def delete_user(cm_id, caller_id, user_id, group_id):
"""
Method deletes membership of a user from a specified group. Only group
leader and user-to-delete may call this.
@clmview_user
@param_post{user_id,int} id of the user to delete from group
@param_post{group_id,int} id of the managed group
"""
if caller_id != user_id:
User.is_leader(caller_id, group_id)
try:
mem = UserGroup.objects.filter(group_id__exact=group_id).filter(
user_id__exact=user_id)[0]
except:
raise CLMException('user2group_get')
for m in Message.objects.filter(user_id__exact=caller_id).filter(
code__exact='group_request'):
log.debug(caller_id, 'message params %s' % m.params)
if json.loads(m.params).get('group_id', None) == id:
log.debug(caller_id, 'delete message for group %s' % id)
m.delete()
try:
mem.delete()
except:
raise CLMException('group_delete_user')
def activate_user(cm_id, caller_id, user_id, group_id):
"""
Method activates @prm{user_id} user in group @prm{group_id}. Activated
user gains access to IsoImage-s shared by that group.
@clmview_user
@param_post{user_id,int} id of the user to activate
@param_post{group_id,int} id of the group in which user must be activated
"""
# check that the caller is leader
User.is_leader(caller_id, group_id)
try:
mem = UserGroup.objects.filter(group_id__exact=group_id).filter(user_id__exact=user_id).filter(status__exact=group_states['waiting'])[0]
except:
raise CLMException('user2group_get')
mem.status = group_states['ok']
for m in Message.objects.filter(user_id__exact=caller_id).filter(code__exact='group_request'):
if json.loads(m.params).get('group_id', None) == id:
m.delete()
try:
mem.save()
except:
raise CLMException('user_activate')
def activate_user(cm_id, caller_id, user_id, group_id):
"""
Method activates @prm{user_id} user in group @prm{group_id}. Activated
user gains access to IsoImage-s shared by that group.
@clmview_user
@param_post{user_id,int} id of the user to activate
@param_post{group_id,int} id of the group in which user must be activated
"""
# check that the caller is leader
User.is_leader(caller_id, group_id)
try:
mem = UserGroup.objects.filter(group_id__exact=group_id).filter(
user_id__exact=user_id).filter(
status__exact=group_states['waiting'])[0]
except:
raise CLMException('user2group_get')
mem.status = group_states['ok']
for m in Message.objects.filter(user_id__exact=caller_id).filter(
code__exact='group_request'):
if json.loads(m.params).get('group_id', None) == id:
m.delete()
try:
mem.save()
except:
raise CLMException('user_activate')
def delete_user(cm_id, caller_id, user_id, group_id):
"""
Method deletes membership of a user from a specified group. Only group
leader and user-to-delete may call this.
@clmview_user
@param_post{user_id,int} id of the user to delete from group
@param_post{group_id,int} id of the managed group
"""
if caller_id != user_id:
User.is_leader(caller_id, group_id)
try:
mem = UserGroup.objects.filter(group_id__exact=group_id).filter(user_id__exact=user_id)[0]
except:
raise CLMException('user2group_get')
for m in Message.objects.filter(user_id__exact=caller_id).filter(code__exact='group_request'):
log.debug(caller_id, 'message params %s' % m.params)
if json.loads(m.params).get('group_id', None) == id:
log.debug(caller_id, 'delete message for group %s' % id)
m.delete()
try:
mem.delete()
except:
raise CLMException('group_delete_user')
def activate(cm_id, caller_id, user_id, wi_data):
"""
Activates specified User. Activation may require several actions,
depending on instructions provided in CLM's config.py file.
@clmview_admin_clm
@param_post{user_id,int} id of the User to activate
@param_post{wi_data,dict} data for confirmation email
@response{list(dict)} unlocked CMs available for user
"""
user = User.get(user_id)
cms = []
for cluster in Cluster.objects.filter(state__exact=0):
resp = CM(cluster.id).send_request("guest/user/add/", new_user_id=user.id)
if resp['status'] == 'ok':
cms.append(cluster.id)
user.is_active = user_active_states['ok']
# don't overwrite activation_date
if not user.activation_date:
user.activation_date = datetime.now()
try:
user.save()
except:
raise CLMException('user_activate')
if settings.MAILER_ACTIVE:
mail.send_activation_confirmation_email(user, wi_data)
return cms
def edit(cm_id, caller_id, user_id, first=None, last=None, organization=None, email=None):
"""
@clmview_admin_clm
@param_post{user_id,int} id of the user to edit
@param_post{first,string} new firstname
@param_post{last,string} new lastname
@param_post{organization,string} new organization user belong to
@param_post{email,string} new user's email
@response{dict} edited User data after update, (User.dict() property)
"""
user = User.get(user_id)
if first:
user.first = first
if last:
user.last = last
if organization:
user.organization = organization
if email:
user.email = email
try:
user.save()
except:
raise CLMException('user_edit')
return user.dict
def edit(cm_id, caller_id, user_id, first, last, organization, email):
"""
Function for editing user's data.
@clmview_admin_clm
@parameter{id,int}
@parameter{data,dict}
\n fields:
@dictkey{user_id,int} id of the user to edit
@dictkey{first,string} new firstname
@dictkey{last,string} new lastname
@dictkey{organization,string} new organization user belong to
@dictkey{email,string} new user's email
@response{dict} user new data, fields:
@dictkey{first} new firstname
@dictkey{last} new lastname
@dictkey{organization} new organization user belong to
@dictkey{email} new user's email
"""
user = User.get(user_id)
user.first = first
user.last = last
user.organization = organization
user.email = email
try:
user.save()
except:
raise CLMException('user_edit')
return user.dict
def activate(cm_id, caller_id, user_id, wi_data):
"""
Activates User in manner specified in settings
@clmview_admin_clm
@parameter{user_id,int}
@parameter{wi_data,dict}
@response{list(dict)} unlocked CMs
"""
user = User.get(user_id)
cms = []
for cluster in Cluster.objects.filter(state__exact=0):
resp = CM(cluster.id).send_request("guest/user/add/", new_user_id=user.id)
if resp['status'] == 'ok':
cms.append(cluster.id)
user.is_active = user_active_states['ok']
# don't overwrite activation_date
if not user.activation_date:
user.activation_date = datetime.now()
try:
user.save()
except:
raise CLMException('user_activate')
if settings.MAILER_ACTIVE:
mail.send_activation_confirmation_email(user, wi_data)
return cms
def get_list(cm_id, caller_id):
"""
Returns Group.dict property of each existing Groups, supplemented by
callers membership status: @val{ok}, @val{waiting} or @val{not member}
under @val{user_status} key.
@clmview_user
@response{list(dict)} Group.dict property for each group, supplemented by
@val{user_status} key.
"""
user = User.get(caller_id)
waiting = []
ok = []
for ug in UserGroup.objects.filter(user_id__exact=user.id):
if ug.status == group_states['waiting']:
waiting.append(ug.group_id)
elif ug.status == group_states['ok']:
ok.append(ug.group_id)
groups = []
for g in Group.objects.all():
d = g.dict
if g.id in ok:
d['user_status'] = group_states['ok']
elif g.id in waiting:
d['user_status'] = group_states['waiting']
else:
d['user_status'] = group_states['not member']
groups.append(d)
return groups
def block(cm_id, caller_id, user_id, wi_data, block):
"""
@clmview_admin_clm
@parameter{wi_data,dict} fields: 'site_name'
@parameter{block,bool} whether to block or unblock.
"""
user = User.get(user_id)
if block:
if user.is_active == user_active_states['ok'] or user.is_active == user_active_states['email_confirmed']:
user.is_active = user_active_states['blocked']
else:
raise CLMException('user_state')
else:
if user.is_active == user_active_states['blocked']:
user.is_active = user_active_states['ok']
else:
raise CLMException('user_state')
try:
user.save()
except Exception:
raise CLMException('user_block' if block else 'user_unblock')
if settings.MAILER_ACTIVE:
try:
mail.send_block_email(user, block, wi_data)
except Exception, e:
log.error(caller_id, "Cannot send block/unblock email: %s" % str(e))
def set_private(cm_id, caller_id, system_image_id):
"""
@parameter{id,int} managed image's id
"""
user = User.get(caller_id)
return CM(cm_id).send_request("user/system_image/set_private/", caller_id=caller_id, system_image_id=system_image_id,
leader_groups=[g.id for g in user.own_groups])
def get_by_id(cm_id, caller_id, **data): # @todo rename for fun name consistency
"""
@parameter{id,int} managed image's id
"""
user = User.get(caller_id)
groups = list(user.group_set.filter(usergroup__status__exact=group_states['ok']).values_list('id', flat=True))
return CM(cm_id).send_request("user/system_image/get_by_id/", caller_id=caller_id, groups=groups, **data)
def create(cm_id, caller_id, name, description):
"""
Creates new Group of Users. Caller becomes its leader. He also becomes a
member of that Group with @val{ok} state.
@clmview_user
@param_post{name,string}
@param_post{description,string}
"""
user = User.get(caller_id)
# create group
group = Group()
group.leader = user
group.name = name
group.desc = description
group.save()
# create first membership
mem = UserGroup()
mem.user = user
mem.group = group
mem.status = group_states['ok']
try:
mem.save()
except:
raise CLMException('group_create')
def get_list(cm_id, caller_id):
"""
Returns Group.dict property of each existing Groups, supplemented by
callers membership status: @val{ok}, @val{waiting} or @val{not member}
under @val{user_status} key.
@clmview_user
@response{list(dict)} Group.dict property for each group, supplemented by
@val{user_status} key.
"""
user = User.get(caller_id)
waiting = []
ok = []
for ug in UserGroup.objects.filter(user_id__exact=user.id):
if ug.status == group_states['waiting']:
waiting.append(ug.group_id)
elif ug.status == group_states['ok']:
ok.append(ug.group_id)
groups = []
for g in Group.objects.all():
d = g.dict
if g.id in ok:
d['user_status'] = group_states['ok']
elif g.id in waiting:
d['user_status'] = group_states['waiting']
else:
d['user_status'] = group_states['not member']
groups.append(d)
return groups
def get_by_id(cm_id, caller_id, cm_password, user_id):
"""
@clmview_admin_cm
@clm_view_transparent{user.get_by_id()}
"""
user = User.get(user_id)
return user.dict
def create(cm_id, caller_id, **data):
"""
@clmview_user
"""
user = User.get(caller_id)
groups = list(user.group_set.filter(usergroup__status__exact=group_states['ok']).values_list('id', flat=True))
return CM(cm_id).send_request("user/farm/create/", caller_id=caller_id, groups=groups, **data)
def delete(cm_id, caller_id, group_id):
"""
Method deletes specified Group.
@clmview_user
@param_post{group_id,int} id of the Group to delete
"""
group = Group.get(group_id)
resp = CM(cm_id).send_request("user/system_image/get_list/", caller_id=caller_id, group_id=[group_id], access=image_access['group'])
if resp['status'] != 'ok':
return resp['data']
log.debug(caller_id, 'groups %s' % resp)
user = User.get(caller_id)
# set private all the system images that belong to the group
for img in resp['data']:
resp = CM(cm_id).sendRequest(cm_id, caller_id, "user/system_image/set_private/", system_image_id=img['image_id'], leader_groups=[g.group_id for g in user.own_groups])
log.debug(caller_id, 'image set private %s' % resp['data'])
if resp['status'] != 'ok':
return resp['data']
try:
group.delete()
except:
raise CLMException('group_delete')
def join_request(cm_id, caller_id, group_id):
"""
Sends request for acceptation in specified Groupfor caller. Adds caller
to members with 'waiting' state.
@clmview_user
@param_post{group_id,int} id of the Group, which caller wants to become member of
"""
group = Group.get(group_id)
user = User.get(caller_id)
mem = UserGroup()
mem.user = user
mem.group = group
mem.status = group_states['waiting']
message.info(group.leader_id,
'group_request',
params={
'first_name': user.first,
'last_name': user.last,
'group_name': group.name,
'group_id': group.id
})
try:
mem.save()
except:
raise CLMException('group_request')
def create(cm_id, caller_id, name, description):
"""
Creates new Group of Users. Caller becomes its leader. He also becomes a
member of that Group with @val{ok} state.
@clmview_user
@param_post{name,string}
@param_post{description,string}
"""
user = User.get(caller_id)
# create group
group = Group()
group.leader = user
group.name = name
group.desc = description
group.save()
# create first membership
mem = UserGroup()
mem.user = user
mem.group = group
mem.status = group_states['ok']
try:
mem.save()
except:
raise CLMException('group_create')
def get_by_id(cm_id, caller_id, cm_password, user_id):
"""
@clmview_admin_cm
@param_post{user_id,int}
@response{dict} dict property of the requested User
"""
user = User.get(user_id)
return user.dict
def create(cm_id, caller_id, **data):
"""
@clmview_user
@asrequired{src.cm.element.role.action} except for @prm{groups}.
"""
user = User.get(caller_id)
groups = list(user.group_set.filter(usergroup__status__exact=group_states['ok']).values_list('id', flat=True))
return CM(cm_id).send_request("user/vm/create/", caller_id=caller_id, groups=groups, **data)
def get_by_id(cm_id, caller_id, **data): # @todo rename for fun name consistency
"""
@clmview_user
Fun takes the same parameters as cm.user.system_image.get_by_id(), except for @prm{groups}
"""
user = User.get(caller_id)
groups = list(user.group_set.filter(usergroup__status__exact=group_states['ok']).values_list('id', flat=True))
return CM(cm_id).send_request("user/system_image/get_by_id/", caller_id=caller_id, groups=groups, **data)
def get_by_id(cm_id, caller_id, cm_password, user_id):
"""
@clmview_admin_cm
@param_post{user_id,int}
@response{dict} dict property of the requested User
"""
user = User.get(user_id)
return user.dict
def get_by_id(cm_id, caller_id, user_id):
"""
@clmview_admin_clm
@param_post{user_id,int}
@response{dict} requested User data (User.dict() property)
"""
user = User.get(user_id)
return user.dict
def get_by_id(cm_id, caller_id, user_id):
"""
@clmview_admin_clm
@parameter{cm_id,int}
@parameter{user_id,int}
@response{dict} info about user with given id
"""
user = User.get(user_id)
return user.dict
def list_own_groups(cm_id, caller_id):
"""
Method returns list of the groups caller is leader of.
@clmview_user
@response{list(dict)} dicts describing groups led by caller
"""
user = User.get(caller_id)
# returns all the groups where the user is the leader
return [g.dict for g in user.own_groups]
def list_own_groups(cm_id, caller_id):
"""
Method returns list of the groups caller is leader of.
@clmview_user
@response{list(dict)} dicts describing groups led by caller
"""
user = User.get(caller_id)
# returns all the groups where the user is the leader
return [g.dict for g in user.own_groups]
def set_private(cm_id, caller_id, system_image_id):
"""
@clmview_user
@param_post{system_image_id,int} managed image's id
"""
user = User.get(caller_id)
return CM(cm_id).send_request(
"user/system_image/set_private/",
caller_id=caller_id,
system_image_id=system_image_id,
leader_groups=[g.id for g in user.own_groups])
def change_owner(cm_id, caller_id, user_id, group_id):
"""
Function changes owner of the specified group. Only owner may be the caller,
otherwise exception is thrown. @prm{user_id} becomes new Group's leader.
@clmview_user
@param_post{user_id,int} id of the new owner
@param_post{group_id,int} id of the managed Group
"""
# check that the caller is leader
User.is_leader(caller_id, group_id)
group = Group.get(group_id)
new_leader = User.get(user_id)
group.leader = new_leader
try:
group.save()
except:
raise CLMException('group_change_owner')
def change_owner(cm_id, caller_id, user_id, group_id):
"""
Function changes owner of the specified group. Only owner may be the caller,
otherwise exception is thrown. @prm{user_id} becomes new Group's leader.
@clmview_user
@param_post{user_id,int} id of the new owner
@param_post{group_id,int} id of the managed Group
"""
# check that the caller is leader
User.is_leader(caller_id, group_id)
group = Group.get(group_id)
new_leader = User.get(user_id)
group.leader = new_leader
try:
group.save()
except:
raise CLMException('group_change_owner')
def create(cm_id, caller_id, **data):
"""
@clmview_user
"""
user = User.get(caller_id)
groups = list(
user.group_set.filter(
usergroup__status__exact=group_states['ok']).values_list(
'id', flat=True))
return CM(cm_id).send_request("user/farm/create/",
caller_id=caller_id,
groups=groups,
**data)
def get_my_data(cm_id, caller_id):
"""
Returns user's data.
@clmview_user
"""
user = User.get(caller_id)
user = user.dict
endpoints = []
for cm_name in [c.short_dict['name'] for c in Cluster.objects.filter(state=cluster_states['ok'])]:
endpoints.append(cm_name + "." + settings.EC2_URL)
user["ec2_endpoints"] = endpoints
return user
def get_list(cm_id, caller_id, **data):
"""
Method returns list of images.
@clmview_user
@param_post{data,dict}
@returns{list(dict)} images: <code>{gid, name, [images]}</code>
"""
group_dict = {}
# creation of information in data['gid']: group ids the caller belongs to
if data['access'] == image_access['group']:
groups = User.get(caller_id).group_set.filter(
usergroup__status__exact=group_states['ok'])
data['group_id'] = []
for g in groups:
# append info in data['gid'] to send with the request to CM
data['group_id'].append(int(g.id))
group_dict[g.id] = {'name': g.name, 'images': []}
resp = CM(cm_id).send_request("user/system_image/get_list/",
caller_id=caller_id,
**data)
if resp['status'] != 'ok':
return resp
images = resp['data']
# uzupełnianie zapytania o ownera i grupowanie w słownik {gid, name, [images]}
# adds information on the owner of the images with group access {gid, name, [images]}
if data['access'] == image_access['group']:
d = {}
for img in images:
group_dict[img['group_id']]['images'].append(img)
if img['user_id'] not in d:
try:
u = User.objects.get(pk=img['user_id'])
d[img['user_id']] = u.first + " " + u.last
except:
raise CLMException('user_get')
img['owner'] = d[img['user_id']]
resp = [{
'group_id': k,
'name': v['name'],
'images': v['images']
} for k, v in group_dict.iteritems()]
return resp
return images
def add(cm_response, **data):
"""
@clmview_admin_clm
@cm_request_transparent{admin.add()}
"""
if cm_response['status'] == 'ok':
try:
user = User.get(data['user_id'])
user.is_superuser_cm = 1
user.save()
except:
CLMException('cm_admin_add')
return cm_response
def add(cm_response, **data):
"""
@clmview_admin_clm
@cm_request_transparent{admin.add()}
"""
if cm_response['status'] == 'ok':
try:
user = User.get(data['user_id'])
user.is_superuser_cm = 1
user.save()
except:
CLMException('cm_admin_add')
return cm_response
def list_groups(cm_id, caller_id):
"""
Returns list of caller's Groups (only those where caller is accepted).
@clmview_user
@response{list(dict)} Group.dict property for each caller's Group
"""
user = User.get(caller_id)
groups = []
for g in user.group_set.all():
d = g.dict
d['status'] = group_states['ok']
groups.append(d)
return groups
def list_groups(cm_id, caller_id):
"""
Returns list of caller's Groups (only those where caller is accepted).
@clmview_user
@response{list(dict)} Group.dict property for each caller's Group
"""
user = User.get(caller_id)
groups = []
for g in user.group_set.all():
d = g.dict
d['status'] = group_states['ok']
groups.append(d)
return groups
def get_by_id(cm_id, caller_id,
**data): # @todo rename for fun name consistency
"""
@clmview_user
Fun takes the same parameters as cm.user.system_image.get_by_id(), except for @prm{groups}
"""
user = User.get(caller_id)
groups = list(
user.group_set.filter(
usergroup__status__exact=group_states['ok']).values_list(
'id', flat=True))
return CM(cm_id).send_request("user/system_image/get_by_id/",
caller_id=caller_id,
groups=groups,
**data)
def set_password(cm_id, caller_id, new_password):
"""
Sets user's password.
@clmview_user
@param_post{new_password,string}
"""
user = User.get(caller_id)
user.password = new_password
try:
user.save()
except:
raise CLMException('user_set_password')
return user.dict
def set_password(cm_id, caller_id, new_password):
"""
Sets user's password.
@clmview_user
@param_post{new_password,string}
"""
user = User.get(caller_id)
user.password = new_password
try:
user.save()
except:
raise CLMException('user_set_password')
return user.dict
def set_password(cm_id, caller_id, user_id, new_password):
"""
@clmview_admin_clm
@param_post{user_id,int} User id
@param_post{new_password,string} new password
"""
user = User.get(user_id)
user.password = new_password
try:
user.save()
except Exception:
raise CLMException('user_edit')
return user.dict
def get_my_data(cm_id, caller_id):
"""
Returns user's data.
@clmview_user
"""
user = User.get(caller_id)
user = user.dict
endpoints = []
for cm_name in [
c.short_dict['name']
for c in Cluster.objects.filter(state=cluster_states['ok'])
]:
endpoints.append(cm_name + "." + settings.EC2_URL)
user["ec2_endpoints"] = endpoints
return user
def set_admin(cm_id, caller_id, user_id, admin):
"""
Sets/unsets User as superuser.
@clmview_admin_clm
@parameter{user_id,int} id of the User to set superuser
@parameter{admin,bool} if true - User becomes admin, if false - User
loses admin priviledges
"""
user = User.get(user_id)
user.is_superuser = admin
try:
user.save()
except Exception:
raise CLMException('user_set_admin' if admin else 'user_unset_admin')
return None
def get_list(cm_id, caller_id, **data):
"""
Method returns list of images.
@parameter{data,dict}
\n fields as described by src.cm.views.user.image.list()
@returns{list(dict)}
images: {gid, name, [images]}
"""
group_dict = {}
# creation of information in data['gid']: group ids the caller belongs to
if data['access'] == image_access['group']:
groups = User.get(caller_id).group_set.filter(usergroup__status__exact=group_states['ok'])
data['group_id'] = []
for g in groups:
# append info in data['gid'] to send with the request to CM
data['group_id'].append(int(g.id))
group_dict[g.id] = {'name': g.name, 'images': []}
resp = CM(cm_id).send_request("user/system_image/get_list/", caller_id=caller_id, **data)
if resp['status'] != 'ok':
return resp
images = resp['data']
# uzupełnianie zapytania o ownera i grupowanie w słownik {gid, name, [images]}
# adds information on the owner of the images with group access {gid, name, [images]}
if data['access'] == image_access['group']:
d = {}
for img in images:
group_dict[img['group_id']]['images'].append(img)
if img['user_id'] not in d:
try:
u = User.objects.get(pk=img['user_id'])
d[img['user_id']] = u.first + " " + u.last
except:
raise CLMException('user_get')
img['owner'] = d[img['user_id']]
resp = [{'group_id': k, 'name': v['name'], 'images': v['images']} for k, v in group_dict.iteritems()]
return resp
return images
def delete(cm_id, caller_id, user_id):
"""
Deletes User. For technical and legal reasons only inactive User may
be deleted. Other users may only be blocked.
@clmview_admin_clm
@parameter{user_id,int} id of the user to delete
"""
user = User.get(user_id)
if user.last_login_date or user.is_active == user_active_states['ok']:
raise CLMException('user_active')
try:
user.delete()
except Exception:
raise CLMException('user_delete')
return user.dict
def delete(cm_id, caller_id, user_id):
"""
Deletes User. For technical and legal reasons only inactive User may
be deleted. Other users may only be blocked.
@clmview_admin_clm
@param_post{user_id,int} id of the User to delete
"""
user = User.get(user_id)
if user.last_login_date or user.is_active == user_active_states['ok']:
raise CLMException('user_active')
try:
user.delete()
except Exception:
raise CLMException('user_delete')
return user.dict
def set_admin(cm_id, caller_id, user_id, admin):
"""
Sets/unsets User as CLM admin. CLM admin has an ability to manage Cloud
Users.
@clmview_admin_clm
@param_post{user_id,int} id of the User to set superuser
@param_post{admin,bool} if True - User becomes admin, if False - User
loses admin priviledges
"""
user = User.get(user_id)
user.is_superuser = admin
try:
user.save()
except Exception:
raise CLMException('user_set_admin' if admin else 'user_unset_admin')
return None
def edit(cm_id, caller_id, email, default_cluster_id):
"""
Function for editing user's data.
@clmview_user
@param_post{email,string}
@param_post{default_cluster_id}
@response{dict} new user's info
"""
user = User.get(caller_id)
user.email = email
user.default_cluster_id = default_cluster_id
try:
user.save()
except:
raise CLMException('user_edit')
return user.dict
def delete(cm_response, **data):
"""
@clmview_admin_clm
@cm_request_transparent{admin.delete()}
"""
is_admin = False
for cm_id in [cluster.id for cluster in Cluster.objects.all()]:
resp = CM(cm_id).send_request('admin_cm/admin/am_i_admin/',
caller_id=data['user_id'])
if resp['status'] == 'ok' and resp['data']:
is_admin = True
break
if not is_admin:
try:
user = User.get(data['user_id'])
user.is_superuser_cm = 0
user.save()
except:
CLMException('cm_admin_add')
return cm_response
def block(cm_id, caller_id, user_id, wi_data, block):
"""
Block/unblocks User account. User should not and cannot be deleted. For
technical and legal reasons in order to restrict its access to CC1 Cloud
it should only be blocked. That way blocked User's data and activities
stay stored in database. In case of detection of any suspicious / illegal
activity performed on blocked User's Virtual Machine or using its
Public IP, that activity may be associated with User account.
@clmview_admin_clm
@param_post{user_id,int}
@param_post{wi_data,dict} fields: 'site_name'
@param_post{block,bool} whether to block or unblock.
"""
user = User.get(user_id)
if block:
if user.is_active == user_active_states['ok'] or user.is_active == user_active_states['email_confirmed']:
user.is_active = user_active_states['blocked']
else:
raise CLMException('user_state')
else:
if user.is_active == user_active_states['blocked']:
user.is_active = user_active_states['ok']
else:
raise CLMException('user_state')
try:
user.save()
except Exception:
raise CLMException('user_block' if block else 'user_unblock')
if settings.MAILER_ACTIVE:
try:
mail.send_block_email(user, block, wi_data)
except Exception, e:
log.error(caller_id, "Cannot send block/unblock email: %s" % str(e))
def delete(cm_id, caller_id, group_id):
"""
Method deletes specified Group.
@clmview_user
@param_post{group_id,int} id of the Group to delete
"""
group = Group.get(group_id)
resp = CM(cm_id).send_request("user/system_image/get_list/",
caller_id=caller_id,
group_id=[group_id],
access=image_access['group'])
if resp['status'] != 'ok':
return resp['data']
log.debug(caller_id, 'groups %s' % resp)
user = User.get(caller_id)
# set private all the system images that belong to the group
for img in resp['data']:
resp = CM(cm_id).sendRequest(
cm_id,
caller_id,
"user/system_image/set_private/",
system_image_id=img['image_id'],
leader_groups=[g.group_id for g in user.own_groups])
log.debug(caller_id, 'image set private %s' % resp['data'])
if resp['status'] != 'ok':
return resp['data']
try:
group.delete()
except:
raise CLMException('group_delete')
def register(first, last, login, email, new_password, organization, wi_data):
"""
Registers new user.
@clmview_guest
@param_post{first,string} firstname to set
@param_post{last,string} lastname to set
@param_post{login,string} login to set
@param_post{email,string} email to set
@param_post{new_password,string} password to set
@param_post{organization,string} organization to set
@param_post{wi_data,dict} data for sending mail
@response{dict}
@dictkey{user,dict} user's data (User.dict() property)
@dictkey{registration_state,int} state of reqistration @seealso{common.states.registration_state}
"""
user = User()
user.first = first
user.last = last
try:
default_cluster_id = Cluster.objects.filter(state=cluster_states['ok'])[0].id
except:
default_cluster_id = None
user.default_cluster_id = default_cluster_id
user.login = login
user.email = email
user.password = new_password
user.organization = organization
user.act_key = ''.join(random.choice(string.ascii_uppercase + string.digits) for n in range(40))
user.is_active = user_active_states['inactive']
try:
user.save()
except:
raise CLMException('user_register')
reg_state = -1
if settings.MAILER_ACTIVE:
try:
# mail the user
mail.send_activation_email(user.act_key, user, wi_data)
except SMTPRecipientsRefused:
reg_state = registration_states['error']
reg_state = registration_states['mail_confirmation']
else:
if settings.AUTOACTIVATION:
# add user to all unlocked CMs while activating
for cluster in Cluster.objects.filter(state__exact=0):
# TODO: func user/user is not in cm! so i use guest/user
resp = CM(cluster.id).send_request("guest/user/add/", new_user_id=user.id)
if resp['status'] != 'ok':
raise CLMException('cm_get')
user.is_active = user_active_states['ok']
user.activation_date = datetime.now()
user.act_key = ''
reg_state = registration_states['completed']
else:
user.is_active = user_active_states['email_confirmed']
reg_state = registration_states['admin_confirmation']
try:
user.save()
except:
raise CLMException('user_activate')
return {'user': user.dict, 'registration_state': reg_state}
