
||||
|
||||
@receiver(post_save, sender=OptionalMachine)
|
||||
def optionalmachine_post_save(sender, **kwargs):
|
||||
|
@ -269,7 +164,7 @@ def optionalmachine_post_save(sender, **kwargs):
|
|||
interface.sync_ipv6()
|
||||
|
||||
|
||||
class OptionalTopologie(PreferencesModel):
|
||||
class OptionalTopologie(AclMixin, PreferencesModel):
|
||||
"""Reglages pour la topologie : mode d'accès radius, vlan où placer
|
||||
les machines en accept ou reject"""
|
||||
PRETTY_NAME = "Options topologie"
|
||||
|
@ -306,58 +201,6 @@ class OptionalTopologie(PreferencesModel):
|
|||
("view_optionaltopologie", "Peut voir les options de topologie"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return OptionalTopologie.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a OptionalTopologie object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_optionaltopologie'), u"Vous n'avez pas le droit\
|
||||
de créer les préférences concernant la topologie"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a OptionalTopologie object.
|
||||
|
||||
:param self: The OptionalTopologie which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_optionaltopologie'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant la topologie"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a OptionalTopologie object.
|
||||
|
||||
:param self: The OptionalTopologie which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_optionaltoplogie'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant la topologie"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every OptionalTopologie objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionaltopologie'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant la topologie"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a OptionalTopologie object.
|
||||
|
||||
:param self: The targeted OptionalTopologie.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_optionaltopologie'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant la topologie"
|
||||
|
||||
|
||||
@receiver(post_save, sender=OptionalTopologie)
|
||||
def optionaltopologie_post_save(sender, **kwargs):
|
||||
|
@ -366,7 +209,7 @@ def optionaltopologie_post_save(sender, **kwargs):
|
|||
topologie_pref.set_in_cache()
|
||||
|
||||
|
||||
class GeneralOption(PreferencesModel):
|
||||
class GeneralOption(AclMixin, PreferencesModel):
|
||||
"""Options générales : nombre de resultats par page, nom du site,
|
||||
temps où les liens sont valides"""
|
||||
PRETTY_NAME = "Options générales"
|
||||
|
@ -398,59 +241,6 @@ class GeneralOption(PreferencesModel):
|
|||
("view_generaloption", "Peut voir les options générales"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return GeneralOption.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a GeneralOption object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_generaloption'), u"Vous n'avez pas le droit\
|
||||
de créer les préférences générales"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a GeneralOption object.
|
||||
|
||||
:param self: The GeneralOption which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_generaloption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences générales"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a GeneralOption object.
|
||||
|
||||
:param self: The GeneralOption which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_generaloption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences générales"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every GeneralOption objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
|
||||
return user_request.has_perm('preferences.view_generaloption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences générales"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a GeneralOption object.
|
||||
|
||||
:param self: The targeted GeneralOption.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_generaloption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences générales"
|
||||
|
||||
|
||||
@receiver(post_save, sender=GeneralOption)
|
||||
def generaloption_post_save(sender, **kwargs):
|
||||
|
@ -459,7 +249,7 @@ def generaloption_post_save(sender, **kwargs):
|
|||
general_pref.set_in_cache()
|
||||
|
||||
|
||||
class Service(models.Model):
|
||||
class Service(AclMixin, models.Model):
|
||||
"""Liste des services affichés sur la page d'accueil : url, description,
|
||||
image et nom"""
|
||||
name = models.CharField(max_length=32)
|
||||
|
@ -472,65 +262,11 @@ class Service(models.Model):
|
|||
("view_service", "Peut voir les options de service"),
|
||||
)
|
||||
|
||||
def get_instance(serviceid, *args, **kwargs):
|
||||
return Service.objects.get(pk=serviceid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a Service object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
|
||||
return user_request.has_perm('preferences.add_service'), u"Vous n'avez pas le droit\
|
||||
de créer un service pour la page d'accueil"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a Service object.
|
||||
|
||||
:param self: The Service which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_service'), u"Vous n'avez pas le droit\
|
||||
d'éditer les services pour la page d'accueil"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a Service object.
|
||||
|
||||
:param self: The Right which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_service'), u"Vous n'avez pas le droit\
|
||||
de supprimer les services pour la page d'accueil"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every Service objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
|
||||
return user_request.has_perm('preferences.view_service'), u"Vous n'avez pas le droit\
|
||||
de voir les services pour la page d'accueil"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a Service object.
|
||||
|
||||
:param self: The targeted Service.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_service'), u"Vous n'avez pas le droit\
|
||||
de voir les services pour la page d'accueil"
|
||||
|
||||
def __str__(self):
|
||||
return str(self.name)
|
||||
|
||||
|
||||
class AssoOption(PreferencesModel):
|
||||
class AssoOption(AclMixin, PreferencesModel):
|
||||
"""Options générales de l'asso : siret, addresse, nom, etc"""
|
||||
PRETTY_NAME = "Options de l'association"
|
||||
|
||||
|
@ -579,58 +315,6 @@ class AssoOption(PreferencesModel):
|
|||
("view_assooption", "Peut voir les options de l'asso"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return AssoOption.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a AssoOption object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_assooption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant l'association"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a AssoOption object.
|
||||
|
||||
:param self: The AssoOption which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('preferences.change_assooption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant l'association"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a AssoOption object.
|
||||
|
||||
:param self: The AssoOption which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_assooption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant l'association"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every AssoOption objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_assooption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant l'association"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a AssoOption object.
|
||||
|
||||
:param self: The targeted AssoOption.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_assooption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant l'association"
|
||||
|
||||
|
||||
@receiver(post_save, sender=AssoOption)
|
||||
def assooption_post_save(sender, **kwargs):
|
||||
|
@ -639,7 +323,7 @@ def assooption_post_save(sender, **kwargs):
|
|||
asso_pref.set_in_cache()
|
||||
|
||||
|
||||
class MailMessageOption(models.Model):
|
||||
class MailMessageOption(AclMixin, models.Model):
|
||||
"""Reglages, mail de bienvenue et autre"""
|
||||
PRETTY_NAME = "Options de corps de mail"
|
||||
|
||||
|
@ -650,56 +334,3 @@ class MailMessageOption(models.Model):
|
|||
permissions = (
|
||||
("view_mailmessageoption", "Peut voir les options de mail"),
|
||||
)
|
||||
|
||||
def get_instance(*args, **kwargs):
|
||||
return MailMessageOption.objects.get_or_create()
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a MailMessageOption object.
|
||||
|
||||
:param user_request: The user who wants to create an object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('preferences.add_mailmessageoption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant les mails"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a MailMessageOption object.
|
||||
|
||||
:param self: The MailMessageOption which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
|
||||
return user_request.has_perm('preferences.change_mailmessageoption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant les mails"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a AssoOption object.
|
||||
|
||||
:param self: The AssoOption which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.delete_mailmessageoption'), u"Vous n'avez pas le droit\
|
||||
d'éditer les préférences concernant les mails"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every AssoOption objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_mailmessageoption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les mails"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a AssoOption object.
|
||||
|
||||
:param self: The targeted AssoOption.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('preferences.view_mailmessageoption'), u"Vous n'avez pas le droit\
|
||||
de voir les préférences concernant les mails"
|
||||
|
|
88
re2o/mixins.py
Normal file
88
re2o/mixins.py
Normal file
|
@ -0,0 +1,88 @@
|
|||
# -*- mode: python; coding: utf-8 -*-
|
||||
# Re2o est un logiciel d'administration développé initiallement au rezometz. Il
|
||||
# se veut agnostique au réseau considéré, de manière à être installable en
|
||||
# quelques clics.
|
||||
#
|
||||
# Copyright © 2018 Gabriel Détraz
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License along
|
||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
|
||||
class AclMixin(object):
|
||||
"""This mixin is used in nearly every class/models defined in re2o apps.
|
||||
It is used by acl, in models (decorators can_...) and in templates tags
|
||||
:get_instance: Applied on a class, take an id argument, return an instance
|
||||
:can_create: Applied on a class, take the requested user, return if the user
|
||||
can do the creation
|
||||
:can_edit: Applied on an instance, return if the user can edit the instance
|
||||
:can_delete: Applied on an instance, return if the user can delete the instance
|
||||
:can_view: Applied on an instance, return if the user can view the instance
|
||||
:can_view_all: Applied on a class, return if the user can view all instances"""
|
||||
|
||||
@classmethod
|
||||
def get_classname(cls):
|
||||
return str(cls.__name__).lower()
|
||||
|
||||
@classmethod
|
||||
def get_modulename(cls):
|
||||
return str(cls.__module__).split('.')[0].lower()
|
||||
|
||||
@classmethod
|
||||
def get_instance(cls, *args, **kwargs):
|
||||
"""Récupère une instance
|
||||
:param objectid: Instance id à trouver
|
||||
:return: Une instance de la classe évidemment"""
|
||||
object_id = kwargs.get(cls.get_classname() + 'id')
|
||||
return cls.objects.get(pk=object_id)
|
||||
|
||||
@classmethod
|
||||
def can_create(cls, user_request, *args, **kwargs):
|
||||
"""Verifie que l'user a les bons droits pour créer
|
||||
un object
|
||||
:param user_request: instance utilisateur qui fait la requête
|
||||
:return: soit True, soit False avec la raison de l'échec"""
|
||||
return user_request.has_perm(cls.get_modulename() + '.add_' + cls.get_classname()), u"Vous n'avez pas le droit\
|
||||
de créer un " + cls.get_classname()
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Verifie que l'user a les bons droits pour editer
|
||||
cette instance
|
||||
:param self: Instance à editer
|
||||
:param user_request: Utilisateur qui fait la requête
|
||||
:return: soit True, soit False avec la raison de l'échec"""
|
||||
return user_request.has_perm(self.get_modulename() + '.change_' + self.get_classname()), u"Vous n'avez pas le droit d'éditer des " + self.get_classname()
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Verifie que l'user a les bons droits pour delete
|
||||
cette instance
|
||||
:param self: Instance à delete
|
||||
:param user_request: Utilisateur qui fait la requête
|
||||
:return: soit True, soit False avec la raison de l'échec"""
|
||||
return user_request.has_perm(self.get_modulename() + '.delete_' + self.get_classname()), u"Vous n'avez pas le droit d'éditer des " + self.get_classname()
|
||||
|
||||
@classmethod
|
||||
def can_view_all(cls, user_request, *args, **kwargs):
|
||||
"""Vérifie qu'on peut bien afficher l'ensemble des objets,
|
||||
droit particulier view objet correspondant
|
||||
:param user_request: instance user qui fait l'edition
|
||||
:return: True ou False avec la raison de l'échec le cas échéant"""
|
||||
return user_request.has_perm(cls.get_modulename() + '.view_' + cls.get_classname()), u"Vous n'avez pas le droit de voir des " + cls.get_classname()
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Vérifie qu'on peut bien voir cette instance particulière avec
|
||||
droit view objet
|
||||
:param self: instance à voir
|
||||
:param user_request: instance user qui fait l'edition
|
||||
:return: True ou False avec la raison de l'échec le cas échéant"""
|
||||
return user_request.has_perm(self.get_modulename() + '.view_' + self.get_classname()), u"Vous n'avez pas le droit de voir des " + self.get_classname()
|
|
@ -190,6 +190,10 @@ class SortTable:
|
|||
'white_end': ['date_end'],
|
||||
'default': ['-date_end']
|
||||
}
|
||||
USERS_INDEX_SCHOOL = {
|
||||
'school_name': ['name'],
|
||||
'default': ['name']
|
||||
}
|
||||
MACHINES_INDEX = {
|
||||
'machine_name': ['name'],
|
||||
'default': ['pk']
|
||||
|
|
|
@ -65,7 +65,7 @@ HISTORY_BIND = {
|
|||
'school' : users.models.School,
|
||||
'listright' : users.models.ListRight,
|
||||
'serviceuser' : users.models.ServiceUser,
|
||||
'shell' : users.models.ListShell,
|
||||
'listshell' : users.models.ListShell,
|
||||
},
|
||||
'preferences' : {
|
||||
'service' : preferences.models.Service,
|
||||
|
@ -81,9 +81,9 @@ HISTORY_BIND = {
|
|||
'port' : topologie.models.Port,
|
||||
'room' : topologie.models.Room,
|
||||
'stack' : topologie.models.Stack,
|
||||
'model_switch' : topologie.models.ModelSwitch,
|
||||
'constructor_switch' : topologie.models.ConstructorSwitch,
|
||||
'ap' : topologie.models.AccessPoint,
|
||||
'modelswitch' : topologie.models.ModelSwitch,
|
||||
'constructorswitch' : topologie.models.ConstructorSwitch,
|
||||
'accesspoint' : topologie.models.AccessPoint,
|
||||
},
|
||||
'machines' : {
|
||||
'machine' : machines.models.Machine,
|
||||
|
@ -99,7 +99,7 @@ HISTORY_BIND = {
|
|||
'ns' : machines.models.Ns,
|
||||
'service' : machines.models.Service,
|
||||
'vlan' : machines.models.Vlan,
|
||||
'nas' : machines.models.Vlan,
|
||||
'nas' : machines.models.Nas,
|
||||
'ipv6list' : machines.models.Ipv6List,
|
||||
},
|
||||
}
|
||||
|
@ -128,8 +128,10 @@ def history(request, application, object_name, object_id):
|
|||
model = HISTORY_BIND[application][object_name]
|
||||
except KeyError as e:
|
||||
raise Http404(u"Il n'existe pas d'historique pour ce modèle.")
|
||||
object_name_id = object_name + 'id'
|
||||
kwargs = {object_name_id: object_id}
|
||||
try:
|
||||
instance = model.get_instance(object_id)
|
||||
instance = model.get_instance(**kwargs)
|
||||
except model.DoesNotExist:
|
||||
messages.error(request, u"Entrée inexistante")
|
||||
return redirect(reverse('users:profil',
|
||||
|
|
|
@ -83,9 +83,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-users"></i> Adhérents<span class="caret"></span></a>
|
||||
<ul class="dropdown-menu">
|
||||
{% can_view_app users %}
|
||||
<li><a href="{% url 'users:index' %}"><i class="fa fa-users"></i> Gérer les adhérents</a></li>
|
||||
{% acl_end %}
|
||||
{% can_view_app machines %}
|
||||
<li><a href="{% url 'users:index' %}"><i class="fa fa-user"></i> Gérer les adhérents</a></li>
|
||||
<li><a href="{% url 'users:index-clubs' %}"><i class="fa fa-users"></i> Gérer les clubs</a></li>
|
||||
{% acl_end %}
|
||||
{% can_view_app machines %}
|
||||
<li><a href="{% url 'machines:index' %}"><i class="fa fa-desktop"></i> Gérer les machines</a></li>
|
||||
{% acl_end %}
|
||||
{% can_view_app cotisations %}
|
||||
|
@ -95,7 +96,14 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</li>
|
||||
{% acl_end %}
|
||||
{% can_view_app topologie %}
|
||||
<li><a href="{% url "topologie:index" %}"><i class="fa fa-sitemap"></i> Topologie</a></li>
|
||||
<li class="dropdown">
|
||||
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"><i class="fa fa-sitemap"></i> Topologie<span class="caret"></span></a>
|
||||
<ul class="dropdown-menu">
|
||||
<li><a href="{% url "topologie:index" %}"><i class="fa fa-microchip"></i> Switchs</a></li>
|
||||
<li><a href="{% url "topologie:index-ap" %}"><i class="fa fa-wifi"></i> Bornes WiFi</a></li>
|
||||
<li><a href="{% url "topologie:index-room" %}"><i class="fa fa-home"></i> Chambres et locaux</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
{% acl_end %}
|
||||
{% can_view_app logs %}
|
||||
<li><a href="{% url "logs:index" %}"><i class="fa fa-chart-area"></i> Statistiques</a></li>
|
||||
|
|
19
topologie/migrations/0055_auto_20180329_0431.py
Normal file
19
topologie/migrations/0055_auto_20180329_0431.py
Normal file
|
@ -0,0 +1,19 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2018-03-29 02:31
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('topologie', '0054_auto_20180326_1742'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterModelOptions(
|
||||
name='accesspoint',
|
||||
options={'permissions': (('view_accesspoint', 'Peut voir une borne'),)},
|
||||
),
|
||||
]
|
|
@ -47,9 +47,10 @@ from django.db import IntegrityError
|
|||
from django.db import transaction
|
||||
from reversion import revisions as reversion
|
||||
|
||||
from machines.models import Machine, Interface
|
||||
from machines.models import Machine, Interface, regen
|
||||
from re2o.mixins import AclMixin
|
||||
|
||||
class Stack(models.Model):
|
||||
class Stack(AclMixin, models.Model):
|
||||
"""Un objet stack. Regrouppe des switchs en foreign key
|
||||
,contient une id de stack, un switch id min et max dans
|
||||
le stack"""
|
||||
|
@ -66,33 +67,6 @@ class Stack(models.Model):
|
|||
("view_stack", "Peut voir un objet stack"),
|
||||
)
|
||||
|
||||
def get_instance(stack_id, *args, **kwargs):
|
||||
return Stack.objects.get(pk=stack_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_stack') , u"Vous n'avez pas le droit\
|
||||
de créer un stack"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_stack'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des stack"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_stack'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer une stack"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_stack'):
|
||||
return False, u"Vous n'avez pas le droit de voir une stack"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_stack'):
|
||||
return False, u"Vous n'avez pas le droit de voir une stack"
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
return " ".join([self.name, self.stack_id])
|
||||
|
||||
|
@ -109,7 +83,7 @@ class Stack(models.Model):
|
|||
inférieure à l'id minimale"})
|
||||
|
||||
|
||||
class AccessPoint(Machine):
|
||||
class AccessPoint(AclMixin, Machine):
|
||||
"""Define a wireless AP. Inherit from machines.interfaces
|
||||
|
||||
Definition pour une borne wifi , hérite de machines.interfaces
|
||||
|
@ -125,38 +99,11 @@ class AccessPoint(Machine):
|
|||
|
||||
class Meta:
|
||||
permissions = (
|
||||
("view_ap", "Peut voir une borne"),
|
||||
("view_accesspoint", "Peut voir une borne"),
|
||||
)
|
||||
|
||||
def get_instance(ap_id, *args, **kwargs):
|
||||
return AccessPoint.objects.get(pk=ap_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_ap') , u"Vous n'avez pas le droit\
|
||||
de créer une borne"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_ap'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des bornes"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_ap'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer une borne"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_ap'):
|
||||
return False, u"Vous n'avez pas le droit de voir les bornes"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_ap'):
|
||||
return False, u"Vous n'avez pas le droit de voir les bornes"
|
||||
return True, None
|
||||
|
||||
|
||||
class Switch(Machine):
|
||||
class Switch(AclMixin, Machine):
|
||||
""" Definition d'un switch. Contient un nombre de ports (number),
|
||||
un emplacement (location), un stack parent (optionnel, stack)
|
||||
et un id de membre dans le stack (stack_member_id)
|
||||
|
@ -193,33 +140,6 @@ class Switch(Machine):
|
|||
("view_switch", "Peut voir un objet switch"),
|
||||
)
|
||||
|
||||
def get_instance(switch_id, *args, **kwargs):
|
||||
return Switch.objects.get(pk=switch_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_switch') , u"Vous n'avez pas le droit\
|
||||
de créer un switch"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_switch'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des switch"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_switch'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer un switch"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_switch'):
|
||||
return False, u"Vous n'avez pas le droit de voir les switch"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_switch'):
|
||||
return False, u"Vous n'avez pas le droit de voir les switch"
|
||||
return True, None
|
||||
|
||||
def clean(self):
|
||||
""" Verifie que l'id stack est dans le bon range
|
||||
Appelle également le clean de la classe parente"""
|
||||
|
@ -267,7 +187,7 @@ class Switch(Machine):
|
|||
return str(self.interface_set.first())
|
||||
|
||||
|
||||
class ModelSwitch(models.Model):
|
||||
class ModelSwitch(AclMixin, models.Model):
|
||||
"""Un modèle (au sens constructeur) de switch"""
|
||||
PRETTY_NAME = "Modèle de switch"
|
||||
reference = models.CharField(max_length=255)
|
||||
|
@ -281,38 +201,11 @@ class ModelSwitch(models.Model):
|
|||
("view_modelswitch", "Peut voir un objet modelswitch"),
|
||||
)
|
||||
|
||||
def get_instance(model_switch_id, *args, **kwargs):
|
||||
return ModelSwitch.objects.get(pk=model_switch_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_modelswitch') , u"Vous n'avez pas le droit\
|
||||
de créer un modèle de switch"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_modelswitch'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des modèle de switchs"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_modelswitch'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer un modèle switch"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_modelswitch'):
|
||||
return False, u"Vous n'avez pas le droit de voir un modèle switch"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_modelswitch'):
|
||||
return False, u"Vous n'avez pas le droit de voir un modèle switch"
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
return str(self.constructor) + ' ' + self.reference
|
||||
|
||||
|
||||
class ConstructorSwitch(models.Model):
|
||||
class ConstructorSwitch(AclMixin, models.Model):
|
||||
"""Un constructeur de switch"""
|
||||
PRETTY_NAME = "Constructeur de switch"
|
||||
name = models.CharField(max_length=255)
|
||||
|
@ -322,39 +215,11 @@ class ConstructorSwitch(models.Model):
|
|||
("view_constructorswitch", "Peut voir un objet constructorswitch"),
|
||||
)
|
||||
|
||||
def get_instance(constructor_switch_id, *args, **kwargs):
|
||||
return ConstructorSwitch.objects.get(pk=constructor_switch_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_constructorswitch') , u"Vous n'avez pas le droit\
|
||||
de créer un constructeur de switch"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_constructorswitch'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des\
|
||||
constructeurs de switchs"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_constructorswitch'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer un constructeur"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_constructorswitch'):
|
||||
return False, u"Vous n'avez pas le droit de voir un constructeur"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_constructorswitch'):
|
||||
return False, u"Vous n'avez pas le droit de voir un constructeur"
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
class Port(models.Model):
|
||||
class Port(AclMixin, models.Model):
|
||||
""" Definition d'un port. Relié à un switch(foreign_key),
|
||||
un port peut etre relié de manière exclusive à :
|
||||
- une chambre (room)
|
||||
|
@ -417,39 +282,15 @@ class Port(models.Model):
|
|||
("view_port", "Peut voir un objet port"),
|
||||
)
|
||||
|
||||
def get_instance(port_id, *args, **kwargs):
|
||||
def get_instance(portid, *args, **kwargs):
|
||||
return Port.objects\
|
||||
.select_related('machine_interface__domain__extension')\
|
||||
.select_related('machine_interface__machine__switch')\
|
||||
.select_related('room')\
|
||||
.select_related('related')\
|
||||
.prefetch_related('switch__interface_set__domain__extension')\
|
||||
.get(pk=port_id)
|
||||
.get(pk=portid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_port') , u"Vous n'avez pas le droit\
|
||||
de créer un port"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_port'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer des ports"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_port'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer un port"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_port'):
|
||||
return False, u"Vous n'avez pas le droit de voir les ports"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_port'):
|
||||
return False, u"Vous n'avez pas le droit de voir les ports"
|
||||
return True, None
|
||||
|
||||
def make_port_related(self):
|
||||
""" Synchronise le port distant sur self"""
|
||||
related_port = self.related
|
||||
|
@ -494,7 +335,7 @@ class Port(models.Model):
|
|||
return str(self.switch) + " - " + str(self.port)
|
||||
|
||||
|
||||
class Room(models.Model):
|
||||
class Room(AclMixin, models.Model):
|
||||
"""Une chambre/local contenant une prise murale"""
|
||||
PRETTY_NAME = "Chambre/ Prise murale"
|
||||
|
||||
|
@ -507,33 +348,6 @@ class Room(models.Model):
|
|||
("view_room", "Peut voir un objet chambre"),
|
||||
)
|
||||
|
||||
def get_instance(room_id, *args, **kwargs):
|
||||
return Room.objects.get(pk=room_id)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('topologie.add_room') , u"Vous n'avez pas le droit\
|
||||
de créer une chambre"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.change_room'):
|
||||
return False, u"Vous n'avez pas le droit d'éditer une chambre"
|
||||
return True, None
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.delete_room'):
|
||||
return False, u"Vous n'avez pas le droit de supprimer une chambre"
|
||||
return True, None
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_room'):
|
||||
return False, u"Vous n'avez pas le droit de voir les chambres"
|
||||
return True, None
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
if not user_request.has_perm('topologie.view_room'):
|
||||
return False, u"Vous n'avez pas le droit de voir les chambres"
|
||||
return True, None
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
|
|
@ -49,7 +49,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{ap.interface_set.first.details}}</td>
|
||||
<td>{{ap.location}}</td>
|
||||
<td class="text-right">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'ap' ap.pk %}">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'accesspoint' ap.pk %}">
|
||||
<i class="fa fa-history"></i>
|
||||
</a>
|
||||
{% can_edit ap %}
|
||||
|
|
|
@ -39,7 +39,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<tr>
|
||||
<td>{{constructor_switch}}</td>
|
||||
<td class="text-right">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'constructor_switch' constructor_switch.pk %}">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'constructorswitch' constructor_switch.pk %}">
|
||||
<i class="fa fa-history"></i>
|
||||
</a>
|
||||
{% can_edit constructor_switch %}
|
||||
|
|
|
@ -41,7 +41,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<td>{{model_switch.reference}}</td>
|
||||
<td>{{model_switch.constructor}}</td>
|
||||
<td class="text-right">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'model_switch' model_switch.pk %}">
|
||||
<a class="btn btn-info btn-sm" role="button" title="Historique" href="{% url 'topologie:history' 'modelswitch' model_switch.pk %}">
|
||||
<i class="fa fa-history"></i>
|
||||
</a>
|
||||
{% can_edit model_switch %}
|
||||
|
|
|
@ -52,7 +52,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
</td>
|
||||
<td>
|
||||
{% if port.related %}
|
||||
<a href="{% url 'topologie:index-port' switch_id=port.related.switch.id %}">{{ port.related }}</a>
|
||||
<a href="{% url 'topologie:index-port' switchid=port.related.switch.id %}">{{ port.related }}</a>
|
||||
{% endif %}
|
||||
</td>
|
||||
<td>{{ port.radius }}</td>
|
||||
|
|
|
@ -33,9 +33,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'topologie:edit-switch' id_switch %}"><i class="fa fa-edit"></i> Editer</a>
|
||||
{% can_create Port %}
|
||||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'topologie:new-port' id_switch %}"><i class="fa fa-plus"></i> Ajouter un port</a>
|
||||
{% acl_end %}
|
||||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'topologie:create-ports' id_switch %}"><i class="fa fa-plus"></i> Ajouter des ports</a>
|
||||
{% include "topologie/aff_port.html" with port_list=port_list %}
|
||||
{% acl_end %}
|
||||
{% include "topologie/aff_port.html" with port_list=port_list %}
|
||||
<br />
|
||||
<br />
|
||||
<br />
|
||||
|
|
|
@ -37,18 +37,18 @@ urlpatterns = [
|
|||
url(r'^$', views.index, name='index'),
|
||||
url(r'^index_ap/$', views.index_ap, name='index-ap'),
|
||||
url(r'^new_ap/$', views.new_ap, name='new-ap'),
|
||||
url(r'^edit_ap/(?P<ap_id>[0-9]+)$',
|
||||
url(r'^edit_ap/(?P<accesspointid>[0-9]+)$',
|
||||
views.edit_ap,
|
||||
name='edit-ap'),
|
||||
url(r'^create_ports/(?P<switch_id>[0-9]+)$',
|
||||
url(r'^create_ports/(?P<switchid>[0-9]+)$',
|
||||
views.create_ports,
|
||||
name='create-ports'),
|
||||
url(r'^index_room/$', views.index_room, name='index-room'),
|
||||
url(r'^new_room/$', views.new_room, name='new-room'),
|
||||
url(r'^edit_room/(?P<room_id>[0-9]+)$', views.edit_room, name='edit-room'),
|
||||
url(r'^del_room/(?P<room_id>[0-9]+)$', views.del_room, name='del-room'),
|
||||
url(r'^edit_room/(?P<roomid>[0-9]+)$', views.edit_room, name='edit-room'),
|
||||
url(r'^del_room/(?P<roomid>[0-9]+)$', views.del_room, name='del-room'),
|
||||
url(r'^new_switch/$', views.new_switch, name='new-switch'),
|
||||
url(r'^switch/(?P<switch_id>[0-9]+)$',
|
||||
url(r'^switch/(?P<switchid>[0-9]+)$',
|
||||
views.index_port,
|
||||
name='index-port'),
|
||||
url(
|
||||
|
@ -57,18 +57,18 @@ urlpatterns = [
|
|||
name='history',
|
||||
kwargs={'application':'topologie'},
|
||||
),
|
||||
url(r'^edit_port/(?P<port_id>[0-9]+)$', views.edit_port, name='edit-port'),
|
||||
url(r'^new_port/(?P<switch_id>[0-9]+)$', views.new_port, name='new-port'),
|
||||
url(r'^del_port/(?P<port_id>[0-9]+)$', views.del_port, name='del-port'),
|
||||
url(r'^edit_switch/(?P<switch_id>[0-9]+)$',
|
||||
url(r'^edit_port/(?P<portid>[0-9]+)$', views.edit_port, name='edit-port'),
|
||||
url(r'^new_port/(?P<switchid>[0-9]+)$', views.new_port, name='new-port'),
|
||||
url(r'^del_port/(?P<portid>[0-9]+)$', views.del_port, name='del-port'),
|
||||
url(r'^edit_switch/(?P<switchid>[0-9]+)$',
|
||||
views.edit_switch,
|
||||
name='edit-switch'),
|
||||
url(r'^new_stack/$', views.new_stack, name='new-stack'),
|
||||
url(r'^index_stack/$', views.index_stack, name='index-stack'),
|
||||
url(r'^edit_stack/(?P<stack_id>[0-9]+)$',
|
||||
url(r'^edit_stack/(?P<stackid>[0-9]+)$',
|
||||
views.edit_stack,
|
||||
name='edit-stack'),
|
||||
url(r'^del_stack/(?P<stack_id>[0-9]+)$',
|
||||
url(r'^del_stack/(?P<stackid>[0-9]+)$',
|
||||
views.del_stack,
|
||||
name='del-stack'),
|
||||
url(r'^index_model_switch/$',
|
||||
|
@ -83,20 +83,20 @@ urlpatterns = [
|
|||
views.new_model_switch,
|
||||
name='new-model-switch'
|
||||
),
|
||||
url(r'^edit_model_switch/(?P<model_switch_id>[0-9]+)$',
|
||||
url(r'^edit_model_switch/(?P<modelswitchid>[0-9]+)$',
|
||||
views.edit_model_switch,
|
||||
name='edit-model-switch'),
|
||||
url(r'^del_model_switch/(?P<model_switch_id>[0-9]+)$',
|
||||
url(r'^del_model_switch/(?P<modelswitchid>[0-9]+)$',
|
||||
views.del_model_switch,
|
||||
name='del-model-switch'),
|
||||
url(r'^new_constructor_switch/$',
|
||||
views.new_constructor_switch,
|
||||
name='new-constructor-switch'
|
||||
),
|
||||
url(r'^edit_constructor_switch/(?P<constructor_switch_id>[0-9]+)$',
|
||||
url(r'^edit_constructor_switch/(?P<constructorswitchid>[0-9]+)$',
|
||||
views.edit_constructor_switch,
|
||||
name='edit-constructor-switch'),
|
||||
url(r'^del_constructor_switch/(?P<constructor_switch_id>[0-9]+)$',
|
||||
url(r'^del_constructor_switch/(?P<constructorswitchid>[0-9]+)$',
|
||||
views.del_constructor_switch,
|
||||
name='del-constructor-switch'),
|
||||
]
|
||||
|
|
|
@ -123,7 +123,7 @@ def index(request):
|
|||
@login_required
|
||||
@can_view_all(Port)
|
||||
@can_view(Switch)
|
||||
def index_port(request, switch, switch_id):
|
||||
def index_port(request, switch, switchid):
|
||||
""" Affichage de l'ensemble des ports reliés à un switch particulier"""
|
||||
port_list = Port.objects.filter(switch=switch)\
|
||||
.select_related('room')\
|
||||
|
@ -143,7 +143,7 @@ def index_port(request, switch, switch_id):
|
|||
)
|
||||
return render(request, 'topologie/index_p.html', {
|
||||
'port_list': port_list,
|
||||
'id_switch': switch_id,
|
||||
'id_switch': switchid,
|
||||
'nom_switch': switch
|
||||
})
|
||||
|
||||
|
@ -250,10 +250,10 @@ def index_model_switch(request):
|
|||
|
||||
@login_required
|
||||
@can_create(Port)
|
||||
def new_port(request, switch_id):
|
||||
def new_port(request, switchid):
|
||||
""" Nouveau port"""
|
||||
try:
|
||||
switch = Switch.objects.get(pk=switch_id)
|
||||
switch = Switch.objects.get(pk=switchid)
|
||||
except Switch.DoesNotExist:
|
||||
messages.error(request, u"Switch inexistant")
|
||||
return redirect(reverse('topologie:index'))
|
||||
|
@ -271,14 +271,14 @@ def new_port(request, switch_id):
|
|||
messages.error(request, "Ce port existe déjà")
|
||||
return redirect(reverse(
|
||||
'topologie:index-port',
|
||||
kwargs={'switch_id':switch_id}
|
||||
kwargs={'switchid':switchid}
|
||||
))
|
||||
return form({'id_switch': switch_id,'topoform': port, 'action_name' : 'Ajouter'}, 'topologie/topo.html', request)
|
||||
return form({'id_switch': switchid,'topoform': port, 'action_name' : 'Ajouter'}, 'topologie/topo.html', request)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_edit(Port)
|
||||
def edit_port(request, port_object, port_id):
|
||||
def edit_port(request, port_object, portid):
|
||||
""" Edition d'un port. Permet de changer le switch parent et
|
||||
l'affectation du port"""
|
||||
|
||||
|
@ -293,14 +293,14 @@ def edit_port(request, port_object, port_id):
|
|||
messages.success(request, "Le port a bien été modifié")
|
||||
return redirect(reverse(
|
||||
'topologie:index-port',
|
||||
kwargs={'switch_id': str(port_object.switch.id)}
|
||||
kwargs={'switchid': str(port_object.switch.id)}
|
||||
))
|
||||
return form({'id_switch': str(port_object.switch.id), 'topoform': port, 'action_name' : 'Editer'}, 'topologie/topo.html', request)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_delete(Port)
|
||||
def del_port(request, port, port_id):
|
||||
def del_port(request, port, portid):
|
||||
""" Supprime le port"""
|
||||
if request.method == "POST":
|
||||
try:
|
||||
|
@ -314,7 +314,7 @@ def del_port(request, port, port_id):
|
|||
impossible de le supprimer" % port)
|
||||
return redirect(reverse(
|
||||
'topologie:index-port',
|
||||
kwargs={'switch_id':str(port.switch.id)}
|
||||
kwargs={'switchid':str(port.switch.id)}
|
||||
))
|
||||
return form({'objet': port}, 'topologie/delete.html', request)
|
||||
|
||||
|
@ -322,7 +322,7 @@ def del_port(request, port, port_id):
|
|||
@login_required
|
||||
@can_create(Stack)
|
||||
def new_stack(request):
|
||||
"""Ajoute un nouveau stack : stack_id_min, max, et nombre de switches"""
|
||||
"""Ajoute un nouveau stack : stackid_min, max, et nombre de switches"""
|
||||
stack = StackForm(request.POST or None)
|
||||
if stack.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -335,7 +335,7 @@ def new_stack(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(Stack)
|
||||
def edit_stack(request, stack, stack_id):
|
||||
def edit_stack(request, stack, stackid):
|
||||
"""Edition d'un stack (nombre de switches, nom...)"""
|
||||
|
||||
stack = StackForm(request.POST or None, instance=stack)
|
||||
|
@ -354,7 +354,7 @@ def edit_stack(request, stack, stack_id):
|
|||
|
||||
@login_required
|
||||
@can_delete(Stack)
|
||||
def del_stack(request, stack, stack_id):
|
||||
def del_stack(request, stack, stackid):
|
||||
"""Supprime un stack"""
|
||||
if request.method == "POST":
|
||||
try:
|
||||
|
@ -372,7 +372,7 @@ def del_stack(request, stack, stack_id):
|
|||
|
||||
@login_required
|
||||
@can_edit(Stack)
|
||||
def edit_switchs_stack(request, stack, stack_id):
|
||||
def edit_switchs_stack(request, stack, stackid):
|
||||
"""Permet d'éditer la liste des switches dans une stack et l'ajouter"""
|
||||
|
||||
if request.method == "POST":
|
||||
|
@ -440,10 +440,10 @@ def new_switch(request):
|
|||
|
||||
@login_required
|
||||
@can_create(Port)
|
||||
def create_ports(request, switch_id):
|
||||
def create_ports(request, switchid):
|
||||
""" Création d'une liste de ports pour un switch."""
|
||||
try:
|
||||
switch = Switch.objects.get(pk=switch_id)
|
||||
switch = Switch.objects.get(pk=switchid)
|
||||
except Switch.DoesNotExist:
|
||||
messages.error(request, u"Switch inexistant")
|
||||
return redirect(reverse('topologie:index'))
|
||||
|
@ -471,14 +471,14 @@ def create_ports(request, switch_id):
|
|||
|
||||
return redirect(reverse(
|
||||
'topologie:index-port',
|
||||
kwargs={'switch_id':switch_id}
|
||||
kwargs={'switchid':switchid}
|
||||
))
|
||||
return form({'id_switch': switch_id, 'topoform': port_form}, 'topologie/switch.html', request)
|
||||
return form({'id_switch': switchid, 'topoform': port_form}, 'topologie/switch.html', request)
|
||||
|
||||
|
||||
@login_required
|
||||
@can_edit(Switch)
|
||||
def edit_switch(request, switch, switch_id):
|
||||
def edit_switch(request, switch, switchid):
|
||||
""" Edition d'un switch. Permet de chambre nombre de ports,
|
||||
place dans le stack, interface et machine associée"""
|
||||
|
||||
|
@ -524,7 +524,7 @@ def edit_switch(request, switch, switch_id):
|
|||
return redirect(reverse('topologie:index'))
|
||||
i_mbf_param = generate_ipv4_mbf_param(interface_form, False )
|
||||
return form({
|
||||
'id_switch': switch_id,
|
||||
'id_switch': switchid,
|
||||
'topoform': interface_form,
|
||||
'machineform': switch_form,
|
||||
'domainform': domain_form,
|
||||
|
@ -590,7 +590,7 @@ def new_ap(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(AccessPoint)
|
||||
def edit_ap(request, ap, ap_id):
|
||||
def edit_ap(request, ap, accesspointid):
|
||||
""" Edition d'un switch. Permet de chambre nombre de ports,
|
||||
place dans le stack, interface et machine associée"""
|
||||
interface_form = EditInterfaceForm(
|
||||
|
@ -665,7 +665,7 @@ def new_room(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(Room)
|
||||
def edit_room(request, room, room_id):
|
||||
def edit_room(request, room, roomid):
|
||||
""" Edition numero et details de la chambre"""
|
||||
|
||||
room = EditRoomForm(request.POST or None, instance=room)
|
||||
|
@ -683,7 +683,7 @@ def edit_room(request, room, room_id):
|
|||
|
||||
@login_required
|
||||
@can_delete(Room)
|
||||
def del_room(request, room, room_id):
|
||||
def del_room(request, room, roomid):
|
||||
""" Suppression d'un chambre"""
|
||||
if request.method == "POST":
|
||||
try:
|
||||
|
@ -719,7 +719,7 @@ def new_model_switch(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(ModelSwitch)
|
||||
def edit_model_switch(request, model_switch, model_switch_id):
|
||||
def edit_model_switch(request, model_switch, modelswitchid):
|
||||
""" Edition d'un modèle de switch"""
|
||||
|
||||
model_switch = EditModelSwitchForm(request.POST or None, instance=model_switch)
|
||||
|
@ -737,7 +737,7 @@ def edit_model_switch(request, model_switch, model_switch_id):
|
|||
|
||||
@login_required
|
||||
@can_delete(ModelSwitch)
|
||||
def del_model_switch(request, model_switch_id):
|
||||
def del_model_switch(request, model_switch, modelswitchid):
|
||||
""" Suppression d'un modèle de switch"""
|
||||
if request.method == "POST":
|
||||
try:
|
||||
|
@ -773,7 +773,7 @@ def new_constructor_switch(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(ConstructorSwitch)
|
||||
def edit_constructor_switch(request, constructor_switch, constructor_switch_id):
|
||||
def edit_constructor_switch(request, constructor_switch, constructorswitchid):
|
||||
""" Edition d'un constructeur de switch"""
|
||||
|
||||
constructor_switch = EditConstructorSwitchForm(request.POST or None, instance=constructor_switch)
|
||||
|
@ -791,7 +791,7 @@ def edit_constructor_switch(request, constructor_switch, constructor_switch_id):
|
|||
|
||||
@login_required
|
||||
@can_delete(ConstructorSwitch)
|
||||
def del_constructor_switch(request, constructor_switch_id):
|
||||
def del_constructor_switch(request, constructor_switch, constructorswitchid):
|
||||
""" Suppression d'un constructeur de switch"""
|
||||
if request.method == "POST":
|
||||
try:
|
||||
|
|
355
users/models.py
355
users/models.py
|
@ -76,6 +76,7 @@ import ldapdb.models.fields
|
|||
from re2o.settings import RIGHTS_LINK, LDAP, GID_RANGES, UID_RANGES
|
||||
from re2o.login import hashNT
|
||||
from re2o.field_permissions import FieldPermissionModelMixin
|
||||
from re2o.mixins import AclMixin
|
||||
|
||||
from cotisations.models import Cotisation, Facture, Paiement, Vente
|
||||
from machines.models import Domain, Interface, Machine, regen
|
||||
|
@ -170,7 +171,7 @@ class UserManager(BaseUserManager):
|
|||
"""
|
||||
return self._create_user(pseudo, surname, email, password, True)
|
||||
|
||||
class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
||||
class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin, AclMixin):
|
||||
""" Definition de l'utilisateur de base.
|
||||
Champs principaux : name, surnname, pseudo, email, room, password
|
||||
Herite du django BaseUser et du système d'auth django"""
|
||||
|
@ -667,14 +668,6 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
num += 1
|
||||
return composed_pseudo(num)
|
||||
|
||||
def get_instance(userid, *args, **kwargs):
|
||||
"""Get the User instance with userid.
|
||||
|
||||
:param userid: The id
|
||||
:return: The user
|
||||
"""
|
||||
return User.objects.get(pk=userid)
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit an user object.
|
||||
|
||||
|
@ -745,29 +738,6 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
def can_change_groups(user_request, *args, **kwargs):
|
||||
return user_request.has_perm('users.change_user_groups'), "Droit requis pour éditer les groupes de l'user"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete an user object.
|
||||
|
||||
:param self: The user who is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if user_request has the right 'bureau', and a message.
|
||||
"""
|
||||
if user_request.has_perm('users.delete_user'):
|
||||
return True, None
|
||||
else:
|
||||
return False, u"Vous ne pouvez pas supprimer cet utilisateur."
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every user objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
if user_request.has_perm('users.view_user'):
|
||||
return True, None
|
||||
else:
|
||||
return False, u"Vous n'avez pas accès à la liste des utilisateurs."
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view an user object.
|
||||
|
||||
|
@ -790,6 +760,23 @@ class User(FieldPermissionModelMixin, AbstractBaseUser, PermissionsMixin):
|
|||
else:
|
||||
return False, u"Vous ne pouvez voir un autre utilisateur que vous même"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every user objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_user'), u"Vous n'avez pas accès à la liste des utilisateurs."
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete an user object.
|
||||
|
||||
:param self: The user who is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if user_request has the right 'bureau', and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_user'), u"Vous ne pouvez pas supprimer cet utilisateur."
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(User, self).__init__(*args, **kwargs)
|
||||
self.field_permissions = {
|
||||
|
@ -812,8 +799,6 @@ class Adherent(User):
|
|||
null=True
|
||||
)
|
||||
|
||||
|
||||
|
||||
def get_instance(adherentid, *args, **kwargs):
|
||||
"""Try to find an instance of `Adherent` with the given id.
|
||||
|
||||
|
@ -922,7 +907,7 @@ def user_post_delete(sender, **kwargs):
|
|||
user.ldap_del()
|
||||
regen('mailing')
|
||||
|
||||
class ServiceUser(AbstractBaseUser):
|
||||
class ServiceUser(AclMixin, AbstractBaseUser):
|
||||
""" Classe des users daemons, règle leurs accès au ldap"""
|
||||
readonly = 'readonly'
|
||||
ACCESS = (
|
||||
|
@ -989,61 +974,6 @@ class ServiceUser(AbstractBaseUser):
|
|||
)]).values_list('dn', flat=True))
|
||||
group.save()
|
||||
|
||||
def get_instance(userid, *args, **kwargs):
|
||||
return ServiceUser.objects.get(pk=userid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a ServiceUser object.
|
||||
|
||||
:param user_request: The user who wants to create a user object.
|
||||
:return: a message and a boolean which is True if the user can create
|
||||
or if the `options.all_can_create` is set.
|
||||
"""
|
||||
return user_request.has_perm('users.add_serviceuser'), (
|
||||
u"Vous n'avez pas le droit de créer un service user"
|
||||
)
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a ServiceUser object.
|
||||
|
||||
:param self: The ServiceUser which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_serviceuser'), (
|
||||
u"Vous n'avez pas le droit d'éditer les services users"
|
||||
)
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a ServiceUser object.
|
||||
|
||||
:param self: The ServiceUser who is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if user_request has the right 'infra', and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_serviceuser'), u"Vous n'avez pas le droit de\
|
||||
supprimer un service user"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every ServiceUser objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_serviceuser'), u"Vous n'avez pas le droit de\
|
||||
voir un service user"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a ServiceUser object.
|
||||
|
||||
:param self: The targeted ServiceUser.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('users.view_serviceuser'), u"Vous n'avez pas le droit de\
|
||||
voir un service user"
|
||||
|
||||
def __str__(self):
|
||||
return self.pseudo
|
||||
|
||||
|
@ -1061,7 +991,7 @@ def service_user_post_delete(sender, **kwargs):
|
|||
service_user.ldap_del()
|
||||
|
||||
|
||||
class School(models.Model):
|
||||
class School(AclMixin, models.Model):
|
||||
""" Etablissement d'enseignement"""
|
||||
PRETTY_NAME = "Établissements enregistrés"
|
||||
|
||||
|
@ -1072,63 +1002,11 @@ class School(models.Model):
|
|||
("view_school", "Peut voir un objet school"),
|
||||
)
|
||||
|
||||
def get_instance(schoolid, *args, **kwargs):
|
||||
return School.objects.get(pk=schoolid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a School object.
|
||||
|
||||
:param user_request: The user who wants to create a user object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('users.add_school'), u"Vous n'avez pas le\
|
||||
droit de créer des écoles"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a School object.
|
||||
|
||||
:param self: The School which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_school'), u"Vous n'avez pas le\
|
||||
droit d'éditer des écoles"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a School object.
|
||||
|
||||
:param self: The School which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_school'), u"Vous n'avez pas le\
|
||||
droit de supprimer des écoles"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every School objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_school'), u"Vous n'avez pas le\
|
||||
droit de voir les écoles"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a School object.
|
||||
|
||||
:param self: The targeted School.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('users.view_school'), u"Vous n'avez pas le\
|
||||
droit de voir les écoles"
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
class ListRight(Group):
|
||||
class ListRight(AclMixin, Group):
|
||||
""" Ensemble des droits existants. Chaque droit crée un groupe
|
||||
ldap synchronisé, avec gid.
|
||||
Permet de gérer facilement les accès serveurs et autres
|
||||
|
@ -1158,58 +1036,6 @@ class ListRight(Group):
|
|||
("view_listright", "Peut voir un objet Group/ListRight"),
|
||||
)
|
||||
|
||||
def get_instance(listrightid, *args, **kwargs):
|
||||
return ListRight.objects.get(pk=listrightid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a ListRight object.
|
||||
|
||||
:param user_request: The user who wants to create a ListRight object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('users.add_listright'), u"Vous n'avez pas le droit\
|
||||
de créer des groupes de droits"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a ListRight object.
|
||||
|
||||
:param self: The object which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_listright'), u"Vous n'avez pas le droit\
|
||||
d'éditer des groupes de droits"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a ListRight object.
|
||||
|
||||
:param self: The object which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_listright'), u"Vous n'avez pas le droit\
|
||||
de supprimer des groupes de droits"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every ListRight objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_listright'), u"Vous n'avez pas le droit\
|
||||
de voir les groupes de droits"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a ListRight object.
|
||||
|
||||
:param self: The targeted object.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('users.view_listright'), u"Vous n'avez pas le droit\
|
||||
de voir les groupes de droits"
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
@ -1247,7 +1073,7 @@ def listright_post_delete(sender, **kwargs):
|
|||
right.ldap_del()
|
||||
|
||||
|
||||
class ListShell(models.Model):
|
||||
class ListShell(AclMixin, models.Model):
|
||||
"""Un shell possible. Pas de check si ce shell existe, les
|
||||
admin sont des grands"""
|
||||
PRETTY_NAME = "Liste des shells disponibles"
|
||||
|
@ -1259,67 +1085,15 @@ class ListShell(models.Model):
|
|||
("view_listshell", "Peut voir un objet shell quelqu'il soit"),
|
||||
)
|
||||
|
||||
def get_instance(shellid, *args, **kwargs):
|
||||
return ListShell.objects.get(pk=shellid)
|
||||
|
||||
def get_pretty_name(self):
|
||||
"""Return the canonical name of the shell"""
|
||||
return self.shell.split("/")[-1]
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a ListShell object.
|
||||
|
||||
:param user_request: The user who wants to create a user object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('users.add_listshell'), u"Vous n'avez pas le\
|
||||
droit de créer des shells"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a ListShell object.
|
||||
|
||||
:param self: The Shell which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_listshell'), u"Vous n'avez pas le\
|
||||
droit d'éditer des shells"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a ListShell object.
|
||||
|
||||
:param self: The Shell which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_listshell'), u"Vous n'avez pas le\
|
||||
droit de supprimer des shells"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every ListShell objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_listshell'), u"Vous n'avez pas le\
|
||||
droit de voir les shells"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a ListShell object.
|
||||
|
||||
:param self: The targeted ListShell instance.
|
||||
:param user_request: The user who ask for viewing the target.
|
||||
:return: A boolean telling if the acces is granted and an explanation
|
||||
text
|
||||
"""
|
||||
return user_request.has_perm('users.view_listshell'), u"Vous n'avez pas le\
|
||||
droit de voir les shells"
|
||||
|
||||
def __str__(self):
|
||||
return self.shell
|
||||
|
||||
|
||||
class Ban(models.Model):
|
||||
class Ban(AclMixin, models.Model):
|
||||
""" Bannissement. Actuellement a un effet tout ou rien.
|
||||
Gagnerait à être granulaire"""
|
||||
PRETTY_NAME = "Liste des bannissements"
|
||||
|
@ -1369,44 +1143,6 @@ class Ban(models.Model):
|
|||
def get_instance(banid, *args, **kwargs):
|
||||
return Ban.objects.get(pk=banid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a Ban object.
|
||||
|
||||
:param user_request: The user who wants to create a Ban object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('users.add_ban'), u"Vous n'avez pas le droit de\
|
||||
créer des bannissements"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a Ban object.
|
||||
|
||||
:param self: The object which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_ban'), u"Vous n'avez pas le droit\
|
||||
d'éditer des bannissements"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a Ban object.
|
||||
|
||||
:param self: The object which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_ban'), u"Vous n'avez pas le droit\
|
||||
de supprimer des bannissements"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every Ban objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_ban'), u"Vous n'avez pas le droit\
|
||||
de voir tous les bannissements"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a Ban object.
|
||||
|
||||
|
@ -1453,7 +1189,7 @@ def ban_post_delete(sender, **kwargs):
|
|||
regen('mac_ip_list')
|
||||
|
||||
|
||||
class Whitelist(models.Model):
|
||||
class Whitelist(AclMixin, models.Model):
|
||||
"""Accès à titre gracieux. L'utilisateur ne paye pas; se voit
|
||||
accorder un accès internet pour une durée défini. Moins
|
||||
fort qu'un ban quel qu'il soit"""
|
||||
|
@ -1472,47 +1208,6 @@ class Whitelist(models.Model):
|
|||
def is_active(self):
|
||||
return self.date_end > timezone.now()
|
||||
|
||||
def get_instance(whitelistid, *args, **kwargs):
|
||||
return Whitelist.objects.get(pk=whitelistid)
|
||||
|
||||
def can_create(user_request, *args, **kwargs):
|
||||
"""Check if an user can create a Whitelist object.
|
||||
|
||||
:param user_request: The user who wants to create a Whitelist object.
|
||||
:return: a message and a boolean which is True if the user can create.
|
||||
"""
|
||||
return user_request.has_perm('users.add_whitelist'), u"Vous n'avez pas le\
|
||||
droit de créer des accès gracieux"
|
||||
|
||||
def can_edit(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can edit a Whitelist object.
|
||||
|
||||
:param self: The object which is to be edited.
|
||||
:param user_request: The user who requests to edit self.
|
||||
:return: a message and a boolean which is True if edition is granted.
|
||||
"""
|
||||
return user_request.has_perm('users.change_whitelist'), u"Vous n'avez pas le\
|
||||
droit d'éditer des accès gracieux"
|
||||
|
||||
def can_delete(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can delete a Whitelist object.
|
||||
|
||||
:param self: The object which is to be deleted.
|
||||
:param user_request: The user who requests deletion.
|
||||
:return: True if deletion is granted, and a message.
|
||||
"""
|
||||
return user_request.has_perm('users.delete_whitelist'), u"Vous n'avez pas le\
|
||||
droit de supprimer des accès gracieux"
|
||||
|
||||
def can_view_all(user_request, *args, **kwargs):
|
||||
"""Check if an user can access to the list of every Whitelist objects
|
||||
|
||||
:param user_request: The user who wants to view the list.
|
||||
:return: True if the user can view the list and an explanation message.
|
||||
"""
|
||||
return user_request.has_perm('users.view_whitelist'), u"Vous n'avez pas le\
|
||||
droit de voir les accès gracieux"
|
||||
|
||||
def can_view(self, user_request, *args, **kwargs):
|
||||
"""Check if an user can view a Whitelist object.
|
||||
|
||||
|
|
|
@ -22,10 +22,18 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
{% endcomment %}
|
||||
{% load acl %}
|
||||
|
||||
<div class="table-responsive">
|
||||
|
||||
{% if school_list.paginator %}
|
||||
{% include "pagination.html" with list=school_list %}
|
||||
{% endif %}
|
||||
|
||||
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Etablissement</th>
|
||||
<th>{% include "buttons/sort.html" with prefix='school' col='name' text='Etablissement' %}</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
</thead>
|
||||
|
@ -42,3 +50,8 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
{% endfor %}
|
||||
</table>
|
||||
|
||||
{% if school_list.paginator %}
|
||||
{% include "pagination.html" with list=school_list %}
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
|
|
|
@ -35,6 +35,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<a class="btn btn-primary btn-sm" role="button" href="{% url 'users:add-school' %}"><i class="fa fa-plus"></i> Ajouter un établissement</a>
|
||||
{% acl_end %}
|
||||
<a class="btn btn-danger btn-sm" role="button" href="{% url 'users:del-school' %}"><i class="fa fa-trash"></i> Supprimer un ou plusieurs établissements</a>
|
||||
<hr>
|
||||
{% include "users/aff_schools.html" with school_list=school_list %}
|
||||
<br />
|
||||
<br />
|
||||
|
|
|
@ -82,12 +82,12 @@ urlpatterns = [
|
|||
url(r'^del_listright/$', views.del_listright, name='del-listright'),
|
||||
url(r'^add_shell/$', views.add_shell, name='add-shell'),
|
||||
url(
|
||||
r'^edit_shell/(?P<shellid>[0-9]+)$',
|
||||
r'^edit_shell/(?P<listshellid>[0-9]+)$',
|
||||
views.edit_shell,
|
||||
name='edit-shell'
|
||||
),
|
||||
url(
|
||||
r'^del_shell/(?P<shellid>[0-9]+)$',
|
||||
r'^del_shell/(?P<listshellid>[0-9]+)$',
|
||||
views.del_shell,
|
||||
name='del-shell'
|
||||
),
|
||||
|
|
|
@ -515,8 +515,8 @@ def add_shell(request):
|
|||
|
||||
@login_required
|
||||
@can_edit(ListShell)
|
||||
def edit_shell(request, shell_instance, shellid):
|
||||
""" Editer un shell à partir du shellid"""
|
||||
def edit_shell(request, shell_instance, listshellid):
|
||||
""" Editer un shell à partir du listshellid"""
|
||||
shell = ShellForm(request.POST or None, instance=shell_instance)
|
||||
if shell.is_valid():
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -532,7 +532,7 @@ def edit_shell(request, shell_instance, shellid):
|
|||
|
||||
@login_required
|
||||
@can_delete(ListShell)
|
||||
def del_shell(request, shell, shellid):
|
||||
def del_shell(request, shell, listshellid):
|
||||
"""Destruction d'un shell"""
|
||||
if request.method == "POST":
|
||||
with transaction.atomic(), reversion.create_revision():
|
||||
|
@ -747,6 +747,23 @@ def index_white(request):
|
|||
def index_school(request):
|
||||
""" Affiche l'ensemble des établissement"""
|
||||
school_list = School.objects.order_by('name')
|
||||
pagination_number = GeneralOption.get_cached_value('pagination_number')
|
||||
school_list = SortTable.sort(
|
||||
school_list,
|
||||
request.GET.get('col'),
|
||||
request.GET.get('order'),
|
||||
SortTable.USERS_INDEX_SCHOOL
|
||||
)
|
||||
paginator = Paginator(school_list, pagination_number)
|
||||
page = request.GET.get('page')
|
||||
try:
|
||||
school_list = paginator.page(page)
|
||||
except PageNotAnInteger:
|
||||
# If page isn't an integer, deliver first page
|
||||
school_list = paginator.page(1)
|
||||
except EmptyPage:
|
||||
# If page is out of range (e.g. 9999), deliver last page of results.
|
||||
school_list = paginator.page(paginator.num_pages)
|
||||
return render(
|
||||
request,
|
||||
'users/index_schools.html',
|
||||
|
|
Loading…
Reference in a new issue