from django import forms
from django.utils.safestring import mark_safe
from django.contrib.auth.admin import UserAdmin
-from django.contrib.admin.widgets import FilteredSelectMultiple
-from django.contrib.auth.forms import ReadOnlyPasswordHashField
+from django.contrib.admin.widgets import FilteredSelectMultiple, AdminTextareaWidget
+from django.contrib.auth.forms import ReadOnlyPasswordHashField, AdminPasswordChangeForm
from django.contrib.auth.signals import user_logged_in
from django.utils import timezone
from django.contrib.contenttypes import generic
from suit.widgets import LinkedSelect
from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse, NoReverseMatch
+from django.utils.encoding import force_text, python_2_unicode_compatible
+from django.utils.html import conditional_escape, format_html
+from django.forms.utils import flatatt, to_current_timezone
+from cgi import escape as html_escape
import django_evolution
+import threading
+
+# thread locals necessary to work around a django-suit issue
+_thread_locals = threading.local()
def backend_icon(obj): # backend_status, enacted, updated):
#return "%s %s %s" % (str(obj.updated), str(obj.enacted), str(obj.backend_status))
if obj.backend_status == "Provisioning in progress" or obj.backend_status=="":
return '<span style="min-width:16px;" title="%s"><img src="/static/admin/img/icon_clock.gif"></span>' % obj.backend_status
else:
- return '<span style="min-width:16px;" title="%s"><img src="/static/admin/img/icon_error.gif"></span>' % obj.backend_status
+ return '<span style="min-width:16px;" title="%s"><img src="/static/admin/img/icon_error.gif"></span>' % html_escape(obj.backend_status, quote=True)
def backend_text(obj):
icon = backend_icon(obj)
if (obj.enacted is not None) and obj.enacted >= obj.updated:
- return "%s %s" % (icon, "successfully enacted") # enacted on %s" % str(obj.enacted))
+ return "%s %s" % (icon, "successfully enacted")
else:
- return "%s %s" % (icon, obj.backend_status)
+ return "%s %s" % (icon, html_escape(obj.backend_status, quote=True))
+
+class UploadTextareaWidget(AdminTextareaWidget):
+ def render(self, name, value, attrs=None):
+ if value is None:
+ value = ''\r
+ final_attrs = self.build_attrs(attrs, name=name)\r
+ return format_html('<input type="file" style="width: 0; height: 0" id="btn_upload_%s" onChange="uploadTextarea(event,\'%s\');">' \\r
+ '<button onClick="$(\'#btn_upload_%s\').click(); return false;">Upload</button>' \\r
+ '<br><textarea{0}>\r\n{1}</textarea>' % (attrs["id"], attrs["id"], attrs["id"]),\r
+ flatatt(final_attrs),\r
+ force_text(value))
class PlainTextWidget(forms.HiddenInput):
input_type = 'hidden'
value = ''
return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
-class ReadOnlyAwareAdmin(admin.ModelAdmin):
+class PermissionCheckingAdminMixin(object):
+ # call save_by_user and delete_by_user instead of save and delete
def has_add_permission(self, request, obj=None):
return (not self.__user_is_readonly(request))
def save_model(self, request, obj, form, change):
if self.__user_is_readonly(request):
+ # this 'if' might be redundant if save_by_user is implemented right
raise PermissionDenied
- #pass
- else:
- return super(ReadOnlyAwareAdmin, self).save_model(request, obj, form, change)
+
+ obj.caller = request.user
+ # update openstack connection to use this site/tenant
+ obj.save_by_user(request.user)
+
+ def delete_model(self, request, obj):
+ obj.delete_by_user(request.user)
+
+ def save_formset(self, request, form, formset, change):
+ instances = formset.save(commit=False)
+ for instance in instances:
+ instance.save_by_user(request.user)
+
+ # BUG in django 1.7? Objects are not deleted by formset.save if
+ # commit is False. So let's delete them ourselves.
+ #
+ # code from forms/models.py save_existing_objects()
+ try:
+ forms_to_delete = formset.deleted_forms\r
+ except AttributeError:\r
+ forms_to_delete = []
+ if formset.initial_forms:
+ for form in formset.initial_forms:
+ obj = form.instance
+ if form in forms_to_delete:
+ if obj.pk is None:
+ continue
+ formset.deleted_objects.append(obj)
+ obj.delete()
+
+ formset.save_m2m()
def get_actions(self,request):
- actions = super(ReadOnlyAwareAdmin,self).get_actions(request)
+ actions = super(PermissionCheckingAdminMixin,self).get_actions(request)
if self.__user_is_readonly(request):
if 'delete_selected' in actions:
self.inlines = self.inlines_save
try:
- return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context)
+ return super(PermissionCheckingAdminMixin, self).change_view(request, object_id, extra_context=extra_context)
except PermissionDenied:
pass
if request.method == 'POST':
raise PermissionDenied
request.readonly = True
- return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context)
+ return super(PermissionCheckingAdminMixin, self).change_view(request, object_id, extra_context=extra_context)
def __user_is_readonly(self, request):
return request.user.isReadOnlyUser()
return mark_safe(backend_icon(obj))
backend_status_icon.short_description = ""
+ def get_form(self, request, obj=None, **kwargs):
+ # Save obj and request in thread-local storage, so suit_form_tabs can
+ # use it to determine whether we're in edit or add mode, and can
+ # determine whether the user is an admin.
+ _thread_locals.request = request
+ _thread_locals.obj = obj
+ return super(PermissionCheckingAdminMixin, self).get_form(request, obj, **kwargs)
+
+ def get_inline_instances(self, request, obj=None):
+ inlines = super(PermissionCheckingAdminMixin, self).get_inline_instances(request, obj)
+
+ # inlines that should only be shown to an admin user
+ if request.user.is_admin:
+ for inline_class in getattr(self, "admin_inlines", []):
+ inlines.append(inline_class(self.model, self.admin_site))
+
+ return inlines
+
+class ReadOnlyAwareAdmin(PermissionCheckingAdminMixin, admin.ModelAdmin):
+ # Note: Make sure PermissionCheckingAdminMixin is listed before
+ # admin.ModelAdmin in the class declaration.
+
+ pass
+
+class PlanetStackBaseAdmin(ReadOnlyAwareAdmin):
+ save_on_top = False
class SingletonAdmin (ReadOnlyAwareAdmin):
def has_add_permission(self, request):
else:
return True
-
class PlStackTabularInline(admin.TabularInline):
def __init__(self, *args, **kwargs):
super(PlStackTabularInline, self).__init__(*args, **kwargs)
def queryset(self, request):
return SitePrivilege.select_by_user(request.user)
-class SiteDeploymentInline(PlStackTabularInline):
+class SiteDeploymentsInline(PlStackTabularInline):
model = SiteDeployments
extra = 0
suit_classes = 'suit-tab suit-tab-deployments'
if db_field.name == 'deployment':
kwargs['queryset'] = Deployment.select_by_user(request.user)
- return super(SiteDeploymentInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
+ return super(SiteDeploymentsInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
def queryset(self, request):
return SiteDeployments.select_by_user(request.user)
fields = ['backend_status_icon', 'network']
readonly_fields = ('backend_status_icon', )
-class ImageDeploymentsInline(PlStackTabularInline):
- model = ImageDeployments
+class ImageDeploymentInline(PlStackTabularInline):
+ model = ImageDeployment
extra = 0
verbose_name = "Image Deployments"
verbose_name_plural = "Image Deployments"
fields = ['backend_status_icon', 'image', 'deployment', 'glance_image_id']
readonly_fields = ['backend_status_icon', 'glance_image_id']
-class PlanetStackBaseAdmin(ReadOnlyAwareAdmin):
- save_on_top = False
-
- def save_model(self, request, obj, form, change):
- obj.caller = request.user
- # update openstack connection to use this site/tenant
- obj.save_by_user(request.user)
-
- def delete_model(self, request, obj):
- obj.delete_by_user(request.user)
-
- def save_formset(self, request, form, formset, change):
- instances = formset.save(commit=False)
- for instance in instances:
- instance.save_by_user(request.user)
- formset.save_m2m()
-
class SliceRoleAdmin(PlanetStackBaseAdmin):
model = SliceRole
pass
self.fields['accessControl'].initial = "allow site " + request.user.site.name
if self.instance and self.instance.pk:
- self.fields['sites'].initial = [x.site for x in self.instance.sitedeployments_set.all()]
- self.fields['images'].initial = [x.image for x in self.instance.imagedeployments_set.all()]
+ self.fields['sites'].initial = [x.site for x in self.instance.sitedeployments.all()]
+ self.fields['images'].initial = [x.image for x in self.instance.imagedeployments.all()]
self.fields['flavors'].initial = self.instance.flavors.all()
def manipulate_m2m_objs(self, this_obj, selected_objs, all_relations, relation_class, local_attrname, foreign_attrname):
def save(self, commit=True):
deployment = super(DeploymentAdminForm, self).save(commit=False)
- deployment.flavors = self.cleaned_data['flavors']
-
if commit:
deployment.save()
+ # this has to be done after save() if/when a deployment is first created
+ deployment.flavors = self.cleaned_data['flavors']
if deployment.pk:
# save_m2m() doesn't seem to work with 'through' relations. So we
# create/destroy the through models ourselves. There has to be
# a better way...
- self.manipulate_m2m_objs(deployment, self.cleaned_data['sites'], deployment.sitedeployments_set.all(), SiteDeployments, "deployment", "site")
- self.manipulate_m2m_objs(deployment, self.cleaned_data['images'], deployment.imagedeployments_set.all(), ImageDeployments, "deployment", "image")
+ self.manipulate_m2m_objs(deployment, self.cleaned_data['sites'], deployment.sitedeployments.all(), SiteDeployments, "deployment", "site")
+ self.manipulate_m2m_objs(deployment, self.cleaned_data['images'], deployment.imagedeployments.all(), ImageDeployment, "deployment", "image")
self.save_m2m()
class DeploymentAdmin(PlanetStackBaseAdmin):
model = Deployment
- fieldList = ['backend_status_text', 'name', 'sites', 'images', 'flavors', 'accessControl']
+ fieldList = ['backend_status_text', 'name', 'availability_zone', 'sites', 'images', 'flavors', 'accessControl']
fieldsets = [(None, {'fields': fieldList, 'classes':['suit-tab suit-tab-sites']})]
- inlines = [DeploymentPrivilegeInline,NodeInline,TagInline] # ,ImageDeploymentsInline]
+ inlines = [DeploymentPrivilegeInline,NodeInline,TagInline] # ,ImageDeploymentInline]
list_display = ['backend_status_icon', 'name']
list_display_links = ('backend_status_icon', 'name', )
readonly_fields = ('backend_status_text', )
list_display = ('backend_status_icon', 'name', 'login_base','site_url', 'enabled')
list_display_links = ('backend_status_icon', 'name', )
filter_horizontal = ('deployments',)
- inlines = [SliceInline,UserInline,TagInline, NodeInline, SitePrivilegeInline, SiteDeploymentInline]
+ inlines = [SliceInline,UserInline,TagInline, NodeInline, SitePrivilegeInline, SiteDeploymentsInline]
search_fields = ['name']
def queryset(self, request):
return Site.select_by_user(request.user)
- def get_formsets(self, request, obj=None):
- for inline in self.get_inline_instances(request, obj):
- # hide MyInline in the add view
- if obj is None:
- continue
- if isinstance(inline, SliceInline):
- inline.model.caller = request.user
- yield inline.get_formset(request, obj)
-
def get_formsets(self, request, obj=None):
for inline in self.get_inline_instances(request, obj):
# hide MyInline in the add view
'service': LinkedSelect
}
+ def clean(self):
+ cleaned_data = super(SliceForm, self).clean()
+ name = cleaned_data.get('name')
+ site = cleaned_data.get('site')
+ slice_id = self.instance.id
+ if not site and slice_id:
+ site = Slice.objects.get(id=slice_id).site
+ if (not isinstance(site,Site)):
+ # previous code indicates 'site' could be a site_id and not a site?
+ site = Slice.objects.get(id=site.id)
+ if not name.startswith(site.login_base):
+ raise forms.ValidationError('slice name must begin with %s' % site.login_base)
+ return cleaned_data
+
+class SliceDeploymentsInline(PlStackTabularInline):
+ model = SliceDeployments
+ extra = 0
+ verbose_name = "Slice Deployment"
+ verbose_name_plural = "Slice Deployments"
+ suit_classes = 'suit-tab suit-tab-admin-only'
+ fields = ['backend_status_icon', 'deployment', 'tenant_id']
+ readonly_fields = ('backend_status_icon', )
+
class SliceAdmin(PlanetStackBaseAdmin):
form = SliceForm
fieldList = ['backend_status_text', 'site', 'name', 'serviceClass', 'enabled','description', 'service', 'slice_url', 'max_slivers']
list_display = ('backend_status_icon', 'name', 'site','serviceClass', 'slice_url', 'max_slivers')
list_display_links = ('backend_status_icon', 'name', )
inlines = [SlicePrivilegeInline,SliverInline, TagInline, ReservationInline,SliceNetworkInline]
+ admin_inlines = [SliceDeploymentsInline]
user_readonly_fields = fieldList
- suit_form_tabs =(('general', 'Slice Details'),
- ('slicenetworks','Networks'),
- ('sliceprivileges','Privileges'),
- ('slivers','Slivers'),
- ('tags','Tags'),
- ('reservations','Reservations'),
- )
+ @property
+ def suit_form_tabs(self):
+ tabs =[('general', 'Slice Details'),
+ ('slicenetworks','Networks'),
+ ('sliceprivileges','Privileges'),
+ ('slivers','Slivers'),
+ ('tags','Tags'),
+ ('reservations','Reservations'),
+ ]
+
+ request=getattr(_thread_locals, "request", None)
+ if request and request.user.is_admin:
+ tabs.append( ('admin-only', 'Admin-Only') )
+
+ return tabs
+
+ def add_view(self, request, form_url='', extra_context=None):
+ # revert to default read-only fields
+ self.readonly_fields = ('backend_status_text',)
+ return super(SliceAdmin, self).add_view(request, form_url, extra_context=extra_context)
+
+ def change_view(self, request, object_id, form_url='', extra_context=None):
+ print object_id
+ # cannot change the site of an existing slice so make the site field read only
+ if object_id:
+ self.readonly_fields = ('backend_status_text','site')
+ return super(SliceAdmin, self).change_view(request, object_id, form_url)
def render_change_form(self, request, context, add=False, change=False, form_url='', obj=None):
deployment_nodes = []
inline.model.caller = request.user
yield inline.get_formset(request, obj)
-
class SlicePrivilegeAdmin(PlanetStackBaseAdmin):
fieldsets = [
(None, {'fields': ['backend_status_text', 'user', 'slice', 'role']})
suit_form_tabs =(('general','Image Details'),('slivers','Slivers'),('imagedeployments','Deployments'))
- inlines = [SliverInline, ImageDeploymentsInline]
+ inlines = [SliverInline, ImageDeploymentInline]
user_readonly_fields = ['name', 'disk_format', 'container_format']
# make some fields read only if we are updating an existing record
if obj == None:
#self.readonly_fields = ('ip', 'instance_name')
- self.readonly_fields = ('backend_status_text')
+ self.readonly_fields = ('backend_status_text',)
else:
- self.readonly_fields = ('backend_status_text')
+ self.readonly_fields = ('backend_status_text',)
#self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
for inline in self.get_inline_instances(request, obj):
class Meta:
model = User
+ widgets = { 'public_key': UploadTextareaWidget, }
def clean_password(self):
# Regardless of what the user provides, return the initial value.
suit_classes = 'suit-tab suit-tab-dashboards'
fields = ['user', 'dashboardView', 'order']
-class UserAdmin(UserAdmin):
+class UserAdmin(PermissionCheckingAdminMixin, UserAdmin):
+ # Note: Make sure PermissionCheckingAdminMixin is listed before
+ # admin.ModelAdmin in the class declaration.
+
class Meta:
app_label = "core"
list_filter = ('site',)
inlines = [SlicePrivilegeInline,SitePrivilegeInline,DeploymentPrivilegeInline,UserDashboardViewInline]
- fieldListLoginDetails = ['email','site','password','is_active','is_readonly','is_admin','public_key']
+ fieldListLoginDetails = ['backend_status_text', 'email','site','password','is_active','is_readonly','is_admin','public_key']
fieldListContactInfo = ['firstname','lastname','phone','timezone']
fieldsets = (
add_fieldsets = (
(None, {
'classes': ('wide',),
- 'fields': ('email', 'firstname', 'lastname', 'is_readonly', 'phone', 'public_key','password1', 'password2')}
+ 'fields': ('email', 'firstname', 'lastname', 'is_readonly', 'phone', 'public_key','password1', 'password2')},
),
)
readonly_fields = ('backend_status_text', )
user_readonly_fields = fieldListLoginDetails + fieldListContactInfo
- suit_form_tabs =(('general','Login Details'),
- ('contact','Contact Information'),
- ('sliceprivileges','Slice Privileges'),
- ('siteprivileges','Site Privileges'),
- ('deploymentprivileges','Deployment Privileges'),
- ('dashboards','Dashboard Views'))
+ @property
+ def suit_form_tabs(self):
+ if getattr(_thread_locals, "obj", None) is None:
+ return []
+ else:
+ return (('general','Login Details'),
+ ('contact','Contact Information'),
+ ('sliceprivileges','Slice Privileges'),
+ ('siteprivileges','Site Privileges'),
+ ('deploymentprivileges','Deployment Privileges'),
+ ('dashboards','Dashboard Views'))
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == 'site':
return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
- def has_add_permission(self, request, obj=None):
- return (not self.__user_is_readonly(request))
-
- def has_delete_permission(self, request, obj=None):
- return (not self.__user_is_readonly(request))
-
- def get_actions(self,request):
- actions = super(UserAdmin,self).get_actions(request)
-
- if self.__user_is_readonly(request):
- if 'delete_selected' in actions:
- del actions['delete_selected']
-
- return actions
-
- def change_view(self,request,object_id, extra_context=None):
-
- if self.__user_is_readonly(request):
- if not hasattr(self, "readonly_save"):
- # save the original readonly fields\r
- self.readonly_save = self.readonly_fields\r
- self.inlines_save = self.inlines
- if hasattr(self, "user_readonly_fields"):
- self.readonly_fields=self.user_readonly_fields
- if hasattr(self, "user_readonly_inlines"):
- self.inlines = self.user_readonly_inlines
- else:
- if hasattr(self, "readonly_save"):\r
- # restore the original readonly fields\r
- self.readonly_fields = self.readonly_save\r
- self.inlines = self.inlines_save
-
- try:
- return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context)
- except PermissionDenied:
- pass
- if request.method == 'POST':
- raise PermissionDenied
- request.readonly = True
- return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context)
-
- def __user_is_readonly(self, request):
- #groups = [x.name for x in request.user.groups.all() ]
- #return "readonly" in groups
- return request.user.isReadOnlyUser()
-
def queryset(self, request):
return User.select_by_user(request.user)
- def backend_status_text(self, obj):
- return mark_safe(backend_text(obj))
-
- def backend_status_icon(self, obj):
- return mark_safe(backend_icon(obj))
- backend_status_icon.short_description = ""
-
class DashboardViewAdmin(PlanetStackBaseAdmin):
fieldsets = [('Dashboard View Details',
{'fields': ['backend_status_text', 'name', 'url'],
fields = ['backend_status_icon', 'network','slice']
readonly_fields = ('backend_status_icon', )
+class NetworkDeploymentsInline(PlStackTabularInline):
+ model = NetworkDeployments
+ extra = 0
+ verbose_name_plural = "Network Deployments"
+ verbose_name = "Network Deployment"
+ suit_classes = 'suit-tab suit-tab-admin-only'
+ fields = ['backend_status_icon', 'deployment','net_id','subnet_id']
+ readonly_fields = ('backend_status_icon', )
+
+class NetworkForm(forms.ModelForm):
+ class Meta:
+ model = Network
+ widgets = {
+ 'topologyParameters': UploadTextareaWidget,
+ 'controllerParameters': UploadTextareaWidget,
+ }
+
class NetworkAdmin(PlanetStackBaseAdmin):
list_display = ("backend_status_icon", "name", "subnet", "ports", "labels")
list_display_links = ('backend_status_icon', 'name', )
readonly_fields = ("subnet", )
inlines = [NetworkParameterInline, NetworkSliversInline, NetworkSlicesInline, RouterInline]
+ admin_inlines = [NetworkDeploymentsInline]
+
+ form=NetworkForm
fieldsets = [
- (None, {'fields': ['backend_status_text', 'name','template','ports','labels','owner','guaranteedBandwidth', 'permitAllSlices','permittedSlices','network_id','router_id','subnet_id','subnet'], 'classes':['suit-tab suit-tab-general']}),]
+ (None, {'fields': ['backend_status_text', 'name','template','ports','labels','owner','guaranteedBandwidth', 'permitAllSlices','permittedSlices','network_id','router_id','subnet_id','subnet'],
+ 'classes':['suit-tab suit-tab-general']}),
+ (None, {'fields': ['topologyParameters', 'controllerUrl', 'controllerParameters'],
+ 'classes':['suit-tab suit-tab-sdn']}),
+ ]
readonly_fields = ('backend_status_text', )
user_readonly_fields = ['name','template','ports','labels','owner','guaranteedBandwidth', 'permitAllSlices','permittedSlices','network_id','router_id','subnet_id','subnet']
- suit_form_tabs =(
- ('general','Network Details'),
- ('netparams', 'Parameters'),
- ('networkslivers','Slivers'),
- ('networkslices','Slices'),
- ('routers','Routers'),
- )
+ @property
+ def suit_form_tabs(self):
+ tabs=[('general','Network Details'),
+ ('sdn', 'SDN Configuration'),
+ ('netparams', 'Parameters'),
+ ('networkslivers','Slivers'),
+ ('networkslices','Slices'),
+ ('routers','Routers'),
+ ]
+
+ request=getattr(_thread_locals, "request", None)
+ if request and request.user.is_admin:
+ tabs.append( ('admin-only', 'Admin-Only') )
+
+ return tabs
+
+
class NetworkTemplateAdmin(PlanetStackBaseAdmin):
list_display = ("backend_status_icon", "name", "guaranteedBandwidth", "visibility")
list_display_links = ('backend_status_icon', 'name', )
user_readonly_fields = ["name", "guaranteedBandwidth", "visibility"]
user_readonly_inlines = []
+ fieldsets = [
+ (None, {'fields': ['name', 'description', 'guaranteedBandwidth', 'visibility', 'translation', 'sharedNetworkName', 'sharedNetworkId', 'topologyKind', 'controllerKind'],
+ 'classes':['suit-tab suit-tab-general']}),]
+ suit_form_tabs = (('general','Network Template Details'), )
class FlavorAdmin(PlanetStackBaseAdmin):
list_display = ("backend_status_icon", "name", "flavor", "order", "default")
git://git.onelab.eu / plstackapi.git / blobdiff