1 from core.models import Site
2 from core.models import *
3 from openstack.manager import OpenStackManager
5 from django.contrib import admin
6 from django.contrib.auth.models import Group
7 from django import forms
8 from django.utils.safestring import mark_safe
9 from django.contrib.auth.admin import UserAdmin
10 from django.contrib.admin.widgets import FilteredSelectMultiple
11 from django.contrib.auth.forms import ReadOnlyPasswordHashField
12 from django.contrib.auth.signals import user_logged_in
15 class ReadonlyTabularInline(admin.TabularInline):
20 def get_readonly_fields(self, request, obj=None):
22 for field in self.model._meta.get_all_field_names():
23 if (not field == 'id'):
24 if (field not in self.editable_fields):
28 def has_add_permission(self, request):
31 class SliverInline(admin.TabularInline):
33 fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
35 #readonly_fields = ['ip', 'instance_name', 'image']
36 readonly_fields = ['ip', 'instance_name']
38 class SiteInline(admin.TabularInline):
42 class UserInline(admin.TabularInline):
44 fields = ['email', 'firstname', 'lastname']
47 class SliceInline(admin.TabularInline):
51 class RoleInline(admin.TabularInline):
55 class NodeInline(admin.TabularInline):
59 class SitePrivilegeInline(admin.TabularInline):
63 class SliceMembershipInline(admin.TabularInline):
64 model = SliceMembership
67 class PlainTextWidget(forms.HiddenInput):
70 def render(self, name, value, attrs=None):
73 return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
75 class PlanetStackBaseAdmin(admin.ModelAdmin):
78 class OSModelAdmin(PlanetStackBaseAdmin):
79 """Attach client connection to openstack on delete() and save()"""
81 def save_model(self, request, obj, form, change):
83 auth = request.session.get('auth', {})
84 auth['tenant'] = request.user.site.login_base
85 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
88 def delete_model(self, request, obj):
90 auth = request.session.get('auth', {})
91 auth['tenant'] = request.user.site.login_base
92 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
95 class RoleAdmin(OSModelAdmin):
97 ('Role', {'fields': ['role_type']})
99 list_display = ('role_type',)
102 class DeploymentNetworkAdminForm(forms.ModelForm):
103 sites = forms.ModelMultipleChoiceField(
104 queryset=Site.objects.all(),
106 widget=FilteredSelectMultiple(
107 verbose_name=('Sites'), is_stacked=False
111 model = DeploymentNetwork
113 def __init__(self, *args, **kwargs):
114 super(DeploymentNetworkAdminForm, self).__init__(*args, **kwargs)
116 if self.instance and self.instance.pk:
117 self.fields['sites'].initial = self.instance.sites.all()
119 def save(self, commit=True):
120 deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False)
122 deploymentNetwork.save()
124 if deploymentNetwork.pk:
125 deploymentNetwork.sites = self.cleaned_data['sites']
128 return deploymentNetwork
130 class DeploymentNetworkAdmin(PlanetStackBaseAdmin):
131 form = DeploymentNetworkAdminForm
132 inlines = [NodeInline,SliverInline]
134 def get_formsets(self, request, obj=None):
135 for inline in self.get_inline_instances(request, obj):
136 # hide MyInline in the add view
139 # give inline object access to driver and caller
140 auth = request.session.get('auth', {})
141 if request.user.site:
142 auth['tenant'] = request.user.site.login_base
143 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
144 yield inline.get_formset(request, obj)
146 class SiteAdmin(OSModelAdmin):
148 (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}),
149 ('Location', {'fields': ['latitude', 'longitude']}),
150 ('Deployment Networks', {'fields': ['deployments']})
152 list_display = ('name', 'login_base','site_url', 'enabled')
153 filter_horizontal = ('deployments',)
154 inlines = [NodeInline, UserInline, SitePrivilegeInline]
155 search_fields = ['name']
157 def queryset(self, request):
158 # admins can see all keys. Users can only see sites they belong to.
159 qs = super(SiteAdmin, self).queryset(request)
160 if not request.user.is_admin:
161 valid_sites = [request.user.site.login_base]
162 roles = request.user.get_roles()
163 for tenant_list in roles.values():
164 valid_sites.extend(tenant_list)
165 qs = qs.filter(login_base__in=valid_sites)
168 def get_formsets(self, request, obj=None):
169 for inline in self.get_inline_instances(request, obj):
170 # hide MyInline in the add view
173 # give inline object access to driver and caller
174 auth = request.session.get('auth', {})
175 #auth['tenant'] = request.user.site.login_base
176 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
177 yield inline.get_formset(request, obj)
179 class SitePrivilegeAdmin(PlanetStackBaseAdmin):
181 (None, {'fields': ['user', 'site', 'role']})
183 list_display = ('user', 'site', 'role')
185 def queryset(self, request):
186 # admins can see all privileges. Users can only see privileges at sites
187 # where they have the admin role.
188 qs = super(SitePrivilegeAdmin, self).queryset(request)
189 if not request.user.is_admin:
190 roles = request.user.get_roles()
192 for (role, tenant_list) in roles:
194 tenants.extend(tenant_list)
195 valid_sites = Sites.objects.filter(login_base__in=tenants)
196 qs = qs.filter(site__in=valid_sites)
199 def save_model(self, request, obj, form, change):
200 # update openstack connection to use this site/tenant
201 auth = request.session.get('auth', {})
202 #auth['tenant'] = obj.site.login_base
203 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
206 def delete_model(self, request, obj):
207 # update openstack connection to use this site/tenant
208 auth = request.session.get('auth', {})
209 #auth['tenant'] = obj.site.login_base
210 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
213 class KeyAdmin(OSModelAdmin):
215 ('Key', {'fields': ['key', 'type', 'blacklisted']})
217 list_display = ['key', 'type', 'blacklisted']
219 #def queryset(self, request):
220 # admins can see all keys. Users can only see their own key.
221 #if request.user.is_admin:
222 # qs = super(KeyAdmin, self).queryset(request)
224 # qs = Key.objects.filter(user=request.user)
227 class SliceAdmin(OSModelAdmin):
228 fields = ['name', 'site', 'serviceClass', 'description', 'slice_url']
229 list_display = ('name', 'site','serviceClass', 'slice_url')
230 inlines = [SliverInline, SliceMembershipInline]
232 def queryset(self, request):
233 # admins can see all keys. Users can only see slices they belong to.
234 qs = super(SliceAdmin, self).queryset(request)
235 if not request.user.is_admin:
237 roles = request.user.get_roles()
238 for tenant_list in roles.values():
239 valid_slices.extend(tenant_list)
240 qs = qs.filter(name__in=valid_slices)
243 def get_formsets(self, request, obj=None):
244 for inline in self.get_inline_instances(request, obj):
245 # hide MyInline in the add view
248 # give inline object access to driver and caller
249 auth = request.session.get('auth', {})
250 auth['tenant'] = obj.name # meed to connect using slice's tenant
251 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
252 yield inline.get_formset(request, obj)
254 def get_queryset(self, request):
255 qs = super(SliceAdmin, self).get_queryset(request)
256 if request.user.is_superuser:
258 # users can only see slices at their site
259 return qs.filter(site=request.user.site)
261 class SliceMembershipAdmin(PlanetStackBaseAdmin):
263 (None, {'fields': ['user', 'slice', 'role']})
265 list_display = ('user', 'slice', 'role')
267 def queryset(self, request):
268 # admins can see all memberships. Users can only see memberships of
269 # slices where they have the admin role.
270 qs = super(SliceMembershipAdmin, self).queryset(request)
271 if not request.user.is_admin:
272 roles = request.user.get_roles()
274 for (role, tenant_list) in roles:
276 tenants.extend(tenant_list)
277 valid_slices = Slice.objects.filter(name__in=tenants)
278 qs = qs.filter(slice__in=valid_slices)
281 def save_model(self, request, obj, form, change):
282 # update openstack connection to use this site/tenant
283 auth = request.session.get('auth', {})
284 auth['tenant'] = obj.slice.name
285 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
288 def delete_model(self, request, obj):
289 # update openstack connection to use this site/tenant
290 auth = request.session.get('auth', {})
291 auth['tenant'] = obj.slice.name
292 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
296 class ImageAdmin(admin.ModelAdmin):
297 fields = ['image_id', 'name', 'disk_format', 'container_format']
299 class NodeAdmin(admin.ModelAdmin):
300 list_display = ('name', 'site', 'deploymentNetwork')
301 list_filter = ('deploymentNetwork',)
304 class SliverForm(forms.ModelForm):
307 ip = forms.CharField(widget=PlainTextWidget)
308 instance_name = forms.CharField(widget=PlainTextWidget)
310 'ip': PlainTextWidget(),
311 'instance_name': PlainTextWidget(),
314 class SliverAdmin(PlanetStackBaseAdmin):
317 ('Sliver', {'fields': ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']})
319 list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
321 def queryset(self, request):
322 # admins can see all slivers. Users can only see slivers of
323 # the slices they belong to.
324 qs = super(SliverAdmin, self).queryset(request)
325 if not request.user.is_admin:
327 roles = request.user.get_roles()
328 for tenant_list in roles.values():
329 tenants.extend(tenant_list)
330 valid_slices = Slice.objects.filter(name__in=tenants)
331 qs = qs.filter(slice__in=valid_slices)
334 def get_formsets(self, request, obj=None):
335 # make some fields read only if we are updating an existing record
337 #self.readonly_fields = ('ip', 'instance_name')
338 self.readonly_fields = ()
340 self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
342 for inline in self.get_inline_instances(request, obj):
343 # hide MyInline in the add view
346 # give inline object access to driver and caller
347 auth = request.session.get('auth', {})
348 auth['tenant'] = obj.name # meed to connect using slice's tenant
349 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
350 yield inline.get_formset(request, obj)
352 def save_model(self, request, obj, form, change):
353 # update openstack connection to use this site/tenant
354 auth = request.session.get('auth', {})
355 auth['tenant'] = obj.slice.name
356 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
359 def delete_model(self, request, obj):
360 # update openstack connection to use this site/tenant
361 auth = request.session.get('auth', {})
362 auth['tenant'] = obj.slice.name
363 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
366 class UserCreationForm(forms.ModelForm):
367 """A form for creating new users. Includes all the required
368 fields, plus a repeated password."""
369 password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
370 password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
374 fields = ('email', 'firstname', 'lastname', 'phone', 'key', 'site')
376 def clean_password2(self):
377 # Check that the two password entries match
378 password1 = self.cleaned_data.get("password1")
379 password2 = self.cleaned_data.get("password2")
380 if password1 and password2 and password1 != password2:
381 raise forms.ValidationError("Passwords don't match")
384 def save(self, commit=True):
385 # Save the provided password in hashed format
386 user = super(UserCreationForm, self).save(commit=False)
387 user.password = self.cleaned_data["password1"]
388 #user.set_password(self.cleaned_data["password1"])
394 class UserChangeForm(forms.ModelForm):
395 """A form for updating users. Includes all the fields on
396 the user, but replaces the password field with admin's
397 password hash display field.
399 password = ReadOnlyPasswordHashField()
404 def clean_password(self):
405 # Regardless of what the user provides, return the initial value.
406 # This is done here, rather than on the field, because the
407 # field does not have access to the initial value
408 return self.initial["password"]
411 class UserAdmin(UserAdmin, OSModelAdmin):
415 # The forms to add and change user instances
416 form = UserChangeForm
417 add_form = UserCreationForm
419 # The fields to be used in displaying the User model.
420 # These override the definitions on the base UserAdmin
421 # that reference specific fields on auth.User.
422 list_display = ('email', 'site', 'firstname', 'lastname', 'is_admin', 'last_login')
423 list_filter = ('site',)
424 inlines = [SitePrivilegeInline, SliceMembershipInline]
426 (None, {'fields': ('email', 'password', 'site', 'is_admin')}),
427 ('Personal info', {'fields': ('firstname','lastname','phone', 'key')}),
428 #('Important dates', {'fields': ('last_login',)}),
432 'classes': ('wide',),
433 'fields': ('email', 'firstname', 'lastname', 'phone', 'site', 'key','password1', 'password2', 'is_admin')}
436 search_fields = ('email',)
437 ordering = ('email',)
438 filter_horizontal = ()
440 class ServiceResourceInline(admin.TabularInline):
441 model = ServiceResource
444 class ServiceClassAdmin(admin.ModelAdmin):
445 list_display = ('name', 'commitment', 'membershipFee')
446 inlines = [ServiceResourceInline]
448 class ServiceResourceAdmin(admin.ModelAdmin):
449 list_display = ('serviceClass', 'name', 'cost', 'calendarReservable', 'maxUnitsDeployment', 'maxUnitsNode')
451 # register a signal that caches the user's credentials when they log in
452 def cache_credentials(sender, user, request, **kwds):
453 auth = {'username': request.POST['username'],
454 'password': request.POST['password']}
455 request.session['auth'] = auth
456 user_logged_in.connect(cache_credentials)
458 # Now register the new UserAdmin...
459 admin.site.register(User, UserAdmin)
460 # ... and, since we're not using Django's builtin permissions,
461 # unregister the Group model from admin.
462 admin.site.unregister(Group)
464 admin.site.register(Site, SiteAdmin)
465 admin.site.register(SitePrivilege, SitePrivilegeAdmin)
466 admin.site.register(Slice, SliceAdmin)
467 admin.site.register(SliceMembership, SliceMembershipAdmin)
468 #admin.site.register(Subnet)
469 admin.site.register(Image, ImageAdmin)
470 admin.site.register(Node, NodeAdmin)
471 admin.site.register(Sliver, SliverAdmin)
472 admin.site.register(Key, KeyAdmin)
473 admin.site.register(Role, RoleAdmin)
474 admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin)
475 admin.site.register(ServiceClass, ServiceClassAdmin)
476 admin.site.register(ServiceResource, ServiceResourceAdmin)