Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CIRCLE
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
94
Merge Requests
10
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
9585adae
authored
Nov 08, 2013
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
acl: add logging
parent
fec4de34
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
2 deletions
+36
-2
circle/acl/models.py
+25
-2
circle/dashboard/views.py
+11
-0
No files found.
circle/acl/models.py
View file @
9585adae
import
logging
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.contenttypes.generic
import
(
from
django.contrib.contenttypes.generic
import
(
GenericForeignKey
,
GenericRelation
GenericForeignKey
,
GenericRelation
...
@@ -7,6 +9,8 @@ from django.db.models import (
...
@@ -7,6 +9,8 @@ from django.db.models import (
ManyToManyField
,
ForeignKey
,
CharField
,
Model
,
IntegerField
ManyToManyField
,
ForeignKey
,
CharField
,
Model
,
IntegerField
)
)
logger
=
logging
.
getLogger
(
__name__
)
class
Level
(
Model
):
class
Level
(
Model
):
...
@@ -18,6 +22,9 @@ class Level(Model):
...
@@ -18,6 +22,9 @@ class Level(Model):
codename
=
CharField
(
'codename'
,
max_length
=
100
)
codename
=
CharField
(
'codename'
,
max_length
=
100
)
weight
=
IntegerField
(
'weight'
,
null
=
True
)
weight
=
IntegerField
(
'weight'
,
null
=
True
)
def
__unicode__
(
self
):
return
"<
%
s/
%
s>"
%
(
unicode
(
self
.
content_type
),
self
.
name
)
class
Meta
:
class
Meta
:
unique_together
=
((
'content_type'
,
'codename'
),
unique_together
=
((
'content_type'
,
'codename'
),
# ('content_type', 'weight'),
# ('content_type', 'weight'),
...
@@ -35,6 +42,9 @@ class ObjectLevel(Model):
...
@@ -35,6 +42,9 @@ class ObjectLevel(Model):
users
=
ManyToManyField
(
User
)
users
=
ManyToManyField
(
User
)
groups
=
ManyToManyField
(
Group
)
groups
=
ManyToManyField
(
Group
)
def
__unicode__
(
self
):
return
"<
%
s:
%
s>"
%
(
unicode
(
self
.
content_object
),
unicode
(
self
.
level
))
class
Meta
:
class
Meta
:
unique_together
=
((
'content_type'
,
'object_id'
,
'level'
),)
unique_together
=
((
'content_type'
,
'object_id'
,
'level'
),)
...
@@ -57,6 +67,8 @@ class AclBase(Model):
...
@@ -57,6 +67,8 @@ class AclBase(Model):
raise
AttributeError
(
"Whom must be a User or Group object."
)
raise
AttributeError
(
"Whom must be a User or Group object."
)
def
set_user_level
(
self
,
user
,
level
):
def
set_user_level
(
self
,
user
,
level
):
logger
.
info
(
'
%
s.set_user_level(
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
user
,
level
]])
if
isinstance
(
level
,
basestring
):
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
level
=
self
.
get_level_object
(
level
)
if
not
self
.
object_level_set
.
filter
(
level_id
=
level
.
pk
)
.
exists
():
if
not
self
.
object_level_set
.
filter
(
level_id
=
level
.
pk
)
.
exists
():
...
@@ -69,6 +81,8 @@ class AclBase(Model):
...
@@ -69,6 +81,8 @@ class AclBase(Model):
i
.
save
()
i
.
save
()
def
set_group_level
(
self
,
group
,
level
):
def
set_group_level
(
self
,
group
,
level
):
logger
.
info
(
'
%
s.set_group_level(
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
group
,
level
]])
if
isinstance
(
level
,
basestring
):
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
level
=
self
.
get_level_object
(
level
)
#self.object_level_set.get_or_create(level=level, content_object=self)
#self.object_level_set.get_or_create(level=level, content_object=self)
...
@@ -82,8 +96,11 @@ class AclBase(Model):
...
@@ -82,8 +96,11 @@ class AclBase(Model):
i
.
save
()
i
.
save
()
def
has_level
(
self
,
user
,
level
,
group_also
=
True
):
def
has_level
(
self
,
user
,
level
,
group_also
=
True
):
logger
.
debug
(
'
%
s.has_level(
%
s,
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
user
,
level
,
group_also
]])
if
isinstance
(
level
,
basestring
):
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
level
=
self
.
get_level_object
(
level
)
logger
.
debug
(
"- level set by str:
%
s"
,
unicode
(
level
))
object_levels
=
self
.
object_level_set
.
filter
(
object_levels
=
self
.
object_level_set
.
filter
(
level__weight__gte
=
level
.
weight
)
.
all
()
level__weight__gte
=
level
.
weight
)
.
all
()
...
@@ -102,21 +119,27 @@ class AclBase(Model):
...
@@ -102,21 +119,27 @@ class AclBase(Model):
return
False
return
False
def
get_users_with_level
(
self
):
def
get_users_with_level
(
self
):
logger
.
debug
(
'
%
s.get_users_with_level() called'
,
unicode
(
self
))
object_levels
=
(
self
.
object_level_set
.
select_related
(
object_levels
=
(
self
.
object_level_set
.
select_related
(
'users'
,
'level'
)
.
all
())
'users'
,
'level'
)
.
all
())
users
=
[]
users
=
[]
for
object_level
in
object_levels
:
for
object_level
in
object_levels
:
name
=
object_level
.
level
.
codename
name
=
object_level
.
level
.
codename
users
.
extend
([(
u
,
name
)
for
u
in
object_level
.
users
.
all
()])
olusers
=
object_level
.
users
.
all
()
users
.
extend
([(
u
,
name
)
for
u
in
olusers
])
logger
.
debug
(
'-
%
s:
%
s'
%
(
name
,
[
u
.
username
for
u
in
olusers
]))
return
users
return
users
def
get_groups_with_level
(
self
):
def
get_groups_with_level
(
self
):
logger
.
debug
(
'
%
s.get_groups_with_level() called'
,
unicode
(
self
))
object_levels
=
(
self
.
object_level_set
.
select_related
(
object_levels
=
(
self
.
object_level_set
.
select_related
(
'groups'
,
'level'
)
.
all
())
'groups'
,
'level'
)
.
all
())
groups
=
[]
groups
=
[]
for
object_level
in
object_levels
:
for
object_level
in
object_levels
:
name
=
object_level
.
level
.
codename
name
=
object_level
.
level
.
codename
groups
.
extend
([(
g
,
name
)
for
g
in
object_level
.
groups
.
all
()])
olgroups
=
object_level
.
groups
.
all
()
groups
.
extend
([(
g
,
name
)
for
g
in
olgroups
])
logger
.
debug
(
'-
%
s:
%
s'
%
(
name
,
[
g
.
name
for
g
in
olgroups
]))
return
groups
return
groups
class
Meta
:
class
Meta
:
...
...
circle/dashboard/views.py
View file @
9585adae
from
os
import
getenv
from
os
import
getenv
import
json
import
json
import
logging
import
re
import
re
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.auth.models
import
User
,
Group
...
@@ -18,6 +19,8 @@ from vm.models import Instance, InstanceTemplate, InterfaceTemplate
...
@@ -18,6 +19,8 @@ from vm.models import Instance, InstanceTemplate, InterfaceTemplate
from
firewall.models
import
Vlan
from
firewall.models
import
Vlan
from
storage.models
import
Disk
from
storage.models
import
Disk
logger
=
logging
.
getLogger
(
__name__
)
class
IndexView
(
TemplateView
):
class
IndexView
(
TemplateView
):
template_name
=
"dashboard/index.html"
template_name
=
"dashboard/index.html"
...
@@ -79,6 +82,8 @@ class AclUpdateView(View, SingleObjectMixin):
...
@@ -79,6 +82,8 @@ class AclUpdateView(View, SingleObjectMixin):
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
instance
=
self
.
get_object
()
instance
=
self
.
get_object
()
if
not
instance
.
has_level
(
request
.
user
,
"owner"
):
if
not
instance
.
has_level
(
request
.
user
,
"owner"
):
logger
.
warning
(
'Tried to set permissions of
%
s by non-owner
%
s.'
,
unicode
(
instance
),
unicode
(
request
.
user
))
raise
PermissionDenied
()
raise
PermissionDenied
()
for
key
,
value
in
request
.
POST
.
items
():
for
key
,
value
in
request
.
POST
.
items
():
m
=
re
.
match
(
'perm-([ug])-(
\
d+)'
,
key
)
m
=
re
.
match
(
'perm-([ug])-(
\
d+)'
,
key
)
...
@@ -86,6 +91,9 @@ class AclUpdateView(View, SingleObjectMixin):
...
@@ -86,6 +91,9 @@ class AclUpdateView(View, SingleObjectMixin):
type
,
id
=
m
.
groups
()
type
,
id
=
m
.
groups
()
entity
=
{
'u'
:
User
,
'g'
:
Group
}[
type
]
.
objects
.
get
(
id
=
id
)
entity
=
{
'u'
:
User
,
'g'
:
Group
}[
type
]
.
objects
.
get
(
id
=
id
)
instance
.
set_level
(
entity
,
value
)
instance
.
set_level
(
entity
,
value
)
logger
.
info
(
"Set
%
s's acl level for
%
s to
%
s by
%
s."
,
unicode
(
entity
),
unicode
(
instance
),
value
,
unicode
(
request
.
user
))
name
=
request
.
POST
[
'perm-new-name'
]
name
=
request
.
POST
[
'perm-new-name'
]
value
=
request
.
POST
[
'perm-new'
]
value
=
request
.
POST
[
'perm-new'
]
...
@@ -96,6 +104,9 @@ class AclUpdateView(View, SingleObjectMixin):
...
@@ -96,6 +104,9 @@ class AclUpdateView(View, SingleObjectMixin):
entity
=
Group
.
objects
.
get
(
name
=
name
)
entity
=
Group
.
objects
.
get
(
name
=
name
)
instance
.
set_level
(
entity
,
value
)
instance
.
set_level
(
entity
,
value
)
return
redirect
(
instance
)
return
redirect
(
instance
)
logger
.
info
(
"Set
%
s's new acl level for
%
s to
%
s by
%
s."
,
unicode
(
entity
),
unicode
(
instance
),
value
,
unicode
(
request
.
user
))
class
TemplateDetail
(
DetailView
):
class
TemplateDetail
(
DetailView
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment