Commit 666e2ede by Őry Máté

dashboard: update acl views

parent d92b2095
from django.core.urlresolvers import reverse
from guardian.shortcuts import (get_users_with_perms, get_groups_with_perms,
get_perms, remove_perm, assign_perm)
def split(t, at):
"""
Split collection at first occurance of given element.
>>> split("FooBar", "B")
('Foo', 'Bar')
>>> split(range(5), 2)
([0, 1], [2, 3, 4])
"""
pos = t.index(at)
return t[:pos], t[pos:]
def first_common_element(a, b):
for i in a:
if i in b:
return i
return None
def get_acl_data(obj):
levels = obj._meta.permissions
levelids = [id for (id, name) in levels]
users = get_users_with_perms(obj, with_group_users=False)
users = [{'user': u,
'perm': first_common_element(levelids, get_perms(u, obj))}
for u in users]
groups = get_groups_with_perms(obj)
groups = [{'group': g,
'perm': first_common_element(levelids, get_perms(g, obj))}
for g in groups]
return {'users': users, 'groups': groups, 'levels': levels,
'url': reverse('dashboard.views.vm-acl', args=[obj.pk])}
def set_acl_level(obj, whom, level):
levels = obj._meta.permissions
levelids = [id for (id, name) in levels]
to_remove, to_add = split(levelids, level)
for p in to_remove:
remove_perm(p, whom, obj)
for p in to_add:
assign_perm(p, whom, obj)
......@@ -2,6 +2,8 @@ import re
from django.contrib.auth.models import User, Group
from django.core import signing
from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse
from django.shortcuts import redirect
from django.views.generic import TemplateView, DetailView, View
from django.views.generic.detail import SingleObjectMixin
......@@ -11,7 +13,6 @@ from django_tables2 import SingleTableView
from vm.models import Instance
from .tables import VmListTable
from .utils import get_acl_data, set_acl_level
class IndexView(TemplateView):
......@@ -30,6 +31,16 @@ class IndexView(TemplateView):
return context
def get_acl_data(obj):
levels = obj.ACL_LEVELS
users = obj.get_users_with_level()
users = [{'user': u, 'level': l} for u, l in users]
groups = obj.get_groups_with_level()
groups = [{'group': g, 'level': l} for g, l in groups]
return {'users': users, 'groups': groups, 'levels': levels,
'url': reverse('dashboard.views.vm-acl', args=[obj.pk])}
class VmDetailView(DetailView):
template_name = "dashboard/vm-detail.html"
model = Instance
......@@ -50,14 +61,17 @@ class VmDetailView(DetailView):
class AclUpdateView(View, SingleObjectMixin):
def post(self, request, *args, **kwargs):
instance = self.get_object()
if not instance.has_level(request.user, "owner"):
raise PermissionDenied()
for key, value in request.POST.items():
m = re.match('perm-([ug])-(\d+)', key)
if m:
type, id = m.groups()
entity = {'u': User, 'g': Group}[type].objects.get(id=id)
set_acl_level(instance, entity, value)
instance.set_level(entity, value)
name = request.POST['perm-new-name']
value = request.POST['perm-new']
......@@ -66,7 +80,7 @@ class AclUpdateView(View, SingleObjectMixin):
entity = User.objects.get(username=name)
except User.DoesNotExist:
entity = Group.objects.get(name=name)
set_acl_level(instance, entity, value)
instance.set_level(entity, value)
return redirect(instance)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment