def volumepermissions(request, volume_id):
'''
View for the webpage that shows the current state of user permissions for
the volume. Populates initial_perms if not already extant.
'''
session = request.session
username = session['login_email']
vol = db.read_volume(volume_id)
if not vol:
return redirect('django_volume.views.viewvolume', volume_id)
message = session.pop('message', "")
initial_data = session.get('initial_perms' + str(volume_id), None)
if not initial_data:
rw_attrs = {'SyndicateUser.volumes_rw ==': vol.volume_id}
rw = db.list_users(rw_attrs)
r_attrs = {'SyndicateUser.volumes_r ==': vol.volume_id}
r = db.list_users(r_attrs)
initial_data = []
for u in rw:
if u.owner_id == vol.owner_id:
continue
initial_data.append({'user': u.email, 'read': True, 'write': True})
for u in r:
initial_data.append({
'user': u.email,
'read': True,
'write': False
})
session['initial_perms' + str(volume_id)] = initial_data
PermissionFormSet = formset_factory(forms.Permissions, extra=0)
addform = forms.AddPermissions
passwordform = libforms.Password
if initial_data:
formset = PermissionFormSet(initial=initial_data)
else:
formset = None
t = loader.get_template('volumepermissions.html')
c = RequestContext(
request,
{
'username': username,
'volume': vol,
# 'users':users,
# 'rw':rw,
# 'r':r,
'addform': addform,
'passwordform': passwordform,
'formset': formset,
'message': message
})
return HttpResponse(t.render(c))
def list_users(query_attrs):
"""
List users.
Positional arguments:
query_attrs (dict):
The fields to query on. Each item must be in
the form of
'SyndicateUser.${attr} ${op}': ${value}
where ${attr} is a user attribute, ${op}
is ==, !=, >, >=, <, <=, or IN, and ${value}
is the value to compare the attribute against.
Returns:
A list of users that satisfy the query, or an
exception if the query was malformed or could
not be executed by the MS's underlying datastore.
The exception may be specific to the datastore.
Authorization:
Only an administrator may call this method.
"""
return storage.list_users(query_attrs)
def list_users(query_attrs):
"""
List users.
Positional arguments:
query_attrs (dict):
The fields to query on. Each item must be in
the form of
'SyndicateUser.${attr} ${op}': ${value}
where ${attr} is a user attribute, ${op}
is ==, !=, >, >=, <, <=, or IN, and ${value}
is the value to compare the attribute against.
Returns:
A list of users that satisfy the query, or an
exception if the query was malformed or could
not be executed by the MS's underlying datastore.
The exception may be specific to the datastore.
Authorization:
Only an administrator may call this method.
"""
return storage.list_users(query_attrs)
def deletevolume(request, volume_id):
'''
View for deleting volumes. Since so many other entites have properties related
to volume ID's, numerous db updates need to be checked. CQ, they are all grouped
together into the transactional helper method multi_update().
'''
# Clear out volume_id in properties for users, UG's, AG's, and RG's.
@transactional(xg=True)
def multi_update(vol, users, usergateways, acquisitiongateways,
replicagateways):
v_id = vol.volume_id
db.delete_volume(v_id)
logging.info(users)
for user in users:
fields = {}
if v_id in user.volumes_o:
new_volumes_o = user.volumes_o
new_volumes_o.remove(v_id)
fields['volumes_o'] = new_volumes_o
if v_id in user.volumes_rw:
new_volumes_rw = user.volumes_rw
new_volumes_rw.remove(v_id)
fields['volumes_rw'] = new_volumes_rw
if v_id in user.volumes_r:
new_volumes_r = user.volumes_r
new_volumes_r.remove(v_id)
fields['volumes_r'] = new_volumes_r
if fields:
db.update_user(user.email, **fields)
for ug in usergateways:
fields = {}
fields['volume_id'] = 0
db.update_user_gateway(ug.g_id, **fields)
for ag in acquisitiongateways:
logging.info(ag)
fields = {}
new_ids = ag.volume_ids.remove(v_id)
if not new_ids:
fields['volume_ids'] = []
else:
fields['volume_ids'] = new_ids
db.update_acquisition_gateway(ag.g_id, **fields)
for rg in replicagateways:
fields = {}
new_ids = rg.volume_ids.remove(v_id)
if not new_ids:
fields['volume_ids'] = []
else:
fields['volume_ids'] = new_ids
db.update_replica_gateway(rg.g_id, **fields)
# Clear initial data session variable to prevent stale tables in ag.views.viewgateway and rg.views.viewgateway
session.pop("rg_initial_data" + str(v_id), None)
session.pop("ag_initial_data" + str(v_id), None)
# Clear initial data session variable to prevent stale data in volume settings, change rgs, and change ags.
session.pop("volume_initial_ags" + str(v_id), None)
session.pop("volume_initial_rgs" + str(v_id), None)
session = request.session
message = session.pop('message', "")
username = session['login_email']
vol = db.read_volume(volume_id)
if not vol:
return redirect('django_volume.views.viewvolume', volume_id)
if request.method == "POST":
form = forms.DeleteVolume(request.POST)
if form.is_valid():
# Check password hash
hash_check = Volume.generate_password_hash(
form.cleaned_data['password'], vol.volume_secret_salt)
if hash_check == vol.volume_secret_salted_hash:
# Ok to delete
attrs = {}
users = db.list_users(
{'SyndicateUser.volumes_rw ==': vol.volume_id})
users.extend(
db.list_users(
{'SyndicateUser.volumes_r ==': vol.volume_id}))
ags = db.list_acquisition_gateways_by_volume(vol.volume_id)
rgs = db.list_replica_gateways_by_volume(vol.volume_id)
ugs = db.list_user_gateways_by_volume(vol.volume_id)
try:
multi_update(vol, users, ugs, ags, rgs)
except Exception as e:
logging.error("Unable to delete volume %s" % e)
session['message'] = "Unable to delete volume."
return redirect('django_volume.views.deletevolume',
volume_id=vol.volume_id)
session['new_change'] = "We've deleted your volume."
session['next_url'] = '/syn/volume/myvolumes/'
session[
'next_message'] = "Click here to go back to your volumes."
return redirect('/syn/thanks')
else:
session['message'] = "Invalid password"
return redirect('django_volume.views.deletevolume',
volume_id=vol.volume_id)
else:
session['message'] = "Please fill out all entries"
return redirect('django_volume.views.deletevolume', vol.volume_id)
else:
form = forms.DeleteVolume()
t = loader.get_template('deletevolume.html')
c = RequestContext(request, {
'username': username,
'form': form,
'message': message,
'volume': vol
})
return HttpResponse(t.render(c))
