awx/lib/main/base_views.py

# (c) 2013, AnsibleWorks, Michael DeHaan <michael@ansibleworks.com>
#
# This file is part of Ansible Commander
#
# Ansible Commander is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible Commander is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible Commander.  If not, see <http://www.gnu.org/licenses/>.

from django.http import HttpResponse
from django.views.decorators.csrf import csrf_exempt
from lib.main.models import *
from django.contrib.auth.models import User
from lib.main.serializers import *
from lib.main.rbac import *
from django.core.exceptions import PermissionDenied
from rest_framework import mixins
from rest_framework import generics
from rest_framework import permissions
from rest_framework.response import Response
from rest_framework import status
import exceptions
import datetime
import json as python_json

# FIXME: machinery for auto-adding audit trail logs to all CREATE/EDITS

class BaseList(generics.ListCreateAPIView):
 
    def list_permissions_check(self, request, obj=None):
        ''' determines some early yes/no access decisions, pre-filtering '''
        if request.method == 'GET':
             return True
        if request.method == 'POST':
             if self.__class__.model in [ User ]:
                  ok = request.user.is_superuser or (request.user.admin_of_organizations.count() > 0)
                  if not ok:
                      raise PermissionDenied()
                  return True
             else:
                  if not self.__class__.model.can_user_add(request.user, self.request.DATA):
                      raise PermissionDenied()
                  return True
        raise exceptions.NotImplementedError
   
    def get_queryset(self):
        base = self._get_queryset()
        model = self.__class__.model
        if model == User:
            return base.filter(is_active=True)
        elif model in [ Tag, AuditTrail ]:
            return base
        else:
            return self._get_queryset().filter(active=True)


class BaseSubList(BaseList):

    ''' used for subcollections with an overriden post '''

    def list_permissions_check(self, request, obj=None):
        ''' determines some early yes/no access decisions, pre-filtering '''
        if request.method == 'GET':
             return True
        if request.method == 'POST':
             # the can_user_attach methods will be called below
             return True
        raise exceptions.NotImplementedError


    def post(self, request, *args, **kwargs):

        postable = getattr(self.__class__, 'postable', False)
        if not postable:
            return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)

        parent_id = kwargs['pk']
        sub_id = request.DATA.get('id', None)
        main = self.__class__.parent_model.objects.get(pk=parent_id)

        subs = None

        if sub_id:
            subs = self.__class__.model.objects.filter(pk=sub_id)
        else:
            if 'disassociate' in request.DATA:
                raise PermissionDenied() # ID is required to disassociate
            else:

                # this is a little tricky and a little manual
                # the object ID was not specified, so it probably doesn't exist in the DB yet.
                # we want to see if we can create it.  The URL may choose to inject it's primary key into the object
                # because we are posting to a subcollection. Use all the normal access control mechanisms.

                inject_primary_key = getattr(self.__class__, 'inject_primary_key_on_post_as', None)

                if inject_primary_key is not None:

                    # add the key to the post data using the pk from the URL
                    request.DATA[inject_primary_key] = kwargs['pk']

                    # attempt to deserialize the object
                    ser = self.__class__.serializer_class(data=request.DATA)
                    if not ser.is_valid():
                        return Response(status=status.HTTP_400_BAD_REQUEST, data=python_json.dumps(dict(msg='invalid post data')))

                    # ask the usual access control settings
                    if not self.__class__.model.can_user_add(request.user, ser.init_data):
                        raise PermissionDenied()

                    # save the object through the serializer, reload and returned the saved object deserialized
                    obj = ser.save()
                    ser = self.__class__.serializer_class(obj)
            
                    # now make sure we could have already attached the two together.  If we could not have, raise an exception
                    # such that the transaction does not commit.
                    if not self.__class__.parent_model.can_user_attach(request.user, main, obj, self.__class__.relationship):
                        raise PermissionDenied()

                    return Response(status=status.HTTP_201_CREATED, data=python_json.dumps(ser.data))

                else:

                    # view didn't specify a way to get the pk from the URL, so not even trying
                    return Response(status=status.HTTP_400_BAD_REQUEST, data=python_json.dumps(dict(msg='object cannot be created')))

        # we didn't have to create the object, so this is just associating the two objects together now...
        # (or disassociating them)

        if len(subs) != 1:
            return Response(status=status.HTTP_400_BAD_REQUEST)
        sub = subs[0]
        relationship = getattr(main, self.__class__.relationship)
  
        if not 'disassociate' in request.DATA:
            if not request.user.is_superuser and not self.__class__.parent_model.can_user_attach(request.user, main, sub, self.__class__.relationship):
                raise PermissionDenied()
            if sub in relationship.all():
                return Response(status=status.HTTP_409_CONFLICT)
            relationship.add(sub)
        else:
            if not request.user.is_superuser and not self.__class__.parent_model.can_user_unattach(request.user, main, sub, self.__class__.relationship):
                raise PermissionDenied()
            relationship.remove(sub)
        return Response(status=status.HTTP_204_NO_CONTENT)


class BaseDetail(generics.RetrieveUpdateDestroyAPIView):

    def pre_save(self, obj):
        if type(obj) not in [ User, Tag, AuditTrail ]:
            obj.created_by = self.request.user

    def destroy(self, request, *args, **kwargs):
        # somewhat lame that delete has to call it's own permissions check
        obj = self.model.objects.get(pk=kwargs['pk'])
        if not request.user.is_superuser and not self.delete_permissions_check(request, obj):
            raise PermissionDenied()
        if isinstance(obj, PrimordialModel):
            obj.name   = "_deleted_%s_%s" % (str(datetime.time()), obj.name)
            obj.active = False
            obj.save()
        elif type(obj) == User:
            obj.username  = "_deleted_%s_%s" % (str(datetime.time()), obj.username)
            obj.is_active = False
            obj.save()
        else:
            raise Exception("InternalError: destroy() not implemented yet for %s" % obj)
        return HttpResponse(status=204)

    def delete_permissions_check(self, request, obj):
        if isinstance(obj, PrimordialModel):
            return self.__class__.model.can_user_delete(request.user, obj)
        elif isinstance(obj, User):
            return UserHelper.can_user_delete(request.user, obj)
        raise PermissionDenied()


    def item_permissions_check(self, request, obj):

        if request.method == 'GET':
            if type(obj) == User:
                return UserHelper.can_user_read(request.user, obj)
            else:
                return self.__class__.model.can_user_read(request.user, obj)
        elif request.method in [ 'PUT' ]:
            if type(obj) == User:
                return UserHelper.can_user_administrate(request.user, obj)
            else:
                return self.__class__.model.can_user_administrate(request.user, obj)
        return False

    def put(self, request, *args, **kwargs):
        self.put_filter(request, *args, **kwargs)
        return super(BaseDetail, self).put(request, *args, **kwargs)

    def put_filter(self, request, *args, **kwargs):
        ''' scrub any fields the user cannot/should not put, based on user context.  This runs after read-only serialization filtering '''
        pass
Add copyright headers. 2013-03-24 02:43:11 +04:00			`# (c) 2013, AnsibleWorks, Michael DeHaan <michael@ansibleworks.com>`
			`#`
			`# This file is part of Ansible Commander`
			`#`
			`# Ansible Commander is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU General Public License as published by`
			`# the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# Ansible Commander is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with Ansible Commander. If not, see <http://www.gnu.org/licenses/>.`

Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`from django.http import HttpResponse`
			`from django.views.decorators.csrf import csrf_exempt`
			`from lib.main.models import *`
			`from django.contrib.auth.models import User`
			`from lib.main.serializers import *`
			`from lib.main.rbac import *`
			`from django.core.exceptions import PermissionDenied`
			`from rest_framework import mixins`
			`from rest_framework import generics`
			`from rest_framework import permissions`
			`from rest_framework.response import Response`
			`from rest_framework import status`
			`import exceptions`
			`import datetime`
This allows for creation of subresources when posting new objects to a subcollection. 2013-03-27 02:18:05 +04:00			`import json as python_json`
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00
			`# FIXME: machinery for auto-adding audit trail logs to all CREATE/EDITS`

			`class BaseList(generics.ListCreateAPIView):`
Organize test files into subdirectories 2013-03-24 02:28:38 +04:00
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`def list_permissions_check(self, request, obj=None):`
			`''' determines some early yes/no access decisions, pre-filtering '''`
			`if request.method == 'GET':`
			`return True`
			`if request.method == 'POST':`
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`if self.__class__.model in [ User ]:`
This allows for creation of subresources when posting new objects to a subcollection. 2013-03-27 02:18:05 +04:00			`ok = request.user.is_superuser or (request.user.admin_of_organizations.count() > 0)`
Working on Hosts and Groups 2013-03-26 22:44:12 +04:00			`if not ok:`
			`raise PermissionDenied()`
			`return True`
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`else:`
Working on Hosts and Groups 2013-03-26 22:44:12 +04:00			`if not self.__class__.model.can_user_add(request.user, self.request.DATA):`
			`raise PermissionDenied()`
			`return True`
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`raise exceptions.NotImplementedError`

			`def get_queryset(self):`
Listing tags attached to an organization, and basic model/view things around tag details 2013-03-24 00:03:17 +04:00			`base = self._get_queryset()`
			`model = self.__class__.model`
			`if model == User:`
			`return base.filter(is_active=True)`
			`elif model in [ Tag, AuditTrail ]:`
			`return base`
Added ability to list users under an organization, model additions to support. Simplified queryset lookup for various models. 2013-03-23 23:34:16 +04:00			`else:`
			`return self._get_queryset().filter(active=True)`
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00

This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`class BaseSubList(BaseList):`

			`''' used for subcollections with an overriden post '''`

Testing to whether a user can attach/unattach is now deferred to the model. 2013-03-23 22:31:36 +04:00			`def list_permissions_check(self, request, obj=None):`
			`''' determines some early yes/no access decisions, pre-filtering '''`
			`if request.method == 'GET':`
			`return True`
			`if request.method == 'POST':`
			`# the can_user_attach methods will be called below`
			`return True`
			`raise exceptions.NotImplementedError`


This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`def post(self, request, args, *kwargs):`

Test that you can't post to an audit trail collection (ever), and a switch to control postability to sub lists. 2013-03-24 00:50:25 +04:00			`postable = getattr(self.__class__, 'postable', False)`
			`if not postable:`
			`return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)`

This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`parent_id = kwargs['pk']`
This allows for creation of subresources when posting new objects to a subcollection. 2013-03-27 02:18:05 +04:00			`sub_id = request.DATA.get('id', None)`
This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`main = self.__class__.parent_model.objects.get(pk=parent_id)`
This allows for creation of subresources when posting new objects to a subcollection. 2013-03-27 02:18:05 +04:00
			`subs = None`

			`if sub_id:`
			`subs = self.__class__.model.objects.filter(pk=sub_id)`
			`else:`
			`if 'disassociate' in request.DATA:`
			`raise PermissionDenied() # ID is required to disassociate`
			`else:`

			`# this is a little tricky and a little manual`
			`# the object ID was not specified, so it probably doesn't exist in the DB yet.`
			`# we want to see if we can create it. The URL may choose to inject it's primary key into the object`
			`# because we are posting to a subcollection. Use all the normal access control mechanisms.`

			`inject_primary_key = getattr(self.__class__, 'inject_primary_key_on_post_as', None)`

			`if inject_primary_key is not None:`

			`# add the key to the post data using the pk from the URL`
			`request.DATA[inject_primary_key] = kwargs['pk']`

			`# attempt to deserialize the object`
			`ser = self.__class__.serializer_class(data=request.DATA)`
			`if not ser.is_valid():`
			`return Response(status=status.HTTP_400_BAD_REQUEST, data=python_json.dumps(dict(msg='invalid post data')))`

			`# ask the usual access control settings`
			`if not self.__class__.model.can_user_add(request.user, ser.init_data):`
			`raise PermissionDenied()`

			`# save the object through the serializer, reload and returned the saved object deserialized`
			`obj = ser.save()`
			`ser = self.__class__.serializer_class(obj)`

			`# now make sure we could have already attached the two together. If we could not have, raise an exception`
			`# such that the transaction does not commit.`
			`if not self.__class__.parent_model.can_user_attach(request.user, main, obj, self.__class__.relationship):`
			`raise PermissionDenied()`

			`return Response(status=status.HTTP_201_CREATED, data=python_json.dumps(ser.data))`

			`else:`

			`# view didn't specify a way to get the pk from the URL, so not even trying`
			`return Response(status=status.HTTP_400_BAD_REQUEST, data=python_json.dumps(dict(msg='object cannot be created')))`

			`# we didn't have to create the object, so this is just associating the two objects together now...`
			`# (or disassociating them)`

This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`if len(subs) != 1:`
			`return Response(status=status.HTTP_400_BAD_REQUEST)`
			`sub = subs[0]`
			`relationship = getattr(main, self.__class__.relationship)`

			`if not 'disassociate' in request.DATA:`
Added remaining sec tests for adding subobjects to collection. 2013-03-23 23:08:02 +04:00			`if not request.user.is_superuser and not self.__class__.parent_model.can_user_attach(request.user, main, sub, self.__class__.relationship):`
This makes subobject attachment and detachment generic, making the views much easier to code up. 2013-03-23 00:52:44 +04:00			`raise PermissionDenied()`
			`if sub in relationship.all():`
			`return Response(status=status.HTTP_409_CONFLICT)`
			`relationship.add(sub)`
			`else:`
			`if not request.user.is_superuser and not self.__class__.parent_model.can_user_unattach(request.user, main, sub, self.__class__.relationship):`
			`raise PermissionDenied()`
			`relationship.remove(sub)`
			`return Response(status=status.HTTP_204_NO_CONTENT)`


Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`class BaseDetail(generics.RetrieveUpdateDestroyAPIView):`

			`def pre_save(self, obj):`
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`if type(obj) not in [ User, Tag, AuditTrail ]:`
			`obj.created_by = self.request.user`
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00
			`def destroy(self, request, args, *kwargs):`
			`# somewhat lame that delete has to call it's own permissions check`
			`obj = self.model.objects.get(pk=kwargs['pk'])`
			`if not request.user.is_superuser and not self.delete_permissions_check(request, obj):`
			`raise PermissionDenied()`
Working on Hosts and Groups 2013-03-26 22:44:12 +04:00			`if isinstance(obj, PrimordialModel):`
User deletion modification, and overriding the URL for the user objects. 2013-03-24 22:14:59 +04:00			`obj.name = "_deleted_%s_%s" % (str(datetime.time()), obj.name)`
			`obj.active = False`
			`obj.save()`
			`elif type(obj) == User:`
			`obj.username = "_deleted_%s_%s" % (str(datetime.time()), obj.username)`
			`obj.is_active = False`
			`obj.save()`
			`else:`
			`raise Exception("InternalError: destroy() not implemented yet for %s" % obj)`
Move base view code to seperate file, start of generalizing 2013-03-22 23:22:30 +04:00			`return HttpResponse(status=204)`

Starting to defer some business logic to the model classes and out of the views. 2013-03-22 23:36:59 +04:00			`def delete_permissions_check(self, request, obj):`
Working on Hosts and Groups 2013-03-26 22:44:12 +04:00			`if isinstance(obj, PrimordialModel):`
User deletion modification, and overriding the URL for the user objects. 2013-03-24 22:14:59 +04:00			`return self.__class__.model.can_user_delete(request.user, obj)`
			`elif isinstance(obj, User):`
			`return UserHelper.can_user_delete(request.user, obj)`
			`raise PermissionDenied()`

Starting to defer some business logic to the model classes and out of the views. 2013-03-22 23:36:59 +04:00
Moving more logic into the models, more view cleanup 2013-03-22 23:44:32 +04:00			`def item_permissions_check(self, request, obj):`

			`if request.method == 'GET':`
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`if type(obj) == User:`
			`return UserHelper.can_user_read(request.user, obj)`
			`else:`
			`return self.__class__.model.can_user_read(request.user, obj)`
Moving more logic into the models, more view cleanup 2013-03-22 23:44:32 +04:00			`elif request.method in [ 'PUT' ]:`
Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`if type(obj) == User:`
			`return UserHelper.can_user_administrate(request.user, obj)`
			`else:`
			`return self.__class__.model.can_user_administrate(request.user, obj)`
Moving more logic into the models, more view cleanup 2013-03-22 23:44:32 +04:00			`return False`

Create a mechanism for filtering put details, and now users can change their own passwords but not rename themselves, etc. 2013-03-24 20:36:42 +04:00			`def put(self, request, args, *kwargs):`
			`self.put_filter(request, args, *kwargs)`
			`return super(BaseDetail, self).put(request, args, *kwargs)`

			`def put_filter(self, request, args, *kwargs):`
			`''' scrub any fields the user cannot/should not put, based on user context. This runs after read-only serialization filtering '''`
			`pass`
Starting to defer some business logic to the model classes and out of the views. 2013-03-22 23:36:59 +04:00