X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Fmanagementtabrequests.py;h=2d1cdefd1d46e48111e194868f4752f283f8f519;hb=refs%2Fheads%2Fonelab;hp=850bbc68b4dd8bdbb23017757119a704c0110d57;hpb=58575ad29f72754370a220cc20bf0eaa278f5263;p=myslice.git diff --git a/portal/managementtabrequests.py b/portal/managementtabrequests.py index 850bbc68..2d1cdefd 100644 --- a/portal/managementtabrequests.py +++ b/portal/managementtabrequests.py @@ -1,3 +1,5 @@ +import json + from django.template import RequestContext from django.shortcuts import render_to_response @@ -7,6 +9,8 @@ from manifoldapi.manifoldapi import execute_query from django.views.generic.base import TemplateView from unfold.loginrequired import LoginRequiredView +from unfold.page import Page + from django.http import HttpResponse from django.shortcuts import render @@ -16,8 +20,7 @@ from manifoldapi.manifoldapi import execute_query from portal.actions import get_requests from myslice.theme import ThemeView - -import json +from myslice.settings import logger class ManagementRequestsView (LoginRequiredView, ThemeView): template_name = "management-tab-requests.html" @@ -45,7 +48,7 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): sfa_platforms_query = Query().get('local:platform').filter_by('gateway_type', '==', 'sfa').select('platform_id', 'platform', 'auth_type') sfa_platforms = execute_query(self.request, sfa_platforms_query) for sfa_platform in sfa_platforms: - print "SFA PLATFORM > ", sfa_platform['platform'] + logger.info("SFA PLATFORM > {}".format(sfa_platform['platform'])) if not 'auth_type' in sfa_platform: continue auth = sfa_platform['auth_type'] @@ -53,7 +56,7 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): all_authorities.append(auth) platform_ids.append(sfa_platform['platform_id']) - print "W: Hardcoding platform myslice" + logger.warning("W: Hardcoding platform myslice") # There has been a tweak on how new platforms are referencing a # so-called 'myslice' platform for storing authentication tokens. # XXX This has to be removed in final versions. @@ -73,35 +76,34 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): for user_account in user_accounts: - print "USER ACCOUNT", user_account if user_account['auth_type'] == 'reference': continue # we hardcoded the myslice platform... config = json.loads(user_account['config']) creds = [] - print "CONFIG KEYS", config.keys() if 'authority_credentials' in config: - print "***", config['authority_credentials'].keys() for authority_hrn, credential in config['authority_credentials'].items(): credential_authorities.add(authority_hrn) if 'delegated_authority_credentials' in config: - print "***", config['delegated_authority_credentials'].keys() for authority_hrn, credential in config['delegated_authority_credentials'].items(): credential_authorities.add(authority_hrn) - print 'credential_authorities =', credential_authorities - print 'credential_authorities_expired =', credential_authorities_expired + # CACHE PB with fields + page = Page(self.request) + metadata = page.get_metadata() + user_md = metadata.details_by_object('user') + user_fields = [column['name'] for column in user_md['column']] # ** Where am I a PI ** # For this we need to ask SFA (of all authorities) = PI function - pi_authorities_query = Query.get('user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities') + pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select(user_fields) pi_authorities_tmp = execute_query(self.request, pi_authorities_query) pi_authorities = set() try: for pa in pi_authorities_tmp: pi_authorities |= set(pa['pi_authorities']) - except: - print 'No pi_authorities' + except Exception as e: + logger.error('No pi_authorities') pi_credential_authorities = pi_authorities & credential_authorities pi_no_credential_authorities = pi_authorities - credential_authorities - credential_authorities_expired @@ -119,22 +121,27 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): # iterate on the requests and check if the authority matches a prefix # startswith an authority on which the user is PI - requests = get_requests() + if len(pi_my_authorities)>0: + requests = get_requests(pi_my_authorities) + else: + requests = get_requests() for r in requests: auth_hrn = r['authority_hrn'] for my_auth in pi_my_authorities: if auth_hrn.startswith(my_auth): dest = ctx_my_authorities r['allowed'] = 'allowed' - for my_auth in pi_delegation_authorities: - if auth_hrn.startswith(my_auth): - dest = ctx_delegation_authorities - r['allowed'] = 'allowed' + + #for my_auth in pi_delegation_authorities: + # if auth_hrn.startswith(my_auth): + # dest = ctx_delegation_authorities + # r['allowed'] = 'allowed' if auth_hrn in pi_expired_credential_authorities: r['allowed'] = 'expired' if 'allowed' not in r: - r['allowed'] = 'denied' - + ## TEMP FIX for allowing new authority registration + #r['allowed'] = 'denied' + r['allowed'] = 'allowed' if not auth_hrn in dest: dest[auth_hrn] = [] @@ -157,8 +164,8 @@ class ManagementRequestsView (LoginRequiredView, ThemeView): # env['section'] = "Requests" context = super(ManagementRequestsView, self).get_context_data(**kwargs) - print "testing" - print ctx_my_authorities + + context['my_authorities'] = ctx_my_authorities context['sub_authorities'] = ctx_sub_authorities context['delegation_authorities'] = ctx_delegation_authorities