def project_update_owners(request, project_uuid):
"""
:param request:
:param project_uuid:
:return:
"""
project = get_object_or_404(Project, uuid=UUID(str(project_uuid)))
# set user permissions
is_pc = (project.project_creator == request.user)
is_po = (request.user in project.project_owners.all())
is_pm = (request.user in project.project_members.all())
project_owners_orig = list(project.project_owners.all())
if request.method == "POST":
form = ProjectUpdateOwnersForm(request.POST, instance=project, project=project)
if form.is_valid():
project_owners = list(form.cleaned_data.get('project_owners'))
project_owners_added = list(set(project_owners).difference(set(project_owners_orig)))
project_owners_removed = list(set(project_owners_orig).difference(set(project_owners)))
# update members
for owner in project_owners_added:
project.project_owners.add(owner)
for owner in project_owners_removed:
project.project_owners.remove(owner)
project.modified_by = request.user
project.modified_date = timezone.now()
project.save()
# send usercomms
sender = get_object_or_404(AerpawUser, id=request.user.id)
reference_url = 'https://' + str(request.get_host()) + '/projects/' + str(project_uuid)
try:
if project_owners_added:
reference_note = 'Added to project ' + str(project.name) + ' as OWNER'
subject = '[AERPAW] User: '******' has ADDED you to project: ' + \
project.name + ' as OWNER'
body_message = 'A project owner has added you to ' + project.name + \
'. If you believe this to be in error please contact the project owner direclty'
portal_mail(subject=subject, body_message=body_message, sender=sender,
receivers=project_owners_added,
reference_note=reference_note, reference_url=reference_url)
if project_owners_removed:
reference_note = 'Removed from project ' + str(project.name) + ' as OWNER'
subject = '[AERPAW] User: '******' has REMOVED you from project: ' + \
project.name + ' as OWNER'
body_message = 'A project owner has removed you from ' + project.name + \
'. If you believe this to be in error please contact the project owner directly'
portal_mail(subject=subject, body_message=body_message, sender=sender,
receivers=project_owners_removed,
reference_note=reference_note, reference_url=None)
messages.info(request, 'Success! OWNER changes for project: ' + str(project.name) + ' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
return redirect('project_detail', project_uuid=str(project.uuid))
else:
form = ProjectUpdateOwnersForm(instance=project, project=project)
return render(request, 'project_update_owners.html',
{
'form': form, 'project_uuid': str(project_uuid), 'project_name': project.name,
'is_pc': is_pc, 'is_po': is_po, 'is_pm': is_pm}
)
def experiment_update_by_ops(request, experiment_uuid):
"""
This temporary code will need some update after GA
:param request:
:param experiment_uuid:
:return:
"""
experiment = get_object_or_404(Experiment, uuid=UUID(str(experiment_uuid)))
prev_stage = experiment.stage
prev_state = experiment.state
if request.method == "POST":
form = ExperimentUpdateByOpsForm(request.POST, instance=experiment)
if form.is_valid():
experimenter = experiment.created_by # save first, otherwise soon overwritten
experiment = form.save(commit=False)
experiment_uuid = update_existing_experiment(
request, experiment, form, prev_stage, prev_state)
if experiment.message is not None and experiment.message != "":
subject = 'Aerpaw Experiment Notification: {}'.format(
experiment.uuid)
email_message = "[{}]\n\n".format(subject) \
+ "Experiment Name: {}\n".format(str(experiment)) \
+ "Project: {}\n\n".format(experiment.project) \
+ "Notification/Message:\n{}\n".format(experiment.message)
receivers = [experimenter]
logger.warning("send_email:\n" + subject)
logger.warning(email_message)
logger.warning("receivers = {}\n".format(receivers))
portal_mail(subject=subject,
body_message=email_message,
sender=request.user,
receivers=receivers,
reference_note=None,
reference_url=None)
return redirect('experiment_detail',
experiment_uuid=str(experiment.uuid))
form = ExperimentUpdateByOpsForm(instance=experiment)
return render(
request, 'experiment_update.html', {
'form': form,
'experiment_uuid': str(experiment_uuid),
'experiment_name': experiment.name
})
def project_join(request, project_uuid):
"""
:param request:
:param project_uuid:
:return:
"""
# get project
project = get_object_or_404(Project, uuid=UUID(str(project_uuid)))
if request.method == 'GET':
form = ProjectJoinForm()
else:
form = ProjectJoinForm(request.POST)
if form.is_valid():
sender = get_object_or_404(AerpawUser, id=request.user.id)
reference_url = 'https://' + str(request.get_host()) + '/projects/' + str(project_uuid)
if str(dict(JOIN_CHOICES)[form.data['member_type']]) == 'Project Member':
member_type = 'MEMBER'
else:
member_type = 'OWNER'
body_message = form.cleaned_data['message']
reference_note = 'Join project ' + str(project.name) + ' as ' + member_type
subject = '[AERPAW] User: '******' has requested to join project: ' + \
project.name + ' as ' + member_type
receivers = [project.project_creator]
project_owners = project.project_owners.order_by('username')
for po in project_owners:
receivers.append(po)
receivers = list(set(receivers))
try:
create_new_project_membership_request(request, project_uuid, member_type, body_message)
portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
reference_note=reference_note, reference_url=reference_url)
kwargs = {'project_name': str(project.name), 'project_owner': str(project.created_by)}
ack_mail(
template='project_join', user_name=request.user.display_name,
user_email=request.user.email, **kwargs
)
messages.info(request, 'Success! Request to join project: ' + str(project.name) + ' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
return redirect('projects')
return render(request, "project_join.html", {'form': form, 'project': project})
def send_request_to_testbed(request, experiment):
action = None
if is_emulab_stage(experiment.stage):
return # do nothing, this function is not for emulab
if experiment.state == Experiment.STATE_DEPLOYING:
action = 'START'
elif experiment.state == Experiment.STATE_IDLE:
action = 'SAVE and EXIT'
elif experiment.state == Experiment.STATE_SUBMIT:
action = 'SUBMIT'
if action:
subject = 'Aerpaw Experiment Action Session Request: {} {}:{}'.format(action,
str(experiment.uuid),
experiment.stage)
message = "[{}]\n\n".format(subject) \
+ "Experiment Name: {}\n".format(str(experiment)) \
+ "Project: {}\n".format(experiment.project) \
+ "User: {}\n\n".format(request.user.username)
if action == 'SUBMIT':
message += "Testbed Experiment Description: {}\n\n".format(experiment.submit_notes)
if action == 'START' or action == 'SUBMIT':
session_req = generate_experiment_session_request(request, experiment)
message += "Experiment {} Session Request:\n{}\n".format(experiment.stage, session_req)
receivers = []
operators = list(AerpawUser.objects.filter(groups__name='operator'))
for operator in operators:
receivers.append(operator)
logger.warning("send_email:\n" + subject)
logger.warning(message)
portal_mail(subject=subject, body_message=message, sender=request.user,
receivers=receivers,
reference_note=None, reference_url=None)
if action == 'START':
kwargs = {'experiment_name': str(experiment)}
ack_mail(
template='experiment_init', user_name=request.user.display_name,
user_email=request.user.email, **kwargs
)
def request_roles(request):
"""
:param request:
:return:
"""
if request.user.is_aerpaw_user() and request.user.is_project_manager():
has_role_options = False
else:
has_role_options = True
if request.method == 'GET':
form = AerpawRoleRequestForm(user=request.user)
else:
form = AerpawRoleRequestForm(request.POST, user=request.user)
if form.is_valid():
role_request = create_new_role_request(request, form)
subject = '[AERPAW] User: '******' has requested role: ' + role_request
body_message = form.cleaned_data['purpose']
sender = request.user
receivers = []
if role_request == 'is Administrator':
user_managers = AerpawUser.objects.filter(is_superuser=True).distinct()
elif role_request in ['is Operator', 'can Manage Resources', 'can Manage User Roles']:
user_managers = AerpawUser.objects.filter(groups__name__in=['site_admin']).distinct()
else:
user_managers = AerpawUser.objects.filter(groups__name__in=['site_admin', 'user_manager']).distinct()
for um in user_managers:
receivers.append(um)
reference_note = 'Add role ' + str(role_request)
reference_url = 'https://' + str(request.get_host()) + '/manage/user_requests'
try:
portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
reference_note=reference_note, reference_url=reference_url)
messages.info(request, 'Success! Request to add role: ' + role_request + ' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
return redirect('profile')
return render(request, 'request_roles.html', {'form': form, 'has_role_options': has_role_options})
def user_requests(request):
"""
:param request:
:return:
"""
user_manager = AerpawUser.objects.get(id=request.user.id)
if request.method == "POST":
for key in request.POST.keys():
if not key == 'csrfmiddlewaretoken':
parse_key = key.rsplit('_', 1)
if parse_key[0] != 'notes':
role = parse_key[0]
role_request = AerpawRoleRequest.objects.get(id=int(parse_key[1]))
notes = request.POST.get('notes_' + str(parse_key[1]))
if request.POST.get(key) == 'Approve':
is_approved = True
else:
is_approved = False
# get user_obj
user_obj = AerpawUser.objects.get(id=int(role_request.requested_by_id))
group_obj = Group.objects.get(name=str(role))
r_name = role_name(group_obj.name)
if str(is_approved) == 'True':
user_obj.groups.add(group_obj)
else:
user_obj.groups.remove(group_obj)
user_obj.save()
role_request.notes = notes
role_request.is_approved = is_approved
role_request.is_completed = True
role_request.save()
# TODO: email
if is_approved:
subject = '[AERPAW] User: '******' requested role: ' + r_name + ' has been APPROVED'
else:
subject = '[AERPAW] User: '******' requested role: ' + r_name + ' has been DENIED'
body_message = notes
sender = user_manager
receivers = [user_obj]
user_managers = AerpawUser.objects.filter(groups__name='user_manager')
for um in user_managers:
receivers.append(um)
receivers.remove(sender)
reference_note = 'Add role ' + r_name
reference_url = None
try:
portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
reference_note=reference_note, reference_url=reference_url)
if is_approved:
messages.info(request, 'Success! APPROVED: Request to add role: ' + r_name + ' has been sent')
else:
messages.info(request, 'Success! DENIED: Request to add role: ' + r_name + ' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
sa_set = ['site_admin']
um_set = ['site_admin', 'operator', 'user_manager', 'resource_manager']
if user_manager.is_superuser:
print('IS SUPERUSER')
open_u_reqs = AerpawRoleRequest.objects.filter(is_completed=False).order_by('-created_date')
closed_u_reqs = AerpawRoleRequest.objects.filter(is_completed=True).order_by('-created_date')
elif user_manager.is_site_admin():
print('IS SITE ADMIN')
open_u_reqs = AerpawRoleRequest.objects.filter(is_completed=False).exclude(requested_role__in=sa_set).order_by(
'-created_date')
closed_u_reqs = AerpawRoleRequest.objects.filter(is_completed=True).exclude(requested_role__in=sa_set).order_by(
'-created_date')
else:
print('IS USER MANAGER')
open_u_reqs = AerpawRoleRequest.objects.filter(is_completed=False).exclude(requested_role__in=um_set).order_by(
'-created_date')
closed_u_reqs = AerpawRoleRequest.objects.filter(is_completed=True).exclude(requested_role__in=um_set).order_by(
'-created_date')
return render(request, 'user_requests.html', {'ou_reqs': open_u_reqs, 'cu_reqs': closed_u_reqs})
def project_detail(request, project_uuid):
"""
:param request:
:param project_uuid:
:return:
"""
# get project
project = get_object_or_404(Project, uuid=UUID(str(project_uuid)))
# check for project join request approval / denial
if request.method == "POST":
for key in request.POST.keys():
if not key == 'csrfmiddlewaretoken':
parse_key = key.rsplit('_', 1)
if parse_key[0] != 'notes':
member_type = parse_key[0]
proj_mem_request = ProjectMembershipRequest.objects.get(id=int(parse_key[1]))
notes = request.POST.get('notes_' + str(parse_key[1]))
if request.POST.get(key) == 'Approve':
is_approved = True
else:
is_approved = False
# get user_obj
user_obj = AerpawUser.objects.get(id=int(proj_mem_request.requested_by_id))
if str(is_approved) == 'True':
if member_type == 'MEMBER':
project.project_members.add(user_obj)
elif member_type == 'OWNER':
project.project_owners.add(user_obj)
else:
if member_type == 'MEMBER':
project.project_members.remove(user_obj)
elif member_type == 'OWNER':
project.project_owners.remove(user_obj)
project.save()
proj_mem_request.notes = notes
proj_mem_request.is_approved = is_approved
proj_mem_request.is_completed = True
proj_mem_request.save()
if is_approved:
subject = '[AERPAW] User: '******' request to join project: ' + project.name + ' has been APPROVED'
reference_url = 'https://' + str(request.get_host()) + '/projects/' + str(project_uuid)
else:
subject = '[AERPAW] User: '******' request to join project: ' + project.name + ' has been DENIED'
reference_url = None
body_message = notes
sender = AerpawUser.objects.get(id=request.user.id)
receivers = [user_obj]
reference_note = 'Join project ' + project.name + ' as ' + member_type
try:
portal_mail(subject=subject, body_message=body_message, sender=sender, receivers=receivers,
reference_note=reference_note, reference_url=reference_url)
if is_approved:
messages.info(request, 'Success! APPROVED: Request to join project: ' + project.name + ' has been sent')
else:
messages.info(request, 'Success! DENIED: Request to join project: ' + project.name + ' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
# set user permissions
is_pc = (project.project_creator == request.user)
is_po = (request.user in project.project_owners.all())
is_pm = (request.user in project.project_members.all())
# RM_CICD
# try:
# cicd = Cicd.objects.get(aerpaw_uuid=str(project.uuid))
# except Cicd.DoesNotExist as err:
# print(err)
# cicd = None
# cicd = get_object_or_404(Cicd, aerpaw_uuid=str(project.uuid))
request.session['project_id'] = project.id
project_members = project.project_members.order_by('username')
project_owners = project.project_owners.order_by('username')
project_experiments = project.experiment_of_project
project_profiles = Profile.objects.filter(project_id=project.id).order_by('name')
project_requests = ProjectMembershipRequest.objects.filter(project_uuid=project_uuid, is_completed=False).order_by(
'-created_date')
return render(request, 'project_detail.html',
{'project': project, 'project_members': project_members, 'project_owners': project_owners,
'is_pc': is_pc, 'is_po': is_po, 'is_pm': is_pm, 'project_requests': project_requests,
'experiments': project_experiments.all(), 'profiles': project_profiles})
def create_user(self, claims):
user = super(MyOIDCAB, self).create_user(claims)
# scope openid
user.oidc_claim_sub = claims.get('sub', '')
user.oidc_claim_iss = claims.get('iss', '')
user.oidc_claim_aud = claims.get('aud', '')
user.oidc_claim_token_id = claims.get('token_id', '')
# scope email
user.oidc_claim_email = claims.get('email', '')
# scope profile
user.oidc_claim_given_name = claims.get('given_name', '')
user.oidc_claim_family_name = claims.get('family_name', '')
user.oidc_claim_name = claims.get('name', '')
# scope org.cilogon.userinfo
user.oidc_claim_idp = claims.get('idp', '')
user.oidc_claim_idp_name = claims.get('idp_name', '')
user.oidc_claim_eppn = claims.get('eppn', '')
user.oidc_claim_eptid = claims.get('eptid', '')
user.oidc_claim_affiliation = claims.get('affiliation', '')
user.oidc_claim_ou = claims.get('ou', '')
user.oidc_claim_oidc = claims.get('oidc', '')
user.oidc_claim_cert_subject_dn = claims.get('cert_subject_dn', '')
# other values
user.oidc_claim_acr = claims.get('acr', '')
user.oidc_claim_entitlement = claims.get('entitlement', '')
# set default user fields
user.first_name = claims.get('given_name', '')
user.last_name = claims.get('family_name', '')
user.email = claims.get('email', '')
user.save()
# set display name
user.display_name = user.oidc_claim_name + ' (' + user.username + ')'
# add user to aerpaw_user group
aug = Group.objects.get(name='aerpaw_user')
user.groups.add(aug)
user.save()
# send welcome email and set initial usercomm message
sender = settings.EMAIL_HOST_USER
reference_url = 'https://' + str(
self.request.get_host()) + '/accounts/profile'
body_message = """
Welcome to the AERPAW Portal
User manuals, tutorials, and other relevant documentation can be found at the following links;
please refer to relevant instructions before attempting to use this Portal.
- AERPAW main website: https://www.aerpaw.org
- AERPAW wiki: https://sites.google.com/ncsu.edu/aerpaw-wiki
- AERPAW Acceptable Use Policy: https://sites.google.com/ncsu.edu/aerpaw-wiki/aerpaw-user-manual/2-experiment-web-portal/acceptable-use-policy-aup
"""
reference_note = 'New user signup for: ' + user.display_name
subject = '[AERPAW] Welcome ' + user.display_name + ' to the AERPAW portal!'
receivers = [user]
try:
portal_mail(subject=subject,
body_message=body_message,
sender=sender,
receivers=receivers,
reference_note=reference_note,
reference_url=reference_url)
messages.info(
self.request, 'Success! Welcome email to user: '******' has been sent')
except BadHeaderError:
return HttpResponse('Invalid header found.')
return user