def edit(request, entity_id):
user = User.objects.get(id=request.user.id)
entity, error = get_object_with_check_permission(user, Entity, entity_id,
ACLType.Writable)
if error:
return error
# when an entity in referral attribute is deleted
# user should be able to select new entity or keep it unchanged
# candidate entites for referral are:
# - active(not deleted) entity
# - current value of any attributes even if the entity has been deleted
context = {
'entity':
entity,
'attr_types':
AttrTypes,
'attributes': [{
'id': x.id,
'name': x.name,
'type': x.type,
'is_mandatory': x.is_mandatory,
'is_delete_in_chain': x.is_delete_in_chain,
'referrals': x.referral.all()
} for x in entity.attrs.filter(is_active=True).order_by('index')
if user.has_permission(x, ACLType.Writable)],
}
return render(request, 'edit_entity.html', context)
def index(request):
user = User.objects.get(id=request.user.id)
limitation = CONFIG.MAX_LIST_VIEW
if request.GET.get('nolimit', None):
limitation = None
context = {
'jobs': [{
'id':
x.id,
'target':
x.target,
'text':
x.text,
'status':
x.status,
'operation':
x.operation,
'created_at':
x.created_at,
'passed_time':
(x.updated_at - x.created_at).seconds if x.is_finished() else
(datetime.now(timezone.utc) - x.created_at).seconds,
} for x in Job.objects.filter(
user=user).order_by('-created_at')[:limitation]
if (x.operation == Job.OP_EXPORT or (
x.operation != Job.OP_EXPORT and x.target.is_active))]
}
return render(request, 'list_jobs.html', context)
def restore(request, entity_id):
user = User.objects.get(id=request.user.id)
entity, error = get_object_with_check_permission(user, Entity, entity_id, ACLType.Full)
if error:
return error
page = request.GET.get('page', 1)
keyword = request.GET.get('keyword', None)
# get all deleted entries that correspond to the entity, the specififcation of
# 'status=0' is necessary to prevent getting entries that were under processing.
if keyword:
name_pattern = prepend_escape_character(CONFIG.ESCAPE_CHARACTERS_ENTRY_LIST, keyword)
entries = Entry.objects.filter(schema=entity, status=0, is_active=False,
name__iregex=name_pattern).order_by('-updated_time')
else:
entries = Entry.objects.filter(schema=entity, status=0,
is_active=False).order_by('-updated_time')
p = Paginator(entries, CONFIG.MAX_LIST_ENTRIES)
try:
page_obj = p.page(page)
except PageNotAnInteger:
return HttpResponse('Invalid page number. It must be unsigned integer', status=400)
except EmptyPage:
return HttpResponse('Invalid page number. The page doesn\'t have anything', status=400)
return render(request, 'list_deleted_entry.html', {
'entity': entity,
'keyword': keyword,
'page_obj': page_obj,
})
def edit(request, entity_id):
entity, error = get_obj_with_check_perm(request.user, Entity, entity_id, ACLType.Writable)
if error:
return error
# when an entity in referral attribute is deleted
# user should be able to select new entity or keep it unchanged
# candidate entites for referral are:
# - active(not deleted) entity
# - current value of any attributes even if the entity has been deleted
context = {
"entity": entity,
"attr_types": AttrTypes,
"attributes": [
{
"id": x.id,
"name": x.name,
"type": x.type,
"is_mandatory": x.is_mandatory,
"is_delete_in_chain": x.is_delete_in_chain,
"referrals": x.referral.all(),
}
for x in entity.attrs.filter(is_active=True).order_by("index")
if request.user.has_permission(x, ACLType.Writable)
],
}
return render(request, "edit_entity.html", context)
def create(request, entity_id):
user = User.objects.get(id=request.user.id)
entity, error = get_object_with_check_permission(user, Entity, entity_id, ACLType.Writable)
if error:
return error
if custom_view.is_custom("create_entry_without_context", entity.name):
# show custom view
return custom_view.call_custom("create_entry_without_context", entity.name, request, user,
entity)
context = {
'entity': entity,
'form_url': '/entry/do_create/%s/' % entity.id,
'redirect_url': '/entry/%s' % entity.id,
'groups': Group.objects.filter(is_active=True),
'attributes': [{
'entity_attr_id': x.id,
'id': x.id,
'type': x.type,
'name': x.name,
'is_mandatory': x.is_mandatory,
'is_readble': True if user.has_permission(x, ACLType.Writable) else False
} for x in entity.attrs.filter(is_active=True).order_by('index')]
}
if custom_view.is_custom("create_entry", entity.name):
# show custom view
return custom_view.call_custom("create_entry", entity.name, request, user, entity, context)
else:
return render(request, 'create_entry.html', context)
def copy(request, entry_id):
user = User.objects.get(id=request.user.id)
if not Entry.objects.filter(id=entry_id).exists():
return HttpResponse('Failed to get an Entry object of specified id', status=400)
entry = Entry.objects.get(id=entry_id)
# prevent to show edit page under the creating processing
if entry.get_status(Entry.STATUS_CREATING) or entry.get_status(Entry.STATUS_EDITING):
return HttpResponse('Target entry is now under processing', status=400)
if not entry.is_active:
return HttpResponse('Target entry has been deleted', status=400)
context = {
'form_url': '/entry/do_copy/%s' % entry.id,
'redirect_url': '/entry/%s' % entry.schema.id,
'entry': entry,
}
if custom_view.is_custom("copy_entry", entry.schema.name):
return custom_view.call_custom("copy_entry", entry.schema.name, request, user, entry,
context)
return render(request, 'copy_entry.html', context)
def edit(request, entry_id):
user = User.objects.get(id=request.user.id)
if not Entry.objects.filter(id=entry_id).exists():
return HttpResponse('Failed to get an Entry object of specified id', status=400)
entry = Entry.objects.get(id=entry_id)
# prevent to show edit page under the creating processing
if entry.get_status(Entry.STATUS_CREATING):
return HttpResponse('Target entry is now under processing', status=400)
if not entry.is_active:
return HttpResponse('Target entry has been deleted', status=400)
entry.complement_attrs(user)
context = {
'entry': entry,
'groups': Group.objects.filter(is_active=True),
'attributes': entry.get_available_attrs(user, ACLType.Writable, get_referral_entries=True),
'form_url': '/entry/do_edit/%s' % entry.id,
'redirect_url': '/entry/show/%s' % entry.id,
}
if custom_view.is_custom("edit_entry", entry.schema.name):
# show custom view
return custom_view.call_custom("edit_entry", entry.schema.name, request, user, entry,
context)
else:
return render(request, 'edit_entry.html', context)
def show(request, entry_id):
user = User.objects.get(id=request.user.id)
try:
entry = Entry.objects.extra(
where=['status & %d = 0' % Entry.STATUS_CREATING]).get(id=entry_id)
except ObjectDoesNotExist:
return HttpResponse('Failed to get an Entry object of specified id', status=400)
if entry.get_status(Entry.STATUS_CREATING):
return HttpResponse('Target entry is now under processing', status=400)
if not entry.is_active:
return HttpResponse('Target entry has been deleted', status=400)
# create new attributes which are appended after creation of Entity
entry.complement_attrs(user)
context = {
'entry': entry,
'attributes': entry.get_available_attrs(user),
}
if custom_view.is_custom("show_entry", entry.schema.name):
# show custom view
return custom_view.call_custom("show_entry", entry.schema.name, request, user, entry,
context)
else:
# show ordinal view
return render(request, 'show_entry.html', context)
def search(request):
query = request.GET.get('query')
if not query:
return HttpResponse("Invalid query parameter is specified", status=400)
if len(query.encode('utf-8')) > CONFIG.MAX_QUERY_SIZE:
return HttpResponse("Sending parameter is too large", status=400)
target_models = [Entry, AttributeValue]
search_results = sum([x.search(query) for x in target_models], [])
dic = {}
for result in search_results:
eid = result['object'].id
if eid not in dic:
dic[eid] = {'types': [], 'object': result['object'], 'hints': []}
dic[eid]['types'].append(result['type'])
if result['hint'] != '':
dic[eid]['hints'].append(result['hint'])
results = []
for result in dic.values():
results.append({
'type': ', '.join(result['types']),
'object': result['object'],
'hint': ', '.join(result['hints'])
})
results.sort(key=lambda x: x['object'].name)
return render(request, 'show_search_results.html', {'results': results})
def edit(request, user_id):
current_user = User.objects.get(id=request.user.id)
try:
user = User.objects.get(id=user_id, is_active=True)
except ObjectDoesNotExist:
return HttpResponse("Target user is not found", status=404)
if not current_user.is_superuser and current_user != user:
return HttpResponse("You don't have permission to access", status=400)
context = {
'user_id':
int(user_id),
'user_name':
user.username,
'user_email':
user.email,
'user_is_superuser':
user.is_superuser,
'token':
user.token if current_user == user else None,
'token_lifetime':
user.token_lifetime,
'token_created':
user.token.created.strftime('%Y/%m/%d %H:%M:%S')
if user.token else None,
'token_expire':
((user.token.created +
timedelta(seconds=user.token_lifetime)).strftime('%Y/%m/%d %H:%M:%S')
if user.token else None),
'is_authenticated_by_local':
user.authenticate_type == User.AUTH_TYPE_LOCAL,
}
return render(request, 'edit_user.html', context)
def create(request):
context = {
"default_group_id": 0,
"submit_ref": "/group/do_create",
}
# set group members for each groups
context["groups"] = [
{
"id": x.id,
"name": x.name,
"members": User.objects.filter(groups__id=x.id, is_active=True).order_by("username"),
}
for x in Group.objects.filter(is_active=True)
]
# set all user
context["groups"].insert(
0,
{
"id": 0,
"name": "-- ALL --",
"members": User.objects.filter(is_active=True),
},
)
context["parent_group_id"] = 0
return render(request, "edit_group.html", context)
def edit(request, entry_id):
user = User.objects.get(id=request.user.id)
entry, error = get_object_with_check_permission(user, Entry, entry_id, ACLType.Writable)
if error:
return error
# prevent to show edit page under the creating processing
if entry.get_status(Entry.STATUS_CREATING):
return HttpResponse('Target entry is now under processing', status=400)
if not entry.is_active:
return _redirect_restore_entry(entry)
context = {
'entry': entry,
'groups': Group.objects.filter(is_active=True),
'attributes': entry.get_available_attrs(user, ACLType.Writable),
'form_url': '/entry/do_edit/%s' % entry.id,
'redirect_url': '/entry/show/%s' % entry.id,
}
if custom_view.is_custom("edit_entry", entry.schema.name):
# show custom view
return custom_view.call_custom("edit_entry", entry.schema.name, request, user, entry,
context)
else:
return render(request, 'edit_entry.html', context)
def edit(request, entity_id):
user = User.objects.get(id=request.user.id)
if not Entity.objects.filter(id=entity_id).exists():
return HttpResponse('Failed to get entity of specified id', status=400)
# entity to be editted is given by url
entity = Entity.objects.get(id=entity_id)
# when an entity in referral attribute is deleted
# user should be able to select new entity or keep it unchanged
# candidate entites for referral are:
# - active(not deleted) entity
# - current value of any attributes even if the entity has been deleted
context = {
'entity': entity,
'attr_types': AttrTypes,
'attributes': [{
'id': x.id,
'name': x.name,
'type': x.type,
'is_mandatory': x.is_mandatory,
'is_delete_in_chain': x.is_delete_in_chain,
'referrals': x.referral.all()
} for x in entity.attrs.filter(is_active=True).order_by('index')
if user.has_permission(x, ACLType.Writable)],
}
return render(request, 'edit_entity.html', context)
def edit(request, entry_id):
entry, error = get_obj_with_check_perm(request.user, Entry, entry_id,
ACLType.Writable)
if error:
return error
# prevent to show edit page under the creating processing
if entry.get_status(Entry.STATUS_CREATING):
return HttpResponse("Target entry is now under processing", status=400)
if not entry.is_active:
return _redirect_restore_entry(entry)
context = {
"entry": entry,
"groups": Group.objects.filter(is_active=True),
"attributes": entry.get_available_attrs(request.user,
ACLType.Writable),
"form_url": "/entry/do_edit/%s" % entry.id,
"redirect_url": "/entry/show/%s" % entry.id,
}
if custom_view.is_custom("edit_entry", entry.schema.name):
# show custom view
return custom_view.call_custom("edit_entry", entry.schema.name,
request, request.user, entry, context)
else:
return render(request, "edit_entry.html", context)
def index(request):
param_page_index = request.GET.get("page")
param_keyword = request.GET.get("keyword")
# This parameter enables to get entities partially when there are too many entries to return.
# When this parameter is emitted, this value will be treated as 0.
try:
if not param_page_index:
index_start = 0
else:
index_start = int(param_page_index) * CONFIG.MAX_LIST_ENTITIES
except ValueError:
# When an invalid value was specified, this ignores and treats it as 0.
index_start = 0
# Get entities under the conditions of specified parameters
query = Q(is_active=True)
if param_keyword:
query &= Q(name__icontains=param_keyword)
overall_entities = Entity.objects.filter(query).order_by("name")
return_entities = overall_entities[index_start : index_start + CONFIG.MAX_LIST_ENTITIES]
context = {
"entities": return_entities,
"entity_count": return_entities.count(),
"total_count": overall_entities.count(),
"page_index_start": index_start,
"page_index_end": index_start + return_entities.count(),
}
return render(request, "list_entities.html", context)
def index(request, obj_id):
aclbase_obj, error = get_obj_with_check_perm(request.user, ACLBase, obj_id, ACLType.Full)
if error:
return error
target_obj = aclbase_obj.get_subclass_object()
# Some type of objects needs object that refers target_obj (e.g. Attribute)
# for showing breadcrumb navigation.
parent_obj = None
try:
if isinstance(target_obj, Attribute):
parent_obj = target_obj.parent_entry
elif isinstance(target_obj, EntityAttr):
parent_obj = target_obj.parent_entity
except StopIteration:
Logger.warning("failed to get related parent object")
context = {
"object": target_obj,
"parent": parent_obj,
"acltypes": [{"id": x.id, "name": x.label} for x in ACLType.all()],
"roles": [
{
"id": x.id,
"name": x.name,
"description": x.description,
"current_permission": x.get_current_permission(target_obj),
}
for x in Role.objects.filter(is_active=True)
if request.user.is_superuser or x.is_belonged_to(request.user)
],
}
return render(request, "edit_acl.html", context)
def advanced_search(request):
entities = [x for x in Entity.objects.filter(is_active=True).order_by('name')
if x.attrs.filter(is_active=True).exists()]
return render(request, 'advanced_search.html', {
'entities': entities,
})
def index(request):
context = {}
context["roles"] = [
{
"id": x.id,
"name": x.name,
"description": x.description,
"users": dict(
{
u.username: {"is_admin": False}
for u in x.users.filter(is_active=True).order_by("username")
},
**{
u.username: {"is_admin": True}
for u in x.admin_users.filter(is_active=True).order_by("username")
}
),
"groups": dict(
{
g.name: {"is_admin": False}
for g in x.groups.filter(is_active=True).order_by("name")
},
**{
g.name: {"is_admin": True}
for g in x.admin_groups.filter(is_active=True).order_by("name")
}
),
}
for x in Role.objects.filter(is_active=True)
]
return render(request, "role/list.html", context)
def edit(request, role_id):
user = request.user
role = Role.objects.filter(id=role_id, is_active=True).first()
if not role:
return HttpResponse("Specified Role(id:%d) does not exist" % role_id, status=400)
if not role.is_editable(user):
return HttpResponse("You do not have permission to change this role", status=400)
# get user and group members that are selectable as role members
context = initialize_role_context()
context["submit_ref"] = "/role/do_edit/%d/" % role.id
# update users/groups context to set what users and groups are registered on role
context["name"] = role.name
context["description"] = role.description
for (key, nameattr, model) in [
("user_info", "username", role.users),
("group_info", "name", role.groups),
("admin_user_info", "username", role.admin_users),
("admin_group_info", "name", role.admin_groups),
]:
for instance in model.filter(is_active=True):
context[key][instance.id].update(
{
"name": getattr(instance, nameattr),
"is_checked": "true",
}
)
return render(request, "role/edit.html", context)
def index(request, entity_id):
if not Entity.objects.filter(id=entity_id).exists():
return HttpResponse('Failed to get entity of specified id', status=400)
entity = Entity.objects.get(id=entity_id)
if custom_view.is_custom("list_entry_without_context", entity.name):
# show custom view without context
resp = custom_view.call_custom("list_entry_without_context", entity.name, request, entity)
if resp:
return resp
entries = Entry.objects.order_by('name').filter(schema=entity, is_active=True)
total_count = list_count = len(entries)
if(len(entries) > CONFIG.MAX_LIST_ENTRIES):
entries = entries[0:CONFIG.MAX_LIST_ENTRIES]
list_count = CONFIG.MAX_LIST_ENTRIES
context = {
'entity': entity,
'entries': entries,
'total_count': total_count,
'list_count': list_count,
}
if custom_view.is_custom("list_entry", entity.name):
# list custom view
return custom_view.call_custom("list_entry", entity.name, request, entity, context)
else:
# list ordinal view
return render(request, 'list_entry.html', context)
def copy(request, entry_id):
entry, error = get_obj_with_check_perm(request.user, Entry, entry_id,
ACLType.Writable)
if error:
return error
# prevent to show edit page under the creating processing
if entry.get_status(Entry.STATUS_CREATING) or entry.get_status(
Entry.STATUS_EDITING):
return HttpResponse("Target entry is now under processing", status=400)
if not entry.is_active:
return _redirect_restore_entry(entry)
context = {
"form_url": "/entry/do_copy/%s" % entry.id,
"redirect_url": "/entry/%s" % entry.schema.id,
"entry": entry,
}
if custom_view.is_custom("copy_entry", entry.schema.name):
return custom_view.call_custom("copy_entry", entry.schema.name,
request, request.user, entry, context)
return render(request, "copy_entry.html", context)
def create(request, entity_id):
user = User.objects.get(id=request.user.id)
if not Entity.objects.filter(id=entity_id).exists():
return HttpResponse('Failed to get entity of specified id', status=400)
entity = Entity.objects.get(id=entity_id)
if custom_view.is_custom("create_entry_without_context", entity.name):
# show custom view
return custom_view.call_custom("create_entry_without_context", entity.name, request, user,
entity)
context = {
'entity': entity,
'form_url': '/entry/do_create/%s/' % entity.id,
'redirect_url': '/entry/%s' % entity.id,
'groups': Group.objects.filter(is_active=True),
'attributes': [{
'id': x.id,
'type': x.type,
'name': x.name,
'is_mandatory': x.is_mandatory,
} for x in entity.attrs.filter(is_active=True).order_by('index')
if user.has_permission(x, ACLType.Writable)]
}
if custom_view.is_custom("create_entry", entity.name):
# show custom view
return custom_view.call_custom("create_entry", entity.name, request, user, entity, context)
else:
return render(request, 'create_entry.html', context)
def create(request):
context = {
'default_group_id': 0,
'submit_ref': '/group/do_create',
}
# set group members for each groups
context['groups'] = [{
'id':
x.id,
'name':
x.name,
'members':
User.objects.filter(groups__id=x.id,
is_active=True).order_by('username'),
} for x in Group.objects.filter(is_active=True)]
# set all user
context['groups'].insert(
0, {
'id': 0,
'name': '-- ALL --',
'members': User.objects.filter(is_active=True),
})
return render(request, 'edit_group.html', context)
def list_webhook(request, entity_id):
# entity of specifying id
entity = Entity.objects.get(id=entity_id)
return render(request, 'list_webhooks.html', {
'entity': entity,
'webhooks': entity.webhooks.all(),
})
def create(request):
user = User.objects.get(id=request.user.id)
context = {
'entities': [x for x in Entity.objects.filter(is_active=True)
if user.has_permission(x, ACLType.Readable)],
'attr_types': AttrTypes
}
return render(request, 'create_entity.html', context)
def create(request):
context = {
"entities": [
x
for x in Entity.objects.filter(is_active=True)
if request.user.has_permission(x, ACLType.Readable)
],
"attr_types": AttrTypes,
}
return render(request, "create_entity.html", context)
def search(request):
query = request.GET.get("query")
entity_name = request.GET.get("entity")
try:
page_num = int(request.GET.get("page", 1))
if page_num < 1:
return HttpResponse("Invalid pege parameter is specified",
status=400)
except Exception:
return HttpResponse("Invalid pege parameter is specified", status=400)
if not query:
return HttpResponse("Invalid query parameter is specified", status=400)
if len(query.encode("utf-8")) > CONFIG.MAX_QUERY_SIZE:
return HttpResponse("Sending parameter is too large", status=400)
modified_query = query.strip()
# When an available 'entity' parameter is specified and get an entry information which exactly
# matches, this returns entry results
if entity_name:
entry = Entry.objects.filter(name=query,
schema__name=entity_name,
is_active=True).first()
if entry and request.user.has_permission(entry, ACLType.Readable):
return redirect("/entry/show/%s/" % entry.id)
per_page = CONFIG.MAXIMUM_SEARCH_RESULTS
(count, entries) = _search_by_keyword(modified_query, entity_name,
per_page, page_num)
if count == 1:
return redirect("/entry/show/%s/" % entries[0]["id"])
p = Paginator(["" for x in range(count)], per_page)
try:
page_obj = p.page(page_num)
except PageNotAnInteger:
return HttpResponse("Invalid page number. It must be unsigned integer",
status=400)
except EmptyPage:
return HttpResponse(
"Invalid page number. The page doesn't have anything", status=400)
else:
return render(
request,
"show_search_results.html",
{
"entries": entries,
"query": modified_query,
"page_obj": page_obj,
},
)
def list_webhook(request, entity_id):
user = User.objects.get(id=request.user.id)
entity, error = get_object_with_check_permission(user, Entity, entity_id,
ACLType.Full)
if error:
return error
return render(request, 'list_webhooks.html', {
'entity': entity,
'webhooks': entity.webhooks.all(),
})
def index(request):
user = User.objects.get(id=request.user.id)
entity_objects = Entity.objects.order_by('name').filter(is_active=True)
context = {
'entities': [
x for x in entity_objects
if user.has_permission(x, ACLType.Readable)
]
}
return render(request, 'list_entities.html', context)
def index(request):
if not request.user.is_authenticated:
return HttpResponseSeeOther("/auth/login")
context = {"users": [request.user]}
if request.user.is_superuser:
context = {
"users": User.objects.filter(is_active=True),
}
return render(request, "list_user.html", context)