mirror of
https://gitlab.com/allianceauth/allianceauth.git
synced 2025-07-12 05:50:16 +02:00
a33c8c14ee
* Add service access permissions and migration `ENABLE_AUTH_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_AUTH_GROUP` group or `Member` if none is configured. `ENABLE_BLUE_<servicename> = True` will have the new permission applied to the settings configured `DEFAULT_BLUE_GROUP` group or `Blue` if none is configured. * Move views and hooks to permissions based access * Remove access restriction to services view Hypothetically non-member/blues could be granted permission to access services manually as desired now. A user that has no permissions to access any services will see a blank services list. * Remove obsolete service settings * Remove references to obsolete settings * Adjusted tests to support permissions based access * Fix incorrectly named permissions * Add simple get_services generator function * Added signals for user and groups perm changes * Update validate_services to support permissions deactivate_services removed as its surplus to requirements. * Removed state parameter from validate_services calls * Update tests to support signals changes * Fix incorrect call to validate_services task * Fix validate_services and test * Add validate_user to changed user groups signal * Added tests for new signals * Remove unnecessary post_add signals * Added documentation for service permissions * Added detection for members with service active If there are any service users in the Member or Blue groups active, then the permission will be added to the respective Member or Blue group. This means its no longer necessary to maintain the service enablesettings to migrate to permissions based service. Remove obsolete state based status checking
123 lines
5.9 KiB
Python
123 lines
5.9 KiB
Python
import logging
|
|
|
|
from django.contrib import messages
|
|
from django.contrib.auth.decorators import login_required, permission_required
|
|
from django.shortcuts import render, redirect
|
|
|
|
from authentication.states import BLUE_STATE
|
|
from authentication.models import AuthServicesInfo
|
|
from eveonline.managers import EveManager
|
|
from eveonline.models import EveAllianceInfo
|
|
|
|
from services.modules.teamspeak3.manager import Teamspeak3Manager
|
|
|
|
from .forms import TeamspeakJoinForm
|
|
from .tasks import Teamspeak3Tasks
|
|
from .models import Teamspeak3User
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
ACCESS_PERM = 'teamspeak3.access_teamspeak3'
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def activate_teamspeak3(request):
|
|
logger.debug("activate_teamspeak3 called by user %s" % request.user)
|
|
|
|
authinfo = AuthServicesInfo.objects.get(user=request.user)
|
|
character = EveManager.get_main_character(request.user)
|
|
ticker = character.corporation_ticker
|
|
|
|
if authinfo.state == BLUE_STATE:
|
|
logger.debug("Adding TS3 user for blue user %s with main character %s" % (request.user, character))
|
|
# Blue members should have alliance ticker (if in alliance)
|
|
if EveAllianceInfo.objects.filter(alliance_id=character.alliance_id).exists():
|
|
alliance = EveAllianceInfo.objects.filter(alliance_id=character.alliance_id)[0]
|
|
ticker = alliance.alliance_ticker
|
|
result = Teamspeak3Manager.add_blue_user(character.character_name, ticker)
|
|
else:
|
|
logger.debug("Adding TS3 user for user %s with main character %s" % (request.user, character))
|
|
result = Teamspeak3Manager.add_user(character.character_name, ticker)
|
|
|
|
# if its empty we failed
|
|
if result[0] is not "":
|
|
Teamspeak3User.objects.update_or_create(user=request.user, defaults={'uid': result[0], 'perm_key': result[1]})
|
|
logger.debug("Updated authserviceinfo for user %s with TS3 credentials. Updating groups." % request.user)
|
|
logger.info("Successfully activated TS3 for user %s" % request.user)
|
|
messages.success(request, 'Activated TeamSpeak3 account.')
|
|
return redirect("auth_verify_teamspeak3")
|
|
logger.error("Unsuccessful attempt to activate TS3 for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your TeamSpeak3 account.')
|
|
return redirect("auth_services")
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def verify_teamspeak3(request):
|
|
logger.debug("verify_teamspeak3 called by user %s" % request.user)
|
|
if not Teamspeak3Tasks.has_account(request.user):
|
|
logger.warn("Unable to validate user %s teamspeak: no teamspeak data" % request.user)
|
|
return redirect("auth_services")
|
|
if request.method == "POST":
|
|
form = TeamspeakJoinForm(request.POST)
|
|
if form.is_valid():
|
|
Teamspeak3Tasks.update_groups.delay(request.user.pk)
|
|
logger.debug("Validated user %s joined TS server" % request.user)
|
|
return redirect("auth_services")
|
|
else:
|
|
form = TeamspeakJoinForm({'username': request.user.teamspeak3.uid})
|
|
context = {
|
|
'form': form,
|
|
'authinfo': {'teamspeak3_uid': request.user.teamspeak3.uid,
|
|
'teamspeak3_perm_key': request.user.teamspeak3.perm_key},
|
|
}
|
|
return render(request, 'registered/teamspeakjoin.html', context=context)
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def deactivate_teamspeak3(request):
|
|
logger.debug("deactivate_teamspeak3 called by user %s" % request.user)
|
|
if Teamspeak3Tasks.has_account(request.user) and Teamspeak3Tasks.delete_user(request.user):
|
|
logger.info("Successfully deactivated TS3 for user %s" % request.user)
|
|
messages.success(request, 'Deactivated TeamSpeak3 account.')
|
|
logger.error("Unsuccessful attempt to deactivate TS3 for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your TeamSpeak3 account.')
|
|
return redirect("auth_services")
|
|
|
|
|
|
@login_required
|
|
@permission_required(ACCESS_PERM)
|
|
def reset_teamspeak3_perm(request):
|
|
logger.debug("reset_teamspeak3_perm called by user %s" % request.user)
|
|
if not Teamspeak3Tasks.has_account(request.user):
|
|
return redirect("auth_services")
|
|
authinfo = AuthServicesInfo.objects.get(user=request.user)
|
|
character = EveManager.get_main_character(request.user)
|
|
logger.debug("Deleting TS3 user for user %s" % request.user)
|
|
Teamspeak3Manager.delete_user(request.user.teamspeak3.uid)
|
|
|
|
if authinfo.state == BLUE_STATE:
|
|
logger.debug(
|
|
"Generating new permission key for blue user %s with main character %s" % (request.user, character))
|
|
result = Teamspeak3Manager.generate_new_blue_permissionkey(request.user.teamspeak3.uid,
|
|
character.character_name,
|
|
character.corporation_ticker)
|
|
else:
|
|
logger.debug("Generating new permission key for user %s with main character %s" % (request.user, character))
|
|
result = Teamspeak3Manager.generate_new_permissionkey(request.user.teamspeak3.uid, character.character_name,
|
|
character.corporation_ticker)
|
|
|
|
# if blank we failed
|
|
if result[0] != "":
|
|
Teamspeak3User.objects.update_or_create(user=request.user, defaults={'uid': result[0], 'perm_key': result[1]})
|
|
logger.debug("Updated authserviceinfo for user %s with TS3 credentials. Updating groups." % request.user)
|
|
Teamspeak3Tasks.update_groups.delay(request.user.pk)
|
|
logger.info("Successfully reset TS3 permission key for user %s" % request.user)
|
|
messages.success(request, 'Reset TeamSpeak3 permission key.')
|
|
else:
|
|
logger.error("Unsuccessful attempt to reset TS3 permission key for user %s" % request.user)
|
|
messages.error(request, 'An error occurred while processing your TeamSpeak3 account.')
|
|
return redirect("auth_services")
|