def test_user_network_share(self): grant_access(self.net, self.other_user) access = user_has_access(self.net, self.other_user) self.assertEqual(access, True) access = user_can_edit(self.net, self.other_user) self.assertEqual(access, True) revoke_edit(self.net, self.other_user) access = user_can_edit(self.net, self.other_user) self.assertEqual(access, False) revoke_access(self.net, self.other_user) access = user_has_access(self.net, self.other_user) self.assertEqual(access, False)
def events_search(request): search_form = EventSearchForm(request.user, request.GET) events = None if search_form.is_valid() and search_form.cleaned_data["message"]: cleaned_data = search_form.cleaned_data search_phrase = cleaned_data.get("message") events = search(Event, search_phrase) date_after = cleaned_data.get("date_after") if date_after: events = events.filter(timestamp__gte=date_after) date_before = cleaned_data.get("date_before") if date_before: events = events.filter(timestamp__lte=date_before) event_type = cleaned_data.get("event_type") if event_type and event_type != "0": events = events.filter(event_type__pk=event_type) events = events.order_by("-timestamp") # filter events by user access events = filter(lambda e: user_has_access(e.source_host, request.user), events) else: if not request.GET.get("message"): search_form = EventSearchForm(request.user) extra_context = {"adv_search": True} return events_list( request, events, search_form=search_form, template_name="events/event_search.html", extra_context=extra_context )
def share_list(request, object_type, object_id): model = Network if object_type == 'network' else Host obj, edit = get_object_or_forbidden(model, object_id, request.user) all_users = User.objects.exclude(pk=request.user.pk) other_users = [] for user in all_users: if not user_has_access(obj, user): other_users.append(user) extra_context = { 'object': obj, 'object_type': object_type, 'other_users': other_users } return direct_to_template(request, 'networks/share.html', extra_context)
def event_detail(request, object_id=None, message_slug=None): if object_id: event = Event.objects.get(pk=object_id) elif message_slug: event = Event.objects.get(message_slug=message_slug) else: return events_list(request) if not user_has_access(event.source_host, request.user): raise Http404() if request.method == 'POST': check_form = EventCheckForm(request.POST, instance=event) if check_form.is_valid(): check_form.save() check_form = EventCheckForm(instance=event) extra_context = { 'check_form': check_form } return object_detail(request, Event.objects.all(), object_id, slug=message_slug, slug_field='message_slug', extra_context=extra_context)
def events_search(request): search_form = EventSearchForm(request.user, request.GET) events = None if search_form.is_valid() and search_form.cleaned_data['message'] and \ search != None: cleaned_data = search_form.cleaned_data search_phrase = cleaned_data.get('message') events = search(Event, search_phrase) date_after = cleaned_data.get('date_after') if date_after: events = events.filter(timestamp__gte=date_after) date_before = cleaned_data.get('date_before') if date_before: events = events.filter(timestamp__lte=date_before) event_type = cleaned_data.get('event_type') if event_type and event_type != '0': events = events.filter(event_type__pk=event_type) events = events.order_by('-timestamp') # filter events by user access events = filter(lambda e: user_has_access(e.source_host, request.user), events) else: if not request.GET.get('message'): search_form = EventSearchForm(request.user) extra_context = { 'adv_search': True, } return events_list(request, events, search_form=search_form, template_name='events/event_search.html', extra_context=extra_context)
def event_detail(request, object_id=None, message_slug=None): if object_id: event = Event.objects.get(pk=object_id) elif message_slug: event = Event.objects.get(message_slug=message_slug) else: return events_list(request) if not user_has_access(event.source_host, request.user): raise Http404() if request.method == 'POST': check_form = EventCheckForm(request.POST, instance=event) if check_form.is_valid(): check_form.save() check_form = EventCheckForm(instance=event) extra_context = {'check_form': check_form} return object_detail(request, Event.objects.all(), object_id, slug=message_slug, slug_field='message_slug', extra_context=extra_context)
def test_user_network_access(self): access = user_has_access(self.net, self.user) self.assertEqual(access, True) access = user_has_access(self.net, self.other_user) self.assertEqual(access, False)
def test_user_host_access(self): access = user_has_access(self.host, self.user) self.assertEqual(access, True) access = user_has_access(self.host, self.other_user) self.assertEqual(access, False)