blob: eea62fe152d168c68f716df9af1fec84ebf854c0 [file] [log] [blame]
Siobhan Tully4bc09f22013-04-10 21:15:21 -04001import os
2from django.db import models
Siobhan Tully30fd4292013-05-10 08:59:56 -04003from core.models import PlCoreBase
Siobhan Tullyde5450d2013-06-21 11:35:33 -04004from core.models import Tag
5from django.contrib.contenttypes import generic
Siobhan Tully567e3e62013-06-21 18:03:16 -04006from geoposition.fields import GeopositionField
Scott Baker5380c522014-06-06 14:49:43 -07007from core.acl import AccessControlList
Siobhan Tully4bc09f22013-04-10 21:15:21 -04008
9class Site(PlCoreBase):
Siobhan Tullycf04fb62014-01-11 11:25:57 -050010 """
11 A logical grouping of Nodes that are co-located at the same geographic location, which also typically corresponds to the Nodes' location in the physical network.
12 """
Siobhan Tully4bc09f22013-04-10 21:15:21 -040013 name = models.CharField(max_length=200, help_text="Name for this Site")
14 site_url = models.URLField(null=True, blank=True, max_length=512, help_text="Site's Home URL Page")
15 enabled = models.BooleanField(default=True, help_text="Status for this Site")
Siobhan Tully567e3e62013-06-21 18:03:16 -040016 location = GeopositionField()
Siobhan Tully4bc09f22013-04-10 21:15:21 -040017 longitude = models.FloatField(null=True, blank=True)
18 latitude = models.FloatField(null=True, blank=True)
19 login_base = models.CharField(max_length=50, unique=True, help_text="Prefix for Slices associated with this Site")
20 is_public = models.BooleanField(default=True, help_text="Indicates the visibility of this site to other members")
21 abbreviated_name = models.CharField(max_length=80)
22
Tony Macke4be32f2014-03-11 20:45:25 -040023 #deployments = models.ManyToManyField('Deployment', blank=True, related_name='sites')
Scott Baker70983182014-06-09 22:10:00 -070024 deployments = models.ManyToManyField('Deployment', through='SiteDeployments', blank=True, help_text="Select which sites are allowed to host nodes in this deployment")
Siobhan Tullyde5450d2013-06-21 11:35:33 -040025 tags = generic.GenericRelation(Tag)
Siobhan Tully4bc09f22013-04-10 21:15:21 -040026
27 def __unicode__(self): return u'%s' % (self.name)
28
Tony Mack5b061472014-02-04 07:57:10 -050029 def can_update(self, user):
Tony Mackb7b4f842014-02-04 19:50:31 -050030 if user.is_readonly:
31 return False
Tony Mack5b061472014-02-04 07:57:10 -050032 if user.is_admin:
33 return True
34 site_privs = SitePrivilege.objects.filter(user=user, site=self)
35 for site_priv in site_privs:
Tony Mackb7b4f842014-02-04 19:50:31 -050036 if site_priv.role.role == 'pi':
Tony Mack5b061472014-02-04 07:57:10 -050037 return True
38 return False
39
Tony Mack5b061472014-02-04 07:57:10 -050040 @staticmethod
41 def select_by_user(user):
42 if user.is_admin:
43 qs = Site.objects.all()
44 else:
45 site_ids = [sp.site.id for sp in SitePrivilege.objects.filter(user=user)]
46 site_ids.append(user.site.id)
47 qs = Site.objects.filter(id__in=site_ids)
48 return qs
49
50
Siobhan Tullybfd11dc2013-09-03 12:59:24 -040051class SiteRole(PlCoreBase):
52
Siobhan Tullycf04fb62014-01-11 11:25:57 -050053 ROLE_CHOICES = (('admin','Admin'),('pi','PI'),('tech','Tech'),('billing','Billing'))
Siobhan Tullybfd11dc2013-09-03 12:59:24 -040054 role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30)
55
56 def __unicode__(self): return u'%s' % (self.role)
57
Siobhan Tully4bc09f22013-04-10 21:15:21 -040058class SitePrivilege(PlCoreBase):
59
Siobhan Tully30fd4292013-05-10 08:59:56 -040060 user = models.ForeignKey('User', related_name='site_privileges')
Siobhan Tully4bc09f22013-04-10 21:15:21 -040061 site = models.ForeignKey('Site', related_name='site_privileges')
Siobhan Tullybfd11dc2013-09-03 12:59:24 -040062 role = models.ForeignKey('SiteRole')
Siobhan Tully4bc09f22013-04-10 21:15:21 -040063
64 def __unicode__(self): return u'%s %s %s' % (self.site, self.user, self.role)
65
Tony Mack00d361f2013-04-28 10:28:42 -040066 def save(self, *args, **kwds):
Tony Mack00d361f2013-04-28 10:28:42 -040067 super(SitePrivilege, self).save(*args, **kwds)
68
69 def delete(self, *args, **kwds):
Tony Mack00d361f2013-04-28 10:28:42 -040070 super(SitePrivilege, self).delete(*args, **kwds)
71
Tony Mack5b061472014-02-04 07:57:10 -050072 def can_update(self, user):
Tony Mackb7b4f842014-02-04 19:50:31 -050073 return self.site.can_update(user)
Tony Mack5b061472014-02-04 07:57:10 -050074
Tony Mack5b061472014-02-04 07:57:10 -050075 @staticmethod
76 def select_by_user(user):
77 if user.is_admin:
78 qs = SitePrivilege.objects.all()
79 else:
80 sp_ids = [sp.id for sp in SitePrivilege.objects.filter(user=user)]
81 qs = SitePrivilege.objects.filter(id__in=sp_ids)
82 return qs
83
Siobhan Tullycf04fb62014-01-11 11:25:57 -050084class Deployment(PlCoreBase):
85 name = models.CharField(max_length=200, unique=True, help_text="Name of the Deployment")
Scott Baker57ec5d32014-06-06 14:56:20 -070086 admin_user = models.CharField(max_length=200, null=True, blank=True, help_text="Username of an admin user at this deployment")
87 admin_password = models.CharField(max_length=200, null=True, blank=True, help_text="Password of theadmin user at this deployment")
88 admin_tenant = models.CharField(max_length=200, null=True, blank=True, help_text="Name of the tenant the admin user belongs to")
89 auth_url = models.CharField(max_length=200, null=True, blank=True, help_text="Auth url for the deployment")
Scott Baker5380c522014-06-06 14:49:43 -070090
91 # smbaker: the default of 'allow all' is intended for evolutions of existing
92 # deployments. When new deployments are created via the GUI, they are
93 # given a default of 'allow site <site_of_creator>'
94 accessControl = models.TextField(max_length=200, blank=False, null=False, default="allow all",
95 help_text="Access control list that specifies which sites/users may use nodes in this deployment")
96
97 def get_acl(self):
98 return AccessControlList(self.accessControl)
99
100 def test_acl(self, slice=None, user=None):
101 potential_users=[]
102
103 if user:
104 potential_users.append(user)
105
106 if slice:
107 potential_users.append(slice.creator)
108 for priv in slice.slice_privileges.all():
109 if priv.user not in potential_users:
110 potential_users.append(priv.user)
111
112 acl = self.get_acl()
113 for user in potential_users:
114 if acl.test(user) == "allow":
115 return True
116
117 return False
118
Scott Bakercb95fde2014-06-06 16:09:51 -0700119 @staticmethod
120 def select_by_acl(user):
121 ids = []
Scott Baker5380c522014-06-06 14:49:43 -0700122 for deployment in Deployment.objects.all():
Scott Bakercb95fde2014-06-06 16:09:51 -0700123 acl = deployment.get_acl()
Scott Baker01a4cd02014-06-09 13:12:40 -0700124 if acl.test(user) == "allow":
Scott Bakercb95fde2014-06-06 16:09:51 -0700125 ids.append(deployment.id)
126
127 return Deployment.objects.filter(id__in=ids)
Siobhan Tullycf04fb62014-01-11 11:25:57 -0500128
129 def __unicode__(self): return u'%s' % (self.name)
130
Tony Macke4be32f2014-03-11 20:45:25 -0400131 @staticmethod
132 def select_by_user(user):
133 return Deployment.objects.all()
Siobhan Tullycf04fb62014-01-11 11:25:57 -0500134
135class DeploymentRole(PlCoreBase):
136
137 ROLE_CHOICES = (('admin','Admin'),)
138 role = models.CharField(choices=ROLE_CHOICES, unique=True, max_length=30)
139
140 def __unicode__(self): return u'%s' % (self.role)
141
142class DeploymentPrivilege(PlCoreBase):
143
144 user = models.ForeignKey('User', related_name='deployment_privileges')
145 deployment = models.ForeignKey('Deployment', related_name='deployment_privileges')
146 role = models.ForeignKey('DeploymentRole')
147
148 def __unicode__(self): return u'%s %s %s' % (self.deployment, self.user, self.role)
149
Tony Mack5b061472014-02-04 07:57:10 -0500150 def can_update(self, user):
151 if user.is_readonly:
152 return False
153 if user.is_admin:
154 return True
155 dprivs = DeploymentPrivilege.objects.filter(user=user)
156 for dpriv in dprivs:
Tony Mackb7b4f842014-02-04 19:50:31 -0500157 if dpriv.role.role == 'admin':
Tony Mack5b061472014-02-04 07:57:10 -0500158 return True
159 return False
160
Tony Mack5b061472014-02-04 07:57:10 -0500161 @staticmethod
162 def select_by_user(user):
163 if user.is_admin:
164 qs = DeploymentPrivilege.objects.all()
165 else:
166 dpriv_ids = [dp.id for dp in DeploymentPrivilege.objects.filter(user=user)]
167 qs = DeploymentPrivilege.objects.filter(id__in=dpriv_ids)
168 return qs
169
Siobhan Tullycf04fb62014-01-11 11:25:57 -0500170class SiteDeployments(PlCoreBase):
171 site = models.ForeignKey(Site)
172 deployment = models.ForeignKey(Deployment)
Tony Macke4be32f2014-03-11 20:45:25 -0400173 tenant_id = models.CharField(null=True, blank=True, max_length=200, help_text="Keystone tenant id")
174
175 @staticmethod
176 def select_by_user(user):
177 return SiteDeployments.objects.all()
Siobhan Tullycf04fb62014-01-11 11:25:57 -0500178
Tony Mack929af702014-02-04 19:36:52 -0500179 #class Meta:
180 # db_table = 'core_site_deployments'
181 # #auto_created = Site
Siobhan Tully4bc09f22013-04-10 21:15:21 -0400182