diff options
author | Parker Berberian <pberberian@iol.unh.edu> | 2019-01-29 10:05:27 -0500 |
---|---|---|
committer | Parker Berberian <pberberian@iol.unh.edu> | 2019-01-29 10:05:27 -0500 |
commit | fef3a855657a7e5c2393dc469690d73bb249bd8f (patch) | |
tree | aa9d47271c112a8a81cb1768292bae7206bfbe58 /src/account | |
parent | 2c5650cad195f0bd78fb201ebbddc2afef96f752 (diff) |
Allow Users to Delete objects and Cancel Bookings
A user can now delete thier own resources, configs,
and snapshots as well as cancelling bookings.
Change-Id: Ic8e4751feeb0b8fa0d76816b8df2d16729ad2828
Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>
Diffstat (limited to 'src/account')
-rw-r--r-- | src/account/urls.py | 19 | ||||
-rw-r--r-- | src/account/views.py | 86 |
2 files changed, 96 insertions, 9 deletions
diff --git a/src/account/urls.py b/src/account/urls.py index 85f0f1a..8aad80c 100644 --- a/src/account/urls.py +++ b/src/account/urls.py @@ -25,6 +25,7 @@ Including another URLconf 2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls')) """ from django.conf.urls import url +from django.urls import path from account.views import ( AccountSettingsView, @@ -36,7 +37,11 @@ from account.views import ( account_booking_view, account_images_view, account_configuration_view, - account_detail_view + account_detail_view, + resource_delete_view, + booking_cancel_view, + image_delete_view, + configuration_delete_view ) app_name = "account" @@ -46,9 +51,13 @@ urlpatterns = [ url(r'^login/$', JiraLoginView.as_view(), name='login'), url(r'^logout/$', JiraLogoutView.as_view(), name='logout'), url(r'^users/$', UserListView.as_view(), name='users'), - url(r'^my/resources', account_resource_view, name="my-resources"), - url(r'^my/bookings', account_booking_view, name="my-bookings"), - url(r'^my/images', account_images_view, name="my-images"), - url(r'^my/configurations', account_configuration_view, name="my-configurations"), + url(r'^my/resources/$', account_resource_view, name="my-resources"), + path('my/resources/delete/<int:resource_id>', resource_delete_view), + url(r'^my/bookings/$', account_booking_view, name="my-bookings"), + path('my/bookings/cancel/<int:booking_id>', booking_cancel_view), + url(r'^my/images/$', account_images_view, name="my-images"), + path('my/images/delete/<int:image_id>', image_delete_view), + url(r'^my/configurations/$', account_configuration_view, name="my-configurations"), + path('my/configurations/delete/<int:config_id>', configuration_delete_view), url(r'^my/$', account_detail_view, name="my-account"), ] diff --git a/src/account/views.py b/src/account/views.py index e880208..11689a1 100644 --- a/src/account/views.py +++ b/src/account/views.py @@ -20,6 +20,9 @@ from django.contrib.auth.decorators import login_required from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.models import User from django.urls import reverse +from django.http import HttpResponse +from django.utils import timezone +from django.shortcuts import get_object_or_404 from django.utils.decorators import method_decorator from django.views.generic import RedirectView, TemplateView, UpdateView from django.shortcuts import render @@ -30,7 +33,7 @@ from account.forms import AccountSettingsForm from account.jira_util import SignatureMethod_RSA_SHA1 from account.models import UserProfile from booking.models import Booking -from resource_inventory.models import GenericResourceBundle, ConfigBundle, Image +from resource_inventory.models import GenericResourceBundle, ConfigBundle, Image, Host @method_decorator(login_required, name='dispatch') @@ -172,8 +175,22 @@ def account_resource_view(request): if not request.user.is_authenticated: return render(request, "dashboard/login.html", {'title': 'Authentication Required'}) template = "account/resource_list.html" - resources = list(GenericResourceBundle.objects.filter(owner=request.user)) - context = {"resources": resources, "title": "My Resources"} + resources = GenericResourceBundle.objects.filter( + owner=request.user).prefetch_related("configbundle_set") + mapping = {} + resource_list = [] + booking_mapping = {} + for grb in resources: + resource_list.append(grb) + mapping[grb.id] = [{"id": x.id, "name": x.name} for x in grb.configbundle_set.all()] + if Booking.objects.filter(resource__template=grb, end__gt=timezone.now()).exists(): + booking_mapping[grb.id] = "true" + context = { + "resources": resource_list, + "grb_mapping": mapping, + "booking_mapping": booking_mapping, + "title": "My Resources" + } return render(request, template, context=context) @@ -202,5 +219,66 @@ def account_images_view(request): template = "account/image_list.html" my_images = Image.objects.filter(owner=request.user) public_images = Image.objects.filter(public=True) - context = {"title": "Images", "images": my_images, "public_images": public_images} + used_images = {} + for image in my_images: + if Host.objects.filter(booked=True, config__image=image).exists(): + used_images[image.id] = "true" + context = { + "title": "Images", + "images": my_images, + "public_images": public_images, + "used_images": used_images + } return render(request, template, context=context) + + +def resource_delete_view(request, resource_id=None): + if not request.user.is_authenticated: + return HttpResponse('no') # 403? + grb = get_object_or_404(GenericResourceBundle, pk=resource_id) + if not request.user.id == grb.owner.id: + return HttpResponse('no') # 403? + if Booking.objects.filter(resource__template=grb, end__gt=timezone.now()).exists(): + return HttpResponse('no') # 403? + grb.delete() + return HttpResponse('') + + +def configuration_delete_view(request, config_id=None): + if not request.user.is_authenticated: + return HttpResponse('no') # 403? + config = get_object_or_404(ConfigBundle, pk=config_id) + if not request.user.id == config.owner.id: + return HttpResponse('no') # 403? + if Booking.objects.filter(config_bundle=config, end__gt=timezone.now()).exists(): + return HttpResponse('no') + config.delete() + return HttpResponse('') + + +def booking_cancel_view(request, booking_id=None): + if not request.user.is_authenticated: + return HttpResponse('no') # 403? + booking = get_object_or_404(Booking, pk=booking_id) + if not request.user.id == booking.owner.id: + return HttpResponse('no') # 403? + + if booking.end < timezone.now(): # booking already over + return HttpResponse('') + + booking.end = timezone.now() + booking.save() + return HttpResponse('') + + +def image_delete_view(request, image_id=None): + if not request.user.is_authenticated: + return HttpResponse('no') # 403? + image = get_object_or_404(Image, pk=image_id) + if image.public or image.owner.id != request.user.id: + return HttpResponse('no') # 403? + # check if used in booking + if Host.objects.filter(booked=True, config__image=image).exists(): + return HttpResponse('no') # 403? + image.delete() + return HttpResponse('') |