Exemple #1
0
def billing_month(request, year, month):
    # Check if the request.user is authorised to do so: member of the uis-finance or UIS Information Systems groups
    if not user_in_groups(request.user, [
            get_or_create_group_by_groupid("101923"),
            get_or_create_group_by_groupid("101888")
    ]):
        return HttpResponseForbidden()

    month = int(month)
    year = int(year)

    if not (1 <= month <= 12):
        return HttpResponseForbidden()

    if month == 1:
        inidate = date(year - 1, 12, 1)
    else:
        inidate = date(year, month - 1, 1)

    return render(
        request, 'api/finance_month.html', {
            'new_sites_billing':
            Billing.objects.filter(site__start_date__month=inidate.month,
                                   site__start_date__year=inidate.year,
                                   site__deleted=False),
            'renewal_sites_billing':
            Billing.objects.filter(site__start_date__month=month,
                                   site__start_date__lt=date(year, 1, 1),
                                   site__deleted=False),
            'year':
            year,
            'month':
            month,
        })
Exemple #2
0
def billing_total(request):
    # Check if the request.user is authorised to do so: member of the uis-finance or UIS Information Systems groups
    if not user_in_groups(request.user,
                          [get_or_create_group_by_groupid("101923"), get_or_create_group_by_groupid("101888")]):
        return HttpResponseForbidden()

    return render(request, 'api/finance_total.html', {
        'billings': Billing.objects.filter(site__deleted=False),
    })
Exemple #3
0
def validate_groupids(groupids_text):
    """ Validates the list of authorsied users from input
        :param groupids_text: list of groupids from the form
    """

    groups = ()

    if groupids_text is None:
        return groups

    groupids = groupids_text.split(',')

    if len(groupids) == 1 and groupids[0] == '':
        return groups

    groupid_re = re.compile(r'^[0-9]{1,6}$')

    for groupid in groupids:
        if groupid_re.match(groupid):
            groups += (get_or_create_group_by_groupid(int(groupid)), )
        else:
            raise ValidationError(
                "The list of groups contains an invalid group")

    return groups
Exemple #4
0
    def test_get_or_create_user_or_group(self):
        with self.assertRaises(User.DoesNotExist):
            User.objects.get(username="******")
        user1 = get_or_create_user_by_crsid("amc203")
        user2 = User.objects.get(username="******")
        self.assertEqual(user1.id, user2.id)

        with self.assertRaises(LookupGroup.DoesNotExist):
            LookupGroup.objects.get(lookup_id="101888")
        group1 = get_or_create_group_by_groupid(101888)
        group2 = LookupGroup.objects.get(lookup_id="101888")
        self.assertEqual(group1.lookup_id, group2.lookup_id)
Exemple #5
0
    def test_group_auth_change(self):
        do_test_login(self, user="******")
        amc203_user = User.objects.get(username="******")

        cluster = Cluster.objects.create(name="mws-test-1")
        Host.objects.create(hostname="mws-test-1.dev.mws3.cam.ac.uk",
                            cluster=cluster)

        NetworkConfig.objects.create(IPv4='131.111.58.253',
                                     IPv6='2001:630:212:8::8c:253',
                                     type='ipvxpub',
                                     name="mws-66424.mws3.csx.cam.ac.uk")
        NetworkConfig.objects.create(
            IPv4='172.28.18.253',
            type='ipv4priv',
            name='mws-46250.mws3.csx.private.cam.ac.uk')
        NetworkConfig.objects.create(IPv6='2001:630:212:8::8c:ff4',
                                     name='mws-client1',
                                     type='ipv6')
        NetworkConfig.objects.create(IPv6='2001:630:212:8::8c:ff3',
                                     name='mws-client2',
                                     type='ipv6')

        site_with_auth_groups = Site.objects.create(
            name="test_site2",
            start_date=datetime.today(),
            type=ServerType.objects.get(id=1))
        service_a = Service.objects.create(
            type='production',
            network_configuration=NetworkConfig.get_free_prod_service_config(),
            site=site_with_auth_groups,
            status='ready')
        VirtualMachine.objects.create(
            token=uuid.uuid4(),
            service=service_a,
            network_configuration=NetworkConfig.get_free_host_config(),
            cluster=which_cluster())
        Vhost.objects.create(name="default", service=service_a)
        information_systems_group = get_or_create_group_by_groupid(101888)
        site_with_auth_groups.groups.add(information_systems_group)

        response = self.client.get(
            reverse(views.auth_change,
                    kwargs={'site_id': site_with_auth_groups.id}))
        self.assertContains(response, "101888",
                            status_code=200)  # User is in an authorised group
        self.assertNotContains(response, 'crsid: "amc203"', status_code=200)

        self.assertEqual(len(site_with_auth_groups.users.all()), 0)
        self.assertEqual(len(site_with_auth_groups.groups.all()), 1)
        self.assertEqual(site_with_auth_groups.groups.first(),
                         information_systems_group)
        with mock.patch("apimws.ansible_impl.subprocess") as mock_subprocess:
            mock_subprocess.check_output.return_value.returncode = 0
            response = self.client.post(
                reverse(views.auth_change,
                        kwargs={'site_id': site_with_auth_groups.id}),
                {
                    'users_crsids': "amc203",
                    'groupids': "101888"
                    # we authorise amc203 user and 101888 group
                })
            mock_subprocess.check_output.assert_called_with(
                [
                    "userv", "mws-admin", "mws_ansible_host",
                    site_with_auth_groups.production_service.virtual_machines.
                    first().network_configuration.name
                ],
                stderr=mock_subprocess.STDOUT)
        self.assertRedirects(
            response, expected_url=site_with_auth_groups.get_absolute_url())
        self.assertEqual(len(site_with_auth_groups.users.all()), 1)
        self.assertEqual(site_with_auth_groups.users.first(), amc203_user)
        self.assertEqual(len(site_with_auth_groups.groups.all()), 1)
        self.assertEqual(site_with_auth_groups.groups.first(),
                         information_systems_group)

        with mock.patch("apimws.ansible_impl.subprocess") as mock_subprocess:
            mock_subprocess.check_output.return_value.returncode = 0
            # remove all users and groups authorised, we do not send any crsids or groupids
            response = self.client.post(
                reverse(views.auth_change,
                        kwargs={'site_id': site_with_auth_groups.id}), {})
            mock_subprocess.check_output.assert_called_with(
                [
                    "userv", "mws-admin", "mws_ansible_host",
                    site_with_auth_groups.production_service.virtual_machines.
                    first().network_configuration.name
                ],
                stderr=mock_subprocess.STDOUT)
        self.assertEqual(response.status_code, 302)
        self.assertTrue(
            response.url.endswith(site_with_auth_groups.get_absolute_url()))
        self.assertEqual(self.client.get(response.url).status_code,
                         403)  # User is no longer authorised
        self.assertEqual(len(site_with_auth_groups.users.all()), 0)
        self.assertEqual(len(site_with_auth_groups.groups.all()), 0)
Exemple #6
0
 def test_user_in_groups(self):
     amc203 = get_or_create_user_by_crsid("amc203")
     information_systems_group = get_or_create_group_by_groupid(101888)
     self.assertTrue(user_in_groups(amc203, [information_systems_group]))
     finance_group = get_or_create_group_by_groupid(101923)
     self.assertFalse(user_in_groups(amc203, [finance_group]))