X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=planetstack%2Fcore%2Fadmin.py;h=a77be5bead5dad76fc8e84f4ec9b572f80686b53;hb=5c9b77c25b94e6f22358d9063be427865a1e4945;hp=6fcc3f963ed8f4267550d4de9911590ddecc6dad;hpb=8beb84fdc02d4174f204b660db826787f8ef5513;p=plstackapi.git diff --git a/planetstack/core/admin.py b/planetstack/core/admin.py index 6fcc3f9..a77be5b 100644 --- a/planetstack/core/admin.py +++ b/planetstack/core/admin.py @@ -8,7 +8,7 @@ from django import forms from django.utils.safestring import mark_safe from django.contrib.auth.admin import UserAdmin from django.contrib.admin.widgets import FilteredSelectMultiple -from django.contrib.auth.forms import ReadOnlyPasswordHashField +from django.contrib.auth.forms import ReadOnlyPasswordHashField, AdminPasswordChangeForm from django.contrib.auth.signals import user_logged_in from django.utils import timezone from django.contrib.contenttypes import generic @@ -43,7 +43,8 @@ class PlainTextWidget(forms.HiddenInput): value = '' return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs)) -class ReadOnlyAwareAdmin(admin.ModelAdmin): +class PermissionCheckingAdminMixin(object): + # call save_by_user and delete_by_user instead of save and delete def has_add_permission(self, request, obj=None): return (not self.__user_is_readonly(request)) @@ -53,13 +54,42 @@ class ReadOnlyAwareAdmin(admin.ModelAdmin): def save_model(self, request, obj, form, change): if self.__user_is_readonly(request): + # this 'if' might be redundant if save_by_user is implemented right raise PermissionDenied - #pass - else: - return super(ReadOnlyAwareAdmin, self).save_model(request, obj, form, change) + + obj.caller = request.user + # update openstack connection to use this site/tenant + obj.save_by_user(request.user) + + def delete_model(self, request, obj): + obj.delete_by_user(request.user) + + def save_formset(self, request, form, formset, change): + instances = formset.save(commit=False) + for instance in instances: + instance.save_by_user(request.user) + + # BUG in django 1.7? Objects are not deleted by formset.save if + # commit is False. So let's delete them ourselves. + # + # code from forms/models.py save_existing_objects() + try: + forms_to_delete = formset.deleted_forms + except AttributeError: + forms_to_delete = [] + if formset.initial_forms: + for form in formset.initial_forms: + obj = form.instance + if form in forms_to_delete: + if obj.pk is None: + continue + formset.deleted_objects.append(obj) + obj.delete() + + formset.save_m2m() def get_actions(self,request): - actions = super(ReadOnlyAwareAdmin,self).get_actions(request) + actions = super(PermissionCheckingAdminMixin,self).get_actions(request) if self.__user_is_readonly(request): if 'delete_selected' in actions: @@ -85,13 +115,13 @@ class ReadOnlyAwareAdmin(admin.ModelAdmin): self.inlines = self.inlines_save try: - return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context) + return super(PermissionCheckingAdminMixin, self).change_view(request, object_id, extra_context=extra_context) except PermissionDenied: pass if request.method == 'POST': raise PermissionDenied request.readonly = True - return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context) + return super(PermissionCheckingAdminMixin, self).change_view(request, object_id, extra_context=extra_context) def __user_is_readonly(self, request): return request.user.isReadOnlyUser() @@ -103,6 +133,14 @@ class ReadOnlyAwareAdmin(admin.ModelAdmin): return mark_safe(backend_icon(obj)) backend_status_icon.short_description = "" +class ReadOnlyAwareAdmin(PermissionCheckingAdminMixin, admin.ModelAdmin): + # Note: Make sure PermissionCheckingAdminMixin is listed before + # admin.ModelAdmin in the class declaration. + + pass + +class PlanetStackBaseAdmin(ReadOnlyAwareAdmin): + save_on_top = False class SingletonAdmin (ReadOnlyAwareAdmin): def has_add_permission(self, request): @@ -115,7 +153,6 @@ class SingletonAdmin (ReadOnlyAwareAdmin): else: return True - class PlStackTabularInline(admin.TabularInline): def __init__(self, *args, **kwargs): super(PlStackTabularInline, self).__init__(*args, **kwargs) @@ -404,23 +441,6 @@ class ImageDeploymentsInline(PlStackTabularInline): fields = ['backend_status_icon', 'image', 'deployment', 'glance_image_id'] readonly_fields = ['backend_status_icon', 'glance_image_id'] -class PlanetStackBaseAdmin(ReadOnlyAwareAdmin): - save_on_top = False - - def save_model(self, request, obj, form, change): - obj.caller = request.user - # update openstack connection to use this site/tenant - obj.save_by_user(request.user) - - def delete_model(self, request, obj): - obj.delete_by_user(request.user) - - def save_formset(self, request, form, formset, change): - instances = formset.save(commit=False) - for instance in instances: - instance.save_by_user(request.user) - formset.save_m2m() - class SliceRoleAdmin(PlanetStackBaseAdmin): model = SliceRole pass @@ -507,10 +527,10 @@ class DeploymentAdminForm(forms.ModelForm): def save(self, commit=True): deployment = super(DeploymentAdminForm, self).save(commit=False) - deployment.flavors = self.cleaned_data['flavors'] - if commit: deployment.save() + # this has to be done after save() if/when a deployment is first created + deployment.flavors = self.cleaned_data['flavors'] if deployment.pk: # save_m2m() doesn't seem to work with 'through' relations. So we @@ -986,7 +1006,10 @@ class UserDashboardViewInline(PlStackTabularInline): suit_classes = 'suit-tab suit-tab-dashboards' fields = ['user', 'dashboardView', 'order'] -class UserAdmin(UserAdmin): +class UserAdmin(PermissionCheckingAdminMixin, UserAdmin): + # Note: Make sure PermissionCheckingAdminMixin is listed before + # admin.ModelAdmin in the class declaration. + class Meta: app_label = "core" @@ -1001,7 +1024,7 @@ class UserAdmin(UserAdmin): list_filter = ('site',) inlines = [SlicePrivilegeInline,SitePrivilegeInline,DeploymentPrivilegeInline,UserDashboardViewInline] - fieldListLoginDetails = ['email','site','password','is_active','is_readonly','is_admin','public_key'] + fieldListLoginDetails = ['backend_status_text', 'email','site','password','is_active','is_readonly','is_admin','public_key'] fieldListContactInfo = ['firstname','lastname','phone','timezone'] fieldsets = ( @@ -1036,62 +1059,9 @@ class UserAdmin(UserAdmin): return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) - def has_add_permission(self, request, obj=None): - return (not self.__user_is_readonly(request)) - - def has_delete_permission(self, request, obj=None): - return (not self.__user_is_readonly(request)) - - def get_actions(self,request): - actions = super(UserAdmin,self).get_actions(request) - - if self.__user_is_readonly(request): - if 'delete_selected' in actions: - del actions['delete_selected'] - - return actions - - def change_view(self,request,object_id, extra_context=None): - - if self.__user_is_readonly(request): - if not hasattr(self, "readonly_save"): - # save the original readonly fields - self.readonly_save = self.readonly_fields - self.inlines_save = self.inlines - if hasattr(self, "user_readonly_fields"): - self.readonly_fields=self.user_readonly_fields - if hasattr(self, "user_readonly_inlines"): - self.inlines = self.user_readonly_inlines - else: - if hasattr(self, "readonly_save"): - # restore the original readonly fields - self.readonly_fields = self.readonly_save - self.inlines = self.inlines_save - - try: - return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context) - except PermissionDenied: - pass - if request.method == 'POST': - raise PermissionDenied - request.readonly = True - return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context) - - def __user_is_readonly(self, request): - #groups = [x.name for x in request.user.groups.all() ] - #return "readonly" in groups - return request.user.isReadOnlyUser() - def queryset(self, request): return User.select_by_user(request.user) - def backend_status_text(self, obj): - return mark_safe(backend_text(obj)) - - def backend_status_icon(self, obj): - return mark_safe(backend_icon(obj)) - backend_status_icon.short_description = "" - class DashboardViewAdmin(PlanetStackBaseAdmin): fieldsets = [('Dashboard View Details', {'fields': ['backend_status_text', 'name', 'url'],