Enhance form management and display
This commit is contained in:
Mikaël Ates
parent
152a3c24af
commit
6bbd246354
|
|
@ -37,7 +37,8 @@ from decorators import prevent_access_to_not_policy_root_administrators
|
|||
from models import UserAlias, Role, AcsObject, View, Action, Activity, \
|
||||
Namespace, AcsPermission
|
||||
|
||||
from forms import AddRoleForm, AddViewForm, RoleChangeForm, ViewChangeForm
|
||||
from forms import AddRoleForm, AddViewForm, RoleChangeForm, ViewChangeForm, \
|
||||
AdminViewChangeForm
|
||||
|
||||
from views import return_add_any, return_list_any, return_mod_any, \
|
||||
return_add_permission_form
|
||||
|
|
@ -178,9 +179,6 @@ def add_admin_role(request):
|
|||
if form.is_valid():
|
||||
role = form.save()
|
||||
logger.debug('add_admin_role: admin role %s created' %role)
|
||||
role.namespace = Namespace.objects.get(name='Default')
|
||||
role.save()
|
||||
logger.debug('add_admin_role: Namespace changed: %s' %role)
|
||||
policy.admin_roles.add(role)
|
||||
logger.debug('add_admin_role: role added to %s' \
|
||||
%policy.admin_roles)
|
||||
|
|
@ -189,10 +187,7 @@ def add_admin_role(request):
|
|||
%policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Administration role %s added') %role)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. Role not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddRoleForm()
|
||||
title = _('Add a new administration role in %s' %policy)
|
||||
|
|
@ -212,9 +207,6 @@ def add_admin_view(request):
|
|||
if form.is_valid():
|
||||
view = form.save()
|
||||
logger.debug('add_admin_view: admin view %s created' %view)
|
||||
view.namespace = Namespace.objects.get(name='Default')
|
||||
view.save()
|
||||
logger.debug('add_admin_view: Namespace changed: %s' %view)
|
||||
policy.admin_views.add(view)
|
||||
logger.debug('add_admin_role: view added to %s' \
|
||||
%policy.admin_views)
|
||||
|
|
@ -223,10 +215,7 @@ def add_admin_view(request):
|
|||
%policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Administration view %s added') %view)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. View not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddViewForm()
|
||||
title = _('Add a new administration view in %s' %policy)
|
||||
|
|
@ -341,11 +330,6 @@ def mod_admin_role(request):
|
|||
form.fields["roles"].queryset = policy.admin_roles.all()
|
||||
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['namespace'] \
|
||||
!= Namespace.objects.get(name='Default'):
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('%s must stay in the Default policy') %role)
|
||||
return HttpResponseRedirect('/list_admin_roles')
|
||||
'''Processing users modifications'''
|
||||
users_registered = []
|
||||
users_new = []
|
||||
|
|
@ -384,11 +368,6 @@ def mod_admin_role(request):
|
|||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Role %s modified') %role)
|
||||
else:
|
||||
logger.error('mod_admin_role: form error in %s' %form)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form for %s') %role)
|
||||
return HttpResponseRedirect('/list_admin_roles')
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -449,7 +428,7 @@ def mod_admin_view(request):
|
|||
messages.add_message(request, messages.ERROR,
|
||||
_('%s is not an administration view of %s') %(view, policy))
|
||||
return HttpResponseRedirect('/list_admin_roles')
|
||||
form = ViewChangeForm(instance=view)
|
||||
form = AdminViewChangeForm(instance=view)
|
||||
form.fields["users"].queryset = \
|
||||
UserAlias.objects.filter(namespace=policy.namespace)
|
||||
form.fields["roles"].queryset = \
|
||||
|
|
@ -484,7 +463,7 @@ def mod_admin_view(request):
|
|||
_('%s is not an administration view of %s') %(view, policy))
|
||||
return HttpResponseRedirect('/list_admin_roles')
|
||||
|
||||
form = ViewChangeForm(request.POST, instance=view)
|
||||
form = AdminViewChangeForm(request.POST, instance=view)
|
||||
form.fields["users"].queryset = \
|
||||
UserAlias.objects.filter(namespace=policy.namespace)
|
||||
form.fields["roles"].queryset = \
|
||||
|
|
@ -496,11 +475,6 @@ def mod_admin_view(request):
|
|||
Activity.objects.filter(namespace=policy.namespace)
|
||||
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['namespace'] \
|
||||
!= Namespace.objects.get(name='Default'):
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('%s must stay in the Default policy') %view)
|
||||
return HttpResponseRedirect('/list_admin_roles')
|
||||
'''Processing users modifications'''
|
||||
users_registered = []
|
||||
users_new = []
|
||||
|
|
@ -605,11 +579,6 @@ def mod_admin_view(request):
|
|||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('View %s modified') %view)
|
||||
else:
|
||||
logger.error('mod_admin_view: form error in %s' %form)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form for %s') %view)
|
||||
return HttpResponseRedirect('/list_admin_views')
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
|
|||
272
acs/forms.py
272
acs/forms.py
|
|
@ -16,6 +16,7 @@
|
|||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
'''
|
||||
import logging
|
||||
|
||||
from django import forms
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
|
@ -23,10 +24,12 @@ from django.forms.widgets import CheckboxSelectMultiple
|
|||
from django.contrib.auth.models import User
|
||||
from registration.forms import RegistrationForm
|
||||
|
||||
from models import Action, Activity, AcsObject, Role, View
|
||||
from models import Action, Activity, AcsObject, Role, View, Namespace
|
||||
|
||||
from abac.models import Source, LdapSource
|
||||
|
||||
logger = logging.getLogger('acs')
|
||||
|
||||
attrs_dict = {'class': 'required'}
|
||||
|
||||
|
||||
|
|
@ -111,14 +114,14 @@ class AddRoleForm(forms.ModelForm):
|
|||
model = Role
|
||||
fields = ("name",)
|
||||
|
||||
def clean_name(self):
|
||||
name = self.cleaned_data["name"]
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
Role.objects.get(name=name)
|
||||
except Role.DoesNotExist:
|
||||
return name
|
||||
raise forms.ValidationError(\
|
||||
_("A role with that name already exists."))
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
def save(self, commit=True):
|
||||
role = super(AddRoleForm, self).save(commit=False)
|
||||
|
|
@ -139,16 +142,16 @@ class AddObjectForm(forms.ModelForm):
|
|||
|
||||
class Meta:
|
||||
model = AcsObject
|
||||
fields = ("name",)
|
||||
fields = ("name", "regex",)
|
||||
|
||||
# def clean_name(self):
|
||||
# name = self.cleaned_data["name"]
|
||||
# try:
|
||||
# AcsObject.objects.get(name=name)
|
||||
# except AcsObject.DoesNotExist:
|
||||
# return name
|
||||
# raise forms.ValidationError(\
|
||||
# _("An object with that name already exists."))
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
def save(self, commit=True):
|
||||
acs_object = super(AddObjectForm, self).save(commit=False)
|
||||
|
|
@ -170,14 +173,15 @@ class AddViewForm(forms.ModelForm):
|
|||
model = View
|
||||
fields = ("name",)
|
||||
|
||||
def clean_name(self):
|
||||
name = self.cleaned_data["name"]
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
View.objects.get(name=name)
|
||||
except View.DoesNotExist:
|
||||
return name
|
||||
raise forms.ValidationError(\
|
||||
_("A view with that name already exists."))
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
def save(self, commit=True):
|
||||
view = super(AddViewForm, self).save(commit=False)
|
||||
|
|
@ -199,14 +203,15 @@ class AddActionForm(forms.ModelForm):
|
|||
model = Action
|
||||
fields = ("name",)
|
||||
|
||||
def clean_name(self):
|
||||
name = self.cleaned_data["name"]
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
Action.objects.get(name=name)
|
||||
except Action.DoesNotExist:
|
||||
return name
|
||||
raise forms.ValidationError(\
|
||||
_("An action with that name already exists."))
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
def save(self, commit=True):
|
||||
action = super(AddActionForm, self).save(commit=False)
|
||||
|
|
@ -228,14 +233,15 @@ class AddActivityForm(forms.ModelForm):
|
|||
model = Activity
|
||||
fields = ("name",)
|
||||
|
||||
def clean_name(self):
|
||||
name = self.cleaned_data["name"]
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
Activity.objects.get(name=name)
|
||||
except Activity.DoesNotExist:
|
||||
return name
|
||||
raise forms.ValidationError(\
|
||||
_("An activity with that name already exists."))
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
def save(self, commit=True):
|
||||
activity = super(AddActivityForm, self).save(commit=False)
|
||||
|
|
@ -244,6 +250,121 @@ class AddActivityForm(forms.ModelForm):
|
|||
return activity
|
||||
|
||||
|
||||
class RoleChangeForm(forms.ModelForm):
|
||||
name = forms.RegexField(label=_("name"),
|
||||
max_length=30, regex=r'^[\w.@+-]+$',
|
||||
help_text = \
|
||||
_("30 characters or fewer. Letters, digits and @/./+/-/_ only."),
|
||||
error_messages = \
|
||||
{'invalid': _("This value may contain only letters, \
|
||||
numbers and @/./+/-/_ characters.")})
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(RoleChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["users"].widget = CheckboxSelectMultiple()
|
||||
self.fields["users"].help_text = None
|
||||
self.fields["roles"].widget = CheckboxSelectMultiple()
|
||||
self.fields["roles"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = Role
|
||||
fields = ("name", "users", "roles")
|
||||
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
class ViewChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ViewChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["acs_objects"].widget = CheckboxSelectMultiple()
|
||||
self.fields["acs_objects"].help_text = None
|
||||
self.fields["views"].widget = CheckboxSelectMultiple()
|
||||
self.fields["views"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = View
|
||||
fields = ("name", "acs_objects", "views")
|
||||
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
class AdminViewChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(AdminViewChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["acs_objects"].widget = CheckboxSelectMultiple()
|
||||
self.fields["acs_objects"].help_text = None
|
||||
self.fields["views"].widget = CheckboxSelectMultiple()
|
||||
self.fields["views"].help_text = None
|
||||
self.fields["users"].widget = CheckboxSelectMultiple()
|
||||
self.fields["users"].help_text = None
|
||||
self.fields["roles"].widget = CheckboxSelectMultiple()
|
||||
self.fields["roles"].help_text = None
|
||||
self.fields["actions"].widget = CheckboxSelectMultiple()
|
||||
self.fields["actions"].help_text = None
|
||||
self.fields["activities"].widget = CheckboxSelectMultiple()
|
||||
self.fields["activities"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = View
|
||||
fields = ("name", "acs_objects", "views", "users", "roles",
|
||||
"actions", "activities")
|
||||
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
super(AdminViewChangeForm, self).save(*args, **kwargs)
|
||||
self.instance.users = self.cleaned_data.get('users')
|
||||
if len(args) > 0 and isinstance(args[0], User):
|
||||
self.instance.users.add(args[0])
|
||||
self.instance.save()
|
||||
|
||||
|
||||
class ActivityChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ActivityChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["actions"].widget = CheckboxSelectMultiple()
|
||||
self.fields["actions"].help_text = None
|
||||
self.fields["activities"].widget = CheckboxSelectMultiple()
|
||||
self.fields["activities"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = Activity
|
||||
fields = ("name", "actions", "activities")
|
||||
|
||||
def validate_unique(self):
|
||||
exclude = self._get_validation_exclusions()
|
||||
exclude.remove('namespace') # allow checking against the missing attribute
|
||||
|
||||
try:
|
||||
self.instance.validate_unique(exclude=exclude)
|
||||
except forms.ValidationError, e:
|
||||
self._update_errors(e.message_dict)
|
||||
|
||||
|
||||
class AddSourceForm(forms.ModelForm):
|
||||
name = forms.RegexField(label=_("name"),
|
||||
max_length=30, regex=r'^[\w.@+-]+$',
|
||||
|
|
@ -257,15 +378,6 @@ class AddSourceForm(forms.ModelForm):
|
|||
model = Source
|
||||
fields = ("name",)
|
||||
|
||||
def clean_name(self):
|
||||
name = self.cleaned_data["name"]
|
||||
try:
|
||||
Source.objects.get(name=name)
|
||||
except Source.DoesNotExist:
|
||||
return name
|
||||
raise forms.ValidationError(\
|
||||
_("A source with that name already exists."))
|
||||
|
||||
def save(self, commit=True):
|
||||
source = super(AddSourceForm, self).save(commit=False)
|
||||
if commit:
|
||||
|
|
@ -327,69 +439,3 @@ _("Provide a user account if it is necessary to authenticate for binding."),
|
|||
if commit:
|
||||
source.save()
|
||||
return source
|
||||
|
||||
|
||||
class RoleChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(RoleChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["users"].widget = CheckboxSelectMultiple()
|
||||
self.fields["users"].help_text = None
|
||||
self.fields["roles"].widget = CheckboxSelectMultiple()
|
||||
self.fields["roles"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = Role
|
||||
|
||||
|
||||
class AcsObjectChangeForm(forms.ModelForm):
|
||||
|
||||
class Meta:
|
||||
model = AcsObject
|
||||
|
||||
|
||||
class ViewChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ViewChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["acs_objects"].widget = CheckboxSelectMultiple()
|
||||
self.fields["acs_objects"].help_text = None
|
||||
self.fields["views"].widget = CheckboxSelectMultiple()
|
||||
self.fields["views"].help_text = None
|
||||
self.fields["users"].widget = CheckboxSelectMultiple()
|
||||
self.fields["users"].help_text = None
|
||||
self.fields["roles"].widget = CheckboxSelectMultiple()
|
||||
self.fields["roles"].help_text = None
|
||||
self.fields["actions"].widget = CheckboxSelectMultiple()
|
||||
self.fields["actions"].help_text = None
|
||||
self.fields["activities"].widget = CheckboxSelectMultiple()
|
||||
self.fields["activities"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = View
|
||||
|
||||
def save(self, *args, **kwargs):
|
||||
super(ViewChangeForm, self).save(*args, **kwargs)
|
||||
self.instance.users = self.cleaned_data.get('users')
|
||||
if len(args) > 0 and isinstance(args[0], User):
|
||||
self.instance.users.add(args[0])
|
||||
self.instance.save()
|
||||
|
||||
|
||||
class ActionChangeForm(forms.ModelForm):
|
||||
|
||||
class Meta:
|
||||
model = Action
|
||||
|
||||
|
||||
class ActivityChangeForm(forms.ModelForm):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ActivityChangeForm, self).__init__(*args, **kwargs)
|
||||
self.fields["actions"].widget = CheckboxSelectMultiple()
|
||||
self.fields["actions"].help_text = None
|
||||
self.fields["activities"].widget = CheckboxSelectMultiple()
|
||||
self.fields["activities"].help_text = None
|
||||
|
||||
class Meta:
|
||||
model = Activity
|
||||
|
|
|
|||
|
|
@ -165,8 +165,8 @@ def index(request):
|
|||
'add_abac_ldap_source': "Add a LDAP source of attributes"}
|
||||
sources = Source.objects.all()
|
||||
if sources:
|
||||
list_power_services['Generic user management']['list_abac_sources'] = \
|
||||
'Modify a source of attributes'
|
||||
list_power_services['Generic user management']\
|
||||
['list_abac_sources'] = 'Modify a source of attributes'
|
||||
if policies or sources:
|
||||
list_user_mgmt_services['list_users_for_aliases'] = \
|
||||
'Manage user aliases or \
|
||||
|
|
@ -200,11 +200,14 @@ def index(request):
|
|||
tpl_parameters['exploitation_services'] = list_exploitation_services
|
||||
tpl_parameters['username'] = request.user.username
|
||||
if is_root_administrator(request.user):
|
||||
tpl_parameters['special_role'] = _('You are a root administrator of A.C.S.')
|
||||
tpl_parameters['special_role'] = \
|
||||
_('You are a root administrator of A.C.S.')
|
||||
elif is_user_administrator(request.user):
|
||||
tpl_parameters['special_role'] = _('You are a user administrator of A.C.S.')
|
||||
tpl_parameters['special_role'] = \
|
||||
_('You are a user administrator of A.C.S.')
|
||||
elif is_abac_administrator(request.user):
|
||||
tpl_parameters['special_role'] = _('You are an abac administrator of A.C.S.')
|
||||
tpl_parameters['special_role'] = \
|
||||
_('You are an abac administrator of A.C.S.')
|
||||
return render_to_response('index.html',
|
||||
tpl_parameters,
|
||||
context_instance=RequestContext(request))
|
||||
|
|
@ -341,7 +344,6 @@ def mod_policy(request):
|
|||
'''Not just a self admin'''
|
||||
|
||||
list_user_services = {}
|
||||
list_abac_services = {}
|
||||
list_object_services = {}
|
||||
list_action_services = {}
|
||||
list_services = {}
|
||||
|
|
@ -358,8 +360,8 @@ def mod_policy(request):
|
|||
list_user_services['all_users_self_admin'] = \
|
||||
"All users in this policy are set self administrators"
|
||||
list_user_services['add_role'] = "Add a role"
|
||||
list_other_services['graph?type_graph=whole_policy'] = \
|
||||
"Display the whole policy"
|
||||
# list_other_services['graph?type_graph=whole_policy'] = \
|
||||
# "Display the whole policy"
|
||||
|
||||
if at_least_one_role_to_admin(request.user, policy):
|
||||
list_user_services['list_roles'] = "Modify or delete a role"
|
||||
|
|
@ -369,7 +371,7 @@ def mod_policy(request):
|
|||
list_object_services['add_view'] = "Add a view"
|
||||
if at_least_one_object_to_admin(request.user, policy):
|
||||
list_object_services['list_objects'] = \
|
||||
"Rename or delete an object"
|
||||
"Modify or delete an object"
|
||||
if at_least_one_view_to_admin(request.user, policy):
|
||||
list_object_services['list_views'] = "Modify or delete a view"
|
||||
|
||||
|
|
@ -472,13 +474,17 @@ def mod_policy(request):
|
|||
else:
|
||||
l = []
|
||||
if is_policy_user_administrator(request.user, policy):
|
||||
l.append(_('User and Roles administrator of this policy.'))
|
||||
l.append(\
|
||||
_('User and Roles administrator of this policy.'))
|
||||
if is_policy_abac_administrator(request.user, policy):
|
||||
l.append(_('ABAC administrator of this policy.'))
|
||||
l.append(\
|
||||
_('ABAC administrator of this policy.'))
|
||||
if is_policy_object_creator(request.user, policy):
|
||||
l.append(_('Objects and Views administrator of this policy.'))
|
||||
l.append(\
|
||||
_('Objects and Views administrator of this policy.'))
|
||||
if is_policy_action_creator(request.user, policy):
|
||||
l.append(_('Actions and Activities administrator of this policy.'))
|
||||
l.append(\
|
||||
_('Actions and Activities administrator of this policy.'))
|
||||
if l:
|
||||
tpl_parameters['special_roles'] = l
|
||||
|
||||
|
|
|
|||
|
|
@ -48,6 +48,7 @@ class UserAlias(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('alias')
|
||||
verbose_name_plural = _('aliases')
|
||||
unique_together = ("alias", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
if self.user:
|
||||
|
|
@ -71,7 +72,7 @@ class Role(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('role')
|
||||
verbose_name_plural = _('roles')
|
||||
unique_together = (("name", "namespace"))
|
||||
unique_together = ("name", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
return '%s in %s' %(self.name, self.namespace.name)
|
||||
|
|
@ -86,7 +87,7 @@ class Action(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('action')
|
||||
verbose_name_plural = _('actions')
|
||||
unique_together = (("name", "namespace"))
|
||||
unique_together = ("name", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
return '%s in %s' %(self.name, self.namespace.name)
|
||||
|
|
@ -106,7 +107,7 @@ class Activity(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('activity')
|
||||
verbose_name_plural = _('activities')
|
||||
unique_together = (("name", "namespace"))
|
||||
unique_together = ("name", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
return '%s in %s' %(self.name, self.namespace.name)
|
||||
|
|
@ -131,7 +132,7 @@ class AcsObject(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('object')
|
||||
verbose_name_plural = _('objects')
|
||||
unique_together = (("name", "namespace"))
|
||||
unique_together = ("name", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
if self.regex:
|
||||
|
|
@ -166,7 +167,7 @@ class View(models.Model):
|
|||
class Meta:
|
||||
verbose_name = _('view')
|
||||
verbose_name_plural = _('views')
|
||||
unique_together = (("name", "namespace"))
|
||||
unique_together = ("name", "namespace")
|
||||
|
||||
def __unicode__(self):
|
||||
return '%s in %s' %(self.name, self.namespace.name)
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@
|
|||
<div>
|
||||
<form method="post" action="">
|
||||
<p>{% trans "Alias" %}: <input id="id_alias" type="text" name="alias" maxlength="30" /></p>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ policy.namespace.id}}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Add" %}"/>
|
||||
<input type="submit" name="cancel" value="{% trans 'Cancel' %}"/>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for p in list_any %}
|
||||
<li>
|
||||
<li class="bigbutton">
|
||||
<p>{{ p }}</p>
|
||||
<form method="post" action="/del_abac_permission">
|
||||
{% if back_url %}<input type="hidden" name="back_url" value="{{ back_url }}"/>{% endif %}
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for any, system in list_any %}
|
||||
<li><p>
|
||||
<a href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.name }}'>{{ any.name }}</a>
|
||||
<li class="bigbutton"><p>
|
||||
<a class="bigbutton" href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.name }}'>{{ any.name }}</a>
|
||||
<!--<form method="post" action="/mod_{{ type_entity }}">
|
||||
<input type="hidden" name="id" value="{{ any.id }}"/>
|
||||
<input type="hidden" name="from_list" value="from_list"/>
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
<div>
|
||||
<ul>
|
||||
{% for any, self_admin in aliases %}
|
||||
<li>
|
||||
<li class="bigbutton">
|
||||
<p>{% trans "Alias:" %} {{ any }}</p>
|
||||
<p>
|
||||
<form method="post" action="/del_any">
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for any, self_admin in list_any %}
|
||||
<li>
|
||||
<li class="bigbutton">
|
||||
<p>{% trans "Alias:" %} {{ any }}</p>
|
||||
<p>
|
||||
<form method="post" action="/del_any">
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for any in list_any %}
|
||||
<li><p>
|
||||
<a href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.id }}'>{{ any.name }}</a>
|
||||
<li class="bigbutton"><p>
|
||||
<a class="bigbutton" href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.id }}'>{{ any.name }}</a>
|
||||
<!--<form method="post" action="/mod_{{ type_entity }}">
|
||||
<input type="hidden" name="id" value="{{ any.id }}"/>
|
||||
<input type="hidden" name="from_list" value="from_list"/>
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for p in list_any %}
|
||||
<li>
|
||||
<li class="bigbutton">
|
||||
<p>{{ p }}</p>
|
||||
<form method="post" action="/del_permission">
|
||||
{% if back_url %}<input type="hidden" name="back_url" value="{{ back_url }}"/>{% endif %}
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@
|
|||
{% if list_any %}
|
||||
<ul>
|
||||
{% for any in list_any %}
|
||||
<li><p>
|
||||
<a href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.username }}'>{{ any.username }}</a>
|
||||
<li class="bigbutton"><p>
|
||||
<a class="bigbutton" href='/mod_{{ type_entity }}?{{ type_entity }}={{ any.username }}'>{{ any.username }}</a>
|
||||
<form method="post" action="/del_any">
|
||||
<input type="hidden" name="type_entity" value="{{ type_entity }}"/>
|
||||
<input type="hidden" name="id" value="{{ any.id }}"/>
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
<p>{% trans "Policies you can administrate:" %}
|
||||
<ul>
|
||||
{% for p in authz_policies %}
|
||||
<li>
|
||||
<li class="bigbutton">
|
||||
<p>{{ p }}</p>
|
||||
<form method="post" action="">
|
||||
<input id="id_policy" type="hidden" name="policy" value="{{ p.id }}"/>
|
||||
|
|
|
|||
|
|
@ -23,39 +23,39 @@
|
|||
<div>
|
||||
<form method="post" action="">
|
||||
|
||||
<p>
|
||||
<label>{% trans "Name" %} : {{ activity.name }}</label>
|
||||
</p>
|
||||
{% if form.non_field_errors %}
|
||||
<p>{{ form.non_field_errors }}</p>
|
||||
{% endif %}
|
||||
|
||||
<p>
|
||||
<label>{% trans "Namespace" %} : {{ activity.namespace }}</label>
|
||||
{{ form.name.errors }}
|
||||
{{ form.name.label_tag }}
|
||||
{{ form.name }}
|
||||
</p>
|
||||
|
||||
{% if actions_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Actions" %}</label>
|
||||
<ul>
|
||||
{% for action, checked in actions_to_display %}
|
||||
<li><label for="id_actions_{{ action.id }}"><input type="checkbox" name="actions" value="{{ action.id }}" id="id_actions_{{ action.id }}" {% if checked %}checked="checked"{% endif %}/>{{ action.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if actions_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Actions" %}</label>
|
||||
<ul>
|
||||
{% for action, checked in actions_to_display %}
|
||||
<li><label for="id_actions_{{ action.id }}"><input type="checkbox" name="actions" value="{{ action.id }}" id="id_actions_{{ action.id }}" {% if checked %}checked="checked"{% endif %}/>{{ action.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if activities_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Activities" %}</label>
|
||||
<ul>
|
||||
{% for a, checked in activities_to_display %}
|
||||
<li><label for="id_activities_{{ a.id }}"><input type="checkbox" name="activities" value="{{ a.id }}" id="id_activities_{{ a.id }}" {% if checked %}checked="checked"{% endif %}/>{{ a.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if activities_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Activities" %}</label>
|
||||
<ul>
|
||||
{% for a, checked in activities_to_display %}
|
||||
<li><label for="id_activities_{{ a.id }}"><input type="checkbox" name="activities" value="{{ a.id }}" id="id_activities_{{ a.id }}" {% if checked %}checked="checked"{% endif %}/>{{ a.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
<input id="id_id" type="hidden" name="activity" value="{{ activity.id }}"/>
|
||||
<input id="id_name" type="hidden" name="name" value="{{ activity.name }}"/>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ activity.namespace.id }}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Modify" %}"/>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -23,83 +23,83 @@
|
|||
<div>
|
||||
<form method="post" action="">
|
||||
|
||||
<p>
|
||||
<label>{% trans "Name" %} : {{ view.name }}</label>
|
||||
</p>
|
||||
{% if form.non_field_errors %}
|
||||
<p>{{ form.non_field_errors }}</p>
|
||||
{% endif %}
|
||||
|
||||
<p>
|
||||
<label>{% trans "Namespace" %} : {{ view.namespace }}</label>
|
||||
{{ form.name.errors }}
|
||||
{{ form.name.label_tag }}
|
||||
{{ form.name }}
|
||||
</p>
|
||||
|
||||
{% if objects_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Objects" %}</label>
|
||||
<ul>
|
||||
{% for object, checked in objects_to_display %}
|
||||
<li><label for="id_objects_{{ object.id }}"><input type="checkbox" name="acs_objects" value="{{ object.id }}" id="id_objects_{{ object.id }}" {% if checked %}checked="checked"{% endif %}/>{{ object.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if objects_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Objects" %}</label>
|
||||
<ul>
|
||||
{% for object, checked in objects_to_display %}
|
||||
<li><label for="id_objects_{{ object.id }}"><input type="checkbox" name="acs_objects" value="{{ object.id }}" id="id_objects_{{ object.id }}" {% if checked %}checked="checked"{% endif %}/>{{ object.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if views_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Views" %}</label>
|
||||
<ul>
|
||||
{% for view, checked in views_to_display %}
|
||||
<li><label for="id_views_{{ view.id }}"><input type="checkbox" name="views" value="{{ view.id }}" id="id_views_{{ view.id }}" {% if checked %}checked="checked"{% endif %}/>{{ view.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if views_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Views" %}</label>
|
||||
<ul>
|
||||
{% for view, checked in views_to_display %}
|
||||
<li><label for="id_views_{{ view.id }}"><input type="checkbox" name="views" value="{{ view.id }}" id="id_views_{{ view.id }}" {% if checked %}checked="checked"{% endif %}/>{{ view.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if users_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Users" %}</label>
|
||||
<ul>
|
||||
{% for user, checked in users_to_display %}
|
||||
<li><label for="id_users_{{ user.id }}"><input type="checkbox" name="users" value="{{ user.id }}" id="id_users_{{ user.id }}" {% if checked %}checked="checked"{% endif %}/>{{ user.alias }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if users_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Users" %}</label>
|
||||
<ul>
|
||||
{% for user, checked in users_to_display %}
|
||||
<li><label for="id_users_{{ user.id }}"><input type="checkbox" name="users" value="{{ user.id }}" id="id_users_{{ user.id }}" {% if checked %}checked="checked"{% endif %}/>{{ user.alias }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if roles_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Roles" %}</label>
|
||||
<ul>
|
||||
{% for role, checked in roles_to_display %}
|
||||
<li><label for="id_roles_{{ role.id }}"><input type="checkbox" name="roles" value="{{ role.id }}" id="id_roles_{{ role.id }}" {% if checked %}checked="checked"{% endif %}/>{{ role.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if roles_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Roles" %}</label>
|
||||
<ul>
|
||||
{% for role, checked in roles_to_display %}
|
||||
<li><label for="id_roles_{{ role.id }}"><input type="checkbox" name="roles" value="{{ role.id }}" id="id_roles_{{ role.id }}" {% if checked %}checked="checked"{% endif %}/>{{ role.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if actions_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Actions" %}</label>
|
||||
<ul>
|
||||
{% for action, checked in actions_to_display %}
|
||||
<li><label for="id_actions_{{ action.id }}"><input type="checkbox" name="actions" value="{{ action.id }}" id="id_actions_{{ action.id }}" {% if checked %}checked="checked"{% endif %}/>{{ action.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if actions_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Actions" %}</label>
|
||||
<ul>
|
||||
{% for action, checked in actions_to_display %}
|
||||
<li><label for="id_actions_{{ action.id }}"><input type="checkbox" name="actions" value="{{ action.id }}" id="id_actions_{{ action.id }}" {% if checked %}checked="checked"{% endif %}/>{{ action.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if activities_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Activities" %}</label>
|
||||
<ul>
|
||||
{% for activity, checked in activities_to_display %}
|
||||
<li><label for="id_activities_{{ activity.id }}"><input type="checkbox" name="activities" value="{{ activity.id }}" id="id_activities_{{ activity.id }}" {% if checked %}checked="checked"{% endif %}/>{{ activity.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if activities_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Activities" %}</label>
|
||||
<ul>
|
||||
{% for activity, checked in activities_to_display %}
|
||||
<li><label for="id_activities_{{ activity.id }}"><input type="checkbox" name="activities" value="{{ activity.id }}" id="id_activities_{{ activity.id }}" {% if checked %}checked="checked"{% endif %}/>{{ activity.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
<input id="id_id" type="hidden" name="view" value="{{ view.id }}"/>
|
||||
<input id="id_name" type="hidden" name="name" value="{{ view.name }}"/>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ view.namespace.id }}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Modify" %}"/>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -20,9 +20,8 @@
|
|||
|
||||
<div>
|
||||
<form method="post" action="">
|
||||
<p><label for="id_name">Name:</label> <input id="id_name" type="text" name="name" value="{{ item.name }}" maxlength="40" /></p>
|
||||
{{ form.as_p }}
|
||||
<input id="id_id" type="hidden" name="id" value="{{ item.id }}"/>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ item.namespace.id }}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Modify" %}"/>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -24,46 +24,46 @@
|
|||
<div>
|
||||
<form method="post" action="">
|
||||
|
||||
<p>
|
||||
<label>{% trans "Name" %} : {{ role.name }}</label>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<label>{% trans "Namespace" %} : {{ role.namespace.name }}</label>
|
||||
</p>
|
||||
|
||||
{% if users_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Users" %}</label>
|
||||
<ul>
|
||||
{% for user, checked in users_to_display %}
|
||||
<li><label for="id_users_{{ user.id }}">
|
||||
<input type="checkbox" name="users" value="{{ user.id }}" id="id_users_{{ user.id }}" {% if checked %}checked="checked"{% endif %}/>
|
||||
{% if user|klass == "UserAlias" %}
|
||||
{{ user.alias }}
|
||||
{% else %}
|
||||
{{ user.username }}
|
||||
{% if form.non_field_errors %}
|
||||
<p>{{ form.non_field_errors }}</p>
|
||||
{% endif %}
|
||||
</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if roles_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Roles" %}</label>
|
||||
<ul>
|
||||
{% for r, checked in roles_to_display %}
|
||||
<li><label for="id_roles_{{ r.id }}"><input type="checkbox" name="roles" value="{{ r.id }}" id="id_roles_{{ r.id }}" {% if checked %}checked="checked"{% endif %}/>{{ r.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
{{ form.name.errors }}
|
||||
{{ form.name.label_tag }}
|
||||
{{ form.name }}
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if users_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Users" %}</label>
|
||||
<ul>
|
||||
{% for user, checked in users_to_display %}
|
||||
<li><label for="id_users_{{ user.id }}">
|
||||
<input type="checkbox" name="users" value="{{ user.id }}" id="id_users_{{ user.id }}" {% if checked %}checked="checked"{% endif %}/>
|
||||
{% if user|klass == "UserAlias" %}
|
||||
{{ user.alias }}
|
||||
{% else %}
|
||||
{{ user.username }}
|
||||
{% endif %}
|
||||
</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if roles_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Roles" %}</label>
|
||||
<ul>
|
||||
{% for r, checked in roles_to_display %}
|
||||
<li><label for="id_roles_{{ r.id }}"><input type="checkbox" name="roles" value="{{ r.id }}" id="id_roles_{{ r.id }}" {% if checked %}checked="checked"{% endif %}/>{{ r.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
<input id="id_id" type="hidden" name="role" value="{{ role.id }}"/>
|
||||
<input id="id_name" type="hidden" name="name" value="{{ role.name }}"/>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ role.namespace.id }}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Modify" %}"/>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -23,39 +23,39 @@
|
|||
<div>
|
||||
<form method="post" action="">
|
||||
|
||||
<p>
|
||||
<label>{% trans "Name" %} : {{ view.name }}</label>
|
||||
</p>
|
||||
{% if form.non_field_errors %}
|
||||
<p>{{ form.non_field_errors }}</p>
|
||||
{% endif %}
|
||||
|
||||
<p>
|
||||
<label>{% trans "Namespace" %} : {{ view.namespace }}</label>
|
||||
{{ form.name.errors }}
|
||||
{{ form.name.label_tag }}
|
||||
{{ form.name }}
|
||||
</p>
|
||||
|
||||
{% if objects_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Objects" %}</label>
|
||||
<ul>
|
||||
{% for object, checked in objects_to_display %}
|
||||
<li><label for="id_objects_{{ object.id }}"><input type="checkbox" name="acs_objects" value="{{ object.id }}" id="id_objects_{{ object.id }}" {% if checked %}checked="checked"{% endif %}/>{{ object.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if objects_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Objects" %}</label>
|
||||
<ul>
|
||||
{% for object, checked in objects_to_display %}
|
||||
<li><label for="id_objects_{{ object.id }}"><input type="checkbox" name="acs_objects" value="{{ object.id }}" id="id_objects_{{ object.id }}" {% if checked %}checked="checked"{% endif %}/>{{ object.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
{% if views_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Views" %}</label>
|
||||
<ul>
|
||||
{% for v, checked in views_to_display %}
|
||||
<li><label for="id_views_{{ v.id }}"><input type="checkbox" name="views" value="{{ v.id }}" id="id_views_{{ v.id }}" {% if checked %}checked="checked"{% endif %}/>{{ v.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
{% if views_to_display %}
|
||||
<p>
|
||||
<label>{% trans "Views" %}</label>
|
||||
<ul>
|
||||
{% for v, checked in views_to_display %}
|
||||
<li><label for="id_views_{{ v.id }}"><input type="checkbox" name="views" value="{{ v.id }}" id="id_views_{{ v.id }}" {% if checked %}checked="checked"{% endif %}/>{{ v.name }}</label></li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
</p>
|
||||
{% endif %}
|
||||
|
||||
<input id="id_id" type="hidden" name="view" value="{{ view.id }}"/>
|
||||
<input id="id_name" type="hidden" name="name" value="{{ view.name }}"/>
|
||||
<input id="id_namespace" type="hidden" name="namespace" value="{{ view.namespace.id }}"/>
|
||||
<input type="submit" name="{{ submit_name }}" value="{% trans "Modify" %}"/>
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
|||
153
acs/views.py
153
acs/views.py
|
|
@ -31,8 +31,8 @@ from django.http import HttpResponseRedirect
|
|||
from django.conf import settings
|
||||
|
||||
from forms import AddRoleForm, AddObjectForm, AddViewForm, AddActionForm, \
|
||||
AddActivityForm, RoleChangeForm, AcsObjectChangeForm, \
|
||||
ViewChangeForm, ActionChangeForm, ActivityChangeForm, \
|
||||
AddActivityForm, RoleChangeForm, \
|
||||
ViewChangeForm, ActivityChangeForm, \
|
||||
AddSourceForm, AddLdapSourceForm
|
||||
|
||||
from core import is_policy_action_creator, is_policy_object_creator, \
|
||||
|
|
@ -182,7 +182,6 @@ def mod_source(request):
|
|||
_('Unknown source'))
|
||||
return HttpResponseRedirect('/list_abac_sources')
|
||||
|
||||
name = source.name
|
||||
is_ldap = source.get_source_instance()
|
||||
if is_ldap:
|
||||
form = AddLdapSourceForm(request.POST, instance=is_ldap)
|
||||
|
|
@ -233,20 +232,15 @@ def add_role(request):
|
|||
_('Operation canceled'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
form = AddRoleForm(request.POST)
|
||||
form.instance.namespace = policy.namespace
|
||||
if form.is_valid():
|
||||
what_target = form.save()
|
||||
logger.debug('add_role: Role %s created' %what_target)
|
||||
what_target.namespace = policy.namespace
|
||||
what_target.save()
|
||||
logger.debug('add_role: Namespace changed: %s' %what_target)
|
||||
policy.admin_view.roles.add(what_target)
|
||||
logger.debug('add_role: role added to %s' %policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Role %s added') %what_target)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. Role not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddRoleForm()
|
||||
title = _('Add a new role in %s' %policy)
|
||||
|
|
@ -264,6 +258,7 @@ def add_object(request):
|
|||
_('Operation canceled'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
form = AddObjectForm(request.POST)
|
||||
form.instance.namespace = policy.namespace
|
||||
if form.is_valid():
|
||||
'''if regex, test that it is valid'''
|
||||
if form.cleaned_data['regex']:
|
||||
|
|
@ -276,19 +271,11 @@ def add_object(request):
|
|||
str(policy.id))
|
||||
what_target = form.save()
|
||||
logger.debug('add_object: Object %s created' %what_target)
|
||||
what_target.namespace = policy.namespace
|
||||
if form.cleaned_data['regex']:
|
||||
what_target.regex = form.cleaned_data['regex']
|
||||
what_target.save()
|
||||
logger.debug('add_object: Namespace changed: %s' %what_target)
|
||||
policy.admin_view.acs_objects.add(what_target)
|
||||
logger.debug('add_object: Object added to %s' %policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Object %s added') %what_target)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. Object not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddObjectForm()
|
||||
title = _('Add a new object in %s' %policy)
|
||||
|
|
@ -307,20 +294,15 @@ def add_view(request):
|
|||
_('Operation canceled'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
form = AddViewForm(request.POST)
|
||||
form.instance.namespace = policy.namespace
|
||||
if form.is_valid():
|
||||
what_target = form.save()
|
||||
logger.debug('add_view: View %s created' %what_target)
|
||||
what_target.namespace = policy.namespace
|
||||
what_target.save()
|
||||
logger.debug('add_view: Namespace changed: %s' %what_target)
|
||||
policy.admin_view.views.add(what_target)
|
||||
logger.debug('add_view: View added to %s' %policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('View %s added') %what_target)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. View not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddViewForm()
|
||||
title = _('Add a new view in %s' %policy)
|
||||
|
|
@ -338,20 +320,15 @@ def add_action(request):
|
|||
_('Operation canceled'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
form = AddActionForm(request.POST)
|
||||
form.instance.namespace = policy.namespace
|
||||
if form.is_valid():
|
||||
what_target = form.save()
|
||||
logger.debug('add_action: Action %s created' %what_target)
|
||||
what_target.namespace = policy.namespace
|
||||
what_target.save()
|
||||
logger.debug('add_action: Namespace changed: %s' %what_target)
|
||||
policy.admin_view.actions.add(what_target)
|
||||
logger.debug('add_action: Action added to %s' %policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Action %s added') %what_target)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. Action not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddActionForm()
|
||||
title = _('Add a new action in %s' %policy)
|
||||
|
|
@ -369,21 +346,16 @@ def add_activity(request):
|
|||
_('Operation canceled'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
form = AddActivityForm(request.POST)
|
||||
form.instance.namespace = policy.namespace
|
||||
if form.is_valid():
|
||||
what_target = form.save()
|
||||
logger.debug('add_activity: Activity %s created' %what_target)
|
||||
what_target.namespace = policy.namespace
|
||||
what_target.save()
|
||||
logger.debug('add_activity: Namespace changed: %s' %what_target)
|
||||
policy.admin_view.activities.add(what_target)
|
||||
logger.debug('add_activity: Activity added to %s' \
|
||||
%policy.admin_view)
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Activity %s added') %what_target)
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form. Activity not created.'))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
return HttpResponseRedirect('mod_policy?id=' + str(policy.id))
|
||||
else:
|
||||
form = AddActivityForm()
|
||||
title = _('Add a new activity in %s' %policy)
|
||||
|
|
@ -391,9 +363,12 @@ def add_activity(request):
|
|||
|
||||
|
||||
def return_add_any(request, form, title, template_name='add_any.html'):
|
||||
return render_to_response(template_name,
|
||||
{'form': form,
|
||||
'title': title, },
|
||||
policy = get_policy_from_session(request)
|
||||
tpl_p = {'form': form,
|
||||
'title': title, }
|
||||
if policy:
|
||||
tpl_p['policy'] = policy
|
||||
return render_to_response(template_name, tpl_p,
|
||||
context_instance=RequestContext(request))
|
||||
|
||||
|
||||
|
|
@ -631,11 +606,6 @@ def mod_role(request):
|
|||
Role.objects.filter(namespace=policy.namespace)
|
||||
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['namespace'] != policy.namespace:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('You can not change namespace to %s')
|
||||
%form.cleaned_data['namespace'])
|
||||
return HttpResponseRedirect('/list_roles')
|
||||
'''Processing users modifications'''
|
||||
users_registered = []
|
||||
users_new = []
|
||||
|
|
@ -685,11 +655,6 @@ def mod_role(request):
|
|||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Role %s modified') %role)
|
||||
else:
|
||||
logger.error('mod_role: form error in %s' %form)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form for %s') %role)
|
||||
return HttpResponseRedirect('/list_roles')
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -768,7 +733,6 @@ def display_for_mod_role(request, role=None):
|
|||
@check_policy_in_session
|
||||
@prevent_access_to_normal_users
|
||||
def mod_object(request):
|
||||
policy = get_policy_from_session(request)
|
||||
form = None
|
||||
acs_object = None
|
||||
if request.method == 'GET':
|
||||
|
|
@ -787,7 +751,7 @@ def mod_object(request):
|
|||
if not check_object_or_view(request, acs_object):
|
||||
return HttpResponseRedirect('/list_objects')
|
||||
|
||||
form = AcsObjectChangeForm(instance=acs_object)
|
||||
form = AddObjectForm(instance=acs_object)
|
||||
|
||||
elif request.method == 'POST':
|
||||
if 'cancel' in request.POST:
|
||||
|
|
@ -809,32 +773,13 @@ def mod_object(request):
|
|||
if not check_object_or_view(request, acs_object):
|
||||
return HttpResponseRedirect('/list_objects')
|
||||
|
||||
name = acs_object.name
|
||||
form = AcsObjectChangeForm(request.POST, instance=acs_object)
|
||||
form = AddObjectForm(request.POST, instance=acs_object)
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['name'] == name:
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Same name. Object not modified'))
|
||||
elif form.cleaned_data['namespace'] != policy.namespace:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('You can not change namespace to %s')
|
||||
%form.cleaned_data['namespace'])
|
||||
return HttpResponseRedirect('/list_objects')
|
||||
else:
|
||||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Object %s modified') %form.cleaned_data['name'])
|
||||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Object %s modified') %form.cleaned_data['name'])
|
||||
else:
|
||||
logger.error('mod_object: Error validating form %s' %form)
|
||||
if form.errors and form.errors.values() \
|
||||
and form.errors.values()[0]:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
form.errors.values()[0])
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Object not modified due to:'))
|
||||
acs_object = AcsObject.objects.get(id=request.POST['id'])
|
||||
form = AcsObjectChangeForm(instance=acs_object)
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -903,11 +848,6 @@ def mod_view(request):
|
|||
View.objects.filter(namespace=policy.namespace)
|
||||
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['namespace'] != policy.namespace:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('You can not change namespace to %s')
|
||||
%form.cleaned_data['namespace'])
|
||||
return HttpResponseRedirect('/list_views')
|
||||
'''Processing objects modifications'''
|
||||
objects_registered = []
|
||||
objects_new = []
|
||||
|
|
@ -957,11 +897,6 @@ def mod_view(request):
|
|||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('View %s modified') %view)
|
||||
else:
|
||||
logger.error('mod_view: form error in %s' %form)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form for %s') %view)
|
||||
return HttpResponseRedirect('/list_views')
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -1040,7 +975,6 @@ def display_for_mod_view(request, view):
|
|||
@check_policy_in_session
|
||||
@prevent_access_to_normal_users
|
||||
def mod_action(request):
|
||||
policy = get_policy_from_session(request)
|
||||
form = None
|
||||
action = None
|
||||
if request.method == 'GET':
|
||||
|
|
@ -1059,7 +993,7 @@ def mod_action(request):
|
|||
if not check_action_or_activity(request, action):
|
||||
return HttpResponseRedirect('/list_actions')
|
||||
|
||||
form = ActionChangeForm(instance=action)
|
||||
form = AddActionForm(instance=action)
|
||||
|
||||
elif request.method == 'POST':
|
||||
if 'cancel' in request.POST:
|
||||
|
|
@ -1081,32 +1015,13 @@ def mod_action(request):
|
|||
if not check_action_or_activity(request, action):
|
||||
return HttpResponseRedirect('/list_actions')
|
||||
|
||||
name = action.name
|
||||
form = AcsObjectChangeForm(request.POST, instance=action)
|
||||
form = AddActionForm(request.POST, instance=action)
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['name'] == name:
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Same name. Object not modified'))
|
||||
elif form.cleaned_data['namespace'] != policy.namespace:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('You can not change namespace to %s')
|
||||
%form.cleaned_data['namespace'])
|
||||
return HttpResponseRedirect('/list_actions')
|
||||
else:
|
||||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Object %s modified') %form.cleaned_data['name'])
|
||||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Object %s modified') %form.cleaned_data['name'])
|
||||
else:
|
||||
logger.error('mod_action: Error validating form %s' %form)
|
||||
if form.errors and form.errors.values() \
|
||||
and form.errors.values()[0]:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
form.errors.values()[0])
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Object not modified due to:'))
|
||||
action = Action.objects.get(id=request.POST['id'])
|
||||
form = ActionChangeForm(instance=action)
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -1175,11 +1090,6 @@ def mod_activity(request):
|
|||
Activity.objects.filter(namespace=policy.namespace)
|
||||
|
||||
if form.is_valid():
|
||||
if form.cleaned_data['namespace'] != policy.namespace:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('You can not change namespace to %s')
|
||||
%form.cleaned_data['namespace'])
|
||||
return HttpResponseRedirect('/list_activities')
|
||||
'''Processing actions modifications'''
|
||||
actions_registered = []
|
||||
actions_new = []
|
||||
|
|
@ -1231,11 +1141,6 @@ def mod_activity(request):
|
|||
form.save()
|
||||
messages.add_message(request, messages.INFO,
|
||||
_('Activity %s modified') %activity)
|
||||
else:
|
||||
logger.error('mod_activity: form error in %s' %form)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Invalid form for %s') %activity)
|
||||
return HttpResponseRedirect('/list_activities')
|
||||
|
||||
else:
|
||||
messages.add_message(request, messages.ERROR,
|
||||
|
|
@ -1370,7 +1275,7 @@ def add_permission(request):
|
|||
except Exception, err:
|
||||
logger.error('add_permission: \
|
||||
Fail to find an object due to %s' % err)
|
||||
messages.add_message(request, messages.ERROR,
|
||||
messages.add_message(request, messages.ERROR,
|
||||
_('Fail to find an object due to %s') % err)
|
||||
return return_add_permission_form(request)
|
||||
if not check_user_or_role(request, who) \
|
||||
|
|
|
|||
Reference in New Issue