def setUp(self):
self.test_user = User.objects.get_or_create(username='******',
password='******')[0]
self.setup_request()
# Superuser.
self.superuser = User.objects.get(username='******')
# Cyder admin.
self.cyder_admin = User.objects.get_or_create(
username='******', password='******')[0]
self.ctnr_global = Ctnr.objects.get(id=1)
self.ctnr_user_cyder_admin_global = CtnrUser(id=None,
ctnr=self.ctnr_global,
user=self.cyder_admin,
level=2)
self.ctnr_user_cyder_admin_global.save()
# Admin.
self.ctnr_admin = Ctnr(id=None, name="admin")
self.ctnr_admin.save()
self.ctnr_user_admin = CtnrUser(id=None,
ctnr=self.ctnr_admin,
user=self.test_user,
level=2)
self.ctnr_user_admin.save()
self.ctnr_user_cyder_admin = CtnrUser(id=None,
ctnr=self.ctnr_admin,
user=self.cyder_admin,
level=2)
self.ctnr_user_cyder_admin.save()
# User.
self.ctnr_user = Ctnr(id=None, name="user")
self.ctnr_user.save()
self.ctnr_user_user = CtnrUser(id=None,
ctnr=self.ctnr_user,
user=self.test_user,
level=1)
self.ctnr_user_user.save()
# Guest.
self.ctnr_guest = Ctnr(id=None, name="guest")
self.ctnr_guest.save()
self.ctnr_user_guest = CtnrUser(id=None,
ctnr=self.ctnr_guest,
user=self.test_user,
level=0)
self.ctnr_user_guest.save()
# Pleb.
self.pleb_user = User.objects.get_or_create(username='******',
password='******')[0]
def add_user(request, ctnr, name):
confirmation = request.POST.get('confirmation', '')
level = request.POST.get('level', '')
if not name:
return HttpResponse(json.dumps({'error': 'Please enter a user name'}))
if not level:
return HttpResponse(
json.dumps({'error': 'Please select an administrative level'}))
if (confirmation == 'false'
and not User.objects.filter(username=name).exists()):
return HttpResponse(
json.dumps({
'acknowledge':
'This user is not in any other container. '
'Are you sure you want to create this user?'
}))
user, _ = User.objects.get_or_create(username=name)
user.save()
if CtnrUser.objects.filter(user_id=user.id, ctnr_id=ctnr.id).exists():
return HttpResponse(
json.dumps({'error':
'This user already exists in this container'}))
CtnrUser(user_id=user.id, ctnr_id=ctnr.id, level=level).save()
return HttpResponse(json.dumps({'success': True}))
def login_session(request, username):
"""Logs in a user and sets up the session."""
try:
# Authenticate / login.
user = User.objects.get(username=username)
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
except User.DoesNotExist:
messages.error(request, "User %s does not exist" % (username))
return request
try:
# Create user profile if needed.
request.user.get_profile()
except UserProfile.DoesNotExist:
profile = UserProfile(user=user)
profile.save()
try:
# Assign user to default ctnr if needed.
CtnrUser.objects.get(user=request.user,
ctnr_id=request.user.get_profile().default_ctnr)
except CtnrUser.DoesNotExist:
new_default_ctnr = Ctnr.objects.get(id=2)
CtnrUser(user=request.user, ctnr=new_default_ctnr, level=0).save()
# Set session ctnr.
default_ctnr = request.user.get_profile().default_ctnr
if default_ctnr:
request.session['ctnr'] = Ctnr.objects.get(id=default_ctnr.id)
else:
request.session['ctnr'] = Ctnr.objects.get(id=2)
# Set session ctnr level.
request.session['level'] = CtnrUser.objects.get(user=request.user,
ctnr=default_ctnr).level
try:
# Set ctnr list (to switch between).
global_ctnr = CtnrUser.objects.get(user=request.user, ctnr=1)
if global_ctnr:
request.session['ctnrs'] = (
list(Ctnr.objects.filter(Q(id=1)
| Q(id=2))) +
list(Ctnr.objects.exclude(Q(id=1)
| Q(id=2)).order_by("name")))
except CtnrUser.DoesNotExist:
# Set ctnr list (to switch between).
ctnrs_user = CtnrUser.objects.filter(user=request.user)
ctnrs = [
Ctnr.objects.get(id=ctnr_pk)
for ctnr_pk in ctnrs_user.values_list('ctnr', flat=True)
]
request.session['ctnrs'] = ctnrs
return request
def clone_perms(request, user_id):
if not request.POST:
return redirect(request.META.get('HTTP_REFERER', ''))
acting_user = request.user.get_profile()
if not acting_user.has_perm(request, 2, obj_class='User'):
return HttpResponse(
json.dumps({
'errors': {
'__all__':
'You do not have permissions to perform ' + 'this action'
}
}))
profile = UserProfile.objects.get(user__id=user_id)
perms_qs = CtnrUser.objects.filter(user__id=user_id)
if not perms_qs.exists():
perms_qs = []
users = request.POST.get('users', None)
if not users:
return HttpResponse(
json.dumps({'errors': {
'__all__': 'No users provided'
}}))
users = users.split(',')
for user in users:
user_qs = User.objects.filter(username=user)
if not user_qs.exists():
user = User(username=user)
user.save()
else:
user = user_qs.get()
CtnrUser.objects.filter(user=user).delete()
for perm in perms_qs:
ctnr_user_qs = CtnrUser.objects.filter(user=user, ctnr=perm.ctnr)
if not ctnr_user_qs.exists():
ctnr_user = CtnrUser(user=user,
ctnr=perm.ctnr,
level=perm.level)
else:
ctnr_user = ctnr_user_qs.get()
ctnr_user.level = perm.level
ctnr_user.save()
return HttpResponse(json.dumps({'success': True}))
def edit_user(request, username, action):
acting_user = User.objects.get(id=request.session['_auth_user_id'])
if acting_user.is_superuser is False:
return HttpResponse(json.dumps(
{'errors': {'__all__': 'You do not have superuser permissions'}}))
if acting_user.username == username:
return HttpResponse(json.dumps(
{'errors': {'__all__': 'You do not have permission to perform ' +
'this action'}}))
if action == 'Create':
user, _ = User.objects.get_or_create(username=username)
if _ is False:
return HttpResponse(json.dumps(
{'errors': {'__all__': 'A user with that username already ' +
'exists'}}))
user.save()
else:
try:
user = User.objects.get(username=username)
if action == 'Promote':
user.is_superuser = True
user.save()
try:
ctnruser = CtnrUser.objects.get(
user_id=user.id,
ctnr_id=Ctnr.objects.get(name='global').id)
ctnruser.level = 0
ctnruser.full_clean()
ctnruser.save()
except CtnrUser.DoesNotExist:
ctnruser = CtnrUser(
user_id=user.id,
ctnr_id=Ctnr.objects.get(name='global').id,
level=0)
ctnruser.full_clean()
ctnruser.save()
elif action == 'Demote':
user.is_superuser = False
user.save()
elif action == 'Delete':
ctnrs = CtnrUser.objects.filter(user_id=user.id)
for ctnr in ctnrs:
ctnr.delete()
user.delete()
else:
return HttpResponse(json.dumps(
{'errors': {'__all__': 'Unknown action'}}))
except:
return HttpResponse(json.dumps(
{'errors': {'__all__': 'An error occurred'}}))
return HttpResponse(json.dumps({'success': True}))
def login_session(request, username):
"""Logs in a user and sets up the session."""
try:
# Authenticate / login.
user = User.objects.get(username=username)
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
except User.DoesNotExist:
if not settings.TESTING:
messages.error(request, "User %s does not exist" % (username))
return request
try:
# Create user profile if needed.
request.user.get_profile()
except UserProfile.DoesNotExist:
profile = UserProfile(user=user)
profile.save()
try:
# Assign user to default ctnr if needed.
CtnrUser.objects.get(user=request.user,
ctnr_id=request.user.get_profile().default_ctnr)
except CtnrUser.DoesNotExist:
new_default_ctnr = Ctnr.objects.get(id=2)
if not CtnrUser.objects.filter(
user=request.user, ctnr=new_default_ctnr).exists():
CtnrUser(user=request.user, ctnr=new_default_ctnr, level=0).save()
# Set session ctnr.
default_ctnr = request.user.get_profile().default_ctnr
if default_ctnr:
request.session['ctnr'] = Ctnr.objects.get(id=default_ctnr.id)
else:
request.session['ctnr'] = Ctnr.objects.get(id=2)
if request.session['ctnr'].name == "default":
default_ctnr = Ctnr.objects.get(name="global")
request.session['ctnr'] = default_ctnr
# Set session ctnr level.
try:
level = CtnrUser.objects.get(user=request.user,
ctnr=default_ctnr).level
except CtnrUser.DoesNotExist:
level = LEVEL_GUEST
request.session['level'] = level
try:
CtnrUser.objects.get(user=request.user, ctnr=1)
ctnrs = Ctnr.objects.order_by("name")
except CtnrUser.DoesNotExist:
# Set ctnr list (to switch between).
ctnrs_user = CtnrUser.objects.filter(user=request.user)
ctnrs = ctnrs_user.values_list('ctnr', flat=True)
ctnrs = Ctnr.objects.filter(id__in=ctnrs).order_by('name')
global_ctnr = Ctnr.objects.get(id=1)
ctnrs = ctnrs.exclude(Q(id=2) | Q(id=1))
ctnrs = [global_ctnr] + list(ctnrs)
request.session['ctnrs'] = ctnrs
return request
from django.contrib.auth.models import User
from cyder.core.ctnr.models import Ctnr, CtnrUser
from cyder.cydns.domain.models import Domain
ctnr = Ctnr.objects.get(id=1)
domains = Domain.objects.filter(id__lte=3)
for domain in domains:
ctnr.domains.add(domain)
user = User.objects.get(username='******')
ctnr_user = CtnrUser(id=None, ctnr=ctnr, user=user, level=2)
ctnr_user.save()
ctnr.save()
