from django.contrib.auth.admin import UserAdmin
from django.contrib.admin.widgets import FilteredSelectMultiple
from django.contrib.auth.forms import ReadOnlyPasswordHashField
-from django.contrib.auth.signals import user_logged_in
+from django.contrib.auth.signals import user_logged_in
+from django.utils import timezone
+import django_evolution
class ReadonlyTabularInline(admin.TabularInline):
extra = 0
#readonly_fields = ['ip', 'instance_name', 'image']
readonly_fields = ['ip', 'instance_name']
+
class SiteInline(admin.TabularInline):
model = Site
model = SitePrivilege
extra = 0
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'site':
+ if not request.user.is_admin:
+ # only show sites where user is an admin or pi
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
+ sites = Site.objects.filter(login_base__in=login_bases)
+ kwargs['queryset'] = sites
+
+ if db_field.name == 'user':
+ if not request.user.is_admin:
+ # only show users from sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ site_privileges = SitePrivilege.objects.filter(site__in=sites)
+ emails = [site_privilege.user.email for site_privilege in site_privileges]
+ users = User.objects.filter(email__in=emails)
+ kwargs['queryset'] = users
+ return super(SitePrivilegeInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
class SliceMembershipInline(admin.TabularInline):
model = SliceMembership
extra = 0
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'slice':
+ if not request.user.is_admin:
+ # only show slices at sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ slices = Slice.objects.filter(site__in=sites)
+ kwargs['queryset'] = slices
+ if db_field.name == 'user':
+ if not request.user.is_admin:
+ # only show users from sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ site_privileges = SitePrivilege.objects.filter(site__in=sites)
+ emails = [site_privilege.user.email for site_privilege in site_privileges]
+ users = User.objects.filter(email__in=emails)
+ kwargs['queryset'] = list(users)
+
+ return super(SliceMembershipInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
+class SliceTagInline(admin.TabularInline):
+ model = SliceTag
+ extra = 0
+
class PlainTextWidget(forms.HiddenInput):
input_type = 'hidden'
list_display = ('role_type',)
-class DeploymentNetworkAdminForm(forms.ModelForm):
+class DeploymentAdminForm(forms.ModelForm):
sites = forms.ModelMultipleChoiceField(
queryset=Site.objects.all(),
required=False,
)
)
class Meta:
- model = DeploymentNetwork
+ model = Deployment
def __init__(self, *args, **kwargs):
- super(DeploymentNetworkAdminForm, self).__init__(*args, **kwargs)
+ super(DeploymentAdminForm, self).__init__(*args, **kwargs)
if self.instance and self.instance.pk:
self.fields['sites'].initial = self.instance.sites.all()
def save(self, commit=True):
- deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False)
+ deploymentNetwork = super(DeploymentAdminForm, self).save(commit=False)
if commit:
deploymentNetwork.save()
return deploymentNetwork
-class DeploymentNetworkAdmin(PlanetStackBaseAdmin):
- form = DeploymentNetworkAdminForm
+class DeploymentAdmin(PlanetStackBaseAdmin):
+ form = DeploymentAdminForm
inlines = [NodeInline,SliverInline]
def get_formsets(self, request, obj=None):
]
list_display = ('user', 'site', 'role')
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'site':
+ if not request.user.is_admin:
+ # only show sites where user is an admin or pi
+ sites = set()
+ for site_privilege in SitePrivilege.objects.filer(user=request.user):
+ if site_privilege.role.role_type in ['admin', 'pi']:
+ sites.add(site_privilege.site)
+ kwargs['queryset'] = Site.objects.filter(site__in=list(sites))
+
+ if db_field.name == 'user':
+ if not request.user.is_admin:
+ # only show users from sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ site_privileges = SitePrivilege.objects.filter(site__in=sites)
+ emails = [site_privilege.user.email for site_privilege in site_privileges]
+ users = User.objects.filter(email__in=emails)
+ kwargs['queryset'] = users
+
+ return super(SitePrivilegeAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
def queryset(self, request):
# admins can see all privileges. Users can only see privileges at sites
- # where they have the admin role.
+ # where they have the admin role or pi role.
qs = super(SitePrivilegeAdmin, self).queryset(request)
if not request.user.is_admin:
- roles = request.user.get_roles()
- tenants = []
- for (role, tenant_list) in roles:
- if role == 'admin':
- tenants.extend(tenant_list)
- valid_sites = Sites.objects.filter(login_base__in=tenants)
- qs = qs.filter(site__in=valid_sites)
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
+ sites = Site.objects.filter(login_base__in=login_bases)
+ qs = qs.filter(site__in=sites)
return qs
def save_model(self, request, obj, form, change):
# qs = super(KeyAdmin, self).queryset(request)
#else:
# qs = Key.objects.filter(user=request.user)
- #return qs
-
+ #return qs
+
class SliceAdmin(OSModelAdmin):
fields = ['name', 'site', 'serviceClass', 'description', 'slice_url']
list_display = ('name', 'site','serviceClass', 'slice_url')
- inlines = [SliverInline, SliceMembershipInline]
+ inlines = [SliverInline, SliceMembershipInline, SliceTagInline]
+
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'site':
+ if not request.user.is_admin:
+ # only show sites where user is a pi or admin
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
+ sites = Site.objects.filter(login_base__in=login_bases)
+ kwargs['queryset'] = sites
+
+ return super(SliceAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
def queryset(self, request):
# admins can see all keys. Users can only see slices they belong to.
]
list_display = ('user', 'slice', 'role')
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'slice':
+ if not request.user.is_admin:
+ # only show slices at sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ slices = Slice.objects.filter(site__in=sites)
+ kwargs['queryset'] = slices
+
+ if db_field.name == 'user':
+ if not request.user.is_admin:
+ # only show users from sites where caller has admin or pi role
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ sites = [site_privilege.site for site_privilege in site_privileges]
+ site_privileges = SitePrivilege.objects.filter(site__in=sites)
+ emails = [site_privilege.user.email for site_privilege in site_privileges]
+ users = User.objects.filter(email__in=emails)
+ kwargs['queryset'] = users
+
+ return super(SliceMembershipAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
def queryset(self, request):
# admins can see all memberships. Users can only see memberships of
# slices where they have the admin role.
qs = super(SliceMembershipAdmin, self).queryset(request)
if not request.user.is_admin:
- roles = request.user.get_roles()
- tenants = []
- for (role, tenant_list) in roles:
- if role == 'admin':
- tenants.extend(tenant_list)
- valid_slices = Slice.objects.filter(name__in=tenants)
- qs = qs.filter(slice__in=valid_slices)
+ roles = Role.objects.filter(role_type__in=['admin', 'pi'])
+ site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
+ login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
+ sites = Site.objects.filter(login_base__in=login_bases)
+ slices = Slice.objects.filter(site__in=sites)
+ qs = qs.filter(slice__in=slices)
return qs
def save_model(self, request, obj, form, change):
fields = ['image_id', 'name', 'disk_format', 'container_format']
class NodeAdmin(admin.ModelAdmin):
- list_display = ('name', 'site', 'deploymentNetwork')
- list_filter = ('deploymentNetwork',)
+ list_display = ('name', 'site', 'deployment')
+ list_filter = ('deployment',)
class SliverForm(forms.ModelForm):
]
list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'slice':
+ if not request.user.is_admin:
+ slices = set([sm.slice.name for sm in SliceMembership.objects.filter(user=request.user)])
+ kwargs['queryset'] = Slice.objects.filter(name__in=list(slices))
+
+ return super(SliverAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
def queryset(self, request):
# admins can see all slivers. Users can only see slivers of
# the slices they belong to.
#self.readonly_fields = ('ip', 'instance_name')
self.readonly_fields = ()
else:
- self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
+ self.readonly_fields = ()
+ #self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
for inline in self.get_inline_instances(request, obj):
# hide MyInline in the add view
list_filter = ('site',)
inlines = [SitePrivilegeInline, SliceMembershipInline]
fieldsets = (
- (None, {'fields': ('email', 'password', 'site', 'is_admin')}),
+ (None, {'fields': ('email', 'password', 'site', 'is_admin', 'timezone')}),
('Personal info', {'fields': ('firstname','lastname','phone', 'key')}),
#('Important dates', {'fields': ('last_login',)}),
)
ordering = ('email',)
filter_horizontal = ()
+ def formfield_for_foreignkey(self, db_field, request, **kwargs):
+ if db_field.name == 'site':
+ if not request.user.is_admin:
+ # show sites where caller is an admin or pi
+ sites = []
+ for site_privilege in SitePrivilege.objects.filer(user=request.user):
+ if site_privilege.role.role_type in ['admin', 'pi']:
+ sites.append(site_privilege.site.login_base)
+ kwargs['queryset'] = Site.objects.filter(login_base__in(list(sites)))
+
+ return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
class ServiceResourceInline(admin.TabularInline):
model = ServiceResource
extra = 0
list_display = ('name', 'commitment', 'membershipFee')
inlines = [ServiceResourceInline]
-class ServiceResourceAdmin(admin.ModelAdmin):
- list_display = ('serviceClass', 'name', 'cost', 'calendarReservable', 'maxUnitsDeployment', 'maxUnitsNode')
+class ReservedResourceInline(admin.TabularInline):
+ model = ReservedResource
+ extra = 0
+
+ def formfield_for_foreignkey(self, db_field, request=None, **kwargs):
+ field = super(ReservedResourceInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
+
+ if db_field.name == 'resource':
+ # restrict resources to those that the slice's service class allows
+ if request._slice is not None:
+ field.queryset = field.queryset.filter(serviceClass = request._slice.serviceClass, calendarReservable=True)
+ if len(field.queryset) > 0:
+ field.initial = field.queryset.all()[0]
+ else:\r
+ field.queryset = field.queryset.none()\r
+ elif db_field.name == 'sliver':\r
+ # restrict slivers to those that belong to the slice\r
+ if request._slice is not None:\r
+ field.queryset = field.queryset.filter(slice = request._slice)
+ else:
+ field.queryset = field.queryset.none()\r
+\r
+ return field
+
+class ReservationChangeForm(forms.ModelForm):
+ class Meta:
+ model = Reservation
+
+class ReservationAddForm(forms.ModelForm):
+ slice = forms.ModelChoiceField(queryset=Slice.objects.all(), widget=forms.Select(attrs={"onChange":"document.getElementById('id_refresh').value=1; submit()"}))
+ refresh = forms.CharField(widget=forms.HiddenInput())
+
+ class Media:
+ css = {'all': ('planetstack.css',)} # .field-refresh { display: none; }
+
+ def clean_slice(self):
+ slice = self.cleaned_data.get("slice")
+ x = ServiceResource.objects.filter(serviceClass = slice.serviceClass, calendarReservable=True)
+ if len(x) == 0:
+ raise forms.ValidationError("The slice you selected does not have a service class that allows reservations")
+ return slice
+
+ class Meta:
+ model = Reservation
+
+class ReservationAddRefreshForm(ReservationAddForm):
+ """ This form is displayed when the Reservation Form receives an update
+ from the Slice dropdown onChange handler. It doesn't validate the
+ data and doesn't save the data. This will cause the form to be
+ redrawn.
+ """
+
+ """ don't validate anything other than slice """
+ dont_validate_fields = ("startTime", "duration")
+
+ def full_clean(self):
+ result = super(ReservationAddForm, self).full_clean()
+
+ for fieldname in self.dont_validate_fields:
+ if fieldname in self._errors:
+ del self._errors[fieldname]
+
+ return result
+
+ """ don't save anything """
+ def is_valid(self):
+ return False
+
+class ReservationAdmin(admin.ModelAdmin):
+ list_display = ('startTime', 'duration')
+ inlines = [ReservedResourceInline]
+ form = ReservationAddForm
+
+ def add_view(self, request, form_url='', extra_context=None):
+ timezone.activate(request.user.timezone)
+ request._refresh = False
+ request._slice = None
+ if request.method == 'POST':
+ # "refresh" will be set to "1" if the form was submitted due to
+ # a change in the Slice dropdown.
+ if request.POST.get("refresh","1") == "1":
+ request._refresh = True
+ request.POST["refresh"] = "0"
+
+ # Keep track of the slice that was selected, so the
+ # reservedResource inline can filter items for the slice.
+ request._slice = request.POST.get("slice",None)
+ if (request._slice is not None):
+ request._slice = Slice.objects.get(id=request._slice)
+
+ result = super(ReservationAdmin, self).add_view(request, form_url, extra_context)
+ return result
+
+ def changelist_view(self, request, extra_context = None):
+ timezone.activate(request.user.timezone)
+ return super(ReservationAdmin, self).changelist_view(request, extra_context)
+
+ def get_form(self, request, obj=None, **kwargs):
+ request._obj_ = obj\r
+ if obj is not None:\r
+ # For changes, set request._slice to the slice already set in the\r
+ # object.\r
+ request._slice = obj.slice\r
+ self.form = ReservationChangeForm\r
+ else:\r
+ if getattr(request, "_refresh", False):\r
+ self.form = ReservationAddRefreshForm\r
+ else:\r
+ self.form = ReservationAddForm\r
+ return super(ReservationAdmin, self).get_form(request, obj, **kwargs)\r
+\r
+ def get_readonly_fields(self, request, obj=None):
+ if (obj is not None):\r
+ # Prevent slice from being changed after the reservation has been\r
+ # created.\r
+ return ['slice']\r
+ else:\r
+ return []
# register a signal that caches the user's credentials when they log in
def cache_credentials(sender, user, request, **kwds):
# unregister the Group model from admin.
admin.site.unregister(Group)
+#Do not show django evolution in the admin interface
+from django_evolution.models import Version, Evolution
+admin.site.unregister(Version)
+admin.site.unregister(Evolution)
+
+
+# When debugging it is often easier to see all the classes, but for regular use
+# only the top-levels should be displayed
+showAll = False
+
+admin.site.register(Deployment, DeploymentAdmin)
admin.site.register(Site, SiteAdmin)
-admin.site.register(SitePrivilege, SitePrivilegeAdmin)
admin.site.register(Slice, SliceAdmin)
-admin.site.register(SliceMembership, SliceMembershipAdmin)
#admin.site.register(Subnet)
-admin.site.register(Image, ImageAdmin)
-admin.site.register(Node, NodeAdmin)
-admin.site.register(Sliver, SliverAdmin)
admin.site.register(Key, KeyAdmin)
-admin.site.register(Role, RoleAdmin)
-admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin)
-admin.site.register(ServiceClass, ServiceClassAdmin)
-admin.site.register(ServiceResource, ServiceResourceAdmin)
+
+
+if showAll:
+ admin.site.register(Node, NodeAdmin)
+ admin.site.register(SliceMembership, SliceMembershipAdmin)
+ admin.site.register(SitePrivilege, SitePrivilegeAdmin)
+ admin.site.register(Role, RoleAdmin)
+ admin.site.register(Sliver, SliverAdmin)
+ admin.site.register(ServiceClass, ServiceClassAdmin)
+ admin.site.register(Reservation, ReservationAdmin)
+ admin.site.register(Image, ImageAdmin)
git://git.onelab.eu / plstackapi.git / blobdiff