Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
CIRCLE
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
94
Merge Requests
10
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
9585adae
authored
Nov 08, 2013
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
acl: add logging
parent
fec4de34
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
2 deletions
+36
-2
circle/acl/models.py
+25
-2
circle/dashboard/views.py
+11
-0
No files found.
circle/acl/models.py
View file @
9585adae
import
logging
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.contenttypes.generic
import
(
GenericForeignKey
,
GenericRelation
...
...
@@ -7,6 +9,8 @@ from django.db.models import (
ManyToManyField
,
ForeignKey
,
CharField
,
Model
,
IntegerField
)
logger
=
logging
.
getLogger
(
__name__
)
class
Level
(
Model
):
...
...
@@ -18,6 +22,9 @@ class Level(Model):
codename
=
CharField
(
'codename'
,
max_length
=
100
)
weight
=
IntegerField
(
'weight'
,
null
=
True
)
def
__unicode__
(
self
):
return
"<
%
s/
%
s>"
%
(
unicode
(
self
.
content_type
),
self
.
name
)
class
Meta
:
unique_together
=
((
'content_type'
,
'codename'
),
# ('content_type', 'weight'),
...
...
@@ -35,6 +42,9 @@ class ObjectLevel(Model):
users
=
ManyToManyField
(
User
)
groups
=
ManyToManyField
(
Group
)
def
__unicode__
(
self
):
return
"<
%
s:
%
s>"
%
(
unicode
(
self
.
content_object
),
unicode
(
self
.
level
))
class
Meta
:
unique_together
=
((
'content_type'
,
'object_id'
,
'level'
),)
...
...
@@ -57,6 +67,8 @@ class AclBase(Model):
raise
AttributeError
(
"Whom must be a User or Group object."
)
def
set_user_level
(
self
,
user
,
level
):
logger
.
info
(
'
%
s.set_user_level(
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
user
,
level
]])
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
if
not
self
.
object_level_set
.
filter
(
level_id
=
level
.
pk
)
.
exists
():
...
...
@@ -69,6 +81,8 @@ class AclBase(Model):
i
.
save
()
def
set_group_level
(
self
,
group
,
level
):
logger
.
info
(
'
%
s.set_group_level(
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
group
,
level
]])
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
#self.object_level_set.get_or_create(level=level, content_object=self)
...
...
@@ -82,8 +96,11 @@ class AclBase(Model):
i
.
save
()
def
has_level
(
self
,
user
,
level
,
group_also
=
True
):
logger
.
debug
(
'
%
s.has_level(
%
s,
%
s,
%
s) called'
,
*
[
unicode
(
p
)
for
p
in
[
self
,
user
,
level
,
group_also
]])
if
isinstance
(
level
,
basestring
):
level
=
self
.
get_level_object
(
level
)
logger
.
debug
(
"- level set by str:
%
s"
,
unicode
(
level
))
object_levels
=
self
.
object_level_set
.
filter
(
level__weight__gte
=
level
.
weight
)
.
all
()
...
...
@@ -102,21 +119,27 @@ class AclBase(Model):
return
False
def
get_users_with_level
(
self
):
logger
.
debug
(
'
%
s.get_users_with_level() called'
,
unicode
(
self
))
object_levels
=
(
self
.
object_level_set
.
select_related
(
'users'
,
'level'
)
.
all
())
users
=
[]
for
object_level
in
object_levels
:
name
=
object_level
.
level
.
codename
users
.
extend
([(
u
,
name
)
for
u
in
object_level
.
users
.
all
()])
olusers
=
object_level
.
users
.
all
()
users
.
extend
([(
u
,
name
)
for
u
in
olusers
])
logger
.
debug
(
'-
%
s:
%
s'
%
(
name
,
[
u
.
username
for
u
in
olusers
]))
return
users
def
get_groups_with_level
(
self
):
logger
.
debug
(
'
%
s.get_groups_with_level() called'
,
unicode
(
self
))
object_levels
=
(
self
.
object_level_set
.
select_related
(
'groups'
,
'level'
)
.
all
())
groups
=
[]
for
object_level
in
object_levels
:
name
=
object_level
.
level
.
codename
groups
.
extend
([(
g
,
name
)
for
g
in
object_level
.
groups
.
all
()])
olgroups
=
object_level
.
groups
.
all
()
groups
.
extend
([(
g
,
name
)
for
g
in
olgroups
])
logger
.
debug
(
'-
%
s:
%
s'
%
(
name
,
[
g
.
name
for
g
in
olgroups
]))
return
groups
class
Meta
:
...
...
circle/dashboard/views.py
View file @
9585adae
from
os
import
getenv
import
json
import
logging
import
re
from
django.contrib.auth.models
import
User
,
Group
...
...
@@ -18,6 +19,8 @@ from vm.models import Instance, InstanceTemplate, InterfaceTemplate
from
firewall.models
import
Vlan
from
storage.models
import
Disk
logger
=
logging
.
getLogger
(
__name__
)
class
IndexView
(
TemplateView
):
template_name
=
"dashboard/index.html"
...
...
@@ -79,6 +82,8 @@ class AclUpdateView(View, SingleObjectMixin):
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
instance
=
self
.
get_object
()
if
not
instance
.
has_level
(
request
.
user
,
"owner"
):
logger
.
warning
(
'Tried to set permissions of
%
s by non-owner
%
s.'
,
unicode
(
instance
),
unicode
(
request
.
user
))
raise
PermissionDenied
()
for
key
,
value
in
request
.
POST
.
items
():
m
=
re
.
match
(
'perm-([ug])-(
\
d+)'
,
key
)
...
...
@@ -86,6 +91,9 @@ class AclUpdateView(View, SingleObjectMixin):
type
,
id
=
m
.
groups
()
entity
=
{
'u'
:
User
,
'g'
:
Group
}[
type
]
.
objects
.
get
(
id
=
id
)
instance
.
set_level
(
entity
,
value
)
logger
.
info
(
"Set
%
s's acl level for
%
s to
%
s by
%
s."
,
unicode
(
entity
),
unicode
(
instance
),
value
,
unicode
(
request
.
user
))
name
=
request
.
POST
[
'perm-new-name'
]
value
=
request
.
POST
[
'perm-new'
]
...
...
@@ -96,6 +104,9 @@ class AclUpdateView(View, SingleObjectMixin):
entity
=
Group
.
objects
.
get
(
name
=
name
)
instance
.
set_level
(
entity
,
value
)
return
redirect
(
instance
)
logger
.
info
(
"Set
%
s's new acl level for
%
s to
%
s by
%
s."
,
unicode
(
entity
),
unicode
(
instance
),
value
,
unicode
(
request
.
user
))
class
TemplateDetail
(
DetailView
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment