Gitiles
Code Review Sign In
gerrit.opencord.org / xos / c2835a965f07502b33513822ce0b945ab9e65a4a / . / planetstack / core / admin.py
blob: d54387f37eb29c1b96cf7f2d8d90250835816f53 [file] [log] [blame]
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]1from core.models import Site
2from core.models import *
3from openstack.manager import OpenStackManager
Tony Macke59a7c82013-04-27 11:08:10 -0400[diff] [blame]4
Tony Mack7130ac32013-03-22 21:58:00 -0400[diff] [blame]5from django.contrib import admin
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]6from django.contrib.auth.models import Group
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]7from django import forms
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]8from django.utils.safestring import mark_safe
Tony Mack7130ac32013-03-22 21:58:00 -0400[diff] [blame]9from django.contrib.auth.admin import UserAdmin
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]10from django.contrib.admin.widgets import FilteredSelectMultiple
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]11from django.contrib.auth.forms import ReadOnlyPasswordHashField
Scott Bakeracd45142013-05-19 16:19:16 -0700[diff] [blame]12from django.contrib.auth.signals import user_logged_in
13from django.utils import timezone
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]14import django_evolution
Tony Mack7130ac32013-03-22 21:58:00 -0400[diff] [blame]15
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]16
17class ReadonlyTabularInline(admin.TabularInline):
18 can_delete = False
19 extra = 0
20 editable_fields = []
21
22 def get_readonly_fields(self, request, obj=None):
23 fields = []
24 for field in self.model._meta.get_all_field_names():
25 if (not field == 'id'):
26 if (field not in self.editable_fields):
27 fields.append(field)
28 return fields
29
30 def has_add_permission(self, request):
31 return False
32
33class SliverInline(admin.TabularInline):
34 model = Sliver
Tony Mack3777b012013-05-07 21:38:06 -0400[diff] [blame]35 fields = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]36 extra = 0
Tony Mack3777b012013-05-07 21:38:06 -0400[diff] [blame]37 #readonly_fields = ['ip', 'instance_name', 'image']
38 readonly_fields = ['ip', 'instance_name']
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]39
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]40
41class SiteInline(admin.TabularInline):
42 model = Site
43 extra = 0
44
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]45class UserInline(admin.TabularInline):
46 model = User
Siobhan Tully47ae1b52013-05-10 15:53:14 -0400[diff] [blame]47 fields = ['email', 'firstname', 'lastname']
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]48 extra = 0
49
Tony Mack00d361f2013-04-28 10:28:42 -0400[diff] [blame]50class SliceInline(admin.TabularInline):
51 model = Slice
52 extra = 0
53
Tony Mack00d361f2013-04-28 10:28:42 -0400[diff] [blame]54class RoleInline(admin.TabularInline):
55 model = Role
56 extra = 0
57
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]58class NodeInline(admin.TabularInline):
59 model = Node
60 extra = 0
61
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]62class SitePrivilegeInline(admin.TabularInline):
63 model = SitePrivilege
64 extra = 0
65
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]66 def formfield_for_foreignkey(self, db_field, request, **kwargs):
67 if db_field.name == 'site':
68 if not request.user.is_admin:
69 # only show sites where user is an admin or pi
70 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
71 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
72 login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
73 sites = Site.objects.filter(login_base__in=login_bases)
74 kwargs['queryset'] = sites
75
76 if db_field.name == 'user':
77 if not request.user.is_admin:
78 # only show users from sites where caller has admin or pi role
79 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
80 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
81 sites = [site_privilege.site for site_privilege in site_privileges]
82 site_privileges = SitePrivilege.objects.filter(site__in=sites)
83 emails = [site_privilege.user.email for site_privilege in site_privileges]
84 users = User.objects.filter(email__in=emails)
85 kwargs['queryset'] = users
86 return super(SitePrivilegeInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
87
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]88class SliceMembershipInline(admin.TabularInline):
89 model = SliceMembership
90 extra = 0
91
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]92 def formfield_for_foreignkey(self, db_field, request, **kwargs):
93 if db_field.name == 'slice':
94 if not request.user.is_admin:
95 # only show slices at sites where caller has admin or pi role
96 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
97 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
98 sites = [site_privilege.site for site_privilege in site_privileges]
99 slices = Slice.objects.filter(site__in=sites)
100 kwargs['queryset'] = slices
101 if db_field.name == 'user':
102 if not request.user.is_admin:
103 # only show users from sites where caller has admin or pi role
104 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
105 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
106 sites = [site_privilege.site for site_privilege in site_privileges]
107 site_privileges = SitePrivilege.objects.filter(site__in=sites)
108 emails = [site_privilege.user.email for site_privilege in site_privileges]
109 users = User.objects.filter(email__in=emails)
110 kwargs['queryset'] = list(users)
111
112 return super(SliceMembershipInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
113
Scott Baker307e06f2013-05-21 17:25:56 -0700[diff] [blame]114class SliceTagInline(admin.TabularInline):
115 model = SliceTag
116 extra = 0
117
Tony Mack5e71a662013-05-03 23:30:41 -0400[diff] [blame]118class PlainTextWidget(forms.HiddenInput):
119 input_type = 'hidden'
120
121 def render(self, name, value, attrs=None):
122 if value is None:
123 value = ''
Tony Mack1d6b85f2013-05-07 18:49:14 -0400[diff] [blame]124 return mark_safe(str(value) + super(PlainTextWidget, self).render(name, value, attrs))
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]125
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]126class PlanetStackBaseAdmin(admin.ModelAdmin):
127 save_on_top = False
128
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]129class OSModelAdmin(PlanetStackBaseAdmin):
Tony Mackd685bfa2013-05-02 10:09:51 -0400[diff] [blame]130 """Attach client connection to openstack on delete() and save()"""
Tony Mack79748612013-05-01 14:52:03 -0400[diff] [blame]131
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]132 def save_model(self, request, obj, form, change):
Tony Mack38e247c2013-05-05 11:48:14 -0400[diff] [blame]133 if request.user.site:
134 auth = request.session.get('auth', {})
135 auth['tenant'] = request.user.site.login_base
136 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]137 obj.save()
138
139 def delete_model(self, request, obj):
Tony Mack38e247c2013-05-05 11:48:14 -0400[diff] [blame]140 if request.user.site:
141 auth = request.session.get('auth', {})
142 auth['tenant'] = request.user.site.login_base
143 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mackd685bfa2013-05-02 10:09:51 -0400[diff] [blame]144 obj.delete()
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]145
Tony Mackd685bfa2013-05-02 10:09:51 -0400[diff] [blame]146class RoleAdmin(OSModelAdmin):
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]147 fieldsets = [
148 ('Role', {'fields': ['role_type']})
149 ]
150 list_display = ('role_type',)
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]151
Tony Mack02755d42013-05-02 00:00:10 -0400[diff] [blame]152
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]153class DeploymentAdminForm(forms.ModelForm):
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]154 sites = forms.ModelMultipleChoiceField(
155 queryset=Site.objects.all(),
156 required=False,
157 widget=FilteredSelectMultiple(
158 verbose_name=('Sites'), is_stacked=False
159 )
160 )
161 class Meta:
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]162 model = Deployment
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]163
164 def __init__(self, *args, **kwargs):
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]165 super(DeploymentAdminForm, self).__init__(*args, **kwargs)
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]166
167 if self.instance and self.instance.pk:
168 self.fields['sites'].initial = self.instance.sites.all()
169
170 def save(self, commit=True):
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]171 deploymentNetwork = super(DeploymentAdminForm, self).save(commit=False)
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]172 if commit:
173 deploymentNetwork.save()
174
175 if deploymentNetwork.pk:
176 deploymentNetwork.sites = self.cleaned_data['sites']
177 self.save_m2m()
178
179 return deploymentNetwork
180
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]181class DeploymentAdmin(PlanetStackBaseAdmin):
182 form = DeploymentAdminForm
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]183 inlines = [NodeInline,SliverInline]
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]184
Tony Mack5cd13202013-05-01 21:48:38 -0400[diff] [blame]185 def get_formsets(self, request, obj=None):
186 for inline in self.get_inline_instances(request, obj):
187 # hide MyInline in the add view
188 if obj is None:
189 continue
190 # give inline object access to driver and caller
Tony Macked163d72013-05-02 20:05:42 -0400[diff] [blame]191 auth = request.session.get('auth', {})
Siobhan Tully73291342013-05-10 10:50:08 -0400[diff] [blame]192 if request.user.site:
193 auth['tenant'] = request.user.site.login_base
Tony Macked163d72013-05-02 20:05:42 -0400[diff] [blame]194 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack5cd13202013-05-01 21:48:38 -0400[diff] [blame]195 yield inline.get_formset(request, obj)
196
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]197class SiteAdmin(OSModelAdmin):
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]198 fieldsets = [
199 (None, {'fields': ['name', 'site_url', 'enabled', 'is_public', 'login_base']}),
200 ('Location', {'fields': ['latitude', 'longitude']}),
201 ('Deployment Networks', {'fields': ['deployments']})
202 ]
203 list_display = ('name', 'login_base','site_url', 'enabled')
204 filter_horizontal = ('deployments',)
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]205 inlines = [NodeInline, UserInline, SitePrivilegeInline]
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]206 search_fields = ['name']
207
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]208 def queryset(self, request):
209 # admins can see all keys. Users can only see sites they belong to.
210 qs = super(SiteAdmin, self).queryset(request)
211 if not request.user.is_admin:
212 valid_sites = [request.user.site.login_base]
213 roles = request.user.get_roles()
214 for tenant_list in roles.values():
215 valid_sites.extend(tenant_list)
216 qs = qs.filter(login_base__in=valid_sites)
217 return qs
218
Tony Mack5cd13202013-05-01 21:48:38 -0400[diff] [blame]219 def get_formsets(self, request, obj=None):
220 for inline in self.get_inline_instances(request, obj):
221 # hide MyInline in the add view
222 if obj is None:
223 continue
224 # give inline object access to driver and caller
Tony Mack60722062013-05-02 10:57:04 -0400[diff] [blame]225 auth = request.session.get('auth', {})
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]226 #auth['tenant'] = request.user.site.login_base
Tony Mack60722062013-05-02 10:57:04 -0400[diff] [blame]227 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack5cd13202013-05-01 21:48:38 -0400[diff] [blame]228 yield inline.get_formset(request, obj)
229
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]230class SitePrivilegeAdmin(PlanetStackBaseAdmin):
Tony Mack00d361f2013-04-28 10:28:42 -0400[diff] [blame]231 fieldsets = [
232 (None, {'fields': ['user', 'site', 'role']})
233 ]
234 list_display = ('user', 'site', 'role')
235
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]236 def formfield_for_foreignkey(self, db_field, request, **kwargs):
237 if db_field.name == 'site':
238 if not request.user.is_admin:
239 # only show sites where user is an admin or pi
240 sites = set()
241 for site_privilege in SitePrivilege.objects.filer(user=request.user):
242 if site_privilege.role.role_type in ['admin', 'pi']:
243 sites.add(site_privilege.site)
244 kwargs['queryset'] = Site.objects.filter(site__in=list(sites))
245
246 if db_field.name == 'user':
247 if not request.user.is_admin:
248 # only show users from sites where caller has admin or pi role
249 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
250 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
251 sites = [site_privilege.site for site_privilege in site_privileges]
252 site_privileges = SitePrivilege.objects.filter(site__in=sites)
253 emails = [site_privilege.user.email for site_privilege in site_privileges]
254 users = User.objects.filter(email__in=emails)
255 kwargs['queryset'] = users
256
257 return super(SitePrivilegeAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
258
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]259 def queryset(self, request):
260 # admins can see all privileges. Users can only see privileges at sites
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]261 # where they have the admin role or pi role.
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]262 qs = super(SitePrivilegeAdmin, self).queryset(request)
263 if not request.user.is_admin:
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]264 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
265 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
266 login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
267 sites = Site.objects.filter(login_base__in=login_bases)
268 qs = qs.filter(site__in=sites)
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]269 return qs
270
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]271 def save_model(self, request, obj, form, change):
272 # update openstack connection to use this site/tenant
Tony Mack93048c22013-05-02 11:20:26 -0400[diff] [blame]273 auth = request.session.get('auth', {})
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]274 #auth['tenant'] = obj.site.login_base
Tony Mack93048c22013-05-02 11:20:26 -0400[diff] [blame]275 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]276 obj.save()
277
278 def delete_model(self, request, obj):
279 # update openstack connection to use this site/tenant
Tony Mack93048c22013-05-02 11:20:26 -0400[diff] [blame]280 auth = request.session.get('auth', {})
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]281 #auth['tenant'] = obj.site.login_base
Tony Mack93048c22013-05-02 11:20:26 -0400[diff] [blame]282 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]283 obj.delete()
284
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]285class KeyAdmin(OSModelAdmin):
Tony Mack759b57a2013-04-14 21:03:31 -0400[diff] [blame]286 fieldsets = [
Siobhan Tully73291342013-05-10 10:50:08 -0400[diff] [blame]287 ('Key', {'fields': ['key', 'type', 'blacklisted']})
Tony Mack759b57a2013-04-14 21:03:31 -0400[diff] [blame]288 ]
Siobhan Tully73291342013-05-10 10:50:08 -0400[diff] [blame]289 list_display = ['key', 'type', 'blacklisted']
Tony Mack8484bdb2013-04-14 20:26:03 -0400[diff] [blame]290
Siobhan Tully73291342013-05-10 10:50:08 -0400[diff] [blame]291 #def queryset(self, request):
Tony Mackc14de8f2013-05-09 21:44:17 -0400[diff] [blame]292 # admins can see all keys. Users can only see their own key.
Siobhan Tully73291342013-05-10 10:50:08 -0400[diff] [blame]293 #if request.user.is_admin:
294 # qs = super(KeyAdmin, self).queryset(request)
295 #else:
296 # qs = Key.objects.filter(user=request.user)
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]297 #return qs
298
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]299class SliceAdmin(OSModelAdmin):
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]300 fields = ['name', 'site', 'serviceClass', 'description', 'slice_url']
301 list_display = ('name', 'site','serviceClass', 'slice_url')
Scott Baker307e06f2013-05-21 17:25:56 -0700[diff] [blame]302 inlines = [SliverInline, SliceMembershipInline, SliceTagInline]
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]303
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]304 def formfield_for_foreignkey(self, db_field, request, **kwargs):
305 if db_field.name == 'site':
306 if not request.user.is_admin:
307 # only show sites where user is a pi or admin
308 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
309 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
310 login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
311 sites = Site.objects.filter(login_base__in=login_bases)
312 kwargs['queryset'] = sites
313
314 return super(SliceAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
315
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]316 def queryset(self, request):
317 # admins can see all keys. Users can only see slices they belong to.
318 qs = super(SliceAdmin, self).queryset(request)
319 if not request.user.is_admin:
320 valid_slices = []
321 roles = request.user.get_roles()
322 for tenant_list in roles.values():
323 valid_slices.extend(tenant_list)
324 qs = qs.filter(name__in=valid_slices)
325 return qs
326
Tony Mack79748612013-05-01 14:52:03 -0400[diff] [blame]327 def get_formsets(self, request, obj=None):
328 for inline in self.get_inline_instances(request, obj):
329 # hide MyInline in the add view
330 if obj is None:
331 continue
332 # give inline object access to driver and caller
Tony Mack93048c22013-05-02 11:20:26 -0400[diff] [blame]333 auth = request.session.get('auth', {})
334 auth['tenant'] = obj.name # meed to connect using slice's tenant
335 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack79748612013-05-01 14:52:03 -0400[diff] [blame]336 yield inline.get_formset(request, obj)
337
Tony Mackfdd4d802013-04-27 13:02:33 -0400[diff] [blame]338 def get_queryset(self, request):
339 qs = super(SliceAdmin, self).get_queryset(request)
340 if request.user.is_superuser:
341 return qs
342 # users can only see slices at their site
343 return qs.filter(site=request.user.site)
344
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]345class SliceMembershipAdmin(PlanetStackBaseAdmin):
Tony Mack00d361f2013-04-28 10:28:42 -0400[diff] [blame]346 fieldsets = [
347 (None, {'fields': ['user', 'slice', 'role']})
348 ]
349 list_display = ('user', 'slice', 'role')
Tony Mack00d361f2013-04-28 10:28:42 -0400[diff] [blame]350
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]351 def formfield_for_foreignkey(self, db_field, request, **kwargs):
352 if db_field.name == 'slice':
353 if not request.user.is_admin:
354 # only show slices at sites where caller has admin or pi role
355 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
356 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
357 sites = [site_privilege.site for site_privilege in site_privileges]
358 slices = Slice.objects.filter(site__in=sites)
359 kwargs['queryset'] = slices
360
361 if db_field.name == 'user':
362 if not request.user.is_admin:
363 # only show users from sites where caller has admin or pi role
364 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
365 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
366 sites = [site_privilege.site for site_privilege in site_privileges]
367 site_privileges = SitePrivilege.objects.filter(site__in=sites)
368 emails = [site_privilege.user.email for site_privilege in site_privileges]
369 users = User.objects.filter(email__in=emails)
370 kwargs['queryset'] = users
371
372 return super(SliceMembershipAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
373
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]374 def queryset(self, request):
375 # admins can see all memberships. Users can only see memberships of
376 # slices where they have the admin role.
377 qs = super(SliceMembershipAdmin, self).queryset(request)
378 if not request.user.is_admin:
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]379 roles = Role.objects.filter(role_type__in=['admin', 'pi'])
380 site_privileges = SitePrivilege.objects.filter(user=request.user).filter(role__in=roles)
381 login_bases = [site_privilege.site.login_base for site_privilege in site_privileges]
382 sites = Site.objects.filter(login_base__in=login_bases)
383 slices = Slice.objects.filter(site__in=sites)
384 qs = qs.filter(slice__in=slices)
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]385 return qs
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]386
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]387 def save_model(self, request, obj, form, change):
Tony Mack951dab42013-05-02 19:51:45 -0400[diff] [blame]388 # update openstack connection to use this site/tenant
389 auth = request.session.get('auth', {})
390 auth['tenant'] = obj.slice.name
391 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]392 obj.save()
393
394 def delete_model(self, request, obj):
Tony Mack951dab42013-05-02 19:51:45 -0400[diff] [blame]395 # update openstack connection to use this site/tenant
396 auth = request.session.get('auth', {})
397 auth['tenant'] = obj.slice.name
398 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]399 obj.delete()
400
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]401
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]402class ImageAdmin(admin.ModelAdmin):
403 fields = ['image_id', 'name', 'disk_format', 'container_format']
404
405class NodeAdmin(admin.ModelAdmin):
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]406 list_display = ('name', 'site', 'deployment')
407 list_filter = ('deployment',)
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]408
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]409
410class SliverForm(forms.ModelForm):
411 class Meta:
Tony Mack1d6b85f2013-05-07 18:49:14 -0400[diff] [blame]412 model = Sliver
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]413 ip = forms.CharField(widget=PlainTextWidget)
Tony Mack18261812013-05-02 16:39:20 -0400[diff] [blame]414 instance_name = forms.CharField(widget=PlainTextWidget)
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]415 widgets = {
416 'ip': PlainTextWidget(),
Tony Mack18261812013-05-02 16:39:20 -0400[diff] [blame]417 'instance_name': PlainTextWidget(),
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]418 }
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]419
Tony Mack9bcbe4f2013-04-29 08:13:27 -0400[diff] [blame]420class SliverAdmin(PlanetStackBaseAdmin):
Tony Mackd90cdbf2013-04-16 22:48:40 -0400[diff] [blame]421 form = SliverForm
Tony Mackcdec0902013-04-15 00:38:49 -0400[diff] [blame]422 fieldsets = [
Tony Mack10082022013-05-06 17:15:00 -0400[diff] [blame]423 ('Sliver', {'fields': ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']})
Tony Mackcdec0902013-04-15 00:38:49 -0400[diff] [blame]424 ]
Tony Mack10082022013-05-06 17:15:00 -0400[diff] [blame]425 list_display = ['ip', 'instance_name', 'slice', 'numberCores', 'image', 'key', 'node', 'deploymentNetwork']
Tony Mack53106f32013-04-27 16:43:01 -0400[diff] [blame]426
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]427 def formfield_for_foreignkey(self, db_field, request, **kwargs):
428 if db_field.name == 'slice':
429 if not request.user.is_admin:
430 slices = set([sm.slice.name for sm in SliceMembership.objects.filter(user=request.user)])
431 kwargs['queryset'] = Slice.objects.filter(name__in=list(slices))
432
433 return super(SliverAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
434
Tony Mack04062832013-05-10 08:22:44 -0400[diff] [blame]435 def queryset(self, request):
436 # admins can see all slivers. Users can only see slivers of
437 # the slices they belong to.
438 qs = super(SliverAdmin, self).queryset(request)
439 if not request.user.is_admin:
440 tenants = []
441 roles = request.user.get_roles()
442 for tenant_list in roles.values():
443 tenants.extend(tenant_list)
444 valid_slices = Slice.objects.filter(name__in=tenants)
445 qs = qs.filter(slice__in=valid_slices)
446 return qs
447
Tony Mack1d6b85f2013-05-07 18:49:14 -0400[diff] [blame]448 def get_formsets(self, request, obj=None):
449 # make some fields read only if we are updating an existing record
450 if obj == None:
451 #self.readonly_fields = ('ip', 'instance_name')
452 self.readonly_fields = ()
453 else:
Tony Mack1e889462013-05-10 21:34:54 -0400[diff] [blame]454 self.readonly_fields = ()
455 #self.readonly_fields = ('ip', 'instance_name', 'slice', 'image', 'key')
Tony Mack1d6b85f2013-05-07 18:49:14 -0400[diff] [blame]456
457 for inline in self.get_inline_instances(request, obj):
458 # hide MyInline in the add view
459 if obj is None:
460 continue
461 # give inline object access to driver and caller
462 auth = request.session.get('auth', {})
463 auth['tenant'] = obj.name # meed to connect using slice's tenant
464 inline.model.os_manager = OpenStackManager(auth=auth, caller=request.user)
465 yield inline.get_formset(request, obj)
Tony Mack53106f32013-04-27 16:43:01 -0400[diff] [blame]466
467 def save_model(self, request, obj, form, change):
Tony Mack951dab42013-05-02 19:51:45 -0400[diff] [blame]468 # update openstack connection to use this site/tenant
469 auth = request.session.get('auth', {})
470 auth['tenant'] = obj.slice.name
471 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack53106f32013-04-27 16:43:01 -0400[diff] [blame]472 obj.save()
473
474 def delete_model(self, request, obj):
Tony Mack951dab42013-05-02 19:51:45 -0400[diff] [blame]475 # update openstack connection to use this site/tenant
476 auth = request.session.get('auth', {})
477 auth['tenant'] = obj.slice.name
478 obj.os_manager = OpenStackManager(auth=auth, caller=request.user)
Tony Mack53106f32013-04-27 16:43:01 -0400[diff] [blame]479 obj.delete()
Tony Mackcdec0902013-04-15 00:38:49 -0400[diff] [blame]480
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]481class UserCreationForm(forms.ModelForm):
482 """A form for creating new users. Includes all the required
483 fields, plus a repeated password."""
484 password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
485 password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
486
487 class Meta:
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]488 model = User
489 fields = ('email', 'firstname', 'lastname', 'phone', 'key', 'site')
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]490
491 def clean_password2(self):
492 # Check that the two password entries match
493 password1 = self.cleaned_data.get("password1")
494 password2 = self.cleaned_data.get("password2")
495 if password1 and password2 and password1 != password2:
496 raise forms.ValidationError("Passwords don't match")
497 return password2
498
499 def save(self, commit=True):
500 # Save the provided password in hashed format
501 user = super(UserCreationForm, self).save(commit=False)
Tony Mackf9f4afb2013-05-01 21:02:12 -0400[diff] [blame]502 user.password = self.cleaned_data["password1"]
503 #user.set_password(self.cleaned_data["password1"])
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]504 if commit:
505 user.save()
506 return user
507
508
509class UserChangeForm(forms.ModelForm):
510 """A form for updating users. Includes all the fields on
511 the user, but replaces the password field with admin's
512 password hash display field.
513 """
514 password = ReadOnlyPasswordHashField()
515
516 class Meta:
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]517 model = User
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]518
519 def clean_password(self):
520 # Regardless of what the user provides, return the initial value.
521 # This is done here, rather than on the field, because the
522 # field does not have access to the initial value
523 return self.initial["password"]
524
525
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]526class UserAdmin(UserAdmin, OSModelAdmin):
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]527 class Meta:
528 app_label = "core"
529
530 # The forms to add and change user instances
531 form = UserChangeForm
532 add_form = UserCreationForm
533
534 # The fields to be used in displaying the User model.
535 # These override the definitions on the base UserAdmin
536 # that reference specific fields on auth.User.
Tony Mack416c0f22013-05-09 16:59:09 -0400[diff] [blame]537 list_display = ('email', 'site', 'firstname', 'lastname', 'is_admin', 'last_login')
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]538 list_filter = ('site',)
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]539 inlines = [SitePrivilegeInline, SliceMembershipInline]
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]540 fieldsets = (
Scott Baker9266e6b2013-05-19 15:54:48 -0700[diff] [blame]541 (None, {'fields': ('email', 'password', 'site', 'is_admin', 'timezone')}),
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]542 ('Personal info', {'fields': ('firstname','lastname','phone', 'key')}),
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]543 #('Important dates', {'fields': ('last_login',)}),
544 )
545 add_fieldsets = (
546 (None, {
547 'classes': ('wide',),
Tony Mack89f70f12013-05-10 20:20:03 -0400[diff] [blame]548 'fields': ('email', 'firstname', 'lastname', 'phone', 'site', 'key','password1', 'password2', 'is_admin')}
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]549 ),
550 )
551 search_fields = ('email',)
552 ordering = ('email',)
553 filter_horizontal = ()
554
Tony Mackc2835a92013-05-28 09:18:49 -0400[diff] [blame^]555 def formfield_for_foreignkey(self, db_field, request, **kwargs):
556 if db_field.name == 'site':
557 if not request.user.is_admin:
558 # show sites where caller is an admin or pi
559 sites = []
560 for site_privilege in SitePrivilege.objects.filer(user=request.user):
561 if site_privilege.role.role_type in ['admin', 'pi']:
562 sites.append(site_privilege.site.login_base)
563 kwargs['queryset'] = Site.objects.filter(login_base__in(list(sites)))
564
565 return super(UserAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
566
Scott Baker3de3e372013-05-10 16:50:44 -0700[diff] [blame]567class ServiceResourceInline(admin.TabularInline):
568 model = ServiceResource
569 extra = 0
570
571class ServiceClassAdmin(admin.ModelAdmin):
572 list_display = ('name', 'commitment', 'membershipFee')
573 inlines = [ServiceResourceInline]
574
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]575class ReservedResourceInline(admin.TabularInline):
576 model = ReservedResource
577 extra = 0
578
579 def formfield_for_foreignkey(self, db_field, request=None, **kwargs):
580 field = super(ReservedResourceInline, self).formfield_for_foreignkey(db_field, request, **kwargs)
581
582 if db_field.name == 'resource':
583 # restrict resources to those that the slice's service class allows
584 if request._slice is not None:
585 field.queryset = field.queryset.filter(serviceClass = request._slice.serviceClass, calendarReservable=True)
586 if len(field.queryset) > 0:
587 field.initial = field.queryset.all()[0]
588 else:
589 field.queryset = field.queryset.none()
590 elif db_field.name == 'sliver':
591 # restrict slivers to those that belong to the slice
592 if request._slice is not None:
593 field.queryset = field.queryset.filter(slice = request._slice)
594 else:
595 field.queryset = field.queryset.none()
596
597 return field
598
599class ReservationChangeForm(forms.ModelForm):
600 class Meta:
601 model = Reservation
602
603class ReservationAddForm(forms.ModelForm):
604 slice = forms.ModelChoiceField(queryset=Slice.objects.all(), widget=forms.Select(attrs={"onChange":"document.getElementById('id_refresh').value=1; submit()"}))
605 refresh = forms.CharField(widget=forms.HiddenInput())
606
607 class Media:
608 css = {'all': ('planetstack.css',)} # .field-refresh { display: none; }
609
610 def clean_slice(self):
611 slice = self.cleaned_data.get("slice")
612 x = ServiceResource.objects.filter(serviceClass = slice.serviceClass, calendarReservable=True)
613 if len(x) == 0:
614 raise forms.ValidationError("The slice you selected does not have a service class that allows reservations")
615 return slice
616
617 class Meta:
618 model = Reservation
619
620class ReservationAddRefreshForm(ReservationAddForm):
621 """ This form is displayed when the Reservation Form receives an update
622 from the Slice dropdown onChange handler. It doesn't validate the
623 data and doesn't save the data. This will cause the form to be
624 redrawn.
625 """
626
Scott Baker8737e5f2013-05-17 09:35:32 -0700[diff] [blame]627 """ don't validate anything other than slice """
628 dont_validate_fields = ("startTime", "duration")
629
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]630 def full_clean(self):
631 result = super(ReservationAddForm, self).full_clean()
Scott Baker8737e5f2013-05-17 09:35:32 -0700[diff] [blame]632
633 for fieldname in self.dont_validate_fields:
634 if fieldname in self._errors:
635 del self._errors[fieldname]
636
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]637 return result
638
639 """ don't save anything """
640 def is_valid(self):
641 return False
642
643class ReservationAdmin(admin.ModelAdmin):
644 list_display = ('startTime', 'duration')
645 inlines = [ReservedResourceInline]
646 form = ReservationAddForm
647
648 def add_view(self, request, form_url='', extra_context=None):
Scott Bakeracd45142013-05-19 16:19:16 -0700[diff] [blame]649 timezone.activate(request.user.timezone)
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]650 request._refresh = False
651 request._slice = None
652 if request.method == 'POST':
Scott Baker8737e5f2013-05-17 09:35:32 -0700[diff] [blame]653 # "refresh" will be set to "1" if the form was submitted due to
654 # a change in the Slice dropdown.
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]655 if request.POST.get("refresh","1") == "1":
656 request._refresh = True
657 request.POST["refresh"] = "0"
Scott Baker8737e5f2013-05-17 09:35:32 -0700[diff] [blame]658
659 # Keep track of the slice that was selected, so the
660 # reservedResource inline can filter items for the slice.
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]661 request._slice = request.POST.get("slice",None)
662 if (request._slice is not None):
663 request._slice = Slice.objects.get(id=request._slice)
664
665 result = super(ReservationAdmin, self).add_view(request, form_url, extra_context)
666 return result
667
Scott Bakeracd45142013-05-19 16:19:16 -0700[diff] [blame]668 def changelist_view(self, request, extra_context = None):
669 timezone.activate(request.user.timezone)
670 return super(ReservationAdmin, self).changelist_view(request, extra_context)
671
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]672 def get_form(self, request, obj=None, **kwargs):
673 request._obj_ = obj
674 if obj is not None:
Scott Baker8737e5f2013-05-17 09:35:32 -0700[diff] [blame]675 # For changes, set request._slice to the slice already set in the
676 # object.
Scott Baker133c9212013-05-17 09:09:11 -0700[diff] [blame]677 request._slice = obj.slice
678 self.form = ReservationChangeForm
679 else:
680 if getattr(request, "_refresh", False):
681 self.form = ReservationAddRefreshForm
682 else:
683 self.form = ReservationAddForm
684 return super(ReservationAdmin, self).get_form(request, obj, **kwargs)
685
686 def get_readonly_fields(self, request, obj=None):
687 if (obj is not None):
688 # Prevent slice from being changed after the reservation has been
689 # created.
690 return ['slice']
691 else:
692 return []
Scott Baker3de3e372013-05-10 16:50:44 -0700[diff] [blame]693
Tony Mack31c2b8f2013-04-26 20:01:42 -0400[diff] [blame]694# register a signal that caches the user's credentials when they log in
695def cache_credentials(sender, user, request, **kwds):
696 auth = {'username': request.POST['username'],
697 'password': request.POST['password']}
698 request.session['auth'] = auth
699user_logged_in.connect(cache_credentials)
700
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]701# Now register the new UserAdmin...
Siobhan Tully30fd4292013-05-10 08:59:56 -0400[diff] [blame]702admin.site.register(User, UserAdmin)
Siobhan Tully53437282013-04-26 19:30:27 -0400[diff] [blame]703# ... and, since we're not using Django's builtin permissions,
704# unregister the Group model from admin.
705admin.site.unregister(Group)
706
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]707#Do not show django evolution in the admin interface
708from django_evolution.models import Version, Evolution
709admin.site.unregister(Version)
710admin.site.unregister(Evolution)
711
712
713# When debugging it is often easier to see all the classes, but for regular use
714# only the top-levels should be displayed
715showAll = False
716
717admin.site.register(Deployment, DeploymentAdmin)
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]718admin.site.register(Site, SiteAdmin)
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400[diff] [blame]719admin.site.register(Slice, SliceAdmin)
Siobhan Tullyaa1bcd52013-05-10 12:43:09 -0400[diff] [blame]720#admin.site.register(Subnet)
Tony Mack759b57a2013-04-14 21:03:31 -0400[diff] [blame]721admin.site.register(Key, KeyAdmin)
Siobhan Tullybf1153a2013-05-27 20:53:48 -0400[diff] [blame]722
723
724if showAll:
725 admin.site.register(Node, NodeAdmin)
726 admin.site.register(SliceMembership, SliceMembershipAdmin)
727 admin.site.register(SitePrivilege, SitePrivilegeAdmin)
728 admin.site.register(Role, RoleAdmin)
729 admin.site.register(Sliver, SliverAdmin)
730 admin.site.register(ServiceClass, ServiceClassAdmin)
731 admin.site.register(Reservation, ReservationAdmin)
732 admin.site.register(Image, ImageAdmin)
Tony Mack7130ac32013-03-22 21:58:00 -0400[diff] [blame]733