def add_record_link(self): authorised = get_current_user().has_perm( 'powerdns.change_domain', self ) return '<a href="{}">{}</a>'.format( self.add_record_url(authorised), ('Add record' if authorised else 'Request record') )
def handle_pre_delete(sender, instance, **kwargs): if instance.__module__ in ['customauth.models', 'area.models', 'doc.models']: evt = SystemEvent(); evt.entity = instance.__class__.__name__ evt.operation = 'DELETE' evt.snapshot = serializers.serialize("json", [instance, ]) evt.error = False evt.user = get_current_user() evt.save()
def send_notification_for_model(instance): ServiceEnvironment = instance._meta.get_field('service_env').related_model old_service_env_id = instance._previous_state['service_env_id'] new_service_env_id = instance.service_env_id if old_service_env_id and old_service_env_id != new_service_env_id: logger.info('Sending mail notification for {}'.format(instance), extra={ 'type': 'SEND_MAIL_NOTIFICATION_FOR_MODEL', 'instance_id': instance.id, 'content_type': instance.content_type.name, 'notification_type': 'service_change', }) old_service_env = ServiceEnvironment.objects.get(pk=old_service_env_id) new_service_env = ServiceEnvironment.objects.get(pk=new_service_env_id) owners = [] for field in ['business_owners', 'technical_owners']: owners.extend(list(getattr(old_service_env.service, field).all())) owners.extend(list(getattr(new_service_env.service, field).all())) emails = set([owner.email for owner in owners if owner.email]) if emails: context = { 'old_service_env': old_service_env, 'new_service_env': new_service_env, 'object': instance, 'user': get_current_user(), 'settings': settings, 'object_url': urljoin(settings.RALPH_HOST_URL, instance.get_absolute_url()) } html_content = render_to_string('notifications/html/message.html', context) text_content = render_to_string('notifications/txt/message.txt', context) subject = 'Device has been assigned to Service: {} ({})'.format( new_service_env.service, instance) msg = EmailMultiAlternatives(subject, text_content, settings.EMAIL_FROM, list(emails)) msg.attach_alternative(html_content, "text/html") msg.send()
def result(self): def fmt(str_, **kwargs): return str_.format(obj=type(self)._meta.object_name.lower(), opr=operation, **kwargs) if get_current_user().has_perm(fmt('powerdns.{opr}_{obj}'), self): return '<a href={}>{}</a>'.format( reverse(fmt('admin:powerdns_{obj}_{opr}'), args=(self.pk, )), operation.capitalize()) if operation == 'delete': return '<a href="{}">Request deletion</a>'.format( reverse(fmt('admin:powerdns_deleterequest_add')) + '?target_id={}&content_type={}'.format( self.pk, ContentType.objects.get_for_model(type(self)).pk, )) return '<a href="{}">Request change</a>'.format( reverse(fmt('admin:powerdns_{obj}request_add')) + '?{}={}'.format(type(self)._meta.object_name.lower(), self.pk))
def __call__(self, domain_name): """Validates if a not authorised user tries to subdomain a domain she can't edit""" user = get_current_user() if rules.is_superuser(user): return domain_name domain_bits = domain_name.split('.') for i in range(-len(domain_bits), 0): super_domain = '.'.join(domain_bits[i:]) try: super_domain = Domain.objects.get(name=super_domain) except Domain.DoesNotExist: continue if can_edit(user, super_domain): # ALLOW - this user owns a superdomain return domain_name else: # DENY - this user doesn't own a superdomain raise ValidationError( "You don't have a permission to create a subdomain in {}". format(super_domain)) # Fallthrough - ALLOW - we don't manage any superdomain return domain_name
def result(self): def fmt(str_, **kwargs): return str_.format( obj=type(self)._meta.object_name.lower(), opr=operation, **kwargs ) if get_current_user().has_perm( fmt('powerdns.{opr}_{obj}'), self ): return '<a href={}>{}</a>'.format( reverse( fmt('admin:powerdns_{obj}_{opr}'), args=(self.pk,) ), operation.capitalize() ) if operation == 'delete': return '<a href="{}">Request deletion</a>'.format( reverse( fmt('admin:powerdns_deleterequest_add') ) + '?target_id={}&content_type={}'.format( self.pk, ContentType.objects.get_for_model(type(self)).pk, ) ) return '<a href="{}">Request change</a>'.format( reverse( fmt('admin:powerdns_{obj}request_add') ) + '?{}={}'.format( type(self)._meta.object_name.lower(), self.pk ) )
def __call__(self, domain_name): """Validates if a not authorised user tries to subdomain a domain she can't edit""" user = get_current_user() if rules.is_superuser(user): return domain_name domain_bits = domain_name.split('.') for i in range(-len(domain_bits), 0): super_domain = '.'.join(domain_bits[i:]) try: super_domain = Domain.objects.get(name=super_domain) except Domain.DoesNotExist: continue if can_edit(user, super_domain): # ALLOW - this user owns a superdomain return domain_name else: # DENY - this user doesn't own a superdomain raise ValidationError( "You don't have a permission to create a subdomain in {}". format(super_domain) ) # Fallthrough - ALLOW - we don't manage any superdomain return domain_name
def __call__(self, object_): if not get_current_user().has_perm(self.permission, object_): raise ValidationError("You don't have permission to use this") return object_
def extra_buttons(self): perm = 'change_' + self._meta.model_name.lower() if get_current_user().has_perm(perm, self): yield (reverse(self.view, kwargs={'pk': self.pk}), 'Accept')
def clean_target(self): target = self.cleaned_data['target'] user = get_current_user() if not (user.is_superuser or is_owner(user, target)): raise ValidationError(_("You cannot authorize for this")) return target
def extra_buttons(self): authorised = get_current_user().has_perm( 'powerdns.change_domain', self ) yield (self.add_record_url(authorised), 'Add record')
def extra_buttons(self): authorised = get_current_user().has_perm('powerdns.change_domain', self) yield (self.add_record_url(authorised), 'Add record')
def add_record_link(self): authorised = get_current_user().has_perm('powerdns.change_domain', self) return '<a href="{}">{}</a>'.format( self.add_record_url(authorised), ('Add record' if authorised else 'Request record'))