def test_validate_crisd(self):
with self.assertRaises(ValidationError):
validate_crsids("wrongwrongwrong")
users = validate_crsids("amc203")
self.assertEqual(len(users), 1)
self.assertEqual(users[0].username, "amc203")
self.assertIsNotNone(users[0].id)
self.assertFalse(users[0].has_usable_password())
self.assertIsNot(users[0].last_name, "")
self.assertIsNot(users[0].last_name, None)
users = validate_crsids("amc203,jw35")
self.assertEqual(len(users), 2)
self.assertEqual(users[0].username, "amc203")
self.assertIsNotNone(users[0].id)
self.assertFalse(users[0].has_usable_password())
self.assertIsNot(users[0].last_name, "")
self.assertIsNot(users[0].last_name, None)
self.assertEqual(users[1].username, "jw35")
self.assertIsNotNone(users[1].id)
self.assertFalse(users[1].has_usable_password())
self.assertIsNot(users[1].last_name, "")
self.assertIsNot(users[1].last_name, None)
with self.assertRaises(User.DoesNotExist):
User.objects.get(username="******")
users = validate_crsids("")
self.assertEqual(len(users), 0)
def form_valid(self, form):
try:
self.object = form.save(commit=False)
self.object.service = self.service
self.object.save()
except Exception:
form.add_error(None, "A Unix Group already exists with that name")
return self.form_invalid(form)
unix_users = list(
set(validate_crsids(self.request.POST.get('unix_users'))))
if not all(
user in self.object.service.site.list_of_all_type_of_users()
for user in unix_users):
form.add_error(
None,
"You have added users to this group that are not in the authorisation user list."
)
return self.form_invalid(form)
self.object.users.add(*unix_users)
launch_ansible(self.service) # to apply these changes to the vm
return super(UnixGroupCreate, self).form_valid(form)
def auth_change(request, site_id):
site = privileges_check(site_id, request.user)
if site is None:
return HttpResponseForbidden()
if not site.production_service or site.production_service.virtual_machines.count() == 0 \
or site.production_service.is_busy:
return redirect(site)
lookup_lists = {
'authorised_users': site.users.all(),
'sshuserlist': site.ssh_users.all(),
'authorised_groups': site.groups.all(),
'sshusers_groups': site.ssh_groups.all()
}
if request.method == 'POST':
authuserlist = validate_crsids(request.POST.get('users_crsids'))
sshuserlist = validate_crsids(request.POST.get('sshusers_crsids'))
authgrouplist = validate_groupids(request.POST.get('groupids'))
sshauthgrouplist = validate_groupids(request.POST.get('sshgroupids'))
# TODO If there are no users in the list return an Exception? No users authorised but maybe a group currently a
# ValidationError is raised in validate_groupids
site.users.clear()
site.users.add(*authuserlist)
site.ssh_users.clear()
site.ssh_users.add(*sshuserlist)
site.groups.clear()
site.groups.add(*authgrouplist)
site.ssh_groups.clear()
site.ssh_groups.add(*sshauthgrouplist)
launch_ansible_site(site) # to add or delete users from the ssh/login auth list of the server
return redirect(site)
breadcrumbs = {
0: dict(name='Managed Web Server: ' + str(site.name), url=site.get_absolute_url()),
1: dict(name='Authorisation', url=reverse(auth_change, kwargs={'site_id': site.id}))
}
return render(request, 'mws/auth.html', {
'lookup_lists': lookup_lists,
'breadcrumbs': breadcrumbs,
'sidebar_messages': warning_messages(site),
'site': site
})
def form_valid(self, form):
self.object = form.save()
unix_users = list(
set(validate_crsids(self.request.POST.get('unix_users'))))
if not all(
user in self.object.service.site.list_of_all_type_of_users()
for user in unix_users):
form.add_error(
None,
"You have added users to this group that are not in the authorisation user list."
)
return self.form_invalid(form)
self.object.users.clear()
self.object.users.add(*unix_users)
launch_ansible(self.service) # to apply these changes to the vm
return super(UnixGroupUpdate, self).form_valid(form)