from django.core.urlresolvers import reverse from expedient.common.permissions.utils import give_permission_to, get_queryset_from_class from django.contrib.csrf.middleware import csrf_exempt @csrf_exempt @require_objs_permissions_for_view( ["can_get_x2", "can_read_val"], get_user_from_req, get_queryset(PermissionTestClass, "obj_id") ) def test_view_x2(request, obj_id=None): obj = get_object_or_404(PermissionTestClass, pk=obj_id) return HttpResponse("%s" % obj.get_val_x2(user_kw=request.user)) @require_objs_permissions_for_view( ["can_add"], get_user_from_req, get_queryset_from_class(PermissionTestClass), ["POST"] ) def test_view_create(request): return create_update.create_object( request, PermissionTestClass, template_name="permissions/empty.html", post_save_redirect=reverse("test_view_crud"), ) def test_protected_url(request): return HttpResponse("Worked") @require_objs_permissions_for_view(
from expedient.common.permissions.decorators import require_objs_permissions_for_view from expedient.common.permissions.utils import get_user_from_req, get_queryset,\ get_queryset_from_class, get_leaf_queryset, get_object_from_ids from django.contrib.auth.models import User from expedient.clearinghouse.project.models import Project from expedient.clearinghouse.slice.models import Slice import traceback logger = logging.getLogger("AggregateViews") TEMPLATE_PATH = "expedient/clearinghouse/aggregate" @require_objs_permissions_for_view( perm_names=["can_add_aggregate"], permittee_func=get_user_from_req, target_func=get_queryset_from_class(Aggregate), methods=["POST"]) def list(request, agg_id=None): ''' Get a list of aggregates. agg_id specifies id to highlight. On POST, get the type of aggregate to be created and redirect to that model's create url. ''' qs = Aggregate.objects.all().order_by('name') if request.method == "GET": form = AggregateTypeForm() elif request.method == "POST": form = AggregateTypeForm(request.POST) if form.is_valid():
obj_perm = ObjectPermission.objects.\ get_or_create_for_object_or_class( permission, project)[0] researcher_role.obj_permissions.add(obj_perm) # give the creator of the project an owner role owner_role.give_to_permittee( user, can_delegate=True, ) @require_objs_permissions_for_view( perm_names=["can_create_project"], permittee_func=get_user_from_req, target_func=get_queryset_from_class(Project), ) def create(request): '''Create a new project''' def post_save(instance, created): # Create default roles in the project #Generate UUID: fixes caching problem on model default value instance.uuid = uuid.uuid4() create_project_roles(instance, request.user) instance.save() #if settings.LDAP_STORE_PROJECTS: # instance.sync_netgroup_ldap() def redirect(instance): return reverse("project_detail", args=[instance.id])
for permission in DEFAULT_RESEARCHER_PERMISSIONS: obj_perm = ObjectPermission.objects.\ get_or_create_for_object_or_class( permission, project)[0] researcher_role.obj_permissions.add(obj_perm) # give the creator of the project an owner role owner_role.give_to_permittee( user, can_delegate=True, ) @require_objs_permissions_for_view( perm_names=["can_create_project"], permittee_func=get_user_from_req, target_func=get_queryset_from_class(Project), ) def create(request): """ Create a new project """ user_profile = UserProfile.get_or_create_profile(request.user) cert = user_profile.certificate creds = user_profile.credentials user_urn = user_profile.urn def post_save(instance, created): # Create default roles in the project #Generate UUID: fixes caching problem on model default value instance.uuid = uuid.uuid4()
from expedient.common.permissions.decorators import require_objs_permissions_for_view from models import PermissionTestClass @require_objs_permissions_for_view( ["can_get_x2", "can_read_val"], get_user_from_req, get_queryset(PermissionTestClass, "obj_id"), ) def test_view_x2(request, obj_id=None): obj = get_object_or_404(PermissionTestClass, pk=obj_id) return HttpResponse("%s" % obj.get_val_x2()) @require_objs_permissions_for_view( ["can_add"], get_user_from_req, get_queryset_from_class(PermissionTestClass), ["POST"], ) def test_view_create(request): return create_update.create_object( request, PermissionTestClass, template_name="permissions/empty.html", post_save_redirect=reverse("test_view_crud"), ) def test_protected_url(request): return HttpResponse("Worked") @require_objs_permissions_for_view( ["can_set_val"], get_user_from_req,
from openflow.plugin.models import OpenFlowAggregate, OpenFlowSwitch,\ OpenFlowInterface, OpenFlowInterfaceSliver, FlowSpaceRule,\ OpenFlowConnection, NonOpenFlowConnection from expedient_geni.planetlab.models import PlanetLabNode, PlanetLabSliver,\ PlanetLabAggregate from expedient.common.utils.plugins.resources.node import Node from expedient.common.utils.plugins.resources.link import Link logger = logging.getLogger("OpenFlow plugin views") MAX_ALLOWED_VLAN_RANGE = 20 @require_objs_permissions_for_view( perm_names=["can_add_aggregate"], permittee_func=get_user_from_req, target_func=get_queryset_from_class(Aggregate), methods=["POST", "GET"]) def aggregate_create(request): return aggregate_crud(request) @require_objs_permissions_for_view( perm_names=["can_edit_aggregate"], permittee_func=get_user_from_req, target_func=get_queryset(OpenFlowAggregate, "agg_id"), methods=["POST", "GET"]) def aggregate_edit(request, agg_id): return aggregate_crud(request, agg_id=agg_id) def aggregate_crud(request, agg_id=None): ''' Create/update an OpenFlow Aggregate.
@csrf_exempt @require_objs_permissions_for_view( ["can_get_x2", "can_read_val"], get_user_from_req, get_queryset(PermissionTestClass, "obj_id"), ) def test_view_x2(request, obj_id=None): obj = get_object_or_404(PermissionTestClass, pk=obj_id) return HttpResponse("%s" % obj.get_val_x2(user_kw=request.user)) @require_objs_permissions_for_view( ["can_add"], get_user_from_req, get_queryset_from_class(PermissionTestClass), ["POST"], ) def test_view_create(request): return create_update.create_object( request, PermissionTestClass, template_name="permissions/empty.html", post_save_redirect=reverse("test_view_crud"), ) def test_protected_url(request): return HttpResponse("Worked")