views.py 3.76 KB
Newer Older
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
1
2
from itertools import chain

3
4
from django.shortcuts import redirect
from django.views.generic.simple import direct_to_template
5
6
7
8
from django.db.models import get_apps
from django.conf import settings
from django.core.exceptions import PermissionDenied
from django.db.models import Q
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
9
10
from django.http import Http404, HttpResponse
from django.utils import simplejson as json
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
11
from urllib import unquote
12

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
13
from synnefo.lib.astakos import get_user
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
14
from synnefo.db.models import *
15

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
def get_token_from_cookie(request, cookiename):
    """
    Extract token from the cookie name provided. Cookie should be in the same
    form as astakos service sets its cookie contents::

        <user_uniq>|<user_token>
    """
    try:
        cookie_content = unquote(request.COOKIES.get(cookiename, None))
        return cookie_content.split("|")[1]
    except AttributeError:
        pass

    return None

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
31
# TODO: here we mix ui setting with helpdesk settings
32
33
# if sometime in the future helpdesk gets splitted from the
# cyclades api code this should change and helpdesk should provide
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
34
# its own setting HELPDESK_AUTH_COOKIE_NAME.
35
36
37
38
39
40
41
42
43
44
HELPDESK_AUTH_COOKIE = getattr(settings, 'UI_AUTH_COOKIE_NAME', '_pithos2_a')

def helpdesk_user_required(func, groups=['helpdesk']):
    """
    Django view wrapper that checks if identified request user has helpdesk
    permissions (exists in helpdesk group)
    """
    def wrapper(request, *args, **kwargs):
        token = get_token_from_cookie(request, HELPDESK_AUTH_COOKIE)
        get_user(request, settings.ASTAKOS_URL, fallback_token=token)
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
45
        if hasattr(request, 'user') and request.user:
46
            groups = request.user.get('groups', [])
47
48
49
50

            if not groups:
                raise PermissionDenied

51
52
53
54
55
56
57
58
59
60
61
62
            for g in groups:
                if not g in groups:
                    raise PermissionDenied
        else:
            raise PermissionDenied

        return func(request, *args, **kwargs)

    return wrapper


@helpdesk_user_required
63
64
65
66
def index(request):
    """
    Helpdesk index view.
    """
67

68
69
70
71
72
73
74
75
76
    # if form submitted redirect to details
    account = request.GET.get('account', None)
    if account:
      return redirect('synnefo.helpdesk.views.account', account=account)

    # show index template
    return direct_to_template(request, "helpdesk/index.html")


77
@helpdesk_user_required
78
79
def account(request, account):
    """
80
    Account details view.
81
    """
82
83
84
85
86

    # all user vms
    vms = VirtualMachine.objects.filter(userid=account).order_by('deleted')

    # return all user private and public networks
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
87
88
89
90
91
92
93
    public_networks = Network.objects.filter(public=True).order_by('state')
    private_networks = Network.objects.filter(userid=account).order_by('state')
    networks = list(public_networks) + list(private_networks)

    account_exists = True
    if vms.count() == 0 and private_networks.count() == 0:
        account_exists = False
94

95
    user_context = {
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
96
        'account_exists': account_exists,
97
        'account': account,
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
98
        'vms': vms,
99
100
101
102
103
        'networks': networks,
    }
    return direct_to_template(request, "helpdesk/account.html",
        extra_context=user_context)

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
104

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
105
106
107
108
109
110
111
112
@helpdesk_user_required
def user_list(request):
    """
    Return a json list of users based on the prefix provided. Prefix
    should end with "@".
    """

    prefix = request.GET.get('prefix', None)
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
113
    if not prefix or "@" not in prefix:
Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
114
115
        raise Http404

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
116
117
118
    # keep only the user part (e.g. "user@")
    prefix = prefix.split("@")[0] + "@"

Kostas Papadimitriou's avatar
Kostas Papadimitriou committed
119
120
121
122
123
124
    q = Q(userid__startswith=prefix) & ~Q(userid=None)
    vm_users = VirtualMachine.objects.filter(q).values_list("userid", flat=True)
    net_users = Network.objects.filter(q).values_list("userid", flat=True)
    users = list(set(list(vm_users) + list(net_users)))
    return HttpResponse(json.dumps(users), content_type="application/json")