Beispiel #1
0
def login(request):
    if request.method == 'GET':
        nexturl = request.GET.get('next')
        context = {'nexturl': nexturl}
        auth_logout(request)
        return render(request, 'users/login.html', context)
    else:
        user_name = request.POST.get('username')
        password = request.POST.get('password')
        nexturl = request.POST.get('next')
        user = authenticate(username=user_name, password=password)
        if user is not None:
            if user.is_active:
                auth_login(request, user)
                log = Log(jobid_id=0,
                          logtext='Login successful: %s' % user_name)
                log.save()
                postupgrade(request)
                if nexturl is not None:
                    return HttpResponseRedirect(nexturl)
                else:
                    return redirect('home')
        # authentication failed
        messages.error(
            request,
            'Username or password did not match any of available users. Try again.',
            extra_tags="slide:Login failure")
        context = {'next': nexturl}
        log = Log(jobid_id=0, logtext='Login failure: %s' % user_name)
        log.save()
        return render(request, 'users/login.html', context)
Beispiel #2
0
def adddep(request):
    if request.method == 'GET':
        form = DepartmentForm()
        context = {'contentheader': 'Departments', 'apppath': ['Departments', 'Add'], 'form': form}
        updateMenuNumbers(request, context)
        return render(request, 'departments/add.html', context)
    else:
        # print request.POST
        add = request.POST.get('add', 0)
        cancel = request.POST.get('cancel', 0)
        if add and not cancel:
            form = DepartmentForm(request.POST)
            if form.is_valid():
                username = request.user.username
                department = form.cleaned_data['name']
                descr = form.cleaned_data['descr']
                short = form.cleaned_data['shortname']
                color = form.cleaned_data['color']
                # create Department
                with transaction.atomic():
                    depart = Departments(name=department, shortname=short, description=descr, color=color)
                    depart.save()
                    user = request.user
                    if not user.is_superuser or not user.is_staff:
                        profile = Profile.objects.get(user=user)
                        profile.departments.add(depart)
                    log = Log(jobid_id=0, logtext='Department "%s" created by %s' % (department, str(username)))
                    log.save()
                return redirect('departsdefined')
            else:
                messages.error(request, "Cannot validate a form: %s" % form.errors, extra_tags='Error')
    return redirect('departsdefined')
Beispiel #3
0
def logout(request):
    user_name = request.user.get_username()
    auth_logout(request)
    log = Log(jobid_id=0, logtext='Successful logout: ' + user_name)
    log.save()
    messages.success(request, "User successfuly logged out from application.", extra_tags="Success")
    return redirect('login')
Beispiel #4
0
def addrole(request):
    perms = get_system_permissions()
    if request.method == 'GET':
        form = RolesForm(perms=perms)
        context = {
            'contentheader': 'Roles',
            'apppath': ['Roles', 'Add'],
            'form': form
        }
        updateMenuNumbers(request, context)
        return render(request, 'roles/add.html', context)
    else:
        # print request.POST
        add = request.POST.get('add', 0)
        cancel = request.POST.get('cancel', 0)
        if add and not cancel:
            form = RolesForm(data=request.POST, perms=perms)
            if form.is_valid():
                rolename = form.cleaned_data['name']
                # Ugly hack for limiting database varchar(80)
                rolenamelen = len(rolename.encode('UTF-8'))
                if rolenamelen > 80:
                    rolename = rolename[:(80 - rolenamelen) / 2]
                descr = form.cleaned_data['descr']
                color = form.cleaned_data['color']
                perms = form.cleaned_data['perms']
                # create Role
                with transaction.atomic():
                    role = Group.objects.create(name=rolename)
                    role.roles.description = descr
                    role.roles.color = color
                    newperms = []
                    for p in perms:
                        if p.startswith('addallperms_'):
                            (n, applabel) = p.split('_')
                            allperms = Permission.objects.filter(content_type__model='permissions',
                                                                 content_type__app_label=applabel)\
                                .exclude(codename__icontains='_permissions')
                            for ap in allperms:
                                newperms.append(ap.codename)
                        else:
                            newperms.append(p)
                    permlist = Permission.objects.filter(
                        codename__in=newperms,
                        content_type__model='permissions')
                    role.permissions.set(permlist)
                    role.save()
                    log = Log(jobid_id=0,
                              logtext='Create role: %s by %s' %
                              (rolename, request.user.username))
                    log.save()
                    messages.success(request,
                                     'Role "%s" defined.' % role.name,
                                     extra_tags="Success")
            else:
                messages.error(request,
                               "Cannot validate a form: %s" % form.errors,
                               extra_tags='Error')
    return redirect('rolesdefined')
Beispiel #5
0
def labeltape(request, storage):
    storageres = getDIRStorageinfo(name=storage)
    if storageres is None:
        raise Http404()
    logi = Log(jobid_id=0, logtext='User labeled tapes in "%s"' % storage)
    logi.save()
    taskid = prepareTask(name="Label tapes", proc=4, params=storage, log="Starting...")
    context = {'taskid': taskid}
    return JsonResponse(context, safe=False)
Beispiel #6
0
def makedeletevolume(request, name):
    vol = get_object_or_404(Media, volumename=name)
    out = doDeleteVolume(name)
    if len(out) == 0:
        st = False
    else:
        st = True
        username = request.user.username
        log = Log(jobid_id=0, logtext='User %s deleted Volume "%s" all data on volume was lost.' % (username, name))
        log.save()
    context = {'status': st}
    return JsonResponse(context, safe=False)
Beispiel #7
0
def makepurged(request, name):
    vol = get_object_or_404(Media, volumename=name)
    out = doPurgeVolume(name)
    if len(out) == 0:
        st = False
    else:
        st = True
        username = request.user.username
        log = Log(jobid_id=0, logtext='User %s recycled Volume "%s" marking it as Purged.' % (username, name))
        log.save()
    context = {'status': st}
    return JsonResponse(context, safe=False)
Beispiel #8
0
def userprofileedit(request):
    user = request.user
    if request.method == 'GET':
        backurl = request.GET.get('b', None)
        data = makeinitailadata(user, backurl)
        form = UserForm(departments=[], initial=data, usertypes=USERTYPE)
        form.fields['username'].disabled = True
        context = {'contentheader': 'Profile Edit', 'apppath': ['Profile', 'Edit'], 'form': form,
                   'User': user}
        updateMenuNumbers(request, context)
        return render(request, 'users/editprofile.html', context)
    else:
        # print request.POST
        cancel = request.POST.get('cancel', 0)
        backurl = request.POST.get('backurl')
        if backurl is None or backurl == '':
            backurl = reverse('usersprofile')
        if not cancel:
            data = makeinitailadata(user, backurl)
            post = request.POST.copy()
            post['username'] = user.username
            form = UserForm(data=post, departments=[], initial=data, usertypes=USERTYPE)
            if form.is_valid():
                if form.has_changed():
                    with transaction.atomic():
                        if 'firstname' in form.changed_data:
                            firstname = form.cleaned_data['firstname']
                            # Ugly hack for limiting database varchar(30)
                            firstnamelen = len(firstname.encode('UTF-8'))
                            if firstnamelen > 30:
                                firstname = firstname[:(30 - firstnamelen)/2]
                            user.first_name = firstname
                        if 'lastname' in form.changed_data:
                            lastname = form.cleaned_data['lastname']
                            # Ugly hack for limiting database varchar(30)
                            lastnamelen = len(lastname.encode('UTF-8'))
                            if lastnamelen > 30:
                                lastname = lastname[:(30 - lastnamelen)/2]
                            user.last_name = lastname
                        if 'email' in form.changed_data:
                            user.email = form.cleaned_data['email']
                        if 'password' in form.changed_data:
                            user.set_password(form.cleaned_data['password'])
                            # special case
                            user.save()
                            return redirect('logout')
                        log = Log(jobid_id=0, logtext='User profile modification: ' + user.username)
                        log.save()
                        user.save()
                        messages.success(request, "User profile updated", extra_tags='Success')
            else:
                messages.error(request, "Cannot validate a form: %s" % form.errors, extra_tags='Error')
    return redirect(backurl)
Beispiel #9
0
def editdep(request, name):
    department = get_object_or_404(Departments, shortname=name)
    if request.method == 'GET':
        data = makeinitialdata(department)
        form = DepartmentForm(initial=data)
        context = {
            'contentheader': 'Departments',
            'apppath': ['Departments', 'Edit', name],
            'departmentdisplay': 1,
            'Department': department,
            'form': form
        }
        updateMenuNumbers(request, context)
        return render(request, 'departments/edit.html', context)
    else:
        # print request.POST
        cancel = request.POST.get('cancel', 0)
        if not cancel:
            # print "Save!"
            data = makeinitialdata(department)
            form = DepartmentForm(data=request.POST, initial=data)
            if form.is_valid() and form.has_changed():
                with transaction.atomic():
                    if 'descr' in form.changed_data:
                        # update description
                        # print "Update description"
                        department.description = form.cleaned_data['descr']
                    if 'name' in form.changed_data:
                        # update name
                        newname = form.cleaned_data['name']
                        department.name = newname
                    if 'shortname' in form.changed_data:
                        # update shortname
                        changedepartclient(department.shortname,
                                           form.cleaned_data['shortname'])
                        changedepartvcenter(department.shortname,
                                            form.cleaned_data['shortname'])
                        department.shortname = form.cleaned_data['shortname']
                    if 'color' in form.changed_data:
                        # update color label
                        department.color = form.cleaned_data['color']
                    department.save()
                    log = Log(jobid_id=0,
                              logtext='Department "' + name +
                              '" modification by ' + request.user.username)
                    log.save()
                return redirect('departsdefined')
            else:
                messages.error(request,
                               "Cannot validate a form: %s" % form.errors,
                               extra_tags='Error')
    return redirect('departsdefined')
Beispiel #10
0
def makedelete(request, name):
    userdeparts = getUserDepartments(request)
    depart = get_object_or_404(Departments, shortname=name, id__in=userdeparts)
    if not (request.user.is_superuser and request.user.is_staff) and len(userdeparts) == 1:
        st = False
    else:
        logi = Log(jobid_id=0, logtext='User deleted Department "%s".' % name)
        logi.save()
        st = True
        with transaction.atomic():
            removedepartclient(name)
            removedepartvcenter(name)
            depart.delete()
    context = {'status': st}
    return JsonResponse(context, safe=False)
Beispiel #11
0
def editrole(request, rolename):
    group = get_object_or_404(Group, name=rolename)
    if group.roles.internal:
        raise Http404
    data = makeinitailadata(group)
    if request.method == 'GET':
        form = RolesForm(initial=data)
        context = {
            'contentheader': 'Roles',
            'apppath': ['Roles', 'Edit', rolename],
            'form': form,
            'rolestatusdisplay': 1,
            'Role': group.roles
        }
        updateMenuNumbers(request, context)
        return render(request, 'roles/edit.html', context)
    else:
        # print request.POST
        cancel = request.POST.get('cancel', 0)
        if not cancel:
            form = RolesForm(data=request.POST, initial=data)
            if form.is_valid():
                if form.has_changed():
                    with transaction.atomic():
                        if 'name' in form.changed_data:
                            rname = truncateunicodestr(
                                form.cleaned_data['name'], 80)
                            group.name = rname
                        if 'descr' in form.changed_data:
                            group.roles.description = form.cleaned_data[
                                'descr']
                        if 'color' in form.changed_data:
                            group.roles.color = form.cleaned_data['color']
                        group.save()
                        log = Log(jobid_id=0,
                                  logtext='Role modified: %s by %s' %
                                  (rolename, request.user.username))
                        log.save()
                    messages.success(request,
                                     'Role "%s" updated.' % group.name,
                                     extra_tags="Success")
            else:
                messages.error(request,
                               "Cannot validate a form: %s" % form.errors,
                               extra_tags='Error')
    return redirect('rolesdefined')
Beispiel #12
0
def edit(request, username):
    user = get_object_or_404(User, username=username)
    usertypeslist = getusertypeslist(request)
    if request.method == 'GET':
        backurl = request.GET.get('b', None)
        data = makeinitailadata(user, backurl)
        form = UserForm(departments=[], initial=data, usertypes=usertypeslist)
        form.fields['username'].disabled = True
        if user.is_superuser and user.is_staff:
            form.fields['departments'].disabled = True
        context = {
            'contentheader': 'Users',
            'apppath': ['Users', 'Edit', username],
            'form': form,
            'userstatusdisplay': 1,
            'User': user
        }
        updateMenuNumbers(request, context)
        return render(request, 'users/edit.html', context)
    else:
        # print request.POST
        cancel = request.POST.get('cancel', 0)
        backurl = request.POST.get('backurl')
        if backurl is None or backurl == '':
            backurl = reverse('usersdefined')
        if not cancel:
            data = makeinitailadata(user, backurl)
            post = request.POST.copy()
            post['username'] = username
            if user.username == ' admin':
                post['usertype'] = 'super'
            form = UserForm(data=post,
                            departments=[],
                            initial=data,
                            usertypes=usertypeslist)
            if form.is_valid():
                if form.has_changed():
                    with transaction.atomic():
                        if 'firstname' in form.changed_data:
                            firstname = form.cleaned_data['firstname']
                            # Ugly hack for limiting database varchar(30)
                            firstnamelen = len(firstname.encode('UTF-8'))
                            if firstnamelen > 30:
                                firstname = firstname[:(30 - firstnamelen) / 2]
                            user.first_name = firstname
                        if 'lastname' in form.changed_data:
                            lastname = form.cleaned_data['lastname']
                            # Ugly hack for limiting database varchar(30)
                            lastnamelen = len(lastname.encode('UTF-8'))
                            if lastnamelen > 30:
                                lastname = lastname[:(30 - lastnamelen) / 2]
                            user.last_name = lastname
                        if 'email' in form.changed_data:
                            user.email = form.cleaned_data['email']
                        if 'usertype' in form.changed_data and user.username != 'admin':
                            usertype = form.cleaned_data['usertype']
                            if usertype == 'std':
                                user.is_staff = False
                                user.is_superuser = False
                            elif usertype == 'admin':
                                user.is_staff = False
                                user.is_superuser = True
                            elif usertype == 'super':
                                user.is_staff = True
                                user.is_superuser = True
                                user.profile.departments.clear()
                                user.groups.clear()
                        if 'password' in form.changed_data:
                            user.set_password(form.cleaned_data['password'])
                        user.save()
                        log = Log(jobid_id=0,
                                  logtext='User modification: ' + username +
                                  ' by ' + request.user.username)
                        log.save()
            else:
                messages.error(request,
                               "Cannot validate a form: %s" % form.errors,
                               extra_tags='Error')
    return redirect(backurl)
Beispiel #13
0
def adduser(request):
    departments = getUserDepartmentsList(request, default=False)
    roles = getRolesList()
    usertypeslist = getusertypeslist(request)
    if request.method == 'GET':
        form = UserForm(departments=departments,
                        roles=roles,
                        usertypes=usertypeslist)
        # When add a User it should have a password
        form.fields['password'].required = True
        # admin should provide departments when in departments
        if not userissuperuser(request) and getDepartmentssnr(request) > 0:
            form.fields['departments'].required = True
        form.fields['password'].required = True
        context = {
            'contentheader': 'Users',
            'apppath': ['Users', 'Add'],
            'form': form
        }
        updateMenuNumbers(request, context)
        return render(request, 'users/add.html', context)
    else:
        # print request.POST
        add = request.POST.get('add', 0)
        cancel = request.POST.get('cancel', 0)
        if add and not cancel:
            form = UserForm(data=request.POST,
                            departments=departments,
                            roles=roles,
                            usertypes=usertypeslist)
            # When add a User it should have a password
            form.fields['password'].required = True
            # admin should provide departments when in departments
            if not userissuperuser(request) and getDepartmentssnr(request) > 0:
                form.fields['departments'].required = True
            if form.is_valid():
                username = form.cleaned_data['username']
                # Ugly hack for limiting database varchar(150)
                usernamelen = len(username.encode('UTF-8'))
                if usernamelen > 150:
                    username = username[:(150 - usernamelen) / 2]
                firstname = form.cleaned_data['firstname']
                lastname = form.cleaned_data['lastname']
                # Ugly hack for limiting database varchar(30)
                firstnamelen = len(firstname.encode('UTF-8'))
                if firstnamelen > 30:
                    firstname = firstname[:(30 - firstnamelen) / 2]
                lastnamelen = len(lastname.encode('UTF-8'))
                if lastnamelen > 30:
                    lastname = lastname[:(30 - lastnamelen) / 2]
                email = form.cleaned_data['email']
                usertype = form.cleaned_data['usertype']
                depart = form.cleaned_data['departments']
                uroles = form.cleaned_data['roles']
                password = form.cleaned_data['password']
                # [u'adm', u'finacc', u'it']
                # create User
                with transaction.atomic():
                    user = User.objects.create_user(username=username,
                                                    email=email,
                                                    password=password)
                    user.first_name = firstname
                    user.last_name = lastname
                    if usertype == 'admin':
                        user.is_superuser = True
                        user.is_staff = False
                    elif usertype == 'super':
                        user.is_staff = True
                        user.is_superuser = True
                    user.save()
                    query = Departments.objects.filter(shortname__in=depart)
                    for dep in query:
                        user.profile.departments.add(dep)
                    query = Group.objects.filter(name__in=uroles)
                    for group in query:
                        user.groups.add(group)
                    log = Log(jobid_id=0,
                              logtext='Create user: '******' by ' +
                              request.user.username)
                    log.save()
            else:
                messages.error(request,
                               "Cannot validate a form: %s" % form.errors,
                               extra_tags='Error')
    return redirect('usersdefined')