def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan')) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [ v.vlan for v in find_allowed_vlans_for_user(get_account(request)) ] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan', 1)) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [ v.vlan for v in find_allowed_vlans_for_user(get_account(request)) ] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) LogEntry.add_log_entry( request.account, u'set-vlan', u'{actor}: {object} - native vlan: "%s", trunk vlans: "%s"' % (native_vlan, trunked_vlans), subsystem=u'portadmin', object=interface, ) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan')) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [v.vlan for v in find_allowed_vlans_for_user(get_account(request))] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def get_context_data(self, **kwargs): user = get_account(self.request) context = super(IndexView, self).get_context_data(user=user, **kwargs) netmap_views = NetmapView.objects.all() if not user.is_admin(): netmap_views = netmap_views.filter( Q(is_public=True) | Q(owner=user)).select_related('owner', ) netmap_views_json = json.dumps( NetmapViewSerializer(netmap_views, many=True).data) categories = list(Category.objects.values_list('id', flat=True)) categories.append('ELINK') rooms_locations = json.dumps( list(Room.objects.values_list('id', flat=True)) + list(Location.objects.values_list('id', flat=True))) context.update({ 'account': user, 'netmap_views': netmap_views, 'netmap_views_json': netmap_views_json, 'categories': categories, 'rooms_locations': rooms_locations, 'traffic_gradient': get_traffic_gradient(), 'navpath': [('Home', '/'), ('Netmap', )], }) return context
def do_list(request, messages=None): account = get_account(request) macwatches = MacWatch.objects.all() info_dict = populate_info_dict(account, macwatches=macwatches, messages=messages) return render(request, 'macwatch/list_watches.html', info_dict)
def admin_views(request): """Admin page User can set default netmap view for all users in here """ session_user = get_account(request) if not session_user.is_admin(): return HttpResponseForbidden() global_favorite = None try: global_favorite = NetmapViewDefaultView.objects.get( owner=Account.DEFAULT_ACCOUNT) except ObjectDoesNotExist: pass # ignore it response = render_to_response( 'netmap/admin_list_mapviews.html', {'views': NetmapView.objects.all(), 'current_global_favorite': global_favorite, 'navpath': [('Home', '/'), ('Netmap', '/netmap'), ('Netmap Admin', '/netmap/admin')] }, RequestContext(request)) return response
def render_manual_detention_step_two(request, target): """Controller for rendering interface choices when manualy detaining""" error = "" candidates = find_id_information(target, 3, trunk_ok=True) camtuple_choices = [(x.camid, humanize(x)) for x in candidates] if request.method == 'POST': form = ManualDetentionForm(request.POST) form.fields['camtuple'].choices = camtuple_choices if form.is_valid(): error = process_manual_detention_form(form, get_account(request)) if not error: return redirect('arnold-detainedports') else: form = ManualDetentionForm(initial={'target': target}) return render_to_response('arnold/manualdetain-step2.html', create_context('Manual detention', { 'active': {'manualdetention': True}, 'target': target, 'candidates': candidates, 'form': form, 'now': datetime.now(), 'error': error }), RequestContext(request))
def add_macwatch(request): """ Display form for adding of mac address to watch. """ account = get_account(request) if request.method == 'POST': macwatchform = MacWatchForm(request.POST) if macwatchform.is_valid(): # Get user object m = MacWatch(mac=macwatchform.cleaned_data['macaddress'], userid=account, description=macwatchform.cleaned_data['description']) if macwatchform.prefix_length: m.prefix_length = macwatchform.prefix_length m.save() return HttpResponseRedirect('/macwatch/') else: messages = ['Illegal input-data'] info_dict = populate_info_dict(account, messages=messages) info_dict['form'] = macwatchform return render_to_response('macwatch/addmacwatch.html', info_dict, RequestContext(request)) info_dict = populate_info_dict(account) macwatchform = MacWatchForm() info_dict['form'] = macwatchform return render_to_response('macwatch/addmacwatch.html', info_dict, RequestContext(request))
def save_navlet_order(request): """Save the order of the navlets after a sort""" if request.method == 'POST': account = get_account(request) return modify_navlet(save_order, account, request, "Error saving order") return HttpResponse(status=400)
def account_processor(request): """Provides account information to RequestContext. Returns these variables: - account: This is the nav.models.profiles.Account object representing the current user. - is_admin: Does this user belong to the NAV administrator group - messages: A list of message dictionaries which is meant for the user to see. """ account = get_account(request) admin = is_admin(account) messages = Messages(request) messages = messages.get_and_delete() sudo = get_sudoer(request) my_links = NavbarLink.objects.filter(account=account) tools = sorted(tool_list(account), key=attrgetter('name')) current_user_data = { 'account': account, 'is_admin': admin, 'sudoer': sudo, 'messages': messages, 'my_links': my_links, 'tools': tools, 'split_tools': split_tools(tools) } return { 'current_user_data': current_user_data, }
def change_password(request): """ Handles POST requests to change a users password """ context = _create_preference_context(request) account = get_account(request) if account.is_default_account(): return direct_to_template(request, 'useradmin/not-logged-in.html', {}) if request.method == 'POST': password_form = ChangePasswordForm(request.POST, my_account=account) if password_form.is_valid(): account.set_password(password_form.cleaned_data['new_password1']) account.save() new_message(request, 'Your password has been changed.', type=Messages.SUCCESS) else: context['password_form'] = password_form return direct_to_template( request, 'webfront/preferences.html', context ) return HttpResponseRedirect(reverse('webfront-preferences'))
def save_links(request): """ Saves navigation preference links on a user """ account = get_account(request) formset_from_post = None context = _create_preference_context(request) if request.method == 'POST': formset = NavbarLinkFormSet(request.POST) if formset.is_valid(): for form in formset.deleted_forms: instance = form.save(commit=False) instance.account = account instance.save() instances = formset.save(commit=False) for instance in instances: instance.account = account instance.save() new_message(request, 'Your links were saved.', type=Messages.SUCCESS) else: context['navbar_formset'] = formset return direct_to_template( request, 'webfront/preferences.html', context ) return HttpResponseRedirect(reverse('webfront-preferences'))
def backbone_app(request): """Single page backbone application for Netmap""" session_user = get_account(request) link_to_admin = None if session_user.is_admin(): link_to_admin = reverse('netmap-admin-views') available_categories = _get_available_categories() response = render_to_response( 'netmap/backbone.html', { 'bootstrap_mapproperties_collection': _get_maps(request), 'bootstrap_isFavorite': _get_global_defaultview_as_json(request), 'bootstrap_availableCategories': serializers.serialize( 'json', available_categories, fields=('description') ), 'bootstrap_availableCategories_datauris': simplejson.dumps( _get_datauris_for_categories() ), 'auth_id': session_user.id, 'link_to_admin': link_to_admin, 'navpath': [('Home', '/'), ('Netmap', '/netmap')] }, RequestContext(request)) return response
def api_graph_layer_2(request, map_id=None): """ Layer2 network topology representation in d3js force-direct graph layout http://mbostock.github.com/d3/ex/force.html """ load_traffic = 'traffic' in request.GET if map_id: view = get_object_or_404(NetmapView, pk=map_id) session_user = get_account(request) if view.is_public or (session_user == view.owner): json = _json_layer2(load_traffic, view) response = HttpResponse(simplejson.dumps(json)) response['Content-Type'] = 'application/json; charset=utf-8' response['Cache-Control'] = 'no-cache' response['Pragma'] = 'no-cache' response['Expires'] = "Thu, 01 Jan 1970 00:00:00 GMT" response['x-nav-viewid'] = map_id return response else: return HttpResponseForbidden() json = _json_layer2(load_traffic) response = HttpResponse(simplejson.dumps(json)) response['Content-Type'] = 'application/json; charset=utf-8' response['Cache-Control'] = 'no-cache' response['Pragma'] = 'no-cache' response['Expires'] = "Thu, 01 Jan 1970 00:00:00 GMT" return response
def add_macwatch(request): """ Display form for adding of mac address to watch. """ account = get_account(request) if request.method == 'POST': macwatchform = MacWatchForm(request.POST) if macwatchform.is_valid(): # Get user object m = MacWatch(mac=macwatchform.cleaned_data['macaddress'], userid=account, description=macwatchform.cleaned_data['description']) if macwatchform.prefix_length: m.prefix_length = macwatchform.prefix_length m.save() return HttpResponseRedirect('/macwatch/') else: messages = ['Illegal input-data',] info_dict = populate_info_dict(account, messages=messages) info_dict['form'] = macwatchform return render_to_response( 'macwatch/addmacwatch.html', info_dict, RequestContext(request)) info_dict = populate_info_dict(account) macwatchform = MacWatchForm() info_dict['form'] = macwatchform return render_to_response( 'macwatch/addmacwatch.html', info_dict, RequestContext(request))
def save_interfaceinfo(request): """Set ifalias and/or vlan on netbox messages: created from the results from the messages framework interfaceid must be a part of the request ifalias, vlan and voicevlan are all optional """ if request.method == 'POST': interface = Interface.objects.get(pk=request.POST.get('interfaceid')) account = get_account(request) # Skip a lot of queries if access_control is not turned on if should_check_access_rights(account): _logger.info('Checking access rights for %s', account) if interface.vlan in [ v.vlan for v in find_allowed_vlans_for_user_on_netbox( account, interface.netbox) ]: set_interface_values(account, interface, request) else: # Should only happen if user tries to avoid gui restrictions messages.error(request, 'Not allowed to edit this interface') else: set_interface_values(account, interface, request) else: messages.error(request, 'Wrong request type') result = {"messages": build_ajax_messages(request)} return response_based_on_result(result)
def edit_macwatch(request, macwatchid): """ Edit description on a macwatch - currently not in use """ if request.method == 'POST': macwatchform = MacWatchForm(request.POST) if macwatchform.is_valid(): m = MacWatch.objects.get(id=macwatchid) m.mac = macwatchform.cleaned_data['macaddress'] m.description = macwatchform.cleaned_data['description'] m.save() return HttpResponseRedirect('/macwatch/') else: account = get_account(request) info_dict = populate_info_dict(account) info_dict['form'] = macwatchform return render_to_response( 'macwatch/editmacwatch.html', info_dict, RequestContext(request)) if macwatchid: m = MacWatch.objects.get(id=macwatchid) data = {'macaddress': m.mac, 'description': m.description} macwatchform = MacWatchForm(initial=data) info_dict = populate_info_dict(account) info_dict['form'] = macwatchform return render_to_response( 'macwatch/editmacwatch.html', info_dict, RequestContext(request))
def set_voice_vlan(fac, interface, request): """Set voicevlan on interface A voice vlan is a normal vlan that is defined by the user of NAV as a vlan that is used only for ip telephone traffic. To set a voice vlan we have to make sure the interface is configured to tag both the voicevlan and the "access-vlan". """ if 'voicevlan' in request.POST: voice_vlan = fetch_voice_vlan_for_netbox(request, fac) # Either the voicevlan is turned off or turned on turn_on_voice_vlan = request.POST.get('voicevlan') == 'true' account = get_account(request) try: if turn_on_voice_vlan: _logger.info('%s: %s:%s - %s', account.login, interface.netbox.get_short_sysname(), interface.ifname, 'voice vlan enabled') fac.set_voice_vlan(interface, voice_vlan) else: _logger.info('%s: %s:%s - %s', account.login, interface.netbox.get_short_sysname(), interface.ifname, 'voice vlan disabled') fac.set_access(interface, interface.vlan) except (SnmpError, ValueError) as error: messages.error(request, "Error setting voicevlan: %s" % error)
def delete_macwatch(request, macwatchid): """ Delete tuple for mac address watch """ account = get_account(request) # Delete tuple based on url if macwatchid: # Captured args are always strings. Make it int. macwatchid = int(macwatchid) try: m = MacWatch.objects.get(id=macwatchid) except Exception as e: messages = [e] return do_list(request, messages) if request.method == 'POST': if request.POST['submit'] == 'Yes': try: m.delete() return HttpResponseRedirect('/macwatch/') except Exception as e: messages = [e] return do_list(request, messages) else: return HttpResponseRedirect('/macwatch/') else: info_dict = populate_info_dict(account) info_dict['macwatch'] = m return render_to_response('macwatch/deletemacwatch.html', info_dict, RequestContext(request)) return HttpResponseRedirect('/macwatch/')
def edit_macwatch(request, macwatchid): """ Edit description on a macwatch - currently not in use """ if request.method == 'POST': macwatchform = MacWatchForm(request.POST) if macwatchform.is_valid(): m = MacWatch.objects.get(id=macwatchid) m.mac = macwatchform.cleaned_data['macaddress'] m.description = macwatchform.cleaned_data['description'] m.save() return HttpResponseRedirect('/macwatch/') else: account = get_account(request) info_dict = populate_info_dict(account) info_dict['form'] = macwatchform return render_to_response('macwatch/editmacwatch.html', info_dict, RequestContext(request)) if macwatchid: m = MacWatch.objects.get(id=macwatchid) data = {'macaddress': m.mac, 'description': m.description} macwatchform = MacWatchForm(initial=data) info_dict = populate_info_dict(account) info_dict['form'] = macwatchform return render_to_response('macwatch/editmacwatch.html', info_dict, RequestContext(request))
def _create_preference_context(request): """ Creates a context used by different views for the multiform preference page """ account = get_account(request) if account.ext_sync: password_form = None else: password_form = ChangePasswordForm() context = { 'navpath': [('Home', '/'), ('Preferences', None)], 'title': 'Personal NAV preferences', 'password_form': password_form, 'columns_form': ColumnsForm(initial={'num_columns': get_widget_columns(account)}), 'account': account, 'tool': { 'name': 'My account', 'description': 'Edit my personal NAV account settings' }, 'navbar_formset': NavbarLinkFormSet(queryset=NavbarLink.objects.filter(account=account)), } return context
def remove_user_navlet(request): """Remove a navlet-subscription from this user""" if request.method == 'POST' and 'navletid' in request.POST: account = get_account(request) return modify_navlet(remove_navlet, account, request, "Error removing Navlet") return HttpResponse(status=400)
def update_defaultview(request, map_id, is_global_defaultview=False): """ Save/update a default view for a user. :param request: request :param map_id: NetmapView id :return: 200 HttpResponse with view_id or related http status code. """ session_user = get_account(request) if not session_user.is_admin(): return HttpResponseForbidden() view = get_object_or_404(NetmapView, pk=map_id) if is_global_defaultview: if session_user.is_admin(): NetmapViewDefaultView.objects.filter( owner=Account(pk=Account.DEFAULT_ACCOUNT)).delete() default_view = NetmapViewDefaultView() default_view.view = view default_view.owner = Account(pk=Account.DEFAULT_ACCOUNT) default_view.save() return HttpResponse(default_view.view.viewid) else: return HttpResponseForbidden() else: if view.is_public or (session_user == view.owner): NetmapViewDefaultView.objects.filter(owner=session_user).delete() default_view = NetmapViewDefaultView() default_view.view = view default_view.owner = session_user default_view.save() return HttpResponse(default_view.view.viewid) else: return HttpResponseForbidden()
def save_links(request): """ Saves navigation preference links on a user """ account = get_account(request) context = _create_preference_context(request) if request.method == 'POST': formset = NavbarLinkFormSet(request.POST) if formset.is_valid(): for form in formset.deleted_forms: instance = form.save(commit=False) instance.account = account instance.save() instances = formset.save(commit=False) for instance in instances: instance.account = account instance.save() new_message(request, 'Your links were saved.', type=Messages.SUCCESS) else: context['navbar_formset'] = formset return render(request, 'webfront/preferences.html', context) return HttpResponseRedirect(reverse('webfront-preferences'))
def save_interfaceinfo(request): """Set ifalias and/or vlan on netbox messages: created from the results from the messages framework interfaceid must be a part of the request ifalias, vlan and voicevlan are all optional """ if request.method == 'POST': interface = Interface.objects.get(pk=request.POST.get('interfaceid')) account = get_account(request) # Skip a lot of queries if access_control is not turned on if should_check_access_rights(account): _logger.info('Checking access rights for %s', account) if interface.vlan in [v.vlan for v in find_allowed_vlans_for_user_on_netbox( account, interface.netbox)]: set_interface_values(account, interface, request) else: # Should only happen if user tries to avoid gui restrictions messages.error(request, 'Not allowed to edit this interface') else: set_interface_values(account, interface, request) else: messages.error(request, 'Wrong request type') result = {"messages": build_ajax_messages(request)} return response_based_on_result(result)
def upload_image(request, roomid): """Controller for uploading an image""" room = get_object_or_404(Room, pk=roomid) navpath = get_path() + [ (room.id, reverse('room-info', kwargs={'roomid': room.id})), ('Edit images',) ] account = get_account(request) if request.method == 'POST': _logger.debug('Uploading images') images = request.FILES.getlist('images') for image in images: try: handle_image(image, room, uploader=account) messages.success( request, 'Image «%s» uploaded' % image.name) except IOError as e: _logger.error(e) messages.error(request, 'Image «%s» not saved - ' 'perhaps unsupported type' % image.name) return redirect("room-info-upload", roomid=room.id) return render_to_response("info/room/upload.html", {"room": room, "navpath": navpath, "title": create_title(navpath)}, context_instance=RequestContext(request))
def _get_defaultview(request): """Helper for fetching users default view""" session_user = get_account(request) view = get_object_or_404(NetmapViewDefaultView, owner=session_user) #permission? return simplejson.dumps(view.to_json_dict())
def dispatch(self, request, *args, **kwargs): if not get_account(request).is_admin(): raise PermissionDenied return super(AdminRequiredMixin, self).dispatch( request, *args, **kwargs )
def get_user_navlets(request): """Gets all navlets that this user subscribes to""" account = get_account(request) usernavlets = AccountNavlet.objects.filter(account=account) navlets = [] for usernavlet in usernavlets: navlets.append(create_navlet_object(usernavlet)) return HttpResponse(json.dumps(navlets), content_type="application/json")
def lift_detentions(request): """Lift all detentions given in form""" if request.method == 'POST': account = get_account(request) for detentionid in request.POST.getlist('detentions'): identity = Identity.objects.get(pk=detentionid) open_port(identity, account.login, 'Enabled from web') return redirect('arnold-detainedports')
def do_list(request, messages=None): account = get_account(request) macwatches = MacWatch.objects.all() info_dict = populate_info_dict(account, macwatches=macwatches, messages=messages) return render_to_response( 'macwatch/list_watches.html', info_dict, RequestContext(request))
def handle_threshold_form(form, request): """Create threshold based on form data :param ThresholdForm form: A user defined threshold :param HttpRequest request: The request object """ threshold = form.save(commit=False) threshold.created = datetime.datetime.now() threshold.creator = get_account(request) threshold.save()
def set_voice_vlan(handler: ManagementHandler, interface, request): """Set voicevlan on interface A voice vlan is a normal vlan that is defined by the user of NAV as a vlan that is used only for ip telephone traffic. To set a voice vlan we have to make sure the interface is configured to tag both the voicevlan and the "access-vlan". """ if 'voicevlan' in request.POST: cdp_changed = False voice_vlan = fetch_voice_vlan_for_netbox(request, handler) use_cisco_voice_vlan = CONFIG.is_cisco_voice_enabled() and is_cisco( interface.netbox) enable_cdp_for_cisco_voice_port = CONFIG.is_cisco_voice_cdp_enabled() # Either the voicevlan is turned off or turned on turn_on_voice_vlan = request.POST.get('voicevlan') == 'true' account = get_account(request) try: if turn_on_voice_vlan: if use_cisco_voice_vlan: handler.set_cisco_voice_vlan(interface, voice_vlan) if enable_cdp_for_cisco_voice_port: handler.enable_cisco_cdp(interface) cdp_changed = True else: handler.set_interface_voice_vlan(interface, voice_vlan) _logger.info( '%s: %s:%s - %s%s', account.login, interface.netbox.get_short_sysname(), interface.ifname, 'voice vlan enabled', ', CDP enabled' if cdp_changed else '', ) else: if use_cisco_voice_vlan: handler.disable_cisco_voice_vlan(interface) if enable_cdp_for_cisco_voice_port: handler.disable_cisco_cdp(interface) cdp_changed = True else: handler.set_access(interface, interface.vlan) _logger.info( '%s: %s:%s - %s%s', account.login, interface.netbox.get_short_sysname(), interface.ifname, 'voice vlan disabled', ', CDP disabled' if cdp_changed else '', ) except (ManagementError, ValueError, NotImplementedError) as error: messages.error(request, "Error setting voicevlan: %s" % error)
def handle_search(request, _searchform, form_target): account = get_account(request) if not account: return HttpResponseForbidden( "You must be logged in to access this resource") context = _build_context(request) context.update({'form_target': form_target}) return render(request, 'syslogger/frag-search.html', context)
def _get_maps(request): """Helper method for fetching netmap views :param request: Request from wrapper function """ session_user = get_account(request) netmap_views = NetmapView.objects.filter( Q(is_public=True) | Q(owner=session_user.id) ).order_by('-is_public') json_views = [view.to_json_dict() for view in netmap_views] return simplejson.dumps(json_views)
def move_section(request): """Controller for moving a section up or down""" account = get_account(request) # Moving up, or moving down? if request.POST.get('moveup'): movement = -1 section_id = request.POST.get('moveup') direction = 'up' elif request.POST.get('movedown'): movement = 1 section_id = request.POST.get('movedown') direction = 'down' else: return HttpResponseRedirect(reverse('status-preferences')) # Make sure the ordering is correct before we try to move around order_status_preferences(account) # Find the section we want to move try: section = StatusPreference.objects.get( id=section_id, account=account, ) except StatusPreference.DoesNotExist: new_message(request, 'Could not find selected filter', Messages.ERROR) return HttpResponseRedirect(reverse('status-preferences')) # Find the section we should swap places with. # If it's not found we're trying to move the first section up or the last # section down. try: other_section = StatusPreference.objects.get( position=section.position + movement, account=account, ) except StatusPreference.DoesNotExist: new_message(request, 'New position is out of bounds.', Messages.ERROR) return HttpResponseRedirect(reverse('status-preferences')) # Swap places new_position = other_section.position other_section.position = section.position section.position = new_position other_section.save() section.save() new_message(request, 'Moved section "%s" %s' % (section.name, direction), Messages.SUCCESS) return HttpResponseRedirect(reverse('status-preferences'))
def sudo(request, other_user): """Switches the current session to become other_user""" if SUDOER_ID_VAR in request.session: # Already logged in as another user. raise SudoRecursionError() if not is_admin(get_account(request)): # Check if sudoer is acctually admin raise SudoNotAdminError() request.session[SUDOER_ID_VAR] = request.account.id request.session[ACCOUNT_ID_VAR] = other_user.id request.session.save() request.account = other_user
def index(request): info_dict = {} headers = ['Netbox', 'Power-supply module', 'Model', 'Serial', 'Description', 'State', 'Down since',] info_dict['headers'] = headers info_dict['account'] = get_account(request) info_dict['states'] = PowerSupplyOrFan.objects.all().order_by('netbox') info_dict.update(DEFAULT_VALUES) return render_to_response( 'powersupplies/index.html', info_dict, RequestContext(request) )
def save_tools(request): """Save changes to tool setup for user""" account = get_account(request) if account.is_default_account(): return HttpResponse(status=401) if 'data' in request.POST: account = get_account(request) tools = simplejson.loads(request.POST.get('data')) for toolname, options in tools.items(): try: atool = AccountTool.objects.get(account=account, toolname=toolname) except AccountTool.DoesNotExist: atool = AccountTool(account=account, toolname=toolname) atool.priority = options['index'] atool.display = options['display'] atool.save() return HttpResponse()
def set_tool_layout(request): """Save tool layout for user""" account = get_account(request) if account.is_default_account(): return HttpResponse(status=401) if 'layout' in request.POST: account = get_account(request) layout = request.POST['layout'] if layout in ['grid', 'list']: try: layout_prop = AccountProperty.objects.get( account=account, property='toolbox-layout') except AccountProperty.DoesNotExist: layout_prop = AccountProperty(account=account, property='toolbox-layout') layout_prop.value = layout layout_prop.save() return HttpResponse()
def add_user_navlet(request): """Add a navlet subscription to this user""" if request.method == 'POST' and 'navlet' in request.POST: account = get_account(request) if can_modify_navlet(account, request): navlet_class = request.POST.get('navlet') navlet = add_navlet(account, navlet_class) return HttpResponse(json.dumps(create_navlet_object(navlet)), content_type="application/json") return HttpResponse(status=400)
def forward_to_default_variant(request): """Redirect the client to the default variant. The default variant is the one listed first in the configuration file. """ account = get_account(request) for variant in get_configuration()['variant_order']: url = reverse('geomap', args=(variant,)) if account.has_perm('web_access', url): return HttpResponseRedirect(url) return HttpResponseForbidden # TODO: should use 'Unauthorized'
def resolve_account_admin_and_owner(request): """Primarily used before saving filters and filter groups. Gets account, checks if user is admin, and sets owner to a appropriate value. """ account = get_account(request) admin = is_admin(account) owner = Account() if request.POST.get('owner') or not admin: owner = account return (account, admin, owner)
def _get_global_defaultview_as_json(request): """Helper for fetching global default view""" session_user = get_account(request) try: view = NetmapViewDefaultView.objects.get(owner=session_user) except ObjectDoesNotExist: try: view = NetmapViewDefaultView.objects.get( owner=Account(pk=Account.DEFAULT_ACCOUNT)) except ObjectDoesNotExist: view = None return simplejson.dumps(view.to_json_dict()) if view else 'null'
def _update_map(request, map_id): """Helper for updating/saving a netmap view :param request: Request from wrapper :param map_id: Map id to update/save """ view = get_object_or_404(NetmapView, pk=map_id) session_user = get_account(request) if view.is_public or (session_user == view.owner): # todo: change to request.PUT when swapping to mod_wsgi! try: data = simplejson.loads(get_request_body(request)) except KeyError: return HttpResponseBadRequest("Malformed data!") view.title = data['title'] view.description = data['description'] view.topology = data['topology'] view.zoom = data['zoom'] view.is_public = data['is_public'] view.last_modified = datetime.datetime.now() fixed_nodes = data['nodes'] if data['display_orphans']: view.display_orphans = data['display_orphans'] else: view.display_orphans = False if any(x['name'] == 'ELINK' for x in data['categories']): view.display_elinks = True else: view.display_elinks = False _update_map_categories(data['categories'], view) _update_map_node_positions(fixed_nodes, view) _LOGGER.debug('updating view metadata: %s' % view) view.save() return HttpResponse(view.viewid) else: return HttpResponseForbidden()