##// END OF EJS Templates
radarsys_met
RSS
Add users and groups
eynilupu -
r445:046e9870ce02
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,71
1 from django.core.management import BaseCommand
2 from django.contrib.auth.models import User, Group , Permission
3 import logging
4
5 GROUPS = {
6 "Developer": {
7 #General permissions
8 #"log entry" : ["add","delete","change","view"],
9 #"group" : ["add","delete","change","view"],
10 #"permission" : ["add","delete","change","view"],
11 #"user" : ["add","delete","change","view"],
12 #"content type" : ["add","delete","change","view"],
13 #"session" : ["add","delete","change","view"],
14
15 #Specific permissions
16 "profile" : ["add","delete","change","view"],
17 "experiment" : ["add","delete","change","view"],
18 "configuration" : ["add","delete","change","view"],
19 "device" : ["add","delete","change","view"],
20 "device type" : ["add","delete","change","view"],
21 "generator configuration" : ["add","delete","change","view"],
22 "pedestal configuration" : ["add","delete","change","view"],
23 "usrprx configuration" : ["add","delete","change","view"],
24 "tx code" : ["add","delete","change","view"],
25 "usrptx configuration" : ["add","delete","change","view"],
26 },
27
28 "Operator": {
29 #Specific permissions
30 "profile" : ["view"],
31 "experiment" : ["view"],
32 "configuration" : ["view"],
33 "device" : ["view"],
34 "device type" : ["view"],
35 "generator configuration" : ["view"],
36 "pedestal configuration" : ["view"],
37 "usrprx configuration" : ["view"],
38 "tx code" : ["view"],
39 "usrptx configuration" : ["view"],
40 },
41 }
42
43 class Command(BaseCommand):
44
45 help = "Creates read only default permission groups for users"
46
47 def handle(self, *args, **options):
48 for group_name in GROUPS:
49 try:
50 Group.objects.get(name=group_name)
51 self.stdout.write(f'Local group "{group_name}" currently exists')
52 continue
53 except:
54 new_group = Group.objects.create(name=group_name)
55 # Loop models in group
56 for app_model in GROUPS[group_name]:
57
58 # Loop permissions in group/model
59 for permission_name in GROUPS[group_name][app_model]:
60
61 # Generate permission name as Django would generate it
62 name = "Can {} {}".format(permission_name, app_model)
63 self.stdout.write(f'Creating "{name}"')
64
65 try:
66 model_add_perm = Permission.objects.get(name=name)
67 except Permission.DoesNotExist:
68 logging.warning("Permission not found with name '{}'.".format(name))
69 continue
70
71 new_group.permissions.add(model_add_perm) No newline at end of file
Show file before | Show file after | Hide comments
@@ -0,0 +1,60
1 import os
2 from django.core.management.base import BaseCommand
3 from django.contrib.auth.models import User, Group
4
5 class Command(BaseCommand):
6 """
7 Create a superuser and user if none exist
8 Example:
9 manage.py create_users
10 """
11
12 help = "Create a superuser and user if none exist"
13
14 def handle(self, *args, **options):
15
16 users = {
17 'Superuser': {
18 'username': os.environ.get('SIRM_SUPER_USER', 'superuser'),
19 'password': os.environ.get('SIRM_SUPER_PASSWORD', 'SuperuseROJ'),
20 'email' : os.environ.get('SIRM_SUPER_EMAIL', 'superuser@igp.gob.pe')},
21 'Developer': {
22 'username': os.environ.get('SIRM_DEV_USER', 'developer'),
23 'password': os.environ.get('SIRM_DEV_PASSWORD', 'DevelopeROJ'),
24 'email' : os.environ.get('SIRM_DEV_EMAIL', 'developer@igp.gob.pe')},
25 'Operator': {
26 'username': os.environ.get('SIRM_USER', 'operator'),
27 'password': os.environ.get('SIRM_PASSWORD', 'OperatoROJ'),
28 'email' : os.environ.get('SIRM_EMAIL', 'operator@igp.gob.pe')}
29 }
30
31 for key, value in users.items():
32 if key == 'Superuser':
33 if User.objects.filter(is_superuser=True):
34 self.stdout.write(f'Local {key} currently exists')
35 else:
36 user, created = User.objects.get_or_create(username=value["username"], first_name=value["username"], email=value["email"], is_superuser = True, is_staff = True)
37 if created:
38 user.set_password(value["password"])
39 user.save()
40 self.stdout.write(f'Local {key} "{value["username"]}" was created')
41 else:
42 self.stdout.write(f'Unable to create this local superuser: "superuser already exists"')
43 else:
44 if User.objects.filter(groups__name=key):
45 if User.objects.filter(groups__name=key, is_superuser=True):
46 self.stdout.write(f"{key} group must not have a superuser, remove superusers and create a new user")
47 else:
48 self.stdout.write(f"Local {key} currently exists")
49 else:
50 user, created = User.objects.get_or_create(username=value["username"], first_name=value["username"], email=value["email"])
51 if created:
52 user.set_password(value["password"])
53 user.save()
54 self.stdout.write(f'Local {key} "{value["username"]}" was created')
55
56 group = Group.objects.get(name=key)
57 group.user_set.add(user)
58 self.stdout.write(f'Local {key} "{value["username"]}" was added to {key} group')
59 else:
60 self.stdout.write(f'Unable to create and join to {key} group this local user: "user already exists"') No newline at end of file
Show file before | Show file after | Hide comments
@@ -34,6 +34,16 EXPOSE_CERTS=/path/to/certs
34 EXPOSE_DHPARAM=/path/to/dhparam
34 EXPOSE_DHPARAM=/path/to/dhparam
35
35
36 #Superuser settings
36 #Superuser settings
37 SIRM_SUPER_USER=*****
38 SIRM_SUPER_PASSWORD=*******
39 SIRM_SUPER_EMAIL=*****@igp.gob.pe
40
41 #Developer user settings
42 SIRM_DEV_USER=*****
43 SIRM_DEV_PASSWORD=*******
44 SIRM_DEV_EMAIL=*****@igp.gob.pe
45
46 #Operator user settings
37 SIRM_USER=*****
47 SIRM_USER=*****
38 SIRM_PASSWORD=*******
48 SIRM_PASSWORD=*******
39 SIRM_EMAIL=*****@igp.gob.pe No newline at end of file
49 SIRM_EMAIL=*****@igp.gob.pe
Show file before | Show file after | Hide comments
@@ -99,6 +99,12 services:
99 - EXPOSE_NAS=${EXPOSE_NAS}
99 - EXPOSE_NAS=${EXPOSE_NAS}
100 - PROC_SITE=${PROC_SITE}
100 - PROC_SITE=${PROC_SITE}
101 - SCHAIN_SITE=${SCHAIN_SITE}
101 - SCHAIN_SITE=${SCHAIN_SITE}
102 - SIRM_SUPER_USER=${SIRM_SUPER_USER}
103 - SIRM_SUPER_PASSWORD=${SIRM_SUPER_PASSWORD}
104 - SIRM_SUPER_EMAIL=${SIRM_SUPER_EMAIL}
105 - SIRM_DEV_USER=${SIRM_DEV_USER}
106 - SIRM_DEV_PASSWORD=${SIRM_DEV_PASSWORD}
107 - SIRM_DEV_EMAIL=${SIRM_DEV_EMAIL}
102 - SIRM_USER=${SIRM_USER}
108 - SIRM_USER=${SIRM_USER}
103 - SIRM_PASSWORD=${SIRM_PASSWORD}
109 - SIRM_PASSWORD=${SIRM_PASSWORD}
104 - SIRM_EMAIL=${SIRM_EMAIL}
110 - SIRM_EMAIL=${SIRM_EMAIL}
@@ -127,11 +133,11 services:
127
133
128 sirm-job:
134 sirm-job:
129 container_name: 'sirm-job'
135 container_name: 'sirm-job'
130 image: mcuadros/ofelia:latest
136 image: mcuadros/ofelia:v0.3.6
131 depends_on:
137 depends_on:
132 - sirm-web
138 - sirm-web
133 networks:
139 networks:
134 - frontend_sirm
140 #- frontend_sirm
135 - backend_sirm
141 - backend_sirm
136 command: daemon --docker
142 command: daemon --docker
137 volumes:
143 volumes:
Show file before | Show file after | Hide comments
@@ -25,8 +25,11 if [ -f .gitkeep ];
25 touch .gitkeep
25 touch .gitkeep
26 fi
26 fi
27
27
28 echo "Create Superuser"
28 echo "Create Groups"
29 python manage.py createsuperuser_if_none_exists
29 python manage.py create_groups
30
31 echo "Create User"
32 python manage.py create_users
30
33
31 echo "Run server"
34 echo "Run server"
32 python manage.py runserver 0.0.0.0:8080 No newline at end of file
35 python manage.py runserver 0.0.0.0:8080
Show file before | Show file after | Hide comments
@@ -12,6 +12,17 from apps.main.views import sidebar
12 from .models import GeneratorConfiguration
12 from .models import GeneratorConfiguration
13 from .forms import GeneratorConfigurationForm, GeneratorImportForm
13 from .forms import GeneratorConfigurationForm, GeneratorImportForm
14
14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
25
15
26
16 def conf(request, conf_id):
27 def conf(request, conf_id):
17
28
@@ -42,6 +53,10 def conf_edit(request, conf_id):
42
53
43 conf = get_object_or_404(GeneratorConfiguration, pk=conf_id)
54 conf = get_object_or_404(GeneratorConfiguration, pk=conf_id)
44
55
56 if not is_developer(request.user):
57 messages.error(request, 'You must be an developer to edit this configuration')
58 return redirect(conf.get_absolute_url())
59
45 if request.method=='GET':
60 if request.method=='GET':
46
61
47 form = GeneratorConfigurationForm(instance=conf)
62 form = GeneratorConfigurationForm(instance=conf)
Show file before | Show file after | Hide comments
@@ -343,7 +343,7 class Experiment(PolymorphicModel):
343 self.reception_rx.stop_device()
343 self.reception_rx.stop_device()
344 time.sleep(0.1)
344 time.sleep(0.1)
345 self.pedestal.reset_device()
345 self.pedestal.reset_device()
346 time.sleep(14)
346 time.sleep(0.1)
347 self.pedestal.stop_device()
347 self.pedestal.stop_device()
348 time.sleep(0.1)
348 time.sleep(0.1)
349 proc_url = 'http://'+os.environ['PROC_SITE']+'/stop'
349 proc_url = 'http://'+os.environ['PROC_SITE']+'/stop'
Show file before | Show file after | Hide comments
@@ -67,15 +67,15 MIX_OPERATIONS = {
67
67
68
68
69 def is_developer(user):
69 def is_developer(user):
70
71 groups = [str(g.name) for g in user.groups.all()]
70 groups = [str(g.name) for g in user.groups.all()]
72 return 'Developer' in groups or user.is_staff
71 #return 'Developer' in groups or user.is_staff
72 return 'Developer' in groups or user.is_superuser
73
73
74
74
75 def is_operator(user):
75 def is_operator(user):
76
77 groups = [str(g.name) for g in user.groups.all()]
76 groups = [str(g.name) for g in user.groups.all()]
78 return 'Operator' in groups or user.is_staff
77 #return 'Operator' in groups or user.is_staff
78 return 'Operator' in groups or user.is_superuser
79
79
80
80
81 def has_been_modified(model):
81 def has_been_modified(model):
@@ -136,6 +136,10 def device(request, id_dev):
136 @login_required
136 @login_required
137 def device_new(request):
137 def device_new(request):
138
138
139 if not is_developer(request.user):
140 messages.error(request, 'You must be an developer to create a new experiment')
141 return redirect('url_devices')
142
139 if request.method == 'GET':
143 if request.method == 'GET':
140 form = DeviceForm()
144 form = DeviceForm()
141
145
@@ -161,6 +165,10 def device_edit(request, id_dev):
161
165
162 device = get_object_or_404(Device, pk=id_dev)
166 device = get_object_or_404(Device, pk=id_dev)
163
167
168 if not is_developer(request.user):
169 messages.error(request, 'You must be an developer to edit this object')
170 return redirect(device.get_absolute_url())
171
164 if request.method == 'GET':
172 if request.method == 'GET':
165 form = DeviceForm(instance=device)
173 form = DeviceForm(instance=device)
166
174
@@ -320,9 +328,9 def experiment(request, id_exp):
320 def experiment_new(request, id_camp=None):
328 def experiment_new(request, id_camp=None):
321
329
322 if not is_developer(request.user):
330 if not is_developer(request.user):
323 messages.error(
331 messages.error(request, 'You must be an developer to create a new experiment')
324 request, 'Developer required, to create new Experiments')
332 return redirect('url_experiments')
325 return redirect('index')
333
326 kwargs = {}
334 kwargs = {}
327
335
328 if request.method == 'GET':
336 if request.method == 'GET':
@@ -348,8 +356,12 def experiment_new(request, id_camp=None):
348
356
349 @login_required
357 @login_required
350 def experiment_edit(request, id_exp):
358 def experiment_edit(request, id_exp):
351
352 experiment = get_object_or_404(Experiment, pk=id_exp)
359 experiment = get_object_or_404(Experiment, pk=id_exp)
360
361 if not is_developer(request.user):
362 messages.error(request, 'You must be an developer to edit this experiment')
363 return redirect(experiment.get_absolute_url())
364
353 id_p = experiment.pedestal_id
365 id_p = experiment.pedestal_id
354 id_rx = experiment.reception_rx_id
366 id_rx = experiment.reception_rx_id
355 id_tx = experiment.transmission_tx_id
367 id_tx = experiment.transmission_tx_id
@@ -407,7 +419,7 def experiment_delete(request, id_exp):
407 experiment.delete()
419 experiment.delete()
408 return redirect('url_experiments')
420 return redirect('url_experiments')
409
421
410 messages.error(request, 'Not enough permission to delete this object')
422 messages.error(request, 'Not enough permission to delete this experiment')
411 return redirect(experiment.get_absolute_url())
423 return redirect(experiment.get_absolute_url())
412
424
413 kwargs = {
425 kwargs = {
@@ -472,6 +484,10 def experiment_import(request, id_exp):
472 def experiment_start(request, id_exp):
484 def experiment_start(request, id_exp):
473 exp = get_object_or_404(Experiment, pk=id_exp)
485 exp = get_object_or_404(Experiment, pk=id_exp)
474
486
487 if not is_developer(request.user) and not is_operator(request.user):
488 messages.error(request, 'You must be an developer or operator to start this experiment')
489 return redirect(exp.get_absolute_url())
490
475 if exp.status == 2:
491 if exp.status == 2:
476 messages.warning(request, 'Experiment {} already runnnig'.format(exp.name))
492 messages.warning(request, 'Experiment {} already runnnig'.format(exp.name))
477 else:
493 else:
@@ -493,6 +509,10 def experiment_stop(request, id_exp):
493 all_status = Experiment.objects.filter(status=2)
509 all_status = Experiment.objects.filter(status=2)
494 exp = get_object_or_404(Experiment, pk=id_exp)
510 exp = get_object_or_404(Experiment, pk=id_exp)
495
511
512 if not is_developer(request.user) and not is_operator(request.user):
513 messages.error(request, 'You must be an developer or operator to stop this experiment')
514 return redirect(exp.get_absolute_url())
515
496 if exp.status == 2 or exp.status == 4 or exp.status == 5:
516 if exp.status == 2 or exp.status == 4 or exp.status == 5:
497 for one_exp in all_status:
517 for one_exp in all_status:
498 if one_exp != exp:
518 if one_exp != exp:
@@ -850,7 +870,7 def dev_conf_new(request, id_exp=0, id_dev=0):
850 if not is_developer(request.user):
870 if not is_developer(request.user):
851 messages.error(
871 messages.error(
852 request, 'Developer required, to create new configurations')
872 request, 'Developer required, to create new configurations')
853 return redirect('index')
873 return redirect('url_dev_confs')
854
874
855 initial = {}
875 initial = {}
856 kwargs = {}
876 kwargs = {}
@@ -939,6 +959,10 def dev_conf_start(request, id_conf):
939
959
940 conf = get_object_or_404(Configuration, pk=id_conf)
960 conf = get_object_or_404(Configuration, pk=id_conf)
941
961
962 if not is_developer(request.user) and not is_operator(request.user):
963 messages.error(request, 'You must be an developer or operator to start this configuration')
964 return redirect(conf.get_absolute_url())
965
942 if conf.start_device():
966 if conf.start_device():
943 messages.success(request, conf.message)
967 messages.success(request, conf.message)
944 else:
968 else:
@@ -954,6 +978,10 def dev_conf_stop(request, id_conf):
954
978
955 conf = get_object_or_404(Configuration, pk=id_conf)
979 conf = get_object_or_404(Configuration, pk=id_conf)
956
980
981 if not is_developer(request.user) and not is_operator(request.user):
982 messages.error(request, 'You must be an developer or operator to stop this configuration')
983 return redirect(conf.get_absolute_url())
984
957 if conf.stop_device():
985 if conf.stop_device():
958 messages.success(request, conf.message)
986 messages.success(request, conf.message)
959 else:
987 else:
Show file before | Show file after | Hide comments
@@ -12,6 +12,17 from apps.main.views import sidebar
12 from .models import PedestalConfiguration
12 from .models import PedestalConfiguration
13 from .forms import PedestalConfigurationForm, PedestalImportForm
13 from .forms import PedestalConfigurationForm, PedestalImportForm
14
14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
25
15
26
16 def conf(request, conf_id):
27 def conf(request, conf_id):
17
28
@@ -45,6 +56,9 def conf_edit(request, conf_id):
45
56
46 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
57 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
47
58
59 if not is_developer(request.user):
60 messages.error(request, 'You must be an developer to edit this configuration')
61 return redirect(conf.get_absolute_url())
48
62
49 if request.method=='GET':
63 if request.method=='GET':
50
64
@@ -119,6 +133,10 def conf_reset(request, conf_id):
119
133
120 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
134 conf = get_object_or_404(PedestalConfiguration, pk=conf_id)
121
135
136 if not is_developer(request.user) and not is_operator(request.user):
137 messages.error(request, 'You must be an developer or operator to reset this pedestal')
138 return redirect(conf.get_absolute_url())
139
122 if conf.reset_device():
140 if conf.reset_device():
123 messages.success(request, conf.message)
141 messages.success(request, conf.message)
124 else:
142 else:
Show file before | Show file after | Hide comments
@@ -12,6 +12,16 from apps.main.views import sidebar
12 from .models import USRPRXConfiguration
12 from .models import USRPRXConfiguration
13 from .forms import USRPRXConfigurationForm, USRPRXImportForm
13 from .forms import USRPRXConfigurationForm, USRPRXImportForm
14
14
15 def is_developer(user):
16 groups = [str(g.name) for g in user.groups.all()]
17 #return 'Developer' in groups or user.is_staff
18 return 'Developer' in groups or user.is_superuser
19
20
21 def is_operator(user):
22 groups = [str(g.name) for g in user.groups.all()]
23 #return 'Operator' in groups or user.is_staff
24 return 'Operator' in groups or user.is_superuser
15
25
16 def conf(request, conf_id):
26 def conf(request, conf_id):
17
27
@@ -38,12 +48,14 def conf_edit(request, conf_id):
38
48
39 conf = get_object_or_404(USRPRXConfiguration, pk=conf_id)
49 conf = get_object_or_404(USRPRXConfiguration, pk=conf_id)
40
50
41 if request.method=='GET':
51 if not is_developer(request.user):
52 messages.error(request, 'You must be an developer to edit this configuration')
53 return redirect(conf.get_absolute_url())
42
54
55 if request.method=='GET':
43 form = USRPRXConfigurationForm(instance=conf)
56 form = USRPRXConfigurationForm(instance=conf)
44
57
45 elif request.method=='POST':
58 elif request.method=='POST':
46
47 line_data = {}
59 line_data = {}
48 conf_data = {}
60 conf_data = {}
49 clock_data = {}
61 clock_data = {}
Show file before | Show file after | Hide comments
@@ -13,6 +13,17 from .models import USRPTXConfiguration, TXCode
13 from .forms import USRPTXConfigurationForm, USRPTXImportForm
13 from .forms import USRPTXConfigurationForm, USRPTXImportForm
14 from .validations import validation_usrp_tx_code
14 from .validations import validation_usrp_tx_code
15
15
16 def is_developer(user):
17 groups = [str(g.name) for g in user.groups.all()]
18 #return 'Developer' in groups or user.is_staff
19 return 'Developer' in groups or user.is_superuser
20
21
22 def is_operator(user):
23 groups = [str(g.name) for g in user.groups.all()]
24 #return 'Operator' in groups or user.is_staff
25 return 'Operator' in groups or user.is_superuser
26
16
27
17 def conf(request, conf_id):
28 def conf(request, conf_id):
18
29
@@ -44,6 +55,10 def conf_edit(request, conf_id):
44
55
45 conf = get_object_or_404(USRPTXConfiguration, pk=conf_id)
56 conf = get_object_or_404(USRPTXConfiguration, pk=conf_id)
46
57
58 if not is_developer(request.user):
59 messages.error(request, 'You must be an developer to edit this configuration')
60 return redirect(conf.get_absolute_url())
61
47 if request.method=='GET':
62 if request.method=='GET':
48
63
49 form = USRPTXConfigurationForm(instance=conf)
64 form = USRPTXConfigurationForm(instance=conf)
Show file before | Show file after | Hide comments
1 NO CONTENT: file was removed
NO CONTENT: file was removed
General Comments 0
You need to be logged in to leave comments. Login now