from nodeconductor.core.permissions import StaffPermissionLogic
PERMISSION_LOGICS = (
('cost_tracking.PriceEstimate', StaffPermissionLogic(any_permission=True)),
('cost_tracking.PriceListItem', StaffPermissionLogic(any_permission=True)),
('cost_tracking.DefaultPriceListItem',
StaffPermissionLogic(any_permission=True)),
)
any_permission=True,
)),
('openstack.SecurityGroupRule',
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
'security_group__service_project_link__service__customer__roles__permission_group__user',
'security_group__service_project_link__project__roles__permission_group__user',
'security_group__service_project_link__project__project_groups__roles__permission_group__user',
],
collaborators_filter=[
{
'security_group__service_project_link__service__customer__roles__role_type':
structure_models.CustomerRole.OWNER
},
{
'security_group__service_project_link__project__roles__role_type':
structure_models.ProjectRole.ADMINISTRATOR
},
{
'security_group__service_project_link__project__project_groups__roles__permission_group__user':
structure_models.ProjectGroupRole.MANAGER
},
],
any_permission=True,
)),
('openstack.Instance', structure_perms.resource_permission_logic),
('openstack.Flavor', StaffPermissionLogic(any_permission=True)),
('openstack.Image', StaffPermissionLogic(any_permission=True)),
('openstack.FloatingIP', StaffPermissionLogic(any_permission=True)),
)
('oracle.OracleService',
FilteredCollaboratorsPermissionLogic(
collaborators_query='customer__roles__permission_group__user',
collaborators_filter={
'customer__roles__role_type': structure_models.CustomerRole.OWNER,
},
any_permission=True,
)),
('oracle.OracleServiceProjectLink',
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
'service__customer__roles__permission_group__user',
'project__project_groups__roles__permission_group__user',
],
collaborators_filter=[
{
'service__customer__roles__role_type':
structure_models.CustomerRole.OWNER
},
{
'project__project_groups__roles__role_type':
structure_models.ProjectGroupRole.MANAGER
},
],
any_permission=True,
)),
('oracle.Database', structure_perms.resource_permission_logic),
('oracle.Zone', StaffPermissionLogic(any_permission=True)),
('oracle.Template', StaffPermissionLogic(any_permission=True)),
)
PERMISSION_LOGICS = (
('iaas.Instance',
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
'cloud_project_membership__project__roles__permission_group__user',
'cloud_project_membership__project__customer__roles__permission_group__user',
],
collaborators_filter={
'cloud_project_membership__project__roles__role_type':
structure_models.ProjectRole.ADMINISTRATOR,
'cloud_project_membership__project__customer__roles__role_type':
structure_models.CustomerRole.OWNER,
},
any_permission=True,
)),
('iaas.Template', StaffPermissionLogic(any_permission=True)),
('iaas.TemplateMapping', StaffPermissionLogic(any_permission=True)),
('iaas.Image', StaffPermissionLogic(any_permission=True)),
('iaas.TemplateLicense', StaffPermissionLogic(any_permission=True)),
('iaas.InstanceSlaHistory', StaffPermissionLogic(any_permission=True)),
('iaas.Cloud',
FilteredCollaboratorsPermissionLogic(
collaborators_query='customer__roles__permission_group__user',
collaborators_filter={
'customer__roles__role_type': structure_models.CustomerRole.OWNER,
},
any_permission=True,
)),
('iaas.CloudProjectMembership',
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
from nodeconductor.core.permissions import StaffPermissionLogic
from nodeconductor.structure import perms as structure_perms
from ..saltstack.perms import property_permission_logic
PERMISSION_LOGICS = (
('sharepoint.SharepointTenant', structure_perms.resource_permission_logic),
('sharepoint.Template', StaffPermissionLogic(any_permission=True)),
('sharepoint.User', property_permission_logic),
('sharepoint.SiteCollection', property_permission_logic),
)
from django.conf import settings
from django.contrib.auth import get_user_model
from nodeconductor.core.permissions import StaffPermissionLogic, FilteredCollaboratorsPermissionLogic
from nodeconductor.structure.models import CustomerRole, ProjectRole, ProjectGroupRole
User = get_user_model()
PERMISSION_LOGICS = (
('structure.Customer', StaffPermissionLogic(any_permission=True)),
('structure.Project',
FilteredCollaboratorsPermissionLogic(
collaborators_query='customer__roles__permission_group__user',
collaborators_filter={
'roles__role_type': CustomerRole.OWNER,
},
any_permission=True,
)),
('structure.ProjectGroup', StaffPermissionLogic(any_permission=True)),
(
User.groups.through,
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
# project
'group__projectrole__project__roles__permission_group__user',
'group__projectrole__project__project_groups__roles__permission_group__user',
'group__projectrole__project__customer__roles__permission_group__user',
# customer
'group__customerrole__customer__roles__permission_group__user',
# project_group
'group__projectgrouprole__project_group__customer__roles__permission_group__user',
collaborators_query='customer__roles__permission_group__user',
collaborators_filter={
'customer__roles__role_type': structure_models.CustomerRole.OWNER,
},
any_permission=True,
)),
('nodeconductor_zabbix.ZabbixServiceProjectLink',
FilteredCollaboratorsPermissionLogic(
collaborators_query=[
'service__customer__roles__permission_group__user',
'project__project_groups__roles__permission_group__user',
],
collaborators_filter=[
{
'service__customer__roles__role_type':
structure_models.CustomerRole.OWNER
},
{
'project__project_groups__roles__role_type':
structure_models.ProjectGroupRole.MANAGER
},
],
any_permission=True,
)),
('nodeconductor_zabbix.Host', structure_perms.resource_permission_logic),
('nodeconductor_zabbix.SlaHistory',
StaffPermissionLogic(any_permission=True)),
('nodeconductor_zabbix.SlaHistoryEvent',
StaffPermissionLogic(any_permission=True)),
)
from nodeconductor.core.permissions import StaffPermissionLogic
PERMISSION_LOGICS = (
('template.TemplateGroup', StaffPermissionLogic(any_permission=True)),
('template.Template', StaffPermissionLogic(any_permission=True)),
)
from django.contrib.auth import get_user_model
from rest_framework.authtoken.models import Token
from nodeconductor.core.permissions import StaffPermissionLogic
User = get_user_model()
PERMISSION_LOGICS = (
(get_user_model(), StaffPermissionLogic(any_permission=True)),
(Token, StaffPermissionLogic(any_permission=True)),
('core.SshPublicKey', StaffPermissionLogic(any_permission=True)),
)
from nodeconductor.core.permissions import StaffPermissionLogic
PERMISSION_LOGICS = (
('logging.Alert', StaffPermissionLogic(any_permission=True)),
)
from nodeconductor.core.permissions import StaffPermissionLogic
PERMISSION_LOGICS = (
('backup.BackupSchedule', StaffPermissionLogic(any_permission=True)),
('backup.Backup', StaffPermissionLogic(any_permission=True)),
)