8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-26 22:52:26 +00:00

Nouveau système d'acl pour machines

This commit is contained in:
Gabriel Detraz 2017-12-28 14:17:09 +01:00 committed by root
parent 25f0e56166
commit e152103bc3
3 changed files with 21 additions and 138 deletions

View file

@ -24,7 +24,7 @@
from __future__ import unicode_literals from __future__ import unicode_literals
from django.conf.urls import url from django.conf.urls import url
import re2o
from . import views from . import views
urlpatterns = [ urlpatterns = [
@ -76,20 +76,11 @@ urlpatterns = [
url(r'^edit_nas/(?P<nasid>[0-9]+)$', views.edit_nas, name='edit-nas'), url(r'^edit_nas/(?P<nasid>[0-9]+)$', views.edit_nas, name='edit-nas'),
url(r'^del_nas/$', views.del_nas, name='del-nas'), url(r'^del_nas/$', views.del_nas, name='del-nas'),
url(r'^index_nas/$', views.index_nas, name='index-nas'), url(r'^index_nas/$', views.index_nas, name='index-nas'),
url(r'^history/(?P<object>machine)/(?P<id>[0-9]+)$', views.history, name='history'), url(
url(r'^history/(?P<object>interface)/(?P<id>[0-9]+)$', views.history, name='history'), r'history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
url(r'^history/(?P<object>machinetype)/(?P<id>[0-9]+)$', views.history, name='history'), re2o.views.history,
url(r'^history/(?P<object>extension)/(?P<id>[0-9]+)$', views.history, name='history'), name='history',
url(r'^history/(?P<object>soa)/(?P<id>[0-9]+)$', views.history, name='history'), ),
url(r'^history/(?P<object>mx)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>ns)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>txt)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>srv)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>iptype)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>alias)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>vlan)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>nas)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>service)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^$', views.index, name='index'), url(r'^$', views.index, name='index'),
url(r'^rest/mac-ip/$', views.mac_ip, name='mac-ip'), url(r'^rest/mac-ip/$', views.mac_ip, name='mac-ip'),
url(r'^rest/regen-achieved/$', views.regen_achieved, name='regen-achieved'), url(r'^rest/regen-achieved/$', views.regen_achieved, name='regen-achieved'),

View file

@ -1001,128 +1001,6 @@ def index_service(request):
servers_list = Service_link.objects.select_related('server__domain__extension').select_related('service').all() servers_list = Service_link.objects.select_related('server__domain__extension').select_related('service').all()
return render(request, 'machines/index_service.html', {'service_list':service_list, 'servers_list':servers_list}) return render(request, 'machines/index_service.html', {'service_list':service_list, 'servers_list':servers_list})
@login_required
def history(request, object, id):
if object == 'machine':
try:
object_instance = Machine.objects.get(pk=id)
except Machine.DoesNotExist:
messages.error(request, "Machine inexistante")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'une machine d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'interface':
try:
object_instance = Interface.objects.get(pk=id)
except Interface.DoesNotExist:
messages.error(request, "Interface inexistante")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'une interface d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'alias':
try:
object_instance = Domain.objects.get(pk=id)
except Domain.DoesNotExist:
messages.error(request, "Alias inexistant")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.cname.interface_parent.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'un alias d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'machinetype' and request.user.has_perms(('cableur',)):
try:
object_instance = MachineType.objects.get(pk=id)
except MachineType.DoesNotExist:
messages.error(request, "Type de machine inexistant")
return redirect(reverse('machines:index'))
elif object == 'iptype' and request.user.has_perms(('cableur',)):
try:
object_instance = IpType.objects.get(pk=id)
except IpType.DoesNotExist:
messages.error(request, "Type d'ip inexistant")
return redirect(reverse('machines:index'))
elif object == 'extension' and request.user.has_perms(('cableur',)):
try:
object_instance = Extension.objects.get(pk=id)
except Extension.DoesNotExist:
messages.error(request, "Extension inexistante")
return redirect(reverse('machines:index'))
elif object == 'soa' and request.user.has_perms(('cableur',)):
try:
object_instance = SOA.objects.get(pk=id)
except SOA.DoesNotExist:
messages.error(request, "SOA inexistant")
return redirect(reverse('machines:index'))
elif object == 'mx' and request.user.has_perms(('cableur',)):
try:
object_instance = Mx.objects.get(pk=id)
except Mx.DoesNotExist:
messages.error(request, "Mx inexistant")
return redirect(reverse('machines:index'))
elif object == 'txt' and request.user.has_perms(('cableur',)):
try:
object_instance = Txt.objects.get(pk=id)
except Txt.DoesNotExist:
messages.error(request, "Txt inexistant")
return redirect(reverse('machines:index'))
elif object == 'srv' and request.user.has_perms(('cableur',)):
try:
object_instance = Srv.objects.get(pk=id)
except Srv.DoesNotExist:
messages.error(request, "Srv inexistant")
return redirect(reverse('machines:index'))
elif object == 'ns' and request.user.has_perms(('cableur',)):
try:
object_instance = Ns.objects.get(pk=id)
except Ns.DoesNotExist:
messages.error(request, "Ns inexistant")
return redirect(reverse('machines:index'))
elif object == 'service' and request.user.has_perms(('cableur',)):
try:
object_instance = Service.objects.get(pk=id)
except Service.DoesNotExist:
messages.error(request, "Service inexistant")
return redirect(reverse('machines:index'))
elif object == 'vlan' and request.user.has_perms(('cableur',)):
try:
object_instance = Vlan.objects.get(pk=id)
except Vlan.DoesNotExist:
messages.error(request, "Vlan inexistant")
return redirect(reverse('machines:index'))
elif object == 'nas' and request.user.has_perms(('cableur',)):
try:
object_instance = Nas.objects.get(pk=id)
except Nas.DoesNotExist:
messages.error(request, "Nas inexistant")
return redirect(reverse('machines:index'))
else:
messages.error(request, "Objet inconnu")
return redirect(reverse('machines:index'))
options, created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number)
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages)
return render(request, 're2o/history.html', {'reversions': reversions, 'object': object_instance})
@login_required @login_required
@can_view_all(OuverturePortList) @can_view_all(OuverturePortList)

View file

@ -35,7 +35,7 @@ from reversion.models import Version
from django.contrib import messages from django.contrib import messages
from preferences.models import Service from preferences.models import Service
from preferences.models import OptionalUser, GeneralOption from preferences.models import OptionalUser, GeneralOption
import users, preferences, cotisations, topologie import users, preferences, cotisations, topologie, machines
def form(ctx, template, request): def form(ctx, template, request):
"""Form générique, raccourci importé par les fonctions views du site""" """Form générique, raccourci importé par les fonctions views du site"""
@ -70,6 +70,20 @@ HISTORY_BIND = {
'stack' : topologie.models.Stack, 'stack' : topologie.models.Stack,
'model_switch' : topologie.models.ModelSwitch, 'model_switch' : topologie.models.ModelSwitch,
'constructor_switch' : topologie.models.ConstructorSwitch, 'constructor_switch' : topologie.models.ConstructorSwitch,
'machine' : machines.models.Machine,
'interface' : machines.models.Interface,
'alias' : machines.models.Domain,
'machinetype' : machines.models.MachineType,
'iptype' : machines.models.IpType,
'extension' : machines.models.Extension,
'soa' : machines.models.SOA,
'mx' : machines.models.Mx,
'txt' : machines.models.Txt,
'srv' : machines.models.Srv,
'ns' : machines.models.Ns,
'service' : machines.models.Service,
'vlan' : machines.models.Vlan,
'nas' : machines.models.Vlan,
} }
@login_required @login_required