Commit c150935a by Czémán Arnold

Merge branch 'master' into issue_477

requirements: upgrade ldap packages
settings: remove NISGroupType

Conflicts:
	circle/dashboard/models.py
	requirements/base.txt
parents 1746ed9a aa92a44d
Pipeline #654 passed with stage
in 0 seconds
"""
Creates Levels for all installed apps that have levels.
"""
from django.db.models import get_models, signals
from django.db.models import signals
from django.apps import apps
from django.db import DEFAULT_DB_ALIAS
from django.core.exceptions import ImproperlyConfigured
from ..models import Level, AclBase
def create_levels(app, created_models, verbosity, db=DEFAULT_DB_ALIAS,
def create_levels(app_config, verbosity=False, using=DEFAULT_DB_ALIAS,
**kwargs):
"""Create and set the weights of the configured Levels.
Based on django.contrib.auth.management.__init__.create_permissions"""
# if not router.allow_migrate(db, auth_app.Permission):
# if not router.allow_migrate(using, auth_app.Permission):
# return
from django.contrib.contenttypes.models import ContentType
app_models = [k for k in get_models(app) if AclBase in k.__bases__]
app_models = [k for k in apps.get_models(app_config)
if AclBase in k.__bases__]
print "Creating levels for models: %s." % ", ".join(
[m.__name__ for m in app_models])
......@@ -31,7 +33,7 @@ def create_levels(app, created_models, verbosity, db=DEFAULT_DB_ALIAS,
for klass in app_models:
# Force looking up the content types in the current database
# before creating foreign keys to them.
ctype1 = ContentType.objects.db_manager(db).get_for_model(klass)
ctype1 = ContentType.objects.db_manager(using).get_for_model(klass)
ctypes.add(ctype1)
weight = 0
try:
......@@ -46,7 +48,7 @@ def create_levels(app, created_models, verbosity, db=DEFAULT_DB_ALIAS,
# Find all the Levels that have a content_type for a model we're
# looking for. We don't need to check for codenames since we already have
# a list of the ones we're going to create.
all_levels = set(Level.objects.using(db).filter(
all_levels = set(Level.objects.using(using).filter(
content_type__in=ctypes,
).values_list(
"content_type", "codename"
......@@ -57,7 +59,7 @@ def create_levels(app, created_models, verbosity, db=DEFAULT_DB_ALIAS,
for ctype, (codename, name) in searched_levels
if (ctype.pk, codename) not in all_levels
]
Level.objects.using(db).bulk_create(levels)
Level.objects.using(using).bulk_create(levels)
if verbosity >= 2:
print("Adding levels [%s]." % ", ".join(unicode(l) for l in levels))
print("Searched: [%s]." % ", ".join(
......@@ -70,5 +72,5 @@ def create_levels(app, created_models, verbosity, db=DEFAULT_DB_ALIAS,
content_type=ctype).update(weight=weight)
signals.post_syncdb.connect(
signals.post_migrate.connect(
create_levels, dispatch_uid="circle.acl.management.create_levels")
......@@ -18,7 +18,7 @@
import logging
from django.contrib.auth.models import User, Group
from django.contrib.contenttypes.generic import (
from django.contrib.contenttypes.fields import (
GenericForeignKey, GenericRelation
)
from django.contrib.contenttypes.models import ContentType
......
......@@ -21,6 +21,7 @@
"intro.js": "0.9.0",
"favico.js": "~0.3.5",
"datatables": "~1.10.4",
"chart.js": "2.3.0"
"chart.js": "2.3.0",
"clipboard": "~1.6.1"
}
}
......@@ -12,9 +12,10 @@ def update_permissions_after_migration(sender, **kwargs):
"""
from django.conf import settings
from django.db.models import get_models
from django.apps import apps
from django.contrib.auth.management import create_permissions
create_permissions(sender, get_models(), 2 if settings.DEBUG else 0)
create_permissions(sender, apps.get_models(), 2 if settings.DEBUG else 0)
post_migrate.connect(update_permissions_after_migration)
......@@ -27,7 +27,7 @@ from base import * # noqa
DEBUG = True
# See: https://docs.djangoproject.com/en/dev/ref/settings/#template-debug
TEMPLATE_DEBUG = DEBUG
TEMPLATES[0]['OPTIONS']['debug'] = DEBUG
########## END DEBUG CONFIGURATION
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
......@@ -110,8 +110,10 @@ if DEBUG:
from django.dispatch import Signal
Signal.send_robust = Signal.send
PIPELINE_COMPILERS = (
PIPELINE["COMPILERS"] = (
'dashboard.compilers.DummyLessCompiler',
)
ADMIN_ENABLED = True
ALLOWED_HOSTS = ['*']
......@@ -14,9 +14,10 @@
#
# You should have received a copy of the GNU General Public License along
# with CIRCLE. If not, see <http://www.gnu.org/licenses/>.
import os
from .base import * # noqa
from .base import * # flake8:noqa
# fix https://github.com/django-nose/django-nose/issues/197
......
......@@ -38,7 +38,11 @@ INSTALLED_APPS += (
'django_nose',
)
TEST_RUNNER = 'django_nose.NoseTestSuiteRunner'
NOSE_ARGS = ['--with-doctest', '--exclude-dir=dashboard/tests/selenium']
NOSE_ARGS = [
'--with-doctest',
'--exclude-dir=dashboard/tests/selenium',
'--exclude=circle'
]
PASSWORD_HASHERS = ['django.contrib.auth.hashers.MD5PasswordHasher']
CACHES = {
......@@ -59,7 +63,7 @@ for i in LOCAL_APPS:
# don't print SQL queries
LOGGING['handlers']['null'] = {'level': "DEBUG",
'class': "django.utils.log.NullHandler"}
'class': "logging.NullHandler"}
LOGGING['loggers']['django.db.backends'] = {
'handlers': ['null'],
'propagate': False,
......
......@@ -15,13 +15,16 @@
# You should have received a copy of the GNU General Public License along
# with CIRCLE. If not, see <http://www.gnu.org/licenses/>.
from django.conf.urls import patterns, include, url
from django.conf.urls import include, url
from django.views.generic import TemplateView
from django.conf import settings
from django.contrib import admin
from django.core.urlresolvers import reverse
from django.shortcuts import redirect
from django.contrib.auth.views import (
password_reset_confirm, password_reset
)
from circle.settings.base import get_env_variable
......@@ -33,9 +36,7 @@ from firewall.views import add_blacklist_item
admin.autodiscover()
urlpatterns = patterns(
'',
urlpatterns = [
url(r'^$', lambda x: redirect(reverse("dashboard.index"))),
url(r'^network/', include('network.urls')),
url(r'^blacklist-add/', add_blacklist_item),
......@@ -45,12 +46,11 @@ urlpatterns = patterns(
# django/contrib/auth/urls.py (care when new version)
url((r'^accounts/reset/(?P<uidb64>[0-9A-Za-z_\-]+)/'
r'(?P<token>[0-9A-Za-z]{1,13}-[0-9A-Za-z]{1,20})/$'),
'django.contrib.auth.views.password_reset_confirm',
password_reset_confirm,
{'set_password_form': CircleSetPasswordForm},
name='accounts.password_reset_confirm'
),
url(r'^accounts/password/reset/$', ("django.contrib.auth.views."
"password_reset"),
url(r'^accounts/password/reset/$', password_reset,
{'password_reset_form': CirclePasswordResetForm},
name="accounts.password-reset",
),
......@@ -73,27 +73,24 @@ urlpatterns = patterns(
name="info.support"),
url(r'^info/resize-how-to/$', ResizeHelpView.as_view(),
name="info.resize"),
)
]
if 'rosetta' in settings.INSTALLED_APPS:
urlpatterns += patterns(
'',
urlpatterns += [
url(r'^rosetta/', include('rosetta.urls')),
)
]
if settings.ADMIN_ENABLED:
urlpatterns += patterns(
'',
urlpatterns += [
url(r'^admin/', include(admin.site.urls)),
)
]
if get_env_variable('DJANGO_SAML', 'FALSE') == 'TRUE':
urlpatterns += patterns(
'',
(r'^saml2/', include('djangosaml2.urls')),
)
urlpatterns += [
url(r'^saml2/', include('djangosaml2.urls')),
]
handler500 = 'common.views.handler500'
handler403 = 'common.views.handler403'
......@@ -45,7 +45,8 @@ def handler500(request):
logger.exception("unhandled exception")
ctx = get_context(request, exception)
try:
resp = render_to_response("500.html", ctx, RequestContext(request))
resp = render_to_response("500.html", ctx,
RequestContext(request).flatten())
except:
resp = render_to_response("500.html", ctx)
resp.status_code = 500
......
......@@ -31,7 +31,7 @@ from django.contrib.auth.models import User, Group
from django.core.validators import URLValidator
from django.core.exceptions import PermissionDenied, ValidationError
import autocomplete_light
from dal import autocomplete
from crispy_forms.helper import FormHelper
from crispy_forms.layout import (
Layout, Div, BaseInput, Field, HTML, Submit, TEMPLATE_PACK, Fieldset
......@@ -43,7 +43,6 @@ from crispy_forms.bootstrap import FormActions
from django import forms
from django.contrib.auth.forms import UserCreationForm as OrgUserCreationForm
from django.forms.widgets import TextInput, HiddenInput
from django.template import Context
from django.template.loader import render_to_string
from django.utils.html import escape, format_html
from django.utils.safestring import mark_safe
......@@ -67,6 +66,7 @@ from .validators import domain_validator
from dashboard.models import ConnectCommand, create_profile
LANGUAGES_WITH_CODE = ((l[0], string_concat(l[1], " (", l[0], ")"))
for l in LANGUAGES)
......@@ -1180,8 +1180,7 @@ class AnyTag(Div):
fields += render_field(field, form, form_style, context,
template_pack=template_pack)
return render_to_string(self.template, Context({'tag': self,
'fields': fields}))
return render_to_string(self.template, {'tag': self, 'fields': fields})
class WorkingBaseInput(BaseInput):
......@@ -1334,27 +1333,31 @@ class UserEditForm(forms.ModelForm):
class AclUserOrGroupAddForm(forms.Form):
name = forms.CharField(widget=autocomplete_light.TextWidget(
'AclUserGroupAutocomplete',
attrs={'class': 'form-control',
'placeholder': _("Name of group or user")}))
name = forms.CharField(
widget=autocomplete.ListSelect2(
url='autocomplete.acl.user-group',
attrs={'class': 'form-control',
'data-html': 'true',
'data-placeholder': _("Name of group or user")}))
class TransferOwnershipForm(forms.Form):
name = forms.CharField(
widget=autocomplete_light.TextWidget(
'AclUserAutocomplete',
widget=autocomplete.ListSelect2(
url='autocomplete.acl.user',
attrs={'class': 'form-control',
'placeholder': _("Name of user")}),
'data-html': 'true',
'data-placeholder': _("Name of user")}),
label=_("E-mail address or identifier of user"))
class AddGroupMemberForm(forms.Form):
new_member = forms.CharField(
widget=autocomplete_light.TextWidget(
'AclUserAutocomplete',
widget=autocomplete.ListSelect2(
url='autocomplete.acl.user',
attrs={'class': 'form-control',
'placeholder': _("Name of user")}),
'data-html': 'true',
'data-placeholder': _("Name of user")}),
label=_("E-mail address or identifier of user"))
......@@ -1538,6 +1541,10 @@ class VmResourcesForm(forms.ModelForm):
fields = ('num_cores', 'priority', 'ram_size', )
class VmRenameForm(forms.Form):
new_name = forms.CharField()
vm_search_choices = (
("owned", _("owned")),
("shared", _("shared")),
......@@ -1547,6 +1554,8 @@ vm_search_choices = (
class VmListSearchForm(forms.Form):
use_required_attribute = False
s = forms.CharField(widget=forms.TextInput(attrs={
'class': "form-control input-tags",
'placeholder': _("Search...")
......@@ -1571,6 +1580,8 @@ class VmListSearchForm(forms.Form):
class TemplateListSearchForm(forms.Form):
use_required_attribute = False
s = forms.CharField(widget=forms.TextInput(attrs={
'class': "form-control input-tags",
'placeholder': _("Search...")
......@@ -1590,6 +1601,8 @@ class TemplateListSearchForm(forms.Form):
class UserListSearchForm(forms.Form):
use_required_attribute = False
s = forms.CharField(widget=forms.TextInput(attrs={
'class': "form-control input-tags",
'placeholder': _("Search...")
......
......@@ -18,33 +18,40 @@
from __future__ import unicode_literals, absolute_import
import logging
from optparse import make_option
from django.contrib.auth.models import User
from django.contrib.auth.models import User, Group, Permission
from django.core.management.base import BaseCommand
from django.db.models import Q
from firewall.models import Vlan, VlanGroup, Domain, Firewall, Rule
from firewall.models import Vlan, VlanGroup, Domain, Firewall, Rule, Host
from firewall.fields import mac_custom
from storage.models import DataStore
from vm.models import Lease
from vm.models import Lease, Node
from dashboard.models import GroupProfile, Profile
from netaddr import IPAddress, EUI
logger = logging.getLogger(__name__)
class Command(BaseCommand):
option_list = BaseCommand.option_list + (
make_option('--force', action="store_true"),
make_option('--external-net'),
make_option('--management-net'),
make_option('--vm-net'),
make_option('--external-if'),
make_option('--management-if'),
make_option('--vm-if'),
make_option('--datastore-queue'),
make_option('--firewall-queue'),
make_option('--admin-user'),
make_option('--admin-pass'),
)
def add_arguments(self, parser):
parser.add_argument('--force', action="store_true")
parser.add_argument('--external-net')
parser.add_argument('--management-net')
parser.add_argument('--vm-net')
parser.add_argument('--external-if')
parser.add_argument('--management-if')
parser.add_argument('--vm-if')
parser.add_argument('--datastore-queue')
parser.add_argument('--firewall-queue')
parser.add_argument('--admin-user')
parser.add_argument('--admin-pass')
parser.add_argument('--node-hostname')
parser.add_argument('--node-mac')
parser.add_argument('--node-ip')
parser.add_argument('--node-name')
parser.add_argument('--kvm-present', action="store_true")
def create(self, model, field, **kwargs):
value = kwargs[field]
......@@ -57,21 +64,24 @@ class Command(BaseCommand):
else:
return qs[0]
# http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html
# http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html
def print_state(self):
print "\nchanged=%s" % ("yes" if self.changed else "no")
self.stdout.write("\nchanged=%s" % ("yes" if self.changed else "no"))
def handle(self, *args, **options):
self.changed = False
# from pdb import set_trace; set_trace()
if (DataStore.objects.exists() and Vlan.objects.exists() and
not options['force']):
return self.print_state()
self.print_state()
return
admin = self.create(User, 'username', username=options['admin_user'],
is_superuser=True, is_staff=True)
admin.set_password(options['admin_pass'])
admin.save()
self.create(Profile, 'user', user=admin)
self.create(DataStore, 'path', path='/datastore', name='default',
hostname=options['datastore_queue'])
......@@ -152,5 +162,112 @@ class Command(BaseCommand):
self.create(Rule, 'description', description='allow man->net',
direction='out', action='accept',
foreign_network=vg_net, vlan=man)
return self.print_state()
node_ip = IPAddress(options['node_ip'])
node_mac = EUI(options['node_mac'], dialect=mac_custom)
node_host = Host.objects.filter(ipv4=node_ip).first()
if node_host is None:
node_host = self.create(Host, 'mac', mac=node_mac,
hostname=options['node_hostname'],
ipv4=node_ip, vlan=man, owner=admin)
else:
Host.objects.filter(pk=node_host.pk).update(
mac=node_mac, hostname=options['node_hostname'],
ipv4=node_ip, vlan=man, owner=admin)
node_host.refresh_from_db()
self.create(Node, 'name', name=options['node_name'], host=node_host,
priority=1, enabled=True, schedule_enabled=True)
# creating groups
susers = self.create(Group, 'name', name='Superusers')
pusers = self.create(Group, 'name', name='Powerusers')
users = self.create(Group, 'name', name='Users')
# creating group profiles
self.create(GroupProfile, 'group', group=susers)
self.create(GroupProfile, 'group', group=pusers)
self.create(GroupProfile, 'group', group=users)
# specifying group permissions
user_permissions = [
'create_vm',
'config_ports',
]
puser_permissions = [
'use_autocomplete',
'config_ports',
'create_vm',
'create_empty_disk',
'download_disk',
'resize_disk',
'access_console',
'change_resources',
'set_resources',
'change_template_resources',
'create_template',
]
suser_permissions = [
'add_group',
'use_autocomplete',
'create_empty_disk',
'download_disk',
'access_console',
'change_resources',
'config_ports',
'create_vm',
'recover',
'set_resources',
'change_template_resources',
'create_base_template',
'create_template'
]
# set group permissions
susers.permissions.set(self._get_permissions(suser_permissions))
pusers.permissions.set(self._get_permissions(puser_permissions))
users.permissions.set(self._get_permissions(user_permissions))
# creating users and their profiles
useruser = self.create(User, 'username', username='user',
is_superuser=False, is_staff=False)
useruser.set_password("user")
useruser.save()
self.create(Profile, 'user', user=useruser)
poweruser = self.create(User, 'username', username="poweruser",
is_superuser=False, is_staff=False)
poweruser.set_password("poweruser")
poweruser.save()
self.create(Profile, 'user', user=poweruser)
superuser = self.create(User, 'username', username="superuser",
is_superuser=False, is_staff=False)
superuser.set_password("superuser")
superuser.save()
self.create(Profile, 'user', user=superuser)
# adding users o groups
users.user_set.add(useruser)
pusers.user_set.add(poweruser)
susers.user_set.add(superuser)
# add groups to vm vlan
vm.set_level(users, 'user')
vm.set_level(pusers, 'user')
vm.set_level(susers, 'user')
# notify admin if there is no harware virtualization
if not options['kvm_present']:
admin.profile.notify("hardware virtualization",
"No hardware virtualization detected, "
"your hardware does not support it or "
"not enabled in BIOS.")
self.print_state()
def _get_permissions(self, code_names):
query = Q()
for cn in code_names:
query |= Q(codename=cn)
return Permission.objects.filter(query)
# -*- coding: utf-8 -*-
# Generated by Django 1.11.3 on 2017-07-07 19:09
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('dashboard', '0005_profile_two_factor_secret'),
]
operations = [
migrations.AlterField(
model_name='connectcommand',
name='name',
field=models.CharField(help_text='Name of your custom command.', max_length=128, verbose_name='name'),
),
]
# -*- coding: utf-8 -*-
# Generated by Django 1.11.6 on 2018-07-10 23:41
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('dashboard', '0006_auto_20170707_1909'),
('dashboard', '0006_auto_20170308_1421'),
]
operations = [
]
......@@ -151,7 +151,7 @@ class ConnectCommand(Model):
access_method = CharField(max_length=10, choices=ACCESS_METHODS,
verbose_name=_('access method'),
help_text=_('Type of the remote access method.'))
name = CharField(max_length="128", verbose_name=_('name'), blank=False,
name = CharField(max_length=128, verbose_name=_('name'), blank=False,
help_text=_("Name of your custom command."))
template = CharField(blank=True, null=True, max_length=256,
verbose_name=_('command template'),
......@@ -212,15 +212,16 @@ class Profile(Model):
commands = self.user.command_set.filter(
access_method=instance.access_method)
if commands.count() < 1:
return [single_command]
return [{'id': 0, 'cmd': single_command}]
else:
return [
command.template % {
return [{
'id': command.id,
'cmd': command.template % {
'port': instance.get_connect_port(use_ipv6=use_ipv6),
'host': instance.get_connect_host(use_ipv6=use_ipv6),
'password': instance.pw,
'username': 'cloud',
} for command in commands]
}} for command in commands]
else:
return []
......@@ -349,14 +350,12 @@ if hasattr(settings, 'SAML_ORG_ID_ATTRIBUTE'):
def saml_save_org_id(sender, **kwargs):
logger.debug("saml_save_org_id called by %s", sender.username)
attributes = kwargs.pop('attributes')
atr = settings.SAML_ORG_ID_ATTRIBUTE
try:
value = attributes[atr][0].upper()
value = attributes[settings.SAML_ORG_ID_ATTRIBUTE][0].upper()
except Exception as e:
value = None
logger.info("saml_save_org_id couldn't find attribute. %s",
unicode(e))
if sender.pk is None:
sender.save()
logger.debug("saml_save_org_id saved user %s", unicode(sender))
......
......@@ -508,13 +508,6 @@ $.ajaxSetup({
}
});
/* for autocomplete */
$(function() {
yourlabs.TextWidget.prototype.getValue = function(choice) {
return choice.children().html();
};
});
var tagsToReplace = {
'&': '&amp;',
'<': '&lt;',
......
......@@ -1031,7 +1031,7 @@ textarea[name="new_members"] {
font-weight: bold;
}
.hilight .autocomplete-hl {
.select2-results__option--highlighted .autocomplete-hl {
color: orange;
}
......
......@@ -70,12 +70,12 @@ $(function() {
});
/* for js fallback */
$("#vm-details-pw-show").parent("div").children("input").prop("type", "password");
$(".vm-details-show-password").parent("div").children("input").prop("type", "password");
/* show password */
$("#vm-details-pw-show").click(function() {
$(".vm-details-show-password").click(function() {
var input = $(this).parent("div").children("input");
var eye = $(this).children("#vm-details-pw-eye");
var eye = $(this).children(".vm-details-password-eye");
var span = $(this);
span.tooltip("destroy");
......@@ -111,9 +111,10 @@ $(function() {
/* rename ajax */
$('.vm-details-rename-submit').click(function() {
var name = $(this).parent("span").prev("input").val();
var url = $("#vm-details-rename-form").attr("action");
$.ajax({
method: 'POST',
url: location.href,
url: url,
data: {'new_name': name},
headers: {"X-CSRFToken": getCookie('csrftoken')},
success: function(data, textStatus, xhr) {
......@@ -252,4 +253,12 @@ $(function() {
return e.preventDefault();
});
// Clipboard for connection strings
if(Clipboard.isSupported()) {
new Clipboard(".vm-details-connection-string-copy", {
text: function(trigger) {
return $($(trigger).data("clipboard-target")).val();
}
});
}
});
......@@ -24,7 +24,7 @@
<td>
<select class="form-control" name="perm-u-{{i.user.id}}"{% if i.level not in acl.allowed_levels %} disabled{% endif %}>
{% for id, name in acl.levels %}
<option{%if id = i.level%} selected="selected"{%endif%}
<option{%if id == i.level%} selected="selected"{%endif%}
{% if id not in acl.allowed_levels %} disabled{% endif %}
value="{{id}}">{{name}}</option>
{% endfor %}
......@@ -46,7 +46,7 @@
<td>
<select class="form-control" name="perm-g-{{i.group.id}}{% if i.level not in acl.allowed_levels %} disabled{% endif %}">
{% for id, name in acl.levels %}
<option{%if id = i.level%} selected="selected"{%endif%}
<option{%if id == i.level%} selected="selected"{%endif%}
{% if id not in acl.allowed_levels %} disabled{% endif %}
value="{{id}}">{{name}}</option>
{% endfor %}
......
......@@ -137,8 +137,10 @@
{% if user.is_superuser %}
<hr />