def _deco(*args, **kwargs):
from dashboard.authorize_manage import ROLE_PROJECTADMIN
from dashboard.authorize_manage.utils import get_user_role_name
request = args[0]
list = func(*args, **kwargs)
if get_user_role_name(request) != ROLE_PROJECTADMIN:
return list
ret_list = []
tenant_role_map = request.user.tenant_role_map
for item in list:
for tenant_role in tenant_role_map:
tenant_id = None
if hasattr(item, 'tenant_id'):
tenant_id = item.tenant_id
elif hasattr(item, 'os-vol-tenant-attr:tenant_id'):
tenant_id = getattr(item,
'os-vol-tenant-attr:tenant_id', None)
elif hasattr(item, 'project_id'):
tenant_id = getattr(item, 'project_id', None)
if tenant_id == tenant_role['tenant_id']:
for role in tenant_role['roles']:
if role.name == ROLE_PROJECTADMIN:
ret_list.append(item)
return ret_list
def get_login_view(request):
if not has_permit:
with permit_lock:
if not validate_permit(request):
return shortcuts.redirect('get_permit_view')
if request.user.is_authenticated():
is_zh = True
if request.LANGUAGE_CODE.lower().find('zh') == -1:
is_zh = False
return shortcuts.render(
request, 'common/index.html', {
'username': request.user.username,
'role': get_user_role_name(request),
'is_admin': request.user.is_superuser,
'language': is_zh
})
form = Login()
request.session.clear()
request.session.set_test_cookie()
return shortcuts.render(request, 'authorize/splash.html', {
'form': form,
'next': request.GET.get('next', '')
})
def index_project(request):
"""
:param request:request object
:return:view<'project_manage/index.html'>::list of tenants
"""
return shortcuts.render(request, 'project_manage/index.html',
{'role': get_user_role_name(request)})
def index_controller(request, type='menu'):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
if not role:
return HttpResponse('Not Found')
try:
if type == 'menu':
controllers = Controller.objects.filter(action_type='menu',
role=role)
elif type == 'action':
controllers = Controller.objects.filter(action_type='menu',
role=role)
else:
if role == ROLE_ADMIN:
controllers = Controller.objects.all()
else:
controllers = Controller.objects.filter(role=role)
if request.is_ajax():
return HttpResponse(jsonutils.dumps(controllers))
except Exception, e:
LOG.error('Can not get list of controllers,error is %s' % e)
def user_list(request, tenant_id=None):
from dashboard.authorize_manage import ROLE_ADMIN
from dashboard.authorize_manage.utils import get_user_role_name
if tenant_id or get_user_role_name(request) == ROLE_ADMIN:
return keystoneclient(request, admin=True).users.list(tenant_id=tenant_id)
return keystoneclient(request, admin=True).users.list(tenant_id=request.user.tenant_id)
def user_list(request, tenant_id=None):
from dashboard.authorize_manage import ROLE_ADMIN
from dashboard.authorize_manage.utils import get_user_role_name
if tenant_id or get_user_role_name(request) == ROLE_ADMIN:
return keystoneclient(request,
admin=True).users.list(tenant_id=tenant_id)
return keystoneclient(
request, admin=True).users.list(tenant_id=request.user.tenant_id)
def tenant_list(request, admin=False):
from dashboard.authorize_manage import ROLE_ADMIN
from dashboard.authorize_manage.utils import get_user_role_name
if get_user_role_name(request) != ROLE_ADMIN:
tenants = []
tenant = tenant_get(request, request.user.tenant_id, admin=True)
tenants.append(tenant)
return tenants
return keystoneclient(request, admin=admin).tenants.list()
def tenant_list(request, admin=False):
from dashboard.authorize_manage import ROLE_ADMIN
from dashboard.authorize_manage.utils import get_user_role_name
if get_user_role_name(request) != ROLE_ADMIN:
tenants = []
tenant = tenant_get(request, request.user.tenant_id, admin=True)
tenants.append(tenant)
return tenants
return keystoneclient(request, admin=admin).tenants.list()
def update_status(self, request, tenant_id, parameters):
search_ins = []
role = get_user_role_name(request)
try:
project_admin_tenants = api.keystone.tenant_list(request,
admin=True)
except Unauthorized:
raise
except Exception, e:
LOG.error('The method get_instance_data raise exception: %s' % e)
return False
def update_status(self, request, tenant_id ,parameters):
search_ins = []
role = get_user_role_name(request)
try:
project_admin_tenants = api.keystone.tenant_list(request,
admin=True)
except Unauthorized:
raise
except Exception, e:
LOG.error('The method get_instance_data raise exception: %s' % e)
return False
def get_rights_relation(request):
role = get_user_role_name(request)
role_id = None
if "role_id" in request.GET:
role_id = request.GET['role_id']
if not role:
return HttpResponse('Not Found')
try:
role_right_list = Role_right.objects.filter(role_id=role_id)
d = []
for rrl in role_right_list:
d.append(rrl.right_key)
if request.is_ajax() and len(d) > 0:
return HttpResponse(jsonutils.dumps(d))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def get_rights_relation(request):
role = get_user_role_name(request)
role_id = None
if "role_id" in request.GET:
role_id = request.GET['role_id']
if not role:
return HttpResponse('Not Found')
try:
role_right_list = Role_right.objects.filter(role_id=role_id)
d = []
for rrl in role_right_list:
d.append(rrl.right_key)
if request.is_ajax() and len(d) > 0:
return HttpResponse(jsonutils.dumps(d))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def get_images_data(request):
"""
:param request: request object
:return images: images list with meta
"""
all_images = []
try:
role_name = get_user_role_name(request)
all_images, _more_images = api.image_list_detailed(request)
image_list = []
if role_name != ROLE_ADMIN:
for im in all_images:
if im.properties.has_key('image_type'):
if im.properties['image_type'] != 'snapshot' and (
im.is_public == True or im.owner == request.user.tenant_id):
image_list.append(im)
elif im.is_public == True or im.owner == request.user.tenant_id:
image_list.append(im)
else:
for im in all_images:
if im.properties.has_key('image_type'):
if im.properties['image_type'] != 'snapshot':
image_list.append(im)
else:
image_list.append(im)
all_images = image_list
tenants_list = api.tenant_list_not_filter(request,
request.user.is_superuser)
tenants_dic = SortedDict(
[(tenant.id, tenant) for tenant in tenants_list])
for images in all_images:
try:
setattr(images, "tenant", tenants_dic[images.owner])
except Exception, ex:
LOG.error("Can't found tenant %s" % ex)
except Unauthorized:
raise
except Exception, exc:
LOG.error('Can not retrieve images !%s.' % exc)
def checkbox_right_cancel(request):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
right_id = None
if "right_id" in request.GET:
right_id = request.GET['right_id']
if not role:
return HttpResponse('Not Found')
try:
rights = Right.objects.all()
ch_depend = {}
dict_depend = []
for rr in rights:
depend = simplejson.loads(rr.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002', '2006']:
continue
if dep == right_id:
if rr.parent_id == -1:
ch_depend[rr.id] = rr.key
dict_depend.append(rr.key)
for rr in rights:
if dict_depend.count(rr.key) == 0:
if rr.key in ['2002', '2006']:
continue
if ch_depend.has_key(rr.parent_id):
dict_depend.append(rr.key)
if request.is_ajax() and len(rights) > 0:
return HttpResponse(jsonutils.dumps(dict_depend))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def all_checkbox_right(request):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
right_id = None
if "right_id" in request.GET:
right_id = request.GET['right_id']
if not role:
return HttpResponse('Not Found')
try:
rights = Right.objects.filter(key=right_id)
right = rights[0]
dict_depend = []
depend = simplejson.loads(right.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002', '2006']:
continue
if dict_depend.count(dep) == 0:
dict_depend.append(dep)
parent_id = right.id
rights = Right.objects.filter(parent_id=parent_id)
for rr in rights:
depend = simplejson.loads(rr.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002', '2006']:
continue
if dict_depend.count(dep) == 0:
dict_depend.append(dep)
if request.is_ajax() and len(rights) > 0:
return HttpResponse(jsonutils.dumps(dict_depend))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def checkbox_right_cancel(request):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
right_id = None
if "right_id" in request.GET:
right_id = request.GET['right_id']
if not role:
return HttpResponse('Not Found')
try:
rights = Right.objects.all()
ch_depend = {}
dict_depend = []
for rr in rights:
depend = simplejson.loads(rr.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002','2006']:
continue
if dep == right_id:
if rr.parent_id == -1:
ch_depend[rr.id] = rr.key
dict_depend.append(rr.key)
for rr in rights:
if dict_depend.count(rr.key) == 0:
if rr.key in ['2002','2006']:
continue
if ch_depend.has_key(rr.parent_id):
dict_depend.append(rr.key)
if request.is_ajax() and len(rights) > 0:
return HttpResponse(jsonutils.dumps(dict_depend))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def all_checkbox_right(request):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
right_id = None
if "right_id" in request.GET:
right_id = request.GET['right_id']
if not role:
return HttpResponse('Not Found')
try:
rights = Right.objects.filter(key=right_id)
right = rights[0]
dict_depend = []
depend = simplejson.loads(right.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002','2006']:
continue
if dict_depend.count(dep) == 0:
dict_depend.append(dep)
parent_id = right.id
rights = Right.objects.filter(parent_id=parent_id)
for rr in rights:
depend = simplejson.loads(rr.depends)
if '' != depend:
for dep in depend['depend_keys']:
if dep in ['2002','2006']:
continue
if dict_depend.count(dep) == 0:
dict_depend.append(dep)
if request.is_ajax() and len(rights) > 0:
return HttpResponse(jsonutils.dumps(dict_depend))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def get_login_view(request):
if not has_permit:
with permit_lock:
if not validate_permit(request):
return shortcuts.redirect('get_permit_view')
if request.user.is_authenticated():
is_zh = True
if request.LANGUAGE_CODE.lower().find('zh') == -1:
is_zh = False
return shortcuts.render(request, 'common/index.html',
{'username': request.user.username,
'role': get_user_role_name(request),
'is_admin': request.user.is_superuser,
'language': is_zh})
form = Login()
request.session.clear()
request.session.set_test_cookie()
return shortcuts.render(request,
'authorize/splash.html',
{'form': form,
'next': request.GET.get('next', '')})
def log_query_index(request):
"""
:param request: request object
:return: view <'log_manage/query_index.html'> of the log list
"""
module_choices = []
role_name = ROLE_ADMIN
log_lists = None
event_choices = [('add', get_text('add')), ('edit', get_text('edit')),
('del', get_text('del')), ('login', get_text('login')),
('logout', get_text('logout'))]
try:
role_name = get_user_role_name(request)
log_conf_info = LOG_MODULE_LIST
for log_index in range(len(log_conf_info)):
module_choice = (log_conf_info[log_index],
get_text(log_conf_info[log_index]))
if module_choices.count(module_choice) < 1:
module_choices.append(module_choice)
log_lists = get_log_list(request)
except Unauthorized:
raise
except Exception, exc:
LOG.error("error is %s." % exc)
def log_query_index(request):
"""
:param request: request object
:return: view <'log_manage/query_index.html'> of the log list
"""
module_choices = []
role_name = ROLE_ADMIN
log_lists = None
event_choices = [('add', get_text('add')), ('edit', get_text('edit')),
('del', get_text('del')), ('login', get_text('login')),
('logout', get_text('logout'))]
try:
role_name = get_user_role_name(request)
log_conf_info = LOG_MODULE_LIST
for log_index in range(len(log_conf_info)):
module_choice = (log_conf_info[log_index],
get_text(log_conf_info[log_index]))
if module_choices.count(module_choice) < 1:
module_choices.append(module_choice)
log_lists = get_log_list(request)
except Unauthorized:
raise
except Exception, exc:
LOG.error("error is %s." % exc)
"""
:param request:request object
:return:view<'user_manage/index.html'>::list of users
"""
users = []
args = {}
try:
users = api.keystone.user_list(request)
except Unauthorized:
raise
except Exception, e:
msg = 'Unable to retrieve user list. %s' % e
LOG.error(msg)
args['list'] = users
args['current_user_role'] = get_user_role_name(request)
args['current_user_name'] = request.user.username
return args
@require_GET
def user_detail(request, user_id):
projects = api.keystone.get_projects_for_user(request, user_id)
if projects:
project_name = projects[0].name
tenant_id = projects[0].id
roles = api.roles_for_user(request, user_id, tenant_id)
role_name = creeper_role_from_roles(roles)
else:
project_name = None
def index_right(request, role_id):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
if not role:
return HttpResponse('Not Found')
try:
right_list = {}
rights = Right.objects.all().order_by('key')
list_key = []
b_parent = {}
if role_id is not None and role_id != '' and 'None' != role_id:
role_right = Role_right.objects.filter(role_id=role_id)
for ro in role_right:
right_list[ro.right_key] = ro.role_id
for right in rights:
if not right_list.has_key(right.key):
if list_key.count(right.parent_id) == 0:
list_key.append(right.parent_id)
b_parent['parent'] = list_key
right_str = ''
a_parent = {}
b_body = {}
back_color = '#F0F3F5'
num = 0
for right in rights:
if right_list.has_key(right.key):
check_str = "checked='checked'"
else:
check_str = ""
check_box_all = ""
if right.parent_id == -1:
num += 1
if num % 2 == 0:
back_color = '#e5eaee'
else:
back_color = '#FFFFFF'
if b_parent.has_key('parent'):
if b_parent['parent'].count(right.id) == 0:
check_box_all = "checked='checked'"
else:
check_box_all = ""
name = right.name
if right_menus.has_key(name):
name = get_text(right_menus[name])
else:
name = get_text(name)
a_parent[
right.
id] = "<div><div id='" + right.key + "_div2' class='list_right_div_2' style='background-color:" + back_color + "'><div id='" + right.key + "_div1' class='list_right_div_1' ><div class='all_div_title' title='" + name + "'>" + name + "</div>"
a_parent[
right.id] += "<input type='checkbox' style='float:left;' id='" + right.key + "_title' " + check_box_all + " value='" + right.key + "' /></div><ul id='"\
+ right.key + "_ul'><li title='" + get_text(
right.name) + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + get_text(
right.name) + "</li>"
else:
if right.key in ['2002', '2006']:
continue
name = get_text(right.name)
if b_body.has_key(right.parent_id):
b_body[
right.
parent_id] += "<li title='" + name + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + name + "</li>"
else:
b_body[
right.
parent_id] = "<li title='" + name + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + name + "</li>"
keys_list = a_parent.keys()
keys_list.sort()
for c in keys_list:
right_str += a_parent[c]
if b_body.has_key(c):
right_str += b_body[c]
right_str += "</ul></div></div>"
if request.is_ajax():
return HttpResponse(jsonutils.dumps(right_str))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
def index_right(request, role_id):
"""
:param request:
:param type:
:return: The menu list
"""
role = get_user_role_name(request)
if not role:
return HttpResponse('Not Found')
try:
right_list = {}
rights = Right.objects.all().order_by('key')
list_key = []
b_parent = {}
if role_id is not None and role_id != '' and 'None' != role_id:
role_right = Role_right.objects.filter(role_id=role_id)
for ro in role_right:
right_list[ro.right_key] = ro.role_id
for right in rights:
if not right_list.has_key(right.key):
if list_key.count(right.parent_id) == 0:
list_key.append(right.parent_id)
b_parent['parent'] = list_key
right_str = ''
a_parent = {}
b_body = {}
back_color = '#F0F3F5'
num = 0
for right in rights:
if right_list.has_key(right.key):
check_str = "checked='checked'"
else:
check_str = ""
check_box_all = ""
if right.parent_id == -1:
num += 1
if num % 2 == 0:
back_color = '#e5eaee'
else:
back_color = '#FFFFFF'
if b_parent.has_key('parent'):
if b_parent['parent'].count(right.id) == 0:
check_box_all = "checked='checked'"
else:
check_box_all = ""
name = right.name
if right_menus.has_key(name):
name = get_text(right_menus[name])
else:
name = get_text(name)
a_parent[
right.id] = "<div><div id='" + right.key + "_div2' class='list_right_div_2' style='background-color:" + back_color + "'><div id='" + right.key + "_div1' class='list_right_div_1' ><div class='all_div_title' title='" + name + "'>" + name + "</div>"
a_parent[
right.id] += "<input type='checkbox' style='float:left;' id='" + right.key + "_title' " + check_box_all + " value='" + right.key + "' /></div><ul id='"\
+ right.key + "_ul'><li title='" + get_text(
right.name) + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + get_text(
right.name) + "</li>"
else:
if right.key in ['2002','2006']:
continue
name = get_text(right.name)
if b_body.has_key(right.parent_id):
b_body[
right.parent_id] += "<li title='" + name + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + name + "</li>"
else:
b_body[
right.parent_id] = "<li title='" + name + "'><input type='checkbox' name='rights_list' id='" + right.key + "_input' value='" + right.key + "' " + check_str + " />" + name + "</li>"
keys_list = a_parent.keys()
keys_list.sort()
for c in keys_list:
right_str += a_parent[c]
if b_body.has_key(c):
right_str += b_body[c]
right_str += "</ul></div></div>"
if request.is_ajax():
return HttpResponse(jsonutils.dumps(right_str))
except Exception, e:
LOG.error('Can not get list of right,error is %s' % e)
