From 5c954394bb31d5e0d48bbc9d4af6c7f48b334e80 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Tue, 15 Nov 2011 22:24:04 +0000
Subject: [PATCH 1/6] Allow for limiting broadcasts to a subset of servers

---
 app/sso/services/jabber/__init__.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/sso/services/jabber/__init__.py b/app/sso/services/jabber/__init__.py
index 9bcc57d..f957b1a 100644
--- a/app/sso/services/jabber/__init__.py
+++ b/app/sso/services/jabber/__init__.py
@@ -15,7 +15,8 @@ class JabberService(BaseService):
                  'jabber_xmlrpc_url': 'http://127.0.0.1:4560',
                  'jabber_announce_from': 'announcebot@pleaseignore.com',
                  'jabber_announce_password': 'pepperllama',
-                 'jabber_announce_endpoint': 'http://127.0.0.1:5281/message'}
+                 'jabber_announce_endpoint': 'http://127.0.0.1:5281/message',
+                 'jabber_announce_servers': ['pleaseignore.com'] }
 
     def exec_xmlrpc(self, func, **kwargs):
         """ Send a XMLRPC request """
@@ -164,7 +165,7 @@ class JabberService(BaseService):
     def announce(self, server, message, subject=None, users=[], groups=[]):
 
         if 'all' in groups:
-            dest = ['%s/announce/all-hosts/online' % server]
+            dest = ['%s/announce/online' % server for server in self.settings['jabber_announce_servers']]
         else:
             dest = []
 

From 23421d561b24166cc51ff2f8d189a17f999088aa Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Tue, 15 Nov 2011 23:15:55 +0000
Subject: [PATCH 2/6] More flexable broadcasting, broken by server/group/user
 on the api level

---
 app/api/handlers/v1.py              |  6 ++++--
 app/sso/services/jabber/__init__.py | 27 ++++++++++++++-------------
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/app/api/handlers/v1.py b/app/api/handlers/v1.py
index f401719..0676058 100644
--- a/app/api/handlers/v1.py
+++ b/app/api/handlers/v1.py
@@ -264,7 +264,9 @@ class AnnounceHandler(BaseHandler):
     def read(self, request):
 
         sid = request.GET.get('sid', None)
-        to = request.GET.getlist('to')
+        users = request.GET.getlist('users')
+        groups = request.GET.getlist('groups')
+        servers = request.GET.getlist('servers')
         message = request.GET.get('message', None)
         subject = request.GET.get('subject', None)
 
@@ -275,6 +277,6 @@ class AnnounceHandler(BaseHandler):
                 return {'result': 'invalid'}
 
             api = srv.api_class
-            return {'result': api.announce(api.settings['jabber_server'], message, subject, groups=to)}
+            return {'result': api.announce(api.settings['jabber_server'], message, subject, users=users, groups=groups, servers=servers) }
 
         return {'result': 'invalid'}
diff --git a/app/sso/services/jabber/__init__.py b/app/sso/services/jabber/__init__.py
index f957b1a..be473a8 100644
--- a/app/sso/services/jabber/__init__.py
+++ b/app/sso/services/jabber/__init__.py
@@ -162,23 +162,24 @@ class JabberService(BaseService):
 
         return resp.read().strip()[:2] == 'OK'
 
-    def announce(self, server, message, subject=None, users=[], groups=[]):
+    def announce(self, server, message, subject=None, users=[], groups=[], servers=[]):
 
-        if 'all' in groups:
-            dest = ['%s/announce/online' % server for server in self.settings['jabber_announce_servers']]
-        else:
-            dest = []
+        dest = []
+        if len(severs):
+            if 'all' in servers:
+                dest = ['%s/announce/all-hosts/online' % self.settings['jabber_server']]
+            else:
+                dest = ['%s/announce/online' % server for server in servers]
 
-            if len(users):
-                for u in set(users):
-                    dest.append(u)
+        if len(users):
+            for u in set(users):
+                dest.append(u)
 
-            elif len(groups):
-                for g in groups:
-                    dest.extend([x for x in self.get_group_members(server, g)])
-
-            dest = set(dest)
+        if len(groups):
+            for g in groups:
+                dest.extend([x for x in self.get_group_members(server, g)])
 
+        dest = set(dest)
         if len(dest):
             return self.send_message(dest, message, subject)
         return False

From a2acc600a21aee98ba4baf5b02dc36fe5091060d Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Thu, 24 Nov 2011 20:59:27 +0000
Subject: [PATCH 3/6] Added EDK extract API endpoint

---
 app/api/handlers/v1.py | 13 +++++++++++++
 app/api/urls.py        |  2 ++
 2 files changed, 15 insertions(+)

diff --git a/app/api/handlers/v1.py b/app/api/handlers/v1.py
index 0676058..0a3bfd2 100644
--- a/app/api/handlers/v1.py
+++ b/app/api/handlers/v1.py
@@ -280,3 +280,16 @@ class AnnounceHandler(BaseHandler):
             return {'result': api.announce(api.settings['jabber_server'], message, subject, users=users, groups=groups, servers=servers) }
 
         return {'result': 'invalid'}
+
+
+class EDKApiHandler(BaseHandler):
+    allowed_methods = ('GET',)
+
+    def read(self, request):
+
+        alliance = request.GET.get('alliance', None)
+        if not alliance:
+            return {'auth': 'missing', 'missing': 'alliance'}
+
+        objs = EVEAccount.objects.filter(characters__corporation__alliance=alliance, api_keytype=API_KEYTYPE_CORPORATION, api_status=API_STATUS_OK).extra(where=['(api_accessmask & 256) > 0'])
+        return objs.values('api_user_id', 'api_key', 'characters__id', 'characters__name', 'characters__corporation__name')
diff --git a/app/api/urls.py b/app/api/urls.py
index 3c41903..9e7bf24 100755
--- a/app/api/urls.py
+++ b/app/api/urls.py
@@ -18,6 +18,7 @@ optimer_resource = Resource(handler=OpTimerHandler, **apikeyauth)
 blacklist_resource = Resource(handler=BlacklistHandler, **apikeyauth)
 characters_resource = Resource(handler=CharacterHandler, **apikeyauth)
 announce_resource = Resource(handler=AnnounceHandler, **apikeyauth)
+edkapi_resource = Resource(handler=EDKApiHandler, **apikeyauth)
 
 urlpatterns = patterns('',
     url(r'^1.0/user/$', user_resource),
@@ -28,6 +29,7 @@ urlpatterns = patterns('',
     url(r'^1.0/optimer/$', optimer_resource),
     url(r'^1.0/blacklist/$', blacklist_resource),
     url(r'^1.0/announce/$', announce_resource),
+    url(r'^1.0/edkapi/$', edkapi_resource),
 )
 
 # v2 APIs

From e34c8ca05d29ba4bba531fe3671ee2533fcb2e46 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Thu, 24 Nov 2011 21:09:02 +0000
Subject: [PATCH 4/6] Dont check for "to"

---
 app/api/handlers/v1.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/api/handlers/v1.py b/app/api/handlers/v1.py
index 0a3bfd2..d70bb81 100644
--- a/app/api/handlers/v1.py
+++ b/app/api/handlers/v1.py
@@ -270,7 +270,7 @@ class AnnounceHandler(BaseHandler):
         message = request.GET.get('message', None)
         subject = request.GET.get('subject', None)
 
-        if sid and to and message:
+        if sid and message:
             srv = get_object_or_404(Service, pk=sid)
 
             if not srv.api == 'sso.services.jabber':

From 7b34027b54f7a935ce17c7b9f9528c37d0baecb3 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Thu, 24 Nov 2011 21:11:10 +0000
Subject: [PATCH 5/6] Variable typo

---
 app/sso/services/jabber/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/sso/services/jabber/__init__.py b/app/sso/services/jabber/__init__.py
index be473a8..49c4fe1 100644
--- a/app/sso/services/jabber/__init__.py
+++ b/app/sso/services/jabber/__init__.py
@@ -165,7 +165,7 @@ class JabberService(BaseService):
     def announce(self, server, message, subject=None, users=[], groups=[], servers=[]):
 
         dest = []
-        if len(severs):
+        if len(servers):
             if 'all' in servers:
                 dest = ['%s/announce/all-hosts/online' % self.settings['jabber_server']]
             else:

From 362c4c31cd0bffb23ecba34135b552c7d0878a25 Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Sun, 27 Nov 2011 22:26:20 +0000
Subject: [PATCH 6/6] Added basic interface to add to the blacklist from inside
 auth

---
 app/hr/templates/hr/blacklist_add.html  | 17 ++++++
 app/hr/templates/hr/blacklist_list.html | 43 +++++++++++++++
 app/hr/templates/hr/index.html          |  9 ++++
 app/hr/urls.py                          |  4 +-
 app/hr/views.py                         | 69 ++++++++++++++++++++++++-
 5 files changed, 140 insertions(+), 2 deletions(-)
 create mode 100644 app/hr/templates/hr/blacklist_add.html
 create mode 100644 app/hr/templates/hr/blacklist_list.html

diff --git a/app/hr/templates/hr/blacklist_add.html b/app/hr/templates/hr/blacklist_add.html
new file mode 100644
index 0000000..a96ae2c
--- /dev/null
+++ b/app/hr/templates/hr/blacklist_add.html
@@ -0,0 +1,17 @@
+{% extends "base.html" %}
+{% block title %}Add Blacklist Entry{% endblock %}
+
+{% block content %}
+<h1>Add Blacklist Entry</h1>
+
+<form action="{% url hr-blacklist-add %}" method="post">
+<table>
+{{ form.as_table }}
+</table>
+{% csrf_token %}
+
+<input type="submit" value="Blacklist" />
+</form>
+{% endblock %}
+
+
diff --git a/app/hr/templates/hr/blacklist_list.html b/app/hr/templates/hr/blacklist_list.html
new file mode 100644
index 0000000..cd309a3
--- /dev/null
+++ b/app/hr/templates/hr/blacklist_list.html
@@ -0,0 +1,43 @@
+{% extends "base.html" %}
+{% load naturaltimediff %}
+{% block title %}Blacklist{% endblock %}
+
+{% block content %}
+<h1>Blacklist</h1>
+
+{% if object_list %}
+<form method="get" action="{% url hr-blacklist-list %}">
+<label for="query">Search:</label>
+<input type="text" name="q" id="query" value="{% if query %}{{ query }}{% endif %}"/>
+</form>
+<table>
+<thead>
+  <th>ID</th><th>Type</th><th>Value</th><th>Level</th><th>Reason</th><th>Expiry</th>
+</thead>
+<tbody>
+  {% for obj in object_list %}
+  <tr><td>{{ obj.id }}</td><td>{{ obj.get_type_display }}</td><td>{{ obj.value }}</td><td>{{ obj.get_level_display }}</td><td>{{ obj.reason }}</td><td>{{ obj.expiry_date }}</td></tr>
+  {% endfor %}
+</tbody>
+</table>
+
+{% if is_paginated %}
+<div class="pagination">
+  <ul>
+    <li class="prev{% if not page_obj.has_previous %} disabled{% endif %}"><a href="{% if page_obj.has_previous %}?page={{ page_obj.previous_page_number }}{% endif %}">Previous</a></li>
+    {% for i in paginator.page_range %}
+    <li{% if i == page.number %} class="active"{% endif %}><a href="?page={{ i }}">{{ i }}</a></li>
+    {% endfor %}
+    <li class="next{% if not page_obj.has_next %} disabled{% endif %}"><a href="{% if page_obj.has_next %}?page={{page_obj.next_page_number }}{% endif %}">Next</a>
+  </ul>
+</div>
+{% endif %}
+{% else %}
+<p>No blacklist entries {% if query %}containing "{{ query }}" {% endif %}were found.</p>
+{% endif %}
+
+{% if perms.hr.add_blacklist %}
+<p><a href="{% url hr-blacklist-add %}">Add a blacklist entry</a></p>
+{% endif %}
+{% endblock %}
+
diff --git a/app/hr/templates/hr/index.html b/app/hr/templates/hr/index.html
index 4a11b4b..385cfaf 100644
--- a/app/hr/templates/hr/index.html
+++ b/app/hr/templates/hr/index.html
@@ -24,4 +24,13 @@
 </p>
 {% endif %}
 
+{% if perms.add_blacklist %}
+<h3>Blacklist Management</h3>
+<p>
+  <ul>
+    <li><a href="{% url hr-blacklist-list %}">View/Search Blacklist</a></li>
+    <li><a href="{% url hr-blacklist-add %}">Add Blacklist Entry</a></li>
+</p>
+{% endif %}
+
 {% endblock %}
diff --git a/app/hr/urls.py b/app/hr/urls.py
index 2d3ffda..06f9cbd 100644
--- a/app/hr/urls.py
+++ b/app/hr/urls.py
@@ -19,5 +19,7 @@ urlpatterns = patterns('',
     url(r'^recommendation/$', login_required(views.HrViewRecommendations.as_view()), name='hr-viewrecommendations'),
     url(r'^recommendation/add/$', login_required(views.HrAddRecommendation.as_view()), name='hr-addrecommendation'),
 
-    url(r'^blacklist/user/(?P<userid>\d+)/$', login_required(views.HrBlacklistUser.as_view()), name='hr-blacklistuser'),
+    url(r'^blacklist/$', login_required(views.HrBlacklistList.as_view()), name='hr-blacklist-list'),
+    url(r'^blacklist/add/$', login_required(views.HrAddBlacklist.as_view()), name='hr-blacklist-add'),
+    url(r'^blacklist/add/user/(?P<userid>\d+)/$', login_required(views.HrBlacklistUser.as_view()), name='hr-blacklistuser'),
 )
diff --git a/app/hr/views.py b/app/hr/views.py
index 3f69e51..5bce4e5 100644
--- a/app/hr/views.py
+++ b/app/hr/views.py
@@ -1,11 +1,15 @@
 from datetime import datetime, timedelta
 
-from django.http import HttpResponseRedirect, HttpResponse, Http404
+from django.conf import settings
+from django.db.models import Q
+from django.http import HttpResponseRedirect, HttpResponse, HttpResponseNotFound, HttpResponseForbidden, Http404
 from django.shortcuts import get_object_or_404
 from django.core.urlresolvers import reverse
 from django.contrib import messages
 from django.contrib.auth.models import User
 from django.contrib.auth.decorators import login_required
+from django.forms import ModelForm
+from django.forms.extras.widgets import SelectDateWidget
 from django.views.generic import TemplateView, DetailView, FormView, CreateView, ListView
 from django.views.generic.detail import BaseDetailView
 from django.conf import settings
@@ -375,3 +379,66 @@ class HrBlacklistUser(FormView):
         update_user_access.delay(user=self.blacklist_user.id)
 
         return HttpResponseRedirect(reverse('sso.views.user_view', args=[self.blacklist_user.username]))
+
+
+class HrBlacklistList(ListView):
+
+    model = Blacklist
+    allow_empty = True
+
+    def get_queryset(self):
+
+        obj_list = self.model.objects.all()
+
+        self.query = self.request.GET.get('q', None)
+        self.order = self.request.GET.get('o', 'id')
+
+        # Filter by the query string
+        if self.query:
+            obj_list = obj_list.filter(Q(value__icontains=self.query) | Q(reason__icontains=self.query))
+
+        # If a invalid order as been passed, correct it
+        if not self.order in ['id', 'type', 'value', 'reason', 'expiry_date']:
+            self.order = 'id'
+        return obj_list.order_by(self.order)
+
+    def get_context_data(self, **kwargs):
+        context = super(HrBlacklistList, self).get_context_data(**kwargs)
+        context['query'] = self.query
+        context['order'] = self.order
+
+        return context
+
+
+
+class HrAddBlacklist(CreateView):
+
+    model = Blacklist
+    template_name = 'hr/blacklist_add.html'
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.has_perm('hr.add_blacklist'):
+            return HttpResponseForbidden()
+        return super(HrAddBlacklist, self).dispatch(request, *args, **kwargs)
+
+    def get_form_class(self):
+
+        class AddBlacklistForm(ModelForm):
+            class Meta:
+                model = Blacklist
+                exclude = ('source', 'created_by')
+                widgets = {'expiry_date': SelectDateWidget()}
+
+        return AddBlacklistForm
+
+    def form_valid(self, form):
+
+        obj = form.save(commit=False)
+        obj.user = self.request.user
+        obj.source, created = BlacklistSource.objects.get_or_create(id=getattr(settings, 'BLACKLIST_DEFAULT_SOURCE', 1))
+        obj.save()
+        return HttpResponseRedirect(self.get_success_url())
+
+    def get_success_url(self):
+        return reverse('hr-blacklist-list')
+