##// END OF EJS Templates
radarsys_met
RSS
Add users and groups
eynilupu -
r445:046e9870ce02
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,71
1 from django.core.management import BaseCommand
2 from django.contrib.auth.models import User, Group , Permission
3 import logging
4
5 GROUPS = {
6 "Developer": {
7 #General permissions
8 #"log entry" : ["add","delete","change","view"],
9 #"group" : ["add","delete","change","view"],
10 #"permission" : ["add","delete","change","view"],
11 #"user" : ["add","delete","change","view"],
12 #"content type" : ["add","delete","change","view"],
13 #"session" : ["add","delete","change","view"],
14
15 #Specific permissions
16 "profile" : ["add","delete","change","view"],
17 "experiment" : ["add","delete","change","view"],
18 "configuration" : ["add","delete","change","view"],
19 "device" : ["add","delete","change","view"],
20 "device type" : ["add","delete","change","view"],
21 "generator configuration" : ["add","delete","change","view"],
22 "pedestal configuration" : ["add","delete","change","view"],
23 "usrprx configuration" : ["add","delete","change","view"],
24 "tx code" : ["add","delete","change","view"],
25 "usrptx configuration" : ["add","delete","change","view"],
26 },
27
28 "Operator": {
29 #Specific permissions
30 "profile" : ["view"],
31 "experiment" : ["view"],
32 "configuration" : ["view"],
33 "device" : ["view"],
34 "device type" : ["view"],
35 "generator configuration" : ["view"],
36 "pedestal configuration" : ["view"],
37 "usrprx configuration" : ["view"],
38 "tx code" : ["view"],
39 "usrptx configuration" : ["view"],
40 },
41 }
42
43 class Command(BaseCommand):
44
45 help = "Creates read only default permission groups for users"
46
47 def handle(self, *args, **options):
48 for group_name in GROUPS:
49 try:
50 Group.objects.get(name=group_name)
51 self.stdout.write(f'Local group "{group_name}" currently exists')
52 continue
53 except:
54 new_group = Group.objects.create(name=group_name)
55 # Loop models in group
56 for app_model in GROUPS[group_name]:
57
58 # Loop permissions in group/model
59 for permission_name in GROUPS[group_name][app_model]:
60
61 # Generate permission name as Django would generate it
62 name = "Can {} {}".format(permission_name, app_model)
63 self.stdout.write(f'Creating "{name}"')
64
65 try:
66 model_add_perm = Permission.objects.get(name=name)
67 except Permission.DoesNotExist:
68 logging.warning("Permission not found with name '{}'.".format(name))
69 continue
70
71 new_group.permissions.add(model_add_perm) No newline at end of file
Show file before | Show file after | Hide comments
@@ -0,0 +1,60
1 import os
2 from django.core.management.base import BaseCommand
3 from django.contrib.auth.models import User, Group
4
5 class Command(BaseCommand):
6 """
7 Create a superuser and user if none exist
8 Example:
9 manage.py create_users
10 """
11
12 help = "Create a superuser and user if none exist"
13
14 def handle(self, *args, **options):
15
16 users = {
17 'Superuser': {
18 'username': os.environ.get('SIRM_SUPER_USER', 'superuser'),
19 'password': os.environ.get('SIRM_SUPER_PASSWORD', 'SuperuseROJ'),
20 'email' : os.environ.get('SIRM_SUPER_EMAIL', 'superuser@igp.gob.pe')},
21 'Developer': {
22 'username': os.environ.get('SIRM_DEV_USER', 'developer'),
23 'password': os.environ.get('SIRM_DEV_PASSWORD', 'DevelopeROJ'),
24 'email' : os.environ.get('SIRM_DEV_EMAIL', 'developer@igp.gob.pe')},
25 'Operator': {
26 'username': os.environ.get('SIRM_USER', 'operator'),
27 'password': os.environ.get('SIRM_PASSWORD', 'OperatoROJ'),
28 'email' : os.environ.get('SIRM_EMAIL', 'operator@igp.gob.pe')}
29 }
30
31 for key, value in users.items():
32 if key == 'Superuser':
33 if User.objects.filter(is_superuser=True):
34 self.stdout.write(f'Local {key} currently exists')
35 else:
36 user, created = User.objects.get_or_create(username=value["username"], first_name=value["username"], email=value["email"], is_superuser = True, is_staff = True)
37 if created:
38 user.set_password(value["password"])
39 user.save()
40 self.stdout.write(f'Local {key} "{value["username"]}" was created')
41 else:
42 self.stdout.write(f'Unable to create this local superuser: "superuser already exists"')
43 else:
44 if User.objects.filter(groups__name=key):
45 if User.objects.filter(groups__name=key, is_superuser=True):
46 self.stdout.write(f"{key} group must not have a superuser, remove superusers and create a new user")
47 else:
48 self.stdout.write(f"Local {key} currently exists")
49 else:
50 user, created = User.objects.get_or_create(username=value["username"], first_name=value["username"], email=value["email"])
51 if created:
52 user.set_password(value["password"])
53 user.save()
54 self.stdout.write(f'Local {key} "{value["username"]}" was created')
55
56 group = Group.objects.get(name=key)
57 group.user_set.add(user)
58 self.stdout.write(f'Local {key} "{value["username"]}" was added to {key} group')
59 else:
60 self.stdout.write(f'Unable to create and join to {key} group this local user: "user already exists"') No newline at end of file
Show file before | Show file after | Hide comments
@@ -34,6 +34,16 EXPOSE_CERTS=/path/to/certs
34 34 EXPOSE_DHPARAM=/path/to/dhparam
35 35
36 36 #Superuser settings
37 SIRM_SUPER_USER=*****
38 SIRM_SUPER_PASSWORD=*******
39 SIRM_SUPER_EMAIL=*****@igp.gob.pe
40
41 #Developer user settings
42 SIRM_DEV_USER=*****
43 SIRM_DEV_PASSWORD=*******
44 SIRM_DEV_EMAIL=*****@igp.gob.pe
45
46 #Operator user settings
37 47 SIRM_USER=*****
38 48 SIRM_PASSWORD=*******
39 49 SIRM_EMAIL=*****@igp.gob.pe No newline at end of file
Show file before | Show file after | Hide comments
@@ -99,6 +99,12 services:
99 99 - EXPOSE_NAS=${EXPOSE_NAS}
100 100 - PROC_SITE=${PROC_SITE}
101 101 - SCHAIN_SITE=${SCHAIN_SITE}
102 - SIRM_SUPER_USER=${SIRM_SUPER_USER}
103 - SIRM_SUPER_PASSWORD=${SIRM_SUPER_PASSWORD}
104 - SIRM_SUPER_EMAIL=${SIRM_SUPER_EMAIL}
105 - SIRM_DEV_USER=${SIRM_DEV_USER}
106 - SIRM_DEV_PASSWORD=${SIRM_DEV_PASSWORD}
107 - SIRM_DEV_EMAIL=${SIRM_DEV_EMAIL}
102 108 - SIRM_USER=${SIRM_USER}
103 109 - SIRM_PASSWORD=${SIRM_PASSWORD}
104 110 - SIRM_EMAIL=${SIRM_EMAIL}
@@ -127,11 +133,11 services:
127 133
128 134 sirm-job:
129 135 container_name: 'sirm-job'
130 image: mcuadros/ofelia:latest
136 image: mcuadros/ofelia:v0.3.6
131 137 depends_on:
132 138 - sirm-web
133 139 networks:
134 - frontend_sirm
140 #- frontend_sirm
135 141 - backend_sirm
136 142 command: daemon --docker
137 143 volumes:
Show file before | Show file after | Hide comments
@@ -25,8 +25,11 if [ -f .gitkeep ];
25 25 touch .gitkeep
26 26 fi
27 27
28 echo "Create Superuser"
29 python manage.py createsuperuser_if_none_exists
28 echo "Create Groups"
29 python manage.py create_groups
30
31 echo "Create User"
32 python manage.py create_users
30 33
31 34 echo "Run server"
32 35 python manage.py runserver 0.0.0.0:8080 No newline at end of file
Show file before | Show file after | Hide comments
@@ -12,6 +12,17 from apps.main.views import sidebar
12 12 from .models import GeneratorConfiguration
13 13 from .forms import GeneratorConfigurationForm, GeneratorImportForm
14 14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
25
15 26
16 27 def conf(request, conf_id):
17 28
@@ -42,6 +53,10 def conf_edit(request, conf_id):
42 53
43 54 conf = get_object_or_404(GeneratorConfiguration, pk=conf_id)
44 55
56 if not is_developer(request.user):
57 messages.error(request, 'You must be an developer to edit this configuration')
58 return redirect(conf.get_absolute_url())
59
45 60 if request.method=='GET':
46 61
47 62 form = GeneratorConfigurationForm(instance=conf)
Show file before | Show file after | Hide comments
@@ -343,7 +343,7 class Experiment(PolymorphicModel):
343 343 self.reception_rx.stop_device()
344 344 time.sleep(0.1)
345 345 self.pedestal.reset_device()
346 time.sleep(14)
346 time.sleep(0.1)
347 347 self.pedestal.stop_device()
348 348 time.sleep(0.1)
349 349 proc_url = 'http://'+os.environ['PROC_SITE']+'/stop'
Show file before | Show file after | Hide comments
@@ -67,15 +67,15 MIX_OPERATIONS = {
67 67
68 68
69 69 def is_developer(user):
70
71 70 groups = [str(g.name) for g in user.groups.all()]
72 return 'Developer' in groups or user.is_staff
71 #return 'Developer' in groups or user.is_staff
72 return 'Developer' in groups or user.is_superuser
73 73
74 74
75 75 def is_operator(user):
76
77 76 groups = [str(g.name) for g in user.groups.all()]
78 return 'Operator' in groups or user.is_staff
77 #return 'Operator' in groups or user.is_staff
78 return 'Operator' in groups or user.is_superuser
79 79
80 80
81 81 def has_been_modified(model):
@@ -135,6 +135,10 def device(request, id_dev):
135 135
136 136 @login_required
137 137 def device_new(request):
138
139 if not is_developer(request.user):
140 messages.error(request, 'You must be an developer to create a new experiment')
141 return redirect('url_devices')
138 142
139 143 if request.method == 'GET':
140 144 form = DeviceForm()
@@ -160,6 +164,10 def device_new(request):
160 164 def device_edit(request, id_dev):
161 165
162 166 device = get_object_or_404(Device, pk=id_dev)
167
168 if not is_developer(request.user):
169 messages.error(request, 'You must be an developer to edit this object')
170 return redirect(device.get_absolute_url())
163 171
164 172 if request.method == 'GET':
165 173 form = DeviceForm(instance=device)
@@ -320,9 +328,9 def experiment(request, id_exp):
320 328 def experiment_new(request, id_camp=None):
321 329
322 330 if not is_developer(request.user):
323 messages.error(
324 request, 'Developer required, to create new Experiments')
325 return redirect('index')
331 messages.error(request, 'You must be an developer to create a new experiment')
332 return redirect('url_experiments')
333
326 334 kwargs = {}
327 335
328 336 if request.method == 'GET':
@@ -348,8 +356,12 def experiment_new(request, id_camp=None):
348 356
349 357 @login_required
350 358 def experiment_edit(request, id_exp):
351
352 359 experiment = get_object_or_404(Experiment, pk=id_exp)
360
361 if not is_developer(request.user):
362 messages.error(request, 'You must be an developer to edit this experiment')
363 return redirect(experiment.get_absolute_url())
364
353 365 id_p = experiment.pedestal_id
354 366 id_rx = experiment.reception_rx_id
355 367 id_tx = experiment.transmission_tx_id
@@ -407,7 +419,7 def experiment_delete(request, id_exp):
407 419 experiment.delete()
408 420 return redirect('url_experiments')
409 421
410 messages.error(request, 'Not enough permission to delete this object')
422 messages.error(request, 'Not enough permission to delete this experiment')
411 423 return redirect(experiment.get_absolute_url())
412 424
413 425 kwargs = {
@@ -472,6 +484,10 def experiment_import(request, id_exp):
472 484 def experiment_start(request, id_exp):
473 485 exp = get_object_or_404(Experiment, pk=id_exp)
474 486
487 if not is_developer(request.user) and not is_operator(request.user):
488 messages.error(request, 'You must be an developer or operator to start this experiment')
489 return redirect(exp.get_absolute_url())
490
475 491 if exp.status == 2:
476 492 messages.warning(request, 'Experiment {} already runnnig'.format(exp.name))
477 493 else:
@@ -492,7 +508,11 def experiment_start(request, id_exp):
492 508 def experiment_stop(request, id_exp):
493 509 all_status = Experiment.objects.filter(status=2)
494 510 exp = get_object_or_404(Experiment, pk=id_exp)
495
511
512 if not is_developer(request.user) and not is_operator(request.user):
513 messages.error(request, 'You must be an developer or operator to stop this experiment')
514 return redirect(exp.get_absolute_url())
515
496 516 if exp.status == 2 or exp.status == 4 or exp.status == 5:
497 517 for one_exp in all_status:
498 518 if one_exp != exp:
@@ -850,7 +870,7 def dev_conf_new(request, id_exp=0, id_dev=0):
850 870 if not is_developer(request.user):
851 871 messages.error(
852 872 request, 'Developer required, to create new configurations')
853 return redirect('index')
873 return redirect('url_dev_confs')
854 874
855 875 initial = {}
856 876 kwargs = {}
@@ -939,6 +959,10 def dev_conf_start(request, id_conf):
939 959
940 960 conf = get_object_or_404(Configuration, pk=id_conf)
941 961
962 if not is_developer(request.user) and not is_operator(request.user):
963 messages.error(request, 'You must be an developer or operator to start this configuration')
964 return redirect(conf.get_absolute_url())
965
942 966 if conf.start_device():
943 967 messages.success(request, conf.message)
944 968 else:
@@ -954,6 +978,10 def dev_conf_stop(request, id_conf):
954 978
955 979 conf = get_object_or_404(Configuration, pk=id_conf)
956 980
981 if not is_developer(request.user) and not is_operator(request.user):
982 messages.error(request, 'You must be an developer or operator to stop this configuration')
983 return redirect(conf.get_absolute_url())
984
957 985 if conf.stop_device():
958 986 messages.success(request, conf.message)
959 987 else:
Show file before | Show file after | Hide comments
@@ -12,6 +12,17 from apps.main.views import sidebar
12 12 from .models import PedestalConfiguration
13 13 from .forms import PedestalConfigurationForm, PedestalImportForm
14 14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
25
15 26
16 27 def conf(request, conf_id):
17 28
@@ -45,6 +56,9 def conf_edit(request, conf_id):
45 56
46 57 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
47 58
59 if not is_developer(request.user):
60 messages.error(request, 'You must be an developer to edit this configuration')
61 return redirect(conf.get_absolute_url())
48 62
49 63 if request.method=='GET':
50 64
@@ -119,6 +133,10 def conf_reset(request, conf_id):
119 133
120 134 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
121 135
136 if not is_developer(request.user) and not is_operator(request.user):
137 messages.error(request, 'You must be an developer or operator to reset this pedestal')
138 return redirect(conf.get_absolute_url())
139
122 140 if conf.reset_device():
123 141 messages.success(request, conf.message)
124 142 else:
Show file before | Show file after | Hide comments
@@ -12,6 +12,16 from apps.main.views import sidebar
12 12 from .models import USRPRXConfiguration
13 13 from .forms import USRPRXConfigurationForm, USRPRXImportForm
14 14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
15 25
16 26 def conf(request, conf_id):
17 27
@@ -38,12 +48,14 def conf_edit(request, conf_id):
38 48
39 49 conf = get_object_or_404(USRPRXConfiguration, pk=conf_id)
40 50
51 if not is_developer(request.user):
52 messages.error(request, 'You must be an developer to edit this configuration')
53 return redirect(conf.get_absolute_url())
54
41 55 if request.method=='GET':
42
43 56 form = USRPRXConfigurationForm(instance=conf)
44 57
45 58 elif request.method=='POST':
46
47 59 line_data = {}
48 60 conf_data = {}
49 61 clock_data = {}
Show file before | Show file after | Hide comments
@@ -13,6 +13,17 from .models import USRPTXConfiguration, TXCode
13 13 from .forms import USRPTXConfigurationForm, USRPTXImportForm
14 14 from .validations import validation_usrp_tx_code
15 15
16 def is_developer(user):
17 groups = [str(g.name) for g in user.groups.all()]
18 #return 'Developer' in groups or user.is_staff
19 return 'Developer' in groups or user.is_superuser
20
21
22 def is_operator(user):
23 groups = [str(g.name) for g in user.groups.all()]
24 #return 'Operator' in groups or user.is_staff
25 return 'Operator' in groups or user.is_superuser
26
16 27
17 28 def conf(request, conf_id):
18 29
@@ -44,6 +55,10 def conf_edit(request, conf_id):
44 55
45 56 conf = get_object_or_404(USRPTXConfiguration, pk=conf_id)
46 57
58 if not is_developer(request.user):
59 messages.error(request, 'You must be an developer to edit this configuration')
60 return redirect(conf.get_absolute_url())
61
47 62 if request.method=='GET':
48 63
49 64 form = USRPTXConfigurationForm(instance=conf)
Show file before | Show file after | Hide comments
1 NO CONTENT: file was removed
General Comments 0
You need to be logged in to leave comments. Login now