def add(request):
if request.method == 'POST':
form = CredForm(request.user, request.POST, request.FILES)
if form.is_valid():
form.save()
cred = form.instance
# add empty extra fields before saving
tags = cred.tags.all()
tag_extras = []
for tag in tags:
try:
tag_extras += Extra.objects.filter(tag=tag.id)
except:
pass
for ex in tag_extras:
ef = ExtraField(value='', extra=ex)
ef.save()
cred.extrafields.add(ef)
cred.save()
CredAudit(audittype=CredAudit.CREDADD,
cred=cred,
user=request.user).save()
return HttpResponseRedirect(reverse('detail', args=(cred.pk, )))
else:
form = CredForm(request.user)
return render(request, 'cred_edit.html', {
'form': form,
'action': reverse('add'),
'icons': get_icon_list()
})
def process_import(request):
# If there was no session data, return 404
if 'imported_data' not in request.session.keys():
raise Http404
# If there are no creds left to import
if len(request.session['imported_data']['entries']) == 0:
# Clear data and go back to staff home
del request.session['imported_data']
return HttpResponseRedirect(reverse('staff.views.home'))
# If we have a submission from the user
if request.method == 'POST':
form = CredForm(request.user, request.POST)
if form.is_valid():
# Save the new credential
form.save()
# Add an audit record
CredAudit(
audittype=CredAudit.CREDADD,
cred=form.instance,
user=request.user,
).save()
# Import another
return HttpResponseRedirect(reverse('staff.views.process_import'))
# If we didn't recieve any data
else:
# Get a new entry
newcred = request.session['imported_data']['entries'].pop()
request.session.save()
# Create all the tags
tlist = []
for t in newcred['tags']:
(tag, create) = Tag.objects.get_or_create(name=t)
tlist.append(tag)
newcred['tags'] = tlist
# Setup the group
groupid = request.session['imported_data']['group']
try:
newcred['group'] = Group.objects.get(pk=groupid)
except Group.DoesNotExist:
del request.session['imported_data']
raise Http404
# Display the form
form = CredForm(request.user, newcred)
# Display the edit form
return render(request, 'staff_process_import.html', {
'form': form,
'action': reverse('staff.views.process_import'),
'icons': get_icon_list(),
'count': len(request.session['imported_data']['entries']),
})
def edit(request, cred_id):
cred = get_object_or_404(Cred, pk=cred_id)
if cred.latest is not None:
raise Http404
next = request.GET.get('next', None)
# Check user has perms
if not cred.is_visible_by(request.user):
raise Http404
if request.method == 'POST':
form = CredForm(request.user,
request.POST,
request.FILES,
instance=cred)
# Password change possible only for owner group
if form.is_valid() and cred.group in request.user.groups.all():
# Assume metedata change
chgtype = CredAudit.CREDMETACHANGE
# Unless something thats not metadata changes
for c in form.changed_data:
if c not in Cred.METADATA:
chgtype = CredAudit.CREDCHANGE
# Clear pre-existing change queue items
if chgtype == CredAudit.CREDCHANGE:
CredChangeQ.objects.filter(cred=cred).delete()
# Create audit log
CredAudit(audittype=chgtype, cred=cred, user=request.user).save()
form.save()
# If we dont have anywhere to go, go to the details page
if next is None:
return HttpResponseRedirect(
reverse('cred:detail', args=(cred.id, )))
else:
return HttpResponseRedirect(next)
else:
form = CredForm(request.user, instance=cred)
CredAudit(audittype=CredAudit.CREDPASSVIEW,
cred=cred,
user=request.user).save()
return render(
request, 'cred_edit.html', {
'form': form,
'action': reverse('cred:edit', args=(cred.id, )),
'next': next,
'icons': get_icon_list(),
'cred': cred,
})
def add(request):
if request.method == 'POST':
form = CredForm(request.user, request.POST, request.FILES)
if form.is_valid():
form.save()
CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save()
return HttpResponseRedirect(reverse('cred:list'))
else:
form = CredForm(request.user)
return render(request, 'cred_edit.html', {'form': form, 'action':
reverse('cred:add'), 'icons': get_icon_list()})
def add(request):
if request.method == 'POST':
form = CredForm(request.user, request.POST, request.FILES)
if form.is_valid():
form.save()
CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save()
return HttpResponseRedirect(reverse('cred.views.list'))
else:
form = CredForm(request.user)
return render(request, 'cred_edit.html', {'form': form, 'action':
reverse('cred.views.add'), 'icons': get_icon_list()})
def edit(request, cred_id):
cred = get_object_or_404(Cred, pk=cred_id)
if cred.latest is not None:
raise Http404
next = request.GET.get('next', None)
# Check user has perms
if not cred.is_visible_by(request.user):
raise Http404
if request.method == 'POST':
form = CredForm(request.user, request.POST, request.FILES, instance=cred)
# Password change possible only for owner group
if form.is_valid() and cred.group in request.user.groups.all():
# Assume metedata change
chgtype = CredAudit.CREDMETACHANGE
# Unless something thats not metadata changes
for c in form.changed_data:
if c not in Cred.METADATA:
chgtype = CredAudit.CREDCHANGE
# Clear pre-existing change queue items
if chgtype == CredAudit.CREDCHANGE:
CredChangeQ.objects.filter(cred=cred).delete()
# Create audit log
CredAudit(audittype=chgtype, cred=cred, user=request.user).save()
form.save()
# If we dont have anywhere to go, go to the details page
if next is None:
return HttpResponseRedirect(reverse('cred.views.detail', args=(cred.id,)))
else:
return HttpResponseRedirect(next)
else:
form = CredForm(request.user, instance=cred)
CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save()
return render(request, 'cred_edit.html', {'form': form,
'action': reverse('cred.views.edit', args=(cred.id,)),
'next': next,
'icons': get_icon_list(),
'cred': cred,
})
def import_process(request, import_id):
# If there was no session data, return 404
if 'imported_data' not in request.session.keys():
raise Http404
# Get the entry we are concerned with
try:
entry = request.session['imported_data']['entries'][int(import_id)]
except IndexError:
raise Http404
# Get the group
groupid = request.session['imported_data']['group']
try:
group = Group.objects.get(pk=groupid)
except Group.DoesNotExist:
del request.session['imported_data']
raise Http404
if request.method == 'POST':
# Try and import what we have now
# Did the user upload a new attachment
if entry['filename'] and 'attachment' not in request.FILES.keys():
sfile = SimpleUploadedFile(entry['filename'],
bytes(entry['filecontent']))
request.FILES['attachment'] = sfile
# Build the form
form = CredForm(request.user, request.POST, request.FILES)
# Do we have enough data to save?
if form.is_valid():
# Save the credential
form.save()
# Write the audit log
CredAudit(
audittype=CredAudit.CREDADD,
cred=form.instance,
user=request.user,
).save()
# Remove the entry we're importing
del request.session['imported_data']['entries'][int(import_id)]
request.session.save()
# Go back to the overview
return HttpResponseRedirect(reverse('staff.views.import_overview'))
else:
# Init the cred, and create the form
processed = dict(entry)
# Create all the tags
tlist = []
for t in processed['tags']:
(tag, create) = Tag.objects.get_or_create(name=t)
tlist.append(tag)
processed['tags'] = tlist
# Setup the group
processed['group'] = group
# If the icon is empty set it
if 'iconname' not in processed.keys():
processed['iconname'] = 'Key.png'
# Remove the attachment
if processed['filename']:
del processed['filename']
del processed['filecontent']
# Create the form
form = CredForm(request.user, processed, {})
return render(request, 'staff_import_process.html', {
'form': form,
'icons': get_icon_list(),
})
def import_process(request, import_id):
# If there was no session data, return 404
if 'imported_data' not in request.session.keys():
raise Http404
# Get the entry we are concerned with
try:
entry = request.session['imported_data']['entries'][int(import_id)]
except IndexError:
raise Http404
# Get the group
groupid = request.session['imported_data']['group']
try:
group = Group.objects.get(pk=groupid)
except Group.DoesNotExist:
del request.session['imported_data']
raise Http404
if request.method == 'POST':
# Try and import what we have now
# Did the user upload a new attachment
if entry['filename'] and 'attachment' not in request.FILES.keys():
sfile = SimpleUploadedFile(entry['filename'], bytes(entry['filecontent']))
request.FILES['attachment'] = sfile
# Build the form
form = CredForm(request.user, request.POST, request.FILES)
# Do we have enough data to save?
if form.is_valid():
# Save the credential
form.save()
# Write the audit log
CredAudit(
audittype=CredAudit.CREDADD,
cred=form.instance,
user=request.user,
).save()
# Remove the entry we're importing
del request.session['imported_data']['entries'][int(import_id)]
request.session.save()
# Go back to the overview
return HttpResponseRedirect(reverse('staff.views.import_overview'))
else:
# Init the cred, and create the form
processed = dict(entry)
# Create all the tags
tlist = []
for t in processed['tags']:
(tag, create) = Tag.objects.get_or_create(name=t)
tlist.append(tag)
processed['tags'] = tlist
# Setup the group
processed['group'] = group
# If the icon is empty set it
if 'iconname' not in processed.keys():
processed['iconname'] = 'Key.png'
# Remove the attachment
if processed['filename']:
del processed['filename']
del processed['filecontent']
# Create the form
form = CredForm(request.user, processed, {})
return render(request, 'staff_import_process.html', {
'form': form,
'icons': get_icon_list(),
})
def edit(request, cred_id):
cred = get_object_or_404(Cred, pk=cred_id)
if cred.latest is not None:
raise Http404
next = request.GET.get('next', None)
# Check user has perms
if not cred.is_visible_by(request.user):
raise Http404
# generate and save extra fields for all cred's tags if empty
# First let's see what Extra fields this cred already has
tags = cred.tags.all()
cred_extras = []
for exf in cred.extrafields.all():
cred_extras.append(exf.extra)
# Let's see now what Extra fields are coming with the tags this cred has
tag_extras = []
for tag in tags:
try:
tag_extras += Extra.objects.filter(tag=tag.id)
except:
pass
for ex in tag_extras:
if not ex in cred_extras:
ef = ExtraField(value='', extra=ex)
ef.save()
cred.extrafields.add(ef)
cred.save()
# We are gonna pass this into templates
cred_extra_fields = cred.extrafields.all()
if request.method == 'POST':
form = CredForm(request.user,
request.POST,
request.FILES,
instance=cred)
# Password change possible only for owner group
if form.is_valid() and cred.group in request.user.groups.all():
# Assume metedata change
chgtype = CredAudit.CREDMETACHANGE
# Unless something thats not metadata changes
for c in form.changed_data:
if c not in Cred.METADATA:
chgtype = CredAudit.CREDCHANGE
# Clear pre-existing change queue items
if chgtype == CredAudit.CREDCHANGE:
CredChangeQ.objects.filter(cred=cred).delete()
# Save extra fields
post_extra_keys = request.POST.keys()
# Quite an ugly way: POST brings the <input> values with names "extra_<extra_id>"
post_extra_keys = filter(lambda x: 'extra_' in x, post_extra_keys)
new_tag_ids = map(int, request.POST.getlist('tags', default=[]))
ex_changed = False
for ex_key in post_extra_keys:
ex_id = ex_key.split('_')[1]
e = cred.extrafields.get(extra=int(ex_id))
if not e.extra.tag.id in new_tag_ids:
# We need to make sure that if some tags were removed,
# their extra fields are not saved to this cred
e.delete()
else:
new_value = request.POST.get(ex_key, default='')
if new_value != e.value:
ex_changed = True
e.value = new_value
e.save()
# Create audit log
# Record if extra foelds were changed
if ex_changed:
CredAudit(audittype=CredAudit.CREDEXTRACHANGE,
cred=cred,
user=request.user).save()
if chgtype != CredAudit.CREDMETACHANGE:
CredAudit(audittype=chgtype, cred=cred,
user=request.user).save()
else:
CredAudit(audittype=chgtype, cred=cred,
user=request.user).save()
form.save()
# If we dont have anywhere to go, go to the details page
if next is None:
return HttpResponseRedirect(reverse('detail',
args=(cred.id, )))
else:
return HttpResponseRedirect(next)
else:
form = CredForm(request.user, instance=cred)
CredAudit(audittype=CredAudit.CREDPASSVIEW,
cred=cred,
user=request.user).save()
return render(
request, 'cred_edit.html', {
'form': form,
'action': reverse('edit', args=(cred.id, )),
'next': next,
'icons': get_icon_list(),
'cred': cred,
'cred_extra_fields': cred_extra_fields,
})
def edit(request, cred_id):
cred = get_object_or_404(Cred, pk=cred_id)
if cred.latest is not None:
raise Http404
next = request.GET.get("next", None)
# Check user has perms
if not cred.is_accessible_by(request.user):
raise Http404
if request.method == "POST":
form = CredForm(request.user, request.POST, request.FILES, instance=cred)
if form.is_valid():
# Assume metedata change
chgtype = CredAudit.CREDMETACHANGE
# Unless something thats not metadata changes
for c in form.changed_data:
if c not in Cred.METADATA:
chgtype = CredAudit.CREDCHANGE
# Clear pre-existing change queue items
if chgtype == CredAudit.CREDCHANGE:
CredChangeQ.objects.filter(cred=cred).delete()
# Create audit log
CredAudit(audittype=chgtype, cred=cred, user=request.user).save()
form.save()
# If we dont have anywhere to go, go to the details page
if next is None:
return HttpResponseRedirect(reverse("cred.views.detail", args=(cred.id,)))
else:
return HttpResponseRedirect(next)
else:
form = CredForm(request.user, instance=cred)
CredAudit(audittype=CredAudit.CREDPASSVIEW, cred=cred, user=request.user).save()
return render(
request,
"cred_edit.html",
{"form": form, "action": reverse("cred.views.edit", args=(cred.id,)), "next": next, "icons": get_icon_list()},
)
def add(request):
if request.method == "POST":
form = CredForm(request.user, request.POST, request.FILES)
if form.is_valid():
form.save()
CredAudit(audittype=CredAudit.CREDADD, cred=form.instance, user=request.user).save()
return HttpResponseRedirect(reverse("cred.views.list"))
else:
form = CredForm(request.user)
return render(
request, "cred_edit.html", {"form": form, "action": reverse("cred.views.add"), "icons": get_icon_list()}
)
