Commit 41ba73ac authored by Gabriel Detraz's avatar Gabriel Detraz Committed by root

Nouveau système d'acl pour machines

parent 36abfc47
......@@ -24,7 +24,7 @@
from __future__ import unicode_literals
from django.conf.urls import url
import re2o
from . import views
urlpatterns = [
......@@ -76,20 +76,11 @@ urlpatterns = [
url(r'^edit_nas/(?P<nasid>[0-9]+)$', views.edit_nas, name='edit-nas'),
url(r'^del_nas/$', views.del_nas, name='del-nas'),
url(r'^index_nas/$', views.index_nas, name='index-nas'),
url(r'^history/(?P<object>machine)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>interface)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>machinetype)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>extension)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>soa)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>mx)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>ns)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>txt)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>srv)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>iptype)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>alias)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>vlan)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>nas)/(?P<id>[0-9]+)$', views.history, name='history'),
url(r'^history/(?P<object>service)/(?P<id>[0-9]+)$', views.history, name='history'),
url(
r'history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
re2o.views.history,
name='history',
),
url(r'^$', views.index, name='index'),
url(r'^rest/mac-ip/$', views.mac_ip, name='mac-ip'),
url(r'^rest/regen-achieved/$', views.regen_achieved, name='regen-achieved'),
......
......@@ -1001,128 +1001,6 @@ def index_service(request):
servers_list = Service_link.objects.select_related('server__domain__extension').select_related('service').all()
return render(request, 'machines/index_service.html', {'service_list':service_list, 'servers_list':servers_list})
@login_required
def history(request, object, id):
if object == 'machine':
try:
object_instance = Machine.objects.get(pk=id)
except Machine.DoesNotExist:
messages.error(request, "Machine inexistante")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'une machine d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'interface':
try:
object_instance = Interface.objects.get(pk=id)
except Interface.DoesNotExist:
messages.error(request, "Interface inexistante")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'une interface d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'alias':
try:
object_instance = Domain.objects.get(pk=id)
except Domain.DoesNotExist:
messages.error(request, "Alias inexistant")
return redirect(reverse('machines:index'))
if not request.user.has_perms(('cableur',)) and object_instance.cname.interface_parent.machine.user != request.user:
messages.error(request, "Vous ne pouvez pas afficher l'historique d'un alias d'un autre user que vous sans droit cableur")
return redirect(reverse(
'users:profil',
kwargs={'userid':str(request.user.id)}
))
elif object == 'machinetype' and request.user.has_perms(('cableur',)):
try:
object_instance = MachineType.objects.get(pk=id)
except MachineType.DoesNotExist:
messages.error(request, "Type de machine inexistant")
return redirect(reverse('machines:index'))
elif object == 'iptype' and request.user.has_perms(('cableur',)):
try:
object_instance = IpType.objects.get(pk=id)
except IpType.DoesNotExist:
messages.error(request, "Type d'ip inexistant")
return redirect(reverse('machines:index'))
elif object == 'extension' and request.user.has_perms(('cableur',)):
try:
object_instance = Extension.objects.get(pk=id)
except Extension.DoesNotExist:
messages.error(request, "Extension inexistante")
return redirect(reverse('machines:index'))
elif object == 'soa' and request.user.has_perms(('cableur',)):
try:
object_instance = SOA.objects.get(pk=id)
except SOA.DoesNotExist:
messages.error(request, "SOA inexistant")
return redirect(reverse('machines:index'))
elif object == 'mx' and request.user.has_perms(('cableur',)):
try:
object_instance = Mx.objects.get(pk=id)
except Mx.DoesNotExist:
messages.error(request, "Mx inexistant")
return redirect(reverse('machines:index'))
elif object == 'txt' and request.user.has_perms(('cableur',)):
try:
object_instance = Txt.objects.get(pk=id)
except Txt.DoesNotExist:
messages.error(request, "Txt inexistant")
return redirect(reverse('machines:index'))
elif object == 'srv' and request.user.has_perms(('cableur',)):
try:
object_instance = Srv.objects.get(pk=id)
except Srv.DoesNotExist:
messages.error(request, "Srv inexistant")
return redirect(reverse('machines:index'))
elif object == 'ns' and request.user.has_perms(('cableur',)):
try:
object_instance = Ns.objects.get(pk=id)
except Ns.DoesNotExist:
messages.error(request, "Ns inexistant")
return redirect(reverse('machines:index'))
elif object == 'service' and request.user.has_perms(('cableur',)):
try:
object_instance = Service.objects.get(pk=id)
except Service.DoesNotExist:
messages.error(request, "Service inexistant")
return redirect(reverse('machines:index'))
elif object == 'vlan' and request.user.has_perms(('cableur',)):
try:
object_instance = Vlan.objects.get(pk=id)
except Vlan.DoesNotExist:
messages.error(request, "Vlan inexistant")
return redirect(reverse('machines:index'))
elif object == 'nas' and request.user.has_perms(('cableur',)):
try:
object_instance = Nas.objects.get(pk=id)
except Nas.DoesNotExist:
messages.error(request, "Nas inexistant")
return redirect(reverse('machines:index'))
else:
messages.error(request, "Objet inconnu")
return redirect(reverse('machines:index'))
options, created = GeneralOption.objects.get_or_create()
pagination_number = options.pagination_number
reversions = Version.objects.get_for_object(object_instance)
paginator = Paginator(reversions, pagination_number)
page = request.GET.get('page')
try:
reversions = paginator.page(page)
except PageNotAnInteger:
# If page is not an integer, deliver first page.
reversions = paginator.page(1)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of results.
reversions = paginator.page(paginator.num_pages)
return render(request, 're2o/history.html', {'reversions': reversions, 'object': object_instance})
@login_required
@can_view_all(OuverturePortList)
......
......@@ -35,7 +35,7 @@ from reversion.models import Version
from django.contrib import messages
from preferences.models import Service
from preferences.models import OptionalUser, GeneralOption
import users, preferences, cotisations, topologie
import users, preferences, cotisations, topologie, machines
def form(ctx, template, request):
"""Form générique, raccourci importé par les fonctions views du site"""
......@@ -70,6 +70,20 @@ HISTORY_BIND = {
'stack' : topologie.models.Stack,
'model_switch' : topologie.models.ModelSwitch,
'constructor_switch' : topologie.models.ConstructorSwitch,
'machine' : machines.models.Machine,
'interface' : machines.models.Interface,
'alias' : machines.models.Domain,
'machinetype' : machines.models.MachineType,
'iptype' : machines.models.IpType,
'extension' : machines.models.Extension,
'soa' : machines.models.SOA,
'mx' : machines.models.Mx,
'txt' : machines.models.Txt,
'srv' : machines.models.Srv,
'ns' : machines.models.Ns,
'service' : machines.models.Service,
'vlan' : machines.models.Vlan,
'nas' : machines.models.Vlan,
}
@login_required
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment