|
|
@ -105,8 +105,11 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
A tuple with a boolean stating if edition is allowed and an |
|
|
A tuple with a boolean stating if edition is allowed and an |
|
|
explanation message. |
|
|
explanation message. |
|
|
""" |
|
|
""" |
|
|
return (user_request.has_perm('machines.change_machine_user'), |
|
|
return ( |
|
|
_("You don't have the right to change the machine's user.")) |
|
|
user_request.has_perm('machines.change_machine_user'), |
|
|
|
|
|
_("You don't have the right to change the machine's user."), |
|
|
|
|
|
('machines.change_machine_user',) |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
@staticmethod |
|
|
@staticmethod |
|
|
def can_view_all(user_request, *_args, **_kwargs): |
|
|
def can_view_all(user_request, *_args, **_kwargs): |
|
|
@ -115,9 +118,12 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if not user_request.has_perm('machines.view_machine'): |
|
|
if not user_request.has_perm('machines.view_machine'): |
|
|
return False, _("You don't have the right to view all the" |
|
|
return ( |
|
|
" machines.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to view all the machines."), |
|
|
|
|
|
('machines.view_machine',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
@staticmethod |
|
|
@staticmethod |
|
|
def can_create(user_request, userid, *_args, **_kwargs): |
|
|
def can_create(user_request, userid, *_args, **_kwargs): |
|
|
@ -129,7 +135,7 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
try: |
|
|
try: |
|
|
user = users.models.User.objects.get(pk=userid) |
|
|
user = users.models.User.objects.get(pk=userid) |
|
|
except users.models.User.DoesNotExist: |
|
|
except users.models.User.DoesNotExist: |
|
|
return False, _("Nonexistent user.") |
|
|
return False, _("Nonexistent user."), None |
|
|
max_lambdauser_interfaces = (preferences.models.OptionalMachine |
|
|
max_lambdauser_interfaces = (preferences.models.OptionalMachine |
|
|
.get_cached_value( |
|
|
.get_cached_value( |
|
|
'max_lambdauser_interfaces' |
|
|
'max_lambdauser_interfaces' |
|
|
@ -137,15 +143,23 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
if not user_request.has_perm('machines.add_machine'): |
|
|
if not user_request.has_perm('machines.add_machine'): |
|
|
if not (preferences.models.OptionalMachine |
|
|
if not (preferences.models.OptionalMachine |
|
|
.get_cached_value('create_machine')): |
|
|
.get_cached_value('create_machine')): |
|
|
return False, (_("You don't have the right to add a machine.")) |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to add a machine."), |
|
|
|
|
|
('machines.add_machine',) |
|
|
|
|
|
) |
|
|
if user != user_request: |
|
|
if user != user_request: |
|
|
return False, (_("You don't have the right to add a machine" |
|
|
return ( |
|
|
" to another user.")) |
|
|
False, |
|
|
|
|
|
_("You don't have the right to add a machine" |
|
|
|
|
|
" to another user."), |
|
|
|
|
|
('machines.add_machine',) |
|
|
|
|
|
) |
|
|
if user.user_interfaces().count() >= max_lambdauser_interfaces: |
|
|
if user.user_interfaces().count() >= max_lambdauser_interfaces: |
|
|
return False, (_("You reached the maximum number of interfaces" |
|
|
return False, _("You reached the maximum number of interfaces" |
|
|
" that you are allowed to create yourself" |
|
|
" that you are allowed to create yourself" |
|
|
" (%s)." % max_lambdauser_interfaces)) |
|
|
" (%s)." % max_lambdauser_interfaces), None |
|
|
return True, None |
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
"""Vérifie qu'on peut bien éditer cette instance particulière (soit |
|
|
"""Vérifie qu'on peut bien éditer cette instance particulière (soit |
|
|
@ -154,16 +168,22 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:return: True ou False avec la raison le cas échéant""" |
|
|
:return: True ou False avec la raison le cas échéant""" |
|
|
if self.user != user_request: |
|
|
if self.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_interface') or |
|
|
can_user, _, permissions = self.user.can_edit( |
|
|
not self.user.can_edit( |
|
|
self.user, |
|
|
self.user, |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not ( |
|
|
return False, (_("You don't have the right to edit a machine" |
|
|
user_request.has_perm('machines.change_interface') and |
|
|
" of another user.")) |
|
|
can_user): |
|
|
return True, None |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to edit a machine" |
|
|
|
|
|
" of another user."), |
|
|
|
|
|
('machines.change_interface',) + permissions |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
"""Vérifie qu'on peut bien supprimer cette instance particulière (soit |
|
|
"""Vérifie qu'on peut bien supprimer cette instance particulière (soit |
|
|
@ -172,16 +192,22 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if self.user != user_request: |
|
|
if self.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_interface') or |
|
|
can_user, _, permissions = self.user.can_edit( |
|
|
not self.user.can_edit( |
|
|
self.user, |
|
|
self.user, |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not ( |
|
|
return False, _("You don't have the right to delete a machine" |
|
|
user_request.has_perm('machines.change_interface') and |
|
|
" of another user.") |
|
|
can_user): |
|
|
return True, None |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to delete a machine" |
|
|
|
|
|
" of another user."), |
|
|
|
|
|
('machines.change_interface',) + permissions |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière (soit |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière (soit |
|
|
@ -191,9 +217,13 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if (not user_request.has_perm('machines.view_machine') and |
|
|
if (not user_request.has_perm('machines.view_machine') and |
|
|
self.user != user_request): |
|
|
self.user != user_request): |
|
|
return False, _("You don't have the right to view other machines" |
|
|
return ( |
|
|
" than yours.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to view other machines" |
|
|
|
|
|
" than yours."), |
|
|
|
|
|
('machines.view_machine',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
@cached_property |
|
|
@cached_property |
|
|
def short_name(self): |
|
|
def short_name(self): |
|
|
@ -285,9 +315,12 @@ class MachineType(RevMixin, AclMixin, models.Model): |
|
|
message is acces is not allowed. |
|
|
message is acces is not allowed. |
|
|
""" |
|
|
""" |
|
|
if not user_request.has_perm('machines.use_all_machinetype'): |
|
|
if not user_request.has_perm('machines.use_all_machinetype'): |
|
|
return False, (_("You don't have the right to use all machine" |
|
|
return ( |
|
|
" types.")) |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to use all machine types."), |
|
|
|
|
|
('machines.use_all_machinetype',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def __str__(self): |
|
|
def __str__(self): |
|
|
return self.name |
|
|
return self.name |
|
|
@ -528,7 +561,11 @@ class IpType(RevMixin, AclMixin, models.Model): |
|
|
restrictions |
|
|
restrictions |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
return user_request.has_perm('machines.use_all_iptype'), None |
|
|
return ( |
|
|
|
|
|
user_request.has_perm('machines.use_all_iptype'), |
|
|
|
|
|
None, |
|
|
|
|
|
('machines.use_all_iptype',) |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
def __str__(self): |
|
|
def __str__(self): |
|
|
return self.name |
|
|
return self.name |
|
|
@ -766,7 +803,11 @@ class Extension(RevMixin, AclMixin, models.Model): |
|
|
restrictions |
|
|
restrictions |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:param user_request: instance user qui fait l'edition |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
return user_request.has_perm('machines.use_all_extension'), None |
|
|
return ( |
|
|
|
|
|
user_request.has_perm('machines.use_all_extension'), |
|
|
|
|
|
_("You cannot use all extensions."), |
|
|
|
|
|
('machines.use_all_extension',) |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
def __str__(self): |
|
|
def __str__(self): |
|
|
return self.name |
|
|
return self.name |
|
|
@ -1222,31 +1263,42 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
try: |
|
|
try: |
|
|
machine = Machine.objects.get(pk=machineid) |
|
|
machine = Machine.objects.get(pk=machineid) |
|
|
except Machine.DoesNotExist: |
|
|
except Machine.DoesNotExist: |
|
|
return False, _("Nonexistent machine.") |
|
|
return False, _("Nonexistent machine."), None |
|
|
if not user_request.has_perm('machines.add_interface'): |
|
|
if not user_request.has_perm('machines.add_interface'): |
|
|
if not (preferences.models.OptionalMachine |
|
|
if not (preferences.models.OptionalMachine |
|
|
.get_cached_value('create_machine')): |
|
|
.get_cached_value('create_machine')): |
|
|
return False, _("You can't add a machine.") |
|
|
return False, _("You can't add a machine."), ('machines.add_interface',) |
|
|
max_lambdauser_interfaces = (preferences.models.OptionalMachine |
|
|
max_lambdauser_interfaces = (preferences.models.OptionalMachine |
|
|
.get_cached_value( |
|
|
.get_cached_value( |
|
|
'max_lambdauser_interfaces' |
|
|
'max_lambdauser_interfaces' |
|
|
)) |
|
|
)) |
|
|
if machine.user != user_request: |
|
|
if machine.user != user_request: |
|
|
return False, _("You don't have the right to add an interface" |
|
|
return ( |
|
|
" to a machine of another user.") |
|
|
False, |
|
|
|
|
|
_("You don't have the right to add an interface" |
|
|
|
|
|
" to a machine of another user."), |
|
|
|
|
|
('machines.add_interface',) |
|
|
|
|
|
) |
|
|
if (machine.user.user_interfaces().count() >= |
|
|
if (machine.user.user_interfaces().count() >= |
|
|
max_lambdauser_interfaces): |
|
|
max_lambdauser_interfaces): |
|
|
return False, (_("You reached the maximum number of interfaces" |
|
|
return ( |
|
|
" that you are allowed to create yourself" |
|
|
False, |
|
|
" (%s)." % max_lambdauser_interfaces)) |
|
|
_("You reached the maximum number of interfaces" |
|
|
return True, None |
|
|
" that you are allowed to create yourself" |
|
|
|
|
|
" (%s)." % max_lambdauser_interfaces), |
|
|
|
|
|
('machines.add_interface',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
@staticmethod |
|
|
@staticmethod |
|
|
def can_change_machine(user_request, *_args, **_kwargs): |
|
|
def can_change_machine(user_request, *_args, **_kwargs): |
|
|
"""Check if a user can change the machine associated with an |
|
|
"""Check if a user can change the machine associated with an |
|
|
Interface object """ |
|
|
Interface object """ |
|
|
return (user_request.has_perm('machines.change_interface_machine'), |
|
|
return ( |
|
|
_("Permission required to edit the machine.")) |
|
|
user_request.has_perm('machines.change_interface_machine'), |
|
|
|
|
|
_("Permission required to edit the machine."), |
|
|
|
|
|
('machines.change_interface_machine',) |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
"""Verifie que l'user a les bons droits infra pour editer |
|
|
"""Verifie que l'user a les bons droits infra pour editer |
|
|
@ -1255,15 +1307,21 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if self.machine.user != user_request: |
|
|
if self.machine.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_interface') or |
|
|
can_user, _, permissions = self.machine.user.can_edit( |
|
|
not self.machine.user.can_edit( |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not ( |
|
|
return False, _("You don't have the right to edit a machine of" |
|
|
user_request.has_perm('machines.change_interface') and |
|
|
" another user.") |
|
|
can_user ): |
|
|
return True, None |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to edit a machine of" |
|
|
|
|
|
" another user."), |
|
|
|
|
|
('machines.change_interface',) + permissions |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
@ -1272,15 +1330,21 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if self.machine.user != user_request: |
|
|
if self.machine.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_interface') or |
|
|
can_user, _, permissions = self.machine.user.can_edit( |
|
|
not self.machine.user.can_edit( |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not ( |
|
|
return False, _("You don't have the right to edit a machine of" |
|
|
user_request.has_perm('machines.change_interface') and |
|
|
" another user.") |
|
|
can_user): |
|
|
return True, None |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to edit a machine of" |
|
|
|
|
|
" another user."), |
|
|
|
|
|
('machines.change_interface',) + permissions |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
@ -1290,9 +1354,12 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if (not user_request.has_perm('machines.view_interface') and |
|
|
if (not user_request.has_perm('machines.view_interface') and |
|
|
self.machine.user != user_request): |
|
|
self.machine.user != user_request): |
|
|
return False, _("You don't have the right to view machines other" |
|
|
return ( |
|
|
" than yours.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to view machines other than yours."), |
|
|
|
|
|
('machines.view_interface',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def __init__(self, *args, **kwargs): |
|
|
def __init__(self, *args, **kwargs): |
|
|
super(Interface, self).__init__(*args, **kwargs) |
|
|
super(Interface, self).__init__(*args, **kwargs) |
|
|
@ -1340,19 +1407,26 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
try: |
|
|
try: |
|
|
interface = Interface.objects.get(pk=interfaceid) |
|
|
interface = Interface.objects.get(pk=interfaceid) |
|
|
except Interface.DoesNotExist: |
|
|
except Interface.DoesNotExist: |
|
|
return False, _("Nonexistent interface.") |
|
|
return False, _("Nonexistent interface."), None |
|
|
if not user_request.has_perm('machines.add_ipv6list'): |
|
|
if not user_request.has_perm('machines.add_ipv6list'): |
|
|
if interface.machine.user != user_request: |
|
|
if interface.machine.user != user_request: |
|
|
return False, _("You don't have the right to add an alias to a" |
|
|
return ( |
|
|
" machine of another user.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to add an alias to a" |
|
|
|
|
|
" machine of another user."), |
|
|
|
|
|
('machines.add_ipv6list',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
@staticmethod |
|
|
@staticmethod |
|
|
def can_change_slaac_ip(user_request, *_args, **_kwargs): |
|
|
def can_change_slaac_ip(user_request, *_args, **_kwargs): |
|
|
""" Check if a user can change the slaac value """ |
|
|
""" Check if a user can change the slaac value """ |
|
|
return (user_request.has_perm('machines.change_ipv6list_slaac_ip'), |
|
|
return ( |
|
|
_("Permission required to change the SLAAC value of an IPv6" |
|
|
user_request.has_perm('machines.change_ipv6list_slaac_ip'), |
|
|
" address")) |
|
|
_("Permission required to change the SLAAC value of an IPv6" |
|
|
|
|
|
" address"), |
|
|
|
|
|
('machines.change_ipv6list_slaac_ip',) |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
def can_edit(self, user_request, *args, **kwargs): |
|
|
"""Verifie que l'user a les bons droits infra pour editer |
|
|
"""Verifie que l'user a les bons droits infra pour editer |
|
|
@ -1361,15 +1435,21 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if self.interface.machine.user != user_request: |
|
|
if self.interface.machine.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_ipv6list') or |
|
|
can_user, _, permissions = self.interface.machine.user.can_edit( |
|
|
not self.interface.machine.user.can_edit( |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not ( |
|
|
return False, _("You don't have the right to edit a machine of" |
|
|
user_request.has_perm('machines.change_ipv6list') and |
|
|
" another user.") |
|
|
can_user): |
|
|
return True, None |
|
|
return ( |
|
|
|
|
|
False, |
|
|
|
|
|
_("You don't have the right to edit a machine of" |
|
|
|
|
|
" another user."), |
|
|
|
|
|
('machines.change_ipv6list',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
def can_delete(self, user_request, *args, **kwargs): |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
@ -1378,15 +1458,20 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if self.interface.machine.user != user_request: |
|
|
if self.interface.machine.user != user_request: |
|
|
if (not user_request.has_perm('machines.change_ipv6list') or |
|
|
can_user, _, permissions = self.interface.machine.user.can_edit( |
|
|
not self.interface.machine.user.can_edit( |
|
|
user_request, |
|
|
user_request, |
|
|
*args, |
|
|
*args, |
|
|
**kwargs |
|
|
**kwargs |
|
|
) |
|
|
)[0]): |
|
|
if not (user_request.has_perm('machines.change_ipv6list') and |
|
|
return False, _("You don't have the right to edit a machine of" |
|
|
can_user): |
|
|
" another user.") |
|
|
return ( |
|
|
return True, None |
|
|
False, |
|
|
|
|
|
_("You don't have the right to edit a machine of" |
|
|
|
|
|
" another user."), |
|
|
|
|
|
('machines.change_ipv6list',) + permissions |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
@ -1396,9 +1481,12 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if (not user_request.has_perm('machines.view_ipv6list') and |
|
|
if (not user_request.has_perm('machines.view_ipv6list') and |
|
|
self.interface.machine.user != user_request): |
|
|
self.interface.machine.user != user_request): |
|
|
return False, _("You don't have the right to view machines other" |
|
|
return ( |
|
|
" than yours.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to view machines other than yours."), |
|
|
|
|
|
('machines.view_ipv6list',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def __init__(self, *args, **kwargs): |
|
|
def __init__(self, *args, **kwargs): |
|
|
super(Ipv6List, self).__init__(*args, **kwargs) |
|
|
super(Ipv6List, self).__init__(*args, **kwargs) |
|
|
@ -1554,25 +1642,33 @@ class Domain(RevMixin, AclMixin, models.Model): |
|
|
try: |
|
|
try: |
|
|
interface = Interface.objects.get(pk=interfaceid) |
|
|
interface = Interface.objects.get(pk=interfaceid) |
|
|
except Interface.DoesNotExist: |
|
|
except Interface.DoesNotExist: |
|
|
return False, _("Nonexistent interface.") |
|
|
return False, _("Nonexistent interface."), None |
|
|
if not user_request.has_perm('machines.add_domain'): |
|
|
if not user_request.has_perm('machines.add_domain'): |
|
|
max_lambdauser_aliases = (preferences.models.OptionalMachine |
|
|
max_lambdauser_aliases = (preferences.models.OptionalMachine |
|
|
.get_cached_value( |
|
|
.get_cached_value( |
|
|
'max_lambdauser_aliases' |
|
|
'max_lambdauser_aliases' |
|
|
)) |
|
|
)) |
|
|
if interface.machine.user != user_request: |
|
|
if interface.machine.user != user_request: |
|
|
return False, _("You don't have the right to add an alias to a" |
|
|
return ( |
|
|
" machine of another user.") |
|
|
False, |
|
|
|
|
|
_("You don't have the right to add an alias to a" |
|
|
|
|
|
" machine of another user."), |
|
|
|
|
|
('machines.add_domain',) |
|
|
|
|
|
) |
|
|
if Domain.objects.filter( |
|
|
if Domain.objects.filter( |
|
|
cname__in=Domain.objects.filter( |
|
|
cname__in=Domain.objects.filter( |
|
|
interface_parent__in=(interface.machine.user |
|
|
interface_parent__in=(interface.machine.user |
|
|
.user_interfaces()) |
|
|
.user_interfaces()) |
|
|
) |
|
|
) |
|
|
).count() >= max_lambdauser_aliases: |
|
|
).count() >= max_lambdauser_aliases: |
|
|
return False, _("You reached the maximum number of alias that" |
|
|
return ( |
|
|
" you are allowed to create yourself (%s). " |
|
|
False, |
|
|
% max_lambdauser_aliases) |
|
|
_("You reached the maximum number of alias that" |
|
|
return True, None |
|
|
" you are allowed to create yourself (%s). " |
|
|
|
|
|
% max_lambdauser_aliases), |
|
|
|
|
|
('machines.add_domain',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_edit(self, user_request, *_args, **_kwargs): |
|
|
def can_edit(self, user_request, *_args, **_kwargs): |
|
|
"""Verifie que l'user a les bons droits pour editer |
|
|
"""Verifie que l'user a les bons droits pour editer |
|
|
@ -1582,9 +1678,13 @@ class Domain(RevMixin, AclMixin, models.Model): |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if (not user_request.has_perm('machines.change_domain') and |
|
|
if (not user_request.has_perm('machines.change_domain') and |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
return False, _("You don't have the right to edit an alias of a" |
|
|
return ( |
|
|
" machine of another user.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to edit an alias of a" |
|
|
|
|
|
" machine of another user."), |
|
|
|
|
|
('machines.change_domain',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_delete(self, user_request, *_args, **_kwargs): |
|
|
def can_delete(self, user_request, *_args, **_kwargs): |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
"""Verifie que l'user a les bons droits delete object pour del |
|
|
@ -1594,9 +1694,13 @@ class Domain(RevMixin, AclMixin, models.Model): |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if (not user_request.has_perm('machines.delete_domain') and |
|
|
if (not user_request.has_perm('machines.delete_domain') and |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
return False, _("You don't have the right to delete an alias of a" |
|
|
return ( |
|
|
" machine of another user.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to delete an alias of a" |
|
|
|
|
|
" machine of another user."), |
|
|
|
|
|
('machines.delete_domain',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
def can_view(self, user_request, *_args, **_kwargs): |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
"""Vérifie qu'on peut bien voir cette instance particulière avec |
|
|
@ -1606,9 +1710,12 @@ class Domain(RevMixin, AclMixin, models.Model): |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
:return: True ou False avec la raison de l'échec le cas échéant""" |
|
|
if (not user_request.has_perm('machines.view_domain') and |
|
|
if (not user_request.has_perm('machines.view_domain') and |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
self.get_source_interface.machine.user != user_request): |
|
|
return False, _("You don't have the right to view machines other" |
|
|
return ( |
|
|
" than yours.") |
|
|
False, |
|
|
return True, None |
|
|
_("You don't have the right to view machines other than yours."), |
|
|
|
|
|
('machines.view_domain',) |
|
|
|
|
|
) |
|
|
|
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def __str__(self): |
|
|
def __str__(self): |
|
|
return str(self.name) + str(self.extension) |
|
|
return str(self.name) + str(self.extension) |
|
|
@ -1840,11 +1947,14 @@ class OuverturePortList(RevMixin, AclMixin, models.Model): |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:param user_request: Utilisateur qui fait la requête |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
:return: soit True, soit False avec la raison de l'échec""" |
|
|
if not user_request.has_perm('machines.delete_ouvertureportlist'): |
|
|
if not user_request.has_perm('machines.delete_ouvertureportlist'): |
|
|
return False, _("You don't have the right to delete a ports" |
|
|
return ( |
|
|
" opening list.") |
|
|
False, |
|
|
|
|
|
_("You don't have the right to delete a ports opening list."), |
|
|
|
|
|
('machines.delete_ouvertureportlist',) |
|
|
|
|
|
) |
|
|
if self.interface_set.all(): |
|
|
if self.interface_set.all(): |
|
|
return False, _("This ports opening list is used.") |
|
|
return False, _("This ports opening list is used."), None |
|
|
return True, None |
|
|
return True, None, None |
|
|
|
|
|
|
|
|
def __str__(self): |
|
|
def __str__(self): |
|
|
return self.name |
|
|
return self.name |
|
|
|
Hugo Levy-Falk
6 years ago