Commit 5325758b by Őry Máté

dashboard: require user level for vm details page

parent c12dc24c
...@@ -2,25 +2,66 @@ from django.test import TestCase ...@@ -2,25 +2,66 @@ from django.test import TestCase
from django.test.client import Client from django.test.client import Client
from django.contrib.auth.models import User, Group from django.contrib.auth.models import User, Group
from vm.models import Instance
class VmDetailTest(TestCase): class VmDetailTest(TestCase):
fixtures = ['test-vm-fixture.json'] fixtures = ['test-vm-fixture.json']
def setUp(self): def setUp(self):
self.u1 = User.objects.create(username='user1') self.u1 = User.objects.create(username='user1')
self.u1.set_password('password')
self.u1.save()
self.u2 = User.objects.create(username='user2', is_staff=True) self.u2 = User.objects.create(username='user2', is_staff=True)
self.u2.set_password('password')
self.u2.save()
self.us = User.objects.create(username='superuser', is_superuser=True) self.us = User.objects.create(username='superuser', is_superuser=True)
self.us.save()
self.g1 = Group.objects.create(name='group1') self.g1 = Group.objects.create(name='group1')
self.g1.user_set.add(self.u1) self.g1.user_set.add(self.u1)
self.g1.user_set.add(self.u2) self.g1.user_set.add(self.u2)
self.g1.save() self.g1.save()
def tearDown(self):
super(VmDetailTest, self).tearDown()
self.u1.delete()
self.u2.delete()
self.us.delete()
self.g1.delete()
def login(self, client, username, password='password'):
response = client.post('/login/', {'username': username,
'password': password})
self.assertNotEqual(response.status_code, 403)
def test_404_vm_page(self): def test_404_vm_page(self):
c = Client() c = Client()
response = c.get('/dashboard/vm/235555/') response = c.get('/dashboard/vm/235555/')
self.assertEqual(response.status_code, 404) self.assertEqual(response.status_code, 404)
def test_vm_page(self): def test_anon_vm_page(self):
c = Client()
response = c.get('/dashboard/vm/1/')
self.assertEqual(response.status_code, 403)
def test_unauth_vm_page(self):
c = Client()
self.login(c, 'user1')
response = c.get('/dashboard/vm/1/')
self.assertEqual(response.status_code, 403)
def test_operator_vm_page(self):
c = Client()
self.login(c, 'user2')
inst = Instance.objects.get(pk=1)
inst.set_level(self.u2, 'operator')
response = c.get('/dashboard/vm/1/')
self.assertEqual(response.status_code, 200)
def test_user_vm_page(self):
c = Client() c = Client()
self.login(c, 'user2')
inst = Instance.objects.get(pk=1)
inst.set_level(self.u2, 'user')
response = c.get('/dashboard/vm/1/') response = c.get('/dashboard/vm/1/')
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)
...@@ -5,20 +5,16 @@ import re ...@@ -5,20 +5,16 @@ import re
from django.contrib.auth.models import User, Group from django.contrib.auth.models import User, Group
from django.contrib.messages import warning from django.contrib.messages import warning
from django.core import signing
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse from django.core import signing
from django.core.urlresolvers import reverse, reverse_lazy
from django.http import HttpResponse
from django.shortcuts import redirect from django.shortcuts import redirect
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from django.views.generic import TemplateView, DetailView, View
from django.views.generic.detail import SingleObjectMixin from django.views.generic.detail import SingleObjectMixin
from django.http import HttpResponse from django.views.generic import TemplateView, DetailView, View
from django.views.generic import TemplateView, DetailView
from django.core.urlresolvers import reverse_lazy
from django.shortcuts import redirect
from django_tables2 import SingleTableView from django_tables2 import SingleTableView
from tables import VmListTable
from .tables import VmListTable from .tables import VmListTable
from vm.models import Instance, InstanceTemplate, InterfaceTemplate from vm.models import Instance, InstanceTemplate, InterfaceTemplate
...@@ -63,7 +59,18 @@ def get_acl_data(obj): ...@@ -63,7 +59,18 @@ def get_acl_data(obj):
'url': reverse('dashboard.views.vm-acl', args=[obj.pk])} 'url': reverse('dashboard.views.vm-acl', args=[obj.pk])}
class VmDetailView(DetailView): class CheckedDetailView(DetailView):
read_level = 'user'
def get_context_data(self, **kwargs):
context = super(CheckedDetailView, self).get_context_data(**kwargs)
instance = context['instance']
if not instance.has_level(self.request.user, self.read_level):
raise PermissionDenied()
return context
class VmDetailView(CheckedDetailView):
template_name = "dashboard/vm-detail.html" template_name = "dashboard/vm-detail.html"
model = Instance model = Instance
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment