nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 14:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create a update_user_access task to manage user permissions after updates

Browse Source
This commit is contained in:
Andrew Williams
2010-11-08 12:46:15 +00:00
parent 5e400fb372
commit bc375df305
4 changed files with 66 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
eve_api/tasks.py
View File

@@ -1,6 +1,7 @@
from celery.decorators import task from celery.decorators import task
from eve_api.api_puller.accounts import import_eve_account from eve_api.api_puller.accounts import import_eve_account
from eve_api.app_defines import * from eve_api.app_defines import *
from sso.tasks import update_user_access
@task() @task()
def import_apikey(api_userid, api_key, user=None, force_cache=False): def import_apikey(api_userid, api_key, user=None, force_cache=False):
@@ -27,6 +28,6 @@ def import_apikey(api_userid, api_key, user=None, force_cache=False):
acc.save() acc.save()
if acc.user: if acc.user:
acc.user.get_profile().update_access() update_user_access.delay(user=acc.user)
return acc return acc

71
sso/models.py
View File

@@ -8,6 +8,7 @@ from django.db.models import signals
from django.contrib.auth.models import User, UserManager, Group from django.contrib.auth.models import User, UserManager, Group
from django.utils import simplejson as json from django.utils import simplejson as json
from sso.tasks import update_user_access
from jsonfield.fields import JSONField from jsonfield.fields import JSONField
from eve_api.models import EVEAccount, EVEPlayerCorporation, EVEPlayerAlliance, EVEPlayerCharacter from eve_api.models import EVEAccount, EVEPlayerCorporation, EVEPlayerAlliance, EVEPlayerCharacter
from reddit.models import RedditAccount from reddit.models import RedditAccount
@@ -34,70 +35,6 @@ class SSOUser(models.Model):
api_service_password = models.CharField("API Services Password", max_length=200, blank=True) api_service_password = models.CharField("API Services Password", max_length=200, blank=True)
@property
def _log(self):
if not hasattr(self, '__log'):
self.__log = logging.getLogger(self.__class__.__name__)
return self.__log
def update_access(self):
""" Steps through each Eve API registered to the user and updates their group
access accordingly """
self._log.debug("Update - User %s" % self.user)
# Create a list of all Corp and Alliance groups
corpgroups = []
for corp in EVEPlayerCorporation.objects.filter(group__isnull=False):
if corp.group:
corpgroups.append(corp.group)
for alliance in EVEPlayerAlliance.objects.filter(group__isnull=False):
if alliance.group:
corpgroups.append(alliance.group)
# Create a list of Char groups
chargroups = []
for eacc in EVEAccount.objects.filter(user=self.user):
if eacc.api_status in [1,3]:
for char in eacc.characters.all():
if char.corporation.group:
chargroups.append(char.corporation.group)
if char.corporation.alliance:
if char.corporation.alliance.group:
chargroups.append(char.corporation.alliance.group)
# Generate the list of groups to add/remove
delgroups = set(set(self.user.groups.all()) & set(corpgroups)) - set(chargroups)
addgroups = set(chargroups) - set(set(self.user.groups.all()) & set(corpgroups))
for g in delgroups:
self.user.groups.remove(g)
for g in addgroups:
self.user.groups.add(g)
# For users set to not active, delete all accounts
if not self.user.is_active:
self._log.debug("Inactive - User %s" % (self.user))
for servacc in ServiceAccount.objects.filter(user=self.user):
servacc.active = 0
servacc.save()
pass
# For each of the user's services, check they're in a valid group for it and enable/disable as needed.
for servacc in ServiceAccount.objects.filter(user=self.user):
if not (set(self.user.groups.all()) & set(servacc.service.groups.all())):
if servacc.active:
servacc.active = 0
servacc.save()
self._log.debug("Disabled - User %s, Acc %s" % (self.user, servacc.service))
pass
else:
if not servacc.active:
servacc.active = 1
servacc.save()
self._log.debug("Enabled - User %s, Acc %s" % (self.user, servacc.service))
pass
def __str__(self): def __str__(self):
return self.user.__str__() return self.user.__str__()
@@ -112,8 +49,14 @@ class SSOUser(models.Model):
for acc in instance.serviceaccount_set.all(): for acc in instance.serviceaccount_set.all():
acc.service.api_class.update_groups(acc.service_uid, instance.groups.all()) acc.service.api_class.update_groups(acc.service_uid, instance.groups.all())
@staticmethod
def eveapi_deleted(sender, instance, **kwargs):
if instance.user:
update_user_access.delay(user=instance.user)
signals.post_save.connect(SSOUser.create_user_profile, sender=User) signals.post_save.connect(SSOUser.create_user_profile, sender=User)
signals.m2m_changed.connect(SSOUser.update_service_groups, sender=User.groups.through) signals.m2m_changed.connect(SSOUser.update_service_groups, sender=User.groups.through)
signals.post_delete.connect(SSOUser.eveapi_deleted, sender=EVEAccount)
class SSOUserNote(models.Model): class SSOUserNote(models.Model):
""" Notes bound to a user's account. Used to store information regarding the user """ """ Notes bound to a user's account. Used to store information regarding the user """

57
sso/tasks.py Normal file
View File

@@ -0,0 +1,57 @@
from celery.decorators import task
from eve_api.models import *
@task()
def update_user_access(user):
""" Process all corporate and alliance entries and correct access groups """
# Create a list of all Corp and Alliance groups
corpgroups = []
for corp in EVEPlayerCorporation.objects.filter(group__isnull=False):
if corp.group:
corpgroups.append(corp.group)
for alliance in EVEPlayerAlliance.objects.filter(group__isnull=False):
if alliance.group:
corpgroups.append(alliance.group)
# Create a list of Char groups
chargroups = []
for eacc in EVEAccount.objects.filter(user=user):
if eacc.api_status in [1,3]:
for char in eacc.characters.all():
if char.corporation.group:
chargroups.append(char.corporation.group)
if char.corporation.alliance and char.corporation.alliance.group:
chargroups.append(char.corporation.alliance.group)
# Generate the list of groups to add/remove
delgroups = set(set(user.groups.all()) & set(corpgroups)) - set(chargroups)
addgroups = set(chargroups) - set(set(user.groups.all()) & set(corpgroups))
for g in delgroups:
user.groups.remove(g)
for g in addgroups:
user.groups.add(g)
from sso.models import ServiceAccount
# For users set to not active, delete all accounts
if not user.is_active:
for servacc in ServiceAccount.objects.filter(user=user):
servacc.active = 0
servacc.save()
pass
# For each of the user's services, check they're in a valid group for it and enable/disable as needed.
for servacc in ServiceAccount.objects.filter(user=user):
if not (set(user.groups.all()) & set(servacc.service.groups.all())):
if servacc.active:
servacc.active = 0
servacc.save()
pass
else:
if not servacc.active:
servacc.active = 1
servacc.save()
pass

4
sso/views.py
View File

@@ -66,7 +66,6 @@ def eveapi_add(request):
pass pass
else: else:
messages.add_message(request, messages.INFO, "EVE API successfully added.") messages.add_message(request, messages.INFO, "EVE API successfully added.")
request.user.get_profile().update_access()
return redirect('sso.views.profile') return redirect('sso.views.profile')
else: else:
@@ -82,11 +81,8 @@ def eveapi_del(request, userid=0):
acc = EVEAccount.objects.get(id=userid) acc = EVEAccount.objects.get(id=userid)
except EVEAccount.DoesNotExist: except EVEAccount.DoesNotExist:
return redirect('sso.views.profile') return redirect('sso.views.profile')
if acc.user == request.user: if acc.user == request.user:
user = acc.user
acc.delete() acc.delete()
user.get_profile().update_access()
messages.add_message(request, messages.INFO, "EVE API key successfully deleted.") messages.add_message(request, messages.INFO, "EVE API key successfully deleted.")
return redirect('sso.views.profile') return redirect('sso.views.profile')