Improved performance on domain admin
This commit is contained in:
parent
6864e462bf
commit
8cce7b58f6
26
TODO.md
26
TODO.md
|
@ -159,45 +159,30 @@ Remember that, as always with QuerySets, any subsequent chained methods which im
|
|||
|
||||
* Resource monitoring without ROUTE alert or explicit error
|
||||
|
||||
|
||||
* Domain validation has to be done with injected records and subdomains
|
||||
|
||||
* Names: lower andupper case allow or disallow ? webapps/account.username etc
|
||||
|
||||
* Split plans into a separate app (plans and rates / services ) ?
|
||||
|
||||
* reconsider binding webapps to systemusers (pangea multiple users wordpress-ftp, moodle-pangea, etc)
|
||||
|
||||
* sync() ServiceController method that synchronizes orchestra and servers (delete or import)
|
||||
|
||||
* validate address.forward: if mailbox in account.mailboxes then: _("Please use mailboxes field") or consider removing mailbox support on forward (user@pangea.org instead)
|
||||
* reespell systemuser to system_user
|
||||
* remove order in account admin and others
|
||||
|
||||
* create admin prefetch_related on ExtendedModelAdmin
|
||||
* reespell systemuser to system_user
|
||||
|
||||
* remove order in account admin and others admininlines
|
||||
|
||||
* Databases.User add reverse M2M databases widget (like mailbox.addresses)
|
||||
|
||||
* One domain zone validation for each save, not one per subdomain, maybe on modeladmin.save_related? prevent save on model_related, and save it on save_related()
|
||||
|
||||
* Change permissions periodically on the web server, to ensure security
|
||||
|
||||
* Apache RLimit ?
|
||||
|
||||
* Patch suexec: if user mismatch, check user belongs to suexecusergroup group
|
||||
|
||||
* fuck suexec http://www.litespeedtech.com/support/forum/threads/solved-cloudlinux-php-lsapi-say-no-to-suexec.5812/
|
||||
|
||||
* http://mail-archives.apache.org/mod_mbox/httpd-dev/201409.mbox/%3C5411FFBE.9050506@loginroot.com%3E ??
|
||||
|
||||
* Root owned logs on user's home ?
|
||||
|
||||
|
||||
* reconsider binding webapps to systemusers (pangea multiple users wordpress-ftp, moodle-pangea, etc)
|
||||
* Secondary user home in /home/secondaryuser and simlink to /home/main/webapps/app so it can have private storage?
|
||||
|
||||
* Grant permissions like in webfaction
|
||||
|
||||
|
||||
* Secondaryusers home should be under mainuser home. i.e. /home/mainuser/webapps/seconduser_webapp/
|
||||
* Make one dedicated CGI user for each account only for CGI execution (fpm/fcgid). Different from the files owner, and without W permissions, so attackers can not inject backdors and malware.
|
||||
* In most cases we can prevent the creation of files for the CGI users, preventing attackers to upload and executing PHPShells.
|
||||
|
@ -209,6 +194,3 @@ Remember that, as always with QuerySets, any subsequent chained methods which im
|
|||
* resource min max allocation with validation
|
||||
|
||||
* mailman needs both aliases when address_name is provided (default messages and bounces and all)
|
||||
|
||||
* specify field on ValidationError under model.clean() of form.clean(): ValidationError({'bark_volume': ["Must be louder!",]}
|
||||
* And raise ValidationError once at the end collecting all errors at once
|
||||
|
|
|
@ -4,7 +4,7 @@ from django import forms
|
|||
from django.contrib import admin
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from orchestra.admin import ChangeListDefaultFilter, ExtendedModelAdmin
|
||||
from orchestra.admin import ExtendedModelAdmin
|
||||
from orchestra.admin.utils import admin_link, change_url
|
||||
from orchestra.apps.accounts.admin import AccountAdminMixin
|
||||
from orchestra.utils import apps
|
||||
|
@ -46,14 +46,19 @@ class DomainInline(admin.TabularInline):
|
|||
account_link = admin_link('account')
|
||||
|
||||
def display_records(self, domain):
|
||||
return ', '.join(domain.records.values_list('type', flat=True))
|
||||
return ', '.join([record.type for record in domain.records.all()])
|
||||
display_records.short_description = _("Declared records")
|
||||
|
||||
def has_add_permission(self, *args, **kwargs):
|
||||
return False
|
||||
|
||||
def get_queryset(self, request):
|
||||
""" Order by structured name and imporve performance """
|
||||
qs = super(DomainInline, self).get_queryset(request)
|
||||
return qs.select_related('account').prefetch_related('records')
|
||||
|
||||
|
||||
class DomainAdmin(ChangeListDefaultFilter, AccountAdminMixin, ExtendedModelAdmin):
|
||||
class DomainAdmin(AccountAdminMixin, ExtendedModelAdmin):
|
||||
list_display = (
|
||||
'structured_name', 'display_is_top', 'websites', 'account_link'
|
||||
)
|
||||
|
@ -99,7 +104,7 @@ class DomainAdmin(ChangeListDefaultFilter, AccountAdminMixin, ExtendedModelAdmin
|
|||
def get_queryset(self, request):
|
||||
""" Order by structured name and imporve performance """
|
||||
qs = super(DomainAdmin, self).get_queryset(request)
|
||||
qs = qs.select_related('top')
|
||||
qs = qs.select_related('top', 'account')
|
||||
# For some reason if we do this we know for sure that join table will be called T4
|
||||
query = str(qs.query)
|
||||
table = re.findall(r'(T\d+)\."account_id"', query)[0]
|
||||
|
|
|
@ -68,8 +68,8 @@ class CreateDomainAdminForm(forms.ModelForm):
|
|||
# self.save_formset(request, form, formset, change=change)
|
||||
|
||||
|
||||
# TODO do it in admin
|
||||
class RecordInlineFormSet(forms.models.BaseInlineFormSet):
|
||||
# TODO
|
||||
def clean(self):
|
||||
""" Checks if everything is consistent """
|
||||
if any(self.errors):
|
||||
|
|
|
@ -62,7 +62,7 @@ class Domain(models.Model):
|
|||
def render_zone(self):
|
||||
origin = self.origin
|
||||
zone = origin.render_records()
|
||||
for subdomain in origin.get_subdomains():
|
||||
for subdomain in origin.get_subdomains().prefetch_related('records'):
|
||||
zone += subdomain.render_records()
|
||||
return zone
|
||||
|
||||
|
|
Loading…
Reference in New Issue