rezometz
/
re2o
mirror of https://gitlab.federez.net/re2o/re2o
8
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

can_edit pour machines.models

test-front-curly
Maël Kervella 8 years ago
committed by root
parent
50ea71d8e9
commit
f37958fdd0
2 changed files with 282 additions and 95 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 145
      machines/models.py
  2. 232
      machines/views.py

145
machines/models.py
View File

@ -72,6 +72,9 @@ class Machine(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, machineid):
return True, None
def __str__(self):
return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name)
@ -97,6 +100,15 @@ class MachineType(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type de machine"
def can_edit(user_request, machinetypeid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types de machine"
try:
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
except MachineType.DoesNotExist:
return False, u"Type de machine inexistant"
return True, None
def __str__(self):
return self.type
@ -211,6 +223,15 @@ class IpType(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un type d'ip"
def can_edit(user_request, iptypeid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des types d'ip"
try:
iptype_instance = IpType.objects.get(pk=iptypeid)
except IpType.DoesNotExist:
return False, u"Type d'ip inexistant"
return True, None
def __str__(self):
return self.type
@ -228,6 +249,15 @@ class Vlan(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un vlan"
def can_edit(user_request, vlanid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des vlans"
try:
vlan_instance = Vlan.objects.get(pk=vlanid)
except Vlan.DoesNotExist:
return False, u"Vlan inexistant"
return True, None
def __str__(self):
return self.name
@ -266,6 +296,15 @@ class Nas(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un nas"
def can_edit(user_request, nasid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des nas"
try:
nas_instance = Nas.objects.get(pk=nasid)
except Nas.DoesNotExist:
return False, u"Nas inexistant"
return True, None
def __str__(self):
return self.name
@ -306,6 +345,15 @@ class SOA(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SOA"
def can_edit(user_request, soaid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SOA"
try:
soa_instance = SOA.objects.get(pk=soaid)
except SOA.DoesNotExist:
return False, u"Enregistrement SOA inexistant"
return True, None
def __str__(self):
return str(self.name)
@ -392,6 +440,15 @@ class Extension(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer une extension"
def can_edit(user_request, extensionid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des extensions"
try:
extension_instance = Extension.objects.get(pk=extensionid)
except Extension.DoesNotExist:
return False, u"Extension inexistante"
return True, None
def __str__(self):
return self.name
@ -421,6 +478,15 @@ class Mx(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement MX"
def can_edit(user_request, mxid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregstrements MX"
try:
mx_instance = Mx.objects.get(pk=mxid)
except Mx.DoesNotExist:
return False, u"Enregistremet MX inexistant"
return True, None
def __str__(self):
return str(self.zone) + ' ' + str(self.priority) + ' ' + str(self.name)
@ -441,6 +507,15 @@ class Ns(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement NS"
def can_edit(user_request, nsid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements NS"
try:
ns_instance = Ns.objects.get(pk=nsid)
except Ns.DoesNotExist:
return False, u"Enregistrement NS inexistant"
return True, None
def __str__(self):
return str(self.zone) + ' ' + str(self.ns)
@ -457,6 +532,15 @@ class Txt(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement TXT"
def can_edit(user_request, txtid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrement TXT"
try:
txt_instance = Txt.objects.get(pk=txtid)
except Txt.DoesNotExist:
return False, u"Enregistrement TXT inexistant"
return True, None
def __str__(self):
return str(self.zone) + " : " + str(self.field1) + " " +\
str(self.field2)
@ -514,6 +598,15 @@ class Srv(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un enregistrement SRV"
def can_edit(user_request, srvid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des enregistrements SRV"
try:
srv_instance = Srv.objects.get(pk=srvid)
except Srv.DoesNotExist:
return False, u"Enregistrement SRV inexistant"
return True, None
def __str__(self):
return str(self.service) + ' ' + str(self.protocole) + ' ' +\
str(self.extension) + ' ' + str(self.priority) +\
@ -648,6 +741,17 @@ class Interface(models.Model):
% max_lambdauser_interfaces
return True, None
def can_edit(user_request, interfaceid):
try:
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
return False, u"Interface inexistante"
if not user_request.has_perms(('infra',)):
if not user_request.has_perms(('cableur',)) and interface.machine.user != user_request:
return False, u"Vous ne pouvez pas éditer une machine\
d'un autre user que vous sans droit"
return True, None
def __str__(self):
try:
domain = self.domain
@ -768,6 +872,16 @@ class Domain(models.Model):
% max_lambdauser_aliases
return True, None
def can_edit(user_request, domainid):
try:
alias_instance = Domain.objects.get(pk=domainid)
except Domain.DoesNotExist:
return False, u"Alias inexistant"
if not user_request.has_perms(('cableur',)) and (alias_instance.cname is None or alias_instance.cname.interface_parent.machine.user != user_request):
return False, u"Vous ne pouvez pas ajouter un alias à une machine\
d'un autre user que vous sans droit"
return True, None
def __str__(self):
return str(self.name) + str(self.extension)
@ -798,6 +912,9 @@ class IpList(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, iplistid):
return True, None
def __str__(self):
return self.ipv4
@ -842,6 +959,15 @@ class Service(models.Model):
return user_request.has_perms(('infra',)) , u"Vous n'avez pas le droit\
de créer un service"
def can_edit(user_request, serviceid):
if not user_request.has_perms(('infra',)):
return False, u"Vous n'avez pas le droit d'éditer des services"
try:
service_instance = Service.objects.get(pk=serviceid)
except Service.DoesNotExist:
return False, u"Service inexistant"
return True, None
def __str__(self):
return str(self.service_type)
@ -885,6 +1011,9 @@ class Service_link(models.Model):
def can_create(user_request):
return True, None
def can_edit(user_request, service_linkid):
return True, None
def __str__(self):
return str(self.server) + " " + str(self.service)
@ -899,6 +1028,16 @@ class OuverturePortList(models.Model):
)
def can_create(user_request):
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
d'ouvrir un port"
def can_edit(user_request, ouvertureportlistpk):
if not user_request.has_perms(('bureau',)):
return False, u"Vous n'avez pas le droit d'éditer des ouvertures de port"
try:
port_list_instance = OuverturePortList.objects.get(pk=ouvertureportlistpk)
except OuverturePortList.DoesNotExist:
return False, u"Ouverture de port inexistante"
return True, None
def __str__(self):
@ -972,8 +1111,10 @@ class OuverturePort(models.Model):
)
def can_create(user_request):
return user_request.has_perms(('bureau',)) , u"Vous n'avez pas le droit\
d'ouvrir un port"
return True, None
def can_edit(user_request, ouvertureportid):
return True, None
def __str__(self):
if self.begin == self.end:

232
machines/views.py
View File

@ -273,18 +273,17 @@ def new_machine(request, userid):
def edit_interface(request, interfaceid):
""" Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier
infra permet de modifier le propriétaire"""
try:
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
messages.error(request, u"Interface inexistante" )
return redirect(reverse('machines:index'))
can, reason = Interface.can_edit(request.user, interfaceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
interface = Interface.objects.get(pk=interfaceid)
if not request.user.has_perms(('infra',)):
if not request.user.has_perms(('cableur',)) and interface.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas éditer une machine d'un autre user que vous sans droit")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machine_form = BaseEditMachineForm(request.POST or None, instance=interface.machine)
interface_form = BaseEditInterfaceForm(request.POST or None, instance=interface, infra=False)
else:
@ -432,14 +431,18 @@ def add_iptype(request):
return form({'iptypeform': iptype}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_iptype(request, iptypeid):
""" Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence"""
try:
iptype_instance = IpType.objects.get(pk=iptypeid)
except IpType.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-iptype'))
can, reason = IpType.can_edit(request.user, iptypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
iptype_instance = IpType.objects.get(pk=iptypeid)
iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance)
if iptype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -490,13 +493,17 @@ def add_machinetype(request):
return form({'machinetypeform': machinetype}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_machinetype(request, machinetypeid):
try:
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
except MachineType.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-machinetype'))
can, reason = MachineType.can_edit(request.user, machinetypeid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
machinetype_instance = MachineType.objects.get(pk=machinetypeid)
machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance)
if machinetype.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -546,20 +553,24 @@ def add_extension(request):
return form({'extensionform': extension}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_extension(request, extensionid):
try:
extension_instance = Extension.objects.get(pk=extensionid)
except Extension.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Extension.can_edit(request.user, extensionid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
extension_instance = Extension.objects.get(pk=extensionid)
extension = ExtensionForm(request.POST or None, instance=extension_instance)
if extension.is_valid():
with transaction.atomic(), reversion.create_revision():
extension.save()
reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in extension.changed_data))
messages.success(request, "Extension modifiée")
mssages.success(request, "Extension modifiée")
return redirect(reverse('machines:index-extension'))
return form({'extensionform': extension}, 'machines/machine.html', request)
@ -602,13 +613,17 @@ def add_soa(request):
return form({'soaform': soa}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_soa(request, soaid):
try:
soa_instance = SOA.objects.get(pk=soaid)
except SOA.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = SOA.can_edit(request.user, soaid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
soa_instance = SOA.objects.get(pk=soaid)
soa = SOAForm(request.POST or None, instance=soa_instance)
if soa.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -658,13 +673,17 @@ def add_mx(request):
return form({'mxform': mx}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_mx(request, mxid):
try:
mx_instance = Mx.objects.get(pk=mxid)
except Mx.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Mx.can_edit(request.user, mxid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
mx_instance = Mx.objects.get(pk=mxid)
mx = MxForm(request.POST or None, instance=mx_instance)
if mx.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -714,13 +733,17 @@ def add_ns(request):
return form({'nsform': ns}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_ns(request, nsid):
try:
ns_instance = Ns.objects.get(pk=nsid)
except Ns.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Ns.can_edit(request.user, nsid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
ns_instance = Ns.objects.get(pk=nsid)
ns = NsForm(request.POST or None, instance=ns_instance)
if ns.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -770,13 +793,17 @@ def add_txt(request):
return form({'txtform': txt}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_txt(request, txtid):
try:
txt_instance = Txt.objects.get(pk=txtid)
except Txt.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Txt.can_edit(request.user, txtid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
txt_instance = Txt.objects.get(pk=txtid)
txt = TxtForm(request.POST or None, instance=txt_instance)
if txt.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -826,13 +853,17 @@ def add_srv(request):
return form({'srvform': srv}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_srv(request, srvid):
try:
srv_instance = Srv.objects.get(pk=srvid)
except Srv.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Srv.can_edit(request.user, srvid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
srv_instance = Srv.objects.get(pk=srvid)
srv = SrvForm(request.POST or None, instance=srv_instance)
if srv.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -890,17 +921,16 @@ def add_alias(request, interfaceid):
@login_required
def edit_alias(request, aliasid):
try:
alias_instance = Domain.objects.get(pk=aliasid)
except Domain.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
if not request.user.has_perms(('cableur',)) and alias_instance.cname.interface_parent.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas ajouter un alias à une machine d'un autre user que vous sans droit")
can, reason = Domain.can_edit(request.user, aliasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
))
alias_instance = Domain.objects.get(pk=aliasid)
alias = AliasForm(request.POST or None, instance=alias_instance, infra=request.user.has_perms(('infra',)))
if alias.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -967,13 +997,17 @@ def add_service(request):
return form({'serviceform': service}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_service(request, serviceid):
try:
service_instance = Service.objects.get(pk=serviceid)
except Ns.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-extension'))
can, reason = Service.can_edit(request.user, serviceid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
service_instance = Service.objects.get(pk=serviceid)
service = ServiceForm(request.POST or None, instance=service_instance)
if service.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1023,13 +1057,17 @@ def add_vlan(request):
return form({'vlanform': vlan}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_vlan(request, vlanid):
try:
vlan_instance = Vlan.objects.get(pk=vlanid)
except Vlan.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-vlan'))
can, reason = Vlan.can_edit(request.user, vlanid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
vlan_instance = Vlan.objects.get(pk=vlanid)
vlan = VlanForm(request.POST or None, instance=vlan_instance)
if vlan.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1079,13 +1117,17 @@ def add_nas(request):
return form({'nasform': nas}, 'machines/machine.html', request)
@login_required
@permission_required('infra')
def edit_nas(request, nasid):
try:
nas_instance = Nas.objects.get(pk=nasid)
except Nas.DoesNotExist:
messages.error(request, u"Entrée inexistante" )
return redirect(reverse('machines:index-nas'))
can, reason = Nas.can_edit(request.user, nasid)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
nas_instance = Nas.objects.get(pk=nasid)
nas = NasForm(request.POST or None, instance=nas_instance)
if nas.is_valid():
with transaction.atomic(), reversion.create_revision():
@ -1327,13 +1369,17 @@ def index_portlist(request):
return render(request, "machines/index_portlist.html", {'port_list':port_list})
@login_required
@permission_required('bureau')
def edit_portlist(request, pk):
try:
port_list_instance = OuverturePortList.objects.get(pk=pk)
except OuverturePortList.DoesNotExist:
messages.error(request, "Liste de ports inexistante")
return redirect(reverse('machines:index-portlist'))
can, reason = OuverturePortList.can_edit(request.user, pk)
if not can:
messages.error(request, reason)
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
port_list_instance = OuverturePortList.objects.get(pk=pk)
port_list = EditOuverturePortListForm(request.POST or None, instance=port_list_instance)
port_formset = modelformset_factory(
OuverturePort,
@ -1373,7 +1419,7 @@ def del_portlist(request, pk):
@login_required
def add_portlist(request):
can, reason = OuverturePort.can_create(request.user)
can, reason = OuverturePortList.can_create(request.user)
if not can:
messages.error(request, reason)
return redirect(reverse(

Write Preview
Loading…
Cancel
Save