diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..cf39121 --- /dev/null +++ b/.env.example @@ -0,0 +1,2 @@ +DOMAIN=localhost +DEMO=false diff --git a/README.md b/README.md index 44a3151..375cd85 100644 --- a/README.md +++ b/README.md @@ -1,21 +1,20 @@ -# INSTALACION: +# INSTALACIÓN: -la instalacion es muy estandar +La instalación es muy estándar ``` - python -m venv env - source env/bin/actevate - python install -r requirements.txt +python -m venv env +source env/bin/actevate +python install -r requirements.txt ``` -## IMPORTANT EXTERNAL DEPENDETS +## IMPORTANT EXTERNAL DEPENDENCIES -Para arrancarlo es necesario tener el paquete xapian-bindings en tu ordenador. No se instala por pip asi que depende de cada sistema operativo: -https://xapian.org/download +Para arrancarlo es necesario tener el paquete `xapian-bindings` en tu ordenador. No se instala mediante `pip`, así que depende de cada [sistema operativo](https://xapian.org/download). Luego solo necesitas: ``` - ./manage.py migrate - ./manage.py runserver +./manage.py migrate +./manage.py runserver ``` diff --git a/admin/__init__.py b/admin/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/admin/admin.py b/admin/admin.py new file mode 100644 index 0000000..8c38f3f --- /dev/null +++ b/admin/admin.py @@ -0,0 +1,3 @@ +from django.contrib import admin + +# Register your models here. diff --git a/admin/apps.py b/admin/apps.py new file mode 100644 index 0000000..6d596f5 --- /dev/null +++ b/admin/apps.py @@ -0,0 +1,6 @@ +from django.apps import AppConfig + + +class AdminConfig(AppConfig): + default_auto_field = "django.db.models.BigAutoField" + name = "admin" diff --git a/admin/migrations/__init__.py b/admin/migrations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/admin/models.py b/admin/models.py new file mode 100644 index 0000000..71a8362 --- /dev/null +++ b/admin/models.py @@ -0,0 +1,3 @@ +from django.db import models + +# Create your models here. diff --git a/admin/templates/admin_panel.html b/admin/templates/admin_panel.html new file mode 100644 index 0000000..3dd5ed1 --- /dev/null +++ b/admin/templates/admin_panel.html @@ -0,0 +1,19 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +
+
+ + {% translate "Institution" %} + +
+
+ +{% endblock %} diff --git a/admin/templates/admin_users.html b/admin/templates/admin_users.html new file mode 100644 index 0000000..37fbf96 --- /dev/null +++ b/admin/templates/admin_users.html @@ -0,0 +1,39 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ {% translate "Add new user" %} +
+
+ +
+
+ + + + + + + + + + + + {% for u in users %} + + + + + + {% endfor %} + +
Emailis Admin
{{ u.email }}{{ u.is_admin }}
+
+
+ +{% endblock %} diff --git a/admin/templates/delete_user.html b/admin/templates/delete_user.html new file mode 100644 index 0000000..5aa402d --- /dev/null +++ b/admin/templates/delete_user.html @@ -0,0 +1,38 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +{% load django_bootstrap5 %} +
+
+ Are you sure than want remove the lot {{ object.name }} with {{ object.devices.count }} devices. +
+
+ +
+{% csrf_token %} +{% if form.errors %} + +{% endif %} +{% bootstrap_form form %} +
+ {% translate "Cancel" %} + +
+ +
+{% endblock %} diff --git a/admin/templates/institution.html b/admin/templates/institution.html new file mode 100644 index 0000000..88014b9 --- /dev/null +++ b/admin/templates/institution.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +{% load django_bootstrap5 %} +
+{% csrf_token %} +{% if form.errors %} + +{% endif %} +{% bootstrap_form form %} +
+ {% translate "Cancel" %} + +
+ +
+{% endblock %} diff --git a/admin/templates/user.html b/admin/templates/user.html new file mode 100644 index 0000000..1ea00d8 --- /dev/null +++ b/admin/templates/user.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +{% load django_bootstrap5 %} +
+{% csrf_token %} +{% if form.errors %} + +{% endif %} +{% bootstrap_form form %} +
+ {% translate "Cancel" %} + +
+ +
+{% endblock %} diff --git a/admin/tests.py b/admin/tests.py new file mode 100644 index 0000000..7ce503c --- /dev/null +++ b/admin/tests.py @@ -0,0 +1,3 @@ +from django.test import TestCase + +# Create your tests here. diff --git a/admin/urls.py b/admin/urls.py new file mode 100644 index 0000000..9a26cbf --- /dev/null +++ b/admin/urls.py @@ -0,0 +1,13 @@ +from django.urls import path +from admin import views + +app_name = 'admin' + +urlpatterns = [ + path("panel/", views.PanelView.as_view(), name="panel"), + path("users/", views.UsersView.as_view(), name="users"), + path("users/new", views.CreateUserView.as_view(), name="new_user"), + path("users/edit/", views.EditUserView.as_view(), name="edit_user"), + path("users/delete/", views.DeleteUserView.as_view(), name="delete_user"), + path("institution/", views.InstitutionView.as_view(), name="institution"), +] diff --git a/admin/views.py b/admin/views.py new file mode 100644 index 0000000..9ce25c7 --- /dev/null +++ b/admin/views.py @@ -0,0 +1,126 @@ +from smtplib import SMTPException +from django.urls import reverse_lazy +from django.shortcuts import get_object_or_404 +from django.utils.translation import gettext_lazy as _ +from django.views.generic.base import TemplateView +from django.views.generic.edit import ( + CreateView, + UpdateView, + DeleteView, +) +from dashboard.mixins import DashboardView, Http403 +from user.models import User, Institution +from admin.email import NotifyActivateUserByEmail + + +class AdminView(DashboardView): + def get(self, *args, **kwargs): + response = super().get(*args, **kwargs) + if not self.request.user.is_admin: + raise Http403 + + return response + +class PanelView(AdminView, TemplateView): + template_name = "admin_panel.html" + title = _("Admin") + breadcrumb = _("admin") + " /" + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + return context + + +class UsersView(AdminView, TemplateView): + template_name = "admin_users.html" + title = _("Users") + breadcrumb = _("admin / Users") + " /" + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + context.update({ + "users": User.objects.filter() + }) + return context + + +class CreateUserView(AdminView, NotifyActivateUserByEmail, CreateView): + template_name = "user.html" + title = _("User") + breadcrumb = _("admin / User") + " /" + success_url = reverse_lazy('admin:users') + model = User + fields = ( + "email", + "password", + "is_admin", + ) + + def form_valid(self, form): + form.instance.institution = self.request.user.institution + form.instance.set_password(form.instance.password) + response = super().form_valid(form) + + try: + self.send_email(form.instance) + except SMTPException as e: + messages.error(self.request, e) + + return response + + +class DeleteUserView(AdminView, DeleteView): + template_name = "delete_user.html" + title = _("Delete user") + breadcrumb = "admin / Delete user" + success_url = reverse_lazy('admin:users') + model = User + fields = ( + "email", + "password", + "is_admin", + ) + + def form_valid(self, form): + response = super().form_valid(form) + return response + + +class EditUserView(AdminView, UpdateView): + template_name = "user.html" + title = _("Edit user") + breadcrumb = "admin / Edit user" + success_url = reverse_lazy('admin:users') + model = User + fields = ( + "email", + "is_admin", + ) + + def get_form_kwargs(self): + pk = self.kwargs.get('pk') + self.object = get_object_or_404(self.model, pk=pk) + #self.object.set_password(self.object.password) + kwargs = super().get_form_kwargs() + return kwargs + + +class InstitutionView(AdminView, UpdateView): + template_name = "institution.html" + title = _("Edit institution") + section = "admin" + subtitle = _('Edit institution') + model = Institution + success_url = reverse_lazy('admin:panel') + fields = ( + "name", + "logo", + "location", + "responsable_person", + "supervisor_person" + ) + + def get_form_kwargs(self): + self.object = self.request.user.institution + kwargs = super().get_form_kwargs() + return kwargs diff --git a/api/migrations/0001_initial.py b/api/migrations/0001_initial.py index 22c5a1f..b15c44e 100644 --- a/api/migrations/0001_initial.py +++ b/api/migrations/0001_initial.py @@ -1,4 +1,4 @@ -# Generated by Django 5.0.6 on 2024-09-19 15:09 +# Generated by Django 5.0.6 on 2024-10-10 11:34 import django.db.models.deletion from django.conf import settings @@ -26,6 +26,7 @@ class Migration(migrations.Migration): verbose_name="ID", ), ), + ("tag", models.CharField(max_length=50)), ("token", models.UUIDField()), ( "owner", diff --git a/api/models.py b/api/models.py index b8bbc24..8cdf430 100644 --- a/api/models.py +++ b/api/models.py @@ -1,9 +1,8 @@ from django.db import models from user.models import User -# Create your models here. - class Token(models.Model): + tag = models.CharField(max_length=50) token = models.UUIDField() owner = models.ForeignKey(User, on_delete=models.CASCADE) diff --git a/api/tables.py b/api/tables.py index ac1cc7a..27c8cbf 100644 --- a/api/tables.py +++ b/api/tables.py @@ -33,12 +33,30 @@ class TokensTable(tables.Table): }, orderable=False ) - + edit_token = ButtonColumn( + linkify={ + "viewname": "api:edit_token", + "args": [tables.A("pk")] + }, + attrs = { + "a": { + "type": "button", + "class": "text-primary", + "title": "Remove", + } + }, + orderable=False, + verbose_name="Edit" + ) token = tables.Column(verbose_name=_("Token"), empty_values=()) + tag = tables.Column(verbose_name=_("Tag"), empty_values=()) def render_view_user(self): return format_html('') + def render_edit_token(self): + return format_html('') + # def render_token(self, record): # return record.get_memberships() @@ -63,5 +81,5 @@ class TokensTable(tables.Table): class Meta: model = Token template_name = "custom_table.html" - fields = ("token", "view_user") + fields = ("token", "tag", "edit_token") diff --git a/api/templates/new_token.html b/api/templates/new_token.html new file mode 100644 index 0000000..77e0503 --- /dev/null +++ b/api/templates/new_token.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +{% load django_bootstrap5 %} +
+{% csrf_token %} +{% if form.errors %} + +{% endif %} +{% bootstrap_form form %} +
+ {% translate "Cancel" %} + +
+ +
+{% endblock %} diff --git a/api/templates/token.html b/api/templates/token.html index 5185090..2ba2ca7 100644 --- a/api/templates/token.html +++ b/api/templates/token.html @@ -8,6 +8,7 @@ {{ subtitle }} {% render_table table %} +
{% translate "Generate a new token" %}
diff --git a/api/urls.py b/api/urls.py index f3c8028..5eac279 100644 --- a/api/urls.py +++ b/api/urls.py @@ -9,5 +9,6 @@ urlpatterns = [ path('snapshot/', views.NewSnapshot, name='new_snapshot'), path('tokens/', views.TokenView.as_view(), name='tokens'), path('tokens/new', views.TokenNewView.as_view(), name='new_token'), + path("tokens//edit", views.EditTokenView.as_view(), name="edit_token"), path('tokens//del', views.TokenDeleteView.as_view(), name='delete_token'), ] diff --git a/api/views.py b/api/views.py index fbccb79..175fe3e 100644 --- a/api/views.py +++ b/api/views.py @@ -1,13 +1,19 @@ import json +from django.conf import settings +from django.urls import reverse_lazy from django.shortcuts import get_object_or_404, redirect from django.utils.translation import gettext_lazy as _ from django.views.decorators.csrf import csrf_exempt from django.core.exceptions import ValidationError -from django.views.generic.edit import DeleteView -from django.views.generic.base import View -from django.http import JsonResponse from django_tables2 import SingleTableView +from django.views.generic.base import View +from django.views.generic.edit import ( + CreateView, + DeleteView, + UpdateView, +) +from django.http import JsonResponse from uuid import uuid4 from dashboard.mixins import DashboardView @@ -29,14 +35,14 @@ def NewSnapshot(request): return JsonResponse({'error': 'Invalid request method'}, status=400) # Authentication - # auth_header = request.headers.get('Authorization') - # if not auth_header or not auth_header.startswith('Bearer '): - # return JsonResponse({'error': 'Invalid or missing token'}, status=401) + auth_header = request.headers.get('Authorization') + if not auth_header or not auth_header.startswith('Bearer '): + return JsonResponse({'error': 'Invalid or missing token'}, status=401) - # token = auth_header.split(' ')[1] - # tk = Token.objects.filter(token=token).first() - # if not tk: - # return JsonResponse({'error': 'Invalid or missing token'}, status=401) + token = auth_header.split(' ')[1] + tk = Token.objects.filter(token=token).first() + if not tk: + return JsonResponse({'error': 'Invalid or missing token'}, status=401) # Validation snapshot try: @@ -60,15 +66,34 @@ def NewSnapshot(request): # save_in_disk(data, tk.user) try: - # Build(data, tk.user) - user = User.objects.get(email="user@example.org") - Build(data, user) + Build(data, tk.owner) except Exception: return JsonResponse({'status': 'fail'}, status=200) - return JsonResponse({'status': 'success'}, status=200) + annotation = Annotation.objects.filter( + uuid=data['uuid'], + type=Annotation.Type.SYSTEM, + # TODO this is hardcoded, it should select the user preferred algorithm + key="hidalgo1", + owner=tk.owner.institution + ).first() + if not annotation: + return JsonResponse({'status': 'fail'}, status=200) + + url = "{}://{}{}".format( + request.scheme, + settings.DOMAIN, + reverse_lazy("device:details", args=(annotation.value,)) + ) + response = { + "status": "success", + "dhid": annotation.value[:6].upper(), + "url": url, + "public_url": url + } + return JsonResponse(response, status=200) class TokenView(DashboardView, SingleTableView): @@ -89,7 +114,7 @@ class TokenView(DashboardView, SingleTableView): def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) context.update({ - 'tokens': Token.objects, + 'tokens': Token.objects.all(), }) return context @@ -105,10 +130,42 @@ class TokenDeleteView(DashboardView, DeleteView): return redirect('api:tokens') -class TokenNewView(DashboardView, View): +class TokenNewView(DashboardView, CreateView): + template_name = "new_token.html" + title = _("Credential management") + section = "Credential" + subtitle = _('New Tokens') + icon = 'bi bi-key' + model = Token + success_url = reverse_lazy('api:tokens') + fields = ( + "tag", + ) - def get(self, request, *args, **kwargs): - Token.objects.create(token=uuid4(), owner=self.request.user) + def form_valid(self, form): + form.instance.owner = self.request.user + form.instance.token = uuid4() + return super().form_valid(form) - return redirect('api:tokens') - + +class EditTokenView(DashboardView, UpdateView): + template_name = "new_token.html" + title = _("Credential management") + section = "Credential" + subtitle = _('New Tokens') + icon = 'bi bi-key' + model = Token + success_url = reverse_lazy('api:tokens') + fields = ( + "tag", + ) + + def get_form_kwargs(self): + pk = self.kwargs.get('pk') + self.object = get_object_or_404( + self.model, + owner=self.request.user, + pk=pk, + ) + kwargs = super().get_form_kwargs() + return kwargs diff --git a/dashboard/mixins.py b/dashboard/mixins.py index 7e2e236..aa63d36 100644 --- a/dashboard/mixins.py +++ b/dashboard/mixins.py @@ -1,5 +1,5 @@ from django.urls import resolve -from django.shortcuts import get_object_or_404, redirect +from django.shortcuts import get_object_or_404, redirect, Http404 from django.utils.translation import gettext_lazy as _ from django.core.exceptions import PermissionDenied from django.contrib.auth.mixins import LoginRequiredMixin @@ -45,10 +45,11 @@ class DashboardView(LoginRequiredMixin): def get_session_devices(self): dev_ids = self.request.session.pop("devices", []) - + self._devices = [] - annotation = Annotation.objects.filter(value__in=dev_ids) - for x in annotation.filter(owner=self.request.user.institution).distinct(): + for x in Annotation.objects.filter(value__in=dev_ids).filter( + owner=self.request.user.institution + ).distinct(): self._devices.append(Device(id=x.value)) return self._devices @@ -57,7 +58,11 @@ class DetailsMixin(DashboardView, TemplateView): def get(self, request, *args, **kwargs): self.pk = kwargs['pk'] - self.object = get_object_or_404(self.model, pk=self.pk, owner=self.request.user.institution) + self.object = get_object_or_404( + self.model, + pk=self.pk, + owner=self.request.user.institution + ) return super().get(request, *args, **kwargs) def get_context_data(self, **kwargs): @@ -71,14 +76,46 @@ class DetailsMixin(DashboardView, TemplateView): class InventaryMixin(DashboardView, TemplateView): def post(self, request, *args, **kwargs): - dev_ids = dict(self.request.POST).get("devices", []) - self.request.session["devices"] = dev_ids - url = self.request.POST.get("url") + post = dict(self.request.POST) + url = post.get("url") + if url: + dev_ids = post.get("devices", []) + self.request.session["devices"] = dev_ids + try: - resource = resolve(url) + resource = resolve(url[0]) if resource and dev_ids: - return redirect(url) + return redirect(url[0]) except Exception: pass return super().get(request, *args, **kwargs) + + def get_context_data(self, **kwargs): + context = super().get_context_data(**kwargs) + limit = self.request.GET.get("limit") + page = self.request.GET.get("page") + try: + limit = int(limit) + page = int(page) + if page < 1: + page = 1 + if limit < 1: + limit = 10 + except: + limit = 10 + page = 1 + + offset = (page - 1) * limit + devices, count = self.get_devices(self.request.user, offset, limit) + total_pages = (count + limit - 1) // limit + + context.update({ + 'devices': devices, + 'count': count, + "limit": limit, + "offset": offset, + "page": page, + "total_pages": total_pages, + }) + return context diff --git a/dashboard/templates/base.html b/dashboard/templates/base.html index 318c890..40e6658 100644 --- a/dashboard/templates/base.html +++ b/dashboard/templates/base.html @@ -61,12 +61,12 @@
DEVICEHUB
- PANGEA + {{ user.institution.name|upper }}
- {{ user.email }} + {{ user.email }} @@ -79,6 +79,26 @@ @@ -165,7 +179,19 @@ {% endblock messages %}

{{ title }}

+ +
+ {% csrf_token %} +
+ + + + +
+
+
+
{{ breadcrumb }} diff --git a/dashboard/templates/dashboard.html-bk b/dashboard/templates/dashboard.html-bk deleted file mode 100644 index 47289f0..0000000 --- a/dashboard/templates/dashboard.html-bk +++ /dev/null @@ -1,213 +0,0 @@ -{% load i18n static %} - - - - - {% block head %} - {% block meta %} - - - - - - {% endblock %} - {% block title %}{% if title %}{{ title }} – {% endif %}DeviceHub{% endblock %} - - - {% block style %} - - - - - - - - - - {% endblock %} - {% endblock %} - - -
- DEVICE HUB -
- PANGEA -
-
-
- - {{ user.email }} - - - -
-
-
- -
-
- - -
- {% block messages %} - {% for message in messages %} - - {% endfor %} - {% endblock messages %} -
-

{{ title }}

-
-
-
- - {% block content %} - {% endblock content %} - -
-
-
- - -
-
- {{ commit_id }} -
-
- - {% block script %} - - - - {% block extrascript %}{% endblock %} - {% endblock %} - - diff --git a/dashboard/templates/pagination.html b/dashboard/templates/pagination.html new file mode 100644 index 0000000..7a20679 --- /dev/null +++ b/dashboard/templates/pagination.html @@ -0,0 +1,47 @@ +{% load i18n %} +{% load range %} + + diff --git a/dashboard/templates/unassigned_devices.html b/dashboard/templates/unassigned_devices.html index c21a2be..369edd2 100644 --- a/dashboard/templates/unassigned_devices.html +++ b/dashboard/templates/unassigned_devices.html @@ -1,5 +1,7 @@ {% extends "base.html" %} {% load i18n %} +{% load paginacion %} + {% block content %}
@@ -13,7 +15,7 @@ {% trans 'Documents' %} {% endif %} - + {% trans 'Exports' %} @@ -33,7 +35,19 @@ - Title + select + + + shortid + + + type + + + manufacturer + + + model @@ -45,14 +59,28 @@ - {{ dev.type }} {{ dev.manufacturer }} {{ dev.model }} + {{ dev.shortid }} + + {{ dev.type }} + + + {{ dev.manufacturer }} + + + {{ dev.model }} + {% endfor %} - +
+
+
+ {% render_pagination page total_pages limit %} +
+
{% endblock %} diff --git a/dashboard/templatetags/__init__.py b/dashboard/templatetags/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/dashboard/templatetags/paginacion.py b/dashboard/templatetags/paginacion.py new file mode 100644 index 0000000..94ff5fc --- /dev/null +++ b/dashboard/templatetags/paginacion.py @@ -0,0 +1,20 @@ +from django import template + +register = template.Library() + +@register.inclusion_tag('pagination.html') +def render_pagination(page_number, total_pages, limit=10): + """ + Template tag for render pagination + + Args: + - page_number: number of actual page + - total_pages: total pages. + + Use it template: {% render_pagination page_number total_pages %} + """ + return { + 'page_number': page_number, + 'total_pages': total_pages, + 'limit': limit + } diff --git a/dashboard/templatetags/range.py b/dashboard/templatetags/range.py new file mode 100644 index 0000000..7e4a724 --- /dev/null +++ b/dashboard/templatetags/range.py @@ -0,0 +1,23 @@ +from django import template + +register = template.Library() + + +@register.filter +def range_filter(value, page): + m = 11 + mind = page -1 - m // 2 + maxd = page + 1 + m // 2 + if mind < 0: + maxd += abs(mind) + if maxd > value: + mind -= abs(maxd-value-1) + total_pages = [x for x in range(1, value + 1) if maxd > x > mind] + + if value > m: + if total_pages[0] > 1: + total_pages = ["..."] + total_pages + if total_pages[-1] < value: + total_pages = total_pages + ["..."] + + return total_pages diff --git a/dashboard/urls.py b/dashboard/urls.py index 681b73e..835e708 100644 --- a/dashboard/urls.py +++ b/dashboard/urls.py @@ -6,4 +6,5 @@ app_name = 'dashboard' urlpatterns = [ path("", views.UnassignedDevicesView.as_view(), name="unassigned_devices"), path("/", views.LotDashboardView.as_view(), name="lot"), + path("search", views.SearchView.as_view(), name="search"), ] diff --git a/dashboard/views.py b/dashboard/views.py index bcc4eeb..b34e2a6 100644 --- a/dashboard/views.py +++ b/dashboard/views.py @@ -1,5 +1,13 @@ +import json + from django.utils.translation import gettext_lazy as _ +from django.views.generic.edit import FormView +from django.shortcuts import Http404 +from django.db.models import Q + from dashboard.mixins import InventaryMixin, DetailsMixin +from evidence.models import Annotation +from evidence.xapian import search from device.models import Device from lot.models import Lot @@ -10,15 +18,8 @@ class UnassignedDevicesView(InventaryMixin): title = _("Unassigned Devices") breadcrumb = "Devices / Unassigned Devices" - def get_context_data(self, **kwargs): - context = super().get_context_data(**kwargs) - devices = Device.get_unassigned(self.request.user.institution) - - context.update({ - 'devices': devices, - }) - - return context + def get_devices(self, user, offset, limit): + return Device.get_unassigned(self.request.user.institution, offset, limit) class LotDashboardView(InventaryMixin, DetailsMixin): @@ -30,14 +31,75 @@ class LotDashboardView(InventaryMixin, DetailsMixin): def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) - devices = self.get_devices() lot = context.get('object') context.update({ - 'devices': devices, 'lot': lot, }) return context - def get_devices(self): - chids = self.object.devicelot_set.all().values_list("device_id", flat=True).distinct() - return [Device(id=x) for x in chids] + def get_devices(self, user, offset, limit): + chids = self.object.devicelot_set.all().values_list( + "device_id", flat=True + ).distinct() + + chids_page = chids[offset:offset+limit] + return [Device(id=x) for x in chids_page], chids.count() + + +class SearchView(InventaryMixin): + template_name = "unassigned_devices.html" + section = "Search" + title = _("Search Devices") + breadcrumb = "Devices / Search Devices" + + def get_devices(self, user, offset, limit): + post = dict(self.request.POST) + query = post.get("search") + + if not query: + return [], 0 + + matches = search( + self.request.user.institution, + query[0], + offset, + limit + ) + + if not matches.size(): + return self.search_hids(query, offset, limit) + + annotations = [] + for x in matches: + annotations.extend(self.get_annotations(x)) + + devices = [Device(id=x) for x in set(annotations)] + count = matches.size() + return devices, count + + def get_annotations(self, xp): + snap = xp.document.get_data() + uuid = json.loads(snap).get('uuid') + + return Annotation.objects.filter( + type=Annotation.Type.SYSTEM, + owner=self.request.user.institution, + uuid=uuid + ).values_list("value", flat=True).distinct() + + def search_hids(self, query, offset, limit): + qry = Q() + + for i in query[0].split(" "): + if i: + qry |= Q(value__startswith=i) + + chids = Annotation.objects.filter( + type=Annotation.Type.SYSTEM, + owner=self.request.user.institution + ).filter( + qry + ).values_list("value", flat=True).distinct() + chids_page = chids[offset:offset+limit] + + return [Device(id=x) for x in chids_page], chids.count() diff --git a/device/forms.py b/device/forms.py index b6c1d21..b2f0d3c 100644 --- a/device/forms.py +++ b/device/forms.py @@ -23,7 +23,7 @@ DEVICE_TYPES = [ class DeviceForm(forms.Form): type = forms.ChoiceField(choices = DEVICE_TYPES, required=False) amount = forms.IntegerField(required=False, initial=1) - customer_id = forms.CharField(required=False) + custom_id = forms.CharField(required=False) name = forms.CharField(required=False) value = forms.CharField(required=False) @@ -49,14 +49,14 @@ class BaseDeviceFormSet(forms.BaseFormSet): row["amount"] = d["amount"] if d.get("name"): row[d["name"]] = d.get("value", '') - if d.get("customer_id"): - row['CUSTOMER_ID']= d["customer_id"] + if d.get("custom_id"): + row['CUSTOM_ID']= d["custom_id"] doc = create_doc(row) if not commit: return doc - create_index(doc) + create_index(doc, self.user) create_annotation(doc, user, commit=commit) return doc diff --git a/device/models.py b/device/models.py index 6e0bc50..926e447 100644 --- a/device/models.py +++ b/device/models.py @@ -1,4 +1,4 @@ -from django.db import models +from django.db import models, connection from utils.constants import STR_SM_SIZE, STR_SIZE, STR_EXTEND_SIZE, ALGOS from evidence.models import Annotation, Evidence @@ -27,6 +27,7 @@ class Device: # the id is the chid of the device self.id = kwargs["id"] self.pk = self.id + self.shortid = self.pk[:6].upper() self.algorithm = None self.owner = None self.annotations = [] @@ -89,10 +90,10 @@ class Device: def get_hids(self): annotations = self.get_annotations() - self.hids = annotations.filter( + self.hids = list(set(annotations.filter( type=Annotation.Type.SYSTEM, key__in=ALGOS.keys(), - ).values_list("value", flat=True) + ).values_list("value", flat=True))) def get_evidences(self): if not self.uuids: @@ -102,8 +103,9 @@ class Device: def get_last_evidence(self): annotations = self.get_annotations() - if annotations: - annotation = annotations.first() + if not annotations.count(): + return + annotation = annotations.first() self.last_evidence = Evidence(annotation.uuid) def last_uuid(self): @@ -113,30 +115,59 @@ class Device: self.lots = [x.lot for x in DeviceLot.objects.filter(device_id=self.id)] @classmethod - def get_unassigned(cls, institution): - chids = DeviceLot.objects.filter(lot__owner=institution).values_list("device_id", flat=True).distinct() - annotations = Annotation.objects.filter( - owner=institution, - type=Annotation.Type.SYSTEM, - ).exclude(value__in=chids).values_list("value", flat=True).distinct() - return [cls(id=x) for x in annotations] + def get_unassigned(cls, institution, offset=0, limit=None): - # return cls.objects.filter( - # owner=user - # ).annotate(num_lots=models.Count('lot')).filter(num_lots=0) + sql = """ + SELECT DISTINCT t1.value from evidence_annotation as t1 + left join lot_devicelot as t2 on t1.value = t2.device_id + where t2.device_id is null and owner_id=={institution} and type=={type} + """.format( + institution=institution.id, + type=Annotation.Type.SYSTEM, + ) + if limit: + sql += " limit {} offset {}".format(int(limit), int(offset)) + + sql += ";" + + annotations = [] + with connection.cursor() as cursor: + cursor.execute(sql) + annotations = cursor.fetchall() + + devices = [cls(id=x[0]) for x in annotations] + count = cls.get_unassigned_count(institution) + return devices, count + + + @classmethod + def get_unassigned_count(cls, institution): + + sql = """ + SELECT count(DISTINCT t1.value) from evidence_annotation as t1 + left join lot_devicelot as t2 on t1.value = t2.device_id + where t2.device_id is null and owner_id=={institution} and type=={type}; + """.format( + institution=institution.id, + type=Annotation.Type.SYSTEM, + ) + + with connection.cursor() as cursor: + cursor.execute(sql) + return cursor.fetchall()[0][0] @property def is_websnapshot(self): if not self.last_evidence: self.get_last_evidence() - return self.last_evidence.doc['type'] == "WebSnapshot" - + return self.last_evidence.doc['type'] == "WebSnapshot" + @property def last_user_evidence(self): if not self.last_evidence: self.get_last_evidence() return self.last_evidence.doc['kv'].items() - + @property def manufacturer(self): if not self.last_evidence: @@ -145,6 +176,9 @@ class Device: @property def type(self): + if self.last_evidence.doc['type'] == "WebSnapshot": + return self.last_evidence.doc.get("device", {}).get("type", "") + if not self.last_evidence: self.get_last_evidence() return self.last_evidence.get_chassis() @@ -155,3 +189,8 @@ class Device: self.get_last_evidence() return self.last_evidence.get_model() + @property + def components(self): + if not self.last_evidence: + self.get_last_evidence() + return self.last_evidence.get_components() diff --git a/device/templates/details.html b/device/templates/details.html index 586cc0f..b731597 100644 --- a/device/templates/details.html +++ b/device/templates/details.html @@ -2,9 +2,46 @@ {% load i18n %} {% block content %} -
-
-

{{ object.id }}

+
+
+

{{ object.shortid }}

+
+
+ +
+
+
    +
  • + +
    • +
  • + +
    • +
  • + +
    • +
  • + +
    • +
  • + +
    • +
  • + +
    • +
  • + Web +
    • +
+
+
+
+ +
+
Details
+
+
Phid
+
{{ object.id }}
@@ -48,18 +85,61 @@
{{ object.type }}
- {% if object.is_websnapshot %} - {% for k, v in object.last_user_evidence %} -
-
{{ k }}
-
{{ v|default:'' }}
-
- {% endfor %} - {% else %} -
-
Manufacturer
-
{{ object.manufacturer|default:'' }}
+ + Add new document + + +
+ +
Documents
+ + + + + + + + + + + + {% for a in object.get_user_documents %} + + + + + + + + {% endfor %} + + +
KeyValueCreated on
{{ a.key }}{{ a.value }}{{ a.created }}
+
+ +
+
Components last evidence
+
+ {% for c in object.components %} +
+
+
{{ c.type }}
+ {{ evidence.created }}
+

+ {% for k, v in c.items %} + {% if k not in "actions,type" %} + {{ k }}: {{ v }}
+ {% endif %} + {% endfor %} +
+

+ + +
+ {% endfor %} +
+
Model
diff --git a/device/templates/new_device.html b/device/templates/new_device.html index bdb2911..320790d 100644 --- a/device/templates/new_device.html +++ b/device/templates/new_device.html @@ -40,15 +40,6 @@ {% endif %} {{ form.management_form }}
-
-
-
- - - {% trans 'Add' %} - -
-
{% bootstrap_field form.0.type %} @@ -61,7 +52,18 @@
- {% bootstrap_field form.0.customer_id %} + {% bootstrap_field form.0.custom_id %} +
+
+
+
+ {% trans 'Component details' %} +
+
+ + + {% trans 'Add component' %} +
{% for f in form %} diff --git a/device/views.py b/device/views.py index c7e2e53..439fcd9 100644 --- a/device/views.py +++ b/device/views.py @@ -1,7 +1,8 @@ import json +from django.http import Http404 from django.urls import reverse_lazy -from django.shortcuts import get_object_or_404 +from django.shortcuts import get_object_or_404, Http404 from django.utils.translation import gettext_lazy as _ from django.views.generic.edit import ( CreateView, @@ -9,9 +10,8 @@ from django.views.generic.edit import ( FormView, ) from django.views.generic.base import TemplateView -from dashboard.mixins import DashboardView +from dashboard.mixins import DashboardView, Http403 from evidence.models import Annotation -from evidence.xapian import search from lot.models import LotTag from device.models import Device from device.forms import DeviceFormSet @@ -21,7 +21,7 @@ class NewDeviceView(DashboardView, FormView): template_name = "new_device.html" title = _("New Device") breadcrumb = "Device / New Device" - success_url = reverse_lazy('device:add') + success_url = reverse_lazy('dashboard:unassigned_devices') form_class = DeviceFormSet def form_valid(self, form): @@ -72,7 +72,11 @@ class EditDeviceView(DashboardView, UpdateView): def get_form_kwargs(self): pk = self.kwargs.get('pk') - self.object = get_object_or_404(self.model, pk=pk) + self.object = get_object_or_404( + self.model, + pk=pk, + owner=self.request.user.institution + ) self.success_url = reverse_lazy('device:details', args=[pk]) kwargs = super().get_form_kwargs() return kwargs @@ -87,6 +91,11 @@ class DetailsView(DashboardView, TemplateView): def get(self, request, *args, **kwargs): self.pk = kwargs['pk'] self.object = Device(id=self.pk) + if not self.object.last_evidence: + raise Http404 + if self.object.owner != self.request.user.institution: + raise Http403 + return super().get(request, *args, **kwargs) def get_context_data(self, **kwargs): @@ -134,6 +143,7 @@ class AddAnnotationView(DashboardView, CreateView): def form_valid(self, form): form.instance.owner = self.request.user.institution + form.instance.user = self.request.user form.instance.uuid = self.annotation.uuid form.instance.type = Annotation.Type.USER response = super().form_valid(form) @@ -143,10 +153,14 @@ class AddAnnotationView(DashboardView, CreateView): pk = self.kwargs.get('pk') institution = self.request.user.institution self.annotation = Annotation.objects.filter( - owner=institution, value=pk, type=Annotation.Type.SYSTEM + owner=institution, + value=pk, + type=Annotation.Type.SYSTEM ).first() + if not self.annotation: - get_object_or_404(Annotation, pk=0, owner=institution) + raise Http404 + self.success_url = reverse_lazy('device:details', args=[pk]) kwargs = super().get_form_kwargs() return kwargs @@ -162,6 +176,7 @@ class AddDocumentView(DashboardView, CreateView): def form_valid(self, form): form.instance.owner = self.request.user.institution + form.instance.user = self.request.user form.instance.uuid = self.annotation.uuid form.instance.type = Annotation.Type.DOCUMENT response = super().form_valid(form) @@ -171,10 +186,14 @@ class AddDocumentView(DashboardView, CreateView): pk = self.kwargs.get('pk') institution = self.request.user.institution self.annotation = Annotation.objects.filter( - owner=institution, value=pk, type=Annotation.Type.SYSTEM + owner=institution, + value=pk, + type=Annotation.Type.SYSTEM ).first() + if not self.annotation: - get_object_or_404(Annotation, pk=0, owner=institution) + raise Http404 + self.success_url = reverse_lazy('device:details', args=[pk]) kwargs = super().get_form_kwargs() return kwargs diff --git a/dhub/settings.py b/dhub/settings.py index 3770353..3b48d2c 100644 --- a/dhub/settings.py +++ b/dhub/settings.py @@ -27,15 +27,46 @@ BASE_DIR = Path(__file__).resolve().parent.parent SECRET_KEY = "django-insecure-1p8rs@qf$$l^!vsbetagojw23kw@1ez(qi8^(s0t!wyh!l3" # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = config('DEBUG', default=False, cast=bool) -ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='[]', cast=Csv()) +DOMAIN = config("DOMAIN") +assert DOMAIN not in [None, ''], "DOMAIN var is MANDATORY" +# this var is very important, we print it +print("DOMAIN: " + DOMAIN) + +ALLOWED_HOSTS = config('ALLOWED_HOSTS', default=DOMAIN, cast=Csv()) +assert DOMAIN in ALLOWED_HOSTS, "DOMAIN is not ALLOWED_HOST" + +CSRF_TRUSTED_ORIGINS = config('CSRF_TRUSTED_ORIGINS', default=f'https://{DOMAIN}', cast=Csv()) + + +INITIAL_ADMIN_EMAIL = config("INITIAL_ADMIN_EMAIL", default='admin@example.org') +INITIAL_ADMIN_PASSWORD = config("INITIAL_ADMIN_PASSWORD", default='1234') + +DEFAULT_FROM_EMAIL = config( + 'DEFAULT_FROM_EMAIL', default='webmaster@localhost') + +EMAIL_HOST = config('EMAIL_HOST', default='localhost') + +EMAIL_HOST_USER = config('EMAIL_HOST_USER', default='') + +EMAIL_HOST_PASSWORD = config('EMAIL_HOST_PASSWORD', default='') + +EMAIL_PORT = config('EMAIL_PORT', default=25, cast=int) + +EMAIL_USE_TLS = config('EMAIL_USE_TLS', default=False, cast=bool) + +EMAIL_BACKEND = config('EMAIL_BACKEND', default='django.core.mail.backends.smtp.EmailBackend') + +EMAIL_FILE_PATH = config('EMAIL_FILE_PATH', default='/tmp/app-messages') + +ENABLE_EMAIL = config("ENABLE_EMAIL", default=True, cast=bool) # Application definition INSTALLED_APPS = [ - "django.contrib.admin", + # "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", @@ -54,6 +85,7 @@ INSTALLED_APPS = [ "lot", "documents", "dashboard", + "admin", "api", ] diff --git a/dhub/urls.py b/dhub/urls.py index 9bbd687..fba9bd3 100644 --- a/dhub/urls.py +++ b/dhub/urls.py @@ -23,6 +23,8 @@ urlpatterns = [ path("dashboard/", include("dashboard.urls")), path("evidence/", include("evidence.urls")), path("device/", include("device.urls")), + path("admin/", include("admin.urls")), + path("user/", include("user.urls")), path("lot/", include("lot.urls")), path('api/', include('api.urls')), ] diff --git a/docker-compose.yml b/docker-compose.yml index a106f6e..ee59640 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,8 @@ services: dockerfile: docker/devicehub-django.Dockerfile environment: - DEBUG=true - - ALLOWED_HOSTS=* + - DOMAIN=${DOMAIN:-localhost} + - DEMO=${DEMO:-n} volumes: - .:/opt/devicehub-django ports: diff --git a/docker-reset.sh b/docker-reset.sh index 9264b93..cdbb971 100755 --- a/docker-reset.sh +++ b/docker-reset.sh @@ -9,11 +9,14 @@ set -u set -x main() { + if [ "${DETACH:-}" ]; then + detach_arg='-d' + fi # remove old database sudo rm -vf db/* - docker compose down + docker compose down -v docker compose build - docker compose up + docker compose up ${detach_arg:-} } main "${@}" diff --git a/docker/devicehub-django.Dockerfile b/docker/devicehub-django.Dockerfile index 2f734b4..fadc751 100644 --- a/docker/devicehub-django.Dockerfile +++ b/docker/devicehub-django.Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.11.7-slim-bookworm +FROM python:3.11.10-slim-bookworm # last line is dependencies for weasyprint (for generating pdfs in lafede pilot) https://doc.courtbouillon.org/weasyprint/stable/first_steps.html#debian-11 RUN apt update && \ @@ -22,7 +22,8 @@ compile = no no-cache-dir = True END -RUN pip install --upgrade pip +# upgrade pip, which might fail on lxc, then remove the "corrupted file" +RUN python -m pip install --upgrade pip || (rm -rf /usr/local/lib/python3.11/site-packages/pip-*.dist-info && python -m pip install --upgrade pip) COPY ./requirements.txt /opt/devicehub-django RUN pip install -r requirements.txt diff --git a/docker/devicehub-django.entrypoint.sh b/docker/devicehub-django.entrypoint.sh index 68e3760..920cdf0 100644 --- a/docker/devicehub-django.entrypoint.sh +++ b/docker/devicehub-django.entrypoint.sh @@ -21,21 +21,28 @@ deploy() { # inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc echo "INFO detected NEW deployment" ./manage.py migrate - ./manage.py add_institution example-org + INIT_ORG="${INIT_ORG:-example-org}" + INIT_USER="${INIT_USER:-user@example.org}" + INIT_PASSWD="${INIT_PASSWD:-1234}" + ./manage.py add_institution "${INIT_ORG}" # TODO: one error on add_user, and you don't add user anymore - ./manage.py add_user example-org user@example.org 1234 + ./manage.py add_user "${INIT_ORG}" "${INIT_USER}" "${INIT_PASSWD}" + + if [ "${DEMO:-}" ]; then + ./manage.py up_snapshots example/snapshots/ "${INIT_USER}" + fi fi } runserver() { PORT="${PORT:-8000}" - if [ "${DEBUG:-}" = "true" ]; then + if [ "${DEBUG:-}" ]; then ./manage.py runserver 0.0.0.0:${PORT} else # TODO #./manage.py collectstatic true - if [ "${EXPERIMENTAL:-}" = "true" ]; then + if [ "${EXPERIMENTAL:-}" ]; then # TODO # reloading on source code changing is a debugging future, maybe better then use debug # src https://stackoverflow.com/questions/12773763/gunicorn-autoreload-on-source-change/24893069#24893069 diff --git a/docs/es/manual.md b/docs/es/manual.md new file mode 100644 index 0000000..d8e3685 --- /dev/null +++ b/docs/es/manual.md @@ -0,0 +1,18 @@ +# Evidencias + +## Placeholder +Introducción de evidencias a través de formulario web. + +La *clave* representa el tipo de detalle que se quiere registrar y el *valor* representa lo que se quiere registrar. Véase la siguiente tabla con ejemplos. + +| Clave | Valor | +|-------------------------------|---------------------| +| marca | Lenovo | +| Tarjeta de red | RealTech 1000 | +| Pantalla | Samsung | +| Dimensiones de pantalla | 15' | +| Detalles visuales de pantalla | Rota por un lateral | + +## Snapshots + +Introducción de evidencias a través de programa [workbench-script](https://farga.pangea.org/ereuse/workbench-script) diff --git a/docs/es/modelo-datos.md b/docs/es/modelo-datos.md new file mode 100644 index 0000000..bb2cb22 --- /dev/null +++ b/docs/es/modelo-datos.md @@ -0,0 +1,80 @@ +Modelo de datos *abstracto* de devicehub que ayuda a tener una idea de cómo funciona + +Recordad que por ser este un proyecto de django, se puede obtener de forma automatizada un diagrama de datos con el comando `graph_models` (más adelante vemos de documentar mejor cómo generarlo) + +```mermaid +erDiagram + + %% los snapshots/placeholders son ficheros de FS inmutables, se insertan en xapian + %% y via su uuid se anotan + %% placeholders también se pueden firmar (como un spnashot, otra fuente) + EVIDENCE { + json obj "its uuid is the PK" + } + + USER { + int id PK + string personal-data-etc + } + + %% includes the relevant CHID with algorithm for the device build + EVIDENCE_ANNOTATION { + int id PK + uuid uuid "ref evidence (snapshot,placeholder)" + string key + string value + int type "0: sys_deviceid, 1: usr_deviceid, 2: user" + ts created + int owner FK + } + + ALGORITHM { + string algorithm + } + + %% todas las anotaciones que tienen CHID + %% y su key es un algoritmo de los que tenemos + + %% un device es una evaluación + + DEVICE { + string CHID + } + + DEVICE_ANNOTATION { + string CHID FK + string key + string value + uuid uuid "from last snapshot" + } + + LOT { + int id PK + string name + string code "id alt legacy" + string description + bool closed + int owner FK + ts created + ts updated + + } + + LOT_ANNOTATION { + string id FK + string key + string value + } + + SNAPSHOT ||--|| EVIDENCE: "via workbench" + PLACEHOLDER ||--|| EVIDENCE: "via webform" + + EVIDENCE ||--|{ EVIDENCE_ANNOTATION: "are interpreted" + USER ||--|{ EVIDENCE_ANNOTATION: "manually entered" + ALGORITHM ||--|{ EVIDENCE_ANNOTATION: "automatically entered" + EVIDENCE_ANNOTATION }|--|{ DEVICE: "aggregates" + DEVICE }|--|{ LOT: "aggregates" + + DEVICE ||--|| DEVICE_ANNOTATION: "enriches data" + LOT ||--|| LOT_ANNOTATION: "enriches data" +``` diff --git a/evidence/forms.py b/evidence/forms.py index d392f6e..db98f2d 100644 --- a/evidence/forms.py +++ b/evidence/forms.py @@ -55,16 +55,20 @@ class UserTagForm(forms.Form): tag = forms.CharField(label=_("Tag")) def __init__(self, *args, **kwargs): + self.pk = None self.uuid = kwargs.pop('uuid', None) - annotation = Annotation.objects.filter( + self.user = kwargs.pop('user') + instance = Annotation.objects.filter( uuid=self.uuid, type=Annotation.Type.SYSTEM, key='CUSTOM_ID', + owner=self.user.institution ).first() - - if annotation: - kwargs['initial'].update({'tag': annotation.value}) - + + if instance: + kwargs["initial"]["tag"] = instance.value + self.pk = instance.pk + super().__init__(*args, **kwargs) def clean(self): @@ -72,18 +76,33 @@ class UserTagForm(forms.Form): if not data: return False self.tag = data + self.instance = Annotation.objects.filter( + uuid=self.uuid, + type=Annotation.Type.SYSTEM, + key='CUSTOM_ID', + owner=self.user.institution + ).first() + return True def save(self, user, commit=True): if not commit: return + if self.instance: + if not self.tag: + self.instance.delete() + self.instance.value = self.tag + self.instance.save() + return + Annotation.objects.create( uuid=self.uuid, - owner=user.institution, type=Annotation.Type.SYSTEM, key='CUSTOM_ID', - value=self.tag + value=self.tag, + owner=self.user.institution, + user=self.user ) @@ -112,12 +131,12 @@ class ImportForm(forms.Form): for n in data_pd.keys(): if 'type' not in [x.lower() for x in data_pd[n]]: raise ValidationError("You need a column with name 'type'") - + for k, v in data_pd[n].items(): if k.lower() == "type": if v not in Device.Types.values: raise ValidationError("{} is not a valid device".format(v)) - + self.rows.append(data_pd[n]) return data @@ -133,7 +152,7 @@ class ImportForm(forms.Form): if commit: for doc, cred in table: cred.save() - create_index(doc) + create_index(doc, self.user) return table return diff --git a/evidence/migrations/0001_initial.py b/evidence/migrations/0001_initial.py index 8b86718..9ffbf31 100644 --- a/evidence/migrations/0001_initial.py +++ b/evidence/migrations/0001_initial.py @@ -1,4 +1,4 @@ -# Generated by Django 5.0.6 on 2024-07-27 16:23 +# Generated by Django 5.0.6 on 2024-10-10 09:46 import django.db.models.deletion from django.conf import settings @@ -10,6 +10,7 @@ class Migration(migrations.Migration): initial = True dependencies = [ + ("user", "0001_initial"), migrations.swappable_dependency(settings.AUTH_USER_MODEL), ] @@ -30,7 +31,9 @@ class Migration(migrations.Migration): ("uuid", models.UUIDField()), ( "type", - models.SmallIntegerField(choices=[(0, "System"), (1, "User")]), + models.SmallIntegerField( + choices=[(0, "System"), (1, "User"), (2, "Document")] + ), ), ("key", models.CharField(max_length=256)), ("value", models.CharField(max_length=256)), @@ -38,6 +41,15 @@ class Migration(migrations.Migration): "owner", models.ForeignKey( on_delete=django.db.models.deletion.CASCADE, + to="user.institution", + ), + ), + ( + "user", + models.ForeignKey( + blank=True, + null=True, + on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL, ), ), diff --git a/evidence/migrations/0002_alter_annotation_type.py b/evidence/migrations/0002_alter_annotation_type.py deleted file mode 100644 index df63e61..0000000 --- a/evidence/migrations/0002_alter_annotation_type.py +++ /dev/null @@ -1,20 +0,0 @@ -# Generated by Django 5.0.6 on 2024-07-29 14:58 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ("evidence", "0001_initial"), - ] - - operations = [ - migrations.AlterField( - model_name="annotation", - name="type", - field=models.SmallIntegerField( - choices=[(0, "System"), (1, "User"), (2, "Document"), (3, "Action")] - ), - ), - ] diff --git a/evidence/migrations/0003_alter_annotation_type.py b/evidence/migrations/0003_alter_annotation_type.py deleted file mode 100644 index 4d18482..0000000 --- a/evidence/migrations/0003_alter_annotation_type.py +++ /dev/null @@ -1,20 +0,0 @@ -# Generated by Django 5.0.6 on 2024-07-29 15:37 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ("evidence", "0002_alter_annotation_type"), - ] - - operations = [ - migrations.AlterField( - model_name="annotation", - name="type", - field=models.SmallIntegerField( - choices=[(0, "System"), (1, "User"), (2, "Document")] - ), - ), - ] diff --git a/evidence/migrations/0004_alter_annotation_owner.py b/evidence/migrations/0004_alter_annotation_owner.py deleted file mode 100644 index 26c9bda..0000000 --- a/evidence/migrations/0004_alter_annotation_owner.py +++ /dev/null @@ -1,22 +0,0 @@ -# Generated by Django 5.0.6 on 2024-09-18 10:55 - -import django.db.models.deletion -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ("evidence", "0003_alter_annotation_type"), - ("user", "0001_initial"), - ] - - operations = [ - migrations.AlterField( - model_name="annotation", - name="owner", - field=models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to="user.institution" - ), - ), - ] diff --git a/evidence/models.py b/evidence/models.py index 30625aa..667945f 100644 --- a/evidence/models.py +++ b/evidence/models.py @@ -5,7 +5,8 @@ from django.db import models from utils.constants import STR_SM_SIZE, STR_EXTEND_SIZE, CHASSIS_DH from evidence.xapian import search -from user.models import Institution +from evidence.parse_details import ParseSnapshot +from user.models import User, Institution class Annotation(models.Model): @@ -17,6 +18,7 @@ class Annotation(models.Model): created = models.DateTimeField(auto_now_add=True) uuid = models.UUIDField() owner = models.ForeignKey(Institution, on_delete=models.CASCADE) + user = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True) type = models.SmallIntegerField(choices=Type) key = models.CharField(max_length=STR_EXTEND_SIZE) value = models.CharField(max_length=STR_EXTEND_SIZE) @@ -35,6 +37,8 @@ class Evidence: self.created = None self.dmi = None self.annotations = [] + self.components = [] + self.default = "n/a" self.get_owner() self.get_time() @@ -53,19 +57,20 @@ class Evidence: def get_doc(self): self.doc = {} + if not self.owner: + self.get_owner() qry = 'uuid:"{}"'.format(self.uuid) - matches = search(qry, limit=1) + matches = search(self.owner, qry, limit=1) if matches.size() < 0: return for xa in matches: self.doc = json.loads(xa.document.get_data()) - + if self.doc.get("software") == "EreuseWorkbench": dmidecode_raw = self.doc["data"]["dmidecode"] self.dmi = DMIParse(dmidecode_raw) - def get_time(self): if not self.doc: self.get_doc() @@ -74,38 +79,55 @@ class Evidence: if not self.created: self.created = self.annotations.last().created - def components(self): - return self.doc.get('components', []) + def get_components(self): + if self.doc.get("software") != "EreuseWorkbench": + return self.doc.get('components', []) + self.set_components() + return self.components def get_manufacturer(self): + if self.doc.get("type") == "WebSnapshot": + kv = self.doc.get('kv', {}) + if len(kv) < 1: + return "" + return list(self.doc.get('kv').values())[0] + if self.doc.get("software") != "EreuseWorkbench": return self.doc['device']['manufacturer'] - + return self.dmi.manufacturer().strip() - + def get_model(self): + if self.doc.get("type") == "WebSnapshot": + kv = self.doc.get('kv', {}) + if len(kv) < 2: + return "" + return list(self.doc.get('kv').values())[1] + if self.doc.get("software") != "EreuseWorkbench": return self.doc['device']['model'] - + return self.dmi.model().strip() def get_chassis(self): if self.doc.get("software") != "EreuseWorkbench": return self.doc['device']['model'] - - chassis = self.dmi.get("Chassis")[0].get("Type", '_virtual') + + chassis = self.dmi.get("Chassis")[0].get("Type", '_virtual') lower_type = chassis.lower() - + for k, v in CHASSIS_DH.items(): if lower_type in v: return k return "" - - @classmethod def get_all(cls, user): return Annotation.objects.filter( owner=user.institution, type=Annotation.Type.SYSTEM, ).order_by("-created").values_list("uuid", flat=True).distinct() + + def set_components(self): + snapshot = ParseSnapshot(self.doc).snapshot_json + self.components = snapshot['components'] diff --git a/evidence/parse.py b/evidence/parse.py index 2306ac4..fa0903c 100644 --- a/evidence/parse.py +++ b/evidence/parse.py @@ -5,13 +5,13 @@ import hashlib from datetime import datetime from dmidecode import DMIParse -from evidence.xapian import search, index -from evidence.models import Evidence, Annotation +from evidence.models import Annotation +from evidence.xapian import index from utils.constants import ALGOS, CHASSIS_DH def get_network_cards(child, nets): - if child['id'] == 'network': + if child['id'] == 'network' and "PCI:" in child.get("businfo"): nets.append(child) if child.get('children'): [get_network_cards(x, nets) for x in child['children']] @@ -19,8 +19,12 @@ def get_network_cards(child, nets): def get_mac(lshw): nets = [] + try: + get_network_cards(json.loads(lshw), nets) + except Exception as ss: + print("WARNING!! {}".format(ss)) + return - get_network_cards(json.loads(lshw), nets) nets_sorted = sorted(nets, key=lambda x: x['businfo']) # This funcion get the network card integrated in motherboard # integrate = [x for x in nets if "pci@0000:00:" in x.get('businfo', '')] @@ -45,7 +49,7 @@ class Build: def index(self): snap = json.dumps(self.json) - index(self.uuid, snap) + index(self.user.institution, self.uuid, snap) def generate_chids(self): self.algorithms = { @@ -72,6 +76,7 @@ class Build: Annotation.objects.create( uuid=self.uuid, owner=self.user.institution, + user=self.user, type=Annotation.Type.SYSTEM, key=k, value=v diff --git a/evidence/parse_details.py b/evidence/parse_details.py new file mode 100644 index 0000000..8465403 --- /dev/null +++ b/evidence/parse_details.py @@ -0,0 +1,493 @@ +import json +import numpy as np + +from datetime import datetime +from dmidecode import DMIParse +from utils.constants import CHASSIS_DH, DATASTORAGEINTERFACE + + +def get_lshw_child(child, nets, component): + if child.get('id') == component: + nets.append(child) + if child.get('children'): + [get_lshw_child(x, nets, component) for x in child['children']] + + +class ParseSnapshot: + def __init__(self, snapshot, default="n/a"): + self.default = default + self.dmidecode_raw = snapshot["data"].get("dmidecode", "{}") + self.smart_raw = snapshot["data"].get("disks", []) + self.hwinfo_raw = snapshot["data"].get("hwinfo", "") + self.lshw_raw = snapshot["data"].get("lshw", {}) or {} + self.lscpi_raw = snapshot["data"].get("lspci", "") + self.device = {"actions": []} + self.components = [] + self.monitors = [] + + self.dmi = DMIParse(self.dmidecode_raw) + self.smart = self.loads(self.smart_raw) + self.lshw = self.loads(self.lshw_raw) + self.hwinfo = self.parse_hwinfo() + + self.set_computer() + self.get_hwinfo_monitors() + self.set_components() + self.snapshot_json = { + "type": "Snapshot", + "device": self.device, + "software": snapshot["software"], + "components": self.components, + "uuid": snapshot['uuid'], + "version": snapshot['version'], + "endTime": snapshot["timestamp"], + "elapsed": 1, + } + + def set_computer(self): + self.device['manufacturer'] = self.dmi.manufacturer().strip() + self.device['model'] = self.dmi.model().strip() + self.device['serialNumber'] = self.dmi.serial_number() + self.device['type'] = self.get_type() + self.device['sku'] = self.get_sku() + self.device['version'] = self.get_version() + self.device['system_uuid'] = self.get_uuid() + self.device['family'] = self.get_family() + self.device['chassis'] = self.get_chassis_dh() + + def set_components(self): + self.get_cpu() + self.get_ram() + self.get_mother_board() + self.get_graphic() + self.get_data_storage() + self.get_display() + self.get_sound_card() + self.get_networks() + + def get_cpu(self): + for cpu in self.dmi.get('Processor'): + serial = cpu.get('Serial Number') + if serial == 'Not Specified' or not serial: + serial = cpu.get('ID').replace(' ', '') + self.components.append( + { + "actions": [], + "type": "Processor", + "speed": self.get_cpu_speed(cpu), + "cores": int(cpu.get('Core Count', 1)), + "model": cpu.get('Version'), + "threads": int(cpu.get('Thread Count', 1)), + "manufacturer": cpu.get('Manufacturer'), + "serialNumber": serial, + "brand": cpu.get('Family'), + "address": self.get_cpu_address(cpu), + "bogomips": self.get_bogomips(), + } + ) + + def get_ram(self): + for ram in self.dmi.get("Memory Device"): + if ram.get('size') == 'No Module Installed': + continue + if not ram.get("Speed"): + continue + + self.components.append( + { + "actions": [], + "type": "RamModule", + "size": self.get_ram_size(ram), + "speed": self.get_ram_speed(ram), + "manufacturer": ram.get("Manufacturer", self.default), + "serialNumber": ram.get("Serial Number", self.default), + "interface": ram.get("Type", "DDR"), + "format": ram.get("Form Factor", "DIMM"), + "model": ram.get("Part Number", self.default), + } + ) + + def get_mother_board(self): + for moder_board in self.dmi.get("Baseboard"): + self.components.append( + { + "actions": [], + "type": "Motherboard", + "version": moder_board.get("Version"), + "serialNumber": moder_board.get("Serial Number", "").strip(), + "manufacturer": moder_board.get("Manufacturer", "").strip(), + "biosDate": self.get_bios_date(), + "ramMaxSize": self.get_max_ram_size(), + "ramSlots": len(self.dmi.get("Memory Device")), + "slots": self.get_ram_slots(), + "model": moder_board.get("Product Name", "").strip(), + "firewire": self.get_firmware_num(), + "pcmcia": self.get_pcmcia_num(), + "serial": self.get_serial_num(), + "usb": self.get_usb_num(), + } + ) + + def get_graphic(self): + displays = [] + get_lshw_child(self.lshw, displays, 'display') + + for c in displays: + if not c['configuration'].get('driver', None): + continue + + self.components.append( + { + "actions": [], + "type": "GraphicCard", + "memory": self.get_memory_video(c), + "manufacturer": c.get("vendor", self.default), + "model": c.get("product", self.default), + "serialNumber": c.get("serial", self.default), + } + ) + + def get_memory_video(self, c): + # get info of lspci + # pci_id = c['businfo'].split('@')[1] + # lspci.get(pci_id) | grep size + # lspci -v -s 00:02.0 + return None + + def get_data_storage(self): + for sm in self.smart: + if sm.get('smartctl', {}).get('exit_status') == 1: + continue + model = sm.get('model_name') + manufacturer = None + if model and len(model.split(" ")) > 1: + mm = model.split(" ") + model = mm[-1] + manufacturer = " ".join(mm[:-1]) + + self.components.append( + { + "actions": self.sanitize(sm), + "type": self.get_data_storage_type(sm), + "model": model, + "manufacturer": manufacturer, + "serialNumber": sm.get('serial_number'), + "size": self.get_data_storage_size(sm), + "variant": sm.get("firmware_version"), + "interface": self.get_data_storage_interface(sm), + } + ) + + def sanitize(self, action): + return [] + + def get_bogomips(self): + if not self.hwinfo: + return self.default + + bogomips = 0 + for row in self.hwinfo: + for cel in row: + if 'BogoMips' in cel: + try: + bogomips += float(cel.split(":")[-1]) + except: + pass + return bogomips + + def get_networks(self): + networks = [] + get_lshw_child(self.lshw, networks, 'network') + + for c in networks: + capacity = c.get('capacity') + wireless = bool(c.get('configuration', {}).get('wireless', False)) + self.components.append( + { + "actions": [], + "type": "NetworkAdapter", + "model": c.get('product'), + "manufacturer": c.get('vendor'), + "serialNumber": c.get('serial'), + "speed": capacity, + "variant": c.get('version', 1), + "wireless": wireless or False, + "integrated": "PCI:0000:00" in c.get("businfo", ""), + } + ) + + def get_sound_card(self): + multimedias = [] + get_lshw_child(self.lshw, multimedias, 'multimedia') + + for c in multimedias: + self.components.append( + { + "actions": [], + "type": "SoundCard", + "model": c.get('product'), + "manufacturer": c.get('vendor'), + "serialNumber": c.get('serial'), + } + ) + + def get_display(self): # noqa: C901 + TECHS = 'CRT', 'TFT', 'LED', 'PDP', 'LCD', 'OLED', 'AMOLED' + + for c in self.monitors: + resolution_width, resolution_height = (None,) * 2 + refresh, serial, model, manufacturer, size = (None,) * 5 + year, week, production_date = (None,) * 3 + + for x in c: + if "Vendor: " in x: + manufacturer = x.split('Vendor: ')[-1].strip() + if "Model: " in x: + model = x.split('Model: ')[-1].strip() + if "Serial ID: " in x: + serial = x.split('Serial ID: ')[-1].strip() + if " Resolution: " in x: + rs = x.split(' Resolution: ')[-1].strip() + if 'x' in rs: + resolution_width, resolution_height = [ + int(r) for r in rs.split('x') + ] + if "Frequencies: " in x: + try: + refresh = int(float(x.split(',')[-1].strip()[:-3])) + except Exception: + pass + if 'Year of Manufacture' in x: + year = x.split(': ')[1] + + if 'Week of Manufacture' in x: + week = x.split(': ')[1] + + if "Size: " in x: + size = self.get_size_monitor(x) + technology = next((t for t in TECHS if t in c[0]), None) + + if year and week: + d = '{} {} 0'.format(year, week) + production_date = datetime.strptime(d, '%Y %W %w').isoformat() + + self.components.append( + { + "actions": [], + "type": "Display", + "model": model, + "manufacturer": manufacturer, + "serialNumber": serial, + 'size': size, + 'resolutionWidth': resolution_width, + 'resolutionHeight': resolution_height, + "productionDate": production_date, + 'technology': technology, + 'refreshRate': refresh, + } + ) + + def get_hwinfo_monitors(self): + for c in self.hwinfo: + monitor = None + external = None + for x in c: + if 'Hardware Class: monitor' in x: + monitor = c + if 'Driver Info' in x: + external = c + + if monitor and not external: + self.monitors.append(c) + + def get_size_monitor(self, x): + i = 1 / 25.4 + t = x.split('Size: ')[-1].strip() + tt = t.split('mm') + if not tt: + return 0 + sizes = tt[0].strip() + if 'x' not in sizes: + return 0 + w, h = [int(x) for x in sizes.split('x')] + return "{:.2f}".format(np.sqrt(w**2 + h**2) * i) + + def get_cpu_address(self, cpu): + default = 64 + for ch in self.lshw.get('children', []): + for c in ch.get('children', []): + if c['class'] == 'processor': + return c.get('width', default) + return default + + def get_usb_num(self): + return len( + [ + u + for u in self.dmi.get("Port Connector") + if "USB" in u.get("Port Type", "").upper() + ] + ) + + def get_serial_num(self): + return len( + [ + u + for u in self.dmi.get("Port Connector") + if "SERIAL" in u.get("Port Type", "").upper() + ] + ) + + def get_firmware_num(self): + return len( + [ + u + for u in self.dmi.get("Port Connector") + if "FIRMWARE" in u.get("Port Type", "").upper() + ] + ) + + def get_pcmcia_num(self): + return len( + [ + u + for u in self.dmi.get("Port Connector") + if "PCMCIA" in u.get("Port Type", "").upper() + ] + ) + + def get_bios_date(self): + return self.dmi.get("BIOS")[0].get("Release Date", self.default) + + def get_firmware(self): + return self.dmi.get("BIOS")[0].get("Firmware Revision", '1') + + def get_max_ram_size(self): + size = 0 + for slot in self.dmi.get("Physical Memory Array"): + capacity = slot.get("Maximum Capacity", '0').split(" ")[0] + size += int(capacity) + + return size + + def get_ram_slots(self): + slots = 0 + for x in self.dmi.get("Physical Memory Array"): + slots += int(x.get("Number Of Devices", 0)) + return slots + + def get_ram_size(self, ram): + memory = ram.get("Size", "0") + return memory + + def get_ram_speed(self, ram): + size = ram.get("Speed", "0") + return size + + def get_cpu_speed(self, cpu): + speed = cpu.get('Max Speed', "0") + return speed + + def get_sku(self): + return self.dmi.get("System")[0].get("SKU Number", self.default).strip() + + def get_version(self): + return self.dmi.get("System")[0].get("Version", self.default).strip() + + def get_uuid(self): + return self.dmi.get("System")[0].get("UUID", '').strip() + + def get_family(self): + return self.dmi.get("System")[0].get("Family", '') + + def get_chassis(self): + return self.dmi.get("Chassis")[0].get("Type", '_virtual') + + def get_type(self): + chassis_type = self.get_chassis() + return self.translation_to_devicehub(chassis_type) + + def translation_to_devicehub(self, original_type): + lower_type = original_type.lower() + CHASSIS_TYPE = { + 'Desktop': [ + 'desktop', + 'low-profile', + 'tower', + 'docking', + 'all-in-one', + 'pizzabox', + 'mini-tower', + 'space-saving', + 'lunchbox', + 'mini', + 'stick', + ], + 'Laptop': [ + 'portable', + 'laptop', + 'convertible', + 'tablet', + 'detachable', + 'notebook', + 'handheld', + 'sub-notebook', + ], + 'Server': ['server'], + 'Computer': ['_virtual'], + } + for k, v in CHASSIS_TYPE.items(): + if lower_type in v: + return k + return self.default + + def get_chassis_dh(self): + chassis = self.get_chassis() + lower_type = chassis.lower() + for k, v in CHASSIS_DH.items(): + if lower_type in v: + return k + return self.default + + def get_data_storage_type(self, x): + # TODO @cayop add more SSDS types + SSDS = ["nvme"] + SSD = 'SolidStateDrive' + HDD = 'HardDrive' + type_dev = x.get('device', {}).get('type') + trim = x.get('trim', {}).get("supported") in [True, "true"] + return SSD if type_dev in SSDS or trim else HDD + + def get_data_storage_interface(self, x): + interface = x.get('device', {}).get('protocol', 'ATA') + if interface.upper() in DATASTORAGEINTERFACE: + return interface.upper() + + txt = "Sid: {}, interface {} is not in DataStorageInterface Enum".format( + self.sid, interface + ) + self.errors("{}".format(err)) + + def get_data_storage_size(self, x): + return x.get('user_capacity', {}).get('bytes') + + def parse_hwinfo(self): + hw_blocks = self.hwinfo_raw.split("\n\n") + return [x.split("\n") for x in hw_blocks] + + def loads(self, x): + if isinstance(x, str): + try: + return json.loads(x) + except Exception as ss: + print("WARNING!! {}".format(ss)) + return {} + return x + + def errors(self, txt=None): + if not txt: + return self._errors + + logger.error(txt) + self._errors.append(txt) + diff --git a/evidence/templates/ev_details.html b/evidence/templates/ev_details.html index 4c3fdbf..94c3058 100644 --- a/evidence/templates/ev_details.html +++ b/evidence/templates/ev_details.html @@ -66,8 +66,17 @@ {% endif %} {% bootstrap_form form %}
- {% translate "Cancel" %} - +
+
+ {% translate "Cancel" %} + +
+ {% if form.tag.value %} +
+ {% translate "Delete" %} +
+ {% endif %} +
diff --git a/evidence/urls.py b/evidence/urls.py index d4dff01..87ccdd5 100644 --- a/evidence/urls.py +++ b/evidence/urls.py @@ -19,4 +19,5 @@ urlpatterns = [ path("import", views.ImportView.as_view(), name="import"), path("", views.EvidenceView.as_view(), name="details"), path("/download", views.DownloadEvidenceView.as_view(), name="download"), + path('annotation//del', views.AnnotationDeleteView.as_view(), name='delete_annotation'), ] diff --git a/evidence/views.py b/evidence/views.py index d98bddb..81ff767 100644 --- a/evidence/views.py +++ b/evidence/views.py @@ -1,15 +1,19 @@ import json +from urllib.parse import urlparse from django.http import HttpResponse from django.utils.translation import gettext_lazy as _ +from django.shortcuts import get_object_or_404, redirect, Http404 from django.views.generic.base import TemplateView -from django.urls import reverse_lazy +from django.urls import reverse_lazy, resolve from django.views.generic.edit import ( + DeleteView, FormView, ) + from dashboard.mixins import DashboardView, Http403 -from evidence.models import Evidence +from evidence.models import Evidence, Annotation from evidence.forms import UploadForm, UserTagForm, ImportForm # from django.shortcuts import render # from rest_framework import viewsets @@ -106,6 +110,7 @@ class EvidenceView(DashboardView, FormView): self.pk = self.kwargs.get('pk') kwargs = super().get_form_kwargs() kwargs['uuid'] = self.pk + kwargs['user'] = self.request.user return kwargs def form_valid(self, form): @@ -135,3 +140,30 @@ class DownloadEvidenceView(DashboardView, TemplateView): response = HttpResponse(data, content_type="application/json") response['Content-Disposition'] = 'attachment; filename={}'.format("credential.json") return response + + +class AnnotationDeleteView(DashboardView, DeleteView): + model = Annotation + + def get(self, request, *args, **kwargs): + self.pk = kwargs['pk'] + + try: + referer = self.request.META["HTTP_REFERER"] + path_referer = urlparse(referer).path + resolver_match = resolve(path_referer) + url_name = resolver_match.view_name + kwargs_view = resolver_match.kwargs + except: + # if is not possible resolve the reference path return 404 + raise Http404 + + self.object = get_object_or_404( + self.model, + pk=self.pk, + owner=self.request.user.institution + ) + self.object.delete() + + + return redirect(url_name, **kwargs_view) diff --git a/evidence/xapian.py b/evidence/xapian.py index e38a8ab..3c0361c 100644 --- a/evidence/xapian.py +++ b/evidence/xapian.py @@ -10,7 +10,7 @@ import xapian # indexer.set_stemmer(stemmer) -def search(qs, offset=0, limit=10): +def search(institution, qs, offset=0, limit=10): database = xapian.Database("db") qp = xapian.QueryParser() @@ -18,18 +18,21 @@ def search(qs, offset=0, limit=10): qp.set_stemmer(xapian.Stem("english")) qp.set_stemming_strategy(xapian.QueryParser.STEM_SOME) qp.add_prefix("uuid", "uuid") - # qp.add_prefix("snapshot", "snapshot") query = qp.parse_query(qs) + institution_term = "U{}".format(institution.id) + final_query = xapian.Query( + xapian.Query.OP_AND, query, xapian.Query(institution_term) + ) enquire = xapian.Enquire(database) - enquire.set_query(query) + enquire.set_query(final_query) matches = enquire.get_mset(offset, limit) return matches -def index(uuid, snap): +def index(institution, uuid, snap): uuid = 'uuid:"{}"'.format(uuid) try: - matches = search(uuid, limit=1) + matches = search(institution, uuid, limit=1) if matches.size() > 0: return except (xapian.DatabaseNotFoundError, xapian.DatabaseOpeningError): @@ -47,5 +50,7 @@ def index(uuid, snap): indexer.index_text(snap) indexer.index_text(uuid, 10, "uuid") # indexer.index_text(snap, 1, "snapshot") + institution_term = "U{}".format(institution.id) + doc.add_term(institution_term) database.add_document(doc) diff --git a/login/templates/2fadmin.html b/login/templates/2fadmin.html index e96d1b7..1e9c128 100644 --- a/login/templates/2fadmin.html +++ b/login/templates/2fadmin.html @@ -1,4 +1,4 @@ -{% extends "auth/login_base.html" %} +{% extends "login_base.html" %} {% load i18n django_bootstrap5 %} {% block login_content %} diff --git a/login/templates/activate_user_email.html b/login/templates/activate_user_email.html new file mode 100644 index 0000000..20aa2a6 --- /dev/null +++ b/login/templates/activate_user_email.html @@ -0,0 +1,31 @@ +{% load i18n %}{% autoescape off %} +{% trans "DeviceHub" as site %} +

+ {% blocktrans %}You're receiving this email because your user account at {{site}} has been activated.{% endblocktrans %} +

+ +

+{% trans "Your username is:" %} {{ user.username }} +

+ +

+{% trans "Please go to the following page and choose a password:" %} +

+ +

+{% block reset_link %} + +{{ protocol }}://{{ domain }}{% url 'login:password_reset_confirm' uidb64=uid token=token %} + +{% endblock %} +

+ +

+{% trans "Thanks for using our site!" %} +

+ +

+{% blocktrans %}The {{site}} team{% endblocktrans %} +

+ +{% endautoescape %} diff --git a/login/templates/activate_user_email.txt b/login/templates/activate_user_email.txt new file mode 100644 index 0000000..2c4ff0c --- /dev/null +++ b/login/templates/activate_user_email.txt @@ -0,0 +1,19 @@ +{% load i18n %}{% autoescape off %} + +{% trans "DeviceHub" as site %} + +{% blocktrans %}You're receiving this email because your user account at {{site}} has been activated.{% endblocktrans %} + +{% trans "Your username is:" %} {{ user.username }} + +{% trans "Please go to the following page and choose a password:" %} +{% block reset_link %} +{{ protocol }}://{{ domain }}{% url 'login:password_reset_confirm' uidb64=uid token=token %} +{% endblock %} + + +{% trans "Thanks for using our site!" %} + +{% blocktrans %}The {{site}} team{% endblocktrans %} + +{% endautoescape %} diff --git a/login/templates/activate_user_subject.txt b/login/templates/activate_user_subject.txt new file mode 100644 index 0000000..d28a515 --- /dev/null +++ b/login/templates/activate_user_subject.txt @@ -0,0 +1,4 @@ +{% load i18n %}{% autoescape off %} +{% trans "IdHub" as site %} +{% blocktrans %}User activation on {{site}}{% endblocktrans %} +{% endautoescape %} diff --git a/login/templates/password_reset_confirm.html b/login/templates/password_reset_confirm.html index 30b103e..edb1834 100644 --- a/login/templates/password_reset_confirm.html +++ b/login/templates/password_reset_confirm.html @@ -1,4 +1,4 @@ -{% extends "auth/login_base.html" %} +{% extends "login_base.html" %} {% load i18n django_bootstrap5 %} {% block login_content %} diff --git a/login/templates/password_reset_done.html b/login/templates/password_reset_done.html index 1b18de7..93e9cff 100644 --- a/login/templates/password_reset_done.html +++ b/login/templates/password_reset_done.html @@ -1,4 +1,4 @@ -{% extends "auth/login_base.html" %} +{% extends "login_base.html" %} {% load i18n %} {% block login_content %} diff --git a/login/templates/password_reset_email.html b/login/templates/password_reset_email.html index 062025a..903cc2e 100644 --- a/login/templates/password_reset_email.html +++ b/login/templates/password_reset_email.html @@ -9,8 +9,8 @@

{% block reset_link %} - -{{ protocol }}://{{ domain }}{% url 'idhub:password_reset_confirm' uidb64=uid token=token %} + +{{ protocol }}://{{ domain }}{% url 'login:password_reset_confirm' uidb64=uid token=token %} {% endblock %}

diff --git a/login/templates/password_reset_email.txt b/login/templates/password_reset_email.txt index a4313fe..8dbf945 100644 --- a/login/templates/password_reset_email.txt +++ b/login/templates/password_reset_email.txt @@ -3,7 +3,7 @@ {% trans "Please go to the following page and choose a new password:" %} {% block reset_link %} -{{ protocol }}://{{ domain }}{% url 'idhub:password_reset_confirm' uidb64=uid token=token %} +{{ protocol }}://{{ domain }}{% url 'login:password_reset_confirm' uidb64=uid token=token %} {% endblock %} {% trans "Your username, in case you've forgotten:" %} {{ user.username }} diff --git a/login/views.py b/login/views.py index 7cd9156..5bf48a3 100644 --- a/login/views.py +++ b/login/views.py @@ -65,8 +65,10 @@ class PasswordResetView(auth_views.PasswordResetView): success_url = reverse_lazy('login:password_reset_done') def form_valid(self, form): + import pdb; pdb.set_trace() try: - return super().form_valid(form) + response = super().form_valid(form) + return response except Exception as err: logger.error(err) return HttpResponseRedirect(self.success_url) diff --git a/lot/migrations/0001_initial.py b/lot/migrations/0001_initial.py index 28b3e8e..04afd88 100644 --- a/lot/migrations/0001_initial.py +++ b/lot/migrations/0001_initial.py @@ -1,4 +1,4 @@ -# Generated by Django 5.0.6 on 2024-07-27 16:23 +# Generated by Django 5.0.6 on 2024-10-10 10:35 import django.db.models.deletion from django.conf import settings @@ -10,6 +10,7 @@ class Migration(migrations.Migration): initial = True dependencies = [ + ("user", "0001_initial"), migrations.swappable_dependency(settings.AUTH_USER_MODEL), ] @@ -36,6 +37,15 @@ class Migration(migrations.Migration): "owner", models.ForeignKey( on_delete=django.db.models.deletion.CASCADE, + to="user.institution", + ), + ), + ( + "user", + models.ForeignKey( + blank=True, + null=True, + on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL, ), ), @@ -62,6 +72,51 @@ class Migration(migrations.Migration): ), ], ), + migrations.CreateModel( + name="LotAnnotation", + fields=[ + ( + "id", + models.BigAutoField( + auto_created=True, + primary_key=True, + serialize=False, + verbose_name="ID", + ), + ), + ("created", models.DateTimeField(auto_now_add=True)), + ( + "type", + models.SmallIntegerField( + choices=[(0, "System"), (1, "User"), (2, "Document")] + ), + ), + ("key", models.CharField(max_length=256)), + ("value", models.CharField(max_length=256)), + ( + "lot", + models.ForeignKey( + on_delete=django.db.models.deletion.CASCADE, to="lot.lot" + ), + ), + ( + "owner", + models.ForeignKey( + on_delete=django.db.models.deletion.CASCADE, + to="user.institution", + ), + ), + ( + "user", + models.ForeignKey( + blank=True, + null=True, + on_delete=django.db.models.deletion.SET_NULL, + to=settings.AUTH_USER_MODEL, + ), + ), + ], + ), migrations.CreateModel( name="LotTag", fields=[ @@ -79,6 +134,15 @@ class Migration(migrations.Migration): "owner", models.ForeignKey( on_delete=django.db.models.deletion.CASCADE, + to="user.institution", + ), + ), + ( + "user", + models.ForeignKey( + blank=True, + null=True, + on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL, ), ), diff --git a/lot/migrations/0002_lotannotation.py b/lot/migrations/0002_lotannotation.py deleted file mode 100644 index aca7de1..0000000 --- a/lot/migrations/0002_lotannotation.py +++ /dev/null @@ -1,52 +0,0 @@ -# Generated by Django 5.0.6 on 2024-07-29 15:37 - -import django.db.models.deletion -from django.conf import settings -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ("lot", "0001_initial"), - migrations.swappable_dependency(settings.AUTH_USER_MODEL), - ] - - operations = [ - migrations.CreateModel( - name="LotAnnotation", - fields=[ - ( - "id", - models.BigAutoField( - auto_created=True, - primary_key=True, - serialize=False, - verbose_name="ID", - ), - ), - ("created", models.DateTimeField(auto_now_add=True)), - ( - "type", - models.SmallIntegerField( - choices=[(0, "System"), (1, "User"), (2, "Document")] - ), - ), - ("key", models.CharField(max_length=256)), - ("value", models.CharField(max_length=256)), - ( - "lot", - models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to="lot.lot" - ), - ), - ( - "owner", - models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, - to=settings.AUTH_USER_MODEL, - ), - ), - ], - ), - ] diff --git a/lot/migrations/0003_alter_lot_owner_alter_lotannotation_owner_and_more.py b/lot/migrations/0003_alter_lot_owner_alter_lotannotation_owner_and_more.py deleted file mode 100644 index 806c6f1..0000000 --- a/lot/migrations/0003_alter_lot_owner_alter_lotannotation_owner_and_more.py +++ /dev/null @@ -1,36 +0,0 @@ -# Generated by Django 5.0.6 on 2024-09-18 10:55 - -import django.db.models.deletion -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ("lot", "0002_lotannotation"), - ("user", "0001_initial"), - ] - - operations = [ - migrations.AlterField( - model_name="lot", - name="owner", - field=models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to="user.institution" - ), - ), - migrations.AlterField( - model_name="lotannotation", - name="owner", - field=models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to="user.institution" - ), - ), - migrations.AlterField( - model_name="lottag", - name="owner", - field=models.ForeignKey( - on_delete=django.db.models.deletion.CASCADE, to="user.institution" - ), - ), - ] diff --git a/lot/models.py b/lot/models.py index 3926f29..764e134 100644 --- a/lot/models.py +++ b/lot/models.py @@ -6,7 +6,7 @@ from utils.constants import ( STR_EXTEND_SIZE, ) -from user.models import Institution +from user.models import User, Institution # from device.models import Device # from evidence.models import Annotation @@ -14,6 +14,7 @@ from user.models import Institution class LotTag(models.Model): name = models.CharField(max_length=STR_SIZE, blank=False, null=False) owner = models.ForeignKey(Institution, on_delete=models.CASCADE) + user = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True) def __str__(self): return self.name @@ -32,6 +33,7 @@ class Lot(models.Model): description = models.CharField(max_length=STR_SIZE, blank=True, null=True) closed = models.BooleanField(default=True) owner = models.ForeignKey(Institution, on_delete=models.CASCADE) + user = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True) type = models.ForeignKey(LotTag, on_delete=models.CASCADE) def add(self, v): @@ -53,6 +55,7 @@ class LotAnnotation(models.Model): created = models.DateTimeField(auto_now_add=True) lot = models.ForeignKey(Lot, on_delete=models.CASCADE) owner = models.ForeignKey(Institution, on_delete=models.CASCADE) + user = models.ForeignKey(User, on_delete=models.SET_NULL, null=True, blank=True) type = models.SmallIntegerField(choices=Type) key = models.CharField(max_length=STR_EXTEND_SIZE) value = models.CharField(max_length=STR_EXTEND_SIZE) diff --git a/lot/templates/list_lots.html b/lot/templates/list_lots.html index d11fb3c..4024387 100644 --- a/lot/templates/list_lots.html +++ b/lot/templates/list_lots.html @@ -26,7 +26,7 @@ {% endfor %} {% endfor %} - + {% endblock %} diff --git a/lot/views.py b/lot/views.py index 46252c8..e9bb081 100644 --- a/lot/views.py +++ b/lot/views.py @@ -29,6 +29,7 @@ class NewLotView(DashboardView, CreateView): def form_valid(self, form): form.instance.owner = self.request.user.institution + form.instance.user = self.request.user response = super().form_valid(form) return response @@ -68,7 +69,11 @@ class EditLotView(DashboardView, UpdateView): def get_form_kwargs(self): pk = self.kwargs.get('pk') - self.object = get_object_or_404(self.model, pk=pk) + self.object = get_object_or_404( + self.model, + owner=self.request.user.institution, + pk=pk, + ) # self.success_url = reverse_lazy('dashbiard:lot', args=[pk]) kwargs = super().get_form_kwargs() return kwargs @@ -145,6 +150,7 @@ class LotAddDocumentView(DashboardView, CreateView): def form_valid(self, form): form.instance.owner = self.request.user.institution + form.instance.user = self.request.user form.instance.lot = self.lot form.instance.type = LotAnnotation.Type.DOCUMENT response = super().form_valid(form) @@ -214,6 +220,7 @@ class LotAddAnnotationView(DashboardView, CreateView): def form_valid(self, form): form.instance.owner = self.request.user.institution + form.instance.user = self.request.user form.instance.lot = self.lot form.instance.type = LotAnnotation.Type.USER response = super().form_valid(form) diff --git a/prevision.txt b/prevision.txt deleted file mode 100644 index b1ad84d..0000000 --- a/prevision.txt +++ /dev/null @@ -1,23 +0,0 @@ -4 login -8 device models -4 inventory template -4 upload snapshots -16 parse snapshots -16 build devices -8 action models -8 view actions -8 lot models -16 view lots -8 edit device -16 documents -8 tag -8 print label -4 server erase -4 profile -8 erase views -8 erase certificate -4 inventory snapshots -8 search -join split devices - -168 horas => 21 dias diff --git a/requirements.txt b/requirements.txt index 217d120..1576d4f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,3 +10,4 @@ pandas==2.2.2 xlrd==2.0.1 odfpy==1.4.1 pytz==2024.2 + diff --git a/reset.sh b/reset.sh index 7e0d236..8ee970b 100644 --- a/reset.sh +++ b/reset.sh @@ -1,5 +1,5 @@ rm db/* python3 manage.py migrate python3 manage.py add_institution Pangea -python3 manage.py add_user Pangea user@example.org 1234 +python3 manage.py add_user Pangea user@example.org 1234 True python3 manage.py up_snapshots example/snapshots/ user@example.org diff --git a/user/forms.py b/user/forms.py new file mode 100644 index 0000000..ec3f17f --- /dev/null +++ b/user/forms.py @@ -0,0 +1,20 @@ +from django import forms + + +class SettingsForm(forms.Form): + token = forms.ChoiceField( + choices = [] + ) + erasure = forms.ChoiceField( + choices = [(0, 'Not erasure'), + ('basic', 'Erasure Basic'), + ('baseline', 'Erasure Baseline'), + ('enhanced', 'Erasure Enhanced'), + ], + ) + + def __init__(self, *args, **kwargs): + tokens = kwargs.pop('tokens') + super().__init__(*args, **kwargs) + tk = [(str(x.token), x.tag) for x in tokens] + self.fields['token'].choices = tk diff --git a/user/management/commands/add_user.py b/user/management/commands/add_user.py index 499adfa..60f3dd2 100644 --- a/user/management/commands/add_user.py +++ b/user/management/commands/add_user.py @@ -1,6 +1,9 @@ +from uuid import uuid4 + from django.core.management.base import BaseCommand from django.contrib.auth import get_user_model from user.models import Institution +from api.models import Token User = get_user_model() @@ -13,18 +16,24 @@ class Command(BaseCommand): parser.add_argument('institution', type=str, help='institution') parser.add_argument('email', type=str, help='email') parser.add_argument('password', type=str, help='password') + parser.add_argument('is_admin', nargs='?', default=False, type=str, help='is admin') def handle(self, *args, **kwargs): - self.email = kwargs['email'] - self.password = kwargs['password'] - self.institution = Institution.objects.get(name=kwargs['institution']) - self.create_user() + email = kwargs['email'] + password = kwargs['password'] + is_admin = kwargs['is_admin'] + institution = Institution.objects.get(name=kwargs['institution']) + self.create_user(institution, email, password, is_admin) - def create_user(self): + def create_user(self, institution, email, password, is_admin): self.u = User.objects.create( - institution=self.institution, - email=self.email, - password=self.password + institution=institution, + email=email, + password=password, + is_admin=is_admin, ) - self.u.set_password(self.password) + self.u.set_password(password) self.u.save() + token = uuid4() + Token.objects.create(token=token, owner=self.u) + print(f"TOKEN: {token}") diff --git a/user/templates/panel.html b/user/templates/panel.html new file mode 100644 index 0000000..8686062 --- /dev/null +++ b/user/templates/panel.html @@ -0,0 +1,27 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ {{ user.email }} +
+
+ +
+
+ + {% translate 'Admin your Tokens' %} + +
+
+ + {% translate 'Download a settings file' %} + +
+
+ +{% endblock %} diff --git a/user/templates/settings.html b/user/templates/settings.html new file mode 100644 index 0000000..cf93776 --- /dev/null +++ b/user/templates/settings.html @@ -0,0 +1,32 @@ +{% extends "base.html" %} +{% load i18n %} + +{% block content %} +
+
+

{{ subtitle }}

+
+
+ +{% load django_bootstrap5 %} +
+{% csrf_token %} +{% if form.errors %} + +{% endif %} +{% bootstrap_form form %} +
+ {% translate "Cancel" %} + +
+ +
+{% endblock %} diff --git a/user/templates/settings.ini b/user/templates/settings.ini new file mode 100644 index 0000000..217e993 --- /dev/null +++ b/user/templates/settings.ini @@ -0,0 +1,6 @@ +[settings] +url = {{ url }} +token = {{ token }} +erase = {{ erasure }} +legacy = false +# path = /path/to/save \ No newline at end of file diff --git a/user/templates/settings_legacy.ini b/user/templates/settings_legacy.ini new file mode 100644 index 0000000..6407090 --- /dev/null +++ b/user/templates/settings_legacy.ini @@ -0,0 +1,6 @@ +[settings] +url = {{ url }} +token = {{ token }} +legacy = true +# erase = {{ erasure }} +# path = /path/to/save \ No newline at end of file diff --git a/user/urls.py b/user/urls.py new file mode 100644 index 0000000..f9e6246 --- /dev/null +++ b/user/urls.py @@ -0,0 +1,9 @@ +from django.urls import path +from user import views + +app_name = 'user' + +urlpatterns = [ + path("panel/", views.PanelView.as_view(), name="panel"), + path("settings/", views.SettingsView.as_view(), name="settings"), +] diff --git a/user/views.py b/user/views.py index e7f3289..23ebb27 100644 --- a/user/views.py +++ b/user/views.py @@ -1,6 +1,50 @@ +from decouple import config +from django.urls import reverse, reverse_lazy +from django.http import HttpResponse from django.shortcuts import render from django.utils.translation import gettext_lazy as _ -from dashboard.mixins import InventaryMixin, DetailsMixin +from django.views.generic.base import TemplateView +from dashboard.mixins import DashboardView +from django.views.generic.edit import ( + FormView, +) + +from user.forms import SettingsForm +from api.models import Token +class PanelView(DashboardView, TemplateView): + template_name = "panel.html" + title = _("User") + breadcrumb = "User / Panel" + subtitle = "User panel" + + +class SettingsView(DashboardView, FormView): + template_name = "settings.html" + title = _("Download Settings") + breadcrumb = "user / workbench / settings" + form_class = SettingsForm + + def form_valid(self, form): + cleaned_data = form.cleaned_data.copy() + settings_tmpl = "settings.ini" + path = reverse("api:new_snapshot") + cleaned_data['url'] = self.request.build_absolute_uri(path) + + if config("LEGACY", False): + cleaned_data['token'] = config.get('TOKEN_LEGACY', '') + cleaned_data['url'] = config.get('URL_LEGACY', '') + settings_tmpl = "settings_legacy.ini" + + data = render(self.request, settings_tmpl, cleaned_data) + response = HttpResponse(data.content, content_type="application/text") + response['Content-Disposition'] = 'attachment; filename={}'.format("settings.ini") + return response + + def get_form_kwargs(self): + tokens = Token.objects.filter(owner=self.request.user) + kwargs = super().get_form_kwargs() + kwargs['tokens'] = tokens + return kwargs diff --git a/utils/constants.py b/utils/constants.py index e481d6c..bc43922 100644 --- a/utils/constants.py +++ b/utils/constants.py @@ -38,3 +38,11 @@ CHASSIS_DH = { 'Tablet': {'tablet'}, 'Virtual': {'_virtual'}, } + + +DATASTORAGEINTERFACE = [ + 'ATA', + 'USB', + 'PCI', + 'NVME', +] diff --git a/utils/device.py b/utils/device.py index db9f0ce..a358266 100644 --- a/utils/device.py +++ b/utils/device.py @@ -70,6 +70,7 @@ def create_annotation(doc, user, commit=False): data = { 'uuid': doc['uuid'], 'owner': user.institution, + 'user': user, 'type': Annotation.Type.SYSTEM, 'key': 'CUSTOMER_ID', 'value': doc['CUSTOMER_ID'], @@ -80,10 +81,10 @@ def create_annotation(doc, user, commit=False): return Annotation(**data) -def create_index(doc): +def create_index(doc, user): if not doc or not doc.get('uuid'): return [] _uuid = doc['uuid'] ev = json.dumps(doc) - index(_uuid, ev) + index(user.institution, _uuid, ev)