...
 
Commits (14)
# Re2o
Gnu public license v2.0
GNU public license v2.0
## Avant propos
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
Re2o est un logiciel d'administration développé initialement au rezometz. Il
se veut agnostique au réseau considéré, de manière à être installable en
quelques clics.
......@@ -31,15 +31,15 @@ Pour cela :
## Fonctionnement général
Re2o est séparé entre les models, qui sont visible sur le schéma des
dépendances. Il s'agit en réalité des tables sql, et les fields etant les
Re2o est séparé entre les models, qui sont visibles sur le schéma des
dépendances. Il s'agit en réalité des tables sql, et les fields étant les
colonnes.
Ceci dit il n'est jamais nécessaire de toucher directement au sql, django
procédant automatiquement à tout cela.
On crée donc différents models (user, right pour les droits des users,
interfaces, IpList pour l'ensemble des adresses ip, etc)
Du coté des forms, il s'agit des formulaire d'édition des models. Il
Du coté des forms, il s'agit des formulaires d'édition des models. Il
s'agit de ModelForms django, qui héritent des models très simplement, voir la
documentation django models forms.
......@@ -56,12 +56,20 @@ d'accéder à ces vues, utilisé par re2o-tools.
# Requète en base de donnée
Pour avoir un shell, il suffit de lancer '''python3 manage.py shell'''
Pour charger des objets, example avec User, faire :
''' from users.models import User'''
Pour charger les objets django, il suffit de faire User.objects.all()
pour tous les users par exemple.
Il est ensuite aisé de faire des requètes, par exemple
User.objects.filter(pseudo='test')
Des exemples et la documentation complète sur les requètes django sont
Pour avoir un shell, lancer :
```.bash
python3 manage.py shell
```
Pour charger des objets (exemple avec User), faire :
```.python
from users.models import User
```
Pour charger les objets django, il suffit de faire `User.objects.all()`
pour tous les users par exemple.
Il est ensuite aisé de faire des requêtes, par exemple
`User.objects.filter(pseudo='test')`
Des exemples et la documentation complète sur les requêtes django sont
disponible sur le site officiel.
......@@ -29,6 +29,7 @@ the response (JSON or other), the CSRF exempting, ...
import datetime
from django.conf import settings
from django.db.models import Q
from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.authtoken.models import Token
from rest_framework.response import Response
......@@ -421,7 +422,7 @@ class UserViewSet(viewsets.ReadOnlyModelViewSet):
class HomeCreationViewSet(viewsets.ReadOnlyModelViewSet):
"""Exposes infos of `users.models.Users` objects to create homes.
"""
queryset = users.User.objects.all()
queryset = users.User.objects.exclude(Q(state=users.User.STATE_DISABLED) | Q(state=users.User.STATE_NOT_YET_ACTIVE))
serializer_class = serializers.HomeCreationSerializer
class ClubViewSet(viewsets.ReadOnlyModelViewSet):
......
......@@ -243,7 +243,8 @@ def facture_post_save(**kwargs):
"""
facture = kwargs['instance']
user = facture.user
user.ldap_sync(base=False, access_refresh=True, mac_refresh=False)
user.set_active()
user.ldap_sync(base=True, access_refresh=True, mac_refresh=False)
@receiver(post_delete, sender=Facture)
......@@ -472,7 +473,8 @@ def vente_post_save(**kwargs):
purchase.create_cotis()
purchase.cotisation.save()
user = purchase.facture.user
user.ldap_sync(base=False, access_refresh=True, mac_refresh=False)
user.set_active()
user.ldap_sync(base=True, access_refresh=True, mac_refresh=False)
# TODO : change vente to purchase
......
......@@ -397,7 +397,10 @@ class IpType(RevMixin, AclMixin, models.Model):
@cached_property
def complete_prefixv6(self):
"""Return the complete prefix v6 as cidr"""
return str(self.prefix_v6) + "/" + str(self.prefix_v6_length)
if self.prefix_v6:
return str(self.prefix_v6) + "/" + str(self.prefix_v6_length)
else:
return None
def ip_objects(self):
""" Renvoie tous les objets ipv4 relié à ce type"""
......
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-08-31 14:37
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('machines', '0094_auto_20180815_1918'),
('preferences', '0050_auto_20180818_1329'),
]
operations = [
migrations.AddField(
model_name='optionalmachine',
name='autocapture_iprange',
field=models.ManyToManyField(blank=True, help_text="Définit la plage d'ip depuis laquel un utilisateur peut enregistrer une machine filaire", to='machines.IpType'),
),
]
......@@ -149,6 +149,13 @@ class OptionalMachine(AclMixin, PreferencesModel):
default=True
)
autocapture_iprange = models.ManyToManyField(
'machines.IpType',
help_text=_("Définit la plage d'ip depuis laquel un utilisateur peut enregistrer une machine filaire"),
blank=True,
)
@cached_property
def ipv6(self):
""" Check if the IPv6 option is activated """
......
......@@ -96,6 +96,11 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<tr>
<th>{% trans "Creation of machines" %}</th>
<td>{{ machineoptions.create_machine|tick }}</td>
<th>{% trans "IPs range d'autoregister" %}</th>
<td>{% for type in machineoptions.autocapture_iprange.all %}
{{type.type}}
{% endfor %}
</td>
</tr>
</table>
<h4>{% trans "Topology preferences" %}</h4>
......
......@@ -232,7 +232,7 @@ msgstr "Accéder à mon profil"
#: templates/re2o/index.html:79
msgid "Services of the organisation"
msgstr "Serices de l'association"
msgstr "Services de l'association"
#: templates/re2o/index.html:93
msgid "Go there"
......
......@@ -41,6 +41,8 @@ from django.utils import timezone
from django.contrib.auth.models import Group, Permission
from django.utils.translation import ugettext_lazy as _
from machines.models import Interface, Machine, Nas
from topologie.models import Port
from preferences.models import OptionalUser
from re2o.utils import remove_user_room, get_input_formats_help_text
from re2o.mixins import FormRevMixin
......@@ -660,3 +662,53 @@ class EmailSettingsForm(FormRevMixin, FieldPermissionFormMixin, ModelForm):
model = User
fields = ['email','local_email_enabled', 'local_email_redirect']
class InitialRegisterForm(forms.Form):
register_room = forms.BooleanField(required=False)
register_machine = forms.BooleanField(required=False)
def __init__(self, *args, **kwargs):
switch_ip = kwargs.pop('switch_ip')
switch_port = kwargs.pop('switch_port')
client_mac = kwargs.pop('client_mac')
self.user = kwargs.pop('user')
if switch_ip and switch_port:
# Looking for a port
port = Port.objects.filter(switch__interface__ipv4__ipv4=switch_ip, port=switch_port).first()
# If a port exists, checking there is a room AND radius
if port:
if port.get_port_profile.radius_type != 'NO' and port.get_port_profile.radius_mode == 'STRICT' and hasattr(port, 'room'):
# Requesting user is not in this room ?
if self.user.room != port.room:
self.new_room = port.room
if client_mac and switch_ip:
# If this interface doesn't already exists
if not Interface.objects.filter(mac_address=client_mac):
self.mac_address = client_mac
self.nas_type = Nas.objects.filter(nas_type__interface__ipv4__ipv4=switch_ip).first()
super(InitialRegisterForm, self).__init__(*args, **kwargs)
if hasattr(self, 'new_room'):
self.fields['register_room'].label = _("New connection from room %s. Is it yours? If that is the case, type OK." % self.new_room)
else:
self.fields.pop('register_room')
if hasattr(self, 'mac_address'):
self.fields['register_machine'].label = _("New connection from new device. Register it? Say Yes to get Internet access from it (MAC Address : %s)." % self.mac_address)
else:
self.fields.pop('register_machine')
def clean_register_room(self):
if self.cleaned_data['register_room']:
if self.user.is_class_adherent:
remove_user_room(self.new_room)
user = self.user.adherent
user.room = self.new_room
user.save()
if self.user.is_class_club:
user = self.user.club
user.room = self.new_room
user.save()
def clean_register_machine(self):
if self.cleaned_data['register_machine']:
if self.mac_address and self.nas_type:
self.user.autoregister_machine(self.mac_address, self.nas_type)
This diff is collapsed.
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-08-24 15:50
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('users', '0076_auto_20180818_1321'),
]
operations = [
migrations.AlterField(
model_name='user',
name='state',
field=models.IntegerField(choices=[(0, 'STATE_ACTIVE'), (1, 'STATE_DISABLED'), (2, 'STATE_ARCHIVE'), (3, 'STATE_NOT_YET_ACTIVE')], default=3),
),
]
......@@ -186,10 +186,12 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
STATE_ACTIVE = 0
STATE_DISABLED = 1
STATE_ARCHIVE = 2
STATE_NOT_YET_ACTIVE = 3
STATES = (
(0, 'STATE_ACTIVE'),
(1, 'STATE_DISABLED'),
(2, 'STATE_ARCHIVE'),
(3, 'STATE_NOT_YET_ACTIVE'),
)
surname = models.CharField(max_length=255)
......@@ -231,7 +233,7 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
blank=True
)
pwd_ntlm = models.CharField(max_length=255)
state = models.IntegerField(choices=STATES, default=STATE_ACTIVE)
state = models.IntegerField(choices=STATES, default=STATE_NOT_YET_ACTIVE)
registered = models.DateTimeField(auto_now_add=True)
telephone = models.CharField(max_length=15, blank=True, null=True)
uid_number = models.PositiveIntegerField(
......@@ -329,7 +331,14 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
@property
def is_active(self):
""" Renvoie si l'user est à l'état actif"""
return self.state == self.STATE_ACTIVE
return self.state == self.STATE_ACTIVE or self.state == self.STATE_NOT_YET_ACTIVE
def set_active(self):
"""Enable this user if he subscribed successfully one time before"""
if self.state == self.STATE_NOT_YET_ACTIVE:
if self.facture_set.filter(valid=True).filter(Q(vente__type_cotisation='All') | Q(vente__type_cotisation='Adhesion')).exists():
self.state = self.STATE_ACTIVE
self.save()
@property
def is_staff(self):
......@@ -561,6 +570,9 @@ class User(RevMixin, FieldPermissionModelMixin, AbstractBaseUser,
try:
user_ldap = LdapUser.objects.get(uidNumber=self.uid_number)
except LdapUser.DoesNotExist:
# Freshly created users are NOT synced in ldap base
if self.state == self.STATE_NOT_YET_ACTIVE:
return
user_ldap = LdapUser(uidNumber=self.uid_number)
base = True
access_refresh = True
......
{% extends "users/sidebar.html" %}
{% comment %}
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
se veut agnostique au réseau considéré, de manière à être installable en
quelques clics.
Copyright © 2017 Gabriel Détraz
Copyright © 2017 Goulven Kermarec
Copyright © 2017 Augustin Lemesle
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load bootstrap3 %}
{% load massive_bootstrap_form %}
{% load static %}
{% load i18n %}
{% block title %}{% trans "Users" %}{% endblock %}
{% block content %}
<h3>{% trans "Your machine and your room were successfully registered. Please disconnect and reconnect your Ethernet cable to benefit from a wired connection." %}</h3>
<center><img src="{% static '/images/rj45.gif' %}" alt="rj45_in_out"></center>
<br/>
<br/>
<br/>
{% endblock %}
......@@ -52,7 +52,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% elif not users.has_access %}
<div class="panel panel-danger">
<div class="panel-heading dashboard">{% trans "No connection" %}</div>
<div class="panel-body dashboard">
<div class="panel-body dashboard">
{% can_create Facture %}
<a class="btn btn-danger btn-sm" role="button" href="{% url 'cotisations:new-facture' users.id %}">
<i class="fas fa-sign-in-alt"></i> {% trans "Pay for a connection" %}
......@@ -213,9 +213,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% if users.state == 0 %}
<td><i class="text-success">{% trans "Active" %}</i></td>
{% elif users.state == 1 %}
<td><i class="text-danger">{% trans "Disabled" %}</i></td>
{% else %}
<td><i class="text-warning">{% trans "Archived" %}</i></td>
<td><i class="text-warning">{% trans "Disabled" %}</i></td>
{% elif users.state == 2 %}
<td><i class="text-danger">{% trans "Archived" %}</i></td>
{% elif users.state == 3 %}
<td><i class="text-danger">{% trans "Not yet Member" %}</i></td>
{% endif %}
</tr>
<tr>
......
......@@ -109,6 +109,7 @@ urlpatterns = [
url(r'^mass_archive/$', views.mass_archive, name='mass-archive'),
url(r'^$', views.index, name='index'),
url(r'^index_clubs/$', views.index_clubs, name='index-clubs'),
url(r'^initial_register/$', views.initial_register, name='initial-register'),
url(r'^rest/ml/std/$',
views.ml_std_list,
name='ml-std-list'),
......
......@@ -47,13 +47,14 @@ from django.http import HttpResponse
from django.http import HttpResponseRedirect
from django.views.decorators.csrf import csrf_exempt
from django.utils.translation import ugettext as _
from django.core.exceptions import PermissionDenied
from rest_framework.renderers import JSONRenderer
from reversion import revisions as reversion
from cotisations.models import Facture, Paiement
from machines.models import Machine
from preferences.models import OptionalUser, GeneralOption, AssoOption
from preferences.models import OptionalUser, OptionalMachine, GeneralOption, AssoOption
from re2o.views import form
from re2o.utils import (
all_has_access,
......@@ -71,6 +72,8 @@ from re2o.acl import (
)
from cotisations.utils import find_payment_method
from netaddr import IPAddress, IPNetwork
from .serializers import MailingSerializer, MailingMemberSerializer
from .models import (
User,
......@@ -105,7 +108,8 @@ from .forms import (
PassForm,
ResetPasswordForm,
ClubAdminandMembersForm,
GroupForm
GroupForm,
InitialRegisterForm
)
......@@ -1081,6 +1085,34 @@ def process_passwd(request, req):
request
)
@login_required
def initial_register(request):
options, created = OptionalMachine.objects.get_or_create()
if any(IPAddress(request.META['REMOTE_ADDR']) in t.ip_set for t in options.autocapture_iprange.all()) or any(IPAddress(request.META['REMOTE_ADDR']) in IPNetwork(t.complete_prefixv6) for t in options.autocapture_iprange.all() if t.complete_prefixv6 ):
u_form = InitialRegisterForm(request.POST or None, user=request.user, switch_ip=request.GET.get('switch_ip', None), switch_port=request.GET.get('switch_port', None), client_mac=request.GET.get('client_mac', None))
if not u_form.fields:
messages.error(request, _("Incorrect URL, or already registered device"))
return redirect(reverse(
'users:profil',
kwargs={'userid': str(request.user.id)}
))
if u_form.is_valid():
messages.success(request, _("Successful registration! Please"
" disconnect and reconnect your Ethernet"
" cable to get Internet access."))
return form(
{},
'users/plugin_out.html',
request
)
return form(
{'userform': u_form, 'action_name': _("Register device or room")},
'users/user.html',
request
)
else:
raise PermissionDenied
class JSONResponse(HttpResponse):
""" Framework Rest """
......