mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-11 05:20:16 +02:00
a33c8c14ee
* Add service access permissions and migration `ENABLE_AUTH_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_AUTH_GROUP` group or `Member` if none is configured. `ENABLE_BLUE_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_BLUE_GROUP` group or `Blue` if none is configured. * Move views and hooks to permissions based access * Remove access restriction to services view Hypothetically non-member/blues could be granted permission to access services manually as desired now. A user that has no permissions to access any services will see a blank services list. * Remove obsolete service settings * Remove references to obsolete settings * Adjusted tests to support permissions based access * Fix incorrectly named permissions * Add simple get_services generator function * Added signals for user and groups perm changes * Update validate_services to support permissions deactivate_services removed as its surplus to requirements. * Removed state parameter from validate_services calls * Update tests to support signals changes * Fix incorrect call to validate_services task * Fix validate_services and test * Add validate_user to changed user groups signal * Added tests for new signals * Remove unnecessary post_add signals * Added documentation for service permissions * Added detection for members with service active If there are any service users in the Member or Blue groups active, then the permission will be added to the respective Member or Blue group. This means its no longer necessary to maintain the service enablesettings to migrate to permissions based service. Remove obsolete state based status checking
163 lines
7.6 KiB
Python
163 lines
7.6 KiB
Python
from __future__ import unicode_literals
|
|
|
|
from django.contrib import messages
|
|
from django.contrib.auth.decorators import login_required, permission_required
|
|
from django.contrib.auth.models import Group
|
|
from django.shortcuts import render, redirect
|
|
|
|
from authentication.decorators import members_and_blues
|
|
from eveonline.managers import EveManager
|
|
from eveonline.models import EveCharacter
|
|
from services.forms import ServicePasswordForm
|
|
|
|
from .manager import OpenfireManager
|
|
from .tasks import OpenfireTasks
|
|
from .forms import JabberBroadcastForm
|
|
from .models import OpenfireUser
|
|
|
|
import datetime
|
|
|
|
import logging
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
ACCESS_PERM = 'openfire.access_openfire'
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def activate_jabber(request):
|
|
logger.debug("activate_jabber called by user %s" % request.user)
|
|
character = EveManager.get_main_character(request.user)
|
|
logger.debug("Adding jabber user for user %s with main character %s" % (request.user, character))
|
|
info = OpenfireManager.add_user(character.character_name)
|
|
# If our username is blank means we already had a user
|
|
if info[0] is not "":
|
|
OpenfireUser.objects.update_or_create(user=request.user, defaults={'username': info[0]})
|
|
logger.debug("Updated authserviceinfo for user %s with jabber credentials. Updating groups." % request.user)
|
|
OpenfireTasks.update_groups.delay(request.user.pk)
|
|
logger.info("Successfully activated jabber for user %s" % request.user)
|
|
messages.success(request, 'Activated jabber account.')
|
|
credentials = {
|
|
'username': info[0],
|
|
'password': info[1],
|
|
}
|
|
return render(request, 'registered/service_credentials.html',
|
|
context={'credentials': credentials, 'service': 'Jabber'})
|
|
else:
|
|
logger.error("Unsuccessful attempt to activate jabber for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your jabber account.')
|
|
return redirect("auth_services")
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def deactivate_jabber(request):
|
|
logger.debug("deactivate_jabber called by user %s" % request.user)
|
|
if OpenfireTasks.has_account(request.user) and OpenfireTasks.delete_user(request.user):
|
|
logger.info("Successfully deactivated jabber for user %s" % request.user)
|
|
messages.success(request, 'Deactivated jabber account.')
|
|
else:
|
|
logger.error("Unsuccessful attempt to deactivate jabber for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your jabber account.')
|
|
return redirect("auth_services")
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def reset_jabber_password(request):
|
|
logger.debug("reset_jabber_password called by user %s" % request.user)
|
|
if OpenfireTasks.has_account(request.user):
|
|
result = OpenfireManager.update_user_pass(request.user.openfire.username)
|
|
# If our username is blank means we failed
|
|
if result != "":
|
|
logger.info("Successfully reset jabber password for user %s" % request.user)
|
|
messages.success(request, 'Reset jabber password.')
|
|
credentials = {
|
|
'username': request.user.openfire.username,
|
|
'password': result,
|
|
}
|
|
return render(request, 'registered/service_credentials.html',
|
|
context={'credentials': credentials, 'service': 'Jabber'})
|
|
logger.error("Unsuccessful attempt to reset jabber for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your jabber account.')
|
|
return redirect("auth_services")
|
|
|
|
|
|
@login_required
|
|
@permission_required('auth.jabber_broadcast')
|
|
def jabber_broadcast_view(request):
|
|
logger.debug("jabber_broadcast_view called by user %s" % request.user)
|
|
allchoices = []
|
|
if request.user.has_perm('auth.jabber_broadcast_all'):
|
|
allchoices.append(('all', 'all'))
|
|
for g in Group.objects.all():
|
|
allchoices.append((str(g.name), str(g.name)))
|
|
else:
|
|
for g in request.user.groups.all():
|
|
allchoices.append((str(g.name), str(g.name)))
|
|
if request.method == 'POST':
|
|
form = JabberBroadcastForm(request.POST)
|
|
form.fields['group'].choices = allchoices
|
|
logger.debug("Received POST request containing form, valid: %s" % form.is_valid())
|
|
if form.is_valid():
|
|
main_char = EveManager.get_main_character(request.user)
|
|
logger.debug("Processing jabber broadcast for user %s with main character %s" % (request.user, main_char))
|
|
if main_char is not None:
|
|
message_to_send = form.cleaned_data[
|
|
'message'] + "\n##### SENT BY: " + "[" + main_char.corporation_ticker + "]" + \
|
|
main_char.character_name + " TO: " + \
|
|
form.cleaned_data['group'] + " WHEN: " + datetime.datetime.utcnow().strftime(
|
|
"%Y-%m-%d %H:%M:%S") + " #####\n##### Replies are NOT monitored #####\n"
|
|
group_to_send = form.cleaned_data['group']
|
|
|
|
OpenfireManager.send_broadcast_threaded(group_to_send, message_to_send, )
|
|
|
|
else:
|
|
message_to_send = form.cleaned_data[
|
|
'message'] + "\n##### SENT BY: " + "No character but can send pings?" + " TO: " + \
|
|
form.cleaned_data['group'] + " WHEN: " + datetime.datetime.utcnow().strftime(
|
|
"%Y-%m-%d %H:%M:%S") + " #####\n##### Replies are NOT monitored #####\n"
|
|
group_to_send = form.cleaned_data['group']
|
|
|
|
OpenfireManager.send_broadcast_threaded(group_to_send, message_to_send, )
|
|
|
|
messages.success(request, 'Sent jabber broadcast to %s' % group_to_send)
|
|
logger.info("Sent jabber broadcast on behalf of user %s" % request.user)
|
|
else:
|
|
form = JabberBroadcastForm()
|
|
form.fields['group'].choices = allchoices
|
|
logger.debug("Generated broadcast form for user %s containing %s groups" % (
|
|
request.user, len(form.fields['group'].choices)))
|
|
|
|
context = {'form': form}
|
|
return render(request, 'registered/jabberbroadcast.html', context=context)
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def set_jabber_password(request):
|
|
logger.debug("set_jabber_password called by user %s" % request.user)
|
|
if request.method == 'POST':
|
|
logger.debug("Received POST request with form.")
|
|
form = ServicePasswordForm(request.POST)
|
|
logger.debug("Form is valid: %s" % form.is_valid())
|
|
if form.is_valid() and OpenfireTasks.has_account(request.user):
|
|
password = form.cleaned_data['password']
|
|
logger.debug("Form contains password of length %s" % len(password))
|
|
result = OpenfireManager.update_user_pass(request.user.openfire.username, password=password)
|
|
if result != "":
|
|
logger.info("Successfully set jabber password for user %s" % request.user)
|
|
messages.success(request, 'Set jabber password.')
|
|
else:
|
|
logger.error("Failed to install custom jabber password for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your jabber account.')
|
|
return redirect("auth_services")
|
|
else:
|
|
logger.debug("Request is not type POST - providing empty form.")
|
|
form = ServicePasswordForm()
|
|
|
|
logger.debug("Rendering form for user %s" % request.user)
|
|
context = {'form': form, 'service': 'Jabber'}
|
|
return render(request, 'registered/service_password.html', context=context)
|