def billing_month(request, year, month):
# Check if the request.user is authorised to do so: member of the uis-finance or UIS Information Systems groups
if not user_in_groups(request.user, [
get_or_create_group_by_groupid("101923"),
get_or_create_group_by_groupid("101888")
]):
return HttpResponseForbidden()
month = int(month)
year = int(year)
if not (1 <= month <= 12):
return HttpResponseForbidden()
if month == 1:
inidate = date(year - 1, 12, 1)
else:
inidate = date(year, month - 1, 1)
return render(
request, 'api/finance_month.html', {
'new_sites_billing':
Billing.objects.filter(site__start_date__month=inidate.month,
site__start_date__year=inidate.year,
site__deleted=False),
'renewal_sites_billing':
Billing.objects.filter(site__start_date__month=month,
site__start_date__lt=date(year, 1, 1),
site__deleted=False),
'year':
year,
'month':
month,
})
def billing_total(request):
# Check if the request.user is authorised to do so: member of the uis-finance or UIS Information Systems groups
if not user_in_groups(request.user,
[get_or_create_group_by_groupid("101923"), get_or_create_group_by_groupid("101888")]):
return HttpResponseForbidden()
return render(request, 'api/finance_total.html', {
'billings': Billing.objects.filter(site__deleted=False),
})
def privileges_check(site_id, user):
from sitesmanagement.models import Site
site = get_object_or_404(Site, pk=site_id)
# If the user is not in the user auth list of the site and neither belongs to a group in the group auth list or
# the site is disabled or canceled return None
try:
if not user.is_superuser and (site not in user.sites.all() and not user_in_groups(user, site.groups.all())) or \
(site.is_canceled() or site.is_disabled()):
return None
except Exception:
return None
return site
def dispatch(self, request, *args, **kwargs):
site = self.get_object()
# If the user is not in the user auth list of the site and neither belongs to a group in the group auth list or
# the site is disabled or canceled return None
try:
if not request.user.is_superuser and \
(site not in request.user.sites.all() and not user_in_groups(request.user, site.groups.all())) or \
(site.is_canceled() or site.is_disabled() or site.production_service is None):
return HttpResponseForbidden()
except Exception:
return HttpResponseForbidden()
return super(SitePriviledgeCheck, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
service = get_object_or_404(Service, pk=self.kwargs['service_id'])
site = service.site
self.site = site
self.service = service
# If the user is not in the user auth list of the site and neither belongs to a group in the group auth list or
# the site is disabled or canceled return None
try:
if not request.user.is_superuser and \
(site not in request.user.sites.all() and not user_in_groups(request.user, site.groups.all())) or \
(site.is_canceled() or site.is_disabled()):
return HttpResponseForbidden()
except Exception:
return HttpResponseForbidden()
if not service or not service.active or service.is_busy:
return redirect(site)
return super(ServicePriviledgeCheck,
self).dispatch(request, *args, **kwargs)
def site_enable(request, site_id):
"""View(Controller) to reenable a Site object. The VMs are switched on."""
site = get_object_or_404(Site, pk=site_id)
try:
if not request.user.is_superuser and \
(site not in request.user.sites.all() and not user_in_groups(request.user, site.groups.all())) \
or site.is_admin_suspended() or site.is_canceled():
return HttpResponseForbidden()
except Exception:
return HttpResponseForbidden()
if request.method == 'POST':
if site.enable():
if request.user.is_superuser:
return render(request, 'mws/admin/search.html', {'results': [site]})
else:
return redirect(site)
return redirect(reverse('listsites'))
def test_user_in_groups(self):
amc203 = get_or_create_user_by_crsid("amc203")
information_systems_group = get_or_create_group_by_groupid(101888)
self.assertTrue(user_in_groups(amc203, [information_systems_group]))
finance_group = get_or_create_group_by_groupid(101923)
self.assertFalse(user_in_groups(amc203, [finance_group]))