observer now supports remote openstack deployments

[plstackapi.git] / planetstack / core / models / user.py

diff --git a/planetstack/core/models/user.py b/planetstack/core/models/user.py
index 2b63dda..62e5b91 100644 (file)
--- a/planetstack/core/models/user.py
+++ b/planetstack/core/models/user.py
@@ -2,11 +2,12 @@ import os
 import datetime
 from collections import defaultdict
 from django.db import models
+from django.db.models import F, Q
 from core.models import PlCoreBase,Site
+from core.models.deployment import Deployment
 from django.contrib.auth.models import AbstractBaseUser, BaseUserManager
 from timezones.fields import TimeZoneField
 
-
 # Create your models here.
 class UserManager(BaseUserManager):
     def create_user(self, email, firstname, lastname, password=None):
@@ -54,7 +55,9 @@ class User(AbstractBaseUser):
         unique=True,
         db_index=True,
     )
-    username = models.CharField(max_length=200, default="Something" )
+
+    username = models.CharField(max_length=255, default="Something" )
+
 
     kuser_id = models.CharField(null=True, blank=True, help_text="keystone user id", max_length=200) 
     firstname = models.CharField(help_text="person's given name", max_length=200)
@@ -68,6 +71,7 @@ class User(AbstractBaseUser):
     is_active = models.BooleanField(default=True)
     is_admin = models.BooleanField(default=True)
     is_staff = models.BooleanField(default=True)
+    is_readonly = models.BooleanField(default=False)
 
     created = models.DateTimeField(auto_now_add=True)
     updated = models.DateTimeField(auto_now=True)
@@ -80,6 +84,9 @@ class User(AbstractBaseUser):
     USERNAME_FIELD = 'email'
     REQUIRED_FIELDS = ['firstname', 'lastname']
 
+    def isReadOnlyUser(self):
+        return self.is_readonly
+
     def get_full_name(self):
         # The user is identified by their email address
         return self.email
@@ -124,4 +131,38 @@ class User(AbstractBaseUser):
     def save(self, *args, **kwds):
         if not self.id:
             self.set_password(self.password)    
-        super(User, self).save(*args, **kwds)   
+        self.username = self.email
+        super(User, self).save(*args, **kwds)  
+
+    @staticmethod
+    def select_by_user(user):
+        if user.is_admin:
+            qs = User.objects.all()
+        else:
+            # can see all users at any site where this user has pi role
+            from core.models.site import SitePrivilege
+            site_privs = SitePrivilege.objects.filter(user=user)
+            sites = [sp.site for sp in site_privs if sp.role.role == 'pi']
+            # get site privs of users at these sites
+            site_privs = SitePrivilege.objects.filter(site__in=sites)
+            user_ids = [sp.user.id for sp in site_privs] + [user.id] 
+            qs = User.objects.filter(Q(site__in=sites) | Q(id__in=user_ids))
+        return qs            
+
+             
+    
+class UserDeployments(PlCoreBase):
+    user = models.ForeignKey(User)
+    deployment = models.ForeignKey(Deployment)
+    kuser_id = models.CharField(null=True, blank=True, max_length=200, help_text="Keystone user id")
+
+    def __unicode__(self):  return u'%s %s %s' % (self.user, self.deployment.name)
+
+    @staticmethod
+    def select_by_user(user):
+        if user.is_admin:
+            qs = UserDeployments.objects.all()
+        else:
+            users = Users.select_by_user(user)
+            qs = Usereployments.objects.filter(user__in=slices)
+        return qs