Skip to content

Fukász Rómeó Ervin / cloud

Go to a project
Commit 39a7ffc9 by Estók Dániel
Options

setty: added server-side access management.

parent ea8d0946
Showing with 39 additions and 8 deletions
circle/setty/templates/setty/index.html
...@@ -118,14 +118,14 @@ ...@@ -118,14 +118,14 @@
</div> </div>
<div class="panel-body container-fluid" id="dragContainer"> <div class="panel-body container-fluid" id="dragContainer">
{% for element in elementTemplateList %} {% for element in elementTemplateList %}
<div class="col-md-12 col-sm-4" id="elementTemplatePanel"> <div class="col-md-6 col-sm-4" id="elementTemplatePanel">
<div class="panel panel-default"> <div class="panel panel-default">
<div class="panel-heading"> <div class="panel-heading">
<div class="row text-center"> <div class="row text-center">
<div class="col-xs-10 col-xs-push-1 text-center"> <div class="col-xs-8 col-xs-push-2 text-center">
<label class="no-margin">{{ element.name }}</label> <label class="no-margin">{{ element.name }}</label>
</div> </div>
<div class="col-xs-1 col-xs-push-1 text-right"> <div class="col-xs-2 col-xs-push-2 text-left">
<button class="btn btn-primary btn-xs elementTemplateInfo" element="{{ element.id }}"> <button class="btn btn-primary btn-xs elementTemplateInfo" element="{{ element.id }}">
<i class="fa fa-info"></i> <i class="fa fa-info"></i>
</button> </button>
......
circle/setty/views.py
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
# You should have received a copy of the GNU General Public License along # You should have received a copy of the GNU General Public License along
# with CIRCLE. If not, see <http://www.gnu.org/licenses/>. # with CIRCLE. If not, see <http://www.gnu.org/licenses/>.
from django.contrib import messages # NOTE: ezt tettem ide from django.contrib import messages
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse, reverse_lazy from django.core.urlresolvers import reverse, reverse_lazy
from django.db.models import Q from django.db.models import Q
...@@ -41,12 +41,24 @@ class DetailView(LoginRequiredMixin, TemplateView): ...@@ -41,12 +41,24 @@ class DetailView(LoginRequiredMixin, TemplateView):
template_name = "setty/index.html" template_name = "setty/index.html"
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
logger.debug('DetailView.get_context_data() called. User: %s',
unicode(self.request.user))
service = Service.objects.get(id=kwargs['pk'])
if self.request.user == service.user or self.request.user.is_superuser:
context = super(DetailView, self).get_context_data(**kwargs) context = super(DetailView, self).get_context_data(**kwargs)
context['elementTemplateList'] = ElementTemplate.objects.all() context['elementTemplateList'] = ElementTemplate.objects.all()
context['actualId'] = kwargs['pk'] context['actualId'] = kwargs['pk']
return context return context
else:
raise PermissionDenied
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
logger.debug('DetailView.post() called. User: %s',
unicode(self.request.user))
service = Service.objects.get(id=kwargs['pk'])
if self.request.user == service.user or self.request.user.is_superuser:
if self.request.POST.get('event') == "saveService": if self.request.POST.get('event') == "saveService":
data = json.loads(self.request.POST.get('data')) data = json.loads(self.request.POST.get('data'))
service = Service.objects.get(id=kwargs['pk']) service = Service.objects.get(id=kwargs['pk'])
...@@ -122,15 +134,26 @@ class DetailView(LoginRequiredMixin, TemplateView): ...@@ -122,15 +134,26 @@ class DetailView(LoginRequiredMixin, TemplateView):
else: else:
raise PermissionDenied raise PermissionDenied
else:
raise PermissionDenied
class DeleteView(LoginRequiredMixin, DeleteView): class DeleteView(LoginRequiredMixin, DeleteView):
model = Service model = Service
success_url = reverse_lazy("dashboard.index") success_url = reverse_lazy("dashboard.index")
def post(self, request, *args, **kwargs):
logger.debug('DeleteView.post() called. User: %s',
unicode(self.request.user))
service = Service.objects.get(id=kwargs['pk'])
if self.request.user == service.user or self.request.user.is_superuser:
return super(DeleteView, self).post(request, *args, **kwargs)
else:
return PermissionDenied
class CreateView(LoginRequiredMixin, TemplateView):
class CreateView(LoginRequiredMixin, TemplateView):
def get_template_names(self): def get_template_names(self):
if self.request.is_ajax(): if self.request.is_ajax():
return ['dashboard/_modal.html'] return ['dashboard/_modal.html']
...@@ -138,6 +161,8 @@ class CreateView(LoginRequiredMixin, TemplateView): ...@@ -138,6 +161,8 @@ class CreateView(LoginRequiredMixin, TemplateView):
return ['dashboard/nojs-wrapper.html'] return ['dashboard/nojs-wrapper.html']
def get_context_data(self, *args, **kwargs): def get_context_data(self, *args, **kwargs):
logger.debug('CreateView.get_context_data() called. User: %s',
unicode(self.request.user))
context = super(CreateView, self).get_context_data(*args, **kwargs) context = super(CreateView, self).get_context_data(*args, **kwargs)
context.update({ context.update({
...@@ -148,6 +173,8 @@ class CreateView(LoginRequiredMixin, TemplateView): ...@@ -148,6 +173,8 @@ class CreateView(LoginRequiredMixin, TemplateView):
return context return context
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
logger.debug('CreateView.post() called. User: %s',
unicode(self.request.user))
service_name = self.request.POST.get('serviceName') service_name = self.request.POST.get('serviceName')
if not service_name: if not service_name:
...@@ -181,11 +208,15 @@ class ListView(LoginRequiredMixin, FilterMixin, SingleTableView): ...@@ -181,11 +208,15 @@ class ListView(LoginRequiredMixin, FilterMixin, SingleTableView):
} }
def get_context_data(self, *args, **kwargs): def get_context_data(self, *args, **kwargs):
logger.debug('ListView.get_context_data() called. User: %s',
unicode(self.request.user))
context = super(ListView, self).get_context_data(*args, **kwargs) context = super(ListView, self).get_context_data(*args, **kwargs)
context['search_form'] = self.search_form context['search_form'] = self.search_form
return context return context
def get(self, *args, **kwargs): def get(self, *args, **kwargs):
logger.debug('ListView.get() called. User: %s',
unicode(self.request.user))
self.search_form = ServiceListSearchForm(self.request.GET) self.search_form = ServiceListSearchForm(self.request.GET)
self.search_form.full_clean() self.search_form.full_clean()
...@@ -203,14 +234,14 @@ class ListView(LoginRequiredMixin, FilterMixin, SingleTableView): ...@@ -203,14 +234,14 @@ class ListView(LoginRequiredMixin, FilterMixin, SingleTableView):
return super(ListView, self).get(*args, **kwargs) return super(ListView, self).get(*args, **kwargs)
def get_queryset(self): def get_queryset(self):
logger.debug('ListView.get _queryset() called. User: %s', logger.debug('ListView.get_queryset() called. User: %s',
unicode(self.request.user)) unicode(self.request.user))
qs = self.model.objects.all() qs = self.model.objects.all()
self.create_fake_get() # NOTE: ezt tettem ide self.create_fake_get()
try: try:
filters, excludes = self.get_queryset_filters() filters, excludes = self.get_queryset_filters()
if not self.request.user.is_superuser: if not self.request.user.is_superuser:
filters['user'] = self.request.user # NOTE: ezt visszairtam filters['user'] = self.request.user
qs = qs.filter(**filters).exclude(**excludes).distinct() qs = qs.filter(**filters).exclude(**excludes).distinct()
except ValueError: except ValueError:
messages.error(self.request, _("Error during filtering.")) messages.error(self.request, _("Error during filtering."))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment