'
- url = reverse('admin:users_user_%s_change' % role.name, args=(user.pk,))
- false = '
'
- return '%s' % (url, false)
- has_role.short_description = _("Has %s") % role.name
- has_role.admin_order_field = role.name
- has_role.allow_tags = True
- roles.append(has_role)
- return list(self.list_display) + roles + ['account_link']
-
- def get_list_filter(self, request):
- roles = [ role_list_filter_factory(role) for role in self.roles ]
- return list(self.list_filter) + roles
-
- def change_view(self, request, object_id, **kwargs):
- user = self.get_object(User, unquote(object_id))
- extra_context = kwargs.get('extra_context', {})
- extra_context['roles'] = [ role(user=user) for role in self.roles ]
- kwargs['extra_context'] = extra_context
- return super(UserAdmin, self).change_view(request, object_id, **kwargs)
-
- def get_queryset(self, request):
- """ Select related for performance """
- related = ['account__user'] + [ role.name for role in self.roles ]
- return super(UserAdmin, self).get_queryset(request).select_related(*related)
-
-
-admin.site.register(User, UserAdmin)
diff --git a/orchestra/apps/users/api.py b/orchestra/apps/users/api.py
deleted file mode 100644
index dda373e5..00000000
--- a/orchestra/apps/users/api.py
+++ /dev/null
@@ -1,20 +0,0 @@
-from django.contrib.auth import get_user_model
-from rest_framework import viewsets
-
-from orchestra.api import router, SetPasswordApiMixin
-from orchestra.apps.accounts.api import AccountApiMixin
-
-from .serializers import UserSerializer
-
-
-class UserViewSet(AccountApiMixin, SetPasswordApiMixin, viewsets.ModelViewSet):
- model = get_user_model()
- serializer_class = UserSerializer
-
- def get_queryset(self):
- """ select related roles """
- qs = super(UserViewSet, self).get_queryset()
- return qs.select_related(*self.inserted)
-
-
-router.register(r'users', UserViewSet)
diff --git a/orchestra/apps/users/backends.py b/orchestra/apps/users/backends.py
deleted file mode 100644
index 1af71f40..00000000
--- a/orchestra/apps/users/backends.py
+++ /dev/null
@@ -1,123 +0,0 @@
-import textwrap
-
-from django.utils import timezone
-from django.utils.translation import ugettext_lazy as _
-
-from orchestra.apps.orchestration import ServiceController
-from orchestra.apps.resources import ServiceMonitor
-
-from . import settings
-
-
-class SystemUserBackend(ServiceController):
- verbose_name = _("System User")
- model = 'users.User'
- ignore_fields = ['last_login']
-
- def save(self, user):
- context = self.get_context(user)
- if user.is_main:
- self.append(textwrap.dedent("""
- if [[ $( id %(username)s ) ]]; then
- usermod --password '%(password)s' %(username)s
- else
- useradd %(username)s --password '%(password)s' \\
- --shell /bin/false
- fi
- mkdir -p %(home)s
- chown %(username)s.%(username)s %(home)s""" % context
- ))
- else:
- self.delete(user)
-
- def delete(self, user):
- context = self.get_context(user)
- self.append("{ sleep 2 && killall -u %(username)s -s KILL; } &" % context)
- self.append("killall -u %(username)s" % context)
- self.append("userdel %(username)s" % context)
-
- def get_context(self, user):
- context = {
- 'username': user.username,
- 'password': user.password if user.is_active else '*%s' % user.password,
- }
- context['home'] = settings.USERS_SYSTEMUSER_HOME % context
- return context
-
-
-class SystemUserDisk(ServiceMonitor):
- model = 'users.User'
- resource = ServiceMonitor.DISK
- verbose_name = _('System user disk')
-
- def monitor(self, user):
- context = self.get_context(user)
- self.append("du -s %(home)s | xargs echo %(object_id)s" % context)
-
- def get_context(self, user):
- context = SystemUserBackend().get_context(user)
- context['object_id'] = user.pk
- return context
-
-
-class FTPTraffic(ServiceMonitor):
- model = 'users.User'
- resource = ServiceMonitor.TRAFFIC
- verbose_name = _('FTP traffic')
-
- def prepare(self):
- current_date = timezone.localtime(self.current_date)
- current_date = current_date.strftime("%Y%m%d%H%M%S")
- self.append(textwrap.dedent("""
- function monitor () {
- OBJECT_ID=$1
- INI_DATE=$2
- USERNAME="$3"
- LOG_FILE="$4"
- grep "UPLOAD\|DOWNLOAD" "${LOG_FILE}" \\
- | grep " \\[${USERNAME}\\] " \\
- | awk -v ini="${INI_DATE}" '
- BEGIN {
- end = "%s"
- sum = 0
- months["Jan"] = "01"
- months["Feb"] = "02"
- months["Mar"] = "03"
- months["Apr"] = "04"
- months["May"] = "05"
- months["Jun"] = "06"
- months["Jul"] = "07"
- months["Aug"] = "08"
- months["Sep"] = "09"
- months["Oct"] = "10"
- months["Nov"] = "11"
- months["Dec"] = "12"
- } {
- # log: Fri Jul 11 13:23:17 2014
- split($4, t, ":")
- # line_date = year month day hour minute second
- line_date = $5 months[$2] $3 t[1] t[2] t[3]
- if ( line_date > ini && line_date < end)
- split($0, l, "\\", ")
- split(l[3], b, " ")
- sum += b[1]
- } END {
- print sum
- }
- ' | xargs echo ${OBJECT_ID}
- }""" % current_date))
-
- def monitor(self, user):
- context = self.get_context(user)
- self.append(
- 'monitor %(object_id)i %(last_date)s "%(username)s" "%(log_file)s"' % context)
-
- def get_context(self, user):
- last_date = timezone.localtime(self.get_last_date(user.pk))
- return {
- 'log_file': settings.USERS_FTP_LOG_PATH,
- 'last_date': last_date.strftime("%Y%m%d%H%M%S"),
- 'object_id': user.pk,
- 'username': user.username,
- }
-
diff --git a/orchestra/apps/users/forms.py b/orchestra/apps/users/forms.py
deleted file mode 100644
index 42c52ac5..00000000
--- a/orchestra/apps/users/forms.py
+++ /dev/null
@@ -1,49 +0,0 @@
-from django import forms
-from django.contrib import auth
-from django.utils.translation import ugettext, ugettext_lazy as _
-
-from orchestra.core.validators import validate_password
-
-from .models import User
-
-
-class UserCreationForm(auth.forms.UserCreationForm):
- class Meta(auth.forms.UserCreationForm.Meta):
- model = User
-
- def __init__(self, *args, **kwargs):
- super(UserCreationForm, self).__init__(*args, **kwargs)
- self.fields['password1'].validators.append(validate_password)
-
- def clean_username(self):
- # Since User.username is unique, this check is redundant,
- # but it sets a nicer error message than the ORM. See #13147.
- username = self.cleaned_data["username"]
- try:
- User._default_manager.get(username=username)
- except User.DoesNotExist:
- return username
- raise forms.ValidationError(self.error_messages['duplicate_username'])
-
-
-class UserChangeForm(forms.ModelForm):
- password = auth.forms.ReadOnlyPasswordHashField(label=_("Password"),
- help_text=_("Raw passwords are not stored, so there is no way to see "
- "this user's password, but you can change the password "
- "using this form."))
-
- class Meta:
- model = User
- fields = '__all__'
-
- def __init__(self, *args, **kwargs):
- super(UserChangeForm, self).__init__(*args, **kwargs)
- f = self.fields.get('user_permissions', None)
- if f is not None:
- f.queryset = f.queryset.select_related('content_type')
-
- def clean_password(self):
- # Regardless of what the user provides, return the initial value.
- # This is done here, rather than on the field, because the
- # field does not have access to the initial value
- return self.initial["password"]
diff --git a/orchestra/apps/users/models.py b/orchestra/apps/users/models.py
deleted file mode 100644
index b91b72aa..00000000
--- a/orchestra/apps/users/models.py
+++ /dev/null
@@ -1,92 +0,0 @@
-from django.contrib.auth import models as auth
-from django.core import validators
-from django.core.mail import send_mail
-from django.db import models
-from django.utils import timezone
-from django.utils.translation import ugettext_lazy as _
-
-from orchestra.core import services
-
-
-class User(auth.AbstractBaseUser):
- username = models.CharField(_("username"), max_length=64, unique=True,
- help_text=_("Required. 30 characters or fewer. Letters, digits and "
- "./-/_ only."),
- validators=[validators.RegexValidator(r'^[\w.-]+$',
- _("Enter a valid username."), 'invalid')])
- account = models.ForeignKey('accounts.Account', verbose_name=_("Account"),
- related_name='users')
- first_name = models.CharField(_("first name"), max_length=30, blank=True)
- last_name = models.CharField(_("last name"), max_length=30, blank=True)
- email = models.EmailField(_('email address'), blank=True)
- is_superuser = models.BooleanField(_("superuser status"), default=False,
- help_text=_("Designates that this user has all permissions without "
- "explicitly assigning them."))
- is_staff = models.BooleanField(_("staff status"), default=False,
- help_text=_("Designates whether the user can log into this admin "
- "site."))
- is_admin = models.BooleanField(_("admin status"), default=False,
- help_text=_("Designates whether the user can administrate its account."))
- is_active = models.BooleanField(_("active"), default=True,
- help_text=_("Designates whether this user should be treated as "
- "active. Unselect this instead of deleting accounts."))
- date_joined = models.DateTimeField(_("date joined"), default=timezone.now)
-
- objects = auth.UserManager()
-
- USERNAME_FIELD = 'username'
- REQUIRED_FIELDS = ['email']
-
- @property
- def is_main(self):
- return self.account.user == self
-
- def get_full_name(self):
- full_name = '%s %s' % (self.first_name, self.last_name)
- return full_name.strip() or self.username
-
- def get_short_name(self):
- """ Returns the short name for the user """
- return self.first_name
-
- def email_user(self, subject, message, from_email=None, **kwargs):
- """ Sends an email to this User """
- send_mail(subject, message, from_email, [self.email], **kwargs)
-
- def has_perm(self, perm, obj=None):
- """
- Returns True if the user has the specified permission. This method
- queries all available auth backends, but returns immediately if any
- backend returns True. Thus, a user who has permission from a single
- auth backend is assumed to have permission in general. If an object is
- provided, permissions for this specific object are checked.
- """
- # Active superusers have all permissions.
- if self.is_active and self.is_superuser:
- return True
- # Otherwise we need to check the backends.
- return auth._user_has_perm(self, perm, obj)
-
- def has_perms(self, perm_list, obj=None):
- """
- Returns True if the user has each of the specified permissions. If
- object is passed, it checks if the user has all required perms for this
- object.
- """
- for perm in perm_list:
- if not self.has_perm(perm, obj):
- return False
- return True
-
- def has_module_perms(self, app_label):
- """
- Returns True if the user has any permissions in the given app label.
- Uses pretty much the same logic as has_perm, above.
- """
- # Active superusers have all permissions.
- if self.is_active and self.is_superuser:
- return True
- return auth._user_has_module_perms(self, app_label)
-
-
-services.register(User, menu=False)
diff --git a/orchestra/apps/users/roles/__init__.py b/orchestra/apps/users/roles/__init__.py
deleted file mode 100644
index 62b9ee6f..00000000
--- a/orchestra/apps/users/roles/__init__.py
+++ /dev/null
@@ -1,27 +0,0 @@
-from ..models import User
-
-
-class Register(object):
- def __init__(self):
- self._registry = {}
-
- def __contains__(self, key):
- return key in self._registry
-
- def register(self, name, model):
- if name in self._registry:
- raise KeyError("%s already registered" % name)
- def has_role(user, model=model):
- try:
- getattr(user, name)
- except model.DoesNotExist:
- return False
- return True
- setattr(User, 'has_%s' % name, has_role)
- self._registry[name] = model
-
- def get(self):
- return self._registry
-
-
-roles = Register()
diff --git a/orchestra/apps/users/roles/admin.py b/orchestra/apps/users/roles/admin.py
deleted file mode 100644
index 0432a682..00000000
--- a/orchestra/apps/users/roles/admin.py
+++ /dev/null
@@ -1,145 +0,0 @@
-from django.contrib import messages
-from django.contrib.admin.util import unquote, get_deleted_objects
-from django.contrib.admin.templatetags.admin_urls import add_preserved_filters
-from django.db import router
-from django.http import Http404, HttpResponseRedirect
-from django.template.response import TemplateResponse
-from django.shortcuts import redirect
-from django.utils.encoding import force_text
-from django.utils.html import escape
-from django.utils.translation import ugettext, ugettext_lazy as _
-
-from orchestra.admin.utils import get_modeladmin, change_url
-
-from .forms import role_form_factory
-from ..models import User
-
-
-class RoleAdmin(object):
- model = None
- name = ''
- url_name = ''
- form = None
-
- def __init__(self, user=None):
- self.user = user
-
- @property
- def exists(self):
- try:
- return getattr(self.user, self.name)
- except self.model.DoesNotExist:
- return False
-
- def get_user(self, request, object_id):
- try:
- user = User.objects.get(pk=unquote(object_id))
- except User.DoesNotExist:
- opts = self.model._meta
- raise Http404(
- _('%(name)s object with primary key %(key)r does not exist.') %
- {'name': force_text(opts.verbose_name), 'key': escape(object_id)}
- )
- return user
-
- def change_view(self, request, object_id):
- modeladmin = get_modeladmin(User)
- user = self.get_user(request, object_id)
- self.user = user
- obj = None
- exists = self.exists
- if exists:
- obj = getattr(user, self.name)
- form_class = self.form if self.form else role_form_factory(self)
- form = form_class(instance=obj)
- opts = User._meta
- app_label = opts.app_label
- title = _("Add %s for user %s" % (self.name, user))
- action = _("Create")
- # User has submitted the form
- if request.method == 'POST':
- form = form_class(request.POST, instance=obj)
- form.user = user
- if form.is_valid():
- obj = form.save()
- context = {
- 'name': obj._meta.verbose_name,
- 'obj': obj,
- 'action': _("saved" if exists else "created")
- }
- modeladmin.log_change(request, request.user, "%s saved" % self.name.capitalize())
- msg = _('The role %(name)s for user "%(obj)s" was %(action)s successfully.') % context
- modeladmin.message_user(request, msg, messages.SUCCESS)
- if not "_continue" in request.POST:
- return redirect(change_url(user))
- exists = True
-
- if exists:
- title = _("Change %s %s settings" % (user, self.name))
- action = _("Save")
- form = form_class(instance=obj)
-
- context = {
- 'title': title,
- 'opts': opts,
- 'app_label': app_label,
- 'form': form,
- 'action': action,
- 'role': self,
- 'roles': [ role(user=user) for role in modeladmin.roles ],
- 'media': modeladmin.media
- }
-
- template = 'admin/users/user/role.html'
- app = modeladmin.admin_site.name
- return TemplateResponse(request, template, context, current_app=app)
-
- def delete_view(self, request, object_id):
- "The 'delete' admin view for this model."
- opts = self.model._meta
- app_label = opts.app_label
- modeladmin = get_modeladmin(User)
- user = self.get_user(request, object_id)
- obj = getattr(user, self.name)
-
- using = router.db_for_write(self.model)
-
- # Populate deleted_objects, a data structure of all related objects that
- # will also be deleted.
- (deleted_objects, perms_needed, protected) = get_deleted_objects(
- [obj], opts, request.user, modeladmin.admin_site, using)
-
- if request.POST: # The user has already confirmed the deletion.
- if perms_needed:
- raise PermissionDenied
- obj_display = force_text(obj)
- modeladmin.log_deletion(request, obj, obj_display)
- modeladmin.delete_model(request, obj)
- post_url = change_url(user)
- preserved_filters = modeladmin.get_preserved_filters(request)
- post_url = add_preserved_filters(
- {'preserved_filters': preserved_filters, 'opts': opts}, post_url
- )
- return HttpResponseRedirect(post_url)
-
- object_name = force_text(opts.verbose_name)
-
- if perms_needed or protected:
- title = _("Cannot delete %(name)s") % {"name": object_name}
- else:
- title = _("Are you sure?")
-
- context = {
- "title": title,
- "object_name": object_name,
- "object": obj,
- "deleted_objects": deleted_objects,
- "perms_lacking": perms_needed,
- "protected": protected,
- "opts": opts,
- "app_label": app_label,
- 'preserved_filters': modeladmin.get_preserved_filters(request),
- 'role': self,
- }
- return TemplateResponse(request, 'admin/users/user/delete_role.html',
- context, current_app=modeladmin.admin_site.name)
diff --git a/orchestra/apps/users/roles/filters.py b/orchestra/apps/users/roles/filters.py
deleted file mode 100644
index 7bac9a3b..00000000
--- a/orchestra/apps/users/roles/filters.py
+++ /dev/null
@@ -1,23 +0,0 @@
-from django.contrib.admin import SimpleListFilter
-from django.utils.translation import ugettext_lazy as _
-
-
-def role_list_filter_factory(role):
- class RoleListFilter(SimpleListFilter):
- """ Filter Nodes by group according to request.user """
- title = _("has %s" % role.name)
- parameter_name = role.url_name
-
- def lookups(self, request, model_admin):
- return (
- ('True', _("Yes")),
- ('False', _("No")),
- )
-
- def queryset(self, request, queryset):
- if self.value() == 'True':
- return queryset.filter(**{ '%s__isnull' % role.name: False })
- if self.value() == 'False':
- return queryset.filter(**{ '%s__isnull' % role.name: True })
-
- return RoleListFilter
diff --git a/orchestra/apps/users/roles/forms.py b/orchestra/apps/users/roles/forms.py
deleted file mode 100644
index decc6610..00000000
--- a/orchestra/apps/users/roles/forms.py
+++ /dev/null
@@ -1,17 +0,0 @@
-from django import forms
-
-
-class RoleAdminBaseForm(forms.ModelForm):
- class Meta:
- exclude = ('user', )
-
- def save(self, *args, **kwargs):
- self.instance.user = self.user
- return super(RoleAdminBaseForm, self).save(*args, **kwargs)
-
-
-def role_form_factory(role):
- class RoleAdminForm(RoleAdminBaseForm):
- class Meta(RoleAdminBaseForm.Meta):
- model = role.model
- return RoleAdminForm
diff --git a/orchestra/apps/users/roles/jabber/__init__.py b/orchestra/apps/users/roles/jabber/__init__.py
deleted file mode 100644
index e69de29b..00000000
diff --git a/orchestra/apps/users/roles/jabber/admin.py b/orchestra/apps/users/roles/jabber/admin.py
deleted file mode 100644
index ba126c0f..00000000
--- a/orchestra/apps/users/roles/jabber/admin.py
+++ /dev/null
@@ -1,15 +0,0 @@
-from django.contrib.auth import get_user_model
-
-from orchestra.admin.utils import insertattr
-from orchestra.apps.users.roles.admin import RoleAdmin
-
-from .models import Jabber
-
-
-class JabberRoleAdmin(RoleAdmin):
- model = Jabber
- name = 'jabber'
- url_name = 'jabber'
-
-
-insertattr(get_user_model(), 'roles', JabberRoleAdmin)
diff --git a/orchestra/apps/users/roles/jabber/models.py b/orchestra/apps/users/roles/jabber/models.py
deleted file mode 100644
index 32850579..00000000
--- a/orchestra/apps/users/roles/jabber/models.py
+++ /dev/null
@@ -1,15 +0,0 @@
-from django.db import models
-from django.utils.translation import ugettext_lazy as _
-
-from .. import roles
-
-
-class Jabber(models.Model):
- user = models.OneToOneField('users.User', verbose_name=_("user"),
- related_name='jabber')
-
- def __unicode__(self):
- return str(self.user)
-
-
-roles.register('jabber', Jabber)
diff --git a/orchestra/apps/users/roles/mail/__init__.py b/orchestra/apps/users/roles/mail/__init__.py
deleted file mode 100644
index e69de29b..00000000
diff --git a/orchestra/apps/users/roles/mail/admin.py b/orchestra/apps/users/roles/mail/admin.py
deleted file mode 100644
index 58d3fa56..00000000
--- a/orchestra/apps/users/roles/mail/admin.py
+++ /dev/null
@@ -1,124 +0,0 @@
-from django import forms
-from django.contrib import admin
-from django.contrib.auth import get_user_model
-from django.core.urlresolvers import reverse
-from django.utils.translation import ugettext_lazy as _
-
-from orchestra.admin import ExtendedModelAdmin
-from orchestra.admin.utils import insertattr, admin_link
-from orchestra.apps.accounts.admin import SelectAccountAdminMixin
-from orchestra.apps.users.roles.admin import RoleAdmin
-
-from .forms import MailRoleAdminForm
-from .models import Mailbox, Address, Autoresponse
-
-
-class AutoresponseInline(admin.StackedInline):
- model = Autoresponse
- verbose_name_plural = _("autoresponse")
-
- def formfield_for_dbfield(self, db_field, **kwargs):
- if db_field.name == 'subject':
- kwargs['widget'] = forms.TextInput(attrs={'size':'118'})
- return super(AutoresponseInline, self).formfield_for_dbfield(db_field, **kwargs)
-
-
-#class AddressAdmin(SelectAccountAdminMixin, ExtendedModelAdmin):
-# list_display = ('email', 'domain_link', 'mailboxes', 'forwards', 'account_link')
-# fields = ('account_link', ('name', 'domain'), 'destination')
-# inlines = [AutoresponseInline]
-# search_fields = ('name', 'domain__name',)
-# readonly_fields = ('account_link', 'domain_link', 'email_link')
-# filter_by_account_fields = ['domain']
-#
-# domain_link = link('domain', order='domain__name')
-#
-# def email_link(self, address):
-# link = self.domain_link(address)
-# return "%s@%s" % (address.name, link)
-# email_link.short_description = _("Email")
-# email_link.allow_tags = True
-#
-# def mailboxes(self, address):
-# boxes = []
-# for mailbox in address.get_mailboxes():
-# user = mailbox.user
-# url = reverse('admin:users_user_mailbox_change', args=(user.pk,))
-# boxes.append('%s' % (url, user.username))
-# return '
'
-# onclick = 'onclick="return showAddAnotherPopup(this);"'
-# add_link = '%s Add address' % (add_url, onclick, img)
-# value = '%s'
- onclick = 'onclick="return showAddAnotherPopup(this);"'
- add_link = '%s Add address' % (add_url, onclick, img)
- value = '%s