From: Loic Baron <loic.baron@lip6.fr>
Date: Wed, 21 Jan 2015 14:37:05 +0000 (+0100)
Subject: Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into onelab
X-Git-Tag: myslice-1.3~113^2~4
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=ac575fb40a8a128cdac22bdc0b868012011c5e66;hp=bc4a0bc510121f893be6b7c0d28168f9bc48149d;p=myslice.git

Merge branch 'onelab' of ssh://git.onelab.eu/git/myslice into onelab
---

diff --git a/portal/actions.py b/portal/actions.py
index e8a4d018..8965a9fe 100644
--- a/portal/actions.py
+++ b/portal/actions.py
@@ -24,8 +24,7 @@ import activity.slice
 #from sfa.util.xrn                import Xrn 
 
 
-# Get the list of authorities
-
+# Get the list of pis in a given authority
 def authority_get_pis(request, authority_hrn):
 
     # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
@@ -40,6 +39,73 @@ def authority_get_pis(request, authority_hrn):
     #return result['pi_users']
     return results
 
+#check the user is pi or not in the registry
+def authority_check_pis(request, user_email):
+    try:
+        user_query  = Query().get('local:user').filter_by('email', '==', user_email).select('user_id','email','password','config')
+        user_details = execute_admin_query(request, user_query)
+    
+        # getting the authority_hrn
+        for user_detail in user_details:
+            user_id = user_detail['user_id']
+            if user_detail['config']:
+                config = json.loads(user_detail['config'])
+                authority_hrn = config.get('authority','Unknown Authority')
+ 
+        account_query  = Query().get('local:account').filter_by('user_id', '==', user_id).select('user_id','platform_id','auth_type','config')
+        account_details = execute_admin_query(request, account_query)
+    
+        platform_query  = Query().get('local:platform').select('platform_id','platform')
+        platform_details = execute_admin_query(request, platform_query)
+    
+        for account_detail in account_details:
+            for platform_detail in platform_details:
+                if platform_detail['platform_id'] == account_detail['platform_id']:
+                    if 'myslice' in platform_detail['platform']:
+                        account_config = json.loads(account_detail['config'])
+                        user_hrn = account_config.get('user_hrn','N/A')
+
+        pi_status = False
+        pis = authority_get_pis (request, authority_hrn)
+        for pi in pis:
+            pi_list = pi['pi_users']
+
+        if user_hrn in pi_list:
+            pi_status = True
+        return pi_status
+
+    except Exception,e:
+        print "Exception in actions.py in authority_check_pis %s" % e
+        return None
+
+
+def authority_add_pis(request, authority_hrn,user_hrn):
+
+    # getting pis of the authority of the user
+    pis = authority_get_pis (request, authority_hrn)
+    for pi in pis:
+        pi_list = pi['pi_users']
+   
+    updated_pi_list = pi_list.append(user_hrn) 
+    query = Query.update('authority').filter_by('authority_hrn', '==', authority_hrn).set({'pi_users':pi_list})
+    results = execute_admin_query(request,query)
+    newpis = authority_get_pis (request, authority_hrn)
+    return newpis
+
+def authority_remove_pis(request, authority_hrn,user_hrn):
+
+    # getting pis of the authority of the user
+    pis = authority_get_pis (request, authority_hrn)
+    for pi in pis:
+        pi_list = pi['pi_users']
+ 
+    updated_pi_list = pi_list.remove(user_hrn) 
+    query = Query.update('authority').filter_by('authority_hrn', '==', authority_hrn).set({'pi_users':pi_list})
+    results = execute_admin_query(request,query)
+    newpis = authority_get_pis (request, authority_hrn)
+    return newpis
+
+
 def authority_get_pi_emails(request, authority_hrn):
     pi_users = authority_get_pis(request,authority_hrn)
     print "pi_users = %s" % pi_users
diff --git a/portal/manageuserview.py b/portal/manageuserview.py
index 52a69daf..1be4e822 100644
--- a/portal/manageuserview.py
+++ b/portal/manageuserview.py
@@ -2,7 +2,8 @@ from unfold.loginrequired               import LoginRequiredAutoLogoutView
 #
 from manifold.core.query                import Query
 from manifoldapi.manifoldapi            import execute_query, execute_admin_query
-from portal.actions                     import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account, sfa_update_user
+from portal.actions                     import manifold_update_user, manifold_update_account, manifold_add_account, manifold_delete_account
+from portal.actions                     import sfa_update_user, authority_get_pis, authority_add_pis, authority_remove_pis,authority_check_pis ,clear_user_creds
 #
 from unfold.page                        import Page    
 from ui.topmenu                         import topmenu_items_live, the_user
@@ -52,6 +53,8 @@ class UserView(LoginRequiredAutoLogoutView, ThemeView):
             #email = user_detail['email']
             if user_detail['config']:
                 config = json.loads(user_detail['config'])
+                authority_hrn = config.get('authority','Unknown Authority')
+                
 
         platform_query  = Query().get('local:platform').select('platform_id','platform','gateway_type','disabled')
         account_query  = Query().get('local:account').filter_by('user_id', '==', user_id).select('user_id','platform_id','auth_type','config')
@@ -101,11 +104,15 @@ class UserView(LoginRequiredAutoLogoutView, ThemeView):
                         account_usr_hrn = account_config.get('user_hrn','N/A')
                         account_pub_key = account_config.get('user_public_key','N/A')
                         account_reference = account_config.get ('reference_platform','N/A')
+
                     # credentials of myslice platform
                     if 'myslice' in platform_detail['platform']:
                         acc_user_cred = account_config.get('delegated_user_credential','N/A')
                         acc_slice_cred = account_config.get('delegated_slice_credentials','N/A')
                         acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
+                        #usr_hrn of myslice platform. used to check pi or no
+                        account_usr_hrn_myslice = account_config.get('user_hrn','N/A')
+
 
                         if 'N/A' not in acc_user_cred:
                             exp_date = re.search('<expires>(.*)</expires>', acc_user_cred)
@@ -140,8 +147,7 @@ class UserView(LoginRequiredAutoLogoutView, ThemeView):
 
                             my_auths = [{'auth_name': t[0], 'cred_exp': t[1]}
                                 for t in zip(auth_list, auth_cred_exp_list)]
-
-
+                       
                     # for reference accounts
                     if 'reference' in account_detail['auth_type']:
                         account_type = 'Reference'
@@ -184,6 +190,9 @@ class UserView(LoginRequiredAutoLogoutView, ThemeView):
         platform_list = [{'platform_no_access': t[0]}
             for t in itertools.izip_longest(total_platform_list)]
 
+        ## check pi or no
+        pi_status = authority_check_pis(self.request, user_email)
+
         context = super(UserView, self).get_context_data(**kwargs)
         context['principal_acc'] = principal_acc_list
         context['ref_acc'] = ref_acc_list
@@ -198,6 +207,7 @@ class UserView(LoginRequiredAutoLogoutView, ThemeView):
         context['fullname'] = context['firstname'] +' '+ context['lastname']
         context['authority'] = config.get('authority',"Unknown Authority")
         context['user_private_key'] = account_priv_key
+        context['pi'] = pi_status
         
         # XXX This is repeated in all pages
         # more general variables expected in the template
@@ -462,27 +472,51 @@ def user_process(request, **kwargs):
 
     #clear all creds
     elif 'clear_cred' in request.POST:
+        clear_user_creds(request, user_email)
+        messages.success(request, 'All Credentials cleared')
+        return HttpResponseRedirect(redirect_url)
+
+    #make a user PI
+    elif 'makepi' in request.POST:
+        # getting user's authority_hrn
+        config={}
+        for user_config in user_details:
+            if user_config['config']:
+                user_config = json.loads(user_config['config'])
+                authority_hrn = user_config.get('authority','Unknown Authority')
+
+        #getting user_hrn
         for account_detail in account_details:
             for platform_detail in platform_details:
                 if platform_detail['platform_id'] == account_detail['platform_id']:
                     if 'myslice' in platform_detail['platform']:
                         account_config = json.loads(account_detail['config'])
-                        user_cred = account_config.get('delegated_user_credential','N/A')
-                        if 'N/A' not in user_cred:
-                            user_hrn = account_config.get('user_hrn','N/A')
-                            user_pub_key = json.dumps(account_config.get('user_public_key','N/A'))
-                            user_priv_key = json.dumps(account_config.get('user_private_key','N/A'))
-                            updated_config = '{"user_public_key":'+ user_pub_key + ', "user_private_key":'+ user_priv_key + ', "user_hrn":"'+ user_hrn + '"}'
-                            user_params = { 'config': updated_config}
-                            manifold_update_account(request, user_id,user_params)
-                            messages.success(request, 'All Credentials cleared')
-                            return HttpResponseRedirect(redirect_url)
-                        else:
-                            messages.error(request, 'Delete error: Credentials are not stored in the server')
-                            return HttpResponseRedirect(redirect_url)
-        else:
-            messages.error(request, 'Account error: You need an account in myslice platform to perform this action')
-            return HttpResponseRedirect(redirect_url)
+                        user_hrn = account_config.get('user_hrn','N/A')
+    
+        authority_add_pis(request, authority_hrn, user_hrn)
+        clear_user_creds(request, user_email)
+        messages.success(request, 'User upgraded to PI')
+        return HttpResponseRedirect(redirect_url)
+
+    elif 'removepi' in request.POST:
+        # getting user's authority_hrn
+        config={}
+        for user_config in user_details:
+            if user_config['config']:
+                user_config = json.loads(user_config['config'])
+                authority_hrn = user_config.get('authority','Unknown Authority')
+        #getting user_hrn
+        for account_detail in account_details:
+            for platform_detail in platform_details:
+                if platform_detail['platform_id'] == account_detail['platform_id']:
+                    if 'myslice' in platform_detail['platform']:
+                        account_config = json.loads(account_detail['config'])
+                        user_hrn = account_config.get('user_hrn','N/A')
+        authority_remove_pis(request, authority_hrn, user_hrn)
+        clear_user_creds(request, user_email)
+        messages.success(request, 'PI downgraded to user')
+        return HttpResponseRedirect(redirect_url)
+        
 
 
     # Download delegated_user_cred
diff --git a/portal/static/css/account_view.css b/portal/static/css/account_view.css
index bcb29506..f1ba3d82 100644
--- a/portal/static/css/account_view.css
+++ b/portal/static/css/account_view.css
@@ -128,6 +128,15 @@ table.profile form{
   margin-right: 15px;
 
 }
+
+#makepi {
+  position:relative;
+  width: 215px;
+  float: right;
+  margin-right: 15px;
+
+}
+
 #edit_password table {
  display:inline;
  margin: auto;
diff --git a/portal/templates/fed4fire/fed4fire_slicerequest_view.html b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
index 98097dbb..c8fecf63 100644
--- a/portal/templates/fed4fire/fed4fire_slicerequest_view.html
+++ b/portal/templates/fed4fire/fed4fire_slicerequest_view.html
@@ -4,7 +4,7 @@
 {% block content %}
 	<div class="row">
 		<div class="col-md-12">
-			 <div class="breadcrumbs">
+			 <div class="breadcrumbs" style="line-height: 3;">
 			 	 Experiment &nbsp;>&nbsp; Request a new Slice
 			 </div>
 		</div>
diff --git a/portal/templates/manageuserview.html b/portal/templates/manageuserview.html
index 7f2e98e3..5a415a9d 100644
--- a/portal/templates/manageuserview.html
+++ b/portal/templates/manageuserview.html
@@ -97,6 +97,26 @@
 							</button>       
 		      			</td>
 		    		</tr>
+					{% if not  pi %}
+					<tr class="odd">
+    					<td class="key">Upgrade to PI</td>
+    					<td>
+        					<input type="submit" name="makepi" class="btn btn-danger btn-xs" value="Upgrade to PI" id="makepi" 
+               				onclick="return confirm('Are you sure? If you do so, the user will be updated to a PI');" 
+               				title="It will make the user PI of his instution"/>
+    					</td>
+					</tr>
+					{% else %}
+					<tr class="odd">
+    					<td class="key">Downgrade to user</td>
+    					<td>
+        					<input type="submit" name="removepi" class="btn btn-danger btn-xs" value="Downgrade to user" id="makepi" 
+        					onclick="return confirm('Are you sure? If you do so, the PI will be downgraded to a user');" 
+        					title="It will downgrade the PI to a user of his instution"/>
+        				</td>
+					</tr>
+					{% endif %}
+
 				</table>
 		</div>
 	</div>
diff --git a/portal/templates/slice-request-view.html b/portal/templates/slice-request-view.html
deleted file mode 100644
index 830c7eeb..00000000
--- a/portal/templates/slice-request-view.html
+++ /dev/null
@@ -1,32 +0,0 @@
-{% extends "layout.html" %}
-{% load i18n %}
-
-{% block head %}
-{{ wizard.form.media }}
-<link rel="stylesheet" type="text/css" href="{{STATIC_URL}}/css/registration.css" />
-{% endblock %}
-
-{% block content %}
-
-
-
-<div class="onelab-title well-lg">
-  <h2>Request a Slice</h2>
-</div>
-
-<div class='well'>
-  <form id="commentForm" class="form-horizontal" action="" method="post" role="form">{% csrf_token %}
-  <fieldset>
-    {% for field in form %}
-    <div class="form-group">
-      <label for="{{ field.html_name }}" class="col-xs-2 control-label">{{ field.label }}</label>
-      <div class="col-xs-4"> {{ field.errors }} {{ field }} </div>
-      <div class="col-xs-6"> <p class="form-hint">{{ field.help_text }}</p> </div>
-    </div>
-    {% endfor %}
-    <button class="submit btn btn-default" type="submit"><span class="glyphicon glyphicon-plus"></span> Request Slice</button>
-  </fieldset>
-  </form>
-</div>
-
-{% endblock %}