1 from core.models import Site
2 from core.models import *
3 from openstack.manager import OpenStackManager
5 from django.contrib import admin
6 from django.contrib.auth.models import Group
7 from django import forms
8 from django.utils.safestring import mark_safe
9 from django.contrib.auth.admin import UserAdmin
10 from django.contrib.admin.widgets import FilteredSelectMultiple
11 from django.contrib.auth.forms import ReadOnlyPasswordHashField
12 from django.contrib.auth.signals import user_logged_in
15 class ReadonlyTabularInline(admin.TabularInline):
20 def get_readonly_fields(self, request, obj=None):
22 for field in self.model._meta.get_all_field_names():
23 if (not field == 'id'):
24 if (field not in self.editable_fields):
28 def has_add_permission(self, request):
31 class SliverInline(admin.TabularInline):
33 fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
35 #readonly_fields = ['ip', 'instance_name', 'image']
36 readonly_fields = ['ip', 'instance_name']
38 class SiteInline(admin.TabularInline):
42 class UserInline(admin.TabularInline):
46 class SliceInline(admin.TabularInline):
50 class UserInline(admin.TabularInline):
54 class RoleInline(admin.TabularInline):
58 class NodeInline(admin.TabularInline):
62 class SitePrivilegeInline(admin.TabularInline):
66 class SliceMembershipInline(admin.TabularInline):
67 model = SliceMembership
70 class PlainTextWidget(forms.HiddenInput):
73 def render(self, name, value, attrs=None):
76 return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
78 class PlanetStackBaseAdmin(admin.ModelAdmin):
81 class OSModelAdmin(PlanetStackBaseAdmin):
82 """Attach client connection to openstack on delete() and save()"""
84 def save_model(self, request, obj, form, change):
86 auth = request.session.get('auth', {})
87 auth['tenant'] = request.user.site.login_base
88 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
91 def delete_model(self, request, obj):
93 auth = request.session.get('auth', {})
94 auth['tenant'] = request.user.site.login_base
95 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
98 class RoleAdmin(OSModelAdmin):
100 ('Role', {'fields': ['role_type']})
102 list_display = ('role_type',)
105 class DeploymentNetworkAdminForm(forms.ModelForm):
106 sites = forms.ModelMultipleChoiceField(
107 queryset=Site.objects.all(),
109 widget=FilteredSelectMultiple(
110 verbose_name=('Sites'), is_stacked=False
114 model = DeploymentNetwork
116 def __init__(self, *args, **kwargs):
117 super(DeploymentNetworkAdminForm, self).__init__(*args, **kwargs)
119 if self.instance and self.instance.pk:
120 self.fields['sites'].initial = self.instance.sites.all()
122 def save(self, commit=True):
123 deploymentNetwork = super(DeploymentNetworkAdminForm, self).save(commit=False)
125 deploymentNetwork.save()
127 if deploymentNetwork.pk:
128 deploymentNetwork.sites = self.cleaned_data['sites']
131 return deploymentNetwork
133 class DeploymentNetworkAdmin(PlanetStackBaseAdmin):
134 form = DeploymentNetworkAdminForm
135 inlines = [NodeInline,SliverInline]
137 def get_formsets(self, request, obj=None):
138 for inline in self.get_inline_instances(request, obj):
139 # hide MyInline in the add view
142 # give inline object access to driver and caller
143 auth = request.session.get('auth', {})
144 if request.user.site:
145 auth['tenant'] = request.user.site.login_base
146 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
147 yield inline.get_formset(request, obj)
149 class SiteAdmin(OSModelAdmin):
151 (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}),
152 ('Location', {'fields': ['latitude', 'longitude']}),
153 ('Deployment Networks', {'fields': ['deployments']})
155 list_display = ('name', 'login_base','site_url', 'enabled')
156 filter_horizontal = ('deployments',)
157 inlines = [NodeInline, UserInline, SitePrivilegeInline]
158 search_fields = ['name']
160 def queryset(self, request):
161 # admins can see all keys. Users can only see sites they belong to.
162 qs = super(SiteAdmin, self).queryset(request)
163 if not request.user.is_admin:
164 valid_sites = [request.user.site.login_base]
165 roles = request.user.get_roles()
166 for tenant_list in roles.values():
167 valid_sites.extend(tenant_list)
168 qs = qs.filter(login_base__in=valid_sites)
171 def get_formsets(self, request, obj=None):
172 for inline in self.get_inline_instances(request, obj):
173 # hide MyInline in the add view
176 # give inline object access to driver and caller
177 auth = request.session.get('auth', {})
178 #auth['tenant'] = request.user.site.login_base
179 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
180 yield inline.get_formset(request, obj)
182 class SitePrivilegeAdmin(PlanetStackBaseAdmin):
184 (None, {'fields': ['user', 'site', 'role']})
186 list_display = ('user', 'site', 'role')
188 def queryset(self, request):
189 # admins can see all privileges. Users can only see privileges at sites
190 # where they have the admin role.
191 qs = super(SitePrivilegeAdmin, self).queryset(request)
192 if not request.user.is_admin:
193 roles = request.user.get_roles()
195 for (role, tenant_list) in roles:
197 tenants.extend(tenant_list)
198 valid_sites = Sites.objects.filter(login_base__in=tenants)
199 qs = qs.filter(site__in=valid_sites)
202 def save_model(self, request, obj, form, change):
203 # update openstack connection to use this site/tenant
204 auth = request.session.get('auth', {})
205 #auth['tenant'] = obj.site.login_base
206 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
209 def delete_model(self, request, obj):
210 # update openstack connection to use this site/tenant
211 auth = request.session.get('auth', {})
212 #auth['tenant'] = obj.site.login_base
213 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
216 class KeyAdmin(OSModelAdmin):
218 ('Key', {'fields': ['key', 'type', 'blacklisted']})
220 list_display = ['key', 'type', 'blacklisted']
222 #def queryset(self, request):
223 # admins can see all keys. Users can only see their own key.
224 #if request.user.is_admin:
225 # qs = super(KeyAdmin, self).queryset(request)
227 # qs = Key.objects.filter(user=request.user)
230 class SliceAdmin(OSModelAdmin):
231 fields = ['name', 'site', 'serviceClass', 'description', 'slice_url']
232 list_display = ('name', 'site','serviceClass', 'slice_url')
233 inlines = [SliverInline]
235 def queryset(self, request):
236 # admins can see all keys. Users can only see slices they belong to.
237 qs = super(SliceAdmin, self).queryset(request)
238 if not request.user.is_admin:
240 roles = request.user.get_roles()
241 for tenant_list in roles.values():
242 valid_slices.extend(tenant_list)
243 qs = qs.filter(name__in=valid_slices)
246 def get_formsets(self, request, obj=None):
247 for inline in self.get_inline_instances(request, obj):
248 # hide MyInline in the add view
251 # give inline object access to driver and caller
252 auth = request.session.get('auth', {})
253 auth['tenant'] = obj.name # meed to connect using slice's tenant
254 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
255 yield inline.get_formset(request, obj)
257 def get_queryset(self, request):
258 qs = super(SliceAdmin, self).get_queryset(request)
259 if request.user.is_superuser:
261 # users can only see slices at their site
262 return qs.filter(site=request.user.site)
264 class SliceMembershipAdmin(PlanetStackBaseAdmin):
266 (None, {'fields': ['user', 'slice', 'role']})
268 list_display = ('user', 'slice', 'role')
270 def queryset(self, request):
271 # admins can see all memberships. Users can only see memberships of
272 # slices where they have the admin role.
273 qs = super(SliceMembershipAdmin, self).queryset(request)
274 if not request.user.is_admin:
275 roles = request.user.get_roles()
277 for (role, tenant_list) in roles:
279 tenants.extend(tenant_list)
280 valid_slices = Slice.objects.filter(name__in=tenants)
281 qs = qs.filter(slice__in=valid_slices)
284 def save_model(self, request, obj, form, change):
285 # update openstack connection to use this site/tenant
286 auth = request.session.get('auth', {})
287 auth['tenant'] = obj.slice.name
288 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
291 def delete_model(self, request, obj):
292 # update openstack connection to use this site/tenant
293 auth = request.session.get('auth', {})
294 auth['tenant'] = obj.slice.name
295 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
299 class ImageAdmin(admin.ModelAdmin):
300 fields = ['image_id', 'name', 'disk_format', 'container_format']
302 class NodeAdmin(admin.ModelAdmin):
303 list_display = ('name', 'site', 'deploymentNetwork')
304 list_filter = ('deploymentNetwork',)
307 class SliverForm(forms.ModelForm):
310 ip = forms.CharField(widget=PlainTextWidget)
311 instance_name = forms.CharField(widget=PlainTextWidget)
313 'ip': PlainTextWidget(),
314 'instance_name': PlainTextWidget(),
317 class SliverAdmin(PlanetStackBaseAdmin):
320 ('Sliver', {'fields': ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']})
322 list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
324 def queryset(self, request):
325 # admins can see all slivers. Users can only see slivers of
326 # the slices they belong to.
327 qs = super(SliverAdmin, self).queryset(request)
328 if not request.user.is_admin:
330 roles = request.user.get_roles()
331 for tenant_list in roles.values():
332 tenants.extend(tenant_list)
333 valid_slices = Slice.objects.filter(name__in=tenants)
334 qs = qs.filter(slice__in=valid_slices)
337 def get_formsets(self, request, obj=None):
338 # make some fields read only if we are updating an existing record
340 #self.readonly_fields = ('ip', 'instance_name')
341 self.readonly_fields = ()
343 self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
345 for inline in self.get_inline_instances(request, obj):
346 # hide MyInline in the add view
349 # give inline object access to driver and caller
350 auth = request.session.get('auth', {})
351 auth['tenant'] = obj.name # meed to connect using slice's tenant
352 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
353 yield inline.get_formset(request, obj)
355 def save_model(self, request, obj, form, change):
356 # update openstack connection to use this site/tenant
357 auth = request.session.get('auth', {})
358 auth['tenant'] = obj.slice.name
359 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
362 def delete_model(self, request, obj):
363 # update openstack connection to use this site/tenant
364 auth = request.session.get('auth', {})
365 auth['tenant'] = obj.slice.name
366 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
369 class UserCreationForm(forms.ModelForm):
370 """A form for creating new users. Includes all the required
371 fields, plus a repeated password."""
372 password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
373 password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
377 fields = ('email', 'firstname', 'lastname', 'phone', 'key', 'site')
379 def clean_password2(self):
380 # Check that the two password entries match
381 password1 = self.cleaned_data.get("password1")
382 password2 = self.cleaned_data.get("password2")
383 if password1 and password2 and password1 != password2:
384 raise forms.ValidationError("Passwords don't match")
387 def save(self, commit=True):
388 # Save the provided password in hashed format
389 user = super(UserCreationForm, self).save(commit=False)
390 user.password = self.cleaned_data["password1"]
391 #user.set_password(self.cleaned_data["password1"])
397 class UserChangeForm(forms.ModelForm):
398 """A form for updating users. Includes all the fields on
399 the user, but replaces the password field with admin's
400 password hash display field.
402 password = ReadOnlyPasswordHashField()
407 def clean_password(self):
408 # Regardless of what the user provides, return the initial value.
409 # This is done here, rather than on the field, because the
410 # field does not have access to the initial value
411 return self.initial["password"]
414 class UserAdmin(UserAdmin, OSModelAdmin):
418 # The forms to add and change user instances
419 form = UserChangeForm
420 add_form = UserCreationForm
422 # The fields to be used in displaying the User model.
423 # These override the definitions on the base UserAdmin
424 # that reference specific fields on auth.User.
425 list_display = ('email', 'site', 'firstname', 'lastname', 'is_admin', 'last_login')
426 list_filter = ('site',)
427 inlines = [SitePrivilegeInline, SliceMembershipInline]
429 (None, {'fields': ('email', 'password', 'site')}),
430 ('Personal info', {'fields': ('firstname','lastname','phone', 'key')}),
431 #('Important dates', {'fields': ('last_login',)}),
435 'classes': ('wide',),
436 'fields': ('email', 'firstname', 'lastname', 'phone', 'site', 'key','password1', 'password2')}
439 search_fields = ('email',)
440 ordering = ('email',)
441 filter_horizontal = ()
443 # register a signal that caches the user's credentials when they log in
444 def cache_credentials(sender, user, request, **kwds):
445 auth = {'username': request.POST['username'],
446 'password': request.POST['password']}
447 request.session['auth'] = auth
448 user_logged_in.connect(cache_credentials)
450 # Now register the new UserAdmin...
451 admin.site.register(User, UserAdmin)
452 # ... and, since we're not using Django's builtin permissions,
453 # unregister the Group model from admin.
454 admin.site.unregister(Group)
456 admin.site.register(Site, SiteAdmin)
457 admin.site.register(SitePrivilege, SitePrivilegeAdmin)
458 admin.site.register(Slice, SliceAdmin)
459 admin.site.register(SliceMembership, SliceMembershipAdmin)
460 #admin.site.register(Subnet)
461 admin.site.register(Image, ImageAdmin)
462 admin.site.register(Node, NodeAdmin)
463 admin.site.register(Sliver, SliverAdmin)
464 admin.site.register(Key, KeyAdmin)
465 admin.site.register(Role, RoleAdmin)
466 admin.site.register(DeploymentNetwork, DeploymentNetworkAdmin)