def filter_alerts_by_aggregate(queryset, aggregate, user, uuid=None): valid_model_choices = { 'project': models.Project, 'customer': models.Customer, } error = '"%s" parameter is not found. Valid choices are: %s.' % (aggregate, ', '.join(valid_model_choices.keys())) assert (aggregate in valid_model_choices), error aggregate_query = filter_queryset_for_user(valid_model_choices[aggregate].objects, user) if uuid: aggregate_query = aggregate_query.filter(uuid=uuid) aggregates_ids = aggregate_query.values_list('id', flat=True) query = {'%s__in' % aggregate: aggregates_ids} all_models = models.ResourceMixin.get_all_models() + models.ServiceProjectLink.get_all_models() if aggregate == 'customer': all_models += models.Service.get_all_models() all_models.append(models.Project) querysets = [aggregate_query] for model in all_models: qs = model.objects.filter(**query).all() querysets.append(filter_queryset_for_user(qs, user)) aggregate_query = Q() for qs in querysets: content_type = ContentType.objects.get_for_model(qs.model) ids = qs.values_list('id', flat=True) aggregate_query |= Q(content_type=content_type, object_id__in=ids) return queryset.filter(aggregate_query)
def get_permitted_objects_uuids(cls, user): """ Return query dictionary to search objects available to user. """ uuids = filter_queryset_for_user(cls.objects.all(), user).values_list('uuid', flat=True) key = core_utils.camel_case_to_underscore(cls.__name__) + '_uuid' return {key: uuids}
def validate_management_tenant_uuid(self, tenant_uuid): if not filter_queryset_for_user( openstack_models.Tenant.objects.filter(uuid=tenant_uuid), self.context['request'].user, ): raise serializers.ValidationError( _('User has not permissions for tenant %s') % tenant_uuid) return tenant_uuid
def get_filtered_subquery(self, queryset): ids = filter_queryset_for_user( queryset=queryset, user=self.request.user, ).values_list('id', flat=True) content_type = ContentType.objects.get_for_model(queryset.model) return functools.reduce( operator.or_, [Q(content_type=content_type, object_id=object_id) for object_id in ids], )
def get_permitted_objects_uuids(cls, user): if user.is_staff: customer_queryset = cls.objects.all() else: customer_queryset = cls.objects.filter( permissions__user=user, permissions__role=CustomerRole.OWNER, permissions__is_active=True ) return {'customer_uuid': filter_queryset_for_user(customer_queryset, user).values_list('uuid', flat=True)}
def to_representation(self, data): try: request = self.context['request'] user = request.user except (KeyError, AttributeError): pass else: if isinstance(data, (django_models.Manager, django_models.query.QuerySet)): data = filter_queryset_for_user(data.all(), user) return super(PermissionListSerializer, self).to_representation(data)
def get_file_from_token(token): user_uuid, content_type, object_uuid, field = decode_attachment_token(token) user = get_object_or_404(User, uuid=user_uuid) if not user.is_active: raise ValidationError('User is not active.') queryset = apps.get_model(content_type).objects.all() if hasattr(queryset, 'filter_for_user'): queryset = queryset.filter_for_user(user) else: queryset = filter_queryset_for_user(queryset, user) obj = get_object_or_404(queryset, uuid=object_uuid) return getattr(obj, field, None)
def instance_from_url(url, user=None): """ Restore instance from URL """ # XXX: This circular dependency will be removed then filter_queryset_for_user # will be moved to model manager method from waldur_core.structure.managers import filter_queryset_for_user url = clear_url(url) match = resolve(url) model = get_model_from_resolve_match(match) queryset = model.objects.all() if user is not None: queryset = filter_queryset_for_user(model.objects.all(), user) return queryset.get(**match.kwargs)
def get_rancher_cluster_for_openstack_instance(serializer, scope): request = serializer.context['request'] queryset = filter_queryset_for_user(models.Cluster.objects.all(), request.user) try: cluster = queryset.filter(tenant_settings=scope.service_settings).get() except models.Cluster.DoesNotExist: return None except MultipleObjectsReturned: return None return { 'name': cluster.name, 'uuid': cluster.uuid, }
def filter_catalogs_for_cluster(self, cluster_uuid): qs = filter_queryset_for_user( queryset=models.Cluster.objects.all(), user=self.request.user, ) cluster = get_object_or_404(qs, uuid=cluster_uuid) return self.queryset.filter( Q( content_type=ContentType.objects.get_for_model(models.Cluster), object_id=cluster.id, ) | Q( content_type=ContentType.objects.get_for_model(ServiceSettings), object_id=cluster.service_project_link.service.settings.id, ) )
def get_private_settings(self): service_settings_uuid = self.request.query_params.get('service_settings_uuid') if not service_settings_uuid or not core_utils.is_uuid_like( service_settings_uuid ): return structure_models.ServiceSettings.objects.none() queryset = structure_models.ServiceSettings.objects.filter( type=OpenStackConfig.service_name ) queryset = filter_queryset_for_user(queryset, self.request.user) try: shared_settings = queryset.get(uuid=service_settings_uuid) except structure_models.ServiceSettings.DoesNotExist: return structure_models.ServiceSettings.objects.none() tenants = openstack_models.Tenant.objects.filter( service_settings=shared_settings ) tenants = filter_queryset_for_user(tenants, self.request.user) if tenants: return structure_models.ServiceSettings.objects.filter(scope__in=tenants) else: return structure_models.ServiceSettings.objects.none()
def filtered_for_user(self, user, queryset=None): if queryset is None: queryset = self.get_queryset() if user.is_staff or user.is_support: return queryset query = Q() for model in self.get_available_models(): user_object_ids = filter_queryset_for_user( model.objects.all(), user).values_list('id', flat=True) content_type_id = ContentType.objects.get_for_model(model).id query |= Q(object_id__in=list(user_object_ids), content_type_id=content_type_id) return queryset.filter(query)
def filter_queryset(self, request, queryset, view): user_uuid = request.query_params.get('user_uuid') if not user_uuid: return queryset try: uuid.UUID(user_uuid) except ValueError: return queryset.none() try: user = User.objects.get(uuid=user_uuid) except User.DoesNotExist: return queryset.none() return filter_queryset_for_user(queryset, user)
def get(self, request, template_uuid, version): queryset = models.Template.objects.all() queryset = filter_queryset_for_user(queryset, request.user) template = get_object_or_404(queryset, uuid=template_uuid) client = template.settings.get_backend().client details = client.get_template_version_details(template.backend_id, version) readme = client.get_template_version_readme(template.backend_id, version) app_readme = client.get_template_version_app_readme( template.backend_id, version) return response.Response({ 'questions': details.get('questions'), 'readme': readme, 'app_readme': app_readme, })
def get_fields(self): fields = super(PermissionFieldFilteringMixin, self).get_fields() try: request = self.context['request'] user = request.user except (KeyError, AttributeError): return fields for field_name in self.get_filtered_field_names(): if field_name not in fields: # field could be not required by user continue field = fields[field_name] field.queryset = filter_queryset_for_user(field.queryset, user) return fields
def filtered_for_user(self, user, queryset=None): from waldur_core.logging import utils if queryset is None: queryset = self.get_queryset() # XXX: This circular dependency will be removed then filter_queryset_for_user # will be moved to model manager method from waldur_core.structure.managers import filter_queryset_for_user query = Q() for model in utils.get_loggable_models(): user_object_ids = filter_queryset_for_user( model.objects.all(), user).values_list('id', flat=True) content_type_id = ct_models.ContentType.objects.get_for_model( model).id query |= Q(object_id__in=user_object_ids, content_type_id=content_type_id) return queryset.filter(query)
def get_queryset(self): return filter_queryset_for_user( models.Project.objects.all().only('pk', 'uuid'), self.request.user)
def filter_queryset(self, request, queryset, view): return filter_queryset_for_user(queryset, request.user)
def get_permitted_objects(cls, user): return filter_queryset_for_user(cls.objects.all(), user)
def get_fields(self): fields = super(CartSubmitSerializer, self).get_fields() project_field = fields['project'] project_field.queryset = filter_queryset_for_user( project_field.queryset, self.context['request'].user) return fields
def _count_model(self, model): qs = model.objects.filter(project=self.object).only('pk') qs = filter_queryset_for_user(qs, self.request.user) return qs.count()
def get_object(self, request, model_class, object_uuid): return get_object_or_404( filter_queryset_for_user(model_class.objects.all(), request.user), uuid=object_uuid, )