from django.utils.safestring import mark_safe
from django.contrib.auth.admin import UserAdmin
from django.contrib.admin.widgets import FilteredSelectMultiple
-from django.contrib.auth.forms import ReadOnlyPasswordHashField
+from django.contrib.auth.forms import ReadOnlyPasswordHashField, AdminPasswordChangeForm
from django.contrib.auth.signals import user_logged_in
from django.utils import timezone
from django.contrib.contenttypes import generic
from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse, NoReverseMatch
+# this block of stuff is needed for UserAdmin
+from django.db import transaction
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_protect
+from django.views.decorators.debug import sensitive_post_parameters
+csrf_protect_m = method_decorator(csrf_protect)
+sensitive_post_parameters_m = method_decorator(sensitive_post_parameters())
+
import django_evolution
def backend_icon(obj): # backend_status, enacted, updated):
#return "%s %s %s" % (str(obj.updated), str(obj.enacted), str(obj.backend_status))
if (obj.enacted is not None) and obj.enacted >= obj.updated:
- return '<img src="/static/admin/img/icon_success.gif">'
+ return '<span style="min-width:16px;"><img src="/static/admin/img/icon_success.gif"></span>'
else:
if obj.backend_status == "Provisioning in progress" or obj.backend_status=="":
- return '<span title="%s"><img src="/static/admin/img/icon_clock.gif"></span>' % obj.backend_status
+ return '<span
style="min-width:16px;" title="%s"><img src="/static/admin/img/icon_clock.gif"></span>' % obj.backend_status
else:
- return '<span title="%s"><img src="/static/admin/img/icon_error.gif"></span>' % obj.backend_status
+ return '<span
style="min-width:16px;" title="%s"><img src="/static/admin/img/icon_error.gif"></span>' % obj.backend_status
def backend_text(obj):
icon = backend_icon(obj)
value = ''
return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
-class ReadOnlyAwareAdmin(admin.ModelAdmin):
+class PermissionCheckingAdmin(admin.ModelAdmin):
+ # call save_by_user and delete_by_user instead of save and delete
def has_add_permission(self, request, obj=None):
return (not self.__user_is_readonly(request))
def save_model(self, request, obj, form, change):
if self.__user_is_readonly(request):
+ # this 'if' might be redundant if save_by_user is implemented right
raise PermissionDenied
- #pass
- else:
- return super(ReadOnlyAwareAdmin, self).save_model(request, obj, form, change)
+
+ obj.caller = request.user
+ # update openstack connection to use this site/tenant
+ obj.save_by_user(request.user)
+
+ def delete_model(self, request, obj):
+ obj.delete_by_user(request.user)
+
+ def save_formset(self, request, form, formset, change):
+ instances = formset.save(commit=False)
+ for instance in instances:
+ instance.save_by_user(request.user)
+
+ # BUG in django 1.7? Objects are not deleted by formset.save if
+ # commit is False. So let's delete them ourselves.
+ #
+ # code from forms/models.py save_existing_objects()
+ try:
+ forms_to_delete = formset.deleted_forms\r
+ except AttributeError:\r
+ forms_to_delete = []
+ if formset.initial_forms:
+ for form in formset.initial_forms:
+ obj = form.instance
+ if form in forms_to_delete:
+ if obj.pk is None:
+ continue
+ formset.deleted_objects.append(obj)
+ obj.delete()
+
+ formset.save_m2m()
def get_actions(self,request):
- actions = super(ReadOnlyAwareAdmin,self).get_actions(request)
+ actions = super(PermissionCheckingAdmin,self).get_actions(request)
if self.__user_is_readonly(request):
if 'delete_selected' in actions:
self.inlines = self.inlines_save
try:
- return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context)
+ return super(PermissionCheckingAdmin, self).change_view(request, object_id, extra_context=extra_context)
except PermissionDenied:
pass
if request.method == 'POST':
raise PermissionDenied
request.readonly = True
- return super(ReadOnlyAwareAdmin, self).change_view(request, object_id, extra_context=extra_context)
+ return super(PermissionCheckingAdmin, self).change_view(request, object_id, extra_context=extra_context)
def __user_is_readonly(self, request):
return request.user.isReadOnlyUser()
return mark_safe(backend_icon(obj))
backend_status_icon.short_description = ""
+class ReadOnlyAwareAdmin(PermissionCheckingAdmin):
+ pass
+
+class PlanetStackBaseAdmin(ReadOnlyAwareAdmin):
+ save_on_top = False
class SingletonAdmin (ReadOnlyAwareAdmin):
def has_add_permission(self, request):
else:
return True
-
class PlStackTabularInline(admin.TabularInline):
def __init__(self, *args, **kwargs):
super(PlStackTabularInline, self).__init__(*args, **kwargs)
class SliverInline(PlStackTabularInline):
model = Sliver
- fields = ['backend_status_icon', 'all_ips_string', 'instance_name', 'slice', 'numberCores', 'deploymentNetwork', 'image', 'node']
+ fields = ['backend_status_icon', 'all_ips_string', 'instance_name', 'slice', 'deploymentNetwork', 'flavor', 'image', 'node']
extra = 0
readonly_fields = ['backend_status_icon', 'all_ips_string', 'instance_name']
suit_classes = 'suit-tab suit-tab-slivers'
def formfield_for_foreignkey(self, db_field, request=None, **kwargs):
if db_field.name == 'deploymentNetwork':
kwargs['queryset'] = Deployment.select_by_acl(request.user)
- # the inscrutable jquery selector below says:
- # find the closest parent "tr" to the current element
- # then find the child with class "field-node"
- # then find the child with that is a select
- # then return its id
- kwargs['widget'] = forms.Select(attrs={'onChange': "update_nodes(this, $($(this).closest('tr')[0]).find('.field-node select')[0].id)"})
- #kwargs['widget'] = forms.Select(attrs={'onChange': "console.log($($($(this).closest('tr')[0]).children('.field-node')[0]).children('select')[0].id);"})
+ kwargs['widget'] = forms.Select(attrs={'onChange': "sliver_deployment_changed(this);"})
+ elif db_field.name == 'flavor':
+ kwargs['widget'] = forms.Select(attrs={'onChange': "sliver_flavor_changed(this);"})
field = super(SliverInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
return field
-"""
- SMBAKER: This is the old code that implemented each network type as a
- separate column in the sliver table.
-
- def _declared_fieldsets(self):
- # Return None so django will call get_fieldsets and we can insert our
- # dynamic fields
- return None
-
- def get_readonly_fields(self, request, obj=None):
- readonly_fields = list(super(SliverInline, self).get_readonly_fields(request, obj))
-
- # Lookup the networks that are bound to the slivers, and add those
- # network names to the list of readonly fields.
-
- for sliver in obj.slivers.all():
- for nbs in sliver.networksliver_set.all():
- if nbs.ip:
- network_name = nbs.network.name
- if network_name not in [str(x) for x in readonly_fields]:
- readonly_fields.append(NetworkLookerUpper.get(network_name))
-
- return readonly_fields
-
- def get_fieldsets(self, request, obj=None):
- form = self.get_formset(request, obj).form
- # fields = the read/write files + the read-only fields
- fields = list(self.fields)
- for fieldName in self.get_readonly_fields(request,obj):
- if not fieldName in fields:
- fields.append(fieldName)
-
- return [(None, {'fields': fields})]
-"""
-
class SiteInline(PlStackTabularInline):
model = Site
extra = 0
fields = ['backend_status_icon', 'image', 'deployment', 'glance_image_id']
readonly_fields = ['backend_status_icon', 'glance_image_id']
-class PlanetStackBaseAdmin(ReadOnlyAwareAdmin):
- save_on_top = False
-
- def save_model(self, request, obj, form, change):
- obj.caller = request.user
- # update openstack connection to use this site/tenant
- obj.save_by_user(request.user)
-
- def delete_model(self, request, obj):
- obj.delete_by_user(request.user)
-
- def save_formset(self, request, form, formset, change):
- instances = formset.save(commit=False)
- for instance in instances:
- instance.save_by_user(request.user)
- formset.save_m2m()
-
class SliceRoleAdmin(PlanetStackBaseAdmin):
model = SliceRole
pass
verbose_name=('Images'), is_stacked=False
)
)
+ flavors = forms.ModelMultipleChoiceField(
+ queryset=Flavor.objects.all(),
+ required=False,
+ help_text="Select which flavors should be usable on this deployment",
+ widget=FilteredSelectMultiple(
+ verbose_name=('Flavors'), is_stacked=False
+ )
+ )
class Meta:
model = Deployment
+ many_to_many = ["flavors",]
def __init__(self, *args, **kwargs):
request = kwargs.pop('request', None)
if self.instance and self.instance.pk:
self.fields['sites'].initial = [x.site for x in self.instance.sitedeployments_set.all()]
self.fields['images'].initial = [x.image for x in self.instance.imagedeployments_set.all()]
+ self.fields['flavors'].initial = self.instance.flavors.all()
def manipulate_m2m_objs(self, this_obj, selected_objs, all_relations, relation_class, local_attrname, foreign_attrname):
""" helper function for handling m2m relations from the MultipleChoiceField
def save(self, commit=True):
deployment = super(DeploymentAdminForm, self).save(commit=False)
+ deployment.flavors = self.cleaned_data['flavors']
+
if commit:
deployment.save()
self.manipulate_m2m_objs(deployment, self.cleaned_data['sites'], deployment.sitedeployments_set.all(), SiteDeployments, "deployment", "site")
self.manipulate_m2m_objs(deployment, self.cleaned_data['images'], deployment.imagedeployments_set.all(), ImageDeployments, "deployment", "image")
- self.save_m2m()
+ self.save_m2m()
return deployment
class DeploymentAdmin(PlanetStackBaseAdmin):
model = Deployment
- fieldList = ['backend_status_text', 'name', 'sites', 'images', 'accessControl']
+ fieldList = ['backend_status_text', 'name', 'availability_zone', 'sites', 'images', 'flavors', 'accessControl']
fieldsets = [(None, {'fields': fieldList, 'classes':['suit-tab suit-tab-sites']})]
inlines = [DeploymentPrivilegeInline,NodeInline,TagInline] # ,ImageDeploymentsInline]
list_display = ['backend_status_icon', 'name']
'service': LinkedSelect
}
+ def clean(self):
+ cleaned_data = super(SliceForm, self).clean()
+ name = cleaned_data.get('name')
+ site_id = cleaned_data.get('site')
+ site = Slice.objects.get(id=site_id)
+ if not name.startswith(site.login_base):
+ raise forms.ValidationError('slice name must begin with %s' % site.login_base)
+ return cleaned_data
+
class SliceAdmin(PlanetStackBaseAdmin):
form = SliceForm
fieldList = ['backend_status_text', 'site', 'name', 'serviceClass', 'enabled','description', 'service', 'slice_url', 'max_slivers']
fieldsets = [('Slice Details', {'fields': fieldList, 'classes':['suit-tab suit-tab-general']}),]
readonly_fields = ('backend_status_text', )
- list_display = ('backend_status_icon', 'slicename', 'site','serviceClass', 'slice_url', 'max_slivers')
- list_display_links = ('backend_status_icon', 'slicename', )
+ list_display = ('backend_status_icon', 'name', 'site','serviceClass', 'slice_url', 'max_slivers')
+ list_display_links = ('backend_status_icon', 'name', )
inlines = [SlicePrivilegeInline,SliverInline, TagInline, ReservationInline,SliceNetworkInline]
user_readonly_fields = fieldList
)
def render_change_form(self, request, context, add=False, change=False, form_url='', obj=None):
- #deployment_nodes = {}
- #for node in Node.objects.all():
- # deployment_nodes[node.deployment.id] = get(deployment_nodes, node.deployment.id, []).append( (node.id, node.name) )
-
deployment_nodes = []
for node in Node.objects.all():
deployment_nodes.append( (node.deployment.id, node.id, node.name) )
- sites = {}
+ deployment_flavors = []
+ for flavor in Flavor.objects.all():
+ for deployment in flavor.deployments.all():
+ deployment_flavors.append( (deployment.id, flavor.id, flavor.name) )
+
+ deployment_images = []
+ for image in Image.objects.all():
+ for imageDeployment in image.imagedeployments_set.all():
+ deployment_images.append( (imageDeployment.deployment.id, image.id, image.name) )
+
+ site_login_bases = []
for site in Site.objects.all():
- sites[site.id] = site.login_base
-
- context["deployment_nodes"] = deployment_nodes
- context["sites"] = sites
+ site_login_bases.append((site.id, site.login_base))
+ context["deployment_nodes"] = deployment_nodes
+ context["deployment_flavors"] = deployment_flavors
+ context["deployment_images"] = deployment_images
+ context["site_login_bases"] = site_login_bases
return super(SliceAdmin, self).render_change_form(request, context, add, change, form_url, obj)
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == 'site':
kwargs['queryset'] = Site.select_by_user(request.user)
- kwargs['widget'] = forms.Select(attrs={'onChange': "update_slice_name(this, $($(this).closest('div')[0]).find('.field-name input')[0].id)"})
+ kwargs['widget'] = forms.Select(attrs={'onChange': "update_slice_prefix(this, $($(this).closest('fieldset')[0]).find('.field-name input')[0].id)"})
return super(SliceAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
class SliverAdmin(PlanetStackBaseAdmin):
form = SliverForm
fieldsets = [
- ('Sliver Details', {'fields': ['backend_status_text', 'slice', 'deploymentNetwork', 'node', 'ip', 'instance_name', 'numberCores', 'image', ], 'classes': ['suit-tab suit-tab-general'], })
+ ('Sliver Details', {'fields': ['backend_status_text', 'slice', 'deploymentNetwork', 'node', 'ip', 'instance_name', 'flavor', 'image', ], 'classes': ['suit-tab suit-tab-general'], })
]
readonly_fields = ('backend_status_text', )
- list_display = ['backend_status_icon', 'ip', 'instance_name', 'slice', 'numberCores', 'image', 'node', 'deploymentNetwork']
+ list_display = ['backend_status_icon', 'ip', 'instance_name', 'slice', 'flavor', 'image', 'node', 'deploymentNetwork']
list_display_links = ('backend_status_icon', 'ip',)
suit_form_tabs =(('general', 'Sliver Details'),
inlines = [TagInline]
- user_readonly_fields = ['slice', 'deploymentNetwork', 'node', 'ip', 'instance_name', 'numberCores', 'image']
+ user_readonly_fields = ['slice', 'deploymentNetwork', 'node', 'ip', 'instance_name', 'flavor', 'image']
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == 'slice':
suit_classes = 'suit-tab suit-tab-dashboards'
fields = ['user', 'dashboardView', 'order']
-class UserAdmin(UserAdmin):
+class UserAdmin(PlanetStackBaseAdmin):
class Meta:
app_label = "core"
+ add_form_template = 'admin/auth/user/add_form.html'
+ change_user_password_template = None
+
# The forms to add and change user instances
form = UserChangeForm
add_form = UserCreationForm
+ change_password_form = AdminPasswordChangeForm
# The fields to be used in displaying the User model.
# These override the definitions on the base UserAdmin
list_filter = ('site',)
inlines = [SlicePrivilegeInline,SitePrivilegeInline,DeploymentPrivilegeInline,UserDashboardViewInline]
- fieldListLoginDetails = ['email','site','password','is_active','is_readonly','is_admin','public_key']
+ fieldListLoginDetails = ['backend_status_text', 'email','site','password','is_active','is_readonly','is_admin','public_key']
fieldListContactInfo = ['firstname','lastname','phone','timezone']
fieldsets = (
return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
- def has_add_permission(self, request, obj=None):
- return (not self.__user_is_readonly(request))
-
- def has_delete_permission(self, request, obj=None):
- return (not self.__user_is_readonly(request))
-
- def get_actions(self,request):
- actions = super(UserAdmin,self).get_actions(request)
-
- if self.__user_is_readonly(request):
- if 'delete_selected' in actions:
- del actions['delete_selected']
-
- return actions
-
- def change_view(self,request,object_id, extra_context=None):
-
- if self.__user_is_readonly(request):
- if not hasattr(self, "readonly_save"):
- # save the original readonly fields\r
- self.readonly_save = self.readonly_fields\r
- self.inlines_save = self.inlines
- if hasattr(self, "user_readonly_fields"):
- self.readonly_fields=self.user_readonly_fields
- if hasattr(self, "user_readonly_inlines"):
- self.inlines = self.user_readonly_inlines
- else:
- if hasattr(self, "readonly_save"):\r
- # restore the original readonly fields\r
- self.readonly_fields = self.readonly_save\r
- self.inlines = self.inlines_save
-
- try:
- return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context)
- except PermissionDenied:
- pass
- if request.method == 'POST':
- raise PermissionDenied
- request.readonly = True
- return super(UserAdmin, self).change_view(request, object_id, extra_context=extra_context)
-
- def __user_is_readonly(self, request):
- #groups = [x.name for x in request.user.groups.all() ]
- #return "readonly" in groups
- return request.user.isReadOnlyUser()
-
def queryset(self, request):
return User.select_by_user(request.user)
- def backend_status_text(self, obj):
- return mark_safe(backend_text(obj))
+ # ------------------------------------------------------------------------
+ # stuff copied from ModelAdmin.UserAdmin
+ # ------------------------------------------------------------------------
+ def get_fieldsets(self, request, obj=None):
+ if not obj:\r
+ return self.add_fieldsets\r
+ return super(UserAdmin, self).get_fieldsets(request, obj)
+
+ def get_form(self, request, obj=None, **kwargs):
+ """\r
+ Use special form during user creation\r
+ """\r
+ defaults = {}\r
+ if obj is None:\r
+ defaults['form'] = self.add_form\r
+ defaults.update(kwargs)\r
+ return super(UserAdmin, self).get_form(request, obj, **defaults)\r
+\r
+ def get_urls(self):\r
+ from django.conf.urls import patterns\r
+ return patterns('',\r
+ (r'^(\d+)/password/$',\r
+ self.admin_site.admin_view(self.user_change_password))\r
+ ) + super(UserAdmin, self).get_urls()\r
+\r
+ def lookup_allowed(self, lookup, value):\r
+ # See #20078: we don't want to allow any lookups involving passwords.\r
+ if lookup.startswith('password'):\r
+ return False\r
+ return super(UserAdmin, self).lookup_allowed(lookup, value)\r
+\r
+ @sensitive_post_parameters_m\r
+ @csrf_protect_m\r
+ @transaction.atomic\r
+ def add_view(self, request, form_url='', extra_context=None):\r
+ # It's an error for a user to have add permission but NOT change\r
+ # permission for users. If we allowed such users to add users, they\r
+ # could create superusers, which would mean they would essentially have\r
+ # the permission to change users. To avoid the problem entirely, we\r
+ # disallow users from adding users if they don't have change\r
+ # permission.\r
+ if not self.has_change_permission(request):\r
+ if self.has_add_permission(request) and settings.DEBUG:\r
+ # Raise Http404 in debug mode so that the user gets a helpful\r
+ # error message.\r
+ raise Http404(\r
+ 'Your user does not have the "Change user" permission. In '\r
+ 'order to add users, Django requires that your user '\r
+ 'account have both the "Add user" and "Change user" '\r
+ 'permissions set.')\r
+ raise PermissionDenied\r
+ if extra_context is None:\r
+ extra_context = {}\r
+ username_field = self.model._meta.get_field(self.model.USERNAME_FIELD)\r
+ defaults = {\r
+ 'auto_populated_fields': (),\r
+ 'username_help_text': username_field.help_text,\r
+ }\r
+ extra_context.update(defaults)\r
+ return super(UserAdmin, self).add_view(request, form_url,\r
+ extra_context)\r
+\r
+ @sensitive_post_parameters_m\r
+ def user_change_password(self, request, id, form_url=''):\r
+ if not self.has_change_permission(request):\r
+ raise PermissionDenied\r
+ user = get_object_or_404(self.get_queryset(request), pk=id)\r
+ if request.method == 'POST':\r
+ form = self.change_password_form(user, request.POST)\r
+ if form.is_valid():\r
+ form.save()\r
+ change_message = self.construct_change_message(request, form, None)\r
+ self.log_change(request, user, change_message)\r
+ msg = ugettext('Password changed successfully.')\r
+ messages.success(request, msg)\r
+ update_session_auth_hash(request, form.user)\r
+ return HttpResponseRedirect('..')\r
+ else:\r
+ form = self.change_password_form(user)\r
+\r
+ fieldsets = [(None, {'fields': list(form.base_fields)})]\r
+ adminForm = admin.helpers.AdminForm(form, fieldsets, {})\r
+\r
+ context = {\r
+ 'title': _('Change password: %s') % escape(user.get_username()),\r
+ 'adminForm': adminForm,\r
+ 'form_url': form_url,\r
+ 'form': form,\r
+ 'is_popup': (IS_POPUP_VAR in request.POST or\r
+ IS_POPUP_VAR in request.GET),\r
+ 'add': True,\r
+ 'change': False,\r
+ 'has_delete_permission': False,\r
+ 'has_change_permission': True,\r
+ 'has_absolute_url': False,\r
+ 'opts': self.model._meta,\r
+ 'original': user,\r
+ 'save_as': False,\r
+ 'show_save': True,\r
+ }\r
+ context.update(admin.site.each_context())\r
+ return TemplateResponse(request,\r
+ self.change_user_password_template or\r
+ 'admin/auth/user/change_password.html',\r
+ context, current_app=self.admin_site.name)\r
+\r
+ def response_add(self, request, obj, post_url_continue=None):\r
+ """\r
+ Determines the HttpResponse for the add_view stage. It mostly defers to\r
+ its superclass implementation but is customized because the User model\r
+ has a slightly different workflow.\r
+ """\r
+ # We should allow further modification of the user just added i.e. the\r
+ # 'Save' button should behave like the 'Save and continue editing'\r
+ # button except in two scenarios:\r
+ # * The user has pressed the 'Save and add another' button\r
+ # * We are adding a user in a popup\r
+ if '_addanother' not in request.POST and IS_POPUP_VAR not in request.POST:\r
+ request.POST['_continue'] = 1\r
+ return super(UserAdmin, self).response_add(request, obj,\r
+ post_url_continue)
+
+ # ------------------------------------------------------------------------
+ # end stuff copied from ModelAdmin.UserAdmin
+ # ------------------------------------------------------------------------
- def backend_status_icon(self, obj):
- return mark_safe(backend_icon(obj))
- backend_status_icon.short_description = ""
class DashboardViewAdmin(PlanetStackBaseAdmin):
fieldsets = [('Dashboard View Details',
user_readonly_fields = ["name", "guaranteedBandwidth", "visibility"]
user_readonly_inlines = []
+class FlavorAdmin(PlanetStackBaseAdmin):
+ list_display = ("backend_status_icon", "name", "flavor", "order", "default")
+ list_display_links = ("backend_status_icon", "name")
+ user_readonly_fields = ("name", "flavor")
+ fields = ("name", "description", "flavor", "order", "default")
+
# register a signal that caches the user's credentials when they log in
def cache_credentials(sender, user, request, **kwds):
auth = {'username': request.POST['username'],
dollar_total_invoices = dollar_field("total_invoices", "Total Invoices")
dollar_total_payments = dollar_field("total_payments", "Total Payments")
-
# Now register the new UserAdmin...
admin.site.register(User, UserAdmin)
# ... and, since we're not using Django's builtin permissions,
admin.site.register(Sliver, SliverAdmin)
admin.site.register(Image, ImageAdmin)
admin.site.register(DashboardView, DashboardViewAdmin)
+ admin.site.register(Flavor, FlavorAdmin)
git://git.onelab.eu / plstackapi.git / blobdiff