Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 1 | import os |
| 2 | from django.db import models |
Siobhan Tully | 30fd429 | 2013-05-10 08:59:56 -0400 | [diff] [blame] | 3 | from core.models import PlCoreBase |
Siobhan Tully | de5450d | 2013-06-21 11:35:33 -0400 | [diff] [blame] | 4 | from core.models import Tag |
| 5 | from django.contrib.contenttypes import generic |
Siobhan Tully | 567e3e6 | 2013-06-21 18:03:16 -0400 | [diff] [blame] | 6 | from geoposition.fields import GeopositionField |
Scott Baker | 5380c52 | 2014-06-06 14:49:43 -0700 | [diff] [blame] | 7 | from core.acl import AccessControlList |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 8 | |
| 9 | class Site(PlCoreBase): |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 10 | """ |
| 11 | A logical grouping of Nodes that are co-located at the same geographic location, which also typically corresponds to the Nodes' location in the physical network. |
| 12 | """ |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 13 | name = models.CharField(max_length=200, help_text="Name for this Site") |
| 14 | site_url = models.URLField(null=True, blank=True, max_length=512, help_text="Site's Home URL Page") |
| 15 | enabled = models.BooleanField(default=True, help_text="Status for this Site") |
Siobhan Tully | 567e3e6 | 2013-06-21 18:03:16 -0400 | [diff] [blame] | 16 | location = GeopositionField() |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 17 | longitude = models.FloatField(null=True, blank=True) |
| 18 | latitude = models.FloatField(null=True, blank=True) |
| 19 | login_base = models.CharField(max_length=50, unique=True, help_text="Prefix for Slices associated with this Site") |
| 20 | is_public = models.BooleanField(default=True, help_text="Indicates the visibility of this site to other members") |
| 21 | abbreviated_name = models.CharField(max_length=80) |
| 22 | |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 23 | #deployments = models.ManyToManyField('Deployment', blank=True, related_name='sites') |
Scott Baker | 7098318 | 2014-06-09 22:10:00 -0700 | [diff] [blame] | 24 | deployments = models.ManyToManyField('Deployment', through='SiteDeployments', blank=True, help_text="Select which sites are allowed to host nodes in this deployment") |
Siobhan Tully | de5450d | 2013-06-21 11:35:33 -0400 | [diff] [blame] | 25 | tags = generic.GenericRelation(Tag) |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 26 | |
| 27 | def __unicode__(self): return u'%s' % (self.name) |
| 28 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 29 | def can_update(self, user): |
Tony Mack | b7b4f84 | 2014-02-04 19:50:31 -0500 | [diff] [blame] | 30 | if user.is_readonly: |
| 31 | return False |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 32 | if user.is_admin: |
| 33 | return True |
| 34 | site_privs = SitePrivilege.objects.filter(user=user, site=self) |
| 35 | for site_priv in site_privs: |
Tony Mack | b7b4f84 | 2014-02-04 19:50:31 -0500 | [diff] [blame] | 36 | if site_priv.role.role == 'pi': |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 37 | return True |
| 38 | return False |
| 39 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 40 | @staticmethod |
| 41 | def select_by_user(user): |
| 42 | if user.is_admin: |
| 43 | qs = Site.objects.all() |
| 44 | else: |
| 45 | site_ids = [sp.site.id for sp in SitePrivilege.objects.filter(user=user)] |
| 46 | site_ids.append(user.site.id) |
| 47 | qs = Site.objects.filter(id__in=site_ids) |
| 48 | return qs |
| 49 | |
| 50 | |
Siobhan Tully | bfd11dc | 2013-09-03 12:59:24 -0400 | [diff] [blame] | 51 | class SiteRole(PlCoreBase): |
| 52 | |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 53 | ROLE_CHOICES = (('admin','Admin'),('pi','PI'),('tech','Tech'),('billing','Billing')) |
Siobhan Tully | bfd11dc | 2013-09-03 12:59:24 -0400 | [diff] [blame] | 54 | role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30) |
| 55 | |
| 56 | def __unicode__(self): return u'%s' % (self.role) |
| 57 | |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 58 | class SitePrivilege(PlCoreBase): |
| 59 | |
Siobhan Tully | 30fd429 | 2013-05-10 08:59:56 -0400 | [diff] [blame] | 60 | user = models.ForeignKey('User', related_name='site_privileges') |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 61 | site = models.ForeignKey('Site', related_name='site_privileges') |
Siobhan Tully | bfd11dc | 2013-09-03 12:59:24 -0400 | [diff] [blame] | 62 | role = models.ForeignKey('SiteRole') |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 63 | |
| 64 | def __unicode__(self): return u'%s %s %s' % (self.site, self.user, self.role) |
| 65 | |
Tony Mack | 00d361f | 2013-04-28 10:28:42 -0400 | [diff] [blame] | 66 | def save(self, *args, **kwds): |
Tony Mack | 00d361f | 2013-04-28 10:28:42 -0400 | [diff] [blame] | 67 | super(SitePrivilege, self).save(*args, **kwds) |
| 68 | |
| 69 | def delete(self, *args, **kwds): |
Tony Mack | 00d361f | 2013-04-28 10:28:42 -0400 | [diff] [blame] | 70 | super(SitePrivilege, self).delete(*args, **kwds) |
| 71 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 72 | def can_update(self, user): |
Tony Mack | b7b4f84 | 2014-02-04 19:50:31 -0500 | [diff] [blame] | 73 | return self.site.can_update(user) |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 74 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 75 | @staticmethod |
| 76 | def select_by_user(user): |
| 77 | if user.is_admin: |
| 78 | qs = SitePrivilege.objects.all() |
| 79 | else: |
| 80 | sp_ids = [sp.id for sp in SitePrivilege.objects.filter(user=user)] |
| 81 | qs = SitePrivilege.objects.filter(id__in=sp_ids) |
| 82 | return qs |
| 83 | |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 84 | class Deployment(PlCoreBase): |
| 85 | name = models.CharField(max_length=200, unique=True, help_text="Name of the Deployment") |
Scott Baker | 57ec5d3 | 2014-06-06 14:56:20 -0700 | [diff] [blame] | 86 | admin_user = models.CharField(max_length=200, null=True, blank=True, help_text="Username of an admin user at this deployment") |
| 87 | admin_password = models.CharField(max_length=200, null=True, blank=True, help_text="Password of theadmin user at this deployment")
|
| 88 | admin_tenant = models.CharField(max_length=200, null=True, blank=True, help_text="Name of the tenant the admin user belongs to")
|
| 89 | auth_url = models.CharField(max_length=200, null=True, blank=True, help_text="Auth url for the deployment") |
Scott Baker | 5380c52 | 2014-06-06 14:49:43 -0700 | [diff] [blame] | 90 | |
| 91 | # smbaker: the default of 'allow all' is intended for evolutions of existing |
| 92 | # deployments. When new deployments are created via the GUI, they are |
| 93 | # given a default of 'allow site <site_of_creator>' |
| 94 | accessControl = models.TextField(max_length=200, blank=False, null=False, default="allow all", |
| 95 | help_text="Access control list that specifies which sites/users may use nodes in this deployment") |
| 96 | |
| 97 | def get_acl(self): |
| 98 | return AccessControlList(self.accessControl) |
| 99 | |
| 100 | def test_acl(self, slice=None, user=None): |
| 101 | potential_users=[] |
| 102 | |
| 103 | if user: |
| 104 | potential_users.append(user) |
| 105 | |
| 106 | if slice: |
| 107 | potential_users.append(slice.creator) |
| 108 | for priv in slice.slice_privileges.all(): |
| 109 | if priv.user not in potential_users: |
| 110 | potential_users.append(priv.user) |
| 111 | |
| 112 | acl = self.get_acl() |
| 113 | for user in potential_users: |
| 114 | if acl.test(user) == "allow": |
| 115 | return True |
| 116 | |
| 117 | return False |
| 118 | |
Scott Baker | cb95fde | 2014-06-06 16:09:51 -0700 | [diff] [blame] | 119 | @staticmethod |
| 120 | def select_by_acl(user): |
| 121 | ids = [] |
Scott Baker | 5380c52 | 2014-06-06 14:49:43 -0700 | [diff] [blame] | 122 | for deployment in Deployment.objects.all(): |
Scott Baker | cb95fde | 2014-06-06 16:09:51 -0700 | [diff] [blame] | 123 | acl = deployment.get_acl() |
Scott Baker | 01a4cd0 | 2014-06-09 13:12:40 -0700 | [diff] [blame] | 124 | if acl.test(user) == "allow": |
Scott Baker | cb95fde | 2014-06-06 16:09:51 -0700 | [diff] [blame] | 125 | ids.append(deployment.id) |
| 126 | |
| 127 | return Deployment.objects.filter(id__in=ids) |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 128 | |
| 129 | def __unicode__(self): return u'%s' % (self.name) |
| 130 | |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 131 | @staticmethod |
| 132 | def select_by_user(user): |
| 133 | return Deployment.objects.all() |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 134 | |
| 135 | class DeploymentRole(PlCoreBase): |
| 136 | |
| 137 | ROLE_CHOICES = (('admin','Admin'),) |
| 138 | role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30) |
| 139 | |
| 140 | def __unicode__(self): return u'%s' % (self.role) |
| 141 | |
| 142 | class DeploymentPrivilege(PlCoreBase): |
| 143 | |
| 144 | user = models.ForeignKey('User', related_name='deployment_privileges') |
| 145 | deployment = models.ForeignKey('Deployment', related_name='deployment_privileges') |
| 146 | role = models.ForeignKey('DeploymentRole') |
| 147 | |
| 148 | def __unicode__(self): return u'%s %s %s' % (self.deployment, self.user, self.role) |
| 149 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 150 | def can_update(self, user): |
| 151 | if user.is_readonly: |
| 152 | return False |
| 153 | if user.is_admin: |
| 154 | return True |
| 155 | dprivs = DeploymentPrivilege.objects.filter(user=user) |
| 156 | for dpriv in dprivs: |
Tony Mack | b7b4f84 | 2014-02-04 19:50:31 -0500 | [diff] [blame] | 157 | if dpriv.role.role == 'admin': |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 158 | return True |
| 159 | return False |
| 160 | |
Tony Mack | 5b06147 | 2014-02-04 07:57:10 -0500 | [diff] [blame] | 161 | @staticmethod |
| 162 | def select_by_user(user): |
| 163 | if user.is_admin: |
| 164 | qs = DeploymentPrivilege.objects.all() |
| 165 | else: |
| 166 | dpriv_ids = [dp.id for dp in DeploymentPrivilege.objects.filter(user=user)] |
| 167 | qs = DeploymentPrivilege.objects.filter(id__in=dpriv_ids) |
| 168 | return qs |
| 169 | |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 170 | class SiteDeployments(PlCoreBase): |
| 171 | site = models.ForeignKey(Site) |
| 172 | deployment = models.ForeignKey(Deployment) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 173 | tenant_id = models.CharField(null=True, blank=True, max_length=200, help_text="Keystone tenant id") |
| 174 | |
| 175 | @staticmethod |
| 176 | def select_by_user(user): |
| 177 | return SiteDeployments.objects.all() |
Siobhan Tully | cf04fb6 | 2014-01-11 11:25:57 -0500 | [diff] [blame] | 178 | |
Tony Mack | 929af70 | 2014-02-04 19:36:52 -0500 | [diff] [blame] | 179 | #class Meta: |
| 180 | # db_table = 'core_site_deployments' |
| 181 | # #auto_created = Site |
Siobhan Tully | 4bc09f2 | 2013-04-10 21:15:21 -0400 | [diff] [blame] | 182 | |