Now authenicates access to services based on groups, not simple tags

eve_api/models/api_player.py

@@ -2,7 +2,7 @@
 This module holds data from the EVE XML API.
 """
 from django.db import models
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Group
 from eve_proxy.models import CachedDocument
 from eve_api.managers import EVEPlayerCorporationManager, EVEPlayerAllianceManager, EVEPlayerCharacterManager
 from eve_api.app_defines import API_STATUS_CHOICES, API_STATUS_PENDING
@@ -137,7 +137,9 @@ class EVEPlayerCorporation(EVEAPIModel):
     logo_color1 = models.IntegerField(blank=True, null=True)
     logo_color2 = models.IntegerField(blank=True, null=True)
     logo_color3 = models.IntegerField(blank=True, null=True)
-    
+
+    group = models.ForeignKey(Group, blank=True, null=True)
+
     objects = EVEPlayerCorporationManager()
     
     class Meta:

settings.py

@@ -88,7 +88,7 @@ INSTALLED_APPS = (
     'registration',
     'eve_proxy',
     'eve_api',
-    'mumble',
+#    'mumble',
     'sso',
 )
 
@@ -98,7 +98,7 @@ LOGIN_REDIRECT_URL = "/profile"
 
 ### EVE Corp Info
 
-EVE_CORP_ID = 1018389948
+ALLOWED_CORPS = [1018389948]
 
 ### Jabber Service Settings
 

sso/forms.py

@@ -26,8 +26,18 @@ class ServiceUsernameField(forms.CharField):
         else:
             raise forms.ValidationError("That username is already taken")
 
-class ServiceAccountForm(forms.Form):
+def UserServiceAccountForm(user):
-    service = forms.ModelChoiceField(queryset=Service.objects.filter(active=1), empty_label="Select A Service... ")
+    """ Generate a Service Account form based on the user's permissions """
-    username = ServiceUsernameField(min_length=4,max_length=50)
-    password = forms.CharField(label = u'Password',widget = forms.PasswordInput(render_value=False)) 
 
+    services = Service.objects.filter(groups__in=user.groups.all())
+    choices = []
+
+    for service in services.all():
+        choices.append( ( service.name, service ) )
+
+    class ServiceAccountForm(forms.Form):
+        service = forms.ChoiceField(choices=choices)
+        username = ServiceUsernameField(min_length=4,max_length=50)
+        password = forms.CharField(label = u'Password',widget = forms.PasswordInput(render_value=False)) 
+
+    return ServiceAccountForm

sso/models.py

@@ -1,6 +1,7 @@
 from django.db import models
 from django.db.models import signals
-from django.contrib.auth.models import User, UserManager
+from django.contrib.auth.models import User, UserManager, Group
+from eve_api.models import EVEAccount
 
 from services import get_api
 
@@ -27,6 +28,15 @@ class SSOUser(models.Model):
 
     corp_user = models.BooleanField()
 
+    def update_access(self):
+        """ Steps through each Eve API registered to the user and updates their group 
+            access accordingly """
+        for eacc in EVEAccount.objects.filter(user=self.user):
+            for char in eacc.characters.all():
+                if char.corporation.group:
+                    self.user.groups.add(char.corporation.group)
+                
+
     def __str__(self):
         return self.user.__str__()
 
@@ -43,6 +53,7 @@ class Service(models.Model):
     url = models.CharField(max_length=200, blank=True)
     active = models.BooleanField(default=True)
     api = models.CharField(max_length=200)
+    groups = models.ForeignKey(Group)
 
     def __str__(self):
         #return "%s: %s" % (self.name, self.api)

sso/services/__init__.py

@@ -17,8 +17,6 @@ class BaseService():
 
     """
 
-    corp_only = False
-
     def add_user(self, username, password):
         """ Add a user """
         pass

sso/services/jabber/__init__.py

@@ -3,9 +3,7 @@ from sso.services.jabber.ejabberdctl import eJabberdCtl
 import settings
 
 class JabberService(BaseService):
-
+  
-    corp_only = True
-    
     def __init__(self):
         self.ejctl = eJabberdCtl(sudo=settings.JABBER_SUDO)
 

sso/views.py

@@ -9,7 +9,7 @@ from eve_api.api_puller.accounts import import_eve_account
 from eve_api.models.api_player import EVEAccount
 
 from sso.models import ServiceAccount, SSOUser
-from sso.forms import EveAPIForm, ServiceAccountForm
+from sso.forms import EveAPIForm, UserServiceAccountForm
 
 import settings
 
@@ -52,12 +52,7 @@ def eveapi_add(request):
             acc.description = form.cleaned_data['description']
             acc.save()
 
-            for eacc in EVEAccount.objects.filter(user=request.user):
+            request.user.get_profile().update_access()
-                if acc.api_status == 1 and acc.in_corp(settings.EVE_CORP_ID):
-                    profile = request.user.get_profile()
-                    profile.corp_user = True
-                    profile.save()
-                    break
 
             return HttpResponseRedirect(reverse('sso.views.profile')) # Redirect after POST
     else:
@@ -84,8 +79,10 @@ def eveapi_del(request, userid=0):
 
 @login_required
 def service_add(request):
+    clsform = UserServiceAccountForm(request.user)
+
     if request.method == 'POST': 
-        form = ServiceAccountForm(request.POST) 
+        form = clsform(request.POST) 
         if form.is_valid():
   
             acc = ServiceAccount()
@@ -98,7 +95,7 @@ def service_add(request):
             acc.save()
             return HttpResponseRedirect(reverse('sso.views.profile')) # Redirect after POST
     else:
-        form = ServiceAccountForm() # An unbound form
+        form = clsform() # An unbound form
 
     return render_to_response('sso/serviceaccount.html', {
         'form': form,

templates/profile.html

@@ -8,7 +8,6 @@
 
 <ul>
 <li><b>Username:</b> {{ user.username }}</li>
-<li><b>Corp Access?</b> {{ profile.corp_user }}</li>
 </ul>
 
 <h2>Service Accounts</h2>
@@ -31,11 +30,9 @@
 </table>
 {% endif %}
 
-{% if profile.corp_user %}
 <p>
 <a href="/profile/add/service">Add Service</a>
 </p>
-{% endif %}
 
 <br/>