X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=planetstack%2Fcore%2Fadmin.py;h=bae7be152b8b7e154d5ee730b2c537911787d4c2;hb=ad5ed9e79e1ec43007b47befcf5173a9aad97d67;hp=134b6884a722c8e7cb0aa6ae2746dffd18159da9;hpb=1e88946bc9fa4ff8b921143c354a901d686cd5a6;p=plstackapi.git diff --git a/planetstack/core/admin.py b/planetstack/core/admin.py index 134b688..bae7be1 100644 --- a/planetstack/core/admin.py +++ b/planetstack/core/admin.py @@ -9,10 +9,23 @@ from django.utils.safestring import mark_safe from django.contrib.auth.admin import UserAdmin from django.contrib.admin.widgets import FilteredSelectMultiple from django.contrib.auth.forms import ReadOnlyPasswordHashField -from django.contrib.auth.signals import user_logged_in +from django.contrib.auth.signals import user_logged_in +from django.utils import timezone +from django.contrib.contenttypes import generic +from suit.widgets import LinkedSelect +import django_evolution -class ReadonlyTabularInline(admin.TabularInline): +class PlStackTabularInline(admin.TabularInline): + pass + +class ReservationInline(PlStackTabularInline): + model = Reservation + extra = 0 + suit_classes = 'suit-tab suit-tab-reservations' + + +class ReadonlyTabularInline(PlStackTabularInline): can_delete = False extra = 0 editable_fields = [] @@ -28,40 +41,179 @@ class ReadonlyTabularInline(admin.TabularInline): def has_add_permission(self, request): return False -class SliverInline(admin.TabularInline): +class TagInline(generic.GenericTabularInline): + model = Tag + extra = 0 + suit_classes = 'suit-tab suit-tab-tags' + +class NetworkLookerUpper: + """ This is a callable that looks up a network name in a sliver and returns + the ip address for that network. + """ + + def __init__(self, name): + self.short_description = name + self.__name__ = name + self.network_name = name + + def __call__(self, obj): + if obj is not None: + for nbs in obj.networksliver_set.all(): + if (nbs.network.name == self.network_name): + return nbs.ip + return "" + + def __str__(self): + return self.network_name + +class SliverInline(PlStackTabularInline): model = Sliver - fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork'] + fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'node', 'deploymentNetwork'] extra = 0 - #readonly_fields = ['ip', 'instance_name', 'image'] readonly_fields = ['ip', 'instance_name'] - -class SiteInline(admin.TabularInline): + suit_classes = 'suit-tab suit-tab-slivers' + +# Note this is breaking in the admin.py when trying to use an inline to add a node/image +# def _declared_fieldsets(self): +# # Return None so django will call get_fieldsets and we can insert our +# # dynamic fields +# return None +# +# def get_readonly_fields(self, request, obj=None): +# readonly_fields = super(SliverInline, self).get_readonly_fields(request, obj) +# +# # Lookup the networks that are bound to the slivers, and add those +# # network names to the list of readonly fields. +# +# for sliver in obj.slivers.all(): +# for nbs in sliver.networksliver_set.all(): +# if nbs.ip: +# network_name = nbs.network.name +# if network_name not in [str(x) for x in readonly_fields]: +# readonly_fields.append(NetworkLookerUpper(network_name)) +# +# return readonly_fields +# +# def get_fieldsets(self, request, obj=None): +# form = self.get_formset(request, obj).form +# # fields = the read/write files + the read-only fields +# fields = self.fields +# for fieldName in self.get_readonly_fields(request,obj): +# if not fieldName in fields: +# fields.append(fieldName) +# +# return [(None, {'fields': fields})] + + + +class SiteInline(PlStackTabularInline): model = Site extra = 0 + suit_classes = 'suit-tab suit-tab-sites' -class UserInline(admin.TabularInline): +class UserInline(PlStackTabularInline): model = User fields = ['email', 'firstname', 'lastname'] extra = 0 + suit_classes = 'suit-tab suit-tab-users' -class SliceInline(admin.TabularInline): +class SliceInline(PlStackTabularInline): model = Slice + fields = ['name','enabled','description','slice_url'] extra = 0 + suit_classes = 'suit-tab suit-tab-slices' + -class RoleInline(admin.TabularInline): +class RoleInline(PlStackTabularInline): model = Role extra = 0 + suit_classes = 'suit-tab suit-tab-roles' -class NodeInline(admin.TabularInline): +class NodeInline(PlStackTabularInline): model = Node extra = 0 + suit_classes = 'suit-tab suit-tab-nodes' + +class SlicePrivilegeInline(PlStackTabularInline): + model = SlicePrivilege + extra = 0 + suit_classes = 'suit-tab suit-tab-sliceprivileges' -class SitePrivilegeInline(admin.TabularInline): +class DeploymentPrivilegeInline(PlStackTabularInline): + model = DeploymentPrivilege + extra = 0 + suit_classes = 'suit-tab suit-tab-deploymentprivileges' + +class SitePrivilegeInline(PlStackTabularInline): + model = SitePrivilege + extra = 0 + suit_classes = 'suit-tab suit-tab-siteprivileges' + + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'site': + if not request.user.is_admin: + # only show sites where user is an admin or pi + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + login_bases = [site_privilege.site.login_base for site_privilege in site_privileges] + sites = Site.objects.filter(login_base__in=login_bases) + kwargs['queryset'] = sites + + if db_field.name == 'user': + if not request.user.is_admin: + # only show users from sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + site_privileges = SitePrivilege.objects.filter(site__in=sites) + emails = [site_privilege.user.email for site_privilege in site_privileges] + users = User.objects.filter(email__in=emails) + kwargs['queryset'] = users + return super(SitePrivilegeInline, self).formfield_for_foreignkey(db_field, request, **kwargs) + +class SitePrivilegeInline(PlStackTabularInline): model = SitePrivilege + suit_classes = 'suit-tab suit-tab-siteprivileges' extra = 0 + fields = ('user', 'site','role') -class SliceMembershipInline(admin.TabularInline): - model = SliceMembership +class SlicePrivilegeInline(PlStackTabularInline): + model = SlicePrivilege + suit_classes = 'suit-tab suit-tab-sliceprivileges' + extra = 0 + fields = ('user', 'slice','role') + + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'slice': + if not request.user.is_admin: + # only show slices at sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + slices = Slice.objects.filter(site__in=sites) + kwargs['queryset'] = slices + if db_field.name == 'user': + if not request.user.is_admin: + # only show users from sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + site_privileges = SitePrivilege.objects.filter(site__in=sites) + emails = [site_privilege.user.email for site_privilege in site_privileges] + users = User.objects.filter(email__in=emails) + kwargs['queryset'] = list(users) + + return super(SlicePrivilegeInline, self).formfield_for_foreignkey(db_field, request, **kwargs) + +class SliceNetworkInline(PlStackTabularInline): + model = Network.slices.through + extra = 0 + verbose_name = "Network Connection" + verbose_name_plural = "Network Connections" + suit_classes = 'suit-tab suit-tab-slicenetworks' + +class SliceTagInline(PlStackTabularInline): + model = SliceTag extra = 0 class PlainTextWidget(forms.HiddenInput): @@ -75,31 +227,15 @@ class PlainTextWidget(forms.HiddenInput): class PlanetStackBaseAdmin(admin.ModelAdmin): save_on_top = False -class OSModelAdmin(PlanetStackBaseAdmin): - """Attach client connection to openstack on delete() and save()""" - - def save_model(self, request, obj, form, change): - if request.user.site: - auth = request.session.get('auth', {}) - auth['tenant'] = request.user.site.login_base - obj.os_manager = OpenStackManager(auth=auth, caller=request.user) - obj.save() +class SliceRoleAdmin(PlanetStackBaseAdmin): + model = SliceRole + pass - def delete_model(self, request, obj): - if request.user.site: - auth = request.session.get('auth', {}) - auth['tenant'] = request.user.site.login_base - obj.os_manager = OpenStackManager(auth=auth, caller=request.user) - obj.delete() +class SiteRoleAdmin(PlanetStackBaseAdmin): + model = SiteRole + pass -class RoleAdmin(OSModelAdmin): - fieldsets = [ - ('Role', {'fields': ['role_type']}) - ] - list_display = ('role_type',) - - -class DeploymentNetworkAdminForm(forms.ModelForm): +class DeploymentAdminForm(forms.ModelForm): sites = forms.ModelMultipleChoiceField( queryset=Site.objects.all(), required=False, @@ -108,50 +244,32 @@ class DeploymentNetworkAdminForm(forms.ModelForm): ) ) class Meta: - model = DeploymentNetwork - - def __init__(self, *args, **kwargs): - super(DeploymentNetworkAdminForm, self).__init__(*args, **kwargs) - - if self.instance and self.instance.pk: - self.fields['sites'].initial = self.instance.sites.all() - - def save(self, commit=True): - deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False) - if commit: - deploymentNetwork.save() - - if deploymentNetwork.pk: - deploymentNetwork.sites = self.cleaned_data['sites'] - self.save_m2m() + model = Deployment - return deploymentNetwork -class DeploymentNetworkAdmin(PlanetStackBaseAdmin): - form = DeploymentNetworkAdminForm - inlines = [NodeInline,SliverInline] - - def get_formsets(self, request, obj=None): - for inline in self.get_inline_instances(request, obj): - # hide MyInline in the add view - if obj is None: - continue - # give inline object access to driver and caller - auth = request.session.get('auth', {}) - if request.user.site: - auth['tenant'] = request.user.site.login_base - inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) - yield inline.get_formset(request, obj) +class DeploymentAdmin(PlanetStackBaseAdmin): + form = DeploymentAdminForm + inlines = [DeploymentPrivilegeInline,NodeInline,TagInline] + fieldsets = [ + (None, {'fields': ['sites'], 'classes':['suit-tab suit-tab-sites']}),] + suit_form_tabs =(('sites', 'Sites'),('nodes','Nodes'),('deploymentprivileges','Privileges'),('tags','Tags')) -class SiteAdmin(OSModelAdmin): +class SiteAdmin(PlanetStackBaseAdmin): fieldsets = [ - (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}), - ('Location', {'fields': ['latitude', 'longitude']}), - ('Deployment Networks', {'fields': ['deployments']}) + (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base', 'location'], 'classes':['suit-tab suit-tab-general']}), + ('Deployment Networks', {'fields': ['deployments'], 'classes':['suit-tab suit-tab-deployments']}), ] + suit_form_tabs =(('general', 'Site Details'), + ('users','Users'), + ('siteprivileges','Privileges'), + ('deployments','Deployments'), + ('slices','Slices'), + ('nodes','Nodes'), + ('tags','Tags'), + ) list_display = ('name', 'login_base','site_url', 'enabled') filter_horizontal = ('deployments',) - inlines = [NodeInline, UserInline, SitePrivilegeInline] + inlines = [SliceInline,UserInline,TagInline, NodeInline, SitePrivilegeInline] search_fields = ['name'] def queryset(self, request): @@ -170,64 +288,86 @@ class SiteAdmin(OSModelAdmin): # hide MyInline in the add view if obj is None: continue - # give inline object access to driver and caller - auth = request.session.get('auth', {}) - #auth['tenant'] = request.user.site.login_base - inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) + if isinstance(inline, SliceInline): + inline.model.caller = request.user + yield inline.get_formset(request, obj) + + def get_formsets(self, request, obj=None): + for inline in self.get_inline_instances(request, obj): + # hide MyInline in the add view + if obj is None: + continue + if isinstance(inline, SliverInline): + inline.model.caller = request.user yield inline.get_formset(request, obj) class SitePrivilegeAdmin(PlanetStackBaseAdmin): fieldsets = [ - (None, {'fields': ['user', 'site', 'role']}) + (None, {'fields': ['user', 'site', 'role'], 'classes':['collapse']}) ] list_display = ('user', 'site', 'role') + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'site': + if not request.user.is_admin: + # only show sites where user is an admin or pi + sites = set() + for site_privilege in SitePrivilege.objects.filer(user=request.user): + if site_privilege.role.role_type in ['admin', 'pi']: + sites.add(site_privilege.site) + kwargs['queryset'] = Site.objects.filter(site__in=list(sites)) + + if db_field.name == 'user': + if not request.user.is_admin: + # only show users from sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + site_privileges = SitePrivilege.objects.filter(site__in=sites) + emails = [site_privilege.user.email for site_privilege in site_privileges] + users = User.objects.filter(email__in=emails) + kwargs['queryset'] = users + + return super(SitePrivilegeAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) + def queryset(self, request): # admins can see all privileges. Users can only see privileges at sites - # where they have the admin role. + # where they have the admin role or pi role. qs = super(SitePrivilegeAdmin, self).queryset(request) if not request.user.is_admin: - roles = request.user.get_roles() - tenants = [] - for (role, tenant_list) in roles: - if role == 'admin': - tenants.extend(tenant_list) - valid_sites = Sites.objects.filter(login_base__in=tenants) - qs = qs.filter(site__in=valid_sites) + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + login_bases = [site_privilege.site.login_base for site_privilege in site_privileges] + sites = Site.objects.filter(login_base__in=login_bases) + qs = qs.filter(site__in=sites) return qs - def save_model(self, request, obj, form, change): - # update openstack connection to use this site/tenant - auth = request.session.get('auth', {}) - #auth['tenant'] = obj.site.login_base - obj.os_manager = OpenStackManager(auth=auth, caller=request.user) - obj.save() +class SliceAdmin(PlanetStackBaseAdmin): + fieldsets = [('Slice Details', {'fields': ['name', 'site', 'serviceClass', 'description', 'slice_url'], 'classes':['suit-tab suit-tab-general']}),] + list_display = ('name', 'site','serviceClass', 'slice_url') + inlines = [SlicePrivilegeInline,SliverInline, TagInline, ReservationInline,SliceNetworkInline] - def delete_model(self, request, obj): - # update openstack connection to use this site/tenant - auth = request.session.get('auth', {}) - #auth['tenant'] = obj.site.login_base - obj.os_manager = OpenStackManager(auth=auth, caller=request.user) - obj.delete() -class KeyAdmin(OSModelAdmin): - fieldsets = [ - ('Key', {'fields': ['key', 'type', 'blacklisted']}) - ] - list_display = ['key', 'type', 'blacklisted'] - - #def queryset(self, request): - # admins can see all keys. Users can only see their own key. - #if request.user.is_admin: - # qs = super(KeyAdmin, self).queryset(request) - #else: - # qs = Key.objects.filter(user=request.user) - #return qs - -class SliceAdmin(OSModelAdmin): - fields = ['name', 'site', 'serviceClass', 'description', 'slice_url'] - list_display = ('name', 'site','serviceClass', 'slice_url') - inlines = [SliverInline, SliceMembershipInline] + #inlines = [SliverInline, SliceMembershipInline, TagInline, SliceTagInline, SliceNetworkInline] + suit_form_tabs =(('general', 'Slice Details'), + ('slicenetworks','Networks'), + ('sliceprivileges','Privileges'), + ('slivers','Slivers'), + ('tags','Tags'), + ('reservations','Reservations'), + ) + + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'site': + if not request.user.is_admin: + # only show sites where user is a pi or admin + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + login_bases = [site_privilege.site.login_base for site_privilege in site_privileges] + sites = Site.objects.filter(login_base__in=login_bases) + kwargs['queryset'] = sites + + return super(SliceAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) def queryset(self, request): # admins can see all keys. Users can only see slices they belong to. @@ -245,10 +385,8 @@ class SliceAdmin(OSModelAdmin): # hide MyInline in the add view if obj is None: continue - # give inline object access to driver and caller - auth = request.session.get('auth', {}) - auth['tenant'] = obj.name # meed to connect using slice's tenant - inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) + if isinstance(inline, SliverInline): + inline.model.caller = request.user yield inline.get_formset(request, obj) def get_queryset(self, request): @@ -256,26 +394,53 @@ class SliceAdmin(OSModelAdmin): if request.user.is_superuser: return qs # users can only see slices at their site - return qs.filter(site=request.user.site) + return qs.filter(site=request.user.site) -class SliceMembershipAdmin(PlanetStackBaseAdmin): + def save_model(self, request, obj, form, change): + # update openstack connection to use this site/tenant + obj.caller = request.user + obj.save() + +class SlicePrivilegeAdmin(PlanetStackBaseAdmin): fieldsets = [ (None, {'fields': ['user', 'slice', 'role']}) ] list_display = ('user', 'slice', 'role') + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'slice': + if not request.user.is_admin: + # only show slices at sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + slices = Slice.objects.filter(site__in=sites) + kwargs['queryset'] = slices + + if db_field.name == 'user': + if not request.user.is_admin: + # only show users from sites where caller has admin or pi role + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + sites = [site_privilege.site for site_privilege in site_privileges] + site_privileges = SitePrivilege.objects.filter(site__in=sites) + emails = [site_privilege.user.email for site_privilege in site_privileges] + users = User.objects.filter(email__in=emails) + kwargs['queryset'] = users + + return super(SlicePrivilegeAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) + def queryset(self, request): # admins can see all memberships. Users can only see memberships of # slices where they have the admin role. - qs = super(SliceMembershipAdmin, self).queryset(request) + qs = super(SlicePrivilegeAdmin, self).queryset(request) if not request.user.is_admin: - roles = request.user.get_roles() - tenants = [] - for (role, tenant_list) in roles: - if role == 'admin': - tenants.extend(tenant_list) - valid_slices = Slice.objects.filter(name__in=tenants) - qs = qs.filter(slice__in=valid_slices) + roles = Role.objects.filter(role_type__in=['admin', 'pi']) + site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles) + login_bases = [site_privilege.site.login_base for site_privilege in site_privileges] + sites = Site.objects.filter(login_base__in=login_bases) + slices = Slice.objects.filter(site__in=sites) + qs = qs.filter(slice__in=slices) return qs def save_model(self, request, obj, form, change): @@ -293,12 +458,32 @@ class SliceMembershipAdmin(PlanetStackBaseAdmin): obj.delete() -class ImageAdmin(admin.ModelAdmin): - fields = ['image_id', 'name', 'disk_format', 'container_format'] +class ImageAdmin(PlanetStackBaseAdmin): + + fieldsets = [('Image Details', + {'fields': ['image_id', 'name', 'disk_format', 'container_format'], + 'classes': ['suit-tab suit-tab-general']}) + ] + + suit_form_tabs =(('general','Image Details'),('slivers','Slivers')) + + inlines = [SliverInline] + +class NodeForm(forms.ModelForm): + class Meta: + widgets = { + 'site': LinkedSelect, + 'deployment': LinkedSelect + } class NodeAdmin(admin.ModelAdmin): - list_display = ('name', 'site', 'deploymentNetwork') - list_filter = ('deploymentNetwork',) + form = NodeForm + list_display = ('name', 'site', 'deployment') + list_filter = ('deployment',) + inlines = [TagInline,SliverInline] + fieldsets = [('Node Details', {'fields': ['name','site','deployment'], 'classes':['suit-tab suit-tab-details']})] + + suit_form_tabs =(('details','Node Details'),('slivers','Slivers'),('tags','Tags')) class SliverForm(forms.ModelForm): @@ -309,14 +494,38 @@ class SliverForm(forms.ModelForm): widgets = { 'ip': PlainTextWidget(), 'instance_name': PlainTextWidget(), + 'slice': LinkedSelect, + 'deploymentNetwork': LinkedSelect, + 'node': LinkedSelect, + 'image': LinkedSelect } +class ProjectAdmin(admin.ModelAdmin): + inlines = [TagInline] + +class TagAdmin(admin.ModelAdmin): + list_display = ['project', 'name', 'value', 'content_type', 'content_object',] + class SliverAdmin(PlanetStackBaseAdmin): form = SliverForm fieldsets = [ - ('Sliver', {'fields': ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']}) + ('Sliver Details', {'fields': ['slice', 'deploymentNetwork', 'node', 'ip', 'instance_name', 'numberCores', 'image', ], 'classes': ['suit-tab suit-tab-general'], }) ] - list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork'] + list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'node', 'deploymentNetwork'] + + suit_form_tabs =(('general', 'Sliver Details'), + ('tags','Tags'), + ) + + inlines = [TagInline] + + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'slice': + if not request.user.is_admin: + slices = set([sm.slice.name for sm in SlicePrivilege.objects.filter(user=request.user)]) + kwargs['queryset'] = Slice.objects.filter(name__in=list(slices)) + + return super(SliverAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) def queryset(self, request): # admins can see all slivers. Users can only see slivers of @@ -355,6 +564,7 @@ class SliverAdmin(PlanetStackBaseAdmin): auth = request.session.get('auth', {}) auth['tenant'] = obj.slice.name obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.creator = request.user obj.save() def delete_model(self, request, obj): @@ -372,7 +582,7 @@ class UserCreationForm(forms.ModelForm): class Meta: model = User - fields = ('email', 'firstname', 'lastname', 'phone', 'key', 'site') + fields = ('email', 'firstname', 'lastname', 'phone', 'public_key') def clean_password2(self): # Check that the two password entries match @@ -409,7 +619,7 @@ class UserChangeForm(forms.ModelForm): return self.initial["password"] -class UserAdmin(UserAdmin, OSModelAdmin): +class UserAdmin(UserAdmin): class Meta: app_label = "core" @@ -420,24 +630,38 @@ class UserAdmin(UserAdmin, OSModelAdmin): # The fields to be used in displaying the User model. # These override the definitions on the base UserAdmin # that reference specific fields on auth.User. - list_display = ('email', 'site', 'firstname', 'lastname', 'is_admin', 'last_login') - list_filter = ('site',) - inlines = [SitePrivilegeInline, SliceMembershipInline] + list_display = ('email', 'firstname', 'lastname', 'is_admin', 'last_login') + list_filter = () + inlines = [SlicePrivilegeInline,SitePrivilegeInline,DeploymentPrivilegeInline] fieldsets = ( - (None, {'fields': ('email', 'password', 'site', 'is_admin')}), - ('Personal info', {'fields': ('firstname','lastname','phone', 'key')}), + ('Login Details', {'fields': ('email', 'site','password', 'is_admin', 'public_key'), 'classes':['suit-tab suit-tab-general']}), + ('Contact Information', {'fields': ('firstname','lastname','phone', 'timezone'), 'classes':['suit-tab suit-tab-contact']}), #('Important dates', {'fields': ('last_login',)}), ) add_fieldsets = ( (None, { 'classes': ('wide',), - 'fields': ('email', 'firstname', 'lastname', 'phone', 'site', 'key','password1', 'password2', 'is_admin')} + 'fields': ('email', 'firstname', 'lastname', 'phone', 'public_key','password1', 'password2')} ), ) search_fields = ('email',) ordering = ('email',) filter_horizontal = () + suit_form_tabs =(('general','Login Details'),('contact','Contact Information'),('sliceprivileges','Slice Privileges'),('siteprivileges','Site Privileges'),('deploymentprivileges','Deployment Privileges')) + + def formfield_for_foreignkey(self, db_field, request, **kwargs): + if db_field.name == 'site': + if not request.user.is_admin: + # show sites where caller is an admin or pi + sites = [] + for site_privilege in SitePrivilege.objects.filer(user=request.user): + if site_privilege.role.role_type in ['admin', 'pi']: + sites.append(site_privilege.site.login_base) + kwargs['queryset'] = Site.objects.filter(login_base__in(list(sites))) + + return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs) + class ServiceResourceInline(admin.TabularInline): model = ServiceResource extra = 0 @@ -446,8 +670,190 @@ class ServiceClassAdmin(admin.ModelAdmin): list_display = ('name', 'commitment', 'membershipFee') inlines = [ServiceResourceInline] -class ServiceResourceAdmin(admin.ModelAdmin): - list_display = ('serviceClass', 'name', 'cost', 'calendarReservable', 'maxUnitsDeployment', 'maxUnitsNode') +class ReservedResourceInline(admin.TabularInline): + model = ReservedResource + extra = 0 + suit_classes = 'suit-tab suit-tab-reservedresources' + + def formfield_for_foreignkey(self, db_field, request=None, **kwargs): + field = super(ReservedResourceInline, self).formfield_for_foreignkey(db_field, request, **kwargs) + + if db_field.name == 'resource': + # restrict resources to those that the slice's service class allows + if request._slice is not None: + field.queryset = field.queryset.filter(serviceClass = request._slice.serviceClass, calendarReservable=True) + if len(field.queryset) > 0: + field.initial = field.queryset.all()[0] + else: + field.queryset = field.queryset.none() + elif db_field.name == 'sliver': + # restrict slivers to those that belong to the slice + if request._slice is not None: + field.queryset = field.queryset.filter(slice = request._slice) + else: + field.queryset = field.queryset.none() + + return field + +class ReservationChangeForm(forms.ModelForm): + class Meta: + model = Reservation + widgets = { + 'slice' : LinkedSelect + } + +class ReservationAddForm(forms.ModelForm): + slice = forms.ModelChoiceField(queryset=Slice.objects.all(), widget=forms.Select(attrs={"onChange":"document.getElementById('id_refresh').value=1; submit()"})) + refresh = forms.CharField(widget=forms.HiddenInput()) + + class Media: + css = {'all': ('planetstack.css',)} # .field-refresh { display: none; } + + def clean_slice(self): + slice = self.cleaned_data.get("slice") + x = ServiceResource.objects.filter(serviceClass = slice.serviceClass, calendarReservable=True) + if len(x) == 0: + raise forms.ValidationError("The slice you selected does not have a service class that allows reservations") + return slice + + class Meta: + model = Reservation + widgets = { + 'slice' : LinkedSelect + } + + +class ReservationAddRefreshForm(ReservationAddForm): + """ This form is displayed when the Reservation Form receives an update + from the Slice dropdown onChange handler. It doesn't validate the + data and doesn't save the data. This will cause the form to be + redrawn. + """ + + """ don't validate anything other than slice """ + dont_validate_fields = ("startTime", "duration") + + def full_clean(self): + result = super(ReservationAddForm, self).full_clean() + + for fieldname in self.dont_validate_fields: + if fieldname in self._errors: + del self._errors[fieldname] + + return result + + """ don't save anything """ + def is_valid(self): + return False + +class ReservationAdmin(admin.ModelAdmin): + fieldsets = [('Reservation Details', {'fields': ['startTime', 'duration','slice'], 'classes': ['suit-tab suit-tab-general']})] + list_display = ('startTime', 'duration') + form = ReservationAddForm + + suit_form_tabs = (('general','Reservation Details'), ('reservedresources','Reserved Resources')) + + inlines = [ReservedResourceInline] + + def add_view(self, request, form_url='', extra_context=None): + timezone.activate(request.user.timezone) + request._refresh = False + request._slice = None + if request.method == 'POST': + # "refresh" will be set to "1" if the form was submitted due to + # a change in the Slice dropdown. + if request.POST.get("refresh","1") == "1": + request._refresh = True + request.POST["refresh"] = "0" + + # Keep track of the slice that was selected, so the + # reservedResource inline can filter items for the slice. + request._slice = request.POST.get("slice",None) + if (request._slice is not None): + request._slice = Slice.objects.get(id=request._slice) + + result = super(ReservationAdmin, self).add_view(request, form_url, extra_context) + return result + + def changelist_view(self, request, extra_context = None): + timezone.activate(request.user.timezone) + return super(ReservationAdmin, self).changelist_view(request, extra_context) + + def get_form(self, request, obj=None, **kwargs): + request._obj_ = obj + if obj is not None: + # For changes, set request._slice to the slice already set in the + # object. + request._slice = obj.slice + self.form = ReservationChangeForm + else: + if getattr(request, "_refresh", False): + self.form = ReservationAddRefreshForm + else: + self.form = ReservationAddForm + return super(ReservationAdmin, self).get_form(request, obj, **kwargs) + + def get_readonly_fields(self, request, obj=None): + if (obj is not None): + # Prevent slice from being changed after the reservation has been + # created. + return ['slice'] + else: + return [] + +class NetworkParameterTypeAdmin(admin.ModelAdmin): + list_display = ("name", ) + +class RouterAdmin(admin.ModelAdmin): + list_display = ("name", ) + +class RouterInline(admin.TabularInline): + model = Router.networks.through + extra = 0 + verbose_name_plural = "Routers" + verbose_name = "Router" + suit_classes = 'suit-tab suit-tab-routers' + +class NetworkParameterInline(generic.GenericTabularInline): + model = NetworkParameter + extra = 1 + verbose_name_plural = "Parameters" + verbose_name = "Parameter" + suit_classes = 'suit-tab suit-tab-netparams' + +class NetworkSliversInline(admin.TabularInline): + readonly_fields = ("ip", ) + model = NetworkSliver + extra = 0 + verbose_name_plural = "Slivers" + verbose_name = "Sliver" + suit_classes = 'suit-tab suit-tab-networkslivers' + +class NetworkSlicesInline(admin.TabularInline): + model = NetworkSlice + extra = 0 + verbose_name_plural = "Slices" + verbose_name = "Slice" + suit_classes = 'suit-tab suit-tab-networkslices' + +class NetworkAdmin(admin.ModelAdmin): + list_display = ("name", "subnet", "ports", "labels") + readonly_fields = ("subnet", ) + + inlines = [NetworkParameterInline, NetworkSliversInline, NetworkSlicesInline, RouterInline] + + fieldsets = [ + (None, {'fields': ['name','template','ports','labels','owner','guaranteedBandwidth', 'permitAllSlices','permittedSlices','network_id','router_id','subnet_id','subnet'], 'classes':['suit-tab suit-tab-general']}),] + + suit_form_tabs =( + ('general','Network Details'), + ('netparams', 'Parameters'), + ('networkslivers','Slivers'), + ('networkslices','Slices'), + ('routers','Routers'), + ) +class NetworkTemplateAdmin(admin.ModelAdmin): + list_display = ("name", "guaranteedBandwidth", "visibility") # register a signal that caches the user's credentials when they log in def cache_credentials(sender, user, request, **kwds): @@ -462,17 +868,33 @@ admin.site.register(User, UserAdmin) # unregister the Group model from admin. admin.site.unregister(Group) +#Do not show django evolution in the admin interface +from django_evolution.models import Version, Evolution +admin.site.unregister(Version) +admin.site.unregister(Evolution) + + +# When debugging it is often easier to see all the classes, but for regular use +# only the top-levels should be displayed +showAll = True + +admin.site.register(Deployment, DeploymentAdmin) admin.site.register(Site, SiteAdmin) -admin.site.register(SitePrivilege, SitePrivilegeAdmin) admin.site.register(Slice, SliceAdmin) -admin.site.register(SliceMembership, SliceMembershipAdmin) -#admin.site.register(Subnet) -admin.site.register(Image, ImageAdmin) -admin.site.register(Node, NodeAdmin) -admin.site.register(Sliver, SliverAdmin) -admin.site.register(Key, KeyAdmin) -admin.site.register(Role, RoleAdmin) -admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin) +admin.site.register(Project, ProjectAdmin) admin.site.register(ServiceClass, ServiceClassAdmin) -admin.site.register(ServiceResource, ServiceResourceAdmin) +admin.site.register(Reservation, ReservationAdmin) +admin.site.register(Network, NetworkAdmin) +admin.site.register(Router, RouterAdmin) +admin.site.register(NetworkParameterType, NetworkParameterTypeAdmin) +admin.site.register(NetworkTemplate, NetworkTemplateAdmin) + +if showAll: + #admin.site.register(PlanetStack) + admin.site.register(Tag, TagAdmin) + admin.site.register(Node, NodeAdmin) + #admin.site.register(SlicePrivilege, SlicePrivilegeAdmin) + #admin.site.register(SitePrivilege, SitePrivilegeAdmin) + admin.site.register(Sliver, SliverAdmin) + admin.site.register(Image, ImageAdmin)