aboutsummaryrefslogtreecommitdiffstats
path: root/src/account
diff options
context:
space:
mode:
authorParker Berberian <pberberian@iol.unh.edu>2019-01-29 10:05:27 -0500
committerParker Berberian <pberberian@iol.unh.edu>2019-01-29 10:05:27 -0500
commitfef3a855657a7e5c2393dc469690d73bb249bd8f (patch)
treeaa9d47271c112a8a81cb1768292bae7206bfbe58 /src/account
parent2c5650cad195f0bd78fb201ebbddc2afef96f752 (diff)
Allow Users to Delete objects and Cancel Bookings
A user can now delete thier own resources, configs, and snapshots as well as cancelling bookings. Change-Id: Ic8e4751feeb0b8fa0d76816b8df2d16729ad2828 Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>
Diffstat (limited to 'src/account')
-rw-r--r--src/account/urls.py19
-rw-r--r--src/account/views.py86
2 files changed, 96 insertions, 9 deletions
diff --git a/src/account/urls.py b/src/account/urls.py
index 85f0f1a..8aad80c 100644
--- a/src/account/urls.py
+++ b/src/account/urls.py
@@ -25,6 +25,7 @@ Including another URLconf
2. Add a URL to urlpatterns: url(r'^blog/', include('blog.urls'))
"""
from django.conf.urls import url
+from django.urls import path
from account.views import (
AccountSettingsView,
@@ -36,7 +37,11 @@ from account.views import (
account_booking_view,
account_images_view,
account_configuration_view,
- account_detail_view
+ account_detail_view,
+ resource_delete_view,
+ booking_cancel_view,
+ image_delete_view,
+ configuration_delete_view
)
app_name = "account"
@@ -46,9 +51,13 @@ urlpatterns = [
url(r'^login/$', JiraLoginView.as_view(), name='login'),
url(r'^logout/$', JiraLogoutView.as_view(), name='logout'),
url(r'^users/$', UserListView.as_view(), name='users'),
- url(r'^my/resources', account_resource_view, name="my-resources"),
- url(r'^my/bookings', account_booking_view, name="my-bookings"),
- url(r'^my/images', account_images_view, name="my-images"),
- url(r'^my/configurations', account_configuration_view, name="my-configurations"),
+ url(r'^my/resources/$', account_resource_view, name="my-resources"),
+ path('my/resources/delete/<int:resource_id>', resource_delete_view),
+ url(r'^my/bookings/$', account_booking_view, name="my-bookings"),
+ path('my/bookings/cancel/<int:booking_id>', booking_cancel_view),
+ url(r'^my/images/$', account_images_view, name="my-images"),
+ path('my/images/delete/<int:image_id>', image_delete_view),
+ url(r'^my/configurations/$', account_configuration_view, name="my-configurations"),
+ path('my/configurations/delete/<int:config_id>', configuration_delete_view),
url(r'^my/$', account_detail_view, name="my-account"),
]
diff --git a/src/account/views.py b/src/account/views.py
index e880208..11689a1 100644
--- a/src/account/views.py
+++ b/src/account/views.py
@@ -20,6 +20,9 @@ from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.models import User
from django.urls import reverse
+from django.http import HttpResponse
+from django.utils import timezone
+from django.shortcuts import get_object_or_404
from django.utils.decorators import method_decorator
from django.views.generic import RedirectView, TemplateView, UpdateView
from django.shortcuts import render
@@ -30,7 +33,7 @@ from account.forms import AccountSettingsForm
from account.jira_util import SignatureMethod_RSA_SHA1
from account.models import UserProfile
from booking.models import Booking
-from resource_inventory.models import GenericResourceBundle, ConfigBundle, Image
+from resource_inventory.models import GenericResourceBundle, ConfigBundle, Image, Host
@method_decorator(login_required, name='dispatch')
@@ -172,8 +175,22 @@ def account_resource_view(request):
if not request.user.is_authenticated:
return render(request, "dashboard/login.html", {'title': 'Authentication Required'})
template = "account/resource_list.html"
- resources = list(GenericResourceBundle.objects.filter(owner=request.user))
- context = {"resources": resources, "title": "My Resources"}
+ resources = GenericResourceBundle.objects.filter(
+ owner=request.user).prefetch_related("configbundle_set")
+ mapping = {}
+ resource_list = []
+ booking_mapping = {}
+ for grb in resources:
+ resource_list.append(grb)
+ mapping[grb.id] = [{"id": x.id, "name": x.name} for x in grb.configbundle_set.all()]
+ if Booking.objects.filter(resource__template=grb, end__gt=timezone.now()).exists():
+ booking_mapping[grb.id] = "true"
+ context = {
+ "resources": resource_list,
+ "grb_mapping": mapping,
+ "booking_mapping": booking_mapping,
+ "title": "My Resources"
+ }
return render(request, template, context=context)
@@ -202,5 +219,66 @@ def account_images_view(request):
template = "account/image_list.html"
my_images = Image.objects.filter(owner=request.user)
public_images = Image.objects.filter(public=True)
- context = {"title": "Images", "images": my_images, "public_images": public_images}
+ used_images = {}
+ for image in my_images:
+ if Host.objects.filter(booked=True, config__image=image).exists():
+ used_images[image.id] = "true"
+ context = {
+ "title": "Images",
+ "images": my_images,
+ "public_images": public_images,
+ "used_images": used_images
+ }
return render(request, template, context=context)
+
+
+def resource_delete_view(request, resource_id=None):
+ if not request.user.is_authenticated:
+ return HttpResponse('no') # 403?
+ grb = get_object_or_404(GenericResourceBundle, pk=resource_id)
+ if not request.user.id == grb.owner.id:
+ return HttpResponse('no') # 403?
+ if Booking.objects.filter(resource__template=grb, end__gt=timezone.now()).exists():
+ return HttpResponse('no') # 403?
+ grb.delete()
+ return HttpResponse('')
+
+
+def configuration_delete_view(request, config_id=None):
+ if not request.user.is_authenticated:
+ return HttpResponse('no') # 403?
+ config = get_object_or_404(ConfigBundle, pk=config_id)
+ if not request.user.id == config.owner.id:
+ return HttpResponse('no') # 403?
+ if Booking.objects.filter(config_bundle=config, end__gt=timezone.now()).exists():
+ return HttpResponse('no')
+ config.delete()
+ return HttpResponse('')
+
+
+def booking_cancel_view(request, booking_id=None):
+ if not request.user.is_authenticated:
+ return HttpResponse('no') # 403?
+ booking = get_object_or_404(Booking, pk=booking_id)
+ if not request.user.id == booking.owner.id:
+ return HttpResponse('no') # 403?
+
+ if booking.end < timezone.now(): # booking already over
+ return HttpResponse('')
+
+ booking.end = timezone.now()
+ booking.save()
+ return HttpResponse('')
+
+
+def image_delete_view(request, image_id=None):
+ if not request.user.is_authenticated:
+ return HttpResponse('no') # 403?
+ image = get_object_or_404(Image, pk=image_id)
+ if image.public or image.owner.id != request.user.id:
+ return HttpResponse('no') # 403?
+ # check if used in booking
+ if Host.objects.filter(booked=True, config__image=image).exists():
+ return HttpResponse('no') # 403?
+ image.delete()
+ return HttpResponse('')