def _csv_create_users(api, account_info, groups, config, request, csv_data):
for x, row in enumerate(csv_data):
group = get_group(groups, row['group_name'])
if not group:
msg = 'Invalid data in row %s. Invalid Group' % x
return x, forms.ValidationError(msg)
group_id = group['group_id']
config_group = get_config_group(config, group_id)
if config_group['user_source'] != 'local':
msg = 'Invalid data in row %s.' % x
return x, forms.ValidationError(msg + ' group_name must be a local group')
plan_id = get_plan_id(groups, group_id)
user_info = dict(
email=row['email'],
name=row['name'],
group_id=group_id,
plan_id=plan_id,
)
try:
create_user(api, account_info, config, user_info)
log_admin_action(request, 'create user through csv: %s' % user_info)
except api.DuplicateEmail:
msg = 'Invalid data in row %s. Email already in use' % x
return x, forms.ValidationError(msg)
except api.PaymentRequired:
msg = ('Payment required. '
'Please update your <a href="/billing/">billing</a> '
'information to unlock your account.')
return x, forms.ValidationError(mark_safe(msg))
except api.DuplicateUsername:
msg = 'Invalid data in row %s. Username already in use' % x
return x, forms.ValidationError(msg)
return x + 1, None
def clean(self):
cleaned_data = super(GroupForm, self).clean()
if 'name' in cleaned_data:
data = dict(name=cleaned_data['name'],
plan_id=cleaned_data['plan_id'],
webapi_enable=cleaned_data['webapi_enable'],
check_domain=cleaned_data.get('check_domain', False),
force=('force_change' in request.POST),)
group_id = cleaned_data['group_id']
try:
api.edit_group(group_id, data)
log_admin_action(request,
'edit group %s with data: %s' % (group_id, data))
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
g['ldap_id'] = cleaned_data['ldap_dn']
g['priority'] = cleaned_data['priority']
g['admin_group'] = cleaned_data['admin_group']
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(group_id)
django_group.permissions.clear()
for permission_id in cleaned_data['permissions']:
django_group.permissions.add(Permission.objects.get(pk=permission_id))
django_group.save()
except api.QuotaExceeded:
self.show_force = True
msg = ('Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.')
self._errors['plan_id'] = self.error_class([msg])
return cleaned_data
def clean(self):
cleaned_data = super(NewUserForm, self).clean()
email = cleaned_data.get('email', '')
name = cleaned_data.get('name', '')
group_id = cleaned_data['group_id']
username = cleaned_data.get('username', '')
valid_username = username
if not hasattr(self, username):
valid_username = True
if email and name and group_id and valid_username:
plan_id = get_plan_id(groups, group_id)
data = dict(email=email, name=name, group_id=group_id, plan_id=plan_id)
if username:
data.update(dict(username=username))
try:
create_user(api, account_info, config, data)
log_admin_action(request, 'create user: %s' % data)
except api.DuplicateEmail:
self._errors['email'] = self.error_class(["Email address already in use"])
except api.PaymentRequired:
msg = ('Payment required. '
'Please update your <a href="/billing/">billing</a> '
'information to unlock your account.')
raise forms.ValidationError(mark_safe(msg))
except api.DuplicateUsername:
self._errors['username'] = self.error_class(["Username already in use"])
return cleaned_data
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get('check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
def password(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
new_password = password_form.cleaned_data['password']
log_admin_action(request, 'change password')
new_pass, api_pass = hash_password(new_password)
api.update_enterprise_password(api_pass)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
config_mgr_.config['api_password'] = api_pass
config_mgr_.config['local_password'] = new_pass
config_mgr_.apply_config()
return redirect('blue_mgnt:password_saved')
return render_to_response(
'password.html',
dict(
user=request.user,
username=username,
features=features,
password_form=password_form,
saved=saved,
account_info=account_info,
), RequestContext(request))
def save_settings(request, api, options):
cleaned_data = options.cleaned_data
data = dict()
data.update(cleaned_data)
if 'timezone' in data:
del data['timezone']
if 'enable_local_users' in data:
del data['enable_local_users']
if 'share_link_ttl' in data:
data['share_link_ttl'] = data['share_link_ttl'].days * 1440
if 'autopurge_interval' in data:
data['autopurge_interval'] = data['autopurge_interval'].days
if 'versionpurge_interval' in data:
data['versionpurge_interval'] = data['versionpurge_interval'].days
for var in AGENT_CONFIG_VARS:
if var in data:
del data[var]
log_admin_action(request, 'update settings with data: %s' % data)
api.update_enterprise_settings(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for var in AGENT_CONFIG_VARS:
if var in cleaned_data:
config_mgr_.config[var] = cleaned_data[var]
config_mgr_.apply_config()
if 'timezone' in cleaned_data:
with open('/etc/timezone', 'w') as f:
f.write(cleaned_data['timezone'])
subprocess.call(['dpkg-reconfigure', '-f', 'noninteractive', 'tzdata'])
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms \
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(dict(signup_network_restriction=blocks))
log_admin_action(request, 'update signup network restrictions: %s' % blocks)
def save_settings(request, api, options):
cleaned_data = options.cleaned_data
data = dict()
data.update(cleaned_data)
if 'timezone' in data:
del data['timezone']
if 'enable_local_users' in data:
del data['enable_local_users']
if 'autopurge_interval' in data:
data['autopurge_interval'] = data['autopurge_interval']
if 'versionpurge_interval' in data:
data['versionpurge_interval'] = data['versionpurge_interval']
if 'purgehold_duration' in data:
data['purgehold_duration'] = data['purgehold_duration'] * 86400
for var in AGENT_CONFIG_VARS:
if var in data:
del data[var]
log_admin_action(request, 'update settings with data: %s' % data)
api.update_enterprise_settings(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for var in AGENT_CONFIG_VARS:
if var in cleaned_data:
config_mgr_.config[var] = cleaned_data[var]
config_mgr_.apply_config()
if 'timezone' in cleaned_data:
subprocess.call(['timedatectl', 'set-timezone', cleaned_data['timezone']])
def password(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
new_password = password_form.cleaned_data['password'].encode('utf-8')
log_admin_action(request, 'change password')
new_pass, api_pass = hash_password(new_password)
api.update_enterprise_password(api_pass)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_.config['api_password'] = api_pass
config_mgr_.config['local_password'] = new_pass
config_mgr_.apply_config()
return redirect('blue_mgnt:password_saved')
return render_to_response('password.html', dict(
user=request.user,
username=username,
features=features,
password_form=password_form,
saved=saved,
account_info=account_info,
),
RequestContext(request))
def clean_csv_file(self):
data = self.cleaned_data['csv_file']
csv_data = csv.DictReader(data)
for x, row in enumerate(csv_data):
if not('email' in row):
raise forms.ValidationError('Invalid data in row %s. email is required' % x)
if row.get('name'):
if not new_user_value_re_tests['avatar']['firstname'].match(row['name']):
raise forms.ValidationError('Invalid data in row %s. Names must be between 1 and 45 characters long' % x)
name = row['name']
if row.get('new_email'):
if not new_user_value_re_tests['avatar']['email'].match(row['new_email']):
raise forms.ValidationError('Invalid data in row %s. Invalid new_email' % x)
user_info = dict()
if row.get('new_email'):
user_info['email'] = row['new_email']
if row.get('name'):
user_info['name'] = row['name']
if row.get('group_id'):
user_info['group_id'] = row['group_id']
if row.get('enabled'):
user_info['enabled'] = row['enabled']
try:
log_admin_action(request,
'edit user %s through csv. ' % row['email'] + \
'set user data to: %s' % user_info
)
api.edit_user(row['email'], user_info)
except Api.NotFound:
raise forms.ValidationError('Invalid data in row %s. email not found' % x)
return data
def save_settings(request, api, options):
cleaned_data = options.cleaned_data
data = dict()
data.update(cleaned_data)
if 'timezone' in data:
del data['timezone']
if 'enable_local_users' in data:
del data['enable_local_users']
if 'share_link_ttl' in data:
data['share_link_ttl'] = data['share_link_ttl'].days * 1440
if 'autopurge_interval' in data:
data['autopurge_interval'] = data['autopurge_interval'].days
if 'versionpurge_interval' in data:
data['versionpurge_interval'] = data['versionpurge_interval'].days
for var in AGENT_CONFIG_VARS:
if var in data:
del data[var]
log_admin_action(request, 'update settings with data: %s' % data)
api.update_enterprise_settings(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for var in AGENT_CONFIG_VARS:
if var in cleaned_data:
config_mgr_.config[var] = cleaned_data[var]
config_mgr_.apply_config()
if 'timezone' in cleaned_data:
with open('/etc/timezone', 'w') as f:
f.write(cleaned_data['timezone'])
subprocess.call(['dpkg-reconfigure', '-f', 'noninteractive', 'tzdata'])
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(
name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
device_policy=form.cleaned_data['device_policy'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get(
'check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
def clean(self):
cleaned_data = super(NewUserForm, self).clean()
email = cleaned_data.get('email', '')
name = cleaned_data.get('name', '')
group_id = cleaned_data['group_id']
username = cleaned_data.get('username', '')
valid_username = username
if not hasattr(self, username):
valid_username = True
if email and name and group_id and valid_username:
plan_id = get_plan_id(groups, group_id)
data = dict(email=email, name=name, group_id=group_id, plan_id=plan_id)
if username:
data.update(dict(username=username))
try:
create_user(api, account_info, config, data)
log_admin_action(request, 'create user: %s' % data)
except api.DuplicateEmail:
self._errors['email'] = self.error_class(["Email address already in use"])
except api.PaymentRequired:
msg = ('Payment required. '
'Please update your <a href="/billing/">billing</a> '
'information to unlock your account.')
raise forms.ValidationError(mark_safe(msg))
except api.DuplicateUsername:
self._errors['username'] = self.error_class(["Username already in use"])
return cleaned_data
def _csv_create_users(api, account_info, groups, config, request, csv_data):
for x, row in enumerate(csv_data):
group = get_group(groups, row['group_name'])
if not group:
msg = 'Invalid data in row %s. Invalid Group' % x
return x, forms.ValidationError(msg)
group_id = group['group_id']
config_group = get_config_group(config, group_id)
if config_group['user_source'] != 'local':
msg = 'Invalid data in row %s.' % x
return x, forms.ValidationError(
msg + ' group_name must be a local group')
plan_id = get_plan_id(groups, group_id)
user_info = dict(
email=row['email'],
name=row['name'],
group_id=group_id,
plan_id=plan_id,
)
try:
create_user(api, account_info, config, user_info)
log_admin_action(request,
'create user through csv: %s' % user_info)
except api.DuplicateEmail:
msg = 'Invalid data in row %s. Email already in use' % x
return x, forms.ValidationError(msg)
except api.PaymentRequired:
msg = ('Payment required. '
'Please update your <a href="/billing/">billing</a> '
'information to unlock your account.')
return x, forms.ValidationError(mark_safe(msg))
except api.DuplicateUsername:
msg = 'Invalid data in row %s. Username already in use' % x
return x, forms.ValidationError(msg)
return x + 1, None
def clean_csv_file(self):
data = self.cleaned_data['csv_file']
csv_data = csv.DictReader(data)
for x, row in enumerate(csv_data):
if not('email' in row):
raise forms.ValidationError('Invalid data in row %s. email is required' % x)
if row.get('name'):
if not new_user_value_re_tests['avatar']['firstname'].match(row['name']):
raise forms.ValidationError('Invalid data in row %s. Names must be between 1 and 45 characters long' % x)
name = row['name']
if row.get('new_email'):
if not new_user_value_re_tests['avatar']['email'].match(row['new_email']):
raise forms.ValidationError('Invalid data in row %s. Invalid new_email' % x)
user_info = dict()
if row.get('new_email'):
user_info['email'] = row['new_email']
if row.get('name'):
user_info['name'] = row['name']
if row.get('group_id'):
user_info['group_id'] = row['group_id']
if row.get('enabled'):
user_info['enabled'] = row['enabled']
try:
log_admin_action(request,
'edit user %s through csv. ' % row['email'] + \
'set user data to: %s' % user_info
)
api.edit_user(row['email'], user_info)
except Api.NotFound:
raise forms.ValidationError('Invalid data in row %s. email not found' % x)
return data
def auth_codes(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
page = int(request.GET.get('page', 1))
show_inactive = int(request.GET.get('show_inactive', 1))
user_offset = RESULTS_PER_PAGE * (page - 1)
codes = models.AdminSetupTokensUse.objects.filter(auto_generated=False)
codes = codes.order_by('-date_created')
if not show_inactive:
codes = codes.filter(active=True)
code_count = codes.count()
codes = codes[user_offset:user_offset + RESULTS_PER_PAGE]
new_code = CodeForm()
pagination = Pagination('blue_mgnt:auth_codes',
code_count,
page,
RESULTS_PER_PAGE, )
if request.method == 'POST':
if request.POST.get('form', '') == 'new_code':
new_code = CodeForm(request.POST)
if new_code.is_valid():
data = dict(
token=setup_token.new_token(),
expiry=(
datetime.datetime.now() +
datetime.timedelta(days=new_code.cleaned_data['expiry_days'])
),
no_devices_only=new_code.cleaned_data['no_devices_only'],
single_use_only=new_code.cleaned_data['single_use_only']
)
models.AdminSetupTokens.objects.create(**data)
log_admin_action(request, 'Created code: %s' % data)
return redirect(reverse('blue_mgnt:auth_codes_saved') +
'?show_inactive=%s' % show_inactive)
if request.POST.get('form', '') == 'disable_code':
code = models.AdminSetupTokens.objects.get(token=request.POST['token'])
code.expiry = datetime.datetime.now()
code.save()
log_admin_action(request, 'Disabled code: %s' % request.POST['token'])
return redirect(reverse('blue_mgnt:auth_codes_saved') +
'?show_inactive=%s' % show_inactive)
return render(request, 'authcodes.html', dict(
page=page,
show_inactive=show_inactive,
new_code=new_code,
pagination=pagination,
datetime=datetime,
user=request.user,
username=username,
features=features,
codes=codes,
account_info=account_info,
saved=saved,
))
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms \
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(
dict(signup_network_restriction=blocks))
log_admin_action(request,
'update signup network restrictions: %s' % blocks)
def auth_codes(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
page = int(request.GET.get('page', 1))
show_inactive = int(request.GET.get('show_inactive', 1))
user_offset = RESULTS_PER_PAGE * (page - 1)
codes = models.AdminSetupTokensUse.objects.filter(auto_generated=False)
codes = codes.order_by('-date_created')
if not show_inactive:
codes = codes.filter(active=True)
code_count = codes.count()
codes = codes[user_offset:user_offset + RESULTS_PER_PAGE]
new_code = CodeForm()
pagination = Pagination('blue_mgnt:auth_codes',
code_count,
page,
RESULTS_PER_PAGE,
)
if request.method == 'POST':
if request.POST.get('form', '') == 'new_code':
new_code = CodeForm(request.POST)
if new_code.is_valid():
data = dict(
token=setup_token.new_token(),
expiry=new_code.cleaned_data['expiry_interval'] + datetime.datetime.now(),
no_devices_only=new_code.cleaned_data['no_devices_only'],
single_use_only=new_code.cleaned_data['single_use_only']
)
models.AdminSetupTokens.objects.create(**data)
log_admin_action(request, 'Created code: %s' % data)
return redirect(reverse('blue_mgnt:auth_codes_saved') +
'?show_inactive=%s' % show_inactive)
if request.POST.get('form', '') == 'disable_code':
code = models.AdminSetupTokens.objects.get(token=request.POST['token'])
code.expiry = datetime.datetime.now()
code.save()
log_admin_action(request, 'Disabled code: %s' % request.POST['token'])
return redirect(reverse('blue_mgnt:auth_codes_saved') +
'?show_inactive=%s' % show_inactive)
return render_to_response('authcodes.html', dict(
page=page,
show_inactive=show_inactive,
new_code=new_code,
pagination=pagination,
datetime=datetime,
user=request.user,
username=username,
features=features,
codes=codes,
account_info=account_info,
saved=saved,
),
RequestContext(request))
def clean(self):
if any(self.errors):
return
for x in range(0, self.total_form_count()):
form = self.forms[x]
data = dict(group_id=form.cleaned_data['group_id'], )
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request,
'edit user %s ' % form.cleaned_data['orig_email'] + \
'with data: %s' % data)
api.edit_user(form.cleaned_data['orig_email'], data)
def clean(self):
if any(self.errors):
return
for x in range(0, self.total_form_count()):
form = self.forms[x]
data = dict(group_id=form.cleaned_data['group_id'], )
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request,
'edit user %s ' % form.cleaned_data['orig_email'] + \
'with data: %s' % data)
api.edit_user(form.cleaned_data['orig_email'], data)
def escrow_login(request, api, account_info, config, username,
escrow_username, saved=False):
user = api.get_user(escrow_username)
log_admin_action(request, "Used storage login for user: %s" % user['email'])
data = dict(
token=setup_token.new_token(),
expiry=datetime.datetime.now() + datetime.timedelta(minutes=1),
no_devices_only=False,
single_use_only=False,
)
models.AdminSetupTokens.objects.create(**data)
return redirect(get_login_link(escrow_username, data['token']))
def escrow_login(request, api, account_info, config, username,
escrow_username, saved=False):
user = api.get_user(escrow_username)
log_admin_action(request, "Used storage login for user: %s" % user['email'])
data = dict(
token=setup_token.new_token(),
expiry=datetime.datetime.now() + datetime.timedelta(minutes=1),
no_devices_only=False,
single_use_only=False,
auto_generated=True,
)
models.AdminSetupTokens.objects.create(**data)
return redirect(get_login_link(escrow_username, data['token']))
def group_detail(request, api, account_info, config, username, group_id, saved=False):
group_id = int(group_id)
plans = api.list_plans()
groups_list = api.list_groups()
django_group, admin_group = get_or_create_admin_group(group_id)
api_group = api.get_group(group_id)
add_config_items(api_group, config)
api_group['permissions'] = [p.id for p in django_group.permissions.all()]
local_group = get_config_group(config, group_id)['user_source'] == 'local'
fields_not_to_show = []
if local_group:
fields_not_to_show = ['ldap_dn', 'priority']
GroupForm = get_group_form(request, config, plans, api, False, False)
group_form = GroupForm(data=api_group)
DeleteGroupForm = get_delete_group_form(group_id, config, groups_list)
delete_group = DeleteGroupForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'delete_group':
delete_group = DeleteGroupForm(request.POST)
if delete_group.is_valid():
new_group_id = int(delete_group.cleaned_data['new_group_id'])
data = (group_id, new_group_id)
log_admin_action(request,
'delete group %s and move users to group %s' % data)
api.delete_group(group_id, new_group_id,)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
config_mgr_.config['groups'].remove(g)
break
config_mgr_.apply_config()
return redirect('blue_mgnt:groups_saved')
else:
group_form = GroupForm(request.POST)
if group_form.is_valid():
return redirect('blue_mgnt:group_detail_saved', group_id)
return render_to_response('group_detail.html', dict(
delete_group=delete_group,
group_form=group_form,
group_id=group_id,
saved=saved,
fields_not_to_show=fields_not_to_show,
show_force=getattr(group_form, 'show_force', False),
account_info=account_info,
),
RequestContext(request))
def save(self):
user_data = dict()
if local_user:
user_data.update(self.cleaned_data)
del user_data['bonus_gigs']
if email != user_data['email']:
try:
password = openmanage_models.Password.objects.get(email=email)
password.update_email(user_data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
user_data['bonus_bytes'] = user_form.cleaned_data['bonus_gigs'] * SIZE_OF_GIGABYTE
if user_data:
log_admin_action(request, 'edit user "%s" with data: %s' % (email, user_data))
api.edit_user(email, user_data)
def save(self):
user_data = dict()
user_data['purgehold_active'] = self.cleaned_data['purgehold_active']
if local_user:
user_data.update(self.cleaned_data)
del user_data['bonus_gigs']
if email != user_data['email']:
try:
password = openmanage_models.Password.objects.get(email=email)
password.update_email(user_data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
user_data['bonus_bytes'] = user_form.cleaned_data['bonus_gigs'] * SIZE_OF_GIGABYTE
if user_data:
log_admin_action(request, 'edit user "%s" with data: %s' % (email, user_data))
api.edit_user(email, user_data)
def clean(self):
cleaned_data = super(GroupForm, self).clean()
if 'name' in cleaned_data:
device_policy = None
if cleaned_data['device_policy']:
device_policy = cleaned_data['device_policy']
data = dict(
name=cleaned_data['name'],
plan_id=cleaned_data['plan_id'],
device_policy=device_policy,
webapi_enable=cleaned_data['webapi_enable'],
check_domain=cleaned_data.get('check_domain', False),
force=('force_change' in request.POST),
)
group_id = cleaned_data['group_id']
try:
api.edit_group(group_id, data)
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
g['ldap_id'] = cleaned_data['ldap_dn']
g['priority'] = cleaned_data['priority']
g['admin_group'] = cleaned_data['admin_group']
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(
group_id)
django_group.permissions.clear()
for permission_id in cleaned_data['permissions']:
django_group.permissions.add(
Permission.objects.get(pk=permission_id))
django_group.save()
except api.QuotaExceeded:
self.show_force = True
msg = (
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
)
self._errors['plan_id'] = self.error_class([msg])
return cleaned_data
def settings(request, api, account_info, config, username, saved=False):
opts = api.enterprise_settings()
features = api.enterprise_features()
class OpenmanageOptsForm(forms.Form):
#share_link_ttl = IntervalFormField(
# 'D',
# label='Share Link Time-to-Live',
# initial=datetime.timedelta(minutes=opts['share_link_ttl'])
#)
if features['ldap']:
ad_domain = forms.CharField(
required=False,
label='Restrict client installs to domain',
initial=opts['ad_domain']
)
autopurge_interval = IntervalFormField(
'D',
label='Deleted Items Automatic Purge',
initial=datetime.timedelta(days=opts['autopurge_interval'])
)
versionpurge_interval = IntervalFormField(
'D',
label='Historical Version Automatic Purge',
initial=datetime.timedelta(days=opts['versionpurge_interval'])
)
support_email = forms.EmailField(initial=opts['support_email'])
if features['ldap']:
omva_url = forms.URLField(
label='OpenManage Virtual Appliance URL',
initial=opts['omva_url'],
)
timezone = forms.ChoiceField(
choices=[(x, x) for x in pytz.common_timezones],
initial=file('/etc/timezone').read().strip(),
)
def __init__(self, *args, **kwargs):
super(OpenmanageOptsForm, self).__init__(*args, **kwargs)
if features['ldap']:
for var in AGENT_CONFIG_VARS:
if var in ['send_activation_email']:
self.fields[var] = forms.BooleanField(
initial=config.get(var, True),
required=False
)
else:
self.fields[var] = forms.CharField(
initial=config.get(var, ''),
required=False
)
options = OpenmanageOptsForm()
class BaseIPBlockFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms \
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(dict(signup_network_restriction=blocks))
log_admin_action(request, 'update signup network restrictions: %s' % blocks)
IPBlockFormSet = formset_factory(IPBlockForm,
can_delete=True,
formset=BaseIPBlockFormSet)
ip_blocks = IPBlockFormSet(initial=[dict(ip_block=x) for x in opts['signup_network_restriction']],
prefix='ip_blocks')
error = False
sync_output = ''
rebuild_output = ''
if request.method == 'POST' and request.user.has_perm('blue_mgnt.can_manage_settings'):
if request.POST.get('form', '') == 'ip_block':
ip_blocks = IPBlockFormSet(request.POST, prefix='ip_blocks')
if ip_blocks.is_valid():
return redirect('blue_mgnt:settings_saved')
else:
error = True
elif request.POST.get('form', '') == 'reboot':
log_admin_action(request, 'reboot management vm')
subprocess.call(['shutdown', '-r', 'now'])
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'sync':
log_admin_action(request, 'sync management vm')
p = subprocess.Popen('/opt/openmanage/bin/run_openmanage.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
sync_output = p.communicate()[0]
if not sync_output:
cache.clear()
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'rebuild_db':
log_admin_action(request, 'Rebuild DB')
p = subprocess.Popen('/opt/openmanage/bin/rebuild_db.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT
)
rebuild_output = p.communicate()[0]
if not rebuild_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'restart_directory':
log_admin_action(request, 'restart directory')
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_._kick_services()
return redirect('blue_mgnt:settings_saved')
else:
options = OpenmanageOptsForm(request.POST)
if options.is_valid():
save_settings(request, api, options)
return redirect('blue_mgnt:settings_saved')
return render_to_response('settings.html', dict(
user=request.user,
username=username,
features=features,
ip_blocks=ip_blocks,
sync_output=sync_output,
rebuild_output=rebuild_output,
options=options,
saved=saved,
error=error,
account_info=account_info,
),
RequestContext(request))
def user_detail(request, api, account_info, config, username, email, saved=False):
user = api.get_user(email)
devices = api.list_devices(email)
if devices:
user['last_backup_complete'] = max(x['last_backup_complete'] for x in devices)
else:
user['last_backup_complete'] = None
features = api.enterprise_features()
local_user = is_local_user(config, user['group_id'])
groups = api.list_groups()
local_groups = get_local_groups(config, groups)
reset_password_message = ''
pw = openmanage_models.Password.objects.filter(email=email)
if local_user:
if pw and pw[0].pw_hash:
reset_password_message = 'Send Password Reset Email'
else:
reset_password_message = 'Resend Welcome Email'
class UserForm(forms.Form):
if local_user:
name = forms.CharField(max_length=45)
email = forms.EmailField()
group_id = forms.ChoiceField(local_groups, label='Group')
enabled = forms.BooleanField(required=False)
else:
name = forms.CharField(widget=ReadOnlyWidget, required=False, max_length=45)
email = forms.EmailField(widget=ReadOnlyWidget, required=False)
group_id = forms.ChoiceField(
local_groups,
label='Group',
widget=ReadOnlyWidget, required=False
)
enabled = forms.BooleanField(widget=ReadOnlyWidget, required=False)
bonus_gigs = forms.IntegerField(
label="Bonus GBs",
help_text='Add extra space for this specific user.'
)
purgehold_active = forms.BooleanField(
label="Purgehold Active",
help_text="If set deleted data will not be purged from the system.",\
required=False,
)
def clean_email(self):
new_email = self.cleaned_data['email']
if new_email and new_email != email:
try:
api.get_user(new_email)
raise forms.ValidationError('A user with this email already exists')
except api.NotFound:
pass
return new_email
def save(self):
user_data = dict()
user_data['purgehold_active'] = self.cleaned_data['purgehold_active']
if local_user:
user_data.update(self.cleaned_data)
del user_data['bonus_gigs']
if email != user_data['email']:
try:
password = openmanage_models.Password.objects.get(email=email)
password.update_email(user_data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
user_data['bonus_bytes'] = user_form.cleaned_data['bonus_gigs'] * SIZE_OF_GIGABYTE
if user_data:
log_admin_action(request, 'edit user "%s" with data: %s' % (email, user_data))
api.edit_user(email, user_data)
data = dict()
data.update(user)
data['bonus_gigs'] = user['bonus_bytes'] / SIZE_OF_GIGABYTE
if not local_user:
data['group_id'] = get_group_name(groups, data['group_id'])
user_form = UserForm(initial=data)
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'edit_user':
user_form = UserForm(request.POST)
if request.user.has_perm('blue_mgnt.can_manage_users') and user_form.is_valid():
user_form.save()
return redirect('blue_mgnt:user_detail_saved',
user_form.cleaned_data.get('email') or email)
if request.POST.get('form', '') == 'reset_password':
if request.user.has_perm('blue_mgnt.can_manage_users'):
local_source.set_user_password(local_source._get_db_conn(config),
email, '')
api.send_activation_email(email, dict(template_name='set_password',
reg_code='not used'
))
return redirect('blue_mgnt:user_detail_saved', email)
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
log_admin_action(request, 'change password for: %s' % email)
password = password_form.cleaned_data['password'].encode('utf-8')
local_source.set_user_password(local_source._get_db_conn(config),
email, password)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'delete_user':
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request, 'delete user %s' % email)
api.delete_user(email)
return redirect('blue_mgnt:users')
if request.POST.get('form', '') == 'bump_space':
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
log_admin_action(request, 'bump space for user %s' % email)
data = {
'bonus_bytes': (data['bonus_gigs'] + SIZE_OF_BUMP) * SIZE_OF_GIGABYTE
}
api.edit_user(email, data)
time_to_reset = datetime.datetime.now() + datetime.timedelta(days=3)
BumpedUser.objects.create(email=email,
time_to_reset_bonus_gb=time_to_reset)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'edit_share':
room_key = request.POST['room_key']
enable = request.POST['enabled'] == 'False'
msg = 'edit share %s for user %s. Action %s share' % \
(room_key, email, 'enable' if enable else 'disable')
log_admin_action(request, msg)
api.edit_share(email, room_key, enable)
return redirect('blue_mgnt:user_detail_saved', email)
return render_to_response('user_detail.html', dict(
shares=api.list_shares(email),
share_url=get_base_url(),
username=username,
local_user=local_user,
email=email,
api_user=user,
storage_login=get_login_link(data['username']),
user_form=user_form,
password_form=password_form,
features=features,
account_info=account_info,
reset_password_message=reset_password_message,
datetime=datetime,
devices=devices,
saved=saved,
),
RequestContext(request))
def settings(request, api, account_info, config, username, saved=False):
opts = api.enterprise_settings()
features = api.enterprise_features()
class OpenmanageOptsForm(forms.Form):
if features['ldap']:
ad_domain = forms.CharField(
required=False,
label='Restrict client installs to domain',
initial=opts['ad_domain']
)
autopurge_interval = forms.IntegerField(
min_value=0,
label='Deleted Items Automatic Purge',
help_text='days',
initial=opts['autopurge_interval'],
required=False,
)
versionpurge_interval = forms.IntegerField(
min_value=0,
label='Historical Version Automatic Purge',
help_text='days',
initial=opts['versionpurge_interval'],
required=False,
)
purgehold_duration = forms.IntegerField(
min_value=0,
label='Purgehold Duration',
help_text='days',
initial=opts['purgehold_duration'] / 86400,
required=False,
)
support_email = forms.EmailField(initial=opts['support_email'])
admin_email = forms.EmailField(initial=opts['admin_email'])
if features['ldap']:
omva_url = forms.URLField(
label='Management VM External URL',
initial=opts['omva_url'],
)
timezone = forms.ChoiceField(
choices=[(x, x) for x in pytz.common_timezones],
initial=file('/etc/timezone').read().strip(),
)
def __init__(self, *args, **kwargs):
super(OpenmanageOptsForm, self).__init__(*args, **kwargs)
if features['ldap']:
for var in AGENT_CONFIG_VARS:
if var in ['send_activation_email', 'resolve_sync_conflicts']:
if var == 'resolve_sync_conflicts':
initial = False
help_text = mark_safe(
'Only enable this feature if you have read the documentation '
'<a href="https://spideroak.com/articles/account-page-in-spideroak-enterprise#resolve-sync-conflicts">' # NOQA
'here.</a>'
)
else:
initial = True
help_text = ''
self.fields[var] = forms.BooleanField(
initial=config.get(var, initial),
required=False,
help_text=help_text,
)
else:
self.fields[var] = forms.CharField(
initial=config.get(var, ''),
required=False
)
options = OpenmanageOptsForm()
class BaseIPBlockFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(dict(signup_network_restriction=blocks))
log_admin_action(request, 'update signup network restrictions: %s' % blocks)
IPBlockFormSet = formset_factory(IPBlockForm,
can_delete=True,
formset=BaseIPBlockFormSet)
ip_blocks = IPBlockFormSet(initial=[dict(ip_block=x) for x in
opts['signup_network_restriction']],
prefix='ip_blocks')
error = False
command_output = ''
if request.method == 'POST' and request.user.has_perm('blue_mgnt.can_manage_settings'):
if request.POST.get('form', '') == 'ip_block':
ip_blocks = IPBlockFormSet(request.POST, prefix='ip_blocks')
if ip_blocks.is_valid():
return redirect('blue_mgnt:settings_saved')
else:
error = True
elif request.POST.get('form', '') == 'reboot':
log_admin_action(request, 'reboot management vm')
subprocess.call(['shutdown', '-r', 'now'])
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'sync':
log_admin_action(request, 'sync management vm')
p = subprocess.Popen('/opt/openmanage/bin/run_openmanage.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
command_output = p.communicate()[0]
if not command_output:
cache.clear()
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'rebuild_db':
log_admin_action(request, 'Rebuild DB')
p = subprocess.Popen('/opt/openmanage/bin/rebuild_db.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
command_output = p.communicate()[0]
if not command_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'restart_directory':
log_admin_action(request, 'restart directory')
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_._kick_services()
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'login_test':
log_admin_action(request, 'login test')
command_output = login_test(
config,
request.POST.get('username', ''),
request.POST.get('password', ''),
)
else:
options = OpenmanageOptsForm(request.POST)
if options.is_valid():
save_settings(request, api, options)
return redirect('blue_mgnt:settings_saved')
return render(request, 'settings.html', dict(
user=request.user,
username=username,
features=features,
ip_blocks=ip_blocks,
command_output=command_output,
options=options,
saved=saved,
error=error,
account_info=account_info,
))
error = False
if request.method == 'POST' and request.user.has_perm(
'blue_mgnt.can_manage_groups'):
if request.POST.get('form', '') == 'new_group':
new_group = GroupForm(request.POST)
if new_group.is_valid():
data = dict(
name=new_group.cleaned_data['name'],
plan_id=new_group.cleaned_data['plan_id'],
webapi_enable=new_group.cleaned_data['webapi_enable'],
check_domain=new_group.cleaned_data.get(
'check_domain', False),
)
log_admin_action(request, 'create group with data: %s' % data)
group_id = api.create_group(data)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
data = dict(
group_id=group_id,
type='dn',
ldap_id=new_group.cleaned_data.get('ldap_dn', ''),
priority=new_group.cleaned_data['priority'],
user_source=new_group.cleaned_data.get(
'user_source', 'local'),
admin_group=new_group.cleaned_data['admin_group'],
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
def user_detail(request,
api,
account_info,
config,
username,
email,
saved=False):
user = api.get_user(email)
devices = api.list_devices(email)
if devices:
user['last_backup_complete'] = max(x['last_backup_complete']
for x in devices)
else:
user['last_backup_complete'] = None
features = api.enterprise_features()
local_user = is_local_user(config, user['group_id'])
groups = api.list_groups()
local_groups = get_local_groups(config, groups)
class UserForm(forms.Form):
if local_user:
name = forms.CharField(max_length=45)
email = forms.EmailField()
group_id = forms.ChoiceField(local_groups, label='Group')
enabled = forms.BooleanField(required=False)
else:
name = forms.CharField(widget=ReadOnlyWidget,
required=False,
max_length=45)
email = forms.EmailField(widget=ReadOnlyWidget, required=False)
group_id = forms.ChoiceField(local_groups,
label='Group',
widget=ReadOnlyWidget,
required=False)
enabled = forms.BooleanField(widget=ReadOnlyWidget, required=False)
bonus_gigs = forms.IntegerField(label="Bonus GBs")
data = dict()
data.update(user)
data['bonus_gigs'] = user['bonus_bytes'] / SIZE_OF_GIGABYTE
if not local_user:
data['group_id'] = get_group_name(groups, data['group_id'])
user_form = UserForm(initial=data)
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'resend_email':
log_admin_action(request,
'resent activation email for %s ' % email)
api.send_activation_email(email)
return redirect('blue_mgnt:user_detail', email)
if request.POST.get('form', '') == 'edit_user':
user_form = UserForm(request.POST)
if request.user.has_perm(
'blue_mgnt.can_manage_users') and user_form.is_valid():
data = dict()
if local_user:
data.update(user_form.cleaned_data)
del data['bonus_gigs']
if email != data['email']:
try:
password = openmanage_models.Password.objects.get(
email=email)
password.update_email(data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
data['bonus_bytes'] = user_form.cleaned_data[
'bonus_gigs'] * SIZE_OF_GIGABYTE
if data:
log_admin_action(
request,
'edit user "%s" with data: %s' % (email, data))
api.edit_user(email, data)
return redirect('blue_mgnt:user_detail_saved',
data.get('email', email))
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
log_admin_action(request, 'change password for: %s' % email)
password = password_form.cleaned_data['password']
local_source.set_user_password(
local_source._get_db_conn(config), email, password)
return redirect('blue_mgnt:user_detail_saved',
data.get('email', email))
if request.POST.get('form', '') == 'delete_user':
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request, 'delete user %s' % email)
api.delete_user(email)
return redirect('blue_mgnt:users')
if request.POST.get('form', '') == 'edit_share':
room_key = request.POST['room_key']
enable = request.POST['enabled'] == 'False'
msg = 'edit share %s for user %s. Action %s share' % \
(room_key, email, 'enable' if enable else 'disable')
log_admin_action(request, msg)
api.edit_share(email, room_key, enable)
return redirect('blue_mgnt:user_detail_saved', email)
return render_to_response(
'user_detail.html',
dict(
shares=api.list_shares(email),
share_url=get_base_url(),
username=username,
local_user=local_user,
email=email,
api_user=user,
storage_login=get_login_link(data['username']),
user_form=user_form,
password_form=password_form,
features=features,
account_info=account_info,
datetime=datetime,
devices=devices,
saved=saved,
), RequestContext(request))
def group_detail(request,
api,
account_info,
config,
username,
group_id,
saved=False):
group_id = int(group_id)
plans = api.list_plans()
policies = api.list_policies()
groups_list = api.list_groups()
django_group, admin_group = get_or_create_admin_group(group_id)
api_group = api.get_group(group_id)
add_config_items(api_group, config)
api_group['permissions'] = [p.id for p in django_group.permissions.all()]
local_group = get_config_group(config, group_id)['user_source'] == 'local'
fields_not_to_show = []
if local_group:
fields_not_to_show = ['ldap_dn', 'priority']
GroupForm = get_group_form(request, config, plans, policies, api, False,
False)
group_form = GroupForm(data=api_group)
DeleteGroupForm = get_delete_group_form(group_id, config, groups_list)
delete_group = DeleteGroupForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'delete_group':
delete_group = DeleteGroupForm(request.POST)
if delete_group.is_valid():
new_group_id = int(delete_group.cleaned_data['new_group_id'])
data = (group_id, new_group_id)
log_admin_action(
request,
'delete group %s and move users to group %s' % data)
api.delete_group(
group_id,
new_group_id,
)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
config_mgr_.config['groups'].remove(g)
break
config_mgr_.apply_config()
return redirect('blue_mgnt:groups_saved')
else:
group_form = GroupForm(request.POST)
if group_form.is_valid():
return redirect('blue_mgnt:group_detail_saved', group_id)
return render_to_response(
'group_detail.html',
dict(
delete_group=delete_group,
group_form=group_form,
group_id=group_id,
saved=saved,
fields_not_to_show=fields_not_to_show,
show_force=getattr(group_form, 'show_force', False),
account_info=account_info,
), RequestContext(request))
def users(request, api, account_info, config, username, saved=False):
show_disabled = int(request.GET.get('show_disabled', 1))
search_back = request.GET.get('search_back', '')
groups = api.list_groups()
features = api.enterprise_features()
search = request.GET.get('search', '')
local_groups = get_local_groups(config, groups)
pagination = Pagination(api.get_user_count(), request.GET.get('page'))
if not search:
search = request.POST.get('search', '')
UserCSVForm = get_new_user_csv_form(api, groups, account_info, config, request)
NewUserForm = get_new_user_form(api, features, account_info, config, local_groups, groups, request)
class BaseUserFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
for x in range(0, self.total_form_count()):
form = self.forms[x]
data = dict(group_id=form.cleaned_data['group_id'], )
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request,
'edit user %s ' % form.cleaned_data['orig_email'] + \
'with data: %s' % data)
api.edit_user(form.cleaned_data['orig_email'], data)
TmpUserForm = get_user_form(local_groups)
TmpUserFormSet = formset_factory(TmpUserForm, extra=0, formset=BaseUserFormSet)
DeleteUserFormSet = formset_factory(DeleteUserForm, extra=0, can_delete=True)
if search_back == '1':
search = ''
all_users = api.list_users(pagination.per_page, pagination.query_offset)
elif search:
all_users = api.search_users(search, pagination.per_page, pagination.query_offset)
else:
all_users = api.list_users(pagination.per_page, pagination.query_offset)
if not show_disabled:
all_users = [x for x in all_users if x['enabled']]
all_users.sort(key=lambda x: x['creation_time'], reverse=True)
def _user_to_dict(x):
return dict(username=x['username'],
email=x['email'],
orig_email=x['email'],
user_detail=x['email'],
name=x['name'],
bytes_stored=x['bytes_stored'],
#gigs_stored=round(x['bytes_stored'] / (10.0 ** 9), 2),
creation_time=datetime.datetime.fromtimestamp(x['creation_time']),
last_login=datetime.datetime.fromtimestamp(x['last_login']) if x['last_login'] else None,
group_id=x['group_id'] if 'group_id' in x else '',
escrow_login=x['username'],
enabled=x['enabled'],
login_link=get_login_link(x['username']),
is_local_user=is_local_user(config, x['group_id']),
group_name=get_group_name(groups, x['group_id']),
)
users = map(_user_to_dict, all_users)
local_users = [user for user in users if user['is_local_user']]
for x, local_user in enumerate(local_users):
local_user['index'] = x
tmp_user_formset = TmpUserFormSet(initial=local_users, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(initial=users, prefix='delete_user')
user_csv = UserCSVForm()
new_user = NewUserForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'csv':
user_csv = UserCSVForm(request.POST, request.FILES)
if user_csv.is_valid():
return redirect('blue_mgnt:users_saved')
elif request.POST.get('form', '') == 'new_user':
new_user = NewUserForm(request.POST)
if new_user.is_valid():
return redirect('blue_mgnt:users_saved')
else:
tmp_user_formset = TmpUserFormSet(request.POST, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(request.POST, prefix='delete_user')
if (request.user.has_perm('blue_mgnt.can_manage_users')
and tmp_user_formset.is_valid()
and delete_user_formset.is_valid()):
for form in delete_user_formset.deleted_forms:
orig_email = form.cleaned_data['orig_email']
api.delete_user(orig_email)
log_admin_action(request, 'delete user "%s"' % orig_email)
return redirect(reverse('blue_mgnt:users_saved') + '?search=%s' % search)
index = 0
for user in users:
if user['is_local_user']:
user['form'] = tmp_user_formset[index]
index += 1
return render_to_response('index.html', dict(
user=request.user,
config=config,
new_user=new_user,
username=username,
tmp_user_formset=tmp_user_formset,
delete_user_formset=delete_user_formset,
user_csv=user_csv,
features=api.enterprise_features(),
saved=saved,
account_info=account_info,
show_disabled=show_disabled,
search=search,
search_back=search_back,
users_and_delete=zip(users, delete_user_formset),
pagination=pagination,
),
RequestContext(request))
groups = GroupFormSet(initial=initial, prefix='groups')
group_csv = GroupCSVForm()
new_group = GroupForm()
error = False
if request.method == 'POST' and request.user.has_perm('blue_mgnt.can_manage_groups'):
if request.POST.get('form', '') == 'new_group':
new_group = GroupForm(request.POST)
if new_group.is_valid():
data = dict(name=new_group.cleaned_data['name'],
plan_id=new_group.cleaned_data['plan_id'],
webapi_enable=new_group.cleaned_data['webapi_enable'],
check_domain=new_group.cleaned_data.get('check_domain', False),
)
log_admin_action(request, 'create group with data: %s' % data)
group_id = api.create_group(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
data = dict(group_id=group_id,
type='dn',
ldap_id=new_group.cleaned_data.get('ldap_dn', ''),
priority=new_group.cleaned_data['priority'],
user_source=new_group.cleaned_data.get('user_source', 'local'),
admin_group=new_group.cleaned_data['admin_group'],
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(group_id)
for permission_id in new_group.cleaned_data['permissions']:
def settings(request, api, account_info, config, username, saved=False):
opts = api.enterprise_settings()
features = api.enterprise_features()
class OpenmanageOptsForm(forms.Form):
#share_link_ttl = IntervalFormField(
# 'D',
# label='Share Link Time-to-Live',
# initial=datetime.timedelta(minutes=opts['share_link_ttl'])
#)
if features['ldap']:
ad_domain = forms.CharField(
required=False,
label='Restrict client installs to domain',
initial=opts['ad_domain'])
autopurge_interval = IntervalFormField(
'D',
label='Deleted Items Automatic Purge',
initial=datetime.timedelta(days=opts['autopurge_interval']))
versionpurge_interval = IntervalFormField(
'D',
label='Historical Version Automatic Purge',
initial=datetime.timedelta(days=opts['versionpurge_interval']))
support_email = forms.EmailField(initial=opts['support_email'])
if features['ldap']:
omva_url = forms.URLField(
label='OpenManage Virtual Appliance URL',
initial=opts['omva_url'],
)
timezone = forms.ChoiceField(
choices=[(x, x) for x in pytz.common_timezones],
initial=file('/etc/timezone').read().strip(),
)
def __init__(self, *args, **kwargs):
super(OpenmanageOptsForm, self).__init__(*args, **kwargs)
if features['ldap']:
for var in AGENT_CONFIG_VARS:
self.fields[var] = forms.CharField(initial=config.get(
var, ''),
required=False)
options = OpenmanageOptsForm()
class BaseIPBlockFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms \
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(
dict(signup_network_restriction=blocks))
log_admin_action(request,
'update signup network restrictions: %s' % blocks)
IPBlockFormSet = formset_factory(IPBlockForm,
can_delete=True,
formset=BaseIPBlockFormSet)
ip_blocks = IPBlockFormSet(
initial=[dict(ip_block=x) for x in opts['signup_network_restriction']],
prefix='ip_blocks')
error = False
sync_output = ''
rebuild_output = ''
if request.method == 'POST' and request.user.has_perm(
'blue_mgnt.can_manage_settings'):
if request.POST.get('form', '') == 'ip_block':
ip_blocks = IPBlockFormSet(request.POST, prefix='ip_blocks')
if ip_blocks.is_valid():
return redirect('blue_mgnt:settings_saved')
else:
error = True
elif request.POST.get('form', '') == 'reboot':
log_admin_action(request, 'reboot management vm')
subprocess.call(['shutdown', '-r', 'now'])
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'sync':
log_admin_action(request, 'sync management vm')
p = subprocess.Popen('/opt/openmanage/bin/run_openmanage.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
sync_output = p.communicate()[0]
if not sync_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'rebuild_db':
log_admin_action(request, 'Rebuild DB')
p = subprocess.Popen('/opt/openmanage/bin/rebuild_db.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
rebuild_output = p.communicate()[0]
if not rebuild_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'restart_directory':
log_admin_action(request, 'restart directory')
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_._kick_services()
return redirect('blue_mgnt:settings_saved')
else:
options = OpenmanageOptsForm(request.POST)
if options.is_valid():
save_settings(request, api, options)
return redirect('blue_mgnt:settings_saved')
return render_to_response(
'settings.html',
dict(
user=request.user,
username=username,
features=features,
ip_blocks=ip_blocks,
sync_output=sync_output,
rebuild_output=rebuild_output,
options=options,
saved=saved,
error=error,
account_info=account_info,
), RequestContext(request))
def users(request, api, account_info, config, username, saved=False):
show_disabled = int(request.GET.get('show_disabled', 1))
search_back = request.GET.get('search_back', '')
groups = api.list_groups()
features = api.enterprise_features()
search = request.GET.get('search', '')
local_groups = get_local_groups(config, groups)
pagination = Pagination(api.get_user_count(), request.GET.get('page'))
if not search:
search = request.POST.get('search', '')
UserCSVForm = get_new_user_csv_form(api, groups, account_info, config,
request)
NewUserForm = get_new_user_form(api, features, account_info, config,
local_groups, groups, request)
class BaseUserFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
for x in range(0, self.total_form_count()):
form = self.forms[x]
data = dict(group_id=form.cleaned_data['group_id'], )
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request,
'edit user %s ' % form.cleaned_data['orig_email'] + \
'with data: %s' % data)
api.edit_user(form.cleaned_data['orig_email'], data)
TmpUserForm = get_user_form(local_groups)
TmpUserFormSet = formset_factory(TmpUserForm,
extra=0,
formset=BaseUserFormSet)
DeleteUserFormSet = formset_factory(DeleteUserForm,
extra=0,
can_delete=True)
if search_back == '1':
search = ''
all_users = api.list_users(pagination.per_page,
pagination.query_offset)
elif search:
all_users = api.search_users(search, pagination.per_page,
pagination.query_offset)
else:
all_users = api.list_users(pagination.per_page,
pagination.query_offset)
if not show_disabled:
all_users = [x for x in all_users if x['enabled']]
all_users.sort(key=lambda x: x['creation_time'], reverse=True)
def _user_to_dict(x):
return dict(
username=x['username'],
email=x['email'],
orig_email=x['email'],
user_detail=x['email'],
name=x['name'],
bytes_stored=x['bytes_stored'],
#gigs_stored=round(x['bytes_stored'] / (10.0 ** 9), 2),
creation_time=datetime.datetime.fromtimestamp(x['creation_time']),
last_login=datetime.datetime.fromtimestamp(x['last_login'])
if x['last_login'] else None,
group_id=x['group_id'] if 'group_id' in x else '',
escrow_login=x['username'],
enabled=x['enabled'],
login_link=get_login_link(x['username']),
is_local_user=is_local_user(config, x['group_id']),
group_name=get_group_name(groups, x['group_id']),
)
users = map(_user_to_dict, all_users)
local_users = [user for user in users if user['is_local_user']]
for x, local_user in enumerate(local_users):
local_user['index'] = x
tmp_user_formset = TmpUserFormSet(initial=local_users, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(initial=users,
prefix='delete_user')
user_csv = UserCSVForm()
new_user = NewUserForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'csv':
user_csv = UserCSVForm(request.POST, request.FILES)
if user_csv.is_valid():
return redirect('blue_mgnt:users_saved')
elif request.POST.get('form', '') == 'new_user':
new_user = NewUserForm(request.POST)
if new_user.is_valid():
return redirect('blue_mgnt:users_saved')
else:
tmp_user_formset = TmpUserFormSet(request.POST, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(request.POST,
prefix='delete_user')
if (request.user.has_perm('blue_mgnt.can_manage_users')
and tmp_user_formset.is_valid()
and delete_user_formset.is_valid()):
for form in delete_user_formset.deleted_forms:
orig_email = form.cleaned_data['orig_email']
api.delete_user(orig_email)
log_admin_action(request, 'delete user "%s"' % orig_email)
return redirect(
reverse('blue_mgnt:users_saved') + '?search=%s' % search)
index = 0
for user in users:
if user['is_local_user']:
user['form'] = tmp_user_formset[index]
index += 1
return render_to_response(
'index.html',
dict(
user=request.user,
config=config,
new_user=new_user,
username=username,
tmp_user_formset=tmp_user_formset,
delete_user_formset=delete_user_formset,
user_csv=user_csv,
features=api.enterprise_features(),
saved=saved,
account_info=account_info,
show_disabled=show_disabled,
search=search,
search_back=search_back,
users_and_delete=zip(users, delete_user_formset),
pagination=pagination,
), RequestContext(request))
def groups(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
plans = api.list_plans()
policies = api.list_policies()
groups_list = api.list_groups()
search = request.GET.get('search', '')
search_back = request.GET.get('search_back', '')
if not search:
search = request.POST.get('search', '')
class GroupCSVForm(forms.Form):
csv_file = forms.FileField(label='Group CSV')
def clean_csv_file(self):
data = self.cleaned_data['csv_file']
csv_data = csv.DictReader(data)
for x, row in enumerate(csv_data):
try:
try:
group_id = int(row['group_id'])
api.edit_group(group_id, process_row(row))
except (KeyError, ValueError):
api.create_group(process_row(row))
except Exception:
raise forms.ValidationError('Invalid data in row %s' % x)
return data
class BaseGroupFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(
name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
device_policy=form.cleaned_data['device_policy'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get(
'check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
GroupForm = get_group_form(request,
config,
plans,
policies,
api,
ldap_enabled=features['ldap'])
GroupFormSet = formset_factory(get_group_form(request, config, plans,
policies, api, False),
extra=0,
formset=BaseGroupFormSet)
if search_back == '1':
search = ''
initial = groups_list
elif search:
initial = api.search_groups(search)
else:
initial = groups_list
for i in initial:
add_config_items(i, config)
for plan in plans:
if plan['plan_id'] == i['plan_id']:
storage_gigs = plan['storage_bytes'] / SIZE_OF_GIGABYTE
if storage_gigs < 1000000001:
i['plan_name'] = '%s GB' % storage_gigs
else:
i['plan_name'] = 'Unlimited'
groups = GroupFormSet(initial=initial, prefix='groups')
group_csv = GroupCSVForm()
new_group = GroupForm()
error = False
if request.method == 'POST' and request.user.has_perm(
'blue_mgnt.can_manage_groups'):
if request.POST.get('form', '') == 'new_group':
new_group = GroupForm(request.POST)
if new_group.is_valid():
device_policy = None
if new_group.cleaned_data['device_policy']:
device_policy = new_group.cleaned_data['device_policy']
data = dict(
name=new_group.cleaned_data['name'],
plan_id=new_group.cleaned_data['plan_id'],
device_policy=device_policy,
webapi_enable=new_group.cleaned_data['webapi_enable'],
check_domain=new_group.cleaned_data.get(
'check_domain', False),
)
log_admin_action(request, 'create group with data: %s' % data)
group_id = api.create_group(data)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
data = dict(
group_id=group_id,
type='dn',
ldap_id=new_group.cleaned_data.get('ldap_dn', ''),
priority=new_group.cleaned_data['priority'],
user_source=new_group.cleaned_data.get(
'user_source', 'local'),
admin_group=new_group.cleaned_data['admin_group'],
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(group_id)
for permission_id in new_group.cleaned_data['permissions']:
django_group.permissions.add(
Permission.objects.get(pk=permission_id))
django_group.save()
return redirect('blue_mgnt:groups_saved')
elif request.POST.get('form', '') == 'csv':
group_csv = GroupCSVForm(request.POST, request.FILES)
if group_csv.is_valid():
return redirect('blue_mgnt:groups_saved')
else:
groups = GroupFormSet(request.POST, prefix='groups')
if groups.is_valid():
return redirect(
reverse('blue_mgnt:groups_saved') + '?search=%s' % search)
return render_to_response(
'groups.html',
dict(
initial=initial,
config=config,
user=request.user,
username=username,
new_group=new_group,
group_csv=group_csv,
features=features,
groups=groups,
groups_and_data=zip(groups, initial),
saved=saved,
error=error,
account_info=account_info,
search=search,
search_back=search_back,
show_force=getattr(groups, 'show_force', False),
), RequestContext(request))
def users(request, api, account_info, config, username, saved=False):
show_disabled = int(request.GET.get('show_disabled', 1))
groups = api.list_groups()
plans = api.list_plans()
features = api.enterprise_features()
search = request.GET.get('search', '')
local_groups = get_local_groups(config, groups)
user_count = api.get_user_count()
page = int(request.GET.get('page', 1))
pagination = Pagination('blue_mgnt:users',
user_count,
page,
)
order_by = request.GET.get('order_by', '')
search_by = urllib.unquote(request.GET.get('search_by', ''))
all_user_columns = USER_COLUMNS
if features['email_as_username']:
default_columns = 'name,email,group_id,bytes_stored'
else:
default_columns = 'username,name,email,group_id,bytes_stored'
column_arg = request.GET.getlist('columns', default_columns)
if type(column_arg) is list:
column_arg = ','.join(map(str, column_arg))
columns = [x.strip() for x in column_arg.split(',')]
user_columns, error = get_user_columns(columns)
for column in user_columns:
if column.name == order_by:
column.order_by = '-%s' % column.name
else:
column.order_by = column.name
UserCSVForm = get_new_user_csv_form(api, groups, account_info, config, request)
NewUserForm = get_new_user_form(api, features, account_info,
config, local_groups, groups, request)
BaseUserFormSet = get_base_user_form_set(api, request)
UserForm = get_user_form(local_groups)
UserFormSet = formset_factory(UserForm, extra=0, formset=BaseUserFormSet)
DeleteUserFormSet = formset_factory(DeleteUserForm, extra=0, can_delete=True)
if search:
all_users = api.search_users(search, pagination.per_page, pagination.query_offset)
else:
all_users = api.list_users(pagination.per_page,
pagination.query_offset,
order_by=order_by,
search_by=search_by,
)
if len(all_users) < pagination.per_page:
pagination = Pagination('blue_mgnt:users',
page * pagination.per_page,
page,
)
if not show_disabled:
all_users = [x for x in all_users if x['enabled']]
users = [dict(orig_email=x['email'],
group_id=x['group_id'],
is_local_user=is_local_user(config, x['group_id']),
) for x in all_users]
local_users = [user for user in users if user['is_local_user']]
user_formset = UserFormSet(initial=local_users, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(initial=users, prefix='delete_user')
user_csv = UserCSVForm()
new_user = NewUserForm()
# Use the name instead of the ID
for row in all_users:
row['plan_id'] = get_plan_name(plans, row['plan_id'])
user_rows = get_user_rows(all_users, delete_user_formset,
user_formset, config,
user_columns, groups
)
get_args = urllib.urlencode(dict(
search=search,
order_by=order_by,
search_by=search_by,
columns=column_arg
))
class UserColumnsForm(forms.Form):
columns = forms.MultipleChoiceField(required=False,
choices=[(item.name, item.header) for item in USER_COLUMNS],
widget=forms.CheckboxSelectMultiple)
column_form = UserColumnsForm(initial={'columns': columns})
if request.method == 'POST':
if request.POST.get('form', '') == 'csv':
user_csv = UserCSVForm(request.POST, request.FILES)
if user_csv.is_valid():
return redirect('blue_mgnt:users_saved')
elif request.POST.get('form', '') == 'new_user':
new_user = NewUserForm(request.POST)
if new_user.is_valid():
return redirect('blue_mgnt:users_saved')
else:
user_formset = UserFormSet(request.POST, prefix='tmp_user')
delete_user_formset = DeleteUserFormSet(request.POST, prefix='delete_user')
if (request.user.has_perm('blue_mgnt.can_manage_users')
and user_formset.is_valid()
and delete_user_formset.is_valid()):
for form in delete_user_formset.deleted_forms:
orig_email = form.cleaned_data['orig_email']
api.delete_user(orig_email)
log_admin_action(request, 'delete user "%s"' % orig_email)
return redirect(reverse('blue_mgnt:users_saved') + '?search=%s' % search)
return render_to_response('users.html', dict(
order_by=order_by,
search_by=search_by,
columns=column_arg,
get_args=get_args,
error=error,
user_columns=user_columns,
user=request.user,
config=config,
new_user=new_user,
username=username,
user_formset=user_formset,
delete_user_formset=delete_user_formset,
user_csv=user_csv,
features=features,
saved=saved,
account_info=account_info,
show_disabled=show_disabled,
search=search,
user_rows=user_rows,
pagination=pagination,
all_user_columns=all_user_columns,
column_form=column_form,
),
RequestContext(request))
def user_detail(request, api, account_info, config, username, email, saved=False):
user = api.get_user(email)
devices = api.list_devices(email)
if devices:
user['last_backup_complete'] = max(x['last_backup_complete'] for x in devices)
else:
user['last_backup_complete'] = None
features = api.enterprise_features()
local_user = is_local_user(config, user['group_id'])
groups = api.list_groups()
local_groups = get_local_groups(config, groups)
class UserForm(forms.Form):
if local_user:
name = forms.CharField(max_length=45)
email = forms.EmailField()
group_id = forms.ChoiceField(local_groups, label='Group')
enabled = forms.BooleanField(required=False)
else:
name = forms.CharField(widget=ReadOnlyWidget, required=False, max_length=45)
email = forms.EmailField(widget=ReadOnlyWidget, required=False)
group_id = forms.ChoiceField(
local_groups,
label='Group',
widget=ReadOnlyWidget, required=False
)
enabled = forms.BooleanField(widget=ReadOnlyWidget, required=False)
bonus_gigs = forms.IntegerField(label="Bonus GBs")
data = dict()
data.update(user)
data['bonus_gigs'] = user['bonus_bytes'] / SIZE_OF_GIGABYTE
if not local_user:
data['group_id'] = get_group_name(groups, data['group_id'])
user_form = UserForm(initial=data)
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'resend_email':
log_admin_action(request, 'resent activation email for %s ' % email)
api.send_activation_email(email)
return redirect('blue_mgnt:user_detail', email)
if request.POST.get('form', '') == 'edit_user':
user_form = UserForm(request.POST)
if request.user.has_perm('blue_mgnt.can_manage_users') and user_form.is_valid():
data = dict()
if local_user:
data.update(user_form.cleaned_data)
del data['bonus_gigs']
if email != data['email']:
try:
password = openmanage_models.Password.objects.get(email=email)
password.update_email(data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
data['bonus_bytes'] = user_form.cleaned_data['bonus_gigs'] * SIZE_OF_GIGABYTE
if data:
log_admin_action(request, 'edit user "%s" with data: %s' % (email, data))
api.edit_user(email, data)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
log_admin_action(request, 'change password for: %s' % email)
password = password_form.cleaned_data['password']
local_source.set_user_password(local_source._get_db_conn(config),
email, password)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'delete_user':
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request, 'delete user %s' % email)
api.delete_user(email)
return redirect('blue_mgnt:users')
if request.POST.get('form', '') == 'edit_share':
room_key = request.POST['room_key']
enable = request.POST['enabled'] == 'False'
msg = 'edit share %s for user %s. Action %s share' % \
(room_key, email, 'enable' if enable else 'disable')
log_admin_action(request, msg)
api.edit_share(email, room_key, enable)
return redirect('blue_mgnt:user_detail_saved', email)
return render_to_response('user_detail.html', dict(
shares=api.list_shares(email),
share_url=get_base_url(),
username=username,
local_user=local_user,
email=email,
api_user=user,
storage_login=get_login_link(data['username']),
user_form=user_form,
password_form=password_form,
features=features,
account_info=account_info,
datetime=datetime,
devices=devices,
saved=saved,
),
RequestContext(request))
def user_detail(request, api, account_info, config, username, email, saved=False):
user = api.get_user(email)
devices = api.list_devices(email)
if devices:
user['last_backup_complete'] = max(x['last_backup_complete'] for x in devices)
else:
user['last_backup_complete'] = None
features = api.enterprise_features()
local_user = is_local_user(config, user['group_id'])
groups = api.list_groups()
local_groups = get_local_groups(config, groups)
reset_password_message = ''
pw = openmanage_models.Password.objects.filter(email=email)
if local_user:
if pw and pw[0].pw_hash:
reset_password_message = 'Send Password Reset Email'
else:
reset_password_message = 'Resend Welcome Email'
class UserForm(forms.Form):
if local_user:
name = forms.CharField(max_length=45)
email = forms.EmailField()
group_id = forms.ChoiceField(local_groups, label='Group')
enabled = forms.BooleanField(required=False)
else:
name = forms.CharField(widget=ReadOnlyWidget, required=False, max_length=45)
email = forms.EmailField(widget=ReadOnlyWidget, required=False)
group_id = forms.ChoiceField(
local_groups,
label='Group',
widget=ReadOnlyWidget, required=False
)
enabled = forms.BooleanField(widget=ReadOnlyWidget, required=False)
bonus_gigs = forms.IntegerField(label="Bonus GBs")
def clean_email(self):
new_email = self.cleaned_data['email']
if new_email and new_email != email:
try:
api.get_user(new_email)
raise forms.ValidationError('A user with this email already exists')
except api.NotFound:
pass
return new_email
def save(self):
user_data = dict()
if local_user:
user_data.update(self.cleaned_data)
del user_data['bonus_gigs']
if email != user_data['email']:
try:
password = openmanage_models.Password.objects.get(email=email)
password.update_email(user_data['email'])
except openmanage_models.Password.DoesNotExist:
pass
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
user_data['bonus_bytes'] = user_form.cleaned_data['bonus_gigs'] * SIZE_OF_GIGABYTE
if user_data:
log_admin_action(request, 'edit user "%s" with data: %s' % (email, user_data))
api.edit_user(email, user_data)
data = dict()
data.update(user)
data['bonus_gigs'] = user['bonus_bytes'] / SIZE_OF_GIGABYTE
if not local_user:
data['group_id'] = get_group_name(groups, data['group_id'])
user_form = UserForm(initial=data)
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'resend_email':
log_admin_action(request, 'resent activation email for %s ' % email)
api.send_activation_email(email)
return redirect('blue_mgnt:user_detail', email)
if request.POST.get('form', '') == 'edit_user':
user_form = UserForm(request.POST)
if request.user.has_perm('blue_mgnt.can_manage_users') and user_form.is_valid():
user_form.save()
return redirect('blue_mgnt:user_detail_saved',
user_form.cleaned_data.get('email', email))
if request.POST.get('form', '') == 'reset_password':
if request.user.has_perm('blue_mgnt.can_manage_users'):
local_source.set_user_password(local_source._get_db_conn(config),
email, '')
api.send_activation_email(email, dict(template_name='set_password'))
return redirect('blue_mgnt:user_detail_saved', email)
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
log_admin_action(request, 'change password for: %s' % email)
password = password_form.cleaned_data['password'].encode('utf-8')
local_source.set_user_password(local_source._get_db_conn(config),
email, password)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'delete_user':
if request.user.has_perm('blue_mgnt.can_manage_users'):
log_admin_action(request, 'delete user %s' % email)
api.delete_user(email)
return redirect('blue_mgnt:users')
if request.POST.get('form', '') == 'bump_space':
if request.user.has_perm('blue_mgnt.can_edit_bonus_gigs'):
log_admin_action(request, 'bump space for user %s' % email)
data = {
'bonus_bytes': (data['bonus_gigs'] + SIZE_OF_BUMP) * SIZE_OF_GIGABYTE
}
api.edit_user(email, data)
time_to_reset = datetime.datetime.now() + datetime.timedelta(days=3)
BumpedUser.objects.create(email=email,
time_to_reset_bonus_gb=time_to_reset)
return redirect('blue_mgnt:user_detail_saved', data.get('email', email))
if request.POST.get('form', '') == 'edit_share':
room_key = request.POST['room_key']
enable = request.POST['enabled'] == 'False'
msg = 'edit share %s for user %s. Action %s share' % \
(room_key, email, 'enable' if enable else 'disable')
log_admin_action(request, msg)
api.edit_share(email, room_key, enable)
return redirect('blue_mgnt:user_detail_saved', email)
return render_to_response('user_detail.html', dict(
shares=api.list_shares(email),
share_url=get_base_url(),
username=username,
local_user=local_user,
email=email,
api_user=user,
storage_login=get_login_link(data['username']),
user_form=user_form,
password_form=password_form,
features=features,
account_info=account_info,
reset_password_message=reset_password_message,
datetime=datetime,
devices=devices,
saved=saved,
),
RequestContext(request))
def groups(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
plans = api.list_plans()
policies = api.list_policies()
groups_list = api.list_groups()
search = request.GET.get('search', '')
search_back = request.GET.get('search_back', '')
if not search:
search = request.POST.get('search', '')
class GroupCSVForm(forms.Form):
csv_file = forms.FileField(label='Group CSV')
def clean_csv_file(self):
data = self.cleaned_data['csv_file']
csv_data = csv.DictReader(data)
for x, row in enumerate(csv_data):
try:
try:
group_id = int(row['group_id'])
api.edit_group(group_id, process_row(row))
except (KeyError, ValueError):
api.create_group(process_row(row))
except Exception:
raise forms.ValidationError('Invalid data in row %s' % x)
return data
class BaseGroupFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(
name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
device_policy=form.cleaned_data['device_policy'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get('check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
GroupForm = get_group_form(request, config, plans, policies, api,
ldap_enabled=features['ldap'])
GroupFormSet = formset_factory(
get_group_form(request, config, plans, policies, api, False),
extra=0, formset=BaseGroupFormSet)
if search_back == '1':
search = ''
initial = groups_list
elif search:
initial = api.search_groups(search)
else:
initial = groups_list
for i in initial:
add_config_items(i, config)
for plan in plans:
if plan['plan_id'] == i['plan_id']:
storage_gigs = plan['storage_bytes'] / SIZE_OF_GIGABYTE
if storage_gigs < 1000000001:
i['plan_name'] = '%s GB' % storage_gigs
else:
i['plan_name'] = 'Unlimited'
groups = GroupFormSet(initial=initial, prefix='groups')
group_csv = GroupCSVForm()
new_group = GroupForm()
error = False
if request.method == 'POST' and request.user.has_perm('blue_mgnt.can_manage_groups'):
if request.POST.get('form', '') == 'new_group':
new_group = GroupForm(request.POST)
if new_group.is_valid():
device_policy = None
if new_group.cleaned_data['device_policy']:
device_policy = new_group.cleaned_data['device_policy']
data = dict(
name=new_group.cleaned_data['name'],
plan_id=new_group.cleaned_data['plan_id'],
device_policy=device_policy,
webapi_enable=new_group.cleaned_data['webapi_enable'],
check_domain=new_group.cleaned_data.get('check_domain', False),
)
log_admin_action(request, 'create group with data: %s' % data)
group_id = api.create_group(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
data = dict(
group_id=group_id,
type='dn',
ldap_id=new_group.cleaned_data.get('ldap_dn', ''),
priority=new_group.cleaned_data['priority'],
user_source=new_group.cleaned_data.get('user_source', 'local'),
admin_group=new_group.cleaned_data['admin_group'],
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(group_id)
for permission_id in new_group.cleaned_data['permissions']:
django_group.permissions.add(Permission.objects.get(pk=permission_id))
django_group.save()
return redirect('blue_mgnt:groups_saved')
elif request.POST.get('form', '') == 'csv':
group_csv = GroupCSVForm(request.POST, request.FILES)
if group_csv.is_valid():
return redirect('blue_mgnt:groups_saved')
else:
groups = GroupFormSet(request.POST, prefix='groups')
if groups.is_valid():
return redirect(reverse('blue_mgnt:groups_saved') + '?search=%s' % search)
return render(request, 'groups.html', dict(
initial=initial,
config=config,
user=request.user,
username=username,
new_group=new_group,
group_csv=group_csv,
features=features,
groups=groups,
groups_and_data=zip(groups, initial),
saved=saved,
error=error,
account_info=account_info,
search=search,
search_back=search_back,
show_force=getattr(groups, 'show_force', False),
))
