auth blob handling (UI) works

This commit is contained in:
seba 2011-09-30 22:29:02 +02:00
parent a1052df608
commit d6a3b21d51
8 changed files with 159 additions and 88 deletions

View File

@ -73,8 +73,9 @@ def requirePlugin(apiFunc):
if request.user:
group = request.user.groups.get(name="Plugin")
# no exception, exec apiFunc!
request.plugin = Plugin.objects.get(user=request.user)
return apiFunc(self, request, *args, **kwargs)
except Groups.DoesNotExist:
except Group.DoesNotExist:
pass
ret = rc.FORBIDDEN

View File

@ -136,6 +136,26 @@ class AuthBlobHandler(BaseHandler):
# model =
pass
class AuthUserHandler(BaseHandler):
allowed_methods = ('GET')
fields = ('id', 'username')
@requirePlugin
def read(self, request):
if not request.plugin.uniqueAuthblob:
ret = rc.BAD_REQUEST
ret.write("\nThis plugin does not support unique auth blobs, therefore we can't identify an user uniquely by its authblob\n")
return ret
if not request.GET.has_key('authblob'):
return rc.BAD_REQUEST
try:
perm = PluginPermission.objects.get(plugin=request.plugin, authblob=request.GET['authblob'])
return perm.user
except PluginPermission.DoesNotExist:
return rc.NOT_FOUND
class ConfigHandler(BaseHandler):
allowed_methods = ('GET',)

View File

@ -22,6 +22,7 @@ accountBalanceRes = CsrfExemptResource(handler=AccountBalanceHandler, **ad)
authBlobRes = CsrfExemptResource(handler=AuthBlobHandler, **ad)
authUserRes = CsrfExemptResource(handler=AuthUserHandler, **ad)
configRes = CsrfExemptResource(handler=ConfigHandler, **ad)
@ -37,6 +38,7 @@ urlpatterns = patterns('',
url(r'account/balance/?$', accountBalanceRes),
url(r'auth/blob/?$', authBlobRes),
url(r'auth/user/?$', authUserRes),
url(r'config/?$', configRes),
)

View File

@ -19,12 +19,21 @@ def createUserProfile(sender, instance, created, **kwargs):
post_save.connect(createUserProfile, sender=User)
class Plugin(models.Model):
name = models.CharField(max_length=40)
user = models.ForeignKey(User, unique=True)
# plugin info
name = models.CharField(max_length=40)
author = models.CharField(max_length=40)
version = models.CharField(max_length=40)
descr = models.TextField(default='')
# plugin config
uniqueAuthblob = models.BooleanField(default=False)
userCanWriteAuthblob = models.BooleanField(default=True)
# automatically set when write is allowed
userCanReadAuthblob = models.BooleanField(default=True)
pluginCanWriteAuthblob = models.BooleanField(default=False)
pluginCanReadAuthblob = models.BooleanField(default=False)
def __unicode__(self):
return self.name
@ -32,7 +41,7 @@ class Plugin(models.Model):
class PluginPermission(models.Model):
user = models.ForeignKey(User)
plugin = models.ForeignKey('Plugin')
authBlob = models.TextField(default='')
authblob = models.TextField(default='')
def __unicode__(self):
return "%s allows %s" % (self.user, self.plugin)

View File

@ -4,7 +4,7 @@
{% if allMost %}
Am beliebtesten ist: <br /> <br />
{% for buyable in allMost %}
{{ buyable.buyable__name }} ( {{ buyable.num_buys }} mal) <br />
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> ( {{ buyable.num_buys }} mal) <br />
{% endfor %}
<br />
{% else %}
@ -15,7 +15,7 @@
{% if usersMost %}
Am oeftesten hattest du: <br /> <br />
{% for buyable in usersMost %}
{{ buyable.buyable__name }} ( {{ buyable.num_buys }} mal) <br />
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> ( {{ buyable.num_buys }} mal) <br />
{% endfor %}
<br />
{% else %}
@ -26,7 +26,7 @@
{% if usersLast %}
Als letztes hattest du: <br /> <br />
{% for buyable in usersLast %}
{{ buyable.buyable__name }} <br />
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> <br />
{% endfor %}
<br />
{% else %}

View File

@ -9,89 +9,57 @@
<br />
<h2>Plugin Berechtigungen</h2>
<hr />
<p>
<form method="POST" action="/settings/plugins/addperm/">
<select name="pid">
<option value="0"> ----- </option>
{% for plugin in unallowedplugins %}
<option value="{{ plugin.id }}">{{ plugin.name }}</option>
{% endfor %}
</select>
<input type="submit" value="Plugin erlauben">
</form>
</p>
{% if pluginerror %}
<font color="red">{{ pluginerror|safe }}</font>
{% endif %}
{% if pluginmsg %}
<font color="green">{{ pluginmsg|safe }}</font>
{% endif %}
<p>
<table>
<tr>
<th>Name</th>
<th>Author</th>
<th>Version</th>
<th>Beschreibung</th>
<th>AuthBlob</th>
<th>Optionen</th>
<th>Erlauben/Verbieten</th>
</tr>
{% if pluginpermissions %}
{% for pperm in pluginpermissions %}
{% if pperm.plugin in plugins %}
end test
{% endif %}
{% for p in permissions %}
<tr style="background: green">
<td style="vertical-align:middle">{{ pperm.plugin }}</td>
<td style="vertical-align:middle">
<form method="post" action="">
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
<input type="submit" value="Speichern" />
</form>
</td>
<td style="vertical-align:middle">
<form method="post" action="">
<input type="submit" value="Berechtigungen aufheben" />
</form>
<td style="vertical-align:middle">{{ p.plugin.name }}</td>
<td style="vertical-align:middle">{{ p.plugin.author }}</td>
<td style="vertical-align:middle">{{ p.plugin.version }}</td>
<td style="vertical-align:top">{{ p.plugin.descr }}</td>
<td>
</tr>
{% endfor %}
{% else %}
<tr>
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gew&auml;hrt</td>
</tr>
{% endif %}
</table>
Perms {{ pluginpermissions }} <br />
<br /><br />
<h2>Second Idea for Plugin interface</h2>
<hr />
<p>
<table>
<tr>
<th>Name</th>
<th>AuthBlob</th>
<th>Optionen</th>
</tr>
{% if pluginpermissions %}
{% for plugin in plugins %}
<tr style="{%if plugin in unallowedplugins%}background:red{%else%}background: green{%endif%}">
<td style="vertical-align:middle">{{ plugin }}</td>
<td style="vertical-align:middle">
{%if plugin not in unallowedplugins %}
<form method="post" action="">
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
<input type="submit" value="Speichern" />
{% if p.plugin.userCanWriteAuthblob %}
<form method="post" action="/user/settings/plugin/authblob/{{ p.plugin.id }}/">
{% csrf_token %}
<textarea name="authblob">{{ p.authblob }}</textarea>
<input type="submit" value="Speichern">
</form>
{% else %}
{% if p.plugin.userCanReadAuthblob %}
{{ p.authblob }}
{% else %}
---
{% endif %}
{% endif %}
</td>
<td style="vertical-align:middle">
<form method="post" action="">
{%if plugin in unallowedplugins %}
<input type="submit" value="Berechtigungen hinzuf&uuml;gen" />
{%else%}
<input type="submit" value="Berechtigungen aufheben" />
{%endif%}
</form>
<td>
<td style="vertical-align:middle"><a href="/user/settings/plugin/deny/{{ p.plugin.id }}/">Plugin verbieten</a></td>
</tr>
{% endfor %}
{% else %}
<tr>
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gew&auml;hrt</td>
{% for plugin in unallowed %}
<tr style="background: red">
<td style="vertical-align:middle">{{ plugin.name }}</td>
<td style="vertical-align:middle">{{ plugin.author }}</td>
<td style="vertical-align:middle">{{ plugin.version }}</td>
<td style="vertical-align:top">{{ plugin.descr }}</td>
<td>&nbsp;</td>
<td style="vertical-align:middle"><a href="/user/settings/plugin/allow/{{ plugin.id }}/">Plugin erlauben</a></td>
</tr>
{% endif %}
{% endfor %}
</table>
</p>
{% endblock %}

View File

@ -11,4 +11,7 @@ urlpatterns = patterns('',
{'template_name': 'registration/logout.html',
'next_page': '/user/login/'}),
(r'^settings/$', 'main.views.settings'),
#plugin stuff
(r'^settings/plugin/(?P<method>(?:allow|deny))/(?P<pluginId>\d+)/$', 'main.views.pluginPermission'),
(r'^settings/plugin/authblob/(?P<pluginId>\d+)/$', 'main.views.pluginAuthblob'),
)

View File

@ -2,6 +2,7 @@ from django.shortcuts import render_to_response
from django.template import RequestContext
from django.contrib.auth.decorators import login_required
from django.db.models import Count
from django.http import HttpResponseRedirect
from main.models import Plugin, PluginPermission
@ -12,17 +13,84 @@ def startpage(request):
''' Diese Funktion wird wahrscheinlich viel Last erzeugen, da
sie ueber mehrere Tabellen joined,filtered und wieder reduced.
'''
allMost = Purchase.objects.filter(isDeposit=False).values('buyable__name').annotate(num_buys=Count('buyable')).order_by('-num_buys')
usersMost = Purchase.objects.filter(isDeposit=False).values('buyable__name').filter(order__user=request.user.id).annotate(num_buys=Count('buyable')).order_by('-num_buys')
usersLast = Purchase.objects.filter(isDeposit=False).values('buyable__name').filter(order__user=request.user.id).order_by('-order__dateTime')
allMost = Purchase.objects.filter(isDeposit=False).values('buyable__name', 'buyable__id').annotate(num_buys=Count('buyable')).order_by('-num_buys')
usersMost = Purchase.objects.filter(isDeposit=False).values('buyable__name','buyable__id').filter(order__user=request.user.id).annotate(num_buys=Count('buyable')).order_by('-num_buys')
usersLast = Purchase.objects.filter(isDeposit=False).values('buyable__name','buyable__id').filter(order__user=request.user.id).order_by('-order__dateTime')
return render_to_response("main/startpage.html", {'allMost' : allMost,'usersMost': usersMost, 'usersLast' : usersLast}, RequestContext(request))
def register(request):
return render_to_response("registration/register.html", RequestContext(request))
@login_required
def settings(request):
def getPluginDict(request):
plugins = Plugin.objects.all()
allowed = Plugin.objects.filter(pluginpermission__user=request.user)
unallowed = Plugin.objects.exclude(pluginpermission__user=request.user)
perms = PluginPermission.objects.filter(user=request.user)
return render_to_response("settings/settings.html", {'plugins': plugins, 'unallowedplugins': unallowed, 'pluginpermissions': perms}, RequestContext(request))
return {'plugins': plugins, 'allowed': allowed, 'unallowed': unallowed, 'permissions': perms}
@login_required
def settings(request):
return render_to_response("settings/settings.html", getPluginDict(request), RequestContext(request))
@login_required
def pluginPermission(request, method, pluginId):
plugin = None
try:
plugin = Plugin.objects.get(id=pluginId)
except Plugin.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
return render_to_response("settings/settings.html", d, RequestContext(request))
if method == "allow":
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
d = getPluginDict(request)
d['pluginerror'] = "Dieses Plugin wurde bereits erlaubt"
return render_to_response("settings/settings.html", d, RequestContext(request))
except PluginPermission.DoesNotExist:
p = PluginPermission(user=request.user, plugin=plugin)
p.save()
else:
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
p.delete()
except PluginPermission.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Keine Berechtigungen f&uuml;r dieses Plugin gefunden - kann also auch nicht zur&uuml;ckgezogen werden"
return render_to_response("settings/settings.html", d, RequestContext(request))
return HttpResponseRedirect("/user/settings/")
@login_required
def pluginAuthblob(request, pluginId):
if request.method != "POST":
return HttpResponseRedirect("/user/settings/")
plugin = None
try:
plugin = Plugin.objects.get(id=pluginId)
except Plugin.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
return render_to_response("settings/settings.html", d, RequestContext(request))
p = None
try:
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
except PluginPermission.DoesNotExist:
d = getPluginDict(request)
d['pluginerror'] = "Vor dem editieren vom Authblob muss das Plugin ersteinmal erlaubt werden"
return render_to_response("settings/settings.html", d, RequestContext(request))
if not p.plugin.userCanWriteAuthblob or not request.POST.has_key("authblob"):
d = getPluginDict(request)
d['pluginerror'] = "Der Authblob darf f&uuml;r dieses Plugin nicht vom User ver&auml;ndert werden (oder der Authblob war kaputt)"
return render_to_response("settings/settings.html", d, RequestContext(request))
p.authblob = request.POST['authblob']
p.save()
d = getPluginDict(request)
d['pluginmsg'] = "Authblob erfolgreich ge&auml;ndert"
return render_to_response("settings/settings.html", d, RequestContext(request))