def setUp(self): self.test_user = User.objects.get_or_create(username='******', password='******')[0] self.setup_request() # Superuser. self.superuser = User.objects.get(username='******') # Cyder admin. self.cyder_admin = User.objects.get_or_create( username='******', password='******')[0] self.ctnr_global = Ctnr.objects.get(id=1) self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin_global.save() # Admin. self.ctnr_admin = Ctnr(id=None, name="admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2) self.ctnr_user_admin.save() self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin.save() # User. self.ctnr_user = Ctnr(id=None, name="user") self.ctnr_user.save() self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1) self.ctnr_user_user.save() # Guest. self.ctnr_guest = Ctnr(id=None, name="guest") self.ctnr_guest.save() self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0) self.ctnr_user_guest.save() # Pleb. self.pleb_user = User.objects.get_or_create(username='******', password='******')[0]
def add_user(request, ctnr, name): confirmation = request.POST.get('confirmation', '') level = request.POST.get('level', '') if not name: return HttpResponse(json.dumps({'error': 'Please enter a user name'})) if not level: return HttpResponse( json.dumps({'error': 'Please select an administrative level'})) if (confirmation == 'false' and not User.objects.filter(username=name).exists()): return HttpResponse( json.dumps({ 'acknowledge': 'This user is not in any other container. ' 'Are you sure you want to create this user?' })) user, _ = User.objects.get_or_create(username=name) user.save() if CtnrUser.objects.filter(user_id=user.id, ctnr_id=ctnr.id).exists(): return HttpResponse( json.dumps({'error': 'This user already exists in this container'})) CtnrUser(user_id=user.id, ctnr_id=ctnr.id, level=level).save() return HttpResponse(json.dumps({'success': True}))
def login_session(request, username): """Logs in a user and sets up the session.""" try: # Authenticate / login. user = User.objects.get(username=username) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) except User.DoesNotExist: messages.error(request, "User %s does not exist" % (username)) return request try: # Create user profile if needed. request.user.get_profile() except UserProfile.DoesNotExist: profile = UserProfile(user=user) profile.save() try: # Assign user to default ctnr if needed. CtnrUser.objects.get(user=request.user, ctnr_id=request.user.get_profile().default_ctnr) except CtnrUser.DoesNotExist: new_default_ctnr = Ctnr.objects.get(id=2) CtnrUser(user=request.user, ctnr=new_default_ctnr, level=0).save() # Set session ctnr. default_ctnr = request.user.get_profile().default_ctnr if default_ctnr: request.session['ctnr'] = Ctnr.objects.get(id=default_ctnr.id) else: request.session['ctnr'] = Ctnr.objects.get(id=2) # Set session ctnr level. request.session['level'] = CtnrUser.objects.get(user=request.user, ctnr=default_ctnr).level try: # Set ctnr list (to switch between). global_ctnr = CtnrUser.objects.get(user=request.user, ctnr=1) if global_ctnr: request.session['ctnrs'] = ( list(Ctnr.objects.filter(Q(id=1) | Q(id=2))) + list(Ctnr.objects.exclude(Q(id=1) | Q(id=2)).order_by("name"))) except CtnrUser.DoesNotExist: # Set ctnr list (to switch between). ctnrs_user = CtnrUser.objects.filter(user=request.user) ctnrs = [ Ctnr.objects.get(id=ctnr_pk) for ctnr_pk in ctnrs_user.values_list('ctnr', flat=True) ] request.session['ctnrs'] = ctnrs return request
def clone_perms(request, user_id): if not request.POST: return redirect(request.META.get('HTTP_REFERER', '')) acting_user = request.user.get_profile() if not acting_user.has_perm(request, 2, obj_class='User'): return HttpResponse( json.dumps({ 'errors': { '__all__': 'You do not have permissions to perform ' + 'this action' } })) profile = UserProfile.objects.get(user__id=user_id) perms_qs = CtnrUser.objects.filter(user__id=user_id) if not perms_qs.exists(): perms_qs = [] users = request.POST.get('users', None) if not users: return HttpResponse( json.dumps({'errors': { '__all__': 'No users provided' }})) users = users.split(',') for user in users: user_qs = User.objects.filter(username=user) if not user_qs.exists(): user = User(username=user) user.save() else: user = user_qs.get() CtnrUser.objects.filter(user=user).delete() for perm in perms_qs: ctnr_user_qs = CtnrUser.objects.filter(user=user, ctnr=perm.ctnr) if not ctnr_user_qs.exists(): ctnr_user = CtnrUser(user=user, ctnr=perm.ctnr, level=perm.level) else: ctnr_user = ctnr_user_qs.get() ctnr_user.level = perm.level ctnr_user.save() return HttpResponse(json.dumps({'success': True}))
def edit_user(request, username, action): acting_user = User.objects.get(id=request.session['_auth_user_id']) if acting_user.is_superuser is False: return HttpResponse(json.dumps( {'errors': {'__all__': 'You do not have superuser permissions'}})) if acting_user.username == username: return HttpResponse(json.dumps( {'errors': {'__all__': 'You do not have permission to perform ' + 'this action'}})) if action == 'Create': user, _ = User.objects.get_or_create(username=username) if _ is False: return HttpResponse(json.dumps( {'errors': {'__all__': 'A user with that username already ' + 'exists'}})) user.save() else: try: user = User.objects.get(username=username) if action == 'Promote': user.is_superuser = True user.save() try: ctnruser = CtnrUser.objects.get( user_id=user.id, ctnr_id=Ctnr.objects.get(name='global').id) ctnruser.level = 0 ctnruser.full_clean() ctnruser.save() except CtnrUser.DoesNotExist: ctnruser = CtnrUser( user_id=user.id, ctnr_id=Ctnr.objects.get(name='global').id, level=0) ctnruser.full_clean() ctnruser.save() elif action == 'Demote': user.is_superuser = False user.save() elif action == 'Delete': ctnrs = CtnrUser.objects.filter(user_id=user.id) for ctnr in ctnrs: ctnr.delete() user.delete() else: return HttpResponse(json.dumps( {'errors': {'__all__': 'Unknown action'}})) except: return HttpResponse(json.dumps( {'errors': {'__all__': 'An error occurred'}})) return HttpResponse(json.dumps({'success': True}))
def login_session(request, username): """Logs in a user and sets up the session.""" try: # Authenticate / login. user = User.objects.get(username=username) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) except User.DoesNotExist: if not settings.TESTING: messages.error(request, "User %s does not exist" % (username)) return request try: # Create user profile if needed. request.user.get_profile() except UserProfile.DoesNotExist: profile = UserProfile(user=user) profile.save() try: # Assign user to default ctnr if needed. CtnrUser.objects.get(user=request.user, ctnr_id=request.user.get_profile().default_ctnr) except CtnrUser.DoesNotExist: new_default_ctnr = Ctnr.objects.get(id=2) if not CtnrUser.objects.filter( user=request.user, ctnr=new_default_ctnr).exists(): CtnrUser(user=request.user, ctnr=new_default_ctnr, level=0).save() # Set session ctnr. default_ctnr = request.user.get_profile().default_ctnr if default_ctnr: request.session['ctnr'] = Ctnr.objects.get(id=default_ctnr.id) else: request.session['ctnr'] = Ctnr.objects.get(id=2) if request.session['ctnr'].name == "default": default_ctnr = Ctnr.objects.get(name="global") request.session['ctnr'] = default_ctnr # Set session ctnr level. try: level = CtnrUser.objects.get(user=request.user, ctnr=default_ctnr).level except CtnrUser.DoesNotExist: level = LEVEL_GUEST request.session['level'] = level try: CtnrUser.objects.get(user=request.user, ctnr=1) ctnrs = Ctnr.objects.order_by("name") except CtnrUser.DoesNotExist: # Set ctnr list (to switch between). ctnrs_user = CtnrUser.objects.filter(user=request.user) ctnrs = ctnrs_user.values_list('ctnr', flat=True) ctnrs = Ctnr.objects.filter(id__in=ctnrs).order_by('name') global_ctnr = Ctnr.objects.get(id=1) ctnrs = ctnrs.exclude(Q(id=2) | Q(id=1)) ctnrs = [global_ctnr] + list(ctnrs) request.session['ctnrs'] = ctnrs return request
from django.contrib.auth.models import User from cyder.core.ctnr.models import Ctnr, CtnrUser from cyder.cydns.domain.models import Domain ctnr = Ctnr.objects.get(id=1) domains = Domain.objects.filter(id__lte=3) for domain in domains: ctnr.domains.add(domain) user = User.objects.get(username='******') ctnr_user = CtnrUser(id=None, ctnr=ctnr, user=user, level=2) ctnr_user.save() ctnr.save()