X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=portal%2Fvalidationview.py;h=8c9d2105d9daf28ba580d4039023e0ad30e1e195;hb=refs%2Fheads%2Fonelab;hp=e0f4ab1baacf5b6ae36d6d649a0f2e22beeb0c1d;hpb=d251934bd71c678f552dc9a1d49c3f8efe102e1e;p=myslice.git diff --git a/portal/validationview.py b/portal/validationview.py index e0f4ab1b..8c9d2105 100644 --- a/portal/validationview.py +++ b/portal/validationview.py @@ -28,7 +28,7 @@ from django.http import HttpResponseRedirect, HttpResponse from django.shortcuts import render from django.template.loader import render_to_string -from unfold.loginrequired import FreeAccessView +from unfold.loginrequired import LoginRequiredAutoLogoutView from ui.topmenu import topmenu_items_live, the_user from portal.event import Event @@ -44,12 +44,15 @@ from portal.actions import get_requests from manifoldapi.manifoldapi import execute_query from manifold.core.query import Query from unfold.page import Page -from theme import ThemeView -class ValidatePendingView(FreeAccessView, ThemeView): +from myslice.theme import ThemeView +from myslice.settings import logger + +class ValidatePendingView(LoginRequiredAutoLogoutView, ThemeView): template_name = "validate_pending.html" def get_context_data(self, **kwargs): + pi = "" # We might have slices on different registries with different user accounts # We note that this portal could be specific to a given registry, to which we register users, but i'm not sure that simplifies things # Different registries mean different identities, unless we identify via SFA HRN or have associated the user email to a single hrn @@ -89,7 +92,7 @@ class ValidatePendingView(FreeAccessView, ThemeView): sfa_platforms_query = Query().get('local:platform').filter_by('gateway_type', '==', 'sfa').select('platform_id', 'platform', 'auth_type') sfa_platforms = execute_query(self.request, sfa_platforms_query) for sfa_platform in sfa_platforms: - print "SFA PLATFORM > ", sfa_platform['platform'] + logger.info("SFA PLATFORM > {}".format(sfa_platform['platform'])) if not 'auth_type' in sfa_platform: continue auth = sfa_platform['auth_type'] @@ -97,7 +100,7 @@ class ValidatePendingView(FreeAccessView, ThemeView): all_authorities.append(auth) platform_ids.append(sfa_platform['platform_id']) - print "W: Hardcoding platform myslice" + logger.warning("W: Hardcoding platform myslice") # There has been a tweak on how new platforms are referencing a # so-called 'myslice' platform for storing authentication tokens. # XXX This has to be removed in final versions. @@ -119,30 +122,30 @@ class ValidatePendingView(FreeAccessView, ThemeView): #print "=" * 80 for user_account in user_accounts: - print "USER ACCOUNT", user_account + logger.debug("USER ACCOUNT {}".format(user_account)) if user_account['auth_type'] == 'reference': continue # we hardcoded the myslice platform... config = json.loads(user_account['config']) creds = [] - print "CONFIG KEYS", config.keys() + logger.debug("CONFIG KEYS {}".format(config.keys())) if 'authority_credentials' in config: - print "***", config['authority_credentials'].keys() + logger.debug("*** AC {}".format(config['authority_credentials'].keys())) for authority_hrn, credential in config['authority_credentials'].items(): #if credential is not expired: credential_authorities.add(authority_hrn) #else # credential_authorities_expired.add(authority_hrn) if 'delegated_authority_credentials' in config: - print "***", config['delegated_authority_credentials'].keys() + logger.debug("*** DAC {}".format(config['delegated_authority_credentials'].keys())) for authority_hrn, credential in config['delegated_authority_credentials'].items(): #if credential is not expired: credential_authorities.add(authority_hrn) #else # credential_authorities_expired.add(authority_hrn) - print 'credential_authorities =', credential_authorities - print 'credential_authorities_expired =', credential_authorities_expired + logger.debug('credential_authorities = {}'.format(credential_authorities)) + logger.debug('credential_authorities_expired = {}'.format(credential_authorities_expired)) # # Using cache manifold-tables to get the list of authorities faster # all_authorities_query = Query.get('authority').select('name', 'authority_hrn') @@ -150,11 +153,20 @@ class ValidatePendingView(FreeAccessView, ThemeView): # ** Where am I a PI ** # For this we need to ask SFA (of all authorities) = PI function - pi_authorities_query = Query.get('user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities') + pi_authorities_query = Query.get('myslice:user').filter_by('user_hrn', '==', '$user_hrn').select('pi_authorities') pi_authorities_tmp = execute_query(self.request, pi_authorities_query) pi_authorities = set() - for pa in pi_authorities_tmp: - pi_authorities |= set(pa['pi_authorities']) + try: + for pa in pi_authorities_tmp: + pi_authorities |= set(pa['pi_authorities']) + except Exception as e: + logger.error('No pi_authorities') +# TODO: exception if no parent_authority +# try: +# for pa in pi_authorities_tmp: +# pi_authorities |= set(pa['pi_authorities']) +# except: + # # include all sub-authorities of the PI # # if PI on ple, include all sub-auths ple.upmc, ple.inria and so on... @@ -247,9 +259,11 @@ class ValidatePendingView(FreeAccessView, ThemeView): if not auth_hrn in dest: dest[auth_hrn] = [] - dest[auth_hrn].append(request) + dest[auth_hrn].append(request) context = super(ValidatePendingView, self).get_context_data(**kwargs) + logger.debug("testing") + logger.debug(ctx_my_authorities) context['my_authorities'] = ctx_my_authorities context['sub_authorities'] = ctx_sub_authorities context['delegation_authorities'] = ctx_delegation_authorities @@ -261,8 +275,9 @@ class ValidatePendingView(FreeAccessView, ThemeView): context['topmenu_items'] = topmenu_items_live('Validation', page) # so we can sho who is logged context['username'] = the_user(self.request) - + context['pi'] = "is_pi" context['theme'] = self.theme + context['section'] = "Requests" # XXX We need to prepare the page for queries #context.update(page.prelude_env())