auth blob handling (UI) works
This commit is contained in:
parent
a1052df608
commit
d6a3b21d51
|
@ -73,8 +73,9 @@ def requirePlugin(apiFunc):
|
|||
if request.user:
|
||||
group = request.user.groups.get(name="Plugin")
|
||||
# no exception, exec apiFunc!
|
||||
request.plugin = Plugin.objects.get(user=request.user)
|
||||
return apiFunc(self, request, *args, **kwargs)
|
||||
except Groups.DoesNotExist:
|
||||
except Group.DoesNotExist:
|
||||
pass
|
||||
ret = rc.FORBIDDEN
|
||||
|
||||
|
|
|
@ -136,6 +136,26 @@ class AuthBlobHandler(BaseHandler):
|
|||
# model =
|
||||
pass
|
||||
|
||||
class AuthUserHandler(BaseHandler):
|
||||
allowed_methods = ('GET')
|
||||
fields = ('id', 'username')
|
||||
|
||||
@requirePlugin
|
||||
def read(self, request):
|
||||
if not request.plugin.uniqueAuthblob:
|
||||
ret = rc.BAD_REQUEST
|
||||
ret.write("\nThis plugin does not support unique auth blobs, therefore we can't identify an user uniquely by its authblob\n")
|
||||
return ret
|
||||
|
||||
if not request.GET.has_key('authblob'):
|
||||
return rc.BAD_REQUEST
|
||||
|
||||
try:
|
||||
perm = PluginPermission.objects.get(plugin=request.plugin, authblob=request.GET['authblob'])
|
||||
return perm.user
|
||||
except PluginPermission.DoesNotExist:
|
||||
return rc.NOT_FOUND
|
||||
|
||||
class ConfigHandler(BaseHandler):
|
||||
allowed_methods = ('GET',)
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@ accountBalanceRes = CsrfExemptResource(handler=AccountBalanceHandler, **ad)
|
|||
|
||||
|
||||
authBlobRes = CsrfExemptResource(handler=AuthBlobHandler, **ad)
|
||||
authUserRes = CsrfExemptResource(handler=AuthUserHandler, **ad)
|
||||
configRes = CsrfExemptResource(handler=ConfigHandler, **ad)
|
||||
|
||||
|
||||
|
@ -37,6 +38,7 @@ urlpatterns = patterns('',
|
|||
url(r'account/balance/?$', accountBalanceRes),
|
||||
|
||||
url(r'auth/blob/?$', authBlobRes),
|
||||
url(r'auth/user/?$', authUserRes),
|
||||
url(r'config/?$', configRes),
|
||||
)
|
||||
|
||||
|
|
|
@ -19,12 +19,21 @@ def createUserProfile(sender, instance, created, **kwargs):
|
|||
post_save.connect(createUserProfile, sender=User)
|
||||
|
||||
class Plugin(models.Model):
|
||||
name = models.CharField(max_length=40)
|
||||
user = models.ForeignKey(User, unique=True)
|
||||
|
||||
# plugin info
|
||||
name = models.CharField(max_length=40)
|
||||
author = models.CharField(max_length=40)
|
||||
version = models.CharField(max_length=40)
|
||||
descr = models.TextField(default='')
|
||||
|
||||
# plugin config
|
||||
uniqueAuthblob = models.BooleanField(default=False)
|
||||
userCanWriteAuthblob = models.BooleanField(default=True)
|
||||
# automatically set when write is allowed
|
||||
userCanReadAuthblob = models.BooleanField(default=True)
|
||||
pluginCanWriteAuthblob = models.BooleanField(default=False)
|
||||
pluginCanReadAuthblob = models.BooleanField(default=False)
|
||||
|
||||
def __unicode__(self):
|
||||
return self.name
|
||||
|
@ -32,7 +41,7 @@ class Plugin(models.Model):
|
|||
class PluginPermission(models.Model):
|
||||
user = models.ForeignKey(User)
|
||||
plugin = models.ForeignKey('Plugin')
|
||||
authBlob = models.TextField(default='')
|
||||
authblob = models.TextField(default='')
|
||||
|
||||
def __unicode__(self):
|
||||
return "%s allows %s" % (self.user, self.plugin)
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
{% if allMost %}
|
||||
Am beliebtesten ist: <br /> <br />
|
||||
{% for buyable in allMost %}
|
||||
{{ buyable.buyable__name }} ( {{ buyable.num_buys }} mal) <br />
|
||||
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> ( {{ buyable.num_buys }} mal) <br />
|
||||
{% endfor %}
|
||||
<br />
|
||||
{% else %}
|
||||
|
@ -15,7 +15,7 @@
|
|||
{% if usersMost %}
|
||||
Am oeftesten hattest du: <br /> <br />
|
||||
{% for buyable in usersMost %}
|
||||
{{ buyable.buyable__name }} ( {{ buyable.num_buys }} mal) <br />
|
||||
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> ( {{ buyable.num_buys }} mal) <br />
|
||||
{% endfor %}
|
||||
<br />
|
||||
{% else %}
|
||||
|
@ -26,7 +26,7 @@
|
|||
{% if usersLast %}
|
||||
Als letztes hattest du: <br /> <br />
|
||||
{% for buyable in usersLast %}
|
||||
{{ buyable.buyable__name }} <br />
|
||||
<a href="/store/show/{{ buyable.buyable__id }}">{{ buyable.buyable__name }}</a> <br />
|
||||
{% endfor %}
|
||||
<br />
|
||||
{% else %}
|
||||
|
|
|
@ -9,89 +9,57 @@
|
|||
<br />
|
||||
<h2>Plugin Berechtigungen</h2>
|
||||
<hr />
|
||||
<p>
|
||||
<form method="POST" action="/settings/plugins/addperm/">
|
||||
<select name="pid">
|
||||
<option value="0"> ----- </option>
|
||||
{% for plugin in unallowedplugins %}
|
||||
<option value="{{ plugin.id }}">{{ plugin.name }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
<input type="submit" value="Plugin erlauben">
|
||||
</form>
|
||||
</p>
|
||||
{% if pluginerror %}
|
||||
<font color="red">{{ pluginerror|safe }}</font>
|
||||
{% endif %}
|
||||
{% if pluginmsg %}
|
||||
<font color="green">{{ pluginmsg|safe }}</font>
|
||||
{% endif %}
|
||||
<p>
|
||||
<table>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>Author</th>
|
||||
<th>Version</th>
|
||||
<th>Beschreibung</th>
|
||||
<th>AuthBlob</th>
|
||||
<th>Optionen</th>
|
||||
<th>Erlauben/Verbieten</th>
|
||||
</tr>
|
||||
{% if pluginpermissions %}
|
||||
{% for pperm in pluginpermissions %}
|
||||
{% if pperm.plugin in plugins %}
|
||||
end test
|
||||
{% endif %}
|
||||
{% for p in permissions %}
|
||||
<tr style="background: green">
|
||||
<td style="vertical-align:middle">{{ pperm.plugin }}</td>
|
||||
<td style="vertical-align:middle">
|
||||
<form method="post" action="">
|
||||
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
|
||||
<input type="submit" value="Speichern" />
|
||||
</form>
|
||||
</td>
|
||||
<td style="vertical-align:middle">
|
||||
<form method="post" action="">
|
||||
<input type="submit" value="Berechtigungen aufheben" />
|
||||
</form>
|
||||
<td style="vertical-align:middle">{{ p.plugin.name }}</td>
|
||||
<td style="vertical-align:middle">{{ p.plugin.author }}</td>
|
||||
<td style="vertical-align:middle">{{ p.plugin.version }}</td>
|
||||
<td style="vertical-align:top">{{ p.plugin.descr }}</td>
|
||||
<td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
<tr>
|
||||
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gewährt</td>
|
||||
</tr>
|
||||
{% endif %}
|
||||
</table>
|
||||
Perms {{ pluginpermissions }} <br />
|
||||
<br /><br />
|
||||
<h2>Second Idea for Plugin interface</h2>
|
||||
<hr />
|
||||
<p>
|
||||
<table>
|
||||
<tr>
|
||||
<th>Name</th>
|
||||
<th>AuthBlob</th>
|
||||
<th>Optionen</th>
|
||||
</tr>
|
||||
{% if pluginpermissions %}
|
||||
{% for plugin in plugins %}
|
||||
<tr style="{%if plugin in unallowedplugins%}background:red{%else%}background: green{%endif%}">
|
||||
<td style="vertical-align:middle">{{ plugin }}</td>
|
||||
<td style="vertical-align:middle">
|
||||
{%if plugin not in unallowedplugins %}
|
||||
<form method="post" action="">
|
||||
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
|
||||
<input type="submit" value="Speichern" />
|
||||
{% if p.plugin.userCanWriteAuthblob %}
|
||||
<form method="post" action="/user/settings/plugin/authblob/{{ p.plugin.id }}/">
|
||||
{% csrf_token %}
|
||||
<textarea name="authblob">{{ p.authblob }}</textarea>
|
||||
<input type="submit" value="Speichern">
|
||||
</form>
|
||||
{% else %}
|
||||
{% if p.plugin.userCanReadAuthblob %}
|
||||
{{ p.authblob }}
|
||||
{% else %}
|
||||
---
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
</td>
|
||||
<td style="vertical-align:middle">
|
||||
<form method="post" action="">
|
||||
{%if plugin in unallowedplugins %}
|
||||
<input type="submit" value="Berechtigungen hinzufügen" />
|
||||
{%else%}
|
||||
<input type="submit" value="Berechtigungen aufheben" />
|
||||
{%endif%}
|
||||
</form>
|
||||
<td>
|
||||
<td style="vertical-align:middle"><a href="/user/settings/plugin/deny/{{ p.plugin.id }}/">Plugin verbieten</a></td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
<tr>
|
||||
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gewährt</td>
|
||||
{% for plugin in unallowed %}
|
||||
<tr style="background: red">
|
||||
<td style="vertical-align:middle">{{ plugin.name }}</td>
|
||||
<td style="vertical-align:middle">{{ plugin.author }}</td>
|
||||
<td style="vertical-align:middle">{{ plugin.version }}</td>
|
||||
<td style="vertical-align:top">{{ plugin.descr }}</td>
|
||||
<td> </td>
|
||||
<td style="vertical-align:middle"><a href="/user/settings/plugin/allow/{{ plugin.id }}/">Plugin erlauben</a></td>
|
||||
</tr>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
|
||||
</table>
|
||||
</p>
|
||||
{% endblock %}
|
||||
|
|
|
@ -11,4 +11,7 @@ urlpatterns = patterns('',
|
|||
{'template_name': 'registration/logout.html',
|
||||
'next_page': '/user/login/'}),
|
||||
(r'^settings/$', 'main.views.settings'),
|
||||
#plugin stuff
|
||||
(r'^settings/plugin/(?P<method>(?:allow|deny))/(?P<pluginId>\d+)/$', 'main.views.pluginPermission'),
|
||||
(r'^settings/plugin/authblob/(?P<pluginId>\d+)/$', 'main.views.pluginAuthblob'),
|
||||
)
|
||||
|
|
|
@ -2,6 +2,7 @@ from django.shortcuts import render_to_response
|
|||
from django.template import RequestContext
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.db.models import Count
|
||||
from django.http import HttpResponseRedirect
|
||||
from main.models import Plugin, PluginPermission
|
||||
|
||||
|
||||
|
@ -12,17 +13,84 @@ def startpage(request):
|
|||
''' Diese Funktion wird wahrscheinlich viel Last erzeugen, da
|
||||
sie ueber mehrere Tabellen joined,filtered und wieder reduced.
|
||||
'''
|
||||
allMost = Purchase.objects.filter(isDeposit=False).values('buyable__name').annotate(num_buys=Count('buyable')).order_by('-num_buys')
|
||||
usersMost = Purchase.objects.filter(isDeposit=False).values('buyable__name').filter(order__user=request.user.id).annotate(num_buys=Count('buyable')).order_by('-num_buys')
|
||||
usersLast = Purchase.objects.filter(isDeposit=False).values('buyable__name').filter(order__user=request.user.id).order_by('-order__dateTime')
|
||||
allMost = Purchase.objects.filter(isDeposit=False).values('buyable__name', 'buyable__id').annotate(num_buys=Count('buyable')).order_by('-num_buys')
|
||||
usersMost = Purchase.objects.filter(isDeposit=False).values('buyable__name','buyable__id').filter(order__user=request.user.id).annotate(num_buys=Count('buyable')).order_by('-num_buys')
|
||||
usersLast = Purchase.objects.filter(isDeposit=False).values('buyable__name','buyable__id').filter(order__user=request.user.id).order_by('-order__dateTime')
|
||||
return render_to_response("main/startpage.html", {'allMost' : allMost,'usersMost': usersMost, 'usersLast' : usersLast}, RequestContext(request))
|
||||
|
||||
def register(request):
|
||||
return render_to_response("registration/register.html", RequestContext(request))
|
||||
|
||||
@login_required
|
||||
def settings(request):
|
||||
|
||||
def getPluginDict(request):
|
||||
plugins = Plugin.objects.all()
|
||||
allowed = Plugin.objects.filter(pluginpermission__user=request.user)
|
||||
unallowed = Plugin.objects.exclude(pluginpermission__user=request.user)
|
||||
perms = PluginPermission.objects.filter(user=request.user)
|
||||
return render_to_response("settings/settings.html", {'plugins': plugins, 'unallowedplugins': unallowed, 'pluginpermissions': perms}, RequestContext(request))
|
||||
|
||||
return {'plugins': plugins, 'allowed': allowed, 'unallowed': unallowed, 'permissions': perms}
|
||||
|
||||
@login_required
|
||||
def settings(request):
|
||||
return render_to_response("settings/settings.html", getPluginDict(request), RequestContext(request))
|
||||
|
||||
@login_required
|
||||
def pluginPermission(request, method, pluginId):
|
||||
plugin = None
|
||||
try:
|
||||
plugin = Plugin.objects.get(id=pluginId)
|
||||
except Plugin.DoesNotExist:
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
|
||||
if method == "allow":
|
||||
try:
|
||||
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Dieses Plugin wurde bereits erlaubt"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
except PluginPermission.DoesNotExist:
|
||||
p = PluginPermission(user=request.user, plugin=plugin)
|
||||
p.save()
|
||||
else:
|
||||
try:
|
||||
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
|
||||
p.delete()
|
||||
except PluginPermission.DoesNotExist:
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Keine Berechtigungen für dieses Plugin gefunden - kann also auch nicht zurückgezogen werden"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
return HttpResponseRedirect("/user/settings/")
|
||||
|
||||
@login_required
|
||||
def pluginAuthblob(request, pluginId):
|
||||
if request.method != "POST":
|
||||
return HttpResponseRedirect("/user/settings/")
|
||||
plugin = None
|
||||
try:
|
||||
plugin = Plugin.objects.get(id=pluginId)
|
||||
except Plugin.DoesNotExist:
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Ein Plugin mit der angegebenen ID existiert nicht"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
|
||||
p = None
|
||||
try:
|
||||
p = PluginPermission.objects.get(user=request.user, plugin=plugin)
|
||||
except PluginPermission.DoesNotExist:
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Vor dem editieren vom Authblob muss das Plugin ersteinmal erlaubt werden"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
|
||||
if not p.plugin.userCanWriteAuthblob or not request.POST.has_key("authblob"):
|
||||
d = getPluginDict(request)
|
||||
d['pluginerror'] = "Der Authblob darf für dieses Plugin nicht vom User verändert werden (oder der Authblob war kaputt)"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
|
||||
p.authblob = request.POST['authblob']
|
||||
p.save()
|
||||
d = getPluginDict(request)
|
||||
d['pluginmsg'] = "Authblob erfolgreich geändert"
|
||||
return render_to_response("settings/settings.html", d, RequestContext(request))
|
||||
|
||||
|
|
Loading…
Reference in New Issue