XF
/
fisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c283c6c192'
${ noResults }
fisk/core/views/assets.py

121 lines
3.5 KiB
Python
Raw Normal View History Unescape Escape

Implement CRUD for asset groups
1 year ago
from django.contrib.auth.mixins import LoginRequiredMixin
Add asset restriction webhook API
1 year ago
from django.http import HttpResponse
Use django-crud-mixins for CRUD helpers
1 year ago
from mixins.views import AbortSave, ObjectCreate, ObjectDelete, ObjectList, ObjectUpdate
Add asset restriction webhook API
1 year ago
from rest_framework import status
from rest_framework.parsers import JSONParser
from rest_framework.views import APIView
Implement CRUD for asset groups
1 year ago
Add asset groups and restrictions
1 year ago
from core.forms import AssetGroupForm, AssetRestrictionForm
from core.models import AssetGroup, AssetRestriction
Implement CRUD for asset groups
1 year ago
from core.util import logs
log = logs.get_logger(__name__)
Add asset groups and restrictions
1 year ago
# Asset Groups
Implement CRUD for asset groups
1 year ago
class AssetGroupList(LoginRequiredMixin, ObjectList):
list_template = "partials/assetgroup-list.html"
model = AssetGroup
page_title = "List of asset groups for restrictions. Linked to accounts."
list_url_name = "assetgroups"
list_url_args = ["type"]
submit_url_name = "assetgroup_create"
class AssetGroupCreate(LoginRequiredMixin, ObjectCreate):
model = AssetGroup
form_class = AssetGroupForm
submit_url_name = "assetgroup_create"
class AssetGroupUpdate(LoginRequiredMixin, ObjectUpdate):
model = AssetGroup
form_class = AssetGroupForm
submit_url_name = "assetgroup_update"
class AssetGroupDelete(LoginRequiredMixin, ObjectDelete):
model = AssetGroup
Add asset groups and restrictions
1 year ago
# Asset Restrictions
class AssetRestrictionsPermissionMixin:
# Check the user has permission to view the asset group
# We have a user check on the AssetRestriction, but we need to check the
# AssetGroup as well
def set_extra_args(self, user):
self.extra_permission_args = {
"group__user": user,
"group__pk": self.kwargs["group"],
}
class AssetRestrictionList(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectList
):
list_template = "partials/assetrestriction-list.html"
model = AssetRestriction
page_title = "List of asset restrictions. Linked to asset groups."
list_url_name = "assetrestrictions"
list_url_args = ["type", "group"]
submit_url_name = "assetrestriction_create"
submit_url_args = ["type", "group"]
class AssetRestrictionCreate(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectCreate
):
model = AssetRestriction
form_class = AssetRestrictionForm
submit_url_name = "assetrestriction_create"
submit_url_args = ["type", "group"]
def pre_save_mutate(self, user, obj):
try:
assetgroup = AssetGroup.objects.get(pk=self.kwargs["group"], user=user)
obj.group = assetgroup
except AssetGroup.DoesNotExist:
log.error(f"Asset Group {self.kwargs['group']} does not exist")
raise AbortSave("asset group does not exist or you don't have access")
class AssetRestrictionUpdate(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectUpdate
):
model = AssetRestriction
form_class = AssetRestrictionForm
submit_url_name = "assetrestriction_update"
submit_url_args = ["type", "pk", "group"]
class AssetRestrictionDelete(
LoginRequiredMixin, AssetRestrictionsPermissionMixin, ObjectDelete
):
model = AssetRestriction
Add asset restriction webhook API
1 year ago
class AssetRestrictionAPI(APIView):
parser_classes = [JSONParser]
def post(self, request, webhook_id):
log.debug(f"AssetAPI POST {webhook_id}: {request.data}")
try:
webhook = AssetRestriction.objects.get(webhook_id=webhook_id)
except AssetRestriction.DoesNotExist:
log.error(f"AssetRestriction {webhook_id} does not exist")
return HttpResponse(status=status.HTTP_404_NOT_FOUND)
return HttpResponse(status=status.HTTP_200_OK)