views.py 88.8 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
# Copyright 2014 Budapest University of Technology and Economics (BME IK)
#
# This file is part of CIRCLE Cloud.
#
# CIRCLE is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# CIRCLE is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along
# with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.

18
from __future__ import unicode_literals, absolute_import
19

20 21
from os import getenv
import json
Őry Máté committed
22
import logging
23
import re
24
import requests
25

26
from django.conf import settings
27
from django.contrib.auth.models import User, Group
Őry Máté committed
28
from django.contrib.auth.views import login, redirect_to_login
29
from django.contrib.messages import warning
30
from django.core.exceptions import (
31
    PermissionDenied, SuspiciousOperation,
32
)
33 34
from django.core import signing
from django.core.urlresolvers import reverse, reverse_lazy
35
from django.db.models import Count
36
from django.http import HttpResponse, HttpResponseRedirect, Http404
Őry Máté committed
37
from django.shortcuts import redirect, render, get_object_or_404
38
from django.views.decorators.http import require_GET
39
from django.views.generic.detail import SingleObjectMixin
40
from django.views.generic import (TemplateView, DetailView, View, DeleteView,
41
                                  UpdateView, CreateView, ListView)
42 43
from django.contrib import messages
from django.utils.translation import ugettext as _
44
from django.template.defaultfilters import title as title_filter
45
from django.template.loader import render_to_string
46
from django.template import RequestContext
47

48
from django.forms.models import inlineformset_factory
49
from django_tables2 import SingleTableView
50 51
from braces.views import LoginRequiredMixin, SuperuserRequiredMixin
from braces.views._access import AccessMixin
Kálmán Viktor committed
52

53
from .forms import (
54
    CircleAuthenticationForm, DiskAddForm, HostForm, LeaseForm, MyProfileForm,
55
    NodeForm, TemplateForm, TraitForm, VmCustomizeForm,
56
    CirclePasswordChangeForm
57
)
58
from .tables import (NodeListTable, NodeVmListTable,
59
                     TemplateListTable, LeaseListTable, GroupListTable,)
Őry Máté committed
60 61 62 63
from vm.models import (
    Instance, instance_activity, InstanceActivity, InstanceTemplate, Interface,
    InterfaceTemplate, Lease, Node, NodeActivity, Trait,
)
64
from storage.models import Disk
65
from firewall.models import Vlan, Host, Rule
66
from .models import Favourite, Profile
67

Őry Máté committed
68
logger = logging.getLogger(__name__)
69

70

71 72 73 74
def search_user(keyword):
    try:
        return User.objects.get(username=keyword)
    except User.DoesNotExist:
75 76 77 78
        try:
            return User.objects.get(profile__org_id=keyword)
        except User.DoesNotExist:
            return User.objects.get(email=keyword)
79 80


81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98
# github.com/django/django/blob/stable/1.6.x/django/contrib/messages/views.py
class SuccessMessageMixin(object):
    """
    Adds a success message on successful form submission.
    """
    success_message = ''

    def form_valid(self, form):
        response = super(SuccessMessageMixin, self).form_valid(form)
        success_message = self.get_success_message(form.cleaned_data)
        if success_message:
            messages.success(self.request, success_message)
        return response

    def get_success_message(self, cleaned_data):
        return self.success_message % cleaned_data


99
class IndexView(LoginRequiredMixin, TemplateView):
Kálmán Viktor committed
100
    template_name = "dashboard/index.html"
101

102
    def get_context_data(self, **kwargs):
103
        user = self.request.user
104
        context = super(IndexView, self).get_context_data(**kwargs)
105

106
        # instances
107
        favs = Instance.objects.filter(favourite__user=self.request.user)
108
        instances = Instance.get_objects_with_level(
109
            'user', user, disregard_superuser=True).filter(destroyed_at=None)
110 111 112
        display = list(favs) + list(set(instances) - set(favs))
        for d in display:
            d.fav = True if d in favs else False
113
        context.update({
114
            'instances': display[:5],
115
            'more_instances': instances.count() - len(instances[:5])
116 117
        })

118 119
        running = instances.filter(status='RUNNING')
        stopped = instances.exclude(status__in=('RUNNING', 'NOSTATE'))
120

121
        context.update({
122 123 124
            'running_vms': running[:20],
            'running_vm_num': running.count(),
            'stopped_vm_num': stopped.count()
125
        })
126

127 128 129 130
        # nodes
        if user.is_superuser:
            nodes = Node.objects.all()
            context.update({
131 132
                'nodes': nodes[:5],
                'more_nodes': nodes.count() - len(nodes[:5]),
133 134 135 136 137 138 139 140 141 142 143 144
                'sum_node_num': nodes.count(),
                'node_num': {
                    'running': Node.get_state_count(True, True),
                    'missing': Node.get_state_count(False, True),
                    'disabled': Node.get_state_count(True, False),
                    'offline': Node.get_state_count(False, False)
                }
            })

        # groups
        groups = Group.objects.all()
        context.update({
145 146
            'groups': groups[:5],
            'more_groups': groups.count() - len(groups[:5]),
147 148 149 150 151 152 153
        })

        # template
        if user.has_perm('vm.create_template'):
            context['templates'] = InstanceTemplate.get_objects_with_level(
                'operator', user).all()[:5]

154 155
        return context

156

157
def get_vm_acl_data(obj):
158 159 160 161 162 163 164 165 166
    levels = obj.ACL_LEVELS
    users = obj.get_users_with_level()
    users = [{'user': u, 'level': l} for u, l in users]
    groups = obj.get_groups_with_level()
    groups = [{'group': g, 'level': l} for g, l in groups]
    return {'users': users, 'groups': groups, 'levels': levels,
            'url': reverse('dashboard.views.vm-acl', args=[obj.pk])}


167 168 169 170 171 172 173 174 175 176 177
def get_group_acl_data(obj):
    aclobj = obj.profile
    levels = aclobj.ACL_LEVELS
    users = aclobj.get_users_with_level()
    users = [{'user': u, 'level': l} for u, l in users]
    groups = aclobj.get_groups_with_level()
    groups = [{'group': g, 'level': l} for g, l in groups]
    return {'users': users, 'groups': groups, 'levels': levels,
            'url': reverse('dashboard.views.group-acl', args=[obj.pk])}


178
class CheckedDetailView(LoginRequiredMixin, DetailView):
179 180
    read_level = 'user'

181 182 183
    def get_has_level(self):
        return self.object.has_level

184 185
    def get_context_data(self, **kwargs):
        context = super(CheckedDetailView, self).get_context_data(**kwargs)
186
        if not self.get_has_level()(self.request.user, self.read_level):
187 188 189 190
            raise PermissionDenied()
        return context


191 192 193 194 195 196 197 198 199
class VmDetailVncTokenView(CheckedDetailView):
    template_name = "dashboard/vm-detail.html"
    model = Instance

    def get(self, request, **kwargs):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'operator'):
            raise PermissionDenied()
        if self.object.node:
200 201 202 203 204 205 206 207
            with instance_activity(code_suffix='console-accessed',
                                   instance=self.object, user=request.user,
                                   concurrency_check=False):
                port = self.object.vnc_port
                host = str(self.object.node.host.ipv4)
                value = signing.dumps({'host': host, 'port': port},
                                      key=getenv("PROXY_SECRET", 'asdasd')),
                return HttpResponse('vnc/?d=%s' % value)
208 209 210 211
        else:
            raise Http404()


212
class VmDetailView(CheckedDetailView):
Kálmán Viktor committed
213
    template_name = "dashboard/vm-detail.html"
214
    model = Instance
215 216

    def get_context_data(self, **kwargs):
217
        context = super(VmDetailView, self).get_context_data(**kwargs)
218
        instance = context['instance']
219 220 221
        context.update({
            'graphite_enabled': VmGraphView.get_graphite_url() is not None,
            'vnc_url': reverse_lazy("dashboard.views.detail-vnc",
222
                                    kwargs={'pk': self.object.pk}),
223
            'ops': get_operations(instance, self.request.user),
224
        })
225 226

        # activity data
227
        context['activities'] = self.object.get_activities(self.request.user)
228

229
        context['vlans'] = Vlan.get_objects_with_level(
230
            'user', self.request.user
231
        ).exclude(  # exclude already added interfaces
232 233 234
            pk__in=Interface.objects.filter(
                instance=self.get_object()).values_list("vlan", flat=True)
        ).all()
235
        context['acl'] = get_vm_acl_data(instance)
236
        context['forms'] = {
237
            'disk_add_form': DiskAddForm(
238
                user=self.request.user,
239
                is_template=False, object_pk=self.get_object().pk,
240
                prefix="disk"),
241
        }
242 243
        context['os_type_icon'] = instance.os_type.replace("unknown",
                                                           "question")
244
        return context
Kálmán Viktor committed
245

246 247 248 249 250
    def post(self, request, *args, **kwargs):
        if (request.POST.get('ram-size') and request.POST.get('cpu-count')
                and request.POST.get('cpu-priority')):
            return self.__set_resources(request)

251 252 253
        options = {
            'change_password': self.__change_password,
            'new_name': self.__set_name,
254
            'new_description': self.__set_description,
255 256
            'new_tag': self.__add_tag,
            'to_remove': self.__remove_tag,
257 258
            'port': self.__add_port,
            'new_network_vlan': self.__new_network,
259
            'abort_operation': self.__abort_operation,
260 261 262 263
        }
        for k, v in options.iteritems():
            if request.POST.get(k) is not None:
                return v(request)
Kálmán Viktor committed
264

265 266 267 268
    def __change_password(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
Kálmán Viktor committed
269

270 271 272 273 274 275 276
        self.object.change_password(user=request.user)
        messages.success(request, _("Password changed!"))
        if request.is_ajax():
            return HttpResponse("Success!")
        else:
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.object.pk}))
277

278 279 280 281
    def __set_resources(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
282 283
        if not request.user.has_perm('vm.change_resources'):
            raise PermissionDenied()
284 285 286 287

        resources = {
            'num_cores': request.POST.get('cpu-count'),
            'ram_size': request.POST.get('ram-size'),
288
            'max_ram_size': request.POST.get('ram-size'),  # TODO: max_ram
289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304
            'priority': request.POST.get('cpu-priority')
        }
        Instance.objects.filter(pk=self.object.pk).update(**resources)

        success_message = _("Resources successfully updated!")
        if request.is_ajax():
            response = {'message': success_message}
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.object.pk}))

305 306
    def __set_name(self, request):
        self.object = self.get_object()
307 308
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325
        new_name = request.POST.get("new_name")
        Instance.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

        success_message = _("VM successfully renamed!")
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
                'vm_pk': self.object.pk
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349
            return redirect(self.object.get_absolute_url())

    def __set_description(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()

        new_description = request.POST.get("new_description")
        Instance.objects.filter(pk=self.object.pk).update(
            **{'description': new_description})

        success_message = _("VM description successfully updated!")
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_description': new_description,
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(self.object.get_absolute_url())
350

Kálmán Viktor committed
351 352 353
    def __add_tag(self, request):
        new_tag = request.POST.get('new_tag')
        self.object = self.get_object()
354 355
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()
Kálmán Viktor committed
356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375

        if len(new_tag) < 1:
            message = u"Please input something!"
        elif len(new_tag) > 20:
            message = u"Tag name is too long!"
        else:
            self.object.tags.add(new_tag)

        try:
            messages.error(request, message)
        except:
            pass

        return redirect(reverse_lazy("dashboard.views.detail",
                                     kwargs={'pk': self.object.pk}))

    def __remove_tag(self, request):
        try:
            to_remove = request.POST.get('to_remove')
            self.object = self.get_object()
376 377
            if not self.object.has_level(request.user, 'owner'):
                raise PermissionDenied()
Kálmán Viktor committed
378 379 380 381 382 383 384 385 386 387 388

            self.object.tags.remove(to_remove)
            message = u"Success"
        except:  # note this won't really happen
            message = u"Not success"

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': message}),
                content_type="application=json"
            )
389 390 391
        else:
            return redirect(reverse_lazy("dashboard.views.detail",
                            kwargs={'pk': self.object.pk}))
Kálmán Viktor committed
392

393 394
    def __add_port(self, request):
        object = self.get_object()
395 396
        if (not object.has_level(request.user, 'owner') or
                not request.user.has_perm('vm.config_ports')):
397
            raise PermissionDenied()
398 399 400 401 402 403

        port = request.POST.get("port")
        proto = request.POST.get("proto")

        try:
            error = None
404 405 406
            interfaces = object.interface_set.all()
            host = Host.objects.get(pk=request.POST.get("host_pk"),
                                    interface__in=interfaces)
407
            host.add_port(proto, private=port)
408 409 410 411 412
        except Host.DoesNotExist:
            logger.error('Tried to add port to nonexistent host %d. User: %s. '
                         'Instance: %s', request.POST.get("host_pk"),
                         unicode(request.user), object)
            raise PermissionDenied()
413 414
        except ValueError:
            error = _("There is a problem with your input!")
415
        except Exception as e:
Bach Dániel committed
416 417
            error = _("Unknown error.")
            logger.error(e)
418 419 420 421 422 423 424 425 426

        if request.is_ajax():
            pass
        else:
            if error:
                messages.error(request, error)
            return redirect(reverse_lazy("dashboard.views.detail",
                                         kwargs={'pk': self.get_object().pk}))

427 428 429 430 431
    def __new_network(self, request):
        self.object = self.get_object()
        if not self.object.has_level(request.user, 'owner'):
            raise PermissionDenied()

432
        vlan = get_object_or_404(Vlan, pk=request.POST.get("new_network_vlan"))
433 434
        if not vlan.has_level(request.user, 'user'):
            raise PermissionDenied()
435
        try:
436
            self.object.add_interface(vlan=vlan, user=request.user)
437 438 439 440 441 442 443 444
            messages.success(request, _("Successfully added new interface!"))
        except Exception, e:
            error = u' '.join(e.messages)
            messages.error(request, error)

        return redirect("%s#network" % reverse_lazy(
            "dashboard.views.detail", kwargs={'pk': self.object.pk}))

445
    def __abort_operation(self, request):
Kálmán Viktor committed
446 447 448 449
        self.object = self.get_object()

        activity = get_object_or_404(InstanceActivity,
                                     pk=request.POST.get("activity"))
450 451
        if not activity.is_abortable_for(request.user):
            raise PermissionDenied()
Kálmán Viktor committed
452 453 454
        activity.abort()
        return redirect("%s#activity" % self.object.get_absolute_url())

455

456
class OperationView(DetailView):
457

458
    template_name = 'dashboard/operate.html'
459

460 461 462
    @property
    def name(self):
        return self.get_op().name
463

464 465 466
    @property
    def description(self):
        return self.get_op().description
467

468 469 470
    @classmethod
    def get_urlname(cls):
        return 'dashboard.vm.op.%s' % cls.op
471

472 473
    def get_url(self):
        return reverse(self.get_urlname(), args=(self.get_object().pk, ))
474

475 476 477 478 479
    def get_wrapper_template_name(self):
        if self.request.is_ajax():
            return 'dashboard/_modal.html'
        else:
            return 'dashboard/_base.html'
480

481 482 483
    @classmethod
    def get_op_by_object(cls, obj):
        return getattr(obj, cls.op)
484

485 486 487 488
    def get_op(self):
        if not hasattr(self, '_opobj'):
            setattr(self, '_opobj', getattr(self.get_object(), self.op))
        return self._opobj
489

490
    def get_context_data(self, **kwargs):
491
        ctx = super(OperationView, self).get_context_data(**kwargs)
492 493 494
        ctx['op'] = self.get_op()
        ctx['url'] = self.request.path
        return ctx
495

496 497 498 499 500 501 502
    def get(self, request, *args, **kwargs):
        self.get_op().check_auth(request.user)
        response = super(OperationView, self).get(request, *args, **kwargs)
        response.render()
        response.content = render_to_string(self.get_wrapper_template_name(),
                                            {'body': response.content})
        return response
503

504
    def post(self, request, extra=None, *args, **kwargs):
505
        self.object = self.get_object()
506 507
        if extra is None:
            extra = {}
508
        try:
509
            self.get_op().async(user=request.user, **extra)
510 511 512
        except Exception as e:
            messages.error(request, _('Could not start operation.'))
            logger.error(e)
513
        return redirect("%s#activity" % self.object.get_absolute_url())
514

515 516 517 518
    @classmethod
    def factory(cls, op, icon='cog'):
        return type(str(cls.__name__ + op),
                    (cls, ), {'op': op, 'icon': icon})
519

520 521 522 523 524 525 526 527 528 529
    @classmethod
    def bind_to_object(cls, instance):
        v = cls()
        v.get_object = lambda: instance
        return v


class VmOperationView(OperationView):

    model = Instance
530
    context_object_name = 'instance'  # much simpler to mock object
531

532

533 534 535 536 537 538 539
class VmMigrateView(VmOperationView):

    op = 'migrate'
    icon = 'truck'
    template_name = 'dashboard/_vm-migrate.html'

    def get_context_data(self, **kwargs):
540
        ctx = super(VmMigrateView, self).get_context_data(**kwargs)
541 542 543 544 545
        ctx['nodes'] = [n for n in Node.objects.filter(enabled=True)
                        if n.state == "ONLINE"]
        return ctx

    def post(self, request, extra=None, *args, **kwargs):
546 547
        if extra is None:
            extra = {}
548 549 550 551 552 553 554
        node = self.request.POST.get("node")
        if node:
            node = get_object_or_404(Node, pk=node)
            extra["to_node"] = node
        return super(VmMigrateView, self).post(request, extra, *args, **kwargs)


555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574
class VmSaveView(VmOperationView):

    op = 'save_as_template'
    icon = 'save'
    template_name = 'dashboard/_vm-save.html'

    def get_context_data(self, **kwargs):
        ctx = super(VmSaveView, self).get_context_data(**kwargs)
        ctx['name'] = self.get_op()._rename(self.object.name)
        return ctx

    def post(self, request, extra=None, *args, **kwargs):
        if extra is None:
            extra = {}
        name = self.request.POST.get("name")
        if name:
            extra["name"] = name
        return super(VmSaveView, self).post(request, extra, *args, **kwargs)


575 576 577
vm_ops = {
    'reset': VmOperationView.factory(op='reset', icon='bolt'),
    'deploy': VmOperationView.factory(op='deploy', icon='play'),
578
    'migrate': VmMigrateView,
579 580 581
    'reboot': VmOperationView.factory(op='reboot', icon='refresh'),
    'shut_off': VmOperationView.factory(op='shut_off', icon='ban-circle'),
    'shutdown': VmOperationView.factory(op='shutdown', icon='off'),
582
    'save_as_template': VmSaveView,
583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600
    'destroy': VmOperationView.factory(op='destroy', icon='remove'),
    'sleep': VmOperationView.factory(op='sleep', icon='moon'),
    'wake_up': VmOperationView.factory(op='wake_up', icon='sun'),
}


def get_operations(instance, user):
    ops = []
    for k, v in vm_ops.iteritems():
        try:
            op = v.get_op_by_object(instance)
            op.check_auth(user)
            op.check_precond()
        except:
            pass  # unavailable
        else:
            ops.append(v.bind_to_object(instance))
    return ops
601

Kálmán Viktor committed
602

603
class NodeDetailView(LoginRequiredMixin, SuperuserRequiredMixin, DetailView):
604 605
    template_name = "dashboard/node-detail.html"
    model = Node
606 607
    form = None
    form_class = TraitForm
608

609 610 611
    def get_context_data(self, form=None, **kwargs):
        if form is None:
            form = self.form_class()
612
        context = super(NodeDetailView, self).get_context_data(**kwargs)
613 614
        instances = Instance.active.filter(node=self.object)
        context['table'] = NodeVmListTable(instances)
615 616 617 618
        na = NodeActivity.objects.filter(
            node=self.object, parent=None
        ).order_by('-started').select_related()
        context['activities'] = na
619
        context['trait_form'] = form
620 621
        context['graphite_enabled'] = (
            NodeGraphView.get_graphite_url() is not None)
622 623
        return context

624 625 626
    def post(self, request, *args, **kwargs):
        if request.POST.get('new_name'):
            return self.__set_name(request)
627 628
        if request.POST.get('to_remove'):
            return self.__remove_trait(request)
629 630
        return redirect(reverse_lazy("dashboard.views.node-detail",
                                     kwargs={'pk': self.get_object().pk}))
631 632 633 634 635 636 637 638 639 640 641 642 643

    def __set_name(self, request):
        self.object = self.get_object()
        new_name = request.POST.get("new_name")
        Node.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

        success_message = _("Node successfully renamed!")
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
                'node_pk': self.object.pk
644 645 646 647 648 649 650 651 652 653
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.node-detail",
                                         kwargs={'pk': self.object.pk}))

654 655 656 657
    def __remove_trait(self, request):
        try:
            to_remove = request.POST.get('to_remove')
            self.object = self.get_object()
658
            self.object.traits.remove(to_remove)
659 660 661 662 663 664 665
            message = u"Success"
        except:  # note this won't really happen
            message = u"Not success"

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': message}),
666
                content_type="application/json"
667
            )
668
        else:
669
            return redirect(self.object.get_absolute_url())
670

671

672
class GroupDetailView(CheckedDetailView):
673 674
    template_name = "dashboard/group-detail.html"
    model = Group
675 676 677

    def get_has_level(self):
        return self.object.profile.has_level
678 679 680

    def get_context_data(self, **kwargs):
        context = super(GroupDetailView, self).get_context_data(**kwargs)
681 682 683
        context['group'] = self.object
        context['users'] = self.object.user_set.all()
        context['acl'] = get_group_acl_data(self.object)
684 685 686
        return context

    def post(self, request, *args, **kwargs):
687

688 689 690 691 692 693 694 695 696
        if request.POST.get('new_name'):
            return self.__set_name(request)

    def __set_name(self, request):
        self.object = self.get_object()
        new_name = request.POST.get("new_name")
        Group.objects.filter(pk=self.object.pk).update(
            **{'name': new_name})

697
        success_message = _("Group successfully renamed!")
698 699 700 701
        if request.is_ajax():
            response = {
                'message': success_message,
                'new_name': new_name,
702
                'group_pk': self.object.pk
703 704 705 706 707 708 709 710 711 712 713
            }
            return HttpResponse(
                json.dumps(response),
                content_type="application/json"
            )
        else:
            messages.success(request, success_message)
            return redirect(reverse_lazy("dashboard.views.group-detail",
                                         kwargs={'pk': self.object.pk}))


714
class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
715

716
    def post(self, request, *args, **kwargs):
717
        instance = self.get_object()
718 719
        if not (instance.has_level(request.user, "owner") or
                getattr(instance, 'owner', None) == request.user):
Őry Máté committed
720 721
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(instance), unicode(request.user))
722
            raise PermissionDenied()
723
        self.set_levels(request, instance)
724
        self.remove_levels(request, instance)
725
        self.add_levels(request, instance)
726
        return redirect("%s#access" % instance.get_absolute_url())
727 728

    def set_levels(self, request, instance):
729 730 731
        for key, value in request.POST.items():
            m = re.match('perm-([ug])-(\d+)', key)
            if m:
732 733
                typ, id = m.groups()
                entity = {'u': User, 'g': Group}[typ].objects.get(id=id)
734
                if getattr(instance, "owner", None) == entity:
735 736 737
                    logger.info("Tried to set owner's acl level for %s by %s.",
                                unicode(instance), unicode(request.user))
                    continue
738
                instance.set_level(entity, value)
Őry Máté committed
739 740 741
                logger.info("Set %s's acl level for %s to %s by %s.",
                            unicode(entity), unicode(instance),
                            value, unicode(request.user))
742

743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760
    def remove_levels(self, request, instance):
        for key, value in request.POST.items():
            if key.startswith("remove"):
                typ = key[7:8]  # len("remove-")
                id = key[9:]  # len("remove-x-")
                entity = {'u': User, 'g': Group}[typ].objects.get(id=id)
                if getattr(instance, "owner", None) == entity:
                    logger.info("Tried to remove owner from %s by %s.",
                                unicode(instance), unicode(request.user))
                    msg = _("The original owner cannot be removed, however "
                            "you can transfer ownership!")
                    messages.warning(request, msg)
                    continue
                instance.set_level(entity, None)
                logger.info("Revoked %s's access to %s by %s.",
                            unicode(entity), unicode(instance),
                            unicode(request.user))

761
    def add_levels(self, request, instance):
762 763
        name = request.POST['perm-new-name']
        value = request.POST['perm-new']
764 765 766 767 768 769
        if not name:
            return
        try:
            entity = User.objects.get(username=name)
        except User.DoesNotExist:
            entity = None
770 771
            try:
                entity = Group.objects.get(name=name)
772 773 774 775
            except Group.DoesNotExist:
                warning(request, _('User or group "%s" not found.') % name)
                return

776
        instance.set_level(entity, value)
Őry Máté committed
777 778 779
        logger.info("Set %s's new acl level for %s to %s by %s.",
                    unicode(entity), unicode(instance),
                    value, unicode(request.user))
780

Kálmán Viktor committed
781

782 783 784 785 786 787 788 789 790 791
class TemplateAclUpdateView(AclUpdateView):
    model = InstanceTemplate

    def post(self, request, *args, **kwargs):
        template = self.get_object()
        if not (template.has_level(request.user, "owner") or
                getattr(template, 'owner', None) == request.user):
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(template), unicode(request.user))
            raise PermissionDenied()
792 793 794 795 796 797 798 799 800

        name = request.POST['perm-new-name']
        if (User.objects.filter(username=name).count() +
                Group.objects.filter(name=name).count() < 1
                and len(name) > 0):
            warning(request, _('User or group "%s" not found.') % name)
        else:
            self.set_levels(request, template)
            self.add_levels(request, template)
801
            self.remove_levels(request, template)
802 803 804 805 806 807

            post_for_disk = request.POST.copy()
            post_for_disk['perm-new'] = 'user'
            request.POST = post_for_disk
            for d in template.disks.all():
                self.add_levels(request, d)
808

809
        return redirect(template)
810 811


812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854
class GroupAclUpdateView(AclUpdateView):
    model = Group

    def post(self, request, *args, **kwargs):
        instance = self.get_object().profile
        if not (instance.has_level(request.user, "owner") or
                getattr(instance, 'owner', None) == request.user):
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(instance), unicode(request.user))
            raise PermissionDenied()
        name = request.POST['perm-new-name']
        if (User.objects.filter(username=name).count() +
                Group.objects.filter(name=name).count() < 1
                and len(name) > 0):
            warning(request, _('User or group "%s" not found.') % name)
        else:
            self.set_levels(request, instance)
            self.add_levels(request, instance)
#        return redirect(self.profile)
        return redirect(reverse("dashboard.views.group-detail",
                                kwargs=self.kwargs))

    def repost(self, request, *args, **kwargs):
        group = self.get_object()
        if not (group.profile.has_level(request.user, "owner") or
                getattr(group.profile, 'owner', None) == request.user):
            logger.warning('Tried to set permissions of %s by non-owner %s.',
                           unicode(group), unicode(request.user))
            raise PermissionDenied()

        name = request.POST['perm-new-name']
        if (User.objects.filter(username=name).count() +
                Group.objects.filter(name=name).count() < 1
                and len(name) > 0):
            warning(request, _('User or group "%s" not found.') % name)
        else:
            self.set_levels(request, group.profile)
            self.add_levels(request, group.profile)

        return redirect(reverse("dashboard.views.group-detail",
                                kwargs=self.kwargs))


855 856 857 858 859 860 861 862 863 864
class TemplateChoose(TemplateView):

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/modal-wrapper.html']
        else:
            return ['dashboard/nojs-wrapper.html']

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateChoose, self).get_context_data(*args, **kwargs)
865
        templates = InstanceTemplate.get_objects_with_level("user",
866 867 868 869
                                                            self.request.user)
        context.update({
            'box_title': _('Choose template'),
            'ajax_title': False,
870
            'template': "dashboard/_template-choose.html",
871
            'templates': templates.all(),
872 873 874
        })
        return context

875 876 877 878 879 880 881
    def post(self, request, *args, **kwargs):
        if not request.user.has_perm('vm.create_template'):
            raise PermissionDenied()

        template = request.POST.get("parent")
        if template == "base_vm":
            return redirect(reverse("dashboard.views.template-create"))
882 883 884
        elif template is None:
            messages.warning(request, _("Select an option to proceed!"))
            return redirect(reverse("dashboard.views.template-choose"))
885 886 887 888 889 890 891 892
        else:
            template = get_object_or_404(InstanceTemplate, pk=template)

        instance = Instance.create_from_template(
            template=template, owner=request.user, is_base=True)

        return redirect(instance.get_absolute_url())

893

894 895 896 897
class TemplateCreate(SuccessMessageMixin, CreateView):
    model = InstanceTemplate
    form_class = TemplateForm

898 899
    def get_template_names(self):
        if self.request.is_ajax():
900
            pass
901 902 903 904 905 906 907
        else:
            return ['dashboard/nojs-wrapper.html']

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateCreate, self).get_context_data(*args, **kwargs)

        context.update({
908
            'box_title': _("Create a new base VM"),
909
            'template': "dashboard/_template-create.html",
910
            'leases': Lease.objects.count()
911 912 913
        })
        return context

914
    def get(self, *args, **kwargs):
915 916
        if not self.request.user.has_perm('vm.create_template'):
            raise PermissionDenied()
917

918 919 920 921
        return super(TemplateCreate, self).get(*args, **kwargs)

    def get_form_kwargs(self):
        kwargs = super(TemplateCreate, self).get_form_kwargs()
922
        kwargs['user'] = self.request.user
923 924
        return kwargs

925 926 927
    def post(self, request, *args, **kwargs):
        if not self.request.user.has_perm('vm.create_template'):
            raise PermissionDenied()
928 929

        form = self.form_class(request.POST, user=request.user)
930 931
        if not form.is_valid():
            return self.get(request, form, *args, **kwargs)
932
        else:
933
            post = form.cleaned_data
934 935
            networks = self.__create_networks(post.pop("networks"),
                                              request.user)
936
            post.pop("parent")
937
            post['max_ram_size'] = post['ram_size']
938 939 940 941 942 943 944
            req_traits = post.pop("req_traits")
            tags = post.pop("tags")
            post['pw'] = User.objects.make_random_password()
            post['is_base'] = True
            inst = Instance.create(params=post, disks=[],
                                   networks=networks,
                                   tags=tags, req_traits=req_traits)
945

946
            return redirect("%s#resources" % inst.get_absolute_url())
947

948 949
        return super(TemplateCreate, self).post(self, request, args, kwargs)

950
    def __create_networks(self, vlans, user):
951 952
        networks = []
        for v in vlans:
953 954
            if not v.has_level(user, "user"):
                raise PermissionDenied()
955 956 957
            networks.append(InterfaceTemplate(vlan=v, managed=v.managed))
        return networks

958 959 960 961
    def get_success_url(self):
        return reverse_lazy("dashboard.views.template-list")


962
class TemplateDetail(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
963
    model = InstanceTemplate
964 965 966
    template_name = "dashboard/template-edit.html"
    form_class = TemplateForm
    success_message = _("Successfully modified template!")
967 968

    def get(self, request, *args, **kwargs):
969
        template = self.get_object()
970
        if not template.has_level(request.user, 'user'):
971
            raise PermissionDenied()
972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992
        if request.is_ajax():
            template = {
                'num_cores': template.num_cores,
                'ram_size': template.ram_size,
                'priority': template.priority,
                'arch': template.arch,
                'description': template.description,
                'system': template.system,
                'name': template.name,
                'disks': [{'pk': d.pk, 'name': d.name}
                          for d in template.disks.all()],
                'network': [
                    {'vlan_pk': i.vlan.pk, 'vlan': i.vlan.name,
                     'managed': i.managed}
                    for i in InterfaceTemplate.objects.filter(
                        template=self.get_object()).all()
                ]
            }
            return HttpResponse(json.dumps(template),
                                content_type="application/json")
        else:
993 994
            return super(TemplateDetail, self).get(request, *args, **kwargs)

995
    def get_context_data(self, **kwargs):
996
        obj = self.get_object()
997
        context = super(TemplateDetail, self).get_context_data(**kwargs)
998 999
        context['acl'] = get_vm_acl_data(obj)
        context['disks'] = obj.disks.all()
1000
        context['disk_add_form'] = DiskAddForm(
1001
            user=self.request.user,
1002
            is_template=True,
1003
            object_pk=obj.pk,
1004 1005
            prefix="disk",
        )
1006 1007
        return context

1008 1009 1010 1011
    def get_success_url(self):
        return reverse_lazy("dashboard.views.template-detail",
                            kwargs=self.kwargs)

1012 1013 1014 1015 1016 1017 1018
    def post(self, request, *args, **kwargs):
        template = self.get_object()
        if not template.has_level(request.user, 'owner'):
            raise PermissionDenied()
        for disk in self.get_object().disks.all():
            if not disk.has_level(request.user, 'user'):
                raise PermissionDenied()
1019 1020 1021
        for network in self.get_object().interface_set.all():
            if not network.vlan.has_level(request.user, "user"):
                raise PermissionDenied()
1022 1023
        return super(TemplateDetail, self).post(self, request, args, kwargs)

1024 1025 1026 1027 1028
    def get_form_kwargs(self):
        kwargs = super(TemplateDetail, self).get_form_kwargs()
        kwargs['user'] = self.request.user
        return kwargs

1029

1030
class TemplateList(LoginRequiredMixin, SingleTableView):
1031 1032 1033 1034 1035 1036 1037
    template_name = "dashboard/template-list.html"
    model = InstanceTemplate
    table_class = TemplateListTable
    table_pagination = False

    def get_context_data(self, *args, **kwargs):
        context = super(TemplateList, self).get_context_data(*args, **kwargs)
1038 1039
        context['lease_table'] = LeaseListTable(Lease.objects.all(),
                                                request=self.request)
1040
        return context
1041

1042 1043 1044 1045 1046 1047
    def get_queryset(self):
        logger.debug('TemplateList.get_queryset() called. User: %s',
                     unicode(self.request.user))
        return InstanceTemplate.get_objects_with_level(
            'user', self.request.user).all()

1048

1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079
class TemplateDelete(LoginRequiredMixin, DeleteView):
    model = InstanceTemplate

    def get_success_url(self):
        return reverse("dashboard.views.template-list")

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/confirm/ajax-delete.html']
        else:
            return ['dashboard/confirm/base-delete.html']

    def delete(self, request, *args, **kwargs):
        object = self.get_object()
        if not object.has_level(request.user, 'owner'):
            raise PermissionDenied()

        object.delete()
        success_url = self.get_success_url()
        success_message = _("Template successfully deleted!")

        if request.is_ajax():
            return HttpResponse(
                json.dumps({'message': success_message}),
                content_type="application/json",
            )
        else:
            messages.success(request, success_message)
            return HttpResponseRedirect(success_url)


1080
class VmList(LoginRequiredMixin, ListView):
Kálmán Viktor committed
1081
    template_name = "dashboard/vm-list.html"
1082

1083 1084
    def get(self, *args, **kwargs):
        if self.request.is_ajax():
1085 1086 1087 1088
            favs = Instance.objects.filter(
                favourite__user=self.request.user).values_list('pk', flat=True)
            instances = Instance.get_objects_with_level(
                'user', self.request.user).filter(
1089
                destroyed_at=None).all()
1090 1091 1092
            instances = [{
                'pk': i.pk,
                'name': i.name,
1093 1094 1095
                'icon': i.get_status_icon(),
                'host': "" if not i.primary_host else i.primary_host.hostname,
                'status': i.get_status_display(),
1096
                'fav': i.pk in favs} for i in instances]
1097
            return HttpResponse(
1098
                json.dumps(list(instances)),  # instances is ValuesQuerySet
1099 1100 1101 1102 1103
                content_type="application/json",
            )
        else:
            return super(VmList, self).get(*args, **kwargs)

1104
    def get_queryset(self):
1105
        logger.debug('VmList.get_queryset() called. User: %s',
1106
                     unicode(self.request.user))
1107
        queryset = Instance.get_objects_with_level(
1108
            'user', self.request.user).filter(destroyed_at=None)
1109 1110 1111
        s = self.request.GET.get("s")
        if s:
            queryset = queryset.filter(name__icontains=s)
1112 1113 1114 1115 1116

        sort = self.request.GET.get("sort")
        # remove "-" that means descending order
        # also check if the column name is valid
        if (sort and
1117
            (sort[1:] if sort[0] == "-" else sort)
1118
                in [i.name for i in Instance._meta.fields] + ["pk"]):
1119
            queryset = queryset.order_by(sort)
1120
        return queryset.select_related('owner', 'node')
1121

1122

1123
class NodeList(LoginRequiredMixin, SuperuserRequiredMixin, SingleTableView):
1124 1125 1126
    template_name = "dashboard/node-list.html"
    table_class = NodeListTable
    table_pagination = False
1127

1128 1129 1130 1131
    def get_queryset(self):
        return Node.objects.annotate(
            number_of_VMs=Count('instance_set')).select_related('host')

Őry Máté committed
1132

1133 1134 1135 1136 1137 1138 1139
class GroupList(LoginRequiredMixin, SuperuserRequiredMixin, SingleTableView):
    template_name = "dashboard/group-list.html"
    model = Group
    table_class = GroupListTable
    table_pagination = False


1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231
class GroupUserDelete(LoginRequiredMixin, SuperuserRequiredMixin, DeleteView):

    """This stuff deletes the group.
    """
    model = User
    template_name = "dashboard/confirm/base-delete.html"

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/confirm/ajax-delete.html']
        else:
            return ['dashboard/confirm/base-delete.html']

    def get_context_data(self, **kwargs):
        # this is redundant now, but if we wanna add more to print
        # we'll need this
        context = super(GroupUserDelete, self).get_context_data(**kwargs)
        return context

    # github.com/django/django/blob/master/django/views/generic/edit.py#L245
    def delete(self, request, *args, **kwargs):
        object = self.get_object()

        object.delete()
        success_url = self.get_success_url()
        success_message = _("Group successfully deleted!")

        if request.is_ajax():
            if request.POST.get('redirect').lower() == "true":
                messages.success(request, success_message)
            return HttpResponse(
                json.dumps({'message': success_message}),
                content_type="application/json",
            )
        else:
            messages.success(request, success_message)
            return HttpResponseRedirect(success_url)

    def get_success_url(self):
        next = self.request.POST.get('next')
        if next:
            return next
        else:
            return reverse_lazy('dashboard.index')


class GroupDelete(LoginRequiredMixin, SuperuserRequiredMixin, DeleteView):

    """This stuff deletes the group.
    """
    model = Group
    template_name = "dashboard/confirm/base-delete.html"

    def get_template_names(self):
        if self.request.is_ajax():
            return ['dashboard/confirm/ajax-delete.html']
        else:
            return ['dashboard/confirm/base-delete.html']

    def get_context_data(self, **kwargs):
        # this is redundant now, but if we wanna add more to print
        # we'll need this
        context = super(GroupDelete, self).get_context_data(**kwargs)
        return context

    # github.com/django/django/blob/master/django/views/generic/edit.py#L245
    def delete(self, request, *args, **kwargs):
        object = self.get_object()

        object.delete()
        success_url = self.get_success_url()
        success_message = _("Group successfully deleted!")

        if request.is_ajax():
            if request.POST.get('redirect').lower() == "true":
                messages.success(request, success_message)
            return HttpResponse(
                json.dumps({'message': success_message}),
                content_type="application/json",
            )
        else:
            messages.success(request, success_message)
            return HttpResponseRedirect(success_url)

    def get_success_url(self):
        next = self.request.POST.get('next')
        if next:
            return next
        else:
            return reverse_lazy('dashboard.index')


1232
class VmCreate(LoginRequiredMixin, TemplateView):
1233

1234
    form_class = VmCustomizeForm
1235 1236
    form = None

1237 1238
    def get_template_names(self):
        if self.request.is_ajax():
1239
            return ['dashboard/modal-wrapper.html']
1240
        else:
1241
            return ['dashboard/nojs-wrapper.html']
1242

1243
    def get(self, request, form=None, *args, **kwargs):
1244 1245 1246
        form_error = form is not None
        template = (form.template.pk if form_error
                    else request.GET.get("template"))
1247 1248
        templates = InstanceTemplate.get_objects_with_level('user',
                                                            request.user)
1249 1250 1251 1252
        if form is None and template:
            form = self.form_class(user=request.user,
                                   template=templates.get(pk=template))

1253
        context = self.get_context_data(**kwargs)
1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268
        if template:
            context.update({
                'template': 'dashboard/_vm-create-2.html',
                'box_title': _('Customize VM'),
                'ajax_title': False,
                'vm_create_form': form,
                'template_o': templates.get(pk=template),
            })
        else:
            context.update({
                'template': 'dashboard/_vm-create-1.html',
                'box_title': _('Create a VM'),
                'ajax_title': False,
                'templates': templates.all(),
            })
1269
        return self.render_to_response(context)
1270

1271 1272 1273 1274 1275 1276 1277 1278 1279
    def __create_normal(self, request, *args, **kwargs):
        user = request.user
        template = InstanceTemplate.objects.get(
            pk=request.POST.get("template"))

        # permission check
        if not template.has_level(request.user, 'user'):
            raise PermissionDenied()

1280 1281 1282
        instances = [Instance.create_from_template(
            template=template, owner=user)]
        return self.__deploy(request, instances)
1283 1284 1285 1286 1287 1288 1289 1290 1291

    def __create_customized(self, request, *args, **kwargs):
        user = request.user
        form = self.form_class(
            request.POST, user=request.user,
            template=InstanceTemplate.objects.get(
                pk=request.POST.get("template")
            )
        )
1292 1293 1294 1295
        if not form.is_valid():
            return self.get(request, form, *args, **kwargs)
        post = form.cleaned_data

1296 1297 1298
        template = InstanceTemplate.objects.get(pk=post['template'])
        # permission check
        if not template.has_level(user, 'user'):
1299
            raise PermissionDenied()
1300

1301 1302
        if request.user.has_perm('vm.set_resources'):
            ikwargs = {
1303
                'name': post['name'],
1304 1305 1306 1307
                'num_cores': post['cpu_count'],
                'ram_size': post['ram_size'],
                'priority': post['cpu_priority'],
            }
1308 1309
            networks = [InterfaceTemplate(vlan=l, managed=l.managed)
                        for l in post['networks']]
1310
            disks = post['disks']
1311 1312 1313 1314 1315 1316 1317 1318 1319