models.py 14.4 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
# Copyright 2014 Budapest University of Technology and Economics (BME IK)
#
# This file is part of CIRCLE Cloud.
#
# CIRCLE is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# CIRCLE is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along
# with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.

18 19
from __future__ import absolute_import

20
from itertools import chain
21
from hashlib import md5
22 23
from logging import getLogger

24
from django.conf import settings
25
from django.contrib.auth.models import User, Group
26
from django.contrib.auth.signals import user_logged_in
27
from django.core.urlresolvers import reverse
28
from django.db.models import (
29
    Model, ForeignKey, OneToOneField, CharField, IntegerField, TextField,
30
    DateTimeField, permalink, BooleanField
31
)
32
from django.db.models.signals import post_save, pre_delete, post_delete
33
from django.templatetags.static import static
34
from django.utils.html import escape
35
from django.utils.translation import ugettext_lazy as _
36
from django_sshkey.models import UserKey
Guba Sándor committed
37
from django.core.exceptions import ObjectDoesNotExist
38

39 40
from sizefield.models import FileSizeField

41
from jsonfield import JSONField
42 43 44
from model_utils.models import TimeStampedModel
from model_utils.fields import StatusField
from model_utils import Choices
45

46
from acl.models import AclBase
47
from common.models import HumanReadableObject, create_readable, Encoder
48

49
from vm.models.instance import ACCESS_METHODS
50

51
from .store_api import Store, NoStoreException, NotOkException, Timeout
52
from .validators import connect_command_template_validator
53

54 55
logger = getLogger(__name__)

Bach Dániel committed
56 57 58

def pwgen():
    return User.objects.make_random_password()
59

60

61
class Favourite(Model):
62
    instance = ForeignKey("vm.Instance")
63
    user = ForeignKey(User)
64 65


66 67 68 69 70 71 72
class Notification(TimeStampedModel):
    STATUS = Choices(('new', _('new')),
                     ('delivered', _('delivered')),
                     ('read', _('read')))

    status = StatusField()
    to = ForeignKey(User)
73 74
    subject_data = JSONField(null=True, dump_kwargs={"cls": Encoder})
    message_data = JSONField(null=True, dump_kwargs={"cls": Encoder})
75
    valid_until = DateTimeField(null=True, default=None)
76 77 78 79 80

    class Meta:
        ordering = ['-created']

    @classmethod
81 82 83
    def send(cls, user, subject, template, context,
             valid_until=None, subject_context=None):
        hro = create_readable(template, user=user, **context)
84
        subject = create_readable(subject, **(subject_context or context))
85 86 87
        return cls.objects.create(to=user,
                                  subject_data=subject.to_dict(),
                                  message_data=hro.to_dict(),
88
                                  valid_until=valid_until)
89

90 91
    @property
    def subject(self):
92 93
        return HumanReadableObject.from_dict(
            self.escape_dict(self.subject_data))
94 95 96 97 98 99 100

    @subject.setter
    def subject(self, value):
        self.subject_data = None if value is None else value.to_dict()

    @property
    def message(self):
101 102 103 104 105 106 107 108
        return HumanReadableObject.from_dict(
            self.escape_dict(self.message_data))

    def escape_dict(self, data):
        for k, v in data['params'].items():
            if isinstance(v, basestring):
                data['params'][k] = escape(v)
        return data
109 110 111 112 113

    @message.setter
    def message(self, value):
        self.message_data = None if value is None else value.to_dict()

114

115 116 117 118
class ConnectCommand(Model):
    user = ForeignKey(User, related_name='command_set')
    access_method = CharField(max_length=10, choices=ACCESS_METHODS,
                              verbose_name=_('access method'),
119
                              help_text=_('Type of the remote access method.'))
120 121
    name = CharField(max_length="128", verbose_name=_('name'), blank=False,
                     help_text=_("Name of your custom command."))
122
    template = CharField(blank=True, null=True, max_length=256,
123 124 125 126
                         verbose_name=_('command template'),
                         help_text=_('Template for connection command string. '
                                     'Available parameters are: '
                                     'username, password, '
127 128
                                     'host, port.'),
                         validators=[connect_command_template_validator])
129

130 131 132
    class Meta:
        ordering = ('id', )

133 134
    def __unicode__(self):
        return self.template
135 136


137 138 139 140 141 142 143 144 145
class Profile(Model):
    user = OneToOneField(User)
    preferred_language = CharField(verbose_name=_('preferred language'),
                                   choices=settings.LANGUAGES,
                                   max_length=32,
                                   default=settings.LANGUAGE_CODE, blank=False)
    org_id = CharField(  # may be populated from eduPersonOrgId field
        unique=True, blank=True, null=True, max_length=64,
        help_text=_('Unique identifier of the person, e.g. a student number.'))
146
    instance_limit = IntegerField(default=5)
147
    use_gravatar = BooleanField(
148
        verbose_name=_("Use Gravatar"), default=True,
149
        help_text=_("Whether to use email address as Gravatar profile image"))
150 151
    email_notifications = BooleanField(
        verbose_name=_("Email notifications"), default=True,
152
        help_text=_('Whether user wants to get digested email notifications.'))
153 154 155 156 157
    smb_password = CharField(
        max_length=20,
        verbose_name=_('Samba password'),
        help_text=_(
            'Generated password for accessing store from '
Kálmán Viktor committed
158
            'virtual machines.'),
159 160
        default=pwgen,
    )
161
    disk_quota = FileSizeField(
162
        verbose_name=_('disk quota'),
163
        default=2048 * 1024 * 1024,
164
        help_text=_('Disk quota in mebibytes.'))
165

166
    def get_connect_commands(self, instance, use_ipv6=False):
167
        """ Generate connection command based on template."""
168 169 170
        single_command = instance.get_connect_command(use_ipv6)
        if single_command:  # can we even connect to that VM
            commands = self.user.command_set.filter(
171
                access_method=instance.access_method)
172 173 174 175 176 177 178 179 180 181
            if commands.count() < 1:
                return [single_command]
            else:
                return [
                    command.template % {
                        'port': instance.get_connect_port(use_ipv6=use_ipv6),
                        'host':  instance.get_connect_host(use_ipv6=use_ipv6),
                        'password': instance.pw,
                        'username': 'cloud',
                    } for command in commands]
182
        else:
183
            return []
184

185 186 187 188 189
    def notify(self, subject, template, context=None, valid_until=None,
               **kwargs):
        if context is not None:
            kwargs.update(context)
        return Notification.send(self.user, subject, template, kwargs,
190
                                 valid_until)
191

192
    def get_absolute_url(self):
Kálmán Viktor committed
193 194
        return reverse("dashboard.views.profile",
                       kwargs={'username': self.user.username})
195

196 197 198 199 200 201 202 203
    def get_avatar_url(self):
        if self.use_gravatar:
            gravatar_hash = md5(self.user.email).hexdigest()
            return ("https://secure.gravatar.com/avatar/%s"
                    "?s=200" % gravatar_hash)
        else:
            return static("dashboard/img/avatar.png")

204 205 206 207 208 209 210 211 212 213 214 215 216
    def get_display_name(self):
        if self.user.get_full_name():
            name = self.user.get_full_name()
        else:
            name = self.user.username

        if self.org_id:
            name = "%s (%s)" % (name, self.org_id)
        return name

    def __unicode__(self):
        return self.get_display_name()

217 218 219 220 221
    def save(self, *args, **kwargs):
        if self.org_id == "":
            self.org_id = None
        super(Profile, self).save(*args, **kwargs)

222
    class Meta:
223
        ordering = ('id', )
224 225 226 227
        permissions = (
            ('use_autocomplete', _('Can use autocomplete.')),
        )

Őry Máté committed
228

229 230 231 232 233 234
class FutureMember(Model):
    org_id = CharField(max_length=64, help_text=_(
        'Unique identifier of the person, e.g. a student number.'))
    group = ForeignKey(Group)

    class Meta:
235
        ordering = ('id', )
236 237 238 239 240
        unique_together = ('org_id', 'group')

    def __unicode__(self):
        return u"%s (%s)" % (self.org_id, self.group)

Őry Máté committed
241

242 243 244 245 246 247 248 249 250 251
class GroupProfile(AclBase):
    ACL_LEVELS = (
        ('operator', _('operator')),
        ('owner', _('owner')),
    )

    group = OneToOneField(Group)
    org_id = CharField(
        unique=True, blank=True, null=True, max_length=64,
        help_text=_('Unique identifier of the group at the organization.'))
252 253
    description = TextField(blank=True)

254 255 256
    class Meta:
        ordering = ('id', )

257 258 259
    def __unicode__(self):
        return self.group.name

260 261 262 263
    def save(self, *args, **kwargs):
        if not self.org_id:
            self.org_id = None
        super(GroupProfile, self).save(*args, **kwargs)
264 265 266 267 268 269 270 271

    @classmethod
    def search(cls, name):
        try:
            return cls.objects.get(org_id=name).group
        except cls.DoesNotExist:
            return Group.objects.get(name=name)

272 273 274 275 276
    @permalink
    def get_absolute_url(self):
        return ('dashboard.views.group-detail', None,
                {'pk': self.group.pk})

277 278

def get_or_create_profile(self):
279
    obj, created = GroupProfile.objects.get_or_create(group_id=self.pk)
280 281 282 283 284
    return obj

Group.profile = property(get_or_create_profile)


285
def create_profile(user):
286 287
    if not user.pk:
        return False
288
    profile, created = Profile.objects.get_or_create(user=user)
289

Őry Máté committed
290 291 292 293
    try:
        Store(user).create_user(profile.smb_password, None, profile.disk_quota)
    except:
        logger.exception("Can't create user %s", unicode(user))
294 295
    return created

296 297 298 299 300

def create_profile_hook(sender, user, request, **kwargs):
    return create_profile(user)

user_logged_in.connect(create_profile_hook)
301

302
if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
303
    logger.debug("Register save_org_id to djangosaml2 pre_user_save")
304 305
    from djangosaml2.signals import pre_user_save

306
    def save_org_id(sender, **kwargs):
307
        logger.debug("save_org_id called by %s", sender.username)
308
        attributes = kwargs.pop('attributes')
309
        atr = settings.SAML_ORG_ID_ATTRIBUTE
310 311 312 313 314 315
        try:
            value = attributes[atr][0]
        except Exception as e:
            value = None
            logger.info("save_org_id couldn't find attribute. %s", unicode(e))

316 317 318 319
        if sender.pk is None:
            sender.save()
            logger.debug("save_org_id saved user %s", unicode(sender))

320 321
        profile, created = Profile.objects.get_or_create(user=sender)
        if created or profile.org_id != value:
322 323
            logger.info("org_id of %s added to user %s's profile",
                        value, sender.username)
324 325
            profile.org_id = value
            profile.save()
326 327 328
        else:
            logger.debug("org_id of %s already added to user %s's profile",
                         value, sender.username)
329
        memberatrs = getattr(settings, 'SAML_GROUP_ATTRIBUTES', [])
330 331
        for group in chain(*[attributes[i]
                             for i in memberatrs if i in attributes]):
332 333 334 335 336 337 338 339 340
            try:
                g = GroupProfile.search(group)
            except Group.DoesNotExist:
                logger.debug('cant find membergroup %s', group)
            else:
                logger.debug('could find membergroup %s (%s)',
                             group, unicode(g))
                g.user_set.add(sender)

341 342 343 344
        for i in FutureMember.objects.filter(org_id=value):
            i.group.user_set.add(sender)
            i.delete()

345
        owneratrs = getattr(settings, 'SAML_GROUP_OWNER_ATTRIBUTES', [])
346 347
        for group in chain(*[attributes[i]
                             for i in owneratrs if i in attributes]):
348 349 350 351 352 353 354 355 356 357
            try:
                g = GroupProfile.search(group)
            except Group.DoesNotExist:
                logger.debug('cant find ownergroup %s', group)
            else:
                logger.debug('could find ownergroup %s (%s)',
                             group, unicode(g))
                g.profile.set_level(sender, 'owner')

        return False  # User did not change
358

359 360
    pre_user_save.connect(save_org_id)

361 362
else:
    logger.debug("Do not register save_org_id to djangosaml2 pre_user_save")
363 364


365 366 367
def update_store_profile(sender, **kwargs):
    profile = kwargs.get('instance')
    keys = [i.key for i in profile.user.userkey_set.all()]
Guba Sándor committed
368 369 370 371 372 373
    try:
        s = Store(profile.user)
        s.create_user(profile.smb_password, keys,
                      profile.disk_quota)
    except NoStoreException:
        logger.debug("Store is not available.")
374
    except (NotOkException, Timeout):
375
        logger.critical("Store is not accepting connections.")
Guba Sándor committed
376

377 378 379 380 381 382

post_save.connect(update_store_profile, sender=Profile)


def update_store_keys(sender, **kwargs):
    userkey = kwargs.get('instance')
Guba Sándor committed
383
    try:
Guba Sándor committed
384 385 386 387 388 389 390 391 392 393 394
        profile = userkey.user.profile
    except ObjectDoesNotExist:
        pass  # If there is no profile the user is deleted
    else:
        keys = [i.key for i in profile.user.userkey_set.all()]
        try:
            s = Store(userkey.user)
            s.create_user(profile.smb_password, keys,
                          profile.disk_quota)
        except NoStoreException:
            logger.debug("Store is not available.")
395 396
        except NotOkException:
            logger.critical("Store is not accepting connections.")
397 398 399 400 401 402


post_save.connect(update_store_keys, sender=UserKey)
post_delete.connect(update_store_keys, sender=UserKey)


403 404 405 406 407 408 409 410
def add_ssh_keys(sender, **kwargs):
    from vm.models import Instance

    userkey = kwargs.get('instance')
    instances = Instance.get_objects_with_level(
        'user', userkey.user).filter(status='RUNNING')
    for i in instances:
        logger.info('called add_keys(%s, %s)', i, userkey)
411
        i.install_keys(user=userkey.user, keys=[userkey.key])
412 413 414 415 416 417 418 419 420 421


def del_ssh_keys(sender, **kwargs):
    from vm.models import Instance

    userkey = kwargs.get('instance')
    instances = Instance.get_objects_with_level(
        'user', userkey.user).filter(status='RUNNING')
    for i in instances:
        logger.info('called del_keys(%s, %s)', i, userkey)
422
        i.remove_keys(user=userkey.user, keys=[userkey.key])
423 424 425 426


post_save.connect(add_ssh_keys, sender=UserKey)
pre_delete.connect(del_ssh_keys, sender=UserKey)