Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gyuricska Milán
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
5325758b
authored
Nov 11, 2013
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dashboard: require user level for vm details page
parent
c12dc24c
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
58 additions
and
10 deletions
+58
-10
circle/dashboard/tests/test_vm.py
+42
-1
circle/dashboard/views.py
+16
-9
No files found.
circle/dashboard/tests/test_vm.py
View file @
5325758b
...
@@ -2,25 +2,66 @@ from django.test import TestCase
...
@@ -2,25 +2,66 @@ from django.test import TestCase
from
django.test.client
import
Client
from
django.test.client
import
Client
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.auth.models
import
User
,
Group
from
vm.models
import
Instance
class
VmDetailTest
(
TestCase
):
class
VmDetailTest
(
TestCase
):
fixtures
=
[
'test-vm-fixture.json'
]
fixtures
=
[
'test-vm-fixture.json'
]
def
setUp
(
self
):
def
setUp
(
self
):
self
.
u1
=
User
.
objects
.
create
(
username
=
'user1'
)
self
.
u1
=
User
.
objects
.
create
(
username
=
'user1'
)
self
.
u1
.
set_password
(
'password'
)
self
.
u1
.
save
()
self
.
u2
=
User
.
objects
.
create
(
username
=
'user2'
,
is_staff
=
True
)
self
.
u2
=
User
.
objects
.
create
(
username
=
'user2'
,
is_staff
=
True
)
self
.
u2
.
set_password
(
'password'
)
self
.
u2
.
save
()
self
.
us
=
User
.
objects
.
create
(
username
=
'superuser'
,
is_superuser
=
True
)
self
.
us
=
User
.
objects
.
create
(
username
=
'superuser'
,
is_superuser
=
True
)
self
.
us
.
save
()
self
.
g1
=
Group
.
objects
.
create
(
name
=
'group1'
)
self
.
g1
=
Group
.
objects
.
create
(
name
=
'group1'
)
self
.
g1
.
user_set
.
add
(
self
.
u1
)
self
.
g1
.
user_set
.
add
(
self
.
u1
)
self
.
g1
.
user_set
.
add
(
self
.
u2
)
self
.
g1
.
user_set
.
add
(
self
.
u2
)
self
.
g1
.
save
()
self
.
g1
.
save
()
def
tearDown
(
self
):
super
(
VmDetailTest
,
self
)
.
tearDown
()
self
.
u1
.
delete
()
self
.
u2
.
delete
()
self
.
us
.
delete
()
self
.
g1
.
delete
()
def
login
(
self
,
client
,
username
,
password
=
'password'
):
response
=
client
.
post
(
'/login/'
,
{
'username'
:
username
,
'password'
:
password
})
self
.
assertNotEqual
(
response
.
status_code
,
403
)
def
test_404_vm_page
(
self
):
def
test_404_vm_page
(
self
):
c
=
Client
()
c
=
Client
()
response
=
c
.
get
(
'/dashboard/vm/235555/'
)
response
=
c
.
get
(
'/dashboard/vm/235555/'
)
self
.
assertEqual
(
response
.
status_code
,
404
)
self
.
assertEqual
(
response
.
status_code
,
404
)
def
test_vm_page
(
self
):
def
test_anon_vm_page
(
self
):
c
=
Client
()
response
=
c
.
get
(
'/dashboard/vm/1/'
)
self
.
assertEqual
(
response
.
status_code
,
403
)
def
test_unauth_vm_page
(
self
):
c
=
Client
()
self
.
login
(
c
,
'user1'
)
response
=
c
.
get
(
'/dashboard/vm/1/'
)
self
.
assertEqual
(
response
.
status_code
,
403
)
def
test_operator_vm_page
(
self
):
c
=
Client
()
self
.
login
(
c
,
'user2'
)
inst
=
Instance
.
objects
.
get
(
pk
=
1
)
inst
.
set_level
(
self
.
u2
,
'operator'
)
response
=
c
.
get
(
'/dashboard/vm/1/'
)
self
.
assertEqual
(
response
.
status_code
,
200
)
def
test_user_vm_page
(
self
):
c
=
Client
()
c
=
Client
()
self
.
login
(
c
,
'user2'
)
inst
=
Instance
.
objects
.
get
(
pk
=
1
)
inst
.
set_level
(
self
.
u2
,
'user'
)
response
=
c
.
get
(
'/dashboard/vm/1/'
)
response
=
c
.
get
(
'/dashboard/vm/1/'
)
self
.
assertEqual
(
response
.
status_code
,
200
)
self
.
assertEqual
(
response
.
status_code
,
200
)
circle/dashboard/views.py
View file @
5325758b
...
@@ -5,20 +5,16 @@ import re
...
@@ -5,20 +5,16 @@ import re
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.messages
import
warning
from
django.contrib.messages
import
warning
from
django.core
import
signing
from
django.core.exceptions
import
PermissionDenied
from
django.core.exceptions
import
PermissionDenied
from
django.core.urlresolvers
import
reverse
from
django.core
import
signing
from
django.core.urlresolvers
import
reverse
,
reverse_lazy
from
django.http
import
HttpResponse
from
django.shortcuts
import
redirect
from
django.shortcuts
import
redirect
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.views.generic
import
TemplateView
,
DetailView
,
View
from
django.views.generic.detail
import
SingleObjectMixin
from
django.views.generic.detail
import
SingleObjectMixin
from
django.http
import
HttpResponse
from
django.views.generic
import
TemplateView
,
DetailView
,
View
from
django.views.generic
import
TemplateView
,
DetailView
from
django.core.urlresolvers
import
reverse_lazy
from
django.shortcuts
import
redirect
from
django_tables2
import
SingleTableView
from
django_tables2
import
SingleTableView
from
tables
import
VmListTable
from
.tables
import
VmListTable
from
.tables
import
VmListTable
from
vm.models
import
Instance
,
InstanceTemplate
,
InterfaceTemplate
from
vm.models
import
Instance
,
InstanceTemplate
,
InterfaceTemplate
...
@@ -63,7 +59,18 @@ def get_acl_data(obj):
...
@@ -63,7 +59,18 @@ def get_acl_data(obj):
'url'
:
reverse
(
'dashboard.views.vm-acl'
,
args
=
[
obj
.
pk
])}
'url'
:
reverse
(
'dashboard.views.vm-acl'
,
args
=
[
obj
.
pk
])}
class
VmDetailView
(
DetailView
):
class
CheckedDetailView
(
DetailView
):
read_level
=
'user'
def
get_context_data
(
self
,
**
kwargs
):
context
=
super
(
CheckedDetailView
,
self
)
.
get_context_data
(
**
kwargs
)
instance
=
context
[
'instance'
]
if
not
instance
.
has_level
(
self
.
request
.
user
,
self
.
read_level
):
raise
PermissionDenied
()
return
context
class
VmDetailView
(
CheckedDetailView
):
template_name
=
"dashboard/vm-detail.html"
template_name
=
"dashboard/vm-detail.html"
model
=
Instance
model
=
Instance
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment