Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
circlestack
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
dac4d7b7
authored
Jul 22, 2014
by
Bach Dániel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
storage: remove disk acl
parent
f0530049
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
23 additions
and
55 deletions
+23
-55
circle/dashboard/forms.py
+2
-4
circle/dashboard/views.py
+13
-29
circle/storage/models.py
+8
-15
circle/vm/models/instance.py
+0
-7
No files found.
circle/dashboard/forms.py
View file @
dac4d7b7
...
@@ -44,7 +44,6 @@ from django.core.urlresolvers import reverse_lazy
...
@@ -44,7 +44,6 @@ from django.core.urlresolvers import reverse_lazy
from
django_sshkey.models
import
UserKey
from
django_sshkey.models
import
UserKey
from
firewall.models
import
Vlan
,
Host
from
firewall.models
import
Vlan
,
Host
from
storage.models
import
Disk
from
vm.models
import
(
from
vm.models
import
(
InstanceTemplate
,
Lease
,
InterfaceTemplate
,
Node
,
Trait
,
Instance
InstanceTemplate
,
Lease
,
InterfaceTemplate
,
Node
,
Trait
,
Instance
)
)
...
@@ -78,7 +77,7 @@ class VmCustomizeForm(forms.Form):
...
@@ -78,7 +77,7 @@ class VmCustomizeForm(forms.Form):
amount
=
forms
.
IntegerField
(
min_value
=
0
,
initial
=
1
)
amount
=
forms
.
IntegerField
(
min_value
=
0
,
initial
=
1
)
disks
=
forms
.
ModelMultipleChoiceField
(
disks
=
forms
.
ModelMultipleChoiceField
(
queryset
=
None
,
required
=
Tru
e
)
queryset
=
None
,
required
=
Fals
e
)
networks
=
forms
.
ModelMultipleChoiceField
(
networks
=
forms
.
ModelMultipleChoiceField
(
queryset
=
None
,
required
=
False
)
queryset
=
None
,
required
=
False
)
...
@@ -91,8 +90,7 @@ class VmCustomizeForm(forms.Form):
...
@@ -91,8 +90,7 @@ class VmCustomizeForm(forms.Form):
super
(
VmCustomizeForm
,
self
)
.
__init__
(
*
args
,
**
kwargs
)
super
(
VmCustomizeForm
,
self
)
.
__init__
(
*
args
,
**
kwargs
)
# set displayed disk and network list
# set displayed disk and network list
self
.
fields
[
'disks'
]
.
queryset
=
Disk
.
get_objects_with_level
(
self
.
fields
[
'disks'
]
.
queryset
=
self
.
template
.
disks
.
all
()
'user'
,
self
.
user
)
.
exclude
(
type
=
"qcow2-snap"
)
self
.
fields
[
'networks'
]
.
queryset
=
Vlan
.
get_objects_with_level
(
self
.
fields
[
'networks'
]
.
queryset
=
Vlan
.
get_objects_with_level
(
'user'
,
self
.
user
)
'user'
,
self
.
user
)
...
...
circle/dashboard/views.py
View file @
dac4d7b7
...
@@ -1180,36 +1180,22 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
...
@@ -1180,36 +1180,22 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
entity
=
Group
.
objects
.
get
(
name
=
name
)
entity
=
Group
.
objects
.
get
(
name
=
name
)
except
Group
.
DoesNotExist
:
except
Group
.
DoesNotExist
:
messages
.
warning
(
messages
.
warning
(
request
,
_
(
'User or group "
%
s" not found.'
)
%
name
)
self
.
request
,
_
(
'User or group "
%
s" not found.'
)
%
name
)
return
return
self
.
set_level
(
request
,
instance
,
entity
,
value
)
self
.
set_level
(
entity
,
value
)
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
instance
=
self
.
get_object
()
self
.
instance
=
self
.
get_object
()
self
.
acl_data
=
(
instance
.
get_users_with_level
()
+
self
.
acl_data
=
(
self
.
instance
.
get_users_with_level
()
+
instance
.
get_groups_with_level
())
self
.
instance
.
get_groups_with_level
())
self
.
set_or_remove_levels
(
request
,
instance
)
self
.
set_or_remove_levels
()
self
.
add_levels
(
request
,
instance
)
self
.
add_levels
()
return
redirect
(
"
%
s#access"
%
instance
.
get_absolute_url
())
return
redirect
(
"
%
s#access"
%
self
.
instance
.
get_absolute_url
())
class
TemplateAclUpdateView
(
AclUpdateView
):
class
TemplateAclUpdateView
(
AclUpdateView
):
model
=
InstanceTemplate
model
=
InstanceTemplate
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
retval
=
super
(
TemplateAclUpdateView
,
self
)
.
post
(
request
,
*
args
,
**
kwargs
)
template
=
self
.
get_object
()
post_for_disk
=
request
.
POST
.
copy
()
post_for_disk
[
'perm-new'
]
=
'user'
request
.
POST
=
post_for_disk
for
d
in
template
.
disks
.
all
():
self
.
set_or_remove_levels
(
request
,
d
)
self
.
add_levels
(
request
,
d
)
return
retval
class
GroupAclUpdateView
(
AclUpdateView
):
class
GroupAclUpdateView
(
AclUpdateView
):
model
=
Group
model
=
Group
...
@@ -1818,13 +1804,12 @@ class VmCreate(LoginRequiredMixin, TemplateView):
...
@@ -1818,13 +1804,12 @@ class VmCreate(LoginRequiredMixin, TemplateView):
}
}
networks
=
[
InterfaceTemplate
(
vlan
=
l
,
managed
=
l
.
managed
)
networks
=
[
InterfaceTemplate
(
vlan
=
l
,
managed
=
l
.
managed
)
for
l
in
post
[
'networks'
]]
for
l
in
post
[
'networks'
]]
disks
=
post
[
'disks'
]
ikwargs
.
update
({
ikwargs
.
update
({
'template'
:
template
,
'template'
:
template
,
'owner'
:
user
,
'owner'
:
user
,
'networks'
:
networks
,
'networks'
:
networks
,
'disks'
:
disks
,
'disks'
:
list
(
template
.
disks
.
all
())
,
})
})
amount
=
post
[
'amount'
]
amount
=
post
[
'amount'
]
...
@@ -2830,12 +2815,11 @@ class DiskRemoveView(DeleteView):
...
@@ -2830,12 +2815,11 @@ class DiskRemoveView(DeleteView):
def
delete
(
self
,
request
,
*
args
,
**
kwargs
):
def
delete
(
self
,
request
,
*
args
,
**
kwargs
):
disk
=
self
.
get_object
()
disk
=
self
.
get_object
()
if
not
disk
.
has_level
(
request
.
user
,
'owner'
):
raise
PermissionDenied
()
disk
=
self
.
get_object
()
app
=
disk
.
get_appliance
()
app
=
disk
.
get_appliance
()
if
not
app
.
has_level
(
request
.
user
,
'owner'
):
raise
PermissionDenied
()
app
.
remove_disk
(
disk
=
disk
,
user
=
request
.
user
)
app
.
remove_disk
(
disk
=
disk
,
user
=
request
.
user
)
disk
.
destroy
()
disk
.
destroy
()
...
@@ -2856,7 +2840,7 @@ class DiskRemoveView(DeleteView):
...
@@ -2856,7 +2840,7 @@ class DiskRemoveView(DeleteView):
@require_GET
@require_GET
def
get_disk_download_status
(
request
,
pk
):
def
get_disk_download_status
(
request
,
pk
):
disk
=
Disk
.
objects
.
get
(
pk
=
pk
)
disk
=
Disk
.
objects
.
get
(
pk
=
pk
)
if
not
disk
.
has_level
(
request
.
user
,
'owner'
):
if
not
disk
.
get_appliance
()
.
has_level
(
request
.
user
,
'owner'
):
raise
PermissionDenied
()
raise
PermissionDenied
()
return
HttpResponse
(
return
HttpResponse
(
...
...
circle/storage/models.py
View file @
dac4d7b7
...
@@ -31,7 +31,6 @@ from django.utils.translation import ugettext_lazy as _
...
@@ -31,7 +31,6 @@ from django.utils.translation import ugettext_lazy as _
from
model_utils.models
import
TimeStampedModel
from
model_utils.models
import
TimeStampedModel
from
sizefield.models
import
FileSizeField
from
sizefield.models
import
FileSizeField
from
acl.models
import
AclBase
from
.tasks
import
local_tasks
,
storage_tasks
from
.tasks
import
local_tasks
,
storage_tasks
from
celery.exceptions
import
TimeoutError
from
celery.exceptions
import
TimeoutError
from
common.models
import
WorkerNotFound
from
common.models
import
WorkerNotFound
...
@@ -76,15 +75,10 @@ class DataStore(Model):
...
@@ -76,15 +75,10 @@ class DataStore(Model):
destroyed__isnull
=
False
)
if
disk
.
is_deletable
]
destroyed__isnull
=
False
)
if
disk
.
is_deletable
]
class
Disk
(
AclBase
,
TimeStampedModel
):
class
Disk
(
TimeStampedModel
):
"""A virtual disk.
"""A virtual disk.
"""
"""
ACL_LEVELS
=
(
(
'user'
,
_
(
'user'
)),
# see all details
(
'operator'
,
_
(
'operator'
)),
(
'owner'
,
_
(
'owner'
)),
# superuser, can delete, delegate perms
)
TYPES
=
[(
'qcow2-norm'
,
'qcow2 normal'
),
(
'qcow2-snap'
,
'qcow2 snapshot'
),
TYPES
=
[(
'qcow2-norm'
,
'qcow2 normal'
),
(
'qcow2-snap'
,
'qcow2 snapshot'
),
(
'iso'
,
'iso'
),
(
'raw-ro'
,
'raw read-only'
),
(
'raw-rw'
,
'raw'
)]
(
'iso'
,
'iso'
),
(
'raw-ro'
,
'raw read-only'
),
(
'raw-rw'
,
'raw'
)]
name
=
CharField
(
blank
=
True
,
max_length
=
100
,
verbose_name
=
_
(
"name"
))
name
=
CharField
(
blank
=
True
,
max_length
=
100
,
verbose_name
=
_
(
"name"
))
...
@@ -225,15 +219,14 @@ class Disk(AclBase, TimeStampedModel):
...
@@ -225,15 +219,14 @@ class Disk(AclBase, TimeStampedModel):
return
any
(
i
.
state
!=
'STOPPED'
for
i
in
self
.
instance_set
.
all
())
return
any
(
i
.
state
!=
'STOPPED'
for
i
in
self
.
instance_set
.
all
())
def
get_appliance
(
self
):
def
get_appliance
(
self
):
"""Return an Instance or InstanceTemplate object where the disk is used
"""Return the Instance or InstanceTemplate object where the disk
is used
"""
"""
instance
=
self
.
instance_set
.
all
()
from
vm.models
import
Instance
template
=
self
.
template_set
.
all
()
try
:
app
=
list
(
instance
)
+
list
(
template
)
return
self
.
instance_set
.
get
()
if
len
(
app
)
>
0
:
except
Instance
.
DoesNotExist
:
return
app
[
0
]
return
self
.
template_set
.
get
()
else
:
return
None
def
get_exclusive
(
self
):
def
get_exclusive
(
self
):
"""Get an instance of the disk for exclusive usage.
"""Get an instance of the disk for exclusive usage.
...
...
circle/vm/models/instance.py
View file @
dac4d7b7
...
@@ -404,13 +404,6 @@ class Instance(AclBase, VirtualMachineDescModel, StatusModel, OperatedMixin,
...
@@ -404,13 +404,6 @@ class Instance(AclBase, VirtualMachineDescModel, StatusModel, OperatedMixin,
"""
"""
disks
=
template
.
disks
.
all
()
if
disks
is
None
else
disks
disks
=
template
.
disks
.
all
()
if
disks
is
None
else
disks
for
disk
in
disks
:
if
not
disk
.
has_level
(
owner
,
'user'
):
raise
PermissionDenied
()
elif
(
disk
.
type
==
'qcow2-snap'
and
not
disk
.
has_level
(
owner
,
'owner'
)):
raise
PermissionDenied
()
networks
=
(
template
.
interface_set
.
all
()
if
networks
is
None
networks
=
(
template
.
interface_set
.
all
()
if
networks
is
None
else
networks
)
else
networks
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment