X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plstackapi%2Fcore%2Fadmin.py;h=d0b83e7e7b7041f7e202ec42ac1b66b5086e6b4f;hb=659dd52fcd50b58549f1eaa2812223792b4e4104;hp=7e19cf1470e76a8d9842a4056d00fec45a2b8a01;hpb=5343728471276810ce3f808f6b557271d5991384;p=plstackapi.git diff --git a/plstackapi/core/admin.py b/plstackapi/core/admin.py index 7e19cf1..d0b83e7 100644 --- a/plstackapi/core/admin.py +++ b/plstackapi/core/admin.py @@ -1,13 +1,15 @@ from plstackapi.core.models import Site from plstackapi.core.models import * +from plstackapi.openstack.manager import OpenStackManager + from django.contrib import admin from django.contrib.auth.models import Group - from django import forms from django.utils.safestring import mark_safe from django.contrib.auth.admin import UserAdmin from django.contrib.admin.widgets import FilteredSelectMultiple from django.contrib.auth.forms import ReadOnlyPasswordHashField +from django.contrib.auth.signals import user_logged_in class ReadonlyTabularInline(admin.TabularInline): @@ -28,20 +30,64 @@ class ReadonlyTabularInline(admin.TabularInline): class SliverInline(admin.TabularInline): model = Sliver - fields = ['ip', 'name', 'slice', 'flavor', 'image', 'key', 'node', 'deploymentNetwork'] + fields = ['ip', 'name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork'] extra = 0 class SiteInline(admin.TabularInline): model = Site extra = 0 +class SliceInline(admin.TabularInline): + model = Slice + extra = 0 + +class UserInline(admin.TabularInline): + model = PLUser + extra = 0 + +class RoleInline(admin.TabularInline): + model = Role + extra = 0 + class NodeInline(admin.TabularInline): model = Node extra = 0 +class PlainTextWidget(forms.HiddenInput): + input_type = 'hidden' + + def render(self, name, value, attrs=None): + if value is None: + value = '' + return mark_safe(value + super(PlainTextWidget, self).render(name, value, attrs)) + class PlanetStackBaseAdmin(admin.ModelAdmin): save_on_top = False +class OSModelAdmin(PlanetStackBaseAdmin): + """Attach client connection to openstack on delete() and save()""" + + def save_model(self, request, obj, form, change): + if request.user.site: + auth = request.session.get('auth', {}) + auth['tenant'] = request.user.site.login_base + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.save() + + def delete_model(self, request, obj): + if request.user.site: + auth = request.session.get('auth', {}) + auth['tenant'] = request.user.site.login_base + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.delete() + +class RoleAdmin(OSModelAdmin): + fieldsets = [ + ('Role', {'fields': ['role_type']}) + ] + list_display = ('role_type',) + + class DeploymentNetworkAdminForm(forms.ModelForm): sites = forms.ModelMultipleChoiceField( queryset=Site.objects.all(), @@ -61,7 +107,6 @@ class DeploymentNetworkAdminForm(forms.ModelForm): def save(self, commit=True): deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False) - if commit: deploymentNetwork.save() @@ -75,7 +120,18 @@ class DeploymentNetworkAdmin(PlanetStackBaseAdmin): form = DeploymentNetworkAdminForm inlines = [NodeInline,] -class SiteAdmin(admin.ModelAdmin): + def get_formsets(self, request, obj=None): + for inline in self.get_inline_instances(request, obj): + # hide MyInline in the add view + if obj is None: + continue + # give inline object access to driver and caller + auth = request.session.get('auth', {}) + auth['tenant'] = request.user.site.login_base + inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) + yield inline.get_formset(request, obj) + +class SiteAdmin(OSModelAdmin): fieldsets = [ (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}), ('Location', {'fields': ['latitude', 'longitude']}), @@ -86,20 +142,113 @@ class SiteAdmin(admin.ModelAdmin): inlines = [NodeInline,] search_fields = ['name'] -class KeyAdmin(admin.ModelAdmin): + def get_formsets(self, request, obj=None): + for inline in self.get_inline_instances(request, obj): + # hide MyInline in the add view + if obj is None: + continue + # give inline object access to driver and caller + auth = request.session.get('auth', {}) + auth['tenant'] = request.user.site.login_base + inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) + yield inline.get_formset(request, obj) + +class SitePrivilegeAdmin(PlanetStackBaseAdmin): + fieldsets = [ + (None, {'fields': ['user', 'site', 'role']}) + ] + list_display = ('user', 'site', 'role') + + def save_model(self, request, obj, form, change): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.site.login_base + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.save() + + def delete_model(self, request, obj): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.site.login_base + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.delete() + +class KeyAdmin(OSModelAdmin): fieldsets = [ ('Key', {'fields': ['name', 'key', 'type', 'blacklisted', 'user']}) ] list_display = ['name', 'key', 'type', 'blacklisted', 'user'] -class SliceAdmin(PlanetStackBaseAdmin): - fields = ['name', 'site', 'instantiation', 'description', 'slice_url'] - list_display = ('name', 'site','slice_url', 'instantiation') + def get_queryset(self, request): + # get keys user is allowed to see + qs = super(KeyAdmin, self).get_queryset(request) + if request.user.is_superuser: + return qs + # users can only see their own keys + return qs.filter(user=request.user) + + +class SliceAdmin(OSModelAdmin): + fields = ['name', 'site', 'serviceClass', 'description', 'slice_url'] + list_display = ('name', 'site','serviceClass', 'slice_url') inlines = [SliverInline] -class SubnetAdmin(admin.ModelAdmin): + def get_formsets(self, request, obj=None): + for inline in self.get_inline_instances(request, obj): + # hide MyInline in the add view + if obj is None: + continue + # give inline object access to driver and caller + auth = request.session.get('auth', {}) + auth['tenant'] = obj.name # meed to connect using slice's tenant + inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user) + yield inline.get_formset(request, obj) + + def get_queryset(self, request): + qs = super(SliceAdmin, self).get_queryset(request) + if request.user.is_superuser: + return qs + # users can only see slices at their site + return qs.filter(site=request.user.site) + +class SliceMembershipAdmin(PlanetStackBaseAdmin): + fieldsets = [ + (None, {'fields': ['user', 'slice', 'role']}) + ] + list_display = ('user', 'slice', 'role') + + def save_model(self, request, obj, form, change): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.save() + + def delete_model(self, request, obj): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.delete() + + +class SubnetAdmin(PlanetStackBaseAdmin): fields = ['cidr', 'ip_version', 'start', 'end', 'slice'] - list_display = ('slice','cidr', 'start', 'end', 'ip_version' ) + list_display = ('slice','cidr', 'start', 'end', 'ip_version') + + def save_model(self, request, obj, form, change): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.save() + + def delete_model(self, request, obj): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.delete() class ImageAdmin(admin.ModelAdmin): fields = ['image_id', 'name', 'disk_format', 'container_format'] @@ -108,31 +257,37 @@ class NodeAdmin(admin.ModelAdmin): list_display = ('name', 'site', 'deploymentNetwork') list_filter = ('deploymentNetwork',) -class RoleAdmin(admin.ModelAdmin): - fieldsets = [ - ('Role', {'fields': ['role_type']}) - ] - list_display = ('role_type',) - -class PlainTextWidget(forms.Widget): - def render(self, _name, value, attrs): - return mark_safe(value) if value is not None else '' class SliverForm(forms.ModelForm): class Meta: ip = forms.CharField(widget=PlainTextWidget) + instance_name = forms.CharField(widget=PlainTextWidget) model = Sliver widgets = { 'ip': PlainTextWidget(), + 'instance_name': PlainTextWidget(), } -class SliverAdmin(admin.ModelAdmin): +class SliverAdmin(PlanetStackBaseAdmin): form = SliverForm fieldsets = [ - ('Sliver', {'fields': ['ip', 'name', 'slice', 'flavor', 'image', 'key', 'node', 'deploymentNetwork']}) + ('Sliver', {'fields': ['ip', 'instance_name', 'name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']}) ] - list_display = ['ip', 'name', 'slice', 'flavor', 'image', 'key', 'node', 'deploymentNetwork'] - + list_display = ['ip', 'instance_name', 'name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork'] + + def save_model(self, request, obj, form, change): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.save() + + def delete_model(self, request, obj): + # update openstack connection to use this site/tenant + auth = request.session.get('auth', {}) + auth['tenant'] = obj.slice.name + obj.os_manager = OpenStackManager(auth=auth, caller=request.user) + obj.delete() class UserCreationForm(forms.ModelForm): """A form for creating new users. Includes all the required @@ -155,7 +310,8 @@ class UserCreationForm(forms.ModelForm): def save(self, commit=True): # Save the provided password in hashed format user = super(UserCreationForm, self).save(commit=False) - user.set_password(self.cleaned_data["password1"]) + user.password = self.cleaned_data["password1"] + #user.set_password(self.cleaned_data["password1"]) if commit: user.save() return user @@ -178,7 +334,7 @@ class UserChangeForm(forms.ModelForm): return self.initial["password"] -class PLUserAdmin(UserAdmin): +class PLUserAdmin(UserAdmin, OSModelAdmin): class Meta: app_label = "core" @@ -206,6 +362,13 @@ class PLUserAdmin(UserAdmin): ordering = ('email',) filter_horizontal = () +# register a signal that caches the user's credentials when they log in +def cache_credentials(sender, user, request, **kwds): + auth = {'username': request.POST['username'], + 'password': request.POST['password']} + request.session['auth'] = auth +user_logged_in.connect(cache_credentials) + # Now register the new UserAdmin... admin.site.register(PLUser, PLUserAdmin) # ... and, since we're not using Django's builtin permissions, @@ -213,14 +376,13 @@ admin.site.register(PLUser, PLUserAdmin) admin.site.unregister(Group) admin.site.register(Site, SiteAdmin) -admin.site.register(SitePrivilege) +admin.site.register(SitePrivilege, SitePrivilegeAdmin) admin.site.register(Slice, SliceAdmin) -admin.site.register(SliceMembership) +admin.site.register(SliceMembership, SliceMembershipAdmin) admin.site.register(Subnet, SubnetAdmin) admin.site.register(Image, ImageAdmin) admin.site.register(Node, NodeAdmin) admin.site.register(Sliver, SliverAdmin) -admin.site.register(Flavor) admin.site.register(Key, KeyAdmin) admin.site.register(Role, RoleAdmin) admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin)