def deactivatevolume(request, volume_id): session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) if request.method == "POST": form = libforms.Password(request.POST) if not form.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumesettings', vol.volume_id) # Check password hash hash_check = Volume.generate_password_hash( form.cleaned_data['password'], vol.volume_secret_salt) if hash_check != vol.volume_secret_salted_hash: session['message'] = "Incorrect password." return redirect('django_volume.views.volumesettings', vol.volume_id) fields = {'active': False} db.update_volume(vol.volume_id, **fields) session['new_change'] = "We've deactivated your volume." session['next_url'] = '/syn/volume/' + str(vol.volume_id) session['next_message'] = "Click here to go back to your volume." return redirect('/syn/thanks') return redirect("/syn/volume/" + str(vol.volume_id))
def ug_wrapper(request, g_id): if not request.POST: return redirect('django_ug.views.viewgateway', g_id=g_id) session = request.session username = session['login_email'] try: g = db.read_user_gateway(g_id) if not g: raise Exception("No gateway exists.") except Exception as e: logging.error("Error reading gateway %s : Exception: %s" % (g_id, e)) message = "No user gateway by the name of %s exists." % g_id t = loader.get_template( "gateway_templates/viewgateway_failure.html") c = Context({'message': message, 'username': username}) return HttpResponse(t.render(c)) form = libforms.Password(request.POST) if not form.is_valid(): session['message'] = "Password required." return redirect(redirect_view, g_id) # Check password hash if not UG.authenticate(g, form.cleaned_data['password']): session['message'] = "Incorrect password." return redirect(redirect_view, g_id) return f(request, g_id)
def viewgateway(request, g_id=0): ''' The view for viewing and changing any of the main settings on any UG. Passes forms for changing different settings, and the volumes attached to the gateway. ''' session = request.session username = session['login_email'] message = session.pop('message', "") g_id = int(g_id) g = db.read_user_gateway(g_id) if not g: logging.error("Error reading gateway %d : Does note exist" % g_id) message = "No user gateway with the ID %d exists." % g_id t = loader.get_template("gateway_templates/viewgateway_failure.html") c = Context({'message': message, 'username': username}) return HttpResponse(t.render(c)) # Create necessary forms location_form = gatewayforms.ModifyGatewayLocation(initial={ 'host': g.host, 'port': g.port }) change_form = gatewayforms.ChangeVolume() password_form = libforms.Password() change_password_form = libforms.ChangePassword() vol = db.read_volume(g.volume_id) if not vol: vol = None owner = None """ if g.volume_id != 0: logging.error("Volume ID %s in gateways volume_ids does not map to volume. Gateway: %s" % (g.volume_id, g_id)) return redirect('django_ug.views.allgateways') else: vol = None owner = None """ else: attrs = {"SyndicateUser.owner_id ==": vol.owner_id} owner = db.get_user(attrs) logging.info(owner) logging.info(vol.owner_id) t = loader.get_template("gateway_templates/viewusergateway.html") c = RequestContext( request, { 'username': username, 'gateway': g, 'message': message, 'vol': vol, 'owner': owner, 'location_form': location_form, 'change_form': change_form, 'password_form': password_form, 'change_password_form': change_password_form }) return HttpResponse(t.render(c))
def changedesc(request, volume_id): session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) if request.method != "POST": return redirect('/syn/volume/' + str(vol.volume_id) + '/settings') form = libforms.Password(request.POST) desc_form = forms.ChangeVolumeD(request.POST) old_data = {} if not form.is_valid(): session['message'] = "Password required." desc_form.is_valid() if desc_form.errors: session['old_data' + str(volume_id)] = "" else: session['old_data' + str(volume_id)] = desc_form.cleaned_data['description'] return redirect('django_volume.views.volumesettings', volume_id) # Check password hash hash_check = Volume.generate_password_hash(form.cleaned_data['password'], vol.volume_secret_salt) if hash_check != vol.volume_secret_salted_hash: session['message'] = "Incorrect password." desc_form.is_valid() if desc_form.errors: session['old_data' + str(volume_id)] = "" else: session['old_data' + str(volume_id)] = desc_form.cleaned_data['description'] return redirect('django_volume.views.volumesettings', volume_id) if not desc_form.is_valid(): session['message'] = "Invalid description field entries." return redirect('django_volume.views.volumesettings', volume_id) kwargs = {} if desc_form.cleaned_data['description']: kwargs['description'] = desc_form.cleaned_data['description'] db.update_volume(vol.volume_id, **kwargs) session.pop('old_data' + str(volume_id), None) session['new_change'] = "We've changed your volume description." session['next_url'] = '/syn/volume/' + str(vol.volume_id) session['next_message'] = "Click here to go back to your volume." return redirect('/syn/thanks')
def viewgateway(request, g_id=0): ''' The view for viewing and changing any of the main settings on any AG. Passes forms for changing different settings, and the volumes attached to the gateway. ''' session = request.session username = session['login_email'] g_id = int(g_id) # Check for passed error messages or inital data from session-state. message = session.pop('message', "") ag_initial_data = session.get('ag_initial_data' + str(g_id), []) # Make sure this gateway actually exists. g = db.read_acquisition_gateway(g_id) if not g: logging.error("Error reading gateway %s : Does not exist." % (g_id)) message = "No acquisition gateway with the ID %s exists." % g_id t = loader.get_template("gateway_templates/viewgateway_failure.html") c = Context({'message': message, 'username': username}) return HttpResponse(t.render(c)) # Create forms for changing location, adding volumes, # changing password, getting password, and changing config location_form = gatewayforms.ModifyGatewayLocation(initial={ 'host': g.host, 'port': g.port }) add_form = gatewayforms.GatewayAddVolume() json_form = gatewayforms.ModifyGatewayConfig() password_form = libforms.Password() change_password_form = libforms.ChangePassword() # Get all attached volumes and their respective owners owners = [] vols = [] for v_id in g.volume_ids: vol = db.read_volume(v_id) if not vol: logging.error( "Volume ID in gateways volume_ids does not map to volume. Gateway: %s" % g_name) else: vols.append(vol) attrs = {"SyndicateUser.owner_id ==": vol.owner_id} owners.append(db.get_user(attrs)) vol_owners = zip(vols, owners) # Create formatted data based on vols for the formset, if not passed in state. if not ag_initial_data: for v in vols: ag_initial_data.append({'volume_name': v.name, 'remove': False}) session['ag_initial_data' + str(g_id)] = ag_initial_data VolumeFormSet = formset_factory(gatewayforms.GatewayRemoveVolume, extra=0) if ag_initial_data: formset = VolumeFormSet(initial=ag_initial_data) else: formset = None t = loader.get_template("gateway_templates/viewacquisitiongateway.html") c = RequestContext( request, { 'username': username, 'gateway': g, 'message': message, 'vol_owners': vol_owners, 'location_form': location_form, 'add_form': add_form, 'json_form': json_form, 'remove_forms': formset, 'password_form': password_form, 'change_password_form': change_password_form }) return HttpResponse(t.render(c))
def addpermissions(request, volume_id): ''' This handler allows adding users to volumes so they can have either read access or read and write access. ''' session = request.session username = session['login_email'] if request.method != "POST": return redirect('syn/volume/' + str(vol.volume_id) + '/permissions') else: vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) addform = forms.AddPermissions(request.POST) passwordform = libforms.Password(request.POST) if not passwordform.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: # Check password hash if vol.volume_secret_salted_hash != Volume.generate_password_hash( passwordform.cleaned_data['password'], vol.volume_secret_salt): session['message'] = "Incorrect password" return redirect('django_volume.views.volumepermissions', vol.volume_id) if not addform.is_valid(): session[ 'message'] = "Incorrect entry fields: likely invalid email address." return redirect('django_volume.views.volumepermissions', vol.volume_id) # Ok to update else: new_username = addform.cleaned_data['user'] read = addform.cleaned_data['read'] write = addform.cleaned_data['write'] for data in session['initial_perms' + str(volume_id)]: if data['user'] == new_username: session['message'] = "User already has rights for volume." return redirect('django_volume.views.volumepermissions', vol.volume_id) new_user = db.read_user(new_username) if not new_user: session[ 'message'] = "No Syndicate user with the email {} exists.".format( new_username) return redirect('django_volume.views.volumepermissions', vol.volume_id) if vol.owner_id == new_user.owner_id: session['message'] = "You already own this volume." return redirect('django_volume.views.volumepermissions', vol.volume_id) if write: if read: new_volumes_rw = new_user.volumes_rw + [vol.volume_id] fields = {'volumes_rw': new_volumes_rw} db.update_user(new_username, **fields) else: session[ 'message'] = "Write permissions require read permissions as well." return redirect('django_volume.views.volumepermissions', vol.volume_id) elif read: new_volumes_r = new_user.volumes_r + [vol.volume_id] fields = {'volumes_r': new_volumes_r} db.update_user(new_username, **fields) # Clear out old permissions data. session.pop('initial_perms' + str(volume_id), None) session['new_change'] = "We've saved a new user to your volume." session['next_url'] = '/syn/volume/' + str( vol.volume_id) + '/permissions' session[ 'next_message'] = "Click here to see your volumes permissions." return redirect('/syn/thanks')
def volumesettings(request, volume_id): ''' old_data is for keeping state while changing the description when the password is wrong, no password is entered, etc. initial_data is for keeping state of the gateways when mistakes are made etc. ''' session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) message = session.pop('message', "") initial_data_ag = session.get('volume_initial_ags' + str(volume_id), None) initial_data_rg = session.get('volume_initial_rgs' + str(volume_id), None) old_data = session.get('old_data' + str(volume_id), None) if not initial_data_ag: initial_data_ag = [] ags = db.list_acquisition_gateways_by_volume(vol.volume_id) for g in ags: initial_data_ag.append({'g_name': g.ms_username, 'remove': False}) session['volume_initial_ags' + str(volume_id)] = initial_data_ag if not initial_data_rg: initial_data_rg = [] rgs = db.list_replica_gateways_by_volume(vol.volume_id) for g in rgs: initial_data_rg.append({'g_name': g.ms_username, 'remove': False}) session['volume_initial_rgs' + str(volume_id)] = initial_data_rg if old_data: desc_form = forms.ChangeVolumeD(initial={'description': old_data}) else: desc_form = forms.ChangeVolumeD( initial={'description': vol.description}) pass_form = libforms.ChangePassword() password = libforms.Password() GatewayFormset = formset_factory(forms.Gateway, extra=0) if initial_data_rg: rg_form = GatewayFormset(initial=initial_data_rg) else: rg_form = None if initial_data_ag: ag_form = GatewayFormset(initial=initial_data_ag) else: ag_form = None t = loader.get_template('volumesettings.html') c = RequestContext( request, { 'username': username, 'volume': vol, 'desc_form': desc_form, 'pass_form': pass_form, 'password': password, 'message': message, 'ag_form': ag_form, 'rg_form': rg_form, }) return HttpResponse(t.render(c))
def changegateways_rg(request, volume_id): session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) @transactional(xg=True) def update(v_id, gnames, vfields, gfields): db.update_volume(v_id, **vfields) for g, gfield in zip(gnames, gfields): db.update_replica_gateway(g, **gfield) session.pop('volume_initial_rgs' + str(volume_id), None) # make sure this variable exists, i.e. they came from the settings page. if not 'volume_initial_rgs' + str(volume_id) in session: return redirect("django_volume.views.volumesettings", volume_id) if request.POST: passwordform = libforms.Password(request.POST) if not passwordform.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumesettings', volume_id) else: hash_check = Volume.generate_password_hash( passwordform.cleaned_data['password'], vol.volume_secret_salt) if hash_check != vol.volume_secret_salted_hash: session['message'] = "Incorrect password." return redirect('django_volume.views.volumesettings', volume_id) GatewayFormset = formset_factory(forms.Gateway, extra=0) formset = GatewayFormset(request.POST) formset.is_valid() remove_gateways = [] remove_gateway_names = [] remove_gateway_ids = [] for data, form in zip(session['volume_initial_rgs' + str(volume_id)], formset.forms): if form.cleaned_data['remove']: g = db.read_replica_gateway(data['g_name']) remove_gateways.append(g) remove_gateway_names.append(data['g_name']) remove_gateway_ids.append(g.rg_id) if not remove_gateways: return redirect('django_volume.views.volumesettings', volume_id) new_rgs = list(set(vol.rg_ids) - set(remove_gateway_ids)) vfields = {'rg_ids': new_rgs} gfields = [] for g in remove_gateways: new_vol_ids = g.volume_ids new_vol_ids.remove(vol.volume_id) gfields.append({"volume_ids": new_vol_ids}) try: update(vol.volume_id, remove_gateway_names, vfields, gfields) except Exception as e: session['message'] = "Unable to update volume or RG's." return redirect('django_volume.views.volumesettings', volume_id) session['new_change'] = "We've updated your volume." session['next_url'] = '/syn/volume/' + str(vol.volume_id) + '/settings' session['next_message'] = "Click here to go back to your volume." return redirect('/syn/thanks') else: return redirect('django_volume.views.volumesettings', volume_id=vol.volume_id)
def changepermissions(request, volume_id): ''' This view handles modification or removal of rights to the volume for users who already had some rights. ''' session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) PermissionFormSet = formset_factory(forms.Permissions, extra=0) if request.method != "POST": return redirect('/syn/volume/' + str(vol.volume_id) + '/permissions') else: passwordform = libforms.Password(request.POST) formset = PermissionFormSet(request.POST) if not passwordform.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: # Check password hash if vol.volume_secret_salted_hash != Volume.generate_password_hash( passwordform.cleaned_data['password'], vol.volume_secret_salt): session['message'] = "Incorrect password" return redirect('django_volume.views.volumepermissions', vol.volume_id) if not formset.is_valid(): session['message'] = "Invalid field entries." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: initial_and_forms = zip(session['initial_perms' + str(volume_id)], formset.forms) for data, form in initial_and_forms: check_username = data['user'] check_read = form.cleaned_data['read'] check_write = form.cleaned_data['write'] check_user = db.read_user(check_username) if check_write and not check_read: session[ 'message'] = "Write permissions require read permissions as well." return redirect('django_volume.views.volumepermissions', vol.volume_id) if data['write']: if check_write: continue elif check_read: # Give read, take away write new_volumes_r = check_user.volumes_r + [vol.volume_id] new_volumes_rw = check_user.volumes_rw.remove( vol.volume_id) if not new_volumes_rw: new_volumes_rw = [] fields = { 'volumes_r': new_volumes_r, 'volumes_rw': new_volumes_rw } db.update_user(check_username, **fields) else: # change to no permissions new_volumes_rw = check_user.volumes_rw.remove( vol.volume_id) if not new_volumes_rw: new_volumes_rw = [] fields = {'volumes_rw': new_volumes_rw} db.update_user(check_username, **fields) elif data['read']: if check_write: # Give write, take away read new_volumes_r = check_user.volumes_r.remove( vol.volume_id) new_volumes_rw = check_user.volumes_rw + [ vol.volume_id ] if not new_volumes_r: new_volumes_r = [] fields = { 'volumes_r': new_volumes_r, 'volumes_rw': new_volumes_rw } db.update_user(check_username, **fields) elif check_read: continue else: # change to no permissions new_volumes_r = check_user.volumes_r.remove( vol.volume_id) if not new_volumes_r: new_volumes_r = [] fields = {'volumes_r': new_volumes_r} db.update_user(check_username, **fields) # Clear out stale data. session.pop("initial_perms" + str(volume_id), None) session['new_change'] = "We've saved your new permissions." session['next_url'] = '/syn/volume/' + str( vol.volume_id) + '/permissions' session[ 'next_message'] = "Click here to see your volumes permissions." return redirect('/syn/thanks')