Commit c08a156c authored by Lukas Burgey's avatar Lukas Burgey
Browse files

Change imports

parent d23200c4
......@@ -8,9 +8,7 @@ from django.http import HttpResponse
from django.contrib.auth import authenticate
from django.contrib.sessions.models import Session
from ....models import Site
from ....models.brokers import RabbitMQInstance
from ....models.users import User
from .... import models
LOGGER = logging.getLogger(__name__)
CLIENT_DEBUGGING = False
......@@ -20,7 +18,7 @@ DENY = HttpResponse('deny')
def _valid_vhost(request):
if request.POST.get('vhost') == RabbitMQInstance.load().vhost:
if request.POST.get('vhost') == models.RabbitMQInstance.load().vhost:
return True
LOGGER.error('illegal vhost requested')
return False
......@@ -36,7 +34,7 @@ def _valid_user(request):
return _apiclient_valid(request) or _webpage_client_userid(request)
def _apiclient_valid(request):
valid = User.objects.filter(
valid = models.User.objects.filter(
user_type='apiclient',
username=request.POST.get('username'),
).exists()
......@@ -45,7 +43,7 @@ def _apiclient_valid(request):
return False
def _apiclient_get(request):
user = User.objects.filter(
user = models.User.objects.filter(
user_type='apiclient',
).get(
username=request.POST.get('username'),
......@@ -137,7 +135,7 @@ def _resource_authorized_apiclient(request):
and name.startswith('amq.gen-')
) or (
resource == 'exchange'
and name in RabbitMQInstance.load().exchanges
and name in models.RabbitMQInstance.load().exchanges
and not 'write' in permission
)
......@@ -233,16 +231,16 @@ def topic_endpoint_apiclient(request, apiclient):
group = Group.objects.get(name=routing_key)
try:
Site.objects.get(
models.Site.objects.get(
services__groups=group,
client=apiclient,
)
return ALLOW
except Site.MultipleObjectsReturned:
except models.Site.MultipleObjectsReturned:
return ALLOW
except Site.DoesNotExist:
except models.Site.DoesNotExist:
return DENY
except Group.DoesNotExist:
......
......@@ -7,7 +7,7 @@ from django.db import models
from django_mysql.models import JSONField
from .brokers import RabbitMQInstance
from .users import User
from .users import User, SSHPublicKey
LOGGER = getLogger(__name__)
......@@ -103,78 +103,6 @@ class Service(models.Model):
raise
class SSHPublicKey(models.Model):
name = models.CharField(
max_length=150,
)
key = models.TextField(
max_length=1000
)
# hidden field at the user
user = models.ForeignKey(
User,
related_name='_ssh_keys',
on_delete=models.SET_NULL,
null=True,
)
# has the user triggered the deletion of this key?
deleted = models.BooleanField(
default=False,
editable=False,
)
@property
def deployed_anywhere(self):
for state in self.states.all():
for item in state.state_items.all():
if item.state == 'deployed' or item.state == 'removal_pending':
return True
return False
# does not directly delete the key if the key is deployed or removen
# somewhere
# the receiver 'delete_removen_ssh_key' does the actual deletion
def delete_key(self):
# if this key is not deployed anywhere we delete it now
if not self.deployed_anywhere:
LOGGER.info(self.msg('Direct deletion of key'))
self.delete()
return
LOGGER.info(self.msg('Deletion of key started'))
self.deleted = True
self.save()
# delete implies removeing the key from all clients
for deployment in self.deployments.all():
deployment.remove_key(self)
# when a key is removen by a client we try to finally delete it
def try_final_deletion(self):
if self.deleted:
if not self.deployed_anywhere:
LOGGER.info(self.msg('All clients have removen this key. Final deletion'))
self._final_deletion()
def _final_deletion(self):
_self = self
for state in self.states.all():
#for item in state.state_items.all():
# item.delete()
state.delete()
_self.delete()
def __str__(self):
if self.deleted:
return 'DELETED: {}'.format(self.name)
return self.name
def msg(self, msg):
return '[SSHKey:{}] {}'.format(self, msg)
# Deployment describes the supposed state of the users ssh keys at either:
# - a group (and and the services associated with the group)
# - a single service
......
......@@ -5,7 +5,9 @@
from django.contrib.auth.models import Group
from rest_framework import serializers
from ...models import SSHPublicKey
from ... import models
from .webpage import DeploymentStateSerializer
from .clients import RabbitMQInstanceSerializer
class GroupSerializer(serializers.ModelSerializer):
......@@ -19,7 +21,7 @@ class GroupSerializer(serializers.ModelSerializer):
class SSHPublicKeySerializer(serializers.ModelSerializer):
class Meta:
model = SSHPublicKey
model = models.SSHPublicKey
fields = [
'id',
'name',
......@@ -29,7 +31,7 @@ class SSHPublicKeySerializer(serializers.ModelSerializer):
class SSHPublicKeyRefSerializer(serializers.ModelSerializer):
class Meta:
model = SSHPublicKey
model = models.SSHPublicKey
fields = [
'id',
'name',
......
......@@ -5,8 +5,6 @@ from django_mysql.models import JSONField
from rest_framework import serializers
from ... import models
from ..users import User
from ..brokers import RabbitMQInstance
from . import GroupSerializer, SSHPublicKeySerializer
......@@ -23,7 +21,7 @@ class UserSerializer(serializers.ModelSerializer):
userinfo = JSONField()
class Meta:
model = User
model = models.User
fields = ['email', 'groups', 'userinfo']
......@@ -76,5 +74,5 @@ class SiteSerializer(serializers.Serializer):
class RabbitMQInstanceSerializer(serializers.ModelSerializer):
class Meta:
model = RabbitMQInstance
model = models.RabbitMQInstance
fields = ['vhost']
......@@ -4,7 +4,6 @@
from rest_framework import serializers
from ... import models
from ..users import User
from .. import serializers as backend_serializers
......@@ -98,7 +97,7 @@ class UserSerializer(serializers.ModelSerializer):
ssh_keys = backend_serializers.SSHPublicKeySerializer(many=True)
class Meta:
model = User
model = models.User
fields = [
'profile_name',
'groups',
......@@ -115,7 +114,7 @@ class UserStateSerializer(serializers.ModelSerializer):
deployments = DeploymentSerializer(many=True)
class Meta:
model = User
model = models.User
fields = [
'deployment_state_items',
'deployment_states',
......
......@@ -16,6 +16,7 @@ LOGGER = logging.getLogger(__name__)
def user_info_default():
return {}
class User(AbstractUser):
TYPE_CHOICES = (
('apiclient', 'API-Client'),
......@@ -213,13 +214,21 @@ class User(AbstractUser):
dep.deactivate()
def update_userinfo(self, userinfo):
groups = userinfo.get('groups', [])
for group in self.groups.all():
if group.name not in groups:
self.groups.remove(group)
# remove group from user and deactivate deployments
for dep in self.deployments.filter(group=group):
dep.deactivate()
self.userinfo = userinfo
self.save()
if 'sub' not in userinfo:
raise Exception('Missing attribute in userinfo: sub')
groups = userinfo.get('groups', [])
for group_name in groups:
try:
......@@ -236,7 +245,6 @@ class User(AbstractUser):
unity_key_value = userinfo.get('ssh_key', '')
unity_key_name = 'unity_key'
from . import SSHPublicKey
try:
key = self._ssh_keys.get(name=unity_key_name)
if key.key != unity_key_value:
......@@ -252,6 +260,76 @@ class User(AbstractUser):
key.save()
class SSHPublicKey(models.Model):
name = models.CharField(
max_length=150,
)
key = models.TextField(
max_length=1000
)
# hidden field at the user
user = models.ForeignKey(
User,
related_name='_ssh_keys',
on_delete=models.SET_NULL,
null=True,
)
# has the user triggered the deletion of this key?
deleted = models.BooleanField(
default=False,
editable=False,
)
@property
def deployed_anywhere(self):
for state in self.states.all():
for item in state.state_items.all():
if item.state == 'deployed' or item.state == 'removal_pending':
return True
return False
# does not directly delete the key if the key is deployed or removen
# somewhere
# the receiver 'delete_removen_ssh_key' does the actual deletion
def delete_key(self):
# if this key is not deployed anywhere we delete it now
if not self.deployed_anywhere:
LOGGER.info(self.msg('Direct deletion of key'))
self.delete()
return
LOGGER.info(self.msg('Deletion of key started'))
self.deleted = True
self.save()
# delete implies removeing the key from all clients
for deployment in self.deployments.all():
deployment.remove_key(self)
# when a key is removen by a client we try to finally delete it
def try_final_deletion(self):
if self.deleted:
if not self.deployed_anywhere:
LOGGER.info(self.msg('All clients have removen this key. Final deletion'))
self._final_deletion()
def _final_deletion(self):
_self = self
for state in self.states.all():
#for item in state.state_items.all():
# item.delete()
state.delete()
_self.delete()
def __str__(self):
if self.deleted:
return 'DELETED: {}'.format(self.name)
return self.name
def msg(self, msg):
return '[SSHKey:{}] {}'.format(self, msg)
@receiver(post_save, sender=User)
def deactivate_user(sender, instance=None, created=False, **kwargs):
......
......@@ -6,7 +6,6 @@ from rest_framework import generics, views
from rest_framework.authentication import BasicAuthentication
from rest_framework.response import Response
from ..models.brokers import RabbitMQInstance
from ..models.serializers.webpage import DeploymentStateSerializer
from ..models.serializers.clients import RabbitMQInstanceSerializer
from .. import models
......@@ -83,7 +82,7 @@ class ConfigurationView(views.APIView):
response = {
'rabbitmq_config': RabbitMQInstanceSerializer(
RabbitMQInstance.load(),
models.RabbitMQInstance.load(),
).data,
'site': request.user.site.name,
}
......
import logging
from django.contrib.auth import logout
from django.contrib.auth.models import Group
from django.shortcuts import get_object_or_404
......@@ -9,8 +10,8 @@ from rest_framework.permissions import AllowAny
from rest_framework.response import Response
from .. import models
from ..models.serializers import webpage as serializers
from ..models import serializers as model_serializers
from ..models.serializers import webpage as serializers
LOGGER = logging.getLogger(__name__)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment