def make_admin(request, model, model_slug, member_slug, permitted=False):
""" Give administrator rights """
model = get_model(*model.split('.'))
model_object = get_object_or_404(model, slug=model_slug, members=request.user)
user = get_object_or_404(User, username=member_slug)
if isinstance(model_object, Group):
redirect_reverse = 'group-detail'
codename = 'group_permission.change_group'
check = GroupPermission(request.user)
if check.change_group(model_object):
permitted = True
elif isinstance(model_object, Project):
redirect_reverse = 'project-detail'
codename = 'project_permission.change_project'
check = ProjectPermission(request.user)
if check.change_project(model_object):
permitted = True
if permitted:
permission = Permission(codename=codename,
content_type=ContentType.objects.get_for_model(model),
object_id=model_object.id,
user=user,
approved=True)
permission.save()
# Notification
model_object.create_activity(request.user, Activity.ADMIN, user)
request.user.message_set.create(message=_("Member '%(member)s' has been granted admin permissions for '%(project)s'" % {'member': user.username, 'project': model_object.name }))
return HttpResponseRedirect(reverse(redirect_reverse,
kwargs = {'slug': model_object.slug}))
def _grant_permission(codename, model, model_object, user, approved=True):
permission = Permission(codename=codename,
content_type=ContentType.objects.get_for_model(model),
object_id=model_object.id,
user=user,
approved=approved)
permission.save()
return permission
def _grant_permission(codename, model, model_object, user, approved=True):
permission = Permission(codename=codename,
content_type=ContentType.objects.get_for_model(model),
object_id=model_object.id,
user=user,
approved=approved)
permission.save()
return permission
def test_delete(self):
perm = Permission(user=self.user,
content_object=self.user,
codename='user_permission.delete_user',
approved=True)
perm.save()
# test
self.assertFalse(self.check.delete_user())
self.assertTrue(self.check.delete_user(self.user))
def test_delete(self):
perm = Permission(
user=self.user,
content_object=self.user,
codename='user_permission.delete_user',
approved=True
)
perm.save()
# test
self.assertFalse(self.check.delete_user())
self.assertTrue(self.check.delete_user(self.user))
def test_assign_to_group_does_not_fail_when_two_group_perms_exist(self):
for group in self.group1, self.group2:
perm = Permission(
group=group,
content_object=self.user,
codename="user_permission.delete_user",
approved=True,
)
perm.save()
try:
UserPermission(group=self.group3).assign(check="delete_user",
content_object=self.user)
except MultipleObjectsReturned:
self.fail("assign() should not have raised this exception")
def make_admin(request, model, model_slug, member_slug, permitted=False):
""" Give administrator rights """
model = get_model(*model.split('.'))
model_object = get_object_or_404(model,
slug=model_slug,
members=request.user)
user = get_object_or_404(User, username=member_slug)
if isinstance(model_object, Group):
redirect_reverse = 'group-detail'
codename = 'group_permission.change_group'
check = GroupPermission(request.user)
if check.change_group(model_object):
permitted = True
elif isinstance(model_object, Project):
redirect_reverse = 'project-detail'
codename = 'project_permission.change_project'
check = ProjectPermission(request.user)
if check.change_project(model_object):
permitted = True
if permitted:
permission = Permission(
codename=codename,
content_type=ContentType.objects.get_for_model(model),
object_id=model_object.id,
user=user,
approved=True)
permission.save()
# Notification
model_object.create_activity(request.user, Activity.ADMIN, user)
request.user.message_set.create(message=_(
"Member '%(member)s' has been granted admin permissions for '%(project)s'"
% {
'member': user.username,
'project': model_object.name
}))
return HttpResponseRedirect(
reverse(redirect_reverse, kwargs={'slug': model_object.slug}))
def add(request):
if request.POST:
codename = request.POST.get("codename")
desc = request.POST.get("desc")
type = request.POST.get("type")
# 验证重复的codename
permissions = Permission.objects.filter(codename__iexact=codename)
if permissions:
return HttpResponse(simplejson.dumps({"statusCode":403, "message":u'此权限已经存在不能添加'}), mimetype='application/json')
permission = Permission(codename=codename, desc=desc, type=type)
permission.save()
# 日志
Log(username=request.user.username,log_type=1,relate_id=permission.id,content="execute add permission " + permission.codename + " success!", level=1).save()
return HttpResponse(simplejson.dumps({"statusCode":200,"url": "/authority/index", "message":u'添加成功'}), mimetype='application/json')
return render_to_response('authority/add.html', {'permission_type_dict':permission_type_dict}, context_instance=RequestContext(request))
def add(request):
if request.method == 'POST':
p = Product()
p.product_name = request.POST.get('product_name')
p.save()
# 添加权限记录
newpm = Permission()
newpm.codename = product2AuthStr(p.id)
newpm.desc = p.product_name + u"操作权限"
newpm.type = 5
newpm.save()
# 日志
Log(username=request.user.username, log_type=8, content="execute add product " + p.product_name + " success!", level=1).save()
return HttpResponse(simplejson.dumps({"statusCode":200, "url": "/product/index", "message":u'添加成功'}), mimetype='application/json')
else:
return render_to_response('product/add.html', context_instance=RequestContext(request))
def add(request):
if request.POST:
area_name = request.POST.get("name")
# 保存区域信息
area = Area();
area.name = area_name
area.save()
# 生成对应的权限字段
p = Permission()
p.codename = area2AuthStr(area.id)
p.desc = area.name + u'工单管理权限'
p.type = 4
p.save()
return HttpResponse(simplejson.dumps({"statusCode":200,"url": "/area/index", "message":u'添加成功'}), mimetype='application/json')
return render_to_response('area/add.html')
def permission(**kwargs):
if 'approved' not in kwargs:
kwargs['approved'] = True
return Permission(**kwargs)
def add(request):
if request.POST:
app_name = request.POST.get('app_name')
#清除左右两侧空格
app_name = app_name.strip()
desc = request.POST.get('desc')
ip_list = request.POST.get('ip_list')
check_interval = request.POST.get('check_interval')
max_check_attempts = request.POST.get('max_check_attempts')
# 过滤IP列表防止出现重复的IP地址
ip_list = filterIP(ip_list)
email_list = request.POST.get('email_list', None)
mobile_list = request.POST.get('mobile_list', None)
if email_list or mobile_list:
alarmtype = 1
else:
alarmtype = 0
#验证重复应用名
app = AppService.objects.filter(app_name__iexact=app_name)
if app:
return HttpResponse(simplejson.dumps({"statusCode":400, "message":u'应用服务记录已经存在不能添加'}), mimetype='application/json')
else:
newapp = AppService(app_name=app_name, desc=desc, ip_list=ip_list, \
email_list=email_list,mobile_list=mobile_list,alarmtype=alarmtype, \
check_interval=check_interval,max_check_attempts=max_check_attempts )
newapp.save()
# 创建对应的权限记录 此应用监控项的读和操作权限
newpm = Permission();
newpm.codename = app2AuthStr(app_name,"read")
newpm.desc = app_name + u"监控项读权限"
newpm.type=3
newpm.save()
newpm = Permission()
newpm.codename = app2AuthStr(app_name,"operate")
newpm.desc = app_name + u"监控项操作权限"
newpm.type=3
newpm.save()
# 日志
Log(username=request.user.username,log_type=3,relate_id=newapp.id,content="execute add appitem " + newapp.app_name + " success!", level=1).save()
return HttpResponse(simplejson.dumps({"statusCode":200,"url": "/appitem/index", "message":u'添加成功'}), mimetype='application/json')
return render_to_response('appitem/add.html',context_instance=RequestContext(request))