1 from core.models import Site
2 from core.models import *
3 from openstack.manager import OpenStackManager
5 from django.contrib import admin
6 from django.contrib.auth.models import Group
7 from django import forms
8 from django.utils.safestring import mark_safe
9 from django.contrib.auth.admin import UserAdmin
10 from django.contrib.admin.widgets import FilteredSelectMultiple
11 from django.contrib.auth.forms import ReadOnlyPasswordHashField
12 from django.contrib.auth.signals import user_logged_in
15 class ReadonlyTabularInline(admin.TabularInline):
20 def get_readonly_fields(self, request, obj=None):
22 for field in self.model._meta.get_all_field_names():
23 if (not field == 'id'):
24 if (field not in self.editable_fields):
28 def has_add_permission(self, request):
31 class SliverInline(admin.TabularInline):
33 fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
35 #readonly_fields = ['ip', 'instance_name', 'image']
36 readonly_fields = ['ip', 'instance_name']
38 class SiteInline(admin.TabularInline):
42 class UserInline(admin.TabularInline):
46 class SliceInline(admin.TabularInline):
50 class UserInline(admin.TabularInline):
54 class RoleInline(admin.TabularInline):
58 class NodeInline(admin.TabularInline):
62 class PlainTextWidget(forms.HiddenInput):
65 def render(self, name, value, attrs=None):
68 return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
70 class PlanetStackBaseAdmin(admin.ModelAdmin):
73 class OSModelAdmin(PlanetStackBaseAdmin):
74 """Attach client connection to openstack on delete() and save()"""
76 def save_model(self, request, obj, form, change):
78 auth = request.session.get('auth', {})
79 auth['tenant'] = request.user.site.login_base
80 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
83 def delete_model(self, request, obj):
85 auth = request.session.get('auth', {})
86 auth['tenant'] = request.user.site.login_base
87 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
90 class RoleAdmin(OSModelAdmin):
92 ('Role', {'fields': ['role_type']})
94 list_display = ('role_type',)
97 class DeploymentNetworkAdminForm(forms.ModelForm):
98 sites = forms.ModelMultipleChoiceField(
99 queryset=Site.objects.all(),
101 widget=FilteredSelectMultiple(
102 verbose_name=('Sites'), is_stacked=False
106 model = DeploymentNetwork
108 def __init__(self, *args, **kwargs):
109 super(DeploymentNetworkAdminForm, self).__init__(*args, **kwargs)
111 if self.instance and self.instance.pk:
112 self.fields['sites'].initial = self.instance.sites.all()
114 def save(self, commit=True):
115 deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False)
117 deploymentNetwork.save()
119 if deploymentNetwork.pk:
120 deploymentNetwork.sites = self.cleaned_data['sites']
123 return deploymentNetwork
125 class DeploymentNetworkAdmin(PlanetStackBaseAdmin):
126 form = DeploymentNetworkAdminForm
127 inlines = [NodeInline,]
129 def get_formsets(self, request, obj=None):
130 for inline in self.get_inline_instances(request, obj):
131 # hide MyInline in the add view
134 # give inline object access to driver and caller
135 auth = request.session.get('auth', {})
136 if request.user.site:
137 auth['tenant'] = request.user.site.login_base
138 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
139 yield inline.get_formset(request, obj)
141 class SiteAdmin(OSModelAdmin):
143 (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}),
144 ('Location', {'fields': ['latitude', 'longitude']}),
145 ('Deployment Networks', {'fields': ['deployments']})
147 list_display = ('name', 'login_base','site_url', 'enabled')
148 filter_horizontal = ('deployments',)
149 inlines = [NodeInline, UserInline]
150 search_fields = ['name']
152 def queryset(self, request):
153 # admins can see all keys. Users can only see sites they belong to.
154 qs = super(SiteAdmin, self).queryset(request)
155 if not request.user.is_admin:
156 valid_sites = [request.user.site.login_base]
157 roles = request.user.get_roles()
158 for tenant_list in roles.values():
159 valid_sites.extend(tenant_list)
160 qs = qs.filter(login_base__in=valid_sites)
163 def get_formsets(self, request, obj=None):
164 for inline in self.get_inline_instances(request, obj):
165 # hide MyInline in the add view
168 # give inline object access to driver and caller
169 auth = request.session.get('auth', {})
170 #auth['tenant'] = request.user.site.login_base
171 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
172 yield inline.get_formset(request, obj)
174 class SitePrivilegeAdmin(PlanetStackBaseAdmin):
176 (None, {'fields': ['user', 'site', 'role']})
178 list_display = ('user', 'site', 'role')
180 def queryset(self, request):
181 # admins can see all privileges. Users can only see privileges at sites
182 # where they have the admin role.
183 qs = super(SitePrivilegeAdmin, self).queryset(request)
184 if not request.user.is_admin:
185 roles = request.user.get_roles()
187 for (role, tenant_list) in roles:
189 tenants.extend(tenant_list)
190 valid_sites = Sites.objects.filter(login_base__in=tenants)
191 qs = qs.filter(site__in=valid_sites)
194 def save_model(self, request, obj, form, change):
195 # update openstack connection to use this site/tenant
196 auth = request.session.get('auth', {})
197 #auth['tenant'] = obj.site.login_base
198 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
201 def delete_model(self, request, obj):
202 # update openstack connection to use this site/tenant
203 auth = request.session.get('auth', {})
204 #auth['tenant'] = obj.site.login_base
205 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
208 class KeyAdmin(OSModelAdmin):
210 ('Key', {'fields': ['key', 'type', 'blacklisted']})
212 list_display = ['key', 'type', 'blacklisted']
214 #def queryset(self, request):
215 # admins can see all keys. Users can only see their own key.
216 #if request.user.is_admin:
217 # qs = super(KeyAdmin, self).queryset(request)
219 # qs = Key.objects.filter(user=request.user)
222 class SliceAdmin(OSModelAdmin):
223 fields = ['name', 'site', 'serviceClass', 'description', 'slice_url']
224 list_display = ('name', 'site','serviceClass', 'slice_url')
225 inlines = [SliverInline]
227 def queryset(self, request):
228 # admins can see all keys. Users can only see slices they belong to.
229 qs = super(SliceAdmin, self).queryset(request)
230 if not request.user.is_admin:
232 roles = request.user.get_roles()
233 for tenant_list in roles.values():
234 valid_slices.extend(tenant_list)
235 qs = qs.filter(name__in=valid_slices)
238 def get_formsets(self, request, obj=None):
239 for inline in self.get_inline_instances(request, obj):
240 # hide MyInline in the add view
243 # give inline object access to driver and caller
244 auth = request.session.get('auth', {})
245 auth['tenant'] = obj.name # meed to connect using slice's tenant
246 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
247 yield inline.get_formset(request, obj)
249 def get_queryset(self, request):
250 qs = super(SliceAdmin, self).get_queryset(request)
251 if request.user.is_superuser:
253 # users can only see slices at their site
254 return qs.filter(site=request.user.site)
256 class SliceMembershipAdmin(PlanetStackBaseAdmin):
258 (None, {'fields': ['user', 'slice', 'role']})
260 list_display = ('user', 'slice', 'role')
262 def queryset(self, request):
263 # admins can see all memberships. Users can only see memberships of
264 # slices where they have the admin role.
265 qs = super(SliceMembershipAdmin, self).queryset(request)
266 if not request.user.is_admin:
267 roles = request.user.get_roles()
269 for (role, tenant_list) in roles:
271 tenants.extend(tenant_list)
272 valid_slices = Slice.objects.filter(name__in=tenants)
273 qs = qs.filter(slice__in=valid_slices)
276 def save_model(self, request, obj, form, change):
277 # update openstack connection to use this site/tenant
278 auth = request.session.get('auth', {})
279 auth['tenant'] = obj.slice.name
280 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
283 def delete_model(self, request, obj):
284 # update openstack connection to use this site/tenant
285 auth = request.session.get('auth', {})
286 auth['tenant'] = obj.slice.name
287 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
291 class ImageAdmin(admin.ModelAdmin):
292 fields = ['image_id', 'name', 'disk_format', 'container_format']
294 class NodeAdmin(admin.ModelAdmin):
295 list_display = ('name', 'site', 'deploymentNetwork')
296 list_filter = ('deploymentNetwork',)
299 class SliverForm(forms.ModelForm):
302 ip = forms.CharField(widget=PlainTextWidget)
303 instance_name = forms.CharField(widget=PlainTextWidget)
305 'ip': PlainTextWidget(),
306 'instance_name': PlainTextWidget(),
309 class SliverAdmin(PlanetStackBaseAdmin):
312 ('Sliver', {'fields': ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']})
314 list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
316 def queryset(self, request):
317 # admins can see all slivers. Users can only see slivers of
318 # the slices they belong to.
319 qs = super(SliverAdmin, self).queryset(request)
320 if not request.user.is_admin:
322 roles = request.user.get_roles()
323 for tenant_list in roles.values():
324 tenants.extend(tenant_list)
325 valid_slices = Slice.objects.filter(name__in=tenants)
326 qs = qs.filter(slice__in=valid_slices)
329 def get_formsets(self, request, obj=None):
330 # make some fields read only if we are updating an existing record
332 #self.readonly_fields = ('ip', 'instance_name')
333 self.readonly_fields = ()
335 self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
337 for inline in self.get_inline_instances(request, obj):
338 # hide MyInline in the add view
341 # give inline object access to driver and caller
342 auth = request.session.get('auth', {})
343 auth['tenant'] = obj.name # meed to connect using slice's tenant
344 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
345 yield inline.get_formset(request, obj)
347 def save_model(self, request, obj, form, change):
348 # update openstack connection to use this site/tenant
349 auth = request.session.get('auth', {})
350 auth['tenant'] = obj.slice.name
351 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
354 def delete_model(self, request, obj):
355 # update openstack connection to use this site/tenant
356 auth = request.session.get('auth', {})
357 auth['tenant'] = obj.slice.name
358 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
361 class UserCreationForm(forms.ModelForm):
362 """A form for creating new users. Includes all the required
363 fields, plus a repeated password."""
364 password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
365 password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
369 fields = ('email', 'firstname', 'lastname', 'phone', 'key', 'site')
371 def clean_password2(self):
372 # Check that the two password entries match
373 password1 = self.cleaned_data.get("password1")
374 password2 = self.cleaned_data.get("password2")
375 if password1 and password2 and password1 != password2:
376 raise forms.ValidationError("Passwords don't match")
379 def save(self, commit=True):
380 # Save the provided password in hashed format
381 user = super(UserCreationForm, self).save(commit=False)
382 user.password = self.cleaned_data["password1"]
383 #user.set_password(self.cleaned_data["password1"])
389 class UserChangeForm(forms.ModelForm):
390 """A form for updating users. Includes all the fields on
391 the user, but replaces the password field with admin's
392 password hash display field.
394 password = ReadOnlyPasswordHashField()
399 def clean_password(self):
400 # Regardless of what the user provides, return the initial value.
401 # This is done here, rather than on the field, because the
402 # field does not have access to the initial value
403 return self.initial["password"]
406 class UserAdmin(UserAdmin, OSModelAdmin):
410 # The forms to add and change user instances
411 form = UserChangeForm
412 add_form = UserCreationForm
414 # The fields to be used in displaying the User model.
415 # These override the definitions on the base UserAdmin
416 # that reference specific fields on auth.User.
417 list_display = ('email', 'site', 'firstname', 'lastname', 'is_admin', 'last_login')
418 list_filter = ('site',)
420 (None, {'fields': ('email', 'password')}),
421 ('Personal info', {'fields': ('firstname','lastname','phone', 'is_admin', 'site', 'key')}),
422 #('Important dates', {'fields': ('last_login',)}),
426 'classes': ('wide',),
427 'fields': ('email', 'firstname', 'lastname', 'phone', 'site', 'is_admin', 'key','password1', 'password2')}
430 search_fields = ('email',)
431 ordering = ('email',)
432 filter_horizontal = ()
434 # register a signal that caches the user's credentials when they log in
435 def cache_credentials(sender, user, request, **kwds):
436 auth = {'username': request.POST['username'],
437 'password': request.POST['password']}
438 request.session['auth'] = auth
439 user_logged_in.connect(cache_credentials)
441 # Now register the new UserAdmin...
442 admin.site.register(User, UserAdmin)
443 # ... and, since we're not using Django's builtin permissions,
444 # unregister the Group model from admin.
445 admin.site.unregister(Group)
447 admin.site.register(Site, SiteAdmin)
448 #admin.site.register(SitePrivilege, SitePrivilegeAdmin)
449 admin.site.register(Slice, SliceAdmin)
450 #admin.site.register(SliceMembership, SliceMembershipAdmin)
451 #admin.site.register(Subnet, SubnetAdmin)
452 admin.site.register(Image, ImageAdmin)
453 #admin.site.register(Node, NodeAdmin)
454 admin.site.register(Sliver, SliverAdmin)
455 admin.site.register(Key, KeyAdmin)
456 #admin.site.register(Role, RoleAdmin)
457 admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin)