def add(request): if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES) if form.is_valid(): form.save() cred = form.instance # add empty extra fields before saving tags = cred.tags.all() tag_extras = [] for tag in tags: try: tag_extras += Extra.objects.filter(tag=tag.id) except: pass for ex in tag_extras: ef = ExtraField(value='', extra=ex) ef.save() cred.extrafields.add(ef) cred.save() CredAudit(audittype=CredAudit.CREDADD, cred=cred, user=request.user).save() return HttpResponseRedirect(reverse('detail', args=(cred.pk, ))) else: form = CredForm(request.user) return render(request, 'cred_edit.html', { 'form': form, 'action': reverse('add'), 'icons': get_icon_list() })
def process_import(request): # If there was no session data, return 404 if 'imported_data' not in request.session.keys(): raise Http404 # If there are no creds left to import if len(request.session['imported_data']['entries']) == 0: # Clear data and go back to staff home del request.session['imported_data'] return HttpResponseRedirect(reverse('staff.views.home')) # If we have a submission from the user if request.method == 'POST': form = CredForm(request.user, request.POST) if form.is_valid(): # Save the new credential form.save() # Add an audit record CredAudit( audittype=CredAudit.CREDADD, cred=form.instance, user=request.user, ).save() # Import another return HttpResponseRedirect(reverse('staff.views.process_import')) # If we didn't recieve any data else: # Get a new entry newcred = request.session['imported_data']['entries'].pop() request.session.save() # Create all the tags tlist = [] for t in newcred['tags']: (tag, create) = Tag.objects.get_or_create(name=t) tlist.append(tag) newcred['tags'] = tlist # Setup the group groupid = request.session['imported_data']['group'] try: newcred['group'] = Group.objects.get(pk=groupid) except Group.DoesNotExist: del request.session['imported_data'] raise Http404 # Display the form form = CredForm(request.user, newcred) # Display the edit form return render(request, 'staff_process_import.html', { 'form': form, 'action': reverse('staff.views.process_import'), 'icons': get_icon_list(), 'count': len(request.session['imported_data']['entries']), })
def edit(request, cred_id): cred = get_object_or_404(Cred, pk=cred_id) if cred.latest is not None: raise Http404 next = request.GET.get('next', None) # Check user has perms if not cred.is_visible_by(request.user): raise Http404 if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES, instance=cred) # Password change possible only for owner group if form.is_valid() and cred.group in request.user.groups.all(): # Assume metedata change chgtype = CredAudit.CREDMETACHANGE # Unless something thats not metadata changes for c in form.changed_data: if c not in Cred.METADATA: chgtype = CredAudit.CREDCHANGE # Clear pre-existing change queue items if chgtype == CredAudit.CREDCHANGE: CredChangeQ.objects.filter(cred=cred).delete() # Create audit log CredAudit(audittype=chgtype, cred=cred, user=request.user).save() form.save() # If we dont have anywhere to go, go to the details page if next is None: return HttpResponseRedirect( reverse('cred:detail', args=(cred.id, ))) else: return HttpResponseRedirect(next) else: form = CredForm(request.user, instance=cred) CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save() return render( request, 'cred_edit.html', { 'form': form, 'action': reverse('cred:edit', args=(cred.id, )), 'next': next, 'icons': get_icon_list(), 'cred': cred, })
def add(request): if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES) if form.is_valid(): form.save() CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save() return HttpResponseRedirect(reverse('cred:list')) else: form = CredForm(request.user) return render(request, 'cred_edit.html', {'form': form, 'action': reverse('cred:add'), 'icons': get_icon_list()})
def add(request): if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES) if form.is_valid(): form.save() CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save() return HttpResponseRedirect(reverse('cred.views.list')) else: form = CredForm(request.user) return render(request, 'cred_edit.html', {'form': form, 'action': reverse('cred.views.add'), 'icons': get_icon_list()})
def edit(request, cred_id): cred = get_object_or_404(Cred, pk=cred_id) if cred.latest is not None: raise Http404 next = request.GET.get('next', None) # Check user has perms if not cred.is_visible_by(request.user): raise Http404 if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES, instance=cred) # Password change possible only for owner group if form.is_valid() and cred.group in request.user.groups.all(): # Assume metedata change chgtype = CredAudit.CREDMETACHANGE # Unless something thats not metadata changes for c in form.changed_data: if c not in Cred.METADATA: chgtype = CredAudit.CREDCHANGE # Clear pre-existing change queue items if chgtype == CredAudit.CREDCHANGE: CredChangeQ.objects.filter(cred=cred).delete() # Create audit log CredAudit(audittype=chgtype, cred=cred, user=request.user).save() form.save() # If we dont have anywhere to go, go to the details page if next is None: return HttpResponseRedirect(reverse('cred.views.detail', args=(cred.id,))) else: return HttpResponseRedirect(next) else: form = CredForm(request.user, instance=cred) CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save() return render(request, 'cred_edit.html', {'form': form, 'action': reverse('cred.views.edit', args=(cred.id,)), 'next': next, 'icons': get_icon_list(), 'cred': cred, })
def import_process(request, import_id): # If there was no session data, return 404 if 'imported_data' not in request.session.keys(): raise Http404 # Get the entry we are concerned with try: entry = request.session['imported_data']['entries'][int(import_id)] except IndexError: raise Http404 # Get the group groupid = request.session['imported_data']['group'] try: group = Group.objects.get(pk=groupid) except Group.DoesNotExist: del request.session['imported_data'] raise Http404 if request.method == 'POST': # Try and import what we have now # Did the user upload a new attachment if entry['filename'] and 'attachment' not in request.FILES.keys(): sfile = SimpleUploadedFile(entry['filename'], bytes(entry['filecontent'])) request.FILES['attachment'] = sfile # Build the form form = CredForm(request.user, request.POST, request.FILES) # Do we have enough data to save? if form.is_valid(): # Save the credential form.save() # Write the audit log CredAudit( audittype=CredAudit.CREDADD, cred=form.instance, user=request.user, ).save() # Remove the entry we're importing del request.session['imported_data']['entries'][int(import_id)] request.session.save() # Go back to the overview return HttpResponseRedirect(reverse('staff.views.import_overview')) else: # Init the cred, and create the form processed = dict(entry) # Create all the tags tlist = [] for t in processed['tags']: (tag, create) = Tag.objects.get_or_create(name=t) tlist.append(tag) processed['tags'] = tlist # Setup the group processed['group'] = group # If the icon is empty set it if 'iconname' not in processed.keys(): processed['iconname'] = 'Key.png' # Remove the attachment if processed['filename']: del processed['filename'] del processed['filecontent'] # Create the form form = CredForm(request.user, processed, {}) return render(request, 'staff_import_process.html', { 'form': form, 'icons': get_icon_list(), })
def edit(request, cred_id): cred = get_object_or_404(Cred, pk=cred_id) if cred.latest is not None: raise Http404 next = request.GET.get('next', None) # Check user has perms if not cred.is_visible_by(request.user): raise Http404 # generate and save extra fields for all cred's tags if empty # First let's see what Extra fields this cred already has tags = cred.tags.all() cred_extras = [] for exf in cred.extrafields.all(): cred_extras.append(exf.extra) # Let's see now what Extra fields are coming with the tags this cred has tag_extras = [] for tag in tags: try: tag_extras += Extra.objects.filter(tag=tag.id) except: pass for ex in tag_extras: if not ex in cred_extras: ef = ExtraField(value='', extra=ex) ef.save() cred.extrafields.add(ef) cred.save() # We are gonna pass this into templates cred_extra_fields = cred.extrafields.all() if request.method == 'POST': form = CredForm(request.user, request.POST, request.FILES, instance=cred) # Password change possible only for owner group if form.is_valid() and cred.group in request.user.groups.all(): # Assume metedata change chgtype = CredAudit.CREDMETACHANGE # Unless something thats not metadata changes for c in form.changed_data: if c not in Cred.METADATA: chgtype = CredAudit.CREDCHANGE # Clear pre-existing change queue items if chgtype == CredAudit.CREDCHANGE: CredChangeQ.objects.filter(cred=cred).delete() # Save extra fields post_extra_keys = request.POST.keys() # Quite an ugly way: POST brings the <input> values with names "extra_<extra_id>" post_extra_keys = filter(lambda x: 'extra_' in x, post_extra_keys) new_tag_ids = map(int, request.POST.getlist('tags', default=[])) ex_changed = False for ex_key in post_extra_keys: ex_id = ex_key.split('_')[1] e = cred.extrafields.get(extra=int(ex_id)) if not e.extra.tag.id in new_tag_ids: # We need to make sure that if some tags were removed, # their extra fields are not saved to this cred e.delete() else: new_value = request.POST.get(ex_key, default='') if new_value != e.value: ex_changed = True e.value = new_value e.save() # Create audit log # Record if extra foelds were changed if ex_changed: CredAudit(audittype=CredAudit.CREDEXTRACHANGE, cred=cred, user=request.user).save() if chgtype != CredAudit.CREDMETACHANGE: CredAudit(audittype=chgtype, cred=cred, user=request.user).save() else: CredAudit(audittype=chgtype, cred=cred, user=request.user).save() form.save() # If we dont have anywhere to go, go to the details page if next is None: return HttpResponseRedirect(reverse('detail', args=(cred.id, ))) else: return HttpResponseRedirect(next) else: form = CredForm(request.user, instance=cred) CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save() return render( request, 'cred_edit.html', { 'form': form, 'action': reverse('edit', args=(cred.id, )), 'next': next, 'icons': get_icon_list(), 'cred': cred, 'cred_extra_fields': cred_extra_fields, })
def edit(request, cred_id): cred = get_object_or_404(Cred, pk=cred_id) if cred.latest is not None: raise Http404 next = request.GET.get("next", None) # Check user has perms if not cred.is_accessible_by(request.user): raise Http404 if request.method == "POST": form = CredForm(request.user, request.POST, request.FILES, instance=cred) if form.is_valid(): # Assume metedata change chgtype = CredAudit.CREDMETACHANGE # Unless something thats not metadata changes for c in form.changed_data: if c not in Cred.METADATA: chgtype = CredAudit.CREDCHANGE # Clear pre-existing change queue items if chgtype == CredAudit.CREDCHANGE: CredChangeQ.objects.filter(cred=cred).delete() # Create audit log CredAudit(audittype=chgtype, cred=cred, user=request.user).save() form.save() # If we dont have anywhere to go, go to the details page if next is None: return HttpResponseRedirect(reverse("cred.views.detail", args=(cred.id,))) else: return HttpResponseRedirect(next) else: form = CredForm(request.user, instance=cred) CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save() return render( request, "cred_edit.html", {"form": form, "action": reverse("cred.views.edit", args=(cred.id,)), "next": next, "icons": get_icon_list()}, )
def add(request): if request.method == "POST": form = CredForm(request.user, request.POST, request.FILES) if form.is_valid(): form.save() CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save() return HttpResponseRedirect(reverse("cred.views.list")) else: form = CredForm(request.user) return render( request, "cred_edit.html", {"form": form, "action": reverse("cred.views.add"), "icons": get_icon_list()} )