def test_user_network_share(self):
grant_access(self.net, self.other_user)
access = user_has_access(self.net, self.other_user)
self.assertEqual(access, True)
access = user_can_edit(self.net, self.other_user)
self.assertEqual(access, True)
revoke_edit(self.net, self.other_user)
access = user_can_edit(self.net, self.other_user)
self.assertEqual(access, False)
revoke_access(self.net, self.other_user)
access = user_has_access(self.net, self.other_user)
self.assertEqual(access, False)
def events_search(request):
search_form = EventSearchForm(request.user, request.GET)
events = None
if search_form.is_valid() and search_form.cleaned_data["message"]:
cleaned_data = search_form.cleaned_data
search_phrase = cleaned_data.get("message")
events = search(Event, search_phrase)
date_after = cleaned_data.get("date_after")
if date_after:
events = events.filter(timestamp__gte=date_after)
date_before = cleaned_data.get("date_before")
if date_before:
events = events.filter(timestamp__lte=date_before)
event_type = cleaned_data.get("event_type")
if event_type and event_type != "0":
events = events.filter(event_type__pk=event_type)
events = events.order_by("-timestamp")
# filter events by user access
events = filter(lambda e: user_has_access(e.source_host, request.user), events)
else:
if not request.GET.get("message"):
search_form = EventSearchForm(request.user)
extra_context = {"adv_search": True}
return events_list(
request, events, search_form=search_form, template_name="events/event_search.html", extra_context=extra_context
)
def share_list(request, object_type, object_id):
model = Network if object_type == 'network' else Host
obj, edit = get_object_or_forbidden(model, object_id, request.user)
all_users = User.objects.exclude(pk=request.user.pk)
other_users = []
for user in all_users:
if not user_has_access(obj, user):
other_users.append(user)
extra_context = {
'object': obj,
'object_type': object_type,
'other_users': other_users
}
return direct_to_template(request, 'networks/share.html', extra_context)
def share_list(request, object_type, object_id):
model = Network if object_type == 'network' else Host
obj, edit = get_object_or_forbidden(model, object_id, request.user)
all_users = User.objects.exclude(pk=request.user.pk)
other_users = []
for user in all_users:
if not user_has_access(obj, user):
other_users.append(user)
extra_context = {
'object': obj,
'object_type': object_type,
'other_users': other_users
}
return direct_to_template(request, 'networks/share.html', extra_context)
def event_detail(request, object_id=None, message_slug=None):
if object_id:
event = Event.objects.get(pk=object_id)
elif message_slug:
event = Event.objects.get(message_slug=message_slug)
else:
return events_list(request)
if not user_has_access(event.source_host, request.user):
raise Http404()
if request.method == 'POST':
check_form = EventCheckForm(request.POST, instance=event)
if check_form.is_valid():
check_form.save()
check_form = EventCheckForm(instance=event)
extra_context = {
'check_form': check_form
}
return object_detail(request, Event.objects.all(), object_id,
slug=message_slug, slug_field='message_slug',
extra_context=extra_context)
def events_search(request):
search_form = EventSearchForm(request.user, request.GET)
events = None
if search_form.is_valid() and search_form.cleaned_data['message'] and \
search != None:
cleaned_data = search_form.cleaned_data
search_phrase = cleaned_data.get('message')
events = search(Event, search_phrase)
date_after = cleaned_data.get('date_after')
if date_after:
events = events.filter(timestamp__gte=date_after)
date_before = cleaned_data.get('date_before')
if date_before:
events = events.filter(timestamp__lte=date_before)
event_type = cleaned_data.get('event_type')
if event_type and event_type != '0':
events = events.filter(event_type__pk=event_type)
events = events.order_by('-timestamp')
# filter events by user access
events = filter(lambda e: user_has_access(e.source_host, request.user),
events)
else:
if not request.GET.get('message'):
search_form = EventSearchForm(request.user)
extra_context = {
'adv_search': True,
}
return events_list(request,
events,
search_form=search_form,
template_name='events/event_search.html',
extra_context=extra_context)
def event_detail(request, object_id=None, message_slug=None):
if object_id:
event = Event.objects.get(pk=object_id)
elif message_slug:
event = Event.objects.get(message_slug=message_slug)
else:
return events_list(request)
if not user_has_access(event.source_host, request.user):
raise Http404()
if request.method == 'POST':
check_form = EventCheckForm(request.POST, instance=event)
if check_form.is_valid():
check_form.save()
check_form = EventCheckForm(instance=event)
extra_context = {'check_form': check_form}
return object_detail(request,
Event.objects.all(),
object_id,
slug=message_slug,
slug_field='message_slug',
extra_context=extra_context)
def events_search(request):
search_form = EventSearchForm(request.user, request.GET)
events = None
if search_form.is_valid() and search_form.cleaned_data['message'] and \
search != None:
cleaned_data = search_form.cleaned_data
search_phrase = cleaned_data.get('message')
events = search(Event, search_phrase)
date_after = cleaned_data.get('date_after')
if date_after:
events = events.filter(timestamp__gte=date_after)
date_before = cleaned_data.get('date_before')
if date_before:
events = events.filter(timestamp__lte=date_before)
event_type = cleaned_data.get('event_type')
if event_type and event_type != '0':
events = events.filter(event_type__pk=event_type)
events = events.order_by('-timestamp')
# filter events by user access
events = filter(lambda e: user_has_access(e.source_host, request.user), events)
else:
if not request.GET.get('message'):
search_form = EventSearchForm(request.user)
extra_context = {
'adv_search': True,
}
return events_list(request, events, search_form=search_form,
template_name='events/event_search.html',
extra_context=extra_context)
def test_user_network_access(self):
access = user_has_access(self.net, self.user)
self.assertEqual(access, True)
access = user_has_access(self.net, self.other_user)
self.assertEqual(access, False)
def test_user_host_access(self):
access = user_has_access(self.host, self.user)
self.assertEqual(access, True)
access = user_has_access(self.host, self.other_user)
self.assertEqual(access, False)
