views.py 94.1 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
# Copyright 2014 Budapest University of Technology and Economics (BME IK)
#
# This file is part of CIRCLE Cloud.
#
# CIRCLE is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# CIRCLE is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along
# with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.

18
from __future__ import unicode_literals, absolute_import
19

20 21
from os import getenv
import json
Őry Máté committed
22
import logging
23
import re
24
import requests
25

26
from django.conf import settings
27
from django.contrib.auth.models import User, Group
Őry Máté committed
28
from django.contrib.auth.views import login, redirect_to_login
29
from django.contrib.messages import warning
30
from django.core.exceptions import (
31
    PermissionDenied, SuspiciousOperation,
32
)
33 34
from django.core import signing
from django.core.urlresolvers import reverse, reverse_lazy
35
from django.db.models import Count
36
from django.http import HttpResponse, HttpResponseRedirect, Http404
Őry Máté committed
37
from django.shortcuts import redirect, render, get_object_or_404
38
from django.views.decorators.http import require_GET
39
from django.views.generic.detail import SingleObjectMixin
40
from django.views.generic import (TemplateView, DetailView, View, DeleteView,
41
                                  UpdateView, CreateView, ListView)
42 43
from django.contrib import messages
from django.utils.translation import ugettext as _
44
from django.utils.translation import ungettext as __
45
from django.template.defaultfilters import title as title_filter
46
from django.template.loader import render_to_string
47
from django.template import RequestContext
48

49
from django.forms.models import inlineformset_factory
50
from django_tables2 import SingleTableView
51 52
from braces.views import LoginRequiredMixin, SuperuserRequiredMixin
from braces.views._access import AccessMixin
Kálmán Viktor committed
53

54
from .forms import (
55
    CircleAuthenticationForm, DiskAddForm, HostForm, LeaseForm, MyProfileForm,
56
    NodeForm, TemplateForm, TraitForm, VmCustomizeForm, GroupCreateForm,
57
    CirclePasswordChangeForm
58
)
59 60 61 62

from .tables import (
    NodeListTable, NodeVmListTable, TemplateListTable, LeaseListTable,
    GroupListTable,
63
)
Őry Máté committed
64 65 66 67
from vm.models import (
    Instance, instance_activity, InstanceActivity, InstanceTemplate, Interface,
    InterfaceTemplate, Lease, Node, NodeActivity, Trait,
)
68
from storage.models import Disk
69
from firewall.models import Vlan, Host, Rule
70
from .models import Favourite, Profile, GroupProfile
71

Őry Máté committed
72
logger = logging.getLogger(__name__)
73

74

75 76 77 78
def search_user(keyword):
    try:
        return User.objects.get(username=keyword)
    except User.DoesNotExist:
79 80 81 82
        try:
            return User.objects.get(profile__org_id=keyword)
        except User.DoesNotExist:
            return User.objects.get(email=keyword)
83 84


85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102
# github.com/django/django/blob/stable/1.6.x/django/contrib/messages/views.py
class SuccessMessageMixin(object):
    """
    Adds a success message on successful form submission.
    """
    success_message = ''

    def form_valid(self, form):
        response = super(SuccessMessageMixin, self).form_valid(form)
        success_message = self.get_success_message(form.cleaned_data)
        if success_message:
            messages.success(self.request, success_message)
        return response

    def get_success_message(self, cleaned_data):
        return self.success_message % cleaned_data


103
class IndexView(LoginRequiredMixin, TemplateView):
Kálmán Viktor committed
104
    template_name = "dashboard/index.html"
105

106
    def get_context_data(self, **kwargs):
107
        user = self.request.user
108
        context = super(IndexView, self).get_context_data(**kwargs)
109

110
        # instances
111
        favs = Instance.objects.filter(favourite__user=self.request.user)
112
        instances = Instance.get_objects_with_level(
113
            'user', user, disregard_superuser=True).filter(destroyed_at=None)
114 115 116
        display = list(favs) + list(set(instances) - set(favs))
        for d in display:
            d.fav = True if d in favs else False
117
        context.update({
118
            'instances': display[:5],
119
            'more_instances': instances.count() - len(instances[:5])
120 121
        })

122 123
        running = instances.filter(status='RUNNING')
        stopped = instances.exclude(status__in=('RUNNING', 'NOSTATE'))
124

125
        context.update({
126 127 128
            'running_vms': running[:20],
            'running_vm_num': running.count(),
            'stopped_vm_num': stopped.count()
129
        })
130

131 132 133 134
        # nodes
        if user.is_superuser:
            nodes = Node.objects.all()
            context.update({
135 136
                'nodes': nodes[:5],
                'more_nodes': nodes.count() - len(nodes[:5]),
137 138 139 140 141 142 143 144 145 146
                'sum_node_num': nodes.count(),
                'node_num': {
                    'running': Node.get_state_count(True, True),
                    'missing': Node.get_state_count(False, True),
                    'disabled': Node.get_state_count(True, False),
                    'offline': Node.get_state_count(False, False)
                }
            })

        # groups
147
        if user.has_module_perms('auth'):
148 149
            profiles = GroupProfile.get_objects_with_level('operator', user)
            groups = Group.objects.filter(groupprofile__in=profiles)
150 151 152 153
            context.update({
                'groups': groups[:5],
                'more_groups': groups.count() - len(groups[:5]),
            })
154 155 156 157 158 159

        # template
        if user.has_perm('vm.create_template'):
            context['templates'] = InstanceTemplate.get_objects_with_level(
                'operator', user).all()[:5]

160 161
        return context

162

163
def get_vm_acl_data(obj):
164 165 166 167 168 169 170 171 172
    levels = obj.ACL_LEVELS
    users = obj.get_users_with_level()
    users = [{'user': u, 'level': l} for u, l in users]
    groups = obj.get_groups_with_level()
    groups = [{'group': g, 'level': l} for g, l in groups]
    return {'users': users, 'groups': groups, 'levels': levels,
            'url': reverse('dashboard.views.vm-acl', args=[obj.pk])}


173 174 175 176 177 178 179 180 181 182 183
def get_group_acl_data(obj):
    aclobj = obj.profile
    levels = aclobj.ACL_LEVELS
    users = aclobj.get_users_with_level()
    users = [{'user': u, 'level': l} for u, l in users]
    groups = aclobj.get_groups_with_level()
    groups = [{'group': g, 'level': l} for g, l in groups]
    return {'users': users, 'groups': groups, 'levels': levels,
            'url': reverse('dashboard.views.group-acl', args=[obj.pk])}


184
class CheckedDetailView(LoginRequiredMixin, DetailView):
185 186
    read_level = 'user'

187 188 189
    def get_has_level(self):
        return self.object.has_level

190 191
    def get_context_data(self, **kwargs):
        context = super(CheckedDetailView, self).get_context_data(**kwargs)
192
        if not self.get_has_level()(self.request.user, self.read_level):
193 194 195 196
            raise PermissionDenied()
        return context


197 198 199 200 201 202 203 204 205
class VmDetailVncTokenView(CheckedDetailView):
    template_name = "dashboard/vm-detail.html"
    model = Instance

    def get(self, request, **kwargs):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'operator'):
            raise PermissionDenied()
        if self.object.node:
206 207 208 209 210 211 212 213
            with instance_activity(code_suffix='console-accessed',
                                   instance=self.object, user=request.user,
                                   concurrency_check=False):
                port = self.object.vnc_port
                host = str(self.object.node.host.ipv4)
                value = signing.dumps({'host': host, 'port': port},
                                      key=getenv("PROXY_SECRET", 'asdasd')),
                return HttpResponse('vnc/?d=%s' % value)
214 215 216 217
        else:
            raise Http404()


218
class VmDetailView(CheckedDetailView):
Kálmán Viktor committed
219
    template_name = "dashboard/vm-detail.html"
220
    model = Instance
221 222

    def get_context_data(self, **kwargs):
223
        context = super(VmDetailView, self).get_context_data(**kwargs)
224
        instance = context['instance']
225 226 227
        context.update({
            'graphite_enabled': VmGraphView.get_graphite_url() is not None,
            'vnc_url': reverse_lazy("dashboard.views.detail-vnc",
228
                                    kwargs={'pk': self.object.pk}),
229
            'ops': get_operations(instance, self.request.user),
230
        })
231 232

        # activity data
233
        context['activities'] = self.object.get_activities(self.request.user)
234

235
        context['vlans'] = Vlan.get_objects_with_level(
236
            'user', self.request.user
237
        ).exclude(  # exclude already added interfaces
238 239 240
            pk__in=Interface.objects.filter(
                instance=self.get_object()).values_list("vlan", flat=True)
        ).all()
241
        context['acl'] = get_vm_acl_data(instance)
242
        context['forms'] = {
243
            'disk_add_form': DiskAddForm(
244
                user=self.request.user,
245
                is_template=False, object_pk=self.get_object().pk,
246
                prefix="disk"),
247
        }
248 249
        context['os_type_icon'] = instance.os_type.replace("unknown",
                                                           "question")
250
        return context
Kálmán Viktor committed
251

252 253 254 255 256
    def post(self, request, *args, **kwargs):
        if (request.POST.get('ram-size') and request.POST.get('cpu-count')
                and request.POST.get('cpu-priority')):
            return self.__set_resources(request)

257 258 259
        options = {
            'change_password': self.__change_password,
            'new_name': self.__set_name,
260
            'new_description': self.__set_description,
261 262
            'new_tag': self.__add_tag,
            'to_remove': self.__remove_tag,
263 264
            'port': self.__add_port,
            'new_network_vlan': self.__new_network,
265
            'abort_operation': self.__abort_operation,
266 267 268 269
        }
        for k, v in options.iteritems():
            if request.POST.get(k) is not None:
                return v(request)
Kálmán Viktor committed
270

271 272 273 274
    def __change_password(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
Kálmán Viktor committed
275

276
        self.object.change_password(user=request.user)
277
        messages.success(request, _("Password changed."))
278
        if request.is_ajax():
279
            return HttpResponse("Success.")
280 281 282
        else:
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.object.pk}))
283

284 285 286 287
    def __set_resources(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
288 289
        if not request.user.has_perm('vm.change_resources'):
            raise PermissionDenied()
290 291 292 293

        resources = {
            'num_cores': request.POST.get('cpu-count'),
            'ram_size': request.POST.get('ram-size'),
294
            'max_ram_size': request.POST.get('ram-size'),  # TODO: max_ram
295 296 297 298
            'priority': request.POST.get('cpu-priority')
        }
        Instance.objects.filter(pk=self.object.pk).update(**resources)

299
        success_message = _("Resources successfully updated.")
300 301 302 303 304 305 306 307 308 309 310
        if request.is_ajax():
            response = {'message': success_message}
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.object.pk}))

311 312
    def __set_name(self, request):
        self.object = self.get_object()
313 314
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
315 316 317 318
        new_name = request.POST.get("new_name")
        Instance.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

319
        success_message = _("VM successfully renamed.")
320 321 322 323 324 325 326 327 328 329 330 331
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
                'vm_pk': self.object.pk
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
332 333 334 335 336 337 338 339 340 341 342
            return redirect(self.object.get_absolute_url())

    def __set_description(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()

        new_description = request.POST.get("new_description")
        Instance.objects.filter(pk=self.object.pk).update(
            **{'description': new_description})

343
        success_message = _("VM description successfully updated.")
344 345 346 347 348 349 350 351 352 353 354 355
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_description': new_description,
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(self.object.get_absolute_url())
356

Kálmán Viktor committed
357 358 359
    def __add_tag(self, request):
        new_tag = request.POST.get('new_tag')
        self.object = self.get_object()
360 361
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
Kálmán Viktor committed
362 363

        if len(new_tag) < 1:
364
            message = u"Please input something."
Kálmán Viktor committed
365
        elif len(new_tag) > 20:
366
            message = u"Tag name is too long."
Kálmán Viktor committed
367 368 369 370 371 372 373 374 375 376 377 378 379 380 381
        else:
            self.object.tags.add(new_tag)

        try:
            messages.error(request, message)
        except:
            pass

        return redirect(reverse_lazy("dashboard.views.detail",
                                     kwargs={'pk': self.object.pk}))

    def __remove_tag(self, request):
        try:
            to_remove = request.POST.get('to_remove')
            self.object = self.get_object()
382 383
            if not self.object.has_level(request.user, 'owner'):
                raise PermissionDenied()
Kálmán Viktor committed
384 385 386 387 388 389 390 391 392 393 394

            self.object.tags.remove(to_remove)
            message = u"Success"
        except:  # note this won't really happen
            message = u"Not success"

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': message}),
                content_type="application=json"
            )
395 396 397
        else:
            return redirect(reverse_lazy("dashboard.views.detail",
                            kwargs={'pk': self.object.pk}))
Kálmán Viktor committed
398

399 400
    def __add_port(self, request):
        object = self.get_object()
401 402
        if (not object.has_level(request.user, 'owner') or
                not request.user.has_perm('vm.config_ports')):
403
            raise PermissionDenied()
404 405 406 407 408 409

        port = request.POST.get("port")
        proto = request.POST.get("proto")

        try:
            error = None
410 411 412
            interfaces = object.interface_set.all()
            host = Host.objects.get(pk=request.POST.get("host_pk"),
                                    interface__in=interfaces)
413
            host.add_port(proto, private=port)
414 415 416 417 418
        except Host.DoesNotExist:
            logger.error('Tried to add port to nonexistent host %d. User: %s. '
                         'Instance: %s', request.POST.get("host_pk"),
                         unicode(request.user), object)
            raise PermissionDenied()
419
        except ValueError:
420
            error = _("There is a problem with your input.")
421
        except Exception as e:
Bach Dániel committed
422 423
            error = _("Unknown error.")
            logger.error(e)
424 425 426 427 428 429 430 431 432

        if request.is_ajax():
            pass
        else:
            if error:
                messages.error(request, error)
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.get_object().pk}))

433 434 435 436 437
    def __new_network(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()

438
        vlan = get_object_or_404(Vlan, pk=request.POST.get("new_network_vlan"))
439 440
        if not vlan.has_level(request.user, 'user'):
            raise PermissionDenied()
441
        try:
442
            self.object.add_interface(vlan=vlan, user=request.user)
443
            messages.success(request, _("Successfully added new interface."))
444 445 446 447 448 449 450
        except Exception, e:
            error = u' '.join(e.messages)
            messages.error(request, error)

        return redirect("%s#network" % reverse_lazy(
            "dashboard.views.detail", kwargs={'pk': self.object.pk}))

451
    def __abort_operation(self, request):
Kálmán Viktor committed
452 453 454 455
        self.object = self.get_object()

        activity = get_object_or_404(InstanceActivity,
                                     pk=request.POST.get("activity"))
456 457
        if not activity.is_abortable_for(request.user):
            raise PermissionDenied()
Kálmán Viktor committed
458 459 460
        activity.abort()
        return redirect("%s#activity" % self.object.get_absolute_url())

461

462
class OperationView(DetailView):
463

464
    template_name = 'dashboard/operate.html'
465

466 467 468
    @property
    def name(self):
        return self.get_op().name
469

470 471 472
    @property
    def description(self):
        return self.get_op().description
473

474 475 476
    @classmethod
    def get_urlname(cls):
        return 'dashboard.vm.op.%s' % cls.op
477

478 479
    def get_url(self):
        return reverse(self.get_urlname(), args=(self.get_object().pk, ))
480

481 482 483 484 485
    def get_wrapper_template_name(self):
        if self.request.is_ajax():
            return 'dashboard/_modal.html'
        else:
            return 'dashboard/_base.html'
486

487 488 489
    @classmethod
    def get_op_by_object(cls, obj):
        return getattr(obj, cls.op)
490

491 492 493 494
    def get_op(self):
        if not hasattr(self, '_opobj'):
            setattr(self, '_opobj', getattr(self.get_object(), self.op))
        return self._opobj
495

496
    def get_context_data(self, **kwargs):
497
        ctx = super(OperationView, self).get_context_data(**kwargs)
498 499 500
        ctx['op'] = self.get_op()
        ctx['url'] = self.request.path
        return ctx
501

502 503 504 505 506 507 508
    def get(self, request, *args, **kwargs):
        self.get_op().check_auth(request.user)
        response = super(OperationView, self).get(request, *args, **kwargs)
        response.render()
        response.content = render_to_string(self.get_wrapper_template_name(),
                                            {'body': response.content})
        return response
509

510
    def post(self, request, extra=None, *args, **kwargs):
511
        self.object = self.get_object()
512 513
        if extra is None:
            extra = {}
514
        try:
515
            self.get_op().async(user=request.user, **extra)
516 517 518
        except Exception as e:
            messages.error(request, _('Could not start operation.'))
            logger.error(e)
519
        return redirect("%s#activity" % self.object.get_absolute_url())
520

521 522 523 524
    @classmethod
    def factory(cls, op, icon='cog'):
        return type(str(cls.__name__ + op),
                    (cls, ), {'op': op, 'icon': icon})
525

526 527 528 529 530 531 532 533 534 535
    @classmethod
    def bind_to_object(cls, instance):
        v = cls()
        v.get_object = lambda: instance
        return v


class VmOperationView(OperationView):

    model = Instance
536
    context_object_name = 'instance'  # much simpler to mock object
537

538

539 540 541 542 543 544 545
class VmMigrateView(VmOperationView):

    op = 'migrate'
    icon = 'truck'
    template_name = 'dashboard/_vm-migrate.html'

    def get_context_data(self, **kwargs):
546
        ctx = super(VmMigrateView, self).get_context_data(**kwargs)
547 548 549 550 551
        ctx['nodes'] = [n for n in Node.objects.filter(enabled=True)
                        if n.state == "ONLINE"]
        return ctx

    def post(self, request, extra=None, *args, **kwargs):
552 553
        if extra is None:
            extra = {}
554 555 556 557 558 559 560
        node = self.request.POST.get("node")
        if node:
            node = get_object_or_404(Node, pk=node)
            extra["to_node"] = node
        return super(VmMigrateView, self).post(request, extra, *args, **kwargs)


561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580
class VmSaveView(VmOperationView):

    op = 'save_as_template'
    icon = 'save'
    template_name = 'dashboard/_vm-save.html'

    def get_context_data(self, **kwargs):
        ctx = super(VmSaveView, self).get_context_data(**kwargs)
        ctx['name'] = self.get_op()._rename(self.object.name)
        return ctx

    def post(self, request, extra=None, *args, **kwargs):
        if extra is None:
            extra = {}
        name = self.request.POST.get("name")
        if name:
            extra["name"] = name
        return super(VmSaveView, self).post(request, extra, *args, **kwargs)


581 582 583
vm_ops = {
    'reset': VmOperationView.factory(op='reset', icon='bolt'),
    'deploy': VmOperationView.factory(op='deploy', icon='play'),
584
    'migrate': VmMigrateView,
585 586 587
    'reboot': VmOperationView.factory(op='reboot', icon='refresh'),
    'shut_off': VmOperationView.factory(op='shut_off', icon='ban-circle'),
    'shutdown': VmOperationView.factory(op='shutdown', icon='off'),
588
    'save_as_template': VmSaveView,
589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606
    'destroy': VmOperationView.factory(op='destroy', icon='remove'),
    'sleep': VmOperationView.factory(op='sleep', icon='moon'),
    'wake_up': VmOperationView.factory(op='wake_up', icon='sun'),
}


def get_operations(instance, user):
    ops = []
    for k, v in vm_ops.iteritems():
        try:
            op = v.get_op_by_object(instance)
            op.check_auth(user)
            op.check_precond()
        except:
            pass  # unavailable
        else:
            ops.append(v.bind_to_object(instance))
    return ops
607

Kálmán Viktor committed
608

609
class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, DetailView):
610 611
    template_name = "dashboard/node-detail.html"
    model = Node
612 613
    form = None
    form_class = TraitForm
614

615 616 617
    def get_context_data(self, form=None, **kwargs):
        if form is None:
            form = self.form_class()
618
        context = super(NodeDetailView, self).get_context_data(**kwargs)
619 620
        instances = Instance.active.filter(node=self.object)
        context['table'] = NodeVmListTable(instances)
621 622 623 624
        na = NodeActivity.objects.filter(
            node=self.object, parent=None
        ).order_by('-started').select_related()
        context['activities'] = na
625
        context['trait_form'] = form
626 627
        context['graphite_enabled'] = (
            NodeGraphView.get_graphite_url() is not None)
628 629
        return context

630 631 632
    def post(self, request, *args, **kwargs):
        if request.POST.get('new_name'):
            return self.__set_name(request)
633 634
        if request.POST.get('to_remove'):
            return self.__remove_trait(request)
635 636
        return redirect(reverse_lazy("dashboard.views.node-detail",
                                     kwargs={'pk': self.get_object().pk}))
637 638 639 640 641 642 643

    def __set_name(self, request):
        self.object = self.get_object()
        new_name = request.POST.get("new_name")
        Node.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

644
        success_message = _("Node successfully renamed.")
645 646 647 648 649
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
                'node_pk': self.object.pk
650 651 652 653 654 655 656 657 658 659
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.node-detail",
                                         kwargs={'pk': self.object.pk}))

660 661 662 663
    def __remove_trait(self, request):
        try:
            to_remove = request.POST.get('to_remove')
            self.object = self.get_object()
664
            self.object.traits.remove(to_remove)
665 666 667 668 669 670 671
            message = u"Success"
        except:  # note this won't really happen
            message = u"Not success"

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': message}),
672
                content_type="application/json"
673
            )
674
        else:
675
            return redirect(self.object.get_absolute_url())
676

677

678
class GroupDetailView(CheckedDetailView):
679 680
    template_name = "dashboard/group-detail.html"
    model = Group
681
    read_level = 'operator'
682 683 684

    def get_has_level(self):
        return self.object.profile.has_level
685 686 687

    def get_context_data(self, **kwargs):
        context = super(GroupDetailView, self).get_context_data(**kwargs)
688 689 690
        context['group'] = self.object
        context['users'] = self.object.user_set.all()
        context['acl'] = get_group_acl_data(self.object)
691 692 693
        return context

    def post(self, request, *args, **kwargs):
694 695 696
        self.object = self.get_object()
        if not self.get_has_level()(request.user, 'operator'):
            raise PermissionDenied()
697 698
        if request.POST.get('new_name'):
            return self.__set_name(request)
699
        if request.POST.get('list-new-name'):
700
            return self.__add_user(request)
701
        if request.POST.get('list-new-namelist'):
702
            return self.__add_list(request)
703 704 705 706
        if (request.POST.get('list-new-name') is not None) and \
                (request.POST.get('list-new-namelist') is not None):
            return redirect(reverse_lazy("dashboard.views.group-detail",
                                         kwargs={'pk': self.get_object().pk}))
707 708

    def __add_user(self, request):
709
        name = request.POST['list-new-name']
710 711 712
        self.__add_username(request, name)
        return redirect(reverse_lazy("dashboard.views.group-detail",
                                     kwargs={'pk': self.object.pk}))
713 714

    def __add_username(self, request, name):
715
        if not name:
716
            return
717 718
        try:
            entity = User.objects.get(username=name)
719
            self.object.user_set.add(entity)
720 721
        except User.DoesNotExist:
            warning(request, _('User "%s" not found.') % name)
722

723
    def __add_list(self, request):
724 725
        if not self.get_has_level()(request.user, 'operator'):
            raise PermissionDenied()
726 727 728
        userlist = request.POST.get('list-new-namelist').split('\r\n')
        for line in userlist:
            self.__add_username(request, line)
729 730
        return redirect(reverse_lazy("dashboard.views.group-detail",
                                     kwargs={'pk': self.object.pk}))
731 732 733 734 735 736

    def __set_name(self, request):
        new_name = request.POST.get("new_name")
        Group.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

737
        success_message = _("Group successfully renamed.")
738 739 740 741
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
742
                'group_pk': self.object.pk
743 744 745 746 747 748 749 750 751 752 753
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.group-detail",
                                         kwargs={'pk': self.object.pk}))


754
class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
755

756
    def post(self, request, *args, **kwargs):
757
        instance = self.get_object()
758 759
        if not (instance.has_level(request.user, "owner") or
                getattr(instance, 'owner', None) == request.user):
Őry Máté committed
760 761
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(instance), unicode(request.user))
762
            raise PermissionDenied()
763
        self.set_levels(request, instance)
764
        self.remove_levels(request, instance)
765
        self.add_levels(request, instance)
766
        return redirect("%s#access" % instance.get_absolute_url())
767 768

    def set_levels(self, request, instance):
769 770 771
        for key, value in request.POST.items():
            m = re.match('perm-([ug])-(\d+)', key)
            if m:
772 773
                typ, id = m.groups()
                entity = {'u': User, 'g': Group}[typ].objects.get(id=id)
774
                if getattr(instance, "owner", None) == entity:
775 776 777
                    logger.info("Tried to set owner's acl level for %s by %s.",
                                unicode(instance), unicode(request.user))
                    continue
778
                instance.set_level(entity, value)
Őry Máté committed
779 780 781
                logger.info("Set %s's acl level for %s to %s by %s.",
                            unicode(entity), unicode(instance),
                            value, unicode(request.user))
782

783 784 785 786 787 788 789 790 791 792
    def remove_levels(self, request, instance):
        for key, value in request.POST.items():
            if key.startswith("remove"):
                typ = key[7:8]  # len("remove-")
                id = key[9:]  # len("remove-x-")
                entity = {'u': User, 'g': Group}[typ].objects.get(id=id)
                if getattr(instance, "owner", None) == entity:
                    logger.info("Tried to remove owner from %s by %s.",
                                unicode(instance), unicode(request.user))
                    msg = _("The original owner cannot be removed, however "
793
                            "you can transfer ownership.")
794 795 796 797 798 799 800
                    messages.warning(request, msg)
                    continue
                instance.set_level(entity, None)
                logger.info("Revoked %s's access to %s by %s.",
                            unicode(entity), unicode(instance),
                            unicode(request.user))

801
    def add_levels(self, request, instance):
802 803
        name = request.POST['perm-new-name']
        value = request.POST['perm-new']
804 805 806 807 808 809
        if not name:
            return
        try:
            entity = User.objects.get(username=name)
        except User.DoesNotExist:
            entity = None
810 811
            try:
                entity = Group.objects.get(name=name)
812 813 814 815
            except Group.DoesNotExist:
                warning(request, _('User or group "%s" not found.') % name)
                return

816
        instance.set_level(entity, value)
Őry Máté committed
817 818 819
        logger.info("Set %s's new acl level for %s to %s by %s.",
                    unicode(entity), unicode(instance),
                    value, unicode(request.user))
820

Kálmán Viktor committed
821

822 823 824 825 826 827 828 829 830 831
class TemplateAclUpdateView(AclUpdateView):
    model = InstanceTemplate

    def post(self, request, *args, **kwargs):
        template = self.get_object()
        if not (template.has_level(request.user, "owner") or
                getattr(template, 'owner', None) == request.user):
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(template), unicode(request.user))
            raise PermissionDenied()
832 833 834 835 836 837 838 839 840

        name = request.POST['perm-new-name']
        if (User.objects.filter(username=name).count() +
                Group.objects.filter(name=name).count() < 1
                and len(name) > 0):
            warning(request, _('User or group "%s" not found.') % name)
        else:
            self.set_levels(request, template)
            self.add_levels(request, template)
841
            self.remove_levels(request, template)
842 843 844 845 846 847

            post_for_disk = request.POST.copy()
            post_for_disk['perm-new'] = 'user'
            request.POST = post_for_disk
            for d in template.disks.all():
                self.add_levels(request, d)
848

849
        return redirect(template)
850 851


852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873
class GroupAclUpdateView(AclUpdateView):
    model = Group

    def post(self, request, *args, **kwargs):
        instance = self.get_object().profile
        if not (instance.has_level(request.user, "owner") or
                getattr(instance, 'owner', None) == request.user):
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(instance), unicode(request.user))
            raise PermissionDenied()
        name = request.POST['perm-new-name']
        if (User.objects.filter(username=name).count() +
                Group.objects.filter(name=name).count() < 1
                and len(name) > 0):
            warning(request, _('User or group "%s" not found.') % name)
        else:
            self.set_levels(request, instance)
            self.add_levels(request, instance)
        return redirect(reverse("dashboard.views.group-detail",
                                kwargs=self.kwargs))


874 875 876 877 878 879 880 881 882 883
class TemplateChoose(TemplateView):

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/modal-wrapper.html']
        else:
            return ['dashboard/nojs-wrapper.html']

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateChoose, self).get_context_data(*args, **kwargs)
884
        templates = InstanceTemplate.get_objects_with_level("user",
885 886 887 888
                                                            self.request.user)
        context.update({
            'box_title': _('Choose template'),
            'ajax_title': False,
889
            'template': "dashboard/_template-choose.html",
890
            'templates': templates.all(),
891 892 893
        })
        return context

894 895 896 897 898 899 900
    def post(self, request, *args, **kwargs):
        if not request.user.has_perm('vm.create_template'):
            raise PermissionDenied()

        template = request.POST.get("parent")
        if template == "base_vm":
            return redirect(reverse("dashboard.views.template-create"))
901
        elif template is None:
902
            messages.warning(request, _("Select an option to proceed."))
903
            return redirect(reverse("dashboard.views.template-choose"))
904 905 906 907 908 909 910 911
        else:
            template = get_object_or_404(InstanceTemplate, pk=template)

        instance = Instance.create_from_template(
            template=template, owner=request.user, is_base=True)

        return redirect(instance.get_absolute_url())

912

913 914 915 916
class TemplateCreate(SuccessMessageMixin, CreateView):
    model = InstanceTemplate
    form_class = TemplateForm

917 918
    def get_template_names(self):
        if self.request.is_ajax():
919
            pass
920 921 922 923 924 925 926
        else:
            return ['dashboard/nojs-wrapper.html']

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateCreate, self).get_context_data(*args, **kwargs)

        context.update({
927
            'box_title': _("Create a new base VM"),
928
            'template': "dashboard/_template-create.html",
929
            'leases': Lease.objects.count()
930 931 932
        })
        return context

933
    def get(self, *args, **kwargs):
934 935
        if not self.request.user.has_perm('vm.create_template'):
            raise PermissionDenied()
936

937 938 939 940
        return super(TemplateCreate, self).get(*args, **kwargs)

    def get_form_kwargs(self):
        kwargs = super(TemplateCreate, self).get_form_kwargs()
941
        kwargs['user'] = self.request.user
942 943
        return kwargs

944 945 946
    def post(self, request, *args, **kwargs):
        if not self.request.user.has_perm('vm.create_template'):
            raise PermissionDenied()
947 948

        form = self.form_class(request.POST, user=request.user)
949 950
        if not form.is_valid():
            return self.get(request, form, *args, **kwargs)
951
        else:
952
            post = form.cleaned_data
953 954
            networks = self.__create_networks(post.pop("networks"),
                                              request.user)
955
            post.pop("parent")
956
            post['max_ram_size'] = post['ram_size']
957 958 959 960 961 962 963
            req_traits = post.pop("req_traits")
            tags = post.pop("tags")
            post['pw'] = User.objects.make_random_password()
            post['is_base'] = True
            inst = Instance.create(params=post, disks=[],
                                   networks=networks,
                                   tags=tags, req_traits=req_traits)
964

965
            return redirect("%s#resources" % inst.get_absolute_url())
966

967 968
        return super(TemplateCreate, self).post(self, request, args, kwargs)

969
    def __create_networks(self, vlans, user):
970 971
        networks = []
        for v in vlans:
972 973
            if not v.has_level(user, "user"):
                raise PermissionDenied()
974 975 976
            networks.append(InterfaceTemplate(vlan=v, managed=v.managed))
        return networks

977 978 979 980
    def get_success_url(self):
        return reverse_lazy("dashboard.views.template-list")


981
class TemplateDetail(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
982
    model = InstanceTemplate
983 984
    template_name = "dashboard/template-edit.html"
    form_class = TemplateForm
985
    success_message = _("Successfully modified template.")
986 987

    def get(self, request, *args, **kwargs):
988
        template = self.get_object()
989
        if not template.has_level(request.user, 'user'):
990
            raise PermissionDenied()
991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011
        if request.is_ajax():
            template = {
                'num_cores': template.num_cores,
                'ram_size': template.ram_size,
                'priority': template.priority,
                'arch': template.arch,
                'description': template.description,
                'system': template.system,
                'name': template.name,
                'disks': [{'pk': d.pk, 'name': d.name}
                          for d in template.disks.all()],
                'network': [
                    {'vlan_pk': i.vlan.pk, 'vlan': i.vlan.name,
                     'managed': i.managed}
                    for i in InterfaceTemplate.objects.filter(
                        template=self.get_object()).all()
                ]
            }
            return HttpResponse(json.dumps(template),
                                content_type="application/json")
        else:
1012 1013
            return super(TemplateDetail, self).get(request, *args, **kwargs)

1014
    def get_context_data(self, **kwargs):
1015
        obj = self.get_object()
1016
        context = super(TemplateDetail, self).get_context_data(**kwargs)
1017 1018
        context['acl'] = get_vm_acl_data(obj)
        context['disks'] = obj.disks.all()
1019
        context['disk_add_form'] = DiskAddForm(
1020
            user=self.request.user,
1021
            is_template=True,
1022
            object_pk=obj.pk,
1023 1024
            prefix="disk",
        )
1025 1026
        return context

1027 1028 1029 1030
    def get_success_url(self):
        return reverse_lazy("dashboard.views.template-detail",
                            kwargs=self.kwargs)

1031 1032 1033 1034 1035 1036 1037
    def post(self, request, *args, **kwargs):
        template = self.get_object()
        if not template.has_level(request.user, 'owner'):
            raise PermissionDenied()
        for disk in self.get_object().disks.all():
            if not disk.has_level(request.user, 'user'):
                raise PermissionDenied()
1038 1039 1040
        for network in self.get_object().interface_set.all():
            if not network.vlan.has_level(request.user, "user"):
                raise PermissionDenied()
1041 1042
        return super(TemplateDetail, self).post(self, request, args, kwargs)

1043 1044 1045 1046 1047
    def get_form_kwargs(self):
        kwargs = super(TemplateDetail, self).get_form_kwargs()
        kwargs['user'] = self.request.user
        return kwargs

1048

1049
class TemplateList(LoginRequiredMixin, SingleTableView):
1050 1051 1052 1053 1054 1055 1056
    template_name = "dashboard/template-list.html"
    model = InstanceTemplate
    table_class = TemplateListTable
    table_pagination = False

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateList, self).get_context_data(*args, **kwargs)
1057 1058
        context['lease_table'] = LeaseListTable(Lease.objects.all(),
                                                request=self.request)
1059
        return context
1060

1061 1062 1063 1064 1065 1066
    def get_queryset(self):
        logger.debug('TemplateList.get_queryset() called. User: %s',
                     unicode(self.request.user))
        return InstanceTemplate.get_objects_with_level(
            'user', self.request.user).all()

1067

1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086
class TemplateDelete(LoginRequiredMixin, DeleteView):
    model = InstanceTemplate

    def get_success_url(self):
        return reverse("dashboard.views.template-list")

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/confirm/ajax-delete.html']
        else:
            return ['dashboard/confirm/base-delete.html']

    def delete(self, request, *args, **kwargs):
        object = self.get_object()
        if not object.has_level(request.user, 'owner'):
            raise PermissionDenied()

        object.delete()
        success_url = self.get_success_url()
1087
        success_message = _("Template successfully deleted.")
1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': success_message}),
                content_type="application/json",
            )
        else:
            messages.success(request, success_message)
            return HttpResponseRedirect(success_url)


1099
class VmList(LoginRequiredMixin, ListView):
Kálmán Viktor committed
1100
    template_name = "dashboard/vm-list.html"
1101

1102 1103
    def get(self, *args, **kwargs):
        if self.request.is_ajax():
1104 1105 1106 1107
            favs = Instance.objects.filter(
                favourite__user=self.request.user).values_list('pk', flat=True)
            instances = Instance.get_objects_with_level(
                'user', self.request.user).filter(
1108
                destroyed_at=None).all()
1109 1110 1111
            instances = [{
                'pk': i.pk,
                'name': i.name,
1112 1113 1114
                'icon': i.get_status_icon(),
                'host': "" if not i.primary_host else i.primary_host.hostname,
                'status': i.get_status_display(),
1115
                'fav': i.pk in favs} for i in instances]
1116
            return HttpResponse(
1117
                json.dumps(list(instances)),  # instances is ValuesQuerySet
1118 1119 1120 1121 1122
                content_type="application/json",
            )
        else:
            return super(VmList, self).get(*args, **kwargs)

1123
    def get_queryset(self):
1124
        logger.debug('VmList.get_queryset() called. User: %s',
1125
                     unicode(self.request.user))
1126
        queryset = Instance.get_objects_with_level(
1127
            'user', self.request.user).filter(destroyed_at=None)
1128 1129 1130
        s = self.request.GET.get("s")
        if s:
            queryset = queryset.filter(name__icontains=s)
1131 1132 1133 1134 1135

        sort = self.request.GET.get("sort")
        # remove "-" that means descending order
        # also check if the column name is valid
        if (sort and
1136
            (sort[1:] if sort[0] == "-" else sort)
1137
                in [i.name for i in Instance._meta.fields] + ["pk"]):
1138
            queryset = queryset.order_by(sort)
1139
        return queryset.select_related('owner', 'node')
1140

1141

1142
class NodeList(LoginRequiredMixin, SuperuserRequiredMixin, SingleTableView):
1143 1144 1145
    template_name = "dashboard/node-list.html"
    table_class = NodeListTable
    table_pagination = False
1146

1147 1148 1149 1150 1151
    def get(self, *args, **kwargs):
        if self.request.is_ajax():
            nodes = Node.objects.all()
            nodes = [{
                'name': i.name,
1152 1153
                'icon': i.get_status_icon(),
                'url': i.get_absolute_url(),
1154
                'label': i.get_status_label(),
1155
                'status': i.state.lower()} for i in nodes]
1156 1157

            return HttpResponse(
1158
                json.dumps(list(nodes)),
1159 1160 1161 1162 1163
                content_type="application/json",
            )
        else:
            return super(NodeList, self).get(*args, **kwargs)

1164 1165 1166 1167
    def get_queryset(self):
        return Node.objects.annotate(
            number_of_VMs=Count('instance_set')).select_related('host')

Őry Máté committed
1168

1169
class GroupList(LoginRequiredMixin, SingleTableView):
1170 1171 1172 1173 1174
    template_name = "dashboard/group-list.html"
    model = Group
    table_class = GroupListTable
    table_pagination = False

1175 1176 1177 1178 1179
    def get(self, *args, **kwargs):
        if self.request.is_ajax():
            groups = [{
                'url': reverse("dashboard.views.group-detail",
                               kwargs={'pk': i.pk}),
1180
                'name': i.name} for i in self.get_queryset()]
1181 1182 1183 1184 1185 1186
            return HttpResponse(
                json.dumps(list(groups)),
                content_type="application/json",
            )
        else:
            return super(GroupList, self).get(*args, **kwargs)
1187